Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Exam 70-410 > 70-410- Active Directory Domain Services > Flashcards

70-410- Active Directory Domain Services Flashcards

1
Q

Forest

A

Forest is the top level container of Active Directory infrastructure. A forest can consist of one or more domains and those domains are connected through transitive trust. A forest shares a single schema database, single Exchange organization, single global address list and a security boundary. Note: You may allow access to resources of only those in the same forest. You may want multiple forest if you need:

  • more than one Exchange organization
  • different forest functional levels
  • separate security boundary
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Domain

A

Domain is one level below Active Directory Forest. A domain can consist of one or more organization unit. A domain shares a single administrator group (Domain Admins security group) and same set of objects. Even when a domain shares a single administrator group, you may delegate control over each organization unit (OU).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Domain controller:

A

Every domain consists of one or more domain controllers. Domain controller holds a directory database of its perspective domain. The directory database consists of user objects, computer objects and much more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Organization unit (OU)

A

is folder/container within a domain. OU can be used to organize set of computers or users. OUs are very useful when implementing different set of polices to a group of users or computers within a domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Set-ADAccountControl

A

Detailed Description
The Set-ADAccountControl cmdlet modifies the user account control (UAC) values for an Active Directory user or computer account. UAC values are represented by cmdlet parameters. For example, set the PasswordExpired parameter to change whether an account is expired and to modify the ADS_UF_PASSWORD_EXPIRED UAC value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Set-ADGroup

A

Modifies an Active Directory group.

Modifi SAM Account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Add-ADPrincipalGroupMembership

A

Adds a member to one or more Active Directory groups.

The Add-ADPrincipalGroupMembership cmdlet adds a user, group, service account, or computer as a new member to one or more Active Directory groups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Group Policy Inheritance

A

the ability to prevent an OU or domain from inheriting GPOs from any of its parent container. Note that Enforced GPO links will always be inherited.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Enforcement GPO

A

(previously known as “No Override”) the ability to specify that a GPO should take precedence over any GPOs that are linked to child containers. Enforcing a GPO link works by moving that GPO to the end of the processing order.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Instaling domain controler PS

A

First ad feature

Add-WindowsFeature -name ad-domain-services –IncludeManagementTools –Restart

Once the installation is complete your computer will reboot. We are now ready to install a new domain controller in a new forest, so open a new PowerShell Console. There are three PowerShell commands you can use to promote your server into a DC:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

• Install-ADDSDomainController

A

–Creates a new domain controller in an existing domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

• Install-ADDSDomain –

A

Creates a new domain in an existing forest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

• Install-ADDSForest

A

–Creates a new forest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Universal Group

A

Assing permison

Any domain or forest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Global

A

Assing permison

Member permissions can be assigned in any domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Domain local

A

Assing permison

Member permissions can be assigned only within the same domain as the parent domain local group

17
Q

The schema master

A

, which governs all changes to the schema.

18
Q

• The domain naming master

A

which adds and removes domains to and from the forest.

19
Q

• The primary domain controller (PDC) emulator.

A

The PDC emulator processes all replication requests from Microsoft WindowsNT4.0 backup domain controllers and processes all password updates for clients that are not running Active Directory–enabled client software.

20
Q

• The relative identifier (RID) master.

A

The RID master allocates RIDs to all domain controllers to ensure that all security principals have a unique identifier.

21
Q

• The infrastructure master.

A

The infrastructure master for a given domain maintains a list of the security principals from other domains that are members of groups within its domain.

22
Q

Domain Controller: –

A

A domain controller is a server that runs AD DS server role. The domain controller stores active directory database (NTDS.DIT) and SYSVOL (System Volume) folder. SYSVOL contains all the template settings for GPOs. Active Directory is a central database that stores user accounts, computer accounts, organizational units, active directory domains and forests, and so on. Managing users, computers, applying policies, and many other important stuffs are done centrally from Active Directory Domain Controller.

23
Q

Creating a new forest

A

When you create the first domain controller in your organization, you are creating the first domain (also called theforest rootdomain) and the first forest.
The top-level Active Directory container is called a forest. A forest consists of one or more domains that share a common schema and global catalog. An organization can have multiple forests.
A forest is the security and administrative boundary for all objects that reside within the forest. In contrast, a domain is the administrative boundary for managing objects, such as users, groups, and computers. In addition, each domain has individual security policies and trust relationships with other domains.

23
Q

Operations Master Roles and Functionality
Five operations master roles manage single-master operations in AD DS.
Two operations master roles exist in each forest:
The schema master, which governs all changes to the schema.
The domain naming manter

A

Operations Master Roles and Functionality
Five operations master roles manage single-master operations in AD DS.
Two operations master roles exist in each forest:
The schema master, which governs all changes to the schema.
The domain naming master, which adds and removes domains to and from the

Exam 70-410 (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions