Active directory

Question 1

Two-way _______ _________ are automatically established upon the creation of a subdomain or with the addition of a domain tree into an AD DS forest

Answer 1

transitive trusts

Question 2

_________ trusts are those that are set up manually

Answer 2

Explicit

Question 3

__________ ___________ allow authentication verifications to be processed faster, as opposed to having to move up and down a domain tree.

Answer 3

Shortcut trusts

Question 4

__________ ____________allow different forests to share information without actually merging schema information or global catalogs

Answer 4

external trusts

Question 5

What are organizational units?

Answer 5

organizational units (OUs) are containers that logically store directory information and provide a method of addressing AD DS through LDAP

Question 6

What is the primary method for organizing user, computer, and other object information into a more easily understandable layout?

Answer 6

organizational units

Question 7

What are the two different group types and their function?

Answer 7

A security group can be used to apply permissions to objects for the members of the group.
A distribution group, used to send mail to members of the group

Question 8

What are the components of Group scope in AD DS?

Answer 8

Machine local groups
Domain local groups
Global groups
universal groups

Question 9

What is the function of a Machine local groups?

Answer 9

Users and groups in the local domain, and other trusted domains and forests
local groups allow resources to be accessed only on the machine where they are located

Question 10

What are Domain local groups?

Answer 10

Used to administer resources located only on their own domain.
They can contain users and groups from any other trusted domain. Most typically, these types of groups are used to grant access to resources for groups in different domains

Question 11

What are Global groups?

Answer 11

contain users only in the domain in which they exist but are used to grant access to resources in other trusted domains.

Question 12

What are universal groups?

Answer 12

universal groups grant access to any resource in the forest

Question 13

What is the difference between an OU and a group?

Answer 13

groups can be used when applying security to objects, whereas OUs exist when certain administrative functionality needs to be delegated.

Question 14

What are active directory objects?

Answer 14

Containers

Leafs

Question 15

What are container objects in AD?

Answer 15

Domains, Organizational Units (OU), Sites

Create collections for organizational purpose

Question 16

What are leaf objects in active directory?

Answer 16

Users, Computers, Security and Distribution Groups

Question 17

How is a NetBIOS naming -legacy formatted?

Answer 17

domain\object name

e.g. dickson\jdickson

Question 18

How is Universal Principal name (UPS) formatted?

Answer 18

object name@ domain

e.g. jdickson@dickson.local

Question 19

What is CN?

Answer 19

common name is an object name

Question 20

What is OU?

Answer 20

Organizational unit

Can have many OUs based on hierary

Question 21

___________ ________ represents the entire naming path that the object occupies
CN=Joel Oleson,OU=SLC,DC=Companyabc,DC=com

Answer 21

Distinguished name

Question 22

What do DC components define ?

Answer 22

The domain controllers define the DNS name of the Active Directory domain.

Question 23

AD DS uses ___________ ____________ to authenticate users

Answer 23

Domain Controllers(DC’s)

Question 24

The __________ _________, enables an administrator to view, delete, and modify schema attributes.

Answer 24

ADSIEdit utility

Question 25

What allows queries and updates to take place in AD DS?

Answer 25

LDAP

Lightweight Directory Access Protocol

Question 26

What is the Schema master?

Answer 26

• has one writable master copy in a forests

- this limits access thus reducing potential replication conflicts

Question 27

What are AD DS DCs that contain a copy of the global catalog?

Answer 27

Global catalog servers (GCs)

Question 28

The global catalog is an index of the AD DS database that contains a _______ ______ of its contents

Answer 28

Partial Copy

Question 29

A common attribute extension occurs with the installation of _________________, which extends the schema

Answer 29

Microsoft Exchange Server

Question 30

Schema determines the way that all user, computer, and other object data are ________ in AD DS and ________ to be standard across the entire AD DS structure.

Answer 30

Stored, configured

Question 31

What is an AD DS schema?

Answer 31

A set of definitions for all object types and their related attributes in the directory

Question 32

Users and computers are all stored and managed from within the boundaries of the _________

Answer 32

Domain

Question 33

Domains in AD DS serve as administrative _________ __________ for objects and contain their own
________ ____________

Answer 33

security boundaries, security policies

Question 34

Each domain in an AD DS tree shares a common ________ and global catalog

Answer 34

Schema

Question 35

What is transitive trust?

Answer 35

The trusts flow through the domain structure.

Question 36

Forests are a group of ________________ __________ trees

Answer 36

Interconnected Domain Trees

They are a grouping of organization domains

Question 37

________ _________ connect the roots of each tree together into a common forest.

Answer 37

Implicit Trusts

Question 38

What authentication method does not send password information over the network and is the method used in AD?

Answer 38

Kerbos

Question 39

What are the 5 operations master (OM) roles?

Answer 39

Schema master 
Domain naming master 
PDC emulator
RID master
Infrastructure master

Question 40

What is the Domain naming master?

Answer 40

• adds domains into the AD DS forest
• must have a record of all domains and objects to perform its function
• can only be one in a forest

Question 41

What is the PDC emulator?

Answer 41

the primary time sync server for the domain

Question 42

what is a RID master?

Answer 42

role owner is the single DC responsible for processing RID pool requests from all DCs within a given domain. It is also responsible for moving an object from one domain to another during an interdomain object move

Question 43

What is the Infrastructure Master

Answer 43

Manages references to domain objects not within its own domain

Question 44

What are the DC responsibilities?

Answer 44

Houses AD database
Provides Kerberos based authentication
Provides Kerberos based ticketing service (authorization)