Active Directory Domain Services

Question 1

AD DS logical components

Answer 1

1. Domain
2. Tree
3. Forest
4. OU
5. Partition
6. Schema
7. Container

Question 2

AD DS physical components

Answer 2

1. Data store
2. Global catalog
3. DC
4. RODC
5. Site
6. Subnet

Question 3

Trusts: Parent and child

Answer 3

1. Created when new domain is added to an existing tree.
2. Transitive, two-way

Question 4

Trusts: Tree-root

Answer 4

1. Created when a new tree is added to the forest
2. Transitive, two-way

Question 5

Trusts: Forest

Answer 5

1. Manually created between forests
2. Transitive, one-way or two-way

Question 6

Trusts: Shortcut trust

Answer 6

1. Manually created to reduce authentication time between domains
2. Non transitive, one-way or two-way

Question 7

Trusts: external

Answer 7

1. Manually created to allow access to resources from a domain in another forest or NT 4.0 domain
2. Non transitive, One-way or two-way

Question 8

Trusts: realm

Answer 8

1. Manually created between AD DS and another service running kerberos 5
2. Transitive or non transitive, one-way or two-way

Question 9

Security principal

Answer 9

Any entity that can be authenticated by the operating system e.g user account, computer account, or a thread or process that runs in the security context of a user or computer account

Question 10

SID

Answer 10

1. Security identifier
2. Unique identifier for a security entity issued by an authority such as a domain controller

Question 11

AD components: Data Store

Answer 11

1. Holds the AD database
2. Two files on each DC

Question 12

AD DS database file path

Answer 12

C:\Windows\NTDS\NTDS.DIT

Question 13

AD DS transaction log file path

Answer 13

C:\Windows\NTDS\EDB.log

Question 14

NTDS.DIT partitions

Answer 14

1. Domain partition
2. Configuration partition
3. Schema partition
4. Application partitions

Question 15

NTDS.DIT partitions: domain partition

Answer 15

Stores object information for the domain

Question 16

NTDS.DIT Partitons: configuration partition

Answer 16

Stores config in for the forest and domain trees

Question 17

NTDS.DIT partitions: schema partiton

Answer 17

Stores the schema

Question 18

NTDS.DIT partiton: application partition

Answer 18

Where applications store data in AD DS

Question 19

IDP

Answer 19

Identity provider e.g AD DS, Azure AD

Question 20

Azure AD Connect

Answer 20

Tool that allows an organization to establish a hybrid identity. Synchronizes user identities, attributes, and objects between both IDPs (Azure AD and AD DS on prem)

Question 21

Hybrid identity

Answer 21

Same username and password used to access resources in both IDP environments (cloud and on prem)