AD 70-640

Question 1

What is Schema?

Answer 1

Defines all attributes for all objects in AD

Is what gives the ability to create object:
Examples: tables, the fields in each table, and the relationships between fields and tables.

Question 2

What file is the core of Active Directory?

Answer 2

NTDS.DIT

Question 3

What are the Advantages of Active Directory?

Answer 3

Centralized - makes all activities under one authority

Scale-able - allows you to make a lot of objects

Extensible - allows you to add fields to the schema
Examples:pictures, Social #, ETC

Manageable

Secure- Cuborose Tickets traffic is automatically encrypted

DNS Intergration -

Replication- Create users accounts can get replicated to another server convergence

GPO- items it can use to control every aspect what each user can see and do.

Question 4

What is Convergence?

Answer 4

convergence is when active directory agrees with itself in all of its different locations.

Question 5

What is a Domain?

Answer 5

A group of computers and devices on a network

Question 6

What is a Forest?

Answer 6

A collection of one or more AD domains that share a common logical structure, directory schema, directory configuration, and Global catalog

Question 7

How do you open the Initial Configuration Task after you check do not show?

Answer 7

OOBE

Question 8

What is DCPROMO?

Answer 8

starts the AD DS install wizard

Question 9

What is dynamically assigned IP address?

Answer 9

It automatically assigns an IP address that changes on its own.

Question 10

What is a static IP address?

Answer 10

Manually assigned IP address that will only changes when manually changed by a admin.

Question 11

How do you change your IP address from Dynamic to Static?

Answer 11

Network and sharing - Manage network connections - Local area connection - Properties

Question 12

What is a subnet mask?

Answer 12

it determines if the information is on your network or on another. If the information is located on another network the request will be forwarded to the Default gateway.

Question 13

What is a common preferred DNS server address?

Answer 13

127.0.0.1 because it is a loop back address.

Question 14

How do you preform an unattended installation?

Answer 14

dcpromo /unattend:location\myanswerfile.txt

Question 15

How to tell the version of windows you are on?

Answer 15

WinVer in the command prompt

Question 16

How to determine the version of the schema?

Answer 16

regedit- hkeylocal system- currentcontrolset- services - NTDS - Prameters

Question 17

How to add a Child Domain?

Answer 17

Run DCPromo and create new domain in existing forest

Question 18

How to update the schema?

Answer 18

put dvd in drive
run cmd
adprep /forest prep
once complete run adprep /domain prep /gpprep

Question 19

How are RODC updated?

Answer 19

Updates are replicated to the RODC from a Read Write Domain Controller

Question 20

How does Credential Caching work?

Answer 20

RODC verifies credentials instead of forwarding the request.

Admins are denied Caching credentials by default

Question 21

What can a admin on a RODC do?

Answer 21

Install updates and drivers

Question 22

How many RODC and be on one domain?

Answer 22

One RODC per domain per site

Question 23

What happens if you want a RODC in a site that contains outlook users?

Answer 23

You will have to make the RODC a GC

Question 24

How do you install a RODC?

Answer 24

DCPROMO w/Advance (Full)

For Server Core you have to have a answer file

Question 25

What are the 5 operations maters roles?

Answer 25

Forest Operations: 
the schema master
domain naming master
Domain:  
Infrastructure - 
relative identifier (RID) master,
primary domain controller (PDC) emulator
infrastructure master.

Question 26

How to access the schema?

Answer 26

1. You have to register the schema, regsvr32 schmmgmt.dll
2. run mmc console
3. add/remove snap in
4. add the schema

Question 27

What is the primary domain controller (PDC) emulator?

Answer 27

The final Authority for password changes, responsible for master time source, domain master browser,

Question 28

What is the Domain Naming Master?

Answer 28

checks to make sure that the name space is not in use.

Question 29

What is Domain Master Browser?

Answer 29

find

Question 30

What is the Master Time Source?

Answer 30

find

Question 31

What is the Schema Master role?

Answer 31

Is what gives the options for active directory. Provided the field (Text Box )

Question 32

What does command dcdiag?

Answer 32

tells you about the domain and what roles it haves. Can be used to diagnosed issues.

Question 33

What does command dcdiag /test:ridmanager /v do?

Answer 33

it provided information about the RID

Question 34

What is a stand by master?

Answer 34

Stand by master is used when a server goes down. you can transfer the servers roles to the stand by master
( A back up server )

Question 35

Why should the Domain Naming Master Role and Global Catalog be installed on the same server?

Answer 35

The domain naming master role refers to the GC to see if the name space already exist.

Question 36

What does the Infrastructure Master Role do?

Answer 36

Check the cross domain references to verify their group membership . Refers to the GC for verification.

Question 37

Where are the Domain Operation Roles?

Answer 37

Server manager - active directory user and computers - right click on domain - operations masters

Question 38

Where do you find the Forrest Operations Roles?

Answer 38

Domain Naming Master Role can be found in Open Active Directory Domains and Trust - right click on Directory Domains and Trust - Operations masters roles

Schema master role can be found in console - right click on active directory schema - operations master role

Question 39

How to transfer the Schema Master Role?

Answer 39

have to be a schema admin - console - right click on change active directory domain controller - select the new server. - once connected you right click on right click on active directory schema - operations master role - then select the word change

Question 40

How do you see what Domains are running what Operation master roles?

Answer 40

in cmd run netdom query fsmo

Question 41

How to rename a domain controller?

Answer 41

start - right click on computer - properties - change settings - select the change button

Question 42

How to raise the domain functional level.

Answer 42

rick click on the domain inside of server manager - select raise domain functional level ,

Question 43

How do you determine the highest Functional Level For a Forrest?

Answer 43

The highest level is based upon the lowest level Domain Controller

Question 44

What is Linked Value Replication?

Answer 44

It picks out the new objects inside of the security group and replicates only the new objects instated of replicating all the memberships in that group

Question 45

How to raise the Function Level for Forest?

Answer 45

Active Directory Domains and Trust - right click on active directory domains and trust - raise forest functional level

Question 46

How to make a user account?

Answer 46

Go to the users folder - right click - select user -

Question 47

What trick should you use for creating Template accounts?

Answer 47

create it with a _ in front of the name to make it appear at the top and disable the user account

Question 48

How to change the hours someone can login?

Answer 48

click the account - go to account settings tab - select logon hours

Question 49

How to make a new user from a template account?

Answer 49

right click on the template account - select copy - fill in the persons information.

Question 50

What is DSADD?

Answer 50

is the primary tool you can use to add new accounts

Question 51

What is DSRM?

Answer 51

Allows you to remove ou and all of the content in it.

Question 52

What is DSmove?

Answer 52

Allows you to move and rename groups

Question 53

What is LDIFDE?

Answer 53

Used to improt and export from a plane text file

Question 54

What is CSDE?

Answer 54

Used to work with CSV files to automatically import & export accounts.

Question 55

How do you get assistance with powershell cmdlets?

Answer 55

get-help (then the task you want to preform) get-service

Question 56

What are variables in PowerShell?

Answer 56

Its an abbreviation that reduces the amount of typing and they start with $
These changes are only temporary

example: $wmi=Get-WmiObject Win32_Service - computername dci

will run complete cmdlet in full when you now type $wmi

Question 57

What is PowerShell?

Answer 57

is a command line that uses Verb-Noun Syntax (CMDLET) example Get-Service
It is backwards compatible with cmd commands
**

Question 58

What is a Alias in PowerShell?

Answer 58

a shortened cmdlet
These changes are only temporary

example: get-ChildItem
Alias: Dir

Question 59

How do you make a Alias in PowerShell?

Answer 59

new-alias np (desired abbreviation) notepad (name of task)

Question 60

How do you assign or limit someone to the computers they can access.

Answer 60

Right click on the account - account tab - select logon - and you can assign the computer the user can access.

Question 61

How do you make an account profile?

Answer 61

account preferences - profile - \servername\profiles\%username%

Question 62

How do you access GPO passwords settings?

Answer 62

server manager - features - Group policy management - forest - domain - right click on default domain policy edit -

computer configurations - security settings - account policy

Question 63

How to access the Audit account login settings?

Answer 63

server manager - features - Group policy management - forest - domain - right click on default domain policy edit -

computer configurations -windows settings - security settings - local policies

Question 64

How to enable or disable an account?

Answer 64

Right click on the account and select disable / enable

Question 65

How to rename an account?

Answer 65

Right click on the account and select rename

Question 66

What are the 3 group scope?

Answer 66

Domain Local, Global, Universal

Question 67

What kind of memberships can be added to a Domain local group?

Answer 67

Can accept any membership ( Global , Universal ) but cant accept other Domain Local groups form another domain’s local group

User account from any domain in forest
 Global or universal from any domain in forest
 User accounts, global or universal groups from a
trusted forest domain
 Other domain local groups from the same domain

Recourse access

Question 68

What kind of memberships can be added to a Global group?

Answer 68

User account in same domain
Other global groups from same domain

for users of common type. example Department users

Question 69

What is a Tree?

Answer 69

A collection of domains that share a common DNS namespace ( Patent -Technet.vn) ( child (video.technet.vn)

Question 70

What is a Domain?

Answer 70

The core administrative unit of AD DS ( Address

)

Question 71

What is a Orgnizational Unit? (OU)

Answer 71

Containers in AD DS which provide a framework for administrator and Group Policy Links.

Question 72

What is a Site?

Answer 72

A collection of AD objects defined by their physical location

Question 73

What is a Partition?

Answer 73

Logical section of actual AD DS Database.

Question 74

What is a Domain Controller?

Answer 74

Contain copiesof the ad ds database

Question 75

What is a data store?

Answer 75

The file on each domain controller that stores the AD DS information

Question 76

What is Global Catalog servers

Answer 76

Domain Controllers which host global catalog which is partial read only copy of all the objects in the forrest

Question 77

Read-Only Domain Controllers ?

Answer 77

Contain a special read only copy of the AD DS Database

Question 78

What is Forest and Domain function level?

Answer 78

It is configured based on the older OS you will be supporting.