Configure File and Print Services Flashcards

Question 1

Q

What does the following command do?

Manage-bde: status

Answer

A

Provides information about all drives on the computer, whether or not they are BitLocker-protected.

Question 2

Q

What does the following command do?

Manage-bde: on

Answer

A

Encrypts the drive and turns on BitLocker.

Question 3

Q

What does the following command do?

Manage-bde: off

Answer

A

Decrypts the drive and turns off BitLocker. All key protectors are removed when decryption is complete.

Question 4

Q

What does the following command do?

Manage-bde: pause

Answer

A

Pauses encryption or decryption.

Question 5

Q

What does the following command do?

Manage-bde: resume

Answer

A

Resumes encryption or decryption.

Question 6

Q

What does the following command do?

Manage-bde: lock

Answer

A

Prevents access to BitLocker-protected data.

Question 7

Q

What does the following command do?

Manage-bde: unlock

Answer

A

Allows access to BitLocker-protected data with a recovery password or a recovery key.

Question 8

Q

What does the following command do?

Manage-bde: autounlock

Answer

A

Manages automatic unlocking of data drives.

Question 9

Q

What does the following command do?

Manage-bde: protectors

Answer

A

Manages protection methods for the encryption key.

Question 10

Q

What does the following command do?

Manage-bde: tpm

Answer

A

Configures the computer’s Trusted Platform Module (TPM). This command is not supported on computers running Windows 8 or win8_server_2. To manage the TPM on these computers, use either the TPM Management MMC snap-in or the TPM Management cmdlets for Windows PowerShell.

Question 11

Q

What does the following command do?

Manage-bde: setidentifier

Answer

A

Sets the drive identifier field on the drive to the value specified in the Provide the unique identifiers for your organization Group Policy setting.

Question 12

Q

What does the following command do?

Manage-bde: ForceRecovery

Answer

A

Forces a BitLocker-protected drive into recovery mode on restart. This command deletes all TPM-related key protectors from the drive. When the computer restarts, only a recovery password or recovery key can be used to unlock the drive.

Question 13

Q

What does the following command do?

Manage-bde: changepassword

Answer

A

Modifies the password for a data drive.

Question 14

Q

What does the following command do?

Manage-bde: changepin

Answer

A

Modifies the PIN for an operating system drive.

Question 15

Q

What does the following command do?

Manage-bde: changekey

Answer

A

Modifies the startup key for an operating system drive.

Question 16

Q

What does the following command do?

Manage-bde: KeyPackage

Answer

A

Generates a key package for a drive.

Question 17

Q

What does the following command do?

Manage-bde: upgrade

Answer

A

Upgrades the BitLocker version.

Question 18

Q

What does the following command do?

Manage-bde: WipeFreeSpace

Answer

A

Wipes the free space on a drive.

Question 19

Q

What does the following command do?

Manage-bde:-? or /?

Answer

A

Displays brief Help at the command prompt.

Question 20

Q

What does the following command do?

Manage-bde: -help or -h

Answer

A

Displays complete Help at the command prompt.

Question 21

Q

What does the PowerShell CmdLet Do?

Add-BitLockerKeyProtector

Answer

A

Adds a key protector for a BitLocker volume.

Question 22

Q

What does the PowerShell CmdLet Do?

Backup-BitLockerKeyProtector

Answer

A

Saves a key protector for a BitLocker volume in AD DS.

Question 23

Q

What does the PowerShell CmdLet Do?

Clear-BitLockerAutoUnlock

Answer

A

Removes BitLocker automatic unlocking keys.

Question 24

Q

What does the PowerShell CmdLet Do?

Disable-BitLocker

Answer

A

Disables BitLocker Drive Encryption for a volume.

Note: This removes all key protectors and beings decrypting the content of the volume

Question 25

Q

What does the PowerShell CmdLet Do?

Disable-BitLockerAutoUnlock

Answer

A

Disables automatic unlocking for a BitLocker volume.

Question 26

Q

What does the PowerShell CmdLet Do?

Enable-BitLocker

Answer

A

Enables BitLocker Drive Encryption for a volume.

Question 27

Q

What does the PowerShell CmdLet Do?

Enable-BitLockerAutoUnlock

Answer

A

Enables automatic unlocking for a BitLocker volume.

Only supported on data volumes not the system drive

Question 28

Q

What does the PowerShell CmdLet Do?

Get-BitLockerVolume

Answer

A

Gets information about volumes that BitLocker can protect.

Question 29

Q

What does the PowerShell CmdLet Do?

Lock-BitLocker

Answer

A

Prevents access to encrypted data on a BitLocker volume.

Question 30

Q

What does the PowerShell CmdLet Do?

Remove-BitLockerKeyProtector

Answer

A

Removes a key protector for a BitLocker volume.

Question 31

Q

What does the PowerShell CmdLet Do?

Resume-BitLocker

Answer

A

Restores Bitlocker encryption for the specified volume.

Question 32

Q

What does the PowerShell CmdLet Do?

Suspend-BitLocker

Answer

A

Suspends Bitlocker encryption for the specified volume.

Question 33

Q

What does the PowerShell CmdLet Do?

Unlock-BitLocker

Answer

A

Restores access to data on a BitLocker volume.

Question 34

Q

How would you change the TPM owner password (owner authorization) on a computer running Windows Server 2012 R2? The data and computer system are proctected by BitLocker.

Via PowerShell and GUI

Answer

A

PS: Set-TpmOwnerAuth

or

GUI: Use the TPM Management MMC snap-in to change the password

Question 35

Q

How would you completely decrypt a drive protected by BitLocker?

Answer

A

Run either:

PS: Disable-BitLocker

or CMD: Manage-bde -off

Question 36

Q

How do you enable Network Unlock via GPO?

Answer

A

WDS and Network Unlock must be installed
WDS must have the Bitlocker Network Unlock Certificate Installed
Configure the Group Policies
- Allow network unlock at startup
- BitLocker Drive Encryption Network Unlock Certificate - The certificate that you used for network unlock on WDS

Question 37

Q

Can you only have one Certificate for the Group Policy BitLocker Drive Encryption Network Unlock Certificate?

Answer

A

No you can add many certificates

Question 38

Q

What does the GPO Audit File Share do?

Answer

A

Auditing for attempts to access any Shared Folders

Question 39

Q

What does the GPO Audit detailed File Share do?

Answer

A

Audits all attemps to access files or folders on a shared folder. It logs an event every time a file or folder is accessed. Detailed File Share audit events include detailed information about the permissions or other criteria used to grant or deny access.

Note: There are no system access control lists (SACLs) for shared folders. If this policy setting is enabled, access to all shared files and folders on the system is audited.

Question 40

Q

What does the GPO Audit File System Global Object Access do?

Answer

A

This policy setting allows you to monitor a specific user or group and the files they access.

Note: You must also enable the Audit File System setting under Advanced Audit Policy Configuration\System Audit Policies\Object Access.

Question 41

Q

What does the GPO Audit File System do?

Answer

A

This policy setting allows you to audit user attempts to access file system objects. A security audit event is generated only for objects that have system access control lists (SACL) specified, and only if the type of access requested, such as Write, Read, or Modify and the account making the request match the settings in the SACL

Question 42

Q

DFS

What is the calculation used for determining how large your staging quota should be?

Answer

A

Hub and Spoke
- IF Read/Write Members = 32 * (Average of 32 Largest files)
- IF Spoke are Read-Only = 16 * (Average of 16 largest files)
  *

Question 43

Q

What does Dfsdiag SyncNow do?

Answer

A

Forces replication between DFS servers

Question 44

Q

What does the following PowerShell CmdLet Do?

Add-DfsrConnection

Answer

A

Creates a connection between members of a replication group.

Question 45

Q

What does the following PowerShell CmdLet Do?

Add-DfsrMember

Answer

A

Adds computers to a replication group.

Question 46

Q

What does the following PowerShell CmdLet Do?

ConvertFrom-DfsrGuid

Answer

A

Translates GUIDs to friendly names within a given replication group.

Question 47

Q

What does the following PowerShell CmdLet Do?

Export-DfsrClone

Answer

A

Exports the cloned DFS Replication database and volume configuration settings.

Question 48

Q

What does the following PowerShell CmdLet Do?

Get-DfsReplicatedFolder

Answer

A

Gets a replicated folder from a replication group.

Question 49

Q

What does the following PowerShell CmdLet Do?

Get-DfsReplicationGroup

Answer

A

Retrieves a replication group.

Question 50

Q

What does the following PowerShell CmdLet Do?

Get-DfsrBacklog

Answer

A

Retrieves the list of pending file updates between two DFS Replication partners.

Question 51

Q

What does the following PowerShell CmdLet Do?

Get-DfsrCloneState

Answer

A

Gets the status of a database cloning operation.

Question 52

Q

What does the following PowerShell CmdLet Do?

Get-DfsrConnection

Answer

A

Gets a connection between DFS Replication partners.

Question 53

Q

What does the following PowerShell CmdLet Do?

Get-DfsrConnectionSchedule

Answer

A

Gets a connection schedule between members of a replication group.

Question 54

Q

What does the following PowerShell CmdLet Do?

Get-DfsrFileHash

Answer

A

Gets a file hash.

Question 55

Q

What does the following PowerShell CmdLet Do?

Get-DfsrGroupSchedule

Answer

A

Retrieves a replication group schedule.

Question 56

Q

What does the following PowerShell CmdLet Do?

Get-DfsrIdRecord

Answer

A

Gets ID records for replicated files or folders from the DFS Replication database.

Question 57

Q

What does the following PowerShell CmdLet Do?

Get-DfsrMember

Answer

A

Gets member computers in a replication group.

Question 58

Q

What does the following PowerShell CmdLet Do?

Get-DfsrMembership

Answer

A

Gets membership settings for members of replication groups.

Question 59

Q

What does the following PowerShell CmdLet Do?

Get-DfsrPreservedFiles

Answer

A

Gets a list of files and folders that DFS Replication previously preserved.

Question 60

Q

What does the following PowerShell CmdLet Do?

Get-DfsrServiceConfiguration

Answer

A

Gets settings for the DFS Replication service on group members.

Question 61

Q

What does the following PowerShell CmdLet Do?

Get-DfsrState

Answer

A

Gets the DFS Replication state for a member.

Question 62

Q

What does the following PowerShell CmdLet Do?

Import-DfsrClone

Answer

A

Imports a cloned DFS Replication database and volume configuration settings.

Question 63

Q

What does the following PowerShell CmdLet Do?

New-DfsReplicatedFolder

Answer

A

Creates a replicated folder in a replication group.

Question 64

Q

What does the following PowerShell CmdLet Do?

New-DfsReplicationGroup

Answer

A

Creates a replication group.

Answer 65

A

Removes a replicated folder from a replication group.

Answer 66

A

Removes a replication group.

Answer 67

A

Removes a connection between members of a replication group.

Answer 68

A

Removes computers from a replication group.

Answer 69

A

Removes DFS Replication propagation test files.

Answer 70

A

Cancels a cloning operation.

Answer 71

A

Restores files and folders that DFS Replication previously preserved.

Answer 72

A

Changes settings of a replicated folder.

Answer 73

A

Modifies a replication group.

Answer 74

A

Changes the settings of a connection between members of a replication group.

Answer 75

A

Changes the settings of a connection schedule between members of a replication group.

Answer 76

A

Modifies a replication group schedule.

Answer 77

A

Modifies member computer information in a replication group.

Answer 78

A

Configures membership settings for replication group members.

Answer 79

A

Modifies settings for the DFS Replication service.

Answer 80

A

Creates a propagation test file in a replicated folder.

Answer 81

A

Suspends replication between computers regardless of schedule.

Answer 82

A

Synchronizes replication between computers regardless of schedule.

Answer 83

A

Initiates an update of the DFS Replication service.

Answer 84

A

Generates a DFS Replication health report.

Answer 85

A

Generates reports for propagation test files in a replication group.

Answer 86

A

Gets permissions for a DFS namespace folder.

Answer 87

A

Gets settings for a DFS namespace folder.

Answer 88

A

Gets settings for targets of a DFS namespace folder.

Answer 89

A

Gets settings for DFS namespaces.

Answer 90

A

Gets settings for root targets of a DFS namespace.

Answer 91

A

Gets DFS namespace settings for a DFSN root server.

Answer 92

A

Grants permissions to users and groups to access a DFS namespace folder.

Answer 93

A

Moves or renames a DFS namespace folder.

Answer 94

A

Creates a folder in a DFS namespace.

Answer 95

A

Adds a target to a DFS namespace folder.

Answer 96

A

Creates a DFS namespace.

Answer 97

A

Adds a root target to a DFS namespace.

Answer 98

A

Removes users and groups from the ACL for a folder in a DFS namespace.

Answer 99

A

Removes a DFS namespace folder.

Answer 100

A

Removes a target for a DFS namespace folder.

Answer 101

A

Removes a DFS namespace.

Answer 102

A

Removes a target for a DFS namespace root.

Answer 103

A

Revokes permissions for users to access and enumerate the contents of a DFS namespace folder.

Answer 104

A

Changes settings for a DFS namespace folder.

Answer 105

A

Changes settings for a target of a DFS namespace folder.

Answer 106

A

Changes settings for a DFS namespace.

Answer 107

A

Changes settings for a root target of a DFS namespace.

Answer 108

A

Changes settings for a DFS namespace root server.

Answer 109

A

Create a File Screen exclusion for “C:\Applications\Custom\Scripts”.
You will need to add *.ps1 to the include list

Answer 110

A

Use Suspend-Bitlocker

Answer 111

A

Add your EFS Certificate to the Computer

Brainscape's Knowledge GenomeTM

Configure File and Print Services Flashcards

Brainscape's Knowledge Genome^TM