Directory Services

Question 1

What is the “heart and soul” of the enterprise network?

Answer 1

Directory Services

Question 2

What are the 3 primary functions in Directory Services?

Answer 2

• Active Directory Domain Controllers
• Dynamic Host Configuration Protocol (DHCP)
• Domain Name System (DNS) servers

Question 3

Active Directory is capable of tracking a variety of items that can share common attributes. What are these items called?

Answer 3

Objects (Users, Machines, Groups, Services, etc.)

Question 4

What is a set of attributes available for any particular object type?

Answer 4

Schema

Question 5

What is a special type of object used to group other objects, also known as an organizational unit (OU).

Answer 5

Container

Question 6

When containers and objects are combined hierarchically, they tend to form branches. What is the term used to describe a set of objects within AD that have a transitive trust and contiguous namespace?

Answer 6

Tree

Question 7

What term describes trees that are not part of the same namespace but that share a common schema, configuration, and global catalog?

Answer 7

Forest

Question 8

Why is Network Time Protocol (NTP) so essential for Active directory to operate?

Answer 8

If the time disparity between the DC and the authenticating computer is excessive, Kerberos ticket generation fails. The computer is unable to process login requests for clients if Kerberos is required, otherwise the client must fall back to a less secure authentication method.

Question 9

Service logon is typically used by service accounts or applications. What is the primary issue with this logon method?

Answer 9

It is very vulnerable

Question 10

What is the difference between interactive and domain logon?

Answer 10

Interactive = local
Domain = network

Question 11

What logon method caches previous users’ logon information locally so that they can log on if a logon server is unavailable during later logon attempts?

Answer 11

Cached Domain Logon

Question 12

What servers are in charge of Active Directory, DHCP, and DNS for a domain?

Answer 12

Domain Controllers

Question 13

What process ensures that all Domain Controllers have the same up-to-date information?

Answer 13

Replication

Question 14

What is the service that translates friendly domain names (i.e. microsoft.com) to IP addresses (i.e. 207.46.197.32)?

Answer 14

DNS

Question 15

The host address (A) record is a standard DNS hostname record. What does it point to?

Answer 15

It points a hostname to an IP address.

Question 16

What is a Canonical Name (CNAME) record?

Answer 16

It’s a DNS entry that is an alias to another domain name. For example, Google.com & Gogle.com

Question 17

What is a Pointer Record (PTR)?

Answer 17

It points an IP address to the hostname.

Question 18

When are you assigned a Security Identifier (SID)?

Answer 18

When being authenticated by the DC.

Question 19

What are the 5 FISMO (Flexible Single Master Operations) roles?

Answer 19

• Schema Master
• Domain Naming Master
• PDC Emulator
• RID Master
• Infrastructure Master

Question 20

What is responsible for handling any changes that are sent to modify the Active Directory schema?

Answer 20

Schema Master

Question 21

When a new domain is added to the Active Directory forest, what is responsible for making sure the new domain name is unique across the entire forest and entries are made into Active Directory and propagated to all other domain controllers?

Answer 21

Domain Naming Master

Question 22

What is responsible for security descriptor propagation, distributed file system consistency, group policy replication, and login and password management among other things.

Answer 22

PDC (Primary Domain Controller) emulator

Question 23

What is responsible for handing out blocks of relative identification numbers to each domain controller that participates in the domain. It is also responsible for removing an object from its domain and putting it in another domain during an object move.

Answer 23

RID (Relative Identification) Master

Question 24

What handles cross-domain group membership and ensures that if a user’s group membership changes, the task of adding or removing the unique identifier is completed?

Answer 24

Infrastructure Master

Question 25

What establishes parent-child relationships and prevent conflicts?

Answer 25

PDC (Primary Domain Controller) Emulator. There is one PDC emulator per domain.

Question 26

What is a collection of tools for managing complex networks, and is deployed in the new AFIN?

Answer 26

NetIQ

Question 27

What are the 3 primary NetIQ tools?

Answer 27

• Directory Resources Administrator (DRA)
• Group Policy Administrator (GPA)
• AppManager

Question 28

What tool gives administrators finely detailed “granular” privilege control which allows them to delegate users the power to perform necessary tasks for the enterprise?

Answer 28

DRA (Directory Resource Administration)

Question 29

Group Policy Administrator is made up of 3 tools. What are they?

Answer 29

• Group Policy Explorer
• Group Policy Repository
• Group Policy Analysis

Question 30

What lets you manage live GPOs in Active Directory, rather than offline?

Answer 30

GP Explorer

Question 31

What lets you import GPOs from Active Directory, then edit, report on, and evaluate them in the safe, offline repository?

Answer 31

GP Repository

Question 32

What allows scripts to run/ or stops them from running?

Answer 32

App Manager