Final exam

Question 1

Active Directory is a database based on the ___ ___ ___ format. The ESE is resonsible for managing changes to the Active Directory database.

Answer 1

Extensible Storage Engine (ESE)

Question 2

___ ___ is a manual process that defragments the Active Directory database in addition to reducing its size.

Answer 2

Offline Defragmentation

Question 3

To back up Active Directory you must install the ___ ___ ___ feature from the Server Manager console.

Answer 3

Windows Server Backup

Question 4

The ___ provides a single access point to all aspects of Group Policy that were previously spread across other tools, such as Active Directory Users and Computers, Active Directory Sites and Services, Resultant Set of Policy (RSoP), and the Group Policy Management Editor.

Answer 4

Group Policy Management MMC pg203

Question 5

The ___ tab allows administrators to view the locations to which the policy is linked.

Answer 5

scope

Question 6

A new Group Policy management feature in Windows Server 2008 is the ability to create ___ that can act as templates when creating new GPOs for your organization.

Answer 6

Starter GPOs

Question 7

Microsoft Windows Server 2008 uses the Windows Installer with Group Policy to install and manage software that is packaged into an ___ file.

Answer 7

.msi file

Question 8

Modifications to .msi files require transform files, which have an ___ extension.

Answer 8

.mst

Question 9

The ___ option is helpful when you are deploying required applications to pertinent users and computers.

Answer 9

Assign option

Question 10

By implementing ___ ___ when folder redirection is also configured, administrators can control the amount of information that is stored on the server.

Answer 10

disk quotas

pg174

Question 11

If you set the ___ ___ to zero, the system attempts to update the policy every 7 seconds.

Answer 11

refresh interval

Question 12

When you modify settings that you wish to be immediately invoked without requiring a restart, a new logon session, or waiting for the next refresh period, you can force a manual refresh. This process uses the ___ tool.

Answer 12

gpupdate.exe

Question 13

You can configure one or more GPOs within a domain and then use a process called ___ , which applies these settings to various containers within Active Directory.

Answer 13

• linking*
• pg139*

Question 14

___ ___ ___ works with folder redirection to provide the ability to cache files locally. This allows files to be available even when the network is inaccessible.

Answer 14

Offline file storage

pg139

Question 15

What are the three types of Group Policy Object (GPOs)?

Answer 15

1. Local GPOs
2. Domain GPOs
3. Starter GPOs

pg141

Question 16

___ ___ ___ contain all of the Group Policy settings that you wish to implement to user and computer objects within a site, domain, or OU. The ___ must be associated with the container to which it is applied. This association occurs by linking the Group Policy to the desired Active Directory object.

Answer 16

• Group Policy Object (GPOs)*
• GPO*

pg141

Question 17

Configuring Strong Passwords

___ ___ is an automated password-cracking tool that will try every possible combination of characters until the correct sequence of characters is finally discovered.

Answer 17

• Dictionary attack*
• pg127*

Question 18

The recommended solution for reducing the risks associated with the Administrator account is to use a standard user account and the ___ __ ___ option in the GUI or the ___ command-line tool when it is necessary to perform an administrative task.

Answer 18

• Run as administrator*
• runas*
• pg129*

Question 19

___ is the process of confirming a user’s identity using a known value such as a password, the pin number on a smart card, or the user’s fingerprint or handpriint in the case of biometric ____ .

Answer 19

Authentication

pg 102

Question 20

What are the two types of groups that can be created and stored in the Active Directory database?

Answer 20

Distribution groups

Security groups

pg104

Question 21

___ are Nonsecurity-related groups created for the distribution of information to one or more persons.

Answer 21

Distribution groups

pg104

Question 22

___ are security-related groups created for purposes of granting resource access permissions to multiple users.

Answer 22

Security groups

pg104

Question 23

___ ___ can contain user accounts, computer accounts, and/or other global or universal groups from anywhere in the forest.

Answer 23

Universal groups

pg105

Question 24

The global catalog has what four main functions in an Active Directory invironment?

Answer 24

1. Facilitating searches for objects in the forest.
2. Resolving User Principal Names (UPNs).
3. Maintaining universal group membership information.
4. Maintaining a copy of all objects in the domain.

Question 25

When a user initiates a search for an object in Active Directory, the request is automatically sent to TCP port 3268, which is used by Active Directory to direct these requests to a global catalog server.
What is this process called?

Answer 25

Facilitating searches for objects in the forest

Question 26

Active Directory supports how many FSMO roles?

Answer 26

five

Question 27

___ ___ will transmit changes to the Active Directory database almost as soon as they occur; intersite replication occurs on a scheduled basis (every 15 minutes by default).

Answer 27

Intrasite replication pg 60

Question 28

Active Directory creates a ___ ___ with the idea that all writeable domain controllers in a domain should communicate Active Directory information to each other, in addition to communicating forest-wide information with other domains.

Answer 28

replication topology

pg 62

Question 29

To create a replication topology in a multisite network, one domain controller within each site runs the ___ ___ ___ , which is a process that is responsible for selecting a bridgehead server and mapping the topology to be used for replication between sites.

Answer 29

Intersite Topology Generator (ISTG) pg 68

Question 30

Active Directory Installation Wizard, ___ , will guide you through any of the following installation scenarios:

Answer 30

dcpromo

Question 31

200 MB minimum free space on the previously mentioned NTFS partition for Active Directory database files is a requirement for ___.

Answer 31

Windows Server 2008 Active Directory

Question 32

You can launch the Active Directory Installation Wizard using the dcpromo.exe command line tool or from the ___ ___ utility that’s installed in the Administrative Tools folder of each Windows Server 2008 server.

Answer 32

Server Manager

Question 33

___ ___ ___ are used to seperate forest-wide DNS information from domain-wide DNS information to control the scope of replication of different types of DNS data.

Answer 33

Application directory partitions

Question 34

A Windows Server 2008 computer that has been configured with the Active Directory DS role is referred to as a ___ ___.

Answer 34

domain controller (DC)

Question 35

The process of keeping each domain controller in synch with changes that have been made elsewhere on the network is called ___.

Answer 35

replication

Question 36

Windows Server 2008 introduces the ___ ___ ___ , a domain controller that contains a copy of the ntds.dit file that cannot be modified and that does not replicate its changes to other domain contollers within Active Directory.

Answer 36

Read-Only Domain Controller (RODC)

Question 37

LDAP refers to an object using its ___ ___ , which references an object in the Active Directory directory structure using its entire hierarchical path, starting with the object itself and including all parent objects up to the root of the domain.

Answer 37

distinguished name (DN)

Question 38

What three types of DNS zones are there?

Answer 38

1. Primary zone
2. Secondary zone
3. Stub zone

Question 39

DNS also provides a ____ , which enables a host to detemine another host’s name based on its IP address.

Answer 39

reverse lookup process

Question 40

____ , which is still in use today, enables TCP/IP workstation to retreive settings for all the configuration parameters it needs to run, including an IP address, a subnet mask, a default gateway, and Domain Name System (DNS) server address.

Answer 40

Bootstrap Protocol (BOOTP)

Question 41

DHCP provides what four key benefits to those managing a TCP/IP network?

Answer 41

• Centralized administration of IP configuration
• Dynamic host configuration.
• Seamless IP host configuration
• Flexibility and scalability.

Question 42

What does the DHCP message DHCP-DISCOVER mean?

Answer 42

Sent by clients via broadcast to locate a DHCP server. Per RFC 2131, the DHCPDISCOVER message may include options that suggest values for the network address and lease duration.

Question 43

The initial DHCP lease process is accomplished using a series of exchanges between a DHCP client and DHCP server that utilizes what four messages?

Answer 43

1. DHCPDISCOVER
2. DHCPOFFER
3. DHCPREQUEST
4. DHCPACK

(remember “DORA”)

Question 44

If your system will be a DHCP server, you should set a ______IP address, because that will be required when you try to set up the DHCP server role.

Answer 44

static

Question 45

A____ ____ is made up of free space from multiple physical disks.

Answer 45

spanned volume

Question 46

This partition style is recommended for disks larger than 2TB , or disks that are used in Itanium computers.

Answer 46

GUID Partition Table (GPT)

Question 47

Each host on a TCP/IP network should be configured with a number of mandatory and optional configuration items, including:

Answer 47

• IPv4 or IPv6 address
• Subnet mask
• Default gateway
• DNS/WINS servers

pg21

Question 48

IPv4 addresses are commonly represented using what is called_________, in which the decimal value of each byte is shown, using periods to seperate the bytes; for example, 192.1.120.84

Answer 48

Dotted-decimal notation

Question 49

____ creates a hierarchical addressing structure by breaking the network address space into ____blocks, which are identified by the leading bit string, similar to the classful addressing.

Answer 49

Classless Inter-Domain Routing (CIDR)

Question 50

____ is an integral part of IPv6, whereas it was an optional feature under IPv4.

Answer 50

IP security through the use of IPsec

Question 51

The process of obtaining an IP address for a computer name is called_____.

Answer 51

name resolution

Question 52

The ___ ___ included with Windows Server 2008 is better suited for a smaller network or one with a small amount of network traffic that needs to pass between subnets.

Answer 52

routing service

Question 53

____is a new feature in Windows Server 2008 that allows network administrators to specify one or more policies that define the conditions under which network access will or will not be permitted.

Answer 53

Network Access Protection (NAP)