Lesson 03 Exercises for Plan and Install Active Directory Questions and Answers Flashcards
Question 1 : A system administrator is trying to determine which file system to use for a server that will become a Windows Server 2012 R2 file server and domain controller.
The company has the following requirements:
- The file system must allow for file-level security from within Windows 2012 R2 Server.
- The file system must make efficient use of space on large partitions.
- The domain controller Sysvol must be stored on the partition.
Which of the following file systems meets these requirements?
FAT
FAT32
HPFS
NTFS
NTFS
Question 2 : For security reasons, you have decided that you must convert the system partition on your removable drive from the FAT32 file system to NTFS.
Which of the following steps must you take in order to convert the file system?
(Choose two.)
Run the command CONVERT /FS:NTFS from the command prompt.
Rerun Windows Server 2008 R2 Setup and choose to convert the partition to NTFS during the reinstallation.
Boot Windows Server 2008 R2 Setup from the installation CD-ROM and choose Rebuild File System.
Reboot the computer.
Run the command CONVERT /FS:NTFS from the command prompt.
Reboot the computer.
Question 3 : Windows Server 2012 R2 requires the use of which of the following protocols or services in order to support Active Directory?
(Choose two.)
DHCP
TCP/IP
NetBEUI
IPX/SPX
DNS
TCP/IP
DNS
Question 4 : You are the system administrator of a large organization that has recently implemented Windows Server 2012 R2.
You have a few remote sites that do not have very tight security.
You have decided to implement read-only domain controllers (RODCs).
What forest and function levels does the network need for you to do the install?
(Choose all that apply.)
Windows 2000 Mixed
Windows 2008 R2
Windows 2003
Windows 2008
Windows 2008 R2
Windows 2003
Windows 2008
Question 5 : You are promoting a Windows Server 2012 R2 computer to an Active Directory domain controller for test purposes.
The new domain controller will be added to an existing domain.
While you are using the Active Directory Installation Wizard, you receive an error message that prevents the server from being promoted.
Which of the following might be the cause of the problem?
(Choose all that apply.)
The system does not contain an NTFS partition on which the Sysvol directory can be created.
You do not have a Windows Server 2012 R2 DNS server on the network.
The TCP/IP configuration on the new server is incorrect.
The domain has reached its maximum number of domain controllers.
The system does not contain an NTFS partition on which the Sysvol directory can be created.
The TCP/IP configuration on the new server is incorrect.
Question 6 : You are the network administrator for a large company that creates widgets.
Management asks you to implement a new Windows Server 2012 R2 system.
You need to implement federated identity management.
Which of the following will help you do this?
Active Directory Federation Services
Active Directory DNS Services
Active Directory IIS Services
Active Directory IAS Services
Active Directory Federation Services
Question 7 : Here’s how to configure the Active Directory Domain Services role:
- Open the Server Manager console.
- In the left pane, select AD DS.The AD DS window will appear that displays Active
Directory Domain Services information. - Click More to open the All Servers Tasks Details window.
- Under the Action tile, click Promote this server to a domain. The Active Directory
Domain Services Configuration Wizard appears. - Select Add a new forest, and in the Root domain name box, type ucertify.com.
- Click Next. The Domain Controller Options step appears.
- In the password and confirm password boxes, type user1234 and click Next.
- On the DNS Options step, click Next.
- On the Additional Options step, type the NetBIOS domain name as ucertify.
- Click Next three times to advance to the Prerequisites Check step.
- Click Install to configure the server as a domain controller.
- The ‘You’re about to be signed off’ message appears. Click Close.
Question 8 : What is the maximum number of domains that a Windows Server 2012 R2 computer configured as a domain controller may participate in at one time?
Zero
One
Two
Any number of domains
One
Question 9 : Your network contains a single Active Directory domain.
The domain contains five Windows Server 2008 R2 domain controllers.
You plan to install a new Windows Server 2012 R2 domain controller.
Which two actions would you need to perform?
(Each correct answer presents part of the solution. Choose two.)
Run adprep.exe /rodcprep at the command line.
Run adprep.exe /forestprep at the command line.
Run adprep.exe /domainprep at the command line.
From Active Directory Domains and Trusts, raise the functional level of the domain.
From Active Directory Users and Computers, prestage the RODC computer account.
Run adprep.exe /forestprep at the command line.
Run adprep.exe /domainprep at the command line.
Question 10 : Here’s how to view the Active Directory event log:
- Open Administrative Tools.
- Double-click Event Viewer to open the Event Viewer console.
- In the left pane, expand Application and Services Logs.
- Select Directory Service. The Directory Service information opens in the middle pane.
- In the middle pane, double-click Event ID 1869 to open its properties.
- Go through the General information and click Close.
- Close all the windows.
Question 11 : Here’s how to join a computer to an Active Directory domain:
- Click Start.
- Right-click Computer and then click Properties. The System window appears.
- Under Computer name, domain, and workgroup settings, click Change settings. The
System Properties window appears. - Click Change. The Computer Name/Domain Changes window appears.
- In the Computer name box, type S-01.
- Select Domain and in the box, type ucertify.com and click OK.
- Click Close to close the System Properties window.
- Close all the windows.
Question 12 : Here’s how to set dynamic updates:
- Open Administrative Tools.
- Double-click DNS to open the DNS Manager console.
- In the left pane, expand WIN-UCSRV-01 > Forward Lookup Zones.
- Select ucertify.com and then right-click it. A context menu appears.
- Click Properties. The ucertify.com Properties window opens.
- On the General tab, from the Dynamic updates list, select Secure Only and click OK.
- Close all the windows.
Question 13 : You have one Active Directory forest in your organization that contains one domain named Stellacon.com.
You have two domain controllers configured with the DNS role installed.
There are two Active Directory Integrated zones named Stellacon.com and Stellatest.com.
One of your IT members (who is not an administrator) needs to be able to modify the Stellacon.com DNS server, but you need to prevent this user from modifying the Stellatest.com SOA record.
How do you accomplish this?
Modify the permissions of the Stellacon.com zone from the DNS Manager snap-in.
Modify the permissions of the Stellatest.com zone from the DNS Manager snap-in.
Run the Delegation Of Control Wizard in Active Directory.
Run the Delegation Of Control Wizard in the DNS snap-in.
Modify the permissions of the Stellacon.com zone from the DNS Manager snap-in.