Lesson 5: Essential Services Flashcards
- What system is used to translate www.microsoft.com to an IP address? a) DNS b) WINS c) DHCP d) ARP
Answer: a) DNS Difficulty: Easy Section Reference: Exploring DNS Explanation: Domain Name System (DNS) is a hierarchical client/server-based distributed database management system that translates domain/hosts names to IP addresses. Your organization most likely has one or more DNS servers that provide name resolution for your company.
- What file is used to translate host names to IP addresses? a) hosts file b) lmhosts file c) dns file d) wins file
Answer: a) hosts file Difficulty: Medium Section Reference: Understanding HOSTS and LMHOSTS Files Explanation: Early TCP/IP networks used hosts (used with domain/hostnames associated with DNS) and lmhost (used with NetBIOS/computer names associated with WINS) files, which were text files that listed a name and its associated IP address.
- Which resource record used in DNS translates host names to IP addresses? a) SOA b) A c) PTR d) MX
Answer: b) A Difficulty: Medium Section Reference: Exploring DNS Explanation: A (host address) provides a hostname to an IPv4 address; AAA (host address) provides a hostname to an IPv6 address.
- Which DNS resource records translate IP addresses to a host name? a) SOA b) A c) PTR d) MX
Answer: c) PTR Difficulty: Medium Section Reference: Exploring DNS Explanation: PTR (short for pointer) resolves an IP address to a hostname (reverse mapping) and is contained in the reverse lookup zone.
- Which DNS resource record is used to locate a domain controller? a) SOA b) A c) PTR d) SRV
Answer: d) SRV (service) records Difficulty: Medium Section Reference: Exploring DNS Explanation: SRV (service) records locate servers that host particular services, including LDAP servers or domain controllers.
- What legacy naming service is used to translate computer names to IP addresses? a) DNS b) GlobalZones c) DHCP d) WINS
Answer: d) WINS Difficulty: Easy Section Reference: WINS Explanation: Windows Internet Name Service (WINS) is a legacy naming service that translates from NetBIOS (computer name) to specify a network resource. A WINS sever contains a database of IP addresses and NetBIOS names that update dynamically.
- What technology automatically assigns IP addresses to clients? a) DNS b) GlobalZones c) DHCP d) WINS
Answer: c) DHCP Difficulty: Easy Section Reference: DHCP Services Explanation: It would take hours to configure every host IP configuration, including IP address, addresses of DNS and WINS servers, and any other parameters. Thus, most organizations use Dynamic Host Configuration Protocol (DHCP) services to automatically assign IP addresses and related parameters (including subnet mask, default gateway, and length of the lease) so that a host can immediately communicate on an IP network when it starts.
- What protocol is used to query and modify data contained within a structure that reflect geographical or organizational structure? a) LDAP b) DNS c) GlobalZones d) Kerberos
Answer: a) LDAP Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: The Lightweight Directory Access Protocol, or LDAP, is an application protocol for querying and modifying data using directory services running over TCP/IP. Within the directory, the sets of objects are organized in a logical hierarchical manner so that you can easily find and manage them.
- What Windows server attached to a domain is not a domain controller? a) member server b) bridgehead server c) LDAP server d) Kerberos server
Answer: a) member server Difficulty: Easy Section Reference: Introducing Sites and Domain Controllers Explanation: A server that is not running as a domain controller is known as a member server. To demote a domain controller to a member server, you rerun the dcpromo program.
- Which FSMO role is the master time server and password keeper? a) Schema Master b) Domain Naming Master c) PDC Emulator d) Infrastructure Master
Answer: c) PDC Emulator Difficulty: Hard Section Reference: Flexible Single Master Operations Explanation: The Primary Domain Controller (PDC) was the main domain controller used with Windows NT. The PDC Emulator provides backward compatibility for NT4 clients. It also acts as the primary server for password changes and as the master time server within the domain.
- What service replicates information of every object in a tree and forest so that you can quickly find those objects? a) LDAP server b) global catalog c) Infrastructure Master d) PDC Emulator
Answer: b) global catalog Difficulty: Medium Section Reference: Looking at Global Catalogs Explanation: A global catalog replicates the information of every object in a tree and forest. However, rather than store the entire object, it stores just those attributes that are most frequently used in search operations, such as a user’s first and last name, computer name, and so forth. By default, a global catalog is created automatically on the first domain controller in the forest, but any domain controller can be made into a global catalog.
- What do you use to organize your users, computers, and other network resources within a domain? a) groups b) forest c) organizational units d) group policy
Answer: c) organizational units Difficulty: Easy Section Reference: Introducing Organizational Unites Explanation: To help organize objects within a domain and minimize the number of domains required, you can use organizational units (OUs). OUs can be used to hold users, groups, computers, and other organizational units.
- What is the best way to give managers a way to change passwords for the users they manage? a) Make the manager a domain administrator. b) Make the manager an account operator. c) Make the manager a local administrator. d) Use the Delegate of Authority wizard.
Answer: d) Use the Delegate of Authority wizard. Difficulty: Medium Section Reference: Introducing Organizational Units Explanation: By delegating administration, you can assign a range of administrative tasks to the appropriate users and groups. For instance, you can assign basic administrative tasks to regular users or groups and leave domain-wide and forest-wide administration to members of the Domain Admins and Enterprise Admins groups.
- To which type of group would you assign rights and permissions? a) security group b) distribution group c) scoped group d) Global Domain group
Answer: a) security group Difficulty: Medium Section Reference: Comparing Group Types Explanation: Windows Active Directory has two types of groups: security and distribution. A security group is used to assign rights and permissions and gain access to network resources. It can also be used as a distribution group.
- Which type of group can contain any user or group in any domain and can be assigned to any resource in any domain? a) domain local group b) global group c) universal group d) distribution group
Answer: c) universal group Difficulty: Medium Section Reference: Comparing Group Scopes Explanation: Universal group scope is designed to contain global groups from multiple domains. Universal groups can contain global groups, other universal groups, and user accounts. Because global catalogs replicate universal group membership, you should limit the membership to global
- What authorizes a user to perform a certain action on a computer? a) user rights b) permissions c) assignments d) certificates
Answer: a) user rights Difficulty: Medium Section Reference: Comparing Rights and Permissions Explanation: A right authorizes a user to perform certain actions on a computer, such as logging on to a system interactively or backing up files and directories on a system. User rights are assigned through local policies or Active Directory Group Policy.
Fill in the Blank 17. ___________ is the primary authentication protocol used in Active Directory.
Answer: Kerberos Difficulty: Hard Section Reference: Introducing Directory Services with Active Directory Explanation: Kerberos is a computer network authentication protocol that allows hosts to prove their identity securely over a non-secure network. It can also provide mutual authentication so that both the user and server can verify each other’s identity.
Fill in the Blank 18. A ________ is a logical unit of computers and network resources that define a security boundary.
Answer: domain Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: A Windows domain is a logical unit of computers and network resources that defines a security boundary. A domain uses a single Active Directory database to share its common security and user account information for all computers within the domain, allowing centralized administration of all users, groups, and resources on the network.
Fill in the Blank 19. A __________ is a Windows server that stores the Active Directory database.
Answer: domain controller Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: A domain controller is a Windows server that stores a replica of the account and security information for the domain and defines the domain boundaries. To make a computer running Windows Server 2008 a domain controller, you must install the Active Directory Domain Services and execute the dcpromo (short for dc promotion) command.
Short Answer 20. What do you call one or more trees with disjointed namespaces?
Answer: forests Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: A forest is made of one or more trees (although most people think of a forest as two or more trees). A forest varies from a tree because it uses disjointed namespaces between the trees.