Midterm

Question 1

Which functional level only allows Windows Server 2003 and Windows 2008 domain controllers?

Answer 1

Windows Server 2003

Question 2

What type of trust relationship allows you to create two-way transitive trusts between separate forests?

Answer 2

cross-forest

Question 2

What type of trust is new to Windows Server 2008 and is only available when the forest functionality is set to Windows Server 2008?

Answer 2

cross-forest trust

Question 3

What type of zone is necessary for computer hostname-to-IP address mappings which are used for name resolution by a variety of services?

Answer 3

forward lookup

Question 3

Active Directory uses __________ relationships to allow access between multiple domains and/or forests either within a single forest or across multiple enterprise networks

Answer 3

trust

Question 3

When configuring a site link object which attribute allows the administrator to define the path that replication will take?

Answer 3

cost

Question 3

Domain controllers located in different sites will participate in __________ replication

Answer 3

intersite

Question 4

What is the minimum amount of storage space required for the Active Directory installation files?

Answer 4

200 MB

Question 5

Read-Only Domain Controllers provide added security in the way passwords are stored through what feature?

Answer 5

Password Replication Policy

Question 6

What holds a subset of forest-wide Active Directory objects and acts as a central repository by holding a complete copy of all objects from the host servers local domain with a partial copy of all objects from other domains within the same forest?

Answer 6

global catalog

Question 7

What new Windows Server 2008 feature is a special installation option that creates a minimal environment for running only specific services and roles?

Answer 7

Server Core

Question 7

What tool is used to seize a FSMO role?

Answer 7

ntdsutil

Question 8

The RID Master FSMO role distributes RIDs to domain controllers in what increments?

Answer 8

500

Question 9

Active Directory __________ provide the means by which administrators can control replication traffic

Answer 9

sites

Question 10

What process is used when you move a FSMO role gracefully from one domain controller to another?

Answer 10

role transfer

Question 11

Replication within Active Directory will occur when which of the following conditions is met?

Answer 11

Replication within Active Directory will occur when an object is added or removed from Active Directory the value of an attribute has changed or the name of an object has changed

Question 12

Which FSMO role has the authority to manage the creation and deletion of domains domain trees and application data partitions in the forest?

Answer 12

Domain Naming Master

Question 13

A __________ is defined as one or more IP subnets that are connected by fast links

Answer 13

Site

Question 13

What SRV record information serves as a mechanism to set up load balancing between multiple servers that are advertising the same SRV records?

Answer 13

priority

Question 13

The ISTG automatically assigns one server in each site as the bridgehead server unless you override this by establishing a list of __________ bridgehead servers

Answer 13

preferred

Question 14

What console must be used to move the Domain Naming Master FSMO role?

Answer 14

Active Directory Domains and Trusts

Question 16

When replicating information between sites Active Directory will designate a __________ server in each site to act as a gatekeeper in managing site-to-site replication

Answer 16

bridgehead

Question 17

All default groups are __________ groups

Answer 17

security

Question 18

If the domains within a forest are separated by slow WAN links and the tree-walking process takes an exceedingly long time to allow user authentication across domains you can configure a __________ trust

Answer 18

shortcut

Question 19

The largest container object within Active Directory is a(n) __________

Answer 19

forest

Question 20

For both intrasite and intersite replication what protocol does Active Directory use for all replication traffic?

Answer 20

RPC over IP

Question 21

What allows a user to be able to log on using a cached copy of his or her logon credentials that have been stored on his or her local workstation?

Answer 21

cached credentials

Question 21

When a child domain is created it automatically receives a __________ trust with its parent domain

Answer 21

two-way transitive

Question 22

A __________ name references an object in the Active Directory directory structure by using its entire hierarchical path starting with the object itself and including all parent objects up to the root of the domain

Answer 22

distinguished

Question 22

Which FSMO role is responsible for reference updates from its domain objects to other domains?

Answer 22

Infrastructure Master

Question 23

Which of the following is not a benefit of Active Directory Domain Services?

Answer 23

personalized desktops

Question 25

What shared folder exists on all domain controllers and is used to store Group Policy objects login scripts and other files that are replicated domain-wide?

Answer 25

SYSVOL

Question 26

__________ partitions are used to separate forest-wide DNS information from domain-wide DNS information to control the scope of replication of different types of DNS data

Answer 26

Application Directory

Question 27

The KCC is responsible for calculating intrasite replication partners. During this process what is the maximum number of hops that the KCC will allow between domain controllers?

Answer 27

3

Question 28

What role provides developers with the ability to store data for directory-enabled applications without incurring the overhead of extending the Active Directory schema to support their applications?

Answer 28

AD LDS

Question 28

What is an alternative solution for intersite replication when a direct or reliable IP connection is not available?

Answer 28

SMTP

Question 28

What master database contains definitions of all objects in the Active Directory?

Answer 28

schema

Question 28

What feature makes it possible to configure a user as the local administrator of a specific RODC without making the user a Domain Admins with far-reaching authority over all domain controllers in your entire domain and full access to your Active Directory domain data?

Answer 28

Admin Role Separation

Question 30

A Windows Server 2008 computer that has been configured with the Active Directory DS role is referred to as a __________

Answer 30

domain controller

Question 31

How often does intersite replication occur by default?

Answer 31

15 minutes

Question 31

Each objects SID consists of two components: the domain portion and the __________

Answer 31

relative identifier

Question 32

__________ roles work together to enable the multimaster functionality of Active Directory

Answer 32

FSMO

Question 33

Certain operations such as a password change or an account lockout will be transmitted by using __________ replication which means that the change will be placed at the beginning of the line and applied before any other changes that are waiting to be replicated

Answer 33

urgent

Question 35

When modifying the schema Microsoft recommends adding administrators to what group only for the duration of the task?

Answer 35

Schema Admins

Question 37

What contains the rules and definitions that are used for creating and modifying object classes and attributes within Active Directory?

Answer 37

Schema NC

Question 38

What types of memberships are stored in the global catalog?

Answer 38

universal

Question 39

What special identity group is used by the system to allow permission to protected system files for services to function properly?

Answer 39

Service

Question 40

What Windows Server 2008 feature stores universal group memberships on a local domain controller that can be used for logon to the domain eliminating the need for frequent access to a global catalog server?

Answer 40

universal group membership caching

Question 41

How many FSMO roles does Active Directory support?

Answer 41

5

Question 43

The primary goal of intersite replication is to minimize the usage of __________

Answer 43

bandwidth

Question 44

What can be defined as a password that follows guidelines that make it difficult for a potential hacker to determine the users password?

Answer 44

strong password

Question 46

What utility is used to manually create trust relationships?

Answer 46

Active Directory Domains and Trusts MMC snap-in

Question 47

What is the process of confirming that an authenticated user has the correct permissions to access one or more network resources?

Answer 47

authorization

Question 48

What command-line utility is used to import or export Active Directory information from a comma-separated value (.csv) file?

Answer 48

CSVDE

Question 49

The __________ Domain Controller contains a copy of the ntds.dit file that cannot be modified and does not replicate its changes to other domain controllers within Active Directory

Answer 49

Read-Only

Question 50

What process is responsible for selecting a bridgehead server and mapping the topology to be used for replication between sites?

Answer 50

Intersite Topology Generator

Question 51

What command can you use to run the Active Directory Installation Wizard?

Answer 51

dcpromo

Question 52

What is used to uniquely identify an object throughout the Active Directory domain?

Answer 52

security identifier

Question 53

As a rule of thumb you should estimate __________ percent of the size of the ntds.dit file of every other domain in the forest when sizing hardware for a global catalog server

Answer 53

50

Question 54

Which of these design aspects should you consider when planning the appropriate location of FSMO role holders?

Answer 54

1. Number of domains that are or will be part of the forest
2. Physical structure of the network
3. Number of domain controllers that will be available in each domain

Question 56

__________ is the highest available forest functional level

Answer 56

Windows Server 2008

Question 57

What locator records within DNS allow clients to locate an Active Directory domain controller or global catalog?

Answer 57

SRV records

Question 59

The process of keeping each domain controller in synch with changes that have been made elsewhere on the network is called __________

Answer 59

replication

Question 60

What processes can be used by Windows Server 2008 DNS to clean up the DNS database after DNS records become stale or out of date?

Answer 60

aging and scavenging

Question 61

Interoperability with prior versions of Microsoft Windows is available in Windows Server 2008 through the use of __________

Answer 61

functional levels

Question 62

What signifies an objects relative location within an Active Directory OU structure?

Answer 62

distinguished name

Question 63

What command-line tool can be used to manually create a replication topology if site link bridging is disabled if the network is not fully routed?

Answer 63

Repadmin

Question 64

When you install the forest root domain controller in an Active Directory forest the Active Directory Installation Wizard creates a single site named __________

Answer 64

Default-First-Site-Name

Question 65

What command-line tool is used to create delete verify and reset trust relationships from the Windows Server 2008 command line?

Answer 65

netdom

Question 67

What procedure is used only when you have experienced a catastrophic failure of a domain controller that holds a FSMO role and you need to recover that role?

Answer 67

role seizure

Question 68

What is the process of confirming a users identity by using a known value such as a password pin number on a smart card or users fingerprint or handprint in the case of biometric authentication?

Answer 68

authentication

Question 69

Each class or attribute that you add to the schema should have a valid __________

Answer 69

OID

Question 70

What command-line tool used for monitoring Active Directory provides functionality that includes performing connectivity and replication tests?

Answer 70

dcdiag

Question 71

How many RID Masters can a domain have?

Answer 71

1

Question 72

What special identity group contains all authenticated users and domain guests?

Answer 72

Everyone

Question 73

Active Directory creates a __________ with the idea that all writeable domain controllers in a domain should communicate Active Directory information to each other in addition to communicating forest-wide information with other domains

Answer 73

replication topology

Question 74

What type of trust allows you to configure trust relationships between Windows Server 2008 Active Directory and a UNIX MIT Kerberos realm?

Answer 74

realm

Question 75

What allows businesses to define manage access and secure network resources including files printers people and applications?

Answer 75

Directory service

Question 76

What port is used by Active Directory to direct search requests to a global catalog server?

Answer 76

3268

Question 77

How often does replication occur in intersite replication?

Answer 77

180 minutes

Question 79

To raise the functional level of a forest you must be logged on as a member of the __________ group

Answer 79

Enterprise Admins

Question 81

Which of the following is not a function performed by a global catalog server?

Answer 81

maintaining a backup of all data stored on a domain controller

Question 82

How many FSMO roles does Active Directory support?

Answer 82

5

Question 83

What protocol has become an industry standard that enables data exchange between directory services and applications?

Answer 83

LDAP

Question 84

What is the process of replicating DNS information from one DNS server to another?

Answer 84

zone transfer

Question 85

What is a partial copy of all objects from other domains within the same forest that is held on a global catalog server?

Answer 85

partial attribute set

Question 86

When a user logs on what is created that identifies the user and all of the users group memberships?

Answer 86

access token

Question 88

What DLL must be registered to use the Schema Management snap-in?

Answer 88

schmmgmt.dll

Question 89

What describes the amount of time that it takes for all domain controllers in the environment to contain the most up-to-date information?

Answer 89

convergence

Question 90

What defines a chain of site links by which domain controllers from different sites can communicate?

Answer 90

site link bridge