Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Server Administration > MS Server Questions > Flashcards

MS Server Questions Flashcards

1
Q

What is a Data Collector Set ?

A

Data Collector sets gather system information, including configuration settings and performance data and store it in a data file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which utility provides a Quota Management function?

A

File Server Resource Manager (SFRM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

List the printer permissions for controlling a printer?

A

Print - Connect to a printer
Print documents
Pause,resume,restart and cancel own
docs

Manage - Share, delete printer
Printer Cancel all docs
change properties, permissions

Manage - Pause, resume, restart and cancel all
Documents docs
Control job setting for all docs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is the difference between default domain policy and domain controller policy?

A

The default domain policy is applied (by default) to all the machines/users in the domain

The default domain controllers policy is applied (by default) to the domain controllers OU into which all domain controllers are put by default - this applies security settings etc consistent with their role as domain controllers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the difference between assigning and publishing software ?

A

Application assignment can be done to users or computers.

When assigned to a user, the application is advertised to the user the next time the user logs on. The advertisement follows the user, regardless of which physical computer they use. The app is installed the first time the user activates the app.
on the computer, either by selecting the application on the Start menu or by activating a document that is associated with the application.

When assigning to the computer, the application is advertised and the installation is performed when the computer starts up.

On the other hand, when the administrator publishes an application to users the application is available for the user to install by using Add or Remove Programs in Control Panel or by clicking a file that is associated with the application.

You should publish an application when you want the application to be available to people who are managed by the Group Policy object, in case a user wants the application. With published applications, it is up to each person to decide whether or not to install the published application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the two types of group in Active Directory?

A
  1. Security groups: A security group is a collection of users who have the same permissions to resources and the same rights to perform certain system tasks. These are the groups to which permissions are assigned so that its members can access resources

2.Distribution groups are created to share information with a group of users through e-mail messages. Applications such as Microsoft Exchange that work with Active Directory can use distribution groups to send bulk e-mail to groups of users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe the three types of group scope?

A
  1. Global groups are containers for user accounts and computers accounts in the domain. They assign permissions to objects that reside in any domain in a tree or forest

2.Domain Local groups: Domain local groups can have user accounts, computer accounts, global groups, and universal groups from any domain as group members. However, only domain local groups can assign permissions to local resources or to resources that reside in the domain in which the domain local group was created.

  1. Universal groups: Universal groups can have user accounts, computer accounts, global groups, and other universal groups from any domain in the tree or forest as members. This basically means that users can add members from any domain in the forest to a universal group
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a reference computer?

A

The reference computer is used by Configuration Manager 2007 operating system deployment to capture the operating system image that you want to deploy to a collection of one or more target computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How many schemas are there in an AD forest ?

A

One

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is Microsoft System Center ?

A

A bundled suite of systems management products that offers tools to, among other features, deploy and monitor devices and applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What happens when you deploy software by assigning through group policy?

A

Assigning installs the application without prompting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Data Collector Set ?

A

Data Collector sets gather system information, including configuration settings and performance data and store it in a data file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Active Directory Rights Managements Services?

A

A service involved in the creation of rights-protected resources such as documentation. It involves trusted entities (users,computers eg) applying usage rights to content.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is Policy and Access Services?

A

Microsoft Network Policy and Access Services (Microsoft NPAS) is a server role in Windows Server 2008 and Windows Server 2012 that allows administrators to provide local and remote network access. It also allows administrators to define and enforce policies for network access authentication, authorization and client health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is Remote Access?

A

The ability to log onto a network from a distant location. Generally, this implies a computer, a modem, and some remote access software to connect to the network.

The remote access software dials in directly to the network server. The only difference between a remote host and workstations connected directly to the network is slower data transfer speeds.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are Remote Desktop Services?

A

Microsoft Remote Desktop Services [RDS] allows users to access centralized applications and workstations in the data center remotely. Microsoft RDS is the new expanded and renamed Microsoft Terminal Services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a Windows Deployment Services (WDS)?

A

Windows Deployment Services is a server role that gives administrators the ability to deploy Windows operating systems remotely.

WDS can be used for network-based installations to set up new computers so administrators do not have to directly install each operating system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a Capture Image?

A

WDS will allow you to boot up a generalized template machine with a capture image (these images provide an alternative to the command-line utility, ImageX.exe). A capture image is a specialized boot image that is used to create a new installation image file and store it in the image store of the WDS server. A capture image is created from an existing boot image.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a Discover Image?

A

A discover image is a type of boot image that you can use to install an operating system on a computer that is not capable of network booting using the Pre-Boot Execution Environment (PXE). You may want to use a discover image in the following scenarios:

  1. A client is not PXE-enabled.
  2. A client is on a different subnet and you do not have method of getting PXE to the client (for example, IP helper tables or Dynamic Host Control Protocol (DHCP)).
  3. You have many Windows Deployment Services servers and want to target a specific server.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is an A record?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is a CNAME record?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is a PTR record?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is an NS record?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How many global catalogs are in an Active Directory domain?

A

One

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is Credential Roaming?

A

Credential Roaming is used to secure critical transactions such as signing, encrypting, and decrypting e-mail or authenticating identity, many environments rely on certificates

26
Q

How does WSUS control and schedule updates to computers?

A

WSUS allows you to target updates to groups of client computers, so you can ensure that specific computers always get the right updates at the most convenient times. For example, if all the computers in one department (such as the Accounting team) have a specific configuration, you can set up a group for that team, decide which updates their computers need and what time they should be installed

27
Q

What is the distinguished name of a user named JSmith whose account is located in the Marketing OU of the reskit.com domain?

A

cn=JSmith,ou=marketing,dc=reskit,dc=com

27
Q

Which utility provides a Quota Management function?

A

File Server Resource Manager (SFRM)

28
Q

Describe the three types of group scope?

A
  1. Global groups are containers for user accounts and computers accounts in the domain. They assign permissions to objects that reside in any domain in a tree or forest

2.Domain Local groups: Domain local groups can have user accounts, computer accounts, global groups, and universal groups from any domain as group members. However, only domain local groups can assign permissions to local resources or to resources that reside in the domain in which the domain local group was created.

  1. Universal groups: Universal groups can have user accounts, computer accounts, global groups, and other universal groups from any domain in the tree or forest as members. This basically means that users can add members from any domain in the forest to a universal group
29
Q

what is Microsoft best practice regarding Default Domain and Default Domain Controller Policy GPO’s?

A
  1. “As a best practice, you should configure the Default Domain Policy GPO only to manage the default Account Policies settings, Password Policy, Account Lockout Policy, and Kerberos Policy”.
  2. “As a best practice, you should configure the Default Domain Controllers Policy GPO only to set user rights and audit policies.”
  3. “Do not modify the default domain policy or default domain controller policy unless necessary. Instead, create a new GPO at the domain level and set it to override the default settings in the default policies.”
30
Q

What is the process for applying group policies to client computers?

A

A policy is a setting made by a system administrator, and those policies are pushed down to each PC from Active Directory. Normally windows refreshes group policy on client machines mostly during reboot or relogin process. If you dont want to reboot/relogin but still want the latest group policy change , you can use gpupdate /force command.

31
Q

How does a higher level ‘Enforced’ GPO affect a lower level ‘Blocked’ GPO?

A

If you select ‘Block Inheritance’ on a GPO it does not implement the GPO settings from the parent GPO. This is a useful way of exempting a specific OU from a policy being applied at a higher level.

If you select ‘Enforced’ at the higher level GPO then any lower level OU’s with GPO set to ‘Block Inheritance’ will be overridden and the settings from the higher level will be applied regardless.

32
Q

What is the standard method for backing up GPO’s within Active Directory?

A

The Group Policy Management Console (GPMC) supports the Backup, Restore, Import and Copy operations for GPO’s.

33
Q

What is the difference between GPResult and RSOP?

A

Resultant Set Of Policies (rsop.msc) is a graphical tool. It does not show all Microsoft group policy settings.

GPResult is a command line tool which allows you to see all the policies in effect for a user and computer

34
Q

How do you define an Automatic Approval Rule in WSUS?

A

Typically, you create an automatic approval rule to scan clients for applicable updates. To define an automatic approval rule:

  1. Call the GetInstallApprovalRules to retrieve the install approval rule.
  2. Set Enabled to true.

Call SetUpdateClassifications to specify the classification of updates for which you want to automatically create the approval. For example, create a scan approval rule to detect applicable critical and security updates.

  1. Call SetComputerTargetGroups to specify the target groups to which you want to apply the rule.
  2. Call Save to save the rule.
35
Q

What categories of reports are generated by WSUS?

A

Update, Computer, Synchronisation

36
Q

What is Systems Center Operations Manager?

A

A central component of the Microsoft System Center suite it is used to monitor the health and performance of everything from servers to individual applications in Microsoft Windows environments

37
Q

What are Data Collector Sets?

A

Most Systems Administrators have used Performance Monitor to view real-time performance data on Windows servers and identify bottlenecks. … Data Collector sets gather system information, including configuration settings and performance data and store it in a data file

38
Q

What does Event Viewer do?

A

Event Viewer allows you to monitor events in your system. It maintains logs about program, security, and system events on your computer. You can use Event Viewer to view and manage the event logs, gather information about hardware and software problems and monitor Windows security

39
Q

What is Network Access Protection (NAP)?

A

NAP is a Microsoft technology for controlling network access of a computer, based on its health. With NAP, system administrators of an organization can define policies for system health requirements

40
Q

What is Windows Bitlocker Drive Encryption?

A

BitLocker was designed to protect information on devices, particularly in the event that a device was lost or stolen; When used in conjunction with a compatible Trusted Platform Module (TPM), BitLocker can validate the integrity of boot and system files before decrypting a protected volume; an unsuccessful validation will prohibit access to a protected system

41
Q

What are Software Restriction Policies?

A

When you use the software restriction policies, you can identify and specify the software that is allowed to run on legacy operating systems so that you can protect your computer environment from untrusted code

42
Q

When do you use NFS shares and SMB shares?

A

You should use NFS for dedicated Linux Client to Linux Server connections. For mixed Windows / Linux environments use SMB.

43
Q

What is the significance of a printer’s priority number?

A

The printer priority number (1 to 99, 1 is the lowest priority with 99 the highest) allows an admin to vary the access a user or group has to a printer by creating a number of printers and assigning a different priority to each printer which is led associated with a user or group

44
Q

What is RAID 10?

A

RAID 10, also known as RAID 1+0, combines disk mirroring and disk striping to protect data. A RAID 10 configuration requires a minimum of four disks, and stripes data across mirrored pairs. As long as one disk in each mirrored pair is functional, data can be retrieved. This is normally configured as external storage in a failover cluster configuration.

45
Q

Storage spaces vs storage pools?

A

Storage Spaces lets you group industry-standard disks into at least one Storage Pool You can then create virtual disks from the available capacity in the Storage Pool.

46
Q

What’s the difference between Load Balancing and Failover Clustering?

A

Load Balancing is all about improvising performance (scale) while Failover Clustering is improvising uptimes mitigating system failures. Another difference is, you would find Load Balancing happening at web/application servers (stateless ) and failover clustering at database servers (stateful)

47
Q

what is a tombstone in Active Directory?

A

When an object is deleted from Active Directory, it is not immediately erased, and instead it is marked (or tombstoned) for future deletion. The directory service moves tombstone objects to the Deleted Objects container, where they remain until the garbage collection process removes the objects (by default every 12 hours).

48
Q

What operations can you perform with File Screening?

A
  1. Create file screens to control the types of files that users can save, and generate notifications when users attempt to save unauthorized files.
  2. Define file screening templates that can be applied to new volumes or folders and that can be used across an organization.
  3. Create file screening exceptions that extend the flexibility of the file screening rules.
49
Q

What is Windows Defender?

A

Windows Defender is an anti-malware component of Microsoft Windows

50
Q

Are global groups and domain local groups replicated to global catalog?

A

No the global groups and domain local groups are not replicated to global catalog.

As you would expect, domain local and global groups are listed in the global catalog, however the individual members are not listed. So changes in global group membership have zero impact on global catalog replication traffic.

Universal groups on the other hand, not only are listed in the global catalog but also the individual users or nested groups are also listed.Now you can see that adding users to a universal group will generate replication traffic. That is why Guy says only put global groups inside universal groups, the individual members inside the global groups are not replicated.

In Windows 2000 the situation is that one change of membership to a universal group causes the whole list to be replicated, thankfully that changed in Server 2003, now only incremental changes are replicated not the whole list.

51
Q

What are Event Subscriptions?

A

Event logs are great for troubleshooting. With Event Subscriptions, you can have the events collected on multiple systems delivered directly to your monitoring station.

52
Q

What are the 5 basic things you should monitor in a domain?

A
  1. Security Event Logs being cleared
  2. High value groups like Domain Admins being Changed
  3. Local administrator groups being changed
  4. Local users being created or deleted on member systems
  5. New Services being installed, particularly on Domain Controllers (as this is often an indicator of malware or lateral movement behavior.)
53
Q

What types of events are listed in an event log?

A

The Windows operating system classifies events by type.

  1. An information event describes the successful completion of a task, such as installing an application.
  2. A warning event notifies the administrator of a potential problem, such as low disk space.
  3. An error message describes a significant problem that may result in a loss of functionality.
  4. A success audit event indicates the completion of an audited security event, such as an end user successfully logging on.
  5. A failure audit event describes an audited security event that did not complete successfully, such as an end user locking himself out by entering incorrect passwords.
54
Q

What is Windows Reliability Monitor?

A

Reliability Monitor is a built in tool which is used to check the overall stability of the windows installation. It displays a graph with categories of errors. These categories include Application failures, Windows failures, Misc failures, and Warnings.

55
Q

Why must a Global Catalog be available for the domain logon process ?

A

The reason that a Global Catalog must be available for the domain logon process is that the membership for universal groups is not stored on all domain controllers. Because the membership of all universal groups is replicated to Global Catalog servers, the complete universal group membership of a user can be determined by querying a Global Catalog server.

56
Q

What is Distributed File System (DFS)?

A

DFS is a set of services in Windows servers that organize many distributed SMB file shares into a distributed file system grouping the shares in multiple different locations logically under one folder, the “DFS root”.

57
Q

What is the difference between the User Configuration and Computer Configuration sections in Group Policy?

A

‘User configuration is applied to the USER session

Computer configuration is applied to the entire computer thus effecting every user.’

58
Q

In DNS what is the difference between Root hints and a forwarder?

A

There are two ways to configure a Windows DNS server to provide non-authoritative responses: forwarders and root hints.

These are both lists of servers that are used to resolve queries that the local DNS server can’t resolve on its own, and both provide the same functionality from the perspective of a client. They do so in different ways, however:

Root hints use iterative queries. When the local DNS server can’t resolve a query using its cache or database, it sends a query to one of the root DNS servers on the internet. The root server will respond with a referral, which contains the addresses of the DNS servers authoritative for the top-level domain (such as .com or .net) in the original query. The local server then queries one of the servers in the referral, which will respond with another referral, this time to the servers authoritative for the second-level domain (dell.com, for example) in the original query. This query/referral process continues until a server is reached that is authoritative for the fully qualified domain name (FQDN) in the original query. It will return an authoritative positive or negative response - a response which either contains the record sought by the original query or indicates that it doesn’t exist - and the local server will send that response to the querying client.

Forwarders, on the other hand, use recursive queries. If forwarders are configured, when the local DNS server can’t resolve a query, it sends a recursive query to one of the forwarders in its list. This type of query tells the forwarder that the local server will accept either a positive or negative response, but not a referral. Essentially, the forwarder does the work of tracking down the record in the query, which may involve the referral process above, and the local server simply waits for the response, which it then

59
Q

How does a RADIUS infrastructure work?

A

When you are using RADIUS, a user dials up or otherwise contacts some sort of server that is giving out connections. That server is a RADIUS client; it holds a dialog with the user and passes information back and forth to a RADIUS client. Remember that it is the terminal server (ie the access server) that is the RADIUS client, not the remote machine. The remote machine won’t be able to join the network until after the RADIUS dialog is complete.

60
Q

When setting up a disaster recovery plan for your Hyper-V virtual machines in a System Centre Virtual Machine Manager (VMM) cloud, what happens during the initial replication?

A

Delta replication begins

Server Administration (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions