Server Flashcards
1
Q
which of the following is used to boot a computer over the network?
A
PXE
2
Q
which of the following is used to load a minimum version of windows to troubleshoot an installation?
A
Windows PE
3
Q
which two roles are available in wds?
A
Deployment server
transport server
4
Q
which of the following are necessary for deploying wds? (choose all that apply)
A
AD DS
DHCP
DNS
5
Q
the answer file is made as a ____ file
A
XML
6
Q
which of the following allows you to package drivers together and deploy them with images?
A
dynamic driver provisioning
7
Q
which command allows you to modify an offline image?
A
dism
8
Q
which program is used to remove the computer name and sid from a computer?
A
system preparation utility (sysprep)
9
Q
which of the following is the filename extension for install images and boot images?
A
WIM
10
Q
which of the following is used to convert a master computer to an image file?
A
Windows Deployment Service Capture utility
11
Q
Which term best describes multiple hot fixes, security updates, and critical updates which are packaged together and thoroughly tested together?
A
service pack
12
Q
to specify which computers get which updates, into which of the following categories should you divide the computers?
A
computer groups
13
Q
which of the following is the default port used for synchronization?
A
8530
14
Q
which of the following wsus modes has upstream wsus servers share updates and the approval of updates with wsus downstream servers?
A
replica
15
Q
which of the following is the process of downloading updates for a wsus server?
A
synchronization
16
Q
which term best describes when computers are automatically assigned to a computer group using group policies or by modifying the registry?
A
client side targeting
17
Q
which of the following is required in order to view reports in wsus?
A
microsoft report viewer 2008 redistributable
18
Q
which of the following is the default database used by wsus?
A
WID (wsus internal database)
19
Q
which of the following is the best strategy for getting all clients within an organization to use a wsus server?
A
use group policies
20
Q
if a client is not part of a domain, client-side targeting can be accomplished by doing which of the following?
A
by modifying the registry
21
Q
which of the following is the primary tool to add or remove server tools?
A
server manager
22
Q
which of the following is used to view the windows logs?
A
event viewer
23
Q
when you are troubke shooting a problem and decide to use the event viewer, which of the following should be used to help you focus on a reduced set of events?
A
filters
24
Q
which of the following is used to modify a task after you add a basic task to an event viewer?
A
task scheduler
25
which of the following allows you to view events from multiple computers using the event viewer?
subscriptions
26
which command is used to configure a collecting computer to receive an event subscription?
wecutil qc
27
which program allows you to stop a running process?
task manager
28
which program is used to determine what process is using a file?
resoource monitor
29
which of the following is used to group multiple performance counters so that they can be used over and over in performance monitor?
data collector sets
30
which program allows you to determine what processes are using which network connections?
netstat
31
what are two types of dfs namespace?
domain based namespace
| stand alone namespace
32
how many target folders can you have for each namespace in windows server 2008 mode?
50,000
33
what is an order list of servers and targets that a client computer receives from a domain controller or namespace server when a user accesses a namespace root or a dfs folder with targets?
referrals
34
what is the default topology used in dfs replication?
full mesh topology
35
which of the following is the compression algorithm used in dfs replication found with windows server 2012 r2?
remote differential compression (rdc)
36
which is the default size of a staging folder?
4gb
37
which is the collection of servers that hold targets of a dfs folder?
replication group
38
which of the following is a shared folder of shared folders?
dfs namespace
39
which of the following replaced file replication services (frs)?
dfs replication
40
what is the default quota size of the conflict and deleted folder?
660 mb
41
which type of quota used with fsrm prevents users from saving files when the quota is exceeded?
hard quota
42
which of the following is supported when you define quotas using fsrm? (choose all that apply)
- place an event in the windows logs
- send email
- run a command or script
43
which of the following do you perform when you change a quota template? (choose all that apply)
- apply template only to derived quotas that match the original template
- apply template to all derived quotas
44
which of the following is used to control the type of files that users can save to a file server?
fsrm
45
which type of screening prevents users from saving the defined authorized files?
active screening
46
which tool is used to manage file servers, including configuring quotas and blocking certain files?
file server resource manager (fsrm)
47
which type of quota used by fsrm will send notifications only when the quota is exceeded?
soft quota
48
which of the following enables users to use certain files but notifies an administrator via an email when the user saves those types files?
passive screening
49
which of the following do you setup when you want to allow a file that is blocked with file screening?
screen exception
50
which of the following do you use to simplify the management of file screens?
file screen template
51
which encryption technology should you use to protect individual files on a computer running windows server 2012 r2?
efs
52
when using efs, the encryption key is stored in which of the following?
digital certificate
53
what happens when you move an efs encrypted file to a fat32 volume?
it is decrypted
54
which encryption algorithm uses a single key to encrypt and decrypt data?
symmetric
55
how do you define the dra's?
GPOs
56
how do you decrypt an efs encrypted file for a person who has left an organization?
use a DRA (data recovery agent)
57
if you dont have a tpm on your computer, what can you use to store the key to us bitlocker?
usb memory device
58
which windows technology is used to encrypt a usb disk device?
bitlocker to go
59
which command do you use to encrypt a folder with efs?
use the cipher command
60
how do you configure windows to automatically encrypt a users' documents folder?
use group policies
61
where do you view the security events collected by auditing with group policies?
event viewer
62
to audit who accessed a file, which of the following must you first enable?
object access auditing
63
to audit who modified a group policy, which of the following should you change?
policy change
64
in which audit group do you find the audit filtering platform connection and audit filtering platform packet drop?
object access auditing
65
which of the following do you need to perform when you want to remove advanced auditing policies?
use basic audit policies with the enforce option
66
which command should you use to show the current audit policies on a machine?
auditpol.exe /get /subcategory:*
67
how many audit policy sub settings are found in the advanced audit policy settings?
56
68
which command clears the audit policy on a computer?
auditpol /clear
69
which of the following should you use to give you more control on what events to audit?
advanced audit policy settings
70
which of the following do you define when you configure auditing files and printers?
system access control lists
71
how many primary zones can a zone have?
1
72
which are often known as name servers?
dns servers
73
which zone is used to translate host names to ip addresses?
forward lookup zone
74
which would you use when you create a reverse lookup zone for the 172.25.0.0 255.255.0.0 subnet?
0.0.25.172
75
which is each node or leaf in the dns tree referred to as?
resource record
76
which is used to automatically create and update the host's primary dns server?
dynamic updates
77
which zone contains only the necessary resource records that act as an authoritative name server?
stub zone
78
which forwards queries to other dns servers based on the dns domain name in the query?
conditional forwarding
79
which sends dns information from a zone on a dns server to another dns server?
zone transfer
80
which command do you use to create a zone to a dns on a dns server?
dnscmd /zoneadd
81
which records are automatically created when you create a zone? (choose all that apply)
soa
| ns
82
which dns resource record is used to map a host name to an ip address?
A record
83
which dns resource record specifies the authoritative information about a zone?
soa record
84
which resource record defines an alias for a host name?
cname record
85
which type of zone do you find a ptr record in?
reverse lookup zone
86
which record do you use to specify an organization's mail server?
mx record
87
which of the following do you use to ensure the only computer that can update its own resource records used?
secure dynamic updates
88
to scavenge dns records, where must you enable scavenging and aging? (choose two answers)
dns server
| zone
89
which command do you use to clear a computer's dns cache?
ipconfig /flushdns
90
when is the ttl that is defined by the soa overwritten?
when a resource record has its own ttl
91
which of the following can you find in rras? (choose all that apply)
routing
| nat
92
is you want to use vpn reconnect, which vpn protocol should you use?
ikev2
93
you want to make a server running windows 20129 r2 into a vpn server. however, the networking team allows only https through the firewall. which vpn protocol should you use?
sstp
94
you want to start using smart cards with the vpn. what authentication protocol should you use?
eap
95
which authentication protocol should you not use because it is the least secure?
pap
96
how do you allow split tunneling?
- open advanced tcp/ip settings
| - deselect use default gateway on remote network
97
what is the easiest way to set up a vpn client on a computer for a user that is not technical?
use cmak to create an executable install
98
which option would you use to make sure that a user can dial in using only his or her home phone?
always callback to
99
which tab in the rip properties would you use to prevent routes being received from a router located on 10.10.10.10?
security
100
which option should you use with the route command when creating a static route that will ensure the route is still available if the computer is rebooted?
-p
101
you have the following servers for direct access:
-domain controller/dns server running windows server 2008 operating at windows server 2003 domain functional level
-certificate authority running windows server 2012 r2
-file server running windows 2008 r2
-direct access server running windows server 2012 r2
which of the following do you need to modify?
upgrade the domain controller to windows server 2008 r2
102
you are to configure the network location server (nls). which web server (iis) role service would you install on the nls server?
ip and domain restrictions
103
you have installed and configured a direct address server. you created a group called daclients. however, when users log into their computers, the computers are not configured to us direct access. what do you need to do to configure the clients to use direct access?
make sure that the client is added to the daclients group
104
you are configuring direct access on server1. which step do you need to perform to ensure that server1 can initiate connections to direct access client computers?
infrastructure server
105
how can you identify the url of the network location server that a client is using?
run netsh namespace show effective policy command
106
what two steps do you need to perform on the dns server so that it can support direct access?
- remove the isatap from the dns global query block
| - add a record for the nsl server
107
you have a client that is configured for direct access. the client is connected to the internet from home. how can you verify whether the client can resolve the direct access server called server1.contosol.com?
run the ping server1.contoso.com command
108
you have configured a server called server1 as a direct access server. how do you need to configure the windows firewall on the server to support direct access?
allow icmpv6 echo request
109
which table is used to determine the behavior of the dns clients when determining the address of internal resources?
nrtp (name resolution policy table)
110
which of the following clients can connect to a direct access server? (choose all that apply)
- windows 8 enterprise
- windows 7 ultimate
- windows 8 professional
111
which ports does nps use for authentication and accounting? (choose four)
- 1812
- 1813
- 1645
- 1646
112
you have several vpn servers configured using rras. what is the best way to collect information on when and how long someone is connected through the vpn?
radius accounting
113
which do you use to provide central authentication of vpn and wireless connections on the network?
use an nps server (network policy server)
114
which of the following are access clients? (choose all that apply)
- vpn server
- dial up server
- 802.1x server
115
which of the following is used to save a configuration so that it can be reused on other nps servers?
templates
116
which two locations can nps log to? (choose two)
- sql server
| - text file
117
to use eap-tsl, each client must have which of the following?
digital certificate
118
which of the following are used with nps templates? (choose all that apply)
- remote radius servers
| - radius clients
119
Microsoft's radius server is known as which of the following?
AAA server
120
which of the following tracks network usage for auditing and billing purposes?
radius accounting
121
which of the following is the default location for the log files if you use text files for radius accounting?
c:\windows\system32\logfiles
122
which three types of policies are avialbale on the network policy server (nps)? (choose all that apply)
- health policies
- network polices
- connection request policies
123
which policy is used to establish sets of conditions and settings that specify which radius servers perform the authentication. authorization, and accounting of connection requests received by the nps server from radius clients?
connection request polices
124
which policy establishes sets of conditions, constraints, and settings that specify who is authorized to connect to the network?
network policies
125
which policy would you use if you want to limit when a user can log in through the vpn?
network policies
126
how do you specify which radius server handles authentication for a vpn server?
connection request policies
127
how can you stop an nps server to stop acting as a radius server and to stop process connections requests locally?
delete the default connection request policy
128
which of the following are remote connections based on when creating network policies? (choose all that apply)
- constraints
- conditions
- settings
129
which of the following are remote connections based on when creating a connection request policy? (choose all that apply)
- conditions
| - settings
130
what technology allows you to decrease allocated bandwidth when using multilink?
BAP (bandwidth allocation protocol)
131
if you use an isdn line, which of the following allows you to use multiple connections to allow for higher bandwidth?
- multilink connections
| - BAP
132
how many bits does basic encryption support?
40 bit
133
which of the following nap enforcement mechanisms is considered the weakest?
DHCP
134
which of the following nap enforcement mechanisms is considered the strongest?
ipsec
135
which component used with nap maintains information and reports on the health of a nap client?
system health agent
136
which is the most common system health agent used in windows?
windows security center
137
which is used to make a computer compliant when you have quarantined computers that are not compliant when using nap?
use remediation servers
138
with nap, what defines the requirements for the client computers to connect to a network that is connected?
shv (system health validator)
139
which of the following is typically a remediation server when using nap? (choose all that apply)
- antivirus management server
- dhcp server
- dns server
- domain controller
140
you just implemented nap. how can you ensure that domain computers are up to date?
wsus
141
which server is used as the nap health policy server?
nps
142
which of the following is used as a windows security health validator? (choose all that apply)
- anti virus program
| - spyware
143
which act confirms the identity of a user or system?
authentication
144
which fallback authentication is used when kerberos does not work?
ntlm (ny lan manager)
145
by default, what is the maximum amount time that a clock can be off in order for kerberos to work?
300 seconds
146
which authentication protocol uses the key distribution center that maintains a database of secret keys and is more secure than ntlm?
kerberos
147
which of the following is the format for kerberos?
sqlservice/service1:1433
148
which name uniquely identifies an insurance of a service for a client?
spn (service principal name)
149
which command do you use to configure an spn for a user account?
setspn
150
what allows a kerberos ticket to be created for another service on the originating user's behalf?
kerberos delegation
151
by default,how often do passwords change for managed service accounts?
30 days
152
which account runs a service on multiple computers that belong to a cluster and that automatically have the password changed on a regular basis?
group managed service account
153
which of the following is found on a domain controller? (choose all that apply)
- global catalog
- rid master
- pdc emulator
154
which of the following is not an operations master?
global catalog
155
what is the cause of the problem if account lockout is not working?
the pdc emulator is down
156
what do you use to transfer the holder of the rid master?
active directory users and computers
157
what do you use to transfer the holder of the schema master?
active directory schema
158
what do you use to seize the role of the domain naming operations master?
ntdsutil.exe
159
you are creating a self served kiosk console at a local mall. at the mall, the kiosk will need to access a domain controller. what should you use?
rodc
160
what are you cloning when you use the new-addccloneconfigfile?
virtual domain controller
161
what is the minimum forest function level for rodc?
windows server 2008
162
you deployed a rodc running windows server 2008 to a branch office. you need to ensure that users at the branch office are able to log on to the domain using the rodc. what should you do?
configure a password replication policy on the rodc
163
which windows powershell applet enables the active directory recycle bin?
enable-adoptionalfeature
164
which of the following does the system state contain? (choose all that apply)
- boot files
- user profiles
- active directory database
- iis database
165
with the windows backup, how do you back up the active directory database?
back up the system state
166
which of the following is included with the sysvol folder? (choose all that apply)
- login scripts
| - dfs staging folder and files
167
which mode do you need to use when you perform an authoritative restore?
directory services restore mode (dsrm)
168
how do you create an active directory snapshot?
use ntdsutil.exe
169
how can you determine the size of the active directory database?
use windows explorer to view the properties of the c:\windows\ntds
ntds.dit file
170
how do you compress the size of an active directory database?
use the ntdsutil command with the files option
171
which utility can you use to remove the server metadata? (choose two)
- active directory recycle bin
| - ntdsutil.exe
172
you mount an active directory snapshot. what do you need to do so that you can query the snapshot by using ldap?
dsamain.exe
173
which of the following is found under the account policies? (choose all that apply)
- kerberos policy
- password policy
- account lockout policy
174
what is used to determine the circumstances and length of time that an account will be locked out of the system?
account lockout policy
175
what determines settings for passwords, including enforcement and lifetime?
password policy
176
how many password policies can you define for each domain?
1
177
what is the default value for the enforce password history?
24
178
what value must you assign to the account lockout duration to ensure that the administrator will have to manually unlock the account?
0
179
which do you use if you want to assign different password policies to different sets of people?
fine grained password policies
180
which do you use to configure a password policy on a standalone computer running windows?
secpol.msc
181
what is the minimum domain level necessary in order for the forest to use fine grained password policies?
windows server 2008
182
in which policy do you normally find the password policy?
default domain policy
183
what are the two default group policies that are already created in active directory? (choose two answers)
- default domain controller policy
| - default domain policy
184
gpo's are assigned to users by which of the following?
being linked to a container in active directory
185
you assign a gpo at the domain. how do you ensure that it is not overridden by another gpo?
use the enforce option
186
you have 20 users assigned to an ou. you want 10 of those users to be affected by another gpo. what should you do?
use a security filter
187
which do you use if you want to apply a group policy that affects only laptops?
wmi filtering (windows management instrumentation)
188
how many wmi filters can you configure per gpo
one per gpo
189
which two modes are used in loopback processing?
- replace mode
| - merge mode
190
which command is used to force a computer to download gpo settings after a gpo has been modified?
gpupdate /force
191
by default, what speed is considered a slow link when using slow link processing?
500kbps
192
which tool is used to order gpo precedence when assigning multiple gpo's to an ou?
group policy management console
193
how often do gpos get refreshed on client pc's
every 90 to 120 minutes
194
which filename extension patches files for microsoft software installation (msi) files?
.msp
195
which type of software installation would you perform if you want to add an icon to the users control panel?
publish software to a user
196
which type of software supports self healing?
.msi
197
which option would you use to repoint the documents folder to the user's home folder?
folder redirection
198
which type of folder redirection would you use to redirect the user's home directory to a location based on the group that the user is a member of?
advanced
199
most of the time, why do laptop users use folder redirection?
offline folders
200
where is the central store located?
c:\windows\sysvol\domain\policies\policydefinitions
201
what is used to display only the administrative templates that are being used?
property filters
202
which two components make up a gpo?
- GPT (group policy template)
| - GPC (group policy container)
203
which tool is used to backup only a gpo?
group policy management console
204
which feature allows you to restore from backup, delete a backup, and view the settings of a gpo?
group policy object editor
205
which file maps references to users, groups, computers, and unc paths when importing settings from one gpo to another gpo?
migration table
206
which command allows you to restore the default domain policy or the default domain controllers policy to their default settings?
dcgpofix
207
which tab do you use in the gpmc that grants permissions to a user or group for a gpo?
delegation
208
which of the following permissions can you grant to a group or user to manage a gpo? (choose all that apply)
- edit settings
- read
- delete
- modify security
209
which button do you click on the delegation tab that allows you to assign granular permissions to a gpo?
advanced
210
which permission is necessary for a gpo to be applied to a group or user? (choose all that apply)
- allow apply group policy permission
| - allow read permission
211
after you copy and paste a gpo, what is the last step you have to do?
rename the gpo
212
which minimum domain controller is needed to use group policy preferences (gpp)?
windows server 2008
213
which of the following are actions found in preferences? (choose all that apply)
- delete
- create
- replace
214
which two categories are gpp divided into? (choose two)
- windows settings
| - control panel settings
215
you create a preference item for windows internet explorer 10 and you configure the html editor option and it includes a red dashed underline. what do you do to enable this option?
press the f6 key
216
which of the following are control panel settings options in gpp? (choose all that apply)
power options extension
217
which of the following are windows settings options in gpp? (choose all that apply)
network shares
218
you want to configure the default home page for internet explorer for your organization. you have windows 7, windows 8, windows 9, and windows 10. how many preference items do you need to create?
3
219
which of the following preferences support editing state for gpp? (choose all that apply)
- folder options
| - regional and language settings
220
which printers are supported for gpp? (choose all that apply)
- tcp/ip printer
- local printer
- shared printer
221
how do you include multiple targeting items when configuring gpp?
use logical operators
