Vous êtes sur la page 1sur 13

Scribd Upload a Document Search Documents Explore Documents People Authors Students Researchers Publishers Government & Nonprofits

s Government & Nonprofits Businesses Musicians Artists & Designers Teachers + all categories Most Followed Popular Sign Up | Log In Books - Fiction Books - Non-fiction Health & Medicine Brochures/Catalogs Government Docs How-To Guides/Manuals Magazines/Newspapers Recipes/Menus School Work + all categories Featured Recent

/ 30 Download this Document for Free Lesson 1Lesson 1 Fill in the Blank Complete the following sentences by writing the correct word or words in the blanks provided. 1.The Active Directory database is stored on each domain controller in a file called _____ ntds.dit ____.2.The Active Directory __ forest ____ is considered the security boundary for an Active Directory environment.3.To provide fault tolerance, Active Directory utilizes a _ multimaster _ replication model.4.To create a trust relationship

with an NT4 domain, you will configure a(n) __ external trust __.5.The _ Domain _ naming context is replicated across the domain.6.Each object in the schema must have a unique ___ OID ___.7. A(n) __ cross-forest trust __ provides a two-way transitive trust relationship between all domains within two forests.8.Each domain in an Active Directory forest has a(n) ___ two-way transitive ___ trust relationship with every other domain in a forest.9.___ Universal group caching ___ allows a user at a remote site to be able to log into Active Directory without needing to contact aglobal catalog server.10.Active Directory clients rely on ___ SRV records ___ in DNS to locate Active Directory resources such as domain controllers andglobal catalog servers. Multiple Choice Circle the correct choice. 1.Which of the following items is a valid leaf object in Active Directory?a.Domain b.User c.Application partitiond.OUExcept for a user object, all of the listed choices are container objects that can contain additional Active Directory objectswithin them. A user object is the only leaf object listed.2.Which of the following domain controllers can be joined to a forest that is currently set at the Windows Server 2008 forestfunctional level? a.Windows 2000 b.Windows Server 2003c.Windows Server 2008d.Windows NT 4.0When an Active Directory forest is set to the Windows Server 2008 forest functional level, onlyWindows Server 2008domain controllers can be joined to any domain within the forest from that point forward.3.You are planning an Active Directory implementation for a company that currently has sales,accounting, and marketingdepartments. All department heads want to manage their own users and resources in Active Directory. What feature will permit you to set up Active Directory to allow each manager to manage his or her own container but not any other containers? a . D e l e g a t i o n o f c o n t r o l b.Read-only domain controller c.Multimaster r e p l i c a t i o n d . S R V r e c o r d s Using delegation of control within Active Directory, you can assign granular permissions within thedirectory. Therefore, delegated administrators can have elevated rights to only the specified objectsand/or containers.4.What is required by DNS for Active Directory to function?

a.Dynamic update support b.DHCP forwarding supportc . S R V r e c o r d s s u p p o r t d . A c t i v e D i r e c t o r y i n t e g r a t i o n Of the listed choices, only SRV records support is required by DNS for Active Directory to function.Dynamic update support is helpful in supporting an Active Directory environment, but it is not arequirement.5.If the user named Amy is located in the sales OU of the central.cohowinery.com domain, what is thecorrect syntax for referencing this user in a command line utility?a . a m y . c o h o w i n e r y . c o m b . c n = a m y . o u = s a l e s . d c = c o h o w i n e r y . c o m c.cn=amy,ou=sales,dc=central,dc=cohowinery,dc=co md . d c = c o m , d n = c o h o w i n e r y , o u = s a l e s , c n = a m y The correct syntax of a distinguished name lists the leaf object first, any OUs or containers second, andthe components of the Active Directory domain name last.6.RODCs do not participate in which of the following?a . R e p l i c a t i o n b . C r o s s - f o r e s t t r u s t s c . O u t b o u n d r e p l i c a t i o n d . E x t e r n a l t r u s t s Read-Only Domain Controllers do not perform any type of outbound replication within ActiveDirectory. They accept inbound changes from writeable domain controllers, but do not replicate anylocal changes to the rest of the domain or forest.7.Which naming context contains forest-wide data about the physical topology of an Active Directory forest? a . S c h e m a b.ForestDNSZonesc. Conf ig u ra ti on d. D omai nDN SZ o n e s The Configuration NC is replicated forest-wide. It contains data about Active Directory sites, subnets,and other forest-wide configuration data.8.Which of the following is a container object within Active Directory?a . F o l d e r b . G r o u p c . U s e r d . O U Of the listed choices, only the organizational unit (OU) is a container object within Active Directory. Afolder may contain other objects within the file system, but of the choices here, only an OU maycontain other objects within Active Directory.9.What is the first domain installed in a new Active Directory forest called?a . F o r e s t r o o t d o m a i n b . P a r e n t r o o t d o m a i n c . D o m a i n t r e e r o o t d . D o m a i n r o o t The forest root domain is the first domain installed in an Active Directory forest; while it cansubsequently be renamed, it cannot be decommissioned without decommissioning the entire forest. 10.Which of the following is the security boundary within Active Directory? a . F o r e s t b . D o m a i n c . D o m a i n t r e e d

The

security boundary within Active Directory is the forest. Active Directory domains provideadministrative boundaries, but the true security boundary is at the forest level. Chapter 2Chapter 2 Fill in the Blank Complete the following sentences by writing the correct word or words in the blanks provided. 1.You can install Active Directory from the Windows command- line using the __ dcpromo __ utility.2 . T h e _ Password Replication Policy _ will configure which user accounts will or will not be cached onan RODC.3 . T h e _ nslookup _ command allows you to troubleshoot DNS information from the command line.4.To install Active Directory on a Server Core computer, you will need to use a(n) _ unattendedinstallation _.5 . Y o u c a n u s e _ User Principal Names (UPNs) _ to ease the user logon process in a large, multidomainenvironment.6 . T h e _ _ SYSVOL __ shared folder is replicated to each domain controller and stores domain-wideinformation such as Group Policy Objects and login scripts.7 . A c t i v e D i r e c t o r y _ latency _ refers to the amount of time it takes for changes to replicate to everydomain controller in an environment.8._ Incremental _ zone transfers allow modern DNS servers to replicate only records that have beenchanged, rather than the contents of an entire zone.9 . T h e A c t i v e D i r e c t o r y D o m a i n S e r v i c e s _ _ binaries __ are not installed on a Windows Server 2008computer until you add the AD DS role to the computer.10.If two SRV records have the same priority, the frequency by which they are accessed by clients will bedetermined by their relative _ weight _. Multiple Choice Select the correct answer for each of the following questions. Choose all answers that are correct. 1.What mechanism within DNS is used to set up load balancing between multiple servers that are advertising the sameSRV records?a . P r o t o c o l b . D o m a i n n a m e c . P o r t d . P r i o r i t y Clients will always use DNS records with a lowernumbered priority before one with a higher-numbered priority. Clientsonly use a host with a higher-numbered priority SRV record if hosts corresponding to lower-numbered SRV recordsare unavailable.2.What security improvement allows you to begin the installation of an RODC from a secure central location beforecompleting it at the remote site where the RODC will be housed?a . S t a g e d i n s t a l l a t i o n b . T w o - p a r t installationc . P a r t I i n s t a l l a t i o n

d . M u l t i - p a r t i n s t a l l a t i o n The staged installation of RODC allows you to delegate the ability to install an RODC without granting rights within ActiveDirectory itself, which allows you to further secure the process of creating an RODC.3.What does each class or attribute that you add to the Active Directory schema need to have? a . P r o t o c o l b . O b j e c t I d e n t i f i e r c . P r i o r i t y d . P o r t Each Object Identifier, represented by a dotted-decimal notation string such as 2.5.4.20, must be globally unique within anActive Directory forest.4.Which Windows Server 2008 feature enables you to perform certain Active Directory maintenance functions withoutneeding to reboot the domain controller?a . D i r e c t o r y S e r v i c e s R e s t o r e Mode b . S a f e M o d e c . S a f e M o d e w i t h N e t w o r k i n g d.Restartable Active D i r e c t o r y Restartable Active Directory is a new feature of Windows Server 2008 that enables you to place the ntds.dit file in an offlinemode, allowing you to start and stop Active Directory.5.Which utility allows you to create, remove, and maintain Active Directory trust relationships from the command-line? a . R e p a d m i n b . N s l o o k u p c . N e t d o m d . S h s t a t In Active Directory, you can manage trust relationships using the Active Directory Domains & Trusts MMC snap-in GUIinterface. If you prefer to work from the command line, you can use the built-in netdom.exe utility.6.What is the new unified tool, introduced by Windows Server 2008, for managing numerous aspects of a 2008 server? a . C o m p u t e r M a n a g e m e n t b . S e r v e r M a n a g e r c.Active Directory Users & C o m p u t e r s d . A c t i v e D i r e c t o r y D o m a i n s & T r u s t s Windows Server 2008 introduces the Server Manager console, which allows you to perform network configuration tasks,manage the Windows Firewall, and add and remove server roles and features from a single point of administration.7.Although all writeable domain controllers use multimaster replication, there are certain sensitive operations that can only be controlled by one DC at a time. What is this functionality known as?a.Flexible Single Master Operations (FSMO) roles b.Flexible Multiple Master Operations (FMMO) rolesc . F l e x i b l e S i n g l e O p e r a t i o n s M a s t e r ( F S O M ) r o l e s d.Flexible Multiple Operations Master (FMOM) roles There are two forestwide and three domain-wide FSMO roles. The first domain controller installed in a forest holds allfive FSMO roles

for the forest root domain; the first DC in any additional domains holds all three domain-wideFSMO roles for the new domain.8.What Windows Server 2008 feature allows you to configure a user or group as the local administrator of an RODCwithout delegating any rights to the user or group within Active Directory?a.Flexible Single Master Operations (FSMO) roles b . A d m i n R o l e S e p a r a t i o n c S t a g e d I n s t a l l a t i o n s d.Active Directory Lightweight Domain Services (AD LDS)The Admin Role Separation feature is only available on Read-Only Domain Controllers; you cannot configure this featureon writeable DCs because they still participate in multimaster replication.9.What is a new installation option in Windows Server 2008 that features a minimal installation footprint designed to runspecific infrastructure services? a . R O D C b . F S M O c . S e r v e r C o r e d.Web Server E d i t i o n The Server Core installation option in Windows Server 2008 runs almost entirely without a graphical user interfaceand needs to be administered primarily from the command line.10.What term describes the length of time for which a DNS record is valid, after which it needs to be re-registered? a . P r o t o c o l b . P r i o r i t y c . W e i g h t d . T i m e - t o - L i v e The TTL guards against scenarios in which out-of-date DNS records remain active within a DNS server. This field isreferred to as the hop limit in IPv6. Lesson 3Lesson 3 Fill in the Blank Complete the following sentences by writing the correct word or words in the blanks provided. 1.The amount of time that it takes for a change to be replicated to all domain controllers in anenvironment is called _ convergence _.2 . T h e d e f a u l t _ _ cost __ of any new site link is 100.3 . I n t e r s i t e r e p l i c a t i o n u s e s _ _ compressed __ traffic to reduce the impact to bandwidth on corporate WANlinks.4 . T h e K C C c r e a t e s a ( n ) _ _ dual counter-rotating ring __ to allow replication to take place in the oppositedirection in the event that a single domain controller in the replication topology fails.5 . T h e p u r p o s e o f t h e K C C i s t o c r e a t e a ( n ) _ _ replication topology __ between multiple domaincontrollers within a site as well as between sites.6.By default, all Active Directory site links are __ transitive __.7.When Active Directory detects a replication conflict in which two objects have been modified nearlysimultaneously, the first attribute that Active Directory will use as a tie-breaker is the __ version ID __.8 . A c t i v e D i r e c t o r y w i l l d e s i g n a t e a ( n ) _ _ bridgehead server __ within each site to manage intersitereplication activity.9 . T h e m i n i m u m _ _ frequency __ that you can assign to a site link is 15 minutes.10.Within a single site, domain controllers will use __ change notification __ to inform other DCs thatintrasite replication needs to take place. Multiple Choice Circle the letter that corresponds to the best answer 1.The KCC is responsible for calculating intrasite replication partners. During this process, what is themaximum number of hops that the KCC will allow between domain controllers?a.2

b . 3 c.4d.5The built-in algorithm used by the KCC ensures that any Active Directory site is no more than threehops away from any other Active Directory site. If sites are added to Active Directory, the KCC cancreate additional connection objects to maintain this 3 hop rule.2.Replication that occurs between sites is called ____________ replication. a . L o c a l b . R e m o t e c . I n t e r s i t e d . I n t r a s i t e In trasite replication takes place between domain controllers within a single Active Directory site.Intersite replication takes place between domain controllers contained within different ActiveDirectory sites.3.Company XYZ is a national company with locations in Detroit, Minneapolis, Phoenix, and Dallas. There are two connections between Detroit and Minneapolis. The first is a T-1 link and the second is a128-Kbps link. When setting up the site links for replication, what should you do to ensure that the128-Kbps link is used only if the T-1 is unavailable?a.Set a cost of 1 for the T-1 and a cost of 5 for the 128-Kbps link. b.Set a cost of 5 for the T-1 and 1 for the 128-Kbps link. c . L e a v e t h e c o s t s a t t h e i r d e f a u l t v a l u e o f 1 0 0 . d.Change the schedule manually to disallow replication on the 128-Kbps link until it is needed. When selecting between multiple site links connecting the same two sites, the KCC compares site link costs and selects the one with the lower cost. Only if that site link is not available will it use the sitelink with a higher configured cost.4.You are the administrator for a network that has several sites. There is a site

link from the mainheadquarters to each remote site for file transfer and replication purposes. You have been asked tocreate five new users on the network, and several of the users need immediate access to network applications. When asked by your manager how long replication of these new accounts will take, whatis your response?a.Replication occurs every 180 minutes by default. b . R e p l i c a t i o n o c c u r s a t 1 5 minute intervals.c.Replication occurs as soon as the account is added.d.Replication occurs only between 12:00 AM and 6:00 AM .The default replication interval for intersite replication is every 180 minutes, which can be modified totake place as frequently as every 15 minutes.5.Given the scenario in question 4, how long would it take for other DCs within the headquarters site toreplicate the accounts belonging to the new users?a.Replication occurs every 180 minutes by default. b . R e p l i c a t i o n o c c u r s a t 1 5 - m i n u t e i n t e r v a l s . c.Replication occurs within 45 seconds of the account being added. d . R e p l i c a t i o n o c c u r s o n l y b e t w e e n 12:00 AM and 6:00 AM .Replication within a single Active Directory site takes place almost immediately; therefore, DCswithin the same site are brought to a consistent state as quickly as possible.6. What mechanism is used by an Active Directory domain controller to indicatethat it has unreplicated changes to communicate to its replication partners?a . P r e f e r r e d b r i d g e h e a d s e r v e r s b . C h a n g e n o t i f i c a t i o n t e l i n k b r i d g e s tersite replication ld you disable automatic site-link bridging within Active Directory Sites and Services?e n y o u n e e d t o c o n f i g u r e i n t e r s i t e r e p l i c a t i o n n you wish to configure different costs for your site linkse n y o u r p h y s i c a l n e t w o r k i s n o t f u l l y r o u t e d n you wish to control the hours during which intersite replication will occur ize client authentication and location of resources, which kind of object should each Active. S i t e l i n k s b . C o s t s n n e c t i o n objects. S u b n e t s h of the following naming contexts are replicated across an entire Active Directory forest?n f i g u r a t i o n a n d S c h e m a . S c h e m a a n d D o m a i n D N S Z o n e s f i g u r a t i o n a n d F o r e s t D N S Z o n e s h e m a a n d F o r e s t D N S Z o n e s ones replicates to every DC in a particular domain that is configured as a DNSones replicates to every DC in a forest that is configured as a DNS server.ng a site link, you can configure it to use which of the following protocols?P / I P o r R P C o v e r I P . R P C o v e r IP or SMTP. S M T P o r T C P / I P . S M T P o r C I D R y, the __ . M a i n d a t a b a s e .Central cataloglobal databas e loba l c a t a l o g . P D C E m u l a t o r .Infrastructure Master . S c h e m a M a s t e r l o b a l c a t a l o g tory domain also. T C P 4 4 5 b . U D P 1 3 7 . T C P 3 2 6 8 . U D P 4 4 5 n Naming Master, 1 Schema Master, 3 PDC Emulators, 3 Infrastructure Masters, 3 RID Masters n Naming Masters, 3 Schema Masters, 3 PDC Emulators, 3 Infrastructure Masters, 3 RID Masters n Naming Master, 1 Schema Master, 4 PDC Emulators, 4 Infrastructure Masters, 4 RID Masters

Lessons 1-13 Answers Download this Document for FreePrintMobileCollectionsReport Document

This is a private document.

Info and Rating Follow frontaccess Share & Embed Related Documents PreviousNext 1.

26 p.

26 p.

385 p.

2.

385 p.

385 p.

48 p.

3.

1159 p.

47 p.

47 p.

4.

47 p.

11 p.

76 p.

5.

38 p.

26 p.

20 p.

6.

32 p.

21 p.

6 p.

7.

173 p.

173 p.

173 p.

8.

53 p.

385 p.

385 p.

9.

385 p.

48 p.

42 p.

More from this user PreviousNext 1.

30 p.

Add a Comment

Submit Characters: 400

Send me the Scribd Newsletter, and occasional account related communications. Upload a Document Search Documents Follow Us! scribd.com/scribd twitter.com/scribd facebook.com/scribd About Press Blog Partners Scribd 101 Web Stuff Support FAQ Developers / API Jobs Terms Copyright Privacy

Copyright 2012 Scribd Inc. Language:

English