ITN260 - End of Chapter 11-19 Quizzes
What is required by DNS for active directory to function? A: Dynamic updates support B: DHCP forwarding support C: SRV records support D: Active Directory integration
C: SRV records support
Which of the following techniques can you use to apply GPO settings to a specific group of users in an OU? A: GPO Linking B: Administrative templates C: Security filtering D: Starter GPOs
C: Security filtering
What are the different kinds of groups?
Group types include security and distribution Group scopes: domain local, global, and universal
When installing software using group policy, what file or files does an admin use?
windows installer package files, or .msi files. Modifications to the package files are transform file, or .mst files. Patch files are designated as .msp files.
Which of the following would be the correct FQDN for a resource record in a reverse lookup zone if the computer's ip address is 10.75.143.88? A: 88.143.75.10.in-addr.arpa B: 10.75.143.88.in-addr.arpa C: in-addr.arpa.88.143.75.10 D: in-addr.arpa.10.75.143.88
A: 88.143.75.10.in-addr.arpa
Which of the following best describes the function of a starter GPO? A: A starter GPO functions as a template for the creation of new GPOs B: A starter GPO is the first GPO applied by all Active Directory clients C: Starter GPOs use a simplified interface for elementary users D: Starter GPOs contain all of the settings found in the default Domain Policy GPO
A: A starter GPO functions as a template for the creation of new GPOs
A DNS server that hosts a primary or secondary zone containing a particular record can issue the following response to a query for that record: A: Authoritative answer B: Non-authoritative answer C: Referral answer D: Non-referral answer
A: Authoritative answer
What are some best practices when creating internal DNS namespaces Select Best Answer. A: Avoid an excessive number of domain levels. B: Keep domain names full and descriptive; avoid concise subdomains. C: Place less importance on a convention compared to spelling. D: Never abbreviate.
A: Avoid an excessive number of domain levels
You are preparing to deploy win 8 to a large number of new workstations. Which of the following options would be best? A: Install Win8 using pre-boot execution environment PXE and windows deployment services WDS B: Delegate the work to a team of local administrators to divide up C: Manually install the operating system yourself D: Manually configure each workstation's IP address
A: Install Win8 using pre-boot execution environment PXE and windows deployment services WDS
The following is a hexadecimal address that is uniquely associated with a specific network interface card NIC: A: MAC B: JET C: BOOTP D: IETF
A: MAC
What is the powershell cmdlet syntax for creating a new user account? A: New-ADUser B: New-User C: New-SamAccountName D: There is no PowerShell cmdlet for user creation
A: New-ADUser
When multiple GPOs are linked to a container, which GPO in the list has the highest priority? A: The last B: The first C: The most permissive D: The most restrictive
A: The last
When you apply a GPO with a value of Not Configured for a particular setting to a system on which that same setting is disabled, what is the result? A: The setting remains disabled B: The setting is changed to not configured C: The setting is changed to enabled D: The setting generates a conflict error
A: The setting remains disabled
Which of the following is not a correct reason for creating an OU? A: To create a permanent container that cannot be moved or renamed B: To duplicate the divisions in your organization C: To delegate administration tasks D: To assign different Group Policy settings to a specific group of users or computers
A: To create a permanent container that cannot be moved or renamed
Which of the following are local groups to which you can add users with the Windows Control Panel? (choose all that apply) A: Users B: Power Users C: Administrators D: Nonadministrators
A: Users C: Administrators
What servers should not be DHCP clients? A: Web servers, DHCP servers, and domain controllers B: Workstations C: End user laptops D: Computers which might have IP addresses in the exclusion range.
A: Web servers, DHCP servers, and domain controllers
After configuring and deploying the Audit Directory service access policy, what must you do before a computer running Windows Server 2012 R2 begins logging Active Directory access attempts? A: You must select the Active Directory objects you want to audit in the active directory users and computer console B: You must wait for the audit policy settings to propagate to all of the domain controllers on the network C: You must open the Audit Directory Service Access Properties sheet and select all of the Active Directory objects you want to audit D: You must add an underscore character to the name of every Active Directory object you want to audit
A: You must select the Active Directory objects you want to audit in the active directory users and computer console
Data from a primary zone is transmitted to secondary zones using the following: A: Zone transfer B: Zone transmission C: DNS Zone D: Active Directory replication
A: Zone transfer
By exporting the windows firewall policy, you have a file with a .wfw extension that contains _______. A: All its rules, including the preconfigured rules and the ones you have created or modified B: All the rules you have created or modified C: Preconfigured rules to be applied to another firewall D: Firewall settings as specified by the Group Policy settings
A: all its rules, including the preconfigured rules and the ones you have created or modified
You are planning an active directory implementation for a company that currently has sales, accounting, and marketing departments. All department heads want to manage their own users and resources in active directory. What feature will permit you to set up active directory to allow each manager to manage his or her own container but not any other containers? A: delegation of control B: Read-only domain controller C: Multimaster replication D: SRV records
A: delegation of control
Which of the following cannot contain multiple active directory domains? A: organizational units B: sites C: trees D: forests
A: organizational units
What is the default trust relationship between domains in one forest? A: two-way trust relationship between domain trees B: By default, no trust relationship between domain trees C: one-way trust relationship between domain trees D: Each domain tree trusts the forest, but not between each other
A: two-way trust relationship between domain trees
In a domain running at the Windows Server 2012 R2 domain functional level, which of the following security principals can be members of a global group? (Choose all that apply) A: users B: computers C: universal groups D: global groups
A: users , B: computers , D: global groups
What two graphical tools will help create either user or computer objects?
Active directory administrative center (ADAC) Active directory users and computers (ADUC)
What is the key benefit to using ADAC or the active directory users and computers console?
Active directory administrative center (ADAC) allows you to modify the properties of multiple users or computers at once
What is the simplest way for admins to upgrade their active directory domain services infrastructure to win server 2012?
Add a new win server 2012 server to your existing directory services installation
WHich of the following types of DHCP address allocation is the equivalent of a reservation in win server 2012 R2? A: dynamic allocation B: automatic allocation C: manual allocation D: hybrid allocation
C: Manual allocation
Which of the following types of files do Group Policy tools access from a Central Store by default? A: ADM files B: ADMX files C: Group Policy objects D: Security templates
B: ADMX files
What is the purpose of the audit policy section of a local group policy objects GPO? A: Administrators can log successful and failed security events, such as logon events, database errors, and system shutdowns B: Administrators can log successful and failed security events, such as loss of data account access, and object access C: Administrators can log successful and failed security events, forwarded from other systems D: Administrators can log events related specifically to domain controllers
B: Administrators can log successful and failed security events, such as loss of data account access, and object access
What client applications utilize Domain Name system to resolve host names into IP addresses? Select Best Answer. A: Client web browsers, or any application that uses HyperText Transfer Protocol (http) use DNS to resolve host names into IP addresses. B: All Internet application working with host names must use DNS to resolve host names into IP addresses. C:Any application on a system that has connectivity to the Internet use DNS to resolve hostnames into IP addresses. D: DNS does not resolve host names into IP addresses.
B: All Internet application working with host names must use DNS to resolve host names into IP addresses
Which of the following statements about windows firewall are true? (choose all that apply) A: Applying firewall rules with group policy overwrites all of the rules on the target computer B: Applying firewall rules with group policy combines the newly deployed rules with the ones already there C: Importing firewall rules saved from another computer overwrites all of the rules on the target system D: Importing firewall rules saved from another computer combines both sets of settings
B: Applying firewall rules with group policy combines the newly deployed rules with the ones already there C: Importing firewall rules saved from another computer overwrites all of the rules on the target system
Which of the following is not one of the default security levels that can be used with a software restriction policy? A: Basic User B: Unrestricted C: Restricted D: Disallowed
C: Restricted
Which of the following actions can you not perform from the Windows firewall control panel? (Choose all that apply) A: Allow an application through the firewall on all three profiles B: Block all incoming connections for any of the three profiles. C: Create firewall exceptions based on port numbers for all three profiles D: Turn Windows Firewall off for all three profiles.
B: Block all incoming connections for any of the three profiles. C: Create firewall exceptions based on port numbers for all three profiles
When a user attempts to visit an Internet-based e-mail accounts, what is the response of the windows firewall? A: Firewalls will not permit the user to visit non-corporate website B: Firewalls by default will not block client-initiated network traffic C: Firewalls will block the webmail account unless the user is already authenticated D: Firewalls by default will block all outbound traffic
B: Firewalls by default will not block client-initiated network traffic
Connection security rules require that network traffic allowed through the firewall use which of the following security mechanisms? A: EFS B: IPsec C: UAC D: kerberos
B: IPsec
What can be used to add, delete, or modify objects in Active directory, in addition to modifying the schema if necessary? A: DCPROMO B: LDIFDE C: CSVDE D: NSLOOKUP
B: LDIFDE
What is the powershell cmdlet syntax for creating a new computer object? A: New-Computer -Name <computer name> -path <distinguished name> B: New-ADComputer -Name <computer name> -path <distinguished name> C: New-ComputerName <computer name> -path <distinguished name> D: There is no PowerShell cmdlet for creating computer objects
B: New-ADComputer -Name <computer name> -path <distinguished name>
You are attempting to delete a global security group in the active directory users and computers console, and the console will not let you complete the task. Which of the following could possible be cases for the failure? (Choose all that apply) A: There are still members of the group B: One of the group's members has the group set as its primary groups C: You do not have the proper permissions for the container in which the group is located D: you cannot delete global groups from the active directory users and computers console
B: One of the group's members has the group set as its primary groups C: You do not have the proper permissions for the container in which the group is located
What is the primary benefit of a DNS forwarder? Select Best Answer. A: Exchanging iterative queries for recursive queries across the network perimeter. B: Reducing the traffic and making efficient use of available bandwidth across the network perimeter. C: Making the most of iterative queries to other DNS servers. D: Reducing the burden on the Internet's root name servers.
B: Reducing the traffic and making efficient use of available bandwidth across the network perimeter
Which of the following tools would you use to modify the settings in a security template? A: Active Directory Users and Computers B: Security Templates Snap-in C: Group Policy Objects Editor D: Group Policy Management Console
B: Security Templates snap-in
A DHCP client first attempts to reacquire its lease at half the lease time, which is known as: A: DHCP reservation B: T1 C: T2 D: DHCP lease
B: T1
Which of the following items is a valid leaf object in Active directory? A: Domain B: User C: Application partition D: OU
B: User
What are the two interfaces for creating and managing local user accounts for a computer joined to the domain? A: Control panel and ADAC B: User accounts control panel and the local users and groups snap-in for MMC C: ADAC and the Active Directory Users and Computers snap-in for MMC D: Server Manager and PowerShell
B: User accounts control panel and the local users and groups snap-in for MMC
Your DHCP servers are burdened with heavy traffic, most related to IP address renewals. Unfortunately, virtually all the IP addresses in each of your subnets are allocated. Which of the following options is the best way to lower the renewal traffic? A: Increase the lease time B: Deploy additional DHCP servers on the most burdened subnets C: Shorten the lease time D: Switch to manual allocation
B: deploy additional DHCP servers on the most burdened subnets
Which of the following does an active directory client use to locate objects in another domain? A: DNS B: global catalog C: DHCP D: site link
B: global catalog
Which of the following group scope modifications are not permitted? (Choose all that apply) A: Global to universal B: Global to domain local C: Universal to global D: Domain local to universal
B: global to domain local C: universal to global
Which of the following describes the mathematical equation that creates a digital "fingerprint" of a particular file? A: hash rule B: hash algorithm C: Software restriction policy D: Path rule
B: hash algorithm
When using CSVDE, what is the first line of the text file that uses proper attribute names? A: header row B: header record C: name row D: name record
B: header record
You have assigned several applications using GPOs. Users have complained that there is a delay when they double-click on the application icon, which you know is the result of the application being installed in the background. What option can you use to pre-install assigned applications when user log on or power on their computers? A: Uninstall when the application falls out of scope B: install this application at logon C: Advanced Installation Mode D: Path Rule
B: install this application at logon
What are the two basic classes of active directory objects? A: resource B: leaf C: domain D: container
B: leaf D: container
Which of the following is not one of the elements of the domain name system DNS? A: resolvers B: relay agents C: name servers D: name space
B: relay agents
Which of the following network components are typically capable of functioning as DHCP relay agents? (all that apply) A: Windows 8 computers B: routers C: switches D: win server 2012 components
B: routers D: win server 2012 components
You want to deploy several software applications using group policy, such that the applications can be manually installed by the users from the add/remove programs applet in their local control panel. Which installation option should you select? A: Assign B: Disallowed C: Publish D: Unrestricted
C: Publish
Group Policy settings are divided into two subcategories; User configuration and computer configuration. Each of these two settings is further organized into three subnodes. What are the three subnodes? A: software settings, windows settings, and delegation templates B: software settings, windows settings, and administrative templates C: security settings, windows settings, and delegation templates D: security settings, windows settings, and administrative templates
B: software settings, windows settings, and administrative templates
What is the maximum length for a fully qualified domain name, including the trailing period? A: 50 characters B: 63 characters C: 255 characters D: 255 characters for each individual domain name
C: 255 characters
Which of the following tools cannot enable and disable the network discover firewall rules? A: File Explorer B: Network and Sharing center C: Action center D: Allowed Apps dialog box
C: Action center
Which of the following are the two built in user accounts created automatically on a computer running win server 2012 R2? A: Network B: Interactive C: Administrator D: Guest
C: Administrator D: Guest
At which layer of the OSI model does DHCP operate? A: Session layer B: Network layer C: Application layer D: Presentation layer
C: Application layer
What are the three primary event logs? A: Application, Forwarded, and System B: Application, Security, and Setup C: Application, Security, and System D: Application, System, and Setup
C: Applications, Security, and System
Which of the following DHCP message types is sent first in process of obtaining an address lease? A: DHCPOFFER B: DHCPPACK C: DHCPDISCOVER D: DHCPREQUEST
C: DHCPDISCOVER
After you create a GPO that contains computer or user settings, but not both, what can you do for faster GPO processing? A: Set the priority higher for the configured setting area B: Manually refresh the GPO settings C: Disable the setting area that is not configured D: Regardless of whether part or all of the GPO is configured, the GPO is processed at the same speed
C: Disable the setting area that is not configured
Which of the following default security levels in software restriction policies will disallow any executable from running that has not been explicitly enabled by the active directory administrator? A: Basic User B: Restricted C: Disallowed D: Power User
C: Disallowed
What is the first domain installed in a new active directory forest called? A: Forest root domain B: Parent root domain C: Domain tree root D: Domain root
C: Domain tree root
When using Netdom.exe to join an account, you may add the parameter [/OU:OUDN] If this parameter is left out, where is the object placed? A: In the same OU as the administrator running Netdom.exe B: In the users container C: In the computers container D: Without the OU specified, the program will fail
C: In the computers container
Which of the following rules types apply only to windows installer packages? A: Hash rules B: Certificate rules C: Internet zone rules D: Path rules
C: Internet zone rules
Which of the following is not true about an object's attributes? A: Admin must manually supply information for certain attributes B: every container object has, as an attribute, a list of all the other objects it contains C: Leaf objects do not contain attributes D: Active directory automatically creates the globally unique Identifier (GUID)
C: Leaf objects do not contain attributes
What are the dangerous consequences of a poorly chosen time to live? Select Best Answer. A: Specifying a TTL that is too long can greatly increase traffic, especially to the root name and top-level domain servers. B: Specifying a TTL that is too long can delay referrals from being propagated. C: Specifying a TTL that is too short can overburden root name and top level domain servers with requests. D: Specifying a TTL that is too short can cause incorrectly cached information to remain before changes get recorded.
C: Specifying a TTL that is too short can overburden root name and top level domain servers with requests
One method a DHCP server allocates IP addresses is called manual allocation. This process involves manually assigning an IP address to a particular server. What is the key benefit of DHCP manual allocation over manually configuring the address directly on the server? A: The DHCP Server then contains a centralized list of permanently assigned IP addresses. B: The DHCP Server might pass on more information than just any IP address. C: This process prevents accidental duplication of permanently assigned IP addresses. D: This manually assigned address is officially known as a reservation.
C: This process prevents accidental duplication of permanently assigned IP addresses.
What did Microsoft introduce in Windows Server 2012 R2 to ensure users with admin privileges still operate routine tasks as standard users? A: New Group Policy and Local Security Policy B: Secure Desktop C: User account control (UAC) D: Built-in Administrator account
C: User account control (UAC)
If the user named Amy is located in the sales OU of the central.cohowinery.com domain, what is the correct syntax for referencing this user in a command line utility? A: amy.cohowinery.com B: cn=amy,ou=sales.dc=central.dc=cohowinery.com C: cn=amy,ou=sales,dc=central,dc=cohowinery,dc=com D: dc=com,dn=cohowinery,ou=sales,cn=amy
C: cn=amy,ou=sales,dc=central, dc=cohowinery,dc=com
This DNS configuration item will forward DNS queries to different servers based on the domain name of the query. A: iterative forwarder B: recursive forwarder C: conditional forwarder D: IPv6 forwarder
C: conditional forwarder
In the fully qualified domain name www.sales.contoso.com, which of the following is the second-level domain? A: www B: sales C: contoso D: com
C: contoso
Which of the following utilities do you use to perform an offline domain join? A: net join B: join C: djoin D: dconnect
C: djoin
Which of the following is not a type of user account that can be configured in win server 2012 R2? A: local accounts B: domain accounts C: network accounts D: built-in accounts
C: network accounts
Local GPOs are stored ________, whereas Domain GPOs are stored ______. A: in Active directory, in Active directory B: in Active directory, on the local computer C: on the local computer, in Active directory D: on the local computer, on the local computer
C: on the local computer, in Active directory
The following is an administrative grouping of scopes that is used to support multiple logical subnets on a single network segment: A: host B: scope C: superscope D: Multinet
C: superscope
The following feature is available only on Active Directory-integrated DNS zones: A: Dynamic updates B: Incremental zone transfers C: Reverse Lookup Zones D: Secure dynamic updates
D: Secure dynamic updates
Which file type is used by Windows installer? A: inf B: bat C: msf D: msi
D: .msi file
As part of your efforts to deploy all new applications using group policy, you discover that several of the applications you wish to deploy do not include the necessary installer files. What can you use to deploy these applications? A: Software restriction policies B: .msi files C: .mdb files D: .zap files
D: .zap files
The ipv6 DNS host record is referred to as an? A: A record B: AA record C: AAA record D: AAAA record
D: AAAA record
Which of the following rules will allow or disallow a script or a windows installer file to run on the basis of how the file has been signed? A: Path rule B: Hash rule C: Network zone rule D: Certificate rule
D: Certificate rule
Which of the following message types is not used during a successful DHCP address assignment? A: DHCPDISCOVER B: DHCPREQUEST C: DHCPACK D: DHCPINFORM
D: DHCPINFORM
Windows firewall uses three profiles to represent the type of network to which the server is connected. What are the three profiles? A: Private, Temporary and Authenticated B: Public, DMZ and Private C: Internet, Secure and Private D: Domain, Private, and Public
D: Domain, Private, and Public
Which of the following tools would you use to deploy the settings in a security template to all of the computers in a Active Directory services domain? A: Active Directory Users and Computers B: Security Templates Snap-in C: Group Policy Objects Editor D: Group Policy Management Console
D: Group Policy Management Console (GPMC)
What is an important difference between groups and OU's? A: An OU can represent the various divisions of your organization. B: Group membership can be a subset of an OU. C: OUs are a security entity. D: Group memberships are independent of the domain's tree structure.
D: Group memberships are independent of the domain's tree structure.
What is the order in which win systems receive and process multiple GPOs? A: LSOUD local, site, organizational units, and then domain B: LOUDS local, organizational units, domain, and then site C: SLOUD site, local, organizational units, and then domain D: LSDOU local, site, domain, and then organizational units
D: LSDOU local, site, domain, and then organizational units
Who may join a computer to the domain? A: No one, the computer does this itself when authenticating. B: The computer joins the domain as part of the object creation process. C: Only the domain administrator may join the computer to the domain. D: Members of the computer's local admins group may join the computer to the domain
D: Members of the computer's local admins group may join the computer to the domain
What is the primary purpose of name caching? Select Best Answer. A: Name caching saves extraordinary amount of time for the user. B: Name caching greatly reduces traffic on the company network. C: Name caching validates why you should deploy caching-only servers. D: Name caching enables the second name resolution request for the same name to bypass the referral process.
D: Name caching enables the second name resolution request for the same name to bypass the referral process.
Which of the following is a container object within active directory? A: Folder B: Group C: User D: OU
D: OU
To make use of PXE and WDS, what special config do you require on the server and client? A: The client must have a special PXE-enabled network adapter B: Both client and server are capable by default C: The client and server both require preparatory configuration D: The DHCP server on the network must have a custom PXEClient option (option 60) configured with the location of the WDS server on the network
D: The DHCP server on the network must have a custom PXEClient option (option 60) configured with the location of the WDS server on the network
Which of the following groups do you use to consolidate groups and accounts that either span multiple domains or the entire forest? A: Global B: Domain local C: Built-in D: Universal
D: Universal
The built-in local groups on a server running Win Server 2012 r2 receive their special capabilities through which of the following mechanisms? A: Security options B: Windows Firewall rules C: NTFS Permissions D: User rights
D: User rights
Which of the following GPO's takes precedence on a system with multiple local GPO's? A: Local group policy B: Administrators group policy C: Nonadministrators group policy D: User-specific group policy
D: User-specific group policy
By default, linking a GPO to a container causes all the users and computers in that container to receive the GPO settings. How can you modify the default permission assignments so that only certain users and computers receive the permissions and, consequently, the settings in the GPO? A: You cannot separate or divide permission assignments with the linked container B: You can create and link a different GPO to the applicable objects, overriding the previous GPO C: You remove the applicable objects and place in a new container D: You apply security filtering in the Group Policy Management console
D: You apply security filtering in the Group Policy Management console
Which of the following is the filter criterion most commonly used in firewall rules? A: IP addresses B. subnet masks C: protocol numbers D: port numbers
D: port numbers
In the windows firewall with advanced security console, while creating a new rules, the program page specifies whether the __________. A: rule applies to all programs, to one specific program B: rule applies to all users, to one specific user C: rule applies to all systems, to one specific system D: rule applies to all programs, to one specific program, or to a specific service
D: rule applies to all programs, to one specific program, or to a specific service
What command-line utility allows admins to modify groups' types and scope as well as add or remove members?
Dsmod.exe
What are the different types of Group Policy objects (GPOs)?
Local, domain, and starter
Group policies applied to parent containers are inherited by all child containers and objects. What are the ways you can alter inheritance?
Using the enforce, block policy inheritance, or loopback settings
Is it possible to add ad ds on a computer running server core?
Yes, you use powershell, by first installing ad ds role, and then promoting the server to a dc