NOS 230 Final

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Active Directory metadata describes the actual Active Directory data, not the Active Directory database.

False

If your domain includes Windows Server 2003 or older DCs, it's using DFSR to replicate SYSVOL.

False

You run a PKI that has issued tens of thousands of certificates to hundreds of thousands of clients. You have found that the traffic created when clients download the CRL is becoming excessive. What can you do to reduce the traffic caused by clients downloading the CRL?

Use a Delta CRL

You have a network of Windows Server 2016 servers, and you wish to allow remote users the ability to access network applications from any device that supports a Web browser?

Web Application Proxy

A claims provider is the resource partner that accepts claims from the business partner to make authentication and authorization decisions.

false

CA Administrator approves requests for certificate enrollment and revocation.

false

If a certificate is not renewed before the validity period expires, the certificate can still be used until the renewal period ends.

false

Version 5 templates allow customization of most certificate settings and permit autoenrollment.

false

Users can request certificates that aren't configured for autoenrollment by using the Certificates snap-in.

true

How often does garbage collection run on a DC?

12 hours

In a new partnership with XYZ Company, ABC company wants to share documents securely using Web-based applications. All communication must be secure, and document usage must be controlled. Both companies run Windows Server 2016 domains but must remain in separate forests. What can you implement to facilitate this partnership?

AD Federation Services and AD Rights Management Services

Which feature was first introduced with Windows Server 2012 R2, and are new Active Directory containers to which authentication policies can be applied to restrict where high-privilege user accounts can be used in the domain?

Authentication Policy silos

Which of the following is created using a hash algorithm and can be used to verify the authenticity of a document?

Digital signature

What can you install on a Windows Server 2016 server that can scan documents and apply rights policy templates automatically based on resource properties?

FSRM

A site bridge is needed to connect two or more sites for replication.

False

By default, subnets are created in Active Directory Sites and Services

False

Which type of CA in the three-level hierarchy is sometimes referred to as a policy CA and issues certificates to issuing CAs?

Intermediate

Why might it be a good idea to configure multiple domains in a forest?

Need for differing account policies

Which of the following contains a list of users and specifies what the users can do with a rights-protected document?

Publishing license

What features should you configure if you want to limit access to resources by users in a trusted forest, regardless of permission settings on these resources?

Selective authentication

What type of certificate enrollment issues certificates that users can use to log on to a system by entering a PIN?

Smart card enrollment

Before you configure a forest trust, what should you configure to ensure you can contact the forest root of both forests from both forests?

Stub zones

A domain controller clone is a replica of an existing DC.

True

Before you can install a DC running a newer Windows Server version in an existing forest with a lower functional level, you must prepare existing DCs with the adprep.exe command-line program,

True

Before you can install an RODC, the forest functional level must be at least Windows Server 2003.

True

There's only one global catalog per forest.

True

Universal groups allow administrators to assign rights and permissions to forest-wide resources to users from any domain.

True

Which of the following is issued to users when they request access to a rights-protected document?

Use license

Which of the following is true about the domain functional level?

You can have different functional levels within the forest

Which command analyzes the overall health of Active Directory and performs replication security checks?

dcdiag

What feature allows non domain-joined devices to access claims-based resources securely?

device registration

Which of the following manages adding, removing, and renaming domains in the forest?

domain naming master

Which option will allow private keys to be locked away and then restored if the user's private key is lost?

key archival

A Web Application Proxy server needs two NICS installed to function correctly.

true

A delegated installation allows a domain administrator to create the RODC computer account in Active Directory, so a that a regular user can perform the installation at a later time.

true

An Active Directory snapshot is a replica of the Active Directory database at a specific moment.

true

Certificate autoenrollment is an option only on enterprise CAs.

true

Device registration is a feature that allows non domain-joined devices to access claims-based resources securely.

true

Multi-factor authentication means users must authenticate with more than one device.

true

Which option below is not one of the three main methods for cleaning up metadata?

wbsadmin.exe


Kaugnay na mga set ng pag-aaral

Data Structures & Algorithms with Java

View Set

Science Unit 3: Chemistry, atoms, molecules; October 20, 2014

View Set

Mood and Affect Practice Questions

View Set

Which one of the following statement is True about the health continuum?

View Set