CS 410 Final Review
List the sequence of events that takes place to ensure that data is encrypted during the transfer when someone accesses a website.
1.) After a web server has a certificate, Web browsers will download the certificate instead of the public key. 2.) Web browser will perform the following tasks to validate the certificate: Confirm that the certificate has not expired, Ensure that the CRL does not list the certificate serial number, decrypt the digital signature using the trusted root, and verify that the hash in the digital signature matches the hash of the public key in the certificate. 3.) Web browser generates a symmetric key that is encrypted using the public key in the certificate 4.) The Web browser then sends the encrypted symmetric key to the Web server. 5.) The encrypted symmetric key is encrypted using the Web server's private key. 6.) The decrypted key is used to perform symmetric encryption.
What is a starter GPO, and how is it created?
A starter GPO is a template that can be used to simplify the configuration of Administrative Templates in new GPOs. To create a starter GPO, you can right-click the Starter GPOs folder, click New, and specify a GPO name. Following this, you must edit the GPO to include settings that you wish to include in your GPO template.
Explain continuous deployment.
Continuous deployment is the process whereby new versions of Web apps are regularly sent to a cloud provider for testing and deployment. The steps in continuous deployment are: 1.) Developers push a new version of their Web app code to a code repository server. 2.) Orchestration software running on a server at the cloud provider obtains the new version of the Web app from the code repository server, converting it to executable form if necessary. 3.) The Web app is sent to a build automation server. 4.) A new container or virtual machine on the cloud server is created, and the Web app is sent there for testing.
List the options that are listed when you right-click a process on the Details tab of Task Manager
End process tree, set priority, set affinity, analyze wait chain, and UAC virtualization
(T or F) Remote users must manually initiate a VPN connection each time they wish to connect to the resources in their organization when using DirectAccess
False
(T or F) The IUSRS group in an Active Directory domain or workgroup is used to provide anonymous access to both website and Web app content
False
(T or F) There are two types of event logs in Windows Server 2019, Microsoft logs and Windows logs
False
(T or F) When configuring the authentication methods for a remote access server, you should select the option to Allow remote systems to connect without authentication.
False
What is Group Policy, and why is it used?
Group Policy can be used to automatically configure software, Windows features, security, programs, and user interface settings on computers in an Active Directory domain based on the location of a user or computer account in the Active Directory database
What constraints are available for use in a remote access policy?
Idle Timeout - specifies the max amount of time a remote access session can remain idle before it is disconnected by the remote access server. Session Timeout - Specifies the max amount of time before an active remote access session is disconnected by the remote access server. Called Station ID - specifies the phone number of the dial-up remote access server Day and time restrictions - specifies the days and times that remote access sessions are allowed NAS Port Type - Specifies the type of network connections that are allowed when connecting to the remote access server.
How will you troubleshoot a performance issue if the information available in Task Manager is not sufficient for you to identify the root cause of the problem?
If I am looking to troubleshoot an performance issue, I will check the performance monitor to see what is using the most CPU and memory.
How does Remote Desktop differ from VPNs and DirectAccess?
Instead of relaying network traffic through an encrypted tunnel to a DMZ, remote access clients use a Remote Desktop app to log into a remote access server to obtain a graphical desktop session on the remote access server itself, or a graphical desktop session from a Hyper-V virtual machine running on the remote access server. After a remote access client obtains a graphical desktop session, the can run programs on the remote access server and access resource on the DMZ network to which the remote access server is connected.
In the context of DHCP, why do organizations use MAC Address filtering?
MAC address filtering is a process that restricts access to a service based on the client MAC Address. Companies use this to prevent one or more computers from obtaining an IP lease from a DHCP server while allowing all others. It can also be used to restrict IP leases to computers that were purchased by the organization.
What makes Nana Server container images great for Web apps?
Nano Server container images are often much smaller than other Windows container images and contain fewer components and processes that use system resources. As a result, they are well suited to hosting Web apps in cloud environments where storage and resource utilization must be minimized to save costs.
Can you distinguish between proactive and reactive maintenance with examples?
Proactive maintenance is the measures taken to reduce future system problems. An example of this would be performing regular system backups, monitoring available storage, creating baselines, and analyzing performance trends to identify problems before they occur. Reactive maintenance is the measures taken when system problems arise. An example of this is troubleshooting why an access point went offline.
What are the additional configuration options available on the Remote Access Setup pane that are unavailable on Enable DirectAccess Wizard?
Remote Clients, Remote Access Server, Infrastructure Servers, and Application Servers
What are the different role services available for the Remote Desktop services server role?
Remote Desktop Connection Broker Remote Desktop Gateway Remote Desktop Licensing Remote Desktop Session Host Remote Desktop Virtualization Host Remote Desktop Web Access
What is the difference between stub zones and conditional forwarders?
Stub zones are displayed as an additional forward lookup zone in DNS Manager, while conditional forwarders are stored in their own folder. Server administrators often prefer to create conditional forwarders over stub zones on DNS servers that host many forward lookup zones.
Alya runs the following command in Windows PowerShell: docker run -d -p --name cont1 kerinapp. What does the -d option do in this scenario?
The -d option of the docker run command detaches the container from the Windows PowerShell session and keeps it running in the background until you stop it using the docker stop command.
What logs are created by Windows for reporting general operating system and software application events?
The Windows operating system creates event logs, which are detailed records of system and application notifications. The Application logs store events from software applications on the system. The System logs store operating system-related events, including service startup, hardware errors, and events related to authorization and authentication.
Anthony is a server administrator and has been asked to configure and issue the Root Certification Authority certificate to all the users in his organization. The default template is a schema version 1 template, but Anthony wants users to be auto-enrolled. Briefly outline the steps Anthony can follow to create a new template to ensure that users are auto-enrolled.
To create the certificate template, he should right-click on the Certificate Templates folder in the Certification Authority tool and click Manage. This opens the Certificate Templates Console. Once he has all of his settings configured, he must ensure that the users have Read, Enroll, and Autoenroll permissions to the certificate template. This is the only way the users will be auto-enrolled.
Lisa, the system administrator of a bank, is going on a sabbatical for 12 weeks. Before leaving, she must prepare a knowledge transfer document to assist her colleague who will oversee her responsibilities in her absence. The document must include a report of the properties and settings of the GPOs. List the steps that Lisa needs to follow to obtain this report.
To document the properties and settings of the GPOs, Lisa should select the GPO or GPO link in the Group Policy Management tool and highlight the Settings tab of the GPO properties. She can click the show and hide hyperlinks in the report to expand or collapse each configured GPO section, folder, and feature. To save an HTML- or XML formatted copy of the report, she can right-click any area of the report, click Save Report, and select the format and folder path.
You just completed troubleshooting a server role issue with the help of the Setup event log. How will you save the events shown in the event log for future reference?
To save the events in the event log to a file for documentation purposes, you can select the event log in the navigation pane, click Save All Events As from the Actions pane, and specify the file location and format. After you have saved the contents of an event log, you can click Clear Log from the Actions pane to clear its contents.
(T or F) The ping utility is used to test the connectivity between two devices on a network
True
(T or F) When some computers have incorrect address information, you should check for the presence of unauthorized DHCP servers on the network running a non-Windows operating system and remove them if found.
True
Ramona, the chief technical officer of an engineering company, needs to install software on 32-bit computers using GPO. The system network consists of over 500 computers and has a mix of 32-bit and 64-bit computers. How can Ramona ensure that the software is installed only on the 32-bit computers? a. By using a WMI filter b. By using the Security Filtering option c. By setting Group Policy Preferences d. By modifying Software Settings under Group Policy
a. By using a WMI filter
Damien is configuring DirectAccess for a group of users in his organization. One of the requirements is that the users should be able to access the resources in their organization's network through VPN, but they should use the default gateway on their physical network interface to access websites that are not on the organization's network. Which of the following options should Damien configure on the Enable DirectAccess Wizard? a. Damien should not select the Use force tunneling option. b. Damien should select the Use force tunneling option c. Damien should select the Enable DirectAccess for mobile computers only option d. Damien should not select the Enable DirectAccess for mobile computers only option.
a. Damien should not select the Use force tunneling option
Asher, a system administrator, wants to run containers on Windows Server 2019. He chooses to install Docker using the Windows containers component. Which of the following is a service that will help Asher manage and run Docker containers on the server? a. Docker daemon b. Docker client c. Docker hub d. DockerProvider
a. Docker daemon
Kenshin builds a collaboration tool using ASP.NET that allows users to discuss and share files with each other. The files are stored in a Web server on a platform managed by a cloud service provider. Which of the following IIS role services is integral to the file-sharing feature in Kenshin's Web app? a. FTP server b. Web Server Common HTTP Features c. Web Server Performance d. IIS Management Tools
a. FTP server
Having heard the data theft suffered by a competing company by a man-in-the-middle attack, Finn asks Talia, his server administrator, to implement measures to prevent such attacks in his company. Which of the following should Talia do to ensure that Finn's company is protected from such attacks? a. Hire the services of a third-party Certification Authority b. Configure the Block Inheritance setting at the OU-level GPOs c. Run the gpupdate /force command in a Command Prompt window d. Run the gpresult /r command in Windows PowerShell
a. Hire the services of a third-party Certification Authority
What command can you use to determine if a network service is listening on the correct port number? a. Netstat -a b. Tracert c. Ping d. Test-NetConnection
a. Netstat -a
Kelsan Informatics has its client computers connected to a router through which the clients can access the organization's servers in the DMZ. The DMZ is connected to a NAT router that is connected to the Internet. In addition to providing access to the Internet, the NAT router also offers additional capabilities, such as traffic throttling, intrusion prevention, and malware filtering. What is the term for this type of NAT router? a. Next Generation Firewall b. Last Mile Technology c. Demarcation point d. Point-to-Point Protocol over Ethernet (PPPoE)
a. Next Generation Firewall
Valentina decides to install the Docker EE package on a Windows server. She wants to download the latest stable version of the package, so she chooses to install Docker using the DockerMsftProvider module. She enters the following commands in the Windows PowerShell window: PS C:\> Install-Module -Name DockerMsftProvider -XXXX psgallery -Force PS C:\> Install-Package -Name docker -ProviderName DockerMsftProvider Identify the correct code that should replace XXXX a. Repository b. RequiredVersion c. Preview d. DockerProvider
a. Repository
Lashonda, a system administrator, installs a remote access server in her organization. The remote access server is connected directly to the demarc. Additionally, the remote access server is configured as a NAT router. When configuring the remote access server, which of the following is Lashonda most likely to do? a. She will select the Demand-dial connections service b. She will select the LAN routing service c. She will install the Web Application Proxy role service. d. She will select the Dial-up access service
a. She will select the Demand-dial connections service
The programs running on the client systems in your organization are not able to access a service on the server. The problem is not with the server because the network services are running and you are able to interact with the network service on your local machine. What do you see as other possible issues with the server access? a. The client programs are not using the non-standard port number used by the network service. b. The network service might have failed to start when the client systems were requesting the service. c. The network service is not responding to requests from the local machine d. There were other client systems that were accessing the network service.
a. The client programs are not using the non-standard port number used by the network service.
You are using the Performance Monitor in Windows Server 2019 to collect information regarding the system's performance. What does the % Idle Time counter indicate? a. The percentage of time a storage device was not performing a read or write function b. The percentage of time the processor spends executing processes that do not require privileged access c. The percentage of free space on a volume d. The percentage of time the processor spends responding to interrupts.
a. The percentage of time a storage device was not performing a read or write function
While configuring Windows server 2019 as a WSUS server, which of the following role services would you select to store information about updates in the Windows Internal Database? a. WID connectivity b. WSUS services c. SQL server connectivity d. Certification authority
a. WID connectivity
Which of the following is the most likely cause for missing resource records in a secondary zone? a.Zone transfer issues b.An invalid entry in the DNS cache c.Zones that allow dynamic updates d.Manual DNS cache flushing
a. Zone transfer issues
What resource record type defines an IPv6 host address in DNS? a.A record b.AAAA record c.PTR d.CNAME record
b. AAAA record
David, a system administrator, has created specific GPOs for every department in his organization based on the permissions required by the various departments. However, he needs to apply the Default Domain Policy for some managers but not for the rest of the users. How can David ensure that the Default Domain Policy is applied only to specific managers' accounts? a. By using the Block Inheritance setting on the domain-level GPO. b. By using the Enforced setting on the OU-level GPOs for the OUs that contain the managers' accounts. c. By removing the Authenticated Users group from the Security Filtering section and adding the managers' accounts. d. By using a WMI filter to check for conditions under which the Default Domain Policy must be applied.
b. By using the Enforced setting on the OU-level GPOs for the OUs that contain the managers' accounts
An organization separates its client computers from its servers in a DMZ. The client computers are allowed access to the Internet by connecting to the DMZ. The DMZ is connected to a NAT router. In this scenario, what is the device that will allow the NAT router to connect to the ISP using a last mile technology? a. Next Generation Firewall b. Demarcation Point c. Remote access server d. Point-to-Point Protocol over Ethernet (PPPoE)
b. Demarcation Point
The users at Trembot Information Systems currently need to manually initiate a VPN connection when remotely accessing the organization's servers. Samir, a system administrator at Trembot, receives a request from multiple remote users to simplify the process of accessing the organization's servers. Which of the following should Samir use? a. Layer Two Tunneling Protocol b. DirectAccess c. Next Generation Firewall d. Virtual Private Network
b. DirectAccess
After experiencing several issues with an Active Directory domain controller, you have decided to perform a restore operation on the Active Directory. Which of the following options on the Advanced Boot Options menu should be used to perform the restoration? a. Safe Mode with Networking b. Directory Services Repair Mode c. Repair your Computer d. Active Directory Emergency Maintenance Mode
b. Directory Services Repair Mode
What key should be pressed as soon as the computer boots to enter Safe Mode? a. Ctrl+Alt+Del b. F8 c. Ctrl+Shift+Del d. Esc
b. F8
Your organization has a Windows Server 2019 system called SERVERX. It has come to your notice that several computers have tried to access a file in the server and failed in the attempt. You check the Security event log to check how many of such event attempts have been made in the past six months. The log has only stored information pertaining to the past few days. What can you do to ensure the log stores more information? a. View the event log on a day-to-day basis. b. Increase the size limit of the event log c. Click Clear log from the Actions menu d. Take a backup of the event log every week.
b. Increase the size limit of the event log
Which of the following is true of WINS? a. It is enabled by default on all Windows Server systems b. It can only resolve NetBIOS names to IPv4 addresses c. If NetBIOS is enabled, a WINS server does not need to be installed on the network. d. If a computer is configured to use WINS, it resolves NetBIOS names using broadcasts
b. It can only resolve NetBIOS names to IPv4 addresses
Runako wants to build a social networking website and host it using a PaaS provider. The social networking website will have users posting and sharing large quantities of media such as videos and images. He is currently evaluating the storage options that the app will need. Which of the following storage options should Runako use and why? a. Block storage, because it is less expensive than object storage b. Object storage, because it allows a Web app to directly store objects c. Persistent volume, because it is faster than block storage d. Block storage, because it is faster than object storage.
b. Object storage, because it allows a Web app to directly store objects
Mateo uses the following command to search Docker Hub for containers that have IIS installed: PS C:\> docker search iis. The search returns the following options: microsoft/aspnet, microsoft/iis, nanoserver/iis. Mateo wants to download the latest version of the microsoft/iis container from Docker Hub. Which of the following commands can Mateo run to achieve this result? a. PS C:\> docker tag microsoft/iis latest b. PS C:\> docker pull microsoft/iis c. PS C:\> latest docker pull microsoft/iis d. PS C:\> docker tag microsoft/iis iis
b. PS C:\> docker pull microsoft/iis
Skyfelt Graphics is a company that does not own any of the hardware or operating systems on which it creates and runs its Web app containers. These components are owned, maintained, and operated by a cloud provider. Which of the following cloud delivery models is Skyfelt using? a. Software as a Service b. Platform as a Service c. Infrastructure as a Service d. Mobile as a Service
b. Platform as a Service
Kim has completed configuring DirectAccess on a remote access server in his organization. He also configures the users' computers and enables DirectAccess. While the laptop users are able to use DirectAccess, desktop users email Kim to let him know that they are unable to use DirectAccess. If Kim is able to resolve this issue successfully, which of the following options on the Remote Access Setup pane did Kim use? a. Remote Access Server b. Remote Clients c. Infrastructure Clients d. Application Servers
b. Remote Clients
Reno is facing some DNS server issues that he is unable to resolve using nslookup, DNS manager, and other general methods. He decides to use information from the DNS Server log to identify the issue. However, the information that was logged is insufficient to resolve the issue. Reno is able to identify the issue after enabling debug logging. What should Reno do next? a.Reno should permanently enable debug logging b.Reno should turn off debug logging c.Reno should delete all the log files d.Reno should flush the DNS server cache
b. Reno should turn off debug logging
Identify a vital service provided by secondary DNS servers. a. Secondary DNS servers contain read-write copies of a primary DNS server's data. b.Secondary DNS servers respond to DNS lookup requests using read-only zone files. c.Secondary DNS servers improve security by preventing access to primary DNS servers. d.Secondary DNS servers divert all traffic to primary DNS servers to reduce load.
b. Secondary DNS servers respond to DNS lookup requests using read-only zone files
A computer is running multiple applications simultaneously. They all demand large amounts of processor time, which affects the processing speed of the system. which of the following options will you use to identify and terminate the process that is consuming the highest processor time? a. Click the Memory column in the Processes tab of Task Manager b. Select the Processes tab of Task Manager and click the CPU column c. Check the User tab to identify the user who started all the processes d. Select the Services tab and restart stopped services
b. Select the Processes tab of Task Manager and click the CPU column
Denali wants to store information about all Windows updates on a specific Microsoft SQL Server for security reasons. Which of the following wizards can Denali use to set up SQL Server Connectivity to store update information? a. The Group Policy Results Wizard b. The Add Roles and Features Wizard c. The Windows Server Updates Services Configuration Wizard d. The Certificate Enrollment wizard
b. The Add Roles and Features Wizard
Alonso, a system administrator, has configured and deployed a new GPO at the domain level in his organization. However, when he checks after a few hours two of the OUs in the Active Directory do not reflect the change. What is the most likely reason the new GPO configuration did not apply to the two OUs? a. The OUs were under another domain b. The Block Inheritance setting prevented the OUs from applying the GPOs. c. The users under the OUs declined the domain-level setting when prompted. d. The GPO link was configured with the Enforced setting
b. The Block Inheritance setting prevented the OUs from applying the GPOs.
You are troubleshooting a DHCP server and discover that it is not dynamically updating DNS records for DHCP clients. What is the most likely cause for this issue? a. The network contains computers with manually configured IP addresses b. The DNS server and DHCP server are in different domains c. The DNS server is an authoritative, primary DNS server d. The DNS server and DHCP server are running on different operating systems
b. The DNS server and DHCP server are in different domains
Maqsud installs IIS on a Windows Server 2019 server. To allow users to connect to Default Web Site using HTTPS, he installs an HTTPS encryption certificate on the Web server. Next, he configures Default Web Site to respond to HTTPS requests. However, when users connect to the website using HTTPS, they receive a security warning. Which of the following is most likely causing this issue? a. The TCP port number is set to 443 and not 80. b. The FQDN in the HTTPS certificate does not match the Web server FQDN. c. The HTTPS encryption certificate is installed on the Web Server d. The website is already configured to respond to HTTP requests.
b. The FQDN in the HTTPS certificate does not match the Web server FQDN.
Joshua works as a systems administrator. A computer running Windows 2019 Server crashes. However, he is not able to find the root cause of the problem. If the root cause of the problem is processor overload, which of the following should Joshua investigate to troubleshoot the issue? a. The Security event log b. The Hardware Events event log c. The Application event log d. The System event log
b. The Hardware Events event log
Raymond and Lin are facing network issues on their computers. Rayna, the administrator, is troubleshooting the issue. She notices that Raymond and Lin's computers are using the same IP address, 192.167.1.85. If he organization's network uses a DHCP server, which of the following most likely caused this issue? a. The IP addresses were configured automatically b. The IP addresses were configured manually c. The IP addresses were configured by the DHCP server d. The IP addresses on both computers have expired
b. The IP addresses were configured manually
Lashonda sets up a DNS server, SERVER1, with a forward lookup zone called domainA.com. It hosts the resource records for the domainX.com Active Directory domain. It contains host (A) records for two network interfaces on SERVER1 (172.16.0.10 and 192.168.1.50). The host records are associated with the FQDNs server1.domainA.com and domainA.com. There is also an SOA record and an NS record for the zone. Which of the following records identifies SERVER1 as an authoritative DNS server? a.The SOA record b.The NS record c.The A record for 172.16.0.10 d.The A record 192.1.50
b. The NS record
Sasha is configuring Windows Server 2019 as an enterprise CA. She installs the Active Directory Certificate Services server role and is prompted to choose the role services that she wishes to install. Which of the following role services should Sasha select to ensure that routers are allowed to obtain certificates? a. The Online Responder role service b. The Network Device Enrollment Service role service c. The Certificate Enrollment Policy Web Service role service d. The Certification Authority Web Enrollment role service
b. The Network Device Enrollment Service role service
TravelBugz is a website that reviews accommodations and holiday destinations. Users of the website can post their own reviews. Users can use the TravelBugz app too instead of the website if they want to. The app and website both directly access the Web app running on the cloud to store and retrieve data. Which of the following is true of this scenario? a. The TravelBugz website can be accessed from a browser using the TCP/IP protocol b. The TravelBugz app communicates with the Web app using the TCP/IP protocol. c. The TravelBugz app communicates with the Web app using the HTTPS protocol. d. The app and website communicate with each other using the TCP/IP protocol.
b. The TravelBugz app communicates with the Web app using the TCP/IP protocol.
Ava, a system administrator, configures 45 remote access clients to use the VPN server in the organization using the SSTP protocol. On any day, the number of users that work remotely does not exceed 15, so AVA configures the SSTP VPN protocol for 25 connections on the server. One day, owing to extreme weather, many employees are asked to work from home. When more than 25 users try to connect to the organization's servers, they are not allowed access. Ava uses the Routing and Remote Access tool to increase the number of connections for the SSTP protocol to 45. When she asks these additional users to confirm if they have received access, the users tell her that they are unable to connect to the organization's servers. If some or all of these users were able to remotely connect on a previous occasion, what is the most likely issue in this scenario?
b. The remote access server was not rebooted after the recent changes
Giselle, a systems administrator, creates a file redirection GPO, in the User Configuration section that automatically saves files created by her colleagues to a shared network device instead of the local drives in their computers. However, the computers do not receive the configuration specified in the GPO. She runs the gpupdate /force command in the Command Prompt window of one of her colleagues' computer. Despite her effort, the computer does not receive the GPO, and she decides to rectify the issue the next day. To her surprise, she sees that the computer has been configured as per the GPO. What do you see as the issue with the GPO configuration? a. The GPO was not backed up before the new settings were applied. b. The settings can only be applied at the next login. c. The computer had to be rebooted for the application of the GPO settings
b. The settings can only be applied at the next login
Navin wants to reduce the chances of a data breach and monitor and control the traffic on his company's website. Instead of using a NAT router, he sets up an external server that acts as a filter between the organization's website and end users. Which of the following options must Navin select and configure when configuring WSUS? a. Store updates in the following location b. Use a proxy server when synchronizing c. Synchronize from another Windows Server Updates Services server d. Synchronize from Microsoft Update servers
b. Use a proxy server when synchronizing.
An organization has published applications on its web servers. These applications are accessible to users in the organization when they are authenticated via Active Directory. What RAS capability will allow the organization's applications to be accessible to users outside of the organization? a. Virtual Private Networks b. Web Application Proxy c. DirectAccess d. RemoteApp
b. Web Application Proxy
Stephen sets up manual enrollment for a user certificate from an enterprise CA. However, as he completes the process, he realizes that he has accidentally set up the enrollment for a computer certificate rather than a user certificate. Which of the following commands did Stephen most likely type in the Command Prompt window? a. certmgr.msc b. certlm.msc c. wf.msc d. gpedit.msc
b. certlm.msc
You are investigating strange traffic on your network and wish to resolve an IP address to a DNS name. What resource record should you use to perform a reverse lookup? a.An A record b.An AAAA record c.A PTR record d.A CNAME record
c. A PTR record
You are the administrator for an Active Directory domain and have been tasked with improving the response time for resolving DNS queries for resources in a second company-owned domain that does not use Active Directory. What type of zone can be used to accomplish this task with minimal overhead? a.A forward zone b.A reverse zone c.A stub zone d.A glue zone
c. A stub zone
Which of the following organizations does not need to install a WINS Server? a. An organization that uses shared folders on computers with NetBIOS names b. An organization that uses modern operating systems such as Windows 10 c. An organization that has disabled NetBIOS on its computers d. An organization that has DNS servers installed
c. An organization that has disabled NetBIOS on its computers
Amina, who works for a pharmaceutical company, configures and issues the Smartcard Logon certificate template with schema version 2. While most of the users get auto-enrolled, some of the users fail to obtain the certificate. Identify the most likely reason auto-enrollment failed for these users. a. Their operating system is Windows XP. b. They have the Block Inheritance setting at the OU level. c. The template did not have the Enforced setting. d. Their operating system is Windows 2000.
d. Their operating system is Windows 2000
Lea's organization develops a cloud-based storage application. While running the application on the local server, she notices that a process run the by application consumes excess amounts of memory, which in turn leads to new performance issues. She gets the process ID from Task Manager to search for possible solutions online. However, she is not successful. What should Lea have done instead? a. Troubleshoot the issue and modify the programming code of the application herself. b. Check the Resource Monitor to check the amount of memory used by the process c. Create a dump file and share it with the development team so they can fix the issue d. Share the process ID with a support technician and get the issue sorted.
c. Create a dump file and share it with the development team so they can fix the issue.
After configuring the role services on the Remote Desktop server, Jabez creates a collection for the Marketing group in the organization. He specifies multiple remote access servers for the collection. One of the users, Marion, complains to Jabez that whenever she connects to a Remote Desktop session and customizes the settings, these settings are not available to her on her next Remote Desktop session. If Jabez is able to fix this issue while maintaining load balancing, which of the following statements is true? a. Jabez removed Marion from the Marketing group and added her to another group. b. Jabez removed the Remote Desktop Connection Broker service. c. Jabez created a shared folder that is accessible to remote servers in the collection. d. Jabez rebooted the remote access server.
c. Jabez created a shared folder that is accessible to remote servers in the collection.
After downloading a container image from Docker Hub, you create multiple containers using the docker run command. After a few minutes, you download another container image and create multiple containers. Upon noticing that you are running out of system resources, you decide to stop some containers. Which of the following commands is the best choice to view the containers that are currently running? a. PS C:\>docker ps -a b. PS C:\>docker ps -d c. PS C:\>docker ps d. PS C:\>docker container prune
c. PS C:\> docker ps
Martha is configuring the Network Policy and Access Services server role to configure a Windows Server 2019 system as a RADIUS Server so that it can be used with the 802.1XWireless. After this, she is facing some issues activating the server in Active Directory. She thinks that there were issues with the installation. Which of the following event logs should Martha check to examine events specific to the installation? a. Security b. Application c. Setup d. System
c. Setup
Malia configures a primary zone on a DNS server to accept dynamic updates. Whenever a computer is added to the network, resource records for the computer are automatically created. For a computer, NX2001EY, Malia configures resource records manually. On the Zone Aging/Scavenging Properties window, she selects Scavenge stale resource records, sets the No-refresh interval to 14 days, and sets the Refresh interval to 14 days. She also enables automatic scavenging in the DNS server's properties. If Malia removes NX2001EY from the network, what is the most likely outcome in this scenario? a.The resource records for N2001EY will be deleted within 14 days. b.All the resource records for N2001EY will be made available for scavenging after 28 days. c.Some of the resource records for N2001EY will be made available for scavenging after 28 days d.Malia will need to manually remove all the resource records for N20001EY.
c. Some of the resource records for N2001EY will be made available for scavenging after 28 days.
Felicia is drafting an email to her colleague Rhonda. After Felicia types out the email, she enters the email address [email protected] and clicks send. Felicia's email server uses the email address typed to locate the recipient email server. Which DNS resource record for zoneA.com allows Felicia's email server to locate the recipient email server? a.The A record b.The AAAA record c.The MX record d.The CNAME record
c. The MX record
Which of the following is a necessary condition if you want to configure a reverse proxy instead of port forwarding on a NAT router to enable access to a remote access server? a. The remote access server should be outside the DMZ. b. The NAT router must be configured to forward remote access requests c. The NAT router should be a Next Generation Firewall d. The remote access server should be connected directly to the demarc.
c. The NAT router should be a Next Generation Firewall
The hard disk of a computer running the Windows Server 2019 operating system fails. A colleague tells you that the data on the hard disk can be regenerated as soon as it is replaced with a new one. Can you identify why this solution is feasible? a. The system need not be powered down to replace the hard disk b. The operating system was backed up prior to the disk failure. c. The Windows system uses a RAID level 5 configuration d. The corrupt hard disk contained the boot volume
c. The Windows system used a RAID level 5 configuration
Aspen sets up the round robin feature in DNS for an FQDN server, server.domainA.com. She creates two identical Web servers with IP addresses 192.168.1.75 and 172.6.0.15 and associates two A records on the FQDN server with these IP addresses. The first A record is associated with the Web server having the IP address 192.168.1.75, and the second A record is associated with the Web server having the IP address 172.6.0.95. Aspen uses a client with the IP address 172.6.0.95 to perform a forward lookup of server.domainA.com. Which of the following is true of this scenario? a. The FQDN server will return both IP addresses, 192.168.1.75 followed by 172.6.0.15 b. The FQDN server will return one of the IP addresses because of the round robin feature setup. c. The client will contact the Web server with the address 172.6.0.15. d. The client will contact the Web server with the address 192.168.1.75
c. The client will contact the Web server with the address 172.6.0.15
Viola, a system administrator, installs IIS on a Web server and creates two websites. She installs the necessary HTTPS encryption certificate on the server and proceeds to bind the HTTPS protocol to the first website using default settings. This binding is successful. Next she proceeds to bind the HTTPS protocol to the second website. Which of the following is most likely to cause an issue when binding the HTTPS protocol to the second website? a. The HTTPS encryption certificate should not be installed on the Web server. b. IIS can't run multiple websites simultaneously. c.) The first website is using port 443, so the second website cannot use the same port d. A web server cannot be configured to host more than one website with HTTPS binding
c. The first website is using port 443, so the second website cannot use the same port.
The new system administrator of XYZ company realizes that whenever updates are available for Windows, WSUS redirects computers to the Microsoft Update servers on the Internet to obtain updates instead of storing the update information on the WID. Which of the following is a likely reason for this issue? a. The WSUS installation is either incomplete or has not been installed properly b. While installing WSUS, the option SQL Server Connectivity was selected. c. While installing WSUS, the option Store updates in the following location was deselected. d. While configuring WSUS, the option Synchronize from another Windows Server Update Services server was selected.
c. While installing WSUS, the option Store updates in the following location was deselected.
Isabella installs a Fedora Linux distribution on a Windows Server 2019 server. Next, she installs the Apache Web server on this system. Because the server is also running IIS that uses port 80, Isabella modifies the port number for the Apache Web server. Which of the following commands must Isabella run to ensure that she did not make a syntax error during the recent change? a. install apache2 b. apachect1 start c. apachect1 configtest d. vim file
c. apachect1 configtest
What is the level of encryption of the public/private key pair that is contained in the domain-server-CA in Microsoft Server 2019? a. 256-bit encryption b. 257-bit encryption c. 1024-bit encryption d. 2048-bit encryption
d. 2048-bit encryption
Yosef has configured Windows Server 2019 as an enterprise CA and deployed a GPO to enroll all the users for certificates. He chooses the setting that will enroll the users when they boot their computers. When he checks whether all users and computers have been enrolled, he finds that five users were not enrolled for the certificate. Yosef was able to manually enroll those users for certificates. Which of the following permissions to the certificate template is most likely to be missing for the five users who did not get enrolled? a. Read b. Write c. Enroll d. Autoenroll
d. Autoenroll
Radha is using nslookup to troubleshoot DNS-related issues on SERVER1. She uses the command prompt and types in the statement nslookup servery.zone1.com. SERVER1 returns an incorrect result. If SERVER1 is non-authoritative for this lookup, what should Radha do to resolve this issue? a.Ensure that the configuration of any stub zones is correct b.Configure the IP address of the correct DNS server in network interface properties on the resolver c.Modify the associated records in the zone on SERVER1 to include the correct information d.Clear the DNS Server cache, and clear the DNS cache on the resolver
d. Clear the DNS Server cache, and clear the DNS cache on the resolver
Britta, a system administrator, is managing a website that is running on an IIS web server. Recently, the website was redesigned, and some portions of the website were deleted. Search engines carry links to these deleted portions for specific searches. Britta wants to ensure that when users click on links to deleted portions of the website, they are redirected to a section of the website. Which of the following IIS configuration features should Britta use? a. Directory Browsing b. Request Filtering c. Handler Mappings d. Error Pages
d. Error Pages
Kyra has set up a remote access server (RAS) in her organization. She has also configured VN access on the NAT router. Next, she needs to set up the client systems that will be allowed to access the RAS. Kyra wants to ensure that the client and server communicate using the most secure authentication method. Which of the following methods should Kyra ensure is supported on both the client and the server? a. Password Authentication Protocol (PAP) b. Challenge Handshake Authentication Protocol (CHAP) c. Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2) d. Extensible Authentication Protocol (EAP)
d. Extensible Authentication Protocol (EAP)
Andre is a systems administrator. He goes through several event logs with thousands of events on a regular basis to troubleshoot system issues. What is the easiest way to limit the events to only those that are relevant to a specific problem? a. He can search for the next occurrence of a specific event in the event log. b. He can use the Get-EventLog cmdlet in Windows PowerShell to view the events in an event log. c. He can search for specific events related to a problem using an event ID. d. He can use the Filter Current Log option in the Actions pane in Event Viewer.
d. He can use the Filter Current Log option in the Actions pane in Event Viewer.
Soha wants to build a Web app that analyzes financial details of users and provides them with investment advice. She will be running this app on a public cloud using IIS. If Soha wants to take advantage of applications pools to improve security of her Web app, which of the following should she do? a. She should generate a group of dynamic-link libraries. b. She should allow access to the app only using NFS. c. She should use object storage instead of block storage. d. She should create the Web app using ASP.NET
d. She should create the Web app using ASP.NET
Your organization launches a new web application for video editing. Multiple users can access the application at the same time and edit their videos online. What will you use to monitor the amount of memory being used by the application in real time? a. The Reliability Monitor b. Data Collector Sets c. Event Viewer d. The Performance Monitor
d. The Performance Monitor
Ahmed, a network administrator, is looking at the events added to a Windows Server 2019 system log in the Event Viewer. He notices three events being highlighted with a yellow exclamation mark. These events were related to a remote access attempt. If Ahmed were to treat this as a warning sign, what kind of issues should he anticipate? a. The system may become unstable. b. The services running on the server may not function properly. c. Users may be prevented from accessing the system. d. The functionality of the system can be affected.
d. The functionality of the system can be affected.
Trang, a system administrator, is configuring a DHCP relay on the remote access server. She needs to configure the DHCP relay agent to listen for DHCPDISCOVER packets on a network interface. Which of the following statements is true of this scenario? a. Trang should add a DHCP relay agent for IPv6 before proceeding with the next step b. Trang should reboot the remote access server before proceeding with the next step c. Trang should select the network interface that is connected to the DHCP clients. d. Trang should select the network interface that is connected to the DMZ.
d. Trang should select the network interface that is connected to the DMZ.
Wilmer is creating a new remote access policy for the sales department in the organization. On the Specify Conditions screen of the wizard to create new policies, Wilmer selects the option to grant or deny access according to user dial-in properties. In which of the following circumstances will this permission be used? a. When a client is authenticated using an unencrypted authentication method b. When the Idle Timeout and Session Timeout constraints are set to 5 minutes. c. When the access permission on the same screen is set to Access denied. d. When a user account has the Control access through NPS Network Policy option set
d. When a user account has the Control access through NPS Network Policy option set
The workstations in your organization have been upgraded with the latest GPUs. To save costs, the company has procured a brand that is not widely known in the market. To install the drivers, the system administrator reboots the system using the Disable Early Launch Anti-Malware Driver option in the Advanced Boot Options menu. Why do you think this step was required to install the driver? a. Rebooting helps scan for malwares in the driver at boot time. b. The driver can be installed only if the system is booted in Safe Mode. c. The driver did not have a valid digital signature d. Windows Defender may have considered the driver to be suspicious.
d. Windows Defender may have considered the driver to be suspicious.