ISE240 Test 1
Match the configuration pass with its respective function when creating and answer file with Windows SIM Specialize
Configures network settings and joins a computer to a domain
What technology did Microsoft develop to combat the storage of storage-using and potentially illegal files on corporate servers?
File Screening (Often on a corporate network, users try to save files such as movies, music, and games on the corporate server. Unfortunately, although much of this can cause legal problems associated with copyright, it also takes up disk space that can be used for something else, costs money to provide the storage space, and makes the backup sets larger. As a result, Microsoft developed file screening that allows you to control the type of files that users can save and send notifications when users try to save a blocked file.)
Match each Windows Log to the appropriate description or usage. Shows events collected from remote computers
Forwarded events
What does the acronym FQDN stand for?
Fully Qualified Domain Name (DNS uses fully qualified domain names (FQDNs) to map a host name to an IP address.)
Which auditing feature allows you to define computer-wide system access control lists for the file system or the registry?
Global Object Access Auditing (Global Object Access Auditing lets you define computer-wide system access control lists for the file system or the registry.)
Which utility do you use to access advanced audit policy settings?
Group Policy Editor (To access a new policy, open Group Policy Editor for a group policy and go to Configuration\Policies\Windows Settings\Security Settings\Advanced Audit Policy Configuration.)
Match the configuration pass with its respective function when creating and answer file with Windows SIM. Windows PE
Includes initial boot options including specifying the product key and configuring a disk
Which of the following describes the WDS install.wim image file?
It installs a standard Windows Server 2012 image to the client computer. (Included in the Sources folder on the Windows Server 2012 installation disk is an install.wim file for Windows Server 2012 that allows you to perform a standard Windows Server 2012 installation similar to performing a manual installation from disk.)
An encrypted file can be converted back to its original format by a process known as what?
decryption (Decryption is the process of converting data from encrypted format back to its original format.)
To examine performance correctly, you must establish a performance baseline. When do you perform this task?
during normal usage
What function does a computer perform when it's issued the command wecutil qc?
event receiving
Microsoft's new Event Viewer allows you to collect events from remote computers and store them locally. By what name is this collection of events known?
event subscription
When DFS Replication and DFS Namespace are combined into a single service offering, the pair creates what type of file sharing service?
fault tolerant (To make shared files fault tolerant, you need to use both DFS Namespace and DFS Replication.)
EFS encryption is what type of feature that can be enabled or disabled at will, similar in effect to read-only, compression, or hidden?
attribute (To encrypt or decrypt a folder or file, enable or disable the encryption attribute just as you set any other attribute, such as read-only, compressed, or hidden.)
What built-in computer hardware feature makes BitLocker Drive Encryption far more secure than other forms of folder or file-based encryption?
Trusted Platform Module (Information stored on the Trusted Platform Module (TPM) can be more secure from external software attacks and physical theft.)
When you set a service to start automatically with delayed start, how long is the delay?
Two minutes
Windows Deployment Services (WDS) is a software platform and technology that allows you to perform which function?
automated network-based installations based on network-based boot and installation media (This is the definition of Windows Deployment Services: a software platform and technology that allows you to perform automated network-based installations based on network-based boot and installation media.)
When troubleshooting services on your system, why might you want to start up in Safe mode?
because the system starts only the core services
The Only to the following servers method restricts zone transfers to those servers specified in the accompanied list.
blah.com (Second-level domains are registered to individuals or organizations—for example, microsoft.com or mit.edu. Second-level DNS domains can have many subdomains, and any domain can have hosts.)
What is the name of the Windows Server 2012 installation DVD boot image file?
boot.wim (The generic boot image file, located in the \sources folder of the Windows Server 2012 installation DVD, is boot.wim.)
What is another designation for an Alias?
canonical name or CNAME (A Canonical Name (CNAME) record—sometimes referred to as an Alias—maps an alias DNS domain name to another primary or canonical name.)
If you're a command-line user, what command will encrypt files and folders?
cipher.exe (The cipher.exe command displays or alters the encryption of folders and files on NTFS volumes.)
What is the definition of a service pack?
It is a tested, cumulative set of hotfixes, security updates, critical updates, and updates, as well as additional fixes for problems found internally since the release of the product. (A service pack is a tested, cumulative set of hotfixes, security updates, critical updates, and updates, as well as additional fixes for problems found internally since the release of the product.)
What effect does using quotas in File Server Resource Manager have?
It limits the number of gigabytes allocated to a volume or folder. (By using FSRM to create a quota, you limit the amount of disk space allocated to a volume or folder.)
Which of the following describes the WDS boot.wim image file?
It loads Windows PE 4.0 on the client computer. (The Windows Server 2012 installation DVD includes a boot image file named boot.wim, located in the \sources folder, which loads Windows PE 4.0 on the client computer.)
What does issuing the nslookup command with no parameters do on your system?
It places you into nslookup's interactive mode. (If you type nslookup without any parameters, you start nslookup.exe in interactive mode. For a list of available commands, use the help or ?. To exit nslookup interactive mode, use the quitcommand.)
When using sysprep on the master computer, why do you include the /oobe parameter?
It presents the Windows Welcome Wizard on the next boot. (The /oobe parameter configures Windows to present the Windows Welcome Wizard the next time the computer starts. The Windows Welcome Wizard allows you to name the computer and generate a SID and any other required unique information.)
What function does the System Preparation Utility (Sysprep.exe) perform on a system?
It removes a system's name and SID. (The Microsoft System Preparation Utility (Sysprep.exe) prepares a Windows computer for cloning by removing specific computer information such as the computer name and Security Identifier (SID).)
What is the primary advantage of a caching-only DNS server?
It speeds DNS queries by building a DNS request cache. (The caching-only DNS server receives client requests, and as the DNS servers fulfill DNS queries, the server adds the information to its cache. When answering subsequent client queries asking for the same information, the DNS server already has the information.)
How do you secure DFS Namespaces?
NTFS and shared folder permissions (Because DFS Namespace is a specialized shared folder of shared folders, you still secure these folders with share permissions and NTFS permissions.)
Encryption does not protect a file or folder from deletion. To protect a file or folder from deletion, what technology should you use?
NTFS permissions (An encrypted folder or file does not protect against the deletion or listing of the file or directory. To prevent deletion or listing of files, use NTFS permissions.)
FSRM is a suite of tools that enables you to control and manage data stored on a file server. List the three primary management tools that you get with FSRM.
Quotas, file screening, and storage reports. (FSRM is a suite of tools that enables you to control and manage the quantity and type of data stored on a file server. It enables you to define how much data a user can store, define what type of files a user can store on a file server, and generate reports about the file server being used.)
What Microsoft tool do you use to create and manage Windows setup answer files?
System Image Manager (SIM) (You can create an answer file with a text editor or XML editor, but Microsoft recommends that you use the graphical System Image Manager (SIM) tool to create and manage unattended Windows setup answer files. You can also use SIM to check answer files. SIM is part of the Windows Assessment and Deployment Kit (ADK).)
Match each Windows Log to the appropriate description or usage. Shows boot errors
System log
WSUS allows you to automatically approve every update, but you shouldn't necessarily do that. What should you do before approving updates to be installed?
Test the updates on your own systems before approving for rollout. (Although you can have updates automatically approve every update that is downloaded from Windows Update, you shouldn't do that until you've had an opportunity to test the updates. Updates are thoroughly tested by Microsoft, but every organization is different; a single update might cause unforeseen problems affecting hundreds of computers.)
If you issue the command nslookup 192.168.1.50 and get no response, but then issue nslookup server1 and receive 192.168.1.50 as a response, what do you know is wrong?
The PTR record doesn't exist. (PTR records resolve host names from an IP address. Different from the Host record, the IP address is written in reverse.)
What do you view on your system with the netstat command?
The netstat command is used to view the TCP/IP connections, both inbound and outbound, on your computer. You can also use it to view the packet statistics, such as how many packets have been sent and received and the number of errors.
What happens if you move unencrypted files into an encrypted folder?
The new files become encrypted. (Moving unencrypted files into an encrypted folder automatically causes those files to be encrypted in the new folder.)
Some exemptions might be required for certain groups to store otherwise restricted file types. What type of exemption can you set up on folders?
file screen exception (To allow files that other file screens are blocking, you can create a file screen exception, which is a special type of file screen that overrides any file screening that would otherwise apply to a folder and all its subfolders in a designated exception path.)
You can encrypt individual files, but Microsoft recommends encrypting at what level?
folder (Microsoft recommends that you encrypt at the folder level.)
Which type of DNS zone resolves host names to IP addresses?
forward lookup zone (A forward lookup zone contains most of the resource records for a domain. Of course, as the name indicates, a forward lookup zone is used primarily to resolve host names to IP addresses.)
By default, replication groups use what type of topology to replicate to all members of the group?
full mesh (By default, replication groups use a full mesh topology, which means that all members replicate to all other members.)
What two things should you check if a particular client is having problems downloading and installing updates?
group policy and the Windows Update log (If you have a particular client having problems, verify that that client is connecting to the correct WSUS server. You can review the group policy results for the computer and the C:\Windows\WindowsUpdate.log file.)
What type of structure does DNS have?
hierarchical distributed (DNS is a hierarchical distributed naming system used to locate computers and services on a TCP/IP network.)
Which replication topology is more efficient than the default replication topology and allows you to set bandwidth, timing, and directionality to your configuration?
hub/spoke (Rather than use a full mesh topology, you can use a hub/spoke topology, in which one server is used to replicate to the other members, thus limiting the replication traffic to specific pairs of members.)
When you create quotas, you are recommended to use what built-in feature to assist you?
quota template (You can create a quota on a volume or a folder using a quota template or by using custom properties. You should use quota templates because they can be applied to other volumes and folders in the future.)
Auditing is used for what purpose?
recording user's actions (Auditing keeps a record of users who have logged on, what they accessed or tried to access, and what actions they performed such as rebooting, shutting down a computer, or accessing a file.)
What term is defined as "an ordered list of servers or targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or a DFS folder with targets"?
referral (A referral is an ordered list of servers or targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or a DFS folder with targets.)
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Pointer (PTR) records.
resolves host names from IP addresses (The Pointer (PTR) records are used for the opposite reason of the Host records. They resolve host names from an IP address. Different from the Host record, the IP address is written in reverse.)
By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the Only to servers listed on the Name Servers tab method?
restricts zone transfers to secondary DNS servers as defined with NS resource records (The Only to servers listed on the Name Servers tab method restricts zone transfers to secondary DNS servers as defined with NS resource records.)
By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the Only to the following servers method?
restricts zone transfers to those servers specified in the accompanied list (The Only to the following servers method restricts zone transfers to those servers specified in the accompanied list.)
Before creating PTR records, what DNS objects must you create?
reverse lookup zones (If the reverse lookup zone does not exist to store the PTR record, a warning is issued that the associated pointer (PTR) record cannot be created.)
What's the status of your data if someone has your public key?
safe (If the public key falls into someone else's hands, that person still cannot decrypt the message.)
Which one of the following is an example of an FQDN?
sales.microsoft.com (The URL computer1.sales.microsoft.com represents an FQDN: the computer1 host is located in the sales domain, which is located in the Microsoft second-level domain, which is located in the .com top-level domain. Both sales.microsoft.com and computer1.sales.microsoft.com are examples of FQDNs.)
Windows Updates, especially the Automatic Updates feature of Windows Updates, are for what kind of environments?
small (For small environments, you can configure your system to run Automatic Updates to ensure that critical, security, and compatibility updates are made available for installation automatically without significantly affecting your regular use of the Internet.)
What type of special cache folder does each replication folder use to hold files ready to be replicated?
staging folder (To figure what needs to be replicated, DFS uses staging folders. The staging folder acts as a cache for new and changed files that need to be replicated.)
Single-key encryption is also known as what kind of encryption?
symmetric (Because symmetric encryption uses a single key to encrypt and decrypt data, it is also referred to as secret-key encryption.)
What are DFS Namespace shared folders referred to in relation to the virtual folders?
targets (The actual shared folders are referred to as the targets of the virtual folders in the namespace.)
Placing a quota limit on a folder applies that limit to what part of the folder?
the entire folder and its subtree (By using FSRM to create a quota, you limit the amount of disk space allocated to a volume or folder. The quota limit applies to the entire folder's subtree.)
What does Time to Live (TTL) mean in DNS parlance?
the length of time a record remains in DNS cache (The Time to Live (TTL) value defines the default time a resource record remains in a DNS cache after a DNS query has retrieved a record. If a resource record has its own TTL value, that value is used instead of the TTL defined in the SOA record.)
Authorization is used for what purpose?
to grant access to a user (Authorization gives access to an authenticated user.)
What is the major reason behind using a forwarder?
to improve the efficiency of name resolution for your computers (By using a forwarder, you control name resolution queries and traffic, which can improve the efficiency of name resolution for the computers in your network.)
What is the purpose of setting soft quotas?
to notify users that they have reached the quota limit (When you define quotas, you can define either a hard quota or a soft quota. A soft quota does not enforce the quota limit but generates a notification when the configured threshold is met.)
What is one purpose of using hash function encryption?
to store passwords in a non-readable format (One purpose of hash function encryption is to encrypt a password stored on disk. Anytime a password is entered and it needs to be verified that it is the correct password, the same hash calculation is performed on the entered password and compared to the hash value of the password stored on disk.)
Authentication is used for what purpose?
to verify a user's identity (Authentication is used to prove the identity of a user.)
What term describes an instance of a program being executed?
process
Which screening technique prevents a user from saving defined unauthorized files?
Active (Active screening prevents users from saving the defined unauthorized files.)
Which command do you use to manage auditing at the command prompt?
AuditPol.exe (To manage auditing at the command prompt or by creating scripts, you use the AuditPol.exe command, which displays information about and performs functions to manipulate audit policies.)
Which of the following is an example of a top-level domain?
.net (Traditionally, top-level domains consist of generic top-level domains (.com, .org, .edu, .gov, and .net) and international country codes (such as .us for United States, .uk for United Kingdom, .de for Germany, and .jp for Japan).)
Name at least three things to check if you experience network connectivity problems.
1. Make sure you are connected. Check to make sure the network cable is properly connected or make sure that the wireless connection is on. 2. Make sure the network interface is enabled. 3. Check local IP configuration using ipconfig. 4. Use the ping command to determine what you can reach and what you cannot reach: Ping the loopback address (127.0.0.1). Ping a local IP address. Ping a remote gateway. Ping a remote computer. 5. Identify each hop (router) between two systems using the tracert command. 6. Verify DNS configuration using the nslookup command.
Which TCP/UDP port does the DNS service use to communicate?
53 (A DNS resolver is a service that uses the DNS protocol to query for information about DNS servers using UDP and TCP port 53.)
Before Windows 2008 R2, only nine basic audit settings existed. Windows Server 2012 introduces a total of how many audit subsettings?
56 (Starting with Windows Server 2008 R2, Windows introduced advanced audit policy settings, which enable you to have more control over what events get recorded by using multiple subsettings instead of the traditional nine basic audit settings. Windows Server 2008 R2 introduced 53 subsettings; Windows Server 2012 has 56 subsettings.)
What key length is considered to be minimally strong for encryption algorithms?
80 (A key length of 80 bits is generally considered the minimum for strong security with symmetric encryption algorithms.)
What is the default port number for WSUS synchronization?
8530 (If you want to synchronize with another WSUS server, select the Synchronize from another Windows Server Update Services server option. Then specify the name of the server and the port (the default port is 8530).)
When reading events in the Event Viewer, you need to recognize the designated levels or classifications. What is the definition for the Information level?
A change in an application or component has occurred (such as an operation has successfully completed, a resource has been created, or a service started).
When reading events in the Event Viewer, you need to recognize the designated levels or classifications. What is the definition for the Critical level?
A failure has occurred from which the application or component that triggered the event cannot automatically recover.
Explain the difference between hard quota and soft quota.
A hard quote prevents users from saving files after the space limit is reached and generates notifications when the volume of data reaches the configured threshold, while a soft quota does not enforce the quota limit but generates a notification when the configured threshold is met. (Soft quotas don't enforce a limit but instead sends notification that the limit has been reached. Hard quotas prevent users from saving files when the limit has been reached. When you define the quotas, you can define either a hard quota or a soft quota. A hard quota prevents users from saving files after the space limit is reached and generates notifications when the volume of data reaches the configured threshold. A soft quota does not enforce the quota limit but generates a notification when the configured threshold is met.)
When reading events in the Event Viewer, you need to recognize the designated levels or classifications. What is the definition for the Error level?
A problem has occurred that might impact functionality that is external to the application or component that triggered the event.
If you were asked to set up a shared file area for users that prevented them from saving video files or images of any kind, what would you set up on that shared folder?
Active file screen with included and excluded file groups (A file group defines a namespace for a file screen, file screen exception, or Files by File Group storage report. It consists of a set of file name patterns grouped by files to include and files to exclude. FSRM already includes prebuilt file groups. Active screening prevents users from saving defined unauthorized files.)
By default, to which computer group are computers assigned in WSUS?
All Computers (By default, each computer is always assigned to the All Computers group.)
What kind of file is basically a snapshot of a computer's hard drive taken at a particular moment in time?
An image file is basically a snapshot of a computer's hard drive taken at a particular moment in time (Definition of image file: a snapshot of a computer's hard drive taken at a particular moment in time.)
Explain what happens in an incremental zone transfer (IXFR).
An incremental zone transfer retrieves only resource records that have changed within a zone. To determine whether a zone transfer is needed, the serial number on the secondary server is compared with the serial number of the primary server. If the primary server database is higher, then a transfer of resource records is needed. (An incremental zone transfer transfers only zone records that have changed. To determine which records need to be updated, the serial numbers from the secondary and primary DNS servers are compared. An incremental zone transfer (IXFR) retrieves only resource records that have changed within a zone. To determine whether a zone transfer is needed, the serial number on the secondary server is compared with the serial number of the primary server. If the primary server database is higher, a transfer of resource records is needed.)
When reading events in the Event Viewer, you need to recognize the designated levels or classifications. What is the definition for the Warning level?
An issue has occurred that can impact service or result in a more serious problem if action is not taken.
Match each Windows Log to the appropriate description or usage. Shows events generated by applications
Application log
Match the configuration pass with its respective function when creating and answer file with Windows SIM. OobeSystem
Applies settings to Windows before the Windows Welcome starts
Match the configuration pass with its respective function when creating and answer file with Windows SIM. OfflineServicing
Applies updates using DISM.exe
Where in a system do you configure PXE?
BIOS (PXE is configured in the in the Boot Order section of a system's BIOS.)
What critical step you should perform before applying patches or updates?
Be sure that you have a good backup. (Always be sure you have a good backup of your system and data files before you install patches so that you have a back-out plan if necessary.)
Why is BitLocker To Go an important technology to use as a standard practice?
BitLocker To Go enables users to encrypt removable USB devises, such as a flash drives and external hard disks. While BitLocker has always supported the encryption of removable drives, BitLocker To Go enables you to use the encrypted device on other computers without having to perform an involved recovery process. Because the system is not using the removable drive as a boot device, a TPM chip is not required. (Because it's for removable devices, which should always be encrypted because of how easily they're lost or stolen. A new feature in Windows 7 and Windows Server 2008 R2, BitLocker To Go enables users to encrypt removable USB devices, such as flash drives and external hard disks.)
Explain DNS aging and scavenging.
DNS aging is the process of using timestamps to track the age of dynamically registered resource records. DNS scavenging is the mechanism to remove stale resource records. (Aging is using timestamps for tracking the age of dynamically registered resource records; scavenging is removing stale resource records. To help with stale data, you can configure zone scavenging to clean up the stale records. Aging in DNS is the process of using timestamps to track the age of dynamically registered resource records. Scavenging is the mechanism to remove stale resource records.)
List the two settings that DNS scavenging depends on.
DNS scavenging depends on the following two settings: o No-refresh interval o Refresh interval ( No-refresh interval and Refresh interval DNS scavenging depends on the following two settings: No-refresh interval and Refresh interval.)
What do you need to do if you run the Reliability Monitor but it is blank?
Enable the Reliability Monitor.
If you have corrected a DNS server problem, such as renamed a system or changed its IP address, but your local system still attempts to connect to the old system, what can you do to obtain the new information from the DNS server quickly?
Execute ipconfig /flushdns. (The ipconfig /flushdns command flushes and resets the contents of the DNS client resolver cache.)
How can you force a system to update its DNS record?
Execute ipconfig /registerdns. (The ipconfig /registerdns command initiates manual dynamic registration for the DNS names and IP addresses configured on a computer. You can use this parameter to troubleshoot a failed DNS name registration or resolve a dynamic update problem between a client and the DNS server without rebooting the client computer.)
Why is choosing what to audit, instead of auditing everything that a user does, a good idea?
High levels of auditing can affect system performance. (High levels of auditing can affect the performance of the computer you audit.)
Which tool allows you to best monitor resource usage on a virtual machine host and its individual virtual machines?
Hyper-V Resource Metering
The Domain Name System (DNS) works much like a phone book to associate URLs (names) with what kinds of numbers?
IP addresses (The Domain Name System (DNS) is a naming service used by TCP/IP networks and the Internet. Every time a user accesses a web page, that user must type a URL. Before the client communicates with the web server, the client computer needs to use DNS to retrieve the IP address of the web server, similarly to someone using a phone book to find a phone number.)
How can you recover EFS encrypted files if someone leaves the company and doesn't give their passwords?
If for some reason, a person leaves the company or a person loses the original key and the encrypted files cannot be read, you can set up a data recovery agent (DRA) that can recover EFS-encrypted files for a domain. To define DRAs, you can use Active Directory group policies to configure one or more user accounts as DRAs for your organization. However, to accomplish this, you need to have an enterprise CA. (You have to set up a data recovery agent (DRA) to recover the files. If for some reason, a person leaves the company or a person loses the original key and the encrypted files cannot be read, you can set up a data recovery agent (DRA) that can recover EFS encrypted files for a domain.)
What role does preboot execution environment (PXE) play in WDS?
It's used to boot to a WDS Server to install a preinstallation environment. (To communicate with a WDS server without an operating system, the client computer must support preboot execution environment (PXE). The PXE technology boots computers using the network interface without a data storage device, such as a hard drive or an installed operating system. When PXE is used with WDS, the client computer downloads a boot image that loads Windows Preinstallation Environment (Windows PE).)
Why would auditing include logon and logoff times?
Logon and logoff times can help pinpoint who was logged on during a failure. (During critical troubleshooting episodes, knowing who, if anyone, was logged on to a system is valuable. If a user or administrator caused the outage, it's easier to remedy by reversing what was done that to continue with standard trial-and-error exercises.)
What type of audit event notifies you that an account failed to log on?
Logon/Logoff (The Audit Account Lockout event is generated by a failed attempt to log on to a locked-out account.)
Shutting down the system is an example of what kind of audit event?
Privilege Use (The Privilege Use event is generated by the use of non-sensitive privileges, such as accessing this computer from the network, adding a workstation to the domain, allowing logging on locally, changing the system time, creating a page file, and shutting down the system.)
What single performance indicator can tell you if your CPU is over capacity and needs to be replaced?
Processor Time
By using what type of policy can you track, limit, or deny a user's ability to use removable storage devices such as USB drives in Windows Server 2012?
Removable Storage Access (Organizations can limit or deny users the ability to use removable storage devices by using the Removable Storage Access policy.)
Match the configuration pass with its respective function when creating and answer file with Windows SIM. Generalize
Removes the system-specific information, such as computer name and security ID
Which DNS record contains the serial number for the zone?
SOA record (A Start of Authority (SOA) record specifies authoritative information about a DNS zone, including the primary name server, the e-mail of the domain administrator, the domain serial number, and the expiration and reload timers of the zone.)
Match each Windows Log to the appropriate description or usage. Shows invalid logins and access to audited files
Security log
What types of tasks can you add to events?
Send an email, start a program, and display a message.
Match each Windows Log to the appropriate description or usage. Contains events related to the installation of applications
Setup log
What does the acronym SMTP stand for?
Simple Mail Transfer Protocol (To send e-mail, you need to configure FSRM to use Simple Mail Transfer Protocol (SMTP) so that FSRM knows where to forward the e-mail to be delivered.)
The Reliability Monitor provides a range of numbers to help you evaluate the reliability of a computer. What is the name of this range of numbers?
Stability Index
Why is enabling secure dynamic updates a good idea?
Standard dynamic updates are not secure because any one can update a standard resource record. However, if you enable secure dynamic updates, only updates from the same computer can update a registration for a resource record. ( Secure dynamic updates prevent just anyone from being able to update a resource record. In a secure dynamic updates scenario, only the designated computer can make the updates for its records. Standard dynamic updates are not secure because anyone can update a standard resource record. However, if you enable secure dynamic updates, only updates from the same computer can update a registration for a resource record.)
What FSRM feature can you use to show the state of file server volumes, quotas, and disallowed files?
Storage Reports (To help you manage storage, you can use FSRM to generate storage reports that show the state of file server volumes and anyone who exceeds the quota or uses files that aren't allowed.)
Why are success audits as important as failure audits?
Successes allow you to track activity such as new account creation. (As an administrator, you aren't always looking for failures. Sometimes you want to measure how many successful accesses are made or how many privileged accounts are being created.)
If one of the replicated folders isn't available, what happens when a user requests a file?
The request is rerouted to another replicated folder. (As far as users are concerned, they access the DFS namespace/shared folder, and then they go to one of the replicated folders. If a replicated folder is not available, the user's request is rerouted to another replicated folder.)
BitLocker has multiple operational modes for OS drives that define the steps involved in the boot process. Match the TPM only BitLocker mode with its correct description.
The system stores the BitLocker volume encryption key on the TPM chip and accesses it automatically when the chip has determined that the boot environment is unmodified. This unlocks the protected volume and the computer continues to boot. No administrative interaction is required during the system boot sequence. (With TPM only, the system stores the BitLocker volume encryption key on the TPM chip and accesses it automatically when the chip has determined that the boot environment is unmodified. This unlocks the protected volume and the computer continues to boot. No administrative interaction is required during the system boot sequence.)
Which two role services does the WDS Role include?
Transport Server and Deployment Server (Transport Server and Deployment Server are the defined role components of WDS.)
BitLocker has multiple operational modes for OS drives that define the steps involved in the boot process. Match the TPM + startup key BitLocker mode with its correct description.
The system stores the BitLocker volume encryption key on the TPM chip, but you must insert a USB flash drive containing a startup key before the system can unlock the BitLocker volume and complete the system boot sequence. (With TPM + startup key, the system stores the BitLocker volume encryption key on the TPM chip, but you must insert a USB flash drive containing a startup key before the system can unlock the BitLocker volume and complete the system boot sequence.)
BitLocker has multiple operational modes for OS drives that define the steps involved in the boot process. Match the TPM + startup PIN + startup key BitLocker mode with its correct description.
The system stores the BitLocker volume encryption key on the TPM chip, but you must supply a personal identification number (PIN) and insert a USB flash drive containing a startup key before the system can unlock the BitLocker volume and complete the system boot sequence. (With TPM + startup PIN + startup key, the system stores the BitLocker volume encryption key on the TPM chip, but you must supply a personal identification number (PIN) and insert a USB flash drive containing a startup key before the system can unlock the BitLocker volume and complete the system boot sequence.)
What are the three types of zone transfers?
The three types of zone transfers are: • Full transfer • Incremental transfer • DNS Notify (full, incremental, and DNS Notify The three types of zone transfers are Full transfer, Incremental transfer, and DNS Notify.)
Microsoft classifies its updates into general categories. What is the definition of recommended updates?
They address non-critical problems or help enhance your computing experience. (These updates address noncritical problems or help enhance your computing experience. Although these updates do not address fundamental issues with your computer or Windows software, they can offer meaningful improvements.)
Microsoft classifies its updates into general categories. What is the definition of optional updates?
They include updates, drivers, or new software from Microsoft to enhance your computing experience. (Optional updates include updates, drivers, or new software from Microsoft to enhance your computing experience. You need to install these manually.)
Microsoft classifies its updates into general categories. What is the definition of important updates?
They offer significant benefits, such as improved security, privacy, and reliability. (These updates offer significant benefits, such as improved security, privacy, and reliability. They should be installed as they become available and can be installed automatically with Windows Update.)
Microsoft classifies its updates into general categories. What is the definition of critical updates?
They provide a broadly released fix for a specific problem addressing a critical, non-security related bug. (A critical update is a broadly released fix for a specific problem addressing a critical, non-security related bug.)
What happens to files and subfolders within an EFS encrypted folder?
They're encrypted with the parent folder.
What happens to files and subfolders within an EFS encrypted folder?
They're encrypted with the parent folder. (If you encrypt a folder, all files and subfolders created in the encrypted folder are automatically encrypted.)
Explain what the following command does: dnscmd dns1.blah.com /enumzones
This command will enable you to view the zones on a DNS server called dns1.blah.com. ( The command displays a list of zones on a DNS server. To view the zones on a DNS server called server1.contoso.com, execute the following command: dnscmd server1.contoso.com /enumzones)
You have 40 essential servers that must run the best they can at all times. What is the most efficient way to review key events on all 40 servers each day?
Use Event Viewer on one server to monitor the events on all servers. You can set up event subscriptions to collect events from remote servers and store them locally on one server. To configure an event subscription, configure the forwarding computer, configure the collecting computer, then create an event subscription.
If you install SQL Server and a third-party backup service on the same system, what rule should you follow when creating service accounts?
Use separate accounts for both services.
What is one advantage of subdomains?
What is one advantage of subdomains? (Subdomains allow you to break up larger domains into smaller, more manageable domains. For example, on contoso.com, you can create a sales subdomain and a support subdomain. When done, you will have the parent domain contoso.com and two subdomains: sales.contoso.com and support.contoso.com.)
Auditing NTFS files, NTFS folders, and printers is a two-step process. What are the two steps?
You must first enable object access using Group Policy. Then you must specify which objects you want to audit. (Enable the object in the Group Policy Editor and then specify the audit objects. Auditing NTFS files, NTFS folders, and printers is a two-step process. You must first enable object access using Group Policy, and then you must specify which objects you want to audit.)
What is the definition of a zone transfer?
Zone transfers are the complete or partial transfer of DNS data from a zone on a DNS server to another DNS server. After the initial zone transfer, the primary DNS server notifies the secondary DNS server that changes have occurred. The secondary servers then request for the records to be transferred and the changes are then replicated to all the secondary DNS servers using zone transfers. (The complete or partial transfer of DNS data from a zone on a DNS server to another DNS server Zone transfers are the complete or partial transfer of DNS data from a zone on a DNS server to another DNS server.)
If you have a server named server1.blah.com, want to use it as your web server, and have requests point to www.blah.com, what kind of DNS record would you create?
a CNAME record (The Canonical Name (CNAME) resource record is an alias for a host name. It's used to hide the implementation details of your network from the clients that connect to it, particularly if you need to make changes in the future. For example, rather than create a Host record for www.blah.com, you can create a CNAME that specifies the web server that hosts the websites for the domain.)
By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the To any server method?
allows a data transfer to any server that asks for a zone transfer (least secure) (The To any server method allows a data transfer to any server that asks for a zone transfer (least secure).)
WSUS can retrieve updates directly from Microsoft or from what other source?
another WSUS server on your network (WSUS can retrieve updates directly from Microsoft Update or from another WSUS server on your network. If you have two WSUS servers connected with a high-speed link, one server can get the updates from the Microsoft Update while the other gets them from the first server.)
What type of XML file do you need to create and add information to when performing an unattended operating system installation via WDS?
answer files (To streamline the installation process, you need to automate the Windows installation by using answer files, which provide responses to the prompts that would normally appear during the Windows installation.)
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Name Server (NS) records.
identifies a DNS server that is authoritative for a zone (The Name Server (NS) resource record identifies a DNS server that is authoritative for a zone, including the primary and secondary copies of the DNS zone. Because a zone can be hosted on multiple servers, each DNS server hosting the zone has a single record.)
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Canonical Name (CNAME) records.
identifies an alias for a host name (The Canonical Name (CNAME) resource record is an alias for a host name. It is used to hide the implementation details of your network from the clients that connect to it, particularly if you need to make changes in the future.)
Where can you view audit events?
in Security logs in Event Viewer (To view audit events, open the Security logs in the Event Viewer.)
Which command do you use to verify local DNS settings?
ipconfig /all (Used without parameters, ipconfig displays the IP address, subnet mask, and default gateway for all adapters. Executing ipconfig /all displays the full TCP/IP configuration for all adapters including host name, DNS servers, and physical address (or MAC address).)
What type of resolution model does DFS Replication use to resolve simultaneous-write conflicts?
last-writer wins (When the same file gets changed at approximately the same time on two different targets, a conflict occurs. DFS Replication uses a last-writer wins model, which determines which file it should keep and replicate.)
What is the primary advantage to enabling round-robin DNS?
load balancing (The round-robin DNS balancing mechanism distributes network load among multiple servers by rotating resource records retrieved from a DNS server.)
The Event Viewer is essentially what kind of tool?
log viewer
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Host (A and AAAA) records.
maps a domain/host name to an IP address (The most common resource records found in DNS are the Host (A and AAAA) records. The A stands for address. The A record maps a domain/host name to an IPv4 address; the AAAA record maps a domain/host name to an IPv6 address.)
If an A record maps a host name to an IP address, what does an AAAA record do?
maps a host name to a single IPv6 address (The A record maps a domain/host name to an IPv4 address; the AAAA record maps a domain/host name to an IPv6 address.)
When creating service accounts, you should follow the rule of what type of rights and permissions?
minimal
To view audit events, open the Security logs in the Event Viewer.
multi-master (By using Active Directory-integrated zones, DNS follows a multi-master model, whereas each server enables all DNS servers to have authoritative read-write copies of the DNS zone. When a change is made on one DNS server, it is replicated to the other DNS servers.)
A stub zone is a zone copy that contains only what type of records?
necessary resource entries (A stub zone is a copy of a zone that contains only necessary resource records—Start of Authority (SOA), Name Server (NS), and Address/Host (A) record—in the master zone and acts as a pointer to the authoritative name server.)
Which of the following is the proper method of starting the Windows Update service?
net start wuauserv (If you make changes and want them to take effect immediately, you need to restart the Windows Update service. To restart this service, you can use the Services console, or you can use the following command: net start wuauserv)
Which one of the following is correct for querying a PTR record?
nslookup 192.168.1.50 (The Pointer (PTR) records are used for the opposite reason of the Host records. They resolve host names from an IP address. Different from the Host record, the IP address is written in reverse.)
How do you mount a Windows image using Dism.exe so that you can update it?
offline (You can use the Deployment Image Servicing and Management (Dism.exe) command-line tool to add, remove, update, or list a Windows image's features, packages, drivers, or international settings. With Dism.exe, you can mount an image offline and then add, remove, update, or list the features, packages, drivers, or international settings stored on that image.)
Public-key cryptography uses how many keys?
two (Asymmetric key, also known as public-key cryptography, uses two mathematically related keys.)
Which of the following is the most efficient method of using WDS on a very large network?
unattended installation using PXE boot (If you have hundreds of installations, the easiest and quickest way to install all the computers the same way is to perform an unattended installation, in which you boot the computer and it automatically starts and completes the installation.)
Encryption is the process of converting data into what kind of format?
unreadable (Encryption is the process of converting data into a format that cannot be read by another user.)
What is the primary difference between domain-based namespace and stand-alone namespace?
where the namespaces are stored (With domain-based namespaces, the configuration is stored in Active Directory, which means that you don't have to rely on a single server to provide the namespace information to your clients.)