Microsoft 70-410 Chapter 11-18

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following items is a valid leaf object in Active Directory?

User

What is the maximum length for a fully qualified domain name, including the trailing period?

255 Characters

Which of the following would be the correct FQDN for a resource record in a reverse lookup zone if the computer's IP address is 10.75.143.88?

88.143.75.1.in-addr.arpa

Which of the following best describes the function of a starter GPO?

A starter GPO functions as a template for the creation of new GPOs.

The IPv6 DNS host record is referred to as a(n):

AAAA Record

What is a key benefit to using ADAC or the Active Directory Users and Computers console?

ADAC allows you to modify the properties of multiple users or multiple computers at once.

Which of the following types of files do Group Policy tools access from a Central Store by default?

ADMX

What two graphical tools will help create either user or computer objects?

Active Directory Administrative Center and Active Directory Users and Computer

What is the simplest way for administrators to upgrade their Active Directory Domain Services (AD DS) infrastructure to Windows Server 2012 R2?

Add a new Windows Server 2012 R2 server to your existing Directory Services installation

Which of the following are the two built-in user accounts created automatically on a computer running Windows Server 2012 R2?

Administrator & Guest

What is the purpose of the Audit Policy section of a Local Group Policy objects (GPO)?

Administrators can log successful and failed security events, such as loss of data, account access, and object access.

Which of the following is not true about an object's attributes?

Admins must manually supply information for certain attributes Every container object has, as an attribute, a list of all the other objects it contains Leaf objects do not contain attributes

What client applications utilize Domain Name System (DNS) to resolve host names into IP addresses?

All Internet applications working with host names must use DNS to resolve host names into IP addresses

At which layer of the OSI model does DHCP operate?

Application Layer

What are the three primary event logs?

Application, Security, and System

What are the key benefits of security templates?

Apply consistent, scalable, and reproducible security settings throughout an enterprise.

How are most Group Policy settings applied or reapplied?

At the refresh interval

A DNS server that hosts a primary or secondary zone containing a particular record can issue the following response to a query for the record:

Authoritative Answer

What are some best practices when creating internal DNS namespaces

Avoid an excessive number of domain levels

What is the key difference between groups and Organizational Units (OUs)?

Because groups are independent from domain structure, its members may be located anywhere in the domain or outside the domain

What is the primary means by which people access resources on an Active Directory Domain Service (AD DS) network?

By having a user account

This DNS configuration item will forward DNS queries to different servers based on the domain name of the query.

Conditional Forwarder

Installing Windows Server 2012 Active Directory Domain Services (AD DS) installs two default policies: Default Domain Policy and Default Domain Controller Policy. As an administrator, you need different policy settings than the default. What is the best approach to make those changes?

Create new GPOs to augment or override the existing default settings.

Which of the following DHCP message types is sent first in process of obtaining an address lease?

DHCPDISCOVER

Which of the following message types is not used during a successful DHCP address assignment?

DHCPINFORM

You are planning an Active Directory implementation for a company that currently has sales, accounting, and marketing departments. All department heads want to manage their own users and resources in Active Directory. What feature will permit you to set up Active Directory to allow each manager to manage his or her own container but not any other containers?

Delegation of Control

Your DHCP servers are burdened with heavy traffic, most related to IP address renewals. Unfortunately, virtually all the IP addresses in each of your subnets are allocated. Which of the following options is the best way to lower the renewal traffic?

Deploy additional DHCP servers on the most burdened subets

After you create a GPO that contains computer or user settings, but not both, what can you do for faster GPO processing?

Disable the setting area that is not configured.

What command-line utility allows administrators to modify groups' type and scope as well as add or remove members?

Dsmod.exe

Select the best reasons for using organizational units (OUs)?

Duplicating organizational divisions, assigning Group Policy settings, and delegating administration

What is the first domain installed in a new Active Directory forest called?

Forest Root Domain

Which of the following does an Active Directory client use to locate objects in another domain?

Global Catalog

What is the primary difference between universal groups and global groups in Windows Server 2012 R2?

Global groups use less data in the global catalog. So, in considering replication traffic, universal groups should be within a site.

Which of the following group scope modifications are not permitted? (Choose all answers that are correct.)

Global to Domain Local

Which of the following tools would you use to deploy the settings in a security template to all of the computers in an Active Directory Domain Services domain?

Group Policy Management console

What is an important difference between groups and organizational units (OUs)?

Group memberships are independent of the domain's tree structure

Generally, how do groups differ from OUs?

Groups are security principals, meaning you assign access permissions to a resource based on membership to a group. OUs are for organization and for assigning Group Policy settings.

When using CSVDE, what is the first line of the text file that uses proper attribute names?

Header Record

When using Netdom.exe to join an account, you may add the parameter [/OU:OUDN]. If this parameter is left out, where is the object placed?

In the Computers Container

You are preparing to deploy Windows 8 to a large number of new workstations. Which of the following options would be best?

Install Windows 8 using Pre-Boot Execution Environment (PXE) and Windows Deployment Services (WDS)

What can be used to add, delete, or modify objects in Active Directory, in addition to modifying the schema if necessary?

LDIFDE

What is the order in which Windows systems receive and process multiple GPOs?

LSDOU (local, site, domain, and then OU)

What are the two basic classes of Active Directory objects?

Leaf & Container

What are the different types of Group Policy objects (GPOs)?

Local, domain, and starter

An Active Directory functional level must be low enough to ensure interoperability between domain controllers running different versions of Windows Server. How does the functional level affect the AD forest?

Lower functional level means fewer features available

The following is a hexadecimal address that is uniquely associated with a specific Network Interface Card (NIC)

MAC

Which of the following types of DHCP address allocation is the equivalent of a reservation in Windows Server 2012 R2

Manual Allocation

Who may join a computer to the domain?

Members of the computer's local Administrators group may join the computer to the domain

What is the primary purpose of name caching?

Name caching enables the second name resolution request for the same name to bypass the referral process

Which of the following is not a type of user account that can be configured in Windows Server 2012 R2?

Network Accounts

What is the PowerShell cmdlet syntax for creating a new computer object

New-ADComputer -Name <computer name> -path <distinguished name>

What is the PowerShell cmdlet syntax for creating a new user account?

New-ADUser

Which of the following is a container object within Active Directory?

OU

You are attempting to delete a global security group in the Active Directory Users and Computers console, and the console will not let you complete the task. Which of the following could possibly be causes for the failure? (Choose all answers that are correct.)

One of the group's members has the group set as its primary group. You do not have the proper permissions for the container in which the group is located.

Which of the following cannot contain multiple Active Directory domains?

Organizational Units

What is the best approach for planning a security template strategy?

Plan according to the needs of computer roles, but not individual computers.

What is the primary benefit of a DNA forwarder

Reducing the traffic and making efficient use of available bandwidth across the network perimeter

Which of the following is not one of the elements of the Domain Name System (DNS)?

Relay Agents

Which of the following network components are typically capable of functioning as DHCP relay agents?

Routers & Windows Server 2012 R2 Computers

What is required by DNS for Active Directory to function?

SRV Records Support

The following feature is available only on Active Directory-integrated DNS zones:

Secure Dynamic Updates

Which of the following techniques can you use to apply GPO settings to a specific group of users in an OU?

Security Filtering

Which of the following tools would you use to modify the settings in a security template?

Security Templates snap-in

What differences matter most in creating a single user versus multiple users?

Single user creation is often done from the graphical user interface (GUI), whereas creating multiple users typically requires using command-line tools.

Group Policy settings are divided into two subcategories: User Configuration and Computer Configuration. Each of these two settings are further organized into three subnodes. What are the three subnodes?

Software Settings, Windows Settings, and Administrative Templates

What are the dangerous consequences of a poorly chosen Time To Live (TTL)?

Specifying a TTL that is too short can overburden root name and top-level domain servers with requests

The following is an administrative grouping of scopes that is used to support multiple logical subnets on a single network segment:

Superscope

A DHCP client first attempts to reacquire its lease at half the lease time, which is known as

T1

To make use of Pre-boot Execution Environment (PXE) and Windows Deployment Services (WDS), what special configuration do you require on the server and client?

The DHCP server on the network must have a custom PXEClient option (option 60) configured with the location of the WDS server on the network

When multiple GPOs are linked to a container, which GPO in the list has the highest priority?

The first

If creating a local GPO, then a secondary GPO, then a tertiary GPO, what policy settings are included in each GPO?

The first GPO contains both Computer Configuration and User Configuration settings, whereas the secondary and tertiary GPOs contain only User Configuration settings.

When you apply a GPO with a value of Not Configured for a particular setting to a system on which that same setting is disabled, what is the result?

The setting remains disabled.

What are the different kinds of groups?

There are two types: security and distribution, and three group scopes: domain local, global, and universal.

One method a Dynamic Host Configuration Protocol (DHCP) server allocates IP addresses is called manual allocation. This process involves manually assigning an IP address to a particular server. What is the key benefit of DHCP manual allocation over manually configuring the address directly on the server?

This process prevent accidental duplication of permanently assigned IP Addresses

What is the primary reason for creating different sites on an Active Directory network?

To control the amount of traffic passing over the relatively slow and expensive WAN links between locations

Which of the following is not a correct reason for creating an OU?

To create a permanent container that cannot be moved or renamed

What is the default trust relationship between domains in one forest?

Two-way trust relationship between domain trees

Universal Which of the following groups do you use to consolidate groups and accounts that either span multiple domains or the entire forest?

Universal

What did Microsoft introduce in Windows Server 2012 R2 to ensure users with administrative privileges still operate routine tasks as standard users?

User Account Control (UAC)

What are the two interfaces available for creating and managing user accounts in Windows Server 2012 R2?

User Accounts control panel and the Local Users and Groups snap-in for MMC

What are the two interfaces for creating and managing local user accounts for a computer joined to the domain?

User Accounts control panel and the Local Users and Groups snap-in for MMC

The built-in local groups on a server running Windows Server 2012 receive their special capabilities through which of the following mechanisms?

User rights

Which of the following local GPOs takes precedence on a system with multiple local GPOs?

User-specific Group Policy

Which of the following are local groups to which you can add users with the Windows Control Panel?

Users & Administrators

In a domain running at the Windows Server 2012 domain functional level, which of the following security principals can members of a global group? (Choose all answers that are correct.)

Users, Computers, & Global Groups

Group Policies applied to parent containers are inherited by all child containers and objects. What are the ways you can alter inheritance?

Using the Enforce, Block Policy Inheritance, or Loopback settings.

What servers should not be DHCP Clients?

Web servers, DHCP servers, and Domain Controllers

When would you need to create a user account through the Control Panel?

When you join a computer to an Active Directory Domain Services (AD DS) domain, you can create only new local user accounts with the Local Users and Groups snap-in. Control Panel is while the computer is not a member of an AD DS domain.

Are typical, authenticated users able to create computer objects in an Active Directory?

Yes, by default, users who are successfully authenticated to Active Directory are permitted to join up to ten workstations to the domain, thus creating up to 10 associated computer objects.

You are an administrator in a mixed environment of Windows Server 2012, Server 2008 R2 and desktops running Vista. You need different settings for users, based on their identities. Can you achieve this through multiple local GPOs?

Yes, this is achievable through support by all OSs, regardless of whether standalone or whether members of an AD DS domain.

Is it possible to add AD DS on a computer running Server Core?

Yes, you use pwoershell, by first installing AD DS role, and then promoting the server to a DC

By default, linking a GPO to a container causes all the users and computers in that container to receive the GPO settings. How can you modify the default permission assignments so that only certain users and computers receive the permissions and, consequently, the settings in the GPO?

You apply security filtering in the Group Policy Management console.

After configuring and deploying the Audit Directory Service Access policy, what must you do before a computer running Windows Server 2012 begins logging Active Directory access attempts?

You must wait for the audit policy settings to propagate to all of the domain controllers on the network.

Data from a primary zone is transmitted to secondary zone using the following:

Zone Transfer

If the user named Amy is located in the sales OU of the central.cohowinery.com domain, what is the correct syntax for referencing this user in a command line utility?

cn=amy,ou=sales,dc=central,dc=cohowinery,dc=com

In the fully qualified domain name www.sales.contoso.com, which of the following is the second-level domain?

contoso

Which of the following utilities do you use to perform an offline domain join?

djoin

Local GPOs are stored ______, whereas Domain GPOs are stored _____.

on the local computer; in Active Directory


Ensembles d'études connexes

teddy roosevelt, woodrow wilson, william howard taft

View Set

Lesson 17 A Managing Security Settings// Browser Security // Workstations security// Workstation Security Issues

View Set

Ch.7 Consumer Behavior and Utility Maximization

View Set

PSYC-101 Quiz 5 (Chapters 8 and 10) *

View Set

Old Testament Chapter Quizes 24-44

View Set

Business Logistics Chapter 10+11 Exam

View Set

Economics chapter 3 Demand and Supply

View Set

Political Science, Ch 3 (Marone)

View Set

Chapter 17 - Endocrine Learn Smart

View Set

Sadness and Depression, Anger, Stress and Anxiety

View Set