study guide 4-6 window server 2019

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Get-PrintJob

obtains a list of the documents located in the print queue

Get-PrinterDriver

provides a list of printers installed on a computer

-able to configure 3 permissions that apply to HPLaserJet_6MP printer apply to HPLaserJet_6MP printer:-print-manage this printer (equivalent to manage printers permission)-manage docs

security tab

print jobs that exceed print device storage need to be divided into

smaller parts and sent to a print device sequentially.

can be configured to limit the space that users can consume within the file system

user quotas

Deploy with Group Policy window

where you can select an existing Group Policy and whether to add the shared printer to user or computer objects that receive the group policy.

Tabs within the printer properties

• Sharing • Ports • Advanced • Security • Device Settings

Azure AD allows you to define two different types of groups (2)

- Security groups (manage member and computer access to shared resources for a group of users)- Office 365 groups (lets you give people outside of your organization access to the group)

Which of the following commands issued at the fsmo maintenance prompt wouldsuccessfully seize the role of an Operations Master Holder? (Select all that apply) a. seize schema master b. seize global master c. seize PDC d. seize domain control

A c

Group Policy Object (GPO)

A list of settings that administrators use to configure user and computer operating environments remotely through Active Directory.

Group Policy Object (GPO)

A set of rules that allow an administrator granular control over the configuration of objects in Active Directory (AD), including user accounts, operating systems, applications, and other AD objects.

Group Policy Object (GPO)

A set of user and computer configuration settings that are applied to multiple objects within an Active Directory domain.

What is the key benefit to using ADAC or the active directory users and computers console?

ADAC allows you to modify the properties of multiple users or multiple computers at once

What Active Directory directory partition holds the DNS database?

Application directory partition

The Azure AD directory includes the tenant's users, groups, and apps and is used to perform Identity & Access management functions for tenant resources.

Azure AD directory

Which of the following tools can be used to encrypt a folder?

Cipher.exe

Which Active Directory partitions are replicated to all domain controllers in the Active Directory forest? (Choose all that apply.)

Configuration Partition Schema partition

You want to ensure that all users in the Development OU have a common set of network communication security settings applied.Which action should you take?

Create a GPO computer policy for the computers in the Development OU.

You manage an Active Directory domain. All users in the domain have a standard set of internet options configured by a GPO linked to the domain. But you want users in the Administrators OU to have a different set of Internet options.What should you do?

Create a GPO user policy for the Administrators OU.

What switch parameter is applicable with cipher.exe to remove the encryption on a protected file?

D

For servers within an AD domain, DFS can automatically replicate data between multiple namespace targets.

DFS Replication

Which of these groups is not related to security and cannot have permissions assigned to it? Universal groups Global groups Domain local groups Distribution groups

Distribution groups

This keeps track of all the domains in the forest. If it failed, then it would be impossible to create or to remove any domains within the forest.

Domain Naming Master

Which FSMO role adds new domains to and removes existing domains from the forest.

Domain Naming Master

Group Policy Object (GPO)

Enables network administrators to define multiple rights and permissions to entire sets of users all at one time.

With universal group membership caching, how often is the cached information on group membership refreshed?​

Every 8 hours

What does FSMO stand for?

Flexible Single Master Operation

NTFS permissions: Full Control Write Read Read and Execute List folder contents Modify Change

Full Control Write Read Read and Execute List folder contents Modify

Share permissions: Full Control Write Read Read and Execute List folder contents Modify Change

Full Control, Read, Change

When a PostScript-formatted document is sent to a non-PostScript printer, if you do not have ____ enabled, the printer might print tens or hundreds of pages with a single control code on each page.

Hold mismatched documents

Which of the FSMO roles ideally should not be on a Global Catalog server?

Infrastructure Master

The printer memory is usually automatically detected in bidirectional printers, but if it is not, you can specify the amount of memory in the Printer Memory option under ____.

Installable Options

print server

Installs print management tool

The active directory database can contain an unlimited number of objects ands can be accesses quickly using

Lightweight Directory Access Protocol (LDAP)

Group Policy Objects (GPO) are applied in which of the following orders?

Local group policy, GPO linked to site, GPO linked to domain, GPO linked to Organizational Unit highest to lowest.

In the ____ data type, the print processor checks the print file for a form feed as the last character set, before appending a form feed at the end.

NOT RAW (FF appended)

Try not to deny any ______________. Instead, move the file/folder to a different location and assign the permissions to that new location.

NTFS permissions

Which of the following features must you install on a Windows print client in order to print to a shared printer using SMB?

None of the above

How many infrastructure master roles are there for each AD partition?

One for each.

You are ready to upgrade to a domain functional level of Windows Server 2012 R2. Which of the following methods is the most recommended?

Perform a clean install of a new domain controller and retirement of old domain controllers.

A ____ is one that has special firmware or cartridges to print using a page-description language (PDL).

PostScript printer

In the ____ data type, the FF is a form-feed code placed at the end of the print file.

RAW (FF appended)

FSMO roles cant be placed on a ____

RODC

Which NTFS permission allows you to navigate through restricted folders to reach other files and folders?

Read + execute

An additional domain controller for a domain that hosts read-only partitions of the Active Directory database?

Read-Only Domain Controller

results in a much larger file within the spool folder compared to the original is called

Rendering

The following table describes additional functions or roles that domain controllers can have.

Replica domain controller Global Catalog Operations Master Roles

Windows client operating systems have the ability to add locally attached or network-attached printers, as well as share them to other computers on the network using

SMB

print job is sent from the print client to the print server across the network using the correct protocol SMB, IPP, or LPD

SMB, IPP, or LPD

must specify the print server that is sharing the printer, as well as the name of the

Shared printer

The process of converting a document to EMF or XPS format and storing it within a spool folder is called

Spooling or queuing

This method starts by granting Allow permissions and then grant Deny permissions

Subtractive Method

you can configure the times that a printer is available to users, the printer priority, the printer driver, and spooling

The advanced tab

An organization can have more than one Azure AD directory. (true/false)

True

NTFS user quotas are not enabled on each filesystem by default

True

To configure, you first must have defined two or more folder targets. You need to decide which server is to be the primary group member (should be the server containing shared folders and files that are most current)

Using DFS Replication

What is the minimum domain functional level to support read-only domain controllers?

Windows Server 2008

What is the minimum domain functional level to support compound authentication and Kerberos armoring?

Windows Server 2012

rendering process merely adds any printer-specific features to the

XPS-formatted document

Where are you most likely to see a Read-Only Domain Controller (RODC)? a. In a small network instead of in an enterprise b. In an enterprise network c. In a remote site d. In the place of a standard domain controller

c

By default, linking a GPO to a container causes all the users and computers in that container to receive the GPO settings. How can you modify the default permission assignments so that only certain users and computers receive the permissions and, consequently, the settings in the GPO?

d. You apply security filtering in the Group Policy Management console.

specifying a value within the Location text box allows users to search for the printer by

location or keyword

What are the three types of users in Azure AD ?

* cloud identities (cloud only users) * syncronized users * guest users

Active Directory administration snap-ins consist of four different MMC consoles:

-Active Directory Users and Computers-Active Directory Sites and Services -Active Directory Domains and Trusts-Active Directory Schema -Active Directory Users and Computers-Active Directory Sites and Services -Active Directory Domains and Trusts-Active Directory Schema

Which of the following statements about permissions are true? a. ACLs are composed of ACEs. b. All permissions are stored as part of the protected resource. c. Basic permissions are composed of advanced permissions. d. All of the above.

-All of the above.

Installing additional domain controllers in an existing domain is important for the following reasons:

-Doing so adds fault tolerance and load balancing to the domain. In other words, additional domain controllers help share the load and improve performance.-Users logging on to the domain can connect to any available domain controller for authentication.-Users at a remote location can connect to a domain controller at their site rather than making a slow connection across a WAN link.-If a domain controller should become unavailable because of a network or hardware failure, users can still log on to the domain.

File encryption

-Files remain encrypted and inaccessible even when the drive is moved to another computer or if another operating system is used. This is because the encryption keys needed to decrypt the file do not exist on these other systems.-Encryption cannot be used together with compression (you can use either, but not both).

Give a brief description of the NTFS/ReFS folder and file permission types seen below:

1) Full control - users can read, add, executer, modify files, change permissions and attributes, take ownership. 2) Modify - users can read, add, delete, execute, and modify files; cannot change permissions or take ownership. 3) Implies the capabilities of both List folder contents and Read 4) Can list files in folder or switch to subfolder, though, cannot view file contents 5) Can view file contents as well as file and folder attributes and permissions 6) Write - Can create files, write to files, append data to files, create folders, and modify folder and file attributes; cannot delete files

To configure a printer pool, you enabled printer pooling on the ports tab under printer properties. You have five print devices ready for the printer pool. Of the five, four are in one room. Of the four, three use the same print driver. Of those three, two print devices are identical. How many print devices are in your printer pool?

3

Which of the following are types of user accounts in Windows Server 2016? (Choosetwo answers) a. local and domain b. domain and group c. authenticated and unauthorized d. shared and unique

A

Which of the following is the PowerShell cmdlet that installs a domain controller to thedomain "adatum.com"? a. Install-AddsForest -DomainName "adatum.com" b. Install-AddsDomainController -DomainName "adatum.com" c. Install-AddsDomain -DomainName "adatum.com" d. Install-WindowsFeature -DomainName "adatum.com"

A

Which of the following is the PowerShell cmdlet used to create user objects? a. New-ADUser b. CSVDE.exe c. LFIFDE.exe d. Dsadd.exe

A

You do not place the infrastructure master on a global catalog server unless whichof the following exists? a. You have a single domain .b. You have Windows NT 4.0 systems to support. c. You have multiple schemas .d. Your AD DS is Windows 2008 or higher.

A

Why must an RODC be able to connect to at least one Windows Server 2008 orhigher domain controller? (Choose all that apply) a. To replicate the domain partition b. To replicate the global catalog partition c. So that the Password Replication Policy (PRP) applied to the RODC can beconfigured and enforced d. So that the SYSVOL folder can be replicated using Distributed File System

A C

You are promoting a Windows Server 2016 computer to an Active Directory domain controller for test purposes. The new domain controller will be added to an existing domain. While you are using the Active Directory Installation Wizard, you receive an error message that prevents the server from being promoted. Which of the following might be the cause of the problem? (Choose all that apply.) A. The system does not contain an NTFS partition on which the Sysvol directory can be created. B. You do not have a Windows Server 2016 DNS server on the network. C. The TCP/IP configuration on the new server is incorrect. D. The domain has reached its maximum number of domain controllers.

A. The system does not contain an NTFS partition on which the Sysvol directory can be created. C. The TCP/IP configuration on the new server is incorrect.

What utility do you use to update the domain functional level?

Active Directory Domains and Trusts

Which of the following is the global catalog? a. The schema that lists what objects and attributes exist in the AD DS forest b. An index of all AD DS objects in a forest c. A list of all domain controllers currently available d. A matrix of all domains, sites, and domain controllers

B

Which NTFS permission allows you to take ownership of a folder on an NTFS volume?

Full control

To simplify the addition of printers on client computers within your organization, you can use Group Policy

Group Policy to automatically add SMB shared printers to computers that are joined to the domain, provided that the appropriate printer drivers for the computers are installed on the print server

Faustino is the system administrator at an organization that has offices in multiple locations. The domain controllers in each location are within location-specific sites to improve Active Directory replication. Faustino notices performance issues in the Active Directory replication across sites. Which of the following measures can Faustino use to improve the performance?

He change the bridgehead server to one with a faster network interface.

Which statement is true regarding application of GPO settings?

If a setting is defined in the Local Group Policy on the computer and not defined in the GPO linked to the OU, the setting is applied.

Custom filters let you design a filter to

Include, exclude, or modify data

What is the use of the New-ADReplicationSite Windows PowerShell cmdlet?

It can be used to create a new site object.

You wish to configure a Windows Server 2019 print server using the Print Management tool to share printers using SMB and LPD. What components must you select when installing the Print and Document Service server role? (Choose all that apply.)

Print Server & LPD Service

network-attached print devices within organizations are configured to only accept print jobs from a

Print server

If an administrator creates a domain tree in an Active Directory forest, and then creates a separate and different domain tree, what is the relationship between the two domain trees?

Same security entity as one Active Directory forest, bidirectional trust between domain trees

Of the default groups created when Active Directory is installed, what are the types of those groups? Distribution groups Security groups Domain groups All the above

Security groups

Which of the following is NOT a group scope? Universal groups Global groups Domain local groups Security groups

Security groups

In what way are security groups different from distribution groups?

Security groups can be used to provide access to resources, while distribution groups are only used for email communication.

You can allow groups and users the ability to view or configure the print server, manage print jobs or printer settings for printers on the print server, as well as submit print jobs to printers on the print server.

Security tab

protocol used to print documents to shared printers hosted on Windows print servers. As with SMB shared folders, you can use a UNC to connect to a SMB shared printer using either

Server name or ip address

Which of the following is NOT a problem with using shared accounts on a system? Shared account users might not know about password changes. Shared accounts are sometimes used as service accounts. Shared account users can become less security conscious. It is difficult to determine who might have breached a system.

Shared accounts are sometimes used as service accounts.

The ____ tab is used to enable or disable a printer for sharing as well as to specify the name of the share.

Sharing

To prevent print jobs being interrupted by a one-page print job on the print device

Start printing after last page is spooled; this ensures that pages of a print job are sent to the print device only after all pages within the print job have finished spooling. T

Which service is a faster replacement for the Windows Indexing Service that is available on Windows Server 2019? Common Internet File System The Windows Search Service Windows Run A discretionary access control list

The Windows Search Service

Allow permissions are cumulative. Deny permissions override Allow permissions.Explicit permissions take precedence over inherited permissions

The combination of Allow permissions and Deny permissions for each security principal

Nora is a data scientist and works with programs that routinely acquire a lot of data. After data analysis, she stores the raw data for future use. However, she does not want the Windows Search Service to include the data files every time she performs a search function. ​ Which of the following attributes should Nora deactivate to exclude the data files from searches?

The index attribute

To remove Active Directory from a domain controller, what action must you take before demoting the domain controller?

To remove Active Directory from a domain controller, you must open Server Manager, click the Manage menu, and then select Remove Roles and Features and uncheck the Active Directory Domain Services role. You then have the option to demote the domain controller.

You can connect a Windows AD server to Azure AD to extend your directory into Azure. (true/false)

True

A system administrator wants to give NTFS folder permission to a project manager so that the manager can add or remove the read-only, hidden, archive, index, compress, and encrypt attributes. Which of the following permissions should the administrator give to the project manager?

Write extended attributes

Which of the following occurs when you encrypt a file using EFS within a domain environment? (Choose all that apply.)

b. A copy of the symmetric encryption key is stored within the file metadata and asymmetrically encrypted with your public keyc. A symmetric encryption key is generated and used to encrypt the file contents d. A copy of the symmetric encryption key is stored within the file metadata and asymmetrically encrypted with recovery agent's public key

Printers Not Ready custom filter

cannot complete the print process and provides the status of the printer within the Queue Status column

To provide security for folders and files on these filesystems, you should understand how to.

configure permissions and ownership

Active Directory Partitions

domain, configuration, and schema

After you specify the location of an SMB, IPP, or LPD shared printer within the Add Printer wizard and click Next, the printer driver will be

downloaded from the hidden PRINT$ share on the print server

By default, the owner of a resource, the local Administrator user account (within a workgroup), and members of the Domain Admins group (within a domain) can change

folder and file ownership

Printing to a Shared Printer While network-attached print devices are common within organizations today, they have limited storage for print jobs and are not designed to

handle simultaneous print jobs from large numbers of computers.

Which of the following formats can be used to print to a shared printer using IPP?

http://servername/printers/sharedprintername/.printer

Get-PrintConfiguration

obtains a printer's configuration information

log on events are caused by

passive screening

Inheritance of permissions

permissions assigned to a parent folder are applied down to subfolders and files unless it is blocked (blocking permissions is NOT recommended)

A(n) ____ is like a stack of print jobs, with the first job submitted at the top of the stack and the last job submitted at the bottom, and all of the jobs waiting to be sent from the spooler to the printer.

print queue

Custom filters

quickly check the status of printers, in order to identify any problems

when changes are made to Active Directory, those changes usually take place on a single domain controller. Those changes then have to be

replicated out to other domain controllers.

net stop spooler and net start spooler MS-DOS commands

restart the Print Spooler service.

What are the objects that only exist on the forest root domain?

schema master role, domain naming master role; enterprise admin group, schema admins

In the Windows environment, a ____ is a group of DLLs, information files, and programs that processes print jobs for printing.

spooler

the printer driver for the print device is not available on the print server for your operating system, the Add Printer wizard will prompt you

• Modify the default printer name • Share the printer to other computers • Print a test page


Ensembles d'études connexes

Ch 2.3 - How successful were attempts to improve international relations from 1924-29?

View Set

Pharmacology medical surgical drugs (final hesi) evolve

View Set

Chapter_4_Network Protocols and Services

View Set

Chapter 37: Epidemiology and Public Health Microbiology, Ch. 37 Epidemiology and Public Health Microbiology

View Set

Computer Fundamentals: Module 6: Security and Safety

View Set

MB105 Ch14 Understanding Financial Statements

View Set