Win Admin Ch 6-9

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

On a Windows Server 2016, what is the default CRL publication interval?

1 week

By default, for how long are deleted objects stored within the Active Directory database before they are removed entirely

180 Days

Which of the following is the company whose users are accessing resources from another company?

Account partner

Which feature was first introduced with Windows Server 2012 R2, and are new Active Directory containers to which authentication policies can be applied to restrict where high-privilege user accounts can be used in the domain?

Authentication Policy silos

Select below the FSMO role that is a forest-wide FSMO role

Domain naming master

Group conversion facilitates migrating user accounts from one domain to another.

False

If your domain includes Windows Server 2003 or older DCs, it's using DFSR to replicate SYSVOL.

False

The intermediate CA is the most critical and is the server typically configured for offline operation.

False

Which type of CA in the three-level hierarchy is sometimes referred to as a policy CA and issues certificates to issuing CAs?

Intermediate

For intrasite replication, what component builds a replication topology for DCs in a site and establishes replication partners?

KCC

You have a number of Cisco routers and switches that you wish to secure using IPsec. You want IPsec authentication to use digital certificates. You already have a PKI in place using Certificate Services on Windows Server 2016. What should you install to secure your devices?

NDES role service

Which of the following contains a list of users and specifies what the users can do with a rights-protected document?

Publishing license

What is the name of a domain controller on which changes can't be written?

Read only domain controller

What feature should you enable to prevent the sIDHistory attribute from being used to falsely gain administrative privileges in a trusting forest?

SID filtering

What folder contains group policy templates, logon/logoff scripts, and DFS synchronization data?

SYSVOL

Which of the following is a self-signed certificate and identifies the AD RMS cluster?

Server licensor certificate

What type of key is used in symmetric cryptography, must be known by both parties, and is used for both encryption and decryption?

Shared secret

Before you configure a forest trust, what should you configure to ensure you can contact the forest root of both forests from both forests?

Stub zones

During garbage collection, what setting controls how long deleted objects remain within the database before such objects are completely removed?

Tombstone lifetime

A Web Application Proxy server needs two NICS installed to function correctly.

True

A delegated installation allows a domain administrator to create the RODC computer account in Active Directory, so a that a regular user can perform the installation at a later time.

True

AD FS is designed to work over the public Internet with a Web browser interface.

True

Adding a subdomain is a common reason for expanding an Active Directory forest.

True

Authentication efficiency, replication efficiency, and application efficiency are the three main reasons for establishing multiple sites.

True

Before you can install a DC running a newer Windows Server version in an existing forest with a lower functional level, you must prepare existing DCs with the adprep.exe command-line program,

True

Device registration is a feature that allows non domain-joined devices to access claims-based resources securely.

True

Intrasite replication occurs between bridgehead servers.

True

Multi-factor authentication means users must authenticate with more than one device.

True

Remote Desktop Gateway applications are a convenient way for organizations to make applications available to users without having to install the application on every user's computer.

True

The PowerShell cmdlet "Restore-CARoleService" restores the CA database and all private key data.

True

The repadmin /replicate command causes replication of a specified partition from one DC to another.

True

Users can request certificates that aren't configured for autoenrollment by using the Certificates snap-in.

True

When a full backup or system state backup is performed on a CA server, the certificate store is backed up along with other data.

True

You run a PKI that has issued tens of thousands of certificates to hundreds of thousands of clients. You have found that the traffic created when clients download the CRL is becoming excessive. What can you do to reduce the traffic caused by clients downloading the CRL?

Use a Delta CRL

Which of the following is true about the domain functional level?

You can have different functional levels within the forest

What are are conditions that determine what attributes are required in a claim and how claims are processed by the federation server?

claim rules

Which of the following manages adding, removing, and renaming domains in the forest?

domain naming master

Which option will allow private keys to be locked away and then restored if the user's private key is lost?

key archival

Which option below is not one of the three main methods for cleaning up metadata

wbsadmin.exe


Ensembles d'études connexes

Chapter 34 Caring for the Special Needs Child

View Set

Ricci, Kyle & Carman: Maternity and Pediatric Nursing, Second Edition: Chapter 15: Postpartum Adaptations; PrepU

View Set

Development, Sensation, and Perception

View Set

Chapter 21: Drugs Treating Parkinson Disease and Other Movement Disorders

View Set

AP Calc BC Chapter 6 Practice Problems

View Set