CIT 211 Chapter 4 Questions
What is the use of the New-ADReplicationSite Windows PowerShell cmdlet? a. It can be used configure the replication settings within a site link object. b. It can be used to create a new site object. c. It can be used to change the bridgehead server in a site. d. It can be used to launch the Active Directory Sites and Services tool.
b. It can be used to create a new site object.
Faustino is the system administrator at an organization that has offices in multiple locations. The domain controllers in each location are within location-specific sites to improve Active Directory replication. Faustino notices performance issues in the Active Directory replication across sites. Which of the following measures can Faustino use to improve the performance? a. He can restrict the number of domain controllers to one per site. b. He can increase the number of domain controllers to spread the replication load. c. He change the bridgehead server to one with a faster network interface. d. He can use SMTP instead of IP to improve performance.
c. He change the bridgehead server to one with a faster network interface.
After an RODC gets stolen along with a few other computers, Shania, the system administrator, resets the computer accounts of the stolen computers that were cached on the RODC. She accomplishes this task by using the Reset all passwords for computer accounts that were cached on this Read-only Domain Controller option. Which of the following is true of this scenario? a. The stolen computers can rejoin the domain after resetting their passwords. b. Any computers that were not stolen will need to rejoin the domain. c. Shania does not need to delete the stolen RODC computer account if the other computer accounts are reset. d. The Active Directory database on the stolen RODC is deleted automatically.
b. Any computers that were not stolen will need to rejoin the domain.
Which of the following statements regarding a domain functional level is accurate? a. Unlike forest functional levels, you can revert to a previous domain functional level after it has been raised. b. It represents the oldest Windows Server version that can be used on a domain controller. c. A server containing Windows Server 2016 cannot run on a domain at the Windows Server 2019 functional level. d. It applies to domain controllers, clients, and other servers that are present in the domain.
b. It represents the oldest Windows Server version that can be used on a domain controller.
Ahmad, a system administrator in an organization, is setting up new Active Directory domains for the Marketing and Sales teams in the organization. Previously, all the marketing and sales employees worked as a single team. Recently, the employees in these teams were reorganized into two separate teams. He is setting up Active Directory domains on Windows 2019 Server to reflect the organizational structure. What is the minimum number of domain controllers that Ahmad should add to the Marketing domain? a. Zero b. One c. Two d. Three
c. Two
Alfons recently received a promotion to lead a team of 35 software engineers, testers, and business analysts. When he needs to send an email or meeting invite to his team, he realizes that he must type out the email IDs for all his team members. He approaches Priyanka from the IT team to help him make this process easier and more efficient. Which of the following features of Active Directory can Priyanka use to provide a solution? a. Universal Group Membership Caching b. User Principle Name c. Selective authentication d. Distribution groups
d. Distribution groups
Which of the following organizations should consider using Azure Active Directory? a. An organization that subscribes to Office 365 services b. An organization that has a substantially onsite workforce c. An organization that uses IIS as a web server d. An organization that deploys Internet accessible services, such as FTP or DNS
a. An organization that subscribes to Office 365 services
Which of the following statements about directory partitions is true? a. Changes to a domain partition on a domain controller are only replicated to domain controllers within the same domain. b. The largest section of the Active Directory database is the configuration partition. c. Schema partitions store the structure and layout of the forest, including the names of each domain and their trust relationships. d. If any change is made to a configuration partition, the change is also replicated in the schema partition.
a. Changes to a domain partition on a domain controller are only replicated to domain controllers within the same domain.
Kettle Inc. from Florida merges with Blue Clu Networks from Minneapolis. Minisha, a system administrator, is granted the responsibility of configuring Active Directory across both locations to enable users from both locations to access common resources. If Minisha is able to accomplish this task successfully, which of the following must be true? a. Minisha is a member of the Enterprise Admins group in both organizations. b. Minisha is a member of the Domain Admins group in both organizations. c. Minisha has run the following command: Get-ADForest | select SchemaMaster,DomainNamingMaster. d. Minisha has run the following command: Set-ADDomainMode -Identity domainX.com -DomainMode Windows2012R2Domain.
a. Minisha is a member of the Enterprise Admins group in both organizations.
Raven is adding FSMO roles to domain controllers in the domain1.com forest. The forest contains a single domain and three domain controllers, DC1, DC2, and DC3. DC1 contains a copy of the global catalog, and all three domain controllers have the latest version of Windows Server 2019 installed. Which of the following is a best practice that Raven should follow? a. She should create the Domain Naming Master role on DC1. b. She should use DC2 or DC3 as the Domain Naming Master. c. She does not need to create the Domain Master role because DC1 contains a copy of the global catalog. d. She should create three Domain Naming Master roles, one for each domain controller.
a. She should create the Domain Naming Master role on DC1.
If a site cannot hold a copy of the global catalog, which of the following features can be enabled on the site to provide fast authentication? a. Universal Group Membership Caching b. Flexible Single Master Operations c. Role seizure d. User Principle Name
a. Universal Group Membership Caching
Anahira is the system administrator at an organization that has offices in two different locations, New York and Sao Paulo. She decides to create sites for each location, NewYorkSite and SaoPauloSite, to improve Active Directory replication. Once she creates the sites, she associates NewYorkSite with the IP address 10.1.0.0/16. Which of the following is true of this scenario? a. When new domain controllers are added to this network, they will be added to NewYorkSite by default. b. Assigning an IP address to a site indicates that domain controllers within this site contain the global catalog. c. Anahira will not be able to install or use Simple Mail Transfer Protocol (SMTP) to perform Active Directory replication. d. This restricts the creation of bridgehead servers, and only NewYorkSite will contain bridgehead servers.
a. When new domain controllers are added to this network, they will be added to NewYorkSite by default.
Sanya, an IT administrator for an organization, installs a new application on 150 computers used by programmers in the organization. She does this with a few clicks only for this specific set of users without impacting the rest of the organization. Which of the following features of Active Directory is exemplified by Sanya's actions in this scenario? a. A member server b. Group Policy c. A standalone server d. Access Control List
b. Group Policy
Hiroshi is the system administrator at an organization that has offices spread across three locations, Boston, London, and Paris. The organization has an Active Directory domain, domainA.com, with two domain controllers in each location for the marketing business unit. The company expanded recently and added over 3000 new users across these locations. Hiroshi notices that this surge in users is causing Internet congestion because of the Active Directory replication. What is a cost-effective method of dealing with this issue? a. Hiroshi should create separate domains for each location to avoid the need for replication. b. Hiroshi should create site objects and specify timed intervals for replication using site link objects. c. Hiroshi should reduce the number of domain controllers to just one per physical location. d. Hiroshi should remove all domain controllers and have only one domain controller for the domain.
b. Hiroshi should create site objects and specify timed intervals for replication using site link objects.
Latanya, a system administrator, is creating computer objects. She uses the Active Directory Users and Computers tool instead of the Active Directory Administrative Center. What is the most likely reason for not using the Active Directory Administrative Center? a. It does not support features introduced within Windows Server 2008 R2 and later functional levels. b. It uses a minimal color interface that is similar to the one provided by Server Manager. c. It can only be used to manage OU, user, group, and computer objects, but not to create these objects. d. It is a command line tool similar to Windows PowerShell that requires the use of cmdlets.
b. It uses a minimal color interface that is similar to the one provided by Server Manager.
Arpita is adding FSMO roles to domain controllers in the domainG.com forest. The forest contains other domains. domainG.com contains two domain controllers, DC1 and DC2. DC1 contains a copy of the global catalog. Which of the following is a best practice that Arpita should follow? a. She should create the Domain Naming Master role on DC2. b. She should create the Infrastructure Master role on DC1. c. She does not need to create the Domain Master role because DC1 contains a copy of the global catalog. d. She does not need to create the Infrastructure Master role because the forest contains multiple domains.
b. She should create the Infrastructure Master role on DC1.
You are the system administrator at an organization. Most of the servers in your organization, including domain controllers, are running Windows Server 2012 and above. Some servers, excluding domain controllers, are running Windows Server 2008 R2. Most of the clients are running Windows 10, but a few systems are running Windows 7. You have been tasked with improving the security measures of the Active Directory forest by restricting malicious access to Active Directory. You decide to use Privilege Access Management. What should you do next? a. Update the clients that are running Windows 7 to Windows 10 b. Update the servers running Windows Server 2008 R2 to Windows Server 2019 c. Update all the domain controllers running Windows Sever 2012 to Windows Server 2016 d. Revert the domain functional level of each domain in the forest to Windows Server 2016
c. Update all the domain controllers running Windows Sever 2012 to Windows Server 2016
You are the system administrator tasked with raising the domain functional level of domainA.com from Windows Server 2008 to Windows Server 2012 R2. First, you upgrade the domain controllers running Windows Server 2008 to Windows Server 2012 R2. Which of the following commands must you run next in Windows PowerShell to complete your task? a. Set-ADForestMode -Identity domainA.com -ForestMode Windows2012R2Domain b. Get-ADDomain | select PDCEmulator,RIDMaster,InfrastructureMaster c. netdom.exe d. Set-ADDomainMode -Identity domainA.com -DomainMode Windows2012R2Domain
d. Set-ADDomainMode -Identity domainA.com -DomainMode Windows2012R2Domain