PRG2110 Windows Server Final Exam Question Bank
What are the Main (DNS) record types?
.ns .srv
How many Domain Naming Masters are there in a forest?
1
How many schema masters are in a forest?
1
How many Infrastructure Masters are in a Forest?
1 per Domain
How many PDC emulators are in a forest?
1 per Domain
How many RID Masters are there in a forest?
1 per domain
What are the characteristics of Kerberos?
1. It is secure: it never sends a password unless it is encrypted. 2. Only a single login is required per session. Credentials defined at login are then passed between resources without the need for additional logins. 3. The concept depends on a trusted third party - a Key Distribution Center (KDC). The KDC is aware of all systems in the network and is trusted by all of them. 4. It performs mutual authentication, where a client proves its identity to a server and a server proves its identity to the client.
What is the purpose of the .ns record?
A Name Server record is used to delegate a subdomain to a set of name servers.
What is performed by a TGS?
A client that wishes to use a service has to receive a ticket - a time-limited cryptographic message - giving it access to the server. Kerberos also requires an Authentication Server (AS) to verify clients. The two servers combined make up a KDC.
What is a Security Account Manager?
A database present on servers running Windows Server that stores user accounts and security descriptors for users on the local computer.
What is represented by each triangle on the topography diagram?
A domain (there are 6 in this example)
What is represented by the circle in the topography diagram?
A forest
What is Kerberos?
A network authentication protocol designed to provide strong authentication for client/server applications by using secret-key cryptography.
What is a tree?
A tree is a collection of one or more domains and domain trees in a contiguous namespace, linked in a transitive trust hierarchy.
What database are you accessing when logging on to Active Directory?
AD Database
What program performs the roles of a Key Distribution System?
Active Directory
What type of programs can expand a tree?
Active Directory Aware programs
What is meant by the acronym AS?
Authentication Server
What are the components of a Kerberos Key Distribution Center?
Authentication Server (AS) Ticket-granting Server (TGS) Computer database
1-3. Which Windows Server 2012/R2 edition allows installing unlimited virtual instances?
Datacenter Edition
What is meant by the acronym DIT?
Directory Information Tree
What type of data base is used in an X.500 DIT?
Distributed Database
A windows Active Directory forest is a ________ that forms a single _____________.
Distributed database, X.500 DIT
What is meant by the acronym DC?
Domain Controller
Windows Domains host their portion of the DIT on a server call a __________________
Domain Controller
What is the meaning of the acronym DNS?
Domain Name System
What must be online when domains and application partitions in a forest are added or removed?
Domain Naming Master
Trees are a collection of _______ that share a ____________.
Domains, Contiguous Namespace
What is the meaning of the acronym DHCP?
Dynamic Host Configuration Protocol
3-5. You can convert a Server Core installation to a Minimal Server Interface installation but not vice versa. True or False?
False
What is meant by the Acronym FSMO?
Flexible Single-Master Operations
FSMO Roles are divided into ______ and ______ roles
Forest-wide, Domain-wide
What updates cross-domain references and phantoms from the global catalog
Infrastructure Master
What type of authentication is used to login to Active Directory?
Kerberos
What is meant by the acronym KDC?
Key Distribution Center
What is the meaning of the acronym NTLM?
NT Lan Manager
What type of authentication is used to login to a local machine?
NTLM
What is the meaning of the acronym NAT?
Network Address Translation protocol
What is the meaning of the acronym NAS?
Network-attached storage
What option should you use when restoring an Active Directory to ensure deleted items are restored?
Perform an authoritative restoration
What is meant by the acronym PDC?
Primary Domain Controller
What must be online 24 hours per day, seven days a week and if offline will make users unable to log-in?
Primary Domain Controller
What are Domain-wide roles?
Primary Domain Controller, RID Master, and Infrastructure Master
What must be online for newly promoted domain controllers to obtain a local RID pool that is required to advertise or when existing domain controllers have to update their current or standby RID pool allocation
RID Master
What is meant by the acronym RID?
Relative ID
What must be online when schema updates are performed?
Schema Master
What are Forest-wide roles?
Schema Master, Domain Naming Master
What database are you accessing when logging on to a local machine?
Security Account Manager
What is the meaning of the acronym SAM?
Security Account Manager
What is the purpose of a .srv record?
Service locator which contains a generalized service location record. It is used for newer protocols instead of creating protocol-specific records such as Mail exchange record (MX).
What is the minimum information you must back up to restore Active Directory?
System State data
What is meant by two triangles at the same level on the topography diagram?
The top of a tree (there are 2 trees in this diagram)
What is the meaning of the acronym TGS?
Ticket-Granting Server
8-10. Objects in an OU with the Block Inheritance option set are affected by a domain-linked GPO with the Enforced option set. True or False?
True
What is meant by a line with arrows at both ends on the topography diagram?
Two-way
What qualities are represented in the topography diagram?
Two-way and Transitive
What is a site?
Well-connected network defined by IP subnets that help define the physical structure of Active Directory.
3-7. Which option can you add to the Install-WindowsFeature command that shows you what the results would be but doesn't actually perform the installation task? a. -WhatIf b. -TestOnly c. -ShowResults d. -NoInstall
a. -WhatIf
9-6. Which IP address expressed in CIDR notation has the subnet mask 255.255.255.0? a. 10.100.44.123/24 b. 172.16.88.222/16 c. 192.168.100.1/26 d. 172.29.111.201/18
a. 10.100.44.123/24
7-7. Which of the following is a built-in user account? (Choose all that apply.) a. Administrator b. Operator c. Anonymous d. Guest
a. Administrator d. Guest
11-10. You have four printers that are accessed via their IP addresses. You want to be able to use DHCP to assign addresses to the printers but you want to make sure they always have the same address. What's the best option? a. Create reservations b. Create exclusions c. Configure filters d. Configure policies
a. Create reservations
2-16. Which of the following is the default setting for Windows Update after you first turn on automatic updates? a. Download and install updates automatically. b. Download but do not install updates. c. Inform when updates are available but do not download updates. d. Download updates but let me choose whether to install them.
a. Download and install updates automatically.
12-6. A virtual switch with the host's physical NIC bound to the Hyper-V Extensible Virtual Switch protocol is called which of the following? a. External virtual switch b. Private virtual switch c. Hosted virtual switch d. Internal virtual switch
a. External virtual switch
7-17. Which of the following is a valid group scope? (Choose all that apply.) a. Global b. Domain local c. Forest d. Domain global
a. Global b. Domain local
10-1. Which of the following best describes DNS? (Choose all that apply.) a. Hierarchical database b. Flat database c. Monolithic database d. Distributed database
a. Hierarchical database d. Distributed database
12-21. You created a VM and installed Windows Server 2008 R2 over the network, using PXE boot. When you start the VM, it doesn't attempt to boot from the network. What should you do? a. Install a legacy virtual network adapter. b. Configure the VM as a generation 2 VM. c. Install a synthetic virtual network adapter. d. Enable PXE boot in the VM's BIOS settings.
a. Install a legacy virtual network adapter.
8-25. Which type of connection security rule should you configure if you want to prevent computers in your domain from connecting to computers outside the domain? a. Isolation b. Authentication exemption c. Server-to-server d. Tunnel
a. Isolation
7-6. Which of the following is a user account category? (Choose all that apply.) a. Local b. Global c. Domain d. Universal
a. Local c. Domain
3-8. Which features must be installed to convert a server from Server Core to the full GUI? (Choose all that apply.) a. Server-GUI-Shell b. Server-MMC-Enable c. Server-Full-Interface d. Server-GUI-Mgmt-Infra
a. Server-GUI-Shell d. Server-GUI-Mgmt-Infra
3-1. Which of the following is a task you should perform before installing roles and features? (Choose all that apply.) a. Set a strong Administrator password. b. Read the Windows Server 2012 user manual. c. Configure static IP addresses. d. Make sure security updates are current.
a. Set a strong Administrator password. c. Configure static IP addresses. d. Make sure security updates are current.
11-6 Which of the following is a required element of a DHCP scope? (Choose all that apply.) a. Subnet mask b. Scope name c. Router address d. Lease duration
a. Subnet mask b. Scope name d. Lease duration
7-10. Which of the following account options can't be set together? (Choose all that apply.) a. User must change password at next logon. b. Store password using reversible encryption. c. Password never expires. d. Account is disabled.
a. User must change password at next logon. c. Password never expires.
2-15. Which command do you use to restart Server Core? a. shutdown /r /t 0 b. restart /t 0 c. net stop /r /t 0 d. net computer /reset /t 0
a. shutdown /r /t 0
9-23. How many bits are in the interface ID of an IPv6 address? a. 32 b. 64 c. 16 d. 48
b. 64
6-6. Which of the following is not associated with an Active Directory tree? a. A group of domains b. A container object that can be linked to a GPO c. A common naming structure d. Parent and child domains
b. A container object that can be linked to a GPO
1-24. If you want to provide users with secure network transactions that verify the identity of sender and receiver with a digital certificate, which role should you consider installing? a. Active Directory Federation Services b. Active Directory Certificate Services c. Active Directory Rights Management Services d. Active Directory Lightweight Directory Services
b. Active Directory Certificate Services
10-4. A resource record containing an alias for another record is which of the following record types? a. A b. CNAME c. NS d. PTR
b. CNAME
9-2. You have just typed the commands ipconfig /flushdns and ping server1. Which of the following protocols is used first as a result of these commands? a. TCP b. DNS c. ICMP d. DHCP
b. DNS
1-16. Which of the following server roles resolves names of Internet computers? a. Active Directory Domain Services b. DNS Server c. DHCP Server d. Remote Access e. Hyper-V
b. DNS Server
11-9. What should you define in a scope to prevent the DHCP server from leasing addresses that are already assigned to devices statically? a. Reservation scope b. Exclusion range c. Deny filters d. DHCP policy
b. Exclusion range
3-3. Which command shows a list of installed roles and features? a. Installed-WindowsFeature -Show b. Get-WindowsFeature | where Installed c. List-InstalledFeature d. Show-Features .if. Installed
b. Get-WindowsFeature | where Installed
12-9. You have three VMs that must communicate with one another and with the host computer but not be able to access the physical network directly. What type of virtual network should you create? a. Private b. Internal c. Hosted d. External
b. Internal
1-4. Which of the following is true of Windows Server 2012/R2 Essentials Edition? a. It can't be installed as a virtual machine. b. It's configured as a root domain controller by default. c. Licensing is limited to 15 users. d. It supports up to four physical processors.
b. It's configured as a root domain controller by default.
7-1. Which of the following is true about organizational units? (Choose all that apply.) a. OUs can be added to an object's DACL. b. OUs can be nested. c. A group policy can be linked to an OU. d. Only members of Domain Administrators can work with OUs.
b. OUs can be nested. c. A group policy can be linked to an OU.
6-15. Which of the following specifies what types of actions a user can perform on a computer or network? a. Attributes b. Rights c. Permissions d. Classes
b. Rights
9-1. Which of the following is needed if a computer with the IP address 172.31.210.10/24 wants to communicate with a computer with the IP address 172.31.209.122/24? a. Hub b. Router c. Switch d. Server
b. Router
9-15. You have just changed the IP address on a computer named computer5 in your domain from 172.31.1.10/24 to 172.31.1.110/24. You were communicating with this computer from your workstation fine right before you changed the address. Now when you try the command ping computer5 from your workstation, you don't get a successful reply. Other computers on the network aren't having a problem communicating with the computer. Which command might help solve the problem? a. arp -d b. ipconfig /flushdns c. tracert computer5 d. ping -6 172.31.1.110
b. ipconfig /flushdns
11-7. What's the default lease duration on a Windows DHCP server? a. 8 hours b. 16 minutes c. 8 days d. 16 hours
c. 8 days
7-22. A domain user logging on to the domain becomes a member of which special identity group? a. Creator Owner b. System c. Authenticated Users d. Anonymous Logon
c. Authenticated Users
11-5. After you install the DHCP Server role on a member server, what must you do before the server can begin providing DHCP services? a. Configure options. b. Activate the server. c. Authorize the server. d. Create a filter.
c. Authorize the server.
12-3. What type of virtualization environment are you most likely to use for server virtualization in data centers? (Choose all that apply.) a. Hosted virtualization b. Type 2 hypervisor c. Bare-metal virtualization d. Type 1 hypervisor
c. Bare-metal virtualization d. Type 1 hypervisor
10-20. Which is the correct order in which a DNS client tries to resolve a name? a. Cache, DNS server, Hosts file b. Hosts file, cache, DNS server c. Cache, Hosts file, DNS server d. DNS server, cache, Hosts file
c. Cache, Hosts file, DNS server
6-7. Which of the following is not part of Active Directory's logical structure? a. Tree b. Forest c. DC d. OU
c. DC
6-12. Which of the following is the core logical structure container in Active Directory? a. Forest b. OU c. Domain d. Site
c. Domain
6-20. Which is responsible for management of adding, removing, and renaming domains in a forest? a. Schema master b. Infrastructure master c. Domain naming master d. RID master
c. Domain naming master
1-20. Which of the following roles should you install if you want to create and manage virtual machines? a. Network Policy and Access Services b. Server Manager c. Hyper-V d. DHCP Server
c. Hyper-V
8-2. Where is a GPT stored? a. In a folder named the same as the GPO in the SYSVOL share b. In a folder named the same as the GUID of the GPO in Active Directory c. In a folder named the same as the GUID of the GPO in the SYSVOL share d. In a folder named the same as the GPO in Active Directory
c. In a folder named the same as the GUID of the GPO in the SYSVOL share
11-16. You want mobile devices on your network to have a shorter lease time than other devices without having a different scope. You don't have detailed information about the mobile devices, such as MAC addresses, because they are employees' personal devices. What DHCP feature might you use to assign a shorter lease to these mobile devices? a. Reservation options b. Scope options c. Policy options d. Filter options
c. Policy options
6-4. Which of the following is a component of Active Directory's physical structure? a. Organizational units b. Domains c. Sites d. Folders
c. Sites
8-15. What Group Policy feature should you use if you have a policy linked to an OU that contains computer accounts but want the policy to affect only computers running Windows 7? You don't know exactly which computer accounts represent the computers running Windows 7. a. Disabling inheritance b. Policy enforcement c. WMI filtering d. Security filtering
c. WMI filtering
3-2. Which of the following is true about installing roles and features in Windows Server 2012/R2? a. You can't install a server role by using the command line. b. All server role installations require a server restart. c. You can install more than one role at a time. d. Server roles can be installed only on online drives.
c. You can install more than one role at a time.
10-2. Which of the following accurately represents an FQDN? a. host.top-level-domain.subdomain.domain b. domain.host.top-level-domain c. host.subdomain.domain.top-level-domain d. host.domain.top-level-domain.subdomain
c. host.subdomain.domain.top-level-domain
2-19. Which command should you use in Windows Server 2012 Server Core to perform menu-based configuration tasks? a. netsh.exe b. smigdeploy.exe c. sconfig d. command.com
c. sconfig
9-4. Which command should you use to determine whether there's a bottleneck between your computer and a computer on another network? a. ipconfig b. ping c. tracert d. route
c. tracert
11-17. You have DHCP clients on the network that aren't domain members. You want to be sure these computers can register their hostnames with your DNS servers. Which option should you configure? a. 003 Router b. 044 WINS/NBNS Servers c. 006 DNS Servers d. 015 DNS Domain name
d. 015 DNS Domain name
12-1. Which of the following is described as a partial copy of a VM made at a particular moment? a. Virtual instance b. Differencing disk c. Hypervisor d. Checkpoint
d. Checkpoint
9-8. You have just finished a default installation of Windows Server 2012. You know that TCP/IP is installed. How does the server get assigned an IP address? a. TCP b. DNS c. ARP d. DHCP
d. DHCP
3-16. Which cmdlet shows a list of services related to Hyper-V? a. List-Services Hyper-V -all b. Show-Service -ServiceType Hyper* c. Get-Help Service Hyper-V d. Get-Service -DisplayName Hy*
d. Get-Service -DisplayName Hy*
2-21. If you want to see a list of available roles and features, which command should you use? a. sconfig b. Show-WindowsRoles c. dism.exe d. Get-WindowsFeature
d. Get-WindowsFeature
8-8. Which of the following represents the correct order in which GPOs are applied to an object that falls within the GPO's scope? a. Site, domain, OU, local GPOs b. Local GPOs, domain, site, OU c. Domain, site, OU, local GPOs d. Local GPOs, site, domain, OU
d. Local GPOs, site, domain, OU
6-13. Which of the following defines the types of objects in Active Directory? a. GPOs b. Attribute values c. Schema attributes d. Schema classes
d. Schema classes
3-12. What must be running to allow you to manage a server remotely with PowerShell? a. Windows Firewall b. LBFO c. Telnet d. WinRM
d. WinRM
9-3. Which command should you use with a dual-homed server to make sure the server sends packets out the correct interface? a. ipconfig b. ping c. tracert d. route
d. route
What PowerShell command is used to update a group policy?
gpupdate
What command is used to lookup the name of another computer?
nslookup followed by the IP address
What command is used to lookup the IP address of another computer?
nslookup followed by the name of the computer
A Windows Schema defines Active Directory _____, from predefined __________.
objects. attributes
