Server Unit Ch 3&6 quiz

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which server role below cannot be installed on a domain controller that will be cloned?

DHCP

What policy is a GPO linked to the domain controllers OU and specifies the default policy settings for all domain controllers?

Default Domain Controllers Policy

What are two flexible single master operation (FSMO) roles? (Choose all that apply.)

Domain Wide and Forest Wide

T or F A managed service account(MSA) enables admins to manage rights and permissions for services but with strict manual password management policies

False

T or F A site bridge is needed to connect tow or more sites for replication

False

T or F Active directory metadata describes the actual AD data, not the AD database

False

T or F Intrasite replication occurs between bridgehead servers

False

T or F Keberos policies, found in a GPO, control settings related to a user authentication and logon

False

T or F The GPO policy defines which objects a GPO affects

False

T or F The logical components of AD are forest , domains and sites

False

T or F When a client wants to connect to a service, it finds the service based solely on the instance name

False

T or F. By default, subnets are created in active directory sites and services

False

In order to increase security of data stored on an RODC, what can be configured to specify domain objects that aren't replicated to RODCs?

Filtered attribute sets

Which FSMO role is responsible for ensuring that changes made to object names within one domain are updated in references to those object in other domains?

Infrastructure master

What type of replication schema does AD use to synchronize copies of most information in the AD database

Jffnfnfn\

What specific authentication protocol used in Windows domain environment to authenticate logons and grant accounts access to domain resources?

Keberos

What component of Kerberos is responsible for storing keys for encrypting and decrypting data in the authentication process?

Key distribution center

What specific tool allows you to create GPO's, view a GPO settings, link and unlink GPO's with contains and manage the inheritance settings of GPO's?

Ktrkggkg

Which of the following options are valid configuration options in the Kerberos delegation tab

-Trust this user for delegation to any service -Trust this user for delegation to any specified service only -Do not trust this user for delegation

How often do garbage collections run on a DC?

12 hours

Select the account lockout policy item that determines how many failed logins can occur on an account before the account is locked

Account lockout threshold

Select below the FSMO role that is a forest-wide FSMO role

Domain naming master

Which of the following manages adding, removing and renaming domains In the forest

Domain naming master

With universal group membership caching, how often is the cached information on group membership refreshed ?

Every 8 hours

By default, for how long are deleted objects stored within the active directory database before they are removed entirely?

180 Days

What option limits the delegation to specific services running on specific computers?

Constrained delegation

Once Active Directory has been installed, a default site link is created. What Is the name of this site link?

DEFAULTIPSITELINK

Select the FSMO role that is required to be online to facilitate the addition or removal of a domain controller

Domain Naming Master

What type of account provides the same function as managed service accounts but can be managed across multiple servers as in a server farm or load-balancing arrangement?

Group Managed Service Account

When a client computer wants to connect to a service instance, what name name type does it use to find the service?

Hdhjdjd

What holds the log activity of active directory transactions or changes?

Hhffnnfnfjf

By default, replication between DCs when no changes have occurred is scheduled to happen how often?

Once per hour

What Active Directory object enables an administrator to configure password settings for users or groups that are different from those defined in a GPO linked to the domain?

Password settings object

What active directory object enables an administrator to configure password settings for users or groups that are different from those defined in a GPO linked in the domain

Password settings object

What configuration tool must be used to create and manage MSA's

PowerShell

What configuration must be used to create and MSA's

Powershell

Which type of ticket below is requested by an account when it wants to access a network resource such as a shared folder?

Service ticket

Select the RODC installation type where the domain administrator creates the RODC computer account in Active Directory and then a regular user can perform the installation at a later time.

Staged Installation

Using the default settings, if a computer clock differs more thank more than 5 times a kerbos message tie snap what happens?

The kerbos message is considered invalid

If using virtual accounts to access network, how are permissions added to a network resource to allow the virtual account access?

The resource must have proper permissions set for ComputerName$, where ComputerName is the name of the computer attempting to access the resource.​

​Approximately 42 days after a service was configured to use a normal user account, the service has stopped working and refuses to run. An administrator has verified that the account still exists on the domain. Assuming default domain policy settings, what could be the issue?

The user account password expired

How is a computer's designated site determined, such that the computer is give a domain controller to request services from within the same site?

Through subnets added to the site

T or F A service account is a user account that windows services use to log on to a computer or domain with a specific set of rights and permissions

True

T or F Account policies are set in the local security policy mmc on computers that aren't domain members

True

T or F Account policies set In the GPO's linked to an containing computer account affects only local user accounts defined in the computers SAM database

True

T or F Authentication efficiency, replication efficiency, and application efficiency are the three main reasons for establishing multiple sites

True

T or F Before you can install RODC, the forest must functional level must be atleast windows server 2003

True

Which of the following tools allow you to create a password setting object?

jfjffjfjf

the RID master FSMO role is ideally placed on the same server as what other role

pdc emulater

By default, the maximum tolerance for computer check synchronization is set to what value?

5 Minutes

By default, what is the maximum period during which a TGT can be renewed?

7 days

What assigned value represents the bandwidth of the connection between sites?

Cost

What setting specifies how long a service ticket can be used before a new ticket must be requested to access the resources for which the ticket was granted?

Maximum lifetime for service ticket

Within the NTDS folder, which file stores the main Active Directory database?

Ntds.dit

What is the name of the domain controller which changes can be written

Read only Domain Controller

An administrator has attempted to change the forest functional level, but the attempts failed due to the failure of an FSMO role. Which FSMO role should be investigated?

Schema Master

An administrator has attempted to change the forest functional level, but the attempt failed due to the failure of an FSMO role. Which FSMO role should be investigated?

Schema master

Select the term that is recorded of the time message is sent and is used in the kerbors to determine a messages validity and prevents replay attack?

Timestamp

During garbage collection, what setting controls how long deleted objects remain within the database before such objects are completely removed?

Tombstone lifetime

T or F. The default domain policy is linked to the domain object and specifies settings that affect all users and computers in the domain.

True

Which option is not one of the three main methods for cleaning up metadata?

Wbsadnin.exe

For automatic SPN support, what must the domain functional level be?

Windows server 2008 R2 or higher

An administrator has received a call indication that some users are having difficulty logging on after a password change. Which FSMO role should be investigated?

PDC Emulator

Timestamps within keberos are used to help guard against what type of attack?

Replay attack

What is used to identify all objects in a domain

SID

What folder contains group policy templates, logon/logoff scripts and DFS synchronization data?

SYSVOL

A delegated installation allows a domain administrator to create a RODC computer account in AD so that a regular user can perform the installation at a later time

True

T or F A domain controller clone is a replica of an existing DC

True

T or F Mutual authentication means that the identity of both parties is verified

True

T or F. An AD snapshot is a replica of the AD database at a specific moment

True

What DC is responsible for ensuring that changes made to the objects name in one domain are updated in the references to these objects in other domains

ffnfjfjnv


Set pelajaran terkait

Chapter 9 Cellular Respiration & Fermentation

View Set

Displacing the Plains Indians (unit 2, lesson 3)

View Set

Masculino y Femenino (Gender of Nouns)

View Set

EXAM 1 - Strategic Marketing Planning

View Set