CSEC-246: 3.01 Reading Exam Study Set.

Ace your homework & exams now with Quizwiz!

A tree can consist of a single domain or a parent domain and child domains, which cannot have child domains of their own. True False

False

Hub and spoke, Half mesh, and Full mesh are all valid replication topologies for DFS replication True False

False

Intrasite replication takes place between DCs in two or more sites. True False

False

The intermediate CA is the most critical and is the server typically configured for offline operation. True False

False

The logical components of Active Directory are forests, domains, and sites. True False

False

With separate domains, stricter resource control and administrative permissions are more difficult. True False

False

For intrasite replication, what component builds a replication topology for DCs in a site and establishes replication partners? a. KCC b. Kerberos c. PDC d. Site link

a. KCC

What is the name of a domain controller on which changes can't be written? a. Read only domain controller b. Access only domain controller c. No write domain controller d. Secured domain controller

a. Read only domain controller

What is used to identify all objects in a domain? a. SID b. RID c. DIR d. PDC

a. SID

An administrator has attempted to change the forest functional level, but the attempt failed due to the failure of an FSMO role. Which FSMO role should be investigated? a. Schema master b. RID master c. PDC emulator d. Infrastructure master

a. Schema master

During garbage collection, what setting controls how long deleted objects remain within the database before such objects are completely removed? a. Tombstone lifetime b. Object expiry date c. Remove by date d. Purge lifetime

a. Tombstone lifetime

What feature in the Windows file system allows users to see only files and folders in a File Explorer window or in a list of files from the dir command to which they have been given at least read permission? a. access-based enumeration b. content information c. content enumeration d. remote access

a. access-based enumeration

What assigned value represents the bandwidth of the connection between sites? a. cost b. site c. metric d. log

a. cost

What type of replication scheme does Active Directory use to synchronize copies of most information in the Active Directory database? a. multimaster b. flexible single master c. domain-wide d. single master

a. multimaster

Select the RODC installation type where the domain administrator creates the RODC computer account in Active Directory, and then a regular user can perform the installation at a later time. a. staged installation b. deferred installation c. selected installation d. default RODC installation

a. staged installation

If you configure the issuance requirements for a certificate issued from a template so that more than one signature is required before a certificate can be issued, which of the following is true? a. The certificate is added to the CRL b. Autoenrollment is disabled c. Certificate enrollment is disabled d. Certificate enrollment is automatic

b. Autoenrollment is disabled

Once Active Directory has been installed, a default site link is created. What is the name of this site link? a. FIRSTSITE b. DEFAULTIPSITELINK c. IPSITECONTAINER d. ADSITEHOLDER

b. DEFAULTIPSITELINK

What Active Directory replication method is more efficient and reliable? a. SYSVOL Replication b. Distributed File System Replication c. File Replication Service d. AD File System Replication

b. Distributed File System Replication

You have a network with three sites named SiteA, SiteB, and SiteC that are assigned the subnets 10.1.0.0/16, 10.2.0.0/16, and 10.3.0.0/16, respectively. You change the IP address of a domain controller in SiteB to 10.1.100.250/16. What should you do now? a. Add the 10.1.0.0/16 subnet to SiteB and then force the replication topology to be recalculated. b. Move the computer object of the domain controller in Active Directory Sites and Services to SiteA. c. Move the computer object in Active Directory Users and Computers to a new OU. d. Right-click the computer object and click Check Replication Topology.

b. Move the computer object of the domain controller in Active Directory Sites and Services to SiteA.

Why might it be a good idea to configure multiple domains in a forest? a. Easier access to resources b. Need for differing account policies c. Access to Universal groups d. You need multiple schemas

b. Need for differing account policies

The RID master FSMO role is ideally placed on the same server as what other role? a. Infrastructure master b. PDC emulator c. Schema master d. Domain naming master

b. PDC emulator

What features should you configure if you want to limit access to resources by users in a trusted forest, regardless of permission settings on these resources? a. Trust transitivity b. Selective authentication c. SID filtering d. Fine-grained password policies

b. Selective authentication

What type of certificate enrollment issues certificates that users can use to log on to a system by entering a PIN? a. Web enrollment b. Smart card enrollment c. Certificates MMC d. Autoenrollment

b. Smart card enrollment

If an employee leaves a company, what should happen to any certificates held by that employee that was issued by the company's PKI? a. They should be included in the CDP b. They should be put on the CRL c. They should be forwarded to the AIA d. They should be added to the OR

b. They should be put on the CRL

Which option below is not one of the three main methods for cleaning up metadata? a. Active Directory Users and Computers b. wbsadmin.exe c. Active Directory Sites and Services d. ntdsutil.exe

b. wbsadmin.exe

How often does garbage collection run on a DC? a. 18 hours b. 2 hours c. 6 hours d. 12 hours

d. 12 hours

What is created automatically by the KCC and allows the configuration of replication between sites? a. Bridgehead server b. Site link bridge c. Site link d. Connection object

d. Connection object

Which of the following is true about the domain functional level? a. All DCs and member servers must be running the Windows version that supports the functional level b. You must raise the functional level on all DCs c. The domain and forest functional level must be the same d. You can have different functional levels within the forest

d. You can have different functional levels within the forest

On a Windows Server 2016, what is the default CRL publication interval? a. 1 week b. 1 month c. 1 year d. 1 day

a. 1 week

By default, for how long are deleted objects stored within the Active Directory database before they are removed entirely? a. 180 days b. 120 days c. 160 days d. 60 days

a. 180 days

What is the default capacity of the Staging folder? a. 4 GB b. 1 GB c. 2 GB d. 3 GB

a. 4 GB

Select the FSMO role that is required to be online to facilitate the addition or removal of a domain controller: a. Domain naming master b. Schema master c. PDC emulator d. RID master

a. Domain naming master

A delegated installation allows a domain administrator to create the RODC computer account in Active Directory, so a that a regular user can perform the installation at a later time. True False

True

A domain controller clone is a replica of an existing DC. True False

True

Adding a subdomain is a common reason for expanding an Active Directory forest. True False

True

An Active Directory snapshot is a replica of the Active Directory database at a specific moment. True False

True

Before you can install an RODC, the forest functional level must be at least Windows Server 2003. True False

True

There's only one global catalog per forest. True False

True

When a full backup or system state backup is performed on a CA server, the certificate store is backed up along with other data. True False

True

What are the two flexible single master operation (FSMO) roles? (Choose all that apply.) a. Forestwide b. Objectwide c. Systemwide d. Domainwide

a. Forestwide d. Domainwide

Which of the following is responsible for assigning a bridgehead server to handle replication for each directory partition? a. Inter-Site Topology Generator b. Knowledge Consistency Checker c. Domain Naming Master d. Infrastructure Master

a. Inter-Site Topology Generator

A server configured for Web enrollment is referred to as which of the following? a. Delta CRL b. Online responder c. CA Web proxy d. Intermediate CA

c. CA Web proxy

Your company has purchased another company that also uses Windows Server 2016 and Active Directory. Both companies need to be able to access each other's forest resources. How can you achieve this goal with the least administrative effort? a. Configure an external trust b. Configure selective authentication c. Create a two-way forest trust d. Share the global catalog for both companies

c. Create a two-way forest trust

Which server role below cannot be installed on a domain controller that will be cloned? a. WSUS b. DNS c. DHCP d. RADIUS

c. DHCP

Select below the FSMO role that is a forest-wide FSMO role: a. Infrastructure master b. RID master c. Domain naming master d. PDC Emulator

c. Domain naming master

What is the first domain installed in a forest called? a. Primary tree b. Global catalog c. Forest root d. Master domain

c. Forest root

After you install AD CS, you want to begin issuing certificates for the encrypting file system. What should you do first? a. Configure the online responder b. Configure enrollment options c. Modify a certificate template d. Install the EFS role service

c. Modify a certificate template

An administrator has received a call indicating that some users are having difficulty logging on after a password change. Which FSMO role should be investigated? a. Infrastructure master b. Schema master c. PDC emulator d. RID master

c. PDC emulator

What folder contains group policy templates, logon/logoff scripts, and DFS synchronization data? a. Root b. System c. SYSVOL d. NTDS

c. SYSVOL

How is a computer's designated site determined, such that the computer is given a domain controller to request services from within the same site? a. Through NPS policies b. Through computer OU information c. Through subnets added to the site d. Through GPOs

c. Through subnets added to the site


Related study sets

Chpt 3 Musculoskeletal System and Connective Tissue Part 2 True/False

View Set

UNIT: States and Changes Of Matter

View Set

Combo with "Audit and Assurance 14, 15, 23, 24

View Set

Chapter 13: Physical and cognitive development in middle adulthood.

View Set

Spanish: Verb Conjugation: Preterite Tense: Buscar

View Set