MTA Server admin CH5
What do you call one or more IP subnets that are connected by a high-speed link?
Answer: A site Difficulty: Easy Section Reference: Introducing Sites and Domain Controllers Explanation: A site is one or more IP subnets that are connected by a high-speed link, typically defined by a geographical location. Suppose that you have a four-story office building. Although the building includes several subnets, all computers within the building use layer-2 and layer-3 switches to communicate with each other.
___________ is the primary authentication protocol used in Active Directory.
Answer: Kerberos Difficulty: Hard Section Reference: Introducing Directory Services with Active Directory Explanation: Kerberos is a computer network authentication protocol that allows hosts to prove their identity securely over a non-secure network. It can also provide mutual authentication so that both the user and server can verify each other's identity.
A ________ is a logical unit of computers and network resources that define a security boundary.
Answer: domain Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: A Windows domain is a logical unit of computers and network resources that defines a security boundary. A domain uses a single Active Directory database to share its common security and user account information for all computers within the domain, allowing centralized administration of all users, groups, and resources on the network.
A __________ is a Windows server that stores the Active Directory database.
Answer: domain controller Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: A domain controller is a Windows server that stores a replica of the account and security information for the domain and defines the domain boundaries. To make a computer running Windows Server 2008 a domain controller, you must install the Active Directory Domain Services and execute the dcpromo (short for dc promotion) command.
What do you call one or more trees with disjointed namespaces?
Answer: forests Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: A forest is made of one or more trees (although most people think of a forest as two or more trees). A forest varies from a tree because it uses disjointed namespaces between the trees.
What technology is used to standardize the Windows environment on all client computers?
Answer: group policies Difficulty: Easy Section Reference: Introducing Group Policy Explanation: One of Active Directory's most powerful features is Group Policy, which controls the working environment for user accounts and computer accounts. Group Policy provides centralized management and configuration of operating systems, applications, and user settings in an Active Directory environment.
What do you need to do with your forests and domains so that you can use all available features?
Answer: upgrade to the highest domain and forest functional levels Difficulty: Easy Section Reference: Defining Functional Levels Explanation: The functional level of a domain or forest depends on which Windows Server operating system versions are running on the domain controllers in that domain or forest. The functional level also controls which advanced features are available in the domain or forest. To get all the features available with Active Directory, you must have the latest version of the Windows Server operating system, and you have to use the highest forest and domain functional level.
Which DNS resource records translate IP addresses to a host name? a) SOA b) A c) PTR d) MX
C) PTR Difficulty: Medium Section Reference: Exploring DNS Explanation: PTR (short for pointer) resolves an IP address to a hostname (reverse mapping) and is contained in the reverse lookup zone.
What system is used to translate www.microsoft.com to an IP address? a) DNS b) WINS c) DHCP d) ARP
a) DNS Difficulty: Easy Section Reference: Exploring DNS Explanation: Domain Name System (DNS) is a hierarchical client/server-based distributed database management system that translates domain/hosts names to IP addresses. Your organization most likely has one or more DNS servers that provide name resolution for your company.
What protocol is used to query and modify data contained within a structure that reflect geographical or organizational structure? a) LDAP b) DNS c) GlobalZones d) Kerberos
a) LDAP Difficulty: Easy Section Reference: Introducing Directory Services with Active Directory Explanation: The Lightweight Directory Access Protocol, or LDAP, is an application protocol for querying and modifying data using directory services running over TCP/IP. Within the directory, the sets of objects are organized in a logical hierarchical manner so that you can easily find and manage them.
What file is used to translate host names to IP addresses? a) hosts file b) lmhosts file c) dns file d) wins file
a) hosts file Difficulty: Medium Section Reference: Understanding HOSTS and LMHOSTS Files Explanation: Early TCP/IP networks used hosts (used with domain/hostnames associated with DNS) and lmhost (used with NetBIOS/computer names associated with WINS) files, which were text files that listed a name and its associated IP address.
What Windows server attached to a domain is not a domain controller? a) member server b) bridgehead server c) LDAP server d) Kerberos server
a) member server Difficulty: Easy Section Reference: Introducing Sites and Domain Controllers Explanation: A server that is not running as a domain controller is known as a member server. To demote a domain controller to a member server, you rerun the dcpromo program.
To which type of group would you assign rights and permissions? a) security group b) distribution group c) scoped group d) Global Domain group
a) security group Difficulty: Medium Section Reference: Comparing Group Types Explanation: Windows Active Directory has two types of groups: security and distribution. A security group is used to assign rights and permissions and gain access to network resources. It can also be used as a distribution group.
What authorizes a user to perform a certain action on a computer? a) user rights b) permissions c) assignments d) certificates
a) user rights Difficulty: Medium Section Reference: Comparing Rights and Permissions Explanation: A right authorizes a user to perform certain actions on a computer, such as logging on to a system interactively or backing up files and directories on a system. User rights are assigned through local policies or Active Directory Group Policy.
Which resource record used in DNS translates host names to IP addresses? a) SOA b) A c) PTR d) MX
b) A Difficulty: Medium Section Reference: Exploring DNS Explanation: A (host address) provides a hostname to an IPv4 address; AAA (host address) provides a hostname to an IPv6 address.
What service replicates information of every object in a tree and forest so that you can quickly find those objects? a) LDAP server b) global catalog c) Infrastructure Master d) PDC Emulator
b) global catalog Difficulty: Medium Section Reference: Looking at Global Catalogs Explanation: A global catalog replicates the information of every object in a tree and forest. However, rather than store the entire object, it stores just those attributes that are most frequently used in search operations, such as a user's first and last name, computer name, and so forth. By default, a global catalog is created automatically on the first domain controller in the forest, but any domain controller can be made into a global catalog.
What technology automatically assigns IP addresses to clients? a) DNS b) GlobalZones c) DHCP d) WINS
c) DHCP Difficulty: Easy Section Reference: DHCP Services Explanation: It would take hours to configure every host IP configuration, including IP address, addresses of DNS and WINS servers, and any other parameters. Thus, most organizations use Dynamic Host Configuration Protocol (DHCP) services to automatically assign IP addresses and related parameters (including subnet mask, default gateway, and length of the lease) so that a host can immediately communicate on an IP network when it starts.
Which FSMO role is the master time server and password keeper? a) Schema Master b) Domain Naming Master c) PDC Emulator d) Infrastructure Master
c) PDC Emulator Difficulty: Hard Section Reference: Flexible Single Master Operations Explanation: The Primary Domain Controller (PDC) was the main domain controller used with Windows NT. The PDC Emulator provides backward compatibility for NT4 clients. It also acts as the primary server for password changes and as the master time server within the domain.
What do you use to organize your users, computers, and other network resources within a domain? a) groups b) forest c) organizational units d) group policy
c) organizational units Difficulty: Easy Section Reference: Introducing Organizational Unites Explanation: To help organize objects within a domain and minimize the number of domains required, you can use organizational units (OUs). OUs can be used to hold users, groups, computers, and other organizational units.
Which type of group can contain any user or group in any domain and can be assigned to any resource in any domain? a) domain local group b) global group c) universal group d) distribution group
c) universal group Difficulty: Medium Section Reference: Comparing Group Scopes Explanation: Universal group scope is designed to contain global groups from multiple domains. Universal groups can contain global groups, other universal groups, and user accounts. Because global catalogs replicate universal group membership, you should limit the membership to global groups.
What is the best way to give managers a way to change passwords for the users they manage? a) Make the manager a domain administrator. b) Make the manager an account operator. c) Make the manager a local administrator. d) Use the Delegate of Authority wizard.
d) Use the Delegate of Authority wizard. Difficulty: Medium Section Reference: Introducing Organizational Units Explanation: By delegating administration, you can assign a range of administrative tasks to the appropriate users and groups. For instance, you can assign basic administrative tasks to regular users or groups and leave domain-wide and forest-wide administration to members of the Domain Admins and Enterprise Admins groups.
What legacy naming service is used to translate computer names to IP addresses? a) DNS b) GlobalZones c) DHCP d) WINS
d) WINS Difficulty: Easy Section Reference: WINS Explanation: Windows Internet Name Service (WINS) is a legacy naming service that translates from NetBIOS (computer name) to specify a network resource. A WINS sever contains a database of IP addresses and NetBIOS names that update dynamically.