NOS 230 Final

Ace your homework & exams now with Quizwiz!

True

A Web Application Proxy server needs two NICS installed to function correctly.

False

A claims provider is the resource partner that accepts claims from the business partner to make authentication and authorization decisions.

True

A domain controller clone is a replica of an existing DC.

True

A revocation configuration tells the CA what methods are available for clients to access CRLs.

False

A tree can consist of a single domain or a parent domain and child domains, which cannot have child domains of their own.

True

Adding a subdomain is a common reason for expanding an Active Directory forest.

True

An Active Directory snapshot is a replica of the Active Directory database at a specific moment.

False

Applications that are not claims-aware can't be used in an AD FS deployment.

True

Authentication efficiency, replication efficiency, and application efficiency are the three main reasons for establishing multiple sites.

True

Before you can install a DC running a newer Windows Server version in an existing forest with a lower functional level, you must prepare existing DCs with the adprep.exe command-line program,

180 days

By default, for how long are deleted objects stored within the Active Directory database before they are removed entirely?

True

Certificate autoenrollment is an option only on enterprise CAs.

True

Device registration is a feature that allows non domain-joined devices to access claims-based resources securely.

KCC

For intrasite replication, what component builds a replication topology for DCs in a site and establishes replication partners?

12 hours

How often does garbage collection run on a DC?

False

If a certificate is not renewed before the validity period expires, the certificate can still be used until the renewal period ends.

False

Intrasite replication takes place between DCs in two or more sites.

1 week

On a Windows Server 2016, what is the default CRL publication interval?

True

Remote Desktop Gateway applications are a convenient way for organizations to make applications available to users without having to install the application on every user's computer.

Domain naming master

Select below the FSMO role that is a forest-wide FSMO role:

True

The PowerShell cmdlet "Restore-CARoleService" restores the CA database and all private key data.

False

The federated Web SSO with forest trust design is most often used in business-to-employee relationships.

False

The intermediate CA is the most critical and is the server typically configured for offline operation.

True

The repadmin /replicate command causes replication of a specified partition from one DC to another.

Filtered attribute sets

To increase security of data stored on an RODC, what can be configured to specify domain objects that aren't replicated to RODCs?

False

Version 5 templates allow customization of most certificate settings and permit autoenrollment.

device registration

What feature allows non domain-joined devices to access claims-based resources securely?

SID filtering

What feature should you enable to prevent the sIDHistory attribute from being used to falsely gain administrative privileges in a trusting forest?

SYSVOL

What folder contains group policy templates, logon/logoff scripts, and DFS synchronization data?

Smart card enrollment

What type of certificate enrollment issues certificates that users can use to log on to a system by entering a PIN?

Authentication Policy silos

Which feature was first introduced with Windows Server 2012 R2, and are new Active Directory containers to which authentication policies can be applied to restrict where high-privilege user accounts can be used in the domain?

Publishing license

Which of the following contains a list of users and specifies what the users can do with a rights-protected document?

Server licensor certificate

Which of the following is a self-signed certificate and identifies the AD RMS cluster?

Digital signature

Which of the following is created using a hash algorithm and can be used to verify the authenticity of a document?

Use license

Which of the following is issued to users when they request access to a rights-protected document?

domain naming master

Which of the following manages adding, removing, and renaming domains in the forest?

wbsadmin.exe

Which option below is not one of the three main methods for cleaning up metadata?

Need for differing account policies

Why might it be a good idea to configure multiple domains in a forest?

False

With separate domains, stricter resource control and administrative permissions are more difficult.

NDES role service

You have a number of Cisco routers and switches that you wish to secure using IPsec. You want IPsec authentication to use digital certificates. You already have a PKI in place using Certificate Services on Windows Server 2016. What should you install to secure your devices?


Related study sets

GEOGRAPHY TRUE OR FALSE (articles)

View Set

chapter 10 (purchasing and financing a home)

View Set

Chapter 13:7. Grammar/Mechanics Checkup 13: Number Style Aplia Assignment

View Set

The Late Middle Ages: A Time of Upheaval 7.7

View Set

BUSI 336 Intro to Entrepreneurship (Chapter 17, 3, 10, 11 terms)

View Set

, Lewis Chapter 34: Heart Failure

View Set

Chapter 19: Documenting and reporting

View Set