NOS-230: Units 6-9

Ace your homework & exams now with Quizwiz!

On a Windows Server 2016, what is the default CRL publication interval?

1 week

How often does garbage collection run on a DC?

12 hours

In a new partnership with XYZ Company, ABC company wants to share documents securely using Web-based applications. All communication must be secure, and document usage must be controlled. Both companies run Windows Server 2016 domains but must remain in separate forests. What can you implement to facilitate this partnership?

AD Federation Services and AD Rights Management Services

Your company deals with highly confidential information, some of which is transmitted via email among employees. Some documents have been forwarded via email, making the documents more difficult to track. You want to be able to prevent employees from forwarding certain emails. What should you deploy?

AD RMS

What tool can a user use to request certificates that are not configured for autoenrollment?

Certificates snap-in

What is created automatically by the KCC and allows the configuration of replication between sites?

Connection object

What feature allows non domain-joined devices to access claims-based resources securely?

Device registration

A tree can consist of a single domain or a parent domain and child domains, which cannot have child domains of their own.

False

Active Directory metadata describes the actual Active Directory data, not the Active Directory database.

False

Applications that are not claims-aware can't be used in an AD FS deployment.

False

Intrasite replication occurs between bridgehead servers.

False

Online Responder used to issue certificates to network devices, such as routers and switches.

False

Primary authentication is not required for all users who access applications that use AD FS.

False

The federated Web SSO with forest trust design is most often used in business-to-employee relationships.

False

The intermediate CA is the most critical and is the server typically configured for offline operation.

False

The logical components of Active Directory are forests, domains, and sites.

False

Version 5 templates allow customization of most certificate settings and permit autoenrollment.

False

With AD FS preauthentication, client requests for the application are sent via a proxy server to the application server.

False

Which of the following is responsible for assigning a bridgehead server to handle replication for each directory partition?

Inter-Site Topology Generator

Which type of CA in the three-level hierarchy is sometimes referred to as a policy CA and issues certificates to issuing CAs?

Intermediate

You have a number of Cisco routers and switches that you wish to secure using IPsec. You want IPsec authentication to use digital certificates. You already have a PKI in place using Certificate Services on Windows Server 2016. What should you install to secure your devices?

NDES role service

Why might it be a good idea to configure multiple domains in a forest?

Need for differing account policies

What features should you configure if you want to limit access to resources by users in a trusted forest, regardless of permission settings on these resources?

Selective authentication

Which of the following is a self-signed certificate and identifies the AD RMS cluster?

Server licensor certificate

What type of certificate enrollment issues certificates that users can use to log on to a system by entering a PIN?

Smart card enrollment

A delegated installation allows a domain administrator to create the RODC computer account in Active Directory, so a that a regular user can perform the installation at a later time.

True

A domain controller clone is a replica of an existing DC.

True

Authentication efficiency, replication efficiency, and application efficiency are the three main reasons for establishing multiple sites.

True

Before you can install a DC running a newer Windows Server version in an existing forest with a lower functional level, you must prepare existing DCs with the adprep.exe command-line program,

True

Multi-factor authentication means users must authenticate with more than one device.

True

The repadmin /replicate command causes replication of a specified partition from one DC to another.

True

Universal groups allow administrators to assign rights and permissions to forest-wide resources to users from any domain.

True

Which of the following manages adding, removing, and renaming domains in the forest?

domain naming master

Which option below is not one of the three main methods for cleaning up metadata?

wbsadmin.exe

Which type of cryptography provides the most security?

Asymmetric cryptography

CA Administrator approves requests for certificate enrollment and revocation.

False

If your domain includes Windows Server 2003 or older DCs, it's using DFSR to replicate SYSVOL.

False

Intrasite replication takes place between DCs in two or more sites.

False

Remote Desktop Gateway applications are a convenient way for organizations to make applications available to users without having to install the application on every user's computer.

True

What assigned value represents the bandwidth of the connection between sites?

cost


Related study sets

Field Biology exam 4 chapters 12, & 15.

View Set

Med. Term. Chapter 12 (Nervous System) {ALL}

View Set

Biological Rhythms: Circadian Rhythms

View Set

Python повторение материалов 1-6

View Set