Server 2016 ch 1-3 & Server 2019 ch 1-4 Midterm eview

Ace your homework & exams now with Quizwiz!

An administrator has discovered that several critical parts of Active Directory have been deleted. What boot mode can be used to perform restoration?

Directory Services Restore Mode (DSRM)

What is the most typically used group type conversion?

Distribution group -> security group

Select the true statement regarding the conversion of group scope:

Domain local groups can be converted to universal groups; the domain local group must not contain other domain local groups.

Which of the following Hyper-V features allows a virtual machine to use additional physical memory within a server, provided that it is available?

Dynamic memory

Which of the following trust relationships can be created between two domains in separate Active Directory forests?

External trusts

What specific tool allows you to create GPOs, view a GPO's settings, link and unlink GPOs with containers, and manage the inheritance settings of GPOs?

Group Policy Management console

In what order are group policy settings applied?

Local, site, domain, OU

You wish to add a copy of the global catalog to a domain controller within Active Directory Sites and Services. For which object must you right-click and select Properties?

NTDS Settings

Which of the following are hardware requirements for Hyper-V?

Processor with Intel VT or AMD-V and SLAT

What should be your first course of action when you see a device marked Unknown within Device Manager?

Right-click the Unknown device within Device Manager and choose Update driver. Supply the manufacturer-provided driver files if prompted.

You have created a template user account within Active Directory Users and Computers. What must you do to create additional user accounts based on this template user account?

Right-click the template user account, and click Copy

Which of the following choices is not one of the three user account types defined in Windows Server 2016?

Service user account

Which of the following are panes that you will see listed for a server, server group, or server role within Server Manager? (Choose all that apply.)

Services Events Roles and Features Performance

Which of the following is considered a leaf object? User account Shared folder* Computer account* Private folder

Shared folder Computer account

Which of the following defines Active Directory objects and their attributes and can be changed by an administrator or an application to best suit the organization's needs?

Single schema

Which Windows Server edition supports Windows Containers and up to two Hyper-V Containers?

Standard

Which of the following Windows Server 2019 editions are licensed per processor core? (Choose all that apply.)

Standard Datacenter

Which of the following occurs when you join a computer to an Active Directory domain? (Choose all that apply.)

The Domain Users group is added to the local Users group A computer account is created within Active Directory, if one has not been prestaged The Domain Admins group is added to the local Administrators group

Using default settings, if a computer's clock differs more than 5 minutes than a Kerberos message's timestamp, what happens?

The Kerberos message is considered invalid.

Select the Account Lockout Policy item that determines how many failed logins can occur on an account before the account is locked.

Account lockout threshold

Which component of Microsoft Defender can be used to provide cloud-based threat analysis within Windows Server 2019?

ATP

Select the operations master role that is responsible for ensuring that changes made to object names in one domain are updated in references to the object in other domains.

Infrastructure master

What component of Kerberos is responsible for storing keys for encrypting and decrypting data in the authentication process?

Key Distribution Center

What type of application is made available via Group Policy for a user to install by using Programs and Features in Control Panel?

Published

An Active Directory object's security settings are composed of three components, what term is used to refer to these three components?

Security descriptor

When a client computer wants to connect to a service instance, what specific name type does it use to find the service?

Service principal name

What folder under Policies within the Computer Configuration Node of a GPO contains the Control Panel, Network, Printers, System, and Windows Component folders?

Administrative Templates

How can an administrator enable or disable accounts using the command line?

Use the dsmod user command

Which of the following domain functional levels provides Kerberos armoring? (Choose all that apply.)

Windows Server 2012 Windows Server 2012 R2 Windows Server 2016

The minimum memory required for a graphical Windows Server 2019 installation is 512 MB. (true or false)

false

What special identity group is typically used when a user accesses an FTP server that doesn't require user account logon?

Authenticated user

Which of the following tools within the navigation pane of the Windows Admin Center can be used to perform capacity planning?

Azure hybrid services

Which of the following can be used to open a new Windows PowerShell prompt that is connected to a remote computer (provided that winRM is enabled)?

Enter-PSSession computername

Windows Server 2019 supports up to 64 physical processors and 128 logical processors. (true or false)

False

What defines the objects that a Group Policy Object affects?

GPO scope

Which of the following statements is true regarding the built-in Guest account?

The Guest account should be renamed if it will be used.

How can the output of a command be redirected to a file instead of being displayed on the computer's screen?

Type the > character followed by the file name

Which of the following operating systems are supported for use within a Generation 2 virtual machine? (Choose all that apply.)

Ubuntu 14.04 FreeBSD 9.1

Containers are often used to host Web apps within cloud environments (true or false)

true

User accounts created in Active Directory are referred to as domain user accounts. (true or false)

true

Which of the following commands may be used to start Hyper-V Manager?

virtmgmt.msc

Which of the following management tools is not installed by default on Windows Server 2019?

Windows Admin Center

In order to use the Active Directory Recycle Bin, all DCs in the forest must be running at least what Windows Server operating system?

Windows Server 2008 R2

What specific commands can import or export Active Directory data in bulk? (Choose all that apply.)

csvde ldifde

What command could you execute within PowerShell to learn about the syntax of the Get-WMIObject cmdlet? (Choose all that apply.)

help Get-WMIObject Get-Help Get-WMIObject get-help Get-WMIObject Get-Help Get-WMIObject -online

NTDS Quotas store NT Directory Service quota information that limits the number of Active Directory objects a user, group, computer, or service can create.

true

The Windows Admin Center allows you to obtain a Windows PowerShell session within your Web browser. (true or false)

true

Which of the following is the primary identifying and administrative unit in Active Directory?

Domain

3 ways to create new active directory users

1. Server Manager > Tools > Active Directory Administrative Center 2. Server Manager > Tools> Active Directory Users & Computers > Expand your Domain > Users 3. Use Windows PowerShell to enter the command: dsadd user [-samid ] [-upn ] [-fn ] [-mi ] [-ln ] [-display ] [-empid ] [-pwd { | *}] [-desc ] [-memberof ...] [-office ] [-tel ] [-email ] [-hometel ] [-pager ] [-mobile ] [-fax ] [-iptel ] [-webpg ] [-title]

An authenticated user can add up to how many computer accounts to the domain, by default?

10

How long does it take for a change made on a domain controller to trigger intrasite replication?

15 seconds, with a 3-second delay between each replication partner

The Knowledge Consistency Checker (KCC) ensures that the maximum number of hops between any two domain controllers does not exceed what number?

3

The Default Domain Policy sets the maximum password age to what value?

42 days

How often are Group Policy Objects updated on domain controllers?

5 minutes

What are the two main functions of user accounts in Active Directory? (Choose all that apply.)

A method for user authentication to the network

What feature, once activated, cannot be disabled without reinstalling all domain controllers within a forest?

Active Directory Recycle Bin

After creating a production checkpoint of a virtual machine, you would like to revert the virtual machine to the state it was in prior to the checkpoint. What should you select within the Actions pane of Hyper-V Manager after selecting your checkpoint within the Checkpoints pane?

Apply

Which of the following are valid methods for executing the superscript.ps1 file within PowerShell, assuming it is in your current directory, C:\Scripts? (Choose all that apply.)

C:\Scripts\superscript.ps1 ./superscript.ps1 .\superscript.ps1

Which action should you choose for a virtual machine within the Actions pane in order to obtain the Virtual Machine Connection window?

Connect

To create a virtual machine template, what actions must you perform at minimum? (Choose all that apply.)

Create a new virtual machine and install a guest operating system within it Run the System Preparation Tool within the guest operating system to remove unique identifiers Export the virtual machine to a folder on the filesystem

Your system has three physical storage devices. Windows Server 2019 is installed on the first physical storage device. What can you do to increase the performance of the system as much as possible?

Create a paging file on the second and third physical storage devices and remove the page file from the first storage device

Your domain consists of two separate physical locations. Each location contains several domain controllers, and you have noticed that domain controller replication traffic consumes a large amount of your Internet bandwidth. What can you do within Active Directory Sites and Services to ensure that replication occurs outside of business hours? (Choose all that apply.)

Create a site object for each physical location and ensure that domain controller objects are placed within the correct site object. In the properties of a site link object, configure a replication schedule that excludes business hours.

Which of the following utilities can be used to manually install a new device that is not fully PnP-compliant?

Devices and Printers utility

What term is used to refer to a logical grouping of computers that participate in Active Directory single sign-on?

Domain

Which of the following group scopes can contain objects from any domain within the forest? (Choose all that apply.)

Domain local Universal

Your server has an additional SSD that you wish to use exclusively within a virtual machine as a pass-through disk to increase performance. What must you do to achieve this? (Choose two answers.)

Ensure that the SSD is set to an Offline state within the Disk Management tool. In the properties of the virtual machine, select an existing virtual hard disk, choose Physical hard disk, and select the SSD.

Which functions does the global catalog provide? (Choose all that apply.)

Fast object searching Universal group membership Domain authentication using UPNs

Which of the following features can be configured within Control Panel? (Choose all that apply.)

File caching and flushing Environment variables Power options Startup and recovery options

What PowerShell cmdlet can be used to show an MSA's properties?

Get-ADServiceAccount

What Windows servers are the only domain controllers that hold universal group membership information?

Global catalog

Which of the following hardware devices does a Generation 1 virtual machine emulate? (Choose all that apply.)

IDE hard disk SCSI hard disk Serial ports

To which of the following virtual switches can a host operating system connect? (Choose all that apply.)

Internal External

Which of the following Hyper-V features requires that your host operating system be joined to an Active Directory domain? (Choose all that apply.)

Live migration Replication

Which of the following PowerShell cmdlets can be used to move or seize a FSMO role?

Move-ADDirectoryServerOperationMasterRole

Which two small footprint installation options are available for Windows Server 2019? (Choose two answers.)

Nano Server Server Core

Which Hyper-V feature allows you to install a virtual machine within another virtual machine?

Nested virtualization

Which statement is true regarding the global catalog?

Only one global catalog exists per forest

What type of task can be defined to allow you fine-grained control over the management tasks a user can perform in an OU?

Organized

Which of the following FSMO roles are stored on one domain controller within each domain? (Choose all that apply.)

PDC Emulator RID Master

What Active Directory object enables an administrator to configure password settings for users or groups that are different from those defined in a GPO linked to the domain?

Password settings object

Which of the following tools allow you to create a password setting object? (Choose all that apply.)

PowerShell ADAC ADSI Edit

Timestamps within Kerberos are used to help guard against what type of attack?

Replay attack

Select the specific Windows folder that is a shared folder containing file-based information that is replicated to other domain controllers.

SYSVOL folder

Which of the following choices is one of the two forest-wide FSMO roles?

Schema master

What specific database stores local user accounts on local computers, and allows users to sign in to and access resources only on the computer where the account resides?

Security Accounts Manager

Which filesystem feature of Windows Server 2019 allows you to create large volumes that span multiple physical storage devices?

Storage Spaces

Approximately 42 days after a service was configured to use a normal user account, the service has stopped working and refuses to run. An administrator has verified that the account still exists on the domain. Assuming default domain policy settings, what could be the issue?

The user account password expired.

Clustering may be used with multiple Windows Server 2019 systems to enhance speed and fault tolerance for network services. (true or false)

True

Commands within Windows PowerShell are referred to as cmdlets. (true or false)

True

Kerberos is a specific authentication protocol is used in a Windows domains environment to authenticate logons and Grant accounts access to domain resources. (true or false)

True

When creating a new user, the "User cannot change password" option can't be used in conjunction with what other option?

User must change password at next logon

Which default folder under a domain within Active Directory Users and Computers contains the Administrator user account and Domain Admins group?

Users

Which of the following tasks are typically performed following a Windows Server 2019 installation? (Choose all that apply.)

Verify the correct time and time zone information Activate the Windows Server 2019 operating system Configure the appropriate computer name and domain membership Set IP configuration on network interfaces

Which of the following is not a question that should be asked when planning a Windows Server 2019 installation?

Who will be supporting the server?

A contact is an Active Directory object that usually represents a person for informational and security purposes. (true or false)

false

A managed service account (MSA) enables administrators to manage rights and permissions for services but with strict manual password management policies. (true or false)

false

In the following example, three loops will be executed. $args = "one","two","three","four" foreach ($i in $args) {write $i -foregroundcolor magenta} (true or false)

false

Kerberos policies, found in a GPO, control settings related to user authentication and logon. (true or false)

false

Security principals define which resources users can access and what level of access they have. (true or false)

false

Servers that exist within a data center that is publicly accessible on the Internet are referred to as on-premises servers (True or False)

false

The PowerShell cmdlet New-ADUser gets information about user accounts. (true or false)

false

The Sigverif tool can be used to verify and repair corrupt system files. (true or false)

false

The dcpromo.exe command is the preferred method for installing Active Directory on Server Core. (true or false)

false

When a client wants to connect to a service, it finds the service based solely on the instance name. (true or false)

false

PowerShell console files use the .ps1 extension. (true or false)

false <PowerShell console files use the .psc1 extension, whereas PowerShell script files use the .ps1 extension.>

Creating OUs within the Active Directory database is also called prestaging. (true or false)

false <note: Prestaging refers to the process of creating computer accounts within the Active Directory database that are later used by computers that join the domain.>

Both Generation 1 and Generation 2 virtual machines support Secure Boot. (true or false)

false <note: Secure Boot is only available within a UEFI BIOS, and only Generation 2 virtual machines provide UEFI BIOS emulation.>

Virtual machine settings are stored within a .vhdx file. (true or false)

false <note: The filesystem used by a guest operating system is stored within a .vhdx file. Virtual machine settings are stored within files under the Virtual Machines folder.>

You can use the Install-ADDSDomain cmdlet within Windows PowerShell to configure a new forest root domain. (true or false)

false <note: To configure a new forest root domain, you must use the Install-ADDSForest cmdlet. The Install-ADDSDomain cmdlet can be used to add a domain to an existing forest.>

Domain controllers store local user accounts within a SAM database and domain user accounts within Active Directory. (true or false)

false <note: Windows Server computers lose their SAM database after they are promoted to a domain controller.>

Replication must be enabled on your Hyper-V host before you are able to copy the contents of a virtual machine to a target Hyper-V host. (true or false)

false <note: You must enable replication on the target Hyper-V host before you are able to copy the contents of a virtual machine to it.>

The Active Directory Recycle Bin can be enabled using the Active Directory Domains and Trusts tool. (true or false)

false <note: You must enable the Active Directory Recycle Bin within the Active Directory Administrative Center.>

In order to force a computer to immediately download and apply all group policies, what command should be run?

gpupdate/force

Which of the following is not a security principal that can be assigned permissions?

groups

Which two files must you import within the Windows Deployment Services tool to provide for remote installation?

install.wim boot.wim

The default location for computer accounts that are created automatically after joining the domain can be changed using which command?

redircmp.exe **

Which command-line utility below can be used to change an SPN?

setspn

Which of the following aliases can be used to switch to a different PowerShell provider?

sl

Which of the following PowerShell constructs is best to use when you wish to perform a specific action based on the value of a single variable?

switch

A batch file is a text file that is used to enter a command or series of commands normally typed at the command prompt. (true or false)

true

A service account is a user account that Windows services use to log on to a computer or domain with a specific set of rights and permissions. (true or false)

true

Account policies are set in the Local Security Policy MMC on computers that aren't domain members. (true or false)

true

Account policies that are set in GPOs linked to an OU containing computer accounts affect only local user accounts defined in the computer's SAM database. (true or false)

true

Active Directory's use of multimaster replication ensures that changes to AD objects are automatically replicated to all domain controllers. (true or false)

true

After importing a virtual machine template to create a new virtual machine, you should rename the new virtual machine. (true or false)

true

Schema attributes define what type of information is stored in each object, such as first name, last name, and password for a user account object. (true or false)

true

Server Manager can be used to monitor and manage other Windows Server 2008 and later systems. (true or false)

true

Server Manager is typically used to perform most post-installation tasks on a graphical Windows Server 2019 system. (true or false)

true

Some software issues require that you modify the value of an entry within the Windows Registry to fix a system problem. (true or false)

true

System environment variables apply to any user logged onto the system. (true or false)

true

The Tab key can be used to auto complete a PowerShell cmdlet as you are typing it. (true or false)

true

The Test-NetConnection cmdlet can be used to test network connectivity to a target computer. (true or false)

true

To install a Windows Server 2019 virtual machine, you typically attach an ISO image file that contains the installation media to a virtual DVD drive within the virtual machine settings. (true or false)

true

Windows Server 2019 tool called sigverif verify systems and critical files. (true or false)

true

You can start the Windows Server Configuration Wizard within Server Core by running the sconfig.cmd command. (true or false)

true

when you use the add rolls and features wizard you need to verify whether you have chosen the correct roles to do this you can highlight each role to view its description. (true or false)

true

The schema and configuration partitions of the Active Directory database are replicated forest-wide. (true or false)

true <note: All domain controllers within the forest share the same schema and configuration partitions. As a result, changes to these partitions must be replicated to all domain controllers within the forest.>

You must be a member of the Enterprise Admins group in order to add a trust relationship. (true or false)

true <note: Because trust relationships are stored within the configuration partition of the Active Directory database and replicated forest-wide, you must be a member of the Enterprise Admins group in order to create a trust relationship.>

Virtual machine checkpoints are often used prior to making an important configuration change within a guest operating system, such as installing software or device drivers. ([true or false)

true <note: Because virtual machine checkpoints allow you to revert the state of a virtual machine to a previous point in time, they are often created before applying a configuration change that could negatively impact the system.>

The physical network interface used by an external virtual switch is not configured using IP. Instead, it uses the Hyper-V Extensible Virtual Switch protocol to allow virtual network interfaces attached to the external virtual switch to use the physical network interface. (true or false)

true <note: IP is not configured on a physical network interface that is used by an external virtual switch. Instead, this interface uses the Hyper-V Extensible Virtual Switch protocol to allow virtual machines to share the physical network interface.>

Guest operating systems require VMBus drivers to support the virtualized hardware within a Generation 2 virtual machine. (true or false)

true <note: In order to support the virtualized hardware in a Generation 2 virtual machine, the guest operating system must have the appropriate drivers for the VMBus.>

Before installing Active Directory on a Windows Server system to function as an additional domain controller within a forest, you must first ensure that the Windows Server is configured to contact a DNS server that contains the appropriate service records for the forest. (true or false)

true <note: Service records within DNS are used to locate Active Directory services. Before adding a new domain controller, you must ensure that the Windows Server can contact a DNS server that has these service records.>

Any changes to a guest operating system made following the creation of a checkpoint are stored within a.avhdx file in the same directory as the associated .vhdx file. (true or false)

true <note: The .avhdx file is stored within the same directory as the .vhdx file and stores all modifications made to a guest operating system following creation.>

If a global catalog cannot be placed within a branch office site, you can enable UGMC on the site to ensure branch office domain controllers provide fast authentication.

true <note: UGMC allows universal group membership to be cached locally on domain controllers within a site and used for authentication. Because universal group membership must be validated during the authentication process, UGMC allows sites without a global catalog to provide authentication without having to contact a global catalog within another site (which is a slower process).>

WDS can be used to install multiple physical or virtualized systems at the same time, provided those systems can boot from the network using PXE. (true or false)

true <note: WDS provides an operating system to systems that boot from the network using PXE. These systems can be physical or virtual.>

If a RODC is stolen, you can delete the computer account to reset affected user and computer accounts. (true or false)

true <note: When you delete a RODC computer account, you have the option to reset user accounts that had a password attribute cached on the RODC, as well as the option to reset computer accounts within the same Active Directory site.>


Related study sets

Chapter 13 Brain and Cranial Nerves

View Set

PSY 312 Research Methods: Chapters 1-2

View Set

Jason Dion comptia A+ Practice Exam #1 (220-1102) - Results

View Set

Chapter 3 Cybercrime, Fraud, and Ethics

View Set

Chapter Exam - Life Premiums and Benefits

View Set

Level 1 Antiterrorism Awareness Training 2 hrs. (post test)

View Set

Chapter 24 exam question possibility

View Set

Chapter 10 - Post-Lecture Assignment

View Set