Server 2016 Final. MORA CLASS

Ace your homework & exams now with Quizwiz!

What are the two flexible single master operation (FSMO) roles?

-Forestwide. -Domainwide.

Which of the following is true about using IP site links?

-It is synchronous. -RPC runs over IP

The gpudate command in conjunction with which option below causes synchronous processing during the next computer restart or user logon?

/sync

What is the schedule for non-urgent intrasite replication?

15 seconds after change occurs, with a 3 second delay between partners.

A partition stored on a domain controller in the HQ site isn't being replicated to other sites, but all other partitions on domain controllers in the HQ site are being replicated. The problem partition is stored on multiple domain controllers in HQ. What should yo investigate as the source of the problem?

A manually configured bridgehead server

In a new partnership with XYZ Company, ABC company wants to share documents securely using Web-based applications. All communication must be secure, and document usage must be controlled. Both companies run Windows Server 2016 domain but must remain in separate forests. What can you implement to facilitate this partnership?

AD Federation Services and AD Rights Management Services

Your company deals with highly confidential information, some of which is transmitted via email among employees. Some documents have been forwarded via email, making the documents difficult to track. you want o be able to prevent employees from forwarding certain emails. What should you deploy?

AD RMS

When a GPO is linked to a site object, what will be affected?

All Users & Computers

If you want the most security, what should you use?

Asymmetric Cryptography only

When does Active Directory online defragmentation occur?

Automatically whenever Active Directory removes deleted objects and frees space in the database

What role can renew the CA certificate?

CA Administrator

A server configured for Web enrollment is referred to as which of the following?

CA web enrollment

Which of the following usually includes the user's logon name, group memberships, and other user attributes in an AD FS-enabled network?

Claim

You don't have policies that force settings for the look of users' computer desktops. Each user's chosen desktop settings are applied from his or her roaming profile to any computer he or she signs in to. You think it's important for users to have this choice, but you'd like a consistent look for computers used for product demonstrations to customers. What's the best way to do this without affecting users when they sign in to other computers?

Create a loopback policy

All your domain controllers are running Windows Server 2016 in a new forest. What should you check if GPT replication is not occurring correctly?

DFSR

You need to allow your network technician to view the RMS logs and reports, but no additional permissions should be granted to this technician. What can you do?

Delegate the AD RMS Auditor role

To reduce the amount of traffic generated when clients download the CRL, what should you use?

Delta CRL

What can you install on a Windows Server 2016 server that can scan documents and apply rights policy templates automatically based on resource properties?

FSRM

A tree can consist of a single domain or parent domain and child domains, which cannot have child domains of their own. (T/F)

False

By default, subnets are created in Active Directory Sites and Services. (T/F)

False

Group policy caching improves system startup speed because the cache is used during asynchronous background processing, which occurs when the system boots. (T/F)

False

The Group Policy Results wizard will show administrator which policy settings apply only to a user, computer, or both/ (T/F)

False

What Powershell cmdlet will allow an administrator to check for software that is incompatible with the cloning process?

Get-ADDCCloningExcludedApplicatinList

An administrator needs to know which servers carry forest-wide roles. What Powershell cmdlet can be used to display this information?

Get-ADForest

Which of the following is the first step to allow third-party devices to perform device registration to access domain resources from the Internet?

Install a certificate from a third-party CA

How is group policy refreshed on domain controllers?

Invoke-gpupdate

What types of directories is AD FS designed to work with?

LDAP complaint

Select the GPO state where the GPO is in the Group Policy Objects folder but hasn't been linked to any container objects?

Link status: unlinked

A certificate is issued on July 1, 2018. Its validity period of 2 years, and its renewal period 2 months. When can the certificate first be renewed.

May 1, 2020

You have a network with three sites named SiteA, SiteB and SiteC that are assigned the subnets 10.1.0.0/16, 10.2.0.0/16 and 10.3.0.0/16, respectively. You change the IP address of domain controller in SiteB to 10.1.100.250/16. What should you do now?

Move the computer object of the domain controller in Active Directory Sites and Services to SiteA

What PowerShell cmdlet will link a GPO to a site, domain or OU?

New-GPLink

Which service provided by a PKI ensures that a party in a communication cant dispute the validity of the transaction?

Non repudiation

On a Windows Server 2016, what is the default CRL publication interval?

One Week

An administrator has received a call indicating that some users are having difficulty logging on after a password change. Which FSMO role should be investigated?

PDC emulator

What feature added in Windows Server 2016 allows you to group membership expiration?

Privileged Access Management (PAM)

What permission is given to the Enterprise Domain Controller universal group on all GPO's by default, and grants permission to view settings and back up a GPO?

Read

What is the name of a domain controller on which changes cant be written?

Read only domain controller

Describe the three-level CA hierarchy.

Root CA, intermediate CA, and Issuing CA

What is used to identify all objects in a domain?

SID

Which of the following is a self-signed certificate and identifies the AD RMS cluster?

Server Licensor certificate

Ou-Linked policies are applied last so they take precedence over which policies?

Site & Domain Policies

What CAs interact with clients to field certificate request and maintain CRLs?

Subordinate CA

How is a computer's designated site determined, such that the computer is given a domain controller to request services from within the same site?

Through subnets added to the site

Why would you add a subdomain to Active Directory Forest?

To expand the Active Directory forest

A delegated installation allows a domain administrator to create the RODC computer account in Active Directory, so that a regular user can perform the installation later. (T/F)

True

Before you can install a DC running a newer Windows Server version in an existing forest with a lower functional level, you must prepare existing DCs with the adprep.exe command-line program. (T/F)

True

The repadmin /replicate command causes replication of a specified partition from one DC to another. (T/F)

True

What us multi-factor authentication?

User must authenticate with more than one method, such as with user name and password

You have a network of Windows Server 2016 servers, and you wish to allow remote users the ability to access network applications from any device that supports a Web browser?

Web Application Proxy

Which of the following is the international standard that defines a PKI and certificate formats?

X509


Related study sets

ECON 182 Microeconomics - Chapter 10 & 11 -Chapter Readings

View Set

IU D271 Doing Business in China -- Q&A'S To Assignment Questions for Exam 1

View Set

Social Studies: Chapter 8, 8.3 (Pharaoh Khufu: The pyramid Builder)

View Set

Examen final - gramática avanzada

View Set

Geographical Skills and Fieldwork

View Set