server exam study guide

Ace your homework & exams now with Quizwiz!

Which setting determines how long user accounts are locked out?

Account lockout duration

What is the last step in configuring a group managed service account?

Configure the service to use the group

Which option best describes what a UPN looks like on a Microsoft Windows 2016 server?

E-mail address

How can you, as a Microsoft Windows 2016 server administrator, allow single sign-on for users in other domains and allow them access to the resources in your domain or vice versa outside the forest?

External trust

You need to backup a GPO. When you right-click a GPO link, the backup option is unavailable. What is the problem?

GPO links cannot be backed up

Which PowerShell cmdlet can be used to view inactive user accounts?

Search-ADAccount

Which Forest Functional Level is required to deploy a RODC?

Server 2008

You would like members of the Boston_IT group to have the ability to create password settings objects. What should you do?

Set permissions on the Password Settings container

Which PowerShell cmdlet is used to block GPO inheritance for an OU?

Set- GPOInheritance

Which attributes are not copied over to users created from a user template?

Phone number

Which are valid fields within a DNS SRV Record?

Port Weight

Which Set-ADAccountPassword parameter does not require knowledge of the current password?

Reset

You are deploying drive mappings to user stations using Group Policy Preferences. You need to ensure users get the mapped drive only if they have the required permissions. Which option should you select?

Run in logged-on user's security context

What determines the certificate validity period?

Certificate template

While viewing Group Policy Preference you notice multiple registry settings with a green triangle icon. What does the icon imply?

Create

Which command configures Active Director on Server Core?

Install-ADDSDomainController

You need to create multiple GPOs that have similar security settings to be applied to different OUs. What should you do?

create a starter GPO, create GPO's, link to OU's

You are planning a Skype Business Server Standard Edition installation. What must be done to accommodate database requirements?

dcgpofix

You have provisioned a computer account for offline domain join. After coping te provisioning file to the target computer, which command should you run?

djoin.exe /requestODJ

You would like to configure a custom web app service named webapp1 to use a virtual account. The service runs on a host called Server1. What should you type in for the virtual account name?

NT Service\Webapp1

Which tools can be used to manage password settings objects? Choose two

New-ADFineGrainedPasswordPolicy

Which certificate checking mechanism is a simple HTTP query and response?

OCSP

Which command can be used to display SPNs?

SetSpn

Which command line tool is used for private key recovery?

certutil

Which statement is correct?

.ADM templates can be imported

Which file format is supported for software deployment?

.MSI

What is the default value for Group Policy slow link detection?

500 Kbps

Which certificate template permission allows certificates to be issued without user and administrator intervention?

Autoenroll

Which command forces a delta group policy refresh?

gpupdate/force

You need different local group policy settings on a station for administrators and regular users. Which snap-in should you add to MMC?

group policy object editor

What URL is used to support device registration with an Active Directory domain called earthfarm.com?

https://enterpriseregistration.earthfarm.com

Which command displays status of Active Directory replication?

repadmin

What command is used to transform a security template to a GPO?

scwcmd transform

You need to ensure that domain-linked GPOs are not blocked in subordinate OUs. What should you do?

set the GPO enforced option

Which PowerShell cmdlet us used to backup certificate services?

Backup-CARoleService

Which of the following statement is true?

GPO's cannot be linked to containers

Which Domain Controller options are enabled by default?

Global Catalog

Which are valid fields within a DNS SRV Record?

Group Membership Expiration

You are sharing a folder and assigning share permission. Which three permission options are available?

Read, Modify, and Full Control

What must be defined in AD FS in order to support Pre-Authentication on a Web Application Proxy?

Relying Party Trust

When should the PowerShell -PassThru parameter be used?

To generate output

What is the default location of the database and log files when you are deploying a domain controller?

C:\Windows\NTDS

Where in Group Policy are Kerberos settings configured?

Computer Configuration, Policies, Windows Settings, Security Settings, Account Policies

Where is Group Policy certificate auto-enrollment configured?

Computer Configuration, Policies, Windows Settings, Security Settings, Public Key Policies

Where is Kerberos contained delegation configured?

Computer properties

How do Active Directory OUs and containers differ?

Containers cannot have GPOs directly linked to them

You need to create an Active Directory group in the EarthFarm domain whose members come from other domains in the forest. The group must be used to assign permissions to shared folders in the Earthfarm domain. Which type of group should you create?

Domain Local, Security

Which term describes group policy settings controlled by the Group Policy Client service?

Managed

Which password policy setting prevents users from immediately resetting their password multiple times back to the same password?

Minimum password age

Which sequence of commands is required to configure a service account?

New-ADServiceAccount, Add-ADComputerServiceAccount, Install-ADServiceAccount

Which PowerShell cmdlet is used to add a new user account?

New-ADUser

Which command creates the file required to deploy a new Domain Controller using the Install from Media option?

Ntdsutil

Which command sequence is used to transfer a FSMO role?

Ntdsutil, roles, connections, connect to server, quit, transfer role_name

JChavez is a member of the All_Staff and HR groups. You need to determine which permissions JChavez has to the Projects folder. What should you do?

Project folder properties, Security, Advanced, and Effective Access

Which FSMO role allocates blocks of unique IDs to Domain Controllers?

RID Master

Which process best describes where the packets or the presentation of authentication information between forests will be examined and processed on a Microsoft Windows 2016 server?

SID filtering

Which record defines the services that are available within the site on a Microsoft Windows 2016 DNS server?

SRV record

Which AD DS partition contains definition of objects and attributes?

Schema

Which Attribute is stored in the CRL when a certificate is revoked?

Serial number

On a Microsoft Windows 2016 server, which option would you consider as the connective tissue between two or more sites?

Site links

Your organization needs a CA in the perimeter network that can satisfy Internet client certificate needs. What should be installed?

Standalone CA

If the root CA is taken offline for security purposes, how are certificates issued?

Subordinate CA

Which statement regarding Group Policy Preferences file deployment is true?

Users do not require individual file system permissions

Which format are WMI queries written in?

WQL

Which statement is correct?

When combining NTFS and Share permissions, the most restrictive permissions prevail

All users within the domain require the same security settings with the exception of an OU named Admins. What should you do?

block inheritance on the Admins OU

You are attempting to prepopulate user credentials for users at a remote branch office where a RODC is deployed, however the credentials never replicate to the RODC. What should you check?

Allowed RODC Password Replication Group

Which of the following special character is not allowed in an AD DS username?

Ampersands

You need a static user GPO configuration on machine regardless of which user logs on. What should you do?

enable loopback processing with the replace option

Which PowerShell cmdlet is used to add multiple members to the same group?

Add-ADGroupMember

You want to identify which files will be retained, when only some existing objects will be overwritten. Which of the following Active Directory restoration methods should be used?

Authoritative Restore

Which of the following command creates an organizational unit?

Correct New-ADOrganizationalUnit

Which of the following option is not a valid reason to implement a multiple forest AD DS infrastructure?

Different versions of Windows Server

Which built-in group can add pre-staged computers to an Active Directory domain?

Domain Admins

You have configured a certificate template to issue user EFS certificates. The CA is configured to use the certificate. Domain users complain that when they request a certificate through Active Directory Enrollment, the EFS certificate template is not shown. What should you do?

Grant users the Enroll permission

Your company uses Group Policy restricted groups to control group membership. What will happen to group memberships when the Group Policy is removed?

Group memberships will remain the same

Which of the following methods will successful enable your recycle bin on a new active directory installation? Choose two

In the Active Directory Administration Center: Select the domain, the select "Enable Recycle Bin"

Which PowerShell command installs the Active Directory Certification Authority?

Install-WindowsFeature ADCS-Cert-Authority

Which technology should you use to supply access to resources within a domain on a Microsoft Windows 2016 server?

Active Directory domains and trust

Where do you need to go to move a domain controller from one site to another?

Active Directory sites and services

If you are working in an environment using Microsoft Windows 2016 server and you have a branch office connected over a wide area network link with desktops in the location, but there are no domain controllers in the location and you do not want to enable the replication traffic for users to log in on the remote environment. What should you do to configure this correctly?

Automatic site coverage

Which of the following Active Directory backup solution allows incremental backups?

Azure Backup

Which of the following is NOT a method of pre-authentication to choose when publishing an app with WAP?

Kerberos

You are configuring the domain cloning feature to rapidly deploy serveral new domain controller vitual machines. Which file contains the new server name and IP address information?

DCCloneConfig.xml

How can you enable a single sign-on experience across forests on a Microsoft Windows 2016 server?

Forest to forest trust

You are building a script that will show members of all Active Directory groups. Which PowerShell cmdlet should the script use?

Get-ADGroupMember

Which forms of authentication are available only for intranet logons to ADFS?

Windows

What is the minimum forest functional level required to make use of the Active Directory Recycle Bin?

Windows 2008 R2

You have an external trust or a forest trust and you do not want the scope of potential authentication to be all users in one domain or forest to be able to access all resources in another domain and forest. What can you put in place on a Microsoft Windows 2016 server?

Trust firewall

Your Active Directory environment consists of two forests. Each forest contains two domains. How many Active Directory schemas exist in this configuration?

Two

Which Domain Controller attributes shows that a Global Catalog is active?

isGlobalCatalogReady

To compliment your backup solution, you would like to have an additional copy of Active Directory objects and their attributes stored in a file. Which command should you use?

ldifde

You need to change GPO settings references from Server1 to Server2 while upgrading to a Server 2016 environment. What should you configure?

migration table


Related study sets

Corporate Social Responsibility and Business Ethics

View Set

Nissan 2023 Sentra Certification

View Set

GEO 102: CHAPTER 3 PRACTICE QUIZ

View Set

Another word instead of the word "I think".

View Set

Multimedia News Writing Chapter 4

View Set