Unit 7: Configuring Advanced Active Directory

Ace your homework & exams now with Quizwiz!

How many domain functional levels does Windows Server 2016 support? a. 5 b. 7 c. 9 d. 10

a

If the option to select either External trust or Forest trust did not appear when configuring a forest trust, what could be the probable cause? a. DNS is not reachable. b. The domain controller in this domain is not restarted after setup. c. The forest is not configured in another domain. d. The domain controller in another domain is unresponsive.

a

In intrasite replication, which of the following is responsible for building a replication topology for DCs in a site and establishing replication partners? a. KCC b. RID c. GPO d. PDC

a

In you AD forest you want some but not all forest users to be authenticated. What is your solution? a. selective authentication b. forest-wide authentication c. disable authentication for selected forest d. remove server from forest

a

Several months ago, you installed a new forest with domain controllers running Windows Server 2016. You're noticing problems with GPT replication. What should you check? a. Verify that DFSR is operating correctly b. Check the GPOReplication flag for the GPT in the Attribute Editor c. Verify that Active Directory replication is working correctly d. Verify that FRS is operating correctly

a

Which is responsible for facilitating forest-wide Active Directory searches? a. Global catalog server b. Infrastructure master c. Domain naming master d. Knowledge Consistency Checker

a

Which of the following is not associated with an Active Directory tree? a. A container object b. A group of domains c. Parent and child domains d. A common naming structure

a

Windows Server 2000 includes the original domain functional levels provided by AD. Which of the choices is not included? a. AES support b. universal groups c. SID history d. group conversion

a

You have three sites, and each site has five domains. How many global catalog servers should you add in each site? a. 1 b. 5 c. 10 d. 3

a

You need to create an external trust with a partner organization. You, however, do not want to allow all users on all resources in your domain. Which type of trust should you configure? a. Selective b. Two-way c. One-way, incoming d. Domain-wide e. One-way, outgoing

a

Which of the following are reasons to use multiple domains? (Choose all that apply.) a. Need for different name identities b. Replication control c. Need for different account policies d. Ease of access to resources

a, b, c

Which of the following are true about forests running at the Windows Server 2016 functional level? (Choose all that apply.) a. You can group membership expirations. b. You can create a forest trust with a Windows 2000 forest. c. RODCs can be part of the forest. d. Windows 2000 domain controllers can be part of the forest.

a, c

Which of the following are true about using SMTP in site links? (Choose all that apply.) a. A certification authority must be configured. b. Domains can span the sites included in the site link. c. It's best used on slow or unreliable network links. d. It's the preferred transport protocol for intersite links.

a, c

Users of a new network subnet have been complaining that logons and other services are taking much longer than they did before being moved to the new subnet. You discover that many logon requests from workstations in the new subnet are being handled by domain controllers in a remote site instead of local domain controllers. What should you do to solve this problem? a. Move the users' computer accounts to a new site and turn on automatic site coverage on the DCs in the old site b. Create a new subnet and add it to the site that maps to the physical location of workstations c. Enable automatic site coverage on the DCs in the site where users are having the problem d. Create a new connection object between the DCs in the site where users are having a problem and the main site

b

What can you do to integrate user authentication between Linux and Active Directory? a. Create a one-way trust b. Create a realm trust c. Create an external trust d. Create a transitive trust

b

Where is a GPT stored? a. In Active Directory b. In the SYSVOL share c. In GPMC d. In GPME

b

Which of the following best describes the first domain installed in a forest? a. Primary tree b. Forest root c. Global catalog d. Master domain

b

Which of the following command should you use to verify the existence of SRV records? a. telnet b. Nslookup c. Ping d. Netstat

b

Which of the following is a valid reason for using multiple forests? a. Centralized management b. Need for different schemas c. Need for a single global catalog d. Ease of access to all domain resources

b

Which of the following records are created when a new domain controller is created in a Windows Active Directory domain? a. AAAA b. SRV c. CNAME d. MX e. A

b

Which of the following snap-in should you use to view the name suffix routing? a. Active Directory Users and Computers b. Active Directory Domains and Trusts c. Server Manager d. Active Directory Sites and Services

b

Which snap-in should you use to check whether the domain controller is a global catalog server? a. Active Directory Domains and Trusts b. Active Directory Sites and Services c. Server Manager d. Active Directory Users and Computers

b

You administer a corporate forest consisting of the main office and several national branch offices. When evaluating the trusts between these local and remote servers you find that one is not present and cannot be configured. What could be a contributing factor on the missing server? a. trusts are not automatically configured b. server is running Windows Server 2003 c. server is running Windows Server 2008 d. all of these are correct

b

You are experiencing delays establishing a trust to an external domain. How can you quickly resolve this? a. use referral b. use a shortcut trust c. initiate trust from remote domain d. all of these would work

b

You execute the following command on a server to configure an alternate DNS server: netsh interface ip add dns name=Ethernet addr=192.168.0.1 index=2 However, you get an error message indicating that DNS server is incorrect or does not exist. What should you do? a. Restart the server on which you are running this command b. Re-execute the same command again c. Restart the primary DNS server d. Check the firewall on primary DNS server

b

All domains in a forest have which of the following in common? (Choose all that apply.) a. The same domain name b. The same schema c. The same user accounts d. The same global catalog

b, d

A partition stored on a domain controller in SiteA isn't being replicated to other sites, but all other partitions on domain controllers in SiteA are being replicated. The problem partition is stored on multiple domain controllers in SiteA. What should you investigate as the source of the problem? a. A failed ISTG b. A failed site link bridge c. A manually configured bridgehead server d. An automatically configured bridgehead server

c

Bob is an administrator in a trusted forest, and you have some concerns about his trustworthiness. You want to be sure he can't gain privileged access to resources in your forest while masquerading as a user in his forest who doesn't normally have privileged access in your forest. What should you configure in the forest trust? a. One-way trust b. Trust transitivity c. SID filtering d. Selective authentication

c

What type of trust does a shortcut trust take? a. one-way b. two-way c. transitive d. conditional

c

Which is the bounding factor in the external trust? a. Forest b. Forest and root domain c. A domain d. Root domain

c

Which of the following is a new feature introduced with the Windows Server 2016 forest functional level? a. Fine-grained password policies b. AES support c. Privileged Access Management d. Domain controller renaming

c

Which of the following is the default forest functional level for a Windows Server 2016 domain controller installed in a new forest? a. Windows Server 2012 b. Windows Server 2012 R2 c. Windows Server 2016 d. Windows Server 2008

c

You are creating a forest trust. You want the users in PLABA domain to be authenticated in PLABB domain but not the other way. Which type of trust should you create here? a. One-way, outgoing b. Two-way c. One-way, incoming d. External

c

You are in the process of establishing trusts with external domains and are experiencing significant delays. What would be the cause? a. two-way trusts take longer b. transitive trusts take longer c. referrals take longer d. forest trusts take longer

c

You have changed an Active Directory local security policy secret and the new settings cannot wait for the normal update interval. How would you handle this scenario? a. update directly in policy editor b. update local DC policy c. use urgent replication d. force update

c

You have three sites: Boston, Chicago, and Los Angeles. You have created site links between Boston and Chicago and between Chicago and Los Angeles with the default site link settings. What do you need to do to make sure replication occurs between Boston and Los Angeles? a. Create a new connection object between Boston and Los Angeles b. Create a site link bridge between Boston and Los Angeles c. Do nothing because replication will occur between Boston and Los Angeles with the current configuration d. Configure a site link between Boston and Los Angeles with SMTP

c

Your company has merged with another company that also uses Windows Server 2016 and Active Directory. You want to give the other company's users access to your company's forest resources and vice versa without duplicating account information and with the least administrative effort. How can you achieve this goal? a. Configure selective authentication b. Transfer your global catalog to one of the other company's servers c. Create a two-way forest trust d. Configure an external trust

c

Your network is configured in a hub-and-spoke topology. You want to control the flow of replication traffic between sites, specifically reducing the traffic across network links between hub sites to reach satellite sites. What should you configure? a. Connection objects between domain controllers in each site b. NTDS settings c. Site link bridges d. Intersite transports

c

A user calls the help desk to change her forgotten password. A minute later, she attempts to log on with the new password but gets a logon failed message. She verifies that she's entering the correct password. She tries logging on again about 30 minutes later and is successful. What's the most likely cause of the delay in her ability to log on? a. The intrasite replication schedule is set for 30 minutes instead of 15 seconds. b. The domain controller where the password was changed was in a different site, and normal replication between sites caused the delay. c. The domain controller that authenticated the user must have gone down and didn't receive the password change until it was brought back online. d. The domain controller holding the PDC emulator role wasn't contacted by the domain controller that authenticated the user.

d

What can you do to reduce the delay caused by authentication referral? a. Create an external trust b. Create a forest trust c. Create a transitive trust d. Create a shortcut trust

d

Which of the following should you configure if you want users in a trusted forest to have access only to certain resources in your forest regardless of permission settings on these resources? a. SID filtering b. Trust transitivity c. One-way trust d. Selective authentication

d

You administer a corporate domain consisting of the main office and several national branch offices. When evaluating the trusts between these local and remote servers you find that a Windows 2000 domain is not present and cannot be configured. What can be done to resolve this issue efficiently? a. upgrade the remote server OS b. reset remote domain services c. upgrade remote server to Kerberos v5 d. create external trust

d

You have been asked to add a temporary group to escalate their capabilities. What is the best solution? a. add group to desired level then remove b. set temporary membership c. raise group functional level d. use privileged access management

d

You need to establish a trust to integrate users running Windows, Linux, UNIX, and Mac OS systems. What type of external trust would you use? a. transitive b. conditional c. referral d. realm

d

You want to change the replication schedule between two domain controllers in the same site—and only these two domain controllers—to occur four times per hour. The KCC has generated all your intrasite connection objects. What's the best way to make this change? a. In the Schedule tab of the server's Properties dialog box, click Change Schedule, and set the schedule to four times per hour. b. In the Site Settings tab of the NTDS Site Settings Properties dialog box, click Change Schedule, and set the schedule to four times per hour. c. In the General tab of the connection object's Properties dialog box, click Change Schedule, and change the replication schedule to four times per hour. Make sure the object is marked as automatically generated. d. Create a new connection object for the two domain controllers, and set the schedule to four times per hour. Tell the KCC to check the replication topology.

d

When creating an external trust which domains are not supported? a. Windows 2008 b. Windows 2003 c. Windows 2000 d. Windows NT e. all of these are supported

e


Related study sets

Group Development and Group Roles

View Set

Cyber Security Interview Questions

View Set

IELTS Speaking Sample Quiz 1 with Answers

View Set