Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
41 Cards in this Set
- Front
- Back
|
Why is RIP considered simple to use?
|
there is very little configuration possible
|
|
|
In terms of subnet masks, what two features does RIPv.2 support that RIPv.1 does not?
|
VLSM and CIDR
|
|
|
What two methods can RIPv.2 routers use to exchange information?
|
broadcast and multicast
|
|
|
How many primary DNS servers are allowed per zone?
|
one
|
|
|
What makes Active Directory-integrated zone transfers more secure?
|
zone data is encrypted during transfer
|
|
|
Why must Active Directory-integrated DNS servers be DC's?
|
member servers do not hold the AD database
|
|
|
What happens when a caching-only DNS server restarts?
|
the cache is emptied
|
|
|
How is a caching-only DNS server configured?
|
a DNS server is created without a forward lookup zone
|
|
|
What sort of situation are caching-only DNS servers best for?
|
remote offices connected by slow WAN links
|
|
|
Why do caching-only DNS servers need a lot of RAM?
|
cached information is stored in RAM
|
|
|
What ping switch resolves addresses to host names?
|
ping -a
|
|
|
What DNS troubleshooting tool depends on the presence of reverse lookup zones?
|
nslookup
|
|
|
What are the two options when renewing a root CA's certificate?
|
the CA can bind its existing keys to a new certificate, or generate a new key pair and bind them to a new certificate
|
|
|
How are root CA's certificates usually renewed?
|
by binding existing keys to a new certificate
|
|
|
What is the drawback to renewing a root CA's certificate multiple times by binding its existing keys to a new certificate?
|
the CRL gets extremely long, slowing PKI operations
|
|
|
Where are CRL's stored by default?
|
%systemroot%\system32\certserv\certenroll
|
|
|
What tool is used to set permissions on certificate templates?
|
Active Directory Sites and Services
|
|
|
Where is automatic enrollment for computer certificates configured?
|
in a GPO: Computer Configuration | Windows Settings | Security Settings | Public Key Policies
|
|
|
Where is a Certificate Trust List (CTL) stored?
|
in Active Directory
|
|
|
How can certificates be unrevoked?
|
they can't- revocation is permanent
|
|
|
What is the default publication interval for CRL's?
|
one week
|
|
|
What is an Autonomous System?
|
a network or group of networks controlled by a common administrator
|
|
|
What is an OSPF area?
|
a group of contiguous networks and attached hosts
|
|
|
What is a router that participates in multiple OSPF areas called?
|
an Area Border Router
|
|
|
When manually configuring routes, what happens if a subnet mask is not specified?
|
a subnet mask of 255.255.255.255 is used
|
|
|
What is route summarization?
|
a situation where OSPF routers know only routes within their area and a default route to a backbone
|
|
|
What is a stub area?
|
an OSPF area connected to a backbone by an Area Boundary Router
|
|
|
What is a hello interval?
|
the interval at which an OSPF router announces its presence to a network
|
|
|
What does Windows 2000 call its database of certificates?
|
a certificate store
|
|
|
When using web-based certificate enrollment, where can the web enrollment page be found?
|
http://ca_name/certserv
|
|
|
What three formates can certificates be imported in?
|
PKCS#12, PKCS#10, and Microsoft SST
|
|
|
What is a PKCS#12 file used for?
|
storing certificates with their associated private keys
|
|
|
What is a PKCS#7 file used for?
|
storing certificates without keys
|
|
|
What are the four possible formats when exporting a certificate?
|
binary X.509, base-64 X.509, PKCS#7, and PKCS#12 (the only choice when exporting a private key)
|
|
|
What is base-64 X.509 normally used for?
|
email
|
|
|
What two file extensions are associated with PKCS#12 files?
|
PFX and P12
|
|
|
What three file extensions are associated with PKCS#7 files?
|
P7B, P7C, and CRT
|
|
|
When is EFS considered "off"?
|
when no recovery agents are defined
|
|
|
How would EFS be turned off in a given scope?
|
by deleting all EFS recovery keys
|
|
|
What does automatic enrollment do?
|
automatically issues certificates to computers as they join an AD domain
|
|
|
What tool is used to manage EFS?
|
the Group Policy snap-in
|
