Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

43 Cards in this Set

  • Front
  • Back
What does AD Domain Services (AD DS) do?
provides Identity and Access (IDA) solutions for enterprise networks
What does IDA refer to?
Identity and Access
What 4 things should an IDA infrastructure do?
store information about users, groups, computers, and objects; authenticate identities; control access; provide and audit trail
What 5 technologies comprise a Microsoft IDA solution?
AD Domain Services; AD Lightweight Directory Services; AD Certificate Services; AD Rights Management Services
*AD Federation Services
What part of IDA does AD Domain Services provide?
identity management
What part of IDA does AD Lightweight Directory Services provide?
applications management
What part of IDA does AD Certificate Services provide?
trust management
What part of IDA does AD Rights Management Services provide?
What part of IDA does AD Federation Services provide?
partnership with external organizations
What did AD Lightweight Directory Services used to be called?
Active Directory Application Mode
What does AD Lightweight Directory Services do?
stores and replicates application-related database information
What best practice should be used when using AD Certificate Services to provide certificate services to external communities?
get a root certificate from a trusted third-party CA
What does AD Rights Management Services do?
provides persistent rights management, even after authentication (similar to Acrobat controls)
What 5 components does AD Rights Management Services require to function?
AD domain with Server 2000 SP3 or higher DC's, IIS, database server AD RMS client, RMS-enabled browser
What does AD Federation Services do?
allows organizations to project rights and access controls across organizational boundaries
What is a schema?
a set of rules that defines classes of objects and attributes in a directory
What do replication services do?
distribute directory data across a network
What does a global catalog contain?
limited information about every object in the directory
What is another name for a global catalog?
partial attribute set
What command is used to launch configuration of a domain controller?
What are the components of an AD infrastructure?
AD data store, DC's, domains, forest, trees, functional level, OU's, sites
What is the directory also known as?
the AD data store
How is the directory stored?
as a single file (Ntds.dit)
Where is the directory located by default?
%SystemRoot%\Ntds folder on all domain controllers
What 4 partitions are usually found in the AD data store?
schema, configuration, global catalog, domain naming context
What important authentication service is run by all domain controllers?
Kerberos Key Distribution Center (KDC)
Where can a user receive authentication from?
any DC in their domain
What serves as a scope for administrative policies (password expiration, etc.)?
a domain
What is considered best practice when replication cannot occur reliably between domain controllers?
place them in separate domains
What is a forest?
a collection of one or more Active Directory domains
What is the first domain in a forest known as?
the forest root domain
What entity defines a security boundary?
a forest
What is a security boundary?
an entity outside which no data is replicated
What defines a tree?
the DNS namespace
What determines whether domains are part of the same tree?
whether those domains are part of a contiguous DNS namespace
What are the 3 domain functional levels?
Windows 2000 native, Windows Server 2003, and Windows Server 2008
What are the 2 forest functional levels?
Windows Server 2003 and Windows Server 2008
What requirement exists for the Windows Server 2008 domain functional level?
all DC's must be running Server 2008
What requirement exists for the Windows Server 2008 forest functional level?
all domains must be Windows Server 2008 domains
What MMC is used to administer roles?
Server Manager
What are the two primary steps in creating a new DC?
add roles through Server Manager and promote server to DC
What command-line command can be used to promote a server to DC?
What two names do all DC's require?
a valid DNS name and a valid NetBIOS name