Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/166

Click to flip

166 Cards in this Set

  • Front
  • Back
  • 3rd side (hint)
What is the primary security boundary for Active Directory
The primary security boundary for Active Directory is the forest.
What does a forest contain?
A forest contains domain trees.
How many domain trees can be in a forest?
There can be one or more domain trees in a forest.
What is the first domain in a forest designates as?
The first domain in a forest is designated as the forest root domain.
How are domains identified in Active Directory?
Domains in Active Directory are identified through their DNS name.
What does a domain tree contain?
A domain tree can contain multiple domains that share a common name space.
Can the domain tree fabricam.com and the domain tree contoso.com be in the same forest?
Since a forest can contain multiple domain trees, the domain trees fabricam.com and contoso.com can be in the same forest
Who has authority over all the domain trees in the forest
Each forest has an Enterprise Admins group as well as a Schema Admins group. Members of these groups have authority over alle the domain trees in the forest.
None
Who has administrative permissions to child domains?
Each domain has a Domain Admins group, and members of this group in a parent domain has automatically administrative permissions to all child domains.
Why does administrators in a parent domain automatically have administrative permissions to all child domains?
Administrators in a parent domain has automatically administraive permissions in all child domains through automatic transitive trust relations.
How are resources on different LANs separated by a WAN identified in Active Directory
Active Directory uses Sites to make this distinction
What does a Active Directory site contain?
An Active Directory site contains Active Directory resources that all are connected by reliable high speed bandwidth - a minimum of 10 MB
When is site membership used?
Site membership is used in the logon process, in replication, in accessing global catalogs and in the Exchange 2003 messaging infrastucture
How is site membership used in the logon process?
Site membership is used in the logon process, sa a computer attempts to locate a domain controller in its own site first.
What is the Active Directory Schema?
The Active Directory Schema is a definition of the types of objects that are allowed within a directory and the attributes that are associated with those objects
Name the 2 types of difinitions wihtin the Schema
The 2 types of definitions within the Schema are attributes and classes, also known as objects and metadata
How many times are attributes defined?
Attributes are defined only once, and they can be applied to multiple classes as needed
For what are object classes used?
The object classes, or metadata, are used to define objects.
Can the Schema be extended?
Network administrators can extend the schema be defining additional attributes and extending the classes within the directory
How are objects organized within the domain for administrative purposes?
Active Directory uses a special container known as an organizational unit (OU) ro organize obects within the directory for the purpose of administration.
How can OUs be used to split a domain into administrative divisions?
OUs can be used to split a domain into administrative divisions that mirror the physical or functional separations wihtin the company
What can an OU contain?
An OU can contain user accaounts, computers, printers, shared folders, applications and any other object within the domain
What does the Global Catalog store?
The Global Catalog stores partial replicas of the directories of other domains.
When is Global Catalog required when logging on to the network?
Within a multiple domain environment that is running in Windows 2000 Native mode or the Windows 2003 functional level, a global catalog is required for logging on to the network
What happens to the user if the global catalog is not available when logging on?
If the global catalog is not available during the logon attempt and the user account is external to the local domain, the user will only be allowed to logon to the local machine
When is global catalog required?
Global catalog is required only when a user account or object needs to be authenticated by another domain.
What does global catalog maintain?
The global catalog maintains a subset of the directory information available within every domain in the forrest
Where does Active Directory automatically create a Global Catalog?
Active Directory automatically creates a global catalog on the first domain controller within the forest
What is good practice to do with global catalog in an environment with multiple sites?
In an environment with multiple sites, it is good practice to designate a domain controller in each site to function as a global catalog server
Name the 5 operation master roles in Active Directory
The 5 operation master roles are: Schema Master, Domain Naming Master, Relative ID Master, PDC Emulator and Infrastructure Master
Which operation master roles function on the forest level?
The Schema Master and the Domain Naming Master roles function on the forest level and exists only once in a forest.
Which operation master roles function on the domain level?
The Relative ID Master, the PDC Emulator and the Infrastructure Master roles function on the domain level and exists in each domain in the forest.
What does the Schema Master do?
The Schema Master role controls all the updates and modifications to the schema itself.
What does the Domain Naming Master do?
The Domain Naming Master role controls the addition and removal of domains from the forest.
What does the Relative ID Master do?
The Relative ID Master role controls the sequence number for the domain controllers within the domain
What does the PDC Emulator do?
The PDC Emulator acts as a Windows NT PDC for legacy client operating systems as well as for Windows NT BDCs and processes password changes.
What happens if the Relative ID Master is not available?
If the Relative ID Master is unavailable and the domain controller exhausts ist pool of IDs, it will be unable to create additional objects
What happens if a Domain Controller cannot authenticate a user due to bad password?
If the another domain controller is unable to authenticate a user due to bad password, the request is forwarded to the PDC Emulator.
What does the Infrastucture Master do?
The Infrastructure Master role is responsible for maintaining all inter-domain object references.
When is the Infrastructure Master not needed?
The Infrastructure Master role is not needed if there is only one domain in the forest.
Where are the 5 operation master roles automatically assigned to?
Be default, Active Directory assigns all five of these operation master roles to the first domain controller installed in a forest
How is Exchange Server 2003 integrated with Active Directory?
Exchange Server 2003 is tightly integrated with Active Directory, in that Exchange Server 2003 uses Active Directory as the storage mechanism for its data.
For what has Exchange Server 2003 its own databases?
Exchange Server 2003 still uses its own databases for storing the content of messages and tranaction logs.
Name the 3 naming contexts Active Directory is partitioned into.
Active Directory is partitioned into naming contexts: Domain, Configuration and Schema naming context.
What are naming contexts?
Naming contexts provide boundaries for and structure to the Active Directory database and can have their own replication and permissions configuration.
Where are all the domain objects for Exchange Server 2003 stored?
The Domain Naming Context is where all the domain objects for Exchange Server 2003 are stored.
What does the Configuration naming context store?
The Configuration naming context stores information about the physical structure of the Exchange organisation, such as routing groups and connectors.
What dows the Schema naming context contain?
The Schema naming context contains information about all the object classes and their attributes that can be stored in Active Directory
What happens to the Schema when deploying Exchange Server 2003?
During the deployment of Exchange Server 2003, the Active Directory Schema is extended to include the classes and attributes specific to Exchange Server 2003
Name the 2 services Exchange Server 2003 uses to access the global catalog.
Exchange Server 2003 uses 2 services - DSProxy and DSAccess - to access the global catalog
Which Microsoft Outlook clients can access the Global Catalog directly?
Microsoft Outlook 2000 and 2003 clients can access a global catalog directly
What does DSProxy do?
DSProxy works as a facilitator to allow Outlook clients to access information within Active Directory through the Name Service Provider Interface (NSPI)
How does DSProxy support older MAPI clients?
The DSProxy service supports older MAPI clients by forwarding requests directly to the global catalog server
What does DSAccess do?
DSAccess implements a directory access cache that stores recently accessed information for at configurable length of time.
How are Active Directory security and distribution groups extended?
Active Directory security groups and distribution groups are extended to support e-mail addresses
What version of IIS is included with Windows Server 2003
Windows Server 2003 includes IIS version 6
What new security feature is included in IIS 6
IIS 6 intoduces Worker Process Isolation Mode which offers greater reliability and security to Web servers
How does Worker Process Isolation Mode work?
Worker Process Isolation Mode enures that all of the authentication, authorization, Web application processesand ISAPI extensions that are associated with a particular application are isolated from all other applications
What happens with IIS 6 when Exchange Server 2003 is installed?
When you install Exchange Server 2003 on a computer running Windows Server 2003, the Exchange Setup program automatically sets IIS 6 to Worker Process Isolation Mode.
For what are ISAPI extension required?
Exchange Server 2003 requires certain ISAPI extensions for features such as OWA, WebDAV and Exchange Web forms.
Name the 3 IIS 6 services Exchange Server 2003 integrates with.
The integration of Exchange Server 2003 with IIS services includes the following: SMTP, NNTP and World Wide Web Service
Which service is not provided by Exchange Server 2003?
Exchange Server 2003 does not provide its own SMTP services. It extends the IIS built in SMTP services
What is true about the POP3 service when deploying Exchange Server 2003?
The POP3 service is not used by Exchange Server 2003 and should not be installed when deploying Exchange Server 2003.
Name some of the new enhancements in the Exchange Server 2003 SMTP service.
There are a number of new enhancements in the Exchange Server 2003 SMTP service, including native support for Real-Time Blacklists (RBLs) and improved antivirus support
What dows the NNTP service do?
The NNTP service provides user access to newsgroups either internally or on the Internet
How is access to newsgroups made available?
Access to newsgroups is made available through Exchange Server 2003 public folders
Is Exchange Server 2003 modifying the NNTP service?
Exchange Server 2003 does not modify or extend the IIS NNTP service
Does OWA have to be installed on the same server as Exchange Server 2003?
OWA can be installed on any server in the forest.
What does OWA do?
OWA provides client access to an Exchange mailbox through a Web browser
Which protocol is used to transport OWA functionality?
The HTTP protocol, which is part of the World Wide Web Service, is the transport used for OWA functionality.
What can users running Microsoft Internet Explorer or later take advantage of?
Users running Microsoft Internet Explorer or later can take advantage of a number of new enhancements to OWA including spell checker, support for mail rules, support for digital signatures, marking mail as read/unread and public folders support
Name a new feature exclusive to Exchange Server 2003 running on Windows Server 2003.
A new feature exclusive to Exchange Server 2003 running on Windows Server 2003 is known as RPC over HTTP
Name the requirement for clients to use RPC over HTTP.
The requirement for client computers to use RPC over HTTP is that they must be running Windows XP Professional SP1 or later
Which operating systems can Exchange Server 2003 be installed on?
Exchange Server 2003 can be installed on Windows 2000 Server SP3, Windows Server 2003, both member servers and domain controllers. Exchange Server 2003 requires Active Directory
Which version of Exchange can be installed on Windows Server 2003?
Only Exchange Server 2003 can be installed on Windows Server 2003
Which features are only available when Exchange Server 2003 is installed on Windows Server 2003?
Mount points that overcome the 24 drive letter limitation, Volume Shadow Copy for database backup, IPSec support for front-end/back-end, Cross-forest Kerberos authentication, IIS6 enhanced security, HTTP access from Outlook 2003, Real-Time collaboration, SharePoint Portal Server Web Parts
Which functions are only available when Exchange Server 2003 is installed on Windows Server 2003, Enterprise edition?
Support for 8-way PIII Xeon processors, support for 8-way P4 XeonMP processors, Up to 8-node clustering, mount point support
What are the minimum hardware requirements for installing Exchange Server 2003?
The minimum hardware requirements for installing Exchange Server 2003 are Pentium 133 processor, 256MB RAM, 200MB free disk space on system drive, 500 MB free disk space on drive where Exchange is installed, CD-ROM drive, VGA or better display, NTFS file system
What are the recommended hardware requirements for installing Exchange Server 2003?
The recommended hardware requirements for installing Exchange Server 2003 are Pentium III 500MHz/733 MHz processor, 512MB RAM, 200MB free disk space on system drive, 500 MB free disk space on drive where Exchange is installed, CD-ROM drive, SVGA or better display, NTFS file system
Which permissions and roles are required to run Forestprep the first time?
To run Forestprep the first time you need to be a member of the Schema Admins and Enterprise Admins groups
Which permissions and roles are required to run Forestprep other than the first time?
To run Forestprep other than the first time you need Exchange Full Administrator permissions at the organization level
Which permissions and roles are reqiured to run Domainprep?
To run Domainprep you need to be a member of the Domain Admins group in the target domain.
Which permissions and roles are required to install the first Exchange server in a domain?
To install the first Exchange server in a domain you need Exchange Full administrator permissions at the Exchange organization level
Which permissions and roles are required to install additional Exchange servers in a domain?
To install additional Exchange servers in a domain you need Exchange Full Administrator permissions at the administrative group level and a machine account adde to the Exchange Domain Servers group
Which permissions and roles are required to install an Exchange server with the Site Replication Service enabled?
To install an Exchange server with the Site Replication Service enabled you need Exchange Full Administrator permissions at the Exchange organization level
Which services must be installed and enabled to install an Exchange Server?
To install an Exchange server you must first install and enable: Microsoft .Net Framework, Microsoft ASP.Net, World Wide Web Services, SMTP service and NNTP service
Which services are automatically installed by the Exchange setup program when installing onto Windows 2000 Server?
When installing Exchange onto Windows 2000 Server, the setup program automatically installs .Net Framework and ASP.Net
Which required services are part of a default installation of Windows 2000 Server?
The World Wide Web Services and the SMTP service are part of a default installation of Windows Server 2000
What does Forestprep do?
Forestprep update the schema and configuration partitions in Active Directory
In which domain should you run Forestprep?
Forestprep needs to be run in the domain where the Schema Master role resides, normally the forest root domain
What happens if you try to run Forestprep in a domain that doesn't hold the Schema Master role?
When you run Forestprep , it checks whether it is being run in the correct domain. If it isn't, it tells you which domain contains the Schema Master role, and Forestprep ends.
What selection can you make when running Forestprep?
When running Forestprep, the component selection is filled out and cannot be changed. It is possible though to change the install path.
During Forestprep you must enter a domain user account. What happens with that account?
The account will be granted the Exchange Full Administrator role
Is it possible to cancel the Forestprep process once it begins?
There is no way to cancel the Forestprep process once it begins
What selection can you make when running Domainprep?
When running Domainprep, the component selection is filled out and cannot be changed. It is possible though to change the install path if it is not the same as the one used during Forestprep.
What does Domainprep do?
Domainprep prepares the domain partition of Active Directory. It creates groups and permissions required by Exchange Server 2003
In which domains must you run Domain prep?
Domainprep must be run in the forest root domain, the domains that will contain Exchange Server 2003 and in domains that will contain Exchange Mailbox-enabled objects
Which two groups are created by Domainprep?
Exchange Enterprise Servers and Exchange Domain Servers security groups are created by Domian Prep
What is the Exchange Enterprise Servers security group used for?
The Exchange Enterprise Servers security group is a domain local group that contains all Exchange servers running in the forest
What is the Exchange Domain Servers security group used for?
The Exchange Domain Servers secrity group is a global group that contains all Exchange servers in the selected domain
Name the two primary types of installations available.
The two primary types of installations available are Create A New Exchange Organization ans Join Or Upgreade An Existing Exchange Server 5.5 Organization
What is the /ChooseDC switch used for when running Setup?
The /ChooseDC switch specifies a domain controller to be used during Setup for the reading and writing of Active Directory information. Very useful when installing several Exchange Servers simultaneously in the same domain. It avoids Active Directory replication clashes
What is the /DisasterRecovery swith used for when running Setup?
The /DisasterRecovery switch recovers an Exchange installation after the server's configuration has been restores from backup
What is the /ForestPrep switch used for when running Setup?
The /ForestPrep switch runs the Forestprep process.
What is the /DomainPrep switch used for when running Setup?
The /DomainPrep switch runs the Domainprep process.
What is the /CreateUnattended switch used for when running Setup?
The /CreateUnattended switch will create an unattended installation file to be used for unattended installation of Exchange Server 2003
What is the /EncryptMode swich used for when running Setup?
The /EncryptMode switch encrypts the Unattend.ini file
What is the /UnattendFile switch used for when running Setup?
The /UnattendFile switch performs an unattended installation of Exchange Server 2003
What is the /Password switch used for when running Setup?
The /Password switch specifies the password for the currently logged on user to be used for auto-logon during setup
What is the /ShowUI switch used for when running Setup?
The /ShowUI switch displays the wizard user interface even though Setup is running in unatteded mode
What is the /NoEventLog switch used for when running Setup?
The /NoEventLog switch prevents Setup from writing any event information to the Windows event logs (System, Application or Security)
What is the /NoErrorLogging switch used for when running Setup?
The /NoErrorLogging switch disables any errror logging during Setup
What is the /All switch used for when running Setup?
The /All switch enables all Exchange components for an install, upgrade or reinstall
How many Exchange organizations can exist in a forest?
Because Active Directory supports only one Exchange organization per forest, you can create a new organization in a forest only if one does not alreade exist.
What limitation is there when creating a new organization with an unattended installation file ?
The only limitation when creating a new organization with an unattended installation file is that the file is not reusable.
What name must the unattended installation file have?
You can choose any name for the unattended installation file, however, the extension .ini should be maintained
Can the unattended installation file have any extension?
While technically you can use any extension for the unattended installation file, the format is that of an .ini file and it is recommended to leave the extension as such for consistency.
What prerequisites are there when using the Microsoft Exchange Installation Wizard to remove an Exchange Server?
To use the Microsoft Exchange Installation Wizard to remove an Exchange server you must move all mailboxes to another Exchange Server, the server must not be a bridgehead server, the server must not be part of any connection agreeements and the server must not have any connectors installed and in use.
What is a common pitfall when removing a newly created Exchange Server?
The administrator account used when installing Exchange will automatically get a mailbox. This mailbox must first be moved to remove the Exchange server
What must be done before forcibly removing an Exchange server?
Before forcibly removing an Exchange server, stop all of the Exchange services.
How is an Exchange server forcibly removed?
To forcibly remove an Exchange server use the Exchange System Manager console, right-click on the server you want to remove, point to all tasks and then click Remove Server
What must be done after an Exchange server is forcibly removed from Active Directory?
To finish a forcibly removal of Exchange Server, you need to disable all Exchange services, then remove a number of registry keys and remove any unused IIS services.
What happens if the Microsoft Exchange Information Store service is not running?
If this service is stopped, mailbox stores and public folder stores on the computer are unavailable
Which account is be default used for the Exchange services?
By default Exchange Server 2003 uses the Local System account to start each of the Exchange services.
What common workaround is there to shut down or restart an Exchange server quickly?
To shut down or restart an Exchange server quickly, first stop all Exchange services.
Which accounts are given the Exchange Full Administrator rights to the Exchange organization by default?
Only the account stated when running Forestprep will be given the Exchange Full Administrator rights
Name the three Exchange administrative roles.
The three administrative roles for Exchange are Exchange Full Administrator, Exchange Administrator and Exchange View Only Administrator
Which Exchange administrative roles can edit permissions?
Only Exchange Full Administrator can edit permissions.
Where can authority to administer Exchange Server 2003 be delegated?
Authority to administer Exchange Server 2003 can be delegated one of two places: at the organization level or at the administrive group level.
What is a basic requirement for management workstations?
A basic requirement for any managenment workstation is that it is a member of the same domain and forest as the Exchange organization
What are the requirements for installing Exchange System Management Tools on Windows XP Pro SP1?
The requirements are IIS snap-in component, SMTP component, WWW service and Windows Server 2003 AdminPack
What should be done after installing Exchange System Management Tools on Windows XP Pro SP1?
After installing Exchange System Management Tools on Windows XP SP1 you should disable the SMTP service and the WWW service
What are the requirements for installing Exchange System Management Tools on Windows XP Pro SP2?
The requirements are IIS snap-in component, IIS Manager component and Windows Server 2003 AdminPack
What are the requirements for installing Exchange System Management Tools on Windows 2000 Pro SP3?
The requirements are IIS snap-in component and Windows 2000 AdminPack
What are the requirements for installing Exchange System Management Tools on Windows 2000 Server SP3?
The requirements are IIS snap-in component, SMTP service component and NNTP service component
What should be done after installing Exchange System Management Tools on Windows 2000 Server SP3?
After installing Exchange System Management Tools on Windows 2000 Server SP3 you should disable the SMTP service and the NNTP service
What are the requirements for installing Exchange System Management Tool on Windows Server 2003
The requirements are IIS manager component
How are the Exchange System Management Tools installed?
To install the Exchange System Management Tools, run setup from the Exchange Server 2003 CD and select only the System Management Tools on the component selection page.
How are components added or removed from an Exchange installation?
Adding or removing Exchange components involves re-running Exchange Server 2003 Setup and change selections
What are administrative groups used for?
With Exchange Server 2003, administrative groups are used to define the adminstrative topology of the Exchange organization
What is a limitation regarding administrative groups and storage groups with Exchange Server 2003, Standard Edition?
Exchange Server 2003, Standard Edition is limited to a single adminstrative group with a single storage group.
Which type of objects can an administrative group contain?
Administrative groups can contain Servers, Policies, Routing groups and Public Folder trees
How can the default administrative group be modified after ForestPrep and DomainPrep are run but prior to the installation of Exchange Server 2003?
Prior to the installation of Exchange but after ForestPrep and DomainPrep are run, you can use the Active Directory Sites And Services console to modify the default administrative group.
How are routing groups related to the physical layout of the network?
Routing groups are directly related to the physical layout of the network.
When are routing groups coming into play?
Routing groups come into play when you have multiple physical locations connected by slower WAN bandwidth.
Name the three types of connectors available to connect two routing groups.
The three types of connectors are routing group connector (the preferred way), SMTP connector (for unreliable WANs) and X.400 connectors
When is the first routing group created?
When you install the first Exchange server in an organization, a default routing group is created.
What can be done with the default routing group?
The default routing group can be renamed.
How are additional routing groups created?
Additional routing groups are created using the Exchange System Mananger utility
How are routing groups enabled?
To enable routing groups, start Exchange System Manager, right-click on the organization name, click Properties and select the checkbox to Display Routing Groups.
How are administrative groups shown in System Manager?
To show administrative groups in System Manager, start Exchange System Manager, right-click on the organization name, click Properties and select the checkbox to Display Administrative Groups.
How are servers moved between routing groups?
To move servers between routing groups use System Manager. Simply use drag and drop
What is a caveat regarding routing groups in mixed mode?
You cannot move servers between routing groups that belong to different administrative groups in mixed mode
What are bridgehead servers?
Between routing groups, where bandwidth is assumed to be slow, a server in each group is designated as a bridgehead server, and traffic between routing groups is funneled through the bridgehead server in each group.
What are the relation between the mode of the domain and the mode of the Exchange organization?
There are no direct relations between the mode of the domain and the mode of the Exchange organization
At what level can you select mixed mode and native mode?
With Exchange Server 2003, you can select native mode and mixed mode only at the organizaton level
Which version of Exchange can be part of an organization in native mode?
When an organization is in native mode, only servers running Exchange 2000 and Exchange 2003 can be part of the organization.
What is possible with administrative groups and routing groups in mixed mode?
Administrative groups and routing groups cannot be managed independently in mixed mode. In other words, administrative groups and routing groups are mapped directory to sites.
What can be managed in Active Directory when both Exchange Server 5.5 and Exchange Server 2003 are running in your organization?
Both Exchange Server 5.5 objects (users, custom recipients and distribution lists) and Exchange Server 2003 objects (users, contacts and groups) can be managed from Active Directory.
After converting to native mode, can you convert back to mixed mode?
Converting to native mode is a one-time, one-way operation that cannot be reversed an a later date
What is true about query-based distribution groups?
Query-based distribution groups can only be created in a native-mode Exchange organization
How is an Exchange organization converted to native mode?
Converting to native mode is accomplished through Exchange System Manager
What is the advantage of a front-end/back-end architecture?
Having a front-end and back-end architecture allows you to manage Internet access protocols on a server that is separate from servers where mailbox and public folder stores are located
What is a requirement in a front-end/back-end architecture?
All front-end and back-end servers must be in the same Active Directory forest.
What is a requirement for front-end servers)
Front-end servers cannot host any mailboxes or public folders.
What is true about front-end servers and hardware requirements?
Front-end servers does not require much disk storage, but should have a fast CPU and a large amount of memory.