Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

54 Cards in this Set

  • Front
  • Back
What is the Default Domain Funtional level
Windows 2000 mixed

page 18
Active Directory is a database of resources that are represented by objects, which has a specific attribute associated to it. Where are these objects defined?
Active Directory Objects are defined in the Schema.

Page 5
What is required for Fault tolerance.
At least 2 (servers, Domain Controllers, ...) and redundancy.

Page 3
When referring to Windows 2003 Interim, what versions does this functional level support.
Windows 2003 Server and
Windows NT 4.0

page 16
Which Service provides naming across the domain.
DNS (Domain Naming Service)
What are the prerequisites for installing Active Directory.
Prerequisites for installing Active Directory:
Server running anything but Web edition
Local Admin account set up
NTFS partition for the Sysvol
50 MB minimum drive space
TCP/IP installed and configured for DNS
DNS Authority Server on Domain (SRV records)

page 28
What ways can you initiate the installation of Active Directory
You can either enter dcpromo.exe into the command line or
Use the Manage Your Server web page

page 30
What does Active Directory use to track changes.
Combination of USN (Update Sequence Number) and

page 62
What defines a Site.
IP subnets that are connected through a fast and reliable network.

page 60
How do sites organize their replication process.
A site defines which group or groups of servers that should be replicated with one another.

page 61
How are sites used by clients to assist them during the logon process.
Sites are used to determine which Domain Controller to use for their Active Directory Authentication.

page 61
How can sites be structured.
Sites are independent of structure, meaning:
A Site could hold multiple Domains
A Domain could hold multiple Sites

page 61
What is the Knowledge Consistency Checker.
the KCC a process that will map the topology between domain controllers to determine when they should replicate and with whom.

page 63
What is a restriction of the KCC
KCC runs every 15 mins with no more than 3 hops from the originating Domain controller.

page 63-64
How would cost have affected your network connection.
Higher Cost meant faster speed, but lower priority
Lower Cost meant lower speed, but higher priority

page 66
How are the FSMO Roles separated.
the FSMO roles are separated into Domain Specific and Forest Wide

page 90, 93
What are the Domain Specific Roles
Relative Identifier (RID) Master
Infrastructure Master
Primary Domain Controller (PDC) Emulator

page 90
What are the Forest Wide roles
Domain Naming Master
Schema Master

page 93
What is the role of the RID Master
The RID Master assigns new RIDs to new objects that are added to the domain. These values become a part of the objects SID and could be used to determine which domain the object comes from. The Domain Controller has a block of 500 RIDs at a time, and will request more when it reaches 50% left.

page 90-91
What is the role of the Infrastructure Master
Responsible for replicating changes in an objects SID or Distinguished name to other domains that maintain a trust with the source domain.

page 92
What is the role of the Primary Domain Controller (PDC) Emulator
Provides backwards compatibility for Windows NT 4.0

page 92
What is the role of the Domain Naming Master
Authority for creating and deleting domains, and ensuring new domains are given a unique name.

page 93 -94
What is the role of the Schema Master
Responsible for making changes to the Active Directory Schema.

page 93-94
DomainDNSZone deals with which DNS servers?
All DNS servers on the local domain.

page 40
When you add a Domain Controller to a site of multiple Domain Controllers will you need to configure it so that it is a part of the replication ring

page 63
What does CSVDE allow you to do.
CSVDE allows you to import and export Active Directory objects, but it cannot Modify or Delete existing information

page 129-130
What does LDIFDE allow you to do.
Like CSVDE it allows you to import and export Active Directory objects, and adds the ability to add, modify, and delete objects as well.

page 129-132
Which domain functional levels do not support group conversion.
Windows 2000 mixed
Windows 2003 interim
Due to windows NT 4.0

page 116
What would you use the Run As service for.
A temporary escalation of privileges.

page 145
What service must be running in order for the Run as feature to be used.
Secondary logon Service

page 146
Where are Organization Units (OU) managed.
Active Directory Users and Computers.

page 148
What are the benefits of using groups or OUs in your network structure.
Groups can be used to assign permissions for the members.
OUs can be used to organize the members of a network, and apply policies to them for security

page 147-150
What ways can you move objects through Active Directory.
Drag and Drop
Right Click, Move option

page 153-154
Where would you go to enable smart card use on your network for your users.
Active Directory Users and Computers, on the account tab of a user.

page 144
Where can you edit a Group Policy Object
Active Directory Users and Computers

page 163
What is a way to troubleshoot group policies if you do not know which one is causing problems.
Disable them.
What kind of Group Policy Object is a Group Policy Template
It is a nonlocal GPO

page 163
Where are Group Policy Templates found.
Under the Sysvol.

page 163
How can you speed up your start up with regard to automatically running services
Switch the service from running automatically to manual.

page 197
What is the default security level for software restrictions.

page 236
Which of the Software Restriction Rules is the most restrictive.
The Hash Rule

page 238
If you use multiple software restriction rules, in what priority are they applied.
Hash Rule
Certificate Rule
Internet Zone Rule
Path Rule

page 240
Which phase of the System Development Life Cycle can you not apply group policies to.
Planning Phase

page 222
You have set a policy to affect Everyone, how would you go about making an exception for a particular group.
1. Create the group
2. Remove the allow setting from your policy (if it is a default group)
3. Set the permission to Deny

page 252
Where do assign group policy permissions.
Under the ACE Access Control Entry

page 252
What does the Windows Management Instrumentation Filter.
Hardware, Software, OS types

page 254-255
Which Utility do you HAVE to use to create an Authoritative Restore

page 293
What does the Netdom utility do.
Manage and Verify trusts between partners

page 306
what does Repadmin do.
track replication and force replication between partners

page 306
what does Replmon
track replication and force replication across the domain.

page 306
What does Dsastat do
compare directory information and detect differences, does not force replication

page 306
What does NTbackup do
Create a system state backup.

page 286-287
By default how long will a tombstone last.
60 days

page 283
Who is ultimately responsible for your test score.
Not this guy!!!! Hahahahaha

page 1 (of common sense)