Ms Admit 2 Final

Front 1

Schema defines what of all objects in an Active Directory database?

Back 1

class
attributes

Front 2

What partitions are used to separtate forest-wide DNS information from domain-wide DNS information to control the scope of replication of different types of DNS data?

Back 2

Application partitions

Front 3

What is the security boundary in an Active Directory environment?

Back 3

Forest

Front 4

What files stores the AD db info?

Back 4

ntds.dit

Front 5

If two SRV records have the same priority, the frequency by which they are used by clients will be determined by what?

Back 5

Relative weights

Front 6

What trust can be created between two Windows Domains in the same forest to shorten the "tree-walk" process for users who require frequent access to resources in another domain in the same forest?

Back 6

Shortcut trust

Front 7

What is the default authentication protocol used by AD of server 2008?

Back 7

Kerberos

Front 8

What policy is used to configure which user accounts will or will not have their password information replicated to an RODC?

Back 8

Password Replication Policy

Front 9

Although an RODC is no writable, what replication does it participate in?

Back 9

Inbound

Front 10

What is the function of the KCC?

Back 10

Create replication topology between multiple domain controllers within a site.

Front 11

What doeseach DC maintain that keeps track of changes that are made at each domain controller and thus keeps track of which updates should be replicated to other domain controllers?

Back 11

Update Sequence Number

Front 12

In a replication conflict, what is the first attribute that AD will use as a tie-breaker?

Back 12

version ID

Front 13

Default cost of new site link?

Back 13

100

Front 14

What FSMO role is responsible for managing time synchronization within a domain?

Back 14

PDC emulator

Front 15

What must be running and accessible to add or remove a domain or a sub domain from an AD forest?

Back 15

Domain Naming Master

Front 16

What are the FSMO roles?

Back 16

Schema Master
Domain naming master
Infrastructure Master
Relative ID(RID) Master
PDC Emulator

Front 17

What FSMO role should not be housed on a DC that has been configured as a global catalog except that every DC is a global catalog in the domain?

Back 17

Infrastructure Master

Front 18

What group membership is stored in the global catalog?

Back 18

Universal Group Membership

Front 19

Which DNS resource records allow clients to locate an AD DC or global catalog?

Back 19

SRV records

Front 20

What internal process is responsible for selecting a bridgehead server and mapping the topology for replication between sites?

Back 20

Intersite Topology Generator

Front 21

What is the maximum number of hops that the KCC will allow between two domain controllers?

Back 21

3

Front 22

What is the convergence time within one AD site on the same LAN?

Back 22

~1minute

Front 23

What is the best reason to create and manage AD sites in an AD forest?

Back 23

Improve replication performance and facilitate service location

Front 24

What type of partitions do ADs use?

Back 24

Application directory partition

Front 25

What is the minimum number of DCs that are needed to hold all of the FSMO masters in the forest root domain?

Back 25

3

Front 26

Will clients be able to log in when the Schema Master is offline?

Back 26

yes

Front 27

The RID FSMO Master distributes RIDs to DCs in an increment of what?

Back 27

500

Front 28

Where would a client workstation look to synchronize its clock with the domain?

Back 28

the DC that authenticates the workstation

Front 29

What is the Global Catalog?

Back 29

AD component that contains a partial attribute set of all objects within an AD forest

Front 30

Which FSMO role cannot be performed on multiple servers in an AD forest?

Back 30

Infrastructure master

Front 31

What is the function of a trust relationship in an AD environment?

Back 31

To provide authentication and authorization capabilities between clients and servers in different domains.

Front 32

What does FSMO stand for?

Back 32

Flexible Single Master Operations

Front 33

What are the 4 functions of the PDC Emulator master?

Back 33

1. Password changes
2. Authentication failures
3. Account lockout
4. Backwards compatibility

Front 34

What is KCC and how often does it run?

Back 34

Knowledge Consistency Checker, every 15 minutes

Front 35

What are the tie-breakers of replication conflicts?

Back 35

1. Version ID
2. Timestamp
3. GUID of the DC where change happens

Front 36

What is the first GPO that is applied during a normal GPO processing?

Back 36

Local GPO

Front 37

What folder structure is located in the shared SYSVOL folder on a domain controller?

Back 37

Group Policy Templates

Front 38

What command can be used to manually force a group policy refresh?

Back 38

gpupdate

Front 39

What is the speed of a slow link?

Back 39

< 500 Kb/s

Front 40

What log entries are triggered by events such as user rights assignment changes, establishment or removal of trust relationships, IPSec policy agent change, and grants or removals of system access privileges.

Back 40

Policy Change Audit logs

Front 41

What folder under the Computer Configuration node in the GPME contains security settings and scripts that apply to all users who log on to the AD from that specific computer

Back 41

Windows Settings

Front 42

What are all the supported packages for windows installer?

Back 42

.msi, installation package
.mst, transform file, for modification or customize install
.msp, patch file
.zap, non-Windows

Front 43

What are the 4 command types of powershell?

Back 43

1. cmdlets
2. functions
3. scripts
4. native commands

Front 44

what is the help command for powershell?

Back 44

get-help <command>

Front 45

What is Loopback processing? What are its modes?

Back 45

Used to apply Group Policy Objects (GPOs) that depend only on which computer the user logs on to. Merge and Replace modes

Front 46

From which log can you view the Group Policy processing events in the Event Viewer Windows Logs?

Back 46

System

Front 47

What is the path to the default GPT structure for a domain?

Back 47

systemroot\sysvol\sysvol\domain.com\Policies

Front 48

What policy setting allows an admin to specify group membership lists?

Back 48

Restricted Groups

Front 49

What setting logs events related to successful user logons to a domain?

Back 49

Account logon events?

Front 50

What allows published software applications to be organized within specific groupings for easy navigation?

Back 50

Software categories

Front 51

When implementing multiple software restriction policy rules, which rule is always applied last?

Back 51

Path rule

Front 52

What software restriction policy properties allow admins to determine whether the policies apply to all files or whether library files are excluded?

Back 52

Enforcement

Front 53

What order are domain, OU, site, and local GPOs applied?

Back 53

1. local
2. site
3. domain
4. OU

Front 54

AD is a database based on what format?

Back 54

Extensible Storage Engine

Front 55

What runs automatically on a DC every 12 hours by default during the garbage collection process?

Back 55

Online defragmentation

Front 56

What is the default Transaction log file?

Back 56

edb.log

Front 57

In Win2008, what type of backup media is not supported by the Server Backup?

Back 57

Magnetic types

Front 58

What service must be installed to deploy software?

Back 58

Windows Installer

Front 59

What default security level in software restriction policies will disallow any executable that requires administrative rights to run?

Back 59

Basic

Front 60

What software restriction policy rule types apply only to windows installer packages?

Back 60

Internet zone rules