Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
100 Cards in this Set
- Front
- Back
|
What service does Dynamic Host Configuration Protocol (DHCP) provide? |
Configures the IP address and other TCP/IP settings on network computers |
|
|
For DHCP address allocation, by how much is network traffic reduced related to periodic lease renewal messages when switching from dynamic allocation to automatic allocation? |
100% because dynamic address allocation requires periodic lease renewal messages whereas automatic does not |
|
|
What is the first packet sent to a DHCP server when a computer boots up? |
DHCPDISCOVER |
|
|
How does a DHCP client communicate which offered IP address it will accept from which DHCP server? |
The client sends a DHCPREQUEST message to all servers with teh IP address of tgeh chosen DHCP server. |
|
|
What is the default lease period for DHCP dynamic address allocation? |
8 days |
|
|
What are the advantages of using a distributed DHCP infrastructure? |
1. All the client/server network traffic is local, so minimal DHCP traffic on routers 2. Clients have ready access to DHCP server |
|
|
Before a DHCP server can hand out addresses, which of the following steps must be completed? (Choose 2 answers) |
1. A DHCP scope must be created and and activated. 2. The DHCP server must be created and authorized. |
|
|
Which of the following steps must be completed in order to ensure a network printer is assigned the same address through the DHCP server? |
Create a reservation in the DHCP scope. |
|
|
What kinds of servers should NOT be DHCP clients? |
Domain controllers, internet web servers, and DHCP servers |
|
|
What is the key benefit of DHCP manual IP address allocation over manually configuring the IP address by person? |
This prevents accidental duplication of permanently assigned IP addresses. |
|
|
What are the servers at the top of the DNS hierarchy called? |
Root servers |
|
|
The domain name part of a DNS name is ________ and consists of two or more words, separated by _________. |
hierarchical; periods |
|
|
When using DNS for name resolution only, why should a company consider using DNS servers outside of the network perimeter? |
Less Administration |
|
|
Who is responsible for the ratification of the new top-level domains? |
Internet Corporation for Assigned Names and Numbers (ICANN) |
|
|
Concerning DNS, what is negative cashing? |
when a DNS server receives information about a non-existent host. |
|
|
What is the default TTL for a Windows Server 2012 R2 DNS server? |
1 hour |
|
|
You registered the domain name contoso.com. The FQDNs seattle.contoso.com and halifax.contoso.com are examples of different________> |
Subdomains of contoso.com |
|
|
Concerning DNS domain hierarchy, what are examples of global top-level domains |
.com, .net, and .org |
|
|
What is the primary purpose of name caching? |
Name caching enables the second name resolution request for the same name to bypass the referral process. |
|
|
What is the primary benefit of a DNS forwarder? |
Reducing the traffic and making efficient use of available bandwidth across the network perimeter. |
|
|
What DNS server is never the authoritative source for a domain, but only severs to resolve names? |
Caching-only server |
|
|
What DNS sever is responsible for maintaining a particular domain's resource records? |
Authoritative source |
|
|
What is the process of granting the user access onlyh to the resources he or she is permitted to use? |
Authorization |
|
|
What defines what objects exist as well as what attributes are associated with any object in the Active Directory? |
Active Directory Schema |
|
|
Active Directory keeps a naming convention for the domain that mirrors _______. |
DNS |
|
|
If an administrator creates a domain tree in an Active Directory forest, and then creates a separate and different domain tree, what is the relationship between the two domain trees? |
same security entity as one Active Directory forest, bidirectional trust between domain trees. |
|
|
What is the global catalog? |
an index of all AD DS objects in a forest. |
|
|
What is an important difference between groups and OU's? |
Group memberships are independent of the domain's tree structure. |
|
|
Fro Server Core installations, how does Windows Server 2012 R2 differ from Windows Server 2008 when installing the AD DS role and promoting the system to a domain controller? |
Windows Server 2012 F2 now allows administrators to use PowerShell. |
|
|
Which of the following features allows you to create virtual machines on a leased cloud resource. |
Infrastructure as a Service (IaaS) |
|
|
What administrative division in Active Directory is defined as a collection of subnets that have good connectivity between them to facilitate the replication process? |
Sites |
|
|
When is an Active Directory site topology created? |
Site topology is manually configured dependent on WAN |
|
|
An Active Directory _______ consists of one or more separate domain trees. |
Forest |
|
|
What is a container object that functions in a subordinate capacity to a domain, and still inherits policies and permissions from its parent objects? |
Organizational Unit |
|
|
Resource access for individuals takes place through their ______. |
user accounts |
|
|
What are the two built-in user accounts created on a computer running Windows Server 2012 R2 |
administrator and guest |
|
|
What do you call the process of confirming a user's identity by using a known value such as a password, a smart card, or a fingerprint? |
Authentication |
|
|
The LDIFDE.exe utility is most similar to what other utility? |
CSVDE.exe |
|
|
Which of the following guidelines are NOT best practice for securing the Administrator account? |
Using the Administrator account for daily, non-Administrative tasks. |
|
|
What user creation tool incorporates new features such as the Active Directory Recycle Bin and fine-grained password policies? |
Active Directory Administrative Center (ADAC) |
|
|
To perform an offline domain join, how many times would an administrator run the Djoin.exe command? |
Two |
|
|
What would be a sufficient user account to provide temporary access to the network for a user such as a vendor representative or a temporary employee? |
Guest |
|
|
What graphical tool can create user and computer accounts and was redesigned for Windows Server 2012? |
Active Directory Administrative Center (ADAC) |
|
|
Which of the following is a PowerShell cmdlet for creating user objects? |
New-ADUser |
|
|
Which of the following is NOT a group scope? |
Security groups |
|
|
Of the key reasons for creating organizational units, which of the following is NOT one of them? |
Assigning permissions to network resources |
|
|
Within a domain, the primary hierarchical building block is the _______. |
Organizational unit |
|
|
The delegation of Control Wizard is capable of ________ permissions. |
Granting |
|
|
An administrator needs to grant an e-mail distribution group of 100 members access to a database, how would the administrator proceed? The e-mail group is obsolete and can be dissolved. |
Convert the distribution group to a security group and then assign the group access permissions. |
|
|
What is the group scope for Domain Admins, Domain Controllers, and Domain Users default groups? |
Global |
|
|
Which of the following is NOT an example of a special identity? |
Dialup Service |
|
|
What are the different kinds of groups? |
There are two types: security and distribution; and there are three group scopes: domain local, global, and universal. |
|
|
What command-line utility allows administrators to modify a group's type and scope as well as add or remove members? |
Dsmod.exe |
|
|
Which of these groups would an administrator use to assign permissions to resources in the same domain? |
Domain local groups. |
|
|
Which of these groups is not related to security and cannot have permissions assigned to it? |
Distribution groups |
|
|
What is the proper term for associating a Group Policy to a set of AD DS objects |
Linking |
|
|
The three types of Group Policy Objects (GPO's) include local, domain and _______. |
Starter |
|
|
Configuring a Central Store of ADMX files help solve the problem of _______. |
"SYSVOL bloat" |
|
|
What is the Microsoft Management Console (MMC) snap-in that you use to create GPO's and manage their deployment to AD DS objects? |
Group Policy Management console |
|
|
Group Policy settings are divided into two subcategories: User Configuration and Computer Configuration. Each of those two are further organized into three subnodes. What are the three? |
Software settings, Windows settings, and Administrative Templates |
|
|
What is the technique called that you can modify the default permission assignments so that only certain users and computers receive the permissions and, consequently, the settings in the GPO? |
security filtering |
|
|
What is the order in which Windows systems receiving and process multiple GPO's? |
LSDOU(local, site, domain, then OU) |
|
|
Local GPO's contain fewer options than domain GPO's. Local GPO's do not support ________. |
Folder redirection or Group Policy software installation. |
|
|
If creating a Local Group Policy Object, then a secondary GPO, then a tertiary GPO, what policy settings are included in each GPO? |
The first GPO contains both Computer Configuration and User Configuration settings, while the secondary and tertiary GPOs contain only User Configuration Settings |
|
|
What nonlocal GPO has its properties stored in the Active Directory object Group Policy container (GPC), as well as a Group Policy template located in the SYSVOL share? |
domain GPO |
|
|
What capability allows you to create specific GPO settings for one or more local users configured on a workstation? |
multiple local GPOs |
|
|
What are the two categories of security settings within Group Policy? Select two answers. |
1. User 2. Computer |
|
|
What are the three primary event logs? |
Application, Security, and System |
|
|
What is the default size for each of the three Event logs? |
16,384 KB |
|
|
What is a collection of configuration settings stored as a text file with an .inf extension? |
Security template |
|
|
When does Windows apply User Configuration policies by default? |
As the user logs in |
|
|
You create a GPO that contains computer settings, but not user settings. What can you do to quicken GPO processing? |
You can disable the setting area that is not configured for faster processing. |
|
|
What did Microsoft introduce in Windows Server 2008, which is used to ensure users with administrative privileges still operate routing tasks as standard users? |
User Account Control (UAC) |
|
|
How are most Group Policy settings applied or reapplied? |
At the refresh interval |
|
|
What are the two interfaces available for creating and managing user accounts in Windows Server 2012 R2? |
User Accounts control panel and the Local Users and Groups snap-in for MMC |
|
|
What tool for creating new users is only valid while the Windows Server 2012 R2 computer is part of a workgroup and not joined to AD DS domain? |
User Accounts Control Panel |
|
|
What tool for user creation provides full access to all local user and group accounts on the computer? |
Local Users and Groups snap-in |
|
|
What service works with Group Policy to install, upgrade, patch, or remove software applications? |
Windows Installer |
|
|
When configuring a GPO to deploy a software package, what is the difference between assigning and publishing the application? |
Assigning forces the application, whereas publishing provides the option to install |
|
|
After deploying software by GPO using the Assigned option, where is the package made available for the user? |
Start menu or desktop |
|
|
Not all software on the market provides .msi support. What is your best option to use Windows Installer to assign and publish the software? |
Repackage the software for Windows Installer |
|
|
In what Group Policy objects container are AppLocker settings located? |
Computer Configuration\Windows Settings\Security Settings\Application Control Policies\AppLocker (this is the longest answer of the choices given) |
|
|
How does AppLocker handle all executables, installer packages, and scripts by default? |
AppLocker blocks all by default, except for those specified in Allow rules |
|
|
What are the three default security levels within software restriction policies? |
Unrestricted, Disallowed, and Basic User |
|
|
What is the most common way to implement software restrictions policies? |
Linking Group Policy objects to Active Director Domain Services containers, so that you can apply their policy settings to several computers simultaneously |
|
|
When installing software using Group Policy, what file or files does an administrator use? |
Windows Installer package files, or .msi files-modifications to the package files require transform files, or .mst files. Further, patch files are designated as .msp files. (longest available answer) |
|
|
Software restriction relies on four types of rules to specify which programs can or cannot run. What type identifies software by its directory where the application is stored in the file system? |
Path |
|
|
Software restriction relies on four types of rules to specify which programs can or cannot run. What type enables Windows Installer packages to be installed only if they come from a trusted area of the network? |
Network Zone |
|
|
Firewall rules function in two ways: admit all traffic, except that which conforms to the applied rules, and secondly, block all traffic, except that which conforms to the applied rules. How does the Windows Firewall work for inbound traffic and for outbound traffic? |
Inbound - block all, Outbound - permit all |
|
|
Windows Firewall uses three profiles to represent the type of network to which the server is connected. What are the three profiles? |
Domain, Private, and Public |
|
|
What does the term "filter" refer to in the Windows Firewall With Advanced Security console? |
The ability to display inbound or outbound rules according to a profile (longest available answer) |
|
|
What tool offers more flexibility in creating rules compared with the Windows Firewall interface under Control Panel? |
Windows Firewall With Advanced Security snap-in for the Microsoft Management console |
|
|
By exporting the Windows Firewall policy, you have a file with a .wfw extension that contains _______. |
all its rules, including the preconfigured rules and the ones you have created or modified |
|
|
Windows Firewall allows an administrator to import and export firewall rules. What are the rules' file extension |
.wfw |
|
|
You can configure the Windows Firewall to allow or block specific________. |
ports, protocols, applications, users, and IP address ranges |
|
|
What is the primary objective of firewall? |
To permit traffic in and out for legitimate users, and to block the rest. |
|
|
When creating a firewall execption, what is the difference between opening a port and allowing an application through? |
Allowing an application opens the specified port only while the program is running, and thus is less risky. |
|
|
What parameter in the Windows Firewall New Inbound Rule Wizard specifies the IP address range of local and remote systems to which the rule applies? |
Scope |
|
|
What parameter in the Windows Firewall New Inbound Rule Wizard specifies what the firewall should do when a packet matches the rule? |
Action |
|
|
What is a key difference between a domain tree hierarchy and the organizational unit (OU) hierarchy within a domain? |
Inheritance |
