Active Directory and DNS Concepts
66 Questions
7 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What are the two basic classes of Active Directory objects?

  • Container and leaf objects (correct)
  • Domain and user objects
  • Security and distribution
  • Active and passive
  • What defines what objects exist as well as what attributes are associated with any object in the Active Directory?

  • Active Directory global directory
  • Active Directory schema (correct)
  • Active Directory administrator
  • Active Directory root user
  • What is the next level of Active Directory container object within a domain?

  • Subdomain
  • Forest
  • Group
  • Organizational unit (correct)
  • Active Directory keeps a naming convention for the domain that mirrors ______.

    <p>DNS</p> Signup and view all the answers

    What allows administrators to grant users in one domain access to resources of another domain within the same domain tree?

    <p>Bidirectional trust relationship between domains</p> Signup and view all the answers

    If an administrator creates a domain tree in an Active Directory forest, and then creates a separate and different domain tree, what is the relationship between the two domain trees?

    <p>Same security entity as one Active Directory forest, bidirectional trust between domain trees</p> Signup and view all the answers

    What determines the functional level of an Active Directory forest?

    <p>The lowest version of Windows Server on a domain controller</p> Signup and view all the answers

    What is the global catalog?

    <p>An index of all AD DS objects in a forest</p> Signup and view all the answers

    What is an important difference between groups and OUs?

    <p>Group memberships are independent of the domain's tree structure.</p> Signup and view all the answers

    What is the method for removing a domain controller in Windows Server 2019?

    <p>Using the Remove Roles and Features Wizard</p> Signup and view all the answers

    How far into the lease period does a DHCP client begin requesting renewal of the IP address?

    <p>50 percent, or at 4 days into the lease</p> Signup and view all the answers

    What are the advantages of using a distributed DHCP infrastructure?

    <p>Clients have ready access to DHCP servers</p> Signup and view all the answers

    Before a DHCP server can hand out addresses, which of the following steps must be completed? (Choose two answers.)

    <p>A DHCP scope must be created and activated.</p> Signup and view all the answers

    Which of the following steps must be completed in order to ensure a network printer is assigned the same address through the DHCP server?

    <p>Create a reservation in the DHCP scope.</p> Signup and view all the answers

    What are the servers at the top of the DNS hierarchy called?

    <p>Root servers</p> Signup and view all the answers

    The typical query one DNS server sends to a root name server is called a(n) ______.

    <p>recursive query</p> Signup and view all the answers

    The domain name part of a DNS name is ______ and consists of two or more words, separated by ______.

    <p>hierarchical; periods</p> Signup and view all the answers

    What do you call the source responsible for maintaining a domain's resource records?

    <p>Authoritative source</p> Signup and view all the answers

    When using DNS for name resolution only, why should a company consider using DNS servers outside the network perimeter?

    <p>Less traffic crossing the network perimeter</p> Signup and view all the answers

    At what level of the DNS hierarchy are actual hosts, apart from the root servers?

    <p>At the second-level domain level</p> Signup and view all the answers

    Concerning DNS, what is negative caching?

    <p>When a DNS server receives information about a non-existent host</p> Signup and view all the answers

    A DNS server receives updated information. Other DNS servers have outdated information cached. What determines the amount of time that the old DNS data remains cached on a server and an update might occur?

    <p>Time To Live (TTL) specified by each DNS server's administrator</p> Signup and view all the answers

    What is the default TTL for a Windows Server 2019 DNS server?

    <p>1 hour</p> Signup and view all the answers

    Why is the DNS service included in Windows Server 2019 integrated with DHCP service?

    <p>To allow a DHCP server to request a DNS server to update or create a record.</p> Signup and view all the answers

    You registered the domain name contoso.com. The FQDNs seattle.contoso.com and halifax.contoso.com are examples of different ______.

    <p>subdomains of contoso.com</p> Signup and view all the answers

    When a DNS server communicates a name resolution query to another DNS server, what type of datagram is used, and over what port?

    <p>UDP; 53</p> Signup and view all the answers

    Concerning DNS domain hierarchy, what are examples of global top-level domains?

    <p>.com, .net, .org</p> Signup and view all the answers

    Resource access for individuals takes place through their ______.

    <p>user accounts</p> Signup and view all the answers

    What are the two built-in user accounts created on a computer running Windows Server 2019?

    <p>administrator and guest</p> Signup and view all the answers

    What are the two types of user accounts in Windows Server 2019?

    <p>local and domain</p> Signup and view all the answers

    What do you call the process of confirming a user's identity by using a known value such as a password, a smart card, or a fingerprint?

    <p>authentication</p> Signup and view all the answers

    Can a domain user, who does not possess explicit object creation permissions, create computer objects?

    <p>Yes, authenticated users can create workstation, but not server objects</p> Signup and view all the answers

    What do you call the process of confirming that a user has the correct permissions to access one or more network resources?

    <p>authorization</p> Signup and view all the answers

    Which of the following guidelines are NOT best practice for securing the Administrator account?

    <p>Using the Administrator account for daily, non-administrative tasks</p> Signup and view all the answers

    When would administrators choose to use a User Template?

    <p>When an administrator wants to save time while creating single users with many attributes</p> Signup and view all the answers

    What would be the distinguished name (DN) for a user named Ella Parker, whose user account resides in the Marketing OU of the adatum.com domain?

    <p>cn=Ella Parker,ou=Marketing,dc=adatum,dc=com</p> Signup and view all the answers

    Which of the following is NOT a group scope?

    <p>Security groups</p> Signup and view all the answers

    Of the key reasons for creating organizational units, which of the following is NOT one of them?

    <p>Assigning permissions to network resources</p> Signup and view all the answers

    What is the only OU created by default after installing Active Directory?

    <p>Domain Controllers OU</p> Signup and view all the answers

    Within a domain, the primary hierarchical building block is the ______.

    <p>organizational unit</p> Signup and view all the answers

    Members of a universal group can come ______.

    <p>from trusted forests</p> Signup and view all the answers

    Of the default groups created when Active Directory is installed, what are the types of those groups?

    <p>Security groups</p> Signup and view all the answers

    What is the group scope for Domain Admins, Domain Controllers, and Domain Users default groups?

    <p>Global</p> Signup and view all the answers

    Which of the following default groups is a universal group?

    <p>Enterprise Admins</p> Signup and view all the answers

    Which of the following is NOT an example of a special identity?

    <p>Dialup Service</p> Signup and view all the answers

    What is the proper term for associating a Group Policy to a set of AD DS objects?

    <p>Linking</p> Signup and view all the answers

    When multiple GPOs are linked to a container, which GPO in the list has the highest priority?

    <p>the first</p> Signup and view all the answers

    What is the Microsoft Management Console (MMC) snap-in that you use to create GPOs and manage their deployment to AD DS objects?

    <p>Group Policy Management console</p> Signup and view all the answers

    Can an administrator launch the Group Policy Management console from a workstation?

    <p>Yes, if the workstation is running the Remote Server Administration Tools package</p> Signup and view all the answers

    Group Policy settings are divided into two subcategories: User Configuration and Computer Configuration. Each of those two are further organized into three subnodes. What are the three?

    <p>Software settings, Windows settings, and Administrative Templates</p> Signup and view all the answers

    What do you call the process that after you link a GPO to a site with multiple domains, the Group Policy settings are applied to all the domains and the child objects beneath them?

    <p>inheritance</p> Signup and view all the answers

    What application or interface allows you to configure security filtering?

    <p>Group Policy Management console</p> Signup and view all the answers

    Local GPOs contain fewer options than domain GPOs. Local GPOs do not support ______.

    <p>folder redirection or Group Policy software installation</p> Signup and view all the answers

    Which of the following is the maximum disk size supported when using GPT partitioning?

    <p>18 exabytes (EB) for each partition</p> Signup and view all the answers

    How many primary partitions are supported on a GPT partitioned disk?

    <p>128</p> Signup and view all the answers

    Which of the following is an enhanced NTFS file system that offers larger volume sizes and files?

    <p>ReFS</p> Signup and view all the answers

    How many active partitions can a hard disk hold?

    <p>1</p> Signup and view all the answers

    Which of the following statements identifies the difference between striped and spanned volumes?

    <p>With striped volumes, the system writes data one strip at a time to each successive disk in the volume.</p> Signup and view all the answers

    Regarding both striped and spanned volumes, which of the following is the maximum number of physical disks permitted to create a volume?

    <p>32</p> Signup and view all the answers

    After you create a new VHD, it appears as a(n) ______ in the Disk Management snap-in and ______ in Server Manager.

    <p>uninitialized disk</p> Signup and view all the answers

    Which of the following is the net effect of the following combination of share and NTFS permissions when the share is accessed over the network?

    • Share permission (Share tab)—Sales group: Full Control
    • NTFS permission (Security tab)—Sales group: Read & Execute, Modify, Write

    <p>Members of the Sales group will be able to edit content and delete files.</p> Signup and view all the answers

    Which of the following permissions are assigned directly to a file or folder?

    <p>explicit</p> Signup and view all the answers

    Which of the following is the minimum permission level needed to change the attributes of a file?

    <p>Write</p> Signup and view all the answers

    Which of the following is the minimum permission level needed to take ownership of a file or folder?

    <p>Full Control</p> Signup and view all the answers

    Which of the following permission levels always overrides the other permission levels?

    <p>Explicit Deny Full Control</p> Signup and view all the answers

    Windows Server 2019 supports which of the following two types of folder shares?

    <p>Network File System and Server Message Blocks</p> Signup and view all the answers

    Study Notes

    Active Directory Objects

    • Two basic classes of Active Directory objects are containers and leaf objects
    • Active Directory schema defines what objects exist and what attributes are associated with them
    • The next level of Active Directory container object within a domain is an organizational unit
    • The naming convention for a domain in Active Directory mirrors the DNS system

    Active Directory Concepts

    • Bidirectional trust relationships allow administrators to grant users in one domain access to resources of another domain within the same domain tree
    • Active Directory forests are composed of multiple domain trees. A trust relationship exists between the two domain trees, and these are part of the same security entity.
    • The lowest version of Windows Server running on a domain controller determines the functional level of an Active Directory forest.

    DNS Concepts

    • Root servers are at the top of the DNS hierarchy
    • The typical query sent to a root name server is a recursive query
    • The domain name part of a DNS name is separated by periods and consists of two or more words

    DHCP Concepts

    • A DHCP client requests renewal of an IP address 50 percent, or about 2 days, into the lease period.
    • Distribution of DHCP servers across a network can reduce network traffic and administrative overhead.

    Active Directory Security

    • A user's access to resources in other domains is determined by trust relationships within the same domain tree.
    • Administrator accounts should be protected by strong passwords and not used for daily, nonadministrative tasks.
    • Proper naming conventions make administration easier.

    Other Concepts

    • The default TTL for a Windows Server 2019 DNS server is 1 hour.
    • The DNS service is integrated with the DHCP service to allow a DNS server to provide information to DHCP clients

    Group Policy

    • Linking a Group Policy to a set of AD DS objects is called linking.
    • The most restrictive GPO in a container has the highest priority.
    • The Group Policy Management console is used in managing Group Policy Objects.

    Virtualization

    • The Hypervisor is a module in Windows Server 2019 that provides the underlying virtualization technologies.
    • The Hyper-V Manager is the graphical tool for managing virtual machines in a virtualization environment.
    • A virtual machine's ability to access physical hardware is enabled through appropriate settings.
    • Disk types that can support a maximum image size up to 2 TB are VHDX files.

    Storage

    • RAID 5 is a striped set with distributed parity.
    • Storage pools are a combination of storage devices concatenated to make larger storage volumes.
    • Three-way mirroring provides protection against two simultaneous drive failures in storage spaces.
    • Storage area networks can be accessed over the network via protocols.

    Other Important Points

    • The number of primary partitions supported on a GPT partition disk is 128
    • A Universal Group is a type of group available in Active Directory that allows members from multiple domains to be part of the Group, while a Global Group only contains users within a single domain
    • The minimum number of nodes required for a production-ready failover cluster is 3
    • The default TTL for a Windows server DNS is 1 hour.
    • The default port for WSUS synchronization is 8530

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    Test your understanding of Active Directory objects and their structure, including containers and leaf objects. This quiz also covers trust relationships and the DNS hierarchy, essential for managing network resources effectively. Ideal for those studying network administration.

    More Like This

    Use Quizgecko on...
    Browser
    Browser