Active Directory Domains and Trusts Quiz
119 Questions
21 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

When setting up domains and forests, what is the highest functional level available?

  • Server 2012
  • Server 2019 (correct)
  • Server 2016
  • Server 2012R2
  • What is the relationship between forest functional level and domain functional level?

  • Domain functional level must be the same as forest functional level
  • Forest functional level can be set higher than domain functional level
  • Domain functional level cannot be changed
  • Domain functional level can be set higher than forest functional level (correct)
  • What happens to domain controllers running Windows Server 2008 R2 and older?

  • They should be updated to Windows Server 2019
  • They should be updated to Windows Server 2016
  • They should be removed from the domain (correct)
  • They should be demoted to member servers
  • What is the purpose of the Microsoft Active Directory schema?

    <p>Contains formal definitions of object classes and attributes</p> Signup and view all the answers

    What is the implication of making changes to the Active Directory Schema?

    <p>Changes are permanent and irreversible without significant effort</p> Signup and view all the answers

    When is the most common scenario for making Schema changes observed?

    <p>Installation of Exchange Server</p> Signup and view all the answers

    What is the purpose of specifying a functionality level when setting up domains and forests?

    <p>To define the available features and capabilities</p> Signup and view all the answers

    What is the highest Windows Server version that can be used for domain controllers?

    <p>Windows Server 2019</p> Signup and view all the answers

    What is the implication of setting the domain functional level to a value lower than the forest functional level?

    <p>It is not possible to set the domain functional level lower than the forest functional level</p> Signup and view all the answers

    What is the purpose of adding custom attributes to the Schema?

    <p>To extend an object for custom application or other reasons</p> Signup and view all the answers

    What is a forest in the context of Active Directory?

    <p>A collection of trees that share a schema</p> Signup and view all the answers

    What best describes a tree in Active Directory?

    <p>A collection of domains that share a namespace</p> Signup and view all the answers

    In the context of Active Directory, what is a domain?

    <p>A logical group of objects that share the same database</p> Signup and view all the answers

    What is the primary function of a tree in Active Directory?

    <p>To contain subdomains as member domains of a main parent domain</p> Signup and view all the answers

    What is the relationship between a forest and a tree in Active Directory?

    <p>A forest is a collection of trees that share a schema</p> Signup and view all the answers

    What does a domain represent in Active Directory?

    <p>A logical group of objects that share the same database</p> Signup and view all the answers

    What distinguishes a forest from a domain in Active Directory?

    <p>A forest is a collection of trees that share a schema</p> Signup and view all the answers

    In the context of Active Directory, what is the primary purpose of a forest?

    <p>To enable shared schema definitions and configurations across multiple trees</p> Signup and view all the answers

    What makes a tree unique in Active Directory?

    <p>Containing subdomains as member domains of a main parent domain</p> Signup and view all the answers

    How does a forest differ from a tree in Active Directory?

    <p>A forest is a collection of trees that share a schema</p> Signup and view all the answers

    What is the function of trusts in Active Directory?

    <p>To share information and resources between domains</p> Signup and view all the answers

    What determines whether trusts can be extended outside the two domains with which they were formed?

    <p>Transitivity</p> Signup and view all the answers

    Which type of trust allows one domain to trust another domain across different forests, bypassing other trust paths?

    <p>Shortcut trust</p> Signup and view all the answers

    What are the Enterprise Admins and Schema Admins groups associated with in Active Directory?

    <p>Forest root domain</p> Signup and view all the answers

    What is the purpose of creating multiple forests in Active Directory?

    <p>To offer autonomy and segregation</p> Signup and view all the answers

    Which type of trust is manually created and can be one-way or two-way transitive trusts?

    <p>Forest trust</p> Signup and view all the answers

    What is the role of functional levels in Active Directory?

    <p>To determine the available domain or forest capabilities</p> Signup and view all the answers

    What is the relationship between the creation of the 'FirstDomain.local' domain and the creation of a tree and a forest?

    <p>The creation of the domain also creates a tree and a forest to house the first tree</p> Signup and view all the answers

    What are Parent-Child and Tree-Root trusts automatically established as?

    <p>Two-way transitive trusts</p> Signup and view all the answers

    What is the characteristic that determines the flow and reciprocity of trust in Active Directory?

    <p>Direction</p> Signup and view all the answers

    In Active Directory, it is possible to set the domain functional level to a value lower than the forest functional level.

    <p>False</p> Signup and view all the answers

    The Schema in Microsoft Active Directory contains formal definitions of every object class and attribute that can exist in an Active Directory forest.

    <p>True</p> Signup and view all the answers

    Making changes to the Active Directory Schema is a reversible process that can be easily undone.

    <p>False</p> Signup and view all the answers

    The installation of Exchange Server is a common scenario for making Schema changes in Active Directory.

    <p>True</p> Signup and view all the answers

    The forest functional level determines the highest Windows Server version that can be used for domain controllers.

    <p>True</p> Signup and view all the answers

    A domain controller running Windows Server 2008 R2 and older should be updated to Windows Server 2012, 2012 R2, 2016, or 2019.

    <p>True</p> Signup and view all the answers

    A forest in Active Directory can be lower than the domain functional level.

    <p>False</p> Signup and view all the answers

    The Schema governs the database and all the objects in Active Directory, making it possible to add custom attributes to the Schema.

    <p>True</p> Signup and view all the answers

    The forest functional level and domain functional level have no impact on the version of Windows Server that can be used for domain controllers.

    <p>False</p> Signup and view all the answers

    The domain functional level can be set to a value higher than the forest functional level.

    <p>True</p> Signup and view all the answers

    Active Directory can have only one domain per forest

    <p>False</p> Signup and view all the answers

    The forest root domain contains the Enterprise Admins and Schema Admins groups

    <p>True</p> Signup and view all the answers

    Multiple forests offer autonomy and segregation without requiring significant overhead

    <p>False</p> Signup and view all the answers

    Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed

    <p>True</p> Signup and view all the answers

    Parent-Child and Tree-Root trusts are one-way transitive trusts

    <p>False</p> Signup and view all the answers

    Shortcut trusts allow one domain to trust another domain across different forests, bypassing other trust paths

    <p>True</p> Signup and view all the answers

    Functional levels in Active Directory only determine the available domain capabilities

    <p>False</p> Signup and view all the answers

    Forest trusts are manually created and can only be one-way transitive trusts

    <p>False</p> Signup and view all the answers

    Domain controllers running Windows Server 2008 R2 and older can no longer be used after making changes to the Active Directory Schema

    <p>False</p> Signup and view all the answers

    The creation of the 'FirstDomain.local' domain in Active Directory also creates a tree, with the first domain as its only member

    <p>True</p> Signup and view all the answers

    Active Directory Schema is a collection of trees that share the same schema.

    <p>False</p> Signup and view all the answers

    A tree in Active Directory typically contains subdomains and is a collection of domains that share a namespace.

    <p>True</p> Signup and view all the answers

    A forest in Active Directory is a collection of trees that share the same schema.

    <p>True</p> Signup and view all the answers

    When creating the first domain, a forest and a tree are also created.

    <p>True</p> Signup and view all the answers

    A domain in Active Directory is a logical group of objects that share the same database.

    <p>True</p> Signup and view all the answers

    A forest in Active Directory is essentially a 'common management zone' that all objects are part of.

    <p>False</p> Signup and view all the answers

    A tree in Active Directory is a collection of domains that share the same schema.

    <p>False</p> Signup and view all the answers

    Trusts can be manually created and can be one-way or two-way transitive trusts.

    <p>False</p> Signup and view all the answers

    The Schema in Active Directory is a logical group of objects that share the same database.

    <p>False</p> Signup and view all the answers

    A forest in Active Directory is a logical group of objects that share the same database.

    <p>False</p> Signup and view all the answers

    What are the available domain functional levels in Windows Server?

    <p>Server 2000, Server 2003, Server 2008, Server 2008R2, Server 2012, Server 2012R2, Server 2016</p> Signup and view all the answers

    Can the domain functional level be set to a value lower than the forest functional level?

    <p>No</p> Signup and view all the answers

    What is the purpose of the Microsoft Active Directory schema?

    <p>The schema contains formal definitions of every object class and attribute in an Active Directory forest.</p> Signup and view all the answers

    Is it possible to add custom attributes to the Schema in Active Directory? If so, why?

    <p>Yes, to extend an object for custom application or other reasons.</p> Signup and view all the answers

    When is the most common scenario for making Schema changes observed in Active Directory?

    <p>The most common scenario for Schema changes is with the installation of Exchange Server.</p> Signup and view all the answers

    What is the implication of making changes to the Active Directory Schema?

    <p>Schema changes are permanent and cannot be undone without significant effort.</p> Signup and view all the answers

    What is the relationship between forest functional level and domain functional level in Active Directory?

    <p>The forest functional level can be set lower than the domain functional level.</p> Signup and view all the answers

    What are the implications of domain controllers running Windows Server 2008 R2 and older?

    <p>They need to be updated to Windows Server 2012, 2012 R2, 2016, or 2019, and should be removed from the domain.</p> Signup and view all the answers

    What is the primary function of a forest in the context of Active Directory?

    <p>A forest provides a common management zone for all objects.</p> Signup and view all the answers

    What is the purpose of specifying a functionality level when setting up domains and forests in Windows Server?

    <p>To determine the available domain capabilities and features.</p> Signup and view all the answers

    What are the default transitivity and direction for Parent-Child and Tree-Root trusts in Active Directory?

    <p>They are automatically established as two-way transitive trusts.</p> Signup and view all the answers

    What is the purpose of forest trusts in Active Directory?

    <p>To allow trust relationships between different forests, which can be one-way or two-way transitive trusts.</p> Signup and view all the answers

    What is the purpose of shortcut trusts in Active Directory?

    <p>To allow one-way transitive trusts between domains in different forests, bypassing other trust paths.</p> Signup and view all the answers

    What determines whether trusts can be extended outside the two domains with which they were formed in Active Directory?

    <p>The transitivity of trusts.</p> Signup and view all the answers

    What is the role of functional levels in Active Directory?

    <p>To determine the available domain or forest capabilities and the Windows Server operating systems that can be run as domain controllers.</p> Signup and view all the answers

    What are Enterprise Admins and Schema Admins associated with in Active Directory?

    <p>They are associated with the forest root domain.</p> Signup and view all the answers

    What distinguishes forest trusts from Parent-Child and Tree-Root trusts in Active Directory?

    <p>Forest trusts are manually created and can be one-way or two-way transitive trusts, while Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts.</p> Signup and view all the answers

    What is the relationship between domains and forests in Active Directory?

    <p>Domains are part of a forest, and multiple forests offer autonomy and segregation.</p> Signup and view all the answers

    What is the purpose of trust relationships in Active Directory?

    <p>To allow domains to share information and resources, classified based on characteristics such as transitivity and direction.</p> Signup and view all the answers

    What are the characteristics used to classify trust relationships in Active Directory?

    <p>Characteristics such as transitivity and direction.</p> Signup and view all the answers

    Explain the relationship between a domain, a tree, and a forest in the context of Active Directory.

    <p>A domain is a logical group of objects that share the same database, a tree is a collection of domains that share a namespace, and a forest is a collection of trees that share the same schema.</p> Signup and view all the answers

    What is the purpose of trusts in Active Directory and how do they function?

    <p>Trusts in Active Directory allow one domain to trust another domain, enabling secure communication and resource access. They function by establishing a secure authentication and authorization path between domains.</p> Signup and view all the answers

    Describe the characteristics and functionality of a forest in Active Directory.

    <p>A forest in Active Directory is a collection of trees that share the same schema. It provides a logical grouping of objects that share the same database and allows for centralized management and security.</p> Signup and view all the answers

    What is the significance of the creation of the 'FirstDomain.local' domain in Active Directory?

    <p>The creation of the 'FirstDomain.local' domain also creates a tree, with the first domain as its only member, and a forest, as it is the first domain being created.</p> Signup and view all the answers

    Explain the impact of setting the domain functional level to a value lower than the forest functional level in Active Directory.

    <p>Setting the domain functional level to a value lower than the forest functional level can limit the use of certain domain features and capabilities, as the domain functional level cannot exceed the forest functional level.</p> Signup and view all the answers

    What is the role of the Schema in Active Directory and how does it relate to the database?

    <p>The Schema in Active Directory governs the database and all the objects, making it possible to add custom attributes to the Schema. It contains formal definitions of every object class and attribute that can exist in an Active Directory forest.</p> Signup and view all the answers

    Explain the function and characteristics of a tree in Active Directory.

    <p>A tree in Active Directory is a collection of domains that share a namespace. It typically contains subdomains and allows for hierarchical organization of domains.</p> Signup and view all the answers

    What is the relationship between forest functional level and domain functional level in Active Directory?

    <p>The forest functional level determines the highest Windows Server version that can be used for domain controllers, while the domain functional level determines the available domain capabilities.</p> Signup and view all the answers

    What are the Enterprise Admins and Schema Admins groups associated with in Active Directory?

    <p>The Enterprise Admins group is associated with the entire forest, and the Schema Admins group is associated with the Schema and forest-wide operations in Active Directory.</p> Signup and view all the answers

    What distinguishes a forest from a domain in Active Directory?

    <p>A forest is a collection of trees that share the same schema, while a domain is a logical group of objects that share the same database and are part of a tree in Active Directory.</p> Signup and view all the answers

    Active Directory is a collection of trees that share a _______

    <p>schema</p> Signup and view all the answers

    Active Directory domain is a logical group of objects that share the same ________

    <p>database</p> Signup and view all the answers

    A tree is a collection of domains that share a ________

    <p>namespace</p> Signup and view all the answers

    A forest is a collection of trees that share a ________

    <p>schema</p> Signup and view all the answers

    When creating the first domain in Active Directory, a forest and a tree are also ________

    <p>created</p> Signup and view all the answers

    A tree typically contains ________ - member domains of a main parent domain

    <p>subdomains</p> Signup and view all the answers

    The Schema in Active Directory contains formal definitions of every object class and attribute that can exist in an Active Directory ________

    <p>forest</p> Signup and view all the answers

    Enterprise Admins and Schema Admins are associated with ________ in Active Directory

    <p>roles</p> Signup and view all the answers

    Shortcut trusts allow one domain to trust another domain across different forests, bypassing other trust ________

    <p>paths</p> Signup and view all the answers

    The forest functional level determines the highest Windows Server version that can be used for ________

    <p>domain controllers</p> Signup and view all the answers

    Active Directory ______ are a way for domains to share information and resources, classified based on characteristics such as transitivity and direction. Transitivity of ______ determines whether they can be extended outside the two domains with which they were formed, while direction determines the flow and reciprocity of trust. Parent-Child and Tree-Root ______ are automatically established and are two-way transitive ______, while forest ______ are manually created and can be one-way or two-way transitive ______. Shortcut ______ are manually created one-way transitive ______ that directly allow one domain to trust another domain across different forests, bypassing other trust paths.

    <p>trusts</p> Signup and view all the answers

    Functional levels in Active Directory determine the available domain or forest capabilities and the Windows Server operating systems that can be run as domain controllers.

    <p>functional levels</p> Signup and view all the answers

    The creation of the 'FirstDomain.local' domain in Active Directory also creates a ______, with the first domain as its only member, and a forest to house the first ______.

    <p>tree</p> Signup and view all the answers

    The forest root domain, which contains the ______, remains the forest root domain throughout the Active Directory Domain Services (AD DS) deployment.

    <p>Enterprise Admins and Schema Admins groups</p> Signup and view all the answers

    Multiple forests offer ______ and segregation, but require significant overhead and can be complex, with trust relationships allowing limited access to resources.

    <p>autonomy</p> Signup and view all the answers

    Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed, while direction determines the flow and reciprocity of trust. Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts, while forest trusts are manually created and can be one-way or two-way transitive trusts. Shortcut trusts are manually created one-way transitive trusts that directly allow one domain to trust another domain across different forests, bypassing other trust paths.

    <p>transitivity</p> Signup and view all the answers

    The ______, which contains the Enterprise Admins and Schema Admins groups, remains the ______ throughout the Active Directory Domain Services (AD DS) deployment.

    <p>forest root domain</p> Signup and view all the answers

    Multiple forests offer autonomy and ______, but require significant overhead and can be complex, with trust relationships allowing limited access to resources.

    <p>segregation</p> Signup and view all the answers

    Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed, while ______ determines the flow and reciprocity of trust. Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts, while forest trusts are manually created and can be one-way or two-way transitive trusts. Shortcut trusts are manually created one-way transitive trusts that directly allow one domain to trust another domain across different forests, bypassing other trust paths.

    <p>direction</p> Signup and view all the answers

    Every object in Active Directory is created with a certain ______. A ______ contains all the required attributes of the object. For example, a User object contains ______ is the login name of a user. This attribute is defined in the Schema.

    <p>blueprint</p> Signup and view all the answers

    As Active Directory is essentially a database, and the Schema governs the Database and all the objects (and structures) – it is entirely possible to add custom attributes to the Schema. This is done to “extend” an object, ether for custom application, or other reasons. For better or worse, Schema changes are ______, and can’t be undone without significant effort (reverting to a backup, having to shut down all your servers in the process)

    <p>permanent</p> Signup and view all the answers

    The most frequently observed case for Schema changes is with the installation of Exchange Server (main server). The Exchange Server installation modifies the Schema to add a number of attributes that are ______.

    <p>mail-specific</p> Signup and view all the answers

    When you deploy a new forest, you are prompted to set the forest functional level and then set the domain functional level. You can set the domain functional level to a value that is higher than the forest functional level, but you cannot set the domain functional level to a value that is lower than the forest ______.

    <p>functional level</p> Signup and view all the answers

    When setting up domains and forests, you have the option of specifying a functionality level. The Functionality Levels are: Server 2000 Server 2003 Server 2008 Server 2008R2 Server 2012 Server 2012R2 Server 2016 There have been no new forest or domain functional levels added since Windows Server ______.

    <p>2016</p> Signup and view all the answers

    The Microsoft Active Directory schema contains formal definitions of every object class (i.e. User, Computer) that can be created in an Active Directory forest. The schema also contains formal definitions of every attribute (First Name, Last Name, etc) that can exist in an Active Directory ______.

    <p>object</p> Signup and view all the answers

    The Schema in Active Directory is a logical group of objects that share the same ______.

    <p>database</p> Signup and view all the answers

    The installation of Exchange Server is a common scenario for making Schema changes in Active ______.

    <p>Directory</p> Signup and view all the answers

    Your lab this week will have you go over domains and ______. At the end of this class, you will have time to watch some required preparation to get you familiar with Domains and Trusts. End of Lecture, Questions.

    <p>trusts</p> Signup and view all the answers

    With the end of life of Windows Server 2003, 2008, and 2008 R2, these domain controllers (DCs) need to be updated to Windows Server 2012, 2012 R2, 2016, or 2019. As a result, any domain controller that runs Windows Server 2008 R2 and older should be removed from the ______.

    <p>domain</p> Signup and view all the answers

    Study Notes

    Active Directory Domains, Trees, Forests, and Trusts Overview

    • The creation of the "FirstDomain.local" domain in Active Directory also creates a tree, with the first domain as its only member, and a forest to house the first tree.
    • The forest root domain, which contains the Enterprise Admins and Schema Admins groups, remains the forest root domain throughout the Active Directory Domain Services (AD DS) deployment.
    • Multiple forests offer autonomy and segregation, but require significant overhead and can be complex, with trust relationships allowing limited access to resources.
    • Trusts are a way for domains to share information and resources, classified based on characteristics such as transitivity and direction.
    • Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed, while direction determines the flow and reciprocity of trust.
    • Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts, while forest trusts are manually created and can be one-way or two-way transitive trusts.
    • Shortcut trusts are manually created one-way transitive trusts that directly allow one domain to trust another domain across different forests, bypassing other trust paths.
    • Functional levels in Active Directory determine the available domain or forest capabilities and the Windows Server operating systems that can be run as domain controllers.

    Active Directory Domains, Trees, Forests, and Trusts Overview

    • The creation of the "FirstDomain.local" domain in Active Directory also creates a tree, with the first domain as its only member, and a forest to house the first tree.
    • The forest root domain, which contains the Enterprise Admins and Schema Admins groups, remains the forest root domain throughout the Active Directory Domain Services (AD DS) deployment.
    • Multiple forests offer autonomy and segregation, but require significant overhead and can be complex, with trust relationships allowing limited access to resources.
    • Trusts are a way for domains to share information and resources, classified based on characteristics such as transitivity and direction.
    • Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed, while direction determines the flow and reciprocity of trust.
    • Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts, while forest trusts are manually created and can be one-way or two-way transitive trusts.
    • Shortcut trusts are manually created one-way transitive trusts that directly allow one domain to trust another domain across different forests, bypassing other trust paths.
    • Functional levels in Active Directory determine the available domain or forest capabilities and the Windows Server operating systems that can be run as domain controllers.

    Active Directory Domains, Trees, Forests, and Trusts Overview

    • The creation of the "FirstDomain.local" domain in Active Directory also creates a tree, with the first domain as its only member, and a forest to house the first tree.
    • The forest root domain, which contains the Enterprise Admins and Schema Admins groups, remains the forest root domain throughout the Active Directory Domain Services (AD DS) deployment.
    • Multiple forests offer autonomy and segregation, but require significant overhead and can be complex, with trust relationships allowing limited access to resources.
    • Trusts are a way for domains to share information and resources, classified based on characteristics such as transitivity and direction.
    • Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed, while direction determines the flow and reciprocity of trust.
    • Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts, while forest trusts are manually created and can be one-way or two-way transitive trusts.
    • Shortcut trusts are manually created one-way transitive trusts that directly allow one domain to trust another domain across different forests, bypassing other trust paths.
    • Functional levels in Active Directory determine the available domain or forest capabilities and the Windows Server operating systems that can be run as domain controllers.

    Active Directory Domains, Trees, Forests, and Trusts Overview

    • The creation of the "FirstDomain.local" domain in Active Directory also creates a tree, with the first domain as its only member, and a forest to house the first tree.
    • The forest root domain, which contains the Enterprise Admins and Schema Admins groups, remains the forest root domain throughout the Active Directory Domain Services (AD DS) deployment.
    • Multiple forests offer autonomy and segregation, but require significant overhead and can be complex, with trust relationships allowing limited access to resources.
    • Trusts are a way for domains to share information and resources, classified based on characteristics such as transitivity and direction.
    • Transitivity of trusts determines whether they can be extended outside the two domains with which they were formed, while direction determines the flow and reciprocity of trust.
    • Parent-Child and Tree-Root trusts are automatically established and are two-way transitive trusts, while forest trusts are manually created and can be one-way or two-way transitive trusts.
    • Shortcut trusts are manually created one-way transitive trusts that directly allow one domain to trust another domain across different forests, bypassing other trust paths.
    • Functional levels in Active Directory determine the available domain or forest capabilities and the Windows Server operating systems that can be run as domain controllers.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    Test your knowledge of Active Directory domains, trees, forests, and trusts with this overview quiz. Explore the creation and structure of domains, trees, and forests, as well as the complexities of trust relationships and the impact of functional levels on domain and forest capabilities.

    Use Quizgecko on...
    Browser
    Browser