Formative_Evaluaution_1_Answers (3).docx

Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...

Full Transcript

**[Formative Evaluaution]** - Introduction to Active Directory Directory Services - Installing Domain Controllers ***Multiple Choice*** 1\. What is the process of granting the user access only to the resources he or she is permitted to use? a\. Authentication b\. Authorization c\. Importi...

**[Formative Evaluaution]** - Introduction to Active Directory Directory Services - Installing Domain Controllers ***Multiple Choice*** 1\. What is the process of granting the user access only to the resources he or she is permitted to use? a\. Authentication b\. Authorization c\. Importing a user object to Active Directory d\. Registering the SRV record 2\. What are the two basic classes of Active Directory objects? a\. Container and leaf objects b\. Domain and user objects c\. Security and distribution d\. Active and passive 3\. What defines what objects exist as well as what attributes are associated with any object in the Active Directory? a\. Active Directory administrator b\. Active Directory global directory c\. Active Directory root user d\. Active Directory schema 4\. What is the next level of Active Directory container object within a domain? a\. Organizational unit b\. Group c\. Subdomain d\. Forest 5\. Active Directory keeps a naming convention for the domain that mirrors \_\_\_\_\_\_. a\. DHCP b\. WINS c\. DNS d\. files and folders 6\. What allows administrators to grant users in one domain access to resources of another domain within the same domain tree? a\. Bidirectional trust relationship between domains b\. Permission inheritance between domains c\. Permission inheritance between OUs d\. User objects in each domain 7\. If an administrator creates a domain tree in an Active Directory forest, and then creates a separate and different domain tree, what is the relationship between the two domain trees? a\. Completely different security entities, creating two Active Directory forests b\. Different security entities, within one Active Directory forest c\. Same security entity as one Active Directory forest, bidirectional trust between domain trees d\. No trust between domain trees in an Active Directory forest 8\. What determines the functional level of an Active Directory forest? a\. How many domains are in the forest b\. How many domain controllers are in each domain c\. The functional level as specified in the Active Directory Users and Computers console d\. The lowest version of Windows Server on a domain controller 9\. What is the global catalog? a\. The schema that lists what objects and attributes exist in the AD DS forest b\. An index of all AD DS objects in a forest c\. A list of all domain controllers currently available d\. A matrix of all domains, sites, and domain controllers 10\. What is the PowerShell cmdlet for installing a domain controller to the domain \"adatum.com\"? a\. Install-AddsForest --DomainName "adatum.com" b\. Install-AddsDomainController --DomainName "adatum.com" c\. Install-AddsDomain --DomainName "adatum.com" d\. Install-WindowsFeature --DomainName "adatum.com" 11\. What is an important difference between groups and OUs? a\. An OU can represent the various divisions of your organization. b\. Group membership can be a subset of an OU. c\. OUs are a security entity. d\. Group memberships are independent of the domain's tree structure. 12\. What special DNS resource record enables clients to locate domain controllers and other vital AD DS services? a\. AAAA b\. MX c\. SRV d\. NS 13\. For Server Core installations, how does Windows Server 2012 R2 differ from Windows Server 2008 when installing the AD DS role and promoting the system to a domain controller? a\. Windows Server 2012 R2 now allows administrators to use Dcpromo.exe. b\. Windows Server 2012 R2 now allows administrators to use PowerShell. c\. Windows Server 2012 R2 permits administrators to use answer files for unattended DC installations. d\. Windows Server 2012 R2 recommends administrators use Install from Media. 14\. What is the method for removing a domain controller in Windows Server 2012 R2? a\. Using the Dcpromo.exe command b\. Using the Add Roles and Features Wizard c\. Using the Adprep.exe command d\. Using the Remove Roles and Features Wizard 16\. Which of the following features allows you to install AD DS on a virtual machine that is located in the cloud? a\. Windows Intune b\. Windows Azure c\. Office 365 d\. PCI DSS ***Short Answer*** 1\. What does LDAP stand for? Lightweight Directory Access Protocol (LDAP) LDAP defines the format of the queries that Active Directory clients send to domain controllers, as well as provides a compound naming structure for uniquely identifying objects in the directory 2\. What is the process by which domain controllers communicate by sending database information to each other to stay synchronized? Replication When a domain has two or more domain controllers, each controller must have a database that is identical to those of the others. To stay synchronized, the domain controllers communicate by sending database information to each other, which is a process called replication 3\. What type of Active Directory replication minimizes problems in database management over slow WAN links? Multiple-master replication Explanation: Single-master replication can make managing the database difficult, especially if administrators are located in remote offices and must work over a slow wide-area network (WAN) link. To avoid this problem, Active Directory uses multiple-master replication, in which you can make changes to domain objects on any domain controller, which replicates those changes to all the other domain controllers. 4\. What is the command-line tool and syntax for determining whether a domain controller has been registered in DNS? dcdiag /test:registerindns /dnsdomain:\ /v Explanation: If the DNS registration process fails, computers on the network cannot locate that domain controller, the consequences of which can be serious. To confirm that a domain controller has been registered in the DNS, open a command-prompt window with administrative privileges and enter the dcdiag /test:registerindns /dnsdomain:\ /v command. 5\. What is the PowerShell cmdlet and syntax for demoting a domain controller? Uninstall-ADDSDomainController --ForceRemoval --LocalAdministratorPassword \ --Force To demote a domain controller with Windows PowerShell, use the Uninstall-ADDSDomainController cmdlet. ***Best Answer*** 1\. What administrative division in Active Directory is defined as a collection of subnets that have good connectivity between them to facilitate the replication process? a\. Forests b\. Locations c\. Domains d\. Sites 2\. What is the primary reason for creating different sites on an Active Directory network? a\. To create geographical divisions within the Active Directory b\. To control the traffic passing over relatively slow and expensive WAN links between locations c\. To provide an access control layer between sites d\. To provide a boundary when applying Group Policy settings 3\. When is an Active Directory site topology created? a\. Site topology is started upon initial installation of the Active Directory. b\. Site topology starts when you finalize the links and subnets configuration. c\. Creation of sites and its topology is dependent on link costs. d\. Site topology is manually configured dependent on WAN bandwidth and transmission speed. 4\. What is the simplest way for administrators to upgrade their AD DS infrastructure to Windows Server 2012 R2? a\. Upgrade all existing down-level domain controllers (DCs) to Windows Server 2012 R2. b\. In Server Manager, use the Active Directory Domain Services Configuration Wizard to update a DC. c\. Add a new Windows Server 2012 R2 DC to your existing Directory Services installation. d\. Use Adprep.exe, included in the operating system. ***Build List*** 1\. Order the steps to add a domain controller to an existing domain. a\. On the Installation progress page that appears at the end of the Active Directory Domain Services role installation procedure, click the *Promote this server to a domain controller* hyperlink. The Active Directory Domain Services Configuration Wizard appears. b\. Select an existing domain controller to function as a Replication source. c\. After authenticating if necessary, specify the domain from the forest to which the new server will be added. Select any options as needed: Install DNS, Leave a Global Catalog, and Select Read only domain controller. d\. Select the *Add a domain controller to an existing domain* option, and then click *Select*. e\. Select a site where the domain controller will be located. f\. Specify the password for Directory Services Restore Mode (DSRM). a, d, c, e, f, b 2\. Order the steps to create a new forest. a\. Select the *Add a new forest* option and in the *Root domain name* text box, type the name of the domain you want to create. b\. Consider the earliest Windows versions you plan to install as domain controllers to specify the Forest and Domain functional levels. c\. On the *Installation progress* page that appears at the end of the AD DS role installation procedure, click the *Promote this server to a domain controller* hyperlink. The Active Directory Domain Services Configuration Wizard appears. d\. Specify the password for Directory Services Restore Mode (DSRM). e\. Confirm the NetBIOS equivalent of the domain and paths for AD DS file where applicable. c, a, b, d, e 3\. Order the steps to install the AD DS role. a\. Confirm installation if not selecting from optional functions. b\. Select the server that you want to promote to a domain controller and click *Next*. Select the *Active Directory Domain Services* role. c\. Leave the Role-based or feature-based installation radio button selected and click *Next*. d\. Click *Add Features to accept the dependencies*, and then click *Next*. e\. From the Server Manager's Manage menu, select *Add Roles and Features*. e, c, b, d, a 4\. Order the steps to remove a replica domain controller. a\. Click the *Demote this domain controller* hyperlink. Select the *Force the removal of this domain controller* check box and click *Next*. b\. From the Server Manager's Manage menu, select *Remove Roles and Features*. c\. Clear the *Active Directory Domain Services* check box. d\. Select the server that you want to demote from a domain controller. e\. Clear the AD DS check box. Click *Remove Features*, and then click *Next*. Click *Remove*. Close the wizard and restart. f\. In the Password and Confirm Password text boxes, type the password you want the server to use for the local Administrator account after the demotion. b, d, c, a, f, e ***Repeated Answer*** 1\. An Active Directory \_\_\_\_\_ consists of one or more separate domain trees. a\. organizational unit b\. group c\. domain d\. forest 2\. What is the fundamental component of the Active Directory architecture, functioning as the boundary for virtually all directory functions, including administration, access control, database management, and replication? a\. Organizational unit b\. Group c\. Domain d\. Forest 3\. What is a container object that functions in a subordinate capacity to a domain, and still inherits policies and permissions from its parent objects? a\. Organizational unit b\. Group c\. Domain d\. Forest 4\. What is not a container, nor full-fledged security division and cannot have Group Policy settings applied directly to them? a\. Organizational unit b\. Group c\. Domain d\. Forest

Use Quizgecko on...
Browser
Browser