Test On Windows Server 2008 Active Directory! Trivia Question Quiz
Are you looking to test your understanding on Windows Server 2008 Active Directory? If so, this trivia quiz is perfect for gauging how knowledgeable you are about the whole operating system. Why don’t you give it a shot and get to see if you can learn some more? Remember to check out other quizzes like it to learn some more.
- 1.
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a writable domain controller named DC1 and a read-only domain controller (RODC) named DC2. All domain controllers run Windows Server 2008 R2. You need to install a new writable domain controller named DC3 in a remote site. The solution must minimize the amount of replication traffic that occurs during the installation of Active Directory Domain Services (AD DS) on DC3. What should you do first?
- A.
Run dcpromo.exe /createdcaccount on DC3.
- B.
Run ntdsutil.exe on DC2.
- C.
Run dcpromo.exe /adv on DC3.
- D.
Run ntdsutil.exe on DC1.
Correct Answer
C. Run dcpromo.exe /adv on DC3.Explanation
Running "dcpromo.exe /adv" on DC3 will allow us to install AD DS on DC3 using the advanced mode. This mode allows us to specify additional options during the installation process, including the ability to specify the replication source. By specifying DC1 as the replication source, we can minimize the replication traffic by only replicating the changes from DC1 to DC3, instead of replicating all the data from DC2 to DC3.Rate this question:
-
- 2.
Your network contains an Active Directory forest. The forest contains 10 domains. All domain controllers are configured as global catalog servers. You remove the global catalog role from a domain controller named DC5. You need to reclaim the hard disk space used by the global catalog on DC5. What should you do?
- A.
From Active Directory Sites and Services, run the Knowledge Consistency Checker (KCC).
- B.
From Active Directory Sites and Services, modify the general properties of DC5.
- C.
From Ntdsutil, use the Semantic database analysis option.
- D.
From Ntdsutil, use the Files option.
Correct Answer
D. From Ntdsutil, use the Files option.Explanation
By using the "Files" option in Ntdsutil, you can reclaim the hard disk space used by the global catalog on DC5. Ntdsutil is a command-line tool that allows you to manage Active Directory databases and related components. The "Files" option in Ntdsutil provides various options for managing the files associated with Active Directory, including the ability to remove or move the global catalog files. Therefore, selecting this option will allow you to reclaim the hard disk space used by the global catalog on DC5.Rate this question:
-
- 3.
A corporate network includes an Active Directory-integrated zone. All DNS servers that host the zone are domain controllers. You add multiple DNS records to the zone. You need to ensure that the new records are available on all DNS servers as soon as possible. Which tool should you use?
- A.
Ldp
- B.
Repadmin
- C.
Ntdsutil
- D.
Nslookup
- E.
Active Directory Sites And Services console
- F.
Active Directory Domains And Trusts console
- G.
Dnslint
- H.
Dnscmd
Correct Answer
H. DnscmdExplanation
Dnscmd should be used to ensure that the new DNS records are available on all DNS servers as soon as possible. Dnscmd is a command-line tool that allows administrators to manage and troubleshoot DNS servers. It can be used to add, delete, or modify DNS records on a DNS server, as well as to force DNS replication to ensure that changes are propagated to all DNS servers in the network. By using Dnscmd, the administrator can ensure that the new records are quickly available on all DNS servers in the corporate network.Rate this question:
-
- 4.
You have a DNS zone that is stored in a custom application partition. You need to add a domain controller to the replication scope of the custom application partition. Which tool should you use?
- A.
DNScmd
- B.
DNS Manager
- C.
Server Manager
- D.
Dsmod
Correct Answer
A. DNScmdExplanation
To add a domain controller to the replication scope of a custom application partition, the tool that should be used is DNScmd. DNScmd is a command-line tool that allows administrators to manage and configure DNS servers. It provides various options and commands to perform tasks related to DNS management, including adding domain controllers to replication scopes. DNS Manager is a graphical tool for managing DNS servers, but it does not have the specific functionality to modify replication scopes. Server Manager is used for managing server roles and features, and Dsmod is a command-line tool used for modifying Active Directory objects, not DNS replication scopes.Rate this question:
-
- 5.
Your network contains a server named Server1 that runs Windows Server 2008 R2 Standard. Server1 has the Active Directory Certificate Services (AD CS) role installed. You configure a certificate template named Template1 for autoenrollment. You discover that certificates are not being issued to any client computers. The event logs on the client computers do not contain any autoenrollment errors. You need to ensure that all of the client computers automatically receive certificates based on Template1. What should you do?
- A.
Modify the Default Domain Policy Group Policy object (GPO).
- B.
Modify the Default Domain Controllers Policy Group Policy object (GPO).
- C.
Upgrade Server1 to Windows Server 2008 R2 Enterprise.
- D.
Restart Certificate Services on Server1.
Correct Answer
A. Modify the Default Domain Policy Group Policy object (GPO).Explanation
By modifying the Default Domain Policy Group Policy object (GPO), you can configure the autoenrollment settings for client computers. This GPO is applied to all computers in the domain by default, so modifying it will ensure that all client computers automatically receive certificates based on Template1. Modifying the Default Domain Controllers Policy GPO or upgrading Server1 to Windows Server 2008 R2 Enterprise will not address the issue. Restarting Certificate Services on Server1 may not resolve the problem as there are no autoenrollment errors in the event logs on the client computers.Rate this question:
-
- 6.
Your network contains a server that has the Active Directory Lightweight Directory Services (AD LDS) role installed. You need to perform an automated installation of an AD LDS instance. Which tool should you use?
- A.
Dism.exe
- B.
Servermanagercmd.exe
- C.
Adaminstall.exe
- D.
Ocsetup.exe
Correct Answer
C. Adaminstall.exeExplanation
Adaminstall.exe is the correct tool to use for performing an automated installation of an AD LDS instance. AD LDS (Active Directory Lightweight Directory Services) is a Windows Server feature that provides directory services for applications. Adaminstall.exe is a command-line tool that is used to install AD LDS instances. It allows for the automated installation and configuration of AD LDS, making it the appropriate tool for this task.Rate this question:
-
- 7.
Your network contains an Active Directory domain named contoso.com. A partner company has an Active Directory domain named nwtraders.com. The networks for contoso.com and nwtraders.com connect to each other by using a WAN link. You need to ensure that users in contoso.com can access resources in nwtraders.com and resources on the Internet. What should you do first?
- A.
Modify the Trusted Root Certification Authorities store.
- B.
Modify the Intermediate Certification Authorities store.
- C.
Create conditional forwarders.
- D.
Add a root hint to the DNS server.
Correct Answer
C. Create conditional forwarders.Explanation
Creating conditional forwarders is the first step to ensure that users in contoso.com can access resources in nwtraders.com and resources on the Internet. Conditional forwarders allow the DNS server in contoso.com to forward queries for specific domains to the DNS server in nwtraders.com, allowing users to access resources in that domain. This is necessary because the two domains are connected by a WAN link, and without conditional forwarders, the DNS server in contoso.com would not know how to resolve queries for resources in nwtraders.com or on the Internet. Modifying the Trusted Root Certification Authorities or Intermediate Certification Authorities stores, or adding a root hint to the DNS server, are not relevant to the task of enabling access to resources in nwtraders.com and the Internet.Rate this question:
-
- 8.
Your network contains an Active Directory forest. The forest contains multiple domains. You need to ensure that users in the human resources department can search for employees by using the employee number attribute. What should you do?
- A.
From Active Directory Sites and Services, modify the properties of each global catalog server.
- B.
From the Active Directory Schema snap-in, modify the properties of the user object class.
- C.
From Active Directory Sites and Services, modify the NTDS Settings objectof each global catalog server.
- D.
From the Active Directory Schema snap-in, modify the properties of the employeeNumber attribute.
Correct Answer
D. From the Active Directory Schema snap-in, modify the properties of the employeeNumber attribute.Explanation
To ensure that users in the human resources department can search for employees by using the employee number attribute, you need to modify the properties of the employeeNumber attribute in the Active Directory Schema snap-in. This will allow the attribute to be searchable and accessible for the users in the human resources department. Modifying the properties of the global catalog server or the user object class in Active Directory Sites and Services will not directly enable the search functionality for the employee number attribute.Rate this question:
-
- 9.
Your network contains a single Active Directory domain. The domain contains an enterprise certification authority (CA). You need to ensure that the encryption keys for e-mail certificates can be recovered from the CA database. You modify the e-mail certificate template to support key archival. What should you do next?
- A.
Issue the key recovery agent certificate template.
- B.
Run certutil.exe -recoverkey.
- C.
Run certreq.exe-policy.
- D.
Modify the location of the Authority Information Access (AIA) distribution point.
Correct Answer
A. Issue the key recovery agent certificate template.Explanation
In order to ensure that the encryption keys for e-mail certificates can be recovered from the CA database, you need to issue the key recovery agent certificate template. This template will allow designated individuals or entities to recover the encryption keys when needed. This step is necessary before running any other commands or modifying any other settings related to key recovery.Rate this question:
-
- 10.
Your network contains an Active Directory-integrated DNS zone named contoso.com. You discover that the zone includes DNS records for computers that were removed from the network. You need to ensure that the DNS records are deleted automatically from the zone. What should you do?
- A.
From DNS Manager, set the aging properties.
- B.
Create a scheduled task that runs dnslint.exe /v /d contoso.com.
- C.
From DNS Manager, modify the refresh interval of the start of authority (SOA) record.
- D.
Create a scheduled task that runs ipconfig.exe /flushdns.
Correct Answer
A. From DNS Manager, set the aging properties.Explanation
To automatically delete DNS records for computers that have been removed from the network, you should set the aging properties in DNS Manager. By configuring the aging properties, you can specify a time period after which DNS records will be considered stale and automatically deleted from the zone. This ensures that the DNS zone remains up to date and only contains active and valid records.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Mar 22, 2023Quiz Edited by
ProProfs Editorial Team -
Jun 01, 2012Quiz Created by
Huf_34
Back to top