1.
A(n) _________ object is one that can have other objects subordinate to it.
Explanation
A container object is one that can have other objects subordinate to it. This means that a container object is capable of holding or containing other objects within it. It provides a structure or framework for organizing and managing the subordinate objects. The container object acts as a parent or higher-level entity, while the subordinate objects are the child or lower-level entities. This relationship allows for hierarchical organization and control over the objects within the container.
2.
Every object consists of _________ that store information about the object.
Explanation
Objects in programming languages are composed of attributes that store information about the object. These attributes can be variables or properties that hold data specific to the object. They define the characteristics or state of the object and can be accessed or modified as needed. By using attributes, objects can have different values or behaviors, making them unique instances of a class or type.
3.
__________Policy is one of the most powerful administrative features of Active Directory.
Explanation
In Active Directory, a group is a collection of user accounts, computer accounts, and other groups. Group Policy is a feature that allows administrators to manage and control the settings of user accounts and computer accounts within a group. It enables administrators to enforce security policies, deploy software, and configure various settings for multiple users or computers simultaneously. Group Policy is considered one of the most powerful administrative features of Active Directory because it provides centralized management and control over a network's resources.
4.
The primary difference between global and universal groups is that universal groups add more data to the global catalog, thereby increasing the amount of _______traffic between sites.
Explanation
Universal groups in Active Directory add more data to the global catalog, which in turn increases the amount of replication traffic between different sites. Replication is the process by which changes made to one domain controller are propagated to other domain controllers in the network. Universal groups are designed to contain users, groups, and computers from multiple domains within a forest, allowing for more efficient management of resources across the network. Therefore, the correct answer is replication as it accurately describes the increased traffic caused by universal groups.
5.
When beginning a new Active Directory installation, the first step is to create a new __________.
Explanation
When starting a new Active Directory installation, the first step is to create a new forest. A forest is a collection of one or more domain trees that share a common schema, configuration, and global catalog. It represents the highest level of organization in an Active Directory structure and is used to define the security and administrative boundaries within a network. By creating a new forest, administrators can establish a new directory infrastructure and define the scope of the Active Directory deployment.
6.
Every Active Directory domain should have a minimum of _____ domain controllers.
Explanation
Every Active Directory domain should have a minimum of two domain controllers. This is because having multiple domain controllers provides redundancy and fault tolerance. If one domain controller fails, the other one can still handle authentication requests and other domain services. Additionally, having multiple domain controllers allows for better load balancing and improved performance. Therefore, it is recommended to have at least two domain controllers in an Active Directory domain.
7.
To stay synchronized, domain controllers communicate by sending database information to each other, which is a process called___________.
Explanation
Domain controllers stay synchronized by sending database information to each other, a process known as replication. This ensures that all domain controllers have up-to-date information and can provide consistent services to users. Replication helps maintain the integrity and consistency of the Active Directory database across all domain controllers in a domain or forest. It allows for changes made on one domain controller to be replicated and propagated to other domain controllers, ensuring that all domain controllers have the same information.
8.
The overall objective in your Active Directory design process should be to create as few ___________
as possible
Explanation
The overall objective in your Active Directory design process should be to create as few domains as possible. This is because having fewer domains simplifies the management and administration of the Active Directory environment. It reduces the complexity and potential points of failure, improves performance, and enhances security. By minimizing the number of domains, you can streamline the deployment and maintenance processes, resulting in a more efficient and robust Active Directory infrastructure.
9.
If you plan to create domains corresponding to remote sites or organizational divisions, the most common practice is to make them all ____________in the same tree, with a single root domain at the top.
Explanation
When creating domains for remote sites or organizational divisions, the most common practice is to make them all subdomains in the same tree, with a single root domain at the top. This means that each remote site or division will have its own subdomain within the larger domain structure. This allows for easier management and organization of the domains, as well as better control and administration of resources within each subdomain.
10.
Each domain in an Active Directory installation is a separate __________ entity.
Explanation
Each domain in an Active Directory installation is a separate administrative entity. This means that each domain has its own set of administrative controls, policies, and permissions that can be managed independently. Administrators can define and enforce different administrative rules and access levels for each domain, allowing for efficient management and control of resources within the Active Directory environment.
11.
_________folders makes them accessible to network users.
Explanation
Sharing folders makes them accessible to network users. Network users can access and view the contents of the shared folders, allowing for easy collaboration and file sharing among multiple users. This feature is especially useful in a work or educational setting where multiple individuals need access to the same files and documents. By sharing folders, users can conveniently share and retrieve information, enhancing productivity and efficiency within a network environment.
12.
_____ permissions control access to the files and folders stored on disk volumes formatted with the NTFS file system.
Explanation
NTFS permissions are used to control access to files and folders stored on disk volumes formatted with the NTFS file system. NTFS permissions allow administrators to set permissions for individual users or groups, determining who can read, write, modify, or delete files and folders. These permissions provide a more granular level of control and security compared to other file systems.
13.
An access __ __ list is a collection of individual permissions in the form of access control entries.
Explanation
An access control list is a collection of individual permissions in the form of access control entries. These entries determine what actions or operations a user or group can perform on a particular resource. By organizing permissions into a list, it becomes easier to manage and enforce access control policies for various users or groups. The access control list allows administrators to specify who can access a resource, what actions they can perform, and under what conditions. It provides a flexible and granular approach to controlling access to resources within a system or network.
14.
When you assign a __ _ permission to a system element, it overrides any Allow permissions that the element might have inherited from its parent objects
Explanation
When you assign a "Deny" permission to a system element, it means that any Allow permissions that the element might have inherited from its parent objects will be overridden. This means that even if there are Allow permissions set at a higher level, the Deny permission will take precedence and deny access to the system element.
15.
Folder _______ asks users to click what appears to be a local folder, such as Documents, and access their files that are actually stored on a server.
Explanation
The term "redirection" accurately describes the process described in the question. It refers to the action of redirecting or sending users to a different location or server. In this case, users are led to believe that they are accessing files stored in a local folder, such as Documents, but in reality, the files are stored on a server. This can be done through various techniques, such as network mapping or symbolic links, where the local folder is linked to the server location.
16.
You can use the Net.exe command-line utility with the _____ parameter to map drive letters to folders.
Explanation
The correct answer is "use". The Net.exe command-line utility can be used with the "use" parameter to map drive letters to folders. This allows users to access specific folders on a network drive by assigning a drive letter to them.
17.
What type of devices are essentially dedicated file servers that provide file-based storage services directly to clients on the network?
Explanation
Network attached storage (NAS) devices are essentially dedicated file servers that provide file-based storage services directly to clients on the network. These devices are designed to provide a centralized storage solution for multiple users, allowing them to access and share files over the network. NAS devices are typically connected to the network and can be accessed by clients using various protocols such as NFS (Network File System) or SMB (Server Message Block). They offer features like data redundancy, data backup, and remote access, making them ideal for small businesses or home networks that require efficient and reliable file storage and sharing capabilities.
18.
What is the name of the Microsoft Management Console (MMC) snap-in that you use to perform disk-related tasks?
Explanation
Disk Management is the correct answer because it is the name of the Microsoft Management Console (MMC) snap-in that is used to perform disk-related tasks. This tool allows users to manage and configure disk drives, partitions, and volumes on a Windows operating system. With Disk Management, users can create, delete, format, and resize partitions, assign drive letters, and perform other disk-related tasks such as initializing new disks and converting disks between different formats. It is a crucial tool for managing and organizing storage resources on a computer system.
19.
What type of permissions control access to specific parts of an Active Directory hierarchy?
20.
Drives can be mapped through Group Policy or though what other method?
Explanation
Drives can be mapped through Group Policy or logon scripts. Logon scripts are a method used to automate the mapping of network drives for users when they log in to a computer or network. These scripts can be configured to run during the logon process and execute commands that map specific drives to network locations. This allows users to easily access shared folders and resources on the network without manually mapping each drive individually.
21.
You can drag and drop leaf objects, such as users and computers, between OUs, but not between domains.
Correct Answer
A. True
Explanation
The statement is true because in Active Directory, Organizational Units (OUs) are used to organize and manage objects within a domain. Objects such as users and computers can be moved or "dragged and dropped" between different OUs within the same domain. However, objects cannot be moved directly between different domains as domains represent separate directory services with their own security boundaries. To move objects between domains, a process called "cross-domain migration" or a trust relationship between the domains needs to be established.
22.
Unlike organizational units, you cannot assign Group Policy settings to computer objects, nor can you delegate their administration.
Correct Answer
A. True
Explanation
Group Policy settings are used to manage and configure the operating system and user settings of computers in an organization. However, these settings cannot be directly assigned to computer objects themselves. Instead, Group Policy settings are applied to organizational units (OU) which contain computer objects. This means that you cannot specifically target and assign Group Policy settings to individual computer objects. Additionally, the administration of Group Policy settings cannot be delegated to computer objects, as they are managed at the OU level. Therefore, the statement that you cannot assign Group Policy settings to computer objects and cannot delegate their administration is true.
23.
When you want to grant a collection of users permission to access a network resource, such as a file system share or a printer, you can assign permissions to an organizational unit.
Correct Answer
B. False
Explanation
You cannot assign permissions directly to an organizational unit. Organizational units are containers used for organizing and managing Active Directory objects, such as users, groups, and computers. Permissions are assigned to individual users or groups, not organizational units.
24.
Active Directory is one of the easiest technologies to test because an isolated lab environment usually can emulate many of the factors that can affect the performance of a directory service.
Correct Answer
B. False
Explanation
The explanation for the given correct answer is that Active Directory is not one of the easiest technologies to test because it requires a complex and realistic environment to accurately simulate the factors that can impact its performance. An isolated lab environment may not be able to fully replicate all the variables and conditions that can affect a directory service like Active Directory. Therefore, testing Active Directory can be challenging and may require more resources and expertise.
25.
When you want to grant a collection of users permission to access a network resource, such as a file system share or a printer, you can assign permissions to an organizational unit.
Correct Answer
B. False
Explanation
Assigning permissions to an organizational unit does not grant access to network resources for a collection of users. Organizational units are used for organizing and managing users, groups, and computers within a domain, but they do not directly control access to network resources. Access to network resources is typically granted by assigning permissions directly to individual users or groups, not to organizational units. Therefore, the correct answer is false.
26.
Active Directory was first introduced in which operating system?
Correct Answer
Windows server 2000
Explanation
Active Directory was first introduced in Windows Server 2000. This operating system marked the debut of Active Directory, a directory service developed by Microsoft. Active Directory provides a centralized and hierarchical structure for managing and organizing network resources, such as users, computers, and groups. It allows administrators to efficiently manage and control access to resources within a network environment. Windows Server 2000 was the first version of Windows Server to include Active Directory, making it a significant milestone in the evolution of Microsoft's server operating systems.
27.
Where do users log in when joining an Active Directory domain?
Correct Answer
domain
Explanation
When users join an Active Directory domain, they log in to the domain. The domain is the central authority that manages and authenticates user accounts and resources within a network. By logging in to the domain, users gain access to shared resources, such as files, printers, and applications, that are controlled and managed by the domain controller. The domain controller verifies the user's credentials and grants access to the domain resources based on the user's permissions and group memberships.
28.
There are two basic classes of objects in an Active Directory domain. Which of the following is an object?
Correct Answer
leaf
Explanation
In Active Directory, a leaf is an object that represents the lowest level of a hierarchy. It is a type of object that can exist within an Active Directory domain. Leaf objects are typically the end points of the hierarchy and do not have any child objects beneath them. They can be user accounts, computer accounts, or other types of objects that are not containers for other objects. Therefore, the given answer "leaf" correctly identifies an object in an Active Directory domain.
29.
Which of the following is a main group type found in Active Directory?
Correct Answer
Security
Explanation
The main group type found in Active Directory is "Security." Active Directory is a directory service developed by Microsoft that is used to manage and organize network resources. Within Active Directory, security groups are used to assign permissions and access rights to users and resources. These groups are created to simplify the management of permissions and provide a centralized way to control access to various network resources.
30.
Which group is used most often when designing an Active Directory infrastructure?
Correct Answer
Security
Explanation
The security group is used most often when designing an Active Directory infrastructure because it allows for the efficient management and control of user access and permissions. Security groups help in assigning permissions to resources, such as files, folders, and applications, by grouping users with similar access requirements. This simplifies the administration process and ensures that security policies are effectively implemented within the Active Directory environment.
31.
Which group is used for nonsecurity-related functions, such as sending email messages to a collection of users?
Correct Answer
distribution
Explanation
The distribution group is used for nonsecurity-related functions, such as sending email messages to a collection of users. This group allows for easy communication and collaboration among a specific set of users, without the need for individual email addresses. By adding users to a distribution group, messages can be sent to the entire group with just one email address, making it efficient for sending mass emails or announcements to a specific set of users.
32.
DNS naming limitations call for a maximum of how many characters per domain name?
Correct Answer
63
Explanation
DNS naming limitations call for a maximum of 63 characters per domain name. This means that a domain name cannot exceed 63 characters in length, including any letters, numbers, hyphens, or periods. This limitation is in place to ensure compatibility and to prevent potential issues with DNS servers and systems that may have restrictions on the maximum length of domain names they can handle.
33.
What type of compatibility are functional levels designed to provide in Active Directory installations running domain controllers with various versions of the Windows Server operating system?
Correct Answer
backward
Explanation
Functional levels in Active Directory are designed to provide backward compatibility. This means that they allow domain controllers with different versions of the Windows Server operating system to coexist and communicate effectively within the same Active Directory environment. By supporting older versions of Windows Server, functional levels ensure that organizations can gradually upgrade their domain controllers without disrupting the overall functionality and compatibility of their Active Directory infrastructure.
34.
What is the name of the communications protocol called for by the original X.500 standard?
Correct Answer
Directory Access Protocol
Explanation
The original X.500 standard called for the use of the Directory Access Protocol. This protocol is used for accessing and retrieving information from a directory service, such as the X.500 directory. It allows clients to search for and retrieve information stored in the directory, making it an essential part of the X.500 standard.
35.
The Read-Only Domain Controller (RODC) supports only incoming replication traffic. As a result, what is it possible to do when using a Read-Only Domain Controller?
Correct Answer
D. D) none of the above
Explanation
When using a Read-Only Domain Controller (RODC), it is not possible to create, modify, or delete Active Directory objects. The purpose of an RODC is to provide a read-only copy of the Active Directory database, which means it can only receive replication traffic from a writeable domain controller. Therefore, it does not have the capability to make any changes to the Active Directory objects.
36.
A site topology consists of all of the following Active Directory object types except __________.
Correct Answer
Subnet Links
Explanation
The correct answer is Subnet Links. In a site topology, Active Directory object types include sites, subnets, and site links. Sites represent physical locations, subnets represent IP address ranges, and site links represent the connections between sites. However, subnet links are not a valid Active Directory object type.
37.
When using the subzone method, you can leave the Internet DNS servers in place and use Windows Server 2008 DNS servers to host the zone for the subdomain. Which of the following is a configuration change that you must make?A) You must use your domain controllers as your DNS servers.
Correct Answer
D. D) You must configure Internet DNS servers to delegate the Active Directory subdomain to the Windows Server 2008 DNS servers
Explanation
When using the subzone method, you need to configure the Internet DNS servers to delegate the Active Directory subdomain to the Windows Server 2008 DNS servers. This means that you are assigning the responsibility of handling DNS queries for the subdomain to the Windows Server 2008 DNS servers. This configuration change is necessary in order for the Windows Server 2008 DNS servers to effectively host the zone for the subdomain while leaving the Internet DNS servers in place.
38.
Which of the following is not a reason for creating an organizational unit?
Correct Answer
implementing domains
Explanation
Creating an organizational unit is not done for the purpose of implementing domains. Organizational units are used to organize and manage resources within a domain, such as users, computers, and groups. They help to delegate administrative tasks and apply group policies to specific sets of resources. On the other hand, implementing domains involves creating a logical boundary for network resources, establishing trust relationships, and defining security policies. While organizational units play a role in managing resources within a domain, they are not directly related to the implementation of domains themselves.
39.
Which of the following is not a variable that can affect the performance of an Active Directory installation?
Correct Answer
A. A) length of the domain name you create
Explanation
The length of the domain name you create does not directly affect the performance of an Active Directory installation. The performance of an Active Directory installation is primarily influenced by factors such as the hardware you select for your domain controllers, the capabilities of your network, and the types of WAN links connecting your remote sites. The length of the domain name may have some impact on the overall performance indirectly, such as in DNS resolution, but it is not a direct variable that affects the performance.
40.
To use a Windows Server 2008 computer as a domain controller, you must configure it to use a(n) __________.
Correct Answer
Static IP address
Explanation
To use a Windows Server 2008 computer as a domain controller, it is necessary to configure it with a static IP address. This is because a domain controller requires a consistent and unchanging IP address to ensure that it can be reliably located on the network. A static IP address ensures that the server always has the same IP address, allowing other devices on the network to easily connect to and communicate with the domain controller.
41.
Every Active Directory domain should have a minimum of __________ domain controllers.
Correct Answer
two
Explanation
Every Active Directory domain should have a minimum of two domain controllers. This is because having multiple domain controllers provides redundancy and fault tolerance. If one domain controller fails, the other one can still handle authentication requests and maintain the availability of the domain services. Additionally, having multiple domain controllers allows for load balancing and better performance by distributing the workload across the controllers. Therefore, having at least two domain controllers ensures the reliability and availability of the Active Directory domain.
42.
An Active Directory domain controller can verify a user’s identity by which of the following methods?
Correct Answer
D. D) all of the above
Explanation
An Active Directory domain controller can verify a user's identity by using smart cards, passwords, and biometrics. Smart cards provide a secure method of authentication by storing user credentials on a physical card. Passwords are the most common method of authentication, where users enter a unique combination of characters to prove their identity. Biometrics, such as fingerprints or facial recognition, use unique physical characteristics to verify a user's identity. By utilizing all of these methods, an Active Directory domain controller can provide a comprehensive and secure authentication process.
43.
Which of the following is not a reason why you should try to create as few domains as possible when designing an Active Directory infrastructure?
Correct Answer
A license must be purchased from Microsoft for each domain you create.
Explanation
Creating fewer domains in an Active Directory infrastructure is beneficial because it reduces the cost of purchasing licenses from Microsoft. Each domain requires a separate license, so minimizing the number of domains helps to save on licensing expenses.
44.
What is the primary difference between global and universal groups?
Correct Answer
Universal groups add more data to the global catalog.
Explanation
Universal groups are a type of Active Directory group that can contain users, groups, and computers from any domain within a forest. They are used to grant permissions and access across multiple domains. One key difference between global and universal groups is that universal groups add more data to the global catalog. The global catalog is a distributed data repository that contains a subset of attributes for all objects in the forest. By adding more data to the global catalog, universal groups enhance the efficiency of searching and locating objects across the entire forest.
45.
A(n) __________ object is one that can have other objects subordinate to it.
Correct Answer
container
Explanation
A container object is one that can have other objects subordinate to it. This means that a container object has the ability to hold or contain other objects within it. These subordinate objects are typically organized or structured in some way within the container object. The container object acts as a higher-level entity that provides a framework or context for the subordinate objects. This relationship allows for a hierarchical structure where the container object is at the top and the subordinate objects are nested within it.
46.
Every object consists of __________ that store information about the object.
Correct Answer
attributes
Explanation
In object-oriented programming, objects are composed of attributes that store information about the object. Attributes represent the characteristics or properties of an object and can be used to describe its state or behavior. They can hold different types of data such as strings, numbers, or even other objects. By accessing and manipulating these attributes, we can interact with the object and perform various operations on it. Therefore, the correct answer for this question is "attributes".
47.
The primary difference between global and universal groups is that universal groups add more data to the global catalog, thereby increasing the amount of __________ traffic between sites.
Correct Answer
replication
Explanation
Universal groups add more data to the global catalog, which in turn increases the amount of replication traffic between sites. This means that when universal groups are used, there is a higher volume of data being replicated between different sites in a network. Replication is the process of copying and distributing data across multiple servers or sites to ensure consistency and availability. Therefore, the correct answer is replication.
48.
When beginning a new Active Directory installation, the first step is to create a new __________.
Correct Answer
forest
Explanation
When starting a new Active Directory installation, the first step is to create a new forest. A forest is the highest level of organization in Active Directory and represents a collection of domains that share a common schema, global catalog, and directory configuration. Creating a new forest establishes the foundation for the Active Directory infrastructure and allows for the creation of domains, organizational units, and objects within the network.
49.
To stay synchronized, domain controllers communicate by sending database information to each other, which is a process called __________.
Correct Answer
replication
Explanation
Domain controllers stay synchronized by sending database information to each other, a process known as replication. This ensures that all domain controllers have the most up-to-date information and can provide consistent services to users. Replication is crucial in maintaining the integrity and consistency of the Active Directory database across the network.
50.
The overall objective in your Active Directory design process should be to create as few __________ as possible.
Correct Answer
domains
Explanation
The goal in Active Directory design is to minimize the number of domains. This is because each domain adds complexity and administrative overhead. By having fewer domains, it becomes easier to manage user accounts, group policies, and resources. Additionally, a smaller number of domains simplifies the overall architecture and improves performance. Therefore, the objective should be to create as few domains as possible.