Lesson 3: Planning An Active Directory Deployment

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Mister_kupido09
M
Mister_kupido09
Community Contributor
Quizzes Created: 7 | Total Attempts: 1,152
Questions: 44 | Attempts: 207

SettingsSettingsSettings
Lesson Quizzes & Trivia

Questions and Answers
  • 1. 

    Active Directory was first introduced in which operating system?

    • A.

      Windows 2000 Server

    • B.

      Windows XP SP2

    • C.

      Windows 2003 Server

    • D.

      Windows Vista

    Correct Answer
    A. Windows 2000 Server
    Explanation
    Active Directory was first introduced in Windows 2000 Server. This operating system introduced the concept of a centralized directory service for managing and organizing network resources. Active Directory provides a hierarchical structure for storing and managing information about users, computers, and other network objects. It allows for centralized authentication, authorization, and policy enforcement, making it a key component of Microsoft's Windows Server operating systems. Windows XP SP2, Windows 2003 Server, and Windows Vista were released after Windows 2000 Server and built upon the foundation of Active Directory.

    Rate this question:

  • 2. 

     Where do users log in when joining an Active Directory domain?

    • A.

      application

    • B.

      individual computer

    • C.

      domain

    • D.

      server

    Correct Answer
    C. domain
    Explanation
    When joining an Active Directory domain, users log in to the domain. The domain is a centralized network location that allows users to access resources and services within the network. By logging into the domain, users can authenticate their credentials and gain access to the resources and permissions assigned to them within the domain.

    Rate this question:

  • 3. 

    There are two basic classes of objects in an Active Directory domain. Which of the following is an object? 

    • A.

      logical

    • B.

      leaf

    • C.

      tree

    • D.

      attribute

    Correct Answer
    B. leaf
    Explanation
    A leaf is an object in an Active Directory domain. In the context of Active Directory, a leaf refers to a specific object that does not have any child objects beneath it. It is the lowest level object in the hierarchy and represents individual entities such as users, groups, or computers.

    Rate this question:

  • 4. 

     Which of the following is a main group type found in Active Directory?

    • A.

      security

    • B.

      domain

    • C.

      global

    • D.

      Universal

    Correct Answer
    A. security
    Explanation
    In Active Directory, the main group type "security" is used to assign permissions and access rights to resources. Security groups are used to manage user access to shared resources such as files, folders, and printers. By adding users to a security group, administrators can easily control and manage their access privileges. This group type is essential for maintaining the security and integrity of the Active Directory environment.

    Rate this question:

  • 5. 

     Which group is used most often when designing an Active Directory infrastructure?

    • A.

      Distribution

    • B.

      universal

    • C.

      Global

    • D.

      security

    Correct Answer
    D. security
    Explanation
    When designing an Active Directory infrastructure, the group that is used most often is the security group. Security groups are used to manage access to resources and assign permissions within the Active Directory. They help in controlling user access to various objects and ensure the security of the infrastructure by allowing or denying certain privileges.

    Rate this question:

  • 6. 

    Which group is used for nonsecurity-related functions, such as sending email messages to a collection of users?

    • A.

      distribution

    • B.

      universal

    • C.

      Global

    • D.

      Security

    Correct Answer
    A. distribution
    Explanation
    The group used for nonsecurity-related functions, such as sending email messages to a collection of users, is the distribution group. This type of group is commonly used to distribute emails or other types of information to a specific set of users. It is not related to security functions or access permissions.

    Rate this question:

  • 7. 

     DNS naming limitations call for a maximum of how many characters per domain name?

    • A.

      32

    • B.

      63

    • C.

      128

    • D.

      255

    Correct Answer
    B. 63
    Explanation
    DNS naming limitations call for a maximum of 63 characters per domain name. This limitation is due to the specifications set by the Domain Name System (DNS) protocol. The DNS protocol defines the rules and standards for translating domain names into IP addresses. The maximum limit of 63 characters ensures compatibility and interoperability across different DNS servers and systems. Exceeding this limit may result in errors or incompatibilities when resolving domain names.

    Rate this question:

  • 8. 

    What type of compatibility are functional levels designed to provide in Active Directory installations running domain controllers with various versions of the Windows Server operating system?

    • A.

      functional

    • B.

      Forward

    • C.

      backward

    • D.

      existing

    Correct Answer
    C. backward
    Explanation
    Functional levels in Active Directory are designed to provide backward compatibility. This means that domain controllers with newer versions of the Windows Server operating system can still support and communicate with domain controllers running older versions. This allows for a smooth transition and coexistence of different versions within the Active Directory environment.

    Rate this question:

  • 9. 

     What is the name of the communications protocol called for by the original X.500 standard? 

    • A.

      Directory Access Protocol

    • B.

      Data Access Protocol

    • C.

      Lightweight Directory Access Protocol

    • D.

      Lightweight Data Access Protocol

    Correct Answer
    A. Directory Access Protocol
    Explanation
    The correct answer is Directory Access Protocol. This protocol is called for by the original X.500 standard. It is used to access and retrieve information from a directory service.

    Rate this question:

  • 10. 

     The Read-Only Domain Controller (RODC) supports only incoming replication traffic. As a result, what is it possible to do when using a Read-Only Domain Controller?

    • A.

      Create Active Directory objects

    • B.

      modify Active Directory objects

    • C.

      delete Active Directory objects

    • D.

      None of the above

    Correct Answer
    D. None of the above
    Explanation
    When using a Read-Only Domain Controller (RODC), it is not possible to create, modify, or delete Active Directory objects. This is because RODCs are designed to be deployed in locations with limited physical security, such as branch offices, and they hold a read-only copy of the Active Directory database. This ensures that any changes to the Active Directory database can only be made on the writeable domain controllers, providing an extra layer of security and preventing unauthorized modifications on the RODC. Therefore, the correct answer is "none of the above."

    Rate this question:

  • 11. 

    A site topology consists of all of the following Active Directory object types except __________.

    • A.

      Sites

    • B.

      Subnets

    • C.

      Subnet Links

    • D.

      Site Links

    Correct Answer
    C. Subnet Links
    Explanation
    A site topology in Active Directory consists of sites, subnets, and site links. Subnet links are not a valid Active Directory object type.

    Rate this question:

  • 12. 

     When using the subzone method, you can leave the Internet DNS servers in place and use Windows Server 2008 DNS servers to host the zone for the subdomain. Which of the following is a configuration change that you must make?

    • A.

      You must use your domain controllers as your DNS servers.

    • B.

      You must use your Internet DNS servers to host your Active Directory domains.

    • C.

      You must turn on dynamic updates on the DNS servers.

    • D.

      You must configure Internet DNS servers to delegate the Active Directory subdomain to the Windows Server 2008 DNS servers.

    Correct Answer
    D. You must configure Internet DNS servers to delegate the Active Directory subdomain to the Windows Server 2008 DNS servers.
  • 13. 

    Which of the following is not a reason for creating an organizational unit?

    • A.

      assigning Group Policy settings

    • B.

      Duplicating organizational divisions

    • C.

      implementing domains

    • D.

      Delegating administration

    Correct Answer
    C. implementing domains
    Explanation
    Implementing domains is not a reason for creating an organizational unit. Organizational units are used to manage and organize resources within a domain, such as users, computers, and groups. Domains, on the other hand, are used to define a security boundary and manage authentication and authorization within a network. While creating organizational units can help in delegating administration, assigning Group Policy settings, and duplicating organizational divisions, implementing domains serves a different purpose and is not directly related to creating organizational units.

    Rate this question:

  • 14. 

    Which of the following is not a variable that can affect the performance of an Active Directory installation?

    • A.

      Length of the domain name you create

    • B.

      Hardware you select for your domain controllers

    • C.

      Capabilities of your network

    • D.

      Types of WAN links connecting your remote sites

    Correct Answer
    A. Length of the domain name you create
    Explanation
    The length of the domain name you create is not a variable that can affect the performance of an Active Directory installation. The performance of an Active Directory installation is influenced by factors such as the hardware selected for domain controllers, the capabilities of the network, and the types of WAN links connecting remote sites. The length of the domain name does not have a direct impact on the performance of the installation.

    Rate this question:

  • 15. 

     To use a Windows Server 2008 computer as a domain controller, you must configure it to use a(n) __________.

    • A.

      APIPA address

    • B.

      Address supplied by a DHCP server

    • C.

      Static IP address

    • D.

      none of the above

    Correct Answer
    C. Static IP address
    Explanation
    To use a Windows Server 2008 computer as a domain controller, it must be configured with a static IP address. This is necessary because a domain controller needs a consistent and predictable IP address to ensure proper network communication and to maintain the stability and reliability of the domain. Using an APIPA address (Automatic Private IP Addressing) is not suitable for a domain controller as it is a self-assigned IP address that is automatically generated when a DHCP server is not available. Similarly, relying on an address supplied by a DHCP server can lead to IP address changes, which can disrupt the functioning of the domain controller.

    Rate this question:

  • 16. 

    Every Active Directory domain should have a minimum of __________ domain controllers.

    • A.

      One

    • B.

      Two

    • C.

      Three

    • D.

      Four

    Correct Answer
    B. Two
    Explanation
    Every Active Directory domain should have a minimum of two domain controllers. This is because having at least two domain controllers ensures redundancy and fault tolerance. If one domain controller fails, the other can continue to provide authentication and other directory services. Additionally, having multiple domain controllers allows for load balancing and improved performance.

    Rate this question:

  • 17. 

    An Active Directory domain controller can verify a user’s identity by which of the following methods?

    • A.

      Smart cards

    • B.

      Passwords

    • C.

      Biometrics

    • D.

      All of the above

    Correct Answer
    D. All of the above
    Explanation
    An Active Directory domain controller can verify a user's identity by using smart cards, passwords, and biometrics. Smart cards are physical cards that store user credentials and are used for authentication. Passwords are a common method where users enter a unique combination of characters to prove their identity. Biometrics involves using unique physical characteristics such as fingerprints or facial recognition to verify a user's identity. By using all of these methods, the domain controller can ensure a higher level of security and authentication for users.

    Rate this question:

  • 18. 

    Which of the following is not a reason why you should try to create as few domains as possible when designing an Active Directory infrastructure?

    • A.

      A license must be purchased from Microsoft for each domain you create.

    • B.

      Additional domains increase the overall hardware and maintenance costs of the deployment.

    • C.

      Some applications might present security issues when working in a forest with multiple domains.

    • D.

      Additional domains increase the number of administrative tasks that must be performed.

    Correct Answer
    A. A license must be purchased from Microsoft for each domain you create.
    Explanation
    Creating fewer domains in an Active Directory infrastructure is beneficial because it reduces overall hardware and maintenance costs, minimizes security issues with applications in a forest with multiple domains, and decreases the number of administrative tasks that need to be performed. However, the statement that a license must be purchased from Microsoft for each domain created is not a valid reason for creating fewer domains.

    Rate this question:

  • 19. 

    Which of the following Active Directory elements provides a true security boundary?

    • A.

      Organizational units

    • B.

      Domains

    • C.

      Domain trees

    • D.

      Forests

    Correct Answer
    D. Forests
    Explanation
    Forests in Active Directory provide a true security boundary. A forest is a collection of multiple domain trees that share a common schema, configuration, and global catalog. It establishes a security boundary by creating a separate security boundary for each domain within the forest. Each domain within a forest trusts other domains within the same forest, but not domains in other forests, ensuring that security policies and permissions are contained within the forest. Therefore, forests provide a higher level of security and isolation compared to domains, domain trees, and organizational units.

    Rate this question:

  • 20. 

     What is the primary difference between global and universal groups?

    • A.

      Global groups decrease the amount of replication traffic between sites.

    • B.

      Universal groups add more data to the global catalog.

    • C.

      You can use universal groups across the board if your network consists of multiple sites.

    • D.

      Global groups add more data to the universal catalog.

    Correct Answer
    B. Universal groups add more data to the global catalog.
    Explanation
    Universal groups add more data to the global catalog. This means that when universal groups are used, additional information is added to the global catalog, which is a central repository of information about objects in the Active Directory. Global groups, on the other hand, do not add this additional data to the global catalog. Therefore, the primary difference between global and universal groups is that universal groups contribute more information to the global catalog.

    Rate this question:

  • 21. 

    Unlike organizational units, you cannot assign Group Policy settings to computer objects, nor can you delegate their administration.

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    Group Policy settings are used to manage and configure user and computer settings in an Active Directory environment. While it is possible to assign Group Policy settings to organizational units (OU), it is not possible to assign them directly to computer objects. Computer objects in Active Directory are typically managed through Group Policy settings applied to the OU where the computer object resides. Additionally, the administration of Group Policy settings cannot be delegated specifically to computer objects.

    Rate this question:

  • 22. 

     Subdomains in a tree inherit permissions and policies from their parent domains.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    Subdomains in a tree do not inherit permissions and policies from their parent domains. Each subdomain has its own set of permissions and policies that are independent of its parent domain. Therefore, the correct answer is False.

    Rate this question:

  • 23. 

    You can drag and drop leaf objects, such as users and computers, between OUs, but not between domains.

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    In Active Directory, Organizational Units (OUs) are used to organize and manage objects like users and computers. OUs provide a way to group related objects together for easier administration. One of the advantages of using OUs is the ability to move leaf objects between them. This means that you can drag and drop users and computers from one OU to another within the same domain. However, it is not possible to move leaf objects between different domains. Therefore, the statement that "You can drag and drop leaf objects, such as users and computers, between OUs, but not between domains" is true.

    Rate this question:

  • 24. 

    When you want to grant a collection of users permission to access a network resource, such as a file system share or a printer, you can assign permissions to an organizational unit.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    Assigning permissions to an organizational unit does not grant access to network resources for a collection of users. Organizational units are used for organizing and managing user accounts and other objects within a domain, but they do not directly control access to network resources. Instead, permissions are typically assigned directly to individual users, groups, or security principals that need access to specific resources.

    Rate this question:

  • 25. 

    Active Directory is one of the easiest technologies to test because an isolated lab environment usually can emulate many of the factors that can affect the performance of a directory service.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    Active Directory is not one of the easiest technologies to test because it requires a complex setup and configuration. It is not easily emulated in an isolated lab environment as it relies on various factors such as network infrastructure, domain controllers, and user accounts. Testing Active Directory often requires a larger-scale environment with real-world scenarios to accurately evaluate its performance and functionality. Therefore, the given answer "False" is correct.

    Rate this question:

  • 26. 

    A(n) __________ object is one that can have other objects subordinate to it.

    Correct Answer
    container
    Explanation
    A container object is one that can have other objects subordinate to it. This means that a container can hold or contain other objects within it. These subordinate objects are typically organized or structured in some way within the container. The container provides a framework or environment for these subordinate objects to exist and interact with each other.

    Rate this question:

  • 27. 

    Every object consists of __________ that store information about the object.

    Correct Answer
    attributes
    Explanation
    Attributes are the properties or characteristics of an object that store information about the object. They define the state or behavior of an object and help in describing and identifying the object. In programming, attributes are used to represent the data associated with an object and provide access to that data. Therefore, it is correct to say that every object consists of attributes that store information about the object.

    Rate this question:

  • 28. 

     __________ Policy is one of the most powerful administrative features of Active Directory.

    Correct Answer
    Group
    Explanation
    Group Policy is one of the most powerful administrative features of Active Directory because it allows administrators to manage and control the configuration settings of users and computers in a Windows domain. Group Policy enables centralized management of security settings, software installation and updates, network connections, and other administrative tasks. By applying Group Policy settings to groups of users or computers, administrators can ensure consistent and secure configurations across the network, making it an essential tool for managing and maintaining an Active Directory environment.

    Rate this question:

  • 29. 

    The primary difference between global and universal groups is that universal groups add more data to the global catalog, thereby increasing the amount of __________ traffic between sites.

    Correct Answer
    replication
    Explanation
    Universal groups add more data to the global catalog, which in turn increases the amount of replication traffic between sites.

    Rate this question:

  • 30. 

    When beginning a new Active Directory installation, the first step is to create a new __________.

    Correct Answer
    forest
    Explanation
    When starting a new Active Directory installation, the initial step is to create a new forest. A forest is the highest level of organization in Active Directory and represents a collection of one or more domains. It establishes the boundary for replication, security, and administrative purposes. Creating a forest involves defining the root domain and configuring the forest-wide settings.

    Rate this question:

  • 31. 

    Every Active Directory domain should have a minimum of __________ domain controllers.

    Correct Answer
    two
    Explanation
    Every Active Directory domain should have a minimum of two domain controllers. This is because having multiple domain controllers provides redundancy and ensures high availability of the domain services. If one domain controller fails, the other can still handle authentication requests and maintain the domain services. Additionally, having multiple domain controllers allows for load balancing and better performance in handling directory service operations. Therefore, it is recommended to have at least two domain controllers in an Active Directory domain.

    Rate this question:

  • 32. 

    To stay synchronized, domain controllers communicate by sending database information to each other, which is a process called __________.

    Correct Answer
    replication
    Explanation
    Domain controllers stay synchronized by sending database information to each other, a process known as replication. This ensures that all domain controllers have the same updated information, allowing for consistent and accurate data across the network. Replication is crucial for maintaining the integrity and reliability of the Active Directory database.

    Rate this question:

  • 33. 

    The overall objective in your Active Directory design process should be to create as few __________  as possible.

    Correct Answer
    domains
    Explanation
    In the Active Directory design process, the objective is to create as few domains as possible. This is because having fewer domains simplifies the management and administration of the Active Directory infrastructure. It reduces the complexity and potential for errors, improves performance, and enhances security. By minimizing the number of domains, organizations can achieve a more efficient and streamlined Active Directory environment.

    Rate this question:

  • 34. 

    If you plan to create domains corresponding to remote sites or organizational divisions, the most common practice is to make them all __________ in the same tree, with a single root domain at the top.

    Correct Answer
    subdomains
    Explanation
    When creating domains for remote sites or organizational divisions, it is common practice to make them all subdomains in the same tree. This means that each domain will be a subset of the main root domain, allowing for centralized management and control. By structuring the domains in this way, it becomes easier to administer and maintain the overall network infrastructure.

    Rate this question:

  • 35. 

    Each domain in an Active Directory installation is a separate __________ entity.

    Correct Answer
    administrative
    Explanation
    Each domain in an Active Directory installation is a separate administrative entity because it has its own set of administrative controls, policies, and permissions. This allows for centralized management and control over resources within each domain, ensuring that administrative tasks and responsibilities can be delegated and managed independently.

    Rate this question:

  • 36. 

    The required and recommended attributes that each type of object can have, the type of information that can be stored in each attribute, and the object’s place in the directory tree are all defined in what location?

    Correct Answer
    directory schema
    Explanation
    The directory schema defines the required and recommended attributes for each type of object, the type of information that can be stored in each attribute, and the object's place in the directory tree. It provides a structure and set of rules for organizing and defining the attributes and objects within a directory.

    Rate this question:

  • 37. 

    What container object functions in a subordinate capacity to a domain but without the complete separation of security policies?

    Correct Answer
    organizational unit
    Explanation
    An organizational unit functions in a subordinate capacity to a domain, meaning it is a subunit within a larger domain structure. It allows for the organization and management of resources within the domain, such as users, groups, and computers. However, unlike a complete separation of security policies, an organizational unit does not have its own independent set of security policies. Instead, it inherits the security policies of the domain it belongs to, while still providing a level of control and organization within that domain.

    Rate this question:

  • 38. 

    When you create your first domain on an Active Directory network, you are creating the root of what?

    Correct Answer
    domain tree
    Explanation
    When you create your first domain on an Active Directory network, you are creating the root of a domain tree. A domain tree is a hierarchical structure that organizes multiple domains in a logical manner. The first domain created becomes the root domain, from which all other domains in the tree are connected. This allows for centralized management and administration of user accounts, resources, and security policies within the network.

    Rate this question:

  • 39. 

    What is the name of the list in each forest that contains the objects in the forest along with a subset of each object’s attributes?

    Correct Answer
    global catalog
    Explanation
    The global catalog is the name of the list in each forest that contains the objects in the forest along with a subset of each object's attributes. The global catalog is a distributed data repository that stores a partial replica of all objects in the forest. It is used to facilitate searches and queries across multiple domains in a forest, allowing users to find objects and their attributes quickly and efficiently.

    Rate this question:

  • 40. 

    What is the name of the process used by Windows NT domains in which one primary domain controller (PDC) sends its data to one or more backup domain controllers (BDCs)?

    Correct Answer
    single-master replication
    Explanation
    Single-master replication is the name of the process used by Windows NT domains in which one primary domain controller (PDC) sends its data to one or more backup domain controllers (BDCs). This process ensures that all the domain controllers in the network have the same data and can handle user authentication and other domain functions. The PDC is responsible for making changes to the domain database, while the BDCs receive these changes and replicate them to stay up to date. This replication process helps in ensuring fault tolerance and high availability in Windows NT domains.

    Rate this question:

  • 41. 

    What does Active Directory use, in which it is possible to make changes to domain objects on any domain controller, to replicate those changes to all other domain controllers?

    Correct Answer
    multiple-master replication
    Explanation
    Active Directory uses multiple-master replication to replicate changes made to domain objects on any domain controller to all other domain controllers. This means that any domain controller can make changes to the directory and those changes will be synchronized and replicated to all other domain controllers in the network. This allows for a distributed and fault-tolerant system where changes can be made from any location and are propagated to ensure consistency across the entire Active Directory infrastructure.

    Rate this question:

  • 42. 

    Each domain in a tree is a separate security entity. What does each domain’s separate Group Policy settings include?

    Correct Answer
    permissions and user accounts
    Explanation
    Each domain in a tree is a separate security entity, meaning that it has its own set of permissions and user accounts. Therefore, each domain's separate Group Policy settings would include these permissions and user accounts, allowing for individualized security configurations and access controls within each domain.

    Rate this question:

  • 43. 

    What component automatically creates replication links between domain controllers in the same site and schedules their replication activities?

    Correct Answer
    Knowledge Consistency Checker, KCC
    Explanation
    The Knowledge Consistency Checker (KCC) is responsible for automatically creating replication links between domain controllers in the same site and scheduling their replication activities. It ensures that the Active Directory database remains consistent across all domain controllers within a site by constantly monitoring the network topology and dynamically adjusting the replication topology as needed. The KCC helps to optimize replication efficiency and ensure that changes made on one domain controller are replicated to others in a timely manner.

    Rate this question:

  • 44. 

    What component automatically creates replication links between domain controllers in the same site and schedules their replication activities?

    Correct Answer
    Knowledge Consistency Checker, KCC
    Explanation
    The Knowledge Consistency Checker (KCC) is responsible for automatically creating replication links between domain controllers in the same site and scheduling their replication activities. It ensures that the Active Directory database remains consistent across all domain controllers within a site by establishing and maintaining replication connections. The KCC analyzes the network topology and determines the most efficient replication paths, creating the necessary connections to ensure data consistency and availability.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 25, 2012
    Quiz Created by
    Mister_kupido09
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.