70-411 Demo Test - Ness (Natanya)
.
Questions and Answers
- 1.
Which of the next operation master roles are forest wide roles? (choose all relevant)
- A.
Pdc emulator
- B.
Schema master
- C.
Rid master
- D.
Domain naming
Correct Answer(s)
B. Schema master
D. Domain namingExplanation
The forest-wide operation master roles are responsible for performing specific tasks at the forest level in Active Directory. The schema master role is responsible for managing the Active Directory schema, which defines the structure and attributes of objects in the directory. The domain naming master role is responsible for managing the addition and removal of domains in the forest. Therefore, both the schema master and domain naming master roles are forest-wide roles. The PDC emulator and RID master roles, on the other hand, are domain-specific roles and are not considered forest-wide.Rate this question:
-
- 2.
Which operation master role has the sid values located in it?
- A.
Pdc emulator
- B.
Schema master
- C.
Global catalog
- D.
Rid master
Correct Answer
D. Rid masterExplanation
The RID master operation master role is responsible for allocating and managing the relative identifier (RID) pool, which is used to create unique security identifiers (SIDs) for objects in a Windows domain. The RID values are stored and managed by the RID master. This ensures that each object in the domain has a unique SID, allowing for proper authentication and authorization within the network.Rate this question:
-
- 3.
Using the `gpupdate /force` command forces replica of gpo policies to all the domain.
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
The given statement is incorrect. The `gpupdate /force` command does not force the replica of GPO policies to all the domains. Instead, it forces an immediate update of the Group Policy settings on the local computer or the remote computer. This command ensures that any changes made to Group Policy are applied immediately without waiting for the regular update interval.Rate this question:
-
- 4.
If you want to apply a gpo user policy in a way that it affects every user loggin on a specific computer - what setting should you choose to enable this configuration?
- A.
Gpupdate
- B.
Block inheritance
- C.
Loop back processing mode
- D.
Scavenging
Correct Answer
C. Loop back processing modeExplanation
Loopback processing mode should be chosen to enable the configuration of applying a GPO user policy that affects every user logging on a specific computer. Loopback processing mode allows the computer to apply user policies based on the location of the computer, rather than the user. This means that when a user logs on to the specific computer, the user policies defined for that computer will be applied to them, regardless of their own user policies.Rate this question:
-
- 5.
How is it possible to point a query to a specific dns server ?
- A.
Apply a conditional forwarding
- B.
Create a stub zone
- C.
Add a scope of addresses
- D.
Create a cname
Correct Answer
A. Apply a conditional forwardingExplanation
To point a query to a specific DNS server, one can apply a conditional forwarding. Conditional forwarding allows the DNS server to forward queries for specific domain names to another DNS server. This is useful when there is a need to resolve names from a specific domain using a different DNS server than the one configured as the primary DNS server. By setting up conditional forwarding, the DNS server can route queries for the specified domain to the designated DNS server, ensuring accurate and efficient resolution of the queries.Rate this question:
-
- 6.
A query is sent from a user throw a internet browser for a website. the dns server recieving the query - answers back with the ip address in a way that it fetched it by it`s self. what kind of query was applied?
- A.
Iterative
- B.
Sintetic
- C.
Recursive
- D.
Active directory integrated
Correct Answer
C. RecursiveExplanation
The correct answer is recursive. In a recursive query, the DNS server not only provides the requested information to the user, but it also fetches the information from another DNS server if it doesn't have it in its own cache. In this case, the DNS server received the query from the user and answered back with the IP address by fetching it from another DNS server.Rate this question:
-
- 7.
In group policy, how often does a refresh occur by default?
- A.
5 minutes
- B.
24 houers
- C.
90-120 minutes
- D.
Never
Correct Answer
C. 90-120 minutesExplanation
By default, in group policy, a refresh occurs every 90-120 minutes. This means that the group policy settings are applied to the computers or users in the group every 90-120 minutes. This interval allows for regular updates and ensures that any changes made to the group policy are propagated to the relevant systems within a reasonable timeframe.Rate this question:
-
- 8.
You want to change the period in which dns refreshes the records it manages - so that unused records will be deleted in a shorter time. what value should you change?
- A.
Reverse lookup zone
- B.
Global logs
- C.
Enable dynamic updates
- D.
Modify TTL
Correct Answer
D. Modify TTLExplanation
To change the period in which DNS refreshes the records it manages and deletes unused records in a shorter time, you should modify the TTL (Time to Live) value. TTL determines the amount of time that a DNS record can be cached by other DNS servers or clients. By reducing the TTL value, the DNS records will expire more quickly, causing unused records to be deleted sooner. Therefore, modifying the TTL value is the correct option to achieve the desired outcome.Rate this question:
-
- 9.
What tool helps us specifying multipul password policies for diffrent users or groups?
- A.
Ntdsutil
- B.
Nap
- C.
Group policy
- D.
Fine graind password policy
Correct Answer
D. Fine graind password policyExplanation
The correct answer is "fine-grained password policy." This tool allows us to specify multiple password policies for different users or groups. It provides more flexibility and control over password requirements, allowing organizations to enforce different password policies based on user roles or security levels. With fine-grained password policies, administrators can set specific password complexity, length, and expiration requirements for different sets of users or groups, ensuring better security and compliance with organizational password policies.Rate this question:
-
- 10.
I work for a company as a system admin and there are multipul domain controllers on the network. i have accidentally deleted an important object from AD. the object has been recoverd but the problem is that the other DC`s have replicated the deletion and do not replicate the recovered object.what solution would you propose?
- A.
Recover the entire system
- B.
Disable recycle bin
- C.
Going to every DC in the network and restarting them
- D.
Perform an authritative restore
Correct Answer
D. Perform an authritative restoreExplanation
Performing an authoritative restore is the most appropriate solution in this situation. When an object is deleted from Active Directory (AD), the deletion is replicated to other domain controllers (DCs). However, by performing an authoritative restore, the recovered object can be marked as authoritative, ensuring that it is replicated to all other DCs and takes precedence over any conflicting data. This will effectively restore the object across the network and resolve the issue caused by the accidental deletion.Rate this question:
-
- 11.
In what feature can you set a quota to a folder?
- A.
Dfs
- B.
Efs
- C.
Fsrm
- D.
Ras
Correct Answer
C. FsrmExplanation
In the context of file systems, the correct answer is fsrm. FSRM stands for File Server Resource Manager, which is a feature in Windows Server that allows administrators to set quotas to folders. This feature enables them to control and manage the amount of disk space that users or groups can consume on a file server. By setting quotas, administrators can prevent users from exceeding their allocated storage space and ensure fair resource distribution.Rate this question:
-
- 12.
Which type of quota is used to send notifications only when the quota is exceede?
- A.
Hard qouta
- B.
Mid quota
- C.
Screening
- D.
Soft screening
Correct Answer
D. Soft screeningExplanation
Soft screening is the correct answer because it refers to a type of quota that allows notifications to be sent only when the quota is exceeded. Soft screening is a method of monitoring and controlling the usage of a resource, such as data or storage, by setting a limit or threshold. When the quota is surpassed, notifications or warnings are triggered to inform the user or administrator about the exceeded limit. This helps in managing and optimizing resource allocation and preventing potential issues or over-usage.Rate this question:
-
- 13.
Which encryption algoritm uses a single key to encrypt and decrypt data?
- A.
Asymmetric
- B.
Public key
- C.
Symmetric
- D.
Tpm
Correct Answer
C. SymmetricExplanation
Symmetric encryption algorithm uses a single key to both encrypt and decrypt data. This means that the same key is used for both the sender and the receiver to ensure the confidentiality and integrity of the data. Asymmetric encryption, on the other hand, uses a pair of keys (public and private) where the public key is used to encrypt the data and the private key is used to decrypt it. TPM (Trusted Platform Module) is a hardware chip used for secure storage of cryptographic keys and other sensitive data.Rate this question:
-
- 14.
Vpn enforcmant does effect local connected computer
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
The correct answer is False because VPN enforcement does not affect local connected computers. VPN enforcement only applies to devices that are attempting to connect to a network remotely through a VPN. It does not have any impact on the devices that are already connected to the local network.Rate this question:
-
- 15.
In nap, what is the perpose of the SHA?
- A.
To remidiate the non-compliant client
- B.
For accessing the network with out enforcing nap
- C.
`sending hosts allow` massege to client
- D.
Providing a feedback on status of system protection from the client
Correct Answer
D. Providing a feedback on status of system protection from the clientExplanation
The purpose of the SHA in NAP is to provide feedback on the status of system protection from the client. This means that the SHA is responsible for informing the client about the level of protection their system has and whether it is compliant with the network's security requirements. This feedback allows the client to take necessary actions to ensure their system is adequately protected before accessing the network.Rate this question:
-
- 16.
______ is a private version of microsft update service which windows computers automatically download updates
Correct Answer
wsusExplanation
WSUS stands for Windows Server Update Services. It is a private version of Microsoft Update Service that allows Windows computers to automatically download updates. WSUS provides a centralized management solution for distributing updates within a local network, allowing administrators to control and monitor the update process. By using WSUS, organizations can ensure that their Windows computers are regularly updated with the latest security patches and software updates, enhancing system stability and protecting against potential vulnerabilities.Rate this question:
- 17.
What is the use of creating computer groups in wsus?
- A.
Commiting gpo on the computers in the group
- B.
Separating differnet kind of updates into groups
- C.
Targeting specific groups of computers for testing & pilot installation of updates
- D.
Grouping the computers in the network so they can download updates for different wsus servers
Correct Answer
C. Targeting specific groups of computers for testing & pilot installation of updatesExplanation
Creating computer groups in WSUS allows for targeting specific groups of computers for testing and pilot installation of updates. This means that updates can be deployed to a smaller subset of computers first to ensure they work correctly and do not cause any issues before being rolled out to the entire network. This helps in reducing the potential impact of any problematic updates and allows for a controlled testing environment.Rate this question:
-
- 18.
What is the name of the windows installation dvd boot image file?
- A.
Pxe
- B.
Answer file
- C.
Sysprep
- D.
Boot.wim
Correct Answer
D. Boot.wimExplanation
The correct answer is "boot.wim." Boot.wim is the name of the Windows installation DVD boot image file. It is a file that contains the necessary files and resources needed to start the Windows installation process. This file is commonly found in the "sources" folder of the installation DVD and is used by the Windows Setup program to load the initial operating system environment during the installation process.Rate this question:
-
- 19.
What function does the system preparation utility (sysprep.exe) perform on a system?
- A.
Helps boot the system when a client boots up with out an operating system located on it
- B.
Prepars the image for being burned on a dvd
- C.
Helps prepare the bios for network based installation
- D.
It removes a sysytem`s name and sid
Correct Answer
D. It removes a sysytem`s name and sidExplanation
The correct answer is that the System Preparation Utility (sysprep.exe) removes a system's name and SID. This utility is used to prepare a Windows operating system for cloning or imaging by removing unique identifiers such as the computer name and Security Identifier (SID). This ensures that when the cloned or imaged system is deployed, it does not conflict with other systems on the network and can be properly joined to a domain.Rate this question:
-
- 20.
Encryption is a the process of converting data into a readable format
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
The given correct answer is False. Encryption is not the process of converting data into a readable format, but rather the process of converting data into an unreadable or encrypted format to ensure its security and confidentiality.Rate this question:
-
- 21.
Which two filters can be used to control who or what recieves a group policy?
- A.
Security group filter
- B.
Keyword filters
- C.
Delegation
- D.
Wmi filter
Correct Answer(s)
A. Security group filter
D. Wmi filterExplanation
The correct answer is security group filter and WMI filter. These two filters can be used to control who or what receives a group policy. A security group filter allows the group policy to be applied only to specific security groups, ensuring that only members of those groups receive the policy. On the other hand, a WMI filter allows the group policy to be applied based on specific conditions defined using Windows Management Instrumentation (WMI), such as operating system version, hardware configuration, or installed software. By using these filters, administrators can have more control over the application of group policies in their network environment.Rate this question:
-
- 22.
Who can initiate a DNS query?
- A.
Only clients on the forest
- B.
Dns servers
- C.
Dns servers and clients
- D.
Only domain controllers
Correct Answer
C. Dns servers and clientsExplanation
DNS queries can be initiated by both DNS servers and clients. DNS servers are responsible for resolving domain names into IP addresses and can initiate queries to other DNS servers to obtain the necessary information. Clients, on the other hand, can also initiate DNS queries when they need to resolve a domain name into an IP address for communication purposes. Therefore, both DNS servers and clients have the capability to initiate a DNS query.Rate this question:
-
- 23.
What is secpol.msc used for?
- A.
Configuring gpo domain security policies
- B.
Applying security ntfs rules
- C.
Configure local security policy account settings.
- D.
Opening security console for firewall
Correct Answer
C. Configure local security policy account settings.Explanation
Secpol.msc is used to configure the local security policy account settings. It allows users to manage various security settings on their local machine, such as password policies, account lockout policies, user rights assignments, and audit policies. This tool is primarily used by system administrators to enforce security measures and ensure the protection of the local system.Rate this question:
-
- 24.
When we use the administrative tamplets on gpo, what can we configure?
- A.
The registry
- B.
Services on local computer
- C.
Edit the computer policies
- D.
Administrative tasks on gpo
Correct Answer
A. The registryExplanation
When we use the administrative templates on GPO, we can configure settings related to the registry. This means that we can modify and manage registry keys and values on the computers in the network. The administrative templates provide a way to centrally manage and enforce these registry settings across multiple computers, making it easier to maintain consistent configurations and policies.Rate this question:
-
- 25.
What are radius clients?
- A.
The computers that recieve the connection
- B.
Radius servers
- C.
Network access devices that offer connectivity for the user
- D.
Computers that are compliant to nap restriction policies
Correct Answer
C. Network access devices that offer connectivity for the userExplanation
Radius clients are network access devices that offer connectivity for the user. These devices act as intermediaries between the user and the radius server. They receive the connection requests from the user and forward them to the radius server for authentication and authorization. Once the radius server approves the connection, the client device grants access to the network resources. These clients can be routers, switches, wireless access points, or any other device that provides network access to the user.Rate this question:
-
- 26.
In a network that has 60 nodes (network attached devices), a network administartor has a task to upgrade to the new windows 10 edition. what server 2012 role should he use for the task?
- A.
Wsus
- B.
Ras
- C.
Nat
- D.
Wds
Correct Answer
D. WdsExplanation
The network administrator should use the WDS (Windows Deployment Services) role for the task of upgrading to the new Windows 10 edition. WDS is a server role in Windows Server 2012 that allows for the deployment of Windows operating systems over the network. It enables network-based installations, which would be useful in upgrading multiple devices in a network with 60 nodes.Rate this question:
-
- 27.
In a network that has 60 nodes (network attached devices), a network administartor has a task to upgrade to the new windows 10 edition. after deciding what role should be used for this task, what wizard will be most affective?
- A.
Wsus - automatic approvals
- B.
Fsrm - file screening
- C.
Wds - pxe
- D.
Wds - multicast transmissions
Correct Answer
D. Wds - multicast transmissionsExplanation
The most effective wizard for upgrading to the new Windows 10 edition in a network with 60 nodes would be WDS - Multicast Transmissions. Multicast transmissions allow for efficient and simultaneous distribution of data to multiple devices. This is particularly useful when upgrading a large number of devices as it reduces network congestion and ensures faster and smoother deployment of the new Windows 10 edition.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Jul 05, 2024Quiz Edited by
ProProfs Editorial Team -
Oct 28, 2015Quiz Created by
Yonatannaper
Back to top