| Terms |
Definitions |
|
DC
|
Domain Component
|
|
_______________ are Windows Support tools that can be used to view and edit Active Directory permissions.
|
dsacls.exe
acldiag.exe
|
|
Replication between domain controllers at the same site
|
Intrasite Replication
|
|
What allows administrators to control what information is replicated and to which domain controllers?
|
Application Partition
|
|
Group Policy
|
Configuration settings that can be linked to computers, sites, domains, and OUs to specify the behavior of users' desktops.
|
|
Uniquely Identifies the object and contains sufficient information for a client to retrieve the object from the directory
|
Distinguished Name
|
|
A ________ is the highest level in Active Directory. In a ___________, Active Directory uses directory partition to store and replicate information.
|
Forest
|
|
A set of Windows 2003 features that assist with managing user and computer information, settings, and applications.
|
IntelliMirror
|
|
Forest Trust
|
- manually created between two forest root domains
- transitive
- can be one way or two way
|
|
Using nslookup’s /? switch, what would be the syntax needed to view allSRV records?
|
nslookup ls –t SRV
|
|
Which of the following is not a valid object type in the Find option?
1. Users, contacts, and groups
2. Sites
3. OUs
4. Computers
|
Sites
|
|
Which dsquery command should you use to find computers that have been disabled?
|
dsquery computer -disabled
|
|
Name the file where directory information and the four parts it is divided into.
|
NTDS.DIT
- Schema Partition
- Configuration Partition
- Domain Partition
- Application Directory Partition
|
|
What are the two types of functional levels?
|
Domain and Forest
|
|
You are trying to assign permissions to an object in its properties dialog box, but you cannot find its security tab. How can you fix this?
|
Select "Advanced Features" on the view menu.
|
|
List six types of trusts.
|
- Tree Root Trust
- Parent-Child Trust
- Shortcut Trust
- External Trust
- Forest Trust
- Realm Trust
|
|
Assuming the same scenario as in question 4, what information will bereplicated between the third branch office and the main office?
|
Global catalog, schema, and configuration information will be the only informationreplicated because the third branch office is using SMTP for replication. SMTP onlyreplicates global catalog, schema, and configuration information.
|
|
What is a security principal?
|
A user, group, computer, or service that is assigned a that is assigned a unique SID.
|
|
Two trust protocols used by Windows Server 2003
|
Kerberos 5
NT LAN Manager (NTLM)
|
|
Consists of a user name and a domain name identifying the domain in which the user account is located
|
User Principal Name
|
|
You are the administrator for a network that has several sites. There is asite link from the main headquarters to each remote site for file transferand replication purposes. You have been asked to create five new userson the network, and several of the us
|
a. The default intersite replication schedule is set for every 180 minutes.
|
|
What command would you use to find out all the domain permissions for User1 on the domain MUTUAL.LOCAL according to Server2
|
sdcheck server2 user1@mutual.local > filename.txt
|
|
Steps in creating a Forest Plan
|
1. Determine the number of forests required
2. Create a schema modification plan
|
|
What makes up the Common Microsoft Management Console set?
|
- Active Directory Users and Computers (DSA.MSC)- Active Directory Domains and Trusts (DOMAIN.MSC)- Active Directory Sites and Services (DSSITE.MSC)
|
|
The permissions check boxes for an OU are shaded. What does this indicate?
|
Permissions were inherited from a parent OU.
|
|
Why do you want only one forest, if possible?
|
Multiple forests means separate schemas, configuration containers, global catalogs. Also, users will have more difficult logging on with multiple forests.
|
|
Before you are able to create an application directory partition, you mustbe a member of which group?a. Domain Usersb. Domain Adminsc. Schema Adminsd. Enterprise Admins
|
d is the correct answer. Since application directory partition information can beconfigured to replicate to any domain in the forest, creating this partition is anenterprise-level task and requires enterprise permissions to do so.
|
|
For optimum network response time, you must place *at least*:
|
One domain controller at each site and at least two domain controllers in each domain.
|
|
The KCC is responsible for calculating intrasite replication partners.During this process, what is the maximum number of hops that the KCCwill allow between domain controllers?a. 2b. 3c. 4d. 5
|
b. The maximum number of hops that the KCC will allow between domain controllersis three. This allows a maximum replication latency of 15 minutes, since eachdomain controller holds a change for five minutes before forwarding it.
|
|
For quotas to be effective on a domain partition ______________.
|
All domain controllers in the domain must be running Windows Server 2003.
|
|
Which of the following are key points related to the Sysvol folder structurein Active Directory?a. It contains user data that should be backed up.b. It contains replicated data such as logon scripts.c. It contains the operating system boot files.d. It mus
|
b and e are correct. Answer a is incorrect since user data should not reside in thesame location as system files. Operating system boot files are stored at the rootof C: by default and system files are stored in the systemroot directory. Thismakes answer c incorrect. If answer e is correct because of NTFS permissionrequirements, answer d is incorrect.
|
