Microsoft Server Exam Flashcards

Terms Definitions has a network consisting of an Active Directory forest All servers have Windows Server 2008. All domain controllers areconfigured as DNS servers. The DNS zone is stored in ForestDnsZonesActive directory partition. A me
A network consists of a single Active Directory domain. The functional level of the forest is Windows Server 2008. You need to create multiple password policies for users in your domain. What should you do? A. From the ADSI Edit snap-in, crea
A has a network that consists of a single Active Directory domain.Windows Server 2008 is installed on all domain controllers in the network. You are instructed tocapture all replication errors from all domain controllers to a central location
B has an Active Directory domain called Two DNS servers named Certkiller A and Certkiller A. DNS servers are configured as shown in the Exhibit. Exhibit: Domain users are unable to connect to the Internet website using Certkil
A has purchased a new application to deploy on 200 computers. You are instructed todeploy the application on all 200 computers. To install theapplication, you have to modify the registry on each target computer beforeinstalling the applicatio
A has an organizational unit called subproduction. The organizational unit has a childorganizational unit called Research. You create a GPO namedSoftware Deployment and link it to the Production organizational unit. You create a shadow groupf
C, D
Your company has a single Active Directory domain. The domain runs at the functional level of Windows Server 2003. DHCP will not start. You need to ensure that the DHCP service starts. What should you do? A.Restart DHCP1. B.Configure a scope on DHCP1.
Your company has recently deployed a server that runs Windows Server 2008. The server has the IP information shown below: IP address: Subnet mask: Default gateway: Users on remote subnets report that they are un
Your company has computers in multiple locations that use IPv4 and IPv6. Each location is protected by a firewall that performs symmetric NAT. You need to allow peer-to-peer communication between all locations. What should you do? A.Configure dynamic NA
Your company has an IPv4 Ethernet network. A router named R1 connects your segment to the Internet. A router named R2 joins your subnet with a segment named Private1. The Private1 segment has a network address of Your computer named WKS1 re
Your company has an Active Directory domain named The company also has a public namespace named You need to ensure that public DNS zone records cannot be copied. You must achieve this goal without impacting the functionality o
D network has an Active Directory forest that contains one parentdomain and one child domain. The child domain has two domain controllers thatrun Windows Server 2008. All user accounts from the child domain are migrated tothe parent domain. T
A, B has a group of consultants. All consultants belong to a global group namedTempWorkers. You were advised to place three file servers in a neworganizational unit named Secureserv. These file servers contain confidential data located inshared
A, E has an Active Directory forest. There is one main office and branch office in twodifferent locations. Both of the locations have an organizational unit. Certkiller has instructed youto ensure that the branch office administrators are able t
B, C
You configure a new file server that runs Windows Server 2008. Users access shared files on the file server. Users report that they are unable to access the shared files. The TCP/IP properties for the file server are configured as shown in the following e
You have a DHCP server named Server1 and an application server named Server2. Both servers run Windows Server 2008. The DHCP server contains one scope. You need to ensure that Server2 always receives the same IP address. Server2 must receive its DNS setti
Your company has an IPv6 network that has 25 segments. You deploy a server on the IPv6 network. You need to ensure that the server can communicate with all segments on the IPv6 network. What should you do? A.Configure the IPv6 address as fd00::2b0:d0ff:
Your company has a network that has 100 server s. A server named Server1 is configured as a file server. Server1 is connected to a SAN and ha s 15 logical drives. You want to automatically run a data archiving script if the free space on any of the logica
You have a DHCP server that runs Windows Server 2008. You need to reduce the size of the DHCP database. What should you do? A.From the DHCP snap-in, reconcile the database. B.From the folder that contains the DHCP database, run jetpack.exe dhcp.mdb te
Your company has a DNS server named Server1. Your partner company has a DNS server named Server2. You create a stub zone on Server1. The master for the stub zone is Server2. Server2 fails. You discover that users are not able to resolve names for the part
Port number used by Telnet
Telnet port # 23
*As a network administrator for Itexamworld , you have installed Windows 2008 Server onall the server computers of the company and Windows XP Professional Service Pack 2 andWindows Vista on all the client computers in the company.The company now wants all
Answer: AExplanation:The Network Access Protection (NAP) is a component of the Network policy and Accessservices that allow protecting network resources by enforcing compliance with system healthrequirements.Reference: Security and Policy Enforcement
*You are an enterprise administrator for Itexamworld . The corporate network of Itexamworldconsists of a single Active Directory domain called Itexamworld .com. The domain consistsof a file server that runs Windows Server 2008.A network users of the compa
Answer:CExplanation:To view the progress of the file restoration, you need to run vssadmin.exe query revertsfrom the command prompt.The Windows Server 2003 Volume Shadow Copy Service can also be administered from thecommand line by using the VSSAdmin tool that is included with Windows Server 2003.This tool replicates the features of the Shadow Copies tab of the volume Properties screenand can be called from batch files and scripts. VSSAdmin does not follow the typical"Command /switch" form, but instead uses a list of fixed commands to guide its function.Query Reverts queries the status of in-progress revert operations.Reference: Rapid Recovery with the Volume Shadow Copy Service / Command-LineManagement
Your network uses IPv4. You install a server that runs Windows Server 2008 at a branch office. The server is configured with two network interfaces. You need to configure routing on the server at the branch office. Which two actions should you perform? (E
A & D
The corporate network of Certkiller consists of a Windows Server 2008 single Active Directory domain. The domain has two servers named Certkiller 1 and Certkiller 2. To ensure central monitoring of events you decided to collect all the events on one serve
Answer: A,B,C Explanation: The subscriptions are not working because Normal subscriptions work only in Workgroupenvironment.To configure the event collection and event forwarding on the two servers, you need to first addthe Certkiller 1 account to the Administrators group on Certkiller 2.Because you are working with machines that are part of an Active Directory (AD), on the sourcecomputer, type winrmquickconfig command.Then, type y followed with Enter to make the changes. This command sets up the source systemto accept WS-Management requests from other computers.Now, move to the collection system. Repeat the WinRM command. This will allow you to controlbandwidth usage or latency of the event forwarding process.Next, using the same elevated command prompt, run wecutilqc command. Then, type y followedwith Enter to make the changes. This will configure the Windows EventCollector service to delayed autostart and start the service.Reference: Collect Vista Events
*ITCertKeys network is configured to use Internet Protocol version (Ipv6). You installed a Dynamic Host Configuration Protocol (DHCP) server on a server named ITCertKeysDHCP1 running Windows 2008 server. You want to ensure that neither IP address nor othe
Answer: A Explanation: This setting will ensure host will receive neither an IP address nor additional configuration information.
As the Certkiller administrator you had installed a read-only domain controller (RODC) server atremote location.The remote location doesn't provide enough physical security for the server. What should you doto allow administrative accounts to replicate au
Answer: B Explanation: To allow administrative accounts to replicate authentication information to Read-Only DomainControllers, you need to add administrative accounts to the domain Allowed RODC PasswordReplication group.By default, only the members of the Allowed RODC Password Replication group areallowed to replicate authentication information to Read-Only Domain Controllers. Theactual replication would happen only when the members of this group are authenticatedby the RODC. Note that the Administrators group is explicitly denied such replication.Reference: Security MVP Article of the Month - December 2007 / Physical Security
Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services(AD LDS) role is installed on a Windows Server 2008 named Certkiller -LDS1.An AD LDS instance named LDS1 is storing its data on the default applicationdirectory pa
Answer: B,C,E Explanation: To relocate the AD LDS application partition to the D: Drive, you need to use Ntdsutil tool. TheNtdsutil.exe is a command-line tool that allows you to manage ActiveDirectory. For example it can be used to perform database maintenance of ActiveDirectory, manage and control single master operations, remove metadata left behind by domaincontrollers, and create application directory partitions. Before you use Ntdsutil tool, you need to stop the NTDS service using net stop command on theCertkiller -LDS1 server and after moving the partition, you need to again start the NTDS serviceusing net start command on the Certkiller -LDS1 server.Reference: Using Ntdsutil ?mfReference: Event ID 1136 - Schema Operations has instructed you to decommission domain controllers that host all forest-wideoperations master roles. Before you start taking down these domain controllers, you want totransfer all forest-wide operation master roles to another domain. Whi
Answer: A,D Explanation: To transfer all forest-wide operation master roles to another domain, you should transferDomain naming master and Schema master. Schema Master: The schema master domaincontroller controls all updates and modifications to the schema. To update the schema ofa forest, you must have access to the schema master. There can be only one schemamaster in the whole forest. Domain naming master: The domain naming master domaincontroller controls the addition or removal of domains in the forest. There can be onlyone domain naming master in the whole forest.Reference:
Domain Controller Bill12 runs critical services in Certkiller network.Restructuring of organizational unit domain hierarchy is being done and all unnecessary objectsalso being deleted.Offline de-fragmentation of the active directory database is to be perf
Answer: D Explanation: To perform offline de-fragmentation of the active directory database on Bill12, youneed to Stop the Domain controller service in the Services MMC and run the NtdsutilutilityYou can use the restart feature of AD DS to stop AD DS so that you can perform offline operationssuch as defragmentation of Active Directory objects.Reference: Superior Identity Management Features in Windows Server 2008 Enterprise andWindows Server 2008 Datacenter / Directory Services: Active Directory DomainServices 20Identity%20
*You are an administrator at has opened a new Branch office at a new location. Windows Server 2008 is implemented on the servers. The initial network has 20 computers. You are asked to configure an appropriate IP addressing
Answer: A Explanation To configure an appropriate IP addressing scheme in the network, you should use In this scenario, 50 computers have to be configured in a network. Network address is calculated as follows: 1. Class A networks has a default subnet mask of and use 0-127 as their first octet 2. Class B networks has a default subnet mask of and it can use 128-191 as their first octet 3. Class C networks has a default subnet mask of and it can 192-223 as their first octet You need to configure the network address to accommodate at least 50 hosts per subnet. To calculate the number of host bits, use the formula: 2^n-2 where n=32 bits. To configure 50 hosts, you need 192.10.100/26 network address which has maximum 62 hosts per subnet. The formula to calculate the hosts per subnet is: 32-26= 6 2^6-2= 62 So according to this calculation, network address 192.10.100/26 will be able to accommodate 50 hosts per subnet. We have deducted 6 bits from the total of 32 bits has servers that run Windows Server 2008. There are 2 domain controllers installed on the network. An Active Directory database is installed on the D volume of a domain controller. You want to move the Active Directory database to a new vol
A Explanation: To move the Active Directory database to a new volume, you should move the ntds.ditfile to the new volume by opening the Files option in the ntdsutil utility. Use Ntdsutil.exe to movethe database file, the log files, or both to a larger existing partition. If you are not using Ntdsutil.exewhen moving files to a different partition, you will need to manuallyupdate the registry.Reference:
You had installed Windows Server 2008 on a computer and configured it as a file server, namedFileSrv1.The FileSrv1 computer contains four hard disks, which are configured as basicdisks. For fault tolerance and performance you want to configure Redundant A
Answer: A Explanation: To convert basic disks to dynamic disks on FileSrv1, you need to use Diskpart.exe utility.Reference: Managing and Troubleshooting Desktop Storage / Basic Disks has servers on the main network that run Windows Server 2008. It also has twodomain controllers. Active Directory services are running on a domain controller named CKDC1.You have to perform critical updates of Windows Server 2008 on CKDC1 w
C Explanation: To perform offline critical updates on CKDC1 without rebooting the server, you shouldstop the Active Directory domain services and install the updates. Start the ActiveDirectory domain services after installing the updates. By stopping the Active Directorydomain services, you don't need to reboot the server. The updates are related to theWindows Server 2008 on CKDC1 so when you stop the Active Directory domainservices and start it again after the installation of the updates, the Server will perform in anormal way. has a server with Active Directory Rights Management Services (ADRMS) server installed. Users have computers with Windows Vista installed on themwith an Active Directory domain installed at Windows Server 2003 functional level.As an adminis
Answer: A Explanation: To configure AD RMS to enable users to use it and protect their documents, you shouldconfigure an email account in Active Directory Domain Services (AD DS) for each user.To regulate access to rights-protected content for all AD RMS users in the AD DS forest,AD RMS must use AD DS. AD RMS cannot grant licenses to publish and consumeright-protected content if AD DS is not available to work with AD RMS.You should not add and configure ADRMSADMIN account in local administrators group on the user computers because AD DS is needed for AD RMS to function properly.Reference:
You are formulating the backup strategy for Active Directory LightweightDirectory Services (AD LDS) to ensure that data and log files are backed upregularly. This will also ensure the continued availability of data to applications and users in theevent of
Answer: B Explanation: To backup only specific ADLDS instance instead of taking backup of the entire volume, you needto use Dsdbutil.exe tool to create installation media that corresponds only to the ADLDS instance.The Dsdbutil.exe tool allows you to create installation media that corresponds only to the ADLDSinstance that you want to back up instead of backing up entire volumes that contain the ADLDSinstance.Reference: Step 1: Back Up AD LDS Instance Data
You are an administrator at Certkiller has a RODC (read-onlydomain controller) server at a remote location. The remote location doesn't haveproper physical security. You need to activate non-administrative accountspasswords on that RODC se
Answer: C Explanation: To populate the RODC server with non-administrative accounts passwords, you should configurethe administrative accounts to be added in the Domain RODC Password Replication DeniedGroup.The password replication policy is like an access control list. It verifies if the RODC ispermitted to cache a password. When the RODC receives a user or computer logonrequest , it forwards the request to Password Replication Policy to determine if thepassword for that account should be cached. When the Password Replication Policyallows RODC to cache a password, the same account can perform subsequent logon in a moreefficient manner.For non-administrative passwords, you have to add the administrative accounts in theRODC password replication denied group so that the password could not be cached. ThePassword Replication policy lists the accounts that are permitted to be cached and the accountthat are denied from being cached. has a network that is comprise of a single Active Directory Domain.As an administrator at, you install Active Directory LightweightDirectory Services (AD LDS) on a server that runs Windows Server 2008. To enableSecure Sockets
A Explanation: To test the certificate with AD LDS, you should use the Ldp tool. To establish SSLconnections to AD LDS, a certificate should be present on the server. To setup SSL for AD LDS, acertificate marked for server authentication from a trusted CA should be installed on a computerrunning AD LDS.To test the certificate with the AD LDS server, you should run ldp.exe which has its own GUI. Youshould run Ldp.exe on a computer running AD LDS and connect to the local instance of AD LDSby employing SSL. has a main office and branch office in another city. You are assigned to deploy andimplement a Read-only Domain Controller (RODC) at the branchoffice. You deploy a RODC that runs Windows Server 2008.What should you do to ensure that the use
Answer: A Explanation: To ensure that the users at the branch office can log on to the domain using RODC, you shoulduse Password Replication Policy. RODC don't cache any user or machinepasswords . You can change this by adding a policy through each RODC's uniquePassword Replication Policy (PRP). A policy would create a group for each branch office with aRODC and add users in that branch office. An administrator, then, can allowpassword replication for the branch-office group.
What is the "Enable HTTP Keep-Alives" setting on the Web Site tab?
Allows client to keep an open connection instead of having to make a new connection for every HTTP request made by client. Enabled by default has a server named CKD1. Active Directory Domain Services (ADDS) role and the Active Directory Lightweight Services (AD LDS) role are installedon CKD1. An instance of AD LDS named ELDS1 stores its data on the C: drive.You have to relocate E
1. Run the net stop LDS1 command2. Use Ntdsutil to move the database files3. Run the net start LDS1 command
Where can you specify the number of connections allowed for a web site?
Web Site properties - Performance tab - "Connections limited to = x"
/ 42

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})


{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online