Sunteți pe pagina 1din 4

CIS 276 Directory Services Chapter 2 Questions

Fill in the Blank


Complete the following sentences by writing the correct word or words in the blanks provided. 1. To begin an AD installation, you can run the ___________________ command. 2. The authentication protocol used by Windows 2000 and later computers in a domain is called ___________________. 3. The ___________________ FSMO role is responsible for time synchronization across the domain. 4. To complete the authentication process in a domain that is at the Windows 2000 Native functional level or higher, a ___________________ must be contacted. 5. Following an AD installation, you should verify the existence of ___________________ records on the DNS server that holds the zone for the AD domain. 6. The general principle used when using groups in a large forest is represented by the letters: ___________________. 7. To view the DC that holds the Schema Master FSMO role, you must use the ___________________ MMC snapin. 8. A(n) ___________________ is a LDAP name used to describe each object within AD. 9. To speed up resource access across child domains in your forest, you can create ___________________ trusts. 10. To enable Universal Group Membership Caching, you must use the ___________________ console.

Multiple Choice
Circle the letter that corresponds to the best answer. 1. You receive an object-related error when attempting to create a new user account within your domain. What FSMO role should you ensure is online to complete the addition of the user account? a. PDC Emulator b. Domain Naming Master c. Infrastructure Master d. RID Master

CIS 276 Directory Services Chapter 2 Questions

2. You plan on promoting an existing Windows Server 2003 computer to become and additional domain controller in your domain. To which group must the user account you specify during the AD installation belong at minimum? a. Domain Users b. Domain Admins c. Enterprise Admins d. Schema Admins 3. Which of the following utilities must you use to seize a FSMO fole? a. ntdsutil.exe b. dcpromo.exe c. Active Directory Domains and Trusts d. Active Directory Sites and Services 4. Which of the following are container objects in the AD database? (Choose all that apply.) a. group policy b. site c. domain d. OU 5. Which of the following objects is used to locate the correct site for a newly installed DC? a. b. c. d. site link subnet locator bridgehead

6. Several users called you today stating that they could not change their passwords. After investigating, you also noticed that the time on their computers was also incorrect. Which of the following FSMO roles may be unavailable? a. PDC Emulator b. RID Master c. Infrastructure Master d. Schema Master 7. Which of the following DCs are allows to participate in a Windows 2000 Native mode domain? (Choose all that apply.) a. Windows NT4 Server b. Windows 2000 Server c. Windows Sever 2003 d. Windows Server 2008

CIS 276 Directory Services Chapter 2 Questions

8. A single user within your organization calls you for help after having trouble logging on to the domain. Upon further investigation you notice that the user is able to log on to the domain from another computer and that no users are able to successfully log on to the domain from the users original computer. What is the most likely cause of the problem? a. The time on the computer is incorrect and must be changed b. The user account has been disabled and must be enabled c. The user account has been locked and must be unlocked d. The computer account for the users computer has become corrupted and must be reset 9. You wish to create a group that will contain the Marketing staff within your own domain. This group will be assigned permissions to resources in other domains within your forest. What is the most appropriate scope for this new group? a. b. c. d. Local Global Domain Local Universal

10. When attempting to remove AD from an existing DC that you wish to decommission, you receive an error message. Which switch to the dcpromo.exe command will allow you to remove this DC from the domain? a. /force b. /remove c. /forceremoval d. /f

True/False
Circle T if the statement is true or F if the statement is false. T T T T T T T T T T F F F F F F F F F F 1. Tokens are issued to users following authentication and used to provide access to resources that list the user in their ACL. 2. When a domain functional level is set to Windows 2000 Interim, only Windows 2000 and later DCs are allowed to participate in domain authentication. 3. Global groups may only be used in the local domain but can contain objects from any domain in the forest. 4. Computer objects may be managed using the Active Directory Users and Computers console. 5. By default, two-way transitive trusts between all domains in a forest. 6. To control replication, you configure the properties of site link objects. 7. When possible, you should ensure that each site in the forest contains a DC that contains the GC role. 8. You can configure Group Policy using the Active Directory Domains and Trusts console. 9. The Domain Naming Master FSMO role should be on a DC that contains the GC. 10. A single AD domain can contain an unlimited number of objects.

CIS 276 Directory Services Chapter 2 Questions

Review Questions
1. Explain why it is important to create sites after deploying your first domain in the forest. _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________ 2. Why will understanding the function and location of your FSMO roles help you troubleshoot AD problems. _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________ 3. Give some reasons why each AD site should contain a DC that hosts the GC. _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________ 4. Explain why AD domains are a security and replication boundary. _________________________________________________________________________________________________ _________________________________________________________________________________________________ _________________________________________________________________________________________________

S-ar putea să vă placă și