70-411 Test Bank, Lesson 17 Maintaining Active Directory

15 Multiple Choice
6 Short Answer
4 Best Answer
4 Build List
4 Repeated Answer
33 questions

Multiple Choice
1. What function does the CSVDE tool perform?
a. It decrypts and encrypts Active Directory information.
b. It exports/imports Active Directory information.
c. It exports/imports data from Event Viewer.
d. It extracts Event Viewer information into CSV files.
Answer: b
Difficulty: Easy
Section Ref: Automating User Account Management
Explanation: The CSVDE command-line tool exports or imports Active Directory
Domain Services (AD DS) objects to or from a comma-delimited text file (also known
as a comma-separated value text file or .csv file).
2. If a single domain controllers AD database becomes corrupt, which type of
restore should you perform on it?
a. authoritative
b. nonauthoritative
c. explicit
d. full
Answer: b
Difficulty: Medium
Section Ref: Performing an Active Directory Restore
Explanation: With a nonauthoritative restore, you restore a backup of Active
Directory as of the date of the backup. The AD DS restarts on the domain controller,
and the domain controller contacts the other domain controllers to get updates
since the backups were completed. The other domain controllers replicate the
information to the restored domain controller so that they are the same.

3. To perform an authoritative restore, into what mode must you reboot the domain
controller?
a. Repair
b. Safe
c. Command line with networking
d. DSRM
Answer: d
Difficulty: Medium
Section Ref: Performing an Active Directory Restore
Explanation: To perform an authoritative restore, you need to reboot the computer
into the Directory Services Restore Mode (DSRM), which is a Windows mode that
takes the Active Directory offline.
4. What is a GUID?
a. a unique identifier for a snapshot
b. a special file permission
c. an Active Directory object ID
d. a group-user ID in Active Directory
Answer: a
Difficulty: Medium
Section Ref: Configuring Active Directory Snapshots
Explanation: A globally unique identifier (GUID) is whats returned by the create
snapshot command or displayed with the list all command.
5. What utility first appeared in Windows Server 2008 R2 that allows you to undelete
Active Directory containers and objects?
a. the Active Directory Lost and Found folder
b. the Active Directory Recycle Bin
c. the Active Directory Undelete utility
d. Active Directory Snapshots
Answer: b
Difficulty: Medium
Section Ref: Configuring and Restoring Objects by Using the Active Directory
Recycle Bin
Explanation: Starting with Windows Server 2008 R2, Windows has offered the Active
Directory Recycle Bin. Similar to the Recycle Bin found in Windows that is used to
undelete deleted files, the Active Directory Recycle Bin can be used to undelete
deleted Active Directory containers and objects.
6. By default, how often does Active Directory garbage collection occur?

a. every 45 minutes
b. every 2 hours
c. every 8 hours
d. every 12 hours
Answer: d
Difficulty: Medium
Section Ref: Performing Object- and Container-Level Recovery
Explanation: As long as the object has not been scavenged by the garbage
collection process after reaching the end of the object tombstone lifetime, you can
restore the deleted object. However, when the item is deleted, certain attributes are
removed, such as group membership. By default, garbage collection occurs every
12 hours.
7. After you undelete a user account with the LDP utility, what action do you need to
perform?
a. Remove the old identifier.
b. Re-establish user to domain trust.
c. Reset the users password.
d. Restore the user-owned objects from a backup.
Answer: c
Difficulty: Medium
Section Ref: Performing Object- and Container-Level Recovery
Explanation: After the account has been undeleted, you need to reset the password
for a user object.
8. In interactive mode, what aspect of AD can you check with the ntdsutil
integrity command?
a. low-level database corruption
b. fragmentation levels
c. accuracy of entries
d. completeness of entries
Answer: a
Difficulty: Medium
Section Ref: Optimizing an Active Directory Database
Explanation: You can also use the ntdsutil command to look for errors in Active
Directory. The integrity command is used to detect low-level (binary level)
database corruption, which reads every byte of the data file to ensure that the
correct headers exist in the database itself and that all the tables are functioning
and are consistent.

9. What is the proper procedure for removing a domain controller from Active
Directory?
a. Shut down the domain controller and manually remove it from AD.
b. Use dcdemo to demote the domain controller.
c. Uninstall Active Directory Domain Services.
d. Enter the DSRM and delete Active Directory.
Answer: c
Difficulty: Medium
Section Ref: Cleaning Up Metadata
Explanation: To retire a domain controller, the proper method to demote a domain
controller is to remove AD DS. However, if the demotion fails or the server itself fails
where you cannot recover the system, you need to clean up the metadata, which
means you must manually remove the domain controller from Active Directory.
10. Which of
a. metadata
b. metadata
c. metadata
d. metadata

the following ntdsutil commands cleans up metadata?

defrag
restore
cleanup
repair

Answer: c
Difficulty: Medium
Section Ref: Cleaning Up Metadata
Explanation: From the steps to Clean Up Server Metadata Using Ntdsutil: Steps 2
and 3:
Execute the ntdsutil command and at the ntdsutil, execute the metadata cleanup
command.
11. To perform an authoritative restore of an object or subtree, what bit of
information do you need to know about the object?
a. its formal name
b. its exact location
c. its OU and proper name
d. its distinguished name
Answer: d
Difficulty: Medium
Section Ref: Performing an Active Directory Restore
Explanation: To perform an authoritative restore of an object or subtree, you need to
know the distinguished name of the object.

12. When you do an authoritative restore process, a back-links file is created. What
is a back-links file?
a. a reference to an attribute within another object
b. a reference to metadata
c. a pointer to the objects OU
d. a reference to a distinguished name location
Answer: a
Difficulty: Medium
Section Ref: Performing an Active Directory Restore
Explanation: A back-link is a reference to an attribute within another object that also
needs to be restored with the object.
13. Before you can use the Active Directory Recycle Bin, what two actions do you
have to perform?
a. You have to remove the System Recycle Bin.
b. You have to enable the AD Recycle Bin.
c. You have to set the AD forest to Windows Server 2003 or higher.
d. You have to set the AD forest to Windows Server 2008 R2 or higher.
Answer: b and d
Difficulty: Medium
Section Ref: Configuring and Restoring Objects by Using the Active Directory
Recycle Bin
Explanation: Before you can use the Active Directory Recycle Bin, you need to have
the forest functional level set to Windows Server 2008 R2 or higher. You also need to
manually enable the Active Directory Recycle Bin.
14. Windows Server 2012 introduces a new time-saving feature when performing
tasks such as AD defragmentation. What is that feature?
a. The DSRM console
b. The ntdsutil command-line utility
c. Active Directory Maintenance Mode
d. Restartable Active Directory Domain Services
Answer: d
Difficulty: Medium
Section Ref: Managing Active Directory Offline
Explanation: In previous versions of Windows, to perform certain tasks such as
defragmenting the Active Directory database, you need to reboot the domain
controller in DSRM, so that the Active Directory Domain Services will not be running.
Starting with Windows Server 2012, Windows servers include Restartable Active
Directory Domain Services, which allows you to stop and start AD DS without

restarting the domain controller and stopping other services that might be on the
server. As a result, you can perform these tasks more quickly than you could before.
15. Which utility do you use to defragment Active Directory?
a. CSVDE
b. LDIFDE
c. ntdsutil
d. defrag
Answer: c
Difficulty: Medium
Section Ref: Optimizing an Active Directory Database
Explanation: Similar to running the Optimize and defragment drive tool in Windows
to defragment a hard drive, you can use ntdsutil to defragment the Active
Directory database to free up disk space.

Short Answer
16. List two primary differences between CSVDE and LDIFDE.
Answer: The first difference is the file types each uses; CSVDE uses commaseparated values and LDIFDE uses the LDIF format. The other difference is that you
can use LDIFDE to edit AD objects, whereas CSVDE only imports or exports
information.
Difficulty: Hard
Section Ref: Automating User Account Management
Explanation: CSVDE is a command-line tool that exports or imports Active Directory
Domain Services (AD DS) objects to or from a comma-delimited text file (also known
as a comma-separated value text file or .csv file). LDIFDE.exe is used to import or
export Active Directory objects, including users. You can use this command to store
information and perform batch operations against directories that conform to the
LDAP standards. Different from the CSVDE command, the LDIFDE command
implements these batch operations by using LDIF files.
17. List two options for data backup.
Answer: Magnetic tape is the traditional method thats still used in many small and
large companies. Cloud backup is becoming more popular as an over-the-network
option.
Difficulty: Medium
Section Ref: Backing up and Restoring Active Directory
Explanation: Traditionally, magnetic tapes have been the most commonly used
medium for bulk data storage, backup, and archiving. More recently, cloud

computing (sometimes just referred to as the cloud) can be used for backups. Cloud
computing is the use of computing resource (hardware and software) that is
delivered as a service over the network, such as the Internet.
18. List the three internal tables that make up the ntds.nit database file.
Answer: Data table, link table, and security descriptor table
Difficulty: Hard
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: Ntds.nit, the physical database file in which all directory data is stored,
consists of three internal tables: the data table, link table, and security descriptor
(SD) table.
19. What information does the ntds.nit file contain?
Answer: Schema, configuration, and domain information
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: Ntds.nit contains the database schema information, configuration
information, and domain information.
20. What is the SYSVOL?
Answer: The SYSVOL shared directory contains a copy of the domains public files
that are shared for domain replication.
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: The SYSVOL shared directory that stores the server copy of the
domains public files that must be shared for common access and replication
throughout a domain.
21. What does the SYSVOL folder contain?
Answer: Logon scripts, the Windows Group Policy settings, the DFS staging folder
and files, and file system junctions.
Difficulty: Hard
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: The SYSVOL folder on a domain controller contains logon scripts,
Windows Group Policy, Distributed File System (DFS) staging folder and files, and file
system junctions.

Best Answer
22. Why is backup of the Active Directory database so important?
a. Backup of all data is a good idea.
b. Backup is a standard practice in large companies.
c. Backup is needed in case of corruption, deletion, or other failure.
d. Backup is an insurance policy for data and should be performed regularly.
Answer: c
Difficulty: Easy
Section Ref: Backing up and Restoring Active Directory
Explanation: Active Directory is a complicated database that stores information
about your users, computers, groups, and other objects. Just like any other
database, it can become corrupt, or objects might be accidentally or maliciously
deleted.
23. Why is backing up the Windows system state necessary?
a. Its needed to perform a full system restore.
b. Its a precautionary move against failure.
c. Its standard practice to do so.
d. In some commercial third-party software backup programs, its mandatory.
Answer: a
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: To perform a complete restore of a system running Windows, you need
to back up all files on the drive and the system state.
24. An Active Directory snapshot is actually what kind of backup?
a. a shadow copy
b. a simple file copy
c. a compressed (zipped) copy
d. a file copy plus metadata
Answer: a
Difficulty: Medium
Section Ref: Configuring Active Directory Snapshots
Explanation: An Active Directory snapshot is a shadow copy, created by the Volume
Shadow Copy Service (VSS), of the volumes that contain the Active Directory
database and log files.
25. Why can you not modify snapshots?

a. They are encrypted.

b. They are compressed and zipped.
c. They are read-only.
d. They are binary files.
Answer: c
Difficulty: Easy
Section Ref: Configuring Active Directory Snapshots
Explanation: You cannot modify the contents of snapshots because they are readonly. Moreover, you have no direct method with which to move, copy, or restore
objects or attributes from the snapshot to the production instance of Active
Directory.

Build List
26. Order the following steps required to back up the system state and Active
Directory.
a. Select Custom Backup Configuration.
b. Enter a path for the remote backup destination.
c. Select Add System State.
d. Open the Windows Server backup console.
e. Select Different Options from the Backup Once Wizard.
f. Select Remote shared for the destination.
g. Select the Backup Once action.
Answer: D G E A C F B
Difficulty: Medium
Section Ref: Performing a Backup of Active Directory and SYSVOL
Explanation: Refer to the steps outlined in Perform a Backup of the System State
Including Active Directory.
27. Order the following steps required to perform a restore the system state.
a. Log on as the local administrator.
b. Open the Windows Server Backup console.
c. Enter the path to the backup.
d. Select the Backup Date that you want to use for the restore.
e. Select the Recover action.
f. Reboot the domain controller and open the Windows Advanced Options menu.
g. Select Confirmation and then select Recover.
h. Select Perform an authoritative restore of Active Directory files.
i. Select A backup stored on another location.
j. Select System state for the Recovery Type.
k. Select Directory Services Restore Mode.

l. Select Remote shared folder.

Answer: F K A B E I L C D J H G
Difficulty: Hard
Section Ref: Performing an Active Directory Restore
Explanation: Refer to the steps to Perform a Restore of the System State.
28. Order the following steps required to create an Active Directory snapshot.
a. Execute ntdsutil and then snapshot.
b. Open a command prompt with administrative privileges.
c. Execute the create command.
d. Execute activate instance ntds.

Answer: B A D C
Difficulty: Easy
Section Ref: Configuring Active Directory Snapshots
Explanation: Refer to the steps in the Create an Active Directory Snapshot section.
29. Order the following steps required to mount an Active Directory snapshot.
a. Exit ntdstutil.
b. Execute the list all command to see a list of snapshots.
c. Execute dsamain -dbpath c:\
$snap_datetime_volumec$\windows\ntds\ntds.dit -ldapport 50000.
d. Open a command prompt with administrative privileges.
e. Execute the snapshot command.
f. Execute activate instance ntds.
g. Execute mount {GUID} of the snapshot.
h. Execute ntdsutil.
Answer: D H F E B G A C
Difficulty: Hard
Section Ref: Configuring Active Directory Snapshots
Explanation: Refer to the steps outlined in Create an Active Directory Snapshot.

Repeated Answer
30. What is the name of the physical database file in which all directory data is
stored?
a. edb.chk
b. temp.edb
c. ntds.nit
d. edb.log

Answer: c
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: The physical database file in which all directory data is stored is
ntds.nit.
31. Which file is used to track the point up to which transactions in the log file have
been committed?
a. edb.chk
b. temp.edb
c. ntds.nit
d. edb.log
Answer: a
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: Edb.chk is used to track the point up to which transactions in the log
file have been committed.
32. What is the name of the file into which directory transactions are written before
being committed to the database file?
a. edb.chk
b. temp.edb
c. ntds.nit
d. edb.log
Answer: d
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: Edb.log is the log file into which directory transactions are written
before being committed to the database file. Transaction log files used by ESE are
10 MB in size.
33. Which file is used as a scratch pad to store information about in-progress large
transactions and to hold pages pulled out of ntds.dit during maintenance
operations?
a. edb.chk
b. temp.edb
c. ntds.nit
d. edb.log

Answer: b
Difficulty: Medium
Section Ref: Understanding the Active Directory Database, SYSVOL, and System
State
Explanation: The temp.edb file is used as a scratch pad to store information about
in-progress large transactions and to hold pages pulled out of ntds.dit during
maintenance operations.