Скачать книгу

Sites

      B. Site links

      C. Subnets

      D. Connection objects

      62. You need to deactivate the UGMC option on some of your domain controllers. At which level in Active Directory would you deactivate UGMC?

      A. Server

      B. Forest

      C. Domain

      D. Site

      63. Your network contains two Active Directory forests named contoso.com and fabrikam.com. Both forests contain multiple domains. All domain controllers run Windows Server 2012 R2. contoso.com has a one-way forest trust to fabrikam.com. A domain named paris.eu.contoso.com hosts several legacy Applications that use NTLM authentication. Users in a domain named london.europe.fabrikam.com report that it takes a long time to be authenticated when they attempt to access the legacy Applications hosted in paris.eu.contoso.com. You need to reduce how long it takes for the london.europe.fabrikam.com users to be authenticated in paris.eu.contoso.com. What should you do?

      A. Create an external trust

      B. Create a two-way transitive trust

      C. Disable SID filtering on the existing trust

      D. Create a shortcut trust

      64. A system administrator suspects that there is an error in the replication configuration. How can the system administrator look for specific error messages related to replication?

      A. By going to Event Viewer ⇒ Directory Service Log

      B. By using the Computer Management tool

      C. By going to Event Viewer ⇒ System Log

      D. By using the Active Directory Sites and Services administrative tool

      65. Which of the following services of Active Directory is responsible for maintaining the replication topology?

      A. File Replication Service

      B. Windows Internet Name Service

      C. Knowledge Consistency Checker

      D. Domain Name System

      66. You are the administrator at Adacom. You need to make sure that you have daily backup of the AD CS database, logs, and private key. What command or commands should you run? (Choose all that apply.)

      A. Run certutil – backup.

      B. Run certutil – backupdb.

      C. Run Ntbackup /systemstate.

      D. Run certdb.ps1.

      67. You are the new administrator at MMG Publishing. The previous administrator made a failed attempt to implement Active Directory. You attempt to implement AD RMS and receive an error that states, “The SCP is registered, but the root cluster cannot be contacted.” You must remove the SCP. What tool should you use? (Choose all that apply.)

      A. Setspn

      B. Active Directory Sites and Services

      C. ADSI Edit

      D. Remove-SCP

      68. ABC Company wants to allow external partners to log into a web application and run reports. What AD FS component does Company ABC need to configure for this access?

      A. Certificate exchange

      B. Transitive trust

      C. One-way trust

      D. Relying-party trust

      69. Which TCP ports does AD RMS use to access the global catalog server?

      A. 445

      B. 1433

      C. 22

      D. 3268

      Answers to the Assessment Test

      1. D. Based on the business needs of an organization, a Windows 2012 R2 Server computer can be configured in any of the roles listed. See Chapter 1 for more information.

      2. A, B, C and D. All of the options listed are benefits of using Active Directory. See Chapter 3 for more information.

      3. A, B, C and D. One of the major design goals for DNS was support for scalability. All of the features listed can be used to increase the performance of DNS. See Chapter 2 for more information.

      4. A, B, C and D. Before beginning the installation of a domain controller, you should have all of the information listed. See Chapter 3 for more information.

      5. D. The number of sites in an Active Directory environment is independent of the domain organization. An environment that consists of three domains may have one or more sites, based on the physical network setup. See Chapter 3 for more information.

      6. E. All of the choices are valid types of Active Directory objects, and all can be created and managed using the Active Directory Users and Computers tool. See Chapter 5 for more information.

      7. C. Permissions and security settings cannot be made on distribution groups. Distribution groups are used only for sending email. See Chapter 4 for more information.

      8. A. In general, you can accommodate your network infrastructure through the use of Active Directory sites. All of the other options should play a significant role when you design your OU structure. Permissions and Group Policy can both be applied at the domain or OU level. See Chapter 4 for more information.

      9. B. Printer and Shared Folder objects within Active Directory can point to Windows Server 2012 R2 file and printer resources. See Chapter 4 for more information.

      10. B. Delegation is the process by which administrators can assign permissions on the objects within an OU. This is useful when administrators want to give other users more control over administrative functions in Active Directory. See Chapter 4 for more information.

      11. C. The name of the server and the name of the share make up the Universal Naming Convention (UNC) information required to create a Shared Folder object. See Chapter 4 for more information.

      12. D. Applications cannot be published to computers, but they can be published to users and assigned to computers. See Chapter 5 for more information.

      13. A. MSI files (.msi) are native Windows Installer files used with Windows Installer setup programs. The other file types do not apply to this situation. See Chapter 5 for more information.

      14. E. To allow this permission at the OU level, the system administrator must create a GPO with the appropriate settings and link it to the OU. See Chapter 5 for more information.

      15. A. Assuming that the default settings are left in place, the Group Policy setting at the OU level will take effect. See Chapter 5 for more information.

      16. D. In Windows Server 2012 R2, you can create GPOs only by using the Group Policy Management Console. See Chapter 5 for more information.

      17. B. The nslookup tool allows you to look up name and address information. See Chapter 2 for more information.

      18. C. The TTL indicates how long the record may be safely cached; it may or may not be modified when the record is created. See Chapter 2 for more information on TTL.

      19. B. DDNS works with BIND 8.2 and later. See Chapter 2 for more information on DDNS.

      20. D. A round-robin configuration uses all of the available active paths and will distribute I/O in a balanced round-robin fashion. Failover uses only the primary and standby paths, allowing for link failure. Weighted path assigns requests to the path with the least weight value. Dynamic Least Queue Depth routes requests to the path with the least number of outstanding requests. See Chapter 2 for more information.

      21. D. All of the applications that are running on the Windows Server 2012 R2 machine will show up under the Details tab. Right-click the application and end the process.

      22. A. If you use MBSA from the command-line utility mdsacli.exe, you can specify several options. You type mdsacli.exe/hf (from the folder that contains Mdsacli.exe)

Скачать книгу