Windows Server 2003 – Active Directory

Card Set Information

Author:
mwbeauchamp
ID:
11806
Filename:
Windows Server 2003 – Active Directory
Updated:
2010-03-26 21:22:26
Tags:
Windows Server 2003 Active Directory
Folders:

Description:
Windows Server 2003 – Active Directory
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user mwbeauchamp on FreezingBlue Flashcards. What would you like to do?


  1. Active Directory database information that is stored on each domain controller has what file name?
    • NTDS.dit
    • (p.2)
  2. What is the max level of OU (Organizational Unit) depth recommended by Microsoft for Active Directory?
    • 10 levels
    • (p.8)
  3. What is the name of the master database that contains definitions of all objects in Active Directory?
    • Schema
    • (p.5)
  4. What is another name for Domain Partition which contains all of the objects within the local domain?
    • Directory Partition
    • (p.10)
  5. What are the 4 partitions for Active Directory?
    • Schema Partition
    • Configuration Partition
    • Domain Partition (Directory Partition)
    • Application Partition
    • (p.9-10)
  6. What is not considered a formal partition, but must be replicated to each domain?
    • Global Catalog
    • (p.10)
  7. What is defined as one or more IP subnets that are connected by fast links?
    • Sites
    • (p.11)
  8. What is the authentication protocol used by Windows Server 2003?
    • Kerberos
    • (p.23)
  9. What is the default Functional Level for Windows Server 2003?
    • Windows 2000 Mixed
    • (p.16)
  10. What can be used to clean up DNS database when records are no longer required?
    • Aging and Scavenging
    • (p.41)
  11. What is the purpose of domain DNS zones?
    • replication
    • (p.40)
  12. What is a shortcut trust?
    • Transitive (A trusts C)
    • (p.49)
  13. What is the purpose of transitive Trust?
    • shorten number of hops
    • (p.49)
  14. What are the requirements to install Active Directory?
    • Edition - Standard, Enterprise. Datacenter
    • Administrator Account (local machine)
    • NTFS-200MB free space (database)
    • 50MB free space (transaction log)
    • TCP/IP
    • DNS
    • (p.28)
  15. What Windows Server 2003 Edition cannot install Active Directory?
    • Web
    • (p.28)
  16. How much free hard drive space is needed for Active Directory transaction log files?
    • 50MB
    • (p.28)
  17. What do you run to install Active Directory?
    • dcpromo
    • Manage Your Server Web page
    • (p.30)
  18. What folder contains the Active Directory domain's public files?
    • \sysvol
    • (p.35)
  19. Where does Active Directory store its database file?
    • \NTDS
    • (p.35)
  20. What are the 4 parts of DNS that are installed during the Active Directory install process?
    • Application Directory Partition
    • Aging and Scavenging
    • Forward Lookup Zones and SRV records
    • Reverse Lookup Zones
    • (p.36)
  21. What is stored in the Global Catalog to make them available Forest wide?
    • UPN (User Principal Names)
    • (p.54)
  22. What is required to raise the Functional Level of a Forest?
    • Member of Enterprise Admins group
    • (p.40)
  23. Will dcpromo allow you to remove Active Directory?
    • Yes
    • (p.28)
  24. True/False – Domain Functional Levels can be raised independently?
    • True
    • (p.48)
  25. What are the two application Directory Partitions?
    • domaindnszones
    • forestdnszones
    • (p.40)
  26. What is required in DNS to allow clients to login?
    • SRV Record
    • (p.42)
  27. What Forest Functional Level must you be in to create cross-forest trust?
    2003
  28. What trust would you use to create non-Microsoft system trust?
    • Realm
    • (p.51)
  29. How do you set the fastest site link?
    • lowest cost
    • (p.66)
  30. What is the value range of cost?
    • 1-99,999
    • (p.66)
  31. What is the Intersite default frequency of replication during the schedule?
    • 180 minutes
    • (p.67)
  32. (p.67)
  33. What must a multi-master domain controller have to do replication?
    • Active Directory-Integrated Zone
    • (p.??)
  34. What is defined by IP subnets that are well connected?
    • Sites
    • (p.60)
  35. When complete propagation of a partition's objects and attributes has taken place on all domain controllers within a site it is called?
    • Convergence
    • (p.62)
  36. How often does KCC check for changes?
    • every 15 minutes
    • (p.68)
  37. What is the max amount of hops that KCC allows?
    • 3 (Rule of 3)
    • (p.63)
  38. What is the best protocol for replication?
    • RPC over IP
    • (p.67)
  39. What is the range of time Frequency can be set (minutes)?
    • 15 minutes - 1 week (10,080 minutes)
    • (p.??)
  40. What are the 5 FSMO Roles?
    • D - Domain Naming Master
    • R - Relative Identifier (RID) Master
    • I - Infrastructure Master
    • P - Primary Domain Controller (PDC) Emulator
    • S - Schema Master
    • (p.90/93)
  41. Which FSMO are Forest-Wide?
    • Domain Naming Master
    • Schema Master
    • (p.93)
  42. Which are Domain wide FSMO Roles?
    • R - Relative Identifier (RID) Master
    • I - Infrastructure Master
    • P - Primary Domain Controller (PDC) Emulator
    • (p.90)
  43. What 3 things does the Domain Naming Master do?
    • Makes sure Domain names are unique
    • New Domain Names
    • Removes Domain Names
    • (p.94)
  44. What does RID Master do?
    • assigns RIDs
    • first 500 RIDs
    • request more 250 RIDs
    • (p.91)
  45. What is use to move an object to a different domain?
    • movetree.exe
    • (p.91)
  46. Can you create new users if your Domain Naming Master is down but you have 5 rids left?
    • yes
    • (p.97)
  47. The Infrastructure Role is like what other role?
    • Global Catalog
    • (p.92)
  48. What is the need for Universal Group Membership Caching?
    • Process a logon without presence of Global Catalog Server
    • (p.85)
  49. What Functional level must you be in to do Universal Group Caching?
    • Windows 2000 Native or higher
    • (p.87)
  50. How often does the Universal Cache get updated?
    • every 8 hours
    • (p.86)
  51. If you have a single DC what are its roles?
    • Everything (DRIPS, Global Catalog)
    • (p.90)
  52. What role must you transfer if you are taking down a server?
    • Infrastructure Master
    • (p.??)
  53. What server must you be on when using movetree.exe?
    • RID Master (Source Domain)
    • (p.91)
  54. What can you use to add users to Active Directory users from the command-line with Excel (csv) document?
    • CSVDE
    • (p.129)
  55. What would you use for a CSV file to add, delete or modify objects from the command-line?
    • LDIFDE
    • (p.129)
  56. What are the two situations you will have the Inf Master on the server with the Global Catalog?
    • One Global Catalog
    • All are Global Catalog
    • (p.??)
  57. What defines how users logon names should be created?
    • Naming Standards Document
    • (p.140)
  58. What is the most important part of a secure network?
    • Education of Users
    • (p.140)
  59. Where do you enable Smart Card login for user?
    • Active Directory Users and Computers --> User Properties --> Account Tab --> Smart Card is Required
    • (p.145)
  60. What service must be running to use Run As?
    • Secondary Logon Service
    • (p.146)
  61. What is a strong password (by the book)?
    • 8 characters
    • special, number
    • one character off previous
    • (p.142)
  62. How can you elevate to another user account?
    • Run As
    • (p.146)
  63. If you have set delegation what location will you remove delegation?
    • ACL
    • (p.151)
  64. How do you move OUs around in Active Directory Users and Computers?
    • Drag and Drop
    • Move Option
    • DSmove
    • (p153-154)
  65. What is the method of controlling settings across your network?
    • Group Policy
    • (p.160)
  66. Nonlocal Group Policy Objects(GPO) can be can be linked to what 3 things?
    • Sites
    • Domains
    • OUs
    • (last is strongest)
    • (p.162)
  67. In what order are Group Policies processed?
    • Local-Site-Domain-OU (LSDOU)
    • (p.172)
  68. How can you access Local Group Policies?
    • gpedit.msc
    • (p.??)
  69. What are examples of group policy containers?
    • OUs
    • Sites
    • Domains
    • (p.171)
  70. How many GPOs can they contain?
    • as many as it can hold
    • (p.??)
  71. What is in a GPO folder?
    • contain GPO settings in Sysvol folder
    • (p.??)
  72. If you create a GPO at the domain level what will it affect?
    • everything in the domain
    • (p.171)
  73. What would you do if you wanted to prevent the GPO from affecting a particular OU?
    • Block Policy Inheritance
    • (p.175)
  74. If you have a GPO and you want to set the strongest precedence over everything else what do you use?
    • loopback
    • (p.177)
  75. What is the location of the key in the Group Policy editor for changing password settings?
    • Computer Configuration --> Windows Settings --> Security Settings --> Account Policies --> Password Policies
    • (p.186)
  76. What is the default mechanism for authenticating domain users in Server 2003?
    • Kerberos
    • (p.188)
  77. Logon Event Category and Account Logon Event Category are different in what way?
    • Logon Event Category - logs local workstation
    • Account Logon - logs for logon to domain controller
    • (p.192)
  78. What give the administrator the ability to redirect storing of files?
    • Folder Redirection
    • (p.205)
  79. If you have shutdown on full security log what can be used as an attack on your system?
    • DoS
    • (p.190)
  80. What are the reason(s) to set a service to Manual or Disable?
    • Optimize (Security - not in the book)
    • (p.197)
  81. What are the diffence in Basic and Advanced Folder Redirection?
    • Ability to specify location
    • (p.206)
  82. If you turn on auditing what two locations in the GPO must be set?
    • Group Policy Object Editor (p.191)Active Directory Users and Computers --> Object --> Properties --> Security --> Advanced --> Auditing
    • (p.193)
  83. How do you force GPO update?
    • gpupdate
    • (p.214)
  84. What are the four parts of the Software Life Cycle?
    • P - Planning
    • I - Implementation
    • M - Maintenance
    • R - Removal
    • (p.222)
  85. What are the 3 extension of Windows Installer packages and what do they do?
    • Installer - .msi
    • Transform - .mst
    • Patches - .msp
    • (p.223)
  86. What are the two Nodes you can assign an application?
    • Computer
    • User
    • (p.226)
  87. What Nodes can you publish an application?
    • User
    • (p.226)
  88. What file extension is used for older software and can only be published?
    • .zap
    • (p.224)
  89. What are the four levels of Software Restriction Rules?
    • Hash
    • Certificate
    • Internet Zone
    • Path
    • (p.238-240)
  90. What is the default security of software when installed?
    • None
    • (p.??)
  91. What security applies only to msi files?
    • Internet Zone
    • (p.??)
  92. How do you deploy installation with GPOs?
    • .msi
    • (p.??)
  93. What are the 3 ways to control Group Policy?
    • Block Policy Inheritance
    • Security Filtering (ACL)
    • WMI Filters
    • (p.252)
  94. How many WMI filters can be created for a GPO?
    • 1 only
    • (p.254)
  95. What is used to Manage GPOs?
    • GPMC - Group Policy Management Console
    • (p.256)
  96. What tool is used to test the affect of policies applied to users or computers after all filters, Security Group Permissions, Block Policy, Ect.?
    • RSoP - Resultant Set of Policies
    • (p.261)
  97. 96. What are the two RSoP modes?
    • Planning Mode
    • Logging Mode
    • (p.262)
  98. What is used in RSoP to obtain information from the client computer/users?
    • gpresult.msc
    • (p.268)
  99. What is a command line tool that allows you to create and display n RSoP query from the command line?
    • GPResult
    • (p.271)
  100. How do you stop a GPO from a Group of People?
    • Security Filtering (ACL/ACE)
    • (p.252)
  101. What OS must you have to use WMI filters?
    • Windows Server 2003/Windows XP Pro SP1
    • (p.??)
  102. What is the database engine for Active Directory?
    • Extensible Storage Engine (ESE)
    • (p.282)
  103. What is the default life of a "tombstone"?
    • 60 days
    • (p.283)
  104. What must be done to perform Manual Offline Defragmentation?
    • F8 (Advanced Option Menu) --> Directory Services Restore Mode --> ntdsutil
    • (p.283)
  105. What tool would you use to backup System State?
    • Ntbackup
    • (p.285-292)
  106. What is the method to restore domain controller to a point in time it was considered good?
    • Normal restore
    • (p.292)
  107. What tool must be used to do authoritative restore?
    • Ntdsutil
    • (p.293)
  108. When a catastrophic event affecting all your domain controllers requires an entire domain to be restored you should preform?
    • Primary Restore
    • (p.293)
  109. What is the tool used to give you the state of your Domain Controller and help with troubleshooting?
    • Dcdiag
    • (p.306)
  110. What is the tool you use to compare directory information on more than one domain controller and detect differences?
    • Dsastat
    • (p.306)
  111. What is the tool used to display replication and status?
    • Replmon
    • (p.306)
  112. What tool can check replication consistency and force replication events (KCC)?
    • Repadmin
    • (p.306)
  113. What is the tool that can manage and verify trust, join computers to domains and verify replication ability?
    • Netdom
    • (p.306)
  114. What is the first thing you should check if you are having problems with your Active Directory?
    • Event Viewer (Directory Service Logs)
    • (p.297)
  115. What must be on the root forest domain for you to raise the forest functional level?
    • Schema Master Role
    • (p.??)
  116. What is the standard that defines the naming of all objects?
    • LDAP
    • (p.12)
  117. What is the location that all Active Directory information is stored that is replicated across the domain?
    • ??
    • (p.9-10)
  118. What is the purpose of Windows 2003 Interim Functional Level?
    • NT4
    • (p.??)
  119. What was the naming service pre-Windows 2000?
    • WINS
    • (p.??)
  120. What is the type of trust used to minimize hops?
    • shortcut trust
    • (p.22)
  121. What is the default cost of a site link?
    • 100
    • (p.66)
  122. What is the server that connects two sites/domains for replication?
    • Bridgehead Server
    • (p.62)
  123. What does Active Directory use to track changes along with timestamps?
    • USN
    • (p.62)
  124. What type of updates does Active Directory-Integrated Zones provide?
    • Secure
    • (p.??)
  125. What is the role of the Global Catalog Server?
    • Facilitation of searches for objects in the forest
    • Resolution of UPNs
    • Provision of universal group membership
    • (p.84)
  126. What is the term for putting a Group inside a Group?
    • Nesting
    • (p.119)
  127. What is the lowest role you can convert a Group?
    • Windows Server 2000 Native
    • (p.117)
  128. What is the best way to hide objects in an OU?
    • ACL --> List Content Permission
    • (p.147-148)
  129. Where do you edit the GPO for an OU?
    • Active Directory Users and Computers --> Properties of OU --> Group Policies Tab --> Edit
    • (p.??)
  130. GPO/GPC/GPT
    (p.163)
  131. Where do you go to edit GPOs?
    • Active Directory Users and Computers (you will end up in Group Policy Object Editor - MMC Snap-in)
    • (p.166)
  132. What order will GPOs be loaded and then processed?
    • (load) LSDO (process) LSDO
    • (p.171-172)
  133. What are the 3 running levels of Services?
    • Automatic
    • Man
    • Disable
    • (p.??)

What would you like to do?

Home > Flashcards > Print Preview