4141942
Descripción
Test por Michael Marcus, actualizado hace más de 1 año
|
|
Creado por Michael Marcus
hace alrededor de 9 años
|
|
Pregunta 1
Pregunta
Where are you most likely to see a Read-Only Domain Controller (RODC)?
Respuesta
-
in a small network instead of in an enterprise
-
in an enterprise network
-
in a remote site
-
in the place of a standard domain controller
Pregunta 2
Pregunta
Which of the following is the format for a virtual account used with Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2?
Respuesta
-
domainname\servicename
-
computername\servicename
-
NT Service\servicename
-
NT Service\servicename$
Pregunta 3
Pregunta
NTLM uses a challenge-response mechanism for authentication without doing what?
Respuesta
-
revealing the client's operating system to the server
-
revealing the protocol to the server
-
sending a password to the server
-
sending an encrypt/decrypt message to the server
Pregunta 4
Pregunta
Which three components make up a service principal name (SPN)
Respuesta
-
service name, IP address, and port number
-
service name, URL and host name
-
service name, host name, and IP address
-
service class, host name, and port number
Pregunta 5
Pregunta
Before you can create an MSA object type, you must create what?
Respuesta
-
a key services MSA group
-
a key services MSA distributed domain account
-
a key distribution services root key
-
a key distribution services Master MSA
Pregunta 6
Pregunta
What are the two restrictions for adding SPNs to an account?
Respuesta
-
Domain Administrator privileges
-
full control permissions for the folder
-
local administrator privileges
-
the editor runs from the domain controller
Pregunta 7
Pregunta
Although the changes are easy to make, why is changing the AD schema such a big deal
Respuesta
-
The changes replicate to all domain controllers.
-
The changes could corrupt the database.
-
Doing so affects all objects for that object type.
-
Doing so requires controlled changes.
Pregunta 8
Pregunta
Where in the forest is a global catalog automatically created?
Respuesta
-
the PDC Emullator
-
the most powerful system
-
the first domain controller
-
the schema master
Pregunta 9
Pregunta
You do not place the infrastructure master on a global catalog server unless what situation exists?
Respuesta
-
You have a single domain
-
You have Windows NT 4.0 systems to support
-
You have multiple schemas
-
Your AD DS is Windows 2008 or higher
Pregunta 10
Pregunta
Beginning with which server version can you safely deploy domain controllers in a virtual machine?
Respuesta
-
Windows Server 2003
-
Windows Server 2008
-
Windows Server 2008 R2
-
Windows Server 2012
Pregunta 11
Pregunta
Which of the following commands issued at the fsmo maintenance prompt would successfully seize the role of an Operations Master Holder? Select all that apply
Respuesta
-
seize schema master
-
seize global master
-
seize PDC
-
seize domain control
Pregunta 12
Pregunta
Identify another utility that you can use to add SPNs to an account
Respuesta
-
dnscmd
-
spnedit
-
setspn
-
netsh
Pregunta 13
Pregunta
What happens if a client submits a service ticket request for an SPN that does not exist in the identity store?
Respuesta
-
An event is written to the Kerberos server's event log.
-
The client receives an access denied error
-
The Kerberos server receives an access denied error
-
The Kerberos ticket for that service is destroyed.
Pregunta 14
Pregunta
Kerberos security and authentication are based on what type of technology?
Respuesta
-
secure transmission
-
secret key
-
challenge-response
-
legacy code
Pregunta 15
Pregunta
What is the default maximum allowable time lapse between domain controllers and client systems for Kerberos to work correctly?
Respuesta
-
1 minute
-
5 minutes
-
15 minutes
-
45 minutes
Pregunta 16
Pregunta
When creating accounts for separating systems, processes, and services, you should always configure them with what two things in mind?
Respuesta
-
using strong passwords
-
using cryptic user names
-
granting the least rights possible
-
using built-in accounts
Pregunta 17
Pregunta
What is the name by which a client uniquely identifies an instance of a service?
Respuesta
-
service instance name
-
service account name
-
service provider name
-
service principal name
Pregunta 18
Pregunta
What is the default authentication protocol for contemporary domain controllers
Respuesta
-
NTLM
-
PAP
-
CHAP
-
Kerberos
Pregunta 19
Pregunta
Which version of Windows Server introduced incremental universal group membership replication?
Respuesta
-
Windows Server 2000
-
Windows Server 2003
-
Windows Server 2008
-
Windows Server 2012
Pregunta 20
Pregunta
What are the three types of groups in a domain?
Respuesta
-
domain trust groups, domain schema groups, and universal groups
-
domain local groups, global groups, and universal groups
-
global groups, domain trust groups and schema groups
-
universal groups, global catalog groups and schema groups.
Pregunta 21
Pregunta
When you add attributes to an Active Directory object, what part of the domain database are you actually changing?
Respuesta
-
FSMO
-
schema
-
directory structure
-
organizational units
Pregunta 22
Pregunta
The domain controllers are the computers that store and run the:
Respuesta
-
user database
-
services database
-
Managed Service Accounts database
-
Active Directory database
Pregunta 23
Pregunta
Which Active Directory object is defined as a specialized domain controller that performs certain tasks so that multi-master domain controllers can operate and synchronize properly?
Respuesta
-
Schema Master
-
Forest
-
RODC
-
Operations Master
Pregunta 24
Pregunta
What service right does an MSA account automatically receive upon creation?
Respuesta
-
log on interactively
-
log on as a service
-
domain administrator
-
domain power user
Pregunta 25
Pregunta
Name two benefits to using Managed Service Accounts (MSAs).
Respuesta
-
Microsoft technology
-
automatic password management
-
simplified SPN management
-
simplified account troubleshooting
Pregunta 26
Pregunta
What does the acronym NTLM stand for?
Respuesta
-
NT LInk Messenger
-
NT Link Manager
-
NT LAN Manager
-
NT LAN Messenger
Pregunta 27
Pregunta
Which command-line command do you use to allow Windows Server 2003 domain controllers to replicate to RODCs?
Respuesta
-
netdom /RODCPrep
-
netsh /RODCPrep
-
ntdsutil /RODCPrep
-
ADPrep /RODCPrep
Pregunta 28
Pregunta
Which tool can you use to add SPNs to an account?
Respuesta
-
Notepad
-
LDAP
-
Microsoft Word
-
ADSI Edit
Pregunta 29
Pregunta
How many global catalogs are recommended for every organization?
Respuesta
-
at least one
-
at least two
-
at least three
-
no fewer than four
Pregunta 30
Pregunta
How many PDC Emulators are required, if needed, in a domain?
Respuesta
-
one
-
two
-
three
-
four
Pregunta 31
Pregunta
By default, which service accounts will the Windows PowerShell cmdlets manage?
Respuesta
-
standalone MSAs
-
standard local services accounts
-
group MSAs
-
domain user accounts designated as service accounts
Pregunta 32
Pregunta
What type of account is an account under which an operating system, process, or service runs?
Respuesta
-
user
-
system
-
service
-
network
Pregunta 33
Pregunta
The global catalog stores a partial copy of all objects in the forest. What are the reasons for keeping that partial copy? Select all that apply.
Respuesta
-
logon
-
object searches
-
universal group membership
-
schema integrity
Pregunta 34
Pregunta
Which type of system must you connect to and use to make changes to Active Directory?
Respuesta
-
RODC
-
forest master
-
writable domain controller
-
domain tree
Pregunta 35
Pregunta
What utility must you run on a cloned system to ensure that the clone receives its own SID?
Respuesta
-
adprep/renew
-
sysprep
-
dcpromo
-
ntconfig
¿Quieres crear tus propios Tests gratis con GoConqr? Más información.