Copy and Edit

CIT 214 Microsoft Server Configuration - Final Exam Part 2 - Basic Edition

Description

Brought to you by late night industries!
Jesse Collins
Quiz by Jesse Collins, updated more than 1 year ago
Jesse Collins
Created by Jesse Collins about 8 years ago
113
1
0

Resource summary

Question 1

Question
What can be used to add, delete, or modify objects in Active Directory, in addition to modifying the schema if necessary?
Answer
  • DCPROMO
  • LDIFDE
  • CSVDE
  • NSLOOKUP

Question 2

Question
When using CSVDE, what is the first line of the text file that uses proper attribute names?
Answer
  • header row
  • header record
  • name row
  • name record

Question 3

Question
Which of the following utilities do you use to perform an offline domain join?
Answer
  • net join
  • join
  • djoin
  • dconnect

Question 4

Question
Which of the following is not a type of user account that can be configured in Windows Server 2012?
Answer
  • local accounts
  • domain accounts
  • network accounts
  • built-in accounts

Question 5

Question
Which of the following are the two built-in user accounts created automatically on a computer running Windows Server 2012 R2?
Answer
  • Network
  • Interactive
  • Administrator
  • Guest

Question 6

Question
What is the PowerShell cmdlet syntax for creating a new user account?
Answer
  • New-ADUser
  • New-User
  • New-SamAccountName
  • There is no PowerShell cmdlet for user creation.

Question 7

Question
What is the PowerShell cmdlet syntax for creating a new computer object?
Answer
  • New-Computer -Name <computer name> –path <distinguished name>
  • New-ADComputer -Name <computer name> –path <distinguished name>
  • New-ComputerName <computer name> –path <distinguished name>
  • There is no PowerShell cmdlet for creating computer objects.

Question 8

Question
When using Netdom.exe to join an account, you may add the parameter [/OU:OUDN]. If this parameter is left out, where is the object placed?
Answer
  • In the same organizational unit (OU) as the administrator running Netdom.exe
  • In the Users container
  • In the Computers container
  • Without the OU specified, the program will fail.

Question 9

Question
Who may join a computer to the domain?
Answer
  • No one, the computer does this itself when authenticating.
  • The computer joins the domain as part of the object creation process.
  • Only the domain administrator may join the computer to the domain.
  • Members of the computer’s local Administrators group may join the computer to the domain.

Question 10

Question
What is the primary means by which people access resources on an Active Directory Domain Service (AD DS) network?
Answer
  • By having a computer account
  • Being within the proper site and domain
  • By having elevated privileges
  • By having a user account

Question 11

Question
What differences matter most in creating a single user versus multiple users?
Answer
  • Single user creation is often done from the graphical user interface (GUI), whereas creating multiple users typically requires using command-line tools.
  • Creating a single user is simple, but manual work.
  • Time does not permit automating the creation of a single user.
  • When creating multiple users, not as many parameters are involved.

Question 12

Question
What two graphical tools will help create either user or computer objects?
Answer
  • Server Manager and PowerShell
  • Active Directory Administrative Center and Active Directory Users and Computer
  • Server Core and PowerShell
  • LDIFDE.exe and CSVDE.exe

Question 13

Question
What is a key benefit to using ADAC or the Active Directory Users and Computers console?
Answer
  • ADAC allows you to modify the properties of both multiple users and multiple computers at once.
  • ADAC allows you to import multiple objects at once.
  • ADAC allows you to modify the properties of multiple users or multiple computers at once.
  • ADAC not only helps create user and computer objects, but it helps join them to a domain.

Question 14

Question
Are typical, authenticated users able to create computer objects in an Active Directory?
Answer
  • No, it requires administrative rights to create a computer object.
  • Yes, if they are specially granted the Add Workstations To The Domain right.
  • No, users are not able to do so by default.
  • Yes, by default, users who are successfully authenticated to Active Directory are permitted to join up to 10 workstations to the domain, thus creating up to 10 associated computer objects.

Question 15

Question
You are planning an Active Directory implementation for a company that currently has sales, accounting, and marketing departments. All department heads want to manage their own users and resources in Active Directory. What feature will permit you to set up Active Directory to allow each manager to manage his or her own container but not any other containers?
Answer
  • Delegation of control
  • Read-only domain controller
  • Multimaster replication
  • SRV records

Question 16

Question
If the user named Amy is located in the sales OU of the central.cohowinery.com domain, what is the correct syntax for referencing this user in a command line utility?
Answer
  • amy.cohowinery.com
  • cn=amy.ou=sales.dc=cohowinery.com
  • cn=amy,ou=sales,dc=central,dc=cohowinery,dc=com
  • dc=com,dn=cohowinery,ou=sales,cn=amy

Question 17

Question
Which of the following is a container object within Active Directory?
Answer
  • Folder
  • Group
  • User
  • OU

Question 18

Question
Which of the following groups do you use to consolidate groups and accounts that either span multiple domains or the entire forest?
Answer
  • Global
  • Domain
  • Built-in
  • Universal

Question 19

Question
Which of the following is not a correct reason for creating an OU?
Answer
  • To create a permanent container that cannot be moved or renamed
  • To duplicate the divisions in your organization
  • To delegate administration tasks
  • To assign different Group Policy settings to a specific group of users or computers

Question 20

Question
Which of the following group scope modifications are not permitted? (Choose all answers that are correct.)
Answer
  • Global to universal
  • Global to domain local
  • Universal to global
  • Domain local to universal

Question 21

Question
In a domain running at the Windows Server 2012 domain functional level, which of the following security principals can be members of a global group? (Choose all answers that are correct.)
Answer
  • Users
  • Computers
  • Universal groups
  • Global groups

Question 22

Question
You are attempting to delete a global security group in the Active Directory Users and Computers console, and the console will not let you complete the task. Which of the following could possibly be causes for the failure? (Choose all answers that are correct.)
Answer
  • There are still members in the group.
  • One of the group’s members has the group set as its primary group.
  • You do not have the proper permissions for the container in which the group is located.
  • You cannot delete global groups from the Active Directory Users and Computers console.

Question 23

Question
Select the best reasons for using organizational units (OUs)?
Answer
  • Organizing by geography, assigning Group Policy settings, and applying security boundaries
  • Applying security boundaries, assigning Group Policy settings, and organizing by geography
  • Duplicating organizational divisions, assigning Group Policy settings, and delegating administration
  • Assigning Group Policy settings, administering delegation, and delegating administration

Question 24

Question
What is the primary difference between universal groups and global groups in Windows Server 2012 R2?
Answer
  • Global groups use less data in the global catalog. So, in considering replication traffic, universal groups should be within a site.
  • Universal groups use less data in the global catalog. So, in considering replication traffic, global groups should be within a site.
  • Universal groups use more data in the global catalog. However, global groups are best in general, both within a site and across sites.
  • Global groups use less data than universal groups, but not significantly.

Question 25

Question
Generally, how do groups differ from OUs?
Answer
  • Groups are security principals, meaning you assign access permissions to a resource based on membership to a group. OUs are for organization and for assigning Group Policy settings.
  • Groups are created by the Server Manager, but you create OUs by scripts.
  • OUs are security principals, meaning you assign access permissions to a resource based on membership to an organizational unit. Groups are for organization and for delegating permissions.
  • Organizational units are container objects made from the Active Directory Users and Computers console.

Question 26

Question
What are the different kinds of groups?
Answer
  • There are two types: security and distribution.
  • There are two types: security and distribution, and three group scopes: domain local, global, and universal.
  • There are three group scopes: domain local, global, and universal.
  • There are three group types: domain local, global, and universal.

Question 27

Question
What command-line utility allows administrators to modify groups’ type and scope as well as add or remove members?
Answer
  • PowerShell and the applicable cmdlet
  • Active Directory Users and Computers console
  • Active Directory Administrative Center
  • Dsmod.exe

Question 28

Question
Which of the following types of files do Group Policy tools access from a Central Store by default?
Answer
  • ADM files
  • ADMX files
  • Group Policy objects
  • Security templates

Question 29

Question
Which of the following local GPOs takes precedence on a system with multiple local GPOs?
Answer
  • Local Group Policy
  • Administrators Group Policy
  • Nonadministrators Group Policy
  • User-specific Group Policy

Question 30

Question
Which of the following techniques can you use to apply GPO settings to a specific group of users in an OU?
Answer
  • GPO linking
  • Administrative templates
  • Security filtering
  • Starter GPOs

Question 31

Question
Which of the following best describes the function of a starter GPO?
Answer
  • A starter GPO functions as a template for the creation of new GPOs.
  • A starter GPO is the first GPO applied by all Active Directory clients.
  • Starter GPOs use a simplified interface for elementary users.
  • Starter GPOs contain all of the settings found in the default Domain Policy GPO.

Question 32

Question
When you apply a GPO with a value of Not Configured for a particular setting to a system on which that same setting is disabled, what is the result?
Answer
  • The setting remains disabled.
  • The setting is changed to not configured.
  • The settings is changed to enabled.
  • The setting generates a conflict error.

Question 33

Question
Local GPOs are stored ________, whereas Domain GPOs are stored _________.
Answer
  • in Active Directory; in Active Directory
  • in Active Directory; on the local computer
  • on the local computer; in Active Directory
  • on the local computer; on the local computer

Question 34

Question
By default, linking a GPO to a container causes all the users and computers in that container to receive the GPO settings. How can you modify the default permission assignments so that only certain users and computers receive the permissions and, consequently, the settings in the GPO?
Answer
  • You cannot separate or divide permission assignments within the linked container.
  • You can create and link a different GPO to the applicable objects, overriding the previous GPO.
  • You remove the applicable objects and place in a new container.
  • You apply security filtering in the Group Policy Management console.

Question 35

Question
When multiple GPOs are linked to a container, which GPO in the list has the highest priority?
Answer
  • The last
  • The first
  • The most permissive
  • The most restrictive

Question 36

Question
Group Policy settings are divided into two subcategories: User Configuration and Computer Configuration. Each of these two settings is further organized into three subnodes. What are the three subnodes?
Answer
  • Software Settings, Windows Settings, and Delegation Templates
  • Software Settings, Windows Settings, and Administrative Templates
  • Security Settings, Windows Settings, and Delegation Templates
  • Security Settings, Windows Settings, and Administrative Templates

Question 37

Question
What is the order in which Windows systems receive and process multiple GPOs?
Answer
  • LSOUD (local, site, OU, and then domain)
  • LOUDS (local, OU, domain, and then site)
  • SLOUD (site, local, OU, and then domain)
  • LSDOU (local, site, domain, and then OU)

Question 38

Question
What are the different types of Group Policy objects (GPOs)?
Answer
  • Computer, user, and organizational unit
  • Local, domain, and starter
  • Local, domain, and universal
  • Site, domain, and organizational unit

Question 39

Question
Installing Windows Server 2012 Active Directory Domain Services (AD DS) installs two default policies: Default Domain Policy and Default Domain Controller Policy. As an administrator, you need different policy settings than the default. What is the best approach to make those changes?
Answer
  • Add new settings in the default policies as needed.
  • Create new GPOs to augment or override the existing default settings.
  • Change existing ones in the default policies as needed.
  • Link a new GPO using the AD DS role.

Question 40

Question
If creating a local GPO, then a secondary GPO, then a tertiary GPO, what policy settings are included in each GPO?
Answer
  • The first GPO contains both Computer Configuration and User Configuration settings, whereas the secondary and tertiary GPOs contain only Computer Configuration settings.
  • Each GPO contains both Computer Configuration and User Configuration settings.
  • All GPOs contain User Configuration settings.
  • The first GPO contains both Computer Configuration and User Configuration settings, whereas the secondary and tertiary GPOs contain only User Configuration settings.

Question 41

Question
Group Policies applied to parent containers are inherited by all child containers and objects. What are the ways you can alter inheritance?
Answer
  • Using the Enforce, Block Policy Inheritance, or Loopback settings.
  • Using Active Directory Administrative Center (ADAC) to block inheritance.
  • Inheritance can be altered by making the applicable registry settings.
  • Using the Enforce or Block Policy Inheritance settings.

Question 42

Question
You are an administrator in a mixed environment of Windows Server 2012, Server 2008 R2 and desktops running Vista. You need different settings for users, based on their identities. Can you achieve this through multiple local GPOs?
Answer
  • All these operating systems support for multiple local GPOs. However, some servers are standalone (non-AD DS) systems.
  • Yes, this is achievable through support by all OSs, regardless of whether standalone or whether members of an AD DS domain.
  • No, this is not achievable given the current environment.
  • No, this is not achievable until software is added.

Question 43

Question
Which of the following tools would you use to deploy the settings in a security template to all of the computers in an Active Directory Domain Services domain?
Answer
  • Active Directory Users and Computers
  • Security Templates snap-in
  • Group Policy Object Editor
  • Group Policy Management console

Question 44

Question
Which of the following are local groups to which you can add users with the Windows Control Panel?
Answer
  • Users
  • Power Users
  • Administrators
  • Nonadministrators

Question 45

Question
Which of the following tools would you use to modify the settings in a security template?
Answer
  • Active Directory Users and Computers
  • Security Templates snap-in
  • Group Policy Object Editor
  • Group Policy Management console

Question 46

Question
The built-in local groups on a server running Windows Server 2012 receive their special capabilities through which of the following mechanisms?
Answer
  • Security options
  • Windows Firewall rules
  • NTFS permissions
  • User rights

Question 47

Question
After configuring and deploying the Audit Directory Service Access policy, what must you do before a computer running Windows Server2012 begins logging Active Directory access attempts?
Answer
  • You must select the Active Directory objects you want to audit in the Active Directory Users and Computer console.
  • You must wait for the audit policy settings to propagate to all of the domain control- lers on the network.
  • You must open the Audit Directory Service Access Properties sheet and select all of the Active Directory objects you want to audit.
  • You must add an underscore character to the name of every Active Directory object you want to audit.

Question 48

Question
What is the purpose of the Audit Policy section of a Local Group Policy objects (GPO)?
Answer
  • Administrators can log successful and failed security events, such as logon events, database errors, and system shutdown.
  • Administrators can log successful and failed security events, such as loss of data, account access, and object access.
  • Administrators can log successful and failed events, forwarded from other systems.
  • Administrators can log events related specifically to domain controllers.

Question 49

Question
What are the three primary event logs?
Answer
  • Application, Forwarded, and System
  • Application, Security, and Setup
  • Application, Security, and System
  • Application, System, and Setup

Question 50

Question
After you create a GPO that contains computer or user settings, but not both, what can you do for faster GPO processing?
Answer
  • Set the priority higher for the configured setting area.
  • Manually refresh the GPO settings.
  • Disable the setting area that is not configured.
  • Regardless of whether part or all of a GPO is configured, the GPO is processed at the same speed.

Question 51

Question
What are the two interfaces for creating and managing local user accounts for a computer joined to the domain?
Answer
  • Control Panel and ADAC
  • User Accounts control panel and the Local Users and Groups snap-in for MMC
  • ADAC and the Active Directory of Users and Computers snap-in for MMC
  • Server Manager and PowerShell

Question 52

Question
What did Microsoft introduce in Windows Server 2012 to ensure users with administra- tive privileges still operate routine tasks as standard users?
Answer
  • New Group Policy and Local Security Policy
  • Secure desktop
  • User Account Control (UAC)
  • Built-in administrator account

Question 53

Question
When would you need to create a user account through the Control Panel?
Answer
  • You can create users through the Control Panel or with the Local Users and Groups snap-in.
  • You can create users through the Control Panel when the Windows Server 2012 computer is part of a workgroup.
  • When you join a computer to an Active Directory Domain Services (AD DS) domain, you can create only new local user accounts with the Local Users and Groups snap-in. Control Panel is while the computer is not a member of an AD DS domain.
  • Creating users through the Control Panel is not possible.

Question 54

Question
What is the best approach for planning a security template strategy?
Answer
  • Plan according to the needs of individual computers, not users.
  • Plan according to the needs of computer roles, and also company locations.
  • Plan according to the needs of computer roles, but not individual computers.
  • Plan according to the needs of users.

Question 55

Question
What are the key benefits of security templates?
Answer
  • Apply consistent, scalable, and reproducible security settings throughout an enterprise.
  • Deploy alongside with group policies.
  • Although a text editor is possible, Windows Server 2012 enables the use of a graphical interface.
  • Simple deployment as configuration files are text (.inf extension) and uses a graphical and unified interface.

Question 56

Question
How are most Group Policy settings applied or reapplied?
Answer
  • Every time a computer starts up
  • At the refresh interval
  • Whenever a user logs on
  • Whenever the domain controller is restarted

Question 57

Question
What are the two interfaces available for creating and managing user accounts in Windows Server 2012?
Answer
  • Control Panel and the MMC snap-in
  • Server Manager and Control Panel
  • Control Panel and Active Directory Users and Computers
  • User Accounts control panel and the Local Users and Groups snap-in for MMC

Question 58

Question
Which of the following rule types apply only to Windows Installer packages?
Answer
  • Hash rules
  • Certificate rules
  • Internet zone rules
  • Path rules

Question 59

Question
Which file type is used by Windows Installer?
Answer
  • .inf
  • .bat
  • .msf
  • .msi file

Question 60

Question
Which of the following is not one of the Default Security Levels that can be used with a software restriction policy?
Answer
  • Basic User
  • Unrestricted
  • Restricted
  • Disallowed

Question 61

Question
As part of your efforts to deploy all new applications using Group Policy, you discover that several of the applications you wish to deploy do not include the necessary installer files. What can you use to deploy these applications?
Answer
  • Software restriction policies
  • .msi files
  • .mdb files
  • .zap files

Question 62

Question
Which of the following describes the mathematical equation that creates a digital “fingerprint” of a particular file?
Answer
  • Hash rule
  • Hash algorithm
  • Software restriction policy
  • Path rule

Question 63

Question
Which of the following rules will allow or disallow a script or a Windows Installer file to run on the basis of how the file has been signed?
Answer
  • Path rule
  • Hash rule
  • Network zone rule
  • Certificate rule

Question 64

Question
You want to deploy several software applications using Group Policy, such that the applications can be manually installed by the users from the Add/Remove Programs applet in their local Control Panel. Which installation option should you select?
Answer
  • Assign
  • Disallowed
  • Publish
  • Unrestricted

Question 65

Question
You have assigned several applications using GPOs. Users have complained that there is a delay when they double-click on the application icon, which you know is the result of the application being installed in the background. What option can you use to pre-install assigned applications when users log on or power on their computers?
Answer
  • Uninstall when the application falls out of scope
  • Install This Application At Logon
  • Advanced Installation Mode
  • Path rule

Question 66

Question
Which of the following Default Security Levels in Software Restriction Policies will disallow any executable from running that has not been explicitly enabled by the Active Directory administrator?
Answer
  • Basic User
  • Restricted
  • Disallowed
  • Power User

Question 67

Question
When installing software using Group Policy, what file or files does an administrator use?
Answer
  • Windows Installer package files, or .msi files. Modifications to the package files are transform files, or .mst files. Further, patch files are designated as .msp files.
  • Any approved software from Microsoft, including the Certified for Windows Server 2012 logo on the packaging.
  • Windows Installer package files, or .mst files. Modifications to the package files are instruction files, or .msi files.
  • Windows Installer packages that contain all the information about the software.

Question 68

Question
You want to deploy software using Group Policy. What is necessary before deciding to Assign the software to your user accounts?
Answer
  • You must create a Group Policy object (GPO) or modify an existing GPO. As part of configuring the GPO, you decide whether to Assign or Publish the application.
  • You create the GPO. Whether to Assign or Publish is decided elsewhere.
  • You must create a distribution share, also called a software distribution point. Then create the GPO, specifying how to deploy the application.
  • You decide whether to Assign or Publish the application. If using .zap files, you might need user intervention.

Question 69

Question
If a software package is set as Assigned, the option to Install This Application At Logon is available. This option enables the application to be installed immediately, rather than advertised on the Start menu. However, when should you avoid this method?
Answer
  • If users have slow links between their workstations and the software distribution point
  • If computers are already under a very strict security policy and computer configuration
  • If users often take their computer home
  • If computers require administrative logon for each new package

Question 70

Question
What does file-activated installation mean, and where is it utilized?
Answer
  • When a user opens a file associated with an application that does not currently exist on the user’s workstation, the application is installed. It is used for both Publishing and Assigning an application to a user.
  • When a user logs on and the local computer has a file associated with an application that does not exist, the application is installed. It is used when Assigning an applica- tion to a user.
  • When a user opens a file associated with an application that does not currently exist on the user’s workstation, the application is installed. It is used when Assigning an application to a user.
  • When a user logs on and the local computer has a file associated with an applica- tion that does not exist, the application is installed. It is used when Publishing an application to a user.

Question 71

Question
What is the most common way to implement software restriction policies?
Answer
  • By configuring software restriction policies on individual computers by using Local Security Policy
  • Through Active Directory Users and Computers
  • Through GPOs linked to Active Directory Domain Services (AD DS) containers, so that you can apply their policy settings to several computers simultaneously
  • By using AppLocker, provided you apply to a computer running Windows 7 and Windows Server 2008 R2 or later
Show full summary Hide full summary

Want to create your own Quizzes for free with GoConqr? Learn more.

Similar

CCNA Security 210-260 IINS - Exam 3
Mike M
Application of technology in learning
Jeff Wall
Innovative Uses of Technology
John Marttila
Ch1 - The nature of IT Projects
mauricio5509
The Internet
Gee_0599
CCNA Answers – CCNA Exam
Abdul Demir
SQL Quiz
R M
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
System Analysis
R A
Flash Cards Networks
JJ Pro Wrestler
EDUC260- Multimodal Literacies for a Digital Age
angelwoo2002
Browse Library