Chapter 03 Windows Server 2008 R2

Active Directory was first introduced in which operating system?
a) Windows 2000 Server
b) Windows XP SP2
c) Windows 2003 Server
d) Windows Vista

Where do users log in when joining an Active Directory domain?
a) application
b) individual computer
c) domain
d) server

There are two basic classes of objects in an Active Directory domain. Which of the following is an object?
a) logical
b) leaf
c) tree
d) attribute

Which of the following is a main group type found in Active Directory?
a) security
b) domain
c) global
d) universal

Which group is used most often when designing an Active Directory infrastructure?a) distribution
b) universal
c) global
d) security

Which group is used for nonsecurity-related functions, such as sending email messages to a collection of users?
a) distribution
b) universal
c) global
d) security

DNS naming limitations call for a maximum of how many characters per domain name?
a) 32
b) 63
c) 128
d) 255

What type of compatibility are functional levels designed to provide in Active Directory installations running domain controllers with various versions of the Windows Server operating system?
a) functional
b) forward
c) backward
d) existing

What is the name of the communications protocol called for by the original X.500 standard?
a) Directory Access Protocol
b) Data Access Protocol
c) Lightweight Directory Access Protocol
d) Lightweight Data Access Protocol

The Read-Only Domain Controller (RODC) supports only incoming replication traffic. As a result, what is it possible to do when using a Read-Only Domain Controller?
a) create Active Directory objects
b) modify Active Directory objects
c) delete Active Directory objects
d) none of the above

A site topology consists of all of the following Active Directory object types except __________.
a) Sites
b) Subnets
c) Subnet Links
d) Site Links

When using the subzone method, you can leave the Internet DNS servers in place and use Windows Server 2008 DNS servers to host the zone for the subdomain. Which of the following is a configuration change that you must make?
a) You must use your domain controllers as your DNS servers.
b) You must use your Internet DNS servers to host your Active Directory domains.
c) You must turn on dynamic updates on the DNS servers.
d) You must configure Internet DNS servers to delegate the Active Directory subdomain to the

Which of the following is not a reason for creating an organizational unit?
a) assigning Group Policy settings
b) duplicating organizational divisions
c) implementing domains
d) delegating administration

Which of the following is not a variable that can affect the performance of an Active Directory installation?
a) length of the domain name you create
b) hardware you select for your domain controllers
c) capabilities of your network
d) types of WAN links connecting your remote sites

To use a Windows Server 2008 computer as a domain controller, you must configure it to use a(n) __________.
a) APIPA address
b) address supplied by a DHCP server
c) static IP address
d) none of the above

Every Active Directory domain should have a minimum of __________ domain controllers.
a) one
b) two
c) three
d) four

An Active Directory domain controller can verify a user’s identity by which of the following methods?
a) smart cards
b) passwords
c) biometrics
d) all of the above

Which of the following is not a reason why you should try to create as few domains as possible when designing an Active Directory infrastructure?
a) A license must be purchased from Microsoft for each domain you create.
b) Additional domains increase the overall hardware and maintenance costs of the deployment.
c) Some applications might present security issues when working in a forest with multiple domains.
d) Additional domains increase the number of administrative tasks that must be performed.

Which of the following Active Directory elements provides a true security boundary?
a) organizational units
b) domains
c) domain trees
d) forests

What is the primary difference between global and universal groups?a) Global groups decrease the amount of replication traffic between sites.b) Universal groups add more data to the global catalog.c) You can use universal groups across the board if your network consists of multiple sites.d) Global groups add more data to the universal catalog.

Unlike organizational units, you cannot assign Group Policy settings to computer objects, nor can you delegate their administration.

Subdomains in a tree inherit permissions and policies from their parent domains.

You can drag and drop leaf objects, such as users and computers, between OUs, but not between domains.

When you want to grant a collection of users permission to access a network resource, such as a file system share or a printer, you can assign permissions to an organizational unit.

Active Directory is one of the easiest technologies to test because an isolated lab environment usually can emulate many of the factors that can affect the performance of a directory service.

A(n) __________ object is one that can have other objects subordinate to it.

Every object consists of __________ that store information about the object.

__________ Policy is one of the most powerful administrative features of Active Directory.

The primary difference between global and universal groups is that universal groups add more data to the global catalog, thereby increasing the amount of __________ traffic between sites.

When beginning a new Active Directory installation, the first step is to create a new __________.

Every Active Directory domain should have a minimum of __________ domain controllers.

To stay synchronized, domain controllers communicate by sending database information to each other, which is a process called __________.

The overall objective in your Active Directory design process should be to create as few __________  as possible.

If you plan to create domains corresponding to remote sites or organizational divisions, the most common practice is to make them all __________ in the same tree, with a single root domain at the top.

Each domain in an Active Directory installation is a separate __________ entity.

The required and recommended attributes that each type of object can have, the type of information that can be stored in each attribute, and the object’s place in the directory tree are all defined in what location?

What container object functions in a subordinate capacity to a domain but without the complete separation of security policies?

When you create your first domain on an Active Directory network, you are creating the root of what?

What is the name of the list in each forest that contains the objects in the forest along with a subset of each object’s attributes?

What is the name of the process used by Windows NT domains in which one primary domain controller (PDC) sends its data to one or more backup domain controllers (BDCs)?

What does Active Directory use, in which it is possible to make changes to domain objects on any domain controller, to replicate those changes to all other domain controllers?

Each domain in a tree is a separate security entity. What does each domain’s separate Group Policy settings include?

What component automatically creates replication links between domain controllers in the same site and schedules their replication activities?

When a user logs on to an Active Directory domain, what is involved in the elaborate authentication procedure that the client computer performs?

By definition, how do domains function in Active Directory?

What does AGULP stand for?

The process of designing an Active Directory infrastructure consists of which basic phases?

What is an organizational unit?

What are the two most common structural paradigms used in Active Directory designs?

The Schema Administrators group exists only in the forest root domain. What do the members of that group have the ability to do?