Qus 102:
__________ groups
are a collection of user accounts that are local to one specific
workstation or member server.
A. Distribution
B. Local
C. Built-in
D. Security
Ans: B
Qus 103:
What special
identity group is used as a reduced-privilege account to allow
applications to run on a server without requiring administrative
access?
A. Network
B. Dialup
C. Network Service
D. Restricted
Ans: C
Qus 104 :
What is a credit
card–sized or token-style device, such as a USB device, that is
used with a PIN to enable logon to the enterprise?
A. RSA SecureID
B. password token
C. smart chip
D. smart card
Ans: D
Qus 105 :
What command-line
tool can be used with a standard user account to reduce the risks
associated with the Administrator account?
A. runas
B. su
C. runadmin
D. launchas
Ans: A
Qus 106 :
Password-cracking
can be accomplished by intelligent guessing on the part of the hacker
or through the use of an automated __________ attack.
A. brute force
B. dictionary
C. cracking
D. work
Ans: B
Qus 107 :
What policies can be
used to ensure that users always have the latest versions of
applications?
A. registry-based
B. software
installation
C. folder
redirection
D. offline file
storage
Ans: B
Qus 108 :
What Microsoft
Management Console (MMC) snap-in is used to create and modify Group
Policies and their settings?
A. Group Policy
Management Editor
B. Group Policy
Control Console
C. Group Policy GPO
D. Group Policy
Management Console
Ans: D
Qus 109:
Which of the
following is not a type of GPO?
A. local GPO
B. advanced GPO
C. domain GPO
D. starter GPO
Ans: B
Qus 110:
What term refers to
tracking events that take place on the local computer?
A. tracking
B. tracing
C. spying
D. auditing
Ans: D
Qus 111 :
What category is
used to configure the startup and security settings for services
running on a computer?
A. Workstation
Services
B. System Services
C. Account Services
D. Domain Services
Ans: B
Qus 112 :
What command-line
tool can be used to manually refresh group policy?
A. gprefresh.exe
B. adrefresh.exe
C. adupdate.exe
D. gpupdate.exe
Ans: D
Qus 113:
Before deploying
software using Group Policy, what must you create?
A. deployment share
B. deployment point
C. distribution
share
D. mount point
Ans: C
Qus 114:
What identifies
software by specifying the directory path where the application is
stored in the file system?
A. hash rule
B. certificate rule
C. path rule
D. network zone
rules
Ans: C
Qus 115 :
What type of file
can be written to allow non–Windows Installer–compliant
applications to be deployed?
A. .msi
B. .exe
C. .zap
D. .ini
Ans: C
Qus 116 :
What Software
Restriction Policy properties allow you to determine whether the
policies apply to all files or whether library files, such as Dynamic
Link Library (DLL), are excluded?
A. enforcement
B. designated file
types
C. security settings
D. trusted
publishers
Ans: A
Qus 117 :
Group Policy
__________ is used to simulate the effect of a policy on the user
environment.
A. Simulator
B. Planning
C. Modeling
D. Results
Ans: C
Qus 118 :
When a GPO is
selected in Group Policy Management, which tab allows administrators
to view the locations to which the policy is linked?
A. Scope
B. Details
C. Settings
D. Delegation
Ans: A
Qus 119 :
What would the
syntax of the GPResult command be if you want to obtain RSoP
information on computer and user policies that will affect a user
named jsmith?
A. gpresult /user
jsmith
B. gpresult jsmith
C. gpresult /user
jsmith /v
D. gpresult /user
jsmith /v /x
Ans: C
Qus 120 :
What is responsible
for managing changes to the Active Directory database?
A. Extensible
Storage Engine
B. Extended Storage
Engine
C. Extensible Change
Engine
D. Stringent Change
Manager
Ans: A
Qus 121 :
What are the
specific processes or events that you want to track in the
Reliability and Performance Monitor?
A. performance
objects
B. performance
counters
C. performance items
D. performance
classes
Ans: B
Qus 122 :
What new
command-line and task-based scripting technology is included with
Windows Server 2008?
A. Windows Enhanced
Shell
B. Windows Advanced
Shell
C. Windows Ultimate
Shell
D. Windows
PowerShell
Ans: D
Qus 123:
Which backup type
will update each file’s backup history and clear the Application
log files?
A. Copy backup
B. VSS full backup
C. Incremental
backup
D. Differential
backup
Ans: B
Qus 124 :
What resource record
identifies which name server is the authoritative source of
information for data within this domain?
A. Start of
Authority (SOA)
B. Name Server (NS)
C. Host (A)
D. Mail Exchange
(MX)
Ans: A
Qus 125 :
What resource record
is the functional opposite of the A record, providing an IP
address-to-name mapping for the system identified in the Name field
using the in-addr.arpa domain name?
A. Service Record
(SRV)
B. Name Server (NS)
C. Pointer (PTR)
D. Mail Exchange
(MX)
Ans: C
Qus 126:
What consists of a
number of elements that allow two parties to communicate securely,
without any previous communication, through the use of a mathematical
algorithm called public key cryptography?
A. security
certificates
B. public key
infrastructure
C. WEP codes
D. passwords
Ans: B
Qus 127 :
What type of CA is
not integrated with Active Directory and relies on administrator
intervention to respond to certificate requests?
A. standalone CA
B. static CA
C. enterprise CA
D. dynamic CA
Ans: A
Qus 128 :
Interoperability
with prior versions of Microsoft Windows is available in Windows
Server 2008 through the use of __________.
A. domain
controllers
B. functional levels
C. global catalogs
D. DNS servers
Ans: B
Qus 129 :
Active Directory
uses __________ relationships to allow access between multiple
domains and/or forests, either within a single forest or across
multiple enterprise networks.
A. trust
B. domain
C. forest
D. global
Ans: A
Qus 130 :
Which functional
level only allows Windows Server 2003 and Windows 2008 domain
controllers?
A. Windows 2000
Native
B. Windows Server
2003
C. Windows Server
2008
D. Windows 2003
Mixed
Ans: B
Qus 131 :
If the domains
within a forest are separated by slow WAN links and the tree-walking
process takes an exceedingly long time to allow user authentication
across domains, you can configure a __________ trust.
A. two-way
transitive
B. cross-forest
C. shortcut
D. parent-child
Ans: C
Qus 132:
What processes can
be used by Windows Server 2008 DNS to clean up the DNS database after
DNS records become stale or out of date?
A. searching and
destroying
B. aging and
scavenging
C. seeking and
removing
D. finding and
deleting
Ans: B
Qus 133:
Read-Only Domain
Controllers provide added security in the way passwords are stored
through what feature?
A. Password
Integration Policy
B. Password Caching
Policy
C. Password Storage
Policy
D. Password
Replication Policy
Ans: D
Qus 134:
When configuring a
site link object, which attribute allows the administrator to define
the path that replication will take?
A. cost
B. schedule
C. frequency
D. none of the above
Ans: A
Qus 135:
How often does
intersite replication occur by default?
A. 5 minutes
B. 10 minutes
C. 15 minutes
D. 1 hour
Ans: C
Qus 136:
For both intrasite
and intersite replication, what protocol does Active Directory use
for all replication traffic?
A. RPC over SMTP
B. RPC over TCP
C. RPC over IP
D. RPC over ARP
Ans: C
Qus 137:
Active Directory
creates a __________ with the idea that all writeable domain
controllers in a domain should communicate Active Directory
information to each other, in addition to communicating forest-wide
information with other domains.
A. replication
topology
B. domain topology
C. replication
strategy
D. domain strategy
Ans: A
Qus 138 :
What holds a subset
of forest-wide Active Directory objects and acts as a central
repository by holding a complete copy of all objects from the host
server’s local domain with a partial copy of all objects from other
domains within the same forest?
A. domain controller
B. global catalog
C. DNS server
D. DHCP server
Ans: B
Qus 139:
What process is used
when you move a FSMO role gracefully from one domain controller to
another?
A. role seizure
B. role transfer
C. role migration
D. role separation
Ans: B
Qus 140 :
What Windows Server
2008 feature stores universal group memberships on a local domain
controller that can be used for logon to the domain, eliminating the
need for frequent access to a global catalog server?
A. global group
membership caching
B. domain group
membership caching
C. local group
membership caching
D. universal group
membership caching
Ans: D
Qus 141 :
The RID Master FSMO
role distributes RIDs to domain controllers in what increments?
A. 300
B. 500
C. 700
D. 1200
Ans: B
Qus 142:
What is the process
of confirming that an authenticated user has the correct permissions
to access one or more network resources?
A. authorization
B. authentication
C. administration
D. allocation
Ans: A
Qus 143 :
What describes the
process of configuring one or more groups as members of another
group?
A. group nesting
B. group hierarchy
C. group leveling
D. group forests
Ans: A
Qus 144 :
What provides a
robust scripting method that supports a multitude of administrative
tasks including creating Active Directory objects, mapping drives,
connecting to printers, modifying environment variables, and
modifying registry keys?
A. Windows Script
Host
B. JavaScript
C. Windows
Powershell
D. CMD.EXE
Ans: A
Qus 145 :
Password-__________
is an attempt to discover a user’s password.
A. recovery
B. tracing
C. sniffing
D. cracking
Ans: D
Qus 146 :
What component
issues and manages certificates for individuals, computers, and
organizations?
A. enrollment agent
B. PKI server
C. certificate
server
D. Certification
Authority
Ans: D
Qus 147 :
Which OU is created
by default when Active Directory is installed?
A. Domain
Controllers
B. Users
C. Computers
D. Member Servers
Ans: A
Qus 148 :
To implement PKI,
what must be installed on your Windows 2008 Server?
A. Active Directory
Users and Computers
B. Microsoft
AdminPak
C. Active Directory
Certificate Services
D. Microsoft
Advanced Security Pack
Ans: C
Qus 149 :
What can be measured
by tangible benefits, such as implementation costs and ongoing
support?
A. return on
implementation
B. total cost of
investment
C. total cost of
ownership
D. return on
investment
Ans: D
Qus 150 :
Group policy is
divided into two subcategories, or nodes, that are named Computer
Configuration and __________.
A. Network
Configuration
B. Security
Configuration
C. User
Configuration
D. Domain
Configuration
Ans: C
Qus 151 :
What means that each
policy must be read and applied completely before the next policy can
be invoked?
A. asymmetric
processing
B. symmetric
processing
C. asynchronous
processing
D. synchronous
processing
Ans: D
Qus 152 :
What policy can
specify software that you wish to run on computers?
A. Local Policies
B. Event Log
Policies
C. Software
Restriction Policies
D. Account Policies
Ans: C
Qus 153 :
What is the default
mechanism for authenticating domain users in Windows Server 2008,
Windows Server 2003, and Microsoft Windows 2000?
A. NTLM
B. AES
C. Kerberos
D. Triple-DES
Ans: C
Qus 154 :
By implementing the
__________ feature when Folder Redirection is also configured,
administrators can control the amount of information that is stored
on the server.
A. Disk Caching
B. Disk Quotas
C. File System
Quotas
D. File System
Caching
Ans: B
Qus 155 :
What setting logs
events related to successful user logons to a domain?
A. Account Logon
Events
B. Logon Events
C. System Events
D. Policy Change
Events
Ans: A
Qus 156 :
What option allows
users to install the applications that they consider useful to them?
A. Assign
B. Require
C. Amend
D. Publish
Ans: D
Qus 157 :
What is a series of
bytes with a fixed length that uniquely identifies a program or file?
A. algorithm
B. hash
C. policy
D. IP address
Ans: B
Qus 158 :
What Software
Restriction Policy properties allow an administrator to control how
certificate rules are handled?
A. enforcement
B. designated file
types
C. security settings
D. trusted
publishers
Ans: D
Qus 159 :
Group Policy
Management started being natively installed with what version of
Windows Server?
A. NT 4
B. 2000
C. 2003
D. 2008
Ans: D
Qus 160 :
What component of
the Microsoft Windows operating system allows administrators to
create queries based on hardware, software, operating systems, and
services?
A. VBScript
B. Windows Scripting
Language
C. Windows
Management Instrumentation
D. .NET Framework
Ans: C
Qus 161 :
What database of
information includes hardware, Group Policy Software Installation
settings, Internet Explorer Maintenance settings, scripts, Folder
Redirection settings, and Security settings?
A. CICOM
B. CIMOM
C. DOM
D. DCOM
Ans: B
Qus 162 :
Changes in Active
Directory are referred to as __________.
A. buffers
B. transactions
C. modifications
D. alterations
Ans: B
Qus 163 :
What logging setting
should you use if Minimal logging is not producing sufficient error
messages to allow you to troubleshoot a particular issue?
A. Basic
B. Extensive
C. Verbose
D. Internal
Ans: A
Qus 164 :
What type of restore
will restore Active Directory objects with their original Update
Sequence Number (USN), which is the number that each domain
controller assigns to every transaction that is either originated on
the DC or replicated in from another domain controller?
A. nonauthoritative
restore
B. authoritative
restore
C. full restore
D. incremental
restore
Ans: A
Qus 165 :
What resource record
provides the name-to-IP-address mappings that DNS name servers use to
perform name resolution?
A. Start of
Authority (SOA)
B. Name Server (NS)
C. Host (A)
D. Mail Exchange
(MX)
Ans: C
Qus 166 :
What type of zone is
a read-only copy of the data that is stored within a primary zone on
another server?
A. secondary zone
B. stub zone
C. primary zone
D. forwarder zone
Ans: A
Qus 167 :
What has direct
access to at least one name server and can also process referrals to
direct its queries to other name servers when necessary?
A. name server
B. DNS server
C. host file
D. resolver
Ans: D
Qus 168 :
What role allows
administrators to configure Single Sign-On (SSO) for Web-based
applications across multiple organizations without requiring users to
remember multiple usernames and passwords?
A. AD FS
B. AD FTP
C. AD FSMO
D. AD RMS
Ans: A
Qus 169 :
What is a secret
piece of information that is shared between two parties prior to
being able to communicate securely?
A. public key
B. private key
C. PKI
D. shared secret key
Ans: D
Qus 170 :
What type of CA can
use certificate templates as well as Group Policy Objects to allow
autoenrollment of digital certificates, as well as store digital
certificates within the Active Directory database for easy retrieval
by users and devices?
A. standalone CA
B. static CA
C. enterprise CA
D. dynamic CA
Ans: C
Qus 171 :
Which of the
following are not able to be performed by those with the Auditor
predefined security role?
A. configure audit
parameters
B. read records and
configuration information in the CA database
C. define key
recovery agents
D. possesses the
system audit user right
Ans: C
Qus 172 :
The largest
container object within Active Directory is a(n) __________.
A. organization unit
B. domain
C. tree
D. forest
Ans: D
Qus 173 :
Which of the
following is not a benefit of Active Directory Domain Services?
A. single logon for
access to global resources
B. fault tolerance
and redundancy
C. personalized
desktops
D. simplified
resource location
Ans: C
Qus 174 :
When a child domain
is created, it automatically receives a __________ trust with its
parent domain.
A. parent-child
B. two-way
transitive
C. cross-forest
D. simple
Ans: B
Qus 175 :
Each class or
attribute that you add to the schema should have a valid __________.
A. username
B. password
C. OID
D. SID
Ans: C
Qus 176 :
What type of trust
allows you to configure trust relationships between Windows Server
2008 Active Directory and a UNIX MIT Kerberos realm?
A. shortcut
B. cross-forest
C. external
D. realm
Ans: D
Qus 177 :
__________
partitions are used to separate forest-wide DNS information from
domain-wide DNS information to control the scope of replication of
different types of DNS data.
A. DNA record
B. DNS type
C. DNS data
D. Application
Directory
Ans: D
Qus 178 :
Active Directory
__________ provide the means by which administrators can control
replication traffic.
A. services
B. sites
C. domains
D. forests
Ans: B
Qus 179 :
What is an
alternative solution for intersite replication when a direct or
reliable IP connection is not available?
A. IRC
B. SMTP
C. TCP/IP
D. ICMP
Ans: B
Qus 180 :
The KCC is
responsible for calculating intrasite replication partners. During
this process, what is the maximum number of hops that the KCC will
allow between domain controllers?
A. 1
B. 2
C. 3
D. 4
Ans: C
Qus 181:
What is a partial
copy of all objects from other domains within the same forest that is
held on a global catalog server?
A. partial attribute
set
B. partial domain
set
C. partial attribute
listing
D. partial domain
listing
Ans: A
Qus 182 :
What tool is used to
seize a FSMO role?
A. ntosutil
B. ntdsutil
C. dcpromo
D. adutil
Ans: B
Qus 183 :
Which of the
following is not a function performed by a global catalog server?
A. facilitating
searches for objects in the forest
B. maintaining
universal group membership information
C. maintaining a
backup of all data stored on a domain controller
D. maintaining a
copy of all objects in the domain
Ans: C
Qus 184 :
When a user logs on,
what is created that identifies the user and all of the user’s
group memberships?
A. access card
B. access token
C. access key
D. access session
Ans: B
Qus 185 :
All default groups
are __________ groups.
A. distribution
B. domain local
C. built-In
D. security
Ans: D
Qus 186 :
What can be defined
as a password that follows guidelines that make it difficult for a
potential hacker to determine the user’s password?
A. complex password
B. encrypted
password
C. strong password
D. RSA SecureID
Ans: C
Qus 187 :
What typically
consists of at least four characters or digits that are entered while
presenting a physical access token, such as an ATM card or smart
card?
A. password
B. PIN
C. smart card
D. RSA SmartID
Ans: B
Qus 188 :
A password should be
__________ characters in length to be considered a strong password.
A. 6
B. 10
C. 12
D. 8
Ans: D
Qus 189 :
Administrators find
that Group Policy implementation helps them to achieve __________.
A. enhanced security
B. faster
performance
C. centralized
management
D. virus-free
networks
Ans: C
Qus 190 :
What folder located
under the Computer Configuration node in the Group Policy Management
Editor contains security settings and scripts that apply to all users
who log on to Active Directory from that specific computer?
A. Software Settings
B. Windows Settings
C. Security Settings
D. Administrative
Templates
Ans: B
Qus 191 :
What advanced
technique allows you to apply GPO settings to only one or more users
or groups within a container by selectively granting the Apply Group
Policy permission to one or more users or security groups?
A. linking
B. nesting
C. security group
filtering
D. Group Policy
filtering
Ans: C
Qus 192 :
What Computer
Configuration node setting includes three subcategories: Audit
Policy, User Rights Assignment, and Security Options?
A. Account Policies
B. Local Policies
C. Event Log
Policies
D. System Services
Policies
Ans: B
Qus 193 :
What separate Group
Policy category allows files to be available to users, even when the
users are disconnected from the network?
A. Offline Mode
Files
B. Network
Disconnected Files
C. Offline Files
D. Unavailable Files
Ans: C
Qus 194 :
Which of these is
not an option when configuring Fine-Grained Password Policies?
A.
PasswordSettingsPrecedence
B.
PasswordCommonNameUsage
C.
PasswordHistoryLength
D. LockoutThreshold
Ans: B
Qus 195 :
If you set the
refresh interval to zero, the system attempts to update the policy at
what interval?
A. every second
B. every 7 seconds
C. every minute
D. every 7 minutes
Ans: B
Qus 196:
Which of the
following is not a phase of the software life cycle?
A. planning
B. implementation
C. evaluation
D. removal
Ans: C
Qus 197 :
What option is
helpful when you are deploying required applications to pertinent
users and computers?
A. Assign
B. Require
C. Amend
D. Publish
Ans: A
Qus 198 :
When implementing
multiple Software Restriction Policy rules, which rule is always
applied last?
A. hash rule
B. certificate rule
C. path rule
D. network zone
rules
Ans: C
Qus 199 :
By default, the
Software Restriction Policies area has what value in the Default
Security Level setting?
A. Unrestricted
B. Restricted
C. Basic User
D. Disallowed
Ans: A
Qus 200 :
What MMC snap-in
provides a single access point to all aspects of Group Policy that
were previously spread across other tools such as Active Directory
Users and Computers, Active Directory Sites and Services, Resultant
Set of Policy (RSoP), and the Group Policy Management Editor?
A. Group Policy
Editor
B. Group Policy
Management
C. GPEdit
D. GPUpdate
Ans: B
Qus 201 :
What command-line
tool allows you to create and display an RSoP query from the command
line?
A. GPResult
B. GPUpdate
C. GPClone
D. GPRSoP
Ans: A
Qus 202 :
WMI filters cannot
be evaluated on which operating system?
A. Windows XP
B. Windows 2000
C. Windows Server
2003
D. Windows Vista
Ans: B
No comments:
Post a Comment