Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Q1_Netman-6
| Question | Answer |
|---|---|
| Resolve names of servers and clients to IP addresses and vice versa (possibly) | Name resolution |
| An Active Directory domain’s name must be represented in DNS | Namespace definition |
| Logical partition in Active Directory database | Domains |
| Collections of users, computers, groups, and so on | Domains |
| Units of replication | Domains |
| _____________ in a domain replicate with each other and contain a full copy of the domain partition for their domain | Domain controllers |
| _________ do not replicate domain partition information for other domains | Domain controllers |
| One or more domains that share a contiguous DNS namespace | Trees |
| One or more domains that share: Common schema Common configuration Automatic transitive trust relationships Common global catalog | Forests |
| Forests can contain from as few as one domain to many domains and/or many trees | True |
| Domains are not required to be in a single tree or share a namespace | True |
| First domain created | forest root |
| Container objects within a domain | Organizational Units |
| Used to organize resources to reflect administrative divisions; may not map to organizational structure | Organizational Units |
| Used to delegate administrative authority | Organizational Units |
| Used to apply Group Policy | Organizational Units |
| Secure communication paths that allow security principals in one domain to be authenticated and accepted in other domains | Trust Relationships |
| can be created between Windows Server 2003 forests only | Forest-to-forest transitive trusts |
| : two-way, transitive Kerberos trusts (intraforest) | Default |
| : one- or two-way, transitive Kerberos trusts (intraforest) | Shortcut |
| : one- or two-way, transitive Kerberos trusts | Forest |
| : one-way, non-transitive NTLM trusts | External |
| : one- or two-way, non-transitive Kerberos trusts | Realm |
| Raising forest functional level is performed by | Enterprise Administrator |
| Areas of “fast” network connectivity | Sites |
| provide authentication and authorization services | Domain Controllers |
| replicate directory partitions | Domain Controllers |
| contains limited information about every object in a forest | Global Catalog |
| Servers that hold a copy of the global catalog | global catalog servers |
| Most operations in Active Directory | multi-master |
| Emulates PDC functionality for Windows NT BDCs | PDC Emulator |
| Entities that can initiate an action or be granted or denied access to resources | Security Principals |
| SID | Security IDentifier |
| Variable-length number that is used to identify security principals | SID |
| Used in ACLs to identify security principals that are granted or denied access to objects in Active Directory and file system resources | SID |
| RID | Relative IDentifier |
| GUID | Globally Unique IDentifier |
| 128-bit number generated at the time an object is created in the directory | GUID |
| “Travels” with an object | GUID |
| Used by domain controllers to identify objects in Active Directory for purposes of replication | GUID |
| Used primarily as an e-mail distribution list | Distribution groups |
| Used to manage access to network resources | Security groups |
| Enables a single administrator to centrally manage resources | Active Directory: |
| enables policy-based centralized management of a network | Group Policy |
| eases the management of even the most complex network by allowing you to apply a Group Policy to an object once | Policy-based administration |
| enables you to delegate administrative privileges for certain objects to appropriate individuals within an organization | The Windows Server family |
| provides you with the capability to customize administrative tools so that the tools match the administrative tasks that you delegate to other administrators | The Windows Server family |
| an operation that targets a specific, unique entry, such as a domain name. | lookup |
| an operation that targets data common to multiple entries, such as the information collected by an Internet search engine on a topic. | search |
| Directories may replicate information widely, in order to increase availability and reliability, and thus reduce response time. | True |
| is a network service that stores information about network resources and makes them accessible to users and applications | directory service |
| provide a consistent way to name, describe, locate, access, manage, and secure information about these resources. | directory service |
| provides name resolution by translating host names into IP addresses. | DNS |
| name identifies the domain where the object is located | Distinguished Name |
| an attribute of the object | Relative Distinguished Name |
| composed of the user’s logon name and a suffix | User Principal Name |
| a 128-bit hexadecimal value that the Windows Server family assigns to objects when they are created | Globally Unique Identifier |
| used to specify an Internet-style name | User Principal Name |
| used to specify a domain and a user account in that domain | Down-Level Logon Name |
| associated with the security principal (user or groups) in whose security context the service executes | Service principal names |
| used to support mutual authentication between a client application and a service | Service principal names |
| core unit of the logical structure in Active Directory | domain |
| a collection of computers, defined by an administrator, that share a common directory database | domain |
| units of replication | Domains |
| the term used to describe the process of updating the BDCs with the PDC | synchronization |
| a hierarchical arrangement of Windows Server family domains that share a contiguous namespace. | Trees |
| group of trees that do not share a contiguous namespace | Forests |
| the ultimate security boundary. | Forests |
| a container object that you use to organize objects within a domain. | organizational unit |
| provides a versioning mechanism that can be used by Active Directory core components to determine what features are available in a forest or domain. | Forest and Domain Functional Levels |
| a combination of one or more IP subnets that are connected by a high-speed link | site |
| map the physical structure of your network | Sites |
| map the logical structure of your organization | domains |
| manages the changes to directory information and replicates those changes to other domain controllers in the same domain | domain controller |
| a repository of information that contains a subset of attributes for all objects in Active Directory | global catalog |
| a domain controller that stores a copy of queries and processes queries to the global catalog | global catalog server |
| The first domain controller that you create in Active Directory is | global catalog server |
| a domain controller that has been assigned one or more single master operations roles in an Active Directory domain or forest. | operations master |
| controls all updates and modifications to the schema | Schema Master |
| controls the addition or removal of domains, and application directory partitions in the forest | Domain Naming Master |
| allocates sequences of RIDs to each of the various domain controllers in its domain | RID Master |
| is responsible for updating the group-to-user references whenever group memberships are changed | Infrastructure Master |
| net user /add | |
| installs and removes Active Directory Domain Services and promotes domain controllers | DCPromo (Domain Controller Promoter) |
| The process of replicating changes in one master copy of the account database to all other master copies is called |
Created by:
majbala