Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
another final exam
skidaddle skidoodle you failed the exam
| Question | Answer |
|---|---|
| What kind of RADIUS server is placed between the RADIUS server and RADIUS clients? | a RADIUS proxy server |
| What is a RADIUS server known as in Microsoft parlance? | Network Policy Server |
| When an access client contacts a VPN server or wireless access point, a connection request is sent to what system? | the NPS server |
| What is the final step in the authentication, authorization, and accounting scenario between an access client and the RADIUS server? | an Accounting-Response to the access server |
| Which parameter specifies the order of importance of the RADIUS server to the NPS proxy server? | priority |
| What information does the Accounting-Start message contain? | the type of service and the user it's delivered to |
| What type of NPS authentication is recommended over password authentication? | certificate |
| Where do you get certificates for authentication purposes? | a certificate authority |
| What would be the biggest problem with configuring text files for accounting logging? | Space; filling up the C drive has catastrophic effects performance. |
| An NPS policy is a set of permissions or restrictions that determine what three aspects of network connectivity? | who, when, and how |
| The default connection request policy uses NPS as what kind of server? | Radius |
| What is the last setting in the Routing and Remote Access IP settings? | how IP addresses are assigned |
| To which type of file do you export an NPS configuration? | XML |
| Network policies determine what two important connectivity constraints? | who is authorized to connect AND the connection circumstances for connectivity |
| If a remote connection attempt does not match any configured constraints, what does the Remote Access server do to the connection? | Denies |
| Which two of the following are Routing and Remote Access IP settings? | Client May Request an IP Address AND Server Must Supply an IP Address |
| Which of the following is the strongest type of encryption? | MPPE 128-Bit |
| RADIUS Access-Request messages are processed or forwarded by NPS only if the settings of the incoming message match what on the NPS server? | one of the connection request policies |
| Network Access Protection (NAP) is Microsoft's software for controlling network access of computers based on what? | a computer's overall health |
| DHCP enforcement is not available for what kind of clients? | IPv6 |
| What type of Active Directory domain controller is recommended to minimize security risks for remediation servers? | read-only |
| To verify a NAP client's configuration, which command would you run? | netsh nap client show state |
| Why do you need a web server as part of your NAP remediation infrastructure? | to provide user information in case of a compliance failure |
| Health policies are in pairs. What are the members of the pair? Select two. | NAP-noncompliant AND NAP-compliant |
| What happens to a computer that isn't running Windows Firewall? | The computer is isolated |
| To use the NAP-compliant policy, the client must do what? | pass all SHV checks |
| When enabling NAP for DHCP scopes, how should you roll out the service? | for individual DHCP scopes |
| What is the default authentication protocol for non-domain computers? | NTLM |
| NTLM uses a challenge-response mechanism for authentication without doing what? | sending a password to the server |
| Kerberos security and authentication are based on what type of technology? | secret key |
| Which three components make up a service principal name (SPN)? | service class, host name, and port number |
| Which tool can you use to add SPNs to an account? | ADSI Edit |
| ADSI Edit | setspn |
| When creating accounts for operating systems, processes, and services, you should always configure them with what two things in mind? | granting the least rights possible AND using strong passwords |
| By default, which service accounts will the Windows PowerShell cmdlets manage? | group MSAs |
| What is the default authentication protocol for contemporary domain computers? | Kerberos |
| The domain controllers are the computers that store and run the _______________. | Active Directory database |
| You do not place the infrastructure master on a global catalog server unless what situation exists? | You have a single domain |
| Which Active Directory object is defined as a specialized domain controller that performs certain tasks so that multi-master domain controllers can operate and synchronize properly? | Operations Master |
| What two things must you do to a Windows Server to convert it to a domain controller? | Seize schema master AND seize PDC |
| Which of the following commands issued at the fsmo maintenance prompt would successfully seize the role of an Operations Master Holder? Select all that apply. | seize schema master |
| What utility must you run on a cloned system to ensure that the clone receives its own SID? | sysprep |
| Which version of Windows Server introduced incremental universal group membership replication? | Windows Server 2003 |
| The global catalog stores a partial copy of all objects in the forest. What are the reasons for keeping that partial copy? Select all that apply. | Logon AND object search AND universal group membership |
| Where in the forest is a global catalog automatically created? | The first domain controller |
| What function does the CSVDE tool perform? | It exports/imports Active Directory information. |
| To perform an authoritative restore, into what mode must you reboot the domain controller? | DSRM |
| What utility first appeared in Windows Server 2008 R2 that allows you to undelete Active Directory containers and objects? | the Active Directory Recycle Bin |
| After you undelete a user account with the LDP utility, what action do you need to perform? | Reset the user's password |
| What is the proper procedure for removing a domain controller from Active Directory? | What is the proper procedure for removing a domain controller from Active Directory? |
| To perform an authoritative restore of an object or subtree, what bit of information do you need to know about the object? | its distinguished name |
| Before you can use the Active Directory Recycle Bin, what two actions do you have to perform? | You have to enable the AD Recycle Bin AND you have to set the AD forest to Windows server 2008 R2 or higher |
| Which utility do you use to defragment Active Directory? | ntdsutil |
| Why is backing up the Windows system state necessary? | It's needed to perform a full system restore. |
| What are examples of password policies? Select all that apply. | ??? |
| What is the default setting for password history? | 24 |
| What setting can you give for account lockout duration that requires an administrator to manually unlock the account? | 0 |
| How should you assign Password Settings objects (PSOs) to users? | Assign the PSOs to a global security group and add users to the group |
| What is the secpol.msc utility used for? | editing local security policies |
| Why should administrator passwords change more often than user passwords? | because administrator accounts carry more security sensitivity than users do |
| What is an easy method of creating a strong password? | Start with a sentence and then add numbers and special characters. |
| Account policies contain various subsets. Which of the following are legitimate subsets of account policies? Check all that apply. | Password Policy AND Account Lockout Policy AND Kerberos Policy |
| Which of the following passwords is considered complex? | A) M!croS0ft |
| Which feature affects all users in the domain, including domain controllers? | Default Domain Policy |
| What is the default timeout value for GPOs to process on system startup? | 600 seconds |
| What is the first step in the GPO processing order? | The computer establishes a secure link to the domain controller. |
| If a site, domain, or OU has multiple GPOs, how are the group policies processed? | by precedence |
| For users to receive GPO settings, they must have which two permissions to the GPO? | Allow Apply AND Allow Read |
| At what point are WMI filters evaluated? | when the policy is processed |
| How many WMI filters can be configured for a GPO? | one |
| What is the primary purpose of running the Group Policy Results Wizard? Check all that apply. | for GPO troubleshooting AND to analyze the cumulative effect of GPOs |
Created by:
TheGoldenCPU
Popular Computers sets