AD 70-640 Flashcards Preview

SYSTEM ADMIN > AD 70-640 > Flashcards

Flashcards in AD 70-640 Deck (78)
Loading flashcards...
1

What is Schema?

Defines all attributes for all objects in AD


Is what gives the ability to create object:
Examples: tables, the fields in each table, and the relationships between fields and tables.

2

What file is the core of Active Directory?

NTDS.DIT

3

What are the Advantages of Active Directory?

Centralized - makes all activities under one authority

Scale-able - allows you to make a lot of objects

Extensible - allows you to add fields to the schema
Examples:pictures, Social #, ETC

Manageable

Secure- **Cuborose Tickets** traffic is automatically encrypted

DNS Intergration -

Replication- Create users accounts can get replicated to another server convergence



GPO- items it can use to control every aspect what each user can see and do.

4

What is Convergence?

convergence is when active directory agrees with itself in all of its different locations.

5

What is a Domain?

A group of computers and devices on a network

6

What is a Forest?

A collection of one or more AD domains that share a common logical structure, directory schema, directory configuration, and Global catalog

7

How do you open the Initial Configuration Task after you check do not show?

OOBE

8

What is DCPROMO?

starts the AD DS install wizard

9

What is dynamically assigned IP address?

It automatically assigns an IP address that changes on its own.

10

What is a static IP address?

Manually assigned IP address that will only changes when manually changed by a admin.

11

How do you change your IP address from Dynamic to Static?

Network and sharing - Manage network connections - Local area connection - Properties

12

What is a subnet mask?

it determines if the information is on your network or on another. If the information is located on another network the request will be forwarded to the Default gateway.

13

What is a common preferred DNS server address?

127.0.0.1 because it is a loop back address.

14

How do you preform an unattended installation?

dcpromo /unattend:location\myanswerfile.txt

15

How to tell the version of windows you are on?

WinVer in the command prompt

16

How to determine the version of the schema?

regedit- hkeylocal system- currentcontrolset- services - NTDS - Prameters

17

How to add a Child Domain?

Run DCPromo and create new domain in existing forest

18

How to update the schema?

put dvd in drive
run cmd
adprep /forest prep
once complete run adprep /domain prep /gpprep

19

How are RODC updated?

Updates are replicated to the RODC from a Read Write Domain Controller

20

How does Credential Caching work?

RODC verifies credentials instead of forwarding the request.

Admins are denied Caching credentials by default

21

What can a admin on a RODC do?

Install updates and drivers

22

How many RODC and be on one domain?

One RODC per domain per site

23

What happens if you want a RODC in a site that contains outlook users?

You will have to make the RODC a GC

24

How do you install a RODC?

DCPROMO w/Advance (Full)

For Server Core you have to have a answer file

25

What are the 5 operations maters roles?

Forest Operations:
the schema master
domain naming master
Domain:
Infrastructure -
relative identifier (RID) master,
primary domain controller (PDC) emulator
infrastructure master.

26

How to access the schema?

1. You have to register the schema, regsvr32 schmmgmt.dll
2.run mmc console
3.add/remove snap in
4. add the schema

27

What is the primary domain controller (PDC) emulator?

The final Authority for password changes, responsible for master time source, domain master browser,

28

What is the Domain Naming Master?

checks to make sure that the name space is not in use.

29

What is Domain Master Browser?

find

30

What is the Master Time Source?

find

31

What is the Schema Master role?

Is what gives the options for active directory. Provided the field (Text Box )

32

What does command dcdiag?

tells you about the domain and what roles it haves. Can be used to diagnosed issues.

33

What does command dcdiag /test:ridmanager /v do?

it provided information about the RID

34

What is a stand by master?

Stand by master is used when a server goes down. you can transfer the servers roles to the stand by master
( A back up server )

35

Why should the Domain Naming Master Role and Global Catalog be installed on the same server?

The domain naming master role refers to the GC to see if the name space already exist.

36

What does the Infrastructure Master Role do?

Check the cross domain references to verify their group membership . Refers to the GC for verification.

37

Where are the Domain Operation Roles?

Server manager - active directory user and computers - right click on domain - operations masters

38

Where do you find the Forrest Operations Roles?

Domain Naming Master Role can be found in Open Active Directory Domains and Trust - right click on Directory Domains and Trust - Operations masters roles

Schema master role can be found in console - right click on active directory schema - operations master role

39

How to transfer the Schema Master Role?

have to be a schema admin - console - right click on change active directory domain controller - select the new server. - once connected you right click on right click on active directory schema - operations master role - then select the word change

40

How do you see what Domains are running what Operation master roles?

in cmd run netdom query fsmo

41

How to rename a domain controller?

start - right click on computer - properties - change settings - select the change button

42

How to raise the domain functional level.

rick click on the domain inside of server manager - select raise domain functional level ,

43

How do you determine the highest Functional Level For a Forrest?

The highest level is based upon the lowest level Domain Controller

44

What is Linked Value Replication?

It picks out the new objects inside of the security group and replicates only the new objects instated of replicating all the memberships in that group

45

How to raise the Function Level for Forest?

Active Directory Domains and Trust - right click on active directory domains and trust - raise forest functional level

46

How to make a user account?

Go to the users folder - right click - select user -

47

What trick should you use for creating Template accounts?

create it with a _ in front of the name to make it appear at the top and disable the user account

48

How to change the hours someone can login?

click the account - go to account settings tab - select logon hours

49

How to make a new user from a template account?

right click on the template account - select copy - fill in the persons information.

50

What is DSADD?

is the primary tool you can use to add new accounts

51

What is DSRM?

Allows you to remove ou and all of the content in it.

52

What is DSmove?

Allows you to move and rename groups

53

What is LDIFDE?

Used to improt and export from a plane text file

54

What is CSDE?

Used to work with CSV files to automatically import & export accounts.

55

How do you get assistance with powershell cmdlets?

get-help (then the task you want to preform) get-service

56

What are variables in PowerShell?

Its an abbreviation that reduces the amount of typing and they start with $
These changes are only temporary

example: $wmi=Get-WmiObject Win32_Service - computername dci

will run complete cmdlet in full when you now type $wmi

57

What is PowerShell?

is a command line that uses Verb-Noun Syntax (CMDLET) example Get-Service
It is backwards compatible with cmd commands
****

58

What is a Alias in PowerShell?

a shortened cmdlet
These changes are only temporary

example: get-ChildItem
Alias: Dir

59

How do you make a Alias in PowerShell?

new-alias np (desired abbreviation) notepad (name of task)

60

How do you assign or limit someone to the computers they can access.

Right click on the account - account tab - select logon - and you can assign the computer the user can access.

61

How do you make an account profile?

account preferences - profile - \\servername\profiles\%username%

62

How do you access GPO passwords settings?

server manager - features - Group policy management - forest - domain - right click on default domain policy edit -

computer configurations - security settings - account policy

63

How to access the Audit account login settings?

server manager - features - Group policy management - forest - domain - right click on default domain policy edit -

computer configurations -windows settings - security settings - local policies

64

How to enable or disable an account?

Right click on the account and select disable / enable

65

How to rename an account?

Right click on the account and select rename

66

What are the 3 group scope?

Domain Local, Global, Universal

67

What kind of memberships can be added to a Domain local group?

Can accept any membership ( Global , Universal ) but cant accept other Domain Local groups form another domain's local group

User account from any domain in forest
 Global or universal from any domain in forest
 User accounts, global or universal groups from a
trusted forest domain
 Other domain local groups from the same domain

Recourse access

68

What kind of memberships can be added to a Global group?

User account in same domain
Other global groups from same domain

for users of common type. example Department users

69

What is a Tree?

A collection of domains that share a common DNS namespace ( Patent -Technet.vn) ( child (video.technet.vn)

70

What is a Domain?

The core administrative unit of AD DS ( Address
)

71

What is a Orgnizational Unit? (OU)

Containers in AD DS which provide a framework for administrator and Group Policy Links.

72

What is a Site?

A collection of AD objects defined by their physical location

73

What is a Partition?

Logical section of actual AD DS Database.

74

What is a Domain Controller?

Contain copiesof the ad ds database

75

What is a data store?

The file on each domain controller that stores the AD DS information

76

What is Global Catalog servers

Domain Controllers which host global catalog which is partial read only copy of all the objects in the forrest

77

Read-Only Domain Controllers ?

Contain a special read only copy of the AD DS Database

78

What is Forest and Domain function level?

It is configured based on the older OS you will be supporting.