Mid-Term Flashcards by Victor Mendez

Windows Deployment Services (WDS) is a software platform and technology that allows you to perform which function?

automated staging setup for bootable images
automated network-based installations based on network-based boot and installation media
downloadable installations based on staged image files
automated configuration and installation via ISO images and an FTP service

automated network-based installations based on network-based boot and installation media

How well did you know this?

Not at all

Perfectly

What role does preboot execution environment (PXE) play in WDS?

It’s used to boot to a WDS Server to install a preinstallation environment.
It’s used to install WDS services onto a domain controller.
PXE is enabled only in an interdomain trust environment.
It’s a prerequisite for installing WDS services onto a deployment server system.

It’s used to boot to a WDS Server to install a preinstallation environment.

How well did you know this?

Not at all

Perfectly

How do you mount a Windows image using Dism.exe so that you can update it?

read-only
staged
offline
MountDir

offline

How well did you know this?

Not at all

Perfectly

Windows PE 4.0 is based on which operating system?

Windows XP
Windows 7
Windows 8
Windows Mobile

Windows 8

How well did you know this?

Not at all

Perfectly

The initial configuration of WDS includes setup of what other server?

DHCP
Dism
World Wide Web
Image store

DHCP

How well did you know this?

Not at all

Perfectly

Where do you place a discover image to ensure proper deployment?

on a network share
on bootable media
in the PXE configuration parameters
in memory

on bootable media

How well did you know this?

Not at all

Perfectly

Which of the following is the most efficient method of using WDS on a very large network?

bootable media using discover images
unattended installation using PXE boot
installation using PXE boot
unattended installation using bootable media

unattended installation using PXE boot

How well did you know this?

Not at all

Perfectly

Which of the following describes the WDS boot.wim image file?

It installs a standard Windows Server 2012 R2 image to the client computer.
It contains the file resources for all the images in an image group.
It loads Windows PE 4.0 on the client computer.
It’s used to create a bootable ISO file for WDS deployment.

It loads Windows PE 4.0 on the client computer.

How well did you know this?

Not at all

Perfectly

What is the default port number for WSUS synchronization?

8510
8530
8550
8830

8530

How well did you know this?

Not at all

Perfectly

WSUS allows you to automatically approve every update, but you shouldn’t necessarily do that. What should you do before approving updates to be installed?
Check with Microsoft about which updates to apply.
Move the updates into quarantine and wait for others to report problems.
Approve all updates after the normal installation date.
Test the updates on your own systems before approving for rollout.

Test the updates on your own systems before approving for rollout.

How well did you know this?

Not at all

Perfectly

If Windows Update fails to retrieve updates, what should you check first?

the Windows Update site
the Windows Registry settings for Windows Update
the current patch level
Internet Explorer proxy settings

Internet Explorer proxy settings

How well did you know this?

Not at all

Perfectly

Other than the default computer group, how many other groups may a computer be assigned to in WSUS?

one
two
four
sixteen

one

How well did you know this?

Not at all

Perfectly

Which of the following best describes a critical update?

It fixes a known security problem.
It is high priority but not security related.
It is high priority but requires prior approval.
It is security related but requires no approval.

It is high priority but not security related.

How well did you know this?

Not at all

Perfectly

Which of the following is the best example of when you need to restart the Windows Update service?
after you make a configuration change
before you look at the Windows Update log file
after you check the registry settings
if you can’t resolve the WSUS server name

after you make a configuration change

How well did you know this?

Not at all

Perfectly

Microsoft classifies its updates into general categories. What is the definition of important updates?

They offer significant benefits, such as improved security, privacy, and reliability.
They provide a broadly released fix for a specific problem addressing a critical, non-security related bug.
They include updates, drivers, or new software from Microsoft to enhance your computing experience.
They address non-critical problems or help enhance your computing experience.

They offer significant benefits, such as improved security, privacy, and reliability.

How well did you know this?

Not at all

Perfectly

Microsoft classifies its updates into general categories. What is the definition of optional updates?

They include updates, drivers, or new software from Microsoft to enhance your computing experience.

How well did you know this?

Not at all

Perfectly

When you set a service to start automatically with delayed start, how long is the delay?

One minute
Two minutes
Five minutes
Delayed until all other services start

Two minutes

How well did you know this?

Not at all

Perfectly

If you install SQL Server and a third-party backup service on the same system, what rule should you follow when creating service accounts?

Create difficult-to-guess usernames and passwords.
Use a single account for both services.
Use separate accounts for both services.
Add the service accounts to the Local Administrators group.

Use separate accounts for both services.

How well did you know this?

Not at all

Perfectly

Microsoft’s new Event Viewer allows you to collect events from remote computers and store them locally. By what name is this collection of events known?

event logging
event virtualization
event consolidation
event subscription

event subscription

How well did you know this?

Not at all

Perfectly

The Reliability Monitor provides a range of numbers to help you evaluate the reliability of a computer. What is the name of this range of numbers?

Reliability Index
Stability Index
Event Index
Evaluation Index

Stability Index

How well did you know this?

Not at all

Perfectly

Task Manager is not a definitive performance tool because it gives you what kind of look at computer performance?

in-depth analysis
high-level overview
quick glance
performance history

quick glance

How well did you know this?

Not at all

Perfectly

Which tool allows you to best monitor resource usage on a virtual machine host and its individual virtual machines?

Task Manager
Hyper-V Resource Metering
Performance Monitor
Resource Monitor

Hyper-V Resource Metering

How well did you know this?

Not at all

Perfectly

When reading events in the Event Viewer, you need to recognize the designated levels or classifications. What is the definition for the Critical level?

An issue has occurred that can impact service or result in a more serious problem if action is not taken.
A failure has occurred from which the application or component that triggered the event cannot automatically recover.
A problem has occurred that might impact functionality that is external to the application or component that triggered the event.
A change in an application or component has occurred (such as an operation has successfully completed, a resource has been created, or a service started).

A failure has occurred from which the application or component that triggered the event cannot automatically recover.

How well did you know this?

Not at all

Perfectly

When reading events in the Event Viewer, you need to recognize the designated levels or classifications. What is the definition for the Warning level?

An issue has occurred that can impact service or result in a more serious problem if action is not taken.

How well did you know this?

Not at all

Perfectly

What are DFS Namespace shared folders referred to in relation to the virtual folders? targets folder spaces redirects No answer text provided.

targets

The default namespace mode is Windows Server 2008, which supports up to 50,000 folders. How many folders does using non-Windows Server 2008 provide? 500 1,500 3,000 5,000

5,000

DFS Replication does not replace the need for backups because of what feature of replication? It fails with more than 8 million files per volume. It replicates deleted, changed, and corrupted files. The frequency of replication is too seldom. It has a very small cache in which to store files.

It replicates deleted, changed, and corrupted files.

Which replication topology is more efficient than the default replication topology and allows you to set bandwidth, timing, and directionality to your configuration? meshless collective mesh hub/spoke token ring

hub/spoke

What type of resolution model does DFS Replication use to resolve simultaneous-write conflicts? first-in, first-out last-in, last-out last-writer wins first-writer wins

last-writer wins

What type of special cache folder does each replication folder use to hold files ready to be replicated? cache folder upload folder replication folder staging folder

staging folder

Which of the following is an advantage of disabling automatic auto-recovery for DFS databases when the DFSR service stops abnormally? To prevent the constant restarting of the DFS initial replication. To prevent the automatic deleting of files that have not been replicated. To prevent the reseeding of the replicated files. You have the opportunity to fix any underlying problems and to back up the existing replicated folders before recovery begins.

You have the opportunity to fix any underlying problems and to back up the existing replicated folders before recovery begins.

When DFS Replication and DFS Namespace are combined into a single service offering, the pair creates what type of file sharing service? unbreakable N+1 redundant bandwidth intensive fault tolerant

fault tolerant

When setting target priority on a root target for a domain-based namespace, you can override referral ordering and select the priority you want to use. What does the “Last among all targets” option specify? Users should always be referred to this target if the target is available. Users should never be referred to this target unless all other targets are unavailable. Users should be referred to this target before other targets of equal cost (which usually means other targets in the same site). Users should never be referred to this target if other targets of equal cost are available (which usually means other targets in the same site).

Users should never be referred to this target unless all other targets are unavailable.

When setting target priority on a root target for a domain-based namespace, you can override referral ordering and select the priority you want to use. What does the “First among all targets” option specify? Users should always be referred to this target if the target is available. Users should never be referred to this target unless all other targets are unavailable. Users should be referred to this target before other targets of equal cost (which usually means other targets in the same site). Users should never be referred to this target if other targets of equal cost are available (which usually means other targets in the same site).

Users should always be referred to this target if the target is available.

What type of service is the Windows File Server Resource Manager? quota role third-party add-on extension

role

What technology did Microsoft develop to combat the storage of storage-using and potentially illegal files on corporate servers? Windows Firewall Quotas Windows Defender File Screening

File Screening

Some exemptions might be required for certain groups to store otherwise restricted file types. What type of exemption can you set up on folders? file save exemption file type exemption file screen exception folder screen exception

file screen exception

What FSRM feature can you use to show the state of file server volumes, quotas, and disallowed files? Storage Reports Storage Exceptions Storage Quotas Storage Assessments

Storage Reports

When using File System Resource Manager, which group must you be a member of to enable SMTP? Administrators Domain Users Schema Admins Power Users

Administrators

You can generate several different reports from FSRM. One of them gives you a list of Least Recently Accessed Files. What would be the purpose of that report? To warn you that users are storing unused files To allow you to archive unused files To remove unused files To warn you of possible security risks of old files

To allow you to archive unused files

What is the purpose of setting soft quotas? to notify users that they have reached the quota limit to list files that need to be deleted to identify users who violate quotas to determine where hard quotas need to be set

to notify users that they have reached the quota limit

If you were asked to set up a shared file area for users that prevented them from saving video files or images of any kind, what would you set up on that shared folder? Active file screen with included and excluded file groups hard quota for each user and passive file screening standard file share with e-mail notification Passive file screen and a soft quota

Active file screen with included and excluded file groups

You can use FSRM to create several different types of storage reports that show the state of server volumes and anyone who exceeds the quotas or uses files that aren’t allowed. What does a Duplicate Files storage report show? a list of files sorted by selected file groups defined with FSRM a list of files that have not been accessed for a specified number of days a list of quotas that exceed a specified percentage of the storage limit a list of files that are the same size and have the same last modified date

a list of files that are the same size and have the same last modified date

You can use FSRM to create several different types of storage reports that show the state of server volumes and anyone who exceeds the quotas or uses files that aren’t allowed. What does a Quota Usage storage report show? a list of files sorted by selected file groups defined with FSRM a list of files that have not been accessed for a specified number of days a list of quotas that exceed a specified percentage of the storage limit a list of files that are the same size and have the same last modified date

a list of quotas that exceed a specified percentage of the storage limit

An encrypted file can be converted back to its original format by a process known as what? encryption digitization decryption encapsulation

decryption

Public-key cryptography uses how many keys? one two two pair 256

two

What is one purpose of using hash function encryption? to store passwords in a non-readable format to demonstrate one-way encryption techniques to provide keyless encryption and decryption algorithms to keep track of 128-bit key pairs

to store passwords in a non-readable format

EFS encryption is what type of feature that can be enabled or disabled at will, similar in effect to read-only, compression, or hidden? status characteristic attribute handle

attribute

If you’re a command-line user, what command will encrypt files and folders? encrypt. exe compress. exe efs. exe cipher. exe

cipher.exe

On what type of computer is BitLocker not commonly used? laptops desktops netbooks servers

servers

Where is the most secure location to store secure key recovery information? on an encrypted USB device in a secure cabinet on an encrypted USB device in Active Directory on the local device

in Active Directory

BitLocker has multiple operational modes for OS drives that define the steps involved in the boot process. Match the TPM + startup PIN BitLocker mode with its correct description. The system stores the BitLocker volume encryption key on the TPM chip, but you must supply a personal identification number (PIN) and insert a USB flash drive containing a startup key before the system can unlock the BitLocker volume and complete the system boot sequence. The system stores the BitLocker volume encryption key on the TPM chip and accesses it automatically when the chip has determined that the boot environment is unmodified. This unlocks the protected volume and the computer continues to boot. No administrative interaction is required during the system boot sequence. The system stores the BitLocker volume encryption key on the TPM chip, but you must supply a PIN before the system can unlock the BitLocker volume and complete the system boot sequence. The system stores the BitLocker volume encryption key on the TPM chip, but you must insert a USB flash drive containing a startup key before the system can unlock the BitLocker volume and complete the system boot sequence.

The system stores the BitLocker volume encryption key on the TPM chip, but you must supply a PIN before the system can unlock the BitLocker volume and complete the system boot sequence.

Authentication is used for what purpose? to grant access to a user to verify a user’s identity to determine security restrictions to calculate effective permissions

to verify a user’s identity

Auditing is used for what purpose? authenticating users authorizing users recording user’s actions assessing a user’s permissions

recording user’s actions

Why should you avoid using basic audit policy settings and advanced audit policy settings together? That amount of auditing will fill up Event Logs too quickly. The two audit setting ranges have too much redundancy or overlap between them. Setting too many policies can put your system in an “out of compliance” state. Audit policies might cause conflicts or erratic behavior.

Audit policies might cause conflicts or erratic behavior.

Where can you view audit events? in the C:\Temp\Logs folder as text files in System logs in Event Viewer Correct! in Security logs in Event Viewer by using audit /logs at the command line

in Security logs in Event Viewer

By using what type of policy can you track, limit, or deny a user’s ability to use removable storage devices such as USB drives in Windows Server 2012 R2? USB Storage Access Removable Storage Access Removable Device Access Storage Device Audit

Removable Storage Access

When resetting audit settings back to basic mode, what file must you remove as part of the process? policies. txt audit. txt policies. csv audit. csv

audit.csv

Why are success audits as important as failure audits? Successes are important to troubleshooting for establishing baselines of normal behavior. Successes are included by default and can be filtered out. Successes can point to security breaches as well as normal behavior. Successes allow you to track activity such as new account creation.

Successes allow you to track activity such as new account creation.

The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /remove /allusers command. Delete the per-user audit policy for all users, reset or disable the system audit policy for all subcategories, and then set the audit policies settings to disable. Remove the per-user audit policy for a single user’s account. Remove the per-user audit policy for all users. Show an authoritative report on what audit settings are being applied.

Remove the per-user audit policy for all users.

The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /get /category:* command. Delete the per-user audit policy for all users, reset or disable the system audit policy for all subcategories, and then set the audit policies settings to disable. Remove the per-user audit policy for a single user’s account. Remove the per-user audit policy for all users. Show an authoritative report on what audit settings are being applied.

Show an authoritative report on what audit settings are being applied.

The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /clear command. Delete the per-user audit policy for all users, reset or disable the system audit policy for all subcategories, and then set the audit policies settings to disable. Remove the per-user audit policy for a single user’s account. Remove the per-user audit policy for all users. Show an authoritative report on what audit settings are being applied.

Delete the per-user audit policy for all users, reset or disable the system audit policy for all subcategories, and then set the audit policies settings to disable.

The Domain Name System (DNS) works much like a phone book to associate URLs (names) with what kinds of numbers? ID numbers World Wide Web numbers domain addresses IP addresses

IP addresses

What type of structure does DNS have? hierarchical distributed flat distributed top-down distributed wheel-spoke distributed

hierarchical distributed

Which of the following is an example of a top-level domain? .local .net .business microsoft.com

.net

What is another term for DNS client? top-level host DNS server DNS resolver DNS query

DNS resolver

By using the Active Directory–integrated zone, DNS follows what kind of model? master-slave multi-master primary-secondary forward-reverse

multi-master

What is one advantage of subdomains? They allow you to use fewer IP addresses per domain. They offer more efficient network segmentation with inherent VLAN capability. They provide better overall network performance for large networks. They allow you to break up larger domains into smaller, more manageable ones.

They allow you to break up larger domains into smaller, more manageable ones.

What is the first and most important step in installing and deploying DNS in your network? setting up Active Directory so that DNS can be integrated into it planning the infrastructure and service requirements configuring the forward and reverse lookup zones correctly splitting the network into subdomains

planning the infrastructure and service requirements

By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the Only to servers listed on the Name Servers tab method? restricts zone transfers to those servers specified in the accompanied list retrieves only resource records that have changed within a zone restricts zone transfers to secondary DNS servers as defined with NS resource records allows a data transfer to any server that asks for a zone transfer (least secure)

restricts zone transfers to secondary DNS servers as defined with NS resource records

By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the To any server method? restricts zone transfers to those servers specified in the accompanied list retrieves only resource records that have changed within a zone restricts zone transfers to secondary DNS servers as defined with NS resource records allows a data transfer to any server that asks for a zone transfer (least secure)

allows a data transfer to any server that asks for a zone transfer (least secure)

What is another designation for an Alias? A host or A record canonical name or CNAME pointer or PTR record Name Server or NS record

canonical name or CNAME

If you have a server named server1.blah.com, want to use it as your web server, and have requests point to www.blah.com, what kind of DNS record would you create? an A record a CNAME record a PTR record an NS record

a CNAME record

Which command do you use to verify local DNS settings? nslookup ipconfig /all ping localhost tracert

ipconfig /all

Which DNS record contains the serial number for the zone? NS record A record PTR record SOA record

SOA record

You can use the dnscmd command to create zones. What other tasks can you perform with it? delete resource records start/stop the DNS service perform name service queries install DNS services

delete resource records

Which one of the following is correct for querying a PTR record? nslookup Microsoft.com nslookup www.technet.com nslookup server1 nslookup 192.168.1.50

nslookup 192.168.1.50

If you issue the command nslookup 192.168.1.50 and get no response, but then issue nslookup server1 and receive 192.168.1.50 as a response, what do you know is wrong? The CNAME record is incorrect. The PTR record doesn’t exist. The A record doesn’t exist. The SOA for the zone is malformed.

The PTR record doesn’t exist.

DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Host (A and AAAA) records. identifies an alias for a host name identifies a DNS server that is authoritative for a zone maps a domain/host name to an IP address resolves host names from IP addresses

maps a domain/host name to an IP address

DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Canonical Name (CNAME) records. identifies an alias for a host name identifies a DNS server that is authoritative for a zone maps a domain/host name to an IP address resolves host names from IP addresses

identifies an alias for a host name

Why are phone lines and ISDN not used today for remote access services (RAS)? They’re too expensive. They’re not secure enough. They create dedicated access. They no longer supply acceptable bandwidth.

They no longer supply acceptable bandwidth.

Why would you set Verify Caller ID on a remote dial-up connection for a user? for enhanced security because you don’t trust the user because you want users to call in only from specific numbers because it’s the default setting

for enhanced security

When would you want to use a split tunnel for users? if your users work only from the office if your users might compromise security by browsing to insecure sites if your users have laptop computers and work from home or office if your users often need remote assistance

if your users have laptop computers and work from home or office

How is data verified when transferred through the Internet? by cryptographic checksum by RAS callback options by correct firewall settings by using PPTP for VPN connections

by cryptographic checksum

Which authentication method is weakest (least secure)? PAP CHAP MS-CHAPv2 EAP-MS-CHAPv2

PAP

Which VPN protocol provides constant connectivity? L2TP IKEv2 SSTP PPTP

IKEv2

How are routing tables created dynamically? through the use of RIP with static routes by using the routing table protocol (RTP) by using a layer 2 switch

through the use of RIP

In Windows Server 2012 R2, what is used as a reverse proxy? Web Application proxy Reverse Lookup AD FS proxy Reverse Web

Web Application proxy

What is the first thing to check when troubleshooting VPN problems? network connectivity usernames and passwords DNS lookups firewall settings

network connectivity

RRAS has multiple options from which you can select one or more services to provide to your users. Select the correct description for the Virtual private network (VPN) access and NAT option. sets up the server to provide NAT services to clients on the private network that need to access the Internet sets up a demand-dial or persistent connection between two private networks sets up the server to support incoming VPN connections and to provide NAT services sets up the server to accept incoming remote access connections (dial-up or VPN)

sets up the server to support incoming VPN connections and to provide NAT services

DirectAccess was introduced with which workstation/server pair? Windows XP/Windows Server 2003 Windows Vista/Windows Server 2008 Windows 7/Windows Server 2008 R2 Windows 8/Windows Server 2012

Windows 7/Windows Server 2008 R2

What type of server is the network location server (NLS)? DNS DHCP web AD

web

What is the most basic requirement for a DirectAccess implementation? The DirectAccess server must be part of a cluster. The DirectAccess server must be highly available. The DirectAccess server must also run DNS services. The DirectAccess server must be part of an Active Directory domain.

The DirectAccess server must be part of an Active Directory domain.

What does the netsh namespace show policy command do? shows the DNS search order displays the static routing table for a namespace shows the NRPT rules as configured on the group policy displays local DirectAccess security policy

shows the NRPT rules as configured on the group policy

What kind of connectivity does DirectAccess provide between client computers and network resources? stable but limited seamless and always on active and firewalled firewalled and passive

seamless and always on

How do the DirectAccess server and DirectAccess client authenticate each other? IPSec and PAP PPTP and username/password computer and user credentials encrypted secret channel handshake

computer and user credentials

In addition to meeting operating system requirements, a DirectAccess client must be a member of what? a DirectAccess client group a NAP group an AD domain a fault-tolerant network segment

an AD domain

The Run the Remote Access Setup Wizard breaks the installation into four separate installations that give you a great deal of control over settings and configurations. Identify the correct description for the installation of Infrastructure Servers. Configure the network connections based on one or two network cards and which adapters are internal and which adapters are external. You can also specify the use of smartcards and specify the certificate authority (CA) to use for DirectAccess to provide secure communications. Specify which clients within your organization can use DirectAccess. You specify the computer groups that you want to include and whether you want to include Windows 7 clients. Configure how the clients access the core infrastructure services such as Active Directory domain controllers and DNS servers. You also specify an internal web server that can provide location services for infrastructure components to your DirectAccess clients. Configure your end-to-end authentication and security for the DirectAccess components. It also provides secure connections to individual servers.

Configure how the clients access the core infrastructure services such as Active Directory domain controllers and DNS servers. You also specify an internal web server that can provide location services for infrastructure components to your DirectAccess clients.

The Run the Remote Access Setup Wizard breaks the installation into four separate installations that give you a great deal of control over settings and configurations. Identify the correct description for the installation of Remote Access Servers. Configure the network connections based on one or two network cards and which adapters are internal and which adapters are external. You can also specify the use of smartcards and specify the certificate authority (CA) to use for DirectAccess to provide secure communications. Specify which clients within your organization can use DirectAccess. You specify the computer groups that you want to include and whether you want to include Windows 7 clients. Configure how the clients access the core infrastructure services such as Active Directory domain controllers and DNS servers. You also specify an internal web server that can provide location services for infrastructure components to your DirectAccess clients. Configure your end-to-end authentication and security for the DirectAccess components. It also provides secure connections to individual servers.

Configure the network connections based on one or two network cards and which adapters are internal and which adapters are external. You can also specify the use of smartcards and specify the certificate authority (CA) to use for DirectAccess to provide secure communications.