True/False
Indicate whether the sentence or statement is true
or false.
|
|
|
1.
|
Less
common attributes of user accounts can be managed programmatically with code, script, or tools like
ADSI Edit.
|
|
|
2.
|
The
Log On To button in the Account tab of the properties of a user account allows an administrator to
configure the days and hours when this user is allowed to log on to the network.
|
|
|
3.
|
One
domain controller in an Active Directory environment is specified to be the Key Distribution Center
for Kerberos v5 authentication.
|
|
|
4.
|
If an
NTLM authentication is successful, the domain controller generates a token for the user process to
enable network access.
|
|
|
5.
|
If
changes are made to a user’s roaming profile, the changes are saved at the central server where
the profile is maintained.
|
|
|
6.
|
Roaming user profiles cannot be configured as mandatory profiles.
|
|
|
7.
|
Active Directory Users and Computers allows you to configure the properties of a
single user object at a time.
|
|
|
8.
|
The
DSMOD USER command can be used to change settings associated with multiple user accounts
simultaneously.
|
|
|
9.
|
DSMOVE can only be used to move objects within the same domain.
|
|
|
10.
|
The
DSRM command is used only when deleting a single object from memory.
|
Modified True/False
Indicate
whether the sentence or statement is true or false. If false, change the identified word or
phrase to make the sentence or statement true.
|
|
|
11.
|
The
Organization property of a user account enables a particular profile to be associated with the
user or set of users, such as a common desktop. _________________________
|
|
|
12.
|
In
a(n) workgroup, user authentication is handled by the local computer’s SAM database.
_________________________
|
|
|
13.
|
A Key
Distribution Center (KDC) in the Kerberos v5 authentication protocol creates and issues a(n)
service ticket when a client has been successfully authenticated.
_________________________
|
|
|
14.
|
The
Copy To button of a user profile can be used by an administrator to change the type of user
profile from local to roaming or vice versa. _________________________
|
|
|
15.
|
If a
user profile is mandatory, the user can make only temporary changes to their desktop
environment. _________________________
|
|
|
16.
|
To
create a new user account in Active Directory Users and Computers, you would right click on a
particular container, such as Users, select Create, and then click User.
_________________________
|
|
|
17.
|
The
command line utility DSADD allows various object types to be added to the directory.
_________________________
|
|
|
18.
|
A CSV
file is a structured file where data is represented as content-separated values.
_________________________
|
|
|
19.
|
The
command-line utility LDIFDE uses a file format called LDAP Interchange Format.
_________________________
|
|
|
20.
|
Logon
events are added to the Security log, which is accessible using the Event Viewer utility.
_________________________
|
Multiple Choice
Identify the
letter of the choice that best completes the statement or answers the question.
|
|
|
21.
|
How
many different types of user profiles does Windows Server 2003 support?
|
|
|
22.
|
Which
of the following user account properties is used to add the account to an existing group of users
that have the same security and access requirements? a. | COM+ | c. | Remote
control | b. | Member Of | d. | Environment | | | | |
|
|
|
23.
|
Under
which of the user account properties tabs can you find the user logon name and the domain
name? a. | Account | c. | Organization | b. | Environment | d. | Member Of | | | | |
|
|
|
24.
|
In an
Active Directory environment, a server configured as a(n) _____ authenticates a
user. a. | administrative
server | c. | domain
server | b. | member server | d. | domain controller | | | | |
|
|
|
25.
|
When
using smart card authentication for user accounts, the user inserts their card into a reader and then
must do which of the following? a. | log in to a local computer | b. | log in to a
domain controller | c. | supply a PIN number | d. | answer a
prespecified question | | |
|
|
|
26.
|
Which
of the following refers to the process of supplying a user name and password via the Log On to
Windows dialog box? a. | interactive authentication | c. | network authentication | b. | workgroup
authentication | d. | domain
authentication | | | | |
|
|
|
27.
|
_____
is the primary authentication protocol used in Active Directory domain environments. a. | NTLM | c. | Kerberos
v5 | b. | KDC | d. | service
ticketing | | | | |
|
|
|
28.
|
Under
the Kerberos v5 authentication protocol, when a user tries to access a network resource, it presents
a TGT to the KDC and requests a(n) _____ for the server on which the resource
resides. a. | challenge | c. | access
ticket | b. | ticket-granting ticket | d. | service ticket | | | | |
|
|
|
29.
|
Which
of the following refers to operating systems running Windows NT 4.0 or earlier with respect to user
authentication? a. | down-level | c. | KDC | b. | Kerberos v5 | d. | challenge-response | | | | |
|
|
|
30.
|
In
NTLM authentication, the domain controller generates a 16-bit random number known as a _____ and
sends it back to the client. a. | service ticket | c. | cryptograph | b. | challenge | d. | ticket-granting
ticket | | | | |
|
|
|
31.
|
An
administrator can configure a _____ user profile that cannot be modified by the
user. a. | roaming | c. | mandatory | b. | default | d. | key | | | | |
|
|
|
32.
|
Which
of the following tasks related to user accounts can only be performed by an
administrator? a. | Change Desktop
Wallpaper | c. | Change
Type | b. | Change
Favorites | d. | Create a
Shortcut | | | | |
|
|
|
33.
|
Which
of the following is the tool you would use to create a new user profile? a. | System, in
Control Panel | c. | Azul | b. | Kerberos | d. | Active Directory Users and Computers | | | | |
|
|
|
34.
|
Roaming profiles are configured from the _____ page of a user account’s
properties in Active Directory Users and Computers. a. | Profiles | c. | Sessions | b. | Environment | d. | Terminal Services Profile | | | | |
|
|
|
35.
|
Changing a user profile to be mandatory requires that the .dat file extension of the
ntuser.dat file be changed to which of the following?
|
|
|
36.
|
If an
administrator was editing the properties of multiple user accounts, which of the following utilities
would be the most logical one to use? a. | Active Directory Computers and
Users | c. | DSQUERY | b. | DSADD | d. | DSMOD | | | | |
|
|
|
37.
|
Which
of the following will run Active Directory Users and Computers from the command
line? a. | ntuser.dat | c. | dsa.msc | b. | dsadd | d. | dsmod | | | | |
|
|
|
38.
|
When
configuring user accounts, you can use the variable _____ to automatically create an
individual’s folders. a. | username | c. | !username! | b. | %username% | d. | ^username^ | | | | |
|
|
|
39.
|
The
distinguished name used to identify a user account being created with the DSADD command is in _____
format. a. | UPN | c. | Active
Directory | b. | LDAP | d. | DNS | | | | |
|
|
|
40.
|
Which
of the following switches used with the DSADD command indicates groups that the user should be added
to? a. | -memberof | c. | -disabled
| b. | -profile | d. | -pwd | | | | |
|
|
|
41.
|
Look
for the DSADD topic in Windows Server 2003 _____ to get a complete list of switches and options
available with the DSADD command. a. | Catalog | c. | Help and Support | b. | Administrative
Tools | d. | Properties | | | | |
|
|
|
42.
|
Typing _____ at the command line will allow you to view the complete list of switches
and options available with the DSMOD USER command. a. | DSMOD USER
HELP | c. | DSMOD
? | b. | DSMOD HELP
USER | d. | DSMOD USER
/? | | | | |
|
|
|
43.
|
Which
of the following command line utilities can be used to query for directory objects from the command
line? a. | DSQUERY | c. | DSADD | b. | DSMOD | d. | CSVDE | | | | |
|
|
|
44.
|
Which
of the following commands supports the wildcard character (*)? a. | DSMOD | c. | DSMOVE | b. | DSRM | d. | DSQUERY | | | | |
|
|
|
45.
|
The
_____ command can have its output piped as input to another command-line utility. a. | DSMOD | c. | DSADD | b. | DSQUERY | d. | DSMOVE | | | | |
|
|
|
46.
|
Which
of the following command-line utilities can be used to rename an object? a. | DSQUERY | c. | DSMOVE | b. | DSRM | d. | DSADD | | | | |
|
|
|
47.
|
Which
of the following commands can be used to delete an object from the directory? a. | DSRM | c. | DSMOVE | b. | DSMOD | d. | DSADD | | | | |
|
|
|
48.
|
Which
of the following switches can be used with the DSRM command-line utility to keep the system from
asking for confirmation from the user? a. | -subtree | c. | -noprompt | b. | -exclude | d. | -c | | | | |
|
|
|
49.
|
When
data is exported from Active Directory using CSVDE, the first line of the file contains the name of
each attribute being exported, separated by a. | commas. | c. | spaces. | b. | hyphens. | d. | asterisks. | | | | |
|
|
|
50.
|
Which
of the following is a common use of the LDIFDE command-line utility and the LDIF file
format? a. | changing account
policies | c. | auditing
authentication | b. | enforcing password policy | d. | extending Active Directory schema | | | | |
|
|
|
51.
|
The
Default Domain Policy object has which of the following types? a. | organizational
unit | c. | Account
Policy | b. | Group Policy | d. | system services | | | | |
|
|
|
52.
|
Which
of the following password policy items defines the number of days that a password can be used before
the user is required to change it? a. | enforce password history | b. | minimum password
age | c. | maximum password
age | d. | store passwords
using reversible encryption | | |
|
|
|
53.
|
Which
of the following account lockout policy items defines the number of failed logon attempts that
results in the user account being locked? a. | reset account lockout counter
after | c. | account lockout
threshold | b. | account lockout complexity | d. | account lockout duration | | | | |
|
|
|
54.
|
Which
of the following Kerberos policy items determines the amount of time, in days, that a user’s TGT
may be renewed? a. | maximum lifetime
for service ticket | c. | maximum lifetime
for user ticket | b. | maximum lifetime for user ticket
renewal | d. | enforce user
logon restrictions | | | | |
|
|
|
55.
|
To
enable the auditing of failure account logon events, you must access the _____ setting to check the
Failure check box. a. | Audit object access | c. | Audit account management | b. | Audit process
tracking | d. | Audit account
logon events | | | | |
|
Yes/No
Indicate whether you agree with the sentence or
statement.
|
|
|
56.
|
Is it
possible for the number of tabs in the property pages of Active Directory objects to
change?
|
|
|
57.
|
In a
domain environment, do users normally have local user accounts configured on their
workstations?
|
|
|
58.
|
Do
all of the following operating systems support Kerberos v5 authentication: Windows NT 4.0, Windows
2000, Windows XP, Windows Server 2003?
|
|
|
59.
|
Are
user profiles always stored on a domain controller?
|
|
|
60.
|
Must
roaming profiles be stored on a domain controller?
|
|
|
61.
|
In an
Active Directory environment, must user accounts be created and stored in the Active Directory
database on domain controllers?
|
|
|
62.
|
Are
the utilities DSADD, DSMOD, DSQUERY, DSMOVE, and DSRM a good alternative to Active Directory Users
and Computers for administrators who are more comfortable working from the command
line?
|
|
|
63.
|
Does
the following query return a list of distinguished names?
dsquery user
“cn=users, dc=domain1, dc=dovercorp, dc=net” -disabled
|
|
|
64.
|
In
the LDIF file format, does the first line indicate an object type and the names and orders of
attributes that will follow?
|
|
|
65.
|
If
you want to edit a Group Policy, should you access it from Active Directory Users and
Computers?
|