Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online

    Free Trial

    Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint
    Share this Page URL
    Help

    Exam Cram Questions

    1.Alex has installed AD LDS on a Windows Server 2008 computer and created an instance that he plans to use for data storage with two directory-enabled applications that he will deploy on his company’s network. Which of the following tools can he use to manage the AD LDS instance he has created? (Choose all that apply.)

    A.Active Directory Users and Computers
    B.Active Directory Sites and Services
    C.Active Directory Domains and Trusts
    D.Active Directory Schema
    E.Active Directory Services Interface (ADSI)
    F.Ldp.exe


    2.You are the administrator of your company’s network. You have installed several AD LDS instances to enable connections to directory-enabled applications that run on your Windows Server 2008 network. A contractor named Alex requires access to one of these applications from his laptop computer running Windows Vista Business, but he should not have access to shared resources in Active Directory. What should you do to enable this access?

    A.Configure an AD LDS security principal for Alex.
    B.Configure a domain user account for Alex.
    C.Add Alex’s local user account to the Domain Users group in Active Directory.
    D.You do not need to do anything. Alex can access the applications simply by plugging his laptop into the network and using his local user account.


    3.John is responsible for administering his company’s servers that run AD RMS. Anna, a junior administrator, will help him by managing the server’s AD RMS policies and settings. Which of the following roles should John delegate to Anna so that she can perform this task without the ability to perform additional tasks?

    A.AD RMS Auditors
    B.AD RMS Template Administrators
    C.AD RMS Enterprise Administrators
    D.AD RMS Server Operators


    4.Wendy is the network administrator for a company that operates an AD DS network consisting of a single domain that is operating at the Windows Server 2003 domain and forest functional level. Servers run either Windows Server 2003 or Windows Server 2008, and client computers run either Windows XP Professional or Windows Vista Business or Ultimate. Wendy is planning the deployment of AD RMS on the network to provide a rights-protected information system.

    Which of the following should Wendy do to complete the deployment of AD RMS with the least amount of administrative effort and capital expenditure? (Each correct answer represents a partial solution. Choose two answers.)

    A.Upgrade all Windows XP client computers to Windows Vista Business.
    B.Upgrade all Windows XP client computers to Windows Vista Ultimate.
    C.Ensure that all Windows XP client computers have Service Pack 2 or later, and install the RMS client on these computers.
    D.Upgrade domain controllers to Windows Server 2008, and set the domain and forest functional levels to Windows Server 2008.
    E.Obtain and install an SSL certificate from a trusted root certification authority.


    5.Heather is an administrator for a company that operates an AD DS network consisting of a single domain that runs at the Windows 2000 domain functional level. There are three sites corresponding to the company’s head office and two small branch offices. Domain controllers on the network run either Windows 2000 Server or Windows Server 2003, but the company plans to introduce domain controllers running Windows Server 2008 to the network.

    Heather has read about all the advantages of using RODCs to authenticate users in her company’s branch offices and is planning to set up an RODC in each of the branch offices. Which of the following does she need to do before setting up the RODCs? (Each correct answer represents part of the solution. Choose four answers.)

    A.Upgrade all Windows 2000 Server domain controllers to either Windows Server 2003 or Windows Server 2008.
    B.Upgrade all Windows 2000 Server and Windows Server 2003 domain controllers to Windows Server 2008.
    C.Raise the domain and forest functional levels to Windows Server 2003.
    D.Raise the domain and forest functional levels to Windows Server 2008.
    E.Upgrade the PDC emulator to Windows Server 2003.
    F.Upgrade the PDC emulator to Windows Server 2008.
    G.Run the Adprep /rodcprep utility on the schema master.
    H.Run the Adprep /rodcprep utility on the infrastructure master.


    6.You are the network administrator for your company, which runs an AD DS domain. The company’s head office is located in Dallas, and a branch office is located in Waco. You have installed an RODC in the Waco office to enable users in that office to authenticate to the domain without creating heavy WAN traffic.

    Nobody in the Waco office is highly skilled in network administration, but an employee named Fred has demonstrated the ability to perform hardware upgrades and minor configuration changes, so you would like him to have the ability to perform these actions on the RODC. What should you do to grant him this capability without giving him excessive domain administrative privileges?

    A.Add his user account to the Domain Admins group.
    B.Add his user account to the local Administrators group on the RODC.
    C.Add his user account to the Server Operators group.
    D.Add his user account to the Power Users group.


    7.Jim is a domain administrator for a company that operates an AD DS domain with three sites that represent the cities where his company does business. One of these three sites is a small office where he has installed an RODC. This office is connected to the head office with an ISDN line. Jim has configured the RODC to cache passwords for all users in the branch office.

    One weekend, contractors excavating for a new addition to the building holding the branch office accidentally severed the ISDN line. Repairs will take a day or two. On Monday morning, a user named Margaret reports that she is unable to log on. Which of the following is the most likely reason why she was unable to log on?

    A.Her user account is also listed in the Denied list on the RODC’s password replication policy.
    B.She changed her password on the previous Friday.
    C.Her user account is included in the password cache that Jim has configured on the partnered writable domain controller.
    D.Her user account is not included in the list of users contained in the RODC’s SAM.


    8.Susan is the administrator of a state government agency responsible for construction and maintenance of roads and highways. The agency operates a single domain within the government’s AD DS forest. The functional level of the domain is Windows Server 2003, and all servers that hold data accessible to outside parties are located on a perimeter network.

    The agency frequently contracts road work to private consultants, who need access to a web-based application that holds specifications and other data required for the work projects. All private consultants operate AD DS networks with either Windows 2000 or Windows Server 2003 domain controllers.

    Susan is required to provide access for consultant employees without creating or managing user accounts for these employees, and she must keep the internal network secure from external access. Which of the following should she do? (Each correct answer represents part of the solution. Choose all that apply.)

    A.Install an AD RMS server and configure rights-protected documents.
    B.Install AD FS on an internal server and create a federated trust.
    C.Install an AD FS proxy server in the perimeter network.
    D.Install an AD FS web agent.
    E.Install a domain controller on the perimeter network to simplify the authentication of consultant employees.
    F.Install an AD LDS server on the perimeter network to simplify the authentication of consultant employees.


    9.Gary is responsible for implementing AD FS on his company’s Active Directory domain, which has a mix of domain controllers running Windows Server 2003 and Windows Server 2008. Users from several partner companies need to authenticate to a web application on a server that is located in the company’s perimeter network. Which of the following role services should Gary install on this server?

    A.Federation Service
    B.Federation Service Proxy
    C.Claims-aware agent
    D.Windows token-based agent


    10.You are the network administrator for Examcram.com, which operates an Active Directory network with Windows Server 2008 domain controllers. Servers on your network are configured with both AD FS and AD RMS. You have set up a federation trust with a partner company named Quepublishing.com so that users can share documents protected in AD RMS across the boundary between the two forests. Which of the following do you need to configure to enable users to share these protected documents?

    A.A group claim
    B.A custom claim
    C.An account store
    D.A trust policy



      

    You are currently reading a PREVIEW of this book.

                                                                                            

    Get instant access to over
    $1 million worth of books and videos.

      

    Start a Free Trial


      
    • Safari Books Online
    • Create BookmarkCreate Bookmark
    • Create Note or TagCreate Note or Tag
    • DownloadDownload
    • PrintPrint