Term
How many disks at minimum are required to create a striped volume?
|
|
Definition
|
|
Term
How do you delete a spanned volume?
|
|
Definition
You must delete all the pieces of the volume as a unit.
|
|
|
Term
A RAID-5 volume with 600 MB from the minimum number of disks has how much storage?
|
|
Definition
|
|
Term
What happens when you break a mirror?
|
|
Definition
You create 2 separate volumes with identical data.
|
|
|
Term
What are 2 ways to create a spanned volume?
|
|
Definition
1. Create a new volume from unallocated space on two disks.
2. Extend a simple volume to another disk.
|
|
|
Term
What would the DISKPART syntax be to create a spanned volume using 400MB from Disk 2?
|
|
Definition
|
|
Term
Which tool will overwrite unsigned system files?
|
|
Definition
Sfc - System File Checker |
|
|
Term
How many partitions can a Basic Disk contain?
|
|
Definition
|
|
Term
What are the Dynamic Disk structures that are the equivalent of Partitions on a Basic Disk called?
|
|
Definition
|
|
Term
By default, members of which security groups have permission to perform Disk Management tasks?
|
|
Definition
Administrators and Backup Operators
NOTE: only members of the Administrators group can format volumes.
|
|
|
Term
True or False: Setup requires a non-blank Administrator password.
|
|
Definition
False - Setup allows a blank password, however Microsoft recommends against it. If a password is supplied it must meet complexity requirements.
|
|
|
Term
What is PSSU? How does it work?
|
|
Definition
Post-Setup Security Updates
Servers are vulnerable in the time between initial installation and having the latest security updates applied. To counter this, Windows Server 2003 with Service Pack 1 uses Windows Firewall to block all inbound connections to the server after installation until Windows Update delivers the latest security updates to the new computer. After updating, Windows Firewall is turned off until it is configured for server roles. PSSU also guides users through immediate configuration of Automatic Updates.
|
|
|
Term
What must I do to be able to remotely administer Windows Server 2003?
|
|
Definition
1. Install ADMINPAK.MSI from the Installation CD on the remote W2K3 Server or Windows XP Pro client.
2. Configure the appropriate permissions.
3. Optionally, install the W2K3 Server helpfiles.
|
|
|
Term
When are Universal Groups not available?
|
|
Definition
When the network is in Windows 2000 Mixed Mode or Windows Server 2003 Interim Mode.
Mixed Mode is when you are running Windows NT DCs along with your Windows Server 2000 DCs.
|
|
|
Term
What is Windows 2000 Native Mode?
|
|
Definition
Where the domain controllers are either all Windows 2000 Servers or a mix of Windows 2000 Servers and Windows Server 2003 Servers.
|
|
|
Term
What cannot be set with the dsmod user command?
A. Password
B. Group membership
C. Home directory
D. Profile path
|
|
Definition
|
|
Term
Which group assignments are not permitted in mixed mode
|
|
Definition
1. Global into Domain Local
2. Global into Global
|
|
|
Term
What is required to change group scopes?
|
|
Definition
Native mode for the domain
|
|
|
Term
Who can be added as members of a global group?
|
|
Definition
In 2000 Mixed or 2003 Interim modes, only users & computers from the global group's domain.
In 2000 Native or 2003 Domain Functional Modes: users, computers & groups from the global group's domain.
|
|
|
Term
What 3 features should a naming convention provide?
|
|
Definition
1. Always generate a unique name
2. Be consistent for all users
3. Be derived from the name of the user
|
|
|
Term
What option is allowed for a new scope for a global group?
|
|
Definition
|
|
Term
What are 2 ways to add users to a group using the command line without typing in all of the information?
|
|
Definition
1. Pipe the result of dsquery to dsmod
2. Pipe the result of dsget to dsmod
|
|
|
Term
Who can be added as members of a universal group?
|
|
Definition
1. Users from any domain
2. Global groups from any domain
|
|
|
Term
Which Terminal Services settings take precedence: user account or Remote Desktop client settings?
|
|
Definition
|
|
Term
Which 4 tools are available for configuring Terminal Services settings?
|
|
Definition
1. Group Policy Editor
2. Terminal Services Configuration
3. Active Directory Users & Computers
4. Remote Desktop Connection client
|
|
|
Term
Which properties override both user account AND Remote Desktop client Terminial Server settings?
|
|
Definition
Those of the RDP-tcp connection object which is accessible through Terminal Services Configuration.
|
|
|
Term
Which of the following Terminal Services settings override all the others?:
1. Terminal Services Configuration
2. Active Directory Users & Computers
3. Remote Desktop Connection client
4. Group Policy Editor
|
|
Definition
|
|
Term
True or False: Group Policy settings for Terminal Services apply to both Windows 2000 Servers and Windows 2003 Servers.
|
|
Definition
False: Terminal Services group policies only apply to Windows 2003 Servers.
|
|
|
Term
What is the order of precedence for Terminal Server configuration settings?
|
|
Definition
1. Computer-level Group Policies
2. User-level Group Policies
3. RDP-tcp connection object properties set through the Terminal Services Configuration tool
4. Active Directory Users & Computers user account settings
5. Remote Desktop Connection client settings
|
|
|
Term
By default, which group(s) has the right to log on through Terminal Services on a member server? on a Domain Controller?
|
|
Definition
On a member server Administrators & Remote Desktop Users. On a Domain Controller only Administrators.
|
|
|
Term
Where can audio device redirection be specified for a Terminal Server connection (3)?
|
|
Definition
1. The Local Resources tab of the Remote Desktop Connection client
2. On the Client Settings tab of the RDP-tcp Properties (disabled by default)
3. In Group Policy
|
|
|
Term
True or False: the user account's 'Connect Client Drives At Logon' setting determines whether local drives are available for a Terminal Server session.
|
|
Definition
False: this setting is meant to manage Drive redirection for Citrix's Intergrated Computing Architecture.
|
|
|
Term
What are the 2 security options when installing Terminal Server and which is configured by default?
|
|
Definition
Full Security and Relaxed Security. Full Security is the default.
|
|
|
Term
In order to create user objects in Active Directory Users & Computers you must be a member of one of which 3 Security Groups?
|
|
Definition
1. Enterprise Admins
2. Domain Admins
3. Account Operators
|
|
|
Term
Which user account properties on which tabs are available for editing when using multiselect?
|
|
Definition
General Tab: Description, Office, Telephone Number, Fax, Web Page, Email
Account Tab: UPN Suffix, Logon Hours, Computer Restrictions, all Account Options, Account Expires
Address Tab: Street, PO Box, City, State/Province, ZIP/Postal Code, Country/Region
Profile Tab: Profile Path, Logon Script, Home Folder
Organization Tab: Title, Department, Company, Manager
|
|
|
Term
|
Definition
User Principle Name - logon name (ie:waynes) and a UPN suffix (ie: class.local)
waynes@class.local
|
|
|
Term
What is the default output format for DSQuery?
|
|
Definition
Distinguished Names (DNs)
|
|
|
Term
|
Definition
Common Name - the primary name of an object in a LDAP directory such as Active Directory.
An example would be: "CN=Dan Holme"
|
|
|
Term
What actions are available in Terminal Services Manager to monitor and control Terminal Server sessions?
|
|
Definition
- Disconnect a user or session
- Log off a user or session
- Reset a user or session
- Send a message to a user
- Terminate a process launched by any user
|
|
|
Term
What permissions must you remember to configure on the file server folder where roaming profiles will be stored?
|
|
Definition
The share permission of Full Control for the Everyone group.
|
|
|
Term
What component can be installed on pre-Windows 2000 systems to allow them to participate in many of the Active Directory features? Where can this component be obtained?
|
|
Definition
The Active Directory Client can be downloaded from the Microsoft website.
|
|
|
Term
What must be accessible by a pre-Windows 2000 system if the Active Directory Client is not installed in order for a user to change their password?
|
|
Definition
A domain controller performing the single master operation called primary domain controller (PDC) emulator.
|
|
|
Term
By default, members of which Security Groups have the right to manage computer accounts?
|
|
Definition
Account Operators,
Domain Admins &
Enterprise Admins
In addition, users can also have this right delegated to them.
|
|
|
Term
|
Definition
It's creating a computer account in Active Directory before adding the computer to the domain.
|
|
|
Term
How can you control who is allowed to add a particular computer to the domain?
|
|
Definition
By pre-staging it (ie - creating a computer account in AD before it is joined to the domain).
|
|
|
Term
True or False?
A regular authenticated domain user can join computers to a domain.
|
|
Definition
True - regular domain accounts are able to add 10 computers to a domain. Pre-staged computers do not count towards this quota.
|
|
|
Term
On what type of computers can you create local users & groups?
|
|
Definition
On Windows XP clients and Windows 2000 or Windows Server 2003 computers that are member servers.
|
|
|
Term
What 4 things are necessary to configure a Terminal Server cluster?
|
|
Definition
1. A load-balancing technology such as NLB or DNS round-robin.
2. A Terminal Services Session Directory
3. You must add computer accounts for the cluster's servers to the Session Directory Computers local group
4. You must configure the servers to belong to the cluster through Terminal Services Configuration or Group Policy
|
|
|
Term
Where are the settings for Remote Control configured?
|
|
Definition
On the Remote Control tab of a user's properties page.
|
|
|
Term
When is Remote Control available and how do you access it?
|
|
Definition
Through the Terminal Services Manager tool, but only within a Terminal Server session.
|
|
|
Term
What can be assigned to a local group?
A. Users from the domain the computer belongs to
B. Global groups from the domain the computer belongs to
C. Local users
D. All of the above
|
|
Definition
|
|
Term
What objects can global groups contain in mixed or interim functional level domains? In 2000 native or 2003 domain functional domains?
|
|
Definition
Only users and computers in mixed and interim. Add global groups for native and domain functional.
|
|
|
Term
When a computer joins a domain, what information is gathered about the computer?
|
|
Definition
OS, Service Pack, OS version
|
|
|
Term
What tool is used to create local groups?
|
|
Definition
|
|
Term
By default, drivers for which clients of shared printers are available?
|
|
Definition
|
|
Term
Which built in security groups can, by default, add computer accounts?
|
|
Definition
Administrators and Account Operators on the domain controller. Domain Admins and Enterprise Admins are members of the Administrators group by default.
|
|
|
Term
When should a computer account be created for an NT 4 server that will be a BDC?
|
|
Definition
Before the NT 4 server is installed.
|
|
|
Term
What happens to permissions on an NTFS file that is moved to another NTFS drive?
|
|
Definition
The permissions are inherited from the new parent folder
|
|
|
Term
Where do you change the location of the print spool directory?
|
|
Definition
On the Advanced tab of the Print Server Properties from the File menu of the Printers folder.
|
|
|
Term
True or False?
When using the command line tools in Active Directory, Computers is an organizational unit.
|
|
Definition
False. You must use the syntax: cn=computers.
|
|
|
Term
What happens when a computer account is disabled?
|
|
Definition
Users can't access the domain from that computer.
|
|
|
Term
When do share permissions apply for a folder that is nested within another shared folder that has a different set of share permissions?
|
|
Definition
Only when connecting directly to the nested share.
|
|
|
Term
When a Windows XP client prints to a Windows 2003 print server, where do jobs spool?
|
|
Definition
|
|
Term
Several clients report print jobs that seem to hang on the 2003 print server. What should you do?
|
|
Definition
Restart the Print Spooler on the 2003 print server.
|
|
|
Term
When would you not be able to edit NTFS permissions (greyed out)?
|
|
Definition
When they are being inherited from a parent folder.
|
|
|
Term
What tools can be used to publish shared folders?
|
|
Definition
Active Directory Users and Computers and Computer Management
|
|
|
Term
True or False?
Queue Management is part of printer permissions.
|
|
Definition
|
|
Term
What is the default permission for a shared folder?
|
|
Definition
|
|
Term
If you use A G DL P, what will you see in the 'Member Of' tab for the Global Group?
|
|
Definition
The Domain Local groups that it's a member of.
|
|
|
Term
|
Definition
Access Control Entry - the permission assigned to a specific group for a resource.
|
|
|
Term
When is it necessary to reset a computer account?
|
|
Definition
When it has been restored from a backup.
|
|
|
Term
Which two computer account moves can only be performed by a Domain Admin?
|
|
Definition
From an Organizational Unit to a non-OU container or into the 'Domain Contollers' container.
|
|
|
Term
Which two groups' members are by default able to move computer accounts?
|
|
Definition
Administrators & Account Operators
|
|
|
Term
When is group nesting possible?
|
|
Definition
Groups can be nested when the domain in which they reside is set to either the Windows 2000 native or Windows Server 2003 domain functional level.
|
|
|
Term
Other than file format, what are the main differences between the Csvde and Ldifde commands?
|
|
Definition
Only Ldifde allows the modification or deletion of security principals.
|
|
|
Term
Which directory service commands can produce a list of DNs of members of a group?
|
|
Definition
|
|
Term
What are the nesting options for:
Global groups?
Universal groups?
Domain Local groups?
|
|
Definition
Global groups can nest into other global groups, universal groups, or domain local groups.
Universal groups can be members of other universal groups or domain local
groups.
Domain local groups can belong to other domain local groups.
|
|
|
Term
What are the four rules for troubleshooting a computer account?
|
|
Definition
The rules that govern troubleshooting a computer account are:
A. Reset the account if it exists
B. Recreate the account if it doesn't
C. Disjoin the computer from the domain by joining it to a workgroup that's not in use.
D. Rejoin the computer to the domain
All four rules must be used (though B may not apply)
|
|
|
Term
Which security group must you be a member of in order to join a computer to a domain or change membership between workgroups and domains?
|
|
Definition
You must be a member of the local Administrators group on the machine to be joined.
|
|
|
Term
What is the effect of resetting a computer account?
|
|
Definition
The computer's password is reset, but all of the other computer object's properties are maintained. Any computer can join the domain using that account.
|
|
|
Term
Connecting to administrative shares is restricted to members of which security groups?
|
|
Definition
Administrators
Server Operators
Backup Operators
|
|
|
Term
To create a share, you must be a member of at least one of which 2 groups?
|
|
Definition
Local Administrators
Power Users
|
|
|
Term
When can Windows Explorer be used to configure shares?
|
|
Definition
Only when it is connected to a local volume or accessed through Remote Desktop.
|
|
|
Term
When do share permissions apply? Through which types of access do they not apply?
|
|
Definition
They apply when the share is accessed through a Client for Microsoft Networks connection.
They don't apply when accessed through terminal services, http, IIS, FTP or locally.
|
|
|
Term
What are the 4 rules for effective permissions?
|
|
Definition
1. File permissions override folder permissions.
2. Allow permissions are cumulative.
3. Deny permissions take precedence over Allow permissions.
4. Explicit permissions take precedence over inherited permissions.
|
|
|
Term
How do you access the ACL Editor? What are the 3 dialog boxes that comprise it?
|
|
Definition
Right-click and object and select 'Properties', then click the Security tab.
The dialog boxes are:
1. Security tab
2. Advanced Security Settings
3. Permission Entry for
|
|
|
Term
Can an explicit Allow permission take precidence over an inherited Deny permission? Why?
|
|
Definition
Yes - because explicit permissions (allow or deny) take precidence over inherited permissions.
|
|
|
Term
What user right is required to transfer ownership of a file or folder?
What are two groups whose members have this right by default?
|
|
Definition
The 'Restore File and Directories' user right.
Administrators and Backup Operators have this right by default.
|
|
|
Term
What are two ways to host multiple websites with one IP address?
|
|
Definition
1. By assigning a unique port to each site
2. By using Host Headers
|
|
|
Term
In addition to website content, what else must be backed up in order to ensure that a site can be completely restored? Where is that information backed up to?
|
|
Definition
You must back up the configuration info, called the metabase and the schema. It is backed up to %Windir%\System32\Inetsrv\Metaback
|
|
|
Term
What are the 7 web authentication options?
|
|
Definition
1. Anonymous authentication
2. Basic authentication
3. Digest authentication
4. Advanced Digest authentication
5. Integrated Windows authentication
6. Certificate authentication
7. .NET Passport authentication
|
|
|
Term
True or False: A Local Printer can be a printer that is attached directly to the network.
|
|
Definition
True!
A Local Printer can be directly attached to the computer or to the network. A Network Printer connects to a logical printer attached to another computer.
|
|
|
Term
Where are the 3 locations for specifying print preferences and what is the difference between them?
|
|
Definition
1. Printing Defaults button on the Advanced tab of the printer's Properties page. (configures print job defaults for all users of the printer)
2. Printing Preferences button on the General tab of the printer's Properties page. (configures the defaults for a particular user - overrides the Printing Defaults settings)
3. Properties button in the Print dialog box from the File menu. (sets the properties for the current print job)
|
|
|
Term
What must be true of the printer driver used by a printer pool?
|
|
Definition
It must be compatible with all the printers in the pool.
|
|
|
Term
Under what circumstance is manually publishing a printer to Active Directory unavoidable?
|
|
Definition
1. When the printer is connected to a local port and installed automatically via Plug & Play (must be shared manually also).
2. When the printer is attached to a Windows NT 4 or 3.51 Server.
|
|
|
Term
What are the most important performance counters for monitoring printer performance?
|
|
Definition
Bytes Printed/Sec - The number of bytes of raw data per second that are sent to the printer. Low count = underutilized.
Job Errors - a print job instance will increment this counter only once.
Jobs - The number of print jobs being spooled.
Total Jobs Printed - since the spooler was started (cumulative)
Total Pages Printed - since the spooler was started (cumulative)
|
|
|
Term
What are the 5 steps for troubeshooting printer problems?
|
|
Definition
1. Identify the scope of failure
2. Verify that the print client can connect to the print server
3. Verify that the printer is operational
4. Verify that the printer can be accessed from the print server
5. Verify that the print server's services are running: RPC Service & Print Spooler Service
|
|
|
Term
How do you configure the Remote Administraton Exception for Windows Firewall?
|
|
Definition
Using Local or Domain-based Group Policy Object, navigate to Computer Configuration|Administrative Templates|Network|Network Connections|Windows Firewall node. Then open Domain Profile and enabel the Allow Remote Administration Exception policy setting.
|
|
|
Term
How can you increase system performance if too many users are connecting to a web site?
|
|
Definition
Limit the number of user connections.
|
|
|
Term
Where are the two places where you can configure licensing?
What is the primary difference?
|
|
Definition
Control Panel/Licensing and Administrative Tools/Licensing.
The applet in the Control Panel only configures the local machine. The one in Administrative tools covers all the servers in the enterprise. The Admin tool runs as a service which is not started by default. You need to synch the local machine configurations to the Admin tool.
|
|
|
Term
If you decline to install an update, where can you go to install it later?
|
|
Definition
|
|
Term
What tool is used to initiate a remote control session with a Windows 2003 server?
|
|
Definition
Remote Desktop Connection
|
|
|
Term
Where is remote control enabled in Windows 2003?
|
|
Definition
|
|
Term
Where do you configure Windows 2003 to optimize memory for application serving?
|
|
Definition
File & Printer Sharing Properties
(right-click My Network Places|Properties -> rt-click Local Area Connection|Properties -> highlight File and Printer Sharing -> click Properties button)
|
|
|
Term
Where do you enable/disable Internet Explorer Enhanced Security Configuration?
|
|
Definition
Control Panel|Add or Remove Programs|Add/Remove Windows Components
|
|
|
Term
Software Update Services (SUS) Client-side Features
|
|
Definition
- Built-in security - Local Admin privileges req'd
- Automatic Updates scans Windows Update svc for applicable updates
- Uses Background Intelligent Transfer Service (BITS) to prevent bandwidth impact
- 'Chained Installation' - one restart after all updates are installed
- Multi-user Aware - displays different UI for each administrative user
- Configurable through Active Dirctory
- Multi-language support
|
|
|
Term
Software Update Services (SUS) Server-side Features
|
|
Definition
• Built-in security - Local Admin privileges req'd
• Selective content approval.
• Content synchronization - manually or automatically
• Server-to-server synchronization
• Update package hosting flexibility - download the actual updates or point computers to a worldwide network of download servers maintained by Microsoft
• Multi-language support - English or Japanese server supports the publishing of updates to multiple operating-system language versions
• Remote administration via HTTP or HTTPS
• Update status logging. You can specify the address of a Web server where the Automatic Updates client should send statistics about updates that have been downloaded, and whether the updates have been installed
|
|
|
Term
On a domain controller running DNS, what logs will Event Viewer display by
default?
|
|
Definition
* Application - configured by app's developer
* System - services & drivers
* Security - logon & resource access
* Directory Service - object replication & other significant directory events
* File Replication Service - errors or events related to copying info between domain controllers
* DNS Server
|
|
|
Term
What tool is used to see if scheduled backups ran?
|
|
Definition
|
|
Term
What restriction is there on the onboard video adapter in a multiple monitor configuration?
|
|
Definition
The onboard adapter must be configured as the VGA adapter.
|
|
|
Term
True or False?
A volume can be defragmented if it hosts hidden, encrypted, or read-only files.
|
|
Definition
|
|
Term
True or False?
A volume can be defragmented if it has been marked as dirty.
|
|
Definition
|
|
Term
True or False?
You can manually edti the resource settings for a Plug and Play device.
|
|
Definition
|
|
Term
True or False?
Windows Server 2003 can extend a disk that was converted to dynamic through Windows 2000 Server.
|
|
Definition
|
|
Term
True or False?
You can include the boot volume in a RAID 5 configuration.
|
|
Definition
|
|
Term
True or False
Quota entries can be configured through Group Policy.
|
|
Definition
False. Quota entries are configured on a per server/per volume/per user basis. In order to apply the same quota entries to more than one server you can export them from one machine through the volume properties|Quota tab|Quota Entries page.
|
|
|
Term
Where would you configure the port speed for a modem?
|
|
Definition
|
|
Term
What does Stop error 0x7B indicate? Under what situation might you encounter this error?
|
|
Definition
Stop error 0x7B refers to an inaccessible boot device.
You might encounter this error after installing a new hard disk controller. This could cause the ARC path in the boot.ini file to become invalid.
|
|
|
Term
What does the absence of the Power Management tab for a device indicate?
|
|
Definition
That the device doesn't support power management options.
|
|
|
Term
What degree of failure on a software RAID-5 volume will trigger a Failed status?
|
|
Definition
|
|
Term
What tool can you use to reset a domain controller's computer account?
|
|
Definition
NETDOM - you can't reset the computer account for a DC from Active Directory Users & Computers
|
|
|
Term
What is the main security risk with Basic Authentication?
|
|
Definition
Logon credentials are transmitted over the network in plain text.
|
|
|
Term
Which 3 Performance Monitor counters should be used to determine if the Page File size should be increased?
|
|
Definition
Memory: Available bytes, Committed bytes, and Commit Limit
In general, the Committed bytes value should be less than 75% of the Commit Limit value.
|
|
|
Term
When can you not extend a simple volume on a dynamic disk?
|
|
Definition
When the volume was created before the disk was converted to dynamic.
|
|
|
Term
Which domain controller role is required to create new domains?
|
|
Definition
The Domain Naming Master role
|
|
|
Term
How does Integrated Windows authentication work?
|
|
Definition
It uses Kerberos tickets to authenticate users.
|
|
|
Term
Which tool can you use to end a task on a remote computer?
|
|
Definition
Taskkill.exe - you can't use Task Manager to end a task on a remote computer.
|
|
|
Term
To which operating systems is Remote Assistance limited?
|
|
Definition
Windows Server 2003 & Windows XP
|
|
|
Term
What is the recommended strategy for implementing groups?
|
|
Definition
* Place users into global groups.
* Create domain local groups.
* Add the global groups to domain local groups.
* Assign permissions to the domain local groups. |
|
|
Term
When should driver updates be installed: before, during or after an ASR restor?
|
|
Definition
During - after you have booted from the installation CD and begun the installation, you will be prompted to press F6 to install additional drivers. Once the text-mode portion begins you will be prompted to press F2 and insert the ASR floppy disk.
|
|
|
Term
Where is the IIS log located by default?
|
|
Definition
C:\windows\system32\logfiles\w3svc1 (for the first IIS site on a W2K3 server) This is where html errors such as 404 would be logged that are reported to the client.
|
|
|
Term
When is the SYSVOL directory included in a system state backup?
|
|
Definition
When the server being backed up is a domain controller.
|
|
|
Term
|
Definition
|
|