Читать книгу MCSA Windows Server 2012 R2 Complete Study Guide - Panek William - Страница 7
Assessment Test
Оглавление1. Which of the following is a valid role for a Windows Server 2012 R2 computer?
A. Stand-alone server
B. Member server
C. Domain controller
D. All of the above
2. Which of the following is a benefit of using Active Directory? (Choose all that apply.)
A. Hierarchical object structure
B. Fault-tolerant architecture
C. Ability to configure centralized and distributed administration
D. Flexible replication
3. Which of the following features of the Domain Name System (DNS) can be used to improve performance? (Choose all that apply.)
A. Caching-only servers
B. DNS forwarding
C. Secondary servers
D. Zone delegation
4. Which of the following pieces of information should you have before you begin the Active Directory Installation Wizard? (Choose all that apply.)
A. Active Directory domain name
B. Administrator password for the local computer
C. NetBIOS name for the server
D. DNS configuration information
5. An Active Directory environment consists of three domains. What is the maximum number of sites that can be created for this environment?
A. Two
B. Three
C. Nine
D. Unlimited
6. Which of the following is not a valid Active Directory object?
A. User
B. Group
C. Organizational unit
D. Computer
E. None of the above
7. Which of the following is not considered a security principal?
A. Users
B. Security groups
C. Distribution groups
D. Computers
8. Which of the following should play the least significant role in planning an OU structure?
A. Network infrastructure
B. Domain organization
C. Delegation of permissions
D. Group Policy settings
9. How can the Windows Server 2012 R2 file and printer resources be made available from within Active Directory?
A. A system administrator can right-click the resource and select Publish.
B. A system administrator can create Printer and Shared Folder objects that point to these resources.
C. The Active Directory Domains and Trusts tool can be used to make resources available.
D. Only resources on a Windows 2000 or newer server can be accessed from within Active Directory.
10. The process by which a higher-level security authority assigns permissions to other administrators is known as which of the following?
A. Inheritance
B. Delegation
C. Assignment
D. Trust
11. What is the minimum amount of information you need to create a Shared Folder Active Directory object?
A. The name of the share
B. The name of the server
C. The name of the server and the name of the share
D. The name of the server, the server’s IP address, and the name of the share
12. Which of the following operations is not supported by Active Directory?
A. Assigning applications to users
B. Assigning applications to computers
C. Publishing applications to users
D. Publishing applications to computers
13. Which of the following filename extensions is used primarily for Windows Installer setup programs?
A.msi
B.mst
C.zap
D.aas
14. A system administrator wants to allow a group of users to add computer accounts to a specific organizational unit (OU). What is the easiest way to grant only the required permissions?
A. Delegate control of a user account
B. Delegate control at the domain level
C. Delegate control of an OU
D. Delegate control of a computer account
E. Create a Group Policy object (GPO) at the OU level
15. A Group Policy object (GPO) at the domain level sets a certain option to Disabled, while a GPO at the OU level sets the same option to Enabled. All other settings are left at their default. Which setting will be effective for objects within the OU?
A. Enabled
B. Disabled
C. No effect
D. None of the above
16. Which of the following tools can be used to create Group Policy object (GPO) links to Active Directory?
A. Active Directory Users and Computers
B. Active Directory Domains and Trusts
C. Active Directory Sites and Services
D. Group Policy Management Console
17. To test whether a DNS server is answering queries properly, you can use which of the following tools?
A. The ping tool
B. The nslookup tool
C. The tracert tool
D. The ipconfig tool
18. Which of the following is true about the time to live (TTL) attached to a DNS record?
A. A resolver cannot use it; only servers making recursive queries can use it.
B. Only resolvers use it.
C. It is used to determine how long to cache retrieved results.
D. It is refreshed each time the record is modified.
19. Which of the following statements about Windows Server 2012 Dynamic DNS (DDNS) is true?
A. DDNS requires a Microsoft DHCP server to work.
B. The Windows Server 2012 DDNS server can interoperate with recent versions of BIND.
C. DDNS clients may not register their own addresses.
D. DDNS works only with Microsoft clients and servers.
20. You have been given a server that contains three HBAs. Each card can access the storage over a separate path. The application that runs on the server can exceed the usage of a single path. Which of the following MPIO options should be selected to provide the needed bandwidth as well as minimal redundancy?
A. Failover
B. Dynamic Least Queue Depth
C. Weighted path
D. Round robin
21. You need to stop an application from running in Task Manager. Which tab would you use to stop an application from running?
A. Performance
B. Users
C. Options
D. Details
22. As a network administrator, you are responsible for all client computers at the central corporate location. Your company has asked you to make sure that all of the client computers are secure. You need to use MBSA to scan your client computers, based on IP addresses, for possible security violations but you need to use the command-line version. Which of the following command-line commands would you use?
A. mdsacli.exe /hf – i xxxx.xxxx.xxxx.xxxx
B. mdsacli.exe /ip xxxx.xxxx.xxxx.xxxx
C. mbsa.exe /hf – ip xxxx.xxxx.xxxx.xxxx
D. mbsa.exe /ip xxxx.xxxx.xxxx.xxxx
23. You are the administrator of a new Windows Server 2012 R2 machine. You need to install DNS and create a primary zone. Which MMC snap-in would you use to install DNS?
A. Add/Remove Programs
B. Programs
C. Server Manager
D. Administrative Tools
24. You are the administrator for a large company that has purchased a new multifunction printer. You want to publish the printer to Active Directory. Where would you click in order to accomplish this task?
A. The Sharing tab
B. The Advanced tab
C. The Device Settings tab
D. The Printing Preferences button
25. Isabel is a system administrator for an Active Directory environment that is running in Native mode. Recently, several managers have reported suspicions about user activities and have asked her to increase security in the environment. Specifically, the requirements are as follows:
■ The accessing of certain sensitive files must be logged.
■ Modifications to certain sensitive files must be logged.
■ System administrators must be able to provide information about which users accessed sensitive files and when they were accessed.
■ All logon attempts for specific shared machines must be recorded.
Which of the following steps should Isabel take to meet these requirements? (Choose all that apply.)
A. Enable auditing with the Computer Management tool.
B. Enable auditing with Group Policy Objects.
C. Enable auditing with the Active Directory Domains and Trusts tool.
D. Enable auditing with the Event Viewer tool.
E. View the audit log using the Event Viewer tool.
F. View auditing information using the Computer Management tool.
G. Enable failure and success auditing settings for specific files stored on NTFS volumes.
H. Enable failure and success auditing settings for logon events on specific computer accounts.
26. You are the network administrator for a large widget distributor. Your company’s network has 20 Windows 2012 R2 servers, and all of the clients are running either Windows 8 or Windows 7. All of your end users use laptops to do their work, and many of them work away from the office. What should you configure to help them work on documents when away from the office?
A. Online file access
B. Offline file access
C. Share permissions
D. NTFS permissions
27. Your company has decided to implement an external hard drive. The company IT manager before you always used FAT32 as the system partition. Your company wants to know whether it should move to NTFS. Which of the following are some advantages of NTFS? (Choose all that apply.)
A. Security
B. Quotas
C. Compression
D. Encryption
28. You have been hired by a small company to implement new Windows Server 2012 R2 systems. The company wants you to set up a server for users’ home folder locations. What type of server would you be setting up?
A. PDC server
B. Web server
C. Exchange server
D. File server
29. GPOs assigned at which of the following level(s) will override GPO settings at the domain level?
A. OU
B. Site
C. Domain
D. Both OU and site
30. A system administrator wants to ensure that only the GPOs set at the OU level affect the Group Policy settings for objects within the OU. Which option can they use to do this (assuming that all other GPO settings are the defaults)?
A. The Enforced option
B. The Block Policy Inheritance option
C. The Disable option
D. The Deny permission
31. Mateo, a system administrator, is planning to implement Group Policy objects in a new Windows Server 2012 R2 Active Directory environment. To meet the needs of the organization, he decides to implement a hierarchical system of Group Policy settings. At which of the following levels is he able to assign Group Policy settings? (Choose all that apply.)
A. Sites
B. Domains
C. Organizational units
D. Local system
32. Ann is a system administrator for a medium-sized Active Directory environment. She has determined that several new applications that will be deployed throughout the organization use registry-based settings. She would like to do the following:
■ Control these registry settings using Group Policy.
■ Create a standard set of options for these applications and allow other system administrators to modify them using the standard Active Directory tools.
Which of the following options can she use to meet these requirements? (Choose all that apply.)
A. Implement the inheritance functionality of GPOs.
B. Implement delegation of specific objects within Active Directory.
C. Implement the No Override functionality of GPOs.
D. Create administrative templates.
E. Provide administrative templates to the system administrators who are responsible for creating Group Policy for the applications.
33. You are the network administrator for your organization. A new company policy has been released wherein if a user enters their password incorrectly three times within 5 minutes, they are locked out for 30 minutes. What three actions do you need to set to comply with this policy? (Choose all that apply.)
A. Set Account Lockout Duration to 5 minutes.
B. Set Account Lockout Duration to 30 minutes.
C. Set the Account Lockout Threshold setting to 3 invalid logon attempts.
D. Set the Account Lockout Threshold setting to 30 minutes.
E. Set the Reset Account Lockout Counter setting to 5 minutes.
F. Set the Reset Account Lockout Counter setting to 3 times.
34. You are teaching a Microsoft Active Directory class, and one of your students asks you, “Which of the following containers in the Active Directory Users and Computers tool is used when users from outside the forest are granted access to resources within a domain?” What answer would you give your student?
A. Users
B. Computers
C. Domain Controllers
D. Foreign Security Principals
35. Your manager has decided your organization needs to use an Active Directory application data partition. Which command can you use to create and manage application data partitions?
A. DCPromo.exe
B. NTDSUtil.exe
C. ADUtil.exe
D. ADSI.exe
36. Your network contains an Active Directory domain named Sybex.com. The domain contains a RADIUS server named Server1 that runs Windows Server 2012 R2. You add a VPN server named Server2 to the network. On Server1, you create several network policies. You need to configure Server1 to accept authentication requests from Server2. Which tool should you use on Server1?
A. Set-RemoteAccessRadius
B. CMAK
C. NPS
D. Routing and Remote Access
37. Your network contains an Active Directory domain named Sybex.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the following role services installed:
■ DirectAccess and VPN (RRAS)
■ Network Policy Server
Remote users have client computers that run Windows XP, Windows 7, or Windows 8. You need to ensure that only the client computers that run Windows 7 or Windows 8 can establish VPN connections to Server1. What should you configure on Server1?
A. A vendor-specific RADIUS attribute of a Network Policy Server (NPS) connection request policy
B. A condition of a Network Policy Server (NPS) network policy
C. A condition of a Network Policy Server (NPS) connection request policy
D. A constraint of a Network Policy Server (NPS) network policy
38. You are the network administrator for a large organization that contains an Active Directory domain named WillPanek.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Network Policy and Access Services server role installed. You plan to deploy 802.1x authentication to secure the wireless network. You need to identify which Network Policy Server (NPS) authentication method supports certificate-based mutual authentication for the 802.lx deployment. Which authentication method should you identify?
A. PEAP-MS-CHAP v2
B. MS-CHAP v2
C. EAP-TLS
D. MS-CHAP
39. You have an Active Directory domain named WillPanek.com. The domain contains a server named ServerA that runs Windows Server 2012 R2. ServerA has the Network Policy and Access Services server role installed. Your company’s security policy requires that certificate-based authentication must be used by some network services. You need to identify which Network Policy Server (NPS) authentication methods comply with the security policy. Which two authentication methods should you identify? Each correct answer presents part of the solution. (Choose two.)
A. MS-CHAP
B. PEAP-MS-CHAP v2
C. CHAP
D. EAP-TLS
E. MS-CHAP v2
40. You are the network administrator, and you have been asked to set up an accounting system so that each department is responsible for the cost of their use of network services. Your network contains a Network Policy Server (NPS) server named ServerA. The network contains a server named Database1 that has Microsoft SQL server installed. All servers run Windows Server 2012 R2. You configure NPS on ServerA to log accounting data to a database on Database1. You need to ensure that the accounting data is captured if Database1 fails. The solution must minimize cost. What should you do?
A. Implement Failover Clustering.
B. Implement database mirroring.
C. Run the Accounting Configuration Wizard.
D. Modify the SQL Server Logging properties.
41. In a secure environment, IPsec encryption should only be disabled for inter-node cluster communication (such as cluster heartbeat) under what circumstances?
A. Certificates use weak encryption methods such as DES
B. LowerQuorumPriorityNodeID is set on a node.
C. DatabaseReadWriteMode is set to 2
D. Group Policy Updates have a high processing latency
42. In Windows Server 2012 R2, Failover Clustering supports how many nodes?
A. 8000
B. 1024
C. 64
D. 1000
43. In Windows Server 2012 R2, what feature dynamically adjusts cluster node votes in order to maintain an odd vote count where no witness is being used?
A. Witness Dynamic Weighting
B. Tie Breaker for a 50 % Node Split
C. Lower Quorum Priority Node
D. Force quorum resiliency
44. What authentication mechanism does Active Directory–detached clusters utilize?
A. NTLM
B. MIT Kerberos Realms
C. AD Kerberos
D. SSL
45. Shared virtual hard disks can be utilized by SQL Server and Exchange Server for virtualized workloads.
A. True
B. False
46. What is the default TCP port for iSCSI?
A. 3389
B. 21
C. 1433
D. 3260
47. You are a server administrator, and you are trying to save hard drive space on your Windows Server 2012 R2 machine. Which feature can help you save hard disk space?
A. ADDS
B. HDSaver.exe
C. Features On Demand
D. WinRM
48. Your company is headquartered in Colorado Springs and has a remote site location in Tampa. The Colorado Spring office has a file server named FS01. FS01 has the BranchCache for Network Files role service installed. Your Tampa Office has a file server named FS02. FS02 has been configured as a BranchCache-hosted cache server. You need to preload the data from the file shares on FS01 to the cache on FS02. You have already generated hashes for the file shares on FS01. Which cmdlet should you run next?
A. Set-BCCache
B. Publish-BCFileContent
C. Export-BCCachePackage
D. Add-BCDataCacheExtension
49. What command would be used to register an iSCSI initiator manually to an iSNS server?
A. iscsicli addisnsserver server_name
B. iscsicli listisnsservers server_name
C. iscsicli removeisnsserver server_name
D. iscsicli refreshisnsserver server_name
50. You have a Windows Server 2012 R2 file server named FS01. FS01 has the File Server Resource Manager role service installed. You attempt to delete a classification property, and you receive the error message “The classification property is in use and cannot be deleted.” You need to delete the Contains Personal Information classification property. What should you do?
A. Clear the Contains Personal Information classification property value for all files.
B. Set files that have a Contains Personal Information classification property value of Yes to No.
C. Disable the classification rule that is assigned the Contains Personal Information classification property.
D. Delete the classification rule that is assigned the Contains Personal Information classification property.
51. After you update multiple drivers on your Windows Server 2012 R2 machine, the machine hangs at the logon screen, and you can’t log into the machine. You need to get this computer up and running as quickly as possible. Which of the following repair strategies should you try first to correct your problem?
A. Restore your computer’s configuration with your last backup.
B. Boot your computer with the Last Known Good Configuration option.
C. Boot your computer with the Safe Mode option.
D. Boot your computer to the Recovery Console and manually copy the old driver back to the computer.
52. You enable the Boot Logging option on the Advanced Boot Options menu. Where can you find the log file that is created?
A. \Windows\ntbtlog.txt
B. \Windows\System32\netlog.txt
C. \Windows\netlog.txt
D. \Windows\System32\netboot.log
53. You need to ensure that you can recover your Windows Server 2012 R2 configuration and data if the computer’s hard drive fails. What should you do?
A. Create a system restore point.
B. Create a backup of all file categories.
C. Perform an Automated System Recovery (ASR) backup.
D. Create a complete PC Backup and Restore image.
54. You have a file server named FS01 that is running on a server core installation of Windows Server 2012 R2. You need to make sure that your users can access previous versions of files that are shared on FS01 using the Previous Versions tab. Which tool should you use?
A. Wbadmin
B. Vssadmin
C. Ntsdutil.exe
D. ADSI Editor
55. You are unable to boot your Windows Server 2012 R2 computer, so you decide to boot the computer to Safe Mode. Which of the following statements regarding Safe Mode is false?
A. When the computer is booted to Safe Mode, there is no network access.
B. Safe Mode loads all of the drivers for the hardware that is installed on the computer.
C. When you run Safe Mode, boot logging is automatically enabled.
D. When you run Safe Mode, the screen resolution is set to 800×600.
56. You are the network administrator for Stellacon Corporation. Stellacon has two trees in its Active Directory forest, stellacon.com and abc.com. Company policy does not allow DNS zone transfers between the two trees. You need to make sure that when anyone in abc.com tries to access the stellacon.com domain, all names are resolved from the stellacon.com DNS server. What should you do?
A. Create a new secondary zone in abc.com for stellacon.com.
B. Create a new secondary zone in stellacon.com for abc.com.
C. Configure conditional forwarding on the abc.com DNS server for stellacon.com.
D. Configure conditional forwarding on the stellacon.com DNS server for abc.com.
57. Your IT team has been informed by the compliance team that they need copies of the DNS Active Directory Integrated zones for security reasons. You need to give the Compliance department a copy of the DNS zone. How should you accomplish this goal?
A. Run dnscmd /zonecopy.
B. Run dnscmd /zoneinfo.
C. Run dnscmd /zonefile.
D. Run dnscmd /zoneexport.
58. You administer a network that assigns IP addresses via DHCP. You want to make sure that one of the clients always receives the same IP address from the DHCP server. You create an exclusion for that address, but you find that the computer isn’t being properly configured at bootup. What’s the problem?
A. You excluded the wrong IP address.
B. You must configure the client manually. You cannot assign the address via the DHCP server.
C. You need to create a superscope for the address.
D. You need to make a reservation for the client that ties the IP address to the computer’s MAC address. Delete the exclusion.
59. You are the network administrator for a small company with two DNS servers: DNS1 and DNS2. Both DNS servers reside on domain controllers. DNS1 is set up as a standard primary zone, and DNS2 is set up as a secondary zone. A new security policy was written stating that all DNS zone transfers must be encrypted. How can you implement the new security policy?
A. Enable the Secure Only setting on DNS1.
B. Enable the Secure Only setting on DNS2.
C. Configure Secure Only on the Zone Transfers tab for both servers.
D. Delete the secondary zone on DNS2. Convert both DNS servers to use Active Directory Integrated zones.
60. You are the network administrator for a midsize computer company. You have a single Active Directory forest, and your DNS servers are configured as Active Directory Integrated zones. When you look at the DNS records in Active Directory, you notice that there are many records for computers that do not exist on your domain. You want to make sure that only domain computers register with your DNS servers. What should you do to resolve this issue?
A. Set dynamic updates to None.
B. Set dynamic updates to Nonsecure And Secure.
C. Set dynamic updates to Secure Only.
D. Set dynamic updates to Domain Users Only.
61. Which of the following does not need to be created manually when you are setting up a replication scenario involving three domains and three sites?
A. Sites
B. Site links
C. Subnets
D. Connection objects
62. You need to deactivate the UGMC option on some of your domain controllers. At which level in Active Directory would you deactivate UGMC?
A. Server
B. Forest
C. Domain
D. Site
63. Your network contains two Active Directory forests named contoso.com and fabrikam.com. Both forests contain multiple domains. All domain controllers run Windows Server 2012 R2. contoso.com has a one-way forest trust to fabrikam.com. A domain named paris.eu.contoso.com hosts several legacy Applications that use NTLM authentication. Users in a domain named london.europe.fabrikam.com report that it takes a long time to be authenticated when they attempt to access the legacy Applications hosted in paris.eu.contoso.com. You need to reduce how long it takes for the london.europe.fabrikam.com users to be authenticated in paris.eu.contoso.com. What should you do?
A. Create an external trust
B. Create a two-way transitive trust
C. Disable SID filtering on the existing trust
D. Create a shortcut trust
64. A system administrator suspects that there is an error in the replication configuration. How can the system administrator look for specific error messages related to replication?
A. By going to Event Viewer ⇒ Directory Service Log
B. By using the Computer Management tool
C. By going to Event Viewer ⇒ System Log
D. By using the Active Directory Sites and Services administrative tool
65. Which of the following services of Active Directory is responsible for maintaining the replication topology?
A. File Replication Service
B. Windows Internet Name Service
C. Knowledge Consistency Checker
D. Domain Name System
66. You are the administrator at Adacom. You need to make sure that you have daily backup of the AD CS database, logs, and private key. What command or commands should you run? (Choose all that apply.)
A. Run certutil – backup.
B. Run certutil – backupdb.
C. Run Ntbackup /systemstate.
D. Run certdb.ps1.
67. You are the new administrator at MMG Publishing. The previous administrator made a failed attempt to implement Active Directory. You attempt to implement AD RMS and receive an error that states, “The SCP is registered, but the root cluster cannot be contacted.” You must remove the SCP. What tool should you use? (Choose all that apply.)
A. Setspn
B. Active Directory Sites and Services
C. ADSI Edit
D. Remove-SCP
68. ABC Company wants to allow external partners to log into a web application and run reports. What AD FS component does Company ABC need to configure for this access?
A. Certificate exchange
B. Transitive trust
C. One-way trust
D. Relying-party trust
69. Which TCP ports does AD RMS use to access the global catalog server?
A. 445
B. 1433
C. 22
D. 3268