Active Directory

You manage a group of 10 Windows 8 workstations that are currently configured as a Workgroup. Which advantages you could gain by installing Active Directory and adding the computers to a domain? (Select two.)

Drag the Active Directory terms on the left to their corresponding definition on the right.

Consider the Domain shown in the example below

Click on the item in the imagine below that defines a security and replication boundary

Click on all of the organizational units in the domain represented in the image below

Match the Active Directory term on the right with its corresponding definition on the left.

Match the Active Directory term on the right with its corresponding definition on the left. not all of the definitions on the left have an associated term on the right.

You are the network administrator for your company. Your network consists of two Active Directory domains: research.westsim.local and sales.westsim.local. Your company has two sites: Dallas and Houston. Each site has two domain controllers, with one domain controller for each domain. Users in Houston who are members of the sales.westsim.local domain report slow performance when logging in and accessing files in Dallas. Users in Dallas do not report any problems logging in and accessing local resources. You want all users in Houston to experience adequate log on and resource access response time. What should you do?

You are network administrator for an Active Directory forest with a single domain. Then network has three sites with one domain controller at each site. You have created and configured sites in Active Directory Sites and Services, and replication is operating normally between sites. You configure two universal groups for use in securing the network. All users are members of one universal group or the other. After configuring the universal groups, users at sites 2 and 3 report slows login and slow access to the corporate database. Users at site 1 can log in and access the corporate database with acceptable performance. You want to improve login and resource access performance for users in sites 2 and 3. What should you do?

You manage a single-domain network named northsim.com. Currently, all users are located at a single site in Miami. You are opening a branch office in Orlando. The Orlando. office is connected to the Miami location using a dial-up connection and demand-dial routing. The link between offices is only used during the nighttime to synchronize sales information. About 50 full-time sales people work in the Orlando office. The branch office will have its own domain controller, ORD-DC1. You create a new site object for the Orlando office and move the server into that site. You create a site link object that connects the Orlando site to the Miami site. Users are reporting that logon is slow. You find that during logon, the WAN link must be established before logon is allowed. You want to improve logon for the Orlando location. What should you do?

You manage a network with a single domain named eastsim.com. The network currently has three domain controllers. During installation, you did not designate one of the domain controllers as a global catalog server. Now you need to make the domain controller a global catalog server. Which tool would you use?

You are the network administrator for a network with a single Active Directory forest. All domains in the forest are at Windows Server 2003 functional level and the forest is also at Windows Server 2003 functional level. Offices exist in Denver, Chicago, and Miami. Each geographic location has an Active Directory site configured. The links that connect the Denver and Miami sites to the corporate headquarters in Chicago are highly utilized, and you want to minimize replication traffic over them. Company headquarters is located in Chicago and that locaiton has multiple global catalog servers to service global queries efficiently. Several users in Denver and Miami are members of universal groups throughout the forest. You need to make sure that in the event of a WAN link failure that group membership will be protected and logons will be available. What should you do?

Your network has two sites as shown in the graphic. You want to configure Computer1 as a Global Catalog server. Which object's properties would you edit to accomplish this?

Your network has two sites as shown in the graphic. You want to configure Universal Group Membership Caching. Which object's properties would you edit to accomplish this?

You are the network administrator for westsim.com. westsim.com has one main office and 10 branch offices. The network consists of three Active Directory domains: westsim.com, eastsim.com, and websales.eastsim.com. All the domain controllers run Windows Server 2012 R2. Users on the westsim.com network often search for other employees based on the postal code attribute but they complain that Active Directory searches take a long time to complete. You believe that you can speed up searches by adding the postal code attribute to the Global Catalog. What should you do?

Your network currently has two domains: eastsim.com and sales.eastsim.com You need to remove the sales.eastsim.com domain. You have removed all domain controllers in the domain except for the DC1.sales.eastsim.com server. This server holds the following infrastructure master roles: * RID master * PDC emulator * Infrastructure master * Domain naming master You are getting ready to remove Active Directory from DC1. What should you do first?

Your network currently has the following Active Directory domains: westsim.com, emea.westsim.com, uk.emea.westsim.com, and us.westsim.com. Your company is closing its offices in the United States. Previously, most of the network administration took place in that office. Now all IT administration will take place in your London offices. You have removed all domain controllers from the us.westsim.com domain except for the DC1 server. This server hosts the following roles:• RID master• PDC emulator• Domain naming master• Infrastructure masterPrior to removing Active Directory from the domain controller, you need to transfer the necessary operation master roles to servers in the westsim.com domain. The westsim.com domain has the following domain controllers: WS1, WS2, WS3, and WS4. All servers are also global catalog servers except for WS3. What should you do to prepare for Active Directory removal on DC1?

Listed on the left are various operation master roles. For each tool, identify the roles that you can transfer using that tool by dragging the role from the left to the boxes below the tool.

You are the network administrator for westsim.com. The network will consist of one Active Directory domain that contains 100 users. You install Windows Server 2012 on a server named DC1. You then install Active Directory Domain Services (AD DS) and promote DC1 to a domain controller. After creating the new domain, you create a replica domain controller named DC2. Several months after installation, DC1 fails. Parts to restore the sedrdver will not be available for several weeks. You need to transfer the Flexible Single Master Operations (FSMO) roles to DC2. What should you do?

You are the network administrator for eastsim.com. eastsim.com has one main office in Dallas, TX and two branch offices in New York, NY and Los Angeles, Ca. The branch offices are both connected to the main office by dedicated WAN links. There is no direct conection between the branch offices. The network consists of one Active Directory domain that contains 2,000 users. There are two domain controllers at each site listed in the table below. DC1 was the first domain controller installed in the domain and it currently hosts all five Flexible single Master Operations (FSMO) roles. You need to identify which server should be used as a backup operations master in the even that DC1 should fail. Which server should be used.

You are the network administrator for westsim.com. The network consists of one Active Directory domain that contains 1,500 users. westsim.com has one main office and 15 branch offices. There are three domain controllers at the main office and one domain controller at each branch office. You have been asked to identify which domain controller hosts the Schema Master role. Which utilities should you use?

You are the network administrator for northsim.com. the network consists of one Active Directory domain. All of the servers run Windows Server 2012 R2 and all of the clients run Windows 7. While attempting to run a backup on a member server, you discover that you are unable to log on to the domain. After troubleshooting the problem, you determine that the clock on the member server is 15 minutes fast. You verify that the time is correct on the PDC Emulator. You have no trouble logging on to other member servers. You need to display the member server's current Windows Time Service information to determine which server is being used as a time service provider. What should you do?

You are the network administrator for westsim.com. The network consists of a single Active Directory domain.

You are the network administrator for northsim.com. The network consists of a single domain. All the servers run Windows Server 2012 R2. All the clients run Windows 7 or Windows 8. The company has one main office and several small branch offices. The branch offices do not have any on-site network administrators. You are preparing to deploy servers to each of the branch offices. Security is a concern. You must ensure that the passwords for only the members of the branch office are cached on the branch office domain controllers. You must also ensure that data stored on the branch office servers cannot be compromised, even if a hard drive is stolen. What should you do?

You manage the network with a single Active Directory domain named eastsim.com. Your company has a single office in Dallas. You open a second office in San Antonio. The San Antonio location is connected to the Dallas location by a WAN link. All user and computer accounts in the branch office are members of the eastsim.com domain. You do not install a domain controller in the branch office. Recently, the WAN connection between Dallas and San Antonio went down. During the outage, several problems existed because of the lack of a domain controller in the San Antonio location. You want to eliminate these problems in the future. You want to make sure the user passwords are cached on a server in San Antonio, and the directory service replication only happens from Dallas to San Antonio. Changes should not be made at San Antonio and replicated back to domain controllers in Dallas. What should you do?

You manage the network with a single Active Directory domain named eastsim.com Domain controllers run both Windows Server 2003 and Windows Server 2012 R2. The domani functional level is a t Windows Server 2003. Your company has recently opened a new branch office. You would like to create anew domain named branch1.eastsim.com for the branch office. You want to use a read-only domain controller for this domain. How should you install the RODC?

You are the network administrator for northsim.com, a company that specializes in extreme sports vacations. The company has one main office and 30 branch offices. All of the branch offices have 3 to 10 users on location, and all of them are located in remote areas of the country. Due to the need to be located near natural resources, many of the branch offices lack basic security and almost all of them are connected to the main office via dial-up. Users at the branch offices complain that it takes a long time to log on to the domain. Management has authorized the purchase and deployment of one Windows Server 2012 R2 server for each branch office. You have been asked to develop a standard installation for the new servers being deployed. Your solution must meet the following requirements: • Each branch office server should perform authentication for users located at that branch office. • Each branch office server should be configured so as to minimize the amount of Active Directory information that will be compromised in the event that the server is stolen. • Each branch office server should be configured so as to minimize the amount of user data that will be compromised in the event that the server is stolen. What should you do?

You are the network administrator for westsim.com. westsim.com has one main office and 50 branch offices. The network consists of one Active Directory domain that contains 5,000 users. You plan to deploy a Windows 2012 R2 domain controller in each branch office. Ten of the branch offices do not employ on-site IT staff. You need to recommend a solution for these 10 branch offices. Your solution must meet the following requirements: • Minimize network traffic during the installation of Active Directory Domain Services (AD DS). • Maximize the security of the branch office domain controllers. What should you recommend?

Your organization runs a Hyper-V hypervisor on a Windows Server 2008 R2 system that hosts a mix of Windows Server 2008 R2 and Windows Server 2012 R2 virtual domain controllers. You want to use snapshots to protect your virtual domain controllers on this hypervisor host. However, you have heard that doing this can cause Update Sequence Number (USN) rollback issues. What must you do to prevent this from happening? (Choose two.)

To prevent Update Sequence Number (USN) rollback issues with virtual domain controllers, each domain controller (virtual or physical) is assigned a unique identifier called the VM-Generation-ID. For virtual domain controllers, where is this identifier stored? (Choose two.)

Your organization runs a Hyper-V hypervisor on Windows Server 2012 R2 that hosts several Windows Server 2012 R2 virtual domain controllers. You want to add an additional virtual domain controller. Instead of installing a new Windows Server 2012 R2 virtual machine and promoting it to be a domain controller, you decide to simply copy one of the existing virtual domain controller's virtual machine files. What must you do to perform this procedure correctly? (Select two.)

Your organization runs a Hyper-V hypervisor on Windows Server 2012 R2 that hosts several Windows Server 2012 R2 virtual domain controllers. You want to add an additional virtual domain controller. Instead of installing a new Windows Server 2012 R2 virtual machine and promoting it to be a domain controller, you decide to simply copy one of the existing virtual domain controllers virtual machine files. You have completed all of the preparatory steps and are now ready to clone the source virtual machine. Which PowerShell cmdlets must you use to do this? (Select three.)

A virtual domain controller has been powered on and begins to boot. When it does, the hypervisor host detects that the value of the Vm-Generation-ID in the virtual machine's configuration and the value of the VM-Generation-ID in the virtual domain controller's computer object in Active Directory don't match. What happens next?

Your organization runs a Hyper-V hypervisor on Windows Server 2012 R2 that hosts several Windows Server 2012 R2 virtual domain controllers. You want to add an additional virtual domain controller. Instead of installing a new Windows Server 2012 R2 virtual machine and promoting it to be a domain controller, you decide to simply copy one of the existing virtual domain controller's virtual machine files. Prior to cloning the source virtual machine, you need to check it for installed applications and services that aren't compatible with the cloning process. Which PowerShell cmdlet can you use to do this?

You are the network administrator at eastsim.com. The organization owns 8 restaurants located in California. The network consists of a single Active Directory domain. There is one domain controller and one database server located in each restaurant. The domain password policy requires the use of complex passwords that must be changed every 30 days. After implementing a new third party backup system the backups run without problems for the first month and then begin failing regularly. You determine that the failure is due to an expired password on the service account being used by the third party backup software. You must reconfigure the software to perform successful backups. Your solution should maintain current security standards and avoid future backup failures, while using the least amount of administrative effort. What should you do?

You are the network administrator for westsim.com. The network consists of a single Active Directory domain. All the servers run Windows Server 2012 and all the clients run Windows 8. Company policy requires all users in the domain to change their passwords every 30 days. An application named App1 uses a service account named App1Svc. Every 30 days, App1 fails. When the App1Svc account password is reset, the application works fine. You need to prevent App1 from failing in the future without compromising corporate security standards. What should you do?

Which built-in local user account is a member of the local Administrators group?

What is the key difference between a managed service account and a group managed service account.

Click on the container in Active Directory where group managed service accounts are created by default.

You are working in PowerShell on a Windows Server 2012 domain controller. You need to create a group managed service account that will be used by a new service that only you will install later on the server. Which cmdlet should you use to do this?

You are working in PowerShell on a Windows Server 2012 domain controller. You need to create a new group managed service account to be used by a new application that will be installed later on the Windows 7 workstations that are members of the domain. The domain functional level is set to Windows Server 2008 Can you do this?

You have installedMicrosoft FTP Server service on a Windows Server 2012 R2 host that is a member of the WestSim.com domain. The properties of this service are shown in the exhibit. You want the FTP Server service to log on and run on the system as a virtual service account named FTPSVC. What should you do?

You manage a Windows Server 2012 R2 server that stores user data files. You want to use Windows Server Backup to configure a backup schedule. You want to perform a complete system backup every Monday, Wednesday, and Friday. You want to be able to restore the entire system or individual files from the backup. What should you do?

You manage a Windows Server 2012 R2 server that stores user data files. The system volume is drive C:, while all user data is on drive E:. You want to use Windows Server Backup to configure a backup schedule. You want to back up only the E: volume twice a day. You want to be able to restore individual files and folders. If possible, you want to save backups on optical media so you can place the backup disc in a media catalog server for easy retrieval. What should you do?

You are the network administrator for northsim.com. The network consists of a single Active Directory domain. all the servers run Windows server 2012 R2. All the clients run Windows 7 or Windows 8. While working in Active Directory Users and Computers, you discover that an organizational unit (OU) which contained several group objects is missing. You do not know how long the OU has been missing. You select a backup from the previous week. You need to determine whether this backup contains the missing OU. You attempt to mount the snapshot using NTDSUtil but are not successful. You must mount the backup as an Active directory snapshot. What should you do?

You are the network administrator for westsim.com. The network consists of a single active directory domain. all the servers run Windows Server 2012 R2 and all the clients run Windows 7 or Windows 8. The network had a child domain named east.westsim.com. The domain was decommissioned but several snapshots were taken prior to the decommissioning. Management requests that you identify the members of a group that existed in the east.westsim.com. You mounted the last snapshot to examine the group on a domain controller named DC1, but you now need to see the data in the snapshot. What command should you run?

You manage a Windows Server 2012 R2 system and need to perform an immediate system state backup. The backup should be save on the E: volume. Which command should you use to do this?

You manage a Windows Server 2012 R2 system and need to perform an immediate system state backup. The backup will be saved on the C: volume. To accomplish this, you determine the wbadmin start systemstatebackup -backupTarget:C: is the appropriate command to use. Will this strategy work?

You have activated an Active Directory database snapshot on your Windows Server 2012 R2 system and have mounted it. You now need to view the contents of the snapshot. To do this, you decided to access the mounted snapshot in Active Directory Users and Computers using the Lightweight Directory Access Protocol (LDAP). Which comman should you use to do this?

A domain controller in your domain has experienced a catastrophic failure. Because the server failed before it could be cleanly removed from your domain, Active Directory still thinks the failed domain controller is present. All of the other domain controllers will continue to try to replicate with it, potentially resulting in database inconsistency. You need to removed the failed server by cleaning the metadata. Which ntdsutil command should you use to do this?

You are the network administrator for eastsim.com. The network consists of a single Active Directory domain. All the servers run Windows Server 2012 R2. All the clients run Windows 7 and Windows 8. There is one main office and seven branch offices. There are two writable domain controllers in the main office. There is one read-only domain controller (RODC) in each branch office. The domain functional level is set to Windows Server 2003. While visiting one of the branch offices, you accidentally delete a folder from the SYSVOl share on the local RODC. You need to restore the contents of the SYSVOL on the RODC. Waht should you do?

You work for a consulting company. your best customer, a university on summer break, has a serious problem. one of the student interns carried a large cup of coffee into the computer room and promptly tripped over a section of the raised flooring. The coffee spilled and found its way into one of the domain controllers. Sparks flew and the domain controller was dead on arrival to the tech bench. The system board was no longer functional and two SCSI hard drives have failed. You replace the system board and SCSI hard drives. Fortunately, a system state backup was done two nights ago, but several changes in Active Directory have occurred since then and have been fully replicated to other domain controllers in this single domain network. You need to decide how to restore Active Directory on the failed server. You must complete the restoration as quickly as possible. What should you do?

You are the network administrator for a network with a single Active Directory parent domain and two child domains. All domain controllers are running Windows Server 2012 R2. You are responsible for disaster recovery across the entire network. You decided to use Windows Server Backup. You schedule full server backups to be taken every night, along with a system state backup an hour later. On Friday morning, you are creating new users in the Accounting OU when you receive an error stating that the user cannot be created because the context could not be found. After some investigation you find that a co-worker has deleted the OU and the change has replicated to all domain controllers. You want to restore the latest version of the OU without affecting the rest of Active Directory. What should you do?

You are the administrator for WestSim Corporation. The network has a single domain, westsim.com, running a Windows 2003 functional level. Five domain controllers, all running Windows Server 2012 R2 server, are located on the network. Your network uses a distributed administrative approach. Numerous network administrators work in Active Directory adding users and maintaining user accounts. One day you check Active Directory and find a new OU that doesn't meet your organizational plan. You delete the OU and start checking to see who might have added it. You get a call from another administrator complaining that you deleted the OU she was working with. She explains the OU's purpose, and points out she had added it yesterday to prepare for a new department. She explains that although the OU was empty this morning, she had moved some user accounts into that OU at or shortly after the time you deleted the OU. You perform system state backups ever night. You need to get back the deleted objects as quickly as possible without disrupting the network. What should you do?

You and Sammy are creating an organizational unit structure and user accounts for the education.westsim.com domain. You created ACTG, PROD, and SALES organizational units on Server 1. Fifteen minutes later, you change the name of the ACTG organizational unit to ACCT. Before replication finishes, Sammy uses Server 2 to add several user accounts to the ACTG organizational unit. You check the ACCT OU to find the user accounts are not there. What should you do?

You have just installed a new domain on a new domain controller running Windows Server 2012 R2. You would like to use Windows Server BAckup to back up Active Directory. You would like to perform the backup so that you can restore the domain controller if the domain controller is able to boot but when Active Directory is corrupt. Which type of backup should you create?

You have just installed a new domain controller running Windows Server 2012 R2. You would like to use Windows Server Backup to back up Active Directory. You would like to perform the backup so that you can restore the domain controller if the domain controller is able to boot but when Acitve Directory is corrupt. You want the backup to run once a day. You want to take the backup medium and put it in a safe in an offsite location. What should you do?

You manage the network for the eastsim.com domain. You have three domain controllers, all running Windows Server 2012 R2. You have forgotten the Directory Services Restore Mode password for your domain controllers. What should you do to reset the password?

You manage the network for the eastsim.com domain. The domain functional level is at Windows 2000 Native. You want to enable linked-value replication. You want to take the minimum action that is possible. What should you do?

You are the network administrator for westsim.com The network consists of a single Active Directory domain. All the servers fun Windows Server 2012 R2. All the clients run Windows 7 or Windows 8. The forest functional level is set to Windows Sever 2008 R2. The active Directory recycle bin has been enabled. While working in Active Directory Users and Computers, you accidentally delete a group. You need to restore the group using the least amount of administrative effort. What should you do?

You are the network administrator for southsim.com The company has one main office along with several branch offices. All the domain controllers run Windows Server 2012 R2 and all the client computers run Windows 7 or Windows 8. The domain functional level is set to Windows Server 2008 R2. The forest functional level is set to Windows Sever 2008. You need to enable the Active Directory Recycle Bin feature. What should you do?

You are the network administrator for a company with a single Active Directory domain. The domain functional level is Windows Server 2003. Each departmental administrative team has delegated control over an organization unit (OU) for their department. In the last few weeks there have been several new administrators join the team that have never managed Active Directory before. Yesterday, one of the new administrators inadvertently deleted an entire OU from within his department's OU structure. You have located a backup from two days ago to use for the restoration. What should you do?