Server 7-9

11 September 2022
4.7 (114 reviews)
75 test answers

Unlock all answers in this set

Unlock answers (71)
question
Authentication is used for what purpose?
answer
to verify a user's identity
question
Authorization is used for what purpose?
answer
to grant access to a user
question
Auditing is used for what purpose?
answer
recording user's actions
question
Why is choosing what to audit, instead of auditing everything that a user does, a good idea?
answer
High levels of auditing can affect system performance.
question
Before Windows 2008 R2, only nine basic audit settings existed. Windows Server 2012 introduces a total of how many audit subsettings?
answer
56
question
What is the purpose of implementing new audit subsettings?
answer
so that you can focus on important audit items
question
Why should you avoid using basic audit policy settings and advanced audit policy settings together?
answer
Audit policies might cause conflicts or erratic behavior.
question
Which command do you use to manage auditing at the command prompt?
answer
AuditPol.exe
question
Where can you view audit events?
answer
in Security logs in Event Viewer
question
Which auditing feature allows you to define computer-wide system access control lists for the file system or the registry?
answer
Global Object Access Auditing
question
By using what type of policy can you track, limit, or deny a user's ability to use removable storage devices such as USB drives in Windows Server 2012?
answer
Removable Storage Access
question
Which utility do you use to access advanced audit policy settings?
answer
Group Policy Editor
question
What type of audit event notifies you that an account failed to log on?
answer
Logon/Logoff
question
Shutting down the system is an example of what kind of audit event?
answer
Privilege Use
question
When resetting audit settings back to basic mode, what file must you remove as part of the process?
answer
audit.csv
question
Why is it a good idea (other than the effect on system performance) to set up auditing for only those objects that you really need to focus on? Choose the Best option according to Microsoft.
answer
Searching through too many events makes finding problems more difficult.
question
Why are success audits as important as failure audits? Choose the Best option according to Microsoft.
answer
Successes allow you to track activity such as new account creation.
question
Why would auditing include logon and logoff times? Choose the Best option according to Microsoft.
answer
Logon and logoff times can help pinpoint who was logged on during a failure.
question
Order the following steps for setting up Printer Event Auditing.
answer
Choose Control Panel > View devices and printers. Right-click and select Printer properties. On the Security tab, click Advanced. Select the Auditing tab. Click the Add button to open the Auditing Entry for Microsoft XPS Document Writer dialog box. To specify a user or group, click Select a principal. For Type, select Success, Fail, or All.
question
Order the following steps required to audit account logon.
answer
-Server Manager->Tools->Group Policy Management. -Expand the Domain Controllers to show the Default Domain Controllers Policy. -Right-click the Default Domain Control Default Policy and click Edit. -Expand Computer Configuration, Windows Settings, Security Settings, Local Policies, and select Audit Policy. -Double-click Audit account logon events. -Select Define these policy settings and select both Success and Failure.
question
Order the following steps required to configure monitoring of removable storage devices
answer
-Choose Server Manager > Tools > Group Policy Management. -In the console tree, right-click a group policy object, and then click Edit. -Double-click Computer Configuration, double-click Security Settings, double-click Advanced Audit Policy Configuration, and double-click Object Access. -Double-click Audit Removable Storage. -Select the Configure the following audit events check box, select the Success check box, and then click OK.
question
The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /remove /allusers command.
answer
Remove the per-user audit policy for all users.
question
The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /get /category:* command.
answer
Show an authoritative report on what audit settings are being applied.
question
The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /clear command.
answer
Delete the per-user audit policy for all users, reset or disable the system audit policy for all subcategories, and then set the audit policies settings to disable.
question
The powerful auditpol.exe command-line utility is widely used in automated scripting solutions. Select the correct action for the auditpol.exe /remove /user:usernamecommand.
answer
Remove the per-user audit policy for a single user's account.
question
The Domain Name System (DNS) works much like a phone book to associate URLs (names) with what kinds of numbers?
answer
IP addresses
question
Which TCP/UDP port does the DNS service use to communicate?
answer
53
question
What does the acronym FQDN stand for?
answer
Fully Qualified Domain Name
question
Which one of the following is an example of an FQDN?
answer
sales.microsoft.com
question
What type of structure does DNS have?
answer
hierarchical distributed
question
Which of the following is an example of a top-level domain?
answer
.net
question
Which of the following is an example of a second-level domain?
answer
blah.com
question
A specific, individual computer or other network device in a domain is known as what?
answer
host
question
What is another term for DNS client?
answer
DNS resolver
question
Which type of DNS zone resolves host names to IP addresses?
answer
forward lookup zone
question
By using the Active Directory-integrated zone, DNS follows what kind of model?
answer
multi-master
question
What is one of the primary advantages to using Active Directory to store DNS information?
answer
fault tolerance
question
What is one advantage of subdomains?
answer
They allow you to break up larger domains into smaller, more manageable ones.
question
A stub zone is a zone copy that contains only what type of records?
answer
necessary resource entries
question
What is the primary advantage of a caching-only DNS server?
answer
It speeds DNS queries by building a DNS request cache.
question
The complete or partial transfer of DNS data from a zone on a DNS server to another DNS server is the definition of a zone transfer.
answer
True
question
Why would you implement a caching-only DNS server on your network? Choose the BEST answer according to Microsoft.
answer
to speed DNS queries and decrease network traffic
question
What is the first and most important step in installing and deploying DNS in your network? Choose the BEST answer according to Microsoft.
answer
planning the infrastructure and service requirements
question
What is the major reason behind using a forwarder? Choose the BEST answer according to Microsoft.
answer
to improve the efficiency of name resolution for your computers
question
Order the following steps required to configure a DNS server to forward DNS queries to another DNS server.
answer
-Choose Server Manager > Tools > DNS. -Right-click the DNS server and select Properties. -Select the Forwarders tab. -Click the Edit button. -In the IP address column, type the IP address of the DNS server that you want to forward DNS queries to and press Enter.
question
Order the following steps required to configure zone transfer settings.
answer
-Choose Server Manager > Tools > DNS. -Expand DNS Console. -Expand the server so that you can see the Forward Lookup Zones and Reverse Lookup Zones folders. -Right-click forward or reverse lookup and click Properties. -Select the Zone Transfers tab. -Select the Allow zone transfers option. -Select the type of zone transfer: To any server, Only to servers listed on the Name Servers, or Only to the following servers.
question
Order the following steps required to install DNS.
answer
Choose Server Manager > Manage > Add Roles and Features. -Select Role-based or feature-based installation. -Click Select a server from the server pool and select the name of the server to install DNS to. -Click DNS Server.
question
By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the Only to servers listed on the Name Servers tab method?
answer
restricts zone transfers to secondary DNS servers as defined with NS resource records
question
By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the To any server method?
answer
allows a data transfer to any server that asks for a zone transfer (least secure)
question
By default, zone transfers are disabled. You can choose one of three different zone transfer methods. Which of the following describes the Only to the following servers method?
answer
restricts zone transfers to those servers specified in the accompanied list
question
What is another designation for an Alias?
answer
canonical name or CNAME
question
A Start of Authority record specifies what kind of information about a zone?
answer
the zone serial number
question
If you have a server named server1.blah.com, want to use it as your web server, and have requests point to www.blah.com, what kind of DNS record would you create?
answer
a CNAME record
question
Before creating PTR records, what DNS objects must you create?
answer
reverse lookup zones
question
What does Time to Live (TTL) mean in DNS parlance?
answer
the length of time a record remains in DNS cache
question
Round-robin DNS is a term that refers to what kind of distribution mechanism for DNS responses to queries?
answer
balanced
question
Which command do you use to verify local DNS settings?
answer
ipconfig /all
question
What does issuing the nslookup command with no parameters do on your system?
answer
It places you into nslookup's interactive mode.
question
Which DNS record contains the serial number for the zone?
answer
SOA record
question
Which of the following is an example of an SRV record?
answer
AD server
question
You can use the dnscmd command to create zones. What other tasks can you perform with it?
answer
delete resource records
question
If an A record maps a host name to an IP address, what does an AAAA record do?
answer
maps a host name to a single IPv6 address
question
Which one of the following is correct for querying a PTR record?
answer
nslookup 192.168.1.50
question
How can you force a system to update its DNS record?
answer
Execute ipconfig /registerdns.
question
If you issue the command nslookup 192.168.1.50 and get no response, but then issue nslookup server1 and receive 192.168.1.50 as a response, what do you know is wrong?
answer
The PTR record doesn't exist.
question
If you have corrected a DNS server problem, such as renamed a system or changed its IP address, but your local system still attempts to connect to the old system, what can you do to obtain the new information from the DNS server quickly? Choose the BEST answer according to Microsoft.
answer
Execute ipconfig /flushdns.
question
What is the primary advantage to enabling round-robin DNS? Choose the BEST answer according to Microsoft.
answer
load balancing
question
What is the purpose of a priority number in MX records? Choose the BEST answer according to Microsoft.
answer
for fault tolerance
question
Order the following steps required to create a Host record.
answer
-Choose Server Manager > Tools > DNS. -Expand the DNS Console. -Expand the server to display the Forward Lookup Zones and Reverse Lookup Zones folders. -Right-click the zone that you want to create a Host resource record for and select New Host (A or AAAA). -In the Name text box, type the name of the host. -In the IP address text box, type the IP address (IPv4 or IPv6). -If you want to also create a PTR record, select the Create associated pointer (PTR) record option.
question
Order the following steps required to modify the TTL value for a resource record.
answer
-Choose Server Manager > Tools > DNS. -Expand the DNS Console. -Expand the server to display the Forward Lookup Zones and Reverse Lookup Zones folders. -To view additional options, click View > Advanced. -To modify a record, double-click a resource record. The Properties dialog box opens. -Type the TTL using the DDDDD:HH.MM.SS format, where DDDDD is days, HH is hours, MM is minutes, and SS is seconds.
question
Order the following steps required to enable aging and scavenging.
answer
-Choose Server Manager > Tools > DNS. -Right-click the DNS server and click Set Aging/Scavenging for all Zones. -Click the Scavenge stale resource records option. -Modify the no-refresh interval and refresh interval as needed. -If you want the aging/scavenging settings to apply to all existing Active Directory-integrated zones, select the Apply these settings to the existing Active Directory-integrated zones option.
question
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Host (A and AAAA) records.
answer
maps a domain/host name to an IP address
question
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Name Server (NS) records.
answer
identifies a DNS server that is authoritative for a zone
question
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Canonical Name (CNAME) records.
answer
identifies an alias for a host name
question
DNS servers contain several different types of resource records with which you need to become familiar. Select the correct definition for Pointer (PTR) records.
answer
resolves host names from IP addresses