Incorrect Q.

1) What role provides developers with the ability to store data for directory-enabled applications without incurring the overhead of extending the Active Directory schema to support their applications? AD LSD AD SLD AD DLS (Your Answer) AD LDS (Correct Answer) D. Explanation Windows Server 2008 includes a new Active Directory Lightweight Directory Services (AD LDS) role that provides developers with the ability to store data for directory-enabled applications without incurring the overhead of extending the Active Directory schema to support their applications. Incorrect Q.2) The first domain controller installed in a new Active Directory forest will hold all of the Flexible Single __________ Operation roles, which are specific server roles that work together to enable the multimaster functionality of Active Directory. A. B. C. multiple(Your Answer) Possible correct answers:

master

Correct Q.3) What processes can be used by Windows Server 2008 DNS to clean up the DNS database after DNS records become stale or out of date? searching and destroying aging and scavenging (Your Answer) seeking and removing C. finding and deleting D. Explanation Although not enabled by default, aging and scavenging are processes that can be used by Windows Server 2008 DNS to clean up the DNS database after DNS records become stale or out of date. Without this process, the DNS database would require manual maintenance to prevent server performance degradation and potential disk-space issues. Correct Q.4) Read-Only Domain Controllers provide added security in the way passwords are stored through what feature? A. B.

Password Integration Policy Password Caching Policy Password Storage Policy Password Replication Policy (Your Answer) Explanation A key feature of an RODC is that each RODC can be configured with its own Password Replication Policy for security purposes. Correct Q.5) What command can you use to run the Active Directory Installation Wizard? A. B. C. D. adpromo dcpromo (Your Answer) domainpromo C. adcreate D. Explanation The Active Directory Installation Wizard, dcpromo, will guide you through adding a domain controller to an existing environment, creating an entirely new forest structure, adding a child domain to an existing domain, adding a new domain tree to an existing forest, and demoting domain controllers and eventually removing a domain or forest. Correct Q.6) __________ roles work together to enable the multimaster functionality of Active Directory. A. B. A. FSMO (Your Answer) B. FMMO C. FMSO D. FOMO Explanation The first domain controller installed in a new Active Directory forest will hold all of the Flexible Single Master Operation (FSMO) roles, which are specific server roles that work together to enable the multimaster functionality of Active Directory. Incorrect Q.7) Aging is the process of removing records that were not refreshed or updated within specified time intervals, which will occur naturally with machines that are removed from the network. A. B. True (Your Answer) False (Correct Answer)

Incorrect Q.8) What utility is used to manually create trust relationships? A. Active Directory Trust Console B. Active Directory Trust Wizard (Your Answer) C. Active Directory Domains and Trusts MMC snap-in (Correct Answer) D. Active Directory Domains and Trusts control panel Explanation Use the Active Directory Domains and Trusts MMC snap-in to establish manual trust relationships. Incorrect Q.9) What is the minimum amount of storage space required for the Active Directory installation files? 100 MB 150 MB (Your Answer) 200 MB (Correct Answer) C. 250 MB D. Explanation 200 MB minimum free space is required for Active Directory database files. Incorrect Q.10) When installing Active Directory, there must be at least __________ MB of free space for the transaction log files A. B. 200(Your Answer) Possible correct answers:

50

Correct Q.11) What type of zone is necessary for computer hostname-to-IP address mappings, which are used for name resolution by a variety of services? primary lookup secondary lookup forward lookup (Your Answer) reverse lookup D. Explanation A. B. C.

Forward lookup zones are necessary for computer hostnametoIP address mappings, which are used for name resolution by a variety of services. For example, when a user requests access to a server based on its hostname, the request is passed to a DNS server to resolve the hostname to an IP address. Most queries are based on forward lookups. Incorrect Q.12) The default location for the Active Directory database and log files is C:\Windows\System32. A. True (Your Answer) B. False (Correct Answer) Correct Q.13) __________ partitions are used to separate forest-wide DNS information from domainwide DNS information to control the scope of replication of different types of DNS data. DNA record DNS type DNS data Application Directory (Your Answer) Explanation Application directory partitions are used to separate forest-wide DNS information from domain-wide DNS information to control the scope of replication of different types of DNS data. Incorrect Q.14) You can launch the Active Directory Installation Wizard by using the dcpromo.exe command-line tool or from the __________ Manager utility thats installed in the Administrative Tools folder of each Windows Server 2008 server. A. B. C. D. device(Your Answer) Possible correct answers:

server

Incorrect Q.15) What SRV record information serves as a mechanism to set up load balancing between multiple servers that are advertising the same SRV records? A. B. C. priority (Correct Answer) time-to-live weight

port (Your Answer) D. Explanation Priority is a mechanism to set up load balancing between multiple servers that are advertising the same SRV records. Clients will always use the record with the lowernumbered priority first. Incorrect Q.16) A(n) __________ transfer is the process of replicating DNS information from one DNS server to another. sdf(Your Answer) Possible correct answers:

zone

Incorrect Q.17) What type of trust allows you to configure trust relationships between Windows Server 2008 Active Directory and a UNIX MIT Kerberos realm? shortcut cross-forest (Your Answer) external realm (Correct Answer) Explanation Realm trusts allow you to configure trust relationships between Windows Server 2008 Active Directory and a UNIX MIT Kerberos realm, which is the UNIX equivalent to an Active Directory domain allowing centralized user and password administration on a UNIX network. Correct Q.18) What new Windows Server 2008 feature is a special installation option that creates a minimal environment for running only specific services and roles? A. B. C. D. A. Minimal Installation Option B. Server Core (Your Answer) C. Server Standard D. Minimal Server Environment (MSE) Explanation One of the key new features of Windows Server 2008 is Server Core, a special installation option that creates a minimal environment for running only specific services and roles. Server Core runs almost entirely without a graphical user interface (GUI), which means that it needs to be administered exclusively from the command line.

Incorrect Q.19) What command-line tool is used to create, delete, verify, and reset trust relationships from the Windows Server 2008 command line? adtrust (Your Answer) netdom B. (Correct Answer) csvde C. nslookup D. Explanation After you establish a manual trust, you can verify the trust using either Active Directory Domains and Trusts or the netdom command-line tool that is used to create, delete, verify, and reset trust relationships from the Windows Server 2008 command line. Incorrect Q.20) What feature makes it possible to configure a user as the local administrator of a specific RODC without making the user a Domain Admins with far-reaching authority over all domain controllers in your entire domain and full access to your Active Directory domain data? A. A. Role Delegation B. Admin Role Separation (Correct Answer) C. New Administrative Security Groups D. Domain Functional Levels (Your Answer) Explanation Read-Only Domain Controllers also offer a feature that has been a top request of Active Directory administrators since the early days of Windows 2000: Admin Role Separation. This means that it is now possible to configure a user as the local administrator of a specific RODC without making the user a Domain Admins with far-reaching authority over all domain controllers in your entire domain and full access to your Active Directory domain data. Correct Q.21) When modifying the schema, Microsoft recommends adding administrators to what group only for the duration of the task? Schema Admins (Your Answer) Enterprise Admins B. Global Admins C. Forest Admins D. Explanation Microsoft recommends adding administrators to the Schema Admins group only for the A.

duration of the administrative task at hand. Incorrect Q.22) What is the process of replicating DNS information from one DNS server to another? A. replication B. DNS push (Your Answer) C. zone transfer (Correct Answer) D. DNS update Explanation A zone transfer is the process of replicating DNS information from one DNS server to another. Correct Q.23) You can launch the Active Directory Installation Wizard using the dcpromo.exe command-line tool or from the Server Manager utility thats installed in the Administrative Tools folder of each Windows Server 2008 server. True (Your Answer) A. False B. Incorrect Q.24) Each class or attribute that you add to the schema should have a valid __________. A. username B. password C. OID (Correct Answer) D. SID (Your Answer) Explanation Each class or attribute that you add to the schema should have a valid Object Identifier (OID). As part of the X.500 structure on which Active Directory is based, OIDs must be globally unique, and they are represented by a hierarchical dotted-decimal notation string. Incorrect Q.25) Because Server Core does not support graphical utilities, such as Server Manager and the Active Directory Installation Wizard, you need to run dcpromo from the command line using an unattended installation, which uses a specially formatted text file to specify the necessary installation options. A. B. True (Correct Answer) False (Your Answer)

Correct Q.26) What shared folder exists on all domain controllers and is used to store Group Policy objects, login scripts, and other files that are replicated domain-wide? A. SYSVOL (Your Answer) B. AD C. C$ D. VOLMGR Explanation The SYSVOL shared folder exists on all domain controllers and is used to store Group Policy Objects, login scripts, and other files that are replicated domain-wide. Correct Q.27) What type of trust relationship allows you to create two-way transitive trusts between separate forests? shortcut A. cross-forest (Your Answer) B. external C. real D. Explanation Cross-forest trust relationships were introduced in Windows Server 2003; they allow you to create two-way transitive trusts between separate forests. Correct Q.28) For domain controllers to register their records with DNS at startup, dynamic updates must be allowed. A. True (Your Answer) B. False Incorrect Q.29) What DLL must be registered to use the Schema Management snap-in? A. schmmgnt32.dll B. schemamanagement.dll C. schmmgmt.dll (Correct Answer) D. adschm.dll (Your Answer) Explanation The schmmgmt.dll DLL is not registered by default in Windows Server 2008 and needs to be added manually to run the Schema Management MMC snap-in.

Incorrect Q.1) You are in charge of a domain that contains several office rooms and one large computer commons area. In order to secure accounts in the domain, you want to apply separate account policies for the computers in the commons area, while maintaining the policies that are used in the office rooms. Currently, all computers are in the Computers folder. What is the most efficent way to accomplish this task? A. Create a new OU called "CommonsArea" and move the commons area computer accounts into it. Create a new GPO and configure the desired account policies. Link the new GPO to the CommonsArea OU (Correct Answer) Create a new domain on a new domain controller to service the commons area The policy settings must be assigned manually on the local computer GPO's in the commons area Create a new GPO and specify the computer accounts of the computers in the commons area then apply the desired account policies. Finally, link the new GPO to the domain. (Your Answer)

B. C. D.

Correct Q.2) Terminal Services Gateway (TS Gateway) adds to the TS web access functionality by allowing a secure, encrypted connection using ____. A. Virtual Private Network (VPN) B. Secure Socket Tunneling Protocol (SSTP) C. Secure HTTP (HTTPS) (Your Answer) D. Network Address Translation (NAT) Incorrect Q.3) A _____ contains one or more domains that are in a common relationship. forest (Your Answer) A. root B. tree (Correct Answer) C. branch D. Correct Q.4) You work for the large Example.com corporation. Recently, Example.com has been adding new branch offices at a steady rate. Just last week, a new branch office was created and now you have been put in charge of configuring group policy settings for the branch office. Because this branch office will be fairly large, it will be set up as a separate domain. Since there are several branch offices with similar GPO requirements, you want to be able to make use of GPOs that have already proven to be useful. What is the easiest way to make the policies in this new branch office similar to those already in place?

A. Manually recreate all GPO settings from the other domains and link them to the new domain B. Use GPO migration by adding the domains with the policies you want to GPMC, and then copy and paste them. (Your Answer) C. Use CSVDE import the GPOs via comma separated values in text files D. backup the desired GPOs on the domains you want to mimic, then restore the GPOs in the new domain. Incorrect Q.5) You have created a subnetted network and left 4 bits for host IDs. How many hosts can you have per subnet? 16 A. 30 B. 32 (Your Answer) C. 14 (Correct Answer) D. Incorrect Q.6) You're in charge of a high-end, enterprise class server running Windows Server 2008 Datacenter edition. Lately you've noticed that the server's memory utilization is too high, so you've decided to add an additional few sticks of RAM into the server's free slots. To reduce downtime, you should check if your server supports _____. A. Hot-add memory (Correct Answer) B. hot-replace memory (Your Answer) C. external memory slot controller D. ho-add cpu Incorrect Q.7) Which of the following Windows Server 2008 editions has no upgrade path? Standard Edition (Your Answer) A. Enterprise Edition B. Datacenter Edition C. Web Server Edition (Correct Answer) D. Incorrect Q.8) A _____ is intended to contain user accounts from a single domain and can also be set up as a member of a domain local group in the same or another domain. A. domain security group

B. global security group (Correct Answer) C. universal security group D. domain local group (Your Answer) Incorrect Q.9) Which of these is not a new GPO in Windows Vista and Server 2008? Local Administrators GPO A. Local Non-Administrators GPO (Your Answer) B. User-Specific GPO C. Local Computers GPO (Correct Answer) D. Correct Q.10) The _____ tab is used to enable or disable a printer for sharing as well as to specify the name of the share. A. Sharing (Your Answer) B. General C. Advanced D. Location Incorrect Q.11) The main purpose of Active Directory is to _. A. B. C. D. Unanswered Q.12) For several hours now, your IT staff has been trying to troubleshoot an issue on AppSrv1. AppSrv1 uses an application that requires it to access SQL database on a server named DBSrv1 but recent changes in the network topology have outdated previous DNS entries. Initially, the problem is believed related to the DNS database, but after using nslookup, you find that the DNS entry is correct. AppSrv1 can reach the DBSrv1 server manually by IP address, but when using a name, it resolves to the wrong machine. What is most likely the issue? A. AppSrv1 has a static route entry to DBSrv1 Provide authentication and authorization to users and computers. (Correct Answer) Provide File and Print services Give administrators the ability to control access to restricted hardware (Your Answer) allow users to organize their files systems into a cohesive and high performance directory structure

B. nslookup was pulling from the correct DNS server, but the computer is configured with the wrong DNS server C. A conditional forward zone has not been set up properly D. someone added a static entry for DBSrv1 in the hosts text file which is now outdated. (Correct Answer) Incorrect Q.13) One of your interns has been asked to modify the permissions on a directory locaed on a Server Core server. Your intern asks what command is used to do this. Which command do you tell him to use? icacls (Correct Answer) A. dtsutil B. dsacls C. winrs (Your Answer) D. Incorrect Q.14) Windows Server 2008 is activated automatically after several days. However, if it can't be activated, how many days do you have to active Windows Server 2008 before you can no longer log on? A. 30 days (Your Answer) B. 15 days C. 60 days (Correct Answer) D. 90 days Incorrect Q.15) Which of the following defines the types of information stored in an Active Directory object? Attribute value (Your Answer) A. Schema classes B. Schema attributes (Correct Answer) C. GPO's D. Correct Q.16) Which of the following statements is true regarding RODC replication? A. The connection between an RODC and a writeable DC is a two-way connection because changes can originate on an RODC B. two RODCs cannot replicate with one another under any circumstances C. The domain directory partition can be replicated only to an RODC from a Windows

Server 2008 DC (Your Answer) D. When upgrading a domain from Windows Server 2003, the first Windows Server 2008 DC can be an RODC Incorrect Q.17) One of your administrators is unfamiliar with using the command line, but needs to be able to manage a Windows Server 2008 Core install. While attemtping to used an MMC snapin to manage Server Core, he finds that he is unable to do so. He notes that some snap-ins, such as Shared Folders and Services worked perfectly remotely, while MMCs such as Event Viewer do not. What is most likely the issue? A. B. C. D. Incorrect Q.18) How can you ensure that a GPO's settings are applied to all child objects, even if a GPO with conflicting settings is linked to a container at a deeper level? A. B. C. D. Correct GPO Filtering Enforcing inheritance (Correct Answer) Loopback policy processing Inheritance blocking (Your Answer) The administrator has permissions to access only specific MMC consoles from his remote machine the other MMCs that the Administrator is trying to access are not available on Server Core A group policy setting is preventing him from viewing higher management level MMCs (Your Answer) Server Core's firewall needs to be reconfigured for the Administrator to access certain MMCs (Correct Answer)

Q.19) Your intern would like to know which of the following situations would be ideal for a Server Core installation: You're installing the first server in a network A. You're upgrading from Windows Server 2003 B. You want to run Windows Web Server 2003 C. You want to install an RODC in a branch office (Your Answer) D. Correct Q.20) If a software package is assigned to a group of targeted computers via the Computer Configuration node, what happens?

A. Next time a user logs in to one of the targeted computers, they are prompted to install the package B. The package is advertised in Add/Remove programs as an installation option C. The package is placed on the computers but is not installed until a member of the Administrators group installs it D. The package installation is mandatory and begins the next time the computer starts (Your Answer) Correct Q.21) Which of the following features is not present in Windows Server 2003 domain functional level? Domain controller renaming A. selective authentication B. logon timestamp replication C. fine-grained password policies (Your Answer) D. Incorrect Q.22) What subnode under Security Settings applies to wireless network policies? A. Wireless Network (IEEE 802.3) Policies B. IP Security Policies on Active Directory C. Wireless Network (IEEE 802.11) Policies (Correct Answer) D. Network Access Protection (Your Answer) Incorrect Q.23) What must be done to allow a user to be able to access a file encrypted with EFS over a network connection? Certificate autoenrollment must be configured (Correct Answer) A. the user must be given the correct permissions B. the users SID must be exported to the remote machine C. this can not be accomplished (Your Answer) D. Correct Q.24) One of the below IP address / subnet mask pairs is invalid; find the invalid answer. A. B. C. D. 10.0.239.254/255.0.255.0 (Your Answer) 172.31.1.200/255.255.0.0 192.168.2.190/255.255.255.128 10.200.139.1/255.255.255.248

Correct Q.25) When a print job is processed over the Internet or an intranet, _____ must be installed and running in Windows Server 2008. Windows Distribution Services (WDS) A. Internet Information Services (IIS) (Your Answer) B. Windows Support Services (WSS) C. Web Server Service (WSS) D. Correct Q.26) A user has been on a 7 month long sabbatical. Upon return, you discover that her user object was deleted by accident on the same day she left. Assuming that Active Directory is configured with the default tombstone lifetime, how much longer do you have before you can no longer recover her username object with an authoritative restore? A. No time, the user object has already been cleaned during garbage collection (Your Answer) B. 40 days C. 90 days D. 180 days Correct Q.27) The Network Devices Enrollment Services (NDES) allows network devices such as routers and switches, to obtain certificates by using a special Cisco proprietary protocol known as .... Simple Certificate Enrollment Protocol (SCEP) (Your Answer) A. Special Device Certification Protocol (SDCP) B. Secured Network Device Protocol (SNMP) C. Special Certificate Enrollment Protocol (SCEP) D. Incorrect Q.28) The _____ boxes are used to store special notes about the printer that can help distinguish it from other printers, particularly for the sake of users if the printer is shared on the network. A. General B. Type C. Notes (Your Answer) D. Location and Comment (Correct Answer) Incorrect

Q.29) A recursive query is .... A. a type of DNS query to which a DNS server responds with the best information it has to satisfy the query. The DNS server doesn't query additional DNS servers in an attempt to resolve the query. a query in which the DNS server processes the query until it responds with an address that satisfies the query or with an "I don't know" message. The process might require the DNS server to query several additional DNS servers. (Correct Answer) A process whereby the DNS server checks the zone file for stale records periodically and deletes those meeting the criteria for a stale record. (Your Answer) a grouping of DNS information that represents one or more domains and possibly sub domains.

B.

C.

D. Incorrect

Q.30) Windows Internet Name Service (WINS) is a legacy name service used to resolve ... A. Domain names to IP address (Your Answer) B. Bootp names C. MAC addresses to IP addresses D. NetBIOS names (Correct Answer) Incorrect Q.31) Accessing folders and files can be tracked by setting up _____, which in Windows Server 2008 enables you to track activity on a folder or file, such as read or write activity. archiving A. logging (Your Answer) B. tracking C. auditing (Correct Answer) D. Incorrect Q.32) Select below a vaild requirement for the installation of Hyper-V: A. Windows Server 2008 Datacenter must be installed to use Hyper-V B. Your CPU must support virtualization extensions (Correct Answer) C. You require a Hyper-V license key D. You must have at least 128MB of RAM installed (Your Answer) Incorrect

Q.33) What can be done to solve the issue of server sprawl? Add new servers A. consolidate the servers with virtualization (Correct Answer) B. install potentially conflicting applications on seperate servers C. reducing server uptime (Your Answer) D. Incorrect Q.34) A network interface is composed of two parts: A. B. C. D. Correct device driver software and network media network interface and network medium device driver software and network interface (Correct Answer) network interface and client software (Your Answer)

Q.35) The computer or print server device offering the printer share is the _____. network print server (Your Answer) A. network print manager B. network print client C. network print provider D. Incorrect Q.36) If correct time zone information is not used and your servers' clocks run at different times, what is most likely to have issuses on your network? A. Windows Update (Your Answer) B. IP address assignment C. program performance D. User authentication (Correct Answer) Incorrect Q.37) A(n) ______ is a list of privleges given to an account or security group granting access to an object, such as a shared folder or shared printer. ACL (Correct Answer) A. ACE B. attribute list C. GPO (Your Answer) D. Correct

Q.38) When examining a Workgroup Model, a Windows Server 2008 server that participates in a workgroup is referred to as a _____. A. domain controller B. member server C. stand-alone server (Your Answer) D. stand-alone member server Incorrect Q.39) What type of information does a resource record of type A contain? host (Correct Answer) A. name server (Your Answer) B. state of authority C. IPv6 host D. Incorrect Q.40) Under what circumstances are the built-in user accounts no longer local user accounts? A. When accessing a network resource in a workgroup environment B. After installing Active Directory (Correct Answer) C. This is impossible, built-in user accounts cannot be converted (Your Answer) D. When using dsadd on the built-in accounts Incorrect Q.41) What option under the General tab in the Properties dialog box of a forest trust is only availble for use betweeon two Windows Server 2008 domains? direction of trust (Your Answer) A. transitivity of trust B. the other domain supports Kerberos AES Encryption (Correct Answer) C. Validate D. Incorrect Q.42) DNS is a TCP/IP-based name service that converts computer and domain host names to dotted decimal addressed and vice versa, through a process called ______. A. address resolution B. name resolution (Correct Answer) C. domain resolution (Your Answer)

D. host resolution Incorrect Q.43) What is the default location of the ADMX files? %systemroot%\Policies A. %systemroot%\Policies\ADMX (Your Answer) B. %systemroot%\PolicyDefinitions (Correct Answer) C. %systemroot%\PolicyDefinitions\ADMX D. Incorrect Q.44) Which of the following is a GUI tool that enables you to view the replication topology graphically and monitor replication performance and status? A. repadmin B. replmon (Correct Answer) C. dcdiag (Your Answer) D. repstat Incorrect Q.45) What is the Microsoft recommendation for placement of global catalog servers? A. B. C. D. Incorrect Q.46) A(n) _____ means that if A and B have a trust and B and C have a trust, A and C automatically have a trust as well. A. one-way trust B. transitive trust (Correct Answer) C. linear trust (Your Answer) D. implied trust Incorrect Q.47) Which of the following server roles is not available within a Windows Server 2008 Core Install a global catalog server in a site once it is larger than 50 accounts and the number of DCs is greater than 2 install a global catalog server in a site once it is larger than 500 accounts and the number of DCs is greater than 2 (Correct Answer) Install a global catalog server in a site once it is larger than 1,000 accounts and the number of DCs is greater than 4 (Your Answer) install a global catalog server in a site once it is larger than 5,000 accounts and the number of DCs is greater than 8

Installation? File Services A. Terminal Services (Correct Answer) B. Hyper V (Your Answer) C. Web Server (IIS) D. Incorrect Q.48) A new employee, Alice, has been hired to work at a branch office configured with RODC. This RODC connects to a DC over a WAN link back at the head office. Just as Alice is about to log onto her machine for the first time, she finds that she is unable to authenticate despite using the correct user name and pasword given to her. Other users in the branch office can log in fine, but Alice cannot. What is most likely the issue? A. Alice's user and password information hasn't been replicated to the RODC yet, and therefore her credentials cant be verified by the RODC server B. Alice has been added at the head office domain, but not the branch office domain (Your Answer) C. The WAN link failed before Alice could log on, preventing her from making use of credential caching (Correct Answer) D. The RODC has different account password information than the information stored at the head office causing a conflict Incorrect Q.49) You're taking an older server performing the PDC emulator master role out of service and will be replacing it with a new server configured as a domain controller. What should you do to ensure the smoothest transition? A. B. C. D. Incorrect Q.50) An encrypted folder or file uses the Microsoft _____, which sets up a unique, private encryption key associated with the user account that encrypted the folder or file. A. Encrypting File System (Correct Answer) B. Advanced Encryption Standard (Your Answer) Transfer the PDC master role to the new domain controller, and then shut down the old server (Correct Answer) shutdown the current PDC master and seize the PDC master role from the new domain controller back up the domain controller that's currently the PDC master, restore it to the new domain controller, then shut down the old PDC master shutdown the current PDC master, and then transfer the PDC master role to the new domain controller (Your Answer)

C. Data Encryption Standard D. Block Encryption System