Active Directory 2003 Interview Question and Answer Viral Rathod's Exchange 2016 Blog

4/21/2015
ActiveDirectory2003InterviewQuestionandAnswerViralRathod'sExchange2016Blog
ViralRathod'sExchange2016Blog
MicrosoftExchangeServerBlog
ActiveDirectory2003InterviewQuestion
andAnswer
ActiveDirectory2003InterviewQuestionand
Answer:
1)LogicalDiagramofActiveDirectory?Whatisthedifferencebetweenchilddomain&
additionaldomainserver?
A)Activedirectorycontainsforest,tree,domainanditschilddomain.Childdomianis
comesunderparentdomainanditsharesthenamespace,itsnamesspaceappendtheparent
domainname.Addtionaldomaincontrolleristhecopyofmaindomaincontrolleranditsfor
loadbalancingandfaulttolarance.
2)WhatarethePortnumbers?
A)
FTP:21,TELNET:23,SMTP:25,DNS:53,DHCP:67,KERBEROS:88,POP3:110
,NNTP:119,IMAP:143,
SNMP:161,LDAP:389,SSL:443,MSDSAD:445,RPC:530,LDAPS:636,IMAP
S:993,POPS:995,LotusNotes:1352,
Sametime:1533,MSPPTP:1723,MSRDP:3389
3)WhatisKerberos?WhichversioniscurrentlyusedbyWindows?HowdoesKerberos
work?
A)KerberosistheuserauthenticationusedinWin2000andWin2003ActiveDirectory
https://viralr.wordpress.com/activedirectory2003interviewquestionandanswer/
1/24
4/21/2015
A)KerberosistheuserauthenticationusedinWin2000andWin2003ActiveDirectory
servers
Kerberosversionis5.0.Portis:88.ItsmoresecureandencryptedthanNTLM(NT
authentication)
Kerberosmakesuseofatrustedthirdparty,termedaKeyDistributionCenter(KDC),which
consistsoftwologicallyseparateparts:anAuthenticationServer(AS)andaTicketGranting
Server(TGS).Kerberosworksonthebasisofticketswhichservetoprovetheidentityof
users.
TheKDCmaintainsadatabaseofsecretkeys;eachentityonthenetworkwhetheraclient
oraserversharesasecretkeyknownonlytoitselfandtotheKDC.Knowledgeofthiskey
servestoproveanentitysidentity.Forcommunicationbetweentwoentities,theKDC
generatesasessionkeywhichtheycanusetosecuretheirinteractions.
4)WhatareFSMORoles?Listthem.
A)FlexibleSingleMasterOperationRoles(FSMO)rolesareserverrolesinaForest
TherearefivetypesofFSMOroles
1.
2.
3.
4.
5.
DomainNamingMasterForestWideRoles
SchemaMasterForestWideRoles
RIDMasterDomainWideRoles
PDCEmulatorDomainWideRoles
InfrastructureMasterDomainWideRoles
DomainNamingMaster:Adding/Changing/DeletinganyDomaininaforestittakescare
SchemaMaster:ItmaintainsstructureoftheActiveDirectoryinaforest.
RIDMaster:ItassignsRIDandSIDtothenewlycreatedobjectlikeUsersandcomputers.If
RIDmasterisdown(ucancreatesecurityobjectsuptoRIDpoolsareavailableinDCs)elseu
cantcreateanyobjectoneitsdown
PDCemulator:ItworksasaPDCtoanyNTBDCsinyourenvironment.ItworksasTime
Server(tomaintainsametimeinyournetwork).Itworkstochangethepasswords,lockout,
etc.
InfrastructureMaster:Thisworkswhenwearerenaminganygroupmembershipobjectthis
roletakescare.
5)DescribetheleaseprocessoftheDHCPserver.
A)ADHCPleaseistheamountoftimethattheDHCPservergrantstotheDHCPclient
permissiontouseaparticularIPaddress.Atypicalserverallowsitsadministratortosetthe
leasetime.
Itsafourstepprocessconsistingof
(a)DHCPdiscovery,
2/24
4/21/2015
(b)DHCPoffer,
(c)DHCPRequestand
(d)DHCPAcknowledgement.
6)WHATISTHEFUNCTIONOFDHCP?
A)ProvidingIPaddressdynamically
8)Whatisforest.
A)Itisacollectionoftrees.Treeisnothingbutcollectionofdomainswhichishavingsame
namespace.Domaincontainsdomaincontrollers.
ForestTreeDomain.
9)WhatisActiveDirectory?
A)ActiveDirectoryisanetworkbasedobjectstoreandservicethatlocatesandmanages
resources,andmakestheseresourcesavailabletoauthorizedusersandgroups.An
underlyingprincipleoftheActiveDirectoryisthateverythingisconsideredanobject
people,servers,workstations,printers,documents,anddevices.Eachobjecthascertain
attributesanditsownsecurityaccesscontrollist(ACL).
10)WherearetheWindowsNTPrimaryDomainController(PDC)anditsBackup
DomainController(BDC)inServer2003?
A)TheActiveDirectoryreplacesthem.Nowalldomaincontrollersshareamultimaster
peertopeerreadandwriterelationshipthathostscopiesoftheActiveDirectory.
11)Howlongdoesittakeforsecuritychangestobereplicatedamongthedomain
controllers?
A)Securityrelatedmodificationsarereplicatedwithinasiteimmediately.Thesechanges
includeaccountandindividualuserlockoutpolicies,changestopasswordpolicies,changes
tocomputeraccountpasswords,andmodificationstotheLocalSecurityAuthority(LSA).
12)WhatisActiveDirectoryschema?
A)TheActiveDirectoryschemacontainsformaldefinitionsofeveryobjectclassthatcanbe
createdinanActiveDirectoryforestitalsocontainsformaldefinitionsofeveryattributethat
canexistinanActiveDirectoryobject.ActiveDirectorystoresandretrievesinformation
fromawidevarietyofapplicationsandservices.Sothatitcanstoreandreplicatedatafroma
potentiallyinfinitevarietyofsources,ActiveDirectorystandardizeshowdataisstoredinthe
directory.Bystandardizinghowdataisstored,thedirectoryservicecanretrieve,update,
andreplicatedatawhileensuringthattheintegrityofthedataismaintained.
Schemamasterisasetofruleswhichisusedtodefinethestructureofactivedirectory.It
containsdefinitionsofalltheobjectswhicharestoredinAD.Itmaintainsinformationand
detailinformationofobjects.
3/24
4/21/2015
13)HowwillyoubackupActiveDirectory?
A)Takethesystemstatedatabackup.Thiswillbackuptheactivedirectorydatabase.
MicrosoftrecommendonlyFullbackupofsystemstatedatabase
14)WhatarethecontentsofSystemStatebackup?
A)Thecontentsare
Bootfiles,Systemfiles,Activedirectory(ifitsdoneonDC),SYSVOLfolder(ifitdoneonDC),
Certificateservice(onaCAserver),Clusterdatabase(onaclusterserver),Registry
Performancecounterconfigurationinformation,Componentservicesclassregistration
database
15)CompareActivedirectory&SAM?
WindowsNT
Windows2000
Singlemasterreplicationisusedvia
PDCsandBDCs.
Multimasterreplicationisusedvia
DCs.
Domainisthesmallestunitof
partitioning.
partitioning.
authentication.
OUisthesmallestunitof
authentication.
Domainisthesmallestunitofpolicy
(systempolicies).
OUisthesmallestunitofpolicy
(grouppolicyobjects).
Domainisthesmallestunitofsecurity
delegation/administration.
Apropertyofanobjectisthesmallest
unitofsecurity
delegation/administration.
NetBIOSbroadcastsasprimary
browsingandconnectionmechanism.
TCP/IPconnectionstoActive
Directoryasprimarybrowsingand
connectionmechanism.
WINSorLMHOSTSrequiredfor
effectivebrowsing.
DNSandActiveDirectoryrequired
foreffectivebrowsingWINSrequired
forolderclients.
Objectisthesmallestunitof
replication.
Propertyisthesmallestunitof
replication.
Maximumrecommendeddatabase
sizeforSAMis40MB.
MaximumdatabasesizeforActive
Directoryis70TB.
Maximumeffectivenumberofusersis
40,000(ifyouaccepttherecommended
40MBmaximum).
Maximumnumberofusers(objects)in
onedomainisbetweenoneandtwo
millionMaximumnumberofusers
(objects)inoneforestis10million.
Fourdomainmodels(single,single
master,multimaster,completetrust)
requiredtosolveadminboundary
Nodomainmodelsrequiredasthe
completetrustmodelis
implemented.Onewaytrustscanbe
4/24
4/21/2015
anduserlimitproblemsbeingper
domain.
implementedmanually.
Schemaisnotextensible.
Schemaisfullyextensible.
16)WhatisthedefaultdomainfunctionallevelinWindowsServer2003?
A)Thefourdomainfunctionallevelsare:
Windows2000Mixed,Windows2000Native,WindowsServer2003Interim,Windows
Server2003,Windows2000Mixed
WhenyouconfigureanewWindowsServer2003domain,thedefaultdomainfunctional
levelisWindows2000mixed.Underthisdomainfunctionallevel,WindowsNT,2000,and
2003domaincontrollersaresupported.However,certainfeaturessuchasgroupnesting,
universalgroups,andsoonarenotavailable.
Windows2000Native
UpgradingthefunctionallevelofadomaintoWindows2000Nativeshouldonlybedoneif
therearenoWindowsNTdomaincontrollersremainingonthenetwork.Byupgradingto
Windows2000Nativefunctionallevel,additionalfeaturesbecomeavailableincluding:
groupnesting,universalgroups,SIDHistory,andtheabilitytoconvertsecuritygroupsand
distributiongroups.
WindowsServer2003Interim
ThethirdfunctionallevelisWindowsServer2003Interimanditisoftenusedwhen
upgradingfromWindowsNTtoWindowsServer2003.Upgradingtothisdomainfunctional
levelprovidessupportforWindowsNTandWindowsServer2003domaincontrollers.
However,likeWindows2000Mixed,itdoesnotprovidenewfeatures.
WindowsServer2003
ThelastfunctionallevelisWindowsServer2003.Thisdomainfunctionallevelonlyprovides
supportforWindowsServer2003domaincontrollers.Ifyouwanttotakeadvantageofall
thefeaturesincludedwithWindowsServer2003,youmustimplementthisfunctionallevel.
Oneofthemostimportantfeaturesintroducedatthisfunctionallevelistheabilitytorename
domaincontrollers
17)Inwhichdomainfunctionallevel,wecanrenamedomainname?
A)AlldomaincontrollersmustberunningWindowsServer2003,andtheActiveDirectory
functionallevelmustbeattheWindowsServer2003.Yesucanrenamethedomainin
windowsserver2003
18)Whichisthedefaultprotocolusedindirectoryservices?
A)LightweightDirectoryAccessProtocol(LDAP)
19)Whatisasite?
A)Sites:oneormorewellconnectedhighlyreliableandfastTCP/IPsubnets.Asiteallows
5/24
4/21/2015
A)Sites:oneormorewellconnectedhighlyreliableandfastTCP/IPsubnets.Asiteallows
administratortoconfigureactivedirectoryaccessandreplicationtopologytotakeadvantage
ofthephysicalnetwork.
20)Whichisthecommandusedtoremoveactivedirectoryfromadomaincontroller?
A)dcpromoincommandprompttoadd/removeactivedirectorybutfirstADCshouldbe
removedbeforeDCifwewanttoremoveDCfirstthencheckthisserverislastdomain
controllerindomain.
RemovingActiveDirectory:
1.IfwewanttoremoveActiveDirectorythenwewillusecommandDCPROMO
2.Ifsomeonedeletedparentdomainandwewanttoremovefromchilddomainthenwe
willusecommandDCPROMO/FORCEREMOVAL
Note:Oneshouldnotremoveparentdomainfirst.Heshouldstartfrombottommeans
childdomainandafterthatitsparentandsoon.
21)Whatistrust?
A)Toallowusersinonedomaintoaccessresourcesinanother,ADusestrust.Trustis
automaticallyproducedwhendomainsarecreated.Theforestsetsthedefaultboundariesof
trust,notthedomain,andimplicittrustisautomatic.Aswellastwowaytransitivetrust,AD
trustscanbeshortcut(joinstwodomainsindifferenttrees,transitive,oneortwoway),
forest(transitive,oneortwoway),realm(transitiveornontransitive,oneortwoway),or
external(nontransitive,oneortwoway)inordertoconnecttootherforestsornonAD
domains.ADusestheKerberosV5protocol,althoughNTLMisalsosupportedandweb
clientsuseSSL/TLS.
22)WhatisthefilethatsresponsibleforkeepallActiveDirectorydatabase?
A)NTDS.DIT.defaultsize:40MB
23)WhatsnapinadministrativetoolsareavailableforActiveDirectory?
A)ActiveDirectoryDomainsandTrustsManager,ActiveDirectorySitesandServices
Manager,ActiveDirectoryUsersandGroupManager,ActiveDirectoryReplication
(optional,availablefromtheResourceKit),ActiveDirectorySchemaManager(optional,
availablefromadminpak)
24)WhattypesofclassesexistinWindowsServer2003ActiveDirectory?
A)Structuralclass:Thestructuralclassisimportanttothesystemadministratorinthatitis
theonlytypefromwhichnewActiveDirectoryobjectsarecreated.Structuralclassesare
developedfromeitherthemodificationofanexistingstructuraltypeortheuseofoneor
moreabstractclasses.
Abstractclass:Abstractclassesaresonamedbecausetheytaketheformoftemplatesthat
actuallycreateothertemplates(abstracts)andstructuralandauxiliaryclasses.Thinkof
abstractclassesasframeworksforthedefiningobjects.
6/24
4/21/2015
Auxiliaryclass:Theauxiliaryclassisalistofattributes.Ratherthanapplynumerous
attributeswhencreatingastructuralclass,itprovidesastreamlinedalternativebyapplying
acombinationofattributeswithasingleincludeaction.
88class:The88classincludesobjectclassesdefinedpriorto1993,whenthe1988X.500
specificationwasadopted.Thistypedoesnotusethestructural,abstract,andauxiliary
definitions,norisitincommonuseforthedevelopmentofobjectsinWindowsServer2003
environments.
25)Howdoyoudeletealingeringobject?
A)WindowsServer2003providesacommandcalledRepadminthatprovidestheabilityto
deletelingeringobjectsintheActiveDirectory.
26)WhatisGlobalCatalog?
A)TheGlobalCatalogauthenticatesnetworkuserlogonsandfieldsinquiriesaboutobjects
acrossaforestortree.EverydomainhasatleastoneGCthatishostedonadomain
controller.InWindows2000,therewastypicallyoneGConeverysiteinordertoprevent
userlogonfailuresacrossthenetwork.
27)WhatisGC?HowmanyrequiredforATree?
A)GlobalCatalogserverisaSearchableIndexbook.Withthiswecanfindoutanyobjectin
theActiveDirectory.AlsoitworksaslogonauthenticationforGroupmemberships.Wecan
haveeachdomaincontrollerindomainoronlyfirstdomaincontrollerinadomain.
28)WhatisGlobalCatalogserver?
A)GlobalCatalogServermaintainsfullinformationaboutitsowndomainandpartial
informationaboutotherdomains.Itisaforestwiderole.
Aglobalcatalogserverisadomaincontrolleritisamastersearchabledatabasethatcontains
informationabouteveryobjectineverydomaininaforest.Theglobalcatalogcontainsa
completereplicaofall
objectsinActiveDirectoryforitshostdomain,andcontainsapartialreplicaofallobjectsin
ActiveDirectoryforeveryotherdomainintheforest.Ithavetwoimportantfunctions:
i)Providesgroupmembershipinformationduringlogonandauthentication
ii)HelpsuserslocateresourcesinActiveDirectory
29)CanIchangepasswordifmymachinesconnectivitytoDCwhoholdsPDCemulator
rolehasbeenfails?
A)Noyoucannotchangethepassword.
30)HowCanIDeploytheLatestPatchedinPcthroughG.P.withouthavingtheAdmin
RightinPC?
A)CreateabatchfileandplaceallthepatchesintheNetlogon,anddeploythebatchfile
throughGPtoallthepcsothesameshouldtakeaffectafterrestartingthepc.
Theaboveanswerisincorrect.
7/24
4/21/2015
Youcannotdeployabatchfileusinggrouppolicy.Youcanonlypublishorassign.msi
packagesorZapfiles.Theyaretheonlytwovalidfileformatsallowablewhenusing
intellimirrorinactivedirectory.
IfyoucreateascriptandassignittotheSTARTUPscriptinaGPOappliedtothe
COMPUTERandnottheUSER,thenitrunsasalocaladministratoronthecomputer.
31)Differencebetween2000&2003.
A)
1.WecantrenamedomaininWin2k,ucanrenameinWin2k3
2.IIS5.0inWin2kandIIS6.0inWin2k3
3.NoVolumeShadowCopyinginWin2k,itsavailableinWin2k3
4.ActiveDirectoryFederationSystemsinWin2k3
LikethatsomeothersecurityfeaturesaddedinWin2k3,mainfeaturesareabove
32)Whatishotfix?
A)Itisfix,whichMicrosoftreleasewheneverthereisabugorforupdationofOperating
system.
33)Whatispaging?
A)Ifaprogramreferencesamemorylocationwithinavirtualpagethatisnotavailable,the
hardwaregeneratesapagefault.Whenthisoccurs,thememorymanagementhardware
invokesanoperatingsystemroutinethatloadstherequiredpagefromauxiliarystorage
(e.g.,apagingfileondisk)andturnsontheflagthatindicatesthepageisavailable.The
hardwarethenaddstheoffsetdenotedbytheloworderbitsintheaddressregistertothe
startlocationofthephysicalpage,accessestherequestedmemorylocation,andreturns
controltotheapplicationthatoriginallytriedtoaccessthememory.Thisprocesstakesplace
transparentlytotheapplicationaddressingthememory.Thisschemeiscalledpaging.
34)Explainhiddenshares?
A)Hiddenoradministrativesharesaresharenameswithadollarsign($)appendedtotheir
names.Administrativesharesareusuallycreatedautomaticallyfortherootofeachdrive
letter.Theydonotdisplayinthenetworkbrowselist.
35)HowdothepermissionsworkinWindows2000?Whatpermissionsdoesfolderinherit
fromtheparent?
A)WhenyoucombineNTFSpermissionsbasedonusersandtheirgroupmemberships,
theleastrestrictivepermissionstakeprecedence.However,explicitDenyentriesalways
overrideAllowentries.
36)WhycantIencryptacompressedfileonWindows2000?
8/24
4/21/2015
A)Youcaneithercompressitorencryptit,butnotboth.
37)IfIrenameanaccount,whatmustIdotomakesuretherenamedaccounthasthesame
permissionsastheoriginalone?
A)Nothing,itsallmaintainedautomatically.
38)WhatsthemostpowerfulgrouponaWindowssystem?
A)Administrators.
39)WhataretheaccessibilityfeaturesinWindows2000?
A)StickyKeys,FilterKeysNarrator,Magnifier,andOnScreenKeyboard.
40)WhycantIgettotheFaxServiceManagementconsole?
A)Youcanonlyseeitifafaxhadbeeninstalled.
41)WhatdoIneedtoensurebeforedeployinganapplicationviaaGroupPolicy?
A)MakesureitseitheranMSIfile,orcontainsaZAPfileforGroupPolicy.
42)Howdoyouconfiguremandatoryprofiles?
A)Renamentuser.dattontuser.man
43)IcantgetmultipledisplaystoworkinWindows2000.
A)Multipledisplayshavetouseperipheralconnectioninterface(PCI)orAccelerated
GraphicsPort(AGP)portdevicestoworkproperlywithWindows2000.
44)WhatsamaximumnumberofprocessorsWin2ksupports?
A)2
45)IhadsomeNTFSvolumesundermyWindowsNTinstallation.Whathappenedto
NTFSafterWin2kinstallation?
A)ItgotupgradedtoNTFS5.
46)HowdoyouconvertadrivefromFAT/FAT32toNTFSfromthecommandline?
A)convertc:/fs:ntfs
47)ExplainAPIPA.
A)AutoPrivateIPAddressing(APIPA)takeseffectonWindows2000Professional
computersifnoDHCPservercanbecontacted.APIPAassignsthecomputeranIPaddress
withintherangeof169.254.0.0through169.254.255.254withasubnetmaskof255.255.0.0.
48)HowdoesInternetConnectionSharingworkonWindows2000?
9/24
4/21/2015
A)InternetConnectionSharing(ICS)usestheDHCPAllocatorservicetoassigndynamic
IPaddressestoclientsontheLANwithintherangeof192.168.0.2through192.168.0.254.In
addition,theDNSProxyservicebecomesenabledwhenyouimplementICS.
49)IcantseemtoaccesstheInternet,donthaveanyaccesstothecorporatenetworkand
onipconfigmyaddressis169.254.*.*.Whathappened?
A)The169.254.*.*netmaskisassignedtoWindowsmachinesrunning98/2000/XPifthe
DHCPserverisnotavailable.ThenameforthetechnologyisAPIPA(AutomaticPrivate
InternetProtocolAddressing).
50)WeveinstalledanewWindowsbasedDHCPserver,however,theusersdonotseem
tobegettingDHCPleasesoffofit.
A)TheservermustbeauthorizedfirstwiththeActiveDirectory.
51)HowcanyouforcetheclienttogiveuptheDHCPleaseifyouhaveaccesstotheclient
PC?
A)ipconfig/release
52)WhatauthenticationoptionsdoWindows2000Servershaveforremoteclients?
A)PAP,SPAP,CHAP,MSCHAPandEAP.
53)WhatarethenetworkingprotocoloptionsfortheWindowsclientsifforsomereason
youdonotwanttouseTCP/IP?
A)NWLink(Novell),NetBEUI,AppleTalk(Apple).
54)WhatisdatalinklayerintheOSIreferencemodelresponsiblefor?
A)Datalinklayerislocatedabovethephysicallayer,butbelowthenetworklayer.Taking
rawdatabitsandpackagingthemintoframes.Thenetworklayerwillberesponsiblefor
addressingtheframes,whilethephysicallayerisresponsibleforretrievingandsendingraw
databits.
55)Whatisbindingorder?
A)Theorderbywhichthenetworkprotocolsareusedforclientservercommunications.
Themostfrequentlyusedprotocolsshouldbeatthetop.
56)Howdocryptographybasedkeysensurethevalidityofdatatransferredacrossthe
network?
A)EachIPpacketisassignedachecksum,soifthechecksumsdonotmatchonboth
receivingandtransmittingends,thedatawasmodifiedorcorrupted.
57)ShouldwedeployIPSECbasedsecurityorcertificatebasedsecurity?
A)Theyarereallytwodifferenttechnologies.IPSecsecurestheTCP/IPcommunicationand10/24
4/21/2015
A)Theyarereallytwodifferenttechnologies.IPSecsecurestheTCP/IPcommunicationand
protectstheintegrityofthepackets.Certificatebasedsecurityensuresthevalidityof
authenticatedclientsandservers.
58)WhatisLMHOSTSfile?
A)itsafilestoredonahostmachinethatisusedtoresolveNetBIOStospecificIPaddresses.
59)WhatsthedifferencebetweenforwardlookupandreverselookupinDNS?
A)Forwardlookupisnametoaddress;thereverselookupisaddresstoname.
60)HowcanyourecoverafileencryptedusingEFS?
A)Usethedomainrecoveryagent.
61)WhatisIPv6?
A)InternetProtocolversion6(IPv6)isanetworklayerIPstandardusedbyelectronic
devicestoexchangedataacrossapacketswitchedinternetwork.ItfollowsIPv4asthe
secondversionoftheInternetProtocoltobeformallyadoptedforgeneraluse.Itisa128bit
sizeaddress.Herewecanseetotal8octetseachoctetsizeis16bits.
62)Whatismultimasterreplication?
A)InadditiontostoringprimaryzoneinformationinDNSwecanalsostoreitinactive
directoryasactivedirectoryobject.ThisintegratesDNSwithactivedirectoryinordertotake
advantageofactivedirectoryfeatures.Thebenefitsare
Zonecanbemodifiedfromanydomaincontrollerwithinthedomainandthis
informationisautomaticallyupdatedorreplicatedtoalltheotherdomaincontrollers
alongwiththeactivedirectoryreplication.ThisreplicationissaidtobeMultimaster
replication.
WenolongerfacethestandardDNSserverdrawbacks.InstandardDNSserveronlythe
primaryservercanmodifythezoneandthenreplicatethechangestootherdomain
controllers(ItwasinwindowsNT4before).ButwhenDNSgetsintegratedwithAD
.Zonecanbemodifiedandreplicatedfromanydomaincontroller.
Faulttolerance
Security:Youcanpreventaccesstoanyupdatestozoneorindividualrecordpreventing
insecuredynamicupdates.
63)WhatisRSoP?
A)ResultantSetofPolicy(RSoP)isprovidedtomakepolicymodificationandtrouble
shootingeasier.RSoPisthequeryobjectithastwomodes:
1.Loggingmode:Pollsexistingpoliciesandthereportstheresultofthequery.
2.Planningmode:Thequestionsaskabouttheplannedpolicyandthereporttheresultofthe
query.
64)DifferencebetweenNTFSandFAT32
11/24
4/21/2015
A)
NTFS
FAT32
AllowsaccesslocaltoWin2k,Win2k3,
WinXP,WinNT4withSP4&latermayget
accessforsomefile.
Fat32AllowsaccesstoWin95,Win98,
WinMe,Win2k,WinXPonlocalpartition.
Maximumsizeofpartitionis2Terabytes
&more.
Maximumsizeofpartitionisupto2TB.
MaximumFilesizeisupto16TB.
MaximumFilesizeisupto4GB.
File&folderEncryptionispossible
File&folderEncryptionisnotpossible.
Support255characterslongfilename
FATsupport8.3characterfilename(avail.
inFAT32)
65)WhatisMicrosoftSoftwareAssurance?
A)Itmeansthatifinfuturesomeupgradeversionisintroducedinmarket,thensoftware
assuranceallowsupgradingthelicensewithoutpayinganyextracost.
66)HowisuseraccountsecurityestablishedinWindowsServer2003?
A)Whenanaccountiscreated,itisgivenauniqueaccessnumberknownasasecurity
identifier(SID).EverygrouptowhichtheuserbelongshasanassociatedSID.Theuserand
relatedgroupSIDstogetherformtheuseraccountssecuritytoken,whichdeterminesaccess
levelstoobjectsthroughoutthesystemandnetwork.SIDsfromthesecuritytokenare
mappedtotheaccesscontrollist(ACL)ofanyobjecttheuserattemptstoaccess.
67)IfIdeleteauserandthencreateanewaccountwiththesameusernameandpassword,
wouldtheSIDandpermissionsstaythesame?
A)No.Ifyoudeleteauseraccountandattempttorecreateitwiththesameusernameand
password,theSIDwillbedifferent.
68)Whatdoyoudowithsecuresignonsinanorganizationwithmanyroamingusers?
A)CredentialManagementfeatureofWindowsServer2003providesaconsistentsingle
signonexperienceforusers.Thiscanbeusefulforroaminguserswhomovebetween
computersystems.TheCredentialManagementfeatureprovidesasecurestoreofuser
credentialsthatincludespasswordsandX.509certificates.
69)AnythingspecialyoushoulddowhenaddingauserthathasaMac?
A)SavepasswordasencryptedcleartextmustbeselectedonUserPropertiesAccountTab
Options,sincetheMacsonlystoretheirpasswordsthatway.
70)WhatremoteaccessoptionsdoesWindowsServer2003support?
A)Dialin,VPN,dialinwithcallback.
71)Wherearethedocumentsandsettingsfortheroamingprofilestored?
12/24
4/21/2015
A)Allthedocumentsandenvironmentalsettingsfortheroaminguserarestoredlocally
onthesystem,and,whentheuserlogsoff,allchangestothelocallystoredprofilearecopied
tothesharedserverfolder.Therefore,thefirsttimearoaminguserlogsontoanewsystem
thelogonprocessmaytakesometime,dependingonhowlargehisprofilefolderis.
72)Wherearethesettingsforalltheusersstoredonagivenmachine?
A)\DocumentandSettings\AllUsers
73)Whatlanguagescanyouuseforlogonscripts?
A)JavaScipt,VBScript,DOSbatchfiles(.com,.bat,oreven.exe)
74)HowdoyoudoublebootaWin2003serverbox?
A)TheBoot.inifileissetasreadonly,system,andhiddentopreventunwantedediting.
TochangetheBoot.initimeoutanddefaultsettings,usetheSystemoptioninControlPanel
fromtheAdvancedtabandselectStartup.
75)WhatdoyoudoifearlierapplicationdoesntrunonWindowsServer2003?
A)WhenanapplicationthatranonanearlierlegacyversionofWindowscannotbeloaded
duringthesetupfunctionorifitlatermalfunctions,youmustrunthecompatibilitymode
function.Thisisaccomplishedbyrightclickingtheapplicationorsetupprogramand
selectingProperties>Compatibility>selectingthepreviouslysupportedoperating
system.
76)IfyouuninstallWindowsServer2003,whichoperatingsystemscanyourevertto?
A)WinME,Win98,2000,XP.Note,however,thatyoucannotupgradefromMEand98to
WindowsServer2003.
77)HowdoyougettoInternetFirewallsettings?
A)Start>ControlPanel>NetworkandInternetConnections>NetworkConnections.
78)WhatsnewinWindowsServer2003regardingtheDNSmanagement?
A)WhenDCpromotionoccurswithanexistingforest,theActiveDirectoryInstallation
WizardcontactsanexistingDCtoupdatethedirectoryandreplicatefromtheDCthe
requiredportionsofthedirectory.IfthewizardfailstolocateaDC,itperformsdebugging
andreportswhatcausedthefailureandhowtofixtheproblem.Inordertobelocatedona
network,everyDCmustregisterinDNSDClocatorDNSrecords.TheActiveDirectory
InstallationWizardverifiesaproperconfigurationoftheDNSinfrastructure.AllDNS
configurationdebuggingandreportingactivityisdonewiththeActiveDirectoryInstallation
Wizard.
79)Whenshouldyoucreateaforest?
A)Organizationsthatoperateonradicallydifferentbasesmayrequireseparatetreeswith
distinctnamespaces.UniquetradeorbrandnamesoftengiverisetoseparateDNSidentities.
Organizationsmergeorareacquiredandnamingcontinuityisdesired.Organizationsform
13/24
4/21/2015
partnershipsandjointventures.Whileaccesstocommonresourcesisdesired,aseparately
definedtreecanenforcemoredirectadministrativeandsecurityrestrictions.
80)Howcanyouauthenticatebetweenforests?
A)Fourtypesofauthenticationareusedacrossforests:(1)KerberosandNTLMnetwork
logonforremoteaccesstoaserverinanotherforest;(2)KerberosandNTLMinteractive
logonforphysicallogonoutsidetheusershomeforest;(3)KerberosdelegationtoNtier
applicationinanotherforest;and(4)userprincipalname(UPN)credentials.
81)Whatsthedifferencebetweenlocal,globalanduniversalgroups?
A)Domainlocalgroupsassignaccesspermissionstoglobaldomaingroupsforlocal
domainresources.Globalgroupsprovideaccesstoresourcesinothertrusteddomains.
Universalgroupsgrantaccesstoresourcesinalltrusteddomains.
82)Iamtryingtocreateanewuniversalusergroup.WhycantI?
A)UniversalgroupsareallowedonlyinnativemodeWindowsServer2003environments.
NativemoderequiresthatalldomaincontrollersbepromotedtoWindowsServer2003
ActiveDirectory.
83)WhatisLSDOU?
A)Itsgrouppolicyinheritancemodel,wherethepoliciesareappliedtoLocalmachines,
Sites,DomainsandOrganizationalUnits.
84)WhydoesntLSDOUworkunderWindowsNT?
A)IftheNTConfig.polfileexist,ithasthehighestpriorityamongthenumerouspolicies.
85)Wherearegrouppoliciesstored?
A)%SystemRoot%System32\GroupPolicy
86)WhatisGPTandGPC?
A)Grouppolicytemplateandgrouppolicycontainer.
87)WhereisGPTstored?
A)%SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID
88)Youchangethegrouppolicies,andnowthecomputerandusersettingsarein
conflict.Whichonehasthehighestpriority?
A)Thecomputersettingstakepriority.
89)Youwanttosetupremoteinstallationprocedure,butdonotwanttheusertogain
accessoverit.Whatdoyoudo?
A)gponame>UserConfiguration>WindowsSettings>RemoteInstallationServices>
ChoiceOptionsisyourfriend.
14/24
4/21/2015
90)Whatscontainedinadministrativetemplateconf.adm?
A)MicrosoftNetMeetingpolicies
91)Howcanyourestrictrunningcertainapplicationsonamachine?
A)Viagrouppolicy,securitysettingsforthegroup,thenSoftwareRestrictionPolicies.
92)Youneedtoautomaticallyinstallanapp,butMSIfileisnotavailable.Whatdoyou
do?
A)A.zaptextfilecanbeusedtoaddapplicationsusingtheSoftwareInstaller,ratherthan
theWindowsInstaller.
93)WhatsthedifferencebetweenSoftwareInstallerandWindowsInstaller?
A)Theformerhasfewerprivilegesandwillprobablyrequireuserintervention.Plus,it
uses.zapfiles.
94)WhatcanberestrictedonWindowsServer2003thatwasntthereinprevious
products?
A)GroupPolicyinWindowsServer2003determinesausersrighttomodifynetworkand
dialupTCP/IPproperties.UsersmaybeselectivelyrestrictedfrommodifyingtheirIP
addressandothernetworkconfigurationparameters.
95)Howfrequentlyistheclientpolicyrefreshed?
A)90minutesgiveortake.
96)Whereissecedit?
A)Itsnowgpupdate.
97)Youwanttocreateanewgrouppolicybutdonotwishtoinherit.
A)MakesureyoucheckBlockinheritanceamongtheoptionswhencreatingthepolicy.
98)WhatistattooingtheRegistry?
A)Theusercanviewandmodifyuserpreferencesthatarenotstoredinmaintained
portionsoftheRegistry.Ifthegrouppolicyisremovedorchanged,theuserpreferencewill
persistintheRegistry.
99)HowdoyoufighttattooinginNT/2000installations?
A)Youcant.
100)Howdoyoufighttattooingin2003installations?
A)UserConfigurationAdministrativeTemplatesSystemGroupPolicyenable
EnforceShowPoliciesOnly.
15/24
4/21/2015
101)WhatdoesIntelliMirrordo?
A)Ithelpstoreconciledesktopsettings,applications,andstoredfilesforusers,
particularlythosewhomovebetweenworkstationsorthosewhomustperiodicallywork
offline.
102)WhatsthemajordifferencebetweenFATandNTFSonalocalmachine?
A)FATandFAT32providenosecurityoverlocallyloggedonusers.OnlynativeNTFS
providesextensivepermissioncontrolonbothremoteandlocalfiles.
103)HowdoFATandNTFSdifferinapproachtousershares?
A)Theydont,bothhavesupportforsharing.
104)ExplantheListFolderContentspermissiononthefolderinNTFS.
A)SameasRead&Execute,butnotinheritedbyfileswithinafolder.However,newly
createdsubfolderswillinheritthispermission.
105)Ihaveafiletowhichtheuserhasaccess,buthehasnofolderpermissiontoreadit.
Canheaccessit?
A)Itispossibleforausertonavigatetoafileforwhichhedoesnothavefolder
permission.Thisinvolvessimplyknowingthepathofthefileobject.Eveniftheusercant
drilldownthefile/foldertreeusingMyComputer,hecanstillgainaccesstothefileusing
theUniversalNamingConvention(UNC).Thebestwaytostartwouldbetotypethefull
pathofafileintoRunwindow.
106)Forauserinseveralgroups,areAllowpermissionsrestrictiveorpermissive?
A)Permissive,ifatleastonegrouphasAllowpermissionforthefile/folder,userwillhave
thesamepermission.
107)Forauserinseveralgroups,areDenypermissionsrestrictiveorpermissive?
A)Restrictive,ifatleastonegrouphasDenypermissionforthefile/folder,userwillbe
deniedaccess,regardlessofothergrouppermissions.
108)WhathiddensharesexistonWindowsServer2003installation?
A)Admin$,Drive$,IPC$,NETLOGON,print$andSYSVOL.
109)WhatsthedifferencebetweenstandaloneandfaulttolerantDFS(DistributedFile
System)installations?
A)ThestandaloneserverstorestheDfsdirectorytreestructureortopologylocally.Thus,
ifasharedfolderisinaccessibleoriftheDfsrootserverisdown,usersareleftwithnolinkto
thesharedresources.AfaulttolerantrootnodestorestheDfstopologyintheActive
Directory,whichisreplicatedtootherdomaincontrollers.Thus,redundantrootnodesmay
includemultipleconnectionstothesamedataresidingindifferentsharedfolders.
16/24
4/21/2015
110)WereusingtheDFSfaulttolerantinstallation,butcannotaccessitfromaWin98
box.
A)UsetheUNCpath,notclient,only2000and2003clientscanaccessServer2003fault
tolerantshares.
111)WhereexactlydofaulttolerantDFSsharesstoreinformationinActiveDirectory?
A)InPartitionKnowledgeTable,whichisthenreplicatedtootherdomaincontrollers.
112)CanyouuseStart>SearchwithDFSshares?
A)Yes.
113)WhatproblemscanyouhavewithDFSinstalled?
A)Twousersopeningtheredundantcopiesofthefileatthesametime,withnofile
lockinginvolvedinDFS,changingthecontentsandthensaving.Onlyonefilewillbe
propagatedthroughDFS.
114)IrunMicrosoftClusterServerandcannotinstallfaulttolerantDFS.
A)Yeah,youcant.Installastandaloneone.
115)IsKerberosencryptionsymmetricorasymmetric?
A)Symmetric.
116)HowdoesWindows2003Servertrytopreventamiddlemanattackonencrypted
line?
A)Timestampisattachedtotheinitialclientrequest,encryptedwiththesharedkey.
117)WhathashingalgorithmsareusedinWindows2003Server?
A)RSADataSecuritysMessageDigest5(MD5),producesa128bithash,andtheSecure
HashAlgorithm1(SHA1),producesa160bithash.
118)WhatthirdpartycertificateexchangeprotocolsareusedbyWindows2003Server?
A)WindowsServer2003usestheindustrystandardPKCS10certificaterequestand
PKCS7certificateresponsetoexchangeCAcertificateswiththirdpartycertificate
authorities.
119)WhatsthenumberofpermittedunsuccessfullogonsonAdministratoraccount?
A)Unlimited.Remember,though,thatitstheAdministratoraccount,notanyaccount
thatspartoftheAdministratorsgroup.
120)IfhashingisonewayfunctionandWindowsServeruseshashingforstoring
passwords,howisitpossibletoattackthepasswordlists,specificallytheonesusing
NTLMv1?
17/24
4/21/2015
A)Acrackerwouldlaunchadictionaryattackbyhashingeveryimaginabletermusedfor
passwordandthencomparethehashes.
121)WhatsthedifferencebetweenguestaccountsinServer2003andothereditions?
A)MorerestrictiveinWindowsServer2003.
122)HowmanypasswordsbydefaultarerememberedwhenyoucheckEnforce
PasswordHistoryRemembered?
A)Userslast6passwords.
123)WhatispresentationlayerresponsibleforintheOSImodel?
A)Thepresentationlayerestablishesthedataformatpriortopassingitalongtothe
networkapplicationsinterface.TCP/IPnetworksperformthistaskattheapplicationlayer.
124)DoesWindowsServer2003supportIPv6?
A)Yes,runipv6.exefromcommandlinetodisableit.
125)CanWindowsServer2003functionasabridge?
A)Yes,anditsanewfeatureforthe2003product.Youcancombineseveralnetworksand
devicesconnectedviaseveraladaptersbyenablingIProuting.
126)Whatsthedifferencebetweenthebasicdiskanddynamicdisk?
A)Thebasictypecontainspartitions,extendedpartitions,logicaldrivers,andan
assortmentofstaticvolumes;thedynamictypedoesnotusepartitionsbutdynamically
managesvolumesandprovidesadvancedstorageoptions
127)Whatsamediapool?
A)Itisanycompilationofdisksortapeswiththesameadministrativeproperties.
128)Howdoyouinstallrecoveryconsole?
A)C:\i386\win32/cmdcons,assumingthatyourWinserverinstallationisondriveC.
129)WhatsnewinTerminalServicesforWindows2003Server?
A)Supportsaudiotransmissionsaswell,althoughprepareforheavynetworkload.
130)DescribetheprocessofclusteringwithWindows2003Serverwhenanewnodeis
added.
A)Asanodegoesonline,itsearchesforothernodestojoinbypollingthedesignated
internalnetwork.Inthisway,allnodesarenotifiedofthenewnodesexistence.Ifother
nodescannotbefoundonapreexistingcluster,thenewnodetakescontrolofthequorum
resourcesresidingontheshareddiskthatcontainsstateandconfigurationdata.
131)WhatapplicationsarenotcapableofperforminginWindows2003Serverclusters?
18/24
4/21/2015
A)TheoneswrittenexclusivelyforNetBEUIandIPX.
132)Whatsaheartbeat?
A)Communicationprocessesbetweenthenodesdesignedtoensurenodeshealth.
133)Whatsathresholdinclusteredenvironment?
A)Thenumberoftimesarestartisattempted,whenthenodefails.
134)YouneedtochangeandadminpasswordonaclusteredWindowsbox,butthat
requiresrebootingthecluster,doesntit?
A)No,itdoesnt.In2003environmentyoucandothatviacluster.exeutilitywhichdoes
notrequirerebootingtheentirecluster.
135)WhichaddonpackageforWindows2003Serverwouldyouusetomonitorthe
installedsoftwareandlicensecompliance?
A)SMS(SystemManagementServer).
136)Whichservicedoyouusetosetupvariousalerts?
A)MOM(MicrosoftOperationsManager).
137)WhatarethedifferentEditionsofWindowsServer2003?
Requirement
Web
Edition
Standard
Edition
Enterprise
Edition
DatacenterEdition
400MHzforx86
based
computers733MHz
forItaniumbased
computers*
MinimumCPU
Speed
133MHz
133MHz
133MHzfor
x86based
computers733
MHzfor
Itaniumbased
computers*
Recommended
CPUSpeed
550MHz
550MHz
733MHz
733MHz
MinimumRAM
128MB
128MB
128MB
512MB
Recommended
MinimumRAM
256MB
256MB
256MB
1GB
4GB
64GBforx86
based
computers2TB
forx64andia64
computers
128Gforx86
basedcomputers2
TBforx64and
ia64computers
MaximumRAM
Multiprocessor
Support
2GB
Upto2
Upto4
Upto8
Minimum2way
capablemachine
requiredMaximum
19/24
4/21/2015
64
DiskSpace
Required
1.2GBfor
Network
Install2.9
GBforCD
Install
1.2GBfor
Network
Install2.9GB
forCD
Install
1.2GBfor
Network
Install2.9GBfor
CDInstall
1.2GBfor
NetworkInstall2.9
GBforCDInstall
WebEdition
DesignedtobeusedprimarilyasanIIS6.0Webserver.
UsedmainlyforbuildingandhostingWebapplications,Webpages,andXMLWeb
Services.
DoesnotrequireClientAccessLicensesandTerminalServermodeisnotincluded.
However,RemoteDesktopforAdministrationisavailable.
Supportsamaximumof4processorswithsupportforamaximumof2GBofRAM.
OnlyversionofWindowsServer2003thatDOESNOTincludesClientNumberlimitation
uponWindowsupdateservicesasitdoesnotrequireClientAccessLicenses.
Cannotactasadomaincontroller
StandardEdition
Aimedtowardssmalltomediumsizedbusinesses.
Supportsfileandprintersharing,secureInternetconnectivity,andallowscentralized
desktopapplicationdeployment.
Canrunonupto4processorswithupto4GBRAM.
64bitversionsarealsoavailableforthex8664architecture(AMD64andIntel64,called
collectivelyx64byMicrosoft).
The64bitversioniscapableofaddressingupto32GBofRAM.
64bitversionsupportsNonUniformMemoryAccess(NUMA),somethingthe32bit
versiondoesnotdo.
EnterpriseEdition
Afullfunctionserveroperatingsystemaimedtowardsmediumtolargebusinesses.
Supportsupto8processorsandcansupportupto32GBofmemorywithadditionofthe
PAEparameterintheinitializationfile.
ProvidesenterpriseclassfeaturessuchaseightnodeclusteringusingMicrosoftCluster
Server(MSCS)software.
EnterpriseEditionalsocomesin64bitversionsfortheItaniumandx64architectures.
The64bitversioniscapableofaddressingupto1Terabyte(1024GB)ofRAM.
Both32bitand64bitversionssupportNonUniformMemoryAccess(NUMA).
Alsoprovidestheabilitytohotaddsupportedhardware.
DataCenterEdition
Aimedforinfrastructuresdemandinghighsecurityandreliability.
WindowsServer2003isavailableforx8632bit,Itanium,andx64processors.
Supportsaminimumof8processorsandamaximumof64processors&memoryupto
512GB.[*Whenrunon32bitarchitectureLimitedto32processors&limitsmemory
addressabilityto64GB.]
20/24
4/21/2015
WindowsServer2003,DatacenterEdition,alsoallowslimitingprocessorandmemory
usageonaperapplicationbasis.
SupportsNonUniformMemoryAccess.
Supports8nodeclustering.
BettersupportforStorageAreaNetworks(SAN).
SmallBusinessServer
DesignedkeepingthebelowgoalsinmindprimarilyforSmallBusinesses:
Providesmallbusinesseswithconnectivityforcollaboration,communication,and
mobility.
Providesimplicityininstallation,management,anduse.
Provideflexibledeploymentfeaturesthatbenefitbothsmallbusinesscustomersand
technologyproviders.
Tobettermeetthevariationinalargerpopulationofsmallbusinesses,WindowsSmall
BusinessServer2003isavailableintwoeditions,StandardandPremium.
StandardEditionisidealforfirstservercustomerswhoarelookingtoleveragethe
benefitsofservertechnologyintheirnetwork,orforcustomersmigratingfromastand
aloneservertoanintegratedtechnologyplatform.
PremiumEditionisidealforsmallbusinesseswithmoredemandingITneeds,suchas
dataintensivelineofbusinessapplications,orforcustomerswithmorestringent
monitoringandmanagementofInternetservicesandconnectivity.
138)Arethereanydifferencesbetween32bit,x64,and64bitversionsofWindows
Server2003?
A)
Versions
32bitx86
64bitx64
64bitItanium
DataCenter
Edition
Upto32way,64GB
RAM
Upto64way,1TB
RAM
Upto64way,1TB
RAM
Enterprise
Edition
Upto8way,32GB
RAM
Upto8way,1TB
RAM
Upto8way,1TB
RAM
Standard
Edition
Upto4way,4GB
RAM
Upto4way,32GB
RAM
n/a
WebEdition
Upto2way,2GB
RAM
n/a
n/a
SymmetricMultiprocessing(SMP)support
SMP:TheWindowsServer2003FamilysupportssingleormultipleCPUsthatconformtothe
SMPstandard.UsingSMP,theoperatingsystemcanrunthreadsonanyavailableprocessor,
whichmakesitpossibleforapplicationstousemultipleprocessorswhenadditional
21/24
4/21/2015
processingpowerisrequiredtoincreasethecapabilityofasystem.Newfeaturesinclude
SMPlockingperformance,improvedregistryperformance,andincreasedTerminalServer
sessions.
139)WhatsNewinWindows2003R2?
A)WithWindowsServer2003R2,yougetthefollowingimprovements:
Identityandaccessmanagement
Branchofficeservermanagement
Storagesetupandmanagement
Applicationdevelopmentinsideandoutsideyourorganizationstraditionalboundaries
ThistopicdescribesthefollowingnewcomponentsthatyoucaninstallwithWindows
Server2003R2:
ServerManageability
AdministrationToolsPacks
HardwareManagement
MMC3.0
FeaturesforActiveDirectory
ActiveDirectoryApplicationMode(ADAM)
ActiveDirectoryFederationServices
DiskandFileManagementFeatures
BranchOffice:DistributedFileSystem(DFS)
CommonLogFileSystem(CLFS)
FileServerManagement
MicrosoftServicesforNetworkFileSystem
StorageManagementforSANs
FileServerResourceManager
PrinterandProtocolSupport
PrintManagement
Microsoft.NETFramework
Microsoft.NETFramework2.0
InternetandEMailServicesandFeatures
WindowsSharepointServices
UNIXInteroperability
IdentityManagementforUNIX
SubsystemforUNIXbasedApplications
22/24
4/21/2015
140)Whatspecificupdatesaretherein2003SP2?
A)Theupdatesareasbelow:
Clustering
AneweventlogeventhasbeencreatedtoaddresscertainsituationsinwhichtheCluster
serviceaccountbecomesexcessivelyrestrictedbydomainpolicy.TheneweventIDis1239.
Theeventtextincludestroubleshootinginformation.
Dataaccesscomponents
XmlLiteisnewwithWindowsServer2003SP2.XmlLiteisafast,lowlevel,nativeXML
parserwithasmallmemoryfootprint.
Distributedsystems
NewoptionshavebeenaddedtotheDcdiag.exeDomainNameSystem(DNS)teststo
generateXMLtagswhenthetestsarerunwiththe/test:dnsoption.Itcanbeusedtomore
easilyparsetheverboselogthattheDNStestsgenerate.
Filesystems
Icacls.exeisanupgradeoftheCacls.exetoolinWindowsServer2003SP2,andcanbeusedto
resettheaccesscontrollists(ACLs)onfilesfromRecoveryConsole,andtobackupACLs.
Also,unlikeCacls.exe,Icacles.execorrectlypropagatesthecreationofinheritedACLsand
changestothem.
MicrosoftMessageQueuing
Thedefaultstoragelimitformessagequeuinghasbeenchangedto1gigabyte(GB).Ifyou
choosetohaveastoragelimitofmorethan1GB,youcanchangethestoragelimitsettingin
MicrosoftManagementConsole(MMC)ontheGeneraltabofMessageQueuingProperties.
Networkingandcommunications
1.IncludesanupdatethatenablesyoutosimplifythecreationandmaintenanceofInternet
Protocolsecurity(IPsec)policy.ThisupdateenablesyoutouseanIPsecSimplePolicy.For
mostenvironments,theinstallationofthisupdateallowsyoutoreducethenumberofIPsec
filtersthatarerequiredforaServerIsolationdeploymentorforaDomainIsolation
deployment.YoucanreducethenumberofIPsecfiltersfrommanyhundredsoffiltersto
onlytwofilters.
3.GroupPolicysupportfornonbroadcastingnetworksandWiFiProtectedAccess2
(WPA2)settingshasbeenaddedtotheWindowswirelessclientinWindowsServer2003
SP2.ThisupdateallowstheWindowswirelessclienttoacceptadditionalwirelessGroup
Policyconfigurationoptions.ThesenewsettingsincludesupportforWPA2parametersand
nonbroadcastnetworks.
4.TheWindowswirelessclientnowsupportsWPA2,whichenablesyoutotakeadvantage
ofhighlevelsofstandardsbasedconnectionandencryptionsecurity.Newsecurityfeatures
include:
23/24
4/21/2015
Nonbroadcastnetworkprofilesarenowmarkedwithaflagtoimprovethesecurityofthe
Windowswirelessclient.
Windowswillnotautomaticallyconnecttoapeertopeernetwork,evenifithasbeen
automaticallysavedinthepreferrednetworklist.Youmustmanuallyconnecttoapeerto
peernetworkprofile.
WindowsDeploymentServices
RemoteInstallationServicesisreplacedbyWindowsDeploymentServices.Youcanuse
WindowsDeploymentServicestosetupnewcomputersthroughanetworkbased
installationwithouthavingtobephysicallypresentateachcomputerandwithouthavingto
installdirectlyfromDVDmedia.
BlogatWordPress.com.|TheAndreas09Theme.
Follow
FollowViralRathod'sExchange2016Blog
BuildawebsitewithWordPress.com
24/24

Active Directory 2003 Interview Question and Answer Viral Rathod's Exchange 2016 Blog

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Active Directory 2003 Interview Question and Answer Viral Rathod's Exchange 2016 Blog

Hochgeladen von

Copyright:

Verfügbare Formate

4/21/2015

Das könnte Ihnen auch gefallen