تكلم مع الذكاء الاصطناعي
Deck 12: Additional Active Directory Server Roles
ملء الشاشة (f)
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
سؤال
فتح الحزمة
قم بالتسجيل لفتح البطاقات في هذه المجموعة!
Unlock Deck
Unlock Deck
1/50
العب
ملء الشاشة (f)
Deck 12: Additional Active Directory Server Roles
1
Certificates are required by federation servers,federation server proxies,and ADFS enabled Web servers.
True
2
Which AD RMS administrator role exists for the purpose of viewing RMS-related logs and reports?
A)AD RMS Enterprise Administrator
B)AD RMS Auditor
C)AD RMS Template Administrator
D)AD RMS Log Supervisor
A)AD RMS Enterprise Administrator
B)AD RMS Auditor
C)AD RMS Template Administrator
D)AD RMS Log Supervisor
B
3
Which Windows OS below does not support Active Directory Federation Services?
A)Windows 2000 Server
B)Windows Server 2003 R2 Enterprise
C)Windows Server 2003 R2 Datacenter
D)Windows Server 2008
A)Windows 2000 Server
B)Windows Server 2003 R2 Enterprise
C)Windows Server 2003 R2 Datacenter
D)Windows Server 2008
A
4
You are the administrator of the Example.com domain.Your company has just begun development of a directory-enabled application.Because of the potentially volatile nature of an application in development,you want to install a service that will enable you to isolate the application while simultaneously providing an environment that mimics AD DS.
What should you do?
A)Install AD LDS
B)Install AD FS
C)Install AD CS
D)Install AD DS
What should you do?
A)Install AD LDS
B)Install AD FS
C)Install AD CS
D)Install AD DS
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
5
A web server that can host the claims-aware agent or the Windows token-based agent role service is called a…
A)ADFS-enabled Web server
B)ADFS-enabled Claims Agent
C)ADFS-enabled Web Authenticator
D)ADFS-enabled Claims Server
A)ADFS-enabled Web server
B)ADFS-enabled Claims Agent
C)ADFS-enabled Web Authenticator
D)ADFS-enabled Claims Server
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
6
AD LDS is an ideal environment for developing directory enabled applications
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
7
Installing DNS on an RODC creates a…
A)read-write primary zone
B)read-write secondary zone
C)read-only primary zone
D)read-only secondary zone
A)read-write primary zone
B)read-write secondary zone
C)read-only primary zone
D)read-only secondary zone
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
8
You work for the large organization,Example.net,and are in charge of around 20 RODCs situated in various branch offices around the world.Lately,supervisors have been receiving more privileges and permissions to sensitive documents.It is for this reason that you would like to prevent credential caching from storing the passwords of members in the supervisors group on remote RODCs where security is an issue.You would like to keep administrative overhead at a minimum,and not affect users other than members of the supervisor group.
What should you do?
A)Disable credential caching completely
B)Add the supervisor group to the Password Replication Policy on each RODC's computer account,and assign a setting of "Deny" for the group
C)Add the supervisor group as a member of the Denied RODC Password Replication Group
D)Add the supervisors to the Administrators group
What should you do?
A)Disable credential caching completely
B)Add the supervisor group to the Password Replication Policy on each RODC's computer account,and assign a setting of "Deny" for the group
C)Add the supervisor group as a member of the Denied RODC Password Replication Group
D)Add the supervisors to the Administrators group
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
9
Your HR department currently makes use of directory-enabled software,but because it is the only area of your company that makes use of the software,you have placed an AD LDS server in the HR department.Because the software is critical to the functionality of the department,you want to provide fault tolerance and load balancing with an additional server.Ideally,the server should share common configuration and schema partitions,as well as common application partitions.
What should you do?
A)Create a unique AD LDS instance on the original server
B)Create a copy of the application partition and move it to a new folder on the new server.
C)Add a new instance of AD LDS on the new server and create a configuration set
D)Install AD DS on the new server and have it perform the load balancing and fault tolerance functions
What should you do?
A)Create a unique AD LDS instance on the original server
B)Create a copy of the application partition and move it to a new folder on the new server.
C)Add a new instance of AD LDS on the new server and create a configuration set
D)Install AD DS on the new server and have it perform the load balancing and fault tolerance functions
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
10
A new employee,Alice,has been hired to work at a branch office configured with a RODC.This RODC connects to a DC over a WAN link back at the head office.Just as Alice is about to log onto her machine for the first time,she finds that she is unable to authenticate despite using the correct user name and password given to her.
Other users in the branch office can log in fine,but Alice cannot.What is most likely the issue?
A)Alice's user and password information hasn't replicated to the RODC yet,and therefore her credentials can't be verified by the RODC server
B)Alice has been added at the head office domain,but not the branch office domain
C)The WAN link failed before Alice could log on,preventing her from making use of credential caching.
D)The RODC has different account password information than the information stored at the head office,causing a conflict
Other users in the branch office can log in fine,but Alice cannot.What is most likely the issue?
A)Alice's user and password information hasn't replicated to the RODC yet,and therefore her credentials can't be verified by the RODC server
B)Alice has been added at the head office domain,but not the branch office domain
C)The WAN link failed before Alice could log on,preventing her from making use of credential caching.
D)The RODC has different account password information than the information stored at the head office,causing a conflict
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
11
You work for the Example.com organization.Last week,a domain member server was installed at a brand new branch office.However,this server was meant to become an RODC for the branch office.In order to ease the installation,you have delegated installation to the user smantha1.
You have received an e-mail from smantha1 stating that she has been unable to install the RODC role.You find that you have correctly configured the computer account and smantha1 is the user designated as being able to join the computer account to the domain.What is most likely the issue?
A)The server must be a workgroup member,not a domain member
B)RODCs installation cannot be delegated
C)The server must be promoted from a member server to a domain controller,then demoted to an RODC
D)smantha1 must be a member of the Domain Admins group in order to install the RODC role
You have received an e-mail from smantha1 stating that she has been unable to install the RODC role.You find that you have correctly configured the computer account and smantha1 is the user designated as being able to join the computer account to the domain.What is most likely the issue?
A)The server must be a workgroup member,not a domain member
B)RODCs installation cannot be delegated
C)The server must be promoted from a member server to a domain controller,then demoted to an RODC
D)smantha1 must be a member of the Domain Admins group in order to install the RODC role
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
12
What role service would you install with Active Directory Rights Management Service in order to extend document protection outside the corporate network to federated business partners?
A)AD FS Extended Support
B)RMS Special Federated Services
C)Identity Federation Support
D)AD RMS Federated Services Support
A)AD FS Extended Support
B)RMS Special Federated Services
C)Identity Federation Support
D)AD RMS Federated Services Support
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
13
Before you can install an RODC,you must address this prerequisite
A)RODC must be installed on a Windows Server Core installation
B)The forest functional level must be at least Windows Server 2000
C)If the forest functional level is not set at Windows Server 2008,you must run the dcpromo.exe /adprep command before installing the RODC
D)A writeable Windows Server 2008 DC that the RODC can replicate with must be operating in the domain
A)RODC must be installed on a Windows Server Core installation
B)The forest functional level must be at least Windows Server 2000
C)If the forest functional level is not set at Windows Server 2008,you must run the dcpromo.exe /adprep command before installing the RODC
D)A writeable Windows Server 2008 DC that the RODC can replicate with must be operating in the domain
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
14
Which AD FS role service would you install in a perimeter network outside the corporate firewall to field authentication requests from browser clients?
A)Federation Service
B)Federation Service Proxy
C)Claims-aware agent
D)Windows token-based agent
A)Federation Service
B)Federation Service Proxy
C)Claims-aware agent
D)Windows token-based agent
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
15
Publication of an AD RMS-protected document requires the user authoring the document to acquire a rights account certificate (RAC)and a ....
A)Client Authorized License Certificate
B)Client Authorized Users Certificate
C)Authorized Licensor Certificate
D)Client Licensor Certificate
A)Client Authorized License Certificate
B)Client Authorized Users Certificate
C)Authorized Licensor Certificate
D)Client Licensor Certificate
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
16
Which of the following is true of AD LDS?
A)Support for group policy
B)Integration with AD CS
C)No global catalog
D)Support for Windows security principals
A)Support for group policy
B)Integration with AD CS
C)No global catalog
D)Support for Windows security principals
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
17
With AD RMS,you can restrict actions such as copying,saving,and even forwarding of protected documents.However,the printing of documents cannot be restricted.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
18
A federation trust is a two-way trust by default.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
19
When using the Web SSO design,a user first attempts to access an application on an AD FS-enabled web server.He or she is then redirected to the AD LDS logon page.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
20
In AD FS terminology,a company that supplies goods would be considered a
A)Trusted account
B)Trusted resource
C)Account partner
D)Resource partner
A)Trusted account
B)Trusted resource
C)Account partner
D)Resource partner
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
21
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
A trust between two networks using AD FS
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
A trust between two networks using AD FS
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
22
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
Web servers that host an AD FS Web Agent
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
Web servers that host an AD FS Web Agent
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
23
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
A collection of attribute data used to specify domain objects that aren't replicated to RODCs,thereby increasing the security of sensitive information
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
A collection of attribute data used to specify domain objects that aren't replicated to RODCs,thereby increasing the security of sensitive information
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
24
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
An RODC installation method that doesn't require domain administrator credentials
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
An RODC installation method that doesn't require domain administrator credentials
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
25
Which utilities below can be used to administer many aspects of an AD LDS instance?
A)ADSI Edit
B)LDP.exe
C)Server Manager
D)All of the above
A)ADSI Edit
B)LDP.exe
C)Server Manager
D)All of the above
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
26
Replication on an RODC is ____________________,meaning the Active directory database is replicated from a writeable DC to an RODC,but data is never replicated from an RODC to another DC.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
27
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
An AD FS design that provides single sign-on access to multiple Web applications for users who are external to the corporate network
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
An AD FS design that provides single sign-on access to multiple Web applications for users who are external to the corporate network
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
28
Where must custom LDIF files be placed to be available for import?
A)%systemroot%\ldif
B)%systemroot%\Adam
C)%systemroot%\ldifadam
D)%systemroot%\ldsadam
A)%systemroot%\ldif
B)%systemroot%\Adam
C)%systemroot%\ldifadam
D)%systemroot%\ldsadam
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
29
Setting up and testing AD FS with the simplest design requires at least how many computers?
A)2
B)3
C)4
D)8
A)2
B)3
C)4
D)8
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
30
In order to make use of AD FS,web browsers on client computers must have what enabled?
A)JScript and Cookies
B)Java and ASP.net
C).NET and Cookies
D)JScript and .NET
A)JScript and Cookies
B)Java and ASP.net
C).NET and Cookies
D)JScript and .NET
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
31
Federation servers,federation proxy servers,and Web servers hosting AD FS Web agents must be configured with _____________________________________________,which is used by the HTTPS protocol.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
32
What is the standard LDAP port?
A)389
B)398
C)399
D)388
A)389
B)398
C)399
D)388
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
33
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
A server configured to run the Federation service
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
A server configured to run the Federation service
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
34
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
In a federation trust,it's the trusting company whose resources are accessed by the trusted company
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
In a federation trust,it's the trusting company whose resources are accessed by the trusted company
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
35
A ____________________ trust is inherently a one-way trust,but a two-way trust could be formed simply by creating a trust in both directions.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
36
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
An agreed-on set of user attributes that both parties in a federation trust use to determine a user's credentials
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
An agreed-on set of user attributes that both parties in a federation trust use to determine a user's credentials
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
37
MATCHING
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
The process whereby an RODC can be configured to store passwords of selected accounts on the local server after they are retrieved from a writeable DC
a.credential caching
f.filtered attribute set
b.claim
g.resource partner
c.delegated installation
h.Web SSO
d.ADFS-enabled Web server
i.federation servers
e.federation trust
The process whereby an RODC can be configured to store passwords of selected accounts on the local server after they are retrieved from a writeable DC
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
38
____________________,included in AD LDS,synchronizes Active Directory information with an AD LDS instance.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
39
A ____________________ is an agreed-on set of user attributes that both parties in a federation trust use to determine a user's credentials,which specify the user's permissions to resources in the partner's network.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
40
What is the function of the federation service role when used in an account partner network?
A)Gather user credentials into claims and package them into a security token
B)Receive security tokens and claims
C)Field authentication requests from browser clients and pass them to a federation server behind a firewall
D)Handle Windows NT-Based tokens
A)Gather user credentials into claims and package them into a security token
B)Receive security tokens and claims
C)Field authentication requests from browser clients and pass them to a federation server behind a firewall
D)Handle Windows NT-Based tokens
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
41
AD LDS instances containing replicas of directory partitions are referred to as this term.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
42
In order for an RMS server to acquire a certificate,it must be able to connect to this service over the internet.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
43
What is the standard SSL LDAP port?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
44
This AD RMS role has full administrative authority over an AD RMS installation
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
45
This AD FS design involves a network with two Active Directory forests.One forest,located in the perimeter network,is considered the resource partner.The second forest,located in the internal network is the account partner.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
46
What type of DNS record is used to access the AD RMS service?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
47
This is an AD FS Web agent that handles security tokens using claims.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
48
What is the default web server port?
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
49
You can configure administrator role separation from this command-line utility.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
50
If the forest functional level is not set at Windows Server 2008,you must run this command before installing the RODC.
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
فتح الحزمة
k this deck
فتح الحزمة
افتح القفل للوصول البطاقات البالغ عددها 50 في هذه المجموعة.
