system administration and it infrastructure services quiz answers week 4
Introduction to Directory Services
1. What does a directory server provide?
- A real-time communication service.
- A replication service.
- A lookup service for an organization.
- A network time service.
2. What benefits does replication provide? Check all that apply.
- Redundancy
- Decreased latency
- Virtualization
- Enhanced security
3. What is the most popular directory services protocol used today?
- Lightweight Directory Access Protocol
- Directory System Protocol
- Directory Operational Binding Management Protocol
- Directory Access Protocol
4. Active Directory is the LDPA implementation for ________________.
- MAC
- Linux
- Microsoft
- Ubuntu
5. The containers in a Directory Service are referred to as _____________.
- user accounts
- organized structure
- organizational units (OUs)
- subfolders
6. Which of these are examples of centralized management? Check all that apply.
- Role-based access control
- Centralized configuration management
- Copying configurations to various systems
- Local authentication
7. Which of these are components of an LDAP entry? Check all that apply.
- Uncommon Name
- Common Name
- Organizational User
- Distinguished Name
8. What's does the LDAP Bind operation do exactly?
- Modifies entries in a directory server
- Looks up information in a directory server
- Authenticates a client to the directory server
- Changes the password for a user account on the directory server
9. Which of the following are authentication types supported by the LDAP Bind operation? Check all that apply.
- Anonymous
- Simple
- Complex
- SASL
10. Which of these are examples of centralized management? Check all that apply.
- Centralized configuration management
- Role-based access control
- Copying configurations to various systems
- Local authentication
11. Which of these are components of an LDAP entry? Check all that apply.
- Distinguished Name
- Kerberos
- Common Name
- Uncommon Name
12. What does the LDAP Bind operation do exactly?
- Changes the password for a user account on the directory server
- Modifies entries in a directory server
- Authenticates a client to the directory server
- Looks up information in a directory server
13. Which of the following are authentication types supported by the LDAP Bind operation? Check all that apply.
- Simple
- Anonymous
- Complex
- SASL
14. Which of the following are services provided for the Directory Services?
- Accounting
- Local authentication
- Centralized Authentication
- Authorization
15. What is the difference between a policy and a preference?
- They are the exact same thing.
- A policy is used to set a preference.
- A policy can be modified by a local user, while a preference is enforced by AD.
- A policy is enforced by AD, while a preference can be modified by a local user.
16. Select the right order of enforcement of GPOs:
- Site –> Domain –> OU
- OU –> Domain –> Sit
- Domain –> Site –> OU
- Site –> OU –> Domain
17. What can be used to determine what policies will be applied to a given machine?
- An RSOP report
- A control panel
- gpupdate
- A test domain
18. Which of the following could prevent logging into a domain-joined computer? Check all that apply.
- Unable to reach the domain controller
- The are time and date are incorrect
- The user account is locked
- Your computer is connected to Wifi
19. How does a client discover the address of a domain controller?
- It sends a broadcast to the local network
- It is provided via DHCP
- It is pushed via an AD GPO
- It makes a DNS query, asking for the SRV record for the domain
20. Directory services store information in a hierarchical structure. Which statements about Organizational Units (OUs) of a directory service hierarchy are true? (Choose all that apply)
- Sub-member OUs inherit the characteristics of their parent OU.
- Specific files within an OU, or container, are called “objects”.
- Changes can be made to one sub-OU without affecting other sub-OUs within the same parent.
- Parent OUs inherit characteristics of their sub-members.
21. Which directory service software would be used exclusively on a Windows network?
- DISP
- DSP
- Active Directory
- OpenLDAP
22. What roles does a directory server play in centralized management? (Choose all that apply)
- Centralized authentication
- Confidentiality
- Authorization
- Accounting
23. In LDAP, what does dn stand for at the beginning of the entry?
- Domain name
- Distinguished name
- Distinguished number
- Distinct name
24. When logging into a website that uses a directory service, what command authenticates your username and password?
- Remove
- Modify
- Bind
- Add
25. In Active Directory, which of the following can be functions of the Domain? (Choose all that apply)
- A DNS server
- A Kerberos authentication server
- A server that holds a replica of the Active Directory database
- A container
26. Which of these statements are true about Domain Controllers (DCs)? (Choose all that apply)
- Changes that are safe to be made by multiple Domain Controllers at once are tasked by granting them Flexible Single-Master Operations.
- The default Organizational Unit (OU), called Domain Controllers, contains all Domain Controllers in the domain.
- Delegation can be used in Active Directory.
- Always use the Domain Admin or Enterprise Admin for day-to-day use.
27. Juan, a network user, sends an email to you, the IT admin of the network, stating that his account is locked because he has lost his password. Select all appropriate steps in helping Juan resolve his situation. (Choose all that apply)
- Ask Juan questions to help him remember his password.
- Check the “User must change password at next logon” box so a new password must be created at the next logon.
- Issue a temporary password.
- Make sure the password reset is authorized by verifying that Juan is who he says he is.
28. What is the difference between a group policy and a group policy preference?
- Preferences are reapplied every 90 minutes, and policies are more of a settings template.
- A policy is editable only by admins, but anyone can edit a group policy preference.
- Policies are reapplied every 90 minutes, and preferences are a settings template that the user can change on the computer.
- A preference is editable only by admins, but anyone can edit a policy.
29. A client discovers the address of a domain controller by making a DNS query for which record?
- AAAA record
- TXT record
- SRV record
- A record
30. Instead of assigning access for each user account individually, ________ is a more efficient and easier-to-manage approach.
- centralized authentication
- centralized management
- active directory
- LDAP
31. If a system administrator needs to give access to a resource to everyone in a domain, what group in Active Directory can they use?
- All Users
- Domain Users
- Resource Users
- Enterprise Admins
32. Which of these statements are true about managing through Active Directory? (Choose all that apply)
- Domain Local, Global, and Universal are examples of group scopes.
- Distribution groups can be used to assign permission to resources.
- The default group’s Domain Users and Domain Admins are security groups.
- ADAC uses PowerShell.
33. Which of the following are common reasons a group policy doesn't take effect correctly? (Choose all that apply)
- Kerberos may have issues with the UTC time on the clock.
- Fast Logon Optimization may delay GPO changes from taking effect.
- Replication failure may occur.
- The GPO may be linked to the OU that contains the computer.
34. Which of the following is not an advantage of replication of data in terms of directory services?
- It allows local management of user accounts.
- It decreases latency when accessing the directory service.
- It allows flexibility, allowing for easy creation of new object types as needs change.
- It provides redundancy for data.
35. A Lightweight Directory Access Protocol (LDAP) entry reads as follows: dn: CN=John Smith ,OU=Sysadmin,DC=jsmith,DC=com. \n. What is the organizational unit of this entry?
- CN=John Smith ,OU=Sysadmin,DC=jsmith,DC=com
- Sysadmin
- John Smith
- jsmith
36. A particular computer on your network is a member of several GPOs. GPO-A has precedence set to 1. GPO-B has precedence set to 2, and GPO-C has precedence set to 3. According to the given levels of precedence, what will be the resultant set of policy (RSOP) for this machine?
- GPO-A will take precedence and overwrite any conflicting settings.
- The computer will default to local policy due to the confusion.
- GPO-B will take precedence and overwrite any conflicting settings.
- GPO-C will take precedence and overwrite any conflicting settings.
37. You'd like to change the minimum password length policy in the Default Domain Policy group policy preference (GPO). What's the best way to go about doing this?
- Edit the Windows Registry to change group policy settings
- Manually edit config files in SYSVOL
- Open ADAC and edit policy settings there
- Open the Group Policy Management Console by running gpmc.msc from the CLI
38. How are things organized in a directory server?
- By a hierarchical model of objects and containers
- By a flat text file
- By a relational database structure
- By a series of nested groups
39. Which of these are advantages of centralized management using directory services? (Choose all that apply)
- Configuration can take place on each device.
- Configuration management is centralized.
- Access and authorization are managed in one place.
- Role-Based Access Control (RBAC) can organize user groups centrally.
40. To authenticate user accounts on a computer against AD, what must be done to the computer first?
- Enable the administrator account
- Configure remote logging
- Join it to the domain
- Configure the firewall
41. Which of the following are examples of Lightweight Directory Access Protocol (LDAP)-based directory server software? (Choose all that apply)
- ADUC
- OpenLDAP
- Microsoft’s Active Directory
- RDP
42. Which of the following are ways to authenticate to an LDAP server? (Choose all that apply)
- Simple bind
- Anonymous bind
- SASL
- PGP
43. Which of these statements about Active Directory (AD) are true? (Choose all that apply)
- AD includes a tool called the Active Directory Authentication Center, or ADAC.
- AD can “speak” LDAP.
- AD is used as a central repository of group policy objects, or GPOs.
- AD is incompatible with Linux, OS X, and other non-Windows hosts.
44. Which directory standard was approved in 1988 and includes protocols like the Directory Access Protocol?
- LDAP
- Active Directory
- DISP
- X.500
45. By default, Active Directory adds new computers to what group?
- New Computers
- Domain Computers
- Added Computers
- All Computers