Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
102 Cards in this Set
- Front
- Back
You can install software over a network (running a Windows Server 2008 computer) by using Group Policy or by using the System Center Configuration Manager tool. Why might using the SCCM tool be the preferable option? |
SCCM allows you to deploy using a schedule and also allows you to provide detailed reports System Center Configuration Manager |
|
You would probably use Performance Monitor to monitor an individual stand alone server. What tool would you use to monitor your servers in an enterprise environment? |
Systems Center Operations Manager |
|
1. You have just started work at a new company, which runs 10 servers (running Server 2008 release two) and 710 client computers (running a mix of Windows 7 and Windows 10 operating system) in an Active Directory network. The Active Directory network runs a single domain linked to a single tree inside a single forest. You have domain admin rights but you do not have enterprise admin rights. The file server is configured to have a static IP address and there is no problem with connectivity between the file server and the rest of the network. There is a file server on the network that runs terminal services that you have been asked to configure. A collection of users on the network need to be able to, via Remote Desktop, copy files from their computers to the file server. |
Go to each client (that needs to be configured) go to Remote Desktop Connection > Local Resources > More select the ‘Drives’ check box |
|
Which command line utility / command allows you to add server roles to a Server 2008 server? |
servermanagercmd –install |
|
Is ‘Itanium’ the only version of Windows Server 2008 that is only available in a 64 bit version? |
Yes |
|
Would you use a ‘starter GPO’ or a ‘basic’ GPO’ for saving a baseline template that you can subsequently edit into your new GPOs? |
Starter GPO |
|
True or False: the GPOTool.exe executable file can be used for checking GPO consistency across your domain controller servers |
True |
|
What is Active Directory? |
Active Directory is Microsoft's trademarked directory service, an integral part of the Windows 2000, 2003, 2008 and 2012 architecture. Like other directory services, such as Novell Directory Services (NDS), Active Directory is a centralised and standardised system that automates network management of user data, security, and distributed resources, and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments |
|
Explain a forest, a tree and a domain? |
A domain is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database. A tree is a collection of one or more domains and domain trees in a contiguous namespace, linked in a transitive trust hierarchy. At the top of the structure is the forest. |
|
What tool or package or service is used for Windows patch management? |
WSUS (WindowsSoftware Update Services) |
|
You work with a single domain in a single forest, running a Windows Server 2008 R2 environment. You have a collection of Windows 7 clients as well as a small number of Server 2008 R2 member servers. You wish to engage in automated patchmanagement on the network. Which configuration should you use? |
A single WSUS deployment |
|
You are using WSUS version 3 (service pack 2) on your domain, what would you get if you opened up an ‘Update Detailed Status’ report? |
A list of computers on which recent updates have not been installed, amongst other things. |
|
Is WSUS available, by default, in a Windows Server? |
No, it must be downloaded |
|
Windows Deployment Services is a server role (or service) that allows you to install Windows client or server operating systems over a network. It uses PXE boot functionality in the receiving computers network card (and BIOS) to allow networking to take place when an operating system (and therefore, by definition, NIC driver) is not present in the computer – because, obviously, you are installing the operating system using WDS. Is it possible for non PXE enabled systems to use WDS? If so, what sort of image is required? |
Yes. Use a ‘discover’ image. |
|
When using WDS, what is the ‘reference computer’? |
The computer where the server installation to be imaged is initially installed |
|
In WDS, how many clients have to be connected before auto-cast transmission begins? (Potential answers: none, one, two, more than ten, more than twenty, all clients have to be connected). |
One |
|
What is ‘access based enumeration’, which is a new feature in Windows Server 2008 DFS? |
Access-based enumeration hides files and folders that users do not have permission to access. It is used so that you can configure your server to only allow users to see files and folders that they have permission to access on the server that they are stored on. |
|
What do you have to do after you have ‘synchronised’ your Windows Software Update Services server configuration? |
Approve it |
|
What does SCCM stand for? |
System Center Configuration Manager. SCCM is a software management suite provided by Microsoft that allows users to manage a large number of Windows based computers. SCCM features remote control, patch management, operating system deployment, network protection and other various services.” |
|
What Microsoft server tool or product would allow you to deploy applications to clients based on a schedule and also view reports about the deployment process? |
SCCM System Center Configuration Manager |
|
Go into Print Management and select the print server. Select properties. |
In ‘Advanced’, move the print spooler from one drive to another (eg from the C: drive to the D: drive) |
|
What package / product / MMC console can you use to setup a disk quota in Server 2008? |
File Server ResourceManager |
|
You have a collection of computers in a group, linked into a single entity, so that you can easily applyupdates via WSUS. How do you deal with the automation of the updates? |
Create an automatic approval rule linked to the WSUS group |
|
You have a network that has the following: A single forest A single domain in a single tree A Server 2008 R2 domain controller running atServer 2008 R2 functional level A Server 2008 R2 member server configured as afile serverFifty clients running Windows 7 Twenty clients running Windows 10 Twenty laptops running Windows 7 Internet access, which is appropriately secured There is no VPN What could you install / set up / configure on your network to allow the laptop users to be able to easily transfer data thatthey have worked on at home over the weekend onto the file server on a Monday morning? The following conditions must be met: The process should be easy to use. |
Use ‘Offline Files and Folders’. Configure caching options for the shared folders on the file server. |
|
Why would you use a failover cluster? |
Clustering reduces the impact of hardware outages Clustering takes the pain out of software problems Clustering makes OS patching less painful Clustering can be a form of disaster recovery |
|
What are five features and two benefits of Windows System Resource Manager? |
Features • Manage system resources • Use calendar rules to apply different policiesat different times •Automatically select resource policies that are based on server propertiesand events • Collect resource usage data locally or in acustom SQL database •Create a computer group to help organise remotedesktop servers Benefits •More services can run on a single server because service availability canbe improved through dynamically managed resources. •High-priority users or system administrators can access the system even duringtimes of maximum resource load |
|
Is the preferred method of documenting a baseline to use Reliability and Performance Monitor and to create a user-defined data collector set? |
Yes |
|
If you are performance monitoring a Microsoft email server and making a data collector set, could you monitor the email server remotely? |
Yes, create a data collector set from your computer that includes performance counters from the email server |
|
You have a user called Stephen who works in the Research team in your company as adata analyst. He wants to back up some data on the file server that is stored in their office. He has a local user account for the server (so he can access files / folders etc) and he logs in to the server using that. He cannot back up the data that he wants to back up. Why? |
You have to be a member of the Administrators or Backup Operators group to use Windows Server Backup; Stephen is not a member of either of those two groups and needs to be added |
|
What does NPAS stand for? |
Network Policy and Access Services |
|
What does NAP stand for? |
Network Access Protection |
|
What does NAC stand for? |
Network Admission Control |
|
Which protocol, which is a component of NPAS, allows integration of the NAP solutionwith NAC? |
HCAP |
|
What is HCAP? |
Host Credential Authorisation Protocol |
|
You manage a single Server 2008 domain in a single forest. The company is quite small, with only 100 users, so there is only a need for a single file server. All of your users have a domain user account and a home directory on the fileserver. Additionally, you use roaming user profiles, amongst other things, to try to maximise the user experience. The past few weeks have been quite incident free but now users are beginning to email you to let you know that it is taking them longer and longer to log in. You investigate the servers but cannot see any particular problems and speak to several users who all say that they store a lot of files on their desktops. |
Configure folder redirection for all users using Group Policy, linking their ‘Documents’ to their home directory and then send an email to all users asking them to use ‘Documents’ as opposed to their desktop for their data storage |
|
Where is a local user profile stored? |
On the local machine, so it is only accessible from the local computer |
|
What is the sequence by which group policy is read on a Server 2008 domain network? |
Local Site Domain Organisational Unit |
|
Can you configure it so that a domain GP setting is not overwritten by an OU GPsetting? If yes… how? |
Yes, by configuring ‘inheritance’ |
|
What is the ‘preferred’ way to encrypt all data on all hard disks on all of your servers?
|
Windows BitLocker drive encryption
|
|
Which component of the Microsoft virtualization family represents presentation virtualisation”
is it Hyper X ? |
No, it’s Terminal Services
|
|
You have a Windows Server 2008 server running as a file server; it uses Offline Files.
You want the server to: Cache executable files from a sharedresource onto the client So that: .exe files are run from the localmachine and not the server share. You go into: Share and Storage Management >Offline > Advanced What do you need to do? |
Select the ‘Optimise for Performance’ check box
|
|
You have a Windows Server 2008 server running as a file server; it uses Offline Files.
You want the server to: Synchronise clients with the file server shares But not: Have changes made on the clients synchroniseback to the shares on the file server. What do you need to do? |
Select the ‘Optimise for Performance’ check box
|
|
What command line utility allows you to configure aDistributed File System to allow you to enable access based enumeration on acollection of replication partners in your DFS namespace… and where would yourun the command?
|
dfsutil on all of the DFS servers
|
|
You have a requirement to allow a lot of remote users to access your network, but you must ensure that they can access your network from
anywhere and that data sent from the remote client to the network is encrypted. You also do not wish reconfigure the network firewall. You deploy a server running as a Terminal Services gateway. How would you enforce policy security? |
Use an NPS (NetworkPolicy Server).
|
|
One of your users is unaware of thefact that they are bandwidth-hogging the Terminal Services server. You work outthat you need to go and speak to them and after a polite and professionaldiscussion you realise that the user is running a resource intensiveapplication via terminal services that they have to run as part of their day today work. You want to allow the user to continue to do their job but wish tostop others from complaining about the slow remote server access. You do notwish to have to go as far as to purchase another server or more hardware and itis basically not possible for you to run the resource intensive application onthe users local computer. What might you do to solve this problem?
|
Use the WSRM to allocate resources equally on thenetwork and / or Terminal Server which is running the application
|
|
What is the recommended way in Server2008 to use five hard drives to secure the operating system and also user data?
|
Install OS and configure two drives as RAID 1 (mirror) for the OS |
|
You need to configure (what) in Storage Manager forStorage Area Networks to allow a Fibre Channel storage array to work? |
Logical Unit Numbers |
|
You may be aware that Microsoft provides services that allow you to virtualise servers, but can you also virtualise applications in a Microsoft
environment? |
Yes. You might wish to use it when you have to run different versions of the sameapplication on the same terminal server. It will help to avoid conflicts and such like. |
|
What would you configure to allow a collection of IIS based web servers to be able to work together as a ‘single’ entity in a server farm scenario (providing redundancy and scalability)? |
Network Load Balancing |
|
You have a network running Server 2008 based Active Directory over two sites. You have a domain controller, a file server and an email server on the each of the sites on the network. |
No. |
|
What are the five versions or editions of Server 2008? |
Standard Enterprise Datacenter Itanium Web Server |
|
SMB is the protocol used for accessing what over anetwork? |
Shares SMB = Server Message Block |
|
What do you have to do if you want to use Server Manager for remote administration? |
Click ‘Enable remote management’ on the systemto be managed and then click ‘Connect to another computer’ on the server thatyou are on. |
|
What port does the Remote Desktop Protocol work on? |
Port 3389 |
|
An administrator on your network has been asked toimplement an Encrypting File System solution for the Windows 7 clients on yournetwork. |
Yes, use group policy to help with the issue |
|
You create a Group Policy Object to secure certain settings inside an Organisational Unit in your Active Directory network (Server 2008 R2 functional level is being used). |
That the GPO is linked to the OU |
|
Which MMC is (typically) used to configure a DNS‘round robin’ configuration? |
DNS Manager is used for configuring DNS settingsand configurations |
|
What is the basic rule of service pack or patch deployment? |
Basic rule: ‘the risk of implementing the service pack, hotfix or patch shouldalways be less than the risk of not implementing it’. |
|
Can folder redirection be managed by Group Policy? |
Yes |
|
Your failover cluster seems to be not behaving. What might you check first? |
That you have computer accounts created for the servers in Active Directory |
|
A user wants to back up data on a server without using the Windows Backup utility. |
Yes, use a third party (ie non-Microsoft) backup software solution. |
|
When using the Windows Server 2008 backup utility, is it best practice to back up the data on the server to the servers own hard drives, for speed / performance reasons? |
No. |
|
What command line tool enables a user to change the ‘TombstoneLifetime’ attribute to enable deleted AD objects to be recovered for (for example) a year after deletion? |
LDP.exe |
|
Can you back up GPOs? If yes, what might be the bestway to do this? |
Yes, use the Group Policy Management Console |
|
How might you grant permissions or access to anadministrator or team manager so that they can (only) manage users in aparticular OU? |
Use the Delegation of Control Wizard (after rightclicking on the OU and selecting ‘Delegate Control’) |
|
You have a user that has been granted the ability to configure certain settings via the Delegation of Control Wizard on a particular OU. |
Yes |
|
Application management: how do you delegate the ability for a user to manage applications? |
Add the user to special groups that are created whenthe application installs |
|
What would you use Power Shell for? |
Performing large numbers of complex delegations |
|
What would you use a stand alone CA for? CA = Certificate Authority |
Issuing security certificates to external entities |
|
How can you back up Group Policy Objects? |
Use the GPMC (Group Policy Management Console) |
|
How can you prevent a child OU from inheriting policies from it's parent OU? |
Block inheritance |
|
What can members of the Network Configuration Operators not do? |
Add a user to the Domain Admins group |
|
You have Windows Server 2008 and Red Hat Linux servers both storing files and data. |
Yes. |
|
What sort of information should you have ready (orplanned out) before installing Active Directory on a server? |
The static IP address of the server. The name of the domain. The domain admin password. The DNS serveraddress (if different to the DC). The forest functional level. Where you mightwant to store the AD database,log files and where the SYSVOL share will be (ifdifferent to the DC). The restore mode admin password |
|
You have a domain controller called WestDC1 and anotherdomain controller in a different domain called NorthDC1. |
Yes, you can use the ‘Change Domain’option in Active Directory Users and Computers on WestDC1 to access ActiveDirectory Users and Computers on NorthDC1 |
|
What does a Domain Controller do for all users and computers in a Windows domain network? |
It authenticates and authorises. |
|
What does Active Directory user Kerberos for? |
Authentication. |
|
How do you give a user administrative access to the entire network, if that network consists of several domains? |
Add the user to the Enterprise Admins Group. |
|
What does Active Directory use to maintain distributed directory information? |
LDAP: Lightweight Directory Access Protocol |
|
Can Server 2008 detect if one of its hard drives isbeginning to fail? |
Yes. |
|
What is the Microsoft Development Toolkit used for? |
Microsoft Deployment Toolkit (MDT) is the recommended process and toolset to automate desktop and server deployment |
|
Can you audit security events in Server 2008? |
Yes. You have to download “Security Audit Eventsfor Windows 7 and Windows Server 2008 R2 |
|
Can you restart Server 2008 Active Directory without having to reboot the server? |
Yes, the AD directory service can be restarted without a reboot by using an MMC(Server Manager) or a command line. |
|
Does Server 2008 support something called a ‘BestPractice Analyser’? |
Yes, and it is installed by default |
|
What are your options for deploying SP2 to Windows Server 2008? |
WSUS, individual download or deployment usingthe tools / products suggested in https://technet.microsoft.com/en-us/library/dd351467(v=ws.10).aspx . |
|
What are the pre-deployment tasks when installing SP2 to Windows Server 2008? |
Don't use google or research but the answer is apparently: Check disk space requirements. ~ Back up important data. |
|
What is ‘Presentation virtualisation’?
|
Terminal Service (Remote Desktop) used for remotely running applications and providing load balancing |
|
What is ‘RemoteApp’? |
Using terminal services to provide access to (large) applications (such as databasesetc). |
|
What might you have to consider when you are planning for data provisioning? |
Shared resources (ie share permissions etc), useof DFS, use of Offline Files etc. |
|
When delegating a lot of complex tasks, which Server 2008 tool might you use? |
Power shell |
|
What do you have to click on to allow RD to copy files between the client at remotely accessed server? |
Remote Desktop Connection >Local Resources > Drives |
|
Can you disable remote desktop on a system… and if so, how |
Yes, go into the Remote tab in System Properties and select the option as required |
|
What do you have to do if you want to use Server Manager for remote administration? |
Click ‘Enable remotemanagement’ on the system to be managed then click ‘Connect to another computer’ on the server that you are on |
|
When would you use ‘credential roaming’? |
When you use EFS (Encrpytion File System) without a PKI (Public Key Infrastructure) |
|
Which tool allows you to create a ‘user-defined data collector set’, for use in baseline analysis? |
Reliability and Performance Monitor |
|
What are the four logs that are available in Event Viewer? |
Directory Services log Security log Application log System log |
|
Which tool would you use for server monitoring in a large network |
Systems Center Operations Managr |
|
What is the Network Configuration Operators group used for? |
Giving users admin rights for the completion of admin tasks, but only tasks relating to network configuration, eg the configuration of IP addresses or TCP/IPsettings. |
|
How do you restore defaults if a mistake is made when configuring an OU? |
OU > Advanced Security Settings for Delegation > Restore Defaults. |
|
Why might an application installation create a special group in AD? |
For the delegation of application management |
|
Which tool can deploy applications to desktops based on a schedule? |
SCCM System Center Configuration Manager |
|
What needs to be configured on a SAN to allow fibre optic links to function? |
Logic Unit Numbers |