MCSE Sample Questions ›› Windows Server 2003 Active Directory Infrastructure
MCSE Sample Questions : Windows Server 2003 Active Directory Infrastructure
Windows Server 2003 Active Directory Infrastructure
MCSE Sample Question Number :
- As the network administrator you have just been informed that one of your authorized Power Users has deleted several local user accounts. You explain to this mortified employee that he needs to perform an authoritatively restore on the select portion of Active Directory data deleted. What must be done before he can use NTDSUTIL utility to authoritatively restore the data?
- Republish the SYSVOL
- Bring down all domain controllers at the site and reboot
- Perform a Primary restore
- Synchronize Active Directory Services
- Nonauthoritatively restore the System State data
- Revoke and reissue orphaned certificates
- Your company uses Windows 2000 IIS server and log files you have enabled a reverse lookup zone. This will assist in running troubleshooting tools. Because your company is experiencing trouble with a DNS server you decide to use NSLOOKUP to confirm that zone delegation was successful. At the command prompt on your DNS server, you type NSLOOKUP 10.0.0.25 command. What do you expect to see next?
- Server zone
- DNS log file
- DNS queries
- You have been requested to create a group Policy (GPO) linked to a domain. The GPO will be applied to all users in the domain. What is the first step in creating a GPO?
- Open the DispatchPolicy GPO console
- Open Active Directory Users and Computers
- Add the Group Policy snap-in to the MMC console
- Open Active Directory Sites and Services
- You have been asked to troubleshoot a problem with your DNS servers that appears to not be making zone transfers between primary and secondary DNS servers. You begin to solve this problem by opening the DNS console tree, right click the name server, then click Properties. On the Logging tab, select the debug options and click OK. Which of the following are solutions for transfer problems between primary and secondary zones?
(Choose all that apply).
- Make sure the serial numbers for the zones involved in the transfer are not the same on each server.
- Make sure a site-link server is properly configures between each zone.
- Delete the secondary DNS server from the primary and reboot.
- Eliminate the possibility of network connectivity between the two hosts. Use the PING command to ping each DNS host by its IP address from its remote counterpart.
- Verify that the primary and secondary DNS servers involved in the transfer are both started and that the zone is not paused.
Answer: A, E
- As the network administrator you have been asked to move a domain controller from one site to another existing site using Windows 2000 Active Directory. To accomplish this you begin by getting into the Active Directory Sites and Services console. Then you select the domain controller that you want to move. What do you do next?
- Right-click the domain controller, select Cut, navigate to the new site and Paste it there.
- Click Move on the Action menu, select the site to which you want to move the domain controller in the Move Server dialog box and click OK.
- Drag the domain controller to the new site and drop it there.
- Right-click the domain controller, select Advanced, select the site to which you want to move the domain controller in the Move Server dialog box, and click OK.
- As a network technician you have been requested to restore a mistakenly deleted organizational Unit from the Active Directory. You first perform a nonauthoritative restore of the System State data. After which you next chose to use the NTDSUTIL utility to authoritatively restore the organizational unit (OU) that has been mistakenly deleted. The deleted OU is named "prepexams1" and was located in the knowledgeoasis.com domain. At the command prompt you type the utility command 'ntdsutil' and enter, then the type of restore command 'authoritative restore' and enter. Which of the following commands should you enter next to restore this OU?
- Ntdsutil OU=prepexams1,DC=knowledgeoasis,DC=com
- Restore subtree OU=prepexams1,DC=knowledgeoasis,DC=com
- Restore database OU=prepexams1,DC=knowledgeoasis,DC=com
- Authoritative restore OU=prepexams1,DC=knowledgeoasis,DC=com
- You need to create a reverse lookup zone to enable reverse lookup queries. To create a reverse lookup zone you will need to open DNS console and expand the DNS server. What should you do next?
- Right-click the DNS server and click Properties.
- Right-click the Reverse Lookup Zone folder and click Advanced.
- Right-click the DNS server and select New Domain.
- Right-click the Reverse Lookup Zone folder and click New Zone.
- As network administrator you have been asked to create an Active Directory structure to allow local administrators at your company's branch offices to control users and local resources. The local administrators should control only resources in branch offices. What should you do to accomplish this request?
- Create a child OU for each branch office, place users and resources in it, and delegate control of each OU to local administrators at each office.
- Create a schema that contains formal definition of administrative duties and structure over users and resources in each branch.
- Create an implicit trust object thast grants specific authority to the local administrator over their branch domain.
- Create an explicit one-way nontransitive trust between domains that allow the branch administrators to controller their users and resources.
- You are the backup operator of a Windows 2000 domain. The domain has 2 domain controllers and one certificate server at the central office and 1 domain controller at a branch office. You have been requested to add the domain controller in the remote branch office to your regular once a week backup at the central office. You schedule the backup job to include the system state data from both locations. What will be backed up from the branch office?
- Certificate database
- COM+ Class Registration database
- System boot files
- None of the above
- You are an Account Operator responsible for maintaining Windows 2000 Active Directory and the network directory infrastructure. You have been using Windows 2000 Group Policy objects to assign .msi packages to a group of Windows 2000 Professional workstations based on their membership in an organizational unit. Recently you added several new users to the OUs receiving the .msi packages. All seems to performing properly until you are contacted by one of the new users. This user states that an error message: The feature you are trying to install cannot be found in the source directory. What is the solution(s) to this problem?
(Choose all that apply)
- You must ensure that the user has sufficient permissions for the SDP and the application.
- Make sure the network is operating correctly.
- You must ensure that the user has Apply Group Policy permission for the GPO.
- You must ensure that the user has READ permission for the GPO.
Answer: A, B, C, D