Shared Flashcard Set


Exam 70-640 - Ch3
Chapter 3 - Active Directory Planning and Installation
Computer Networking

Additional Computer Networking Flashcards




You are the systems administrator of a large organization that has recently implemented Windows Server 2008 R2. You have a few remote sites that do not have very tight security. You have decided to implement read-only domain controllers (RODC). What forest and function levels does the network need for you to do the install? (Choose all that apply.)

A. Windows 2000 Mixed
B. Windows 2008 R2
C. Windows 2003
D. Windows 2008
B, C, D. The forest and function levels have to be Windows 2003 or above to install an RODC.
What is the maximum number of domains that a Windows Server 2008 R2 computer, configured as a domain controller, may participate in at one time?

A. Zero
B. One
C. Two
D. Any number of domains
B. A domain controller can contain Active Directory information for only one domain. If you want to use a multidomain environment, you must use multiple domain controllers configured in either a tree or forest setting.
A systems administrator is trying to determine which filesystem to use for a server that will become a Windows Server 2008 file server and domain controller. His company's requirements include the following:
The filesystem must allow for file-level security from within Windows 2008 Server.
The filesystem must make efficient use of space on large partitions.
The domain controller SYSVOL must be stored on the partition.
Which of the following filesystems meets these requirements?

B. FAT32
D. NTFS has file-level security and makes efficient usage of disk space. Since this machine is to be configured as a domain controller, the configuration requires at least one NTFS partition in order to store the SYSVOL information.
For security reasons, you have decided that you must convert the system partition on your Windows Server 2008 R2 from the FAT32 filesystem to NTFS. Which of the following steps must you take in order to convert the filesystem? (Choose two.)

A. Run the command CONVERT /FS:NTFS from the command prompt.
B. Rerun Windows Server 2008 R2 Setup and choose to convert the partition to NTFS during the reinstallation.
C. Boot Windows Server 2008 R2 Setup from the installation CD-ROM and choose Rebuild File System.
D. Reboot the computer.
A, D. In order to convert the system partition to NTFS, you must first use the CONVERT command-line utility and then reboot the server. During the next boot, the filesystem will be converted.
Windows Server 2008 R2 requires the use of which of the following protocols or services in order to support Active Directory? (Choose two.)

B, E. The use of LDAP and TCP/IP is required to support Active Directory. TCP/IP is the network protocol favored by Microsoft, which determined that all Active Directory communication would occur on TCP/IP. DNS is required because Active Directory is inherently dependent on the domain model. DHCP is used for automatic address assignment and is not required. Similarly, NetBEUI and IPX/SPX are not available network protocols in Windows Server 2008 R2.
You are promoting a Windows Server 2008 R2 computer to an Active Directory domain controller for test purposes. The new domain controller will be added to an existing domain. While you are using the Active Directory Installation Wizard, you receive an error message that prevents the server from being promoted. Which of the following might be the cause of the problem? (Choose all that apply.)

A. The system does not contain an NTFS partition on which the SYSVOL directory can be created.
B. You do not have a Windows Server 2008 R2 DNS server on the network.
C. The TCP/IP configuration on the new server is incorrect.
D. The domain has reached its maximum number of domain controllers.
A, C. The SYSVOL directory must be created on an NTFS partition. If such a partition is not available, you will not be able to promote the server to a domain controller. An error in the network configuration might prevent the server from connecting to another domain controller in the environment.
You are installing the first domain controller in your Active Directory environment. What command do you run in order to begin the Active Directory Installation Wizard?

A. DCPromote.exe
B. DomainPromote.exe
C. DCPromo.exe
D. Promote.exe
C. You use DCPromo.exe to begin the process of promoting or demoting a server to/from a domain controller.
You are the network administrator for a large company that creates widgets. You are asked by management to implement a new Windows Server 2008 R2 system. You need to implement federated identity management. Which of the following will help you do this?

A. Active Directory Federation Services
B. Active Directory DNS Services
C. Active Directory IIS Services
D. Active Directory IAS Services
A. You'll need to use Active Directory Federation Services (AD FS) in order to implement federated identity management. Federated identity management is a standards-based technology and information technology process that will enable distributed identification, authentication, and authorization across organizational and platform boundaries. The AD FS solution in Windows Server 2008 helps administrators address these challenges by enabling organizations to securely share a user's identity information.
You are the systems administrator responsible for your company's infrastructure. You think you have an issue with name resolution and you need to verify that you are using the correct hostname. You want to test DNS on the local system and need to see if the hostname server-1 resolves to the IP address Which of the following actions provides a solution to the problem?

A. Add a DNS server to your local subnet.
B. Add the mapping for the hostname server-1 to the IP address in the local system's HOSTS file.
C. Add an A record to your local WINS server.
D. Add an MX record to your local DNS server.
B. The HOSTS file is a text file-based database of mappings between hostnames and IP addresses. It works like a file-based version of DNS. DNS resolves a hostname to an IP address.
You have one Active Directory forest in your organization that contains one domain named You have two domain controllers configured with the DNS role installed. There are two Active Directory Integrated zones named and One of your IT members (who is not an administrator) needs to be able to modify the DNS server, but you need to prevent this user from modifying the SOA record. How do you accomplish this?

A. Modify the permissions of zone from the DNS Manager snap-in.
B. Modify the permissions of zone from the DNS Manager snap-in.
C. Run the Delegation of Control Wizard in Active Directory.
D. Run the Delegation of Control Wizard in the DNS snap-in.
A. You only need to give them rights to the zone using the DNS snap-in. If they do not have any rights to the zone, they will not be able to configure this zone in any way.
Supporting users have an ad free experience!