Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
98 Cards in this Set
- Front
- Back
Connection security rules require that network traffic allowed through the firewall use which of the following security mechanisms |
IPsec |
|
Which actions can you perform from the Windows Firewall control panel? |
Allow an application through the firewall in all three profiles Block all incoming connections for any of the three profiles Turn Windows Firewall off for all three profiles |
|
Which tools help you to enable Network Discovery firewall rules |
File Explorer Network and Sharing Center Allowed Apps dialog box |
|
What is true about the Windows Firewall rules regarding GPO and setting local setting. |
Applying firewall rules by using Group Policy combines the newly deployed rules with the ones already there. Importing firewall rules saved from another computer overwrites all the rules on the target system. |
|
Which Microsoft Management Console (MMC) snap-in can administrators use to create Group Policy Objects and manage their deployment to ActiveDirectory DS objects |
|
|
What type of DNS record is used to store the name to IP address mappings used for forward lookups |
A |
|
Which two of these are correct names for file permissons under Windows Server 2012 |
Advanced and Basic permission |
|
What are the four components involved with printing under Windows Server 2012 |
Print Device, Printer, Print Server, Print Driver. |
|
What PowerShell command would you use to create a storage pool? |
New-StoragePool -FriendlyName -StorageSubSystemFriendlyName -PhysicalDisks |
|
What are the three types of user accounts in Windows Server 2012 |
Local Account Domain Account Built-in Account |
|
On network does Automatic Private IP Addressing (APIPA) assign IPv4 addresses |
Automatic Private IP Addressing, a feature of later Windows operating systems. With APIPA, DHCP clients can automatically self-configure an IP address and subnet mask when a DHCP server isn't available. 169.254.0.1 to169.254.255.254. subnet mask B class 255.255.0.0 APIPA service also checks regularly for the presence of a DHCP server (every five minutes, according to Microsoft). If it detects a DHCP server on the network, APIPA stops, and the DHCP server replaces the APIPA networking addresses with dynamically assigned addresses. |
|
What are the three group scopes in Windows Server 2012 and group types? |
Scopes: domain local global universal Type: security distribution |
|
What PowerShell command would you use to demote a domain controller |
Uninstall-ADDSDomainController –ForceRemoval –LocalAdministratorPassword –Force |
|
What are valid security level for a Software Restriction policy? |
Software Restriction policy are: Disallowed Unrestricted Basic User. Windows Settings\Security Settingsnode of the User Configuration or the Computer Configuration node of a GPO. |
|
What component of Windows Server 2012 enables Remote Desktop clients to print to their local print devices? |
Easy Print |
|
What are the feature of NTFS which ReFS does not support? |
File compression EFS (Encrypting File System) Disk quotas |
|
Transport layer protocols are f.e.: |
UDP - user datagram protocol (with loss) TCP - transmission control protocol (without loss) FTP - port 21 - File Transfer Protocol SSH - port 22 - Secure Shell Telnet - poert 23 - Terminal Network SMTP - port 25 - Simple Mail Transfer Protocol HTTP - port 80 - Hyper Text Transfer Protocol |
|
IPv6 address types |
Unicast Provides one-to-one transmission service to individual interfaces, including server farms sharing a single address Multicast Provides one-to-many transmission service to groups of interfaces identified by a single multicast address Anycast Provides one-to-one-of-many transmission service to groups of interfaces, only the nearest of which (measured by the number of intermediate routers) receives the transmission |
|
What are software restriction rule types supported by Windows Server 2012? When implementing multiple rule types, systems apply the rules what is the order of precedence? |
1.Hash rules 2.Certificate rules 3.Network zone rules 4.Path rules |
|
Which of the following rule types applies to files with an .msi extension? |
Windows Installer rules |
|
Which of the following services must you manually start before Windows can applyAppLocker policies? |
Application Identity |
|
Under which of the following conditions will a hash rule in a software restriction policy cease to function? |
If you update the file on which the hash is based to a new version If the file on which the hash is based is modified by a virus |
|
What are the four nodes in AppLocker container. |
executable rules - exe, com windows installer rules scripts rules - .ps1, .bat, .cmd, .vbs, and .js packaged app rules |
|
Which of the following types of files do Group Policy tools access from a Central Store by default? |
ADMX files |
|
Which of the following techniques can you use to apply GPO settings to a specific group of users in an OU? |
Security filtering |
|
Windows applies the local GPOs in the following order |
The Local Group Policy settings are applied first, then either the Administrators or Nonadministrators GPO, and finally any user-specific GPOs. |
|
How is the virtualization capability built into Windows Server 2012 called and that architecture it is? |
Hyper-V, Type I virtualization which runs on bare-metal device in opposite to type II which require the operating system. |
|
Hyper-V installation by PS |
Install-WindowsFeature –Name Hyper-V-ComputerName -IncludeManagementTools -Restart |
|
Virtual Machine files (5) |
.XML filesThese files contain the virtual machine configuration details. There is one of these for each virtual machine and each snapshot of a virtual machine. They are always named with the GUID used to internally identify the virtual machine or snapshot in question. .BIN files This file contains the memory of a virtual machine or snapshot that is in a saved state. .VSV filesThis file contains the saved state from the devices associated with the virtual machine. .VHD filesThese are the virtual hard disk files for the virtual machine .AVHD filesThese are the differencing disk files used for virtual machine snapshots |
|
New VM by PS |
New-VM –Name “VM name” –MemoryStartupBytes –NewVHDSizeBytes |
|
Function of Guest Integration Services package: |
1. Operating system shutdown 2. Time Synchronization 3. Data Exchange 4. Heartbeat 5. Backup |
|
Setting VM running on Hyper-V memory setting by PS |
Set-VMMemory -DynamicMemoryEnabled $true-MinimumBytes -StartupBytes -MaximumBytes -Priority -Buffer |
|
What is smart paging and when it is used: |
This makes it possible for Hyper-V to reduce the memory used by a VM to a level lower than that needed to start the system, reclaiming that memory for other uses. when a VM must be restarted, there is no free memory available, and there are no other means available to free up the necessary memory. |
|
Which of the following Hyper-V features make it possible for a VM to function with a minimum RAM value that is lower than the startup RAM value? |
A.Smart paging B.Dynamic Memory C. Guest Integration Services |
|
When you install the Hyper-V role on a server running Windows Server 2012, the instance of the OS on which you installed the role is converted to what system element? |
The parent partition |
|
VHDX disk feature: |
64 TB, (VHD -only 2 TB) 4-KB logical sector sizes to provide compatibility with new 4-KB native drives. VHDX files can also use larger block sizes (up to 256 MB), can only be read by Windows Server 2012 and Windows 8 Hyper-V servers. |
|
Disk types: |
Fixed Size Creates Dynamically Expanding Differencing |
|
Configuring pass-through disks |
VM must have exclusive access to it, disk offline in the parent OS by using the Disk Management or Diskpart.exe utility, it will be available for selection in the Physical Hard Disk drop-down list. |
|
Which of the following must be true about a pass-through disk? |
A pass-through disk must be offline in the parent partition of the Hyper-V server. |
|
Modifying virtual disks |
compact convert shrink expand merge Combines the data on a differencing disk with that of the parent disk to form a single composite image file |
|
network traffic of VM bypass the virtual switches on the parent partition |
Single Root I/O Virtualization - SR-IOV enables network traffic to bypass the virtual software switch layer by assigning a VF to the Hyper-V child partition directly. |
|
There are two types of network adapter in virtual machines: |
"Network Adapter" "Legacy Network Adapater" -is needed when you need PXE boot or when your VM's OS needs access to the network before you can install hyper-v "Integration Services". |
|
Virtual switch types: |
|
|
How many network adapters on a Windows Server 2012 Hyper-V server can you create? |
eight synthetic and four emulated (sometimes called legacy). |
|
Which of the following are valid reasons for using an emulated network adapter rather than a synthetic one? |
You want to install the guest OS by using a Windows Deployment Services server. There is no Guest Integration Services package available for the guest OS you plan to use. |
|
Which statements are true about synthetic network adapters? |
Synthetic adapters communicate with the parent partition by using the VMBus. Synthetic adapters require the Guest Integration Services package to be installed on the guest OS.C. Synthetic adapters provide faster performance than emulated adapters. |
|
What is the maximum number of ports supported by a Hyper-V virtual switch? |
Unlimited |
|
Which of the following virtual switch types does not enable guest OSs to communicatewith the parent partition? |
Private |
|
How many dynamically assigned MAC addresses can a Hyper-V server provide bydefault? |
256 - 00-15-1D-02-12-00 to 00-15-1D-02-12-FF this range can be modified. |
|
Which feature must you add to a Windows Server 2012 Server Core installation to convert it to the Minimal Server Interface? |
Graphical Management Tools and Infrastructure |
|
Which features must you remove from a full GUI installation of Windows Server 2012 to convert it to a Server Core installation? |
Graphical Management Tools and Infrastructure Server Graphical Shell |
|
What is the name of the directory where Windows stores all the operating system modules it might need to install at a later time? |
|
|
Which of the following are valid reasons why administrators might want to install their Windows Server 2012 servers by using the Server Core option? |
A Server Core installation can be converted to the full GUI without reinstalling the operating system. The new Server Manager in Windows Server 2012 makes it far easier to administer servers remotely. |
|
Which of the following statements about Server Manager are true? |
Server Manager can deploy roles to VHDs Server Manager can install roles and features at the same time. Server Manager can install roles and features to any Windows Server 2012 server on the network. |
|
Which of the following operations can you perform on a service by using Server Manager? |
|
|
A JBOD drive array is an alternative to which of the following? |
RAID |
|
In the NTFS permission system, combinations of advanced permissions are also knownas __________ permissions. |
Basic permissions are formed by creating various combinations ofadvanced permissions. In Windows Server versions prior to Windows Server 2012, standard permissionsare formed by creating various combinations of special permissions. |
|
MMC uses the Distributed Component ObjectModel (DCOM) for remote management instead of WinRM, and these settings are notenabled by default. Which rules? |
■■COM+ Network Access (DCOM-In) ■■ Remote Event Log Management (NP-In) ■■ Remote Event Log Management (RPC) ■■ Remote Event Log Management (RPC-EPMAP) |
|
Set firewall rule by PS |
Set-NetFirewallRule –name < rule name> –enabled True |
|
To add WinRM support to servers running Windows Server 2008 or Windows Server 2008 R2, you must do? |
.NET Framework 4.0 Windows Management Framework 3.0 Enable the Windows Remote Management (HTTP-In) rules in Windows Firewall Create a WinRM listener by running the winrm quickconfig command at a command prompt with Administrative privileges. Enable the COM+ Network Access and Remote Event Log Management rules in Windows Firewall, as described in the previous section. |
|
How to establish remote session with remote computer by PS and how to exit: |
Enter-PSSession -credential Exit-PSSession |
|
You can verify SRV locator resource records by viewing Netlogon.dns you want to determinate which service location (SRV) records are registered in DNS for server |
netlogon.dns in %systemroot%\System32\Config |
|
What is DISM? |
Deployment Image Servicing and Management (DISM.exe) is a command-line tool that can be used to service a Windows® image or to prepare a Windows Preinstallation Environment (Windows PE) image. DISM can be used to service a Windows image (.wim) or a virtual hard disk (.vhd or .vhdx).DISM replaces the ImageX tool which was deprecated in Windows 8. DISM also replaces Package Manager (Pkgmgr.exe), PEimg, and Intlcfg that were included in previous deployment toolkits. DISM also adds new functionality to improve the experience for offline servicing. |
|
|
This issue may occur if there is a Group Policy object (GPO) that restricts what programs you can run. Programs can be restricted if either of the following policies in the domain organizational unit group policy or a local computer group policy have been applied:Do not run specified Windows applications.Run only the allowed Windows applications. |
|
How to change location of spool folder? |
|
|
IPv6 addressing and IPv4 equivalents: |
GLOBAL UNICAST ADDRESSES - registered IPv4 LINK-LOCAL UNICAST ADDRESSES (APIPA)- fe Unique Local Unicast Addresses - private IPv4 (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) Multicast Addresses - ff |
|
Installation of first domain controller in a new domain in the forest |
Install-AddsDomain |
|
Changes the name of an Active Directory object. (modify the SAM - Security Account Manager - account name) |
Rename-ADObject |
|
What llows the computer to accept unsolicited inbound packets that have passed through an edge device, such as a network address translation (NAT) router or firewall? |
Edge traversal |
|
Group Policy Management Console (GPMC) is installed with OS? |
is included in OS but this feature is not installed with the operating system. Use Server Manager to install the GPMC. https://technet.microsoft.com/en-us/library/cc725932.aspx |
|
You configure all of the client computers to use Server1 as their primary DNS server.You need to prevent Server1 from attempting to resolve Internet host names for the client computers. |
necessary to remove the default root hints files install a root (.) zone on all internal DNS servers to prevent name resolution on the Internet - Create a primary zone named “.” |
|
you create a software restriction policy to allow an application named App1 by using a certificate rule. You need to ensure that when users attempts to execute App1, the certificate is verified against a certificate revocation list (CRL) |
modify the Trusted Publisher Properties |
|
forwarders vs. conditional forwarders |
A forwarder is a Domain Name System (DNS) server on a network used to forward DNS queries for external DNS names to DNS servers outside of that network. You can also forward queries according to specific domain names using conditional forwarders. |
|
The DNS domain option (option 15) is not configured for one or more scopes. DHCP IPv4 clients will not be provided with a DNS domain and will not be able to resolve names |
Configure a DNS domain option as a server or scope option using the DHCP MMC. |
|
you plan to create a cloned domain controller named DC3 from an image of DC1. you need to ensure that you can clone |
create a dccloneconfig.xml file on DC1 add the computer account of DC1 to the Cleneable Domain Controller group |
|
Server has following storage spaces: data, users, backups, primordial. you add an additional hard disk to server. you need to identify which storage space contains the new hard disk. Which storage space contains the new disk. |
|
|
New-VirtualDisk |
Creates a new virtual disk in the specified storage pool. |
|
Set-DscLocalConfigurationManager |
Applies Local Configuration Manager settings to nodes. |
|
Start-DscConfiguration |
Applies configuration to nodes. Specify which computers you want to apply configuration to by specifying computer names or by using Common Information Model (CIM) sessions. |
|
VM Generation 1 |
The generation of a virtual machine determines the virtual hardware and functionality that is presented to the virtual machine. In Hyper-V there are two supported virtual machine generations, generation 1 and generation 2. Generation 2 virtual machines have a simplified virtual hardware model, and supports Unified Extensible Firmware Interface (UEFI) firmware instead of BIOS-based firmware. The majority of legacy devices have also been removed from generation 2 virtual machines. |
|
VM Generation 2 |
Functionality: PXE boot by using a standard network adapter Boot from a SCSI virtual hard disk Boot from a SCSI virtual DVD Secure Boot (enabled by default) UEFI firmware support |
|
Get-DnsServerDiagnostics |
Retrieves DNS event logging details. |
|
Disable user account |
Set-ADUser -Identity Zosia -Enabled 0 (1 for enabled) Disable-ADAccount -Identity Zosia |
|
Relay Agent |
remote access role to set it go under IPv4 General |
|
Redircmp |
Redirects the default container for newly created computers to a specified, target organizational unit (OU) so that newly created computer objects are created in the specific target OU instead of in CN=Computers. redircmp ou=newcomputerou,dc=domainname,dc=com |
|
Move-ADObject |
Get-ADComputer $pc | Move-ADObject -TargetPath $newOU |
|
view printer objects in active directory |
users and computers - view users, contacts, groups... |
|
Spanned disk |
To create a spanned volume using the Windows interface In Disk Management, right-click the unallocated space on one of the dynamic disks where you want to create the spanned volume.Click New Spanned Volume….Follow the instructions on your screen. |
|
Print Server properties |
|
|
Group Policy .... Editor |
Management - for the domain policies (open group policy management and edit on policy) Object for local policies (open from mmc) |
|
UAC |
|
|
Print Pool |
Two or more printers are required; Windows Server 2003 does not limit the number of printers in a pool.The printers in the pool must be of the same model, and they must use the same printer driver.Printer ports can be of the same type or mixed (such as parallel, serial, and network).If you want to ensure that documents are first sent to the faster printers, add the faster printers to the pool first and the slower printers last. Print jobs are routed in the order in which you create the ports.Because users do not know which printer prints their documents, it is a good idea to locate all of the pooled printers in the same physical location. Otherwise, users might not be able to find their printed documents. |
|
Internet Printing |
create a web site where users can manage print jobs on server. with Internet Printing client user can connect and print to shared printers on server by using Internet Printing Protocol (IPP) |
|
Print Pooling |
enable on port tab modify the priority on the advanced tab |
|
Root Hint |
DNS manager on Domain properties - Root Hint or in the cache.dns file - located in System23\Dns |
|
dism.exe |
to remove the source files for all server roles that are not installed on server before you create an image of server |
|
Automatic start action |
|
|
Enable-NetAdapterBinding |
Enable Windows Network Virtualization Filter Driver |