IT Certifications Home > microsoft > mcse
MICROSOFT/MCSE
MCSE INTRODUCTIONMCSE BOOT CAMPSFREE MCSE PRACTICEMCSE BOOKS |
101 Tips for Passing
the 70-217 Exam
Implementing and Administering a
Microsoft Windows 2000 Directory
Services Infrastructure
1. Active Directory Connector (ADC) is used for replication between Exchange and
Active Directory.
2. Compression is used when replication is between sites.
3. Multimaster replication is employed by Active Directory to keep all domain
controllers as peers.
4. Forests are collections of Active Directory domains.
5. All trees within a forest have different naming structures but share common
schema.
6. Domains in a forest can communicate across the organization but operate
independently.
7. Domains within a single tree share a common schema and a common global
catalog.
8. The Knowledge Consistency Checker (KCC) is responsible for generating
replication information within a forest.
9. Active Directory is installed and removed via the Active Directory Wizard.
10. Active Directory is installed only on domain controllers.
11. Active Directory must have DNS available for domain controllers to find other
domain controllers.
12. NETLOGON.DNS is the file that holds DNS entries for Active Directory. It
resides beneath the System32\Config folder.
101 Tips for Passing the 70-217 Exam
1
http://www.CertificationCorner.com
13. Active Directory requires a minimum of one logical disk formatted with NTFSv5.
For best results, NTFSv5 should be used on all disks.
14. A Distinguished Name (DN) exists for every object in Active Directory. The
values cannot be duplicates; they must be unique.
15. Bridgehead servers replicate changes to all domain controllers in the site.
16. ADSI Edit is used to view objects, including schema and configuration naming
contexts.
17. ADSI is a directory service model that allows Windows 9x, NT, and 2000
applications to use network directory services.
18. Assigning software (via group policies) causes the software to be installed
regardless of whether it is used.
19. Auditing is turned off by default, but can be turned on and customized to monitor
security events.
20. DCPROMO is used to promote a member server to a domain controller.
21. DCPROMO is used to install Active Directory.
22. DFSUTIL is used to manage Dfs (the Distributed file system).
23. Differential backups back up files that have the archive bit on, but do not turn the
bit off.
24. Full backups back up all files and then turn the archive bit off.
25. Incremental backups back up files that have the archive bit on, and then turn the
bit off.
26. System State data can be backed up only by members of the Administrators or
Backup Operator groups.
27. Disk quotas can be assigned via group policies to restrict how much space a user
is allowed to have in specific folders.
28. Distribution groups are used for nonsecurity-related purposes.
29. DNS names exist to make accessing resources easier for users than using IP
addresses.
30. DNS CNAME resource records hold canonical names or aliases for the server.
31. DNS PTR resource records are used for reverse lookup.
32. DNSCMD is used to check dynamic registration of DNS resource records.
33. Domain Naming Master and Schema Master are forest-wide roles, whereas RID
Master, PDC Emulator, and Infrastructure Master are domain-wide roles.
34. Domain Naming Master is the only server capable of adding new domains to the
forest.
101 Tips for Passing the 70-217 Exam
2
http://www.CertificationCorner.com
35. Global Catalogs at each site allow computers to search locally and not have to
cross slow links.
36. There must be a global catalog server present to be able to process logons.
According to Microsoft, if a user is a member of Domain Admins, however, only
then can he or she log on in the absence of a global catalog server.
37. The Infrastructure Master should not be located on a global catalog server.
38. DSACLS is used to view and modify the access control list (ACL).
39. ESEUTIL can perform many of the same tasks as NTDSUTIL, including
compacting, repairing, moving, and dumping directory database files.
40. Globally Unique Identifiers (GUIDs) are 128-bit numbers guaranteed to be
unique. They never change regardless of what other information about the object
changes.
41. Only Windows 2000 systems can work with group policies. Previous operating
systems must still utilize system policies, created with the POLEDIT utility.
42. Group policies are implemented by Site, Domain, and then Organizational Unit
(OU).
43. Group Policy is a component of Active Directory used to restrict users and
enforce limitations.
44. Local policies, if present, are implemented prior to group policies.
45. Folders can be redirected through a group policy to allow users to find their
folders regardless of which machine they are using. (As an analogy, think of
roaming profiles versus local profiles.)
46. IAS (Internet Authentication Service) is used to provide one central location
where authorization and related services take place.
47. If the current Domain Naming Master server is to become unavailable, its role
should be seized.
48. Infrastructure Master, PDC Emulator, and Relative ID roles are all domain-wide
roles.
49. IntelliMirror is used to automatically reconfigure hosts that do not meet specified
requirements.
50. The Knowledge Consistency Checker (KCC) is responsible for generating
replication information within a forest.
51. The Knowledge Consistency Checker (KCC) runs on each domain controller
automatically.
52. LDAP (Lightweight Directory Access Protocol) is the main access protocol for
Active Directory.
101 Tips for Passing the 70-217 Exam
3
http://www.CertificationCorner.com
53. Load balancing is one of the primary reasons for transferring operation master
roles.
54. Mixed mode is the default mode that all domain controllers go to when Windows
2000 is first installed. This allows non-Windows 2000 domain controllers
(Windows NT) to be a part of the domain.
55. Native mode does not allow NT domain controllers to be added to the network.
56. Once a domain is changed from mixed mode to native mode, it cannot be changed
back.
57. MOVETREE is used to move objects between domains.
58. Two-way transitive trusts are the default in Windows 2000.
59. Two-way transitive trusts exist between domain trees and domains.
60. NETDOM can be used to manage domains and trust relationships.
61. NETTEST can be used to check distributed service functions.
62. Non-Microsoft DNS servers must utilize SRV records and be compatible with
BIND 8.1.2 (or higher).
63. NSLOOKUP can be used to troubleshoot problems with DNS.
64. NTDSUTIL can be used to do an authoritative restore.
65. NTDSUTIL is used to move, dump, repair, and compact directory database files.
66. Organizational units (OUs) are containers for logical structuring.
67. PPTP (Point-to-Point Tunneling Protocol) is used for tunneling IPX and other
protocols over TCP/IP.
68. Published software (via group policies) is available, but is not installed
automatically.
69. RADIUS (Remote Authentication Dial-In User Service) is the IAS
implementation within Windows 2000.
70. Relative Distinguished Names (RDNs) need not be unique if they exist in separate
OUs.
71. In order to function properly, Remote Installation Services (RIS) requires Active
Directory, as well as DHCP and DNS.
72. REPLMON is used to show replication topology and monitor status. It can also be
used to force replication or KCC (Knowledge Consistency Checker) recalculation.
73. Roaming user profiles enable users to have their same settings regardless of which
machine they are using.
74. A mandatory user profile has the extension changed from .DAT to .MAN. A
mandatory profile must also be roaming.
101 Tips for Passing the 70-217 Exam
4
http://www.CertificationCorner.com
75. An RPC (remote procedure call) is used for replication traffic within a site, and
the data is uncompressed.
76. Schemas hold the definitions (attributes, classes, class properties) of Active
Directory.
77. Security groups are used to assign permissions to a grouping of users for
accessing one or more objects.
78. The Security Templates snap-in allows you to easily configure a Windows
machine to standard roles.
79. Separate domains should be created for political reasons, replication concerns,
and decentralized network administration.
80. SIDWALKER is the utility to use to work with previously owned accounts and to
manage access control policies.
81. Sites are groups of subnets and domain controllers.
82. Sites are used to partition Active Directory into logical groups.
83. Site links specify how Active Directory will connect sites within the network and
inform Active Directory of favorable replication links.
84. Active Directory Sites and Services is used to create sites and site links.
85. Site link bridges have costs assigned by adding together the costs of all site links.
86. Site links can use IP or SMTP. IP is used for higher-speed connections, whereas
SMTP is used for slower-speed connections.
87. SMTP (Simple Mail Transfer Protocol) is asynchronous, whereas RPC is
synchronous.
88. SMTP is used for replication traffic over WAN links.
89. Software can be assigned to a user or computer, but published only to users (not
computers).
90. Subnets are used to divide the network into logical segments. A subnet cannot be
divided between multiple sites.
91. SYSVOL holds all public files. It has the NETLOGON share and requires NTFS.
92. The purpose of MAPI is to send and receive emails. Whereas MAPI is used for
messaging, TAPI is used for telephony.
93. The Security Configuration and Analysis Tool can be used to import security
templates.
94. The Windows Installer uses files with an .MSI extension. Non-compliant
programs can be installed using .ZAP files.
95. Tombstoning is the process of marking records for deletion.
96. Too many global catalog servers in a network can cause excessive network traffic.
101 Tips for Passing the 70-217 Exam
5
http://www.CertificationCorner.com
97. Trees are groupings of Windows 2000 domains that share contiguous namespaces
and a hierarchical naming structure.
98. User Principal Names (UPNs) are often referred to as "friendly names."
99. When DNS logging is enabled, entries are written to the file DNS.LOG.
100.
Write access to the schema is restricted to the Administrators group.
101.
Zone transfers in DNS can be incremental (IXFR) or full (AXFR).
101 Tips for Passing the 70-217 Exam
6
http://www.CertificationCorner.com
Document Outline
|