| All the review questions for this chapter are based on the following scenario: Case Study: Global Delivery Global Delivery is a worldwide freight-shipping company headquartered in Baltimore, Maryland. With offices on every continent except Antarctica, Global has an extensive wide area network infrastructure. Administratively, Global is divided into three regions : Americas, Europe/Africa, and Asia/Australia. The Americas regional headquarters is in Dallas; the Europe/Africa region is headquartered in Zurich; and the Asia/ Australia headquarters is in Sydney. The company also has hundreds of local offices, and these offices report to the appropriate regional headquarters. Current LAN/Network Structure Global is predominantly a Unix shop, although a number of Windows NT servers have been deployed over the past three years . Currently, four master accounts domains exist ”one at each regional headquarters and one at the corporate offices in Baltimore. These four domains are linked in a complete trust model. The local offices typically run Unix applications using either VT100-style terminals or personal computers with VT100-emulation software installed. Few local offices have a server. Existing Unix Web and DNS servers will not be replaced . These servers are located at the Baltimore headquarters. The DNS servers are running BIND 4.9.7. Proposed LAN/Network Structure Global is committed to replacing the bulk of its older Unix applications with n - tier client/server applications using Web interfaces. These replacement applications are already under development. Windows 2000 will be deployed at all locations over the next several months to support the new applications. Current WAN Connectivity Corporate headquarters is connected to the Europe/Africa and Asia/Australia regions with 64Kbps circuits. These circuits are very heavily used during overlapping business hours. The Dallas office has a full T1 connection to Baltimore. This circuit is underutilized , except from 10 a.m. until 1 p.m. and from 2 p.m. until 5 p.m. Baltimore time. The local offices typically use dial-up connections to either the regional office or an ISP to access corporate systems. These connections can be as slow as 9600bps. Proposed WAN Connectivity Although the 64Kbps lines are slow and sometimes saturated , there are no immediate plans to upgrade them. As part of the Windows 2000 and client/server application deployment, the local offices will use local dial access and VPN technologies to access the corporate applications. Directory Design Commentary Director, Corporate Telecommunications : We cannot afford to upgrade our WAN links at this time. We will be working to cut communications costs using VPNs at our local offices, but the transatlantic and transpacific circuits will have to stay as is. Security Administrator : Our current Windows NT domain model is poorly designed. We need a better way to control access to our corporate resources, especially with the migration of many of our applications to a Windows 2000 platform. DNS Administrator : Our current DNS servers work just fine, and I am not going to replace them with something new and unproven. Our Web and DNS servers are mission-critical to our business. Director, Information Technology : Our new client/server applications mean that we do not have to put servers out in the local offices. This takes a tremendous load off my mind because there were numerous tricky support issues. Current Internet Positioning Global has an extensive Web presence that allows customers to request pickups, track shipments, and display billing information online. Global's registered domain name is global-deliver.com . | Question 1 | Which types of replication can occur over the 64Kbps lines from Baltimore to Sydney and Zurich? | | A1: | The correct answer is c. For low-speed WAN links, SMTP is much more reliable, but because the 64Kbps lines are heavily used only during certain periods of the day, RPC might be possible. Therefore, answers a and b are incorrect because either transport could be used. An in-depth traffic analysis is needed to determine the best option. Answer d is also incorrect because 64Kbps is capable of supporting SMTP traffic and could well work for RPC. | | Question 2 | How many sites should be created for Global Delivery? | | A2: | The correct answer is c. A site should be created for each regional office and the headquarters office. Answers a and b are incorrect because separate sites are necessary for locations on the other side of slow (64Kbps) WAN links. Answer d is incorrect because servers will not be deployed at the local offices. | | Question 3 | Place the Operations Masters shown in the second list into the appropriate domains from the first list. Domain: global-deliver.com americas.global-deliver.com asia-australia.global-deliver.com europe-africa.global-deliver.com Operations Masters: Schema Master PDC Emulator RID Master Infrastructure Master Domain Naming Mater | | A3: | The correct answer is as follows : global-deliver.com : Schema Master PDC Emulator RID Master Infrastructure Master Domain Naming Mater americas.global-deliver.com : PDC Emulator RID Master Infrastructure Master asia-australia.global-deliver.com : PDC Emulator RID Master Infrastructure Master europe-africa.global-deliver.com : PDC Emulator RID Master Infrastructure Master | | Question 4 | To provide a measure of fault tolerance, Global Delivery has decided to create backup connections to Sydney and Zurich. For each of the site links shown in Figure 9.7, drag an appropriate cost from the boxes on the left to the circuit. You can use a cost more than once. The backup site links should be used only if the main links fail. Figure 9.7. Wide area network link costing.  | | A4: | See Figure 9.8 for the correct answers. Figure 9.8. Wide area network links with costs applied.  | | Question 5 | The WAN link between Baltimore and Dallas is at full capacity at certain times of the day. What can be done to ensure that RPC replication does not occur when the T1 line is typically saturated? [Select two.] -
a. Create a site link schedule and prevent replication during peak hours. -
b. Configure a link monitor agent to determine when the link is saturated and set it to stop replication when this occurs. -
c. Use an SMTP site link rather than an RPC link. -
d. Set the Replication Governor Registry value to reduce the impact of replication traffic on the link. -
e. Set the replication frequency to once every 240 minutes. | | A5: | The correct answers are a and c. A site link schedule sets times when replication cannot occur over the site link. Another option is to use SMTP for replication. If the link is saturated, the SMTP server times out waiting for a connection with the server on the other side, effectively delaying replication until the link is less busy. Answer b is incorrect because there is no such thing as a link monitor agent in Windows 2000. Answer d is incorrect because no Replication Governor Registry value exists in Windows 2000. That parameter is used to configure replication in Windows NT. Finally, answer e is incorrect because changing the replication frequency does not prevent replication from occurring during peak periods. | | Question 6 | The server holding the role of PDC Emulator for the global-deliver.com domain has failed and will be unavailable for at least a day. What can be done to fill this Operations Master role? [Select all that apply.] -
a. Use dcpromo to create a new domain controller. Run a restore from the latest backup of the failed server to update the new domain controller, and then place the new PDC emulator online. -
b. From another domain controller in the same domain, run the Active Directory Users and Computers MMC snap-in. Right-click the global-deliver.com domain and select Operations Masters from the drop-down list. Select the PDC tab in the Operations Masters dialog box and click the Change button. -
c. Use the NTDSUTIL command-line utility to seize the role of PDC Emulator. -
d. Do nothing. A new PDC Emulator will automatically be chosen in 15 minutes of the failure of the original PDC Emulator. -
e. Do nothing. The PDC Emulator is not needed after a domain is in native mode. | | A6: | Answers b and c are correct. Either the Active Directory Users and Computers MMC snap-in or the NTDSUTIL command-line utility can be used to transfer the PDC Emulator role to another domain controller. Answer a is incorrect because it creates duplicate computer SIDs on the network, among other things, when the old PDC Emulator is brought back online. Answer d is incorrect because a new PDC Emulator must be manually selected. Answer e is incorrect because the PDC Emulator still has roles in native mode for password changes and as the source of Group Policy updates, to name just two. | | Question 7 | For intrasite replication, how many minutes will elapse before all domain controllers are updated with a change to Active Directory? | | A7: | The correct answer is b. The intrasite replication topology creates connection objects so that no server is more than three hops away from any other server in the site. With the standard 5-minute delay after a change is detected , no more than 15 minutes will elapse before a change has been replicated to all domain controllers. Therefore, answers a, c, and d are incorrect. | | Question 8 | The Director of Information Technology is wondering whether it would be better to put the Baltimore and Dallas locations into a single site. From the second list, place the advantages of each type of replication under the Intrasite or Intersite headings in the first list. Type of replication: Intrasite Intersite Advantages: Replication traffic is compressed. A choice of protocols is available for replication. Domain controllers are updated more quickly. Replication can be scheduled to avoid peak traffic periods. Replication occurs as soon as a change is made. The replication topology is always self-repairing if a domain controller is down. | | A8: | The correct answers are as follows: Intrasite replication: Domain controllers are updated more quickly. Replication occurs as soon as a change is made. The replication topology is always self-repairing if a domain controller is down. Intersite replication : Replication traffic is compressed. A choice of protocols is available for replication. Replication can be scheduled to avoid peak traffic periods. | | Question 9 | Which two naming contexts share a replication topology? -
a. Domain and Schema -
b. Global Catalog and Domain -
c. Schema and Configuration -
d. Global Catalog and Schema -
e. Global Catalog and Configuration | | A9: | The correct answer is c. The Schema and Configuration naming contexts replicate to all domain controllers in a forest and use the same replication topology. Answer a is incorrect because the Domain naming context replicates only to domain controllers in a single domain. Answers b, d, and e are incorrect because only Global Catalog Servers use the Global Catalog replication topology. | | Question 10 |  | The domain controller in Baltimore that acts as the bridgehead server has gone down. How can a new bridgehead server be brought online? | -
a. Using the Active Directory Sites and Services MMC snap-in at the server that will be the new bridgehead server, select the affected site and right-click it. Select Bridgehead Servers from the drop-down list and click the Change button. -
b. Run the NTDSUTIL command-line utility and seize the role of bridgehead server. -
c. Do nothing. A new bridgehead server will be selected automatically as soon as the KCC detects that the current server is not available. -
d. Using the Active Directory Sites and Services MMC snap-in, right-click any site link in the affected site. Select Properties from the drop-down list and select the Bridgehead Servers tab from the Properties page. Then, select a new bridgehead server from the list of available domain controllers. | | A10: | The correct answer is c. A new bridgehead server is selected automatically. Answers a, b, and d are incorrect because there is no way of selecting a bridgehead server from either NTDSUTIL or the Sites and Services MMC snap-in. |  |
