Key Terms


Key Terms

Before you take the exam, be certain you are familiar with the following terms:

autonomous model

organization-based forest

collaborative model

reliability

data administrators

resource forest

data autonomy

restricted-access forest

high availability

schema modification policy

isolated model

service administrators

Operations Masters

 



Review Questions

1.  

Those users who are responsible for planning, implementing, maintaining, and controlling the Active Directory forest are identified as which of the following?

  1. Data administrators

  2. Domain administrators

  3. Forest administrators

  4. Service administrators

d. service administrators are responsible for the active directory and making sure that it is available and configured correctly so that users can gain access to the services it provides.

2.  

Those users who are responsible for maintaining objects in Active Directory are identified as which of the following?

  1. Data administrators

  2. Domain administrators

  3. Forest administrators

  4. Service administrators

a. data administrators are responsible for the administration of the objects within their partition of active directory. they could have control over all objects within a domain, or they could be granted control at the ou level.

3.  

When creating the forest design, which of the following is the least expensive to administer?

  1. Single forest/single domain

  2. Single forest/multiple domain

  3. Two forests/single domain each

  4. Two forests/multiple domains each

a. the single forest/single domain structure is the least costly to administer since all of the administrative functions are handled within the single structure. all of the administration models can still be supported, but you will only have to maintain one domain policy and all of the domain controller will be peers.

4.  

In a single forest/single domain design, who is allowed to manipulate the Schema Admins group ? (Choose all that apply)

  1. Members of the Enterprise Admins group

  2. Members of the Domain Admins group

  3. Members of the Administrators group

  4. Members of the Server Operators group

a, b, c. because members of the domain s administrators domain local group have the ability to change the membership of the enterprise admins group, and the domain admins group is a member of the administrators domain local group, members from all three of these groups have the ability to control the schema admins group membership.

5.  

Josh is the manager of a new product group for Zygort Corporation. This product group is responsible for designing equipment that will be used on projects for NASA. NASA has determined that the information that must be shared with Josh s group should not be available to members of any other division within Zygort. Which of the following options best describes the design option that will be used when developing the Active Directory design for Zygort?

  1. Service isolation/new forest

  2. Data isolation/new domain

  3. Service autonomy/new domain

  4. Data autonomy/delegated OU

a. because none of the information will be available to anyone outside of the division, and because service administrators from a forest could potentially have access to the data within an active directory forest, a new forest should be created to completely isolate the project data.

6.  

Michelle has finished the interviews she was holding with the key stakeholders from Quality Test Labs and is now building the conceptual forest design. The organization has three divisions, all autonomous from the others. Because none of the divisions interoperate , they want isolation of their resources. Each division also supports their own administrative staff. A centralized security auditing group will have access to resources in all of the domains within the organization, however. This group will reside in one Active Directory forest, but it will need to have access to resources in each forest. They will be allowed to monitor objects and resources but will not have the rights to make any modifications. Which of the forest structures is being employed?

  1. Organizational forest

  2. Resource forest

  3. Restricted-access forest

  4. Regional forest

c. the restricted-access forest is built when the business units need to be isolated from one another. trust relationships can be built so that resources from one forest are accessible by users from another, but the directory services are completely separate and administered separately.

7.  

Which of the following should be included in the Schema Modification Policy? (Choose all that apply.)

  1. Requirements for planning and testing changes

  2. Identifying who will be able to make the change

  3. How the roll-out schedule will be implemented

  4. Where the changes can be implemented

a, b, c, d. all of these options should be part of the schema modification policy. if any of these components are missing, unnecessary changes could be put into place, or the network could suffer from the implementation.

8.  

Which of the following servers would the service administrators manage?

  1. Domain Controller

  2. Exchange Server

  3. File Server

  4. SQL Server

a. service administrators are responsible for managing the domain controllers and other systems that support the directory service.

9.  

Which of the following services would the data administrators manage?

  1. Domain Controller

  2. Exchange Server

  3. File Server

  4. SQL Server

b, c, d. while service administrators manage the domain controllers, the data administrators will manage other servers within the organization.

10.  

Juan is reviewing the information he has gathered during his interview with the manager of Information Technology. He identified criteria for the upgrade to Active Directory. Exchange Server 2003 is going to be used as the primary e-mail solution. There are also requirements to keep the current administrative staff, but not add any additional staff to support the upcoming technology. The manager also mentioned the company is requiring that the directory service is available at all time. The system will be monitored and the next year s budget will be based on how they meet the requirements of an SLA. Considering this information, what will be the highest priority?

  1. Application Support

  2. High Availability

  3. Obsolescence

  4. Total Cost of Ownership

b. while there are requirements for application support since exchange server 2003 will be added to the infrastructure, and reduced tco has been identified, it appears as though the company is more interested in the availability of the directory service since they are creating an sla for the availability of the directory service and the budget will be based on how well the requirements are met.

Answers

1.  

D. Service administrators are responsible for the Active Directory and making sure that it is available and configured correctly so that users can gain access to the services it provides.

2.  

A. Data administrators are responsible for the administration of the objects within their partition of Active Directory. They could have control over all objects within a domain, or they could be granted control at the OU level.

3.  

A. The single forest/single domain structure is the least costly to administer since all of the administrative functions are handled within the single structure. All of the administration models can still be supported, but you will only have to maintain one domain policy and all of the domain controller will be peers.

4.  

A, B, C. Because members of the domain s Administrators domain local group have the ability to change the membership of the Enterprise Admins group, and the Domain Admins group is a member of the Administrators domain local group, members from all three of these groups have the ability to control the Schema Admins group membership.

5.  

A. Because none of the information will be available to anyone outside of the division, and because service administrators from a forest could potentially have access to the data within an Active Directory forest, a new forest should be created to completely isolate the project data.

6.  

C. The restricted-access forest is built when the business units need to be isolated from one another. Trust relationships can be built so that resources from one forest are accessible by users from another, but the directory services are completely separate and administered separately.

7.  

A, B, C, D. All of these options should be part of the schema modification policy. If any of these components are missing, unnecessary changes could be put into place, or the network could suffer from the implementation.

8.  

A. Service Administrators are responsible for managing the Domain Controllers and other systems that support the directory service.

9.  

B, C, D. While service administrators manage the domain controllers, the data administrators will manage other servers within the organization.

10.  

B. While there are requirements for application support since Exchange Server 2003 will be added to the infrastructure, and reduced TCO has been identified, it appears as though the company is more interested in the availability of the directory service since they are creating an SLA for the availability of the directory service and the budget will be based on how well the requirements are met.