Review Questions

Previous page
Table of content
Next page

1.  

Which of the following are security groups scopes that can be used in a Windows 2003 forest? (Choose all that apply.)

  1. Local

  2. Domain Local

  3. Global

  4. Enterprise

a, b, c. security groups are used to organize user accounts, computer accounts, and other types of accounts into manageable units. security groups available in windows 2003 include local, domain local, global, and universal.

2.  

Hallie would like to add a Global security group named Central Accounting to another Global security group called Central Administration. She cannot do this. What could be the reason?

  1. The domain is not operating at a minimum of Windows 2000 Mixed mode functional level.

  2. The domain is not operating at a Windows 2000 Native mode functional level.

  3. The Group Nesting option is not enabled in the forest.

  4. The Central Accounting group is in domain that is not operating at Windows 2003 functional level.

b. you can only nest global security groups if your domain is running in a windows 2000 native mode or higher forest functional level.

3.  

You would like to create a group in which the users and computers that need access to a resource will be made members . What type of group will you create?

  1. User list group

  2. Access control list

  3. Resource group

  4. Account group

d. an account group is a security group that contains the user accounts and computer accounts that have a common access requirement to a resource.

4.  

What type of group would you create if you want to define access to a new print device on your network?

  1. Resource group

  2. Account croup

  3. Access control group

  4. Principal group

a. a resource group is a security group that is added to the discretionary access control list for a resource.

5.  

You are the network administrator of a small network that consists of about 30 users. You define access to all resources on the network by assigning permissions to the individual users who need access to each resource. What type of resource authorization method does this describe?

  1. Role-based authorization method

  2. Account group/DACL method (AG/DACL)

  3. User/DACL method

  4. Account group/Resource group method (AG/RG)

c. in a small environment, the account/dacl method of resource authorization is acceptable. in this environment, you define access to a resource by adding individual user accounts to the dacl of a resource.

6.  

When designing an access control strategy for your network, you define access to printers by groups. You create a group for each printer on your network. When adding new users to your network, you add the user to the Account groups that are needed by that user, then add them to the Printer groups so that they have access to printers without changing the DACL on each individual printer. What type of resource authorization method is this an example of?

  1. Role-based authorization method

  2. Account group/DACL (AG/DACL)

  3. User/DACL method

  4. Account group/Resource group (AG/RG)

d. the ag/rg authorization method is often used in large environments to make administration easier. when defining access by account groups and resource groups, you can save time by defining access to resources by groups, rather than by adding individual users or groups to the dacl of the resource.

7.  

By default, what security groups have the ability to create security groups and delegate group object permissions? (Choose all that apply.)

  1. Domain Admins

  2. Enterprise Admins

  3. Domain Local Admins

  4. Account Operators

a, b, d. by default, the members of domain admins, enterprise admins, and account operators have the ability to create group objects and delegate group object permissions.

8.  

Which of the following are group types in Active Directory? (Choose all that apply.)

  1. Security

  2. User

  3. Computer

  4. Distribution

a, d. there are two group types within active directory: security and distribution. you should create groups based what the group will be used for. distribution groups are used for e-mail. an e-mail program such as microsoft exchange server can use distribution groups as distribution lists once they have been mail-enabled. security groups are used to organize users and grant them access to objects and resources. security groups can be mail-enabled and used for distribution purposes. you will create security groups to allow users with the same resource access needs to be grouped together.

9.  

When designing the group naming strategy, which of the following criteria should be part of the group name ? (Choose all that apply.)

  1. Group purpose

  2. Group permission

  3. Group scope

  4. Group owner

a, c, d. the three criteria that make up a functional naming strategy that will allow an administrator to easily locate the group within active directory and understand what the group is used for are the group s scope, purpose, and owner.

10.  

You are naming your groups according to their scope. Which of the following security groups could be used when a domain is in the Windows Server 2003 functional level? (Choose all that apply.)

  1. L-Chi-HRFiles

  2. DL-Chi-RDPrint

  3. G-Miami-MedRecords

  4. U-Acct

a, b, c, d. all of the options are correct because the domain is in a windows server 2003 functional level. they would also be available in the windows 2000 native mode functional level.

Answers

1.  

A, B, C. Security groups are used to organize user accounts, computer accounts, and other types of accounts into manageable units. Security groups available in Windows 2003 include Local, Domain Local, Global, and Universal.

2.  

B. You can only nest Global security groups if your domain is running in a Windows 2000 Native mode or higher forest functional level.

3.  

D. An Account group is a security group that contains the User accounts and Computer accounts that have a common access requirement to a resource.

4.  

A. A Resource group is a security group that is added to the discretionary access control list for a resource.

5.  

C. In a small environment, the account/DACL method of resource authorization is acceptable. In this environment, you define access to a resource by adding individual user accounts to the DACL of a resource.

6.  

D. The AG/RG authorization method is often used in large environments to make administration easier. When defining access by Account groups and Resource groups, you can save time by defining access to resources by groups, rather than by adding individual users or groups to the DACL of the resource.

7.  

A, B, D. By default, the members of Domain Admins, Enterprise Admins, and Account Operators have the ability to create group objects and delegate group object permissions.

8.  

A, D. There are two group types within Active Directory: security and distribution. You should create groups based what the group will be used for. Distribution groups are used for e-mail. An e-mail program such as Microsoft Exchange Server can use distribution groups as distribution lists once they have been mail-enabled. Security groups are used to organize users and grant them access to objects and resources. Security groups can be mail-enabled and used for distribution purposes. You will create security groups to allow users with the same resource access needs to be grouped together.

9.  

A, C, D. The three criteria that make up a functional naming strategy that will allow an administrator to easily locate the group within Active Directory and understand what the group is used for are the group s scope, purpose, and owner.

10.  

A, B, C, D. All of the options are correct because the domain is in a Windows Server 2003 functional level. They would also be available in the Windows 2000 Native mode functional level.



Previous page
Table of content
Next page
MCSE
MCSE: Windows Server 2003 Active Directory and Network Infrastructure Design Study Guide (70-297)
ISBN: 0782143210
EAN: 2147483647
Year: 2004
Pages: 159
Authors: Brad Price, Sybex
BUY ON AMAZON
A Practitioners Guide to Software Test Design
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Ruby Cookbook (Cookbooks (OReilly))
Sap Bw: a Step By Step Guide for Bw 2.0
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy