AZ-800 QUESTIONS AND ANSWERS SOLUTION GRADE A+ GRANTEED
7 views 0 purchase
Course
AZ-800
Institution
AZ-800
Guarded Fabric
in Hyper-V is a security solution that protects VMs against unwarranted inspection, theft, and tampering from either malware or malicious system administrators.
Domain controller
A domain controller contains a copy of the AD DS database. For most operations, each domain controller...
AZ-800 QUESTIONS AND ANSWERS
SOLUTION GRADE A+ GRANTEED
Guarded Fabric
in Hyper-V is a security solution that protects VMs against
unwarranted inspection, theft, and tampering from either malware or
malicious system administrators.
Domain controller
A domain controller contains a copy of the AD DS database. For most
operations, each domain controller can process changes and replicate
the changes to all the other domain controllers in the domain.
Data store
A copy of the data store exists on each domain controller. The AD DS
database uses Microsoft Jet database technology and stores the
directory information in the Ntds.dit file and associated log files.
The C:\Windows\NTDS folder stores these files by default.
Global catalog server
A global catalog server is a domain controller that hosts the global
catalog, which is a partial, read-only copy of all the objects in a
multiple-domain forest. A global catalog speeds up searches for
objects that might be stored on domain controllers in a different
domain in the forest.
Read-only domain controller (RODC)
An RODC is a special, read only installation of AD DS. RODCs are
common in branch offices where physical security is not optimal, IT
support is less advanced than in the main corporate centers, or line-
of-business applications need to run on a domain controller.
Site
A site is a container for AD DS objects, such as computers and
services that are specific to a physical location. This is in
comparison to a domain, which represents the logical structure of
objects, such as users and groups, in addition to computers.
Subnet
A subnet is a portion of the network IP addresses of an organization
assigned to computers in a site. A site can have more than one subnet.
AD DS forest
A forest is a top-level container in AD DS. Each forest is a
collection of one or more domain trees that share a common directory
schema and a global catalog.
Parent and child Trust Relationship
,When you add a new AD DS domain to an existing AD DS tree, you create
new parent and child trusts.
Tree-root Trust Relationship
When you create a new AD DS tree in an existing AD DS forest, you
automatically create a new tree-root trust.
External Trust Relationship
External trusts enable resource access with a Windows NT 4.0 domain
or an AD DS domain in another forest. You also can set these up to
provide a framework for a migration.
Realm Trust Relationship
Realm trusts establish an authentication path between a Windows
Server AD DS domain and a Kerberos version 5 (v5) protocol realm that
implements by using a directory service other than AD DS.
Forest (complete or selective) Trust Relationship
Trusts between AD DS forests allow two forests to share resources.
Shortcut Trust Relationship
Configure shortcut trusts to reduce the time taken to authenticate
between AD DS domains that are in different parts of an AD DS forest.
No shortcut trusts exist by default, and an administrator must create
them if they are required.
Windows Admin Center
Windows Admin Center is a web-based console that you can use to
manage server computers and computers that are running Windows 10.
Typically, you use Windows Admin Center to manage servers instead of
using Remote Server Administration Tools (RSAT).
Are you installing a new forest, a new tree, or an additional domain
controller for an existing domain?
Answering this question determines what additional information you
might need, such as the parent domain name.
What is the Domain Name System (DNS) name for the AD DS domain?
When you create the first domain controller for a domain, you must
specify the fully qualified domain name (FQDN). When you add a domain
controller to an existing domain or forest, you use the existing
domain name.
Which level will you choose for the forest functional level?
The forest functional level determines the available forest features
and the supported domain controller operating system (OS). This also
sets the minimum domain functional level for the domains in the
forest.
Which level will you choose for the domain functional level?
The domain functional level determines the domain features that will
be available and the supported domain controller operating systems.
Will the domain controller be a DNS server?
, You can install the DNS role as part of the domain controller
deployment.
Will the domain controller host the global catalog?
This option is selected by default.
Will the domain controller be a read-only domain controller (RODC)?
This option is not available for the first domain controller in a
forest.
What will be the Directory Services Restore Mode (DSRM) password?
This is necessary for restoring AD DS database objects from a backup.
What is the NetBIOS name for the AD DS domain?
When you create the first domain controller for a domain, you must
specify the NetBIOS name for the domain.
Where will the database, log files and SYSVOL folders be created?
By default, the database and log files folder is located at
C:\Windows\NTDS. By default, the SYSVOL folder is located at
C:\Windows\SYSVOL.
Install a domain controller on a Server Core installation of Windows
Server
A Windows Server computer that is running a Server Core installation
doesn't have the Server Manager graphical user interface (GUI).You
can use Windows Admin Center, Server Manager, Windows PowerShell, or
Remote Server Administration Tools (RSAT) installed on any supported
version of Windows Server that has the Desktop Experience feature, or
any supported Windows client such as Windows 10.
Install a domain controller from media
You can create an AD DS backup (perhaps to a USB drive) and take this
backup to the remote location. When you're at the remote location and
run Server Manager to install AD DS, you can select the Install from
media option. Most of the copying occurs locally. In this scenario,
the WAN link transfers only security-related traffic and AD DS
changes following the backup. The WAN link also helps ensure that the
new domain controller receives any changes made to the central AD DS
after you created the Install from media backup.
Nonauthoritative restore
This type of restore is useful when the directory on a domain
controller has been damaged or corrupted, but the problem has not
spread to other domain controllers.this will not enable you to
recover an object you deleted after the backup took place, if that
deletion has replicated to other domain controllers. If you restore a
known good version of AD DS and restart the domain controller, the
deletion that happened after the backup took place will simply
replicate back to the domain controller.
Authoritative restore
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller munyuabeatrice92. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.99. You're not tied to anything after your purchase.
