ICT-212 Spring 2022 Final Exam Study Guide
ICT-212 Final Exam Study Guide
Prepare for your ICT-212 Final Exam with our comprehensive quiz designed to test your knowledge on key concepts related to Active Directory and related technologies. This quiz consists of 50 multiple-choice questions, aimed at reinforcing your understanding and helping you identify areas that may need further review.
- Test your knowledge across various topics in ICT.
- Track your progress and readiness for the final exam.
- Get instant feedback on your responses.
Select the specific Windows folder that is a shared folder containing file-based information that is replicated to other domain controllers.
AD Replication folder
SYSVOL folder
System folder
Computer and User accounts folder
If an employee leaves a company, what should happen to any certificates held by that employee that was issued by the company's PKI?
They should be forwarded to the AIA
They should be put on the CRL
They should be included in the CDP
They should be added to the OR
Which of the following is created on the AD FS server that acts as the claims provider in an AD FS deployment?
Federation trust
Attribute store
Claims provider trust
Relying party trust
Which special identity group specifically includes any user account (except the Guest) logged into a computer or domain with a valid username and password?
Anonymous Logon
Authenticated Users
Everyone
System
Which type of CA in the three-level hierarchy is sometimes referred to as a policy CA and issues certificates to issuing CAs?
Offline
Root
Enterprise
Intermediate
What permission is given to the Enterprise Domain Controllers universal group on all GPOs by default, and grants permission to view settings and back up a GPO?
Link GPOs
Edit Settings
Read
Create GPOs
Which of the following scenarios is not ideal for the deployment of a single domain structure?
The domain structure must be simple
The domain structure must be low cost
The domain structure must provide easy management capabilities
The domain structure must be able to utilize different name identities
What configuration tool must be used to create and manage MSAs?
MSA Users console
PowerShell
Command Line
Service Accounts console
When you first create a group, what is the default setting that is applied?
Security group with global scope
Security group with universal scope
Distribution group with universal scope
Distribution group with global scope
You have a network of Windows Server 2016 servers, and you wish to allow remote users the ability to access network applications from any device that supports a Web browser?
Web Application Proxy
Federation Service Proxy
IIS Proxy Server
Web Agents
Select the command that is used to import settings from a backed-up GPO to an existing GPO.
Restore-GPO
Open-GPO
Import-GPO
Select-GPO
If a central store for policy definition files has been created, where should the PolicyDefinitions folder reside?
SYSVOL folder
NETDOM folder
System32 folder
In a shared folder on a DC
An Active Directory object’s security settings are composed of three components, what term is used to refer to these three components?
DACL
Security descriptor
System access
SACL
You have a number of Cisco routers and switches that you wish to secure using IPsec. You want IPsec authentication to use digital certificates. You already have a PKI in place using Certificate Services on Windows Server 2016. What should you install to secure your devices?
NDES role service
Smart Card reader
OCSP
Online Responder
What is the first domain installed in a forest called?
Master domain
Primary tree
Forest root
Global catalog
Which of the following is responsible for assigning a bridgehead server to handle replication for each directory partition?
Domain Naming Master
Infrastructure Master
Knowledge Consistency Checker
Inter-Site Topology Generator
Settings in the Computer Configuration node of Administrative Templates will impact which registry key below?
HKEY_LOCAL_MACHINE
HKEY_LOCAL_USER
HKEY_CURRENT_MACHINE
HKEY_CURRENT_USER
Two users, UserA and UserB, are engaging in secure communication using only asymmetrical encryption. UserA needs to send a secure message to UserB. What occurs first?
UserB sends a shared secret to UserA
UserB sends UserA UserB's public key
UserA sends UserB UserA's private key
UserA sends a secret key to UserB
If using virtual accounts to access the network, how are permissions added to a network resource to allow the virtual account access?
The resource must allow full control to the "Everyone" group
The virtual account must be added to the ACL for the resource
The resource must have proper permissions set for ComputerName$, where ComputerName is the name of the computer attempting to access the resource.
The resource must have the "Enable virtual access" option enabled.
Which of the following best describes an attribute of a certificate that identifies where the CRL for a CA can be retrieved?
Attribute distribution
CRL recovery
CRL enrollment
CRL distribution point
Which of the following is created using a hash algorithm and can be used to verify the authenticity of a document?
Digital signature
Ciphertext
Certificate authority
Public Key Infrastructure
Which of the following is true about the domain functional level?
All DCs and member servers must be running the Windows version that supports the functional level
You must raise the functional level on all DCs
You can have different functional levels within the forest
The domain and forest functional level must be the same
In which LDAP-compatible database are claims values stored?
AD Directory Service
ADMX central store
Attribute store
Claims provider
Select the term used to describe the process, within the context of Active Directory, that allows a person with higher security privileges to assign authority to a person of lesser security privileges to perform certain tasks.
Delegation of control
Authority delegation
Policy control
OU control
How can an administrator remove all audit policy subcategories so that auditing is controlled only by Group Policy?
Auditpol /remove
Auditpol /delete
Auditpol /clear
Auditpol /clean
Which component of a site makes a site link transitive?
Connection object
SMTP
Bridgehead server
Site link bridge
For automatic SPN support, what must the domain functional level be?
Windows Server 2003 or higher
Windows Server 2008 R2 or higher
Windows Server 2012 or higher
Windows Server 2012 R2
Each Group Policy Object is assigned a globally unique identifier (GUID) of what length?
16 bits
32 bits
64 bits
128 bits
You want to configure automatic key archival to ease the burden of managing backup of private keys. What role must you assign to at least one trusted user in the organization?
CPS
OR
KRA
CDP
What is created automatically by the KCC and allows the configuration of replication between sites?
Site link
Bridgehead server
Connection object
Site link bridge
Which of the following statements is true regarding the built-in Guest account?
After Windows installation, the Guest account is enabled by default
The Guest account requires a password
The Guest account should be renamed if it will be used
The Guest account is not included in the Everyone group
How can an administrator enable or disable accounts using the command line?
Use the Enable-ADAccount cmdlet
Use the Disable-ADAccount cmdlet
Use the dsmod user command
Use the chmod user command
What is issued by the root cluster and contains a computer's public key when an AD RMS application is used?
Machine certificate
Client licensor certificate
Rights account certificate
Server licensor certificate
Which type of ticket below is requested by an account when it wants to access a network resource, such as a shared folder?
Shared Access Ticket (SAT)
Service ticket
Ticket Granting Ticket (TGT)
Authentication Ticket
What type of Active Directory replication takes place between domain controllers in the same site?
Local
Multimaster
Intrasite
Intersite
Your company deals with highly confidential information, some of which is transmitted via email among employees. Some documents have been forwarded via email, making the documents more difficult to track. You want to be able to prevent employees from forwarding certain emails. What should you deploy?
EFS
Web SSO
AD RMS
AD CS
What is used to identify all objects in a domain?
PDC
SID
RID
DIR
Which of the following is issued to users when they request access to a rights-protected document?
A new claim
Publishing license
Use license
Client licensor certificate
How often is the password for a computer account changed by Active Directory?
10 days
15 days
30 days
60 days
What folder under Policies within the Computer Configuration Node of a GPO contains the Control Panel, Network, Printers, System, and Windows Component folders?
Software settings
Windows Settings
Administrative Templates
User Configuration
What folder within the Computer Configuration node contains settings related to Event Viewer, File Explorer, Windows PowerShell, and Windows Update?
Control Panel
Network
System
Windows Components
Select below the option that is not one of the three built-in service accounts.
Local Service
Network Service
Local System
Local Operator
A server configured for Web enrollment is referred to as which of the following?
Online responder
Intermediate CA
CA Web proxy
Delta CRL
Which of the following usually includes the user's logon name, group memberships, and other user attributes in an AD FS-enabled network?
Resource
Trust
Claim
Classification
A partition stored on a domain controller in the HQ site isn't being replicated to other sites, but all other partitions on domain controllers in the HQ site are being replicated. The problem partition is stored on multiple domain controllers in HQ. What should you investigate as the source of the problem?
A failed site link bridge
A failed Global Catalog
A manually configured bridgehead server
A manually configured KCC
What is the name of a domain controller on which changes can't be written?
Read only domain controller
Access only domain controller
No write domain controller
Secured domain controller
You have a network that consists of Windows 8.1 and Windows 10 computers as well as some Mac OS and Linux computers. You need to install a PKI using Windows Server 2016 that will be able to issue certificates to all your client computers. What should you install?
Offline intermediate CA
Offline root CA
Online stand-alone CA
Online enterprise CA
By default, how many previous logons are cached locally to a computer?
3
5
7
10
What PowerShell cmdlet below will install the Active Directory Domain Services role?
Add-WindowsFeature ActiveDirectory
Add-WindowsFeature AD-Services
Add-WindowsServices AD-Domain-Services
Add-WindowsFeature AD-Domain-Services
Timestamps within Kerberos are used to help guard against what type of attack?
Spoofing attack
Replay attack
TCP SYN attack
DDOS attack
{"name":"ICT-212 Spring 2022 Final Exam Study Guide", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Prepare for your ICT-212 Final Exam with our comprehensive quiz designed to test your knowledge on key concepts related to Active Directory and related technologies. This quiz consists of 50 multiple-choice questions, aimed at reinforcing your understanding and helping you identify areas that may need further review.Test your knowledge across various topics in ICT.Track your progress and readiness for the final exam.Get instant feedback on your responses.","img":"https:/images/course3.png"}
More Quizzes
MCSA Review Q's - Chapter 21
10534
Quiz 7 computer security
10516
Info Security Chapter 4
201024
Network Security Quiz 3rd Sept 2020
6327
Cryptography and Network Security
1050
Cybersecurity Knowledge Challenge
1058
CRYPTO QUIZ
251226
CRYPTO
24127
Secrypt
251220
Security Plus
191025
Quiz 6
1587
Sophos Certified Technician
743727