Unlock hundreds more features
Save your Quiz to the Dashboard
View and Export Results
Use AI to Create Quizzes and Analyse Results

OR
Sign inSign in with Facebook
Sign inSign in with Google
Quizzes > Computers & IT

Active Directory quiz with cloud computing basics

Quick, free Active Directory test plus cloud basics check. Instant results.

Editorial: Review CompletedCreated By: Model BattleUpdated Aug 23, 2025
Difficulty: Moderate
2-5mins
Learning OutcomesCheat Sheet
Paper art shows folders and cloud icons linked by lines illustrating Active Directory and cloud systems on teal background

This quiz helps you check your practical knowledge of Active Directory and cloud computing for real projects. Tackle questions on users, groups, sign-in, identity, and deployments, then deepen prep with a cloud computing practice test, an active directory test, or an active directory skills quiz.

Which protocol is primarily used by Active Directory for directory queries?
LDAP
Kerberos
DNS
RPC
Active Directory uses the Lightweight Directory Access Protocol (LDAP) for directory queries and updates. LDAP is an open and industry-standard application protocol. It operates directly over TCP/IP and is the default protocol for directory service communication in AD.
What is the default port number for unsecured LDAP communication?
389
88
135
636
LDAP uses TCP port 389 by default for unsecured directory access. Secure LDAP (LDAPS) typically uses port 636. Port 88 is used by Kerberos, and 135 is for RPC endpoint mapping.
What is the primary function of a domain controller in Active Directory?
Store and manage the Active Directory database
Provide email services
Serve as a file backup server
Host user home directories
A domain controller is a server that hosts the Active Directory database (NTDS.dit) and provides authentication and directory lookup services. It also replicates directory data to other domain controllers to ensure consistency. Domain controllers secure and manage user access to resources in the domain.
Which cloud service model provides virtualized computing resources over the Internet but leaves OS management to the customer?
Function as a Service (FaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
IaaS delivers virtualized infrastructure resources - such as virtual machines, storage, and networking - over the Internet. Customers install and manage the operating system, middleware, and applications. PaaS and SaaS abstract more of the stack, while FaaS provides event-driven compute.
Which cloud service model allows developers to deploy applications without managing the underlying servers?
Database as a Service (DBaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Software as a Service (SaaS)
PaaS provides a managed platform, including operating system, runtime, and middleware, allowing developers to focus on application code. Servers, networking, and storage are abstracted away. IaaS requires customers to manage VMs and OS configurations, while SaaS offers complete applications.
What best describes a public cloud deployment model?
Services are delivered over the Internet and shared among multiple tenants
A private data center managed by a third party
Resources are dedicated on-premises to a single organization
A hybrid of private and public cloud with on-premise control
Public clouds offer services over the Internet and share physical resources among multiple customers (multi-tenant). They provide scalability and cost efficiency. Private clouds are dedicated to one organization, while hybrid clouds combine both models.
Which technology allows multiple virtual machines to run on a single physical server?
Deduplication
Clustering
Containerization
Virtualization
Virtualization uses a hypervisor to create multiple isolated virtual machines on one physical server. Each VM runs its own OS and applications. Containerization shares the OS kernel but isolates applications, while clustering links multiple servers for high availability.
What is Azure Active Directory primarily used for?
Hosting virtual networks
File storage
Identity and access management for cloud resources
Database hosting
Azure Active Directory is Microsoft's cloud-based identity and access management service. It provides single sign-on, multifactor authentication, and conditional access for applications. It is distinct from on-premises AD but can integrate with it.
Which component in Active Directory is used to enforce user and computer settings?
Global Catalog
Site Link
Group Policy Object
Organizational Unit
Group Policy Objects (GPOs) contain settings that administrators can apply to users and computers in a domain or OU. OUs are containers for objects but do not enforce settings by themselves. Global Catalogs handle searches, and site links manage replication.
How many Flexible Single Master Operations (FSMO) roles exist in an Active Directory forest?
Three
Six
Five
Four
An Active Directory forest has five FSMO roles: Schema Master, Domain Naming Master, RID Master, PDC Emulator, and Infrastructure Master. These roles handle tasks that must be performed by a single domain controller.
What is the purpose of a Global Catalog server in Active Directory?
Provide a searchable catalog of all objects in the forest
Authenticate external users
Manage group policies
Host DNS zones
A Global Catalog server holds a partial replica of every object in the forest, enabling forest-wide searches. It improves logon and directory search performance across domains. It does not host DNS zones or directly manage GPOs.
Which component automatically creates replication connections between domain controllers?
Group Policy Engine
Knowledge Consistency Checker (KCC)
Domain Naming Master
DFS Replication
The Knowledge Consistency Checker (KCC) runs on each domain controller to generate and maintain the replication topology. It ensures efficient and consistent replication paths without manual configuration.
What is an Organizational Unit (OU) in Active Directory primarily used for?
Authentication protocol
Physical network segment
Logical container to group and manage objects
Replication schedule
An Organizational Unit is a container object that administrators use to organize users, groups, computers, and other OUs. It simplifies delegation of administrative control and application of Group Policy. OUs do not represent physical network segments or protocols.
Which group scope can contain members from any domain and be used to assign permissions in any domain?
Local group
Domain Local group
Global group
Universal group
Universal groups can include users and groups from any domain in the forest and can be granted permissions in any domain. Global groups are limited to their own domain, and domain local groups can only grant permissions within their domain.
In Group Policy processing, which container has the highest precedence?
Site
Local policy
Domain
Organizational Unit
Group Policy is processed in the order: Local, Site, Domain, then Organizational Unit. The last applied GPO takes precedence, so OU-level policies override domain and site policies.
Which trust type is transitive and automatically created between domains in the same forest?
Intra-forest (parent-child) trust
Shortcut trust
Realm trust
External trust
Domains in the same forest automatically form transitive, two-way parent-child trusts, enabling seamless authentication across the forest. External and realm trusts connect separate forests or Kerberos realms, while shortcut trusts are manually created.
Which service account type in Windows provides automatic password management and simplified SPN management?
Managed Service Account
Domain Admin
Network Service
Local System
Managed Service Accounts (MSAs) in Windows are domain accounts that automatically rotate passwords and manage Service Principal Names (SPNs). They simplify service isolation and management. Local System and Network Service are built-in accounts with different scopes.
What is the primary function of Azure AD Connect?
Manage Azure VM deployments
Backup on-premises Active Directory
Synchronize on-premises AD objects to Azure AD
Monitor Azure AD health
Azure AD Connect synchronizes user and group objects, password hashes, and other directory data from on-premises AD to Azure AD. It enables hybrid identity scenarios such as single sign-on. It does not handle VM deployments or backups.
What is the purpose of a Kerberos Ticket Granting Ticket (TGT)?
Grant database access
Allow users to request service tickets without re-entering credentials
Authorize DNS updates
Encrypt LDAP traffic
A TGT is issued by the Key Distribution Center after initial authentication and lets users request service tickets for various resources without re-entering credentials. It improves performance and security in Kerberos authentication.
Which Group Policy Object has the highest processing priority when multiple GPOs are linked to an Organizational Unit?
The GPO with the highest link order number
The GPO linked at the domain level
The GPO with the lowest link order number
Local Group Policy
Within an OU, GPOs are processed in link order from lowest to highest. A lower link order (higher priority) GPO is applied last and can overwrite settings from GPOs with higher link order numbers.
How does Active Directory Sites and Services help optimize replication?
By defining physical network boundaries to control replication traffic
By caching DNS queries
By limiting the number of domain controllers
By encrypting replication packets
Sites in Active Directory represent physical network locations. Configuring sites and subnets directs replication traffic over preferred links and schedules to optimize bandwidth usage. Encryption and DC count are managed separately.
Which PowerShell cmdlet creates a new Active Directory user account?
New-ADUser
Set-ADUser
Create-ADUser
Add-ADAccount
The New-ADUser cmdlet in the ActiveDirectory module creates a new user object in Active Directory. Set-ADUser modifies existing accounts, and there are no Add-ADAccount or Create-ADUser cmdlets.
Which Azure Active Directory license is required to create and enforce Conditional Access policies?
Azure AD Free
Azure AD Basic
Azure AD Premium P1
Azure AD Premium P2
Conditional Access requires at least Azure AD Premium P1. The Free and Basic tiers do not include conditional access, while P2 adds identity protection and governance features.
What is the role of Azure Resource Manager (ARM) in Azure?
Provide database services
Deploy and manage resources through templates and APIs
Host virtual machines
Monitor network performance
Azure Resource Manager is the deployment and management service that uses JSON templates and APIs to provision and organize resources. It provides role-based access control, tagging, and grouping. Other services handle databases, networking, and compute.
Which port must be open on your firewall to allow Azure AD Connect to synchronize with Azure AD?
443 (HTTPS)
88 (Kerberos)
636 (LDAPS)
389 (LDAP)
Azure AD Connect uses HTTPS over port 443 to communicate securely with Azure AD endpoints. LDAP and LDAPS ports are used for on-premises AD, and Kerberos uses port 88.
Which role in Azure AD grants full access to all administrative features in the directory?
Global Administrator
Application Administrator
Security Reader
User Administrator
The Global Administrator role has unrestricted access to all Azure AD administrative features. User, Security Reader, and Application Administrator roles have more limited scopes.
What is the minimum domain functional level required to support Fine-Grained Password Policies in Active Directory?
Windows Server 2012
Windows Server 2008
Windows Server 2016
Windows Server 2003
Fine-Grained Password Policies were introduced in Windows Server 2008 domain functional level. This feature allows administrators to apply different password and lockout settings to different user sets. Higher levels also support it.
In Active Directory Sites and Services, which object maps IP subnets to sites?
SiteLink
SiteLinkBridge
Bridgehead server
Subnet object
Subnet objects in Active Directory Sites and Services associate network IP address ranges with specific sites. This mapping enables clients to locate domain controllers in their nearest site. SiteLinks define replication paths, and bridgehead servers manage cross-site replication.
Which command-line tool forces replication between domain controllers in Active Directory?
repadmin /syncall
netdom replicate
dcdiag /replicate
adprep /replicate
The repadmin /syncall command forces replication across all partitions and domain controllers according to the replication topology. It is the standard tool for troubleshooting and managing AD replication.
Where is the Active Directory database file (ntds.dit) located by default on a domain controller?
%SystemRoot%\System32
%SystemRoot%\NTFRS
C:\ADDB
%SystemRoot%\NTDS
By default, the Active Directory database file (ntds.dit) is stored in the %SystemRoot%\NTDS folder on domain controllers. The NTFRS folder is for File Replication Service, while System32 holds system binaries.
Which component is responsible for automatically generating and maintaining the replication topology in Active Directory?
Replication Topology Manager
Site Link Service
Knowledge Consistency Checker (KCC)
Directory Service Agent
The Knowledge Consistency Checker (KCC) automatically generates and adjusts the replication topology within and between sites. It runs every 15 minutes by default to ensure connectivity and efficiency. Other components do not perform this function.
0
{"name":"Which protocol is primarily used by Active Directory for directory queries?", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Which protocol is primarily used by Active Directory for directory queries?, What is the default port number for unsecured LDAP communication?, What is the primary function of a domain controller in Active Directory?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}

Study Outcomes

  1. Understand Core Active Directory Concepts -

    Gain clarity on AD architecture, objects, and domain controllers to build a solid directory services foundation.

  2. Analyze Cloud Integration Scenarios -

    Assess how on-premises Active Directory interacts with cloud platforms to optimize hybrid identity solutions.

  3. Evaluate Authentication and Authorization Methods -

    Compare AD, Azure AD, and single sign-on workflows to ensure secure access management in diverse environments.

  4. Apply Security Best Practices -

    Implement key strategies for safeguarding directory information and cloud resources against common threats.

  5. Troubleshoot AD and Cloud Connectivity Issues -

    Identify and resolve typical problems involving replication, synchronization, and network communication.

  6. Demonstrate Confidence in AD and Cloud Skills -

    Showcase your knowledge with real-time question feedback, helping you pinpoint strengths and areas for improvement.

Cheat Sheet

  1. Understanding AD DS Hierarchy -

    Active Directory Domain Services follow a hierarchical model of forest, domain, and organizational units (OUs), organizing resources and policies effectively. A handy mnemonic is "For Dogs, Our Units" (Forest → Domain → OU → Objects) to boost recall when studying for your Active Directory quiz.

  2. Kerberos Authentication Mechanics -

    Kerberos in AD uses Ticket Granting Tickets (TGTs) and service tickets to authenticate users without sending passwords over the network, enhancing security (RFC 4120). Remember the basic exchange: C→AS: IDc, IDtgs, TS; AS→C: {Kc,tgs, TS}Kc; it's a formula you'll love to ace in cloud computing trivia.

  3. Hybrid Identity with Azure AD Connect -

    Azure AD Connect syncs on-prem AD objects to Azure AD, enabling single sign-on across cloud services; choose Password Hash Sync for simplicity or Pass-Through Authentication for real-time validation. This integration pattern is a core concept in any AD and cloud knowledge test.

  4. Designing Group Policies and RBAC -

    Group Policy Objects (GPOs) in AD enforce security settings and configurations at OU or domain levels, while Role-Based Access Control (RBAC) in Azure assigns granular permissions. Use the "Least Privilege First" mantra to remember that minimal permissions reduce risk and score points on your online tech quiz.

  5. Monitoring and Logging in AD and Cloud -

    Track Event ID 4625 for failed logons in Windows Security Logs and use Azure Monitor with Log Analytics to query metrics via Kusto Query Language (KQL). Setting up proactive alerts helps you spot anomalies fast and shine in any Active Directory Cloud Computing Quiz.

Make a Quiz (FREE) Copy & Edit This Quiz Create a Quiz with AI

Computers & IT Quizzes

Powered by: Quiz Maker