Configure CRL distribution points
Install and configure Online Responder
Implement administrative role separation
Configure CA Disaster recovery
Manage certificates
Manage certificate templates
Implement and manage certificate deployment, validation, and revocation
Manage certificate renewal
Manage certificate enrollment and renewal to computers and users using Group Policies
Configure and manage key archival and recovery
Manage trust between organizations including Certificate Trust List (CTL)
Managing Cross certifications and bride CAs
Monitoring CA Health
Install and Configure Active Directory Federation Services (AD FS), Chapter 22
Implement claims-based authentication including Relying Party Trusts
Configure authentication policies
Configure Workplace Join
Configure multi-factor authentication
Install and configure Active Directory Rights Management Services (AD RMS), Chapter 22
Install a licensing or certificate AD RMS server
Manage AD RMS Service Connection Point (SCP)
Manage RMS templates
Configure Exclusion Policies
Backup and restore AD RMS
Assessment Test
1. Which of the following is a valid role for a Windows Server 2012 R2 computer?
A. Stand-alone server
B. Member server
C. Domain controller
D. All of the above
2. Which of the following is a benefit of using Active Directory? (Choose all that apply.)
A. Hierarchical object structure
B. Fault-tolerant architecture
C. Ability to configure centralized and distributed administration
D. Flexible replication
3. Which of the following features of the Domain Name System (DNS) can be used to improve performance? (Choose all that apply.)
A. Caching-only servers
B. DNS forwarding
C. Secondary servers
D. Zone delegation
4. Which of the following pieces of information should you have before you begin the Active Directory Installation Wizard? (Choose all that apply.)
A. Active Directory domain name
B. Administrator password for the local computer
C. NetBIOS name for the server
D. DNS configuration information
5. An Active Directory environment consists of three domains. What is the maximum number of sites that can be created for this environment?
A. Two
B. Three
C. Nine
D. Unlimited
6. Which of the following is not a valid Active Directory object?
A. User
B. Group
C. Organizational unit
D. Computer
E. None of the above
7. Which of the following is not considered a security principal?
A. Users
B. Security groups
C. Distribution groups
D. Computers
8. Which of the following should play the least significant role in planning an OU structure?
A. Network infrastructure
B. Domain organization
C. Delegation of permissions
D. Group Policy settings
9. How can the Windows Server 2012 R2 file and printer resources be made available from within Active Directory?
A. A system administrator can right-click the resource and select Publish.
B. A system administrator can create Printer and Shared Folder objects that point to these resources.
C. The Active Directory Domains and Trusts tool can be used to make resources available.
D. Only resources on a Windows 2000 or newer server can be accessed from within Active Directory.
10. The process by which a higher-level security authority assigns permissions to other administrators is known as which of the following?
A. Inheritance
B. Delegation
C. Assignment
D. Trust
11. What is the minimum amount of information you need to create a Shared Folder Active Directory object?
A. The name of the share
B. The name of the server
C. The name of the server and the name of the share
D. The name of the server, the server’s IP address, and the name of the share
12. Which of the following operations is not supported by Active Directory?
A. Assigning applications to users
B. Assigning applications to computers
C. Publishing applications to users
D. Publishing applications to computers
13. Which of the following filename extensions is used primarily for Windows Installer setup programs?
A.msi
B.mst
C.zap
D.aas
14. A system administrator wants to allow a group of users to add computer accounts to a specific organizational unit (OU). What is the easiest way to grant only the required permissions?
A. Delegate control of a user account
B. Delegate control at the domain level
C. Delegate control of an OU
D. Delegate control of a computer account
E. Create a Group Policy object (GPO) at the OU level
15. A Group Policy object (GPO) at the domain level sets a certain option to Disabled, while a GPO at the OU level sets the same option to Enabled. All other settings are left at their default. Which setting will be effective for objects within the OU?
A. Enabled
B. Disabled
C. No effect
D. None of the above
16. Which of the following tools can be used to create Group Policy object (GPO) links to Active Directory?
A. Active Directory Users and Computers
B. Active Directory Domains and Trusts
C. Active Directory Sites and Services
D. Group Policy Management Console
17. To test whether a DNS server is answering queries properly, you can use which of the following tools?
A.