CNIT 242 EXAM QUESTIONS & ANSWERS
According to lecture, ___ days is typically the optimal duration between password
changes.
90
The two basic parts of authentication are usernames and passwords
False, the two basic parts of authentication are identity and proof of identity
RADIUS is typically only used for authentication to network equipment for configuration
purposes and terminal access
False, RADIUS is typically used to authenticate to network access devices to gain
network access
Authentication is the process of determining what users should be able to do
False, Authorization is the process of determining what users should be able to do
Read, write and execute are examples of file system permissions
True
The number one rule of passwords is: Do not write them down
True
The Kerberos protocol operates using a 6-step process. Steps 3 and 4 involve
communication with a Ticket Granting Server
True
Access Control Lists provide one method of authentication
False, Access Control Lists provide a means of authorization
In an enterprise environment, it is best to assign permissions to individual users
False, it is best to assign permissions to groups and place the applicable user(s) in the
group
, A location in a directory can be either absolute or relative. If a location is relative, the
starting location is known as the___
Context
You can install Active Directory on Windows Server without having an existing DNS
server or installing a new DNS server
False, A DNS server that supports dynamic updates is required to implement Active
Directory
Directories are hierarchical in nature
True
The order of scale, from smallest to largest, in an Active Directory is...
Subnet, Site, Domain, Forest
The tool used to rename a domain is:
There is none, you cannot rename a domain
When placing users in groups for use in ACLs, the users should be placed in what type
of group?
Security Group, because only these groups can be used in ACLs
Which of the following is not a reason to implement directory services rather than relying
on individual machine accounts?
A. Enable two-factor authentication
B. Reduce the number of accounts and passwords to manage
C. Provide a single point of administration
D. Make it easier to assign/move permissions and rights to users
A. Enable two-factor authentication
FSMO (Flexible Single Master Operation) roles are replicated to all domain controllers
False
Active Directory supports this ISO standard for directory access
According to lecture, ___ days is typically the optimal duration between password
changes.
90
The two basic parts of authentication are usernames and passwords
False, the two basic parts of authentication are identity and proof of identity
RADIUS is typically only used for authentication to network equipment for configuration
purposes and terminal access
False, RADIUS is typically used to authenticate to network access devices to gain
network access
Authentication is the process of determining what users should be able to do
False, Authorization is the process of determining what users should be able to do
Read, write and execute are examples of file system permissions
True
The number one rule of passwords is: Do not write them down
True
The Kerberos protocol operates using a 6-step process. Steps 3 and 4 involve
communication with a Ticket Granting Server
True
Access Control Lists provide one method of authentication
False, Access Control Lists provide a means of authorization
In an enterprise environment, it is best to assign permissions to individual users
False, it is best to assign permissions to groups and place the applicable user(s) in the
group
, A location in a directory can be either absolute or relative. If a location is relative, the
starting location is known as the___
Context
You can install Active Directory on Windows Server without having an existing DNS
server or installing a new DNS server
False, A DNS server that supports dynamic updates is required to implement Active
Directory
Directories are hierarchical in nature
True
The order of scale, from smallest to largest, in an Active Directory is...
Subnet, Site, Domain, Forest
The tool used to rename a domain is:
There is none, you cannot rename a domain
When placing users in groups for use in ACLs, the users should be placed in what type
of group?
Security Group, because only these groups can be used in ACLs
Which of the following is not a reason to implement directory services rather than relying
on individual machine accounts?
A. Enable two-factor authentication
B. Reduce the number of accounts and passwords to manage
C. Provide a single point of administration
D. Make it easier to assign/move permissions and rights to users
A. Enable two-factor authentication
FSMO (Flexible Single Master Operation) roles are replicated to all domain controllers
False
Active Directory supports this ISO standard for directory access
