Windows Server Quiz

The following Quiz comprises multiple choice questions which tests the knowledge of a user in various areas of Windows Server administration.

Windows Server Quiz


Ready for the Quiz? Click Play button below to get started.

Windows Server Quiz

Question 1 of 50.

Which of the following would you configure if you wanted to block computers running Windows 7 and earlier operating systems from consuming AD RMS-protected content?

1. Exclusion policies
2. Super Users
3. Trusted publishing domain
4. Trusted user domain

You configure an exclusion policy based on the lockbox to block AD RMS clients running particular operating systems (such as Windows 7)

Question 2 of 50.

Which of the following utilities can be used to monitor the most recent stage of Active Directory replication?

1. Dcdiag.exe
2. Repadmin.exe
3. Netdiag.exe
4. Dfsrmig.exe

The repadmin.exe utility is used to monitor Active Directory replication

Question 3 of 50.

Which of the following services would you restart on a domain controller if you wanted to trigger a re-registration of the domain controller’s _ldap and _kerberos SRV records?

1. Server
2. Workstation
3. Netlogon
4. DNS Server

Restarting the Netlogon service will trigger a re-registration of the domain controller’s _ldap and _kerberos SRV records.

Question 4 of 50.

What operator tests column for the absence of data in SQL?

1. EXISTS operator
2. NOT operator
3. IS NULL operator
4. None of these

IS NULL operators checks if a data is available or not

Question 5 of 50.

Port number used by Network Time Protocol (NTP) with UDP is?

1. 121
2. 123
3. 161
4. 143

Port number used by Network Time Protocol with UDP is 123.

Question 6 of 50.

Delegation of Control allows you to take control of Active Directory objects.

TRUE
FALSE

Delegation of Control is used when you want to allow any user to take control of Active Directory objects.

Question 7 of 50.

Which of the following is first fully supported 64 bit Operating system?

Mac OS
Linux
Windows XP
Windows Vista

Linux became the first OS kernel to fully support x86-64 in year 2001.

Question 8 of 50.

You are about to promote a server running the Windows Server 2012 R2 operating system to domain controller.

The domain is currently running at the Windows Server 2008 domain functional level. Which groups should your account be a member of to ensure that the environment is appropriately configured for this domain controller running Windows Server 2012 R2?

1. Account Operators
2. Server Operators
3. Backup Operators
4. Enterprise Admins

An account used to promote a server running Windows Server 2012 to function as a Domain Controller must be a member of the Schema Admins and Enterprise Admins groups so that the existing Active Directory schema can be updated.

Question 9 of 50.

In which of the following scenarios might you need to upgrade SYSVOL replication from FRS to DFSR?

1. The frst domain controllers installed in the domain were running Windows Server 2003
2. The frst domain controllers installed in the domain were running Windows Server 2008
3. The frst domain controllers installed in the domain were running Windows Server 2008 R2
4. The frst domain controllers installed in the domain were running Windows Server 2012

Domains where the domain controllers were initially running Windows Server 2000 or Windows Server 2003 may still use FRS for SYSVOL replication.

Question 10 of 50.

You cannot create a folder with name "CON" in Windows

TRUE
FALSE

CON is a reserved keyword for Console and cannot be used while creating a folder

Question 11 of 50.

Which of the following security groups can have their passwords replicated to an RODC by default?

1. Event Log Readers
2. Account Operators
3. Backup Operators
4. Server Operators

Members of the Event Log Readers group can have their passwords replicated to an RODC by default

Question 12 of 50.

Which permission should you assign on a CA to a group of users that you want to allow to alter the list of recovery agents?

1. Read
2. Issue Certificates
3. Manage CA
4. Request Certificates

The Manage CA permission allows users to alter the list of recovery agents

Question 13 of 50.

What is the port number of DNS?

1. TCP 53
2. UDP 53
3. TCP/UDP 53
4. None of above

DNS uses both TCP 53 as well as UDP 53. TCP 53 is used during zone transfer and UDP 53 is used during name resolution.

Question 14 of 50.

Your organization has not configured a reverse lookup zone in DNS and management does not believe one must be configured in the future.

Errors are occurring because DHCP clients are attempting to register records in the reverse lookup zone. Which of the following settings would you change on the DHCP server to stop these errors from occurring?

1. Discard A and PTR records When Lease is Deleted
2. Dynamically Update DNS Records For DHCP Clients That Do Not Request Updates
3. Enable DHCP Name Protection
4. Disable Dynamic Updates For DNS PTR Records

By setting Disable Dynamic Updates For DNS PTR Records, you stop the creation of and updating of PTR records

Question 15 of 50.

IPv6 address is:

1. 128-bit
2. 64-bit
3. 32-bit
4. 256-bit

IPv6 addresses are 128-bit hexadecimal numbers. The IPv4 addresses we are all used to seeing are made up of four numerical octets that combine to form a 32-bit address

Question 16 of 50.

Active Directory Rights Management Services are designed to complete control of all documents stored in RMS-enabled applications.

TRUE
FALSE

Active Directory Rights Management Services (ADRMS) enable an application to encrypt and decrypt content, retrieve templates and revocation lists, acquire licenses and certificates from a server, and many other related tasks.

Question 17 of 50.

What is the standard port for HTTPS?

1. 80
2. 143
3. 161
4. 443

Standard port for HTTPS is 443

Question 18 of 50.

What is the HTTP error code for Resource Not Found?

1. 403
2. 404
3. 400
4. 500

Error code 404 means the requested resource could not be found but may be available in the future.

Question 19 of 50.

Which type of scope would you configure if you needed to lease IP addresses in the following range:

224.0.0.0 - 239.255.255.255

1. Multicast scope
2. Split scope
3. Superscope
4. DHCPv6 scope

The IP addresses 224.0.0.0 - 239.255.255.255 belong to multicast range. So, you need to use Multicast scopes to lease these addresses

Question 20 of 50.

What does DNs stand for?

1. Dedicated Names
2. Distinguished Names
3. Digital Names
4. Direct Names

DNs is the abbreviation for Distinguished Names

Question 21 of 50.

You are a network administrator for Contoso, which has a main office and a branch office.

The company network consists of a single Active Directory domain, contoso.local. All servers are running Windows Server 2012 R2, and all clients are running Windows 8.1.
You configure a file server at the main office as a BranchCache content server. You now want to configure clients at the branch office for BranchCache.
You create a new GPO for the branch office. Which of the following Group Policy settings do you need to configure in the GPO to enable the clients for BranchCache?

1. Turn on BranchCache
2. Set BranchCache Hosted Cache Mode
3. Confgure BranchCache For Network Files
4. None of above

You need to Turn on BranchCache policy setting to enable BranchCache on clients that fall within the scope of the policy.

Question 22 of 50.

In which version of Windows did Microsoft adopt Kerberos as an authentication policy?

1. Windows NT
2. Windows Server 2000
3. Windows Server 2003
4. Windows Server 2008

Kerberos authentication was introduced in Windows Server 2000.

Question 23 of 50.

The root domain of the TechTutsOnline forest is TechTutsOnline.local. The contoso.com domain tree is part of the TechTutsOnline forest.

Bob has an account in the victoria.contoso.com domain and is signing on to a computer that is a member of the computers.TechTutsOnline.local domain. No additional UPNs have been configured. Which UPN suffix will Bob use to sign on to this computer?

1. @TechTutsOnline.local
2. @victoria.contoso.com
3. @computers.TechTutsOnline.local
4. @TechTutsOnline.com

The default UPN suffix for a forest is the forest root domain. Because the forest root domain is TechTutsOnline.local, this will be the default UPN suffix.

Question 24 of 50.

Which of the following Windows PowerShell cmdlets are used to view DNS zone statistics?

1. Get-DNSServerStatistics
2. Get-DNSServerZone
3. Get-DNSServerForwarder
4. Get-DNSServerSigningKey

The Get-DNSServerStatistics cmdlet is used to retrieve DNS server zone statistics.

Question 25 of 50.

Which of the following resource records is associated with a host record in a zone and allows a DNS client to verify the authenticity of the host record?

1. PTR
2. CNAME
3. RRSIG
4. NSEC

Each record in a DNSSEC secured DNS zone has an associated RRSIG record that allows a DNS client to verify the authenticity of the record.

Question 26 of 50.

You are configuring AD FS. Which server should you deploy on your organization’s perimeter network?

1. Web appplication proxy
2. Claims-provider server
3. Federation server
4. Relying-party server

You deploy a web application proxy on a perimeter network

Question 27 of 50.

Which of the following divisions or container structures do not exist in Active Directory?

1. Sites
2. Forests
3. Webs
4. Organizational Units

Webs do not exist in Active Directory.

Question 28 of 50.

Which of the following CA types would you deploy if you wanted to deploy a CA at the top of a hierarchy that could issue signing certificates to other CAs and which would be taken offline if not issuing, renewing, or revoking signing certificates?

1. Standalone subordinate
2. Standalone root
3. Enterprise subordinate
4. Enterprise root

You can take a standalone root CA offline and it functions as the top of a CA hierarchy

Question 29 of 50.

What do Windows administrative shared folder names always end with?

1. $
2. %
3. @
4. #

The administrative share with $ at their end is part of a few that are automatically created in windows. For example, C$ is the administrative share for C drive. These shares are not visible when discovering shared computer via File Explorer.

Question 30 of 50.

Identify the false statement

1. You can right click and choose Empty Recycle Bin to clean it at once
2. You can find deleted files in recycle bin
3. You can increase free space of disk by moving files to recycle bin
4. You can restore any files in recycle bin if you ever need

While files are in Recycle Bin, they are still using the space of original drive. To reclaim the space, you need to permanently delete those files.

Question 31 of 50.

Group Policy Management Console doesn't allow editing of settings within individual GPOs?

TRUE
FALSE

Group Policy Management Console allows the editing of settings within individual GPOs.

Question 32 of 50.

Which of the following techniques can you use to provide high availability for a DHCP scope?

1. DHCP Name Protection
2. DHCP Superscope
3. Split Scope
4. Multicast Scope

Split scopes separate a scope across two servers. DHCP failover provides high availability for a DHCP scope through either load balancing the scope across two servers or having the scope fail over to a new server in in case the original one is offline.

Question 33 of 50.

Which operator performs pattern matching in SQL?

1. BETWEEN operator
2. LIKE operator
3. EXISTS operator
4. None of these

LIKE operator is used for matching patterns

Question 34 of 50.

Which of these is not applicable for IP protocol?

1. Connectionless
2. Offers unreliable service
3. Offers reliable service
4. Connection-oriented

IP offers unreliable service. This is the main reason it is used along with TCP; to make communication reliable 🙂

Question 35 of 50.

You want to enable key archiving on a CA. You need to issue a certificate from a specific template to the user who will recover private keys. Which certificate template will you use as the basis for this certificate?

1. Kerberos Authentication
2. Key recovery agent
3. Code signing
4. OSCP response signing

You need to issue a certificate from the key recovery agent template to a user before you can enable key archiving on a CA

Question 36 of 50.

Which protocol is used to send email?

1. ICMP
2. IMAP
3. POP
4. SMTP

First defined by RFC 821 in 1982, SMTP (Simple Mail Transfer Protocol) is an Internet standard for electronic mail (email) transmission

Question 37 of 50.

Which of the following utilities provides information in the format given below?

1. Ping
2. Netstat
3. Tracert
4. Nbtstat

This image represents the output of Tracert utility. Tracert determines the path taken by a packet to reach the destination by sending ICMP echo request to the destination with incrementally increasing Time to Live (TTL) field values.

Question 38 of 50.

Which of the following revocation statuses can you change to alter the status of a certificate from revoked to valid?

1. CA Compromise
2. Certificate Hold
3. Change of Affliation
4. Key Compromise

You can remove a Certificate Hold status, which means that the certificate will be recognized as valid.

Question 39 of 50.

Which group policy item should you configure to enable automatic re-enrollment of certificates?

1. Certifcate Services Client – Auto-Enrollment
2. Certifcate Services Client – Certifcate Enrollment Policy
3. Trusted Root Certifcation Authorities
4. Certifcate Path Validation Settings

You configure automatic re-enrollment by configuring the Certificate Services Client – Auto-Enrollment policy

Question 40 of 50.

Which of the following protocols is Active Directory based upon?

1. L2TP
2. LDAP
3. PPTP
4. IPsec

Active Directory is based upon LDAP (Lightweight Directory Access Protocol).

Question 41 of 50.

What does an assigned IP address 169.254.0.15 indicate?

1. The computer is configured for DHCP but couldn't connect to the DHCP server
2. The computer is using a dial-up modem
3. The computer is configured with a static IP address
4. The computer is being used as an Internet shared connection host

The address 169.254.0.15 belongs to reserved range (169.254.0.0 - 169.255.255) known as APIPA (Automatic Private Internet Protocol Address). A computer configures itself with an address from this range when it is configured to obtain TCP/IP info from a DHCP server but it cannot connect to DHCP server.

Question 42 of 50.

Which of the following CA types must be deployed on domain-joined computers?

1. Standalone subordinate
2. Standalone
3. Enterprise
4. None of above

Enterprise CA must be deployed on domain-joined computers

Question 43 of 50.

What is the full form of SQL?

1. Simple Query Language
2. Structured Query List
3. Structured Query Language
4. None of these

Structured Query Language is the correct answer

Question 44 of 50.

Between Active Directory Sites, you can also use ____ for replication, but only for changes in the Schema or Configuration.

1. IMAP
2. SMTP
3. POP3
4. HTTP

You have an option to use SMTP (Simple Mail Transfer Protocol) while configuring replication between AD Sites but SMTP can only replicate changes in Schema or configuration

Question 45 of 50.

You have configured a forest trust relationship between the TechTutsOnline forest and the Contoso forest.

You want to ensure that users from the Contoso forest can authenticate only when needing to access resources in the TechTutsOnline forest using the username@secure.contoso.com UPN rather than any other UPN that is available for them. Which of the following should you use to accomplish this goal?

1. External trust
2. SID fltering
3. Shortcut trust
4. Name suffix routing

You can use name suffix routing to manage which UPNs can be used for authentication.

Question 46 of 50.

In any Active Directory forest there are five Operations Masters roles that must be assigned to one or more domain controllers.

Which of the following answers correctly depicts these roles?

1. Trust Master, Root Master, Infrastructure Master, PDC Emulator, Relative ID master.
2. Schema Master, Domain Naming Master, Infrastructure Master, PDC Emulator, Relative ID master.
3. Infrastructure Master, PDC Emulator, Relative ID master, SYSVOL, Root Domain
4. Root Master, Domain Name Master, Infrastructure Master, PDC Emulator, Relative ID master

Five Flexible Single Master Operation (FSMO) Roles are:

  1. Schema Master
  2. Domain Naming Master
  3. Infrastructure Master
  4. PDC Emulator
  5. Relative ID master

Question 47 of 50.

Which of the following is the minimum domain functional level required before you can promote a member server running Windows Server 2012 R2 so that it functions as a domain controller?

1. Windows Server 2003
2. Windows Server 2008
3. Windows Server 2008 R2
4. Windows Server 2012

The Windows Server 2003 functional level supports domain controllers running Windows Server 2012 R2 operating system

Question 48 of 50.

You have moved several domain controllers out of your organization’s head office site to a new secondary datacenter that has its own site.

Which of the following consoles should be used to update the site association of these domain controllers?

1. Active Directory Sites And Services
2. Active Directory Domains And Trusts
3. Active Directory Administrative Center
4. Active Directory Users and Computers

You use the Active Directory Sites And Services console to change domain controller site association

Question 49 of 50.

Which of the following should be configured when you wanted to change the number of ports available when a DNS server makes a query to another DNS server on behalf of a client?

1. Netmask ordering
2. Socket Pool
3. Cache locking
4. DNSSEC

You configure the Socket Pool when you want to change the number of ports available when a DNS server makes a query to another DNS server on behalf of a client.

Question 50 of 50.

Which of the following resource records is returned when a zone protected by DNSSEC does not contain the record queried by the client?

1. RRSIG
2. PTR
3. CNAME
4. NSEC

NSEC records are returned when a host record does not exist in a DNSSEC secured zone.

Next question 1 of 50

All 50 questions completed!


Share results:

Windows Server Quiz

Want more stuff like this?

Get the best viral stories straight into your inbox!
Don`t worry, we don`t spam