Name: __________________________ Date: ____________

Name: __________________________ Date: _____________

1.	Juanita is the lead infrastructure planner on the Active Directory services infrastructure design team for Hiabuv Toys. The team is currently working on defining the organizational unit (OU) structure as part of the company's transition to Microsoft Windows 2000. Hiabuv Toys has two divisions. The smaller division is the motorized toys division, which is located in Tucker, Georgia, along with the company's headquarters. The larger division designs, manufactures, and packages stuffed animals at its location in Mexico City, Mexico, and action figures at its two locations in Ft. Worth, Texas, and Houston, Texas. The Houston office makes and paints the plastic action figures. The Ft. Worth location manufactures the clothing, puts the finishing touches on the figures, and then packages them. The design team is recommending just one domain. The required result for Juanita and her team of infrastructure designers is twofold. First they must define an OU structure that will allow the location in Mexico City to maintain its own IT management department. Second they must define an OU structure that separates the employees of the design unit, the manufacturing unit, and the packaging unit from one another. The first ideal outcome of the plan is to allow the Ft. Worth Admins group to set its own membership and to prevent the Houston Admins group from setting its own membership. The second ideal outcome of Juanita's plan also has two parts. The first part is to separate the employees working at the Tucker Headquarters from the employees working at the Tucker motorized toy division. The second part is to hide the accounting resources from all employees except the vice president of accounting and his staff. Juanita and the design team propose creating three top-level OUs: one for Mexico, one for the Tucker headquarters, and one for Texas. The Mexico top-level OU would have three second-level OUs; the three second-level OUs would be named Design, Manufacturing, and Packaging. The Tucker top-level OU would have a second-level OU for the employees working for the motorized toys division. The Texas OU would have two second-level OUs, one for Ft. Worth and one for Houston. The Ft. Worth Admins would be placed in the Ft. Worth OU, and the Houston Admins would be placed in the Texas OU. Finally, Juanita proposes placing the accounting resources in the Tucker OU to hide them from the employees in the motorized toys division. Does Juanita's proposal satisfy the required result and the two ideal outcomes?
A)	It satisfies the required result and both ideal outcomes.
B)	It satisfies the required result but only one of the ideal outcomes.
C)	It satisfies only the required result.
D)	It satisfies neither the required result nor the ideal outcomes.

Roscoe is the lead infrastructure planner on the Active Directory services infrastructure design team for Contoso Pharmaceuticals. The team is currently working on defining the organizational unit (OU) structure and security groups and determining appropriate naming conventions in preparation for the company's transition to Microsoft Windows 2000. Contoso Pharmaceuticals has three divisions: research and development, manufacturing, and sales and distribution. The company's headquarters and the eastern research and development offices are located in Boston, Massachusetts. The company's western research and development offices are located in Los Angeles, California. The manufacturing division and the sales and distribution division are located in Greenville, South Carolina. Roscoe and his design team are recommending one domain. The required result for Roscoe and his team of infrastructure designers is to protect the research done by the research and development division. The first ideal outcome is to hide the new products developed by the Los Angeles research and development office from everyone else, including the Boston research and development employees, and to hide the new products developed in Boston from everyone else, including the Los Angeles employees. The second ideal outcome of the design team's plan is to develop a naming convention for employees that easily identifies the employee, his or her division, and his or her location.

Roscoe and his design team propose creating a top-level R&D OU for the research and development division, with two second-level OUs—one for Boston and one for Los Angeles. Both the LA Admins and the Boston Admins will be in the R&D OU. They also propose creating two third-level OUs. One third-level OU will be named BostonNew. BostonNew will contain the data on the new products developed by the Boston research and development office and will be located off the second-level Boston OU. The second third-level OU will be named LANew. LANew will contain the data on the new products developed by the Los Angeles research and development office and will be located off the second-level LA OU. They also propose a top-level OU name SC for South Carolina. There will be two second-level OUs below it. One will be named SandD for the sales and distribution division. The other second-level OU will be named Manuf for the manufacturing division. The third top-level OU will be named HQ and will have two second-level OUs under it. One second-level OU will be Exec for the executive staff, and the other will be Staff for the staff who are not executives. The naming convention decided on by Roscoe and his design team is to use the first name of the employee, up to four letters, followed by the first two letters of the last name. After the letters from the first and last name will come one of the symbols listed in the table. If the user name is not unique, a number, starting with 2, will be added to the end of the user name.

Suffix	Explanation
HQE	Headquarters executive staff
HQS	Headquarters nonexecutive staff
RDB	Boston research and development
RDL	Los Angeles research and development
SCS	South Carolina sales
SCM	South Carolina manufacturing

Does Roscoe's proposal satisfy the required result and the two ideal outcomes?

It satisfies the required result and both ideal outcomes.

It satisfies the required result but only one of the ideal outcomes.

It satisfies only the required result.

It satisfies neither the required result nor the ideal outcomes.

An organizational unit (OU) is a container used to organize objects into logical structures. Which of the following statements about OUs are correct? (Choose all answers that are correct.)

a. An OU can contain objects such as user accounts, groups, computers, and printers.

b. An OU can contain other OUs from the same forest.

c. An OU can contain other OUs from the same tree.

d. An OU can contain other OUs from the same domain.

4.	In Active Directory, the primary reason for defining organizational units (OUs) is to ______________________________.

5.	In Active Directory, which of the following statements lists the three reasons for defining organizational units (OUs)?
A)	To administer group policy, improve network performance, and hide objects
B)	To improve network performance, hide objects, and delegate administration
C)	To hide objects, delegate administration, and administer group policy
D)	To delegate administration, administer group policy, and improve network performance

In Active Directory, which of the following statements about inherited access control entries (ACEs) are correct? (Choose all answers that are correct.)

a. ACEs are inherited by child organizational units (OUs) in an OU hierarchy by default.

b. Inherited ACEs flow down to all child domains in the domain tree.

c. ACEs are inherited only if you select the Allow Inheritable Permissions From Parent To Propagate To This Object check box for the OU.

d. Inherited ACEs apply only to one domain and do not flow down to child domains.

7.	To delegate administration, you can use the Delegation Of Control Wizard or manually modify the access control entries on the Security tab of the Properties dialog box for the organizational unit (OU).

8.	In mixed mode, a domain local security group can contain which of the following? (Choose all answers that are correct.) a. User accounts from any domain b. Domain local groups from the same domain c. Universal groups from any domain d. Global security groups from any domain

Which of the following user account naming convention considerations are true? (Choose all answers that are correct.)

a. The user's logon name (distinguished name) must be unique to the directory.

b. Windows 2000 recognizes only the first 20 characters of a user logon name.

c. User logon names are case sensitive.

d. The underline (_) and the hyphen (-) are invalid characters in a user logon name.

10.	Adding global groups, not users, to universal groups will allow you to make individual membership changes in the global groups without affecting the universal group's membership or replication traffic

11.	Michael is the lead infrastructure planner on the Active Directory services infrastructure design team for Woodgrove Bank. The headquarters for Woodgrove Bank is located in Dallas, Texas. One of the largest divisions in the bank is the investment division, which is located in Chicago, Illinois, and is connected to headquarters by a T1 line (1.544 Mbps). About 1500 employees are in the Dallas domain, and about 600 employees are in the Chicago domain. The T1 line that connects them is about 45% available. Woodgrove is planning to upgrade its three largest offices—Dallas, Chicago, and Philadelphia—to Microsoft Windows 2000. About 60 small branch offices are in each of the three regions. So far Michael and the design team have determined that they will have one forest and three domains: Dallas, Chicago, and Philadelphia. As Michael and his team of infrastructure designers create a site topology plan for the organization, they have been assigned a few additional tasks. Their required result is to find a solution to end the complaints from the employees in the Philadelphia regional headquarters of slow logon times and slow authentication when attempting to access resources. The Philadelphia regional headquarters has 400 employees in the Philadelphia domain, and is connected to both the headquarters in Dallas and the Chicago office with T1 lines (1.544 Mbps) that are about 60% available. The first ideal outcome is to optimize network response time and application availability. The second ideal outcome is to determine whether any changes need to be made to the operations master role assignments or to the placement of global catalog servers to ensure that the branch offices can remain on Windows NT 4 for another year. Michael and the design team propose defining three sites, one for each domain: Dallas, Chicago, and Philadelphia. They plan to add an additional domain controller in the Philadelphia site to improve logon time and to remedy the problem with slow authentication when attempting to access resources. To optimize network response time and application availability, they plan to designate at least one domain controller in each site as a global catalog server. Does Michael's proposal satisfy the required result and the two ideal outcomes?
A)	It satisfies the required result and both ideal outcomes.
B)	It satisfies the required result but only one of the ideal outcomes.
C)	It satisfies only the required result.
D)	It satisfies neither the required result nor the ideal outcomes.

12.	Yanni is the lead infrastructure planner on the Active Directory services infrastructure design team for Fabrikam, Inc. The headquarters for Fabrikam is located in Raleigh, North Carolina. The manufacturing division for most of the materials sold by Fabrikam is located in Delhi, India, and is connected to headquarters by a 256-Kbps line that historically has been unreliable. There are about 500 employees in Raleigh and about 200 employees in Delhi. Only 20 of the employees in Delhi are network users. Most of the dyes used for the materials are natural and are produced in Calcutta, India. About 75 employees work in the office in Calcutta, and 10 of them are network users. Delhi and Calcutta are connected by Simple Mail Transport Protocol (SMTP) connectivity only. Fabrikam also has a silk division, which is located in Bangkok, Thailand, and is connected to headquarters by a T1 line that is nearly 65% available. About 100 employees are in Bangkok, but only 10 are network users. A few retail sites sell Fabrikam materials to the public, but most Fabrikam materials are sold to furniture manufacturers in North Carolina. Fabrikam is planning to upgrade to Microsoft Windows 2000. So far Yanni and the design team have determined that they will have one forest and three domains: Raleigh, Delhi, and Bangkok. The required result for Yanni and the rest of the team of infrastructure designers is to physically group computers to optimize network traffic by creating a site topology plan for the organization. The first ideal outcome is to be as economical as possible. The second ideal outcome is to plan the operations master role assignments and the placement of global catalog servers. Yanni and the design team propose defining three sites, one for each domain (Raleigh, Delhi, and Bangkok), and to have two domain controllers in each domain for redundancy. To be economical, they are planning to have only three sites. As for the assignment of operations master roles, they plan to have the schema master in Raleigh and to have a domain controller holding the domain naming master role in each of the three sites. Does Yanni's proposal satisfy the required result and the two ideal outcomes?
A)	It satisfies the required result and both ideal outcomes.
B)	It satisfies the required result but only one of the ideal outcomes.
C)	It satisfies only the required result.
D)	It satisfies neither the required result nor the ideal outcomes.

13.

Which of the following statements about domain controllers and sites are true? (Choose all answers that are correct.)

a. If there are a large number of users in the site and the link is slow or near capacity, you might need to place additional domain controllers in a site.

b. When a single site contains multiple domains, one domain controller can service all domains in the site.

c. You can never move a domain controller from one site to another site.

d. For optimum network response time and application availability, place at least two domain controllers in each domain.

14.	When you install the first domain controller in a forest, a default site object is created named Default-First-Site-Name.

15.	Can you change the name of the first site object?

16.	By default, a Windows 2000 domain controller that is added to a domain will assign itself a fully qualified DNS name that consists of _______________ followed by ____________________.

17.

Which of the following statements about domain controllers and sites are true? (Choose all answers that are correct.)

a. If the link to a site is historically unreliable or intermittently unavailable, you should place an additional domain controller in the site.

b. It is necessary to place a domain controller in every site, even if the site has no servers.

c. The Active Directory Sizer is a tool that you can use to determine the number of domain controllers you need.

d. Even if a site has only a small number of users, you should always add a domain controller rather than using the available bandwidth to log on and query the directory.

18.	If a site has slow logon times and slow authentication when attempting to access user resources, you can monitor domain controller usage and determine whether there is enough processing power and bandwidth to service requests. You might need to add another domain controller to the site.

19.

To eliminate authentication delays with clients on undefined subnets, you can associate the clients with a site by creating default subnets and then associating the subnets with a site. Which of the following statements about default subnets are correct? (Choose all answers that are correct.)

a. The default subnet for capturing all clients on Class B networks that are not defined in the directory has a subnet ID of 128.0.0.0 and a mask of 192.0.0.0.

b. The default subnet for capturing all clients on Class C networks that are not defined in the directory has a subnet ID of 128.0.0.0 and a mask of 192.0.0.0.

c. The default subnet for capturing all clients on Class A networks that are not defined in the directory has a subnet ID of 192.0.0.0 and a mask of 224.0.0.0.

d. The default subnet for capturing all clients on Class C networks that are not defined in the directory has a subnet ID of 192.0.0.0 and a mask of 224.0.0.0.

20.

Which of the following statements about Microsoft Windows 2000 replication are true? (Choose all answers that are correct.)

a. Each domain controller maintains a replica of all Active Directory objects contained in the forest to which it belongs.

b. Manually created connection objects persist until you manually remove them.

c. The Knowledge Consistency Checker (KCC) on each domain controller functions only on intrasite replication.

d. Replication ensures that changes made to a replica on one domain controller are synchronized to replicas on all other domain controllers within the domain.

21.	There are three types of objects in Active Directory. Each type of object is stored in a tree, called a naming context (NC). What are the three naming contexts?

22.	There are three types of objects in Active Directory. Each type of object is stored in a tree, called a naming context (NC). Which NC contains all of the objects in a domain?

23.

Which of the following statements about global catalog servers are true? (Choose all answers that are correct.)

a. You can designate any computer running Microsoft Windows 2000 Server, not just a domain controller, as a global catalog server.

b. For optimum network response time and application availability, you should designate at least one global catalog server in each site.

c. If a global catalog server is not available when a user logs on to a Microsoft Windows 2000 native-mode domain, the domain controller that sent the request to the global catalog server will refuse the logon request.

d. A global catalog server holds a copy of the global catalog for the forest and must be available to determine a user's membership in global groups.

24.	Which of the following roles are operations master roles that every Active Directory forest must have? (Choose all answers that are correct.) a. Primary domain controller (PDC) emulator b. Schema master c. Infrastructure master d. Domain naming master

25.	There are three types of objects in Active Directory. Each type of object is stored in a tree, called a naming context (NC). The objects in the ____________ NC must be replicated to all controllers in all domains in the forest.

26.	Antonio is the lead infrastructure planner on the Active Directory services infrastructure design team for Woodgrove Bank. The headquarters for Woodgrove Bank is located in Boston, Massachusetts. One of the largest divisions in the bank is the investment division, which is located in Chicago, Illinois, and is connected to headquarters by a T1 line (1.544 Mbps). About 1500 employees are in the Boston domain, and about 900 employees are in the Chicago domain. The T1 line that connects them is about 45% available. Woodgrove is planning to upgrade its three largest offices—Boston, Chicago, and Philadelphia—to Microsoft Windows 2000. There are about 750 employees in the Philadelphia office. Approximately 60 small branch offices are in each of the three regions. Currently there are three domains: Boston, Chicago, and Philadelphia. All computers are running Microsoft Windows NT 4. The design team's required result is to plan the conversion to Windows 2000. The first ideal outcome is to provide a means to roll back to Windows NT 4 if any problems occur. The second ideal outcome is to provide a way that the systems can run parallel with each other for two to four weeks to determine whether everything is working correctly before the Windows NT 4 network is shut down. Antonio and the design team propose upgrading the networks to Windows 2000 Server using a domain restructure. They propose a month-long period of testing before the Windows NT 4 network is shut down. Does Antonio's proposal satisfy the required result and the two ideal outcomes?
A)	It satisfies the required result and both ideal outcomes.
B)	It satisfies the required result but only one of the ideal outcomes.
C)	It satisfies only the required result.
D)	It satisfies neither the required result nor the ideal outcomes.

27.	Jasmine is the lead infrastructure planner on the Active Directory services infrastructure design team for Fabrikam, Inc. The headquarters for Fabrikam is located in Atlanta, Georgia. At headquarters are the sales, marketing, payroll, accounting, and human resources departments. There are three domains in Atlanta: SAM (sales and marketing), PA (payroll and accounting), and HR (human resources). The manufacturing division for most of the materials sold by Fabrikam is located in Dacula, Georgia. There are about 500 employees in Atlanta and about 800 employees in Dacula. There are four domains in Dacula: DAD (the design department with 30 employees, and the dye department with 100 employees), CAS (the cutting and stitching department with 400 employees), FAP (the finishing and packaging department with 200 employees), and WAS (the warehousing and shipping department with about 70 employees). All computers are currently running either Windows NT 4 Server or Windows NT 4 Professional. The required result for Jasmine and the team of infrastructure designers is to plan the upgrade path for Fabrikam to Windows 2000. The first ideal outcome is to complete the upgrade during the upcoming two-week shutdown of the plants for the retooling of equipment. The second ideal outcome is to reduce the amount of administration that is required on the network. Jasmine and the design team propose defining one forest and one domain. They propose doing a domain restructure to consolidate the domains. They propose having two domain controllers at corporate and two domain controllers in Dacula. Does Jasmine's proposal satisfy the required result and the two ideal outcomes?
A)	It satisfies the required result and both ideal outcomes.
B)	It satisfies the required result but only one of the ideal outcomes.
C)	It satisfies only the required result.
D)	It satisfies neither the required result nor the ideal outcomes.

28.	Which of the following statements lists the correct order in which you should upgrade domains?
A)	The small account domains first, then the larger account domains, the resource domains that require the Microsoft Windows 2000 platform features, the remaining resource domains, and lastly the forest root domain.
B)	The forest root domain, then the small account domains, followed by the large account domains, the resource domains that require the Windows 2000 platform features, and lastly the remaining resource domains.
C)	The forest root domain, the larger account domains, followed by the small account domains, the resource domains that require the Windows 2000 platform features, and lastly the remaining resource domains.
D)	The forest root domain, the larger account domains, followed by the small account domains, the resource domains that do not require the Windows 2000 platform features, and lastly the resource domains that require the Windows 2000 platform or features.

29.	Which of the following statements lists the correct order in which you should upgrade domain controllers?
A)	The primary domain controller (PDC) in the first domain to be upgraded, the backup domain controllers (BDCs) in the first domain to be upgraded, the PDC in the second domain to be upgraded, and the BDCs in the second domain to be upgraded.
B)	The PDC in the first domain to be upgraded, the PDC in the second domain to be upgraded, the BDCs in the first domain to be upgraded, and the BDCs in the second domain to be upgraded.
C)	The BDCs in the first domain to be upgraded, the PDC in the first domain to be upgraded, the BDCs in the second domain to be upgraded, and the PDC in the second domain to be upgraded.
D)	The BDCs in the first domain to be upgraded, the BDCs in the second domain to be upgraded, the PDC in the first domain to be upgraded, and the PDC in the second domain to be upgraded.

30.	Which of the following times are appropriate to perform a domain restructure? (Choose all answers that are correct.) a. Before you perform a domain upgrade b. Simultaneously with a domain upgrade c. Following a domain upgrade d. In place of a domain migration

31.	In general, Microsoft advises customers to configure sessions for containers that hold up to, but not more than, ________ total objects.

32.	Which of the following statements about synchronizing Microsoft Windows 2000 with other directory services is true?
A)	The File Migration Utility in conjunction with Microsoft Directory Synchronization Services (MSDSS) allows the integration of multiple repositories with Active Directory.
B)	Active Directory Connector (ADC) allows the integration of multiple repositories with Active Directory.
C)	Microsoft Directory Synchronization Services (MSDSS) allows the integration of multiple repositories with Active Directory.
D)	Microsoft Metadirectory Services (MMS) allows the integration of multiple repositories with Active Directory.

33.	Which operations master is responsible for updating the security identifiers and distinguished names in cross-domain object references whenever the name of the object is renamed or changed?