1. What is the command used to forcefully demote a domain controller? DCPROMO / Forceremoval-Yes 2.

We have promoted a domain controller(say DCA) in new Forest. Then we promoted another domain controller(say DCB) in a new domain within the same forest. What FSMO roles will be held by the individual Domain Controllers? DC-A will have 5 FSMO RolesDomain Naming, Schema, PDC, RID, & Infrastructure (These 5 are {Forest + Domain} wide roles) DC-B will have 3 FSMO roles RID, PDC, and Infrastructure(these 3 roles are Domain Wide Roles) YES 3. What are the port numbers for the following protocols? LDAP ---- 389 GC ( global catalog )-- 3268 ( 3269 also acceptable )-No RPC ---- 135-No SMB ---- 445-_YES RDP ---- 3389-Np DNS ---- 53_yes Windows Time -- 123-No

4. What are the respective default tombstone lifetimes of the forests that have been promoted using windows server 2000 sp4 and 2003 sp1 2000 sp4 = 60 days 2003 sp1 = 180 days No 5. What is the process that generates the Active Directory replication topology : a.) Within a site ---- KCC ( knowledge consistency checker ) b.) Between different sites------ ISTG (Intersite Topology Generator) No

6.

What are the dependencies of Active Directory Replication(Any three is acceptable)? a. DNS b. LDAP c. Kerberos d. RPC YES 7. What are the 3 default Active Directory Partitions : Domain Configuration Schema YES 8. Where do we store data of AD integrated DNS?-YES AD Integrated DNS Active Directory / Application Partition(both stand true) 9. What is the default replication interval for Inter-site and intra-site replication? Inter-site replication 180 minutes / 3 Hours Intra-site replication Immediate(15 minutes) No 10. What is the processing order of the Group Policy? Local Site Domain Organizational Unit(L-S-D-OU) (You can also give them the above option in the Random order and ask them to rearrange) YES 11. If an individual setting is configured at each level(local, Site, Domain, and OU). The setting deployed at which level will take precedence? The setting configured at the OU level will take precedence. YEs 12. How many authentication protocols do we have in Active Directory? Name them.. We have 2- NTLM and Kerberos YES 13. What tools do we use to troubleshoot group policy issues?....(Any One will be fine) RSOP/Gpresult/Event Viewer/GPOTOOL YES 14. What default shares do we have on Domain Controllers? ....(Any two will be fine) IPC$, Netlogon and Sysvol Yes 15. What domain functional levels do we have in Active Directory? ....(Any 3 will be fine) 2000 Mixed, 2000 Native, 2003 Interim, 2003, 2008, 2008 R2

YES 16. What type of trusts can we setup in Active Directory? ....(Any two will be fine) External Trust, Forest Trust, Transitive trust, Shortcut Trust YES 17. What is the service responsible for replication SYSVOL / Group Policies between Domain Controllers? FRS(File Replication Service) NO/He answered As RPC 18. Which security group has permissions to modify the Active Directory Schema? Schema Admins YES 19. How many types of DNS Zones do we have?(any 3 will be fine) Primary Zone, Secondary Zone, Active Directory Integrated Zone, Stub Zone YES 20. Where do we store the Active Directory Database? NTDS.DIT YES