412-15

1.

1 point

Which of the following attributes are true of the automatically generated trusts created when a
domain is added to the forest? (Choose all that apply)

a. The trust is two-way between the child domain and the root domain

b. The trust can be configured to be one-way or two-way

c. The trust can be configured to be incoming or outgoing, or both

d. The trust is always transitive

2.

1 point

Which of the following is not a type of trust that could be created manually?

a. Internal trusts

b. External trusts

c. Shortcut trusts

d. Realm trusts

3.

1 point

You have just created a one-way incoming trust in your domain for an external domain used by a
partner company to allow your domain’s users to access a resource in the partner’s domain. What is the
next step that will need to be performed to complete the trust?

a. You will need to create a one-way outgoing trust in the external domain

b. The partner will need to create a one-way outgoing trust in the external domain

c. You will need to create a one-way outgoing trust in your domain

d. The partner will need to create a one-way outgoing trust in your domain

4.

1 point

You are attempting to create a one-way outgoing trust to an external domain that has resources in it
that your domain’s users will need to access. The authorized users will be able to access the resources
without entering any additional credentials once they have successfully logged in to your domain. When
you attempt to create the trust, it fails. You have verified that the domain controllers in the external
domain are online. What is most likely the cause of this problem?

a. You are not logged in as an Enterprise Admin

b. Your domain controllers cannot resolve the information for the external domain in DNS

c. The external domain’s domain controllers have the Windows Firewall running

d. The external domain’s domain controllers have trusts disabled in Group Policy

5.

1 point

Which of the following commands correctly illustrates how to create a one-way external trust from
the adatum.local domain to the contoso.local domain?

a. netdom trust adatum.local /Domain:contoso.local /add

b. netdom -addtrust /Local:adatum.local /External:contoso.local

c. netdom trust –add adatum.local /Domain:contoso.local

d. netdom –add /trust adatum.local /Domain:contoso.local

6.

1 point

To create a forest trust, which of the following requirements must be met? (Choose all that apply)

a. Both domains involved in the trust must be the forest root domain

b. Both domains involved in the trust must be at the Windows Server 2000 native domain functional level or higher

c. Both domains involved in the trust must be at the Windows Server 2003 forest functional level or higher

d. Both domains involved in the trust must be involved in an acquisition or merger

7.

1 point

. Which of the following scenarios would allow the creation of a shortcut trust? (Choose all that apply)

a. Between a third-level child domain and a second-level child domain in a different domain tree of the same forest

b. Between two third-level child domains in the same forest

c. Between two second-level child domains in different forests

d. Between a third-level child domain and a forest root domain in different forests

8.

1 point

Which of the following is not a scope of trust authentication?

a. Selective authentication

b. Domain-wide authentication

c. Server authentication

d. Forest-wide authentication

9.

1 point

When disabling SID filtering on a forest trust, what netdom switch should be used?

a. /disenablesidhistory:Yes

b. /enablesidhistory:No

c. /quarantine:No

d. /sidhistory:Disable

10.

1 point

When do you want to enable domain-wide authentication for a trust?

a. When all users in the trusted forest need to authenticate against the trusting domain

b. When all users in the trusted domain need to authenticate against the trusting domain

c. When all users in the trusted domain need to authenticate against the trusting forest

d. When all users in the trusted forest need to authenticate against the trusting forest

11.

1 point

In which scenario would you want to disable SID filtering?

a. There is no trust between all Domain Admins and Enterprise Admins within both trusts

b. Forests have been renamed

c. Domains have been authoritatively restored

d. User accounts have been involved in a domain migration

12.

1 point

When using the netdom command to validate a trust, what specific switch will you need to use to
ensure validation is performed?

a. /test

b. /validate

c. /verify

d. /checkPW

13.

1 point

What is the disadvantage of configuring selective authentication for a trust?

a. The inability to definitively control who is accessing what resources

b. The administrative overhead involved to configure and maintain user access to resources

c. The SIDs of the foreign security principals will need to be manually obtained

d. Security groups from the external domain must be used for the foreign security principals

14.

1 point

You have just created a two-way trust in your domain to an external domain used by a partner
company to allow your domain’s users to access a resource in the partner’s domain. What is the next
step that will need to be performed to complete the trust?

a. You will need to create two one-way outgoing trusts in the external domain

b. The partner will need to create a two-way trust in the external domain

c. You will need to create a two-way incoming trust in your domain

d. The partner will need to create two one-way trusts in your domain

15.

1 point

Which of the following attributes are true when discussing manually created trusts?

a. The trust is two-way between the child domain and the root domain

b. The trust can be configured to be one-way or two-way

c. The trust can be configured to be incoming or outgoing, or both

d. The trust is always transitive