1. What is Active Directory?

Active Directory is a directory service used by Microsoft Windows domains to store and manage information about network resources.

2. What is a domain?

A domain is a logical grouping of network resources, such as computers, printers, and user accounts.

3. What is a forest?

A forest is a collection of domains that share a common schema, configuration, and global catalog.

4. What is a global catalog?

A global catalog is a read-only replica of all objects in the forest.

5. What is a domain controller?

A domain controller is a server that runs Active Directory and manages authentication and authorization for network resources.

6. What is a site?

A site is a logical grouping of network resources that are connected by high-speed links.

7. What is a replication partner?

A replication partner is a domain controller that is responsible for replicating changes to other domain controllers.

8. What is DNS?

DNS is a system that translates domain names into IP addresses.

9. What is LDAP?

LDAP is a protocol used to access and modify directory services.

10. What is Kerberos?

Kerberos is a network authentication protocol that uses encryption to prevent eavesdropping and replay attacks.

11. What is a service principal name (SPN)?

An SPN is a unique identifier for a service instance that is registered in Active Directory.

12. What is the difference between a user account and a computer account?

A user account is used to authenticate users, while a computer account is used to authenticate computers.

13. What is a group?

A group is a collection of user accounts that share the same permissions and rights.

14. What is a security descriptor?

A security descriptor is a data structure that contains information about the security of an object, such as a file or folder.

15. What is a schema?

A schema is a set of rules that defines the structure and attributes of objects in Active Directory.

16. What is a trust relationship?

A trust relationship is an agreement between two domains that allows users to access resources in both domains.

17. What is a domain name system (DNS) zone?

A DNS zone is a portion of the DNS namespace that is managed by a single authority.

18. What is a forest root domain?

The forest root domain is the first domain created in a forest and is the highest level of authority.

19. What is a domain local group?

A domain local group is a group that is used to grant permissions to resources within the same domain.

20. What is a global group?

A global group is a group that is used to grant permissions to resources across multiple domains.

21. What is a universal group?

A universal group is a group that is used to grant permissions to resources across multiple domains in a forest.

22. What is a group scope?

A group scope determines the domain or forest boundaries within which a group can be used.

23. What is Group Policy?

Group Policy is a feature of Active Directory that allows administrators to define and enforce security policies for network resources.

24. What is a Group Policy Object (GPO)?

A GPO is a collection of settings that define a specific security policy for network resources.

25. What is a roaming profile?

A roaming profile is a user profile that is stored on a network share and can be accessed from any computer in the domain.

26. What is a mandatory profile?

A mandatory profile is a user profile that cannot be modified by the user.

27.What is a user object?

A user object is an object in Active Directory that represents a user account. User objects are used to authenticate users and manage their access to resources in an Active Directory domain. User objects contain information such as the user's name, email address, password, group membership, and other attributes. They can also be used to delegate administrative privileges to users, and to set policies and restrictions for users within the domain.

28. What is a computer object?

A computer object is a type of object in Active Directory that represents a computer on the network.

29.What is the difference between a user object and a computer object?

A user object represents a user account, while a computer object represents a computer account.

30. What is an organizational unit (OU)?

An OU is a container object in Active Directory used to organize objects, such as user accounts, computer accounts, and groups.

31. What is delegation of control?

Delegation of control is a process of assigning administrative tasks to specific users or groups, allowing them to manage certain parts of the Active Directory domain. 

32. What is a site link?

A site link is a logical connection between two or more sites in Active Directory that allows for replication of directory information between domain controllers.

33. What is a site link bridge?

A site link bridge is a container that allows multiple site links to be combined into a single logical entity.

34. What is a domain functional level?

The domain functional level is the minimum level of operating system required for all domain controllers in a domain.

35. What is a forest functional level?

The forest functional level is the minimum level of operating system required for all domain controllers in a forest.

36. What is a tombstone object?

A tombstone object is a deleted object in Active Directory that is retained in the system for a specified period before it is permanently removed.

37. What is replication?

Replication is the process of synchronizing changes made to Active Directory objects between domain controllers.

38. What is the difference between inbound replication and outbound replication?

Inbound replication is the process of receiving updates from other domain controllers, while outbound replication is the process of sending updates to other domain controllers.

39. What is the difference between intra-site replication and inter-site replication?

Intra-site replication occurs between domain controllers in the same site, while inter-site replication occurs between domain controllers in different sites.

40. What is a read-only domain controller (RODC)?

An RODC is a domain controller that holds a read-only copy of the Active Directory database.

41. What is a domain rename?

A domain rename is the process of changing the name of a domain in Active Directory.

42. What is a forest trust?

A forest trust is a trust relationship between two forests that allows users to access resources in both forests.

43. What is a SID?

A SID (security identifier) is a unique identifier assigned to a user, group, or computer account in Active Directory.

44. What is a group policy preference?

A group policy preference is a setting that can be configured using Group Policy that allows administrators to define user or computer settings that can be customized by the user.

45. What is a fine-grained password policy?

A fine-grained password policy is a policy that allows administrators to define password requirements for specific users or groups in Active Directory.

46. What is a trust anchor?

A trust anchor is a cryptographic key used to verify the authenticity of digital certificates.

47. What is a domain-based namespace?

A domain-based namespace is a namespace in Active Directory that is used to organize network resources.

48. What is a stand-alone namespace?

A stand-alone namespace is a namespace in Active Directory that is not associated with a specific domain.

49. What is the difference between a primary zone and a secondary zone?

A primary zone is a read/write copy of a DNS zone, while a secondary zone is a read-only copy of a DNS zone.

50. What is a stub zone?

A stub zone is a type of DNS zone in which a DNS server has a partial copy of a zone's resource records. The stub zone contains only the necessary resource records that point to the authoritative name servers for the zone.

51. What is the Active Directory Recycle Bin?

The Active Directory Recycle Bin is a feature that allows deleted objects to be recovered in their entirety without the need for a system state backup.

52. What is a domain controller (DC)?

A domain controller (DC) is a server that authenticates users and computers in a Windows domain, and stores information about them in Active Directory.

53. What is a global catalog server (GC)?

A global catalog server (GC) is a domain controller that stores a partial replica of every domain in a forest, and is used to perform queries across the entire forest.

54. What is a forest root domain?

A forest root domain is the first domain created in a forest, and is the top-level domain in the forest's namespace hierarchy.

55. What is a child domain?

A child domain is a domain that is created beneath a parent domain in the Active Directory domain hierarchy.

56. What is a domain name system (DNS)?

DNS is a hierarchical naming system used to map domain names to IP addresses on the internet.

57. What is a service principal name (SPN)?

A service principal name (SPN) is a unique identifier assigned to a service instance in Active Directory, which allows clients to locate the service and authenticate to it.

58. What is a security descriptor?

A security descriptor is an object in Active Directory that contains security information, such as permissions, for a particular object.

59. What is a schema?

A schema is a description of the structure of objects and attributes in Active Directory, and is used to define the types of objects that can be created and the attributes that can be assigned to them.

60. What is a schema master?

A schema master is a domain controller responsible for maintaining the schema in a forest, and is the only domain controller that can make changes to the schema.

61. What is a domain naming master?

A domain naming master is a domain controller responsible for managing the addition and removal of domains in a forest.

62. What is a RID master?

A RID master is a domain controller responsible for allocating relative IDs (RIDs) to domain controllers in a domain.

63. What is a PDC emulator?

A PDC emulator is a domain controller responsible for maintaining compatibility with older versions of Windows, and for providing time synchronization for the domain.

64. What is a backup domain controller (BDC)?

A backup domain controller (BDC) is a type of domain controller in older versions of Windows that holds a read-only copy of the Active Directory database, and is used for failover in the event of a primary domain controller failure.

65. What is a domain join?

A domain join is the process of adding a computer to an Active Directory domain.

66. What is a trust relationship?

A trust relationship is a relationship between two domains or forests that allows users in one domain to access resources in the other.

67. What is a forest root?

A forest root is the top-level domain in a forest and is the first domain created in the forest.

68. What is a forest trust?

A forest trust is a trust relationship between two forests that allows users to access resources in both forests.

69. What is a trust path?

A trust path is the chain of trust relationships between two domains or forests.

70. What is a transitive trust?

A: A transitive trust is a trust relationship that can be extended to other domains or forests, allowing users in those domains or forests to access resources in the original domain.

71. What is a non-transitive trust?

A non-transitive trust is a trust relationship that is not extended to other domains or forests, and only allows users in the original domain to access resources in the other domain.

72. What is a one-way trust?

A one-way trust is a trust relationship that only allows users in one domain to access resources in the other domain, but not vice versa.

73. What is a two-way trust?

A two-way trust is a trust relationship that allows users in both domains to access resources in each other's domain.

74. What is a forest functional level?

The forest functional level is a setting that determines the level of features available in a forest, and can affect the compatibility of domain controllers and client computers.

75. What is a domain functional level?

The domain functional level is a setting that determines the level of features available in a domain, and can affect the compatibility of domain controllers and client computers.

76. What is a group policy object (GPO)?

A group policy object (GPO) is a collection of settings that can be applied to users and computers in an Active Directory domain, and can be used to enforce security policies and other configurations.

77. What is a group policy editor (GPE)?

The group policy editor (GPE) is a tool used to create and edit group policy objects (GPOs) in an Active Directory domain.

78. What is a site?

A site is a physical location that contains one or more domain controllers, and is used to manage network traffic and optimize Active Directory replication.

79. What is Active Directory replication?

Active Directory replication is the process of synchronizing information between domain controllers in a Windows domain, to ensure that all domain controllers have the same information.

80. What is the Knowledge Consistency Checker (KCC)?

The Knowledge Consistency Checker (KCC) is a process that runs on domain controllers in a Windows domain, and is responsible for creating and maintaining the replication topology of the domain.

81. What is a replication topology?

A replication topology is the set of connections and paths used by domain controllers in a Windows domain to replicate Active Directory information.

82. What is the replication interval?

The replication interval is the amount of time between Active Directory replication cycles, and can be configured to optimize replication performance.

83. What is the replication scope?

The replication scope determines which domain controllers in a Windows domain replicate with each other, and can be configured to optimize replication performance.

84. What is the GlobalNames zone?

The GlobalNames zone is a special DNS zone used in Windows Server 2008 and later, which allows DNS resolution of single-label names, such as "computer1" instead of the fully qualified domain name (FQDN), "computer1.contoso.com".

85. What is a domain-based namespace?

A domain-based namespace is a type of namespace in Windows Server that uses domain names to create namespaces for file and folder sharing.

86. What is a forest-based namespace?

A forest-based namespace is a type of namespace in Windows Server that uses a common namespace across multiple domains in a forest.

87. What is the Active Directory Migration Tool (ADMT)?

The Active Directory Migration Tool (ADMT) is a tool provided by Microsoft to help administrators migrate Active Directory objects between domains or forests

88. What is a service principal name (SPN)?

A service principal name (SPN) is a unique identifier for a service instance registered in Active Directory, and is used to associate a service with a specific user account.

89. What is the Active Directory Recycle Bin?

The Active Directory Recycle Bin is a feature introduced in Windows Server 2008 R2 that allows deleted objects to be recovered in an Active Directory domain.

90. What is the difference between a user account and a computer account in Active Directory?

A user account is used to authenticate a user in an Active Directory domain, while a computer account is used to authenticate a computer.

91. What is the difference between a security group and a distribution group in Active Directory?

A security group is used to grant or deny access to resources in an Active Directory domain, while a distribution group is used to send email to a group of users.

92. What is the difference between a domain local group and a global group in Active Directory?

A domain local group is used to grant or deny access to resources within a domain, while a global group is used to grant or deny access to resources across multiple domains.

93. What is the difference between a domain controller and a member server in Active Directory?

A domain controller is a server that authenticates users, maintains the Active Directory database, and replicates information between domain controllers, while a member server is a server that is joined to an Active Directory domain and can access resources in the domain.

94. What is the Active Directory Lightweight Directory Services (AD LDS)?

The Active Directory Lightweight Directory Services (AD LDS) is a role in Windows Server that provides a lightweight directory service for applications that require directory access but do not require the full functionality of Active Directory.

95. What is the Active Directory Certificate Services (AD CS)?

The Active Directory Certificate Services (AD CS) is a role in Windows Server that provides a public key infrastructure (PKI) for issuing and managing digital certificates.

96. What is the Active Directory Federation Services (AD FS)?

The Active Directory Federation Services (AD FS) is a role in Windows Server that provides a single sign-on (SSO) solution across organizational boundaries, allowing users to access resources in different domains or forests with a single set of credentials.

97. What is the Active Directory Rights Management Services (AD RMS)?

The Active Directory Rights Management Services (AD RMS) is a role in Windows Server that provides information rights management (IRM) capabilities, allowing users to encrypt and control access to sensitive data.

98. What is the Active Directory Domain Services (AD DS)?

The Active Directory Domain Services (AD DS) is the core component of Active Directory, providing authentication and authorization services for users and computers in a Windows domain.

99. What is the difference between a forest and a domain in Active Directory?

A domain is a logical container for a group of objects in Active Directory, while a forest is a collection of one or more domains that share a common schema, configuration, and global catalog. A forest can contain multiple domains, while a domain cannot contain multiple forests.

100. What is the Global Catalog in Active Directory?

The Global Catalog is a distributed data store in Active Directory that contains a subset of all the objects in a forest. The Global Catalog contains a read-only replica of the attributes of all objects in the forest, and is used to support queries for objects that span multiple domains. The Global Catalog is maintained on domain controllers that have been designated as Global Catalog servers.