Term
| AD RMS is what type of solution |
|
Definition
| Information Right Solution |
|
|
Term
| What are the three methods that RMS uses to protect content |
|
Definition
| Established trusted participants, Assign of persistant usage rights and conditions,encryption |
|
|
Term
| What types of applications can use RMS |
|
Definition
| Word,Excel,PPT,Sharepoint,Outlook |
|
|
Term
| Name the components of RMS |
|
Definition
| Clients(user/consumer),RMS Cluster,SQL Database(or Windows Internal Database but not supported), Licensing only cluster(optional),Active Directory Directory Services. |
|
|
Term
|
Definition
| Server Licensor Certificate |
|
|
Term
|
Definition
| The Server Licensor Certificate is used to encrypt/decrypt all RMS data published by the RMS Cluster |
|
|
Term
| What is the machine certificate used for |
|
Definition
| It estblishes the computer that a RMS Client is publishing RMS content from as a trusted computer |
|
|
Term
|
Definition
| Rights Account Certificate |
|
|
Term
|
Definition
| The Rights Account Certificate is used to establish the identity of an RMS user |
|
|
Term
| What is the standard validity period for a RAC |
|
Definition
|
|
Term
| What is the validity for a temporary RAC |
|
Definition
|
|
Term
|
Definition
| Client Licensor Certificate |
|
|
Term
|
Definition
| The Client Licensor Certificate is used to ensure that a RMS client can publish content when disconnected from the corperate network |
|
|
Term
| What is the Publishing License used for |
|
Definition
| Anytime a RMS-Client trys to save RMS-protected content a Publishing License is created contain authorized users, rights and conditions for the content |
|
|
Term
| What is a Use License used for |
|
Definition
| The Use License contains the rights that apply to the protected content and requires and relies on the presense of a RAC |
|
|
Term
| What is the minimum version of Windows mobile that supports RMS |
|
Definition
|
|
Term
| What do you have to do to DNS to support AD RMS |
|
Definition
| Create a CNAME for the first server in the RMS Cluster(example ADRMSSRV.Contoso.com maps to the CNAME RMS.contoso.com) |
|
|
Term
| Where/What can you man used to manage the RMS Cluster key |
|
Definition
| You can use the "centrally managed key storage" or use a CSP to store the key |
|
|
Term
| What kind of certificate can you use for the RMS-Cluster |
|
Definition
| CA assigned or a self-signed certificate |
|
|
Term
| What are the steps to performing an Upgrade or Migration of RMS from 2008 to 2008R2 |
|
Definition
| The first step is ALWAYS run a backup, then export the SLC,Export and install the CSP(if using a CSP) |
|
|
Term
| When upgrading RMS 2008 to RMS 2008R2 you have to run what to ensure that RMS functions |
|
Definition
| You have to run the RMS Upgrade Wizard |
|
|
Term
| you have backed up the RMS root server and exported the SLC in the RMS cluster what is the next process in migrating from 2008 to 2008R2 RMS |
|
Definition
| Join the 2008R2 server to the RMS cluster then take the root RMS server offline and start upgrading the remaining servers in the cluster to 2008R2 RMS |
|
|
Term
| Define an RMS Exclusion Policy |
|
Definition
| allows you to deny certain users from the capability to acquire certificates and licenses |
|
|
Term
| What do you have to do to enable a RMS across forest |
|
Definition
| Create a trusted user domain between each RMS cluster,Enable anonymous access on the licensing pipeline,Extend the Active Directory Schema adding the attribute msExchOriginatingForest,create contact objects/distribution groups |
|
|
Term
| How do you configure AD RMS across forests by enabling anonymous access to the RMS pipeline |
|
Definition
| modify the two files used by AD RMS the AD RMS license.asmx and servicelocator.asmx |
|
|
Term
| Name some ways to deploy RMS to the client |
|
Definition
| Group Policy, SCCM 2007,Unattended Installation Script, OS Image |
|
|
Term
|
Definition
| Full Control,View,Edit,Save,Print,Forward,Reply |
|
|
Term
| Where can Right Policy Templates be stored |
|
Definition
| in the configuration database(SQL) or a shared folder(* which users must have access to in order to access rights-protected content) |
|
|
Term
| In which of the editions of Windows is the AD RMS client included |
|
Definition
| Vista,7,2008,2008R2(available for download for 2000,XP,2003 |
|
|
Term
|
Definition
| Vista,7,2008 clients can automatically update their right policy templates. Clients will detect changes made to right policy templates and update the local rights policy templates |
|
|
Term
|
Definition
| NEVER delete a rights policy template because all data protected by the right policy will become non-accessible. Alway ARCHIVE right policy templates that should not be distributed |
|
|
Term
| What registry modification do you do to create to prepare for offline publishing |
|
Definition
| HKEY_CURRRENT_USER\SOFTWARE\Microsoft\Offfice\14.0\Common\DRM\AdminTemplatePath |
|
|
Term
| Define a Trusted Publishing Domain |
|
Definition
| A trusted publishing domain allows for one AD RMS cluster to issue use licenses against publishing licenses that were issued by a different AD RMS cluster |
|
|
Term
| What is one step that you have to perform to add a trusted user domain |
|
Definition
| Export and import the Server Licensor Certificate of the server that is to be trusted |
|
|
Term
| Name a reason that you might create an Exclusion Policy for a user |
|
Definition
| If the users credentials are stolen |
|
|
Term
| Name the three types of exclusion policies |
|
Definition
| User,Application,Lockbox,Windows Version/not supported on 2008R2 |
|
|
Term
| What are some of the most common issues with AD RMS |
|
Definition
| CLuster Installation, Cluster URL Availabiliy,SCP configuration,FS support installation |
|
|
Term
| What are some reasons for Cluster installation issues |
|
Definition
| User intalling RMS is not a member of the local admins group, RMS service account doesnt have permissions to _wcms virtual directory, RMS service account does have access to configuration DB, RMS installation account and service account are different,RMS account on a DC needs to be domain admins group |
|
|
Term
| If you use SQL2005/2007 for the configuration database what must be done to the service account. |
|
Definition
| The RMS service account must be a member of the Systems Admins Account(sysadmins) |
|
|
Term
| What are some issues with RMS CLuster availability |
|
Definition
| DNS name resolution on the RMS Cluster URL,SSL certificates installed on servers, Ports 80 and 443 are open on firewall |
|
|
Term
| What are some steps to take to resolve RMS SCP configuration issues |
|
Definition
| User registering the SCP has to be a member of the Enterprise Admins Group,Delete any existing SCP's, Verify DNS is configured correctly and working |
|
|
Term
| What tool can be used to create and delete existing SCP's |
|
Definition
| Active Directory Site and Services |
|
|
Term
| What port do you connect to when testing the SQL database |
|
Definition
|
|
