Upgrading Your Skills to MCSA Windows Server 2012 — Question 51

Your network contains one Active Directory domain named contoso.com.
The forest functional level is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows 8.1. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs
Windows Server 2012 R2.
You need to identify which security principals are authorized to have their password cached on RODC1.
Which cmdlet should you use?

Answer options

• A. Get-ADGroupMember
• B. Get-ADDomainControllerPasswordReplicationPolicy
• C. Get-ADDomainControllerPasswordReplicationPolicyUsage
• D. Get-ADDomain
• E. Get-ADOptionalFeature
• F. Get-ADAccountAuthorizationGroup
• G. Get-ADAuthenticationPolicySlio
• H. Get-ADAuthenticationPolicy

Correct answer: B

Explanation

The correct answer is B, as the Get-ADDomainControllerPasswordReplicationPolicy cmdlet is specifically designed to retrieve the password replication policy for a domain controller, including which security principals are allowed. The other options either provide information unrelated to password caching or pertain to different aspects of Active Directory management.