In a Windows 2000 Active Directory environment, by default what type of trust relationship exists between domains inside the same domain tree or forest?

Introduction / Context:
This question tests your understanding of how Windows 2000 Active Directory domains relate to one another within a domain tree or forest. Trust relationships determine how authentication requests and user access can flow between domains, which is fundamental for designing and managing enterprise directory structures. Knowing the default trust type is important for both planning and troubleshooting.

Given Data / Assumptions:
- The environment is specifically Windows 2000, which introduced Active Directory and a new trust model compared to Windows NT.
- The domains in question are inside the same domain tree or forest, not part of different forests or external environments.
- We are not discussing manually created external or shortcut trusts.
- The task is to identify the default trust relationship type among these related domains.

Concept / Approach:
In Windows 2000 Active Directory, domains in the same tree and forest are automatically connected by two way transitive trusts. A transitive trust means that if Domain A trusts Domain B and Domain B trusts Domain C, then Domain A can transitively trust Domain C. This behavior simplifies authentication across multiple domains in a forest and allows group membership and access control to span domains more naturally. One way and non transitive trusts are still possible but are used mainly for special scenarios or external connections.

Step-by-Step Solution:
Step 1: Recall that Active Directory reorganized the trust model so that all domains in a forest are linked automatically.Step 2: Recognize that these automatically created trusts are both two way and transitive by default.Step 3: Understand that explicit trusts normally refer to manually created relationships, often with external or legacy domains.Step 4: Note that one way trusts restrict authentication flow to a single direction, which is not the default for domains in the same tree.Step 5: Conclude that transitive trust is the correct answer for default behavior within a Windows 2000 domain tree or forest.

Verification / Alternative check:
You can verify this by recalling how users in one Active Directory domain can access resources in another domain in the same forest after simple group membership and permission configuration, without manually defining a trust path. This easy access is made possible by the automatic two way transitive trusts. In contrast, when connecting to external forests or legacy NT domains, administrators often have to define explicit or non transitive trusts.

Why Other Options Are Wrong:
An explicit trust usually refers to a manually created trust, often used for special cross forest or external domain scenarios, not the default inside a forest. One way trust does not match the default two way nature of Windows 2000 domain trusts within a tree. Non transitive trust does not allow trust relationships to extend beyond directly connected domains, which is not how Active Directory trees and forests are designed by default. External forest trust is a specific type of trust used between two different forests and is not applicable for domains already inside the same forest.

Common Pitfalls:
Candidates sometimes remember only that Windows NT used more limited and manually defined trusts, and they incorrectly apply that memory to Windows 2000. Others confuse transitive behavior with replication or other directory operations. It is important to separate the concept of trust direction and transitivity from concepts such as site replication and group policy inheritance.

Final Answer:
By default, domains within the same Windows 2000 Active Directory tree or forest are linked by transitive trusts.