Exam Prep Questions

Question 1

Which of the following tools can be used to view IPSec statistics?

  • A. Network Monitor

  • B. IP Security Monitor

  • C. System Monitor

  • D. IP Security Policy Management

A1:

Answer B is correct. IP Security Monitor can be used to gather and monitor IPSec statistics. Answer A is incorrect because Network Monitor is used to capture and analyze IP packets. Answer C is incorrect because System Monitor is used to monitor server performance. Answer D is incorrect because IP Security Policy Management is used only to create and manage IP Security policies.

Question 2

You are trying to install Software Update Services on a computer running Windows Server 2003. The installation of the software continually fails. You verify that the computer meets the hardware requirements. The server is also running IIS 5.0 and Internet Explorer 6.0, and all partitions except the system partition are formatted with FAT. What could be causing the problem?

  • A. Service pack 1 is not installed.

  • B. The partition storing the updates is not formatted with FAT.

  • C. IIS must be uninstalled .

  • D. The system partition must be formatted with NTFS.

A2:

Answer D is correct. Software Update Services requires that the system partition be formatted with NTFS along with the partition on which the software will be installed. Answer A is incorrect because no service pack is required. Answer B is incorrect because the partition on which SUS is installed must be NTFS as well. Answer C is incorrect because IIS 5.0 is required.

Question 3

John is the network administrator for a small organization. He wants to configure Automatic Updates settings through a group policy. He creates a new group policy object for the appropriate Organizational Unit. When he opens the policy, he cannot find any Automatic Updates settings to configure. What is causing the problem?

  • A. John is not permitted to edit group policy objects.

  • B. Software Update Services has not been installed.

  • C. The Automatic Updates ADM file has not been loaded.

  • D. Automatic Updates settings must be configured on each local computer.

A3:

Answer C is correct. To deploy the Automatic Updates settings using a group policy, the ADM file must first be loaded. If not, the Automatic Updates settings will not be available within a group policy object. Answer A is incorrect because the user is already an administrator. Answer B is incorrect because installing the SUS software does not automatically add the Automatic Updates settings into a group policy object. Answer D is incorrect because settings can be configured locally or through a group policy.

Question 4

Bob is planning the deployment of Software Update Services. He has a number of workstations on the network that are running various client operating systems. Which clients on the network will support the updated version of Automatic Updates? (Choose all that apply.)

  • A. Windows 98

  • B. Windows Me

  • C. Windows 2000

  • D. Windows XP

A4:

Answers C and D are correct. The updated version of the Automatic Updates software can be installed on Windows 2000 platforms and later. Therefore, answers A and B are incorrect.

Question 5

Mary is concerned that some of the servers on the network no longer meet the security requirements outlined by her organization. Different network administrators often troubleshoot problems and make configuration changes while doing so. She wants to verify the current security settings and compare them against the initial template used to configure new servers. What tool can she use?

  • A. IP Security Monitor

  • B. Security Configuration and Analysis

  • C. Network Monitor

  • D. Security Templates

A5:

Answer B is correct. The Security Configuration and Analysis tool can be used to analyze the current security settings of a computer and compare them against the settings within an existing template. Answer A is incorrect because IP Security Monitor is used to monitor and troubleshoot IPSec communications. Answer C is incorrect because Network Monitor is used to capture and analyze network traffic. Answer D is incorrect because the Security Templates snap-in is used to configure existing templates and create new ones.

Question 6

Mary is implementing a secure baseline for all new servers configured on the network. She wants each server to be configured with a standard set of security settings. What is the simplest way for Mary to configure the security settings on all new servers to be identical?

  • A. Mary must manually configure the settings on each server.

  • B. Mary can create a security template using the Security Templates snap-in with all the required security settings and deploy it through a GPO.

  • C. Mary can use the Security Configuration and Analysis tool to create a new template with all the required security settings.

  • D. Mary can use Software Update Services to configure each new server with the required security settings.

A6:

Answer B is correct. Mary can use the Security Templates snap-in to create a new template with the required security settings. The template can then be imported when new servers are configured. Answer A is incorrect. Although this is a viable solution, it is not the most efficient one. It requires configuring the same settings on each server. Answer C is incorrect because this tool cannot be used to create new templates. Answer D is incorrect because SUS is used to deploy software updates to clients.

Question 7

You are editing the Registry to configure Automatic Updates on a Windows XP workstation. You want to specify which server the client will retrieve the updates from. Which of the following Registry options should you configure to specify the SUS server that the updates will be downloaded from?

  • A. UseWUServer

  • B. AUOptions

  • C. WUServer

  • D. SUSServer

A7:

Answer C is correct. To specify which server a client will download the updates from, you must configure the WUServer value. Answer A is incorrect because it only enables Automatic Updates to use an SUS server. Answer B is incorrect because this option is used to specify how updates are downloaded and installed. Answer D is incorrect because there is no such option.

Question 8

Which of the following command-line utilities can be used to view IPSec statistics?

  • A. netdiag

  • B. ipsecmon

  • C. ping

  • D. netsh

A8:

Answer D is correct. The netsh command-line utility can be used to view IPSec statistics. Answer A is incorrect because this command-line utility is no longer used to view IPSec-specific statistics. Answer B is incorrect because this command is used to launch the IP Security Monitor in Windows 2000. Answer C is incorrect because ping is used to test TCP/IP connectivity.

Question 9

The IPSec policy configured for domain controllers is not behaving normally. You suspect that a configuration change was made by another administrator. Which tool can you use to determine whether a policy change was indeed made?

  • A. IP Security Monitor

  • B. Security Configuration and Analysis

  • C. netsh

  • D. Network Monitor

A9:

Answer C is correct. As long as auditing of policy changes has been enabled, you can monitor when changes are made to an IPSec policy using the Event Viewer. Therefore answers A, B, and D are incorrect because these tools cannot be used to monitor whether an IPSec policy change was made.

Question 10

IP Security Monitor will be used to monitor IPSec communications on several servers. Your organization is still in the process of migrating to Windows Server 2003, so some of the servers are still running Windows 2000. You use the IP Security Monitor snap-in from your computer to monitor the servers across the network. However, you discover that you are able to monitor only other computers running Windows Server 2003. What is causing the problem?

  • A. You do not have administrative permissions on the servers running Windows 2000.

  • B. IP Security Monitor cannot be used to monitor computers running Windows 2000.

  • C. The Windows 2000 servers are not members of the local domain.

  • D. The Network Monitor driver is not installed on the Windows 2000 servers.

A10:

Answer B is correct. The IP Security Monitor included with Windows Server 2003 cannot be used to monitor computers running Windows 2000. Therefore answers A, C, and D are incorrect.




Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam 70-291)
MCSA/MCSE 70-291 Exam Cram: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (2nd Edition)
ISBN: 0789736187
EAN: 2147483647
Year: 2002
Pages: 118
Authors: Diana Huggins

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net