Exam Questions


1:

You are the network administrator for Gus Gus Gas Stations , Inc. You need to implement a more secure network environment across all servers, both domain controllers and member servers. What security templates could you use to provide a higher level of security for these servers and still leave room to increase security again if desired? (Choose two correct answers.)

  1. securews.inf

  2. hisecws.inf

  3. hisecdc.inf

  4. securedc.inf

  5. compatws.inf

2:

Marshall is the network administrator for QBC Corp. He runs a network of 20 Windows Server 2003 systems on a network backbone, as well as 200 Windows XP Professional clients . Marshall is asked about using an IP address for a local LAN, whether an IP address is needed, as well as whether a MAC address is needed. Marshall claims that he can assign an IP address but not a MAC address. Why not?

  1. He needs only an IP address, not a MAC address.

  2. MAC addresses are not assigned; they come by default burned into the network device.

  3. MAC addresses work on top of physical IP addresses.

  4. Neither IP addresses nor MAC addresses are needed if Marshall has the DNS name .

3:

You are a network consultant and have been hired by Carmen's Clown College, Inc. You have been given the task of designing a unique DNS namespace for Carmen's new Windows Server 2003 network. Carmen's already owns the clowncollege.com domain, and the company's ISP is hosting its Web site. Which of the following options represents the best unique DNS namespace?

  1. clowncollege.net

  2. corp.clowncollege.com

  3. clowncollege.corp.com

  4. clowncollege.com.corp

4:

You are the network administrator for QBC Corp. The company has a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. You need to test the connectivity of a remote site that is currently four router hops away. You are experiencing a lot of latency. What would be the appropriate plan of action to take to solve this issue?

  1. Go from router to router and look at the routing table metrics. If any say one or more, you need to deal with a routing issue.

  2. Use a standard ping , see how long it takes to get to the target host, and then calculate the time difference between hops.

  3. Use netsh in the routing> prompt and send a ping to the host; then calculate the time it takes to get there.

  4. Use pathping to trace the route to the destination and then look at the calculations of latency times in milliseconds on each hop through the network. Find the problem link.

5:

Which of the following gives the best description of clustering?

  1. Clustering distributes all incoming client connection requests to its nodes via a mathematical algorithm.

  2. Clustering distributes all incoming client connection requests to its nodes via a round- robin system.

  3. Clustering allows multiple nodes to appear as a single system to clients.

  4. Clustering allows multiple CPUs to be used in a server.

6:

You are the network administrator for Tom's Travel, an international travel agency. You have been directed to create a backup plan that will ensure that all data on your file server is backed up every night, regardless of when the last modification was made to the data. Which of these backup types would meet your requirements?

  1. Incremental

  2. Daily

  3. Normal

  4. Differential

7:

You are the network administrator for Roger's Rockets, a manufacturer of toy rocket kits. You want to require that all wireless clients have the correct WEP key to authenticate to your wireless LAN. What setting do you need to select in your WLAN security policy?

  1. Data Encryption (WEP enabled)

  2. Network authentication (Shared mode)

  3. The key is provided to me automatically

  4. Transmit per IEEE 802.1x

8:

You are the network administrator for Flagston Enterprises. The company's Windows Server 2003 network consists of 8 domain controllers, 4 member servers, and 592 Windows XP Professional workstations. You have created a plan to implement a CA. You report to your supervisor that the first CA will be a Root CA. Your plans then call for an Intermediary CA. Your supervisors want to know why an additional CA is required. Of the following, which is a valid reason for adding an Intermediary CA?

  1. All Enterprise CAs require Intermediary CAs to communicate with other CAs.

  2. Enterprise CAs require Active Directory, and the Intermediary CAs do not. Intermediary CAs are used to function with CAs outside this domain.

  3. The Root CA would be secured and taken offline, whereas the Intermediary CA would remain online to issue certificates to certificate requestors.

  4. The Intermediary CA would handle all communication between the Subordinate CAs and the Root CA.

9:

You are the administrator of a large Windows Server 2003 Active Directory network. Your network consists of 1,500 Windows Server 2003 servers spread out over 150 Organizational Units, with approximately 10 servers each. You have just finished creating a customized security template that specifies the Account Policy and Auditing settings that are required for specific departments by your organization's corporate policy. What is the best way for you to apply this template to only the Sales, Marketing, Production, and Engineering OUs?

  1. Import the security template at the domain level into a Group Policy Object.

  2. Import the security template into each required Organizational Unit using a Group Policy Object.

  3. Script the secedit.exe command to apply the security template to the required computers.

  4. Manually apply the security template to each of the computers.

10:

Pete is the network engineer for RDT, Inc. He runs a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. Pete is not sure whether he should design and implement a new switch that connects his additional servers to his server farm and the core network and then connect a new router to route the traffic from VLAN to VLAN. Unaware of any design options, he considers the following options. What should Pete use to connect his new systems to the core network?

  1. Pete should implement a new Layer 3 switch.

  2. Pete should implement a new Layer 2 switch only.

  3. Pete should implement a new Layer 1 switch.

  4. Pete should implement a new router only.

11:

Helper Hal is a leading manufacturer of household goods. The CIO of Helper Hal has hired you to design a new DNS namespace for an upcoming Windows Server 2003 deployment. Helper Hal already owns the helperhal.com domain name. Helper Hal's corporate offices are in England, and satellite offices are located in the United States, Canada, India, Germany, and Japan. The corporate office contains five departments: Sales, Production, Support, Facilities, and Finance. Each satellite office has only Sales and Support departments. Which of the following FQDNs for a client named FILESVR042 in the Production department represents the best designed DNS namespace?

  1. filesvr042.production.helperhal.com

  2. filesvr042.uk.helperhal.com

  3. filesvr042.production.uk.helperhal.com

  4. filesvr042.helperhal.com

12:

Pete is the systems administrator for RDT, Inc. He runs a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. Pete wants to be able to set up a Windows Server 2003 server as a router using the RRAS console and needs to be able to connect up to three different network segments, which are 10.1.1.0 /24, 10.1.2.0 /24, and 10.1.3.0 /24. To do so, Pete needs to build the server as a trihomed unit. He connects three links and sets up the Routing Information Protocol. For some reason, one of the users on the 10.1.1.0 /24 network segment cannot communicate with a system on the 10.1.2.0 /24 segment. What could be the potential problem?

  1. The routing table does not accurately show the route to the destination subnet in question. Pete needs to use the route add command to verify.

  2. The routing table does not accurately show the route to the destination subnet in question. Pete needs to use the route change command to verify.

  3. The routing table does not accurately show the route to the destination subnet in question. Pete needs to use the route check command to verify.

  4. The routing table does not accurately show the route to the destination subnet in question. Pete needs to use the route print command to verify.

13:

Which of the following gives the best description of network load balancing?

  1. Network load balancing distributes all incoming client connection requests to its nodes via a mathematical algorithm.

  2. Network load balancing distributes all incoming client connection requests to its nodes via a round-robin system.

  3. Network load balancing allows multiple nodes to appear as a single system to clients.

  4. Network load balancing allows multiple CPUs to be used in a server.

14:

You are the network administrator for Tom's Travel, an international travel agency. You have been directed to create a backup plan that will ensure your company's critical data is backed up nightly. Your plan must minimize the time that is required each night to perform the backups . Your plan also should require the minimum amount of time and number of tapes possible during the restoration process. What combination of backup types should you use? (Choose two correct answers.)

  1. Copy

  2. Incremental

  3. Normal

  4. Daily

  5. Differential

15:

You are the network administrator for Jeff's Jeep Tours, an Australian tour company. While assisting one of your remote office users with a configuration issue on the user's computer, you have tried unsuccessfully to take control of the user 's computer. Why are you not able to take control? (Select two correct answers.)

  1. Your computer is not configured to allow it to initiate remote control sessions.

  2. The remote computer is not configured to allow it to be controlled remotely.

  3. A firewall is in place blocking the request.

  4. The Novice is not allowing you to take control of his computer.

16:

You are the network administrator for Fast Sloth Enterprises. After increasing the security of your network client computers, you need to implement an auditing system to keep track of times computers are restarted and shut down. Which of the following options should you configure to track these events?

  1. Audit Process Tracking

  2. Audit System Events

  3. Audit Object Access

  4. Audit Privilege Use

17:

You are the network administrator of the Gidgets Widgets, LLC corporate network. You have instructed Andrea, your assistant administrator, to configure file access auditing for all files in the CorpDocs folder on your file server. Where will Andrea find the auditing options in the Group Policy Editor?

  1. Account Policies

  2. Local Policies

  3. Restricted Groups

  4. File System

18:

Sally is the senior network administrator for Runners Corp. She runs a network of 20 Windows Server 2003 systems, as well as 250 Windows XP Professional clients. Sally needs to connect a server to the network. She has been given an IP address of 172.16.1.100 with a subnet mask of 255.255.255.0. She enters the IP address information given and tries to ping a server on a remote subnet. The IP address she is trying to ping is 172.16.2.100. What could the problem be?

  1. Sally needs to change her IP address to 172.16.2.101.

  2. Sally needs to add the default gateway address to the server.

  3. Sally needs to ping localhost to see whether she has IP connectivity.

  4. Sally has done nothing wrong; the problem is most likely with the host at 172.16.2.100.

19:

You are planning a new DNS namespace for Lou's Loghomes, Inc. Security and redundancy are important factors in your design. Which of the following zone types should you choose to ensure the highest level of security and most redundancy possible?

  1. Standard primary

  2. Standard secondary

  3. Stub

  4. Active Directory “integrated

20:

You are the network administrator for QBC Corp. The company has a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. You want to use a tool that can capture packets sent to and from a server. You decide to use Network Monitor, so you try to capture traffic from a remote server. Why are you failing to do so? (Choose only one answer.)

  1. You need to use System Monitor; it tells you what packets are traversing the LAN.

  2. Network Monitor is available only on Windows 2000; Network Analyzer is available on Windows Server 2003.

  3. Network Monitor is for system processes only; it does not pick up network packets.

  4. The version of Network Monitor included with Windows Server 2003 records only packets sent to and from this server and the LAN.

21:

When discussing the process of convergence, what are you referring to?

  1. A network communication sent among individual cluster nodes at intervals of no more than 500 milliseconds that is used to determine the status of all cluster nodes.

  2. The process of a cluster group moving back to the preferred node after the preferred node has resumed cluster membership.

  3. The process by which NLB clustering hosts determine a new, stable state among themselves and elect a new default host after the failure of one or more cluster nodes.

  4. The process of a cluster group moving from the currently active node to another still-functioning node in the cluster group.

22:

You are the network administrator for Tom's Travel, an international travel agency. You are currently performing backups using your approved corporate backup plan. The plan calls for a Normal backup to be made every Saturday night and Differential backups to be made on Monday through Friday nights. On Thursday morning your file server crashes and must be rebuilt with a clean installation of Windows Server 2003. In what order should you use the backup tapes you have?

  1. Friday, Monday, Thursday, Saturday

  2. Tuesday, Monday, Friday

  3. Saturday, Wednesday

  4. Monday, Tuesday, Wednesday, Saturday

  5. Saturday, Wednesday, Tuesday, Monday

23:

You are the network administrator for Roger's Rockets, a manufacturer of toy rocket kits. You are configuring a new WLAN security policy for the wireless clients that are located in your Accounting OU. You want to provide the maximum level of security for your WLAN by requiring that all computers authenticate to the WLAN upon creating their wireless connection. You want the computer to authenticate using its computer account. You are using a RADIUS server to handle authentication, and the authentication database is Active Directory. What setting do you need to configure in the WLAN security policy?

  1. Authenticate as guest when user or computer information is unavailable

  2. Transmit per IEEE 802.1x

  3. Data Encryption (WEP enabled)

  4. Authenticate as computer when computer information is available

24:

Andrea is the network administrator for the Think Pink Bike Company. She has recently finished implementing an auditing solution for her Windows Server 2003 network. Andrea wants to track unauthorized access attempts to the company network. After two weeks, she has not found any authorized access attempts, even though she tried password-guessing several users' accounts just this morning. What is the most likely reason for the problem that Andrea is experiencing?

  1. Andrea has not configured success audits for the Audit Account Logon events option.

  2. Andrea has not configured failure audits for the Audit Account Management option.

  3. Andrea has not configured failure audits for the Audit Logon events.

  4. Andrea has not configured success audits for the Audit Policy Change option.

25:

You are the network administrator for Good Faith Enterprises, LLC. You want to increase the security of your client workstations, which are all Windows 2000 Professional computers, without causing any adverse effect on network communications between computers. You have already completed this same configuration action on all your domain controllers and member servers. Which security template should you use to accomplish your goal?

  1. securews.inf

  2. securedc.inf

  3. compatws.inf

  4. hisecws.inf

26:

You are the network administrator for QBC Corp. The company has a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. You are asked to connect a server to the network. You are given an IP address of 192.168.5.10/16 and a default gateway of 192.168.5.1. You set up the server and connect it to the network via a network cable. After testing all connectivity, you still cannot access resources on the network. The network you are attaching to is 192.168.5.0/24. What do you think the problem may be?

  1. You were given the incorrect IP address.

  2. You were given the incorrect default gateway.

  3. You were given the incorrect subnet mask.

  4. You must have a routing issue; there is nothing wrong with this configuration.

27:

A DNS resolver performs a recursive query against its local DNS server asking it to provide the IP address for the host www.quepublishing.com . Assuming that the local DNS server is not authoritative for the quepublishing.com domain, does not have the answer in its local cache, and is configured for forwarding, what will happen next ?

  1. The local name server will return an error to the DNS resolver stating that it could not resolve the name as requested .

  2. A root name server will make an iterative query to determine the IP address of the quepublishing.com domain.

  3. A root name server will make an iterative query to determine the IP address of the host www.quepublishing.com .

  4. The local DNS server will make an iterative query to a root name server to determine the IP address of the host www.quepublishing.com .

28:

Sally is the senior network administrator for Runners Corp. Sally runs a network of 20 Windows Server 2003 systems, as well as 250 Windows XP Professional clients. Sally would like to implement a new remote access feature called Network Access Quarantine Control on the Windows Server 2003 system. What does this new feature do?

  1. The remote access sender's connection attempt goes into quarantine until verified .

  2. The quarantine holds viruses trying to access your RAS server.

  3. Network quarantine is a central repository that allows you to store antivirus updates deployed to your server.

  4. This new feature enables you to set up a repository where you can store executables that are grabbed from users attempting to connect to your RAS server.

29:

In regards to a network load balancing cluster, what desirable function do port rules provide?

  1. They can be used to allow traffic only on specific ports to be load-balanced , dropping all other traffic.

  2. They assign a unique numerical identifier to each cluster node.

  3. They specify the IP address where the network load balancing cluster can be accessed.

  4. They specify the IP subnet on which the administrative network adapter is to be located.

30:

You are the network administrator for Jorge's Gyms, a health club company. You have been directed to create a backup plan that will back up all data on the Financial department's file servers. The data must be backed up even if it is currently in use by a user. You need to minimize the impact of the backup on user operations. How should you configure the backup plan?

  1. Configure a backup job that backs up data in Remote Storage.

  2. Configure a backup job that compresses data to save space.

  3. Configure a backup job that verifies data after the backup is complete.

  4. Configure a backup job that uses the volume shadow copy.

31:

You are the network administrator for Jeff's Jeep Tours, an Australian tour company. A user in one of your remote locations has sent you an email request for remote assistance, but it expired before you were able to assist the user with her problem. You have called the user on the telephone and informed her of the problem with the expired request. You need to have this request answered . What is the easiest way to handle this situation?

  1. Have the user create a new request and send it to you.

  2. Have the user extend the lifetime of the initial request.

  3. Have the user delete the expired request, causing it to be re-created anew.

  4. Have the user resend the expired request to you again.

32:

You are the network administrator for the Sunbrew Dairy Farms, Inc., corporate network. You have just completed the installation and configuration of SUS for your network. Your client computers are all running Windows 2000 Professional Service Pack 2, and your servers are all Windows Server 2003 computers. After a week passes , you notice that none of your clients have received any updates that are available from your SUS server. What is the most likely reason for this problem?

  1. Your SUS server has lost network connectivity to the Internet and has not downloaded any updates from the Windows Update Web servers.

  2. You have not correctly configured the Group Policy options for Automatic Updates.

  3. The GPO in which you configured the Automatic Updates changes has not been replicated to the rest of the network.

  4. Your client computers are not using the correct version of the Automatic Updates client software.

33:

You are an assistant network administrator for the Nimbus Flying Broom corporation. You are responsible for 75 Windows XP Professional workstations and 5 Windows Server 2003 member server computers. You have been directed to perform a security analysis on each computer, comparing its settings to those contained in the hisecws.inf template. How you can accomplish your assigned task with the least amount of administrative effort and fewest number of trips to remote computers?

  1. The only way to perform this analysis is to physically visit each computer and use the Security Configuration and Analysis snap-in.

  2. You can create a script that runs Security Configuration and Analysis on each computer, collecting the results in a central location for later viewing.

  3. You can create a script that runs the secedit /analyze command on each computer, collecting the results in a central location for later viewing.

  4. You can analyze remote computers from the Security Configuration and Analysis snap-in by targeting it at the desired computer.

34:

Sally is the senior network administrator for Runners Corp. She runs a network of 200 Windows Server 2003 systems, as well as 2,500 Windows XP Professional clients. Sally needs to connect her LAN to the Internet. She is running a large network that has a private addressing scheme of 10.1.0.0/16. To connect the Internet, Sally must set up what technology on the Internet firewall to get on to the public range of 12.1.1.0?

  1. IPSec

  2. NAT

  3. RIP

  4. BGP

35:

What new feature of Windows Server 2003's DNS service allows you to configure multiple DNS forwarders depending on the destination domain?

  1. DNS forwarder

  2. DNS resolver

  3. Conditional forwarding

  4. Recursion

36:

Pete is the systems administrator for RDT, Inc. He runs a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. Pete has a problem with a remote site (10.10.2.0) from his campus network. None of the users from a remote site company can access his Exchange server (10.10.1.10) in the core network he is responsible for. Pete needs to verify that this is a problem with the Exchange server, or something else. What is the best troubleshooting step Pete should take?

  1. Pete should have the remote users ping his default gateway. If he receives a response, it must be the users' problem.

  2. Pete should have the remote users ping his default gateway. If there is no response, it must be the Exchange server's problem.

  3. Pete should do a tracert to the Exchange server and see what path it takes and then ping the server to see if it replies.

  4. Pete should ping 10.10.1.10, ping 10.10.2.1 (default gateway), and then have a remote user ping 10.10.1.1 (default gateway).

37:

You are preparing to implement a network load balancing solution for your company's Web site. You will be load balancing six Windows Server 2003 computers running IIS. Employees and customers using the FTP protocol use the IIS servers only to upload and download files. What type of affinity should you configure to ensure that clients receive the best overall possible service during their connection period?

  1. None

  2. Class C

  3. Multiple

  4. Single

38:

You are the network administrator for Jorge's Gyms, a health club company. You have enabled volume shadow copy on your Financial department file server using the default configuration. With these settings, how many days' worth of historical data will be available to your users?

  1. 14

  2. 21

  3. 28

  4. 32

  5. 45

39:

You are the network administrator for Herb's Happenings, a public relations firm. You are preparing to create a new IPSec policy that will be used to secure all internal network traffic. What available user authentication methods does IPSec in Windows Server 2003 offer? (Choose all that apply.)

  1. NTLM v2

  2. Kerberos v5

  3. EFS

  4. Digital certificate

  5. Shared secret

  6. WEP

40:

You are the network administrator for the Wing Walkers, Inc., corporate network. You are configuring SUS for your network's client computers, which are all running Windows XP Professional Service Pack 1. You want all client computers to automatically download from your SUS server and install any required updates each night at 11:30 p.m. After the updates have been installed, you want the client computers to restart so that the updates can fully install and the computers will be ready for work the next morning. What must you do to ensure that updates will be installed each night and the computers will be restarted after the updates are installed? (Choose all that apply.)

  1. You must configure the Automatic Updates client options on each of your Windows XP Professional Service Pack 1 client computers to download and install updates nightly.

  2. You must set the Configure Automatic Updates option in Group Policy to Enabled and set option 4. You then need to configure a schedule for nightly updates at 11:30 p.m.

  3. You must set the No Auto-Restart for Scheduled Automatic Updates Installations option in Group Policy to Disabled.

  4. You must set the Specify Intranet Microsoft Update Server Location option in Group Policy to Enabled and enter the URL of your SUS server.

41:

You are the network administrator for Fast Sloth Enterprises. You need to increase the security of your Windows XP Professional client computers and Windows Server 2003 servers. Which security template should you apply to your workstations to ensure they have the most secure configuration?

  1. securews.inf

  2. hisecdc.inf

  3. hisecws.inf

  4. rootsec.inf

42:

Pete is the systems administrator for RDT, Inc. He runs a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. Pete has to connect all his internal clients to the Internet, but he has only one public IP address. He also needs to accelerate the speed of Internet access while at the same time minimizing impact on the Internet bandwidth. What device should he use on his network?

  1. Layer 4 Router

  2. SNA Server

  3. Load Balancer

  4. Proxy Server

43:

You are concerned about the security of your organization's private internal network. As such, you have configured the firewall to allow traffic only on UDP and TCP ports 53 from one IP address: 192.168.100.133. Your firewall creates dynamic response rules that will allow valid return traffic back to the DNS server if it is a response back to traffic originating from the DNS server. Your internal network contains four internal DNS servers, and your network users must be able to perform external name resolution regardless of which DNS server their query is sent to. What should you to do ensure that only the DNS server with IP address 192.168.100.133 makes external DNS queries?

  1. Configure the other three DNS servers to forward name resolution requests for all domains other than the internal namespace to the DNS server with IP address 192.168.100.133. This server will then perform name resolution by using Internet DNS servers.

  2. Disable the other three DNS servers to prevent them from providing name resolution services.

  3. Configure all four internal DNS servers to be forwarders to an external DNS server.

  4. Configure all client computers to use the DNS server with IP address 192.168.100.133 as the primary DNS server.

44:

You are the network administrator for QBC Corp. The company has a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. You have a problem with a remote server that does not seem to show up in one of your MMCs. You need to access this server, so you try to ping it but get no response. What is your next step? (Choose the best answer.)

  1. Try running a tracert to the remote server.

  2. Try using the netsh command with a routing> prompt and ping to the remote server.

  3. Try using the arp -a command to the remote server.

  4. Try using the ipconfig /check command on the remote server.

45:

You are preparing to implement a network load balancing solution for your company's Web site. You will be load balancing six Windows Server 2003 computers running IIS. Why would you want to ensure that each server has two network adapters installed for this type of solution?

  1. To allow for double the load-balanced traffic

  2. To separate the load-balanced traffic from the administrative traffic

  3. To provide extra redundancy in case an adapter fails

  4. To allow a multicast MAC address to be used

46:

You are the network administrator for Jorge's Gyms, a health club company. You have enabled volume shadow copy on your Financial department's file server using the default configuration. When you try to look at the previous versions of the shared folder locally at the file server using Windows Explorer, you do not have the Previous Versions tab on the share Properties dialog box. What is the reason for this problem?

  1. You did not install the Previous Versions Client on the server.

  2. The volume shadow copy has run out of free space on the disk.

  3. The volume shadow copy service has stopped .

  4. You can view shadow copies only over the network using My Network Places.

47:

You are the network administrator for Jeff's Jeep Tours, an Australian tour company. You need to connect to the console session of one of your Windows Server 2003 computers to perform some configuration actions. What tool does Windows Server 2003 provide that allows you to do this?

  1. The Remote Desktops console

  2. The Web Interface for Remote Administration

  3. The Remote Desktop Connection Web utility

  4. The Remote Desktop Connection utility

48:

Austin is the network administrator for Captain Bob's Ocean Fantasies, a retailer specializing in hard-to-find ocean- related collectible items. As part of his smart card solution, Austin has decided to limit the number of incorrect logon attempts that users can make within a specified amount of time. Where, within the Group Policy Editor, would Austin be able to locate the settings that he needs to configure?

  1. Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy

  2. Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options

  3. Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Client/Server data redirection

  4. Computer Configuration\Windows Settings\Security Settings\Public Key Policies

49:

Hannah is the network administrator for Think Pink Bicycles, Inc. She is attempting to configure the Engineering Organizational Unit in her Windows Server 2003 network with the securews.inf template. There are 30 member file and print servers in this OU, along with approximately 500 Windows XP Professional workstations. Which of the following methods of applying the securews.inf template would be the most administratively efficient?

  1. Using the Security Configuration and Analysis snap-in

  2. Using the secedit.exe command

  3. Using Group Policy

  4. Using the Domain Controller Security Policy console

50:

Marshall is the network administrator for QBC Corp. He runs a network of 20 Windows Server 2003 systems on a network backbone, as well as 200 Windows XP Professional clients. Marshall is asked to protect his network from Internet-based attacks. He needs to put in a device that will help him to secure his network from attack. What device would you recommend that Marshall install?

  1. NIC

  2. IPSec Client

  3. Network Monitor

  4. Firewall

51:

Andrea is an administrator for Carmine's Circus Clowns, Inc. She was just recently hired after the last administrator, oddly enough, ran off to join the circus. Carmine's network includes two domain controllers and three member servers providing file, print, and backup/restoration services. Carmine, the president of the company, has instructed Andrea to implement a more secure configuration on all five Windows Server 2003 servers. Andrea has decided to use the secure templates but is not sure what the current configuration is on each server because the last administrator did not keep any records. What is the best way for Andrea to go about configuring these servers with the secure templates?

  1. Andrea should apply the default security template from one of her member servers to all five servers and then apply the securews.inf and securedc.inf templates to them.

  2. Andrea should apply the default security template found on each computer to that specific computer. After doing this, she should then apply the securews.inf template to her domain controllers and the securedc.inf template to her member servers.

  3. Andrea should reinstall Windows Server 2003 on all five servers and re-create the domain. After doing this, she should apply the securews.inf and securedc.inf templates to her servers.

  4. Andrea should apply the default security template found on each computer to that specific computer. After doing this, she should then apply the securedc.inf template to her domain controllers and the securews.inf template to her member servers.

52:

Sally is the senior network administrator for Runners Corp. She runs a network of 20 Windows Server 2003 systems, as well as 250 Windows XP Professional clients. Sally needs to deploy a multicasting solution that allows all multicast traffic to pass through her network and to the MBone, which is the multicast backbone on the Internet. How can Sally set up her Windows Server 2003 system to make sure that it can participate in the forwarding of multicast traffic?

  1. Set up ICMP routing

  2. Set up IGMP routing

  3. Set up OSPF routing

  4. Set up RIP routing

53:

You are the network administrator for QBC Corp. The company has a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. You have a problem with a router a few hops away because it does not seem to be passing traffic past it. What tool can you use to troubleshoot with?

  1. Use Trace Route .

  2. Use Traceroute .

  3. Use Tracert .

  4. Use Trace .

54:

You are the network administrator for Jorge's Gyms, a health club company. You have enabled volume shadow copy on your Financial department's file server using the default configuration. When you try to look at the previous versions of the shared folder from one of your Windows XP Professional workstations using My Network Places, you do not see the Previous Versions tab on the share Properties dialog box. What is the reason for this problem?

  1. You did not install the Previous Versions Client on the client.

  2. The volume shadow copy has run out of free space on the disk.

  3. The volume shadow copy service has stopped.

  4. You can view shadow copies only over the network using My Network Places.

55:

You are the network administrator for Herb's Happenings, a public relations firm. You are preparing to create a new IPSec policy that will be used to secure all internal network traffic. What available data encryption methods does IPSec in Windows Server 2003 offer? (Choose all that apply.)

  1. DES

  2. SHA1

  3. MD5

  4. AES

  5. 3DES

56:

Austin is the network administrator for Captain Bob's Ocean Fantasies, a retailer specializing in hard-to-find ocean-related collectible items. Captain Bob's network currently has about 500 remote traveling users who connect to the network via Terminal Services using their smart cards for authentication. A new change in company policy requires that remote users will no longer be able to make Terminal Services connections to the network, but instead can create and use VPN tunnels to one of the available RRAS servers. In addition to announcing this policy change, what else can Austin do to ensure that his remote smart card users do not make Terminal Services connections?

  1. Interactive logon: Require smart card

  2. Interactive logon: Smart card removal behavior

  3. Do not allow smart card device redirection

  4. Account Lockout Policy

57:

You have just completed an analysis of a computer using the Security Configuration and Analysis snap-in. When you examine the results, you notice several items that have an X icon next to them. What does this icon indicate ?

  1. The item is not defined in the analysis database and was not examined on the computer.

  2. The item is defined in the analysis database and on the computer and matches the currently configured setting.

  3. The item is defined in the analysis database but not on the computer.

  4. The item is defined in the analysis database and on the computer, but does not match the current configured setting.

58:

You are the network administrator for QBC Corp. The company has a network of 25 Windows Server 2003 systems on a network backbone, as well as 300 Windows XP Professional clients. You need to set up a new Windows Server 2003 system on your network. You are given an IP address, a subnet mask, and a default gateway. Your IP address is 10.0.1.10 /8, and the default gateway is 10.0.1.1. You are trying to connect to and ping the default gateway but are not able to. You analyze the router and find that it has the IP configured as 10.0.1.1 /24 on the Ethernet port. What do you think the problem is?

  1. Bad IP address assignment

  2. Bad default gateway assignment

  3. Bad Ethernet port assignment

  4. Bad subnet mask assignment

59:

You are in the process of creating a customized security solution for your network's computers. You want to edit the securedc.inf template in a text editor. Where can you find the preconfigured security templates?

  1. %systemroot%\system32\security

  2. %systemroot%\security\templates

  3. WINNT\security\templates

  4. %systemroot%\system32\templates

60:

Andrea is the network administrator of the Beachside Entertainment Group, Incorporated network. Beachside owns and operates several miniature golf centers in resort destinations. Andrea is preparing to implement a smart card solution for use by all Beachside Entertainment employees because their computers are often lacking in other forms of security, such as physical security. Beachside has locations in 5 eastern states with a total of 17 offices, including the corporate offices in Chincoteague, Virginia. Andrea has decided to use self-enrollment for her smart card users. Which of the following items must Andrea take into consideration for her self-enrollment plan to work effectively and securely? (Choose two correct answers.)

  1. Andrea must ensure that all required users get a blank smart card.

  2. Andrea should configure her CAs not to automatically issue smart card user certificates when requested.

  3. Andrea must ensure that all required users get a ready-to-use smart card.

  4. Andrea must ensure that only trusted users are tasked with the job of performing the smart card certificate enrollments.

  5. Andrea must ensure that she has selected enough enrollment agents to perform the smart card enrollments for users without becoming overburdened.

61:

You are the network administrator for Herb's Happenings, a public relations firm. You are preparing to create a new IPSec policy that will be used to secure all international network traffic. You need to configure this new IPSec policy such that the computers at each end of the connection will communicate with each other and agree on the security parameters that are to be used. What filter action do you need to configure to ensure this behavior occurs?

  1. Permit

  2. Block

  3. Negotiate

  4. Open

62:

You are the network administrator for Herb's Happenings, a public relations firm. You have decided to use one of the preconfigured IPSec policies that come in Windows Server 2003 to secure network traffic on your international network. Which of the following policies are included with Windows Server 2003? (Choose all that apply.)

  1. Client (Respond Only)

  2. Client (Request Security)

  3. Client (Require Security)

  4. Server (Respond Only)

  5. Server (Request Security)

  6. Server (Require Security)

  7. Secure Server (Respond Only)

  8. Secure Server (Request Security)

  9. Secure Server (Require Security)

63:

You are the network administrator for Herb's Happenings, a public relations firm. You are preparing to create a new IPSec policy that will be used to secure all internal network traffic. What available data hashing methods does IPSec in Windows Server 2003 offer? (Choose all that apply.)

  1. DES

  2. SHA1

  3. MD5

  4. AES

  5. 3DES

64:

You are the network administrator for Nebuchadnezzar Furnaces. The company's Windows Server 2003 domain consists of domain controllers, 2 member servers, and 765 Windows XP Professional workstations. Daniel, your supervisor, reports to you that he suspects that Sam is still accessing the network through the Internet, although he was fired from the company 12 days ago. He asks you to resolve the matter so that Sam cannot access the network remotely. What two actions can you perform that would ensure that Sam can no longer use his digital certificate to access the network?

  1. Delete Sam's previously assigned certificate.

  2. Revoke Sam's previously assigned certificate.

  3. Force Sam's certificate to expire early.

  4. Publish the CRL.

65:

You are the network administrator for Phil's Fillup Stations, Inc. Your CIO has tasked you with increasing the security of all member servers on your network. After examining the security settings configured in the Secure and Highly Secure templates, you have decided that neither one of them completely meets your requirements. You must configure the required settings as efficiently and safely as possible. Which of the following represent the two best available options that you could choose to configure your servers as required? (Choose two correct answers.)

  1. Create a new (empty) security template and configure the settings you need in it.

  2. Modify the securews.inf security template, changing and adding options as needed.

  3. Configure the member server settings from the Local Security Policy console on each member server.

  4. Configure the security settings you need directly into a Group Policy Object linked to the OU containing the member servers.




MCSE Windows Server 2003 Network Infrastructure (Exam 70-293)
MCSE 70-293 Exam Prep: Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (2nd Edition)
ISBN: 0789736500
EAN: 2147483647
Year: 2003
Pages: 151
Authors: Will Schmied

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net