Answers and Explanations


1.

B. Because you will never exceed 14 hosts per subnet, the correct subnet mask is 255.255.255.240. Using the subnet mask of 255.255.255.224 would allow for 14 hosts, but is wasteful since it actually creates subnets containing room for 30 hosts, thus limiting future growth; thus Answer A is incorrect. Using the subnet mask of 255.255.255.248 would result in only 6 usable IP addresses per subnet, thus Answer C is incorrect. Using the subnet mask of 255.255.255.0 would result in no subnetting at all, thus Answer D is incorrect. For more information, see Chapter 1, "Configuring and Troubleshooting TCP/IP Addressing."

2.

A.. Windows XP client computers interact directly with the DNS server to update their A resource records. The DHCP server will update the PTR records for Windows XP client computers and both the A records and the PTR records for non-Windows XP/2000 client computers; therefore Answers B, C, and D are all incorrect. For more information, see Chapter 2, "Implementing, Managing, and Troubleshooting DHCP."

3.

D.. When you configure a DNS server as cache only, the server does not have any zone information. As a result, no information is stored on the hard drive, nor in Active Directory; thus Answers A and C are incorrect. While there is a cache of resolution information in the server's RAM, there are not any zone files; thus Answer B is incorrect. For more information, see Chapter 3, "Implementing and Managing DNS."

4.

B.. The best way to apply the settings to only the computers that require them is to import the template into a GPO associated with all the OUs that require the settings. (You can have one GPO linked to multiple OUs if desired to increase administrative efficiency.) Importing the security template into the domain-level GPO would apply the settings to all computers in the domain, most likely with unwanted side effects; thus Answer A is incorrect. Scripting the secedit command or manually applying the template to each computer are both ways to accomplish the task, but neither of them is as efficient as importing the template into a GPO; thus Answers C and D are incorrect. For more information, see Chapter 5, "Implementing, Managing, and Maintaining Network Security."

5.

B.. Split horizon is a mechanism that prevents routing information from being sent back in the direction from which it was received. Distance-vector routing is a type of routing protocol, such as RIP; thus Answer A is incorrect. Poison reverse allows routes to be broadcast back to the interface from which they were received, and buy indicates that the network is unreachable; thus Answer C is incorrect. A topological database is used by OSPF routers to keep LSAs of other OSPF routers; thus Answer D is incorrect. For more information, see Chapter 7, "Implementing, Managing and Troubleshooting Routing."

6.

D.. If you did not modify the default dial-in policy, no users will be able to connect. The default policy's permissions are set to deny access for everyone. Windows XP is a supported client for RRAS connections; thus Answer A is incorrect. Although having multiple, conflicting, remote access policies will create a similar problem, it's more likely that the default policy was not modified to allow access in this scenario; thus Answer B is incorrect. It is not required to configure MS-CHAP as the authentication protocol; thus Answer C incorrect. For more information, see Chapter 6, "Implementing, Managing and Troubleshooting Network Access."

7.

B.. The yyyymmddhh log numbering format would provide the easiest method of determining the date and time each counter log was created. The log numbering formats given in Answers A, C, and D are all missing some information that you will need to accurately determine the date (year, month, and date) and time that the log was created. For more information, see Chapter 9, "Maintaining and Troubleshooting a Network Infrastructure."

8.

A.. When you're converting from decimal to binary, 209.168.241.158 is equal to 11010001.10101000.11110001.10011110; thus Answers B, C, and D are incorrect. For more information, see Chapter 1.

9.

C.. Answer B could be a good answer, but because 465 computers are on the same segment, you need to get two Class C addresses and configure a superscope. While you should take the time to ensure DHCP and DNS are properly integrated, you will still need a superscope; thus Answer A is not correct. BOOTP is not required for Windows workstations; thus Answer D is not required. For more information, see Chapter 2.

10.

A, C.. In order to ensure that users can resolve hostnames to IP addresses, you need to create a forward lookup zone. In order to ensure that users can resolve IP addresses to hostnames, you need to create a reverse lookup zone. Creating a stub zone or delegated zone are more advanced configuration options that will not help you get DNS name resolution working for a new installation; thus Answers B and D are incorrect. For more information, see Chapter 3.

11.

B.. The Local Policies node of the Group Policy Editor contains three subnodes: Audit Policy, User Rights Assignment, and Security Options. The Audit Policy subnode is where Andrea will find the auditing items she needs to configure; thus Answers A, C, and D are all incorrect. For more information, see Chapter 5.

12.

C.. One of the major problems with distance-vector routing is the count-to-infinity problem. The cost of the Windows software is typically comparable or lower than a hardware routing device, but this is not typically an item of great concern when choosing a solution; thus Answer A is incorrect. Distance-vector routing protocols actually have a high overhead on the network, which is another major problem they suffer from; thus Answer B is incorrect. Distance-vector routing protocols such as RIP have a maximum hop count of 16, not 12; thus Answer D is incorrect. For more information, see Chapter 7.

13.

D.. Remote access policies are stored individually on each RRAS server; thus Answers A, B, and C are all incorrect. For more information, see Chapter 6.

14.

C.. The most administratively efficient solution is to configure the service (from the Recovery tab) to restart the server after the second failure of the service. Repeated problems with a service usually indicate deeper problems, such as other services that are failing. Only by restarting the server can you reset all services back to a known functional state. Long-term problems of this sort will likely require further troubleshooting and repair. Writing a batch script to perform an action is certainly possible, but since you only need to restart the server, you can do this more efficiently using the service's properties; thus Answers A and B are incorrect. Restarting just the service might well fix the problem as well in most cases, but typically when a server is having this type of problem, it's best to just restart the entire server if you can; thus Answer D is incorrect. For more information, see Chapter 9.

15.

C.. When you're converting from binary to decimal, 11001100.10101110.00011101.11101010 is equal to 204.174.29.234; thus Answers A, B, and D are incorrect. For more information, see Chapter 1.

16.

A, D.. The DHCP server's primary function is to assign a unique IP address to the requesting client computers. DHCP servers can also be used to assign the IP address of the DNS server, the default gateway, the WINS server, and various other options. The IP address of the DHCP server is certainly unknown to the client when it does its broadcast to search for a DHCP server; thus Answer B is incorrect. You cannot pass file server IP address information to clients via DHCP; thus Answer C is incorrect. Active Directory-aware clients (such as Windows XP and Windows 2000) will query DNS for the service record of the Domain Controller that should service them; thus Answer E is incorrect. For more information, see Chapter 2.

17.

A.. In the FQDN sarah.training.urwrite.net, sarah identifies the host part. TRaining identifies a child domain, urwrite is the domain name, and net is the top-level domain; thus Answers B, C, and D are all incorrect. For more information, see Chapter 3.

18.

A.. By applying the Secure template, securews.inf, you can increase the security of the client workstations without adversely affecting network communications. The securedc.inf template is to be used for Domain Controllers, not workstations; thus Answer B is incorrect. The compatws.inf template will actually reduce the security of workstations it is applied to; thus Answer C is incorrect. The hisecws.inf template will increase the workstation security, but will likely cause adverse effects as well; thus Answer D is incorrect. For more information, see Chapter 5.

19.

B.. Since you've already performed the capture, the best thing to do would be to create a display filter that filters out the captured data. In doing so, you can view only the specific information you're looking for. Answer A is incorrect because capture filters are created before a capture is started. Answer C is incorrect because you cannot enable a routing protocol on a network adapter. Although you can start Network Monitor from the command line, Answer D is incorrect because what you need to do is create the display filter for the data you already have. For more information, see Chapter 9.

20.

A, B.. Both PPTP and L2TP, use PPP to provide the original envelope for the data. EAP and SPAP are remote access authentication protocols; thus Answers C and D are incorrect. For more information, see Chapter 6.

21.

C, D.. Services that the Print Spooler service is dependent on and that are not functioning properly can cause the Print Spooler service to function improperlyas noted in the question. In addition, a misconfigured or incorrect account that is being used by the service can lead to problems and the inability to perform its intended function. Bad printer drivers can cause problems for the server itself and cause printing to not function correctly for the printer using the drivers, but it will not likely cause problems with the Print Spooler itself; thus Answer A is incorrect. Services dependent on the Print Spooler will not function correctly when the Print Spooler is not functioning, but they will not cause the Print Spooler to malfunction; thus Answer B is incorrect. Cabling problems will not cause issues with the Print Spooler; thus Answer E is incorrect. For more information, see Chapter 9.

22.

D.. By using the first 6 bits of the third octet, you allow up to 1,024 hosts per network. You also allow for the network to be segmented into up to 62 subnets; thus Answers A, B, and C are incorrect. For more information, see Chapter 1.

23.

B.. The client computer will receive a DHCPNCK message after successfully receiving or renewing a TCP/IP address from the DHCP server. When the client computer first requests an IP address, it issues a DHCPDISCOVER message to find a DHCP server; thus Answer A is incorrect. It then receives a DHCPOFFER message from each DHCP server; thus Answer C is incorrect. It sends a request (DHCPREQUEST) to use the address to the DHCP server that originated the offer; thus Answer D is incorrect. For more information, see Chapter 2.

24.

D.. The logical processing order that the DNS server uses to resolve a FQDN to an IP address request is that it first checks the DNS server's local cache. If the DNS server cannot resolve the request from the cache, it then forwards the request to the appropriate root server; thus Answers A, B, and C are incorrect. For more information, see Chapter 3.

25.

C.. The easiest way to accomplish this task is to create a script that runs the secedit/analyze command on the computers and collects the results in a central network location. Visiting each computer is not going to be efficient; thus Answer A is incorrect. You can script the secedit command, but not Security Configuration and Analysis itself; thus Answer B is incorrect. Remote computers cannot be targeted by Security Configuration and Analysis; thus Answer D is incorrect. For more information, see Chapter 5.

26.

A.. You have to configure RIP to use broadcast, not multicast. OSPF is not required to solve this problem; thus Answer B is incorrect. RIP has a maximum hop count of 16, but this has no bearing on the problem at hand; thus Answer C incorrect. You do not need to change the incoming packet protocol; thus Answer D is incorrect. For more information, see Chapter 7.

27.

D.. EAP supports smart card authentication. None of the other listed authentication protocols are designed to work with smart cards; thus Answers A, B, C, and E are all incorrect. For more information, see Chapter 6.

28.

C.. The pathping tool acts as the equivalent of the tracert command by allowing you to identify which routers are in the path that the packets are taking. It also acts as the equivalent of the ping command by sending ping requests to all the routers over a specified time period and then computing statistics based on the packets returned from each router. pathping displays the amount of packet loss at each router or link and allows you to determine which routers and links (subnets) might be the cause of connectivity troubles. Using the ping, nslookup, or tracert commands won't show you where packet loss is occurring; thus Answers A, B, and E are all incorrect. The Network Diagnostics utility does not show packet loss either; thus Answer D is incorrect. For more information, see Chapter 9.

29.

B.. In the majority of cases in which a computer configured for DHCP suddenly cannot communicate with the rest of the network, the cause is due to the computer having assigned itself an APIPA IP address. APIPA IP addresses are assigned from the IP address range 169.254.0.1169.254.255.254, with a subnet mask of 255.255.0.0. This, in most cases, completely prevents an APIPA-configured computer from carrying out any other normal communications on the network. Having a damaged network cable (or any other damaged network device) is certainly a possible cause of this problem, but it is not the most common one; thus Answer A is incorrect. A computer does not need to be part of the Active Directory domain to get a DHCP lease; thus Answer C is incorrect. The chances of the TCP/IP stack being corrupt are very small and not a likely cause; thus Answer D is incorrect. For more information, see Chapter 1.

30.

B.. You need to configure a superscope. You already have multiple scopes since you have multiple subnets; thus Answer A is not going to help. Since multicast was not mentioned as a need, you don't need to configure a scope for it; thus Answer C is incorrect. BOOTP is not required for Windows computers, thus Answer D is incorrect. For more information, see Chapter 2.

31.

C.. The correct record to add to the DNS server when you want to add an alias is the CNAME record. The A record is used to map a host name to an IP address; thus Answer A is incorrect. The MX record is used to specify SMTP servers; thus Answer B is incorrect. The PTR record is used to map an IP address to a host name; thus Answer D is incorrect. For more information, see Chapter 3.

32.

C.. The correct steps to be used to perform an analysis of a computer with the Security Configuration and Analysis snap-in are as follows: Select Open Database, select the database, select the security template, select Analyze Computer, select the log file, select Configure Computer; thus Answers A, B, and D are all incorrect. For more information, see Chapter 5.

33.

A, B, C.. There are many ways to prevent count-to-infinity problems, including using split horizon, split horizon with poison reverse, and triggered update. Link-state routing is another routing technology; thus Answer D is incorrect. Dynamic DNS won't help you with count-to-infinity problems; thus Answer E is incorrect. While strong passwords are always recommended, they won't help with this problem either; thus Answer E is incorrect. For more information, see Chapter 7.

34.

A.. You need to create a different remote access policy for each region using the security group for that region to allow access during the allowable times for that region. You will need to create a total of eight policies since each region has different times that they are allowed to access the network via RRAS. While it's always good practice to have redundancy in your server design, it is not required to have different RRAS servers for each group; thus Answer B is incorrect. You can't control RRAS remote access via local security policies; thus Answer C is incorrect. Giving all remote users the policy does not meet the requirements you face; thus Answer D is incorrect. For more information, see Chapter 6.

35.

B, D.. The Negotiation Failures statistic displays the total number of negotiation failures that occurred during Main Mode or Quick Mode negotiation. This is a useful statistic to use to determine whether security and/or authentication methods do not match between two computers attempting communications. IPSec, as a service, is running by default on Windows 2000 and XP computers; thus there is no need to "enable" it. You do need to configure it by applying one or more IPSec policies as indicated in this scenario, however; thus Answer A is incorrect. If your Domain Controllers were not responding, you'd have a lot bigger problems than those just dealing with IPSec policies; thus Answer C is incorrect. For more information, see Chapter 8, "Implementing, Managing and Troubleshooting IPSec to Secure Network Traffic."

36.

A.. Using the ipconfig command to verify that the workstations have the correct TCP/IP configuration would be the most efficient place to start your troubleshooting. Once you've verified the TCP/IP configuration, and the problem still remains, you'd likely next move onto using the ping command to test basic network connectivity between the server and workstations; thus Answer C is incorrect. The nslookup command would likely not be used until after using the ipconfig and ping commands, as it is for more specific name resolution issues; thus Answer B is incorrect. The telnet command, used for creating remote sessions on servers, won't likely help you troubleshoot this issue; thus Answer D is incorrect. For more information, see Chapter 1.

37.

C.. Before a Windows Server 2003 DHCP server can issue any IP addresses, it needs to be authorized. Only members of the Enterprise Administrators group have the right to authorize DHCP servers in Active Directory. DHCP servers are not activated; thus Answer A is incorrect. The scope was already activated during the creation and configuration process, thus Answer B is incorrect. The scope options are very straightforward and very difficult to misconfigure. Although it is possible, the most likely explanation is that you did not authorize the server; thus Answer D is incorrect. For more information, see Chapter 2.

38.

B.. The maximum number of characters that you can have in a node is 63; thus Answers A, C, and D are incorrect. An FQDN can have a maximum of 255 characters. For more information, see Chapter 3.

39.

D.. A red X icon next to an item in the Security Configuration and Analysis snap-in results indicates that the item is present in both the database and the computer, but does not match the currently configured setting. A question mark indicates that the item is not defined in the analysis database and was not examined on the computer; thus Answer A is incorrect. A green check mark indicates that the item is defined in the analysis database and on the computer and matches the currently configured setting; thus Answer B is incorrect. An exclamation point indicates that the item is defined in the analysis database but not on the computer; thus Answer C is incorrect. For more information, see Chapter 5.

40.

A.. Because you are working with a small, static network and you are tasked with using the solution that has the lowest impact on resources, using static routes is the correct solution. RIP and OSPF are both available routing protocols that are overkill for this scenario; thus Answers B and C are incorrect. An autostatic update is a request from a router for all known routes or services from the router on the other side of the connection; thus Answer B is incorrect. For more information, see Chapter 7.

41.

B.. Since you have 12 custom policies, plus the default policy, you most likely have some conflicting policies, and the first one that is applied is refusing the users access. IPSec does not need to be enabled; thus Answer A is incorrect. Configuring MS-CHAP for authentication is not the most likely problem; thus Answer C is incorrect. If you have not created any custom policies, then the default policy would likely be your problem. But, with all of the policies you've created, one of them is likely to blame; thus Answer D is incorrect. For more information, see Chapter 6.

42.

B.. Soft associations are an indication that SAs have been formed with computers that do not support IPSec or were not able to negotiate successful IPSec connections. Soft associations can be an indication of mismatched security and authentication settings; thus Answers A, C, and D are all incorrect. For more information, see Chapter 8.

43.

A, B, C, D.. At a minimum, each computer using TCP/IP must have a valid IP address and subnet mask. Because these servers will be communicating with computers on other subnets, a valid default gateway will also be required to route packets off the local subnet. The servers should also have one or more valid DNS server IP addresses configured on them to facilitate domain service lookups and user authentication. WINS server information or custom DNS suffixes are sometimes helpful information to have configured, but are not part of the required minimum configured; thus Answers E and F are incorrect. For more information, see Chapter 1.

44.

A.. The performance counter that counts the number of DHCPOFFER messages sent per second by the DHCP server to a client computer is Offers/Sec. The Discovers/Sec counter monitors the number of DHCPDISCOVER messages received per second by the server; thus Answer B is incorrect. The Acks/Sec counter monitors the number of DHCPACK messages sent per second by the DHCP server to client computers; thus Answer C is incorrect. DHCPAcks/Sec is not a real counter; thus Answer D is incorrect. For more information, see Chapter 2.

45.

B.. By configuring standard secondary zones for all remote locations, you can provide a local name resolution solution and reduce the additional traffic placed on the WAN links due to the DNS service. Each secondary zone server will perform zone transfers with the corporate data center DNS servers, which is still likely much less traffic than handling the individual name resolution queries. Although a good idea, simply configuring your zones as Active Directory integrated won't help out with the WAN link traffic concern; thus Answer A is incorrect. Putting secondary zones on the corporate data center DNS servers won't help out with the WAN link traffic concern; thus Answer C is incorrect. Stub zones aren't going to reduce the WAN link traffic either; thus Answer D is incorrect. For more information, see Chapter 3.

46.

D.. Only Answer D meets all the specified requirements that Christopher has for performing this analysis: He must use the Secure template for a member server (securews.inf), and he must ensure that the database is cleared before the security template is imported. Answer C appears to meet these requirements, but it does not provide for clearing the database before importing the security template. The command presented in Answer A is incorrect because it uses the securedc.inf template. The command presented in Answer B is incorrect because it is actually going to configure, and not analyze, security settings. For more information, see Chapter 5.

47.

B.. The only correct syntax for this command is route add 10.10.10.0 mask 255.255.255.0 10.10.10.254 metric 2; thus Answers A, C, and D are incorrect. For more information, see Chapter 7.

48.

B, D, E.. PPTP requires an IP-based transit network. L2TP requires only that the tunnel media provide packet-oriented point-to-point connectivity; thus Answer A is incorrect. L2TP supports header compression, whereas PPTP does not; thus Answer C is incorrect. L2TP supports tunnel authentication, whereas PPTP does not. PPTP uses encryption; L2TP requires IPSec for encryption. L2TP can be used on a variety of hardware- and software-based devices, not just Windows based, thus Answer F incorrect. For more information, see Chapter 6.

49.

C.. Answers A and B could also be good answers, but the best answer is Answer C, as one of the major problems with distance-vector routing is the count-to-infinity problem. The hop count is limited to 16; thus Answer D is incorrect. For more information, see Chapter 7.

50.

B.. Using the nslookup command would allow you to query the DNS server to verify entries. You won't find any zone entries on the server's Properties dialog or in the Event Log; thus Answers A and D are incorrect. While the ipconfig command is useful for many TCP/IP-related tasks, this is not one of them; thus Answer C is incorrect. For more information, see Chapter 3.

51.

D.. Before the IP addresses can cross over the router, you need to enable the BOOTP forwarder; thus Answer C is incorrect. There is not any such thing as a DHCP forwarder or BOOTP forwarder on a DHCP server; thus Answers A and B are incorrect. For more information, see Chapter 2.

52.

C.. When you configure an Active Directoryintegrated zone, the information is stored in the Active Directory database file itself; thus Answers A, B, and D are incorrect. For more information, see Chapter 3.

53.

D.. In a situation in which you do not know what the current security configuration is, you should apply the Default security template to the computer. Each computer has its own Default security template. This default security template is created at the time of Windows Server 2003 installation for member servers and at the time of promotion for Domain Controllers. You should not apply the Default security template from one computer to any other computer; thus Answer A is incorrect. After you reset the security configuration back to a known state by using the Default template, the secure templates can be successfully applied to create the desired level of security. Recall that security templates are incremental and only build on the security configuration already configuredthey do not reset the computers' security configuration back to the default settings before any changes were made. Andrea should not apply a workstation template to a server, much less a Domain Controller; thus Answer B is incorrect. Reinstalling Windows Server 2003 on the servers would certainly put them in a known state, but is way beyond what is needed here; thus Answer C is incorrect. For more information, see Chapter 5.

54.

B.. The best routing protocol for this situation would be RIP. Although there are some drawbacks to using RIP, it is easy to set up and maintain, and it allows for redundancy between sites. Using static routes for this environment would be too time consuming and error prone; thus Answer A is incorrect. Using OSPF is not required in this network due to its relative small size and simplicity; thus Answer C is incorrect. An autostatic update is a request from a router for all known routes or services from the router on the other side of the connection; thus Answer D is incorrect. For more information, see Chapter 7.

55.

D.. Profiles are stored locally and need to be re-created on the new server before users can authenticate. You can have as many RRAS servers as your environment needs; thus Answer A is incorrect. There is no authorization that you must perform for RRAS like for DHCP; thus Answer B is incorrect. A RRAS server in an Active Directory domain will add itself to the required security groups automatically; thus Answer C is incorrect. For more information, see Chapter 6.

56.

A.. A reverse lookup zone allows you to resolve an IP address to a hostname. Forward lookup zones are used for hostname-to-IP address resolution; thus Answer B is incorrect. You will need to use the arp command to compare IP addresses to MAC addresses; thus Answer C is incorrect. You can determine, more often than not, the FQDN of a host by simply pinging the hostname. In a fully functional DNS environment, the returned information will contain the FQDN of the host; thus Answer D is incorrect. For more information, see Chapter 3.

57.

C.. Although EIGRP and BGP are excellent protocols for a large WAN of this type, they are not supported by Windows Server 2003. The best routing protocol for the situation described would be OSPF; thus Answers A, B, and E are incorrect. An autostatic update is a request from a router for all known routes or services from the router on the other side of the connection; thus Answer D is incorrect. For more information, see Chapter 7.

58.

A.. The Windows Server 2003 DHCP service is used to automatically assign IP addresses to client computers. DNS is used to resolve hostnames and IP address; thus Answer B is incorrect. WINS is used to resolve NetBIOS hostnames and IP addresses; thus Answer C is incorrect. BOOTP is not needed for Windows computers; thus Answer D is incorrect. For more information, see Chapter 2.

59.

D.. RAM is the most critical resource on a cache-only server because all the cache entries are stored in RAM; thus Answers A, B, C, and E are all incorrect. For more information, see Chapter 3.

60.

A.. In order to track failed logon attempts, Kirsten needs to configure failure auditing to occur for the Audit Logon Events option. Configuring auditing for success events on the Audit Logon Events option won't help collect information about failed logon attempts; thus Answer B is incorrect. Since she needs to collect information about failed logon events, it won't help to configure auditing for other areas; thus Answers C and D are incorrect. For more information, see Chapter 5.

61.

C.. The area with the ID 0.0.0.0 is the OSPF backbone. An autonomous system (AS) is a collection of networks and routers that are under common administration and that share a common routing protocol; thus Answer A is incorrect. The Link State Database (LSDB) is used by OSPF routers as they accumulate link-state information; thus Answer B is incorrect. A default route has a destination address of 0.0.0.0 and a subnet mask of 0.0.0.0. The default route is used to route any packets that are destined for an address not explicitly listed in the routing table; thus Answer D is incorrect. For more information, see Chapter 7.

62.

D.. IAS is needed to provide RADIUS authentication for the remote access servers. IAS can be used as the central repository for the profiles; thus Answers A, B, and C are incorrect. For more information, see Chapter 6.

63.

C.. To get a client computer to register dynamically with a DNS server, you type ipconfig/registerdns at the command prompt. Rebooting the computer will likely also solve the problem, but will take more time than simply using the ipconfig/registerdns command; thus Answer A is incorrect. The ipconfig/renew command is used to renew a DHCP lease; thus Answer B is incorrect. The ipconfig/renewdns command is not a valid command; thus Answer D is incorrect. For more information, see Chapter 3.

64.

C.. Although the default route can be used to simplify configuration of static routing over on-demand connections, you must consider its implications. The default IP route effectively summarizes all IP destinations and becomes the route used to forward IP packets when another more specific route is not found. This can cause traffic to be routed across the on-demand connection. It is not normal for a demand-dial connection to just connect without data to transmit; thus Answer A is incorrect. It is already known that no communication is occurring between the offices; thus Answer B is incorrect. A default route on the answering router would not cause this behavior; thus Answer D is incorrect. For more information, see Chapter 6.

65.

D.. To configure a new multicast scope, you must select the option New Multicast Scope. The New Scope option configures a normal DHCP scope; thus Answer A is incorrect. The New Superscope option will configure a superscope that contains multiple normal scopes; thus Answer B is incorrect. You can't create a new IP Scope; thus Answer C is incorrect. For more information, see Chapter 2.




MCSA(s)MCSE 70-291(c) Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
MCSA/MCSE 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (Exam Prep)
ISBN: 0789736497
EAN: 2147483647
Year: 2006
Pages: 196
Authors: Will Schmied

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net