Review Questions

1.  

When you are attempting to increase availability of network resources, which term defines how long a device is expected to function without breaking?

1. Mean time to recovery

2. Mean time before failure

3. Redundancy

4. Secondary paths

2.  

Which device type should Anna Beth choose if she wants to allow users to connect to the Internet, but she wants to control which user accounts will be able to connect?

1. Router

2. Proxy server

3. Domain controller

4. NAT server

3.  

Which of the following is considered a drawback to using a VPN?

1. Existing infrastructure is used

2. Scales better than dial-up

3. Additional overhead

4. Public connection can be used

4.  

What is Microsoft s service that acts as a RADIUS server called?

1. NAT

2. VPN

3. RRAS

4. IAS

5.  

If you want to centralize your remote access policies, what service will you use?

1. IAS

2. NAT

3. RRAS

4. VPN

6.  

Tina has a network that uses a link-state routing protocol that is compatible with the link-state protocol used in Windows Server 2003. If she decides to use Windows Server 2003 as a router, which protocol would she configure?

1. IAS

2. RIP

3. OSPF

4. NAT

7.  

Dan is designing his network infrastructure and is in the process of determining how he will allow access to web server, yet protect his internal network. Which of the following options will provide the best security?

1. No firewall

2. Bastion host

3. Three- homed firewall

4. Back-to-back firewalls

8.  

Toni is trying to determine which design to use for her perimeter network. She wants to have as much security as possible and is willing to forego ease of administration in order to get the security she wants. Which of the following models should she use?

1. Single forest

2. Multiple forest, no trust

3. Multiple forest, one-way trust

4. Multiple forest, two-way trust

9.  

Cheryl is designing the IP address allocation method for the web servers within the perimeter network. Which of the addressing methods should she choose?

1. Static

2. DHCP

3. Reservation

4. APIPA

10.  

When determining which IP address range to use between two Windows Server 2003 systems that are acting as routers between two of the company s locations, which address range would be the most efficient?

1. 192.168.1.0/24

2. 192.168.1.0/26

3. 192.168.1.0/28

4. 192.168.1.0/30

1.  

B. The mean time before failure is a measurement used to designate how long a device will typically function before it fails.

2.  

B. A proxy server can be configured to allow users to connect to the Internet and will cache the pages that the users visit so that Internet traffic can be reduced. With a proxy server, you can configure exactly which users will have the ability to connect to the Internet.

3.  

C. Whenever you use a VPN solution, you generate additional overhead on your server due to the encryption and decryption of the packets.

4.  

D. Internet Authentication Service (IAS) is Microsoft s implementation of a RADIUS server. Although IAS follows the RADIUS standards, it also has additional features such as the ability to centrally locate the RRAS policies.

5.  

A. If you do not use IAS, the remote access policies are held individually on a RAS server. By using the IAS, you can create a remote access policy and all of the RRAS RADIUS clients will use the policies from the IAS server.

6.  

C. If other routers within the network are using a link-state routing protocol, the only one that is supported by Windows Server 2003 RRAS is OSPF. Make sure you have configured the RRAS router correctly or you could cause routing issues within the network.

7.  

D. The back-to-back firewall option allows the devices within the internal network to be safeguarded from attacks because two firewalls need to be hacked before the internal network is jeopardized.

8.  

B. With the multiple forest, no trust model, the perimeter network is a forest unto itself and no trust relationships exist with the forest for the internal network. When this model is used, there are added administrative costs because the users who need to access resources within both forests need to have a separate identity from the one used within the internal network. Also, if there is a reason that resources from one forest need to be used from the other forest, the accounts have to be set up to allow access, which could prove more difficult than the other models.

9.  

A. When placing web servers within the perimeter network, the best way to assign an IP address to them is to use a static address. If you use a static address, the IP address used by the web server will not have to be changed within the DNS servers that are accessible by Internet clients, and you will not have to open ports on the internal firewall to allow DHCP traffic to get to the servers.

10.  

D. When defining the addresses to use between routers, if you want to conserve the addresses available and use only the number required for the connection, you should use a 30-bit mask, which will give you the two addresses needed between the routers.