1. | When the web servers are moved so that Insane Systems host their own systems, what is the best option for supplying IP addresses to the servers?
|
| ||||||||||
2. | When designing how the web servers will be protected, how will you set up the firewall(s) so that you have the highest level of security for your internal network?
|
| ||||||||||
3. | Currently this scenario does not have any remote users, but administrators need to have remote administrative control of the servers at each location. What security measures should you take?
|
| ||||||||||
4. | When promoting the domain controllers for the San Jose and New York locations, which of the promotion methods would work the best?
|
| ||||||||||
5. | Select the address assignment type and match it to the appropriate system(s).
|
|
Answers
1. | C. If you use static addressing, you will not have to open ports on the firewall to allow the requests to pass to the internal DHCP server, nor will you have to place a DHCP server within the perimeter, which could pose a security concern. The web server addresses should also be set static so that the entries within the DNS servers for the Internet will resolve correctly and not have to be updated. APIPA will not work because the APIPA address is not usable on the Internet. | ||||||||
2. | D. By using a back-to-back firewall option, you will have two firewalls protecting the internal network. | ||||||||
3. | C, D. To make sure that the administrators are using a secure connection when they are managing the servers, you could create IPSec policies for the servers and workstations that would use IPSec whenever the administrators connect to them. | ||||||||
4. | D. Because the new staff at each location will have limited knowledge of Windows Server 2003 and Active Directory, the preferred method of promoting the domain controllers is to have a backup of Active Directory sent to each location and have the administrator promote the domain controller remotely. The staff at the location can insert the appropriate media when the system calls for it during promotion. | ||||||||
5. |
When addressing client systems you need to identify which clients need static or dynamic addressing. Intranet web servers should be configured with either a static address or a reservation should be set within the DHCP server. Using a reservation, the web server will always obtain the same IP address, but you can control the configuration options from the DHCP server. Most of the workstations can receive DHCP supplied addresses. DNS and DHCP servers should have static addresses. |