You are the network administrator for your company. All domain controllers and member servers are running Microsoft Windows Server 2003.
You have configured multiple IPSec policies throughout the Active Directory hierarchy. You discover that the correct IPSec policy settings are not configured on SRV01.
You need to determine which IPSec policy is being used on SRV01.
What should you do?
A.
Launch Network Monitor and capture all IPSec traffic coming to and from SRV01.
B.
Open the IP Security Monitor on SRV01.
C.
Launch the Resultant Set of Policy on SRV01.
D.
Open the IP Security Policy Management on SRV01.
2.
You are the network administrator for your organization. All servers have been upgraded to Microsoft Windows Server 2003.
You are trying to install Software Updates Services (SUS) on an existing server. The installation of the software continually fails. You verify that the computer meets the hardware requirements. The server is also running IIS 5.0 and Internet Explorer 6.0, and all partitions except the system partition are formatted with NTFS.
You need to install SUS on the server.
What could be causing the problem?
A.
Service pack 1 is not installed.
B.
The partition storing the updates is not formatted with FAT.
C.
IIS must be uninstalled.
D.
The system partition must be formatted with NTFS.
3.
You are the network administrator for a small organization. Servers are running Microsoft Windows Server 2003. Client computers have been upgraded to Windows XP Professional.
You want to configure Automatic Updates settings through a group policy. You create a new group policy object for the appropriate Organizational Unit. When you open the policy, you cannot find any Automatic Updates settings to configure.
You need to deploy the settings through a group policy object.
What is causing the problem?
A.
You are not permitted to edit group policy objects.
B.
Software Update Services has not been installed.
C.
The Automatic Updates ADM file has not been loaded.
D.
Automatic Updates settings must be configured on each local computer.
4.
You are the network administrator for your company. All domain controllers and members servers have been upgraded to Microsoft Windows Server 2003.
You are planning to deploy Software Updates Services on an existing server. Client computers on the network are running various client operating systems.
You need to identify which operating systems will support the updated version of Automatic Updates.
Select the operating systems that support the updated version of Automatic Updates. (Choose all correct answers.)
A.
Windows 95
B.
Windows 98
C.
Windows Me
D.
Windows 2000
E.
Windows XP
5.
You are the network administrator for a large accounting firm. All servers are running Microsoft Windows Server 2003.
You discover that some of the other network administrators have made configuration changes when troubleshooting problems. You are now concerned that some of the servers on the network no longer meet the security requirements outlined by the company's security policy. You want to verify the current security settings on the servers against those in the security template applied to all new servers.
What should you do?
A.
Run the Resultant Set of Policy tool. Compare the current settings to those in the security template.
B.
Run the Security Configuration and Analysis tool. Compare the current settings to those in the security template.
C.
Use the IP Security Monitor tool to determine the policy in effect. Compare the settings to those in the template.
D.
Use the Security Templates snap-in to compare the current settings to those in the security template.
6.
You are the network administrator for a pharmaceutical company. All servers are running Microsoft Windows Server 2003.
You are implementing a secure baseline for all new servers added to the network. You want each server to be configured with a standard set of security settings.
You need to accomplish this with as little administrative effort as possible.
What should you do?
A.
Manually configure the settings on each server.
B.
Create a security template using the Security Templates snap-in with all the required security settings and deploy it through a GPO.
C.
Use the Security Configuration and Analysis tool to create a new template with all the required security settings. Deploy the settings through a GPO.
D.
Use Software Updates Services to configure each new server with the required security settings.
7.
You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional.
You are editing the Registry to configure Automatic Updates on a client computer. You want to specify which SUS server the client computer will retrieve the updates from.
Which of the following Registry options should you configure to specify the SUS server that the updates will be downloaded from?
A.
UseWUServer
B.
AUOptions
C.
WUServer
D.
SUSServer
8.
You are the network administrator for a large insurance agency. All servers are running Microsoft Windows Server 2003.
You have implemented an IPSec policy on several company servers. You want to specify default traffic exemptions on these servers.
You need to accomplish this with as little administrative effort as possible.
What should you do?
A.
Execute the netdiag to make the necessary IPSec configuration changes.
B.
Execute the ipsecmon command with the required parameters the make the change.
C.
Use the IPSec Policy Management tool to configure IPSec.
D.
Create a script that uses the netsh command to configure IPSec.
9.
You are the network administrator for your company. All servers are running Microsoft Windows Server 2003.
You discover that the IPSec policy configured for domain controllers is not behaving normally. You suspect that a configuration change was made by another administrator.
You need to determine whether a change was made.
What should you do?
A.
Open the IP Security Monitor tool and select the Active Policy container.
B.
Launch the Security Configuration and Analysis tool. Analyze the IPSec settings on the server.
C.
Open the Windows Event Viewer and view the contents of the Security log.
D.
Execute the ipsecpol command from the command prompt.
10.
You are the network administrator for your organization. All servers are being migrated from Windows 2000 to Microsoft Windows Server 2003.
IP Security Monitor will be used to monitor IPSec communications on several servers. You use the IP Security Monitor snap-in from your administrative computer to monitor the servers across the network. However, you discover that you are able to monitor only other computers running Windows Server 2003.
What is causing the problem?
A.
You do not have administrative permissions on the servers running Windows 2000.
B.
IP Security Monitor cannot be used to monitor computers running Windows 2000.
C.
The Windows 2000 servers are not members of the local domain.
D.
The Network Monitor driver is not installed on the Windows 2000 servers.
