| 1. | You are the network administrator for your company. All servers have been upgraded to Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. Some of the employees within the company work from home offices. These users require access to network resources through the company's remote access server. For security purposes, you want to limit the dial-in hours from 8 a.m. to 6 p.m. What should you do? 
| A. | Configure the properties of each user account. |
| B. | Configure the properties of the remote access server. |
| C. | Configure the conditions of the remote access policy. |
| D. | Configure the port properties. |
|
| 2. | You are the network administrator for your company. All servers have been upgraded to Microsoft Windows Server 2003. You have configured Routing and Remote Access on an existing server. The remote access server is configured with the default settings. You are still using WINS on the internal network because you are still in the process of upgrading workstations. Clients report that they can successfully connect but cannot access network resources using a UNC path. Network resources are accessible to clients connected to the LAN. Remote access clients need to be able to access network resources. What should you do?
| A. | Configure a range of IP addresses on the RAS server, as well as assign any optional IP parameters to clients. |
| B. | Manually configure the IP settings on the remote access clients. |
| C. | Configure the DHCP server to assign DHCP clients the IP address of the WINS server. |
| D. | Install the DHCP Relay Agent on the RAS server. |
|
| 3. | You are the network administrator for your organization. All servers have been upgraded to Microsoft Windows Server 2003. The network maintains multiple remote access servers. Some of the RAS servers are located in branch offices. You want to centralize the authentication of remote access clients and accounting information. What should you do?
| A. | Install IAS on a server. Configure the RAS servers to send authentication requests and accounting information to this server. |
| B. | Install ISA on a server. Configure the RAS servers as RADIUS clients. |
| C. | Install RADIUS on a server. Configure the RAS servers as RADIUS clients. |
| D. | Replace all the existing remote access servers with a RADIUS server. |
|
| 4. | You are the network administrator for an investment company. All servers have been upgraded to Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. Some of the company employees require remote access to the network. The company's new security policy now requires all remote access users to use smart cards. You need to configure the remote access server to use the correct authentication protocol. Which of the following protocols should you enable?
| A. | PAP |
| B. | EAP |
| C. | MS-CHAP |
| D. | SPAP |
|
| 5. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You have configured routing and remote access on two servers. One server is in the head office and the other is located in a branch office. You need to create a two-way demand-dial connection between the two servers. You need to create the user account on the answering router. What should you do?
| A. | Create a new user account using any account name. |
| B. | Create a new user account using an account name that matches the demand-dial interface name of the answering router. |
| C. | Create a new user account name using an account name that matches the demand-dial interface name of the calling router. |
| D. | Create a new user account using an account name that matches the computer name of the answering router. |
|
| |
| 6. | Your internetwork consists of seven subnets. All subnets are connected using Windows Server 2000 RRAS servers. Nonpersistent demand-dial connections have been configured. You do not want to be burdened with updating the routing tables, and you want any changes to the network topology to be propagated immediately. Which of the following routing options should you implement?
| A. | Static routes |
| B. | ICMP |
| C. | OSPF |
| D. | RIPv2 |
|
| 7. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You need to add a new static route to the routing table. The new route is to the network ID 192.168.126.0 with a subnet mask of 255.255.255.0 using the default gateway of 192.168.125.1. You need to execute the correct command. Which command should you use?
| A. | route -p 192.168.126.0 mask 255.255.255.0 192.168.125.1 metric 2 |
| B. | route add 192.168.126.0 mask 255.255.255.0 192.168.125.1 metric 2 |
| C. | route add 192.168.126.0 255.255.255.0 192.168.125.1 metric 2 |
| D. | route add 192.168.126.0 mask 255.255.255.0 gateway 192.168.125.1 metric 2 |
|
| 8. | You are the network administrator for a consulting company. All servers have been upgraded to Microsoft Windows Server 2003. You are configuring IP security for your network. You want all data to be encrypted, but you still want clients that do not support IPSec to be capable of authenticating with the server. You want to accomplish this with the least amount of administrative effort. What should you do?
| A. | Assign the Secure Server (Require Security) policy. |
| B. | Assign the Client (Respond Only) policy. |
| C. | Create and assign a new IPSec policy. |
| D. | Assign the Server (Request Security) policy. |
|
| |
| 9. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You are configuring IPSec between two servers in a workgroup. You assign Client (Respond Only) to each of the servers, but you notice that IP packets being sent between the two servers are not being secured. What is causing the problem?
| A. | Both are configured with the Client (Respond Only) policy. |
| B. | IPSec can be used only with Active Directory. |
| C. | One of the servers must be configured as an IPSec client. |
| D. | The servers cannot be members of the same workgroup. |
|
| 10. | You are the network administrator for your company. Servers have been upgraded to Microsoft Windows Server 2003. You have just updated the IPSec policy settings and want to apply changes immediately. What should you do?
| A. | Execute the secedit /target:machine command. |
| B. | Execute the gpupdate /target:machine command. |
| C. | Execute the secedit /target:user command. |
| D. | Execute the gpupdate /target:user command. |
|
| 11. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. Several of the servers are configured as routers with RIP enabled. You want to eliminate any routing loops from occurring. You open the properties window for the RIP protocol and select the Advanced tab. Which of the following options will meet these requirements?
| A. | Enable split-horizon processing |
| B. | Enable triggered updates |
| C. | Process host routes in received announcements |
| D. | Disable subnet summarization |
|
