| 1. | You are the network administrator for your organization. Servers are running Microsoft Windows Server 2003. You have enabled Routing and Remote Access on a server. Some of the users in your organization have home offices, where they work during the weekdays. They require access to network resources. Users currently have access 24 hours a day, 7 days a week. For security purposes, you want to limit the dial-in hours from 8 a.m. to 6 p.m. What should you do? 
| A. | Configure the properties of each user account. |
| B. | Configure the properties of the RAS server. |
| C. | Configure the conditions of the remote access policy. |
| D. | Configure the port properties. |
|
| 2. | You are the network administrator for your company. All servers have been upgraded to Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. Your company has opened a new branch office. You are in charge of configuring a two-way demand dial connection between your head office and the new branch office. You configure the demand dial routers with the following settings: Branch Office Router Settings Interface: SRV01_Public User Account: SRV01 Calling Number: 555-1212 Head Office Routing Settings Interface: SRV02_Public User Account: SRV02 Calling Number: 555-3434 When you go to test your configuration, neither of the routers can establish a connection. What should you do?
| A. | Change the interface name on the router in the head office to SRV01_Public. |
| B. | Change the demand dial interface name on each router to match the name of the user account on the remote answering router. |
| C. | Change the interface name on the router in the branch office to SRV02_Public. |
| D. | Change the names assigned to the user accounts on each router so they are identical. |
|
| 3. | You are the network administrator for your company. You are currently in the process of upgrading the server to Microsoft Windows Server 2003. You plan to decommission the WINS server once all client computers have been upgraded. You have enabled Routing and Remote Access on a server that has been already been upgraded. The RAS server is configured with the default settings. Remote access clients report that they can successfully connect to the RAS server. However, clients cannot access network resources using the UNC path. What should you do?
| A. | You must configure a range of IP addresses on the RAS server, as well as assign any optional IP parameters to clients. |
| B. | You must manually configure the IP settings on the remote access clients. |
| C. | You must configure the RAS server with the IP address of the WINS server. |
| D. | You must install the DHCP Relay Agent on the RAS server. |
|
| 4. | You are the network administrator for your company. Servers have been upgraded to Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. You have just changed several computer and user policy settings on SRV01. You want the changes to be applied immediately. What should you do?
| A. | Execute the secedit /refresh command. |
| B. | Execute the gpupdate /force command. |
| C. | Execute the gpupdate /target:computer command. |
| D. | Execute the gpupdate /refreshpolicy command. |
| E. | Execute the secedit /refreshpolicy command. |
|
| 5. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. Several servers on the network have been configured as routers to connect multiple subnets. You have implemented OSPF routing protocol on the network. You manage a router named Area1BR. The server is configured as an area border router. Area1BR is connected to Area 0.0.0.0 and to Area 1. For Area 1, Area1BR advertises the summarized route 172.16.0.0/18. Which two Internet Protocol (IP) addresses define subnets that you can include in Area1? (Choose two.)
| A. | 172.31.192.0/18 |
| B. | 172.31.128.0/18 |
| C. | 172.31.96.0/18 |
| D. | 172.31.160.0/18 |
| E. | 172.31.224.0/18 |
|
| 6. | You are the network administrator for an accounting company. The company has decided to implement tighter remote access security. You have decided to implement smart cards on all remote access client computers. You have installed the smart cards and need to configure the remote access server to support the new authentication mechanism. Which of the following protocols should be enabled?
| A. | PAP |
| B. | EAP |
| C. | MS-CHAP |
| D. | SPAP |
|
| |
| 7. | You are the network administrator of a Windows Server 2003 network. The company has just opened a new branch office. You are configuring demand-dial routing between a server in the head office and a server within a branch office. Both servers are running Windows Server 2003. You need to create the user account on the answering router. Which of the following statements is true?
| A. | Any user account name can be used. |
| B. | The user account name should match the demand-dial interface name of the answering router. |
| C. | The user account name should match the demand-dial interface name of the calling router. |
| D. | The user account name must match the computer name of the answering router. |
|
| 8. | You are the network administrator for an insurance company. You have recently upgraded all servers to Microsoft Windows Server 2003. The internetwork consists of seven subnets. All subnets are connected using RRAS servers. Nonpersistent demand-dial connections have been configured. You want to minimize the amount of administrative effort required to maintain the routing tables. You want any changes to the network topology to be propagated immediately. What should you do?
| A. | Configure static routes on the servers. |
| B. | Enable the RIPv1 protocol. |
| C. | Enable the OSPF protocol. |
| D. | Enable the RIPv2 protocol. |
|
| 9. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. A new subnet has been added to the existing network infrastructure. You need to add a static route to the routing table to reach the new subnet. The subnet ID in use is 192.168.126.0. Which of the following commands would add a static route to the routing table?
| A. | route -p 192.168.126.0 mask 255.255.255.0
192.168.125.1 metric 2 |
| B. | route add 192.168.126.0 mask 255.255.255.0
192.168.125.1 metric 2 |
| C. | route add 192.168.126.0 255.255.255.0 192.168.125.1
metric 2 |
| D. | route add 192.168.126.0 mask 255.255.255.0 gateway
192.168.125.1 metric 2 |
|
| 10. | You are the network administrator for Contoso Ltd. The company has recently upgraded all domain servers to Microsoft Windows Server 2003. You are in the process of upgrading client computers to Microsoft Windows XP Professional. The company is implementing a new security policy. All data between SRV01 and clients should be encrypted. However, those clients that have not yet been upgraded do not support IPSec. You must ensure that these client are still capable of authenticating with the server. You need to assign an IPSec policy to SRV01. What should you do?
| A. | Within the IP Security Monitor snap-in, assign the Secure Server (Require Security) policy. |
| B. | Configure the settings of the appropriate group policy object and assign the Client (Respond Only) policy. |
| C. | Configure the Properties of TCP/IP and assign the Secure Server (Require Security) policy. |
| D. | Edit the appropriate group policy object and assign the Server (Request Security) policy. |
|
| 11. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. All server communications must be encrypted according to company security policy. You are configuring IPSec between two servers in a workgroup. You assign the Client (Respond Only) policy to SRV01 and SRV02. When you open the IP Security Monitor, you notice that IP packets being sent between the two servers are not being secured. What is causing the problem?
| A. | Both are configured with the Client (Respond Only) policy. |
| B. | You can use IPSec only with Active Directory. |
| C. | One of the servers must be configured as an IPSec client. |
| D. | The servers cannot be members of the same workgroup. |
|
| |
| 12. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. You are configuring IPSec policies for two servers on the network. SRV-01 hosts the company website and SRV-02 hosts the company database. The following requirements must be met: All communications between SRV-01 and SRV-02 must be secured. Communications between SRV-02 and clients on the private network must always be secure. NonIPSec-aware client must be able to communicate with SRV-01. All other communication should be secured. The other servers on the network are not configured with IPSec policies. Client computers on the network must be able to communicate with servers. You need to assign the correct IPSec policies. Select an IPSec policy from the list on the right and place it beneath the appropriate computer. You can use a policy more than once and you may not have to use them all.  | | Server (Request Security) | | | Server (Require Security) | | | Client (Respond Only) |
|
| 13. | You are the network administrator for your company. All servers have been upgraded to Microsoft Windows Server 2003. You are planning a VPN solution for the company network. The branch office will connect to the head office using a VPN connection. You need to enable the correct protocols on the remote access server. Which of the following protocols should you use to establish a VPN tunnel with a Windows Server 2003 VPN server?
|
| 14. | You are the network administrator for your company. You have been instructed to set up remote access for several client computers. You have enabled Routing and Remote Access on a computer running Microsoft Windows Server 2003. Clients will establish a VPN connection with the server. You determine that there may be up to 20 clients accessing the VPN server at one time. You need to increase the number of available PPTP ports. How can you accomplish this task from within the Routing and Remote Access management console?
| A. | From the Properties window for the server, select the Ports tab. |
| B. | Using the Edit Profile button within the properties window for the policy, select the Ports tab. |
| C. | Use the Properties window for the Ports option. |
| D. | Use the PPTP tab from the Ports properties window. |
|
| 15. | You are the network administrator for your organization. Company servers have been upgraded to Microsoft Windows Server 2003. You have enabled RRAS on SERVER01. All remote access clients are running Microsoft Windows XP Professional. You want to configure the most secure authentication protocol. Which of the following should you enable?
| A. | PAP |
| B. | CHAP |
| C. | MS-CHAP version 1 |
| D. | MS-CHAP version 2 |
|
| |
| 16. | You are the network administrator for an accounting firm. You have recently upgraded the servers to Microsoft Windows Server 2003. The network consists of three subnets: Subnet A, Subnet B, and Subnet C. There is an RRAS server on Subnet C configured with a range of IP addresses to assign to remote access clients. There are two DNS servers on the network, DNS01 and DNS02. You want remote access clients to use DNS02. What should you do?
| A. | Configure the RRAS server to use DHCP. Install a DHCP server on Subnet C. Configure a scope on the DHCP server for the remote access clients. Configure the DHCP relay agent on the DNS server. |
| B. | Install a DHCP server on the network and configure the RRAS server to use DHCP for IP address assignment. Configure a scope on the DHCP server for the remote access clients. |
| C. | Install a DHCP server on the network. Configure a scope on the DHCP server for remote access clients. Configure RRAS to use DHCP. Configure the relay agent on the DHCP server. |
| D. | Install a DHCP server on Subnet C. Configure a scope on the DHCP server for remote access clients. Configure RRAS to use DHCP. Configure the relay agent on the RRAS server. |
|
| 17. | You are the administrator of a Windows Server 2003 network. You have enabled Routing and Remote Access on a server running Microsoft Windows Server 2003. Because of the security requirements of the company, you have created multiple remote access policies. User A attempts to gain remote access. The connection attempt does not meet the conditions of the first remote access policy. Which of the following statements is true?
| A. | The connection attempt is denied. |
| B. | The properties of the user's account are evaluated. |
| C. | The next policy in the list is evaluated. |
| D. | The profile settings are evaluated. |
|
| 18. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You need to implement Routing and Remote Access to give users the ability to access resources from other locations while still maintaining a high level of security. Specifically, the company president needs to be able to access resources from his home office and other locations. Network administrators also require remote access when they are working from home. You enable remote access on an existing server. You need to configure callback for the user accounts. What should you do?
| A. | Choose No Callback for the president's account and Set by Caller for the network administrators' accounts. |
| B. | Choose Set by Caller for the president's account and No Callback for the network administrators' accounts. |
| C. | Choose Always Callback To for the president's account and Set by Caller for the network administrators' accounts. |
| D. | Choose Set by Caller for the president's account and Always Callback To for the network administrators' accounts. |
|
| 19. | You are the senior network administrator for your company. You have recently upgraded the servers to Microsoft Windows Server 2003. You have assigned a junior network administrator the task of installing and configuring a remote access server. Certain users need to be able to dial directly into the server to access network resources. To test the configuration, you attempt to connect to the server but are unsuccessful. When you open the Routing and Remote Access snap-in, you notice that the default remote access policy has been deleted. What should you do?
| A. | Disable Routing and Remote Access and then re-enable the service. |
| B. | Create a remote access policy. |
| C. | Configure the dial-in properties of the user accounts. |
| D. | Configure the remote access profile settings. |
|
| 20. | You are the network administrator for your company. You have enabled Routing and Remote Access on a server running Microsoft Windows Server 2003. You have configured two remote access policies. The profile settings of Policy A are configured so that remote access is permitted only during the hours of 8 a.m. and 5 p.m. This policy is applied to the Sales group. Policy B has no dial-in restrictions configured, and it is applied to the Managers group. Policy A is listed first. Mike is a member of the Sales and Managers groups. He attempts to dial into the remote access server at 6 p.m. Which of the following statements is true?
| A. | Mike will be permitted remote access. |
| B. | Because the connection attempt does not match the profile settings of Policy A, Policy B is evaluated. |
| C. | The connection attempt is denied. |
| D. | The dial-in restrictions configured for Mike's user account determine whether he has remote access permission. |
|
| 21. | You are in the process of configuring profile settings for a remote access policy. You configure the settings as shown in the following figure. Which of the following statements are true? (Choose all correct answers.) 
| A. | Users will be disconnected after 8 hours of inactivity. |
| B. | Users will be disconnected after 30 minutes of inactivity. |
| C. | Users can remain connected as long as necessary. |
| D. | Users can dial in only between 6 p.m. and 6 a.m. |
| E. | Users can dial in only between 6 a.m. and 6 p.m. |
| F. | Users can dial any number for remote access. |
|
| |
| 22. | You are the administrator of a Windows Server 2003 network. A user reports that he is unable to communicate with any hosts on a remote subnet. You execute the ipconfig command to verify that TCP/IP is properly configured on the workstation. You then execute the ping command to test whether TCP/IP is initialized on the local computer. You proceed to ping the IP address assigned to the local workstation. Both pings have successful results. You need to identify the cause of the problem. What should you do next?
| A. | Ping the IP address of a local host. |
| B. | Ping the IP address of the default gateway. |
| C. | Ping the IP address of a remote host. |
| D. | Ping the IP address of a remote router. |
|
| 23. | You are the network administrator for Contoso Ltd. All servers are running Microsoft Windows Server 2003. You have captured a large amount of network traffic using Network Monitor. You want to limit the captured information to only display traffic containing the SMB protocol. What should you do?
| A. | Configure a trigger. |
| B. | Configure a capture filter. |
| C. | Configure a display filter. |
| D. | Configure a packet filter. |
|
| 24. | You are the network administrator for a large company. All servers within the company domain are running Microsoft Windows Server 2003. You often run System Monitor on the servers to capture performance data. You want to give another user the ability to view real-time data as it is captured using System Monitor. He should be able to perform this task from the server or from his administrative computer. What should you do?
| A. | Add his user account to the Performance Log Users group. |
| B. | Add his user account to the Administrators group. |
| C. | Add his user account to the Performance Monitor Users group. |
| D. | Add his user account to the Domain Admins group. |
|
| 25. | You are the network administrator for your company. Client computers are running Microsoft Windows XP Professional. Servers are running Microsoft Windows Server 2003. You are running Network Monitor to analyze specific types of network traffic. You want to configure Network Monitor to only gather information pertaining to specific protocols and traffic type. What should you do?
| A. | Configure a display filter. |
| B. | Configure a capture filter. |
| C. | Configure a trigger. |
| D. | Configure an IP packet filter. |
|
| 26. | You are the network administrator for your company. The servers in the company have recently been upgraded to Microsoft Windows Server 2003. Your managers have asked you to put together a performance report for the web server on the intranet. You need to gather statistics about the total amount of TCP/IP traffic on the local computer. Which of the following counters should you monitor?
| A. | Packet Outbound Errors |
| B. | TCP Segments/sec |
| C. | IP Datagrams/sec |
| D. | Logons/sec |
|
| 27. | You are the network administrator for a large insurance company. The network consists of 50 servers running Microsoft Windows Server 2003. There are 700 client computers running Microsoft Windows XP Professional. The company has updated its security policy and requires all network traffic to be encrypted. You are deploying IPSec in a test environment that has a single server and 10 client computers. You have assigned the required IPSec policies. You need to verify that traffic between the server and the client computers is being secured. What should you do?
| A. | Launch IP Security Monitor and open the Main Mode Security Associations folder. |
| B. | Launch the Event Viewer and examine the contents of the Security log. |
| C. | Run the Resultant Set of Policy in logging mode. |
| D. | Execute the ipsecmon.exe command. |
|
| 28. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. One of the servers on the network connects to the Internet through a dial-up connection. You are having problems establishing a connection and you want to verify that the modem is working. Which of the following can you use to verify the status of the modem?
| A. | System Monitor |
| B. | Network Monitor |
| C. | ping |
| D. | Device Manager |
|
| 29. | You are the network administrator for your company. All domain controllers and member servers are running Microsoft Windows Server 2003. You need to gather network-performance statistics for DC01. You want to determine the number of logons the domain controller has received since the last time it was restarted. Which counter should you monitor?
| A. | Logons Received Total |
| B. | Logon Total |
| C. | Logons Received/sec |
| D. | Logons/sec |
|
| 30. | You are the network administrator for Contoso Ltd. All computers are members of the contoso.com domain. Servers are running Microsoft Windows Server 2003. You have installed the DHCP service on SRV01. Clients report that they are unable to access network resources. You discover that they are all using APIPA. You soon determine that the DHCP service on the server has failed to start. You reboot the server and the service still does not start. What should you do?
| A. | Continue to reboot the server until the service starts. |
| B. | Verify that any services DHCP depends on are started using the Services console. |
| C. | Use the DHCP console to start the service. |
| D. | Reinstall the DHCP service. |
|
| 31. | You are the network administrator for your company. Servers are running Microsoft Windows Server 2003. You are configuring the service-recovery options for the server service on a domain controller. If a service fails to start, which of the following actions can be performed? From the list on the right, select the actions that a computer running Windows Server 2003 can take if a service fails to start. Place these actions in the list on the left. | | The computer can attempt to restart the service. | | | The computer can automatically reboot. | | | The services that the failed service depends on can be restarted. | | | An email message can be sent to the network administrator. |
|
| 32. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You have recently installed a new network service on one of the servers. You need to determine how much more additional traffic is generated since it was installed. Which of the following tools can you use to capture and analyze network traffic?
| A. | Network Performance |
| B. | Network Diagnostics |
| C. | Network Monitor |
| D. | Network Manager |
|
| 33. | You are the network administrator for a small accounting firm. All servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. The network consists of three different subnets. Dynamic routing is being implemented on three multihomed computers running Windows Server 2003 on which Routing and Remote Access has been enabled. You open the Routing and Remote Access console on SRVRRAS-1 and configure the computer for LAN routing. You select New Routing Protocol from the General node of the IP Routing node, and you choose RIP version 2 for Internet Protocol from the New Routing Protocol dialog box. What should you do next?
| A. | Add the IP address of the DHCP server to the properties dialog box for the DHCP Relay Agent. |
| B. | Add the interface that RIP will run using the RIP node. |
| C. | Use the route command to configure the routes to the remote subnets. |
| D. | Use the route command to delete all static routers from the routing tables. |
|
| 34. | A new service pack has just been released for Windows Server 2003. You download the service pack. What should you do before installing it?
| A. | Notify users that the server will be down. |
| B. | Take all production servers offline. |
| C. | Install the service pack in a test environment. |
| D. | You need do nothing but proceed with the installation. |
|
| 35. | You are the network administrator for your company. The company is in the process of migrating to Microsoft Windows Server 2003. You have just finished installing Windows Server 2003 on a new server. You are now in the process of performing some basic steps to secure the operating system. You need to configure your administrative access to the server while maintaining the principle of least privilege. What should you do?
| A. | Create a new user account for yourself and add it to the local Administrators group so that you can perform administrative tasks at any time. |
| B. | Nothing. You should always log on with the Administrators account. |
| C. | Create a new group and add the group to the local Administrators group. Create a user account for yourself and add it to the new group. |
| D. | Create two user accounts: one with restrictive permissions for performing daily tasks and the other with additional privileges for performing administrative tasks. |
|
| |
| 36. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You are concerned that the security settings on one of the servers have been changed. All servers are configured with the same security settings before they are placed on the network. You run the Security Configuration and Analysis utility on the server. You notice that several of the results appear with a red X beside them. What does this red X indicate?
| A. | It indicates that the system settings correspond with those in the template. |
| B. | It indicates that the configured system settings do not match those in the template. |
| C. | It indicates that these values do not need to be configured based on the server role. |
| D. | It indicates that these settings have not been configured. |
|
| 37. | You have recently been hired as the network administrator for a medium-sized network. The network hosts several servers running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. The previous administrator left no documentation about the existing servers. Managers have asked you to document server configuration. Your documentation must You need to have this information as soon as possible. What should you do?
| A. | Run the HFNetHCK.exe program. |
| B. | Use the Security Configuration and Analysis tool. |
| C. | Run the Microsoft Security Baseline Analyzer. |
| D. | Execute the Resultant Set of Policy tool. |
|
| 38. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You are testing the impact of various security settings within a test environment. You make several changes to the security settings on a standalone server. What is the default interval at which security settings will be automatically refreshed?
| A. | 24 hours |
| B. | 12 hours |
| C. | 120 minutes |
| D. | 90 minutes |
|
| 39. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. SRV03 stores all the company's shared folders. You have enabled auditing on the server to monitor access to the shared folders and any changes that might be made to the server's configuration. You suspect that one of the junior network administrators has made changes to some of the settings with the group policy object. Which log file should you use to verify your suspicions?
| A. | Application |
| B. | Audit |
| C. | Security |
| D. | System |
|
| 40. | You are the network administrator for Contoso Ltd. The company has upgraded to Microsoft Windows Server 2003. You have been asked to implement a strategy for deploying updates. You decide to install SUS on an existing server. You need to determine whether the server meets the hardware requirements to run the software. Which of the following are considered to be minimum hardware requirements for installing SUS? From the list on the right, select the minimum hardware requirements for SUS. Place these requirements in the list on the left. | | Pentium III 500MHz | | | Pentium III 700MHz | | | 265MB RAM | | | 512MB RAM | | | 4GB storage space | | | 6GB storage space |
|
| |
| 41. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You want the company to implement DHCP instead of using static IP addressing. You need to put together some documentation for your managers outlining how DHCP works. You want to document the process that occurs when a client computer attempts to lease an IP address. From the list on the right, select the steps that occur during the IP address lease process. Place these steps in the order that they occur in the list on the left. | | DHCPAck | | | DHCPDiscover | | | DHCPOffer | | | DHCPRequest |
|
| 42. | You are the network administrator for your company. You have upgraded all servers to Microsoft Windows Server 2003. All computers are members of the same Active Directory domain. You have just finished configuring a new DHCP server. You have installed the service as well as configured and activated a scope. You now need to authorize the DHCP server. Which administrative tool should you use to perform this task?
| A. | Active Directory Users and Computers |
| B. | DHCP console |
| C. | Active Directory Sites and Services |
| D. | Service applet |
|
| 43. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. You have been instructed to implement a dynamic IP addressing solution. You decide to implement DHCP on an existing member server. You need to ensure that the DHCP server can lease IP addresses to client computers. From the list on the right, select the actions that you must perform to allow the DHCP server to function on the network. Place these actions in the list on the left. | | Install DHCP. | | | Activate a scope. | | | Create a scope. | | | Authorize the DHCP server. | | | Configure the scope options. | | | Install Active Directory on the local server. | | | Enable dynamic updates. |
|
| 44. | Your DHCP server must support multicasting. When configuring a multicast scope, which IP address range can you use?
| A. | 192.160.0.1192.168.0.255 |
| B. | 127.0.0.1127.0.0.255 |
| C. | 169.254.0.1169.254.255.254 |
| D. | 224.0.0.1239.255.255.255 |
|
| 45. | You are the network administrator for your company. Servers are running Microsoft Windows Server 2003. The network consists of two subnets: Subnet A and Subnet B. Each has its own DHCP server. You configure the scope on DHCP1 for Subnet A. Users are all leasing an IP address but report that they cannot access any resources outside of their own subnet. What should you do?
| A. | Activate the scope on DHCP1. |
| B. | Configure the default gateway on each workstation. |
| C. | Configure the 003 router option on DHCP1. |
| D. | Configure the 006 DNS server option on DHCP1. |
|
| 46. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Client computers have been upgraded to Microsoft Windows XP Professional. You have installed SUS on two member servers in the company domain. The updated version of automatic updates has been deployed to all client computers. You want to ensure that requests are balanced equally between the two servers. You also want to accomplish this with as little administrative effort as possible. What should you do?
| A. | Remotely add the WUServer value to the registry of client computers. |
| B. | Configure the Specify Microsoft Update Service Location setting through a GPO. |
| C. | Manually change the UseWUServer value to 1 on each client computer. |
| D. | Enable Round Robin on the company DNS server. |
|
| 47. | You are the network administrator for your company. You have added the DHCP service to a computer running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. All client computers are configured to obtain an IP address automatically. Three of the member servers host print devices. These servers must always use the same IP address. How can you ensure that these print servers lease the same IP address from the DHCP server? (Choose all correct answers.)
| A. | Exclude the IP addresses from the scope. |
| B. | Create a separate scope for each of the print servers. |
| C. | Create a client reservation for each print server. |
| D. | Configure the DHCP options for the scope. |
|
| 48. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. Because of security needs and the different needs of dial-in clients, you have configured three separate remote access policies. When a remote access client attempts to connect to a remote access server, which of the following statements is true regarding policy evaluation?
| A. | All policies in the list are evaluated. |
| B. | The first policy to match the conditions of the connection attempt is evaluated. |
| C. | Only the first policy in the list is evaluated. |
| D. | The first policy that gives the user remote access is evaluated. |
|
| 49. | You are the network administrator for your company. All computers are members of the contoso.com domain. Servers are running Microsoft Windows Server 2003. Your primary DNS server is located in the corporate head office. The five branch offices are all configured with secondary DNS servers. The WAN links between offices are extremely slow. You want to increase the interval at which secondary servers poll the primary server for updates to the zone file. Which of the following settings should you change?
| A. | Retry interval |
| B. | Serial number |
| C. | Refresh interval |
| D. | Time to Live |
|
| 50. | You are the network administrator for your company. You recently deployed a DHCP server to centralize the administration of all IP addresses on the network. Prior to this step, all IP addresses were statically configured. All users are successfully leasing IP addresses but sometimes report that they cannot print to the network interface printers. The printers are not configured as DHCP clients and are still configured with static IP addresses. Upon examining the event log, you notice there are IP address conflicts. What should you do?
| A. | Define separate scopes for each of the print devices. |
| B. | Create client reservations for the print devices. |
| C. | Exclude the IP addresses of the print devices from the scope. |
| D. | Create client exclusions for the print devices. |
|
| 51. | You are the network administrator for Contoso Ltd. All computers are members of the contoso.com Active Directory domain. Servers are running Microsoft Windows Server 2003. The primary DNS server for contoso.com is located on the corporate head office. The five branch offices are all configured with secondary DNS servers. Each branch office is now being configured with a second DNS server. You do not want any more traffic generated on the WAN links or the LAN from zone transfers. What should you do?
| A. | Configure the new servers as secondary DNS servers with the existing secondary DNS servers as master name servers. |
| B. | Configure the new DNS servers as caching-only servers. |
| C. | Configure the new DNS servers as secondary DNS servers with the primary DNS server as the master name server. |
| D. | Configure the new DNS servers as primary DNS servers. |
|
| |
| 52. | You are the network administrator for your company. Members of the Sales department need to access the company network when traveling to client sites. You are implementing a remote access solution. You enable Routing and Remote Access on a server running Microsoft Windows Server 2003. All client computers requiring remote access are running Microsoft Windows XP Professional. You want all remote access users to authenticate using MS-CHAP version 2. What should you do?
| A. | Enable MS-CHAP version 2 through the Properties of the remote access server. |
| B. | Edit the conditions of the remote access policy and enable MS-CHAP version 2. |
| C. | Configure the profile of the remote access policy and enable MS-CHAP version 2. |
| D. | Enable MS-CHAP version 2 through the Properties of each user account. |
|
| 53. | You are the network administrator of a Microsoft Windows Server 2003 network. The network consists of two subnets: Subnet A and Subnet B. Subnet A has a WINS server that is used by all clients on the network to resolve NetBIOS names to IP addresses. A Windows Server 2003 DHCP server assigns IP addresses to clients. The DHCP 044 WINS/NBNS Servers option is configured at the scope level to assign clients the IP address of WINSRV A. You move the WINS server from Subnet A to Subnet B and configure the 044 WINS/NBNS option at the server level to assign clients the new IP address of the WINS server. You discover that clients are still being assigned the old IP address. What is causing the problem?
| A. | Clients must use the ipconfig /renew command to obtain the new WINS IP address. |
| B. | The IP address of the WINS server must be statically configured on client workstations. |
| C. | You must configure the 046 WINS/NBT node type. |
| D. | The new 044 WINS/NBNS option must be configured at the scope level. |
|
| 54. | You are the network administrator for your company. Servers are running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. You have been advised that all communication between clients and the web server on the intranet should be secured. However, you need to ensure that non-IPSecaware clients can authenticate to the web server. Which of the following policies should you assign to the web server?
| A. | Client (Respond Only) |
| B. | Server (Request Security) |
| C. | Secure Server (Require Security) |
| D. | Secure Client (Respond Only) |
|
| 55. | You are the network administrator for your company. You have been instructed to implement a remote access solution. All users on the network require remote access. All users should have the same remote access security requirements except the Administrators group. Users in the Administrators group will have less stringent security requirements. You need to configure the remote access server to meet the security requirements. What should you do?
| A. | Create two groups within RRAS, one for users and one for administrators. Create two remote access policies and use the Windows Groups condition to apply each policy to the appropriate set of users. |
| B. | Create two groups within Active Directory User and Computers, one for users and one for administrators. Create two remote access policies and use the Windows Groups condition to apply each policy to the appropriate set of users. |
| C. | Create two groups within RRAS. Configure different settings within a single policy for each group. |
| D. | Create two access policies. Using the Dial-In tab for each user account, specify which remote access policy should be applied. |
|
| 56. | You are the network administrator for Contoso Ltd. The company DNS servers are running Microsoft Windows Server 2003. A client reports that it is unable to resolve a hostname. You verify that the DNS server is online. You want to clear the contents of the DNS resolver cache on the client computer. What command should you use?
| A. | ipconfig /clearcache |
| B. | ipconfig /all |
| C. | ipconfig /flushdns |
| D. | ipconfig /cleardns |
|
| 57. | You are the network administrator for your company. All servers are running Microsoft Windows Server 2003. You are implementing an IP security policy for your network. SRV1 requires the highest level of security because it hosts sensitive company data. SRV2 does not require this level of security but should respond to any requests for secure communication. How should you proceed? (Choose two.)
| A. | Assign the Server (Request Security) policy on SRV1. |
| B. | Assign the Secure Server (Require Security) policy on SRV1. |
| C. | Assign the Client (Respond Only) policy on SRV2. |
| D. | Assign the Server (Request Security) policy on SRV2. |
| E. | Assign the Secure Server (Require Security) policy on SRV2. |
| F. | Assign the Client (Respond Only) policy on SRV1. |
|
| 58. | You are the network administrator of a Microsoft Windows Server 2003 network. The internetwork consists of 10 subnets. All subnets are connected using Windows Server 2003 RRAS servers. You configured nonpersistent demand-dial connections. You do not want to manually update routing tables. You want to configure password authentication between routers. Which of the following should you implement?
| A. | Static routes |
| B. | ICMP |
| C. | OSPF |
| D. | RIPv2 |
|
| 59. | You are one of the network administrators for your company. The network hosts several computers running Microsoft Windows Server 2003. Client computers are running Microsoft Windows XP Professional. One of the servers is configured as a Domain Name System (DNS) server. This server maintains the primary forward zone and reverse lookup zone for the company domain. You attempt to use the Nslookup command from your administrative workstation, Computer-01. However, you are unable to resolve the IP address of Computer-12 using the command. You can successfully use the command to resolve the IP addresses of other computers on the network. What should you do?
| A. | Create a host (A) record for Computer-12. |
| B. | Create a host (A) record for Computer-01. |
| C. | Create a pointer (PTR) record for Computer-12. |
| D. | Create a pointer (PTR) record for Computer-01. |
|
| 60. | You are the network administrator for your company. Domain controllers and member servers are running Microsoft Windows Server 2003. The network consists of several subnets. The subnets are connected using Windows Server 2003 routers. You need to configure a static route on Router01 to Subnet5. The static router must not be deleted from the routing table if the computer is restarted. Which of the following parameters should you use with the route command?
|
