Answers to Practice Exam


1.

D. The behavior exhibited by this problem, in that you can connect to the computer if you use Ping but cannot run a TCP-port based application (Remote Desktop), means that there is probably something blocking the port from forwarding traffic. Because two routers are sitting between Phoenix and Tucson, it is likely that one or both have been configured with a TCP port filter and need to have the RDP traffic TCP port 3389 enabled. Answer A is incorrect because you do not need to add users for Remote Assistance, only for Remote Desktop. Answer B is incorrect because this service is running if Jill was able to request assistance. Answer C is incorrect because the method of invitation does not affect whether communication can take place between the machines. Answer E is incorrect because the Windows Messenger traffic was able to successfully reach you because that is how Jill sent her original invitation. For more information, see the section "Configuring, Managing, and Troubleshooting Remote Desktop and Remote Assistance" in Chapter 11.

2.

A, D, and E. You should use the Advanced (Custom Settings) option on the Security tab. Then you should click the Settings button, and under the Data Encryption settings select Maximum Strength Encryption (Disconnect If Server Declines). Finally, on that same page, select the Use Extensible Authentication Protocol option and furthermore select Smart Card or Other Certificate (Encryption Enabled) from the list. Answers B, C, F, G, and H are all incorrect because these are all less secure than the advanced settings that use EAP for smart cards and require maximum strength encryption. For more information, see the section "Using a VPN Connection to Connect to Computers" in Chapter 11.

3.

D. The client computers most likely have an old registration for the server in their DNS cache. To fix this you need to flush the DNS cache, using the command ipconfig /flushdns. Then, when users attempt to connect to IP resources when the users utilize DNS names, their connection requests receive responses from the DNS server rather than from their old cached values. Answers A and B are incorrect because tracert provides the information about the path between the requesting computer and sending computer. Because the client computers have the wrong path information in the first place, tracert will not show the information needed nor correct the problem. Answer C is incorrect because nbtstat Rr on the server lists the NetBIOS names that have been resolved and refreshes its cache, but does not affect clients. For more information, see the section "Ipconfig" in Chapter 11.

4.

A. Microsoft gives users of the Windows XP operating system a 30-day grace period to activate Windows XP. Product activation is a frequent exam question. The other three choices do not apply in this scenario. For more information, see the section "Product Activation" in Chapter 1.

5.

A, B, and C. The best methods for uninstalling SP2 include the command c:\windows\$NtServicePackUninstall$\spuninst\spuninst.exe. Answer B brings up Add/Remove Programs, in which the option is given to uninstall SP2. Answer C enables you to choose a restore point created by System Restore before SP2 was installed. Answer D is not one of the best methods because you should use the Recovery Console as a last resort if there are problems with the other three methods. For more information, see the section "Applying Service Packs and Updates Manually" in Chapter 3.

6.

A and C. You can choose to either restore the profile from backup, or to use the data recovery agent to decrypt the documents and then allow the user to re-encrypt the documents, using his new profile. Answer B is incorrect because creating a new encryption key does not unlock any documents with the old encryption key. Answer D is incorrect because a .NET Passport is not necessary for decrypting an encrypted file. For more information, see the section "Establishing an EFS Policy" in Chapter 12.

7.

A and B. The Group Policy Editor pointed at Local Computer Policy\User Configuration\Administrative Templates\Start Menu and Taskbar can configure the two settings that ensure that users will not shut down the computer. The two policy settings to enable are (1) Remove Logoff to the Start Menu and (2) Remove and Prevent Access to the Shut Down Command. Answers C and D are incorrect because you cannot configure these options in the User Accounts applet. For more information, see the section "Configure, Manage, and Troubleshoot Account Policy" in Chapter 13.

8.

B. When you install Windows XP Professional with the default configuration, you are given a local user account with a password of 0 characters. Security for the domain prevents local users with no passwords from accessing any resources on the network. To fix this error, you should join the computer to the domain and instruct Geri to use her domain user account and password. Answers A, C, and D are incorrect because you cannot add a computer to a domain from the Disk Management utility or the shortcut menu that appears when right-clicking My Network Places. For more information, see the section "Domain Membership" in Chapter 1.

9.

E. Because users are routinely connecting to the Internet, it is likely that they are using Windows Firewall on their laptops. Windows Firewall prevents File and Printer Sharing across any network connection. If you allow an exception on the connection, then all shared folders, including hidden administrative shares, are vulnerable to the Internet. The optimal way to configure this is to enable the Prohibit Use of the Internet Connection Firewall on Your DNS Domain Network group policy. Answer A is incorrect because you need to have two adapters to bridge connections, at which point one of the adapters loses any specific IP address information and becomes a member of the other's IP subnet. Answer B is incorrect because the LAN connection in the question is not indicating any other problems that would require a repair. Answer C is incorrect because connecting Terrell's to Joren's laptop, whether successful or not, does not affect how other users can access the data that is being shared. For more information, see the section "Configuring a Windows Firewall After Installing SP2" in Chapter 11.

10.

B. You should create an answer file and from an administrative installation point, run the winnt32 command with the /unattend:unattend.txt switch to use the answer file script to generate a consistent operating system build that can upgrade the existing operating system. Answer A is wrong because you do not want to use the /UDF: switch with winnt because that switch looks for a uniqueness database. Answers C and D are wrong because you do not want to run either Sysprep or Riprep because both of those methods cannot be used for upgrades. For more information, see the section "Performing an Unattended Installation" in Chapter 2.

11.

A. The best tool for migrating the files and settings from 28 older computers to 28 newly installed Windows XP Professional computers is the User State Migration Tool (USMT). Answer B is wrong because the Files and Settings Transfer Wizard is best used to migrate files and settings of a single older computer to a single new one. Answers C and D are wrong because RIS and Sysprep do not migrate any settings. These two tools are used for new installations only. For more information, see the section, "Using USMT to Migrate Settings and Files" in Chapter 3.

12.

D and E. To require all computers except laptops to require domain controller authentication, you need to first separate the laptops and desktops from each other. Whether or not you create a separate OU for laptops does not affect this answer. You need to create the OU for desktops and apply the GPO to it. Within the GPO, you should disable all cached credentials by setting the Interactive Logon: Number of Previous Logons to Cache (in Case Domain Controller Is Not Available) policy to 0. Answers A, B, and C are wrong because they would result in applying the GPO to too many computers. You need to segregate the PCs that require the GPO and move them into their own OU. Answers F and G are wrong because they do not force a domain controller to authenticate a logon. For more information, see the section, "Configure, Manage, And Troubleshoot Account Policy" in Chapter 13.

13.

B and C. You can do one of two things to ensure that users can log on. You can either remove the restriction of the GPO that applies to desktop computers by moving the desktop computers from this location into a different OU that does not receive the original OU's settings; or you can install a Windows Server 2003 in the new site and promote it to a domain controller. If you bring on a domain controller at the site, users have a much lower risk of not being able to access a domain controller when they log on, and you are able to maintain the security of requiring domain controller authentication. Answer A is incorrect because the users are domain users, not local users as you would configure in Control Panel. Answer D is incorrect because Remote Assistance is not going to affect how users log on to the computer. For more information, see the section "Troubleshooting Cached Credentials" in Chapter 13.

14.

The correct policy to enable is Audit Object Access. All files and folders are considered objects, as are printers and other resources. After enabling this audit policy, you need to configure each object's individual Security tab of its Properties sheet, and then click the Advanced button and add the access success or failures for specific rightsin this case, the Delete permission Successfor the group Everyone. The other available auditing policies are incorrect because these do not apply to accessing shared resources. For more information see the section "Configuring, Managing, and Troubleshooting Auditing" in Chapter 13.

15.

A. The correct action to dictate to Beth is to enable the Audit Object Access policy. You cannot audit any object or event without first having an audit policy enabled. The audit policy associated with file and folder permissions is the Audit Object Access policy. Answer B is incorrect because there is no need for creating global objects. Answer C is incorrect because privilege use is applicable to users who log on and then use certain rights. Answer D is wrong because the resources that are being audited are not global system objects. For more information see the section "Configuring, Managing, and Troubleshooting Auditing" in Chapter 13.

16.

D. You need to instruct Joe to convert the file system to NTFS because compression is not supported on any other file system. Answer A is incorrect because there is no need to purchase additional hard drive or removable media storage. Answer B is incorrect because encryption also requires NTFS. Answer C is incorrect because FAT32 does not support compression. For more information see the section "Configuring, Managing, and Troubleshooting File Compression" in Chapter 5.

17.

B and C. To share the modem, one computer should be connected to both the modem and the network. That computer should be configured with ICS. This automatically begins a simplified DHCP service, with a DNS forwarding service and NAT service, to the rest of the computers. The remaining computers should all be configured as DHCP clients because they receive their IP address information from the sharing computer. Answer A is wrong because there is no need to install a router that uses NAT. The firewall is probably not necessary to install and configure, which means answer D is wrong. Answer F is wrong because the modem either obtains an IP address, or it is configured with a static IP addresseither way, it is still able to be shared. Answer E is wrong because only one computer needs to share the Internet connection. Answer G is wrong because you do not want to create a bridge on any of the computers. For more information, see the section "Configuring and Troubleshooting Internet Connection Sharing (ICS)" in Chapter 11.

18.

B, F, and G. You need to perform two parts of the encryption process. First, you need to install a CA server and request the correct types of certificates for EFS. Second, you need to run the cipher command for each shared folder as the user who should have ownership rights for the files. And finally, you should add the certificates for the users who should be granted permission to use the files. Answer A is incorrect because you do not need to apply a policy to the entire domain. Answer C is incorrect because this policy is not necessary under the objectives given. Answer D is incorrect because the cipher /d command decrypts data. Answer E is incorrect because self-signed certificates are not as manageable as a CA server. For more information, see the section "Configuring, Managing, and Troubleshooting Encrypting File System (EFS)" in Chapter 12.

19.

B. The correct option for a connection that requires smart cards is to configure the EAP protocol option with Smart Card or Other Certificate selected. Answer A is incorrect because PAP is the least secure protocol. Answer C is incorrect because typical settings are not the most secure. Answer D is incorrect because it is not the option to select for smart card authentication. For more information, see the section "Keyboard and Smart Card Reader" in Chapter 8.

20.

A and B. It is most likely that she will see No or Not Available under the Signed column in msinfo32's driver files. It is least likely that the driver was unsigned. Answer C is incorrect because it would indicate a signed device driver. Answer D is incorrect because msinfo32 does provide hardware information. For more information, see the section "Managing and Troubleshooting Drivers and Driver Signing Using XP's Rollback."

21.

D. To integrate a user ID and password into an FTP command, the proper way is to type the command ftp://user:password@ftp.wildandwoolyrecipes.com. Answers A, B, and C are all incorrect because of the syntax. For more information, see the section "Connecting to Resources Using Internet Explorer" in Ch 11.

22.

C. The GPO for the domain can be configured to include the Computer Configuration policy setting for Offer Remote Assistance. This policy enables a support person to initiate remote assistance calls without an end user being required to request the assistance. The remote control setting is optional. Answer A is wrong because there is no need to enable local users to authenticate as themselves because all computers are members of the domain. Answer B is wrong because you do not need to enable Remote Assistance because the question stated it was a standard configuration. Answer D is wrong because the Windows Firewall is not an issue to be considered based on the way the question is presented. For more information, see the section "Configuring, Managing, and Troubleshooting Remote Desktop and Remote Assistance" in Chapter 11.

23.

D. The problem was due entirely to a misconfigured default gateway address. When the default gateway address is incorrect, the data that is transmitted to the network does not have a path to exit to other subnets. The Ipconfig output confirms that the default gateway address is not the same as the router's address for subnet A. The output also confirms that the error is not caused by name resolution or a router misconfiguration. Answers A and B are wrong because the data revealed that there was a problem with the IP configuration. Answer C is incorrect because the subnet mask was correct and does not need to be changed. For more information, see the section "Troubleshooting TCP/IP" in Chapter 11.

24.

A. You should note that the information in the default website properties states that Robert has changed the TCP port from the default of 80 to 81. Therefore, to connect, Ed must type http://192.168.0.88:81. Answer B is incorrect because there is no need for using the https:// form because SSL is not enabled. Answer C is incorrect because Ed has already failed to connect using the standard IP address, and answer D is incorrect because you do not use the file:// form because you are accessing a website, not a file. For more information, see the section "Configuring, Managing, and Implementing Internet Information Services (IIS)" in Chapter 11.

25.

B. You should use the F6 option in Windows Setup to select a SCSI driver so that the hard disk can be recognized. Answer A is wrong because you have not reached the point during installation where video drivers have been installed. Answer C is wrong because you do not need to select a HAL for hard disk recognition, you select a HAL after the hard disk has been recognized. Answer D is wrong because the computer functioned prior to running RIS, therefore the SCSI adapter is terminated properly. For more information, see the section "Troubleshooting an Unattended Installation" in Chapter 4.

26.

A. You should cancel Setup and request access to the network installation point files. Answers B, C, and D are incorrect because you must use the correct media with the correct product key. For more information, see the section, "Troubleshooting an Attended Installation" in Chapter 4.

27.

A. For unattended installations that are executed from CD media, you can rename your answer file to Winnt.sif and place it on a floppy disk. Answers B, C, and D are wrong because only the Winnt.sif filename can be used when executing an unattended installation from a local CD. Other names can be used in network installations. For more information, see the section, "Performing an Unattended Installation of Windows XP Professional" in Chapter 2.

28.

C. For the Offline Files feature to function properly, users must have the permission to write new files to the folder and to create new subfolders. The Write permission provides this functionality. You would select the local Users group because the Domain Users global group is automatically made a member of all the Users groups. Answer A is incorrect because you cannot convert a file system back to FAT32. In addition, Offline Files requires the file system to be NTFS. Answer B is incorrect because laptops do not support dynamic disks. Answer D is incorrect because you do not want to grant any domain global groups permissionsthe correct procedure is to grant permissions to local groups and place the global groups in the local groups as needed. For more information, see the section "Handling Offline Files" in Chapter 5 and the section "Configuring, Managing, and Troubleshooting Local User and Group Accounts" in Chapter 13.

29.

D. The problems exhibited by the MOV application are classic errors connected with applications that require 256-color mode. Because 256 colors is not natively supported, you must run the application in compatibility mode as directed. Answers A and B are wrong because the display settings are not a problem that need to be resolved because all other applications were functioning prior to MOV. Answer C is incorrect because there is no error shown that would require you to use the Run As option. For more information, see the section, "Optimizing and Troubleshooting Application Performance" in Chapter 9, and the section "Installing, Configuring, and Troubleshooting a Video Adapter" in Chapter 7.

30.

D and F. You can modify hardware profiles in a number of ways. Because you want to retain the Docked profile, you should either remove the Docked profile from being an option in the boot menu or make the Undocked profile become first in the list and then force it to always be selected immediately. Answer A is incorrect because the BIOS version does not affect how the profile loads. Answer B is incorrect because the Removable Storage utility only holds data about the docking station, it does not change the profile. Answer C is incorrect because you want the Undocked profile to appear. Answer E is incorrect because you may want to use the docked profile at some other time. For more information, see the section "Managing Multiple Hardware Profiles for Laptop Users" in Chapter 9.

31.

C and D. The Scanstate and Loadstate utilities are both part of the User Settings Migration Tool (USMT) that you would use to transfer files and settings. Answers A and B are wrong because you would not use Sysprep because the image it gathers is user-independent and would not include such personal data settings. In addition, you should not use Sysprep to create an image from a computer that has already been used in a production environment. For more information, see the section "Using USMT to Migrate Settings and Files" in Chapter 3.

32.

B, C, E, and G. The best way to configure TECH is to use the AGDLP method, where Accounts are placed in Global groups, which are placed in Domain Local groups, which are granted Permissions. The permissions you must enable are the Read & Execute, List Folder Contents, and Read permissions to the share, and the Add Workstations to Domain permission. Answer A is incorrect because you place users into global groups. Answer D is incorrect because you place global groups into local groups, not vice versa. Answer F is incorrect because you grant rights to local groups, not global groups. For more information, see the section "Deploying an Unattended Installation" in Chapter 2 and the section "Configuring, Managing, and Troubleshooting User and Group Rights" in Chapter 13.

33.

D. You can configure the Reports function to start in a lower priority and take less processing power by editing the shortcut on the Start menu to have a low priority. Answers A and B are wrong because you do not want to change the performance management of the entire computer based on the poor performance of one application. Answer C is wrong because Realtime mode takes up even more processing power, plus it can cause a computer crash. Answer E is wrong because the /Min switch minimizes the application window while the application is running, which does not affect the processor usage. For more information, see section "Optimizing and Troubleshooting Application Performance" in Chapter 9.

34.

A, E, and F. What you will need to do is to convert the drive to NTFS because you can mount a volume to a partition only if it is formatted with NTFS. You also need to move the existing files out of the folder because you mount partitions to an empty folder. Then you need to use the Disk Management tool to mount the partition. This is done by right-clicking the new striped volume and selecting Change Drive Letters and Paths, then click Add and finally select Mount in the Following Empty NTFS Folder. Answer B is incorrect because you will not add the drive transparently for the user. Answer C is wrong because you need to have NTFS. Answer D is wrong because it isn't necessary for this process. Answer G is wrong because you cannot relocate the temporary files to the new disk unless you mount the new disk at the folder where the CAD program stores files. For more information, see the section "Implementing, Managing, and Troubleshooting Disk Devices" in Chapter 7.

35.

B. Jack should create a new local group, without changing the existing TAX group. The new group should include only you as a member and be granted the AllowManage Documents right and the AllowPrint Printers right to the printer. Answer A is wrong because removing Chloe from TAX would cause her to lose access to client accounts. Answer C is wrong because you need to have the Manage Documents right. Answer D is incorrect because if you are moved out of the TAX group, you lose access to client accounts. For more information, see the section "Controlling Access to Printers with Permissions" in Chapter 6.

36.

C. The only option that will work is to run Windows Product Activation (WPA). To avoid such problems in the future, you should purchase volume licensing and use the volume licensing media. Answer A is incorrect because WPA doesn't depend on passwords. Answer B is wrong because the Account Lockout policy is not involved in WPA. Answer D is incorrect because you cannot use the computers until you have activated them using WPA. For more information, see the section "Product Activation" in Chapter 1.

37.

A and C. When you move a file or folder from one volume to another, the file or folder loses its original attributes. The file or folder also takes on the attributes provided by the new parent folder. Answers B and D are incorrect because they indicate the opposite behavior of a file that is moved between volumes. For more information, see the section "Configuring, Managing, and Troubleshooting File Compression" in Chapter 5, and the section "Encrypting File System Basics" in Chapter 12.

38.

You should enable the Files Not Cached policy. In this policy's Properties dialog box, you would then add the file extension .dbs to the list provided. Doing so can ensure that users can continue using the offline files feature by removing the capability to cache the .dbs files, because they were the only corrupt files. You would not enable the Remove Make Available Offline policy because you do not want to stop users from using the offline files. You would not enable the Administratively Assigned Offline Files policy because you don't want to administratively assign the .dbs files because that will further corrupt them. You don't need to configure the Synchronize Offline Files Before Suspend policy because it will not affect your corruption issue. For more information, see the section "Handling Offline Files" in Chapter 5.

39.

C. You can encrypt the contents of the Clients folder by using the cipher /e command. To ensure that other tax preparers can use the files, you must add each preparer's file encryption certificate to the Encryption attributes options. Answer A is wrong because that would render users incapable of accessing the resources. Answer B is wrong because it would render the computer fully open to anyone who happened to pass by and log on. Answer D is incorrect because the /d switch causes files to be decrypted rather than encrypted. For more information, see the section "Encrypting a File" in Chapter 12.

40.

C. When you have a profile and rename it with the .man extension, it becomes a mandatory profile that cannot be saved. Mandatory profiles are roaming profiles that use the .man extension. Answer A is wrong because a roaming profile can be overwritten by anyone who uses it. Answer B is wrong because the NTFS Write permission enables users to make changes to the file. Answer D is wrong because it does not affect the profiles for the users. For more information, see the section "Establishing Mandatory Profiles" in Chapter 10.

41.

C. You can change the user's home directory on the Profile tab of the user account so that the My Documents folder is redirected rather than cached and downloaded as part of the profile. Answer A is wrong because disabling cached credentials does not reduce logon time; in fact it may increase it by forcing the computer to authenticate before it completes the logon process. Answer B is wrong because the unlock workstation process occurs after the user has already logged on, and later the screensaver locks the computer. Answer D is wrong because that does not affect the speed of the logon when downloading a large roaming profile. For more information, see the section "Configuring and Managing User Profiles and Desktop Settings" in Chapter 10.

42.

A. You can restart the computer with the Last Known Good configuration. The Last Known Good Configuration can be used because John didn't log on after the Stop error. Answers B, C, and D are wrong because they all require more time and effort than using the Last Known Good Configuration. For more information, see the section "Returning to the Last Known Good Configuration" in Chapter 9.

43.

C. You can take ownership of the files that Ray needs access to and then grant Ray the appropriate permissions to use them. Answers B and C are wrong because you should not do anything that will affect Joan's account because she will return. Answer D is wrong because you do not need to go to the trouble of reinstalling and restoring the computer. For more information, see the section "Understanding NTFS Permissions" in Chapter 5.

44.

D. Jack will be granted no rights to the FOLDER share. When accessing a shared folder that is configured with NTFS permissions, the lowest level of permissions apply. Plus the Denied permission overrides all other permissions. Answers A, B, and C are incorrect because Jack's membership in the Accounting group denies him all rights under Full Control to access the files across the network. For more information, see the section "Establishing Share Permissions" in Chapter 5.

45.

A. Multiple monitors can be configured to extend the desktop across them. When doing so you may find that the screen is not extended the way that you would expect. To correct these errors, you can drag the monitor icons shown in the Display Properties Settings tab until the desktop is configured in the proper order. Answer B is incorrect because you want the desktop to be extended. Answer C is incorrect because switching primary monitors does not affect desktop placement across the screens. Answer D is incorrect because you do not need to update a driver to move the monitor configuration around. Answer E is incorrect because you should not disable either of the monitors. For more information, see the section "Configuring Multiple Display Support" in Chapter 7.

46.

C. The error displayed suggests that the initial size of the paging file is too small. You can either increase the size of the paging file or you can allow the system to manage the size. Note that you should also ensure that the cache for temporary Internet files is not so large that it could encroach on the size of the paging file. Answer A is wrong because a dynamic disk would exhibit the same errors if the pagefile were too small. Answer B is incorrect because Write Caching is not going to fix the problem with the disk. Answer D is incorrect because you will cause the computer to act more slowly by giving priority to background services. For more information, see the section "Setting the Pagefile" in Chapter 9.

47.

D. You can configure an alternate IP address configuration so that users can plug into both the corporate network and the DSL Internet connection at home without needing to manually reconfigure the connection. Answer A is incorrect because APIPA does not provide a static IP address. Answer B is incorrect because ICS is unnecessary in this scenario. Answer C is incorrect because the cable IP configuration is already proven to be incompatible. For more information, see the section "Configuring IP Addresses" in Chapter 11.

48.

D. The problem indicated is due to the upgrade process using the Windows 2000 video adapter driver. Answer A is wrong because you cannot roll back to this version of the driver because it was never installed to begin with. Instead, you need to start the computer in Safe Mode and install the Windows 2000 video adapter driver. Answer B is wrong because that does not provide you with the video performance that you need. Answer C is wrong because SP2 does not necessarily include the driver you should be installing. For more information, see section "Troubleshooting Failed Installations" in Chapter 4.

49.

B. You select Setup Manager so that you can create an answer file and then deploy a scripted installation. Answer A is wrong because you don't have access to a server; you cannot use RIS. Answer C is wrong because you don't have access to third-party tools; you should not use Sysprep. Answer D is wrong because you were not given a CD to use; you cannot use the unattended installation using a CD. For more information, see the section "Performing an Unattended Installation of Windows XP Professional" in Chapter 2.

50.

C. You should configure the Power Options applet to use the Always On power management scheme when you are using the camera. Answer A is incorrect because APM is incompatible with ACPI, in addition to being an older version. Answer B is incorrect because power management features are already functioning because the computer is powering down. Answer D is incorrect because you need to configure the power options, not a hardware profile. Hardware profiles are used when you change the hardware configuration of the computer. For more information, see the section "Configuring Advanced Configuration Power Interface" in Chapter 7.



Exam Prep 2. Windows XP Professional
MCSA/MCSE 70-270 Exam Prep 2: Windows XP Professional
ISBN: 0789733633
EAN: 2147483647
Year: 2004
Pages: 193

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net