Self Test

A Quick Answer Key follows the Self Test questions. For complete questions, answers, and epxlanations to the Self Test questions in this chapter as well as the other chapters in this book, see the Self Test Appendix.

Identifying Required Updates

1. 

Andrea is responsible for keeping 550 Windows 2000 computers up to date. She would like to determine what, if any, required updates her computers need on a weekly basis. What is the best way for her to go about performing this task with the least administrative effort?

  1. Andrea needs to visit each computer and run HFNetChk locally.

  2. Andrea needs to create a script that runs HFNetChk against her computers and saves the results to a network share for her to examine.

  3. Andrea needs to configure a script that runs Windows Update against each of her computers and provides a text file output.

  4. Andrea needs to keep a log of installed versus required updates for each computer and check the Microsoft Web site weekly, looking for new updates that might be required.

 answer b is correct. creating a script to run hfnetchk against her computers is the best option for andrea in this situation. using a command similar to hfnetchk v d domain_name o tab f hfnetchk_scan.txt , she can configure a scan of the entire network that creates a text tab-delimited output file that can be easily analyzed in microsoft excel or access to determine the current update status of all her computers. she can then determine the updates that must be applied and the proper order. running hfnetchk locally from each computer is most definitely not the way to accomplish this task using the least amount of administrative effort, thus answer a is incorrect. windows update cannot be configured to run and produce a text file output in the way that andrea requires, thus answer c is incorrect. keeping a log book of installed updates for each computer, although a good practice, is not an effective solution in this situation, thus answer d is incorrect.

2. 

Austin is trying to run the MBSA tool on one of his member servers when he is prompted to download and install a strange file claiming to be from Microsoft. What will happen if he rejects the download request for the file MSSecureXML file?

  1. Nothing. The file is optional and not required to complete the scan using MBSA.

  2. Nothing. The download request was obviously a hack attempt from an outside party. Microsoft never needs to download anything to your computer in order to determine its current update status.

  3. Nothing. The MBSA tool cannot work without the file.

  4. Nothing. As long as Austin knows which updates are and are not installed on his server, MBSA will function properly.

 answer c is correct. without the xml file containing the list of all updates and fixes, the mbsa tool cannot run. the same holds true when you're attempting to use the hfnetchk tool. the mssecurexml file is required in order for mbsa to function, thus answers a , b , and d are all incorrect.

3. 

Christopher is looking for a tool that can scan all 458 of his network computers from a central location and provide a detailed report of all updates and patches that he needs to apply. He would like to perform this scan with the least amount of administrative effort. What options are available to him? (Choose all correct answers.)

  1. Christopher can use the HFNetChk tool as part of a batch file or script to perform this task.

  2. Christopher can use Software Update Services to perform this task.

  3. Christopher can use the URLScan tool as part of a batch file or script to perform this task.

  4. Christopher can use the MBSA tool from either the command line or the GUI to perform this task.

 a, d . christopher has a choice of using either (or both) the hfnetchk tool and the mbsa tool. both will provide him with a report of the update situation on his network. the mbsa tool, however, will also provide christopher with all sorts of other computer security-related information that he might not be looking for or be responsible for maintaining. software update services, used with the automatic updates client, will install the required updates to computers and do not meet the requirements of the question, thus answer b is incorrect. the urlscan tool is used to secure iis servers, not for scanning computers for missing updates, thus answer c is incorrect.

4. 

José is creating a script to run the HFNetChk tool on his network to scan for missing updates. What command does he need to use to allow the application to read a text file containing the IP addresses of the computers that he wants to scan?

  1. hfnetchk -h

  2. hfnetchk -i

  3. hfnetchk -fh

  4. hfnetchk -fip

 d . the fip switch instructs the hfnetchk tool to read a list of ip addresses from a text file. the ip addresses in the file are those of the computers to be scanned by hfnetchk. the h switch instructs hfnetchk to scan the specified netbios hostname, thus answer a is incorrect. the i switch instructs hfnetchk to scan the specified ip address, thus answer b is incorrect. the fh switch instructs hfnetchk to scan the list of netbios host names specified in the text file, thus answer c is incorrect.

5. 

Austin has performed several scans of his network using the MBSA tool. Hannah now wants to examine the results of the scans, but she cannot do so. What is the most likely reason for this problem?

  1. Hannah is not a member of the Domain Admins group and thus does not have the proper permissions to access the location to which the scan results have been saved.

  2. Hannah does not have the proper permissions to access files located in Austin's Documents and Settings folder.

  3. Hannah is not connected to the network.

  4. Hannah's computer is not configured to use Kerberos as its authentication protocol.

 b . mbsa, by default, saves all scans in the documents and settings\user_name\securityscans folder. this is most likely the reason that hannah cannot access the files, since they are located in austin's private folders. austin can allow hannah to access the files by modifying the ntfs permissions or, alternatively, he can opt to save the scans to a more accessible location in the future. membership in the domain admins group is not required to run the mbsa tool or view the scan results, thus answer a is incorrect. hannah not having an active connection to the network would certainly have an impact on her ability to access network files, but that is not as likely a scenario as a permissions problem, thus answer c is incorrect. the use of the kerberos protocol has nothing at all to do with using the mbsa tool or viewing the scan results, therefore answer d is also incorrect.

6. 

Bruno is responsible for the security of the Windows 2000 computers in his organization. He has several junior administrators who work for him and apply patches and updates to computers as required. What can Bruno do to allow his junior administrators to be able to easily read the MBSA scan results that he generates on a daily basis with the least effort?

  1. Have the junior administrators perform their own MBSA scans. This way, the scan results will be in their Documents and Settings folders.

  2. Run the MBSA tool and elect for the results to be redirected to a location other than the default.

  3. Give the junior administrators the required NTFS permissions to access the scan results in his Documents and Settings folder.

  4. E-mail the MBSA results to all junior administrators daily.

 b . the easiest thing to do, and the only thing that makes sense from a time and effort perspective, is for bruno to simply change the location where the mbsa scan results are saved from the default location within his documents and settings folder. this location should be a network share that is accessible to all junior administrators. having each junior administrator perform his or her own scan is a waste of time and network resources, thus answer a is incorrect. giving each junior administrator the required ntfs permissions for bruno's documents and settings folder is not required and is dangerous, thus answer c is incorrect. e-mailing the mbsa scan results to each junior administrator daily is again time and resource intensive, thus answer d is also incorrect.

Answers

1. 

þ Answer B is correct. Creating a script to run HFNetChk against her computers is the best option for Andrea in this situation. Using a command similar to hfnetchk –v –d domain_name –o tab –f hfnetchk_scan.txt, she can configure a scan of the entire network that creates a text tab-delimited output file that can be easily analyzed in Microsoft Excel or Access to determine the current update status of all her computers. She can then determine the updates that must be applied and the proper order.

ý Running HFNetChk locally from each computer is most definitely not the way to accomplish this task using the least amount of administrative effort, thus Answer A is incorrect. Windows Update cannot be configured to run and produce a text file output in the way that Andrea requires, thus Answer C is incorrect. Keeping a log book of installed updates for each computer, although a good practice, is not an effective solution in this situation, thus Answer D is incorrect.

2. 

þ Answer C is correct. Without the XML file containing the list of all updates and fixes, the MBSA tool cannot run. The same holds true when you're attempting to use the HFNetChk tool.

ý The MSSecureXML file is required in order for MBSA to function, thus Answers A, B, and D are all incorrect.

3. 

þ A, D. Christopher has a choice of using either (or both) the HFNetChk tool and the MBSA tool. Both will provide him with a report of the update situation on his network. The MBSA tool, however, will also provide Christopher with all sorts of other computer security-related information that he might not be looking for or be responsible for maintaining.

ý Software Update Services, used with the Automatic Updates client, will install the required updates to computers and do not meet the requirements of the question, thus Answer B is incorrect. The URLScan tool is used to secure IIS servers, not for scanning computers for missing updates, thus Answer C is incorrect.

4. 

þ D. The –fip switch instructs the HFNetChk tool to read a list of IP addresses from a text file. The IP addresses in the file are those of the computers to be scanned by HFNetChk.

ý The –h switch instructs HFNetChk to scan the specified NetBIOS hostname, thus Answer A is incorrect. The –i switch instructs HFNetChk to scan the specified IP address, thus Answer B is incorrect. The –fh switch instructs HFNetChk to scan the list of NetBIOS host names specified in the text file, thus Answer C is incorrect.

5. 

þ B. MBSA, by default, saves all scans in the Documents and Settings\user_name\SecurityScans folder. This is most likely the reason that Hannah cannot access the files, since they are located in Austin's private folders. Austin can allow Hannah to access the files by modifying the NTFS permissions or, alternatively, he can opt to save the scans to a more accessible location in the future.

ý Membership in the Domain Admins group is not required to run the MBSA tool or view the scan results, thus Answer A is incorrect. Hannah not having an active connection to the network would certainly have an impact on her ability to access network files, but that is not as likely a scenario as a permissions problem, thus Answer C is incorrect. The use of the Kerberos protocol has nothing at all to do with using the MBSA tool or viewing the scan results, therefore Answer D is also incorrect.

6. 

þ B. The easiest thing to do, and the only thing that makes sense from a time and effort perspective, is for Bruno to simply change the location where the MBSA scan results are saved from the default location within his Documents and Settings folder. This location should be a network share that is accessible to all junior administrators.

ý Having each junior administrator perform his or her own scan is a waste of time and network resources, thus Answer A is incorrect. Giving each junior administrator the required NTFS permissions for Bruno's Documents and Settings folder is not required and is dangerous, thus Answer C is incorrect. E-mailing the MBSA scan results to each junior administrator daily is again time and resource intensive, thus Answer D is also incorrect.

Deploying and Managing Updates

7. 

Lily is responsible for 20 Windows 2000 computers in her organization. All the computers are on one campus, but they are scattered among four different buildings. Lily is the only network administrator in her company. Her network is a Windows 2000 Active Directory network. What is the easiest way for Lily to keep all her clients updated with the patches and updates they need but not to allow any updates or patches to be issued until she is satisfied that they are stable?

  1. Lily should use Windows Update on each computer locally to download and install the updates her computers need.

  2. Lily should use the Windows Update Catalog to download and install the updates her computers need.

  3. Lily should use Software Update Services and the Automatic Updates client to download and install the updates her computers need.

  4. Lily should download all the updates she needs and create an integrated installation CD-ROM to distribute to each of the four buildings to install the updates on her computers.

 c . using the software update service to download updates to the local computer, lily can examine each one for applicability (not all updates that are downloaded will be applicable to her network) and test them for stability and compatibility. when she is satisfied with an update, she can add it to the list of approved updates in sus. automatic updates clients, when configured properly in group policy to look toward an internal windows update server, make available only those updates that have been placed on the approved list within sus. visiting each computer and using windows update would be a waste of time and network resources for lily-especially considering that her 20 computers are spread over four different buildings, thus answer a is incorrect. using the windows update catalog would enable lily to selectively download the updates she wants. however, this solution provides no automatic means of update deployment and installation like that offered by the combination of sus and automatic updates, thus answer b is incorrect. creating an integrated installation cd-rom is a fantastic solution for deploying new clients-but not a realistic one in this case, since the computers are already in place, thus answer d is incorrect.

8. 

Hannah needs to locate and download applicable security updates for her network for testing in a lab environment. What are the best ways for her to get these updates as quickly as possible without downloading anything she doesn't want or installing any additional network services? (Choose all that apply.)

  1. Hannah can visit the TechNET security page and download specific updates that she needs.

  2. Hannah can use the Software Update Services to download available updates.

  3. Hannah can use the Windows Update Catalog to download the updates she needs.

  4. Hannah can allow her computers to use Automatic Updates from the Windows Update Web servers.

 a , c . the best way for hannah to get the files she needs, and nothing else, without installing or configuring any additional software or services is to either visit the technet security page and download specific updates or to browse the windows update catalog and download specific updates. using software update services does not satisfy the requirements of this question in that it requires a new service to be installed and configured on the network, thus answer b is incorrect. likewise, using automatic updates from the windows update web servers does not satisfy the requirements of the question in that unnecessary updates are likely to be downloaded to her computers, therefore answer d is incorrect.

9. 

Rick is preparing to install eight hotfixes to his file and print servers. What method should Rick use to ensure that all eight hotfixes get applied correctly and the servers have no stability or compatibility issues after he is done, using the least amount of administrative effort?

  1. Rick should use the Qchain.exe tool in conjunction with a batch file or script to install all eight hotfixes in one shot.

  2. Rick should manually install each hotfix, in order from lowest Q article number to highest Q article number, restarting his server after each one to make sure that version conflicts are prevented.

  3. Rick should manually install all eight hotfixes and then restart his server to ensure that the updates are applied.

  4. Rick should extract all the files from the hotfix executables and then copy these over the existing files on his server.

 a . rick would be wise to use the qchain.exe tool during the process of deploying his eight hotfixes. only by using the qchain.exe tool can he be assured that version conflicts and system stability issues will be avoided in most cases. although manually installing each hotfix one at a time is a viable solution, it does not meet the specified criteria in that it takes far from the least amount of effort to make it happen, thus answer b is incorrect. installing all eight hotfixes at one time and then restarting the server is a sure recipe for disaster because version conflicts are likely to occur, therefore answer c is incorrect. extracting the files and copying them to the server is not a valid solution and should never be done, thus answer d is also incorrect.

10. 

Cindy is trying to install the Software Update Service on her server computer, but the installation keeps failing. What is the most likely reason for this problem?

  1. Cindy's network does not have Active Directory, which is required for SUS to work.

  2. Cindy is attempting to install SUS onto a domain controller, which is not allowed.

  3. Cindy's network has only Windows XP Professional clients. You must have Windows 2000 clients for SUS to install properly.

  4. Cindy does not have Enterprise Admin credentials.

 b . sus cannot be installed onto a domain controller. this is the most likely reason that the installation is failing for cindy. active directory is not required for sus to function, although it does make configuring the automatic updates client behavior much easier, thus answer a is incorrect. the type of network client does not affect the installation of the sus service, thus answer c is incorrect. sus does not require enterprise admin credentials to install, so answer d is not a valid answer for the problem.

11. 

Tom has installed and configured the Automatic Updates client on his computer to download updates from an internal server named GREEN42. Automatic Updates was configured to download and install, automatically, any available updates from GREEN42 on a daily basis. After several weeks, Tom noticed that no updates have been applied to his client computer. Given what you know so far, what is the most likely reason that no updates have been received on Tom's computer?

  1. Tom turns his computer off during the update period that has been configured.

  2. GREEN42 is either not running SUS or is not receiving updates from the Windows Update servers.

  3. Tom forgot to accept the supplemental End User License Agreement that is required to make Active Updates function properly.

  4. Tom's copy of Windows 2000 is not properly licensed.

 b . the most likely cause of tom's problem is that he either does not have or does not have correctly configured an sus server named green42 on his network. if the server green42 does actually exist and has been configured with sus, it is likely that green42 has not yet been configured for synchronization with the windows update servers-thus no updates are available for download and installation onto tom's client computer. tom turning his off during the update period is possible, but nothing was mentioned about this in the question, thus answer a is not correct. there is no supplemental end user license agreement to accept for automatic updates on the client computer, thus answer c is incorrect. the licensing status of tom's copy of windows 2000 is not an issue in regard to automatic updates (although the business software alliance might be paying him a visit if it's unlicensed), thus answer d is not correct.

12. 

Catherine is preparing to deploy Windows 2000 Professional to 75 new workstations in her company. She knows that a new service pack has been made available for Windows 2000, but her Windows 2000 Professional Setup CD-ROM only has Service Pack 1. What is the easiest and fastest way for Catherine to get these 75 new clients installed with Windows 2000 Service Pack 3 without placing an undue strain on the network?

  1. Visit each client, installing Windows 2000 Professional Service Pack 1. After the installation is complete, install Service Pack 3.

  2. Create a slipstreamed installation source using her Windows 2000 Professional Setup CD-ROM and the Service Pack 3 files. Deploy this source to her new clients over the network using the Remote Installation Service.

  3. Use RIS to deploy a Windows 2000 Service Pack 1 image. After this process has been completed, use Group Policy and IntelliMirror to deploy Service Pack 3 using the update.msi file.

  4. Create a slipstream installation source and burn it back to CD-ROM using her Windows 2000 Professional Setup CD-ROM and the Service Pack 3 files. Visit each machine and install Windows 2000 Professional Service Pack 3 from this slipstreamed CD-ROM.

 b . creating a slipstreamed installation source and then turning that into a cd-based ris image for deployment using the remote installation service is by far the best option of any presented. although she can manually install windows 2000 and then install service pack 3 after that, this process is too time consuming and does not satisfy the criterion for fastest method, thus answer a is incorrect. deploying windows 2000 professional service pack 1 via ris and then following up with a group policy-based update to service pack 3 is a waste of both time and network resources, thus answer c is incorrect. creating a slipstreamed service pack 3 cd-rom and manually installing windows 2000 professional service pack 3 on her 75 computers is also too time consuming and thus does not meet the specified criteria for the question, thus answer d is incorrect.

13. 

Jon is responsible for three client computers that are not part of the corporate network. These computers have Internet connectivity through a broadband DSL connection at their remote site. What is the best way for Jon to keep these three computers up to date without having to travel to this remote location or spend unnecessary money? No users at the remote location are technically competent to perform this task for Jon.

  1. Jon has no other choice but to travel to this location.

  2. Jon should install and configure the Automatic Updates client to get critical updates from the Windows Update servers and automatically install them upon download.

  3. Jon should FTP into the computers and run the HFNetChk tool to check for required updates.

  4. Jon should configure these computers to participate in the corporate network via a leased WAN link.

 b . by allowing automatic updates to download and install updates from the windows update web servers, jon can be assured that his remote clients are getting the updates they require. traveling to this location is a solution, but an unacceptable one, thus answer a is incorrect. making an ftp connection to the computers is not a viable solution; hfnetchk cannot be run via ftp, thus answer c is incorrect. leasing a wan link for these three computers is not economically feasible, thus answer d is incorrect.

Answers

7. 

þ C. Using the Software Update Service to download updates to the local computer, Lily can examine each one for applicability (not all updates that are downloaded will be applicable to her network) and test them for stability and compatibility. When she is satisfied with an update, she can add it to the list of approved updates in SUS. Automatic Updates clients, when configured properly in Group Policy to look toward an internal Windows Update server, make available only those updates that have been placed on the approved list within SUS.

ý Visiting each computer and using Windows Update would be a waste of time and network resources for Lily—especially considering that her 20 computers are spread over four different buildings, thus Answer A is incorrect. Using the Windows Update Catalog would enable Lily to selectively download the updates she wants. However, this solution provides no automatic means of update deployment and installation like that offered by the combination of SUS and Automatic Updates, thus Answer B is incorrect. Creating an integrated installation CD-ROM is a fantastic solution for deploying new clients—but not a realistic one in this case, since the computers are already in place, thus Answer D is incorrect.

8. 

þ A, C. The best way for Hannah to get the files she needs, and nothing else, without installing or configuring any additional software or services is to either visit the TechNET security page and download specific updates or to browse the Windows Update Catalog and download specific updates.

ý Using Software Update Services does not satisfy the requirements of this question in that it requires a new service to be installed and configured on the network, thus Answer B is incorrect. Likewise, using Automatic Updates from the Windows Update Web servers does not satisfy the requirements of the question in that unnecessary updates are likely to be downloaded to her computers, therefore Answer D is incorrect.

9. 

þ A. Rick would be wise to use the Qchain.exe tool during the process of deploying his eight hotfixes. Only by using the Qchain.exe tool can he be assured that version conflicts and system stability issues will be avoided in most cases.

ý Although manually installing each hotfix one at a time is a viable solution, it does not meet the specified criteria in that it takes far from the least amount of effort to make it happen, thus Answer B is incorrect. Installing all eight hotfixes at one time and then restarting the server is a sure recipe for disaster because version conflicts are likely to occur, therefore Answer C is incorrect. Extracting the files and copying them to the server is not a valid solution and should never be done, thus Answer D is also incorrect.

10. 

þ B. SUS cannot be installed onto a domain controller. This is the most likely reason that the installation is failing for Cindy.

ý Active Directory is not required for SUS to function, although it does make configuring the Automatic Updates client behavior much easier, thus Answer A is incorrect. The type of network client does not affect the installation of the SUS service, thus Answer C is incorrect. SUS does not require Enterprise Admin credentials to install, so Answer D is not a valid answer for the problem.

11. 

þ B. The most likely cause of Tom's problem is that he either does not have or does not have correctly configured an SUS server named GREEN42 on his network. If the server GREEN42 does actually exist and has been configured with SUS, it is likely that GREEN42 has not yet been configured for synchronization with the Windows Update servers—thus no updates are available for download and installation onto Tom's client computer.

ý Tom turning his off during the update period is possible, but nothing was mentioned about this in the question, thus Answer A is not correct. There is no supplemental End User License Agreement to accept for Automatic Updates on the client computer, thus Answer C is incorrect. The licensing status of Tom's copy of Windows 2000 is not an issue in regard to Automatic Updates (although the Business Software Alliance might be paying him a visit if it's unlicensed), thus Answer D is not correct.

12. 

þ B. Creating a slipstreamed installation source and then turning that into a CD-based RIS image for deployment using the Remote Installation Service is by far the best option of any presented.

ý Although she can manually install Windows 2000 and then install Service Pack 3 after that, this process is too time consuming and does not satisfy the criterion for fastest method, thus Answer A is incorrect. Deploying Windows 2000 Professional Service Pack 1 via RIS and then following up with a Group Policy-based update to Service Pack 3 is a waste of both time and network resources, thus Answer C is incorrect. Creating a slipstreamed Service Pack 3 CD-ROM and manually installing Windows 2000 Professional Service Pack 3 on her 75 computers is also too time consuming and thus does not meet the specified criteria for the question, thus Answer D is incorrect.

13. 

þ B. By allowing Automatic Updates to download and install updates from the Windows Update Web servers, Jon can be assured that his remote clients are getting the updates they require.

ý Traveling to this location is a solution, but an unacceptable one, thus Answer A is incorrect. Making an FTP connection to the computers is not a viable solution; HFNetChk cannot be run via FTP, thus Answer C is incorrect. Leasing a WAN link for these three computers is not economically feasible, thus Answer D is incorrect.

Troubleshooting Update Installations

14. 

You are the network administrator of a medium-sized regional organization that has one central office and six field offices spread out over several states. A user in each field office is performing most of the local administrative functions for you, although these users are not as knowledgeable as you would like them to be and sometimes cause problems that you must correct yourself. Yesterday, one of your "assistant administrators" applied several hotfixes to a Windows 2000 server computer in his office. Today you received a phone call from this "assistant administrator" informing you that the power failed in that location overnight and now the Windows 2000 server will not start properly. What do you suspect is the cause of this problem?

  1. The power supply in the server has been damaged.

  2. The user did not properly apply the hotfixes by restarting the server after each one or by using Qchain.

  3. The server was attacked overnight and the Registry has been damaged by the attacker.

  4. The user did not use the HFNetChk tool to determine the hotfixes that were required.

 b . the most likely scenario here is that the user who applied the hotfixes applied them all, one after another, without a restart following each one. it's also safe to assume that qchain was not used. although the server itself could have sustained damage when the power failed, it's not nearly as likely as the issue of hotfixes being applied incorrectly and causing file version conflicts problems, thus answer a is incorrect. the server might very well have been attacked overnight, but we won't know that until a detailed analysis of it can be made. again, the most likely reason for this problem is that the hotfixes were not applied correctly, thus answer c is incorrect. use of the hfnetchk tool to determine which hotfixes were required would probably not have prevented this issue, thus answer d is also incorrect.

15. 

Dom, your assistant administrator, has been in the office all night applying hotfixes to your production servers. Now when he restarts them, they all fail to start properly. You quickly determine that the cause of the problem was his lack of using the Qchain utility. Now you have a problem to deal with. Which of the following documents should you consider using at this point?

  1. Network Acceptable Use Policy (AUP)

  2. Server update plan

  3. Network disaster recovery plan

  4. Windows 2000 Resource Kit

 c . you are now in a disaster recovery situation. your production servers are down and cannot be successfully restarted-you have no choice but to perform a restoration off the most recent set of backup media. the aup is a document that details what users are and are not allowed to do on the network, such as not downloading mp3s or not running file-sharing programs such as limewire, thus answer a is incorrect. the server update plan is the document that could have helped dom prevent this situation had he been using it properly, thus answer b is incorrect. the windows 2000 resource kit is an invaluable asset to any windows 2000 network administrator and you might very well end up using it, but what you really need right now is your disaster recovery plan, thus answer d is also incorrect.

Answers

14. 

þ B. The most likely scenario here is that the user who applied the hotfixes applied them all, one after another, without a restart following each one. It's also safe to assume that Qchain was not used.

ý Although the server itself could have sustained damage when the power failed, it's not nearly as likely as the issue of hotfixes being applied incorrectly and causing file version conflicts problems, thus Answer A is incorrect. The server might very well have been attacked overnight, but we won't know that until a detailed analysis of it can be made. Again, the most likely reason for this problem is that the hotfixes were not applied correctly, thus Answer C is incorrect. Use of the HFNetChk tool to determine which hotfixes were required would probably not have prevented this issue, thus Answer D is also incorrect.

15. 

þ C. You are now in a disaster recovery situation. Your production servers are down and cannot be successfully restarted—you have no choice but to perform a restoration off the most recent set of backup media.

ý The AUP is a document that details what users are and are not allowed to do on the network, such as not downloading MP3s or not running file-sharing programs such as LimeWire, thus Answer A is incorrect. The server update plan is the document that could have helped Dom prevent this situation had he been using it properly, thus Answer B is incorrect. The Windows 2000 Resource Kit is an invaluable asset to any Windows 2000 network administrator and you might very well end up using it, but what you really need right now is your disaster recovery plan, thus Answer D is also incorrect.



MCSE. MCSA Implementing & Administering Security in a Windows 2000 Network Study Guide Exam 70-214
MCSE/MCSA Implementing and Administering Security in a Windows 2000 Network: Study Guide and DVD Training System (Exam 70-214)
ISBN: 1931836841
EAN: 2147483647
Year: 2003
Pages: 162

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net