| < Day Day Up > |
|
1. | Your organization consists of three Active Directory forests running Windows Server 2003. The forests are all configured at the Windows Server 2003 functional level. Each of the three forests has a single domain tree. The first forest’s root domain is adatum.com. The first forest hosts the child domains western.adatum.com and northern.adatum.com. The second forest’s root domain is proseware.com. The second forest hosts the child domains sydney.proseware.com, adelaide.proseware.com, and melbourne.proseware.com. The third forest’s root domain is contoso.com. The third forest hosts only a single child domain, node.contoso.com. Forest trust relationships exist between the first and the second forests and between the second and third forests. A two-way external trust relationship exists between northern.adatum.com and contoso.com. You are configuring the folder permissions for a file server located in the node.contoso.com domain. Which of the following users and groups will you be able to assign permissions to? (Select all that apply.)
|
| ||||||||||||||
2. | You are configuring permissions for an important file share on a member server running Windows Server 2003 in the resources.proseware.com domain. The resources.proseware.com domain is a member of the forest that has proseware.com as its root domain. The adatum.com and contoso.com domain trees are also members of the same forest as the proseware.com tree. The proseware.com forest is running at the Windows Server 2003 functional level. The user principal names (UPNs) of specific users are as follows: Rooslanrooslan @core.adatum.com Foleyfoley @users.proseware.com Mickmick @cheltenham.contoso.com Lahertylaherty @blackburn.contoso.com Rooslan is a member of the Easternsub universal group that was created in the eastern.adatum.com domain. Foley and Mick are members of the Bayside universal group that was created in the core.proseware.com domain. Laherty is a member of the Northsub universal group that was created in the core.contoso.com domain. Two domain local groups have been created in the resources.proseware.com domain. The first domain local group, which is named Chatter, includes in its membership the Easternsub universal group. The second domain local group, which is named Redux, includes in its membership the Northsub and Bayside universal groups. Share and folder permissions for the important file share are as follows:
Given this set of permissions, which of the users will be able to delete a file named test.xls that is located in this file share and subject to the permissions listed above?
|
| ||||||||||||||
3. | Agim is the systems administrator for the department of arts at the local University. He has spoken with his manager James about problems that the department has been having with students accessing computers that they are not supposed to access. Some students have been attempting to access staff files on the three departmental file servers. It has also been noted that some academic staff members allow their postgraduate students to log on to their computers when they are not in the office. Finally, some undergraduate students are using the postgraduate computer lab for network access when there are no available computers in the undergraduate lab. The faculty has a single Windows Server 2003 forest that contains only one domain. All departmental file servers are located in the Memberserv OU. The user accounts of all students, both undergraduate and postgraduate, are stored in the Students OU. All staff computer accounts are stored in the Staffwkstn OU. All computer accounts for the postgraduate lab are in the Postgradlab OU, and all computer accounts for the undergraduate lab are in the Undergradlab OU. All postgraduate students are members of the Postgrad domain global group. All undergraduate students are members of the Undergrad domain global group. To address his concerns, James creates the following list of goals for Agim to implement: Primary goal: Deny network access to the three departmental file servers to all user accounts in the Students OU. First secondary goal: Deny all postgraduate students the ability to log on locally to a staff member’s computer. Second secondary goal: Deny all undergraduate students the ability to log on locally to computers in the postgraduate laboratory. Agim performs the following actions: He creates a GPO and applies it to the Staffwkstn OU. In the \Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment node, he configures the Deny Log On Locally policy to include the Postgrad and Undergrad groups. He creates a GPO and applies it to the Postgradlab OU. In the \Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment node, he configures the Deny Log On Locally policy to include the Undergrad group. He creates a GPO and applies it to the Memberserv OU. In the \Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment node, he configures the Deny Log On Locally policy to include the Undergrad and Postgrad groups. After Agim has performed these actions, which of James’ goals has he achieved?
|
| ||||||||||||||
4. | You are responsible for training a group of interns in the art of systems administration. All of the interns are members of the Interns group. This week you want them to be able to log on to the member servers in your domain and make a backup. They don’t need to be able to restore any files. They should log on to each member server by using Remote Desktop. They should be restricted from logging on to each server locally. You don’t want to add them to the Backup Operators group. Rather, you want to alter the rights assigned to the Interns group. You want to do this by editing a GPO applied to the OU that hosts the member servers in your domain and applying policies located in the \Computer Configuration\Windows Settings\Security Settings\User Rights Assignment node. Which of the following are the minimum rights that you should assign to the Interns group by editing policies in this node? (Select all that apply.)
|
| ||||||||||||||
5. | You want to calculate a user’s permissions with the least possible administrative effort. The user is a member of several groups that are assigned permissions to a particular folder. What should you do?
|
|
Answers
1. | Correct Answers: C and D
|
2. | Correct Answers: B
|
3. | Correct Answers: D
|
4. | Correct Answers: A, C, and D
|
5. | Correct Answers: B
|
| < Day Day Up > |
|