|
Question 1.
Which EAP authentication type is characterized by: any kind of supplicant credentials can be used; mutual authentication but only server-side digital certificates?
A. EAP-TLS
B. LEAP
C. PEAP
D. EAP-TTLS
Answer: D
Question 2.
Concerning RADIUS, what term refers to the design capability that allows multiple servers to run as a single computer, where each shares in the workload of the application?
A. Scalability
B. Clustering
C. Failover
D. Distributed
Answer: B
Question 3.
Which of the following statements is false concerning using switches to connect to the wired segment of a network?
A. Allows support for security and network management tools like VLANs.
B. Create full duplex connectivity at the bridge
C. Broadcast each frame entering any port to every other port
D. Create full duplex connectivity at the access point
Answer: C
Question 4.
The time required for a brute force attack to find an encryption key is exponentially raised when what is proportionally raised?
A. key length
B. variable rotation
C. number of rounds
D. key expansion
Answer: C
Question 5.
Though it has been highly publicized to have been broken, WEP offers a fair level of security, especially when compared with not using any protection at all.
What is the shortest estimate of how long a hacker would need to crack WEP?
A. Within an hour
B. Several days.
C. Almost immediately.
D. Three to four hours
Answer: D
Question 6.
Which encryption scheme is the most well-known block cipher, and is extremely efficient on processors such as Intel's Pentium series?
A. RC4
B. DES/3DES
C. RC5
D. AES
Answer: C
Question 7.
Which of the following actions will not help customer support centers prevent social engineering?
A. Shred documents prior to throwing them away.
B. End-user verifies support center identity before giving password information.
C. Positively identify person calling help desk.
D. Use established, secure channels for passing security information.
Answer: B
Question 8.
Which of the following Layer 2 security solutions provides for unique and changing encryption keys so an intruder will never be able to collect enough data to crack the keys?
A. Dynamic WEP
B. TKIP
C. Static WEP
D. 802.lx/EAP
Answer: A
|
Question 1.
When competing against a Sun v20z with a p5-520 to be used as a mission-critical, departmental system, which of the following is the key competitive advantage?
A. RAS features
B. Virtualization
C. System Performance
D. Ability to support Linux
Answer: A
Question 2.
Which of the following is a major advantage for AIX 5L for an Intel customer considering a p5- 510?
A. Inexpensive server and storage
B. Supports internal RAID-S and HACMP
C. UNIX derivative and provides higher availability
D. Supports POWER5 on multiple chip architectures
Answer: C
Question 3.
The benchmarks for the p5-505, p5-510, and p5-520:
A. change based on benchmark modifications.
B. are valid regardless of the configuration.
C. change occasionally and should be checked before preparing proposals.
D. do not change because the systems' characteristics will not change.
Answer: C
Question 4.
A retail store chain is looking for a point of sale 1GB database application server. Remote backup is being used for pricing tables and transactions.
Which of the following is the best choice for the customer?
A. p5-505
B. p5-510
C. p5-520
D. IntelliStation POWER 285
Answer: B
Question 5.
Which of the following is able to provide 2.4 TB of internal storage?
A. p5-505
B. p5-510
C. p5-520
D. IntelliStation POWER 285
Answer: C
Question 6.
For the p5-505, p5-510, and p5-520 servers, who is responsible for setup?
A. The customer
B. The IBM Distributor
C. IBM Global Services
D. An IBM Customer Engineer
Answer: A
Question 7.
Which of the following statements best describes a sales opportunity for an AIX 5L solution?
A. An existing pSeries customer wishes to renew their SWMA.
B. A Solaris customer seeks to move to a stable UNIX platform.
C. An IBM customer running Windows on IBM xseries systems wishes to consolidate servers
onto the IBM HS20 BladeCenter.
D. An existing pSeries customer with a current software maintenance contract wishes to upgrade
from AIX SL V5.1 to AIX 5L V5.3.
Answer: B
Question 8.
Which of the following is one of the key POWERS differentiators over x86 architecture?
A. POWER5 has L2 cache.
B. POWER5 has ECC memory.
C. POWER5 supports DDR2 memory.
D. POWER5 has separate memory and I/O access paths.
Answer: D
Question 9.
Linux on POWER is differentiated from Linux on x86 architecture by which of the following?
A. Compliers, debuggers, and application capabilities
B. RAS, performance, and advanced virtualization capabilities
C. Support structure, distributors, and certification
D. Openness of Linux on POWER
Answer: B
Question 10.
Which of the following is the earliest version of AIX 5L to Support LPAR on the p5-505, p5-510, and p5- 520 servers?
A. V4.3
B. V5.1
C. V5.2
D. V5.3
Answer: C
|
Question 1.
You work as a database administrator at ABC.com. You have just installed Microsoft SQL Server Management Studio on one of ABC.com’s workstations and the Microsoft Business Intelligence Development Studio. You have been requested to design a 12 table transactional package to be stored on an offsite server’s msdb data store. You decide that BIDS in this scenario is an overkill and you decide to uninstall it.
What utility should you run to create the requested package?
A. Use the bulk copy program.
B. Use the DTS Designer.
C. Use the Microsoft SQL Server Import and Export Wizard.
D. Use Process Control Tool.
E. Use the Package Migration Wizard.
F. Use the Process Control Tool
G. Use the ISIS.
Answer: C
Explanation:
Question 2.
DRAG DROP
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance that contains a database named ABC_DB1. As part of your backup method of ABC_DB1, you do a Full backup every Sunday at 01:00, you do a differential backup weekdays at 22:00, and you do transactional log backup weekdays at 08:00; 12:00 and 16:00. You have received notification that the user database data files have failed on Thursday at 15:00. You need to ensure that ABC_DB1 are retrieve as quickly as possible with as small as possible amount of data loss.
What steps should you take? Use only steps that apply.
Answer:
Question 3.
DRAG DROP
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance that contains a database named ABC_Prod. During the night a daily full backup of ABC_Prod is started at 03:15, a differential backup is performed every 90 days minutes and a transaction log backup is performed every 20 minutes. This particular day your CEO has requested that you make an extra full backup during the lunch break starting at 11.30.
How can you meet her request while keeping the database backup files in order for future backups and restores?
Answer:
Question 4.
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance. The SQL Server 2008 instance hosts quite a few applications. ABC also has a server named ABC-SR43 that is used to store log files. You have to set up a new job that stores log files on ABC-SR43. You create a new account ABC\Log_Account. You set it up to be run by the SQL Server Agent Services. However, your job fails to store any log files on ABC-SR43. After some investigation you notice that the job does not have permissions to store files on ABC-SR43.
How should you remedy the situation? Select the best option.
A. You should set up ABC\Log_Accoun as a Remote Service account.
B. You should set up ABC\Log_Accoun as a Domain service account.
C. You should set up ABC\Log_Accoun as a Local Service account.
D. You should set up ABC\Log_Accoun as a Local System account.
E. You should set up ABC\Log_Accoun as a Network Service account.
F. You should set up ABC\Log_Account as a Domain account.
Answer: F
Explanation:
The service startup account defines the Microsoft Windows account in which SQL Server Agent runs and its network permissions. SQL Server Agent runs as a specified user account. For compatibility with earlier versions of SQL Server, SQL Server Agent can also run as the Local System account. In this scenario you should select a Domain account, which allows sufficient permissions and improved security.
Question 5.
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance that has a table named ABC_Training. ABC_ Training contains a column named ABC_Distance. A new ABC.com training policy states that the training (ie. The ABC_Distance column in the ABC_Training table) cannot be increased or decreased by more than 3%.
How should you implement the ABC Training Policy?
A. You should consider developing a view which rolls back non-compliant ABC.com policy
changes to ABC_Distance.
B. You should consider developing a stored procedure which rolls back non-compliant ABC.com
policy compliant changes to the ABC_Distance column.
C. You should consider developing a primary key constraint to the ABC_training table which only
contains valid values on ABC_Distance.
D. You should consider developing a create trigger which rolls back non-compliant ABC.com
policy changes to the ABC_Distance column.
E. You should consider developing an update trigger which rolls back non-compliant ABC.com
policy changes to the ABC_Distance column.
F. You should consider developing a delete trigger which rolls back non-compliant ABC.com
Policy changes to the ABC_Distance column.
Answer: E
Explanation:
Question 6.
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance that contains a database named ABC_DB. ABC.com contains a lot of customer data which is processed by the Web application. You need to keep the customer information safe since it is confidential. This information includes files of data, backups, and log files.
How can this be achieved and still keep the performance and functionality of the web application? Select one or two.
A. You should consider adding a transaction Log on ABC_DB, and set the information to be
encrypted for a fixed time.
B. Use BitLocker Drive Encryption on the hard drives on the SQL Server.
C. Use EFS (Encrypting File System) on the hard drives on the SQL Server.
D. You should consider enabling the Transparent Database Encryption on ABC_DB and back up
the transaction log.
E. You should consider enabling the Transparent Database Encryption on ABC_DB and enabling
the Transparent Database Encryption on master database.
F. Use cell-level encryption for the specific data that needs to be kept safe.
Answer: D
Explanation:
With the introduction of transparent data encryption (TDE) in SQL Server 2008, users now have the choice between cell-level encryption as in SQL Server 2005, full database-level encryption by using TDE, or the file-level encryption options provided by Windows. TDE is the optimal choice for bulk encryption to meet regulatory compliance or corporate data security standards. TDE works at the file level, which is similar to two Windows® features: the Encrypting File System (EFS) and BitLocker™ Drive Encryption, the new volume-level encryption introduced in Windows Vista®, both of which also encrypt data on the hard drive. TDE does not replace cell-level encryption, EFS, or BitLocker.
Question 7.
You work as a database administrator at ABC.com. ABC.com is using two SQL Server 2008 sample named ABCSmp1 and ABCSmp2. Furthermore, ABCSmp1 contains a database named ABC_DB. A ABC.com user named Mia Hamm uses her logon MiaHamm to log on to the database on ABCSmp1. During the week you have transferred ABC_DB to ABCSmp2. You manually recreate the Mia Hamm login on ABCSmp2. However, when she tries to login on ABC_DB at ABCSmp2, she received an error message stating that she is not allowed access. Mia Hamm needs to access ABC_DB and you need to make it happen.
What T-SQL code should you use? (Each correct option is part of the answer. Choose TWO)
A. Use ABC.com;
B. Use ABC_DB; *
C. Use ABCSmp1;
D. Use ABCSmp2;
E. ALTER LOGIN MiaHamm WITH DEFAULT_DATABASE = ABC_DB;
F. CHANGE LOGIN MiaHamm WITH DEFAULT_DATABASE = ABC_DB;
G. ALTER LOGIN MiaHamm WITH PASSWORD = 'pwd1234' UNLOCK;
H. CHANGE LOGIN MiaHamm WITH PASSWORD = 'pwd1234' UNLOCK;
I. CHANGE USER MiaHamm WITH LOGIN = MiaHamm;
J. ALTER USER MiaHamm WITH LOGIN = MiaHamm; *
K. ALTER LOGIN MiaHamm ENABLE;
L. CHANGE LOGIN MiaHamm ENABLE;
Answer: B, J
Explanation:
Question 8.
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance. Your junior assistant is curious about on how to move a table, such as ABC_table, from its current scheme (scheme1) to another scheme (scheme2)
How can you accomplish this in T-SQL?
A. You should consider using the following:
ALTER TABLE Schema1.ABC_Table SWITCH TO Schema2.ABC_table;
B. You should consider using the following:
ALTER AUTHORIZATION ON Schema1.ABC_Table TO Schema2;
C. You should consider using the following:
ALTER SCHEMA schema2 TRANSFER schema1.ABC_table;
D. You should consider using the following:
ALTER SCHEMA schema1 TRANSFER schema2.ABC_table;
E. You should consider using the following:
ALTER USER Schema1 WITH DEFAULT_SCHEMA = Schema2;
F. You should consider using the following:
MOVE ABC_Table FROM SCHEMA schema1 TO schema2
G. You should consider using the following:
MOVE ABC_Table FROM schema1 TO schema2
Answer: C
Explanation:
ALTER SCHEMA can only be used to move securables between schemas in the same database. To change or drop a securable within a schema, use the ALTER or DROP statement specific to that securable.
Question 9.
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance. You have received instructions from management to allow the users at ABC.com on the SQL Server sample to use the OPENROWSET() function to search remote information sources. You study incomplete code in the exhibit carefully. (Line numbers are used for reference purposes only)
Exhibit:
01. sp_configure 'show advanced options', 1
02. RECONFIGURE
03.
04. RECONFIGURE
05. GO
06.
07. SELECT a.*
08. FROM OPENROWSET('SQLNCLI', 'Server=Madrid;Trusted_Connection=yes;',
09. 'SELECT GroupName, Name, DepartmentID
10. FROM AdventureWorks.HumanResources.Department
11. ORDER BY GroupName, Name') AS a;
12. GO
Which T-SQL statement should you insert at line 03 to make the batch meet the requirement in this scenario?
A. sp_configure 'Router control', 1
B. sp_configure 'Router control', 0
C. sp_configure 'Transaction Logs', 1
D. sp_configure 'Transaction Logs', 0
E. sp_configure 'Ad Lib Distributed Queries ', 1
F. sp_configure 'Ad Lib Distributed Queries ', 0
G. sp_configure 'Ad Hoc Distributed Queries', 1
H. sp_configure 'Ad Hoc Distributed Queries', 0
Answer: G
Explanation:
By default, SQL Server does not allow ad hoc distributed queries using OPENROWSET and OPENDATASOURCE. When this option is set to 1, SQL Server allows ad hoc access. When this option is not set or is set to 0, SQL Server does not allow ad hoc access. Ad hoc distributed queries use the OPENROWSET and OPENDATASOURCE functions to connect to remote data sources that use OLE DB. OPENROWSET and OPENDATASOURCE should be used only to reference OLE DB data sources that are accessed infrequently. For any data sources that will be accessed more than several times, define a linked server.
Question 10.
You work as a database administrator at ABC.com. ABC.com is using a SQL Server 2008 instance. The a SQL Server 2008 instance is used on a Windows Server 2000 server and uses the mixed authentication mode. Management wants you to ensure the following:
• SQL Server 2008 logins must have the same password complexity rules which are enforced by
Windows Server 2000 for authentication.
• Full compliance of all users with regarding to adhering to the password complexity rules.
What actions should you take?? (Each correct option is part of the answer. Choose TWO)
A. You should consider using the ALTER LOGIN ... CHECK_EXPIRATION = OFF statement to
change the entire login of all users.
B. You should consider using the ALTER LOGIN ... CHECK_EXPIRATION = ON statement to
change the entire login of all users.
C. You should consider using the command ALTER LOGIN ... NO CREDENTIAL.
D. You should consider using the command ALTER LOGIN ... UNLOCK.
E. You should consider using the command ALTER LOGIN ... ADD CREDENTIAL.
F. You should consider using the command ALTER LOGIN ... DROP CREDENTIAL.
G. You should consider using the ALTER LOGIN ... CHECK_POLICY = ON statement to change
the entire login of all users.
H. You should consider using the ALTER LOGIN ... CHECK_POLICY = OFF statement to change
the entire login of all users.
I. Create a policy using Policy-Based Management that matches the requirements of this
scenario.
J. You should consider using the ALTER LOGIN ... CREDENTIAL = statement to change the
entire login of all users.
Answer: G, I
Explanation:
ALTER LOGIN
CHECK_POLICY = { ON | OFF }
Applies only to SQL Server logins. Specifies that the Windows password policies of the computer on which SQL Server is running should be enforced on this login. The default value is ON. Policy-Based Management is a system for managing one or more instances of SQL Server 2008. When SQL Server policy administrators use Policy-Based Management, they use SQL Server Management Studio to create policies to manage entities on the server, such as the instance of SQL Server, databases, or other SQL Server objects
|
Question 1.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com makes use of System Center Configuration Manager 2007 on their network. ABC.com has recently opened a new satellite office in Miami. You have been tasked with making sure that users in the Miami office are able to install operating systems on their workstations using boot images. You decide to modify the settings of the site system in the Configuration Manager to answer requests for boot images from workstations in the Miami office.
Which of the following actions should you take?
A. You should consider creating a new site system, and installing the PXE Boot Service on a
DHCP server in ABC.com’s environment.
B. You should consider creating a new site system, and granting it the Fallback status point role.
C. You should consider creating a new site system, and installing the State Migration Service on
a DHCP server in ABC.com’s environment.
D. You should consider creating a new site system, and granting it the PXE Service Point role.
Answer: D
Explanation:
Question 2.
You work as a Configuration Manager 2007 administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. You have received instruction from the CIO to prepare for the deployment of new OS to all workstations on the ABC.com network office. You are then informed that for the boot images to perform adequately, it needs added network drivers. You navigate to the properties of the boot image, and choose the Select a Driver option. When you try to add the required drivers, you notice that there aren’t any drivers available.
Which two of the following actions should you take?
A. You should consider importing the relevant drivers into the Drivers node of the Configuration
Manager console.
B. You should consider importing the relevant drivers into the Driver Packages node of the
Configuration Manager console.
C. You should also consider choosing the relevant drivers and adding it in the boot image
properties.
D. You should also consider choosing the relevant package and adding it in the boot image
properties.
Answer: A, C
Explanation:
Question 3.
You work as a Configuration Manager 2007 administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. After configuring Network Access Protection (NAP) on ABC.com’s network, you are instructed to make sure that users on ABC.com’ network are able to access options for remediation in the event of remediation failing. You create a Web site in the restricted network
Which of the following actions should you take?
A. You should consider having a Web site created in the restricted network.
B. You should consider having a Web site created in the public network.
C. You should consider having the Troubleshooting URL setting configured on the network policy
for computers that are not compliant.
D. You should consider having the Troubleshooting URL setting configured on the network policy
for computers that are unidentified.
Answer: A, C
Explanation:
Question 4.
You work as a Configuration Manager 2007 administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. You have been tasked with making sure that all workstations on the ABC.com network can be located by which office they reside in. To achieve this, you plan to insert a custom element in the hardware inventory data.
Which of the following actions should you take?
A. You should insert a NOIDMIF file, which hosts the office location data, on each workstation.
You should then set up the Configuration Manager 2007 to gather NOIDMIF files from
workstations.
B. You should modify the Configuration.mof file. You should then insert a NOIDMIF file, which
hosts the office location data, on each workstation.
C. You should modify the Configuration.mof file. You should then set up the sms_def.mof file.
D. You should set up the sms_def.mof file. You should then set up the Configuration Manager
2007 to gather NOIDMIF files from workstations.
Answer: A
Explanation:
Question 5.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com makes use of System Center Configuration Manager 2007 on their network. You have recently deployed a custom application to all workstations on the ABC.com network. You are instructed to view the registry values for the new application for all ABC.com workstations. To achieve this, you have to send a query to Configuration Manager 2007 for the relevant information.
Which of the following actions should you take?
A. You should consider configuring hardware inventory, and setting the SMS_Def.MOF file on
every site to query for the registry values.
B. You should insert a NOIDMIF file on each workstation, and set up the Configuration Manager
2007 to gather NOIDMIF files from workstations.
C. You should consider amending the sitectrl.cto file at the primary site.
D. You should consider amending the sitectrl.cto file at the secondary site.
Answer: A
Explanation:
Question 6.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com makes use of System Center Configuration Manager 2007 on their network. All workstations on the ABC.com network have a custom application, named ABCApp, installed. You have been instructed to monitor the amount of software used by ABCApp. Furthermore, you have to make sure that you are able to achieve this even if the name of the ABCApp executable is changed. You need to achieve this with as little administrative effort as possible.
Which of the following actions should you take?
A. You should consider configuring a software metering rule, and specify the new file name every
time that it is changed.
B. You should consider configuring a software metering rule, and specifying the Original file name
for ABCApp.
C. You should consider having a customized report configured on the Reports node.
D. You should add all workstations that run ABCApp to a collection, and then configure a
configuration baseline that is applied to the collection.
Answer: B
Explanation:
Question 7.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com makes use of System Center Configuration Manager 2007 on their network. You have been instructed to make sure that a range of inventoried names for an application named TestApp can be viewed as a single display name in a Resource Explorer. To do this, you have to consolidate the different inventoried names for TestApp. You have verified that the Software Inventory client agent has been enabled.
Which of the following actions should you take?
A. You should consider having the SMSCIient.mof file modified.
B. You should consider configuring the properties of the Software Inventory client agent to
assemble several products into one product name.
C. You should consider having the CollectionSettings.mof file modified.
D. You should consider configuring the properties of the Software Inventory client agent to have a
product name for each and every product.
Answer: B
Explanation:
Question 8.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com makes use of System Center Configuration Manager 2007 on their network. System Center Configuration Manager 2007 has been configured to run in mixed mode. The site server, named ABC-SS01, in ABC.com’s central site is configured as a device management point. You have recently configured a compulsory task to distribute a software package to portable devices. While performing routine monitoring, you notice the failure of software distribution to portable devices on the LAN. You have to make sure that software can be deployed to portable computers via Configuration Manager 2007. You have confirmed that Internet Information Services (IIS) is running, and that Web Distributed Authoring and Versioning (WebDAV) extensions for IIS has been enabled.
Which combination of the following options would allow you to achieve this? (Choose all that apply.)
A. You should choose the Allow clients to transfer content from this distribution point using BITS,
HTTP, and HTTPS option on the General tab of the ConfigMgr distribution point Properties
Dialog box.
B. You should deselect the Allow clients to transfer content from this distribution point using BITS,
HTTP, and HTTPS option on the General tab of the ConfigMgr distribution point Properties
Dialog box.
C. You should deselect the Allow clients to connect anonymously (Required for mobile device
clients) option on the General tab of the ConfigMgr distribution point Properties dialog box.
D. You should choose the Allow clients to connect anonymously (Required for mobile device
clients) option on the General tab of the ConfigMgr distribution point Properties dialog box.
Answer: A, D
Explanation:
Question 9.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com recently introduced System Center Configuration Manager 2007 on their network. You have been asked to make sure that all computers in the ABC.com environment are linked to System Center Configuration Manager 2007. You are at present preparing for the installation of the Configuration Manager client software.
Which of the following actions should you take?
A. You should create a deadline for the installation.
B. You should have the logon script configured to execute the ccmsetup.exe command.
C. You should have the logon script configured to execute the Capinst.exe command.
D. You should have the system health validator (SHV) point enabled.
Answer: A
Explanation:
Question 10.
You work as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. ABC.com makes use of System Center Configuration Manager 2007 on their network. The ABC.com network also contains a server, named ABC-SR15, which runs Windows Server Update Services (WSUS) 3.0. ABC.com’s workstations receive software updates from ABC-SR15. You have been instructed to make sure that software update point client installation is adequately configured.
Which of the following actions should you take?
A. You should consider configuring the WSUS server to make use of a proxy server via the
Configuration Manager console. You should also consider importing a Group Policy object
(GPO), configuring it to identify command lines for the installation, and then assign it.
B. You should consider importing a Group Policy object (GPO), configuring it to identify command
lines for the installation, and then assign it. You should also consider configuring the WSUS
server as a ConfigMgr software update point.
C. You should consider specifying the fully qualified domain name (FQDN) for the WSUS server
on a public DNS server. You should also consider configuring the WSUS server as a
ConfigMgr software update point.
D. You should consider configuring the WSUS server to make use of a proxy server via the
Configuration Manager console. You should also consider configuring the WSUS server as a
ConfigMgr software update point.
Answer: B
Explanation:
|
Question 1.
You work as the IT Admin at ABC.com. The ABC.com network has a forest that operates at the forest functional level of Windows Server 2003. The forest has a root domain named ABC.com, and two child domains named north.ABC.com and south.ABC.com. Each domain has a security group named Research which holds the user accounts for that domain. Two domain controllers are situated in each of these domains. One domain controller in each domain hosts a copy of the global catalog. The global catalog server in the ABC.com domain holds the domain naming and the schema master roles. The global catalog server in north.ABC.com and south.ABC.com holds the relative ID (RID), infrastructure, and PDC emulator master roles.
A ABC.com user named Ally Wagner, in the south.ABC.com domain, was recently married. When Ally Wagner got back, she asked you to change her surname in her user account. After changing Ally Wagner’s user account to Ally Hamm, you notice that her user account is still incorrectly specified as Ally Wagner in the Research group.
Which of the following master roles should you move to the domain controller that does not have the Global Catalog in each domain?
A. The domain naming master role.
B. The infrastructure master role.
C. The RID master role.
D. The schema master role.
E. The PDC emulator master role.
Answer: B
Explanation:
Problems like this can occur when the Infrastructure master role is on the same domain controller as the Global Catalog. The infrastructure master updates the group-to-user reference whenever group memberships change and replicates these changes across the domain. The infrastructure master compares its data with that of a global catalog. Global catalogs receive regular updates for objects in all domains through replication, so the global catalog data will always be up to date. If the infrastructure master finds that its data is out of date, it requests the updated data from a global catalog. The infrastructure master then replicates that updated data to the other domain controllers in the domain. Unless there is only one domain controller in the domain, the infrastructure master role should not be assigned to the domain controller that is hosting the global catalog. If the infrastructure master and global catalog are on the same domain controller, the infrastructure master will not function. The infrastructure master will never find data that is out of date, so it will never replicate any changes to the other domain controllers in the domain. Transferring the Infrastructure master role to a different computer would resolve this problem. There is no reason to transfer any other master roles.
Reference:
Michael Cross, Jeffery A. Martin, Todda. Walls, Martin Grasdal, Debra Littlejohn Shinder & Dr. Thomas W. Shinder, MCSE: Exam 70-294: Planning, Implementing, and Maintaining a Windows
Server 2003 Active Directory Infrastructure Study Guide & DVD Training System, Syngress Publishing, Rockland, MA, 2003, pp. 505-509.
Question 2.
DRAG DROP
You work as the IT Network Admin at ABC.com. The ABC.com network has a forest with two child domains named us.ABC.com and uk.ABC.com. All servers and domain controllers on the ABC.com network have Windows 2000 Server installed. You have been given the task to uABCrade the domain controllers in uk.ABC.com to Windows Server 2003. You therefore need to take the appropriate steps that are required to prepare the forest for the impending deployment.
Which of the following actions should you take?
Answer by selecting the appropriate steps from the column on the left and place it in the correct order in the column on the left.
Answer:
Question 3.
You work as the IT Admin at ABC.com. The ABC.com network has a domain named ABC.com. ABC.com has offices in London and Berlin, which are configured as separate sites. A Backup of ABC.com’s Ntds.dit file is performed outside of business hours, seven days a week. The domain has an OU named Research that currently holds no Active Directory objects. During the course of the business day an administrator in Berlin removes the Research OU, while an administrator in London simultaneously places existing Active Directory objects in it. The London administrator is later informed of the removal, and now realizes that the objects that were placed into the Research OU are missing.
The CIO has subsequently instructed you to make sure that a Research OU and the missing Active Directory objects are available to the London administrator. The CIO also informs you that your solution should have no impact on network connectivity and resources. You have already created a new OU, and named it Research.
Which of the following actions should you take NEXT?
A. You should transfer the objects from the LostAndFound container to the new Research OU
B. You should recreate the objects and then place the replicas in a Domain Group Policy that
should be linked to all OUs.
C. You should restore the objects to the new Research OU nonauthoritatively.
D. You should restore the objects to the new Research OU authoritatively.
Answer: A
Explanation:
You moved the objects to an OU that had just been deleted. When you move objects to an object that is no longer there, the objects get moved to the LostAndFound container. This means that we haven’t lost the objects, so we can just re-create the Research OU and move the users from the LostAndFound container to the new OU.
Reference:
Michael Cross, Jeffery A. Martin, Todda. Walls, Martin Grasdal, Debra Littlejohn Shinder & Dr. Thomas W. Shinder, MCSE: Exam 70-294: Planning, Implementing, and Maintaining a Windows Server 2003 Active Directory Infrastructure Study Guide & DVD Training System, Syngress Publishing, Rockland, MA, 2003, pp. 38-39, 99-101
Question 4.
You work as a IT Admin at ABC.com. ABC.com has its headquarters located in Dallas and branch division in Miami. The Dallas and Miami division represent separate sites. The Dallas and Miami divisions are linked to each other via a WAN link. You have added a domain controller named ABC-SR01 to the Miami division and configured it as a global catalog server. You have just completed configuring the site link between the Dallas and Miami divisions. The CIO at ABC.com has instructed you to make sure that Miami workstations authenticate to the network via ABC-SR01. The CIO also informs you that the replication of domain changes has to happen instantaneously.
Which of the following actions should you take?
A. You should reduce the site link interval.
B. You should reduce the site link cost.
C. You should combine the Dallas and Miami sites into a single site
D. You should increase the site link cost.
Answer: A
Explanation:
Question 5.
You work as the IT Admin at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com is made up of four divisions named Sales, Marketing, Finance and Research. The ABC.com network has an organizational unit (OU) named after each division that holds the user accounts of all employees working in that specific division. You need to install a new application for all employees in the Marketing division. You start by creating an installation package and a Group Policy object (GPO). You plan to make use of the new GPO to deploy the package to the workstations in the Marketing division. You therefore connect the GPO to the Marketing OU. However, the application does not install. The CIO informs you that the application must be installed and that you should make sure that marketing application is not installed on workstations in the other ABC.com divisions.
How will you accomplish the task?
A. Advise the Marketing users to reboot their workstations.
B. Edit the GPO and assign the application to user accounts with Marketing OU membership.
C. Connect the GPO to the ABC.com domain.
D. Connect the GPO to the OU that contains computer accounts and not the Marketing OU.
Answer: B
Explanation:
It is likely that the application was assigned to the computer accounts, rather than the user accounts.
Reference:
Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, pp. 12-3 to 12-10, 12-13 to 12-28, 12-34 to 12-39
Question 6.
You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com has its headquarters in Chicago and a branch office in Dallas. Each office is configured as an Active Directory site, and the branch office is connected to the Chicago headquarters by a T1 connection. The Chicago headquarters contains two domain controllers named ABC-DC01 and ABC-DC02. The Dallas branch office also contains two domain controllers named ABC-DC03 and ABC-DC04. You plan to install a new server named ABC-DC05 in the Chicago office and a new server named ABC-DC06 in the Dallas branch office. ABC-DC05 and ABC-DC06 have much better hardware resources than the other domain controllers. Management wants the servers that have the best hardware resources to deal with Active Directory replication in each site.
Which of the following actions should you take?
A. Your best option would be to set ABC-DC02 and ABC-DC04 up as the preferred bridgehead
servers.
B. Your best option would be to set ABC-DC05 and ABC-DC06 up as the preferred bridgehead
servers in the domain.
C. Your best option would be to set ABC-DC05 and ABC-DC06 up as the preferred bridgehead
servers for RPC traffic.
D. Your best option would be to run the DCPROMO command on ABC-DC05 and ABC-DC06.
Answer: B
Explanation:
Directory information is replicated both within and among sites. Active Directory replicates information within a site more frequently than across sites. This balances the need for up-to-date directory information with the limitations imposed by available network bandwidth. You customize how Active Directory replicates information by using site links to specify how your sites are connected. Active Directory uses the information about how sites are connected to generate Connection objects that provide efficient replication and fault tolerance. Active Directory uses this information to determine which site link will be used to replicate information. Customizing replication schedules so replication occurs during specific times, such as when network traffic is low, will make replication more efficient. You can further control replication behavior by specifying a bridgehead server for inter-site replicated information. The bridgehead server is a specific server you want to dedicate for intersite replication, rather than using any server available. You can also establish a bridgehead server when your deployment uses proxy servers, such as for sending and receiving information through a firewall.
Reference:
Michael Cross, Jeffery A. Martin, Todda. Walls, Martin Grasdal, Debra Littlejohn Shinder & Dr. Thomas W. Shinder, MCSE: Exam 70-294: Planning, Implementing, and Maintaining a Windows Server 2003 Active Directory Infrastructure Study Guide & DVD Training System, Syngress Publishing, Rockland, MA, 2003, Chapter 6, pp. 453-455
MS Windows Server 2003 Deployment Kit - Designing and Deploying Directory and Security Services - Active Directory Replication Concepts
Question 7.
You work as the IT Admin at ABC.com. The ABC.com network has a domain named ABC.com with all servers installed with Windows Server 2003 and all workstations with Windows XP Professional. All the workstations’ computer accounts are placed in an organizational unit (OU) named ClientComputers. A new ABC.com security policy requires that users must be assigned local Power Users group membership and not local Administrators group membership on all workstations on the network.
This means that the security policy does not allow users to have administrative rights to domain controllers and member servers. In addition to this, it does not allow Power Users group membership to be modified in any way by members of the local Administrators group on workstations. You must implement a solution to comply with the requirements of the written security policy with group membership assignment occurring automatically.
Which of the following actions should you take?
A. Write a logon script that makes the Domain Users group a member of the local Power Users
group and link the logon script to the ClientComputers OU.
B. Set up a Group Policy object (GPO) that makes the Domain Users group a member of the
Local Power Users group and link the GPO to the ClientComputers OU.
C. Set up a Group Policy Object (GPO) that makes all users members of the Default Domain
Administrators group.
D. Make the written security policy the Default Domain Policy.
Answer: C
Explanation:
We need to move all users to the Power users group. We can do this by using the Restricted Groups option of a GPO to add the Domain Users group to the Power Users group. Restricted Groups ensures that group memberships are set as specified. Groups and users not specified in Restricted Groups are removed from the group. In addition, the reverse membership configuration option ensures that each restricted group is a member of only those groups specified in the Member Of column. This GPO must be linked to all client computers as users must not have any administrative rights to member servers or domain controllers in the domain. The client computers are in the ClientComputersOU.
Reference:
Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, pp. 10-40 to 10-41, 13-6 to 13-7 8
Question 8.
You work as the IT Admin at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed. ABC.com makes use of Group Policy objects (GPOs) to deploy applications to workstations. ABC.com employees in the Data Processing division can decide between two applications to view information based on the specific data formats and features they want. You must create a GPO to deploy either application depending on the selection made by the employee.
Which of the following is an action that you should take to achieve the above goals?
A. Configure the GPO to assign each of the applications to the workstations.
B. Configure the GPO to publish each of the applications without using file extension activation.
C. Create a transformation package to install each application on demand.
D. Configure two GPOs that each assigns an application.
Answer: B
Explanation:
You can publish applications to users, making the application available for users to install. To install a published application, users can use Add or Remove Programs in Control Panel, which includes a list of all published applications that are available for them to install.
Question 9.
You work as the IT Admin at ABC.com. The ABC.com network has a forest with a domain named ABC.com and two child domain named us.ABC.com and uk.ABC.com. All servers in the forest have Windows Server 2003 installed and the functional level of the forest is set at Windows Server 2003. All domains have Web servers and database servers that have computer accounts in the default Computers container in their specific domains. ABC.com wants the IT division, which is located at a central site, to administer the Web server computer accounts throughout the forest. Furthermore, the IT divisions in each domain must only administer the computer accounts of the database servers in their respective domains. You must delegate authority to the various IT divisions so that they can design a solution to meet the requirements. You start this task by designing the organizational unit (OU) solution that supports the requirements for the delegation of authority.
Which of the following actions should you take? (Choose two)
A. Configure a top-level OU for all Web server computer accounts under the ABC.com domain.
B. Configure a top-level OU for all database server computer accounts under the ABC.com
domain.
C. Configure a top-level OU for all Web server computer accounts under each domain.
D. Configure a top-level OU for all database server computer accounts under each domain.
Answer: C, D
Explanation:
The central operations department is responsible for administering the Web server computer accounts in all domains and there is a separate operations department for each domain that is responsible for administering the database server computer accounts in that domain. Therefore, we need two top-level OUs.
Reference:
Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, pp. 6-3 to 6-9, 6-16 to 6-23
Question 10.
You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. ABC.com is made up of four divisions named Sales, Marketing, Finance and Research. The ABC.com network has an organizational unit (OU) named after each division that holds the user accounts of all employees working in that specific division. The workstations used by the Sales employees are contained in an organizational unit (OU) named SalesComputers. The SalesComputers OU belongs to the Sales OU.
You have recently deployed a new installation package for the application to all user accounts in the Sales OU. You have also generated a Group Policy object (GPO) that will deploy the installation package. You have to make sure that when an employee is shifted to another division, the application is uninstalled from that specific user’s workstation. When Mia Hamm is shifted from the Sales division to the Finance division a month later, you remove Mia Hamm from the Sales OU and include her in the Finance OU. The next morning you discover that Mia Hamm's workstation is still running the Sales applications although she was removed from the Sales OU.
Which of the following actions should you take? (Choose all that apply.)
A. Restore Mia Hamm's membership to the Sales OU.
B. Edit the GPO to ensure that the software installation package is removed.
C. Set up the software installation package to ensure automatic software uninstallation when Mia
Hamm’s user account is no longer a part of Sales OU.
D. Remove the client computer object for Mia Hamm’s computer from the SalesComputers OU.
E. Verify that Mia Hamm can log on to the ABC.com domain.
F. Remove Mia Hamm from the Sales global group.
G. Move Mia Hamm’s user account to the Finance OU again.
Answer: A, C, E, G
Explanation:
The Uninstall The Applications When They Fall Out Of The Scope Of Management option can be used to remove the application if it no longer applies to users or computers. However, the application must first apply to the user or computer. Therefore we should move Mia’s user account back into the Sales OU so that the application applies to her again and Mia must log on to the network for the GPO to apply. Then we can move Mia’s user account back into the Finance OU. The application will no longer apply to Mia and will be uninstalled.
Reference:
Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, pp. 12-3 to 12-10, 12-16 to 12-20
|
Question 1.
You work as a network administrator for ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. There are currently 120 Web servers running Windows 2000 Server and are contained in an Organizational Unit (OU) named ABC_WebServers ABC.com management took a decision to uABCrade all Web servers to Windows Server 2003. You disable all services on the Web servers that are not required. After running the IIS Lockdown Wizard on a recently deployed web server, you discover that services such as NNTP that are not required are still enabled on the Web server.
How can you ensure that the services that are not required are forever disabled on the Web servers without affecting the other servers on the network? Choose two.
A. Set up a GPO that will change the startup type for the services to Automatic.
B. By linking the GPO to the ABC_WebServers OU.
C. Set up a GPO with the Hisecws.inf security template imported into the GPO.
D. By linking the GPO to the domain.
E. Set up a GPO in order to set the startup type of the redundant services to Disabled.
F. By linking the GPO to the Domain Controllers OU.
G. Set up a GPO in order to apply a startup script to stop the redundant services.
Answer: B, E
Explanation:
Windows Server 2003 installs a great many services with the operating system, and configures a number of with the Automatic startup type, so that these services load automatically when the system starts. Many of these services are not needed in a typical member server configuration, and it is a good idea to disable the ones that the computer does not need. Services are programs that run continuously in the background, waiting for another application to call on them. Instead of controlling the services manually, using the Services console, you can configure service parameters as part of a GPO. Applying the GPO to a container object causes the services on all the computers in that container to be reconfigured. To configure service parameters in the Group Policy Object Editor console, you browse to the Computer Configuration\Windows Settings\Security Settings\System Services container and select the policies corresponding to the services you want to control.
Reference:
Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 13:1-6
Question 2.
You are working as the administrator at ABC.com. ABC.com has headquarters in London and branch offices in Berlin, Minsk, and Athens. The Berlin, Minsk and Athens branch offices each have a Windows Server 2003 domain controller named ABC-DC01, ABC-DC02 and ABC-DC03 respectively. All client computers on the ABC.com network run Windows XP Professional. One morning users at the Minsk branch office complain that they are experiencing intermittent problems authenticating to the domain. You believe that a specific client computer is the cause of this issue and so need to discover the IP address client computer.
How would you capture authentication event details on ABC-DC02 in the Minsk branch office?
A. By monitoring the logon events using the SysMon utility.
B. By recording the connections to the NETLOGON share using the SysMon utility.
C. By recording the authentication events with the NetMon utility.
D. By monitoring the authentication events using the Performance and Reliability Monitor.
Answer: C
Explanation:
The question states that you need to find out the IP address of the client computer that is the source of the problem. Using Network Monitor to capture traffic is the only way to do this.
Reference:
http://support.microsoft.com/default.aspx?scid=kb;en-us;175062
Martin Grasdal, Laura E. Hunter, Michael Cross, Laura Hunter, Debra Littlejohn Shinder, and Dr.
Thomas W. Shinder, Planning and Maintaining a Windows Server 2003 Network Infrastructure:
Exam 70-293 Study Guide & DVD Training System, Syngress Publishing, Inc., Rockland, MA,
Chapter 11, p. 826
Question 3.
You are working as the administrator at ABC.com. Part of you job description includes the deployment of applications on the ABC.com network. To this end you operate by testing new application deployment in a test environment prior to deployment on the production network. The new application that should be tested requires 2 processors and 3 GB of RAM to run successfully. Further requirements of this application also include shared folders and installation of software on client computers. You install the application on a Windows Server 2003 Web Edition computer and install the application on 30 test client computers. During routine monitoring you discover that only a small amount of client computers are able to connect and run the application. You decide to turn off the computers that are able to make a connection and discover that the computers that failed to open the application can now run the application.
How would you ensure that all client computers can connect to the server and run the application?
A. By running a second instance of the application on the server.
B. By increasing the Request Queue Limit on the Default Application Pool.
C. By modifying the test server operating system to Window Server 2003 Standard Edition.
D. By increasing the amount of RAM in the server to 4GB.
Answer: C
Explanation:
Although Windows Server 2003 Web Edition supports up to 2GB of RAM, it reserves 1GB of it for the operating system; only 1GB of RAM is available for the application. Therefore, we need to install Window Server 2003 Standard Edition or Enterprise Edition to support enough RAM.
Question 4.
You are an Enterprise administrator for ABC.com. All servers on the corporate network run Windows Server 2003 and all client computers run Windows XP. The network contains a server named ABC-SR01 that has Routing and Remote Access service and a modem installed which connects to an external phone line. A partner company uses a dial-up connection to connect to ABC-SR01 to upload product and inventory information. This connection happens between the hours of 1:00am and 2:00am every morning and uses a domain user account to log on to ABC-SR01. You have been asked by the security officer to secure the connection.
How can you ensure that the dial-up connection is initiated only from the partner company and that access is restricted to just ABC-SR01? Choose three.
A. Set up the log on hours restriction for the domain user account to restrict the log on to between
the hours of 1:00am and 2:00am.
B. Set up a local user account on ABC-SR01. Have the dial-up connection configured to log on
with this account.
C. Set up the remote access policy on ABC-SR01 to allow the connection for the specified user
account between the hours of 1:00am and 2:00am.
D. Set up the remote access policy with the Verify Caller ID option to only allow calling from the
phone number of the partner company modem.
E. Set up the remote access policy to allow access to the domain user account only.
Answer: B, C, D
Explanation:
To allow only the minimum amount of access to the network, ensure that only the partner's application can connect to your network over the dial-up connection, you need to first create a local account named on ABC-SR01. You need to then add this account to the local Users group and direct the partner company to use this account for remote access. You can use a local account to provide remote access to users. The user account for a standalone server or server running Active Directory contains a set of dial-in properties that are used when allowing or denying a connection attempt made by a user. You can use the Remote Access Permission (Dial-in or VPN) property to set remote access permission to be explicitly allowed, denied, or determined through remote access policies. Next, you need to configure a remote access policy on ABC-SR01 to allow the connection for only the specified user account between 1 AM and 2 AM. In all cases, remote access policies are used to authorize the connection attempt. If access is explicitly allowed, remote access policy conditions, user account properties, or profile properties can still deny the connection attempt. You need to then configure the policy to allow only the specific calling station identifier of the partner company's computer. When the Verify Caller ID property is enabled, the server verifies the caller's phone number. If the caller's phone number does not match the configured phone number, the connection attempt is denied.
Reference:
Dial-in properties of a user account http://technet.microsoft.com/en-us/library/cc738142.aspx
Question 5.
You are an Enterprise administrator for ABC.com. The company consists of an Active Directory domain called ad.ABC.com. All servers on the corporate network run Windows Server 2003. At present there is no provision was made for Internet connectivity. A server named ABC2 has the DNS server service role installed. The DNS zones on ABC2 are shown below:
The corporate network also contains a UNIX-based DNS A server named ABC-SR25 hosts a separate DNS zone on a separate network called ABC.com. ABC-SR25 provides DNS services to the UNIX-based computers and is configured to run the latest version of BIND and the ABC.com contains publicly accessible Web and mail servers.
The company has a security policy set, according to which, the resources located on the internal network and the internal network's DNS namespace should never be exposed to the Internet. Besides this, according to the current network design, ABC-SR25 must attempt to resolve any name resolution requests before sending them to name servers on the Internet. The company plans to allow users of the internal network to access Internet-based resources. To implement the security policy of the company, you decided to send all name resolution requests for Internet-based resources from internal network computers through ABC2. You thus need to devise a name resolution strategy for Internet access as well as configuring ABC2 so that it will comply with the set criteria and restrictions.
Which two of the following options should you perform?
A. Have the Cache.dns file copied from ABC2 to ABC-SR25.
B. Have the root zone removed from ABC2.
C. ABC2 should be set up to forward requests to ABC-SR25.
D. Install Services for Unix on ABC2.
E. The root zone should be configured on ABC-SR25.
F. Disable recursion on ABC-SR25.
Answer: B, C
Explanation:
To plan a name resolution strategy for Internet access and configure ABC2 so that it sends all name resolution requests for Internet-based resources from internal network computers through ABC2, you need to delete the root zone from ABC2. Configure ABC2 to forward requests to ABC-SR25 A DNS server running Windows Server 2003 follows specific steps in its name-resolution process. A DNS server first queries its cache, it checks its zone records, it sends requests to forwarders, and then it tries resolution by using root servers. The root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS server does not use forwarders or root hints in the name-resolution process. Deleting the root zone from ABC2 will allow you to first send requests to ABC2 and then forward requests to ABCSR25 by configuring forward lookup zone. If the root zone is configured, you will not be able to use the DNS server to resolve queries for hosts in zones for which the server is not authoritative and will not be able to use this DNS Server to resolve queries on the Internet.
Reference:
How to configure DNS for Internet access in Windows Server 2003
http://support.microsoft.com/kb/323380
Reference: DNS Root Hints in Windows 2003
http://www.computerperformance.co.uk/w2k3/services/DNS_root_hints.htm
Question 6.
You are working as the administrator at ABC.com. The network consists of a single Active Directory domain named ABC.com with the domain functional level set at Windows Server 2003. All network servers run Windows Server 2003 and all client computers run Windows XP Professional. The ABC.com domain is divided into organizational units (OU). All the resource servers are contained in an OU named ABC_SERVERS and the workstations are contained in an OU named ABC_CLIENTS. All resource servers operate at near capacity during business hours. All workstations have low resource usage during business hours. You received instructions to configure baseline security templates for the resource servers and the workstations. To this end you configured two baseline security templates named ABC_SERVERS.inf and ABC_CLIENTS.inf respectively. The ABC_SERVERS.inf template contains many configuration settings. Applying the ABC_SERVERS.inf template would have a performance impact on the servers. The ABC_CLIENTS.inf contains just a few settings so applying this template would not adversely affect the performance of the workstations.
How would you apply the security templates so that the settings will be periodically enforced whilst ensuring that the solution reduces the impact on the resource servers? Choose three.
A. By setting up a GPO named SERVER-GPO and link it to the ABC_SERVERS OU.
B. By having the ABC_SERVERS.inf template imported into SERVER-GPO.
C. By having the ABC_SERVERS.inf and the ABC_CLIENTS.inf templates imported into the
Default Domain Policy GPO.
D. By scheduling SECEDIT on each resource server to regularly apply the ABC_SERVERS.inf
settings during off-peak hours.
E. By having a GPO named CLIENT-GPO created and linked to the ABC_CLIENTS OU.
F. By having the ABC_CLIENTS.inf template imported into CLIENT-GPO.
G. By having SERVER-GPO and CLIENT-GPO linked to the domain.
Answer: D, E, F
Explanation:
The question states that you need to apply the baseline security templates so that the settings will be periodically enforced. To accomplish this you must create a scheduled task so that the performance impact on resource servers is minimized. Furthermore, the question also states that ABC_CLIENTS.inf is a baseline security template for client computers. Therefore, the GPO has to be linked to the OU that contains the client computers, and the ABC_CLIENTS.inf template must be imported to the said GPO so that it can be applied. Secedit.exe is a command line tool that performs the same functions as the Security Configuration And Analysis snap-in, and can also apply specific parts of templates to the computer. You can use Secedit.exe in scripts and batch files to automate security template deployments. You can create a baseline security configuration in a GPO directly, or import a security template into a GPO. Link the baseline security GPO to OUs in which member servers’ computer objects exist.
Reference:
Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, Chapter 10 Dan Holme, and Orin Thomas, MCSA/MCSE Self-Paced Training Kit: UABCrading Your Certification to Microsoft Windows Server 2003: Managing, Maintaining, Planning, and Implementing a Microsoft Windows Server 2003 environment: Exams 70-292 and 70-296, Microsoft Press, Redmond, Washington, Chapter 9
Question 7.
You are working as the administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. The ABC.com network contains a DMZ that contains a two-node Network Load Balancing cluster, which is located in a data centre that is physically impenetrable to unauthorized persons. The cluster servers run Windows Server 2003 Web Edition and host an e-commerce website. The NLB cluster uses a virtual IP address that can be accessed from the Internet.
What can you do to mitigate the cluster’s most obvious security vulnerability?
A. Configure the cluster to require IPSec.
B. Configure the network cards to use packet filtering on all inbound traffic to the cluster.
C. Use EFS on the server hard disks.
D. Configure intrusion detection the servers on the DMZ.
E. Configure Mac addressing on the servers in the DMZ.
Answer: B
Explanation:
The most sensitive element in this case is the network card that uses an Internetaddressable virtual IP address. The question doesn’t mention a firewall implementation or an intrusion detection system (Usually Hardware). Therefore, we should set up packet filtering. You can configure packet filtering to accept or deny specific types of packets. Packet headers are examined for source and destination addresses, TCP and UDP port numbers, and other information.
Reference:
Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 7:
Question 8.
You are working for a administrator for ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. All the servers on the network run Windows Server 2003 servers. You have configured four servers in a network load balancing cluster. You need to enable the cluster in unicast mode although each server only has one network card. After your configuration, the NLB cluster has successfully converged. You discover that you can optimize the use of the cluster by moving a specific application to each node of the cluster. However for this application to execute, all the nodes of the cluster must be configured by a Network Load Balancing Port Rule. When you open Network Load Balancing Manager on one of the NLB nodes, you receive a message saying that Network Load Balancing Manager is unable to see the other nodes in the cluster.
How can you add a port rule to the cluster nodes?
A. By opening Network Load Balancing Manager on a different host.
B. By creating an additional virtual IP address on the cluster.
C. By modifying the Network Connection Properties on every host.
D. By removing each host from the cluster before creating the port rule.
Answer: C
Explanation:
You can configure many Network Load Balancing options through either Network Load Balancing Manager or the Network Load Balancing Properties dialog box accessed through Network Connections. However, Network Load Balancing Manager is the preferred method. Using both Network Load Balancing Manager and Network Connections together to change Network Load Balancing properties can lead to unpredictable results.
Reference:
Network Load Balancing Best practices / Use Network Load Balancing Manager.
http://technet.microsoft.com/en-us/library/cc740265.aspx
Question 9.
You are working as an administrator for ABC.com. The network consists of a single Active Directory domain named ABC.com. All server run Windows Server 2003 and all client computer run Windows XP Professional. The ABC.com departments are organized into organizational units (OUs). The Administration OU is named ABC_ADMIN, and the Sales OU is named ABC_SALES. All file servers for all departments are located in their respective OUs. The ABC_SALES OU is a child OU of the ABC_ADMIN OU. A new ABC.com written security policy states that servers in the ABC_ADMIN OU should be highly secure. All communications with ABC-ADMIN servers should be encrypted. The security policy also states that auditing should be enabled for file and folder deletion on Sales servers. Communications with the Sales servers should not be encrypted.
How should you configure Group Policy for the ABC_Admin and ABC_Sales OU? Choose three.
A. Configure a GPO to apply the Hisecws.inf security template. Link this GPO to the ABC_ADMIN
OU.
B. Configure a GPO to enable the Audit object access audit policy on computer objects. Link this
GPO to the ABC_SALES OU.
C. Configure a GPO to apply the Hisecws.inf security template. Link this GPO to the ABC_Sales
OU.
D. Configure a GPO to enable the Audit object access audit policy on computer objects. Link this
GPO to the ABC_ADMIN OU.
E. Block group policy inheritance on the ABC_ADMIN OU.
F. Block group policy inheritance on the ABC_SALES OU.
Answer: A, B, F
Explanation:
The Hisecws.inf security template increases security on a server. One of the security settings is to require secure encrypted communications. A GPO with this template needs to be applied to the ABC_ADMIN OU. We don’t want those settings applying to the ABC_SALES OU though so we need to block inheritance on the ABC_SALES OU. We need to apply a GPO to the ABC_SALES OU to apply the auditing settings.
Audit Object Access
A user accesses an operating system element such as a file, folder, or registry key. To audit elements like these, you must enable this policy and you must enable auditing on the resource that you want to monitor. For example, to audit user accesses of a particular file or folder, you display its Properties dialog box with the Security tab active, navigate to the Auditing tab in the Advanced Security Settings dialog box for that file or folder, and then add the users or groups whose access to that file or folder you want to audit.
Reference:
Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, Chapters 9 and 10
Question 10.
You are working as an administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com which contains Windows Server 2003 servers Windows XP Professional client computers. You want to improve network security and need to pinpoint all computers that have the known vulnerabilities.
What should you do to automate the process of collecting information on existing vulnerabilities for each computer, on a nightly basis?
A. By scheduling secedit to compare the security settings with a baseline and run on a nightly
basis.
B. By installing Anti-Virus software on the computers and configuring the software to update on a
nightly basis.
C. By configuring a scheduled task to run the mbsacli utility on a nightly basis.
D. By having Microsoft Baseline Security Analyzer (MBSA) installed on a server on the network.
E. By configuring Automatic Updates to use a local SUS server and run on a nightly basis.
F. You configuring Automatic Updates to run on a nightly basis and use the Microsoft Updates
servers.
Answer: C
Explanation:
We can schedule the mbsacli.exe command to periodically scan for security vulnerabilities.
Reference:
Martin Grasdal, Laura E. Hunter, Michael Cross, Laura Hunter, Debra Littlejohn Shinder, and Dr. Thomas W. Shinder, Planning and Maintaining a Windows Server 2003 Network Infrastructure: Exam 70-293 Study Guide & DVD Training System, Syngress Publishing, Inc., Rockland, MA, Chapter 11, p. 830
|
Question 1.
Exhibit:
The network has two gatekeepers that control four zones. Which command is used to ensure that the aggregate bandwidth between zones that are controlled by the Portland Gatekeeper and the Seattle Gatekeeper is limited to 100,000 kbps?
A. bandwidth interzone 166667
B. bandwidth remote 166667
C. bandwidth session 166667
D. bandwidth region 166667
E. bandwidth zone 166667
Answer: B
Question 2.
ITCertKeys.com has a single Cisco IPVC 3511 MCU E. At present there are two conferences occurring as follows:
Conference 1:three conference participantstransrating 768 kbps to 384 kbpsenhanced continuous presence
Conference 2:three conference participantstransrating 768 kbps to 384 kbpsmultiple
conference view (3)A third conference is desired with the following requirements:
Conference 3:three conference participants
What will occur when the third conference is attempted?
A. The third conference will succeed as desired.
B. The third conference will succeed, but without the enhanced continuous presence.
C. The third conference will fail because an IPVC 3511 MCU does not have the resources for
three conferences of three people each.
D. The third conference will fail because the EMP module does not have the resources to provide
the number of required services.
Answer: A
Question 3.
Exhibit:
ITCertKeys.com is using Cisco meeting place at its world headquarters; ITCertKeys.com also has a Cisco CallManager cluster. The Cisco CallManager cluster includes a video deployment with both SCCP and H.323 video endpoints. The videoconferencing capability is provided by a Cisco IPVC 3540 Series Videoconferencing System.
Using the topology in the exhibit, what should be the video gateway location?
A. A
B. B
C. C
D. D
Answer: B
Question 4.
ITCertKeys.com is deploying Cisco VT Advantage to enable executives to participate in video calls with customers and suppliers.
Which two devices can be used to allow these external calls to be placed over a dedicated PRI? (Choose two.)
A. Cisco IPVC 3521
B. Cisco IPVC 3526
C. Cisco IPVC 3540
D. Cisco Multiservice IP-to-IP Gateway
E. Cisc MCM proxy
Answer: B, C
Question 5.
Exhibit:
A network has two gatekeepers that control four zones.
Which command is used to ensure that the aggregate bandwidth between the Seattle and Spokane zones is limited to 100,000 kbps?
A. bandwidth interzone 166667
B. bandwidth remote 166667
C. bandwidth session 166667
D. bandwidth region 166667
E. bandwidth zone 166667
Answer: A
Question 6.
Exhibit:
CAC is being configured for the centralized call-processing video telephony network. Each video terminal is capable of a maximum data rate of 320 kbps, and two video terminals are planned for each site. The requirement is to make two simultaneous video calls between the ITCertKeys main office and each remote ITCertKeys branch office site. The audio codec will be G.711.
In order to ensure quality of service for calls, which action should be taken when configuring Cisco CallManager?
A. Set the location video call bandwidth between the central site and each remote site to 922
kbps.
B. Set the location video call bandwidth between the central site and each remote site to 384
kbps.
C. Set the location video call bandwidth between the central site and each remote site to 768
kbps.
D. Configure the gatekeeper to set the req-qos guaranteed-delay video bandwidth at 922 kbps
between the central site and each remote site.
E. Configure the gatekeeper to set the req-qos guaranteed-delay video bandwidth at 384 kbps
between the central site and each remote site.
F. Configure the gatekeeper to set the req-qos guaranteed-delay video bandwidth at 768 kbps
between the central site and each remote site.
Answer: C
Question 7.
ITCertKeys.com has a requirement for up to 10 simultaneous conferences of four people each, and each conference requires 384-kbps to 128-kbps transrating and H.261 to H.263 video transcoding.
What should this company purchase?
A. one Cisco IPVC 3540 Transcoder Module for MC06A
B. one Cisco IPVC 3540 Transcoder Module for MC06A with an EMP blade
C. one Cisco IPVC 3540 Transcoder Module for MC06A with an EMP3 blade
D. two Cisco IPVC 3540 Transcoder Modules for MC06A
E. two Cisco IPVC 3540 Transcoder Modules for MC06A, each with an EMP blade
F. two Cisco IPVC 3540 Transcoder Modules for MC06A, each with an EMP3 blade
Answer: C
Question 8.
Which three factors must be considered when designing a H.323 videoconferencing dial plan? (Choose three.)
A. the number of sites in the enterprise
B. the number and location of gatekeepers
C. the incoming PSTN call routing method
D. the DNs and location of conferencing MCUs to be deployed
E. the videoconferencing features and applications to be deployed
F. the location of voice gateways
Answer: A, C, D
Question 9.
Exhibit:
The network has two gatekeepers that control four zones. Which command is used to ensure that no single call in Zone Eugene uses more than 768 kbps?
A. bandwidth interzone 768
B. bandwidth limit 768
C. bandwidth session 768
D. bandwidth call 768
E. bandwidth zone 768
Answer: C
Question 10.
What is traditionally used in a H.323 gatekeeper to pool endpoints into groups?
A. zones
B. clusters
C. calling search spaces
D. toll bypass routing
Answer: A
|
Question 1.
A few small ITCertKeys locations use HFC cable to connect to the ITCertKeys WAN.
Which HFC cable network statement is true about the downstream data channel to the customer and the upstream data channel to the service provider?
A. The upstream data path is assigned a channel in a higher frequency range than the
downstream path has.
B. The downstream data path is assigned a 30 MHz channel and the upstream data path is
assigned a 1 MHz channel.
C. The downstream data path is assigned a fixed bandwidth channel and the upstream data path
uses a variable bandwidth channel.
D. Both upstream and downstream data paths are assigned in 6 MHz channels.
E. None of the above.
Answer: D
Explanation:
Hybrid fiber-coaxial (HFC): A mixed optical-coaxial network in which optical fiber replaces some or all of the traditional trunk portion of the cable network. The HFC architecture is the evolution of an initial cable system and signifies a network that incorporates both optical fiber along with coaxial cable to create a broadband network. By upgrading a cable plant to an HFC architecture, you can deploy a data network over an HFC system to offer high-speed Internet services and you can serve more subscribers. The cable network is segmented into smaller service areas in which fewer amplifiers are cascaded after each optical node-typically five or fewer. The tree-and-branch network architecture for HFC can be a fiber backbone, cable area network, superdistribution, fiber to the feeder, or a ring.
Downstream: An RF signal transmission (TV channels, data) from source (headend) to the destination (subscribers). Downstream is also called a forward path.
Upstream: An RF signal transmission opposite to downstream-from subscribers to the headend. Upstream is also called a return or reverse path.
Delivering services over a cable network requires different RF frequencies-the outgoing frequencies are in the 50-to-860 MHz range, the incoming are in the 5-to-42 MHz range. To deliver data services over a cable network TV channels which usually operate at 6 MHz range for the downstream, and 6 MHz or less (for asymmetric cable connections) for upstream traffic from the corresponding frequency range are usually used.
Question 2.
Many small ITCertKeys branch offices use broadband cable for data connection access.
Which three modulation signaling standards are used in broadband cable technology? (Select three)
A. S-Video
B. NTSC
C. SECAM
D. PAL
E. FEC
F. FDM
G. MLP
Answer: B, C, D
Explanation:
Broadband: Data transmission where multiple pieces of data are sent simultaneously to increase the effective rate of transmission. In cable systems, the term broadband refers to the frequency-division multiplexing (FDM) of many signals in a wide radio frequency (RF) bandwidth over an HFC network, and the capability to handle vast amounts of information. NTSC is a North American TV technical standard for analog TV systems. The standard was created in 1941 and is named after the National Television System Committee formed in 1940. The standard uses a 6-MHz modulated signal. PAL is a color encoding system used in broadcast television systems in most of Europe, Asia, Africa, Australia, Brazil, and Argentina, and uses a 6-MHz, 7-MHz, or 8-MHz modulated signal. The color difference signals an alternate phase at the horizontal line rate. SECAM is an analog color TV system used in France and certain Eastern European countries that uses an 8-MHz modulated signal.
Question 3.
Some of the smaller ITCertKeys locations use HFC cable to connect to the ITCertKeys WAN.
Which two statements are true about broadband cable (HFC) systems? (Select two)
A. Cable modems operate at Layers 1, 2, and 3 of the OSI model.
B. Cable modems operate at Layers 1 and 2 of the OSI model.
C. A function of the cable modem termination system is to convert the digital data stream from the
end user host into a modulated RF signal for transmission onto the cable system.
D. Cable modems only operate at Layer 1 of the OSI model.
E. A function of the cable modem termination system (CMTS) is to convert the modulated signal
from the cable modem into a digital signal.
Answer: B, E
Explanation:
Hybrid fiber-coaxial (HFC): A mixed optical-coaxial network in which optical fiber replaces some or all of the traditional trunk portion of the cable network. The HFC architecture is the evolution of an initial cable system and signifies a network that incorporates both optical fiber along with coaxial cable to create a broadband network. By upgrading a cable plant to an HFC architecture, you can deploy a data network over an HFC system to offer high-speed Internet services and you can serve more subscribers. The cable network is segmented into smaller service areas in which fewer amplifiers are cascaded after each optical node-typically five or fewer. The tree-and-branch network architecture for HFC can be a fiber backbone, cable area network, superdistribution, fiber to the feeder, or a ring.
Question 4.
A ITCertKeys remote user is getting Internet access from the local cable provider.
When an individual is connected to the Internet by way of a CATV cable service, what kind of traffic is considered upstream traffic?
A. Traffic going from the user's home traveling to the headend.
B. Broadcast traffic, including the cable TV signals.
C. Traffic between the headend and the TV signal.
D. Traffic between the headend and the supplier antenna.
E. Traffic from outside the local cable segment serving the user's home.
F. All of the above can be considered upstream
Answer: A
Explanation:
In the CATV space, the downstream channels in a cable plant (cable head-end to subscribers) is a point-to-multipoint channel. This does have very similar characteristics to transmitting over an Ethernet segment where one transmitter is being listened to by many receivers. The major difference is that base-band modulation has been replaced by a more densely modulated RF carrier with very sophisticated adaptive signal processing and forward error correction (FEC). In the upstream direction (subscriber cable modems transmitting towards the head-end) the environment is many transmitters and one receiver. This introduces the need for precise scheduling of packet transmissions to achieve high utilization and precise power control so as to not overdrive the receiver or other amplifier electronics in the cable system. Since the upstream direction is like a single receiver with many antennas, the channels are much more susceptible to interfering noise products. In the cable industry, we generally call this ingress noise. As ingress noise is an inherent part of CATV plants, the observable impact is an unfortunate rise in the average noise floor in the upstream channel. To overcome this noise jungle, upstream modulation is not as dense as in the downstream and we have to use more effective FEC as used in the downstream.
Reference:
http://www.cisco.com/warp/public/759/ipj_1-3/ipj_1-3_catv.html
Question 5.
A new cable modem was shipped to the home of a ITCertKeys user, where it is being installed for the first time.
When a DOCSIS 1.1 compliant cable modem first initializes, (boots up) what does it do?
A. Establishes IP connectivity (DHCP).
B. Determines the time of day.
C. Requests a DOCSIS configuration file from a TFTP server.
D. Scan for a downstream channel and the establishment of timing synchronization with the
CMTS.
E. None of the above.
Answer: D
Explanation:
According to the DOCSIS (Data-over-Cable Service Interface Specifications) when you first power up a cable modem it starts scanning (starting at a low frequency) for a cable signal. When it 'hears' a cable modem stream it listens for a broadcast (from the service provider) which contains information (ie. frequency) needed to talk back with the head end. It then 'talks back' and if it communicates the right authentication information, it is allowed to proceed.
References:
Page 225 of the CCNP Self-Study BCRAN (642-821) ISBN: 1-58720-084-8
http://www.cisco.com/en/US/products/hw/cable/ps2217/products_feature_guide_chapter09186a008019b57f.htm
Question 6.
You are building a small network at your home and you intend on connecting your cable modem to a Cisco router.
Which router interface would you connect the modem to?
A. Synchronous serial
B. Asynchronous serial
C. Ethernet
D. auxiliary
E. BRI
Answer: C
Explanation:
In certain environments where a non Cisco Cable Modem (CM) is used, and the CM is only capable of bridging, a Cisco router such as the Cisco 806 can be connected to the Cable Modem via the Ethernet interface. The routing can then be performed by the Cisco router behind the Cable Modem and the Client PC or Customer Premises Equipment (CPE) will be connected to the Cisco router. Network Address Translation (NAT) can then be configured on the Cisco router.
When the Cisco router is connected behind the Cable Modem the first problem that might be encountered is not obtaining an IP address dynamically on the Cisco router's Ethernet interface. Most Internet Service Providers (ISPs) allow only one host or PC behind the Cable Modem. Some ISPs assign an IP address to the PC based on the host name. Therefore, if you have a Cisco router behind the Cable Modem, then the host name for the router configured using the hostname command should be the same host name given by the ISP.
Example:
Question 7.
When a cable modem is being provisioned to operate with a host system for Internet services, which two options must occur before Layer 1 and 2 connectivity can occur? (Choose two)
A. The cable modem must request an IP address and core configuration information from a
Dynamic Host Configuration Protocol (DHCP) server.
B. The cable modem powering up must scan and lock on the RF data channel in the downstream
path.
C. The modem must request a DOCSIS configuration file from a TFTP server.
D. The cable modem must register with the CMTS.
E. The modem must read specific maintenance messages in the downstream path.
Answer: B, E
Explanation:
According to the DOCSIS (Data-over-Cable Service Interface Specifications) when you first power up a cable modem it starts scanning (starting at a low frequency) for a cable signal. When it 'hears' a cable modem stream it listens for a broadcast (from the service provider) which contains information (ie. frequency) needed to talk back with the head end. It then 'talks back' and if it communicates the right authentication information, it is allowed to proceed. Once these steps are completed, layers 1 and 2 will be operational.
Question 8.
How is cable broadband technology able to transmit downstream and upstream data while at the same time delivering television content?
A. The cable operator uses the VHF hyperband to transmit and receive data signals.
B. The cable operator assigns any available spectrum to data, depending on how its own
television spectrum is being used.
C. The cable operator uses specific bandwidths for data signals specified by DOCSIS.
D. The cable operator places its data signals into clean areas where there is no interference from
noise or other signals.
Answer: C
Explanation:
Developed by CableLabs and approved by the ITU in March 1998, Data Over Cable Service Interface Specification (DOCSIS) defines interface standards for cable modems and supporting equipment. In a cable TV system, signals from the various channels are each given a 6-MHz slice of the cable's available bandwidth and then sent down the cable to your house. In some systems, coaxial cable is the only medium used for distributing signals.
When a cable company offers Internet access over the cable, Internet information can use the same cables because the cable modem system puts downstream data -- data sent from the Internet to an individual computer -- into a 6-MHz channel. On the cable, the data looks just like a TV channel. So Internet downstream data takes up the same amount of cable space as any single channel of programming. Upstream data -- information sent from an individual back to the Internet -- requires even less of the cable's bandwidth, just 2 MHz, since the assumption is that most people download far more information than they upload.
Question 9.
ITCertKeys operates a DSL network. What does the "dsl operating-mode auto" command configure on a Cisco router?
A. It configures a Cisco router to automatically detect the proper modulation method to use when
connecting an ATM interface.
B. It configures a Cisco router to automatically detect the proper DSL type (ADSL, IDSL, HDSL,
VDSL) to use when connecting an ATM interface.
C. It configures a Cisco router to automatically detect the proper encapsulation method to use
when connecting an ATM interface.
D. It configures a Cisco router to automatically detect the proper authentication method to use
when connecting an ATM interface.
E. None of the above
Answer: A
Explanation:
dsloperating-mode auto interface configuration command to specify that the router automatically detect the DSL modulation that the service provider is using and set the DSL modulation to match. An incompatible DSL modulation configuration can result in failure to establish a DSL connection to the DSLAM of the service provider
Example:
Question 10.
ITCertKeys is a DSL service provider using providing xDSL to its customers.
Which statement about xDSL implementations is true?
A. All xDSL standards operate in lower frequencies than the POTS system and can therefore
coexist on the same media.
B. Other than providing higher data rates, HDSL is identical to ADSL.
C. The ADSL standard operates in higher frequencies than the POTS system and can therefore
coexist on the same media.
D. The HDSL standard operates in higher frequencies than the POTS system and can therefore
coexist on the same media.
E. All xDSL standards operate in higher frequencies than the POTS system and therefore can
coexist on the same media.
F. None of the above.
Answer: C
Explanation:
DSL is not a complete end-to-end solution, but rather a physical layer transmission technology similar to dial, cable, or wireless. DSL connections are deployed in the "last mile" of a local telephone network-the local loop. The connection is set up between a pair of modems on either end of a copper wire extending between the customer premises equipment (CPE) and the DSL access multiplexer (DSLAM). A DSLAM is the device located at the central office (CO) of the provider and concentrates connections from multiple DSL subscribers. The term xDSL covers a number of DSL variations, such as ADSL, high-data-rate DSL (HDSL), Rate Adaptive DSL (RADSL), symmetric DSL (SDSL), ISDN DSL (IDSL), and very-high-data-rate DSL (VDSL). DSL types not using the voice frequencies band allow DSL lines to carry both data and voice signals simultaneously (for example, ADSL and VDSL), while other DSL types occupying the complete frequency range can carry data only (for example, SDSL and IDSL). Data service provided by a DSL connection is always-on. The data rate that DSL service can provide depends upon the distance between the subscriber and the CO. The smaller the distance, the higher data rate can be achieved. If close enough to a CO offering DSL service, the subscriber might be able to receive data at rates of up to 6.1 Mbps out of a theoretical 8.448 Mbps maximum.
|
Question 1. ITCertKeys.com wants to use distinct security policies for different departments. What must be configured? A. individual security level for each department B. separate ACL group for each department C. distinct VLAN for each department D. unique firewall context for each department Answer: D Question 2. Exhibit: You work as a network administrator at ITCertKeys.com. You study the exhibit carefully. ITCertKeysA, ITCertKeysB, C, and ITCertKeys4 each represents a model for placement of a default gateway. Which model allows the maximum number of application and security services? A. model ITCertKeysB B. model C C. model ITCertKeysA D. model ITCertKeysD Answer: B Question 3. Which of the following attack types should be mitigated in the data center core layer? A. IP spoofing B. MAC address spoofing C. port scans D. DDoS attacks Answer: D Question 4. Exhibit: You work as a network administrator at ITCertKeys.com. You study the exhibit carefully. A failure occurs on one of the access layer uplinks. Which Layer 2 topology can cause a break in connectivity between the FWSMs? A. looped triangle B. loop-free inverted U C. loop-free U D. looped square Answer: C Question 5. Which type of HPC application requires low latency? A. financial analytics B. seismic and geophysical modeling C. digital image rendering D. finite element analysis Answer: D Question 6. Which statement best describes the data center core layer? A. provides a resilient Layer 2 routed fabric B. load balances traffic between the core and aggregation layers C. is typically merged with the campus core layer D. connects to the campus aggregation layer Answer: B Question 7. Which data center network-architecture change is a result of the adoption of blade and 1-RU server technologies? A. Layer 3 fault domains growing smaller B. Layer 2 fault domains growing larger C. Layer 2 fault domains growing smaller D. Layer 3 fault domains growing larger Answer: B Question 8. What advantage does InfiniBand have over Gigabit Ethernet in HPC environments? A. simpler cabling B. longer distance support C. more sophisticated traffic management D. lower latency Answer: D Question 9. Exhibit: You work as a network administrator at ITCertKeys.com. You study the exhibit carefully. Where is Layer 2 adjacency required? A. server-to-server only B. aggregation-to-access only C. aggregation-to-access and access-to-server D. access-to-server only Answer: D Question 10. According to the Cisco Network Foundation Protection model, which security feature is recommended for the data center core layer? A. prefix filtering B. Dynamic ARP Inspection C. traffic rate limiting D. control plane protection Answer: D
|
Question 1.
What criterion does Oracle9i use to determine whether a database file is an Oracle Managed File?
A. The filename format.
B. Information stored inside a data dictionary table.
C. Information stored in the ALERT.LOG file for the corresponding instance.
D. Information stored inside the corresponding initialization parameter file for the instance.
Answer: A
Explanation:
Oracle will use naming conventions when it creates the OMF files. In this naming convention, %t represents the tablespace name, %u is a unique 8-character string, and %g stands for the redo log group number.
Incorrect Answers
B: Oracle will create a locally managed tablespaces, so information about a datafile will not be stored inside a data dictionary table.
C: Oracle does not use ALERT.LOG file to store information about datafiles. It just keep log of database events and database structure changes.
D: Initialization parameter file will not be used to store this information. Oracle reads this file to set initialization parameters to start the instance. The structure of the database is stored inside control files. Oracle uses them to mount and open the database. OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 153-160 Chapter 3: Manageability Enhancements Oracle 9i New Features, Robert Freeman, p. 2-12
Chapter 1: Oracle9i Database Administration and Management Features
Question 2.
Oracle9i extends the cursor sharing functionality with the new value of SIMILAR for the CURSOR_SHARING parameter. With CURSOR_SHARING = SIMILAR, cursors are shared for safe literals only.
What is meant by 'safe literals only'?
A. No literal value is substituted for a shared cursor.
B. Different execution plans are generated for substituted literal values.
C. The substitution of a literal value will produce different execution plans.
D. The substitution of any literal value will produce exactly the same execution plan.
Answer: D
Explanation:
Oracle9i has enhanced cursor sharing mode. It can use additional value, SIMILAR, in addition to the EXACT and FORCE cursor sharing modes. When you specify SIMILAR, Oracle only uses the execution plan if is certain that the execution plan does not have any association with the specific literal value. You can enable similar statements to share the same SQL execution plan by setting CURSOR_SHARING to either FORCE or SIMILAR.
Incorrect Answers
A: Literal value is substituted for a shared cursor. The substitution of any literal value will produce exactly the same execution plan.
B: Exactly the same execution plans will be generated for substituted literal values.
C: The substitution of any literal value will produce exactly the same execution plan. OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 215-217
Chapter 4: Performance and Scalability Enhancements
Oracle 9i New Features, Robert Freeman, p. 57-59
Chapter 2: Oracle9i Architecture Changes
Question 3.
The Dynamic SGA feature allows the SGA to grow and shrink dynamically according to an ALTER SYSTEM command. This avoids the previous need of shutting down the instance in order to modify the components of the SGA, namely the buffer cache and shared pool components.
Which three statements are true for the Dynamic SGA feature? (Choose three)
A. The maximum granule size is 4 MB.
B. The minimum SGA configuration is three granules.
C. SGA memory is based on granules by SGA components.
D. The size of the SGA components is set by the SGA_MAX_SIZE parameter.
E. The size of the SGA components is limited by the setting of SGA_MAX_SIZE parameter.
Answer: B, C, E
Explanation:
The minimum SGA configuration is three granules. One is for fixed SGA, one for database buffer, one for shared pool. Oracle9i has enhanced the nature of SGA parameters; they are now dynamic. You can change the values of the shared pool and the buffer cache without restarting the database instance. The Oracle9i dynamic SGA concept enables you to take memory from one area of the SGA and allocate it to another area as needed while the database instance is up and running. Additionally, the unit of memory allocation fr SGA is a granule in Oracle9i. Oracle9i also introduces SGA_MAX_SIZE, a new static parameter that enables the DBA to start with a smaller SGA and dynamically increase it to the maximum value specified by SGA_MAX_SIZE. If you do not set SGA_MAX_SIZE or if you set it to a value less than initial SGA size, you cannot increase the SGA size later.
Incorrect Answers
A: The size of a granule is 4 MB if the SGA at startup is less than 128 MB; it will be 16 MB otherwise.
D: The size of the SGA components is not set by the SGA_MAX_SIZE parameter. This parameter is just maximum limit for sum of the SGA components. OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 180-182
Chapter 3: Manageability Enhancements
Oracle 9i New Features, Robert Freeman, p. 16-17
Chapter 1: Oracle9i Database Administration and Management Features
Question 4.
There is more than one way to set the server to detect and affect long running operations automatically.
What is the best choice of you want to reduce the impact of long running operations on other users without aborting the long running operations?
A. Define user profiles and set the CPU_PER_CALL limit.
B. Define a SWITCH_TIME for a plan in the Resource Manager.
C. Create a batch job that checks V$SESSION_LONGOPS; the batch job alters the session
priority of the long running operations.
D. Create a user defined event in the Oracle Enterprise Manager, which monitors
V$SESSION_LONGOPS.
Answer: B
Explanation:
You can define a SWITCH_TIME for a plan in the Resource Manager to reduce the impact of long running operations on other users without aborting the long running operations.
Incorrect Answers
A: You cannot do this with CPU_PER_CALL limit.
C: You don't need to use a batch job to check V$SESSION_LONGOPS for this purpose.
D: It can be done with a SWITCH_TIME for a plan in the Resource Manager, you don't need to monitor V$SESSION_LONGOPS.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 122-129 Chapter 3: Manageability Enhancements
Question 5.
What are three benefits of performing data definition language (DDL) statements against a partitioned table with the UPDATE GLOBAL INDEXES clause? (Choose three)
A. Global indexes are rebuilt automatically at the end of the DDL operation thereby avoiding problems with the UNUSABLE status.
B. You do not have to search for invalid global indexes after the DDL command completes and rebuild them individually.
C. Global indexes are maintained during the operation of the DDL command and therefore can be used by any concurrent query.
D. Global indexes remain intact and available for use by data manipulation language (DML) statements even for sessions that have not enabled the skipping of unusable indexes.
Answer: A, B, D
Explanation:
Oracle9i overcomes the problem of rebuilding the global index by giving you the option to update global indexes as Oracle performs the partition DDL. This feature is not applicable to local indexes, domain indexes, index-organized tables (IOTs), or to indexes that were UNUSABLE prior to start of the partition DML. You can invoke this capability by using the optional clause UPDATE GLOBAL INDEX of the ALTER TABLE command. You can use this clause with the ADD, COALESCE, DROP, EXCHANGE, MERGE, MOVE, SPLIT, and TRUNCATE partition DDL commands.
Incorrect Answers
C: Global indexes are not maintained during the operation of the DDL command. OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 130-131
Chapter 3: Manageability Enhancements
Oracle 9i New Features, Robert Freeman, p. 102-107
Chapter 4: New Oracle9i Database DDS and Data-Warehouse Features
Question 6.
Which statement correctly describes the function of Oracle9i Cache Fusion feature?
A. It provides each session with its own view of the database at a different point in the past.
B. It enables you to execute scalable applications on a clustered database without having to
partition the users or the database tables.
C. It lets you dynamically reassign memory in your database buffer cache to different block buffer
sizes.
D. It allows you to add new sites to multimaster replication environment without quiescing the
master definition site.
Answer: B
Explanation:
The Oracle9i Cache Fusion allows you to execute scalable applications on a clustered database without having to partition the users or the database tables.
Incorrect Answers
A: It does not provide each session with its own view of the database at a different point in the past.
C: The Oracle9i Cache Fusion feature does not dynamically reassign memory in your database buffer cache to different block buffer sizes.
D: It does not provide you ability to add new sites to multimaster replication environment without quiescing the master definition site.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 223-230
Chapter 4: Performance and Scalability Enhancements
Oracle 9i New Features, Robert Freeman, p. 193-206
Chapter 7: Oracle9i Real Application Clusters
Question 7.
What is true if you want to switch undo tablespaces from the current one, called UNDO1, to a new one called UNDO2?
A. It is NOT possible to switch unless no active transaction exist in UNDO1.
B. It is possible to switch to UNDO2; but current active transactions will abort.
C. It is possible to switch to UNDO2; current active transactions will be automatically migrated to
UNDO2.
D. It is possible to switch to UNDO2; only current active transactions will continue to execute
inside UNDO1.
Answer: D
Explanation:
You can switch undo tablespaces from the current one, called UNDO1, to a new one called UNDO2. Only current active transactions will continue to execute inside UNDO1, all new transactions will be assigned to the new undo tablespace.
Incorrect Answers
A: You can switch undo tablespaces while active transactions will run in the old undo tablespace. All new transactions will be assigned to the new undo tablespace.
B: Current active transactions will abort if you switched undo tablespaces.
C: Current active transactions will continue to execute inside UNDO1 till they commit or roll back. They will not be automatically migrated to UNDO2.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 160-166
Chapter 3: Manageability Enhancements
Oracle 9i New Features, Robert Freeman, p. 19-25
Chapter 1: Oracle9i Database Administration and Management Features
Question 8.
Examine the list of variables and their data types:
NAME DATA Type
TS, TS1 TIMESTAMP
TSZ TIMESTAMP WITH TIME ZONE
TLZ TIMESTAMP WITH LOCAL TIME ZONE
IYM INTERVAL YEAR TO MONTH
IDS, IDSI INTERVAL YEAR To SECOND
Which three expressions using the new data and time data types are valid? (Choose three)
A. IDS* 2
B. TS + IYM
C. TS -TSI
D. IDS - TS
E. IDS + IYM
Answer: A, B, E
Explanation:
IDS*2, TS+IYM and IDS+IYM are valid new date and time data types.
Incorrect Answers
C: You cannot subtract timestamps.
D: It's not possible to subtract timestamp from the interval day to second.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 266-271
Chapter 5: Language Enhancements
Oracle 9i New Features, Robert Freeman, p. 132-135
Chapter 5: Miscellaneous Oracle9i Features and Enhancements
Question 9.
Consider the following statement:
SQL> EXECUTE DBMS_STATS.GATHER_SHEMA_STATS (-
2> ownname => 'OE', -
3> estimate_percent => DBMS_STATS.AUTO_SAMPLE_SIZE, -
4> method opt => 'for all columns size AUTO');
What is the effect of 'for all columns size AUTO' of the METHOD_OPT option?
A. The Oracle server creates a new histogram based on existing histogram definitions for all
table, column, and index statistics for the OE schema.
B. The Oracle server creates a histogram based on data distribution regardless of how the
application uses the column/s for all table, column, and index statistics for the OE schema.
C. The Oracle server creates a histogram based on data and application usage of the column/s
for all table, column, and index statistics for the OE schema.
D. The Oracle server creates a histogram based on application usage, regardless of data
distribution, for all table, column, and index statistics for the OE schema.
Answer: C
Explanation:
The Oracle server creates a histogram based on data distribution and application usage of the column/s for all table, column, and index statistics for the OE schema.
Incorrect Answers
A: The Oracle server does not create a new histogram based on existing histogram.
B: Histogram creation is not regardless of how the application uses the column/s for all table, column, and index statistics for the OE schema.
D: The Oracle server creates a histogram not only based on application usage, but based on data distribution also.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 220-222
Chapter 4: Performance and Scalability Enhancements
Oracle 9i New Features, Robert Freeman, p. 180-181
Chapter 6: Oracle9i SQL, PL/SQL New Features
Question 10.
Which two are true regarding external tables? (Choose two)
A. External tables can be updated.
B. External tables are read-only tables.
C. Indexes can be created on external tables.
D. Indexes cannot be created on external tables.
Answer: B, D
Explanation:
External tables are read-only tables whose data resides in an external OS flat file, and whose definition is stored inside the database. Indexes cannot be created on external tables.
Incorrect Answers
A: External tables cannot be updated. They are read-only tables.
C: Indexes cannot be created on external tables.
OCP Oracle9i Database: New Features for Administrators, Daniel Benjamin, p. 131-134
Chapter 3: Manageability Enhancements
Oracle 9i New Features, Robert Freeman, p. 111-116
Chapter 4: New Oracle9i Database DDS and Data-Warehouse Features
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.