|
advance thanks.
|
I Need Dumps thanks
|
Question 1. Horizontal cross-connect (HCC) is a term in networks for a wiring closet where the horizontal cabling connects to a patch panel which is connected by backbone cabling to the main distribution facility. Which of the following is the maximum CAT3 length acceptable for a horizontal crossconnect? A. 100 meters (328 feet) B. 125 meters (410 feet) C. 256 meters (840 feet) D. 328 meters (1076 feet) Answer: A Question 2. Which wireless technology permits communication to run at 2.4Ghz and up to 54Mbps? A. 802.11b B. 802.11a C. 802.11g D. 802.11n Answer: C Question 3. John works as a network administrator of his company. He is noticing timeouts when a user logs in. Which of the following would permit John to spread network authentication request traffic across multiple authentication servers? A. Load balancing B. Caching engines C. QoS D. Traffic shaping Answer: A Question 4. What does the 10 stand for in 10Base-T? A. Delay B. Speed C. Resistance D. Length Answer: B Question 5. Which of the following statements regarding FDDI (Fiber Distributed Data Interface) is TRUE? A. FDDI uses CSMA / CD (Carrier Sense Multiple Access / Collision Detection) for media access control. B. FDDI consists of two counter rotating token rings. C. FDDI has a maximum transmission speed of 54 Mbps. D. FDDI has a maximum transmission distance of 1,000 meters. Answer: B Question 6. Your company network has just been configured with a rogue WAP. Some workstations can??t access network resources. Why? A. WAP DHCP is enabled B. WEP is enabled C. WAP gateway address is not configured properly D. WEP key is not valid Answer: A Question 7. A large company with five-thousand local users must make sure that all users could access needed Internet resources with the least amount of latency. Which of the following will permit the network to maximize response time? A. Install multiple DNSservers onsite B. Install a DHCP server C. Install an additional Application Server D. Install multiple NICs Answer: A Question 8. Which IEEE standard describes Thinnet? A. 802.3a B. 802.3ab C. 802.3ae D. 802.3u Answer: A Question 9. A client workstation is unable to connect to the network due to having not been assigned an IP address. Which server is MOST likely the problem? A. DNS B. WINS C. DHCP D. FTP Answer: C Question 10. Look at the following items carefully, which is the approximate standard data transmission rate in both directions for a T1 line? A. 1.54Mbps B. 44.73Mbps C. 6.31Mbps D. 10.54Mbps Answer: A
|
Question 1. Which of the following devices connects two segments of the same local area network (LAN) but keeps traffic separate on the two segments? A. Modem B. Hub C. Switch D. Bridge Answer: D Question 2. You are responsible for technical support at a company. An employee complains that they cannot open a particular file. When you see the file in Windows Explorer you note that it is in green. What is causing their problem? A. The file has been corrupted. B. The file was encrypted by another user. C. The file is from an earlier version of Windows. D. The file was created by another user. Answer: B Question 3. Why are both the command interpreters, COMMAND.COM and CMD.EXE, included in the Windows NT, Windows XP, Windows 2000, and Windows 2003 operating systems? A. COMMAND.COM can run only internal commands while CMD.EXE can run only third party applications. B. COMMAND.COM is a 16-bit application and is included to support legacy applications that do not work with the 32-bit CMD.EXE. C. Both command interpreters must be used together to run an application. D. Command.com can execute applications on older computers while CMD.EXE can execute applications only on newer Dual Core computers. Answer: B Question 4. Under which environmental conditions is the risk of Electrostatic discharge (ESD) the highest? A. High humidity B. Low temperature C. High temperature D. Low humidity Answer: D Question 5. You have a customer who cannot seem to resolve host names to IP addresses. What would be one of your first steps to try to diagnose this problem? A. Use the TRACERT utility. B. Try a different browser. C. Use the NSLOOKUP utility. D. Reboot the machine. Answer: C Question 6. Which of the following statements about multi-factor authentication is true? A. It uses a Key Distribution Center (KDC). B. It involves two or more methods as part of the authentication process. C. It protects a computer from malicious software such as worms. D. It is a process in which a client process and a server are required to prove their identities to each other before performing any application function. Answer: B Question 7. Which of the following statements are true about satellite broadband Internet access? Each correct answer represents a complete solution. Choose two. A. It is among the most expensive way of gaining broadband Internet access. B. It is among the least expensive way of gaining broadband Internet access. C. This type of internet access has high latency compared to other broadband services. D. This type of internet access has low latency compared to other broadband services. Answer: A, C Question 8. You work as a technician for Net World Inc. While troubleshooting a laser printer for power issue, you check the DC voltage for the power interface labeled J210. You find that there is no multimeter reading for all the pins. What will you do next in order to troubleshoot the issue? A. Replace the DC power supply. B. Replace the fuse in DC power supply. C. Replace the toner cartridge. D. Remove all optional hardware in the printer and test again. Answer: B Question 9. You work as a computer technician. When you start your computer, you find that the computer's CMOS battery has failed. You replace the CMOS battery. What will be your next step after replacing the CMOS battery? A. Reboot the computer and set the date and time. B. Run the DEFRAG utility. C. Create a partition on the hard disk drive. D. Run the SCANDISK utility. Answer: A Question 10. What type of connectors are available in a parallel printer cable? Each correct answer represents a complete solution. Choose two. A. DB-9 B. Centronic C. DB-25 D. DB-15 Answer: B, C
|
Question 1. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains an application server named ITCertKeys -SR23. ITCertKeys -SR23 runs an in-house application which is critical to the company's business process. ITCertKeys -SR23 contains a single physical drive that is divided into two partitions with the drive letter C and D. Both partitions are formatted as FAT32. The in-house application is installed on drive D. During monitoring you notice that the drive D is low on free disk space. You need to create extra space for the in-house application. To maintain the functionality of the in-house application, it cannot be moved. You to add another physical disk drive to ITCertKeys -SR23. You need the disk space on the new disk drive to be available as storage space for the in-house application. What should you do? (Select all that apply) A. This can be accomplished by initializing the new disk as a basic disk on ITCertKeys -SR23. B. Your best option would be to convert drive D to NTFS on ITCertKeys -SR23. C. Your best option would be to format the new disk with NTFS on ITCertKeys -SR23. D. You should consider converting the disk that hosts drive D to a dynamic disk. E. On ITCertKeys -SR23 you need to extend drive D to encompass unallocated space on the new disk. Answer: B, D, E Explanation: In this case you must host drive D to a dynamic disk and convert drive D to NTFS. If drive D contains unallocated space, you can extend drive D to include the unallocated space. Drive D can also be extended to use the unallocated space in the new disk. Incorrect answers: A: There is no need to initialize the new disk as a basic disk. You can initialize the new disk directly to dynamic disk. C: To add the space on the new disk to drive D, you can create a spanned or a simple volume. To do this both of the disks must be dynamic disks and drive D should be formatted as NTFS. Only unformatted volumes or volumes that are formatted with NTFS can be extended. Question 2. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR12 that contains confidential data. ITCertKeys -SR12 contains of a hard disk system that consists of a software-based RAID-5 volume. A ITCertKeys.com user named Mia Hamm works in the administrative office. Mia Hamm needs to access data on ITCertKeys -SR12 regularly. One day Mia Hamm complains that ITCertKeys -SR12 response is much slower that before. During your investigation you discover that one of the hard disks in the RAID-5 volume on ITCertKeys -SR12 has failed. You need to improve the performance of ITCertKeys -SR12. What should you do? A. Your first option is to replace the failed disk on ITCertKeys -SR12. Then you can initialize the new disk in Disk Management. Your next step is to convert it into a dynamic disk. The last step would be to repair the volume. B. You should break the RAID-5 volume and remove the failed disk in the Disk Management on ITCertKeys -SR12. The next stepwould be to replace the failed disk and rebuild the RAID-5 volume. C. Your first step should be to replace the failed disk on ITCertKeys -SR12. Thereafter you need to convert the new disk to a dynamic disk in Disk Management. The last step would be toformat the disk making use of NTFS. D. You best option is to replace the failed disk on ITCertKeys -SR12. Thereafter you can reboot the computer. Answer: A Explanation: In this case you must replace the failed disk. Initializing the disk means to write a master boot record and a disk signature. The disk should be converted into dynamic volumes. Only dynamic volumes can work in RAID-5. You should then right click the region of the failed RAID-5 volume and select Repair Volume. Incorrect answers: B: This option is incorrect. You are unable to break RAID-5 volume. Only a RAID-1 or mirrored volume can be broken. C: This option is incorrect. You are unable to format a disk. Only volumes can be formatted. D: This will not work. Only unallocated space on a dynamic disk can be used to repair a RAID-5 volume with failed redundancy. Question 3. You work as the network administrator at ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a SQL Server 2000 named ITCertKeys -DB20. All of the hard disks of ITCertKeys -DB20 are dynamic disks. ITCertKeys -DB20 hosts a database named ITKCustomersDB that is located on a RAID-5 volume. The transaction logs for ITKCustomersDB are hosted on a separate mirrored volume. ITCertKeys.com users access ITKCustomersDB through an in-house client application. One day ITCertKeys -DB20 suffers a hardware failure that does not affect the hard disk subsystems. You receive instruction to move the hard disk subsystem from ITCertKeys -DB20 to a new SQL Server 2000 computer named ITCertKeys -DB21. You move the disks that host the RAID-5 volume with ITKCustomersDB and the disks that host the mirrored transaction logs to ITCertKeys -SR21. You want the users to access ITKCustomersDB without making changes to the in-house client application. What should you do? A. To ensure that the users are able to access ITKCustomersDB you need to reactivate the hard disks in Disk Management. B. The hard disks in Disk Management on ITCertKeys -DB21 should be repaired to ensure that the users are able to access ITKCustomersDB without making changes to the in-house client application. C. You should consider importing the foreign disks in Disk Management on ITCertKeys -DB21 in order to ensure that the users are able to access ITKCustomersDB without making changes to the in-house client application. D. This can be accomplished by initializing the hard disks in Disk Management to ensure that the users are able to access ITKCustomersDB without making changes to the in-house client application. Answer: C Explanation: Moving the hard disks to a new computer will mark them as foreign disks. The volumes on the disks will not be accessible. To make it accessible you should import the foreign disks. Incorrect answers: A: You would have reactivated the disks if the disks become unavailable due to a hardware problem or if the data was corrupted. In this case it is not necessary. B: Disks cannot be repaired. You are able to repair RAID-5 volumes. D: Only new disks need to be initialized before they can be used. These disks were moved to the server and must be imported. Question 4. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a server named ITCertKeys -SR18. ITCertKeys -SR18 has a single 120 GB hard disk drive named Disk0. Disk0 has been initialized as a basic disk and has been formatted with NTFS. The hard disk is partitioned into four logical partitions as shown in the following table: Drive Contents Size Free Space C System Volume 8 GB 4 GB D Application Data 40 GB 1 GB E User Data 40 GB 12 GB F None 32 GB 32 GB Drive D is becoming full. You need to increase the disk space for the applications data. However, the application on Drive D cannot be reconfigured to use free space from another volume. What should you do? A. You should consider extending Drive D: to encompass the disk space of Drive F. B. This can be accomplished by mounting Drive F: in an empty folder on Drive D. C. To ensure sufficient disk space you have to extend Drive F: to encompass Drive D. D. Your fist option would be to delete Drive F. Thereafter you will be able to extend Drive D. Answer: B Explanation: Any NTFS volume can be mapped to an empty folder on another NTFS volume. Incorrect Answers: A, C, D: Basic volumes cannot be extended. Question 5. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a Windows Server 2003 file server named ITCertKeys -SR11. During monitoring you notice that the free space on ITCertKeys -SR11 is very low. You decide to install a new 25 GB disk named disk1 on ITCertKeys -SR11. You want to convert disk1 to five logical drives of equal size. You want to be able to increase the size of the logical drives in the future without affecting the data that may already be stored on it. What should you do? A. Create five NTFS primary partitions on disk1. B. Create five NTFS extended partitions on disk1. C. Convert disk1 from basic to dynamic and create one NTFS primary partition on it. D. Convert disk1 from basic to dynamic and create five simple volumes on it. Answer: D Explanation: If you convert from basic to dynamic, they can be extended. Creating five simple volumes on disk1 will allows you to extend each volume using the unallocated space on disk1. Incorrect answers: A, B: Basic disks can support up to four partitions, which consists of three primary partitions and one extended partition. You cannot create more than one extended partition on a basic disk. C: You need to create five partitions of equal size, not one. Question 6. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR12. ITCertKeys -SR12 contains a single physical drive named Drive C on which the operating system is installed, and another drive named Drive D that contains a shared folder named UserData. The UserData folder is used to store ITCertKeys.com user data that is accessed by numerous in-house applications. Both drives are FAT32 drives. Both Drive C and Drive D are low on free disk space. You need to create extra disk space for the UserData folder. You cannot delete or backup the user data on ITCertKeys -SR12 because all data is currently required by the in-house applications. What should you do? A. Install an additional disk drive on ITCertKeys -SR12. Initialize the new disk drive as a basic disk. Extend Drive D to include unallocated space on the new disk drive. B. Install an additional disk drive on ITCertKeys -SR12. Convert Drive D to NTFS. Convert Drive D to a dynamic disk. Extend drive D to include unallocated space on the new disk drive. C. Install an additional disk drive on ITCertKeys -SR12. Format the new disk drive with FAT32. Extend Drive D to include unallocated space on the new disk drive. D. Install an additional disk drive on ITCertKeys -SR12. Convert Drive D to NTFS. Mount the new disk dive in the UserData folder on Drive D. Answer: B Explanation: In this case you must host drive D to a dynamic disk and convert drive D to NTFS. If drive D contains unallocated space, you can extend drive D to include the unallocated space. Drive D can also be extended to use the unallocated space in the new disk. Incorrect answers: A: There is no need to initialize the new disk as a basic disk. You can initialize the new disk directly to dynamic disk. C: To add the space on the new disk to drive D, you can create a spanned or a simple volume. To do this both of the disks should be must be dynamic disks and drive D should be formatted as NTFS. Only unformatted volumes or volumes that are formatted with NTFS can be extended. D: You can only mount a drive in an empty folder. UserData is not empty so you cannot mount the new drive in that folder. Question 7. DRAG DROP You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network contains 20 servers and 1,200 client computers. All servers on the ITCertKeys.com network run Windows Server 2003, some client computers run a mixture of different Windows operating systems, and the rest run MS-DOS. You install four new servers named ITCertKeys -SR21, ITCertKeys -SR22, ITCertKeys -SR23, and ITCertKeys -SR24 on the ITCertKeys.com network. ITCertKeys -SR21 contains a single volume that will store data that needs to be accessed by all the Windows based client computers. ITCertKeys -SR22 contains a single volume that will store data that needs to be accessed by MS-DOS client computers. No data on ITCertKeys -SR23 and ITCertKeys -SR24 will be accessed by any client computers. You intend to configure ITCertKeys -SR23 with a single partition that will span multiple disks and ITCertKeys -SR24 with two physical disks that will contains two partitions. You need to initialize the disk subsystems on the four servers to meet these requirements. What should you do? To answer, drag the disk configuration to the appropriate location in the Work Area. Answer: Explanation: A basic disk is a physical disk with primary and extended partitions. Prior to Windows 2000, Microsoft did not call disks basic because that was the only type of disk available. There were no dynamic disks. As long as you use the File Allocation Table (FAT or FAT32) file system, Windows XP Professional and Home editions, Windows 2000, Windows NT, Windows 9x, and the MS-DOS operating systems can access basic disks. The disks on ITCertKeys -SR21 and ITCertKeys -SR22 can be configured as basic. Because basic disk can support up to four partitions, the two disks of ITCertKeys -SR24 can also be configured as basic disks. Dynamic disks support five types of volumes: simple, spanned, mirrored, striped, and RAID-5. You can extend a volume on a dynamic disk. Dynamic disks can contain a virtually unlimited number of volumes, so you are not restricted to four volumes per disk as you are with basic disks. Regardless of the type of file system, only computers running Windows XP Professional, Windows 2000 Professional or Server, or Windows Server 2003 can directly access dynamic volumes on hard disks that are physically connected to the computer. For this reason only the disk on ITCertKeys -SR23 and ITCertKeys -SR24 can be configured as dynamic disks. Question 8. You work as a network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR34 that has two physical hard disk dives named disk0 and disk1. Disk1 contains a shared folder named ITK_Data that is used to store user data. A severe thunder storm causes a blackout disrupting all power to the ITCertKeys.com network. Fortunately, all ITCertKeys.com servers are protected by an Uninterruptible Power Supply (UPS) and you are able to perform a graceful shutdown of all ITCertKeys.com servers. When power is restored, you bring the network back online. However, several ITCertKeys.com users report that they are unable to connect to the ITK_Data folder on ITCertKeys -SR34. You log on to ITCertKeys -34 and discover that you cannot locate the ITK_Data folder in Windows Explorer. You open Disk Management on ITCertKeys -SR34 and see the display shown in the Disk Management exhibit. Disk Management Exhibit: You need to ensure that ITCertKeys.com users can access the files in the ITK_Data folder. What should you do? A. Select disk1 on ITCertKeys -SR34 and convert the disk to a dynamic disk. B. Select disk1 on ITCertKeys -SR34 and regenerate the disk. C. Select disk1 on ITCertKeys -SR34 and reactivate the disk D. Rescan the disks on ITCertKeys -SR34. Answer: C Explanation: On any offline disk all that is required is to have the disk reactivated to gain access to the data on the disk. Incorrect answers: A: Converting the disk to a dynamic disk would not solve the problem of data that is unavailable. B: On a failed disk there is no option to regenerate. D: Rescanning disks scans all attached disks for disk configuration changes and since there was no reconfiguration of any of the disks. Question 9. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network contains six database servers named ITCertKeys -DB01 through ITCertKeys -DB06 that each run a database application named DataApp1. The ITCertKeys.com written policy requires that when a new user is added to DataApp1, they must be added to the server that has the most available disk space. ITCertKeys.com hires ten new employees. The new employees will require access to DataApp1. You need to add these users to DataApp1. What should you do to ensure that you meet the written policy requirements when you add the new users to DataApp1? A. Review the application logs on each of the six database servers by using Event Viewer. B. Record the PhysicalDisk object on all six database servers by using Performance Logs and Alerts. C. Review the performance data on each of the six database servers by using Task Manager. D. Generate a histogram view of the LogicalDisk object on all six database servers by using System Monitor. Answer: D Explanation: System Monitor shows real-time performance data based on Object counters, and can display the log data recorded by Performance Logs And Alerts either in the form of Counter (interval polling) logs, or Trace (event-driven) logs. Logs written by Performance Logs And Alerts can be loaded into System Monitor for analysis. The System Monitor is designed for real-time reporting of data to a console interface, and can be reported in graph, histogram, or numeric form. This should aid you in ensuring that you meet the stated requirements. Incorrect answers: A: The Application log contains data written to it by software programs, it records events that are generated by application programs and network application services. Using Event Viewer to review application logs would thus not ensure that you add a new user to the server with the most available space. B: The Performance Logs And Alerts snap-in can do no configuration, only reporting data through Counter Logs as reported by providers (object counters) on a configured interval, or through Trace Logs as reported by event-driven providers. Thus this option will not work. C: Viewing performance data through the Task Manager is not what you need. Reference: Dan Balter, MCSA/MCSE Managing and Maintaining a Microsoft Windows Server 2003 Environment Exam Cram 2 (Exam 70-290), Chapter 6 Question 10. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR21. ITCertKeys -SR21 has a 40-GB hard disk for system files and two 80-GB hard disks for data. The 80-GB hard disks configured as mirrored volumes and contain 65-GB of read-only data. ITCertKeys.com users connect to ITCertKeys -SR21 by using shortcuts on their desktops. Due to the growth of the ITCertKeys.com network, the performance of ITCertKeys -SR21 has become inadequate. You receive instruction from the CIO to replace ITCertKeys -SR21. The new server must contain the current data from ITCertKeys -SR21. You disconnect ITCertKeys -SR21 from the network. You build a replacement server and name it ITCertKeys -SR21. You now need to bring the new server online and re-establish redundancy as quickly as possible. You must also ensure that users can connect to ITCertKeys -SR21 by using their existing desktop shortcuts. What should you do? A. Create a new mirrored volume by using two 80-GB disks. Connect ITCertKeys -SR21 to the network and copy the data from the old ITCertKeys -SR21. When copying is complete, shut down the old ITCertKeys -SR21. B. Move the two 80-GB disks from the old ITCertKeys -SR21 to the new ITCertKeys -SR21. Scan the disks for changes and import the disks. Connect the new ITCertKeys -SR21 to the network. C. Break the mirror on the old ITCertKeys -SR21. Move one of the 80-GB disks from the old ITCertKeys -SR21 to the new ITCertKeys -SR21. Scan the disk for changes and initialize the disk. Select the spare disk and create the mirror. Connect the new ITCertKeys -SR21 to the network. D. Remove one of the 80-GB disks from the old ITCertKeys -SR21 and move it to the new ITCertKeys -SR21. Scan the disk for changes and import the disk. Connect the new ITCertKeys -SR21 to the network. Answer: B Explanation: You have to make use of the existing old ITCertKeys -SR21 disks to make sure that the current data will be brought online. When moving disks from one computer to another keep in mind that before disconnecting the disks from the old ITCertKeys -SR21 you must make sure the status of all volumes on each of the disks is healthy. For any volumes that are not healthy, repair the volumes before you move the disks. After you physically connect the disks to the new ITCertKeys -SR21, in Disk Management, open the Action menu and choose Rescan Disks. The scanning will detect changes. The new disk will show up as Dynamic/Foreign. By default, Dynamic/Foreign disks and should be brought online automatically, but if not, bring it online by right-clicking the disk and selecting Online. Furthermore, to make Dynamic/Foreign disks useable, you must import it. The disk group remains as is and the database does not change. When connecting new ITCertKeys -SR21 to the network you will enable users to use their existing shortcuts. Incorrect answers: A: Since ITCertKeys -SR21 is scheduled for replacement you need no mirroring to be done for the question states pertinently that you have to re-establish redundancy which means that redundancy used to be in place before. A mirrored volume (also known as RAID Level 1 or RAID-1) consists of two identical copies of a simple volume, each on a separate hard disk. Mirrored volumes provide fault tolerance in the event that one physical disk fails. C: By moving only one disk from the old ITCertKeys -SR21 to the new ITCertKeys -SR21 will affect not only the current amount of data available, but will also result in a lack of possible redundancy. D: Removing one old ITCertKeys -SR21 disk from the mirror will not enable you to accomplish your task successfully. Reference: Dan Balter, MCSA/MCSE Managing and Maintaining a Microsoft Windows Server 2003 Environment Exam Cram 2 (Exam 70-290), Chapter 3
|
Question 1. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a print server named ITCertKeys-PR01 that has a built-in network interface. A ITCertKeys.com user named Andy Reid is a member of the Research and Development department. Andy Reid complains that he cannot print to a print device attached to ITCertKeys-PR01. You have received instruction to ensure that Andy Reid can print to the print device. First you verify that the IP address for ITCertKeys-PR01 is correct and that the latest drivers for the print device are installed. You now want to verify that the print jobs are being sent to the correct MAC address for ITCertKeys-PR01. What should do? A. On ITCertKeys-PR01, run the net session command. B. On ITCertKeys-PR01, run the netstat command. C. On ITCertKeys-PR01, run the netsh command. D. On ITCertKeys-PR01, run the netcap command. Answer: D Explanation: Netstcap.exe is a command line tool that could be used to capture the network traffic. A filter can be created to be used during the capture to determine the MAC address the print jobs are being sent to. The Network Monitor Capture Utility ( Netcap.exe) can be used to capture network traffic in Network Monitor. Netcap provides capture abilities only from a command prompt; to open the resulting capture (.cap) files, you must use the full Network Monitor interface. Netcap is installed when you install the Support tools that are on the Windows XP CD-ROM. Netcap provides capture abilities that are similar to the version of Network Monitor that is included with the Windows Server products; however, you must use Netcap at a command prompt. Netcap installs the Network Monitor driver and binds it to all adapters when you first run the Netcap command. Incorrect Options: A: The net session command can be used to view the computer names and user names of users on a server, to see if users have files open, and to see how long each user's session has been idle. Net session manages server computer connections - used without parameters, net session displays information about all sessions with the local computer. B: The netstat command is not a utility to use when troubleshooting NetBIOS names, but is used to display TCP/IP and port information. C: The Network Shell utility (Netsh.exe) can perform a wide range of system configuration tasks. You can use commands in the Netsh Interface IP context to configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and WINS servers) and to display configuration and statistical information. Reference: Microsoft Knowledge Base: 306794: How to Install the Support Tools from the Windows XP CD-ROM Network Monitor is provided with Windows Server products and Microsoft Systems Management Server (SMS). Microsoft Corporation, 2004 Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd & Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, pp. 686, 854-856, 926 Question 2. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of two subnets. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. All servers are located in a central data center that uses a single IP subnet and all client computers are located in one subnet. The data center contains two routers named ITCertKeys-SR01 and ITCertKeys-SR02, two domain controllers named ITCertKeys-DC01 and ITCertKeys-DC02, and two file servers named ITCertKeys-SR03 and ITCertKeys-SR04. The IP addresses of these servers are indicated in the table below. Host name IP address ITCERTKEYS-DC01 10.10.10.1 ITCERTKEYS-DC02 10.10.10.2 ITCERTKEYS-SR01 10.10.1.1 ITCERTKEYS-SR02 10.10.1.2 ITCERTKEYS-SR03 10.10.11.1 ITCERTKEYS-SR04 10.10.11.2 You have received instruction from the CIO to install a new database server in the data center. You install Windows Server 2003 on a new server computer named ITCertKeys-DB01 and hand it over to a database administrator named Dean Austin. Dean Austin installs Microsoft SQL Server 2005 and makes some changes to the TCP/IP settings on ITCertKeys-DB01 as shown in the following table. Parameter Value IP address 10.10.1.3 Subnet mask 255.255.255.0 Default gateway 10.10.1.2 Later, Dean Austin complains that ITCertKeys-DB01 cannot communicate with the other servers in the data center. All other servers in the data center can communicate with the other servers as well as the client computers. You log on to ITCertKeys-DB01 and attempt to ping ITCertKeys-DC01 but you receive the following error message: "Destination host unreachable". What should you do to ensure that ITCertKeys-DB01 can communicate with the other computers in the ITCertKeys.com network? A. Configure ITCertKeys-DB01 with a default gateway of 10.10.1.1. B. Configure ITCertKeys-DB01 with a subnet mask of 255.255.0.0. C. Configure ITCertKeys-DB01 with an IP address of 10.10.10.3. D. Configure ITCertKeys-DB01 with an IP address of 10.10.11.3. Answer: B Explanation: Large networks are subdivided to create smaller subnetworks to reduce overall network traffic by keeping local traffic on the local subnet and sending all nonlocal traffic to the router. In order to create a subnetwork, we need to have a system for addressing that allows us to use the network ID and host ID within the class-based system. This is accomplished through the use of a subnet mask. To determine the appropriate custom subnet mask (typically referred to simply as subnet mask) for a network, you must first: 1. Determine the number of host bits to be used for subnetting. 2. Determine the new subnetted network IDs. 3. Determine the IP addresses for each new subnet. 4. Determine the appropriate subnet mask. Incorrect Answers: A: You need to assign the correct subnet mask to ensure connectivity. C, D: The problem in this scenario is not a faulty IP address. It is the appropriate subnet mask that has to be determined to enable connectivity. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p. 57 Question 3. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of two subnets named Subnet A and Subnet B. Subnet A and Subnet B are connected by a router. All computers on the ITCertKeys.com network are configured with static IP addresses. All network servers run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com hires a new Sales manager named Amy Wilson. You install a new client computer named ITCertKeys-WS291 for Amy Wilson. You then add ITCertKeys-WS291 to Subnet A. The relevant portion of the network is configured as shown in the exhibit. However, Amy Wilson complains that ITCertKeys-WS291 cannot communicate with other hosts on the network. What should you do to ensure that ITCertKeys-WS291 can communicate with all local and remote computers on the ITCertKeys.com network? A. Configure ITCertKeys-WS291 with a default gateway of 192.168.28.84. B. Configure ITCertKeys-WS291 with a default gateway of 192.168.2.1. C. Configure ITCertKeys-WS291 with a subnet mask of 255.255.255.128. D. Configure ITCertKeys-WS291 with a subnet mask of 255.255.255.192. Answer: C Explanation: It is evident from the exhibit that the file server and ITCertKeys-WS291 have a different subnet mask. This is the reason why they cannot communicate with each other. You must therefore change the subnet mask of ITCertKeys-WS291 to 255.255.255.128. Incorrect Answers: A, B: The problem is not the gateway IP address that is faulty, but rather the subnet mask. D: This option suggests the correct object that has to be changed, but it gives the wrong subnet mask. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p. 57 Question 4. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com has its headquarters in Chicago and branch offices in Dallas and Miami. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. You work in the Miami branch office. The network at the Miami branch office consists of 25 different subnets, each with a maximum of six computers. The network administrator at headquarters has allocated the 192.168.3.0/24 network address to the Miami branch office. You install a new server named ITCertKeys-SR21 in the Miami branch office. You need to configure the Internet Protocol (TCP/IP) properties for ITCertKeys-SR21. You configure ITCertKeys-SR21 with an IP address of 192.168.3.44. What subnet mask should you use? A. A subnet mask of 255.255.255.0. B. A subnet mask of 255.255.255.128. C. A subnet mask of 255.255.255.192. D. A subnet mask of 255.255.255.240. E. A subnet mask of 255.255.255.248. Answer: E Explanation: The network address is: 192.168.2.0/24, which means 11111111.11111111.11111111.0 in binary. Therefore, you can use the last octet to configure the 30 subnets and 6 hosts in each Subnet You need only six host PCs. When you convert to binary, it is: 00000111. As a result, you use 3 bits. This leaves 5 bits for the subnets 11111000 converted to decimal: 128+64+32+16+8=248, therefore the subnet mask will be: 255.255.255.248. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p.57 Question 5. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com has its headquarters in Chicago and a branch office in Dallas. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. You work in the Dallas branch office. The network at the Dallas branch office consists of a single subnet that contains 150 client computers and 12 servers. The network administrator at headquarters has allocated the 10.10.0.0/16 network address to the Dallas branch office. You have received instruction from your manager to place all servers at the Dallas branch office into a separate subnet that uses the 192.168.10 public addressing scheme. Your manager asks you to make allowance for a maximum of 30 servers in the new subnet. Which subnet mask should you use for the new subnet? A. 255.255.255.224 B. 255.255.255.240 C. 255.255.255.248 D. 255.255.255.252 E. 255.255.255.254 Answer: A Explanation: A 255.255.255.224 subnet mask gives five host address bits, so the maximum number of host addresses is 2 ^ 5 - 2 = 30 host addresses. Thus 255.255.255.224 is the only subnet mask that will allow for sufficient IP addresses in case of further growth, whilst still conserving as many current addresses as possible. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p. 62 Question 6. DRAG DROP You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. You have installed a new server named ITCertKeys-SR06 on the network. The relevant portion of the network is shown on the exhibit. You want to configure ITCertKeys-SR06 with a valid static IP configuration. ITCertKeys-SR06 must be able to communicate with all hosts on the network and on the internet. You also need to configure ITCertKeys-SR06 to use the DNS server on the local subnet for name resolution. In addition, you must configure redundancy for name resolution. How should you configure ITCertKeys-SR06? To answer drag the appropriate IP addresses and Subnet masks to the appropriate places. Answer: Explanation: The Class C address 192.168.0.100 has to be the IP address to enable ITCertKeys-SR06 to communicate with all hosts on the network and on the internet as 192.168.0.1, 192.168.0.2 and 192.168.0.110 are already in use. 192.168.5.2 and 192.168.5.100 are on the wrong subnet, and besides, 192.168.5.12 is already in use. The subnet mask for this Class C address is 255.255.255.0. The default gateway should be 192.168.0.1. To configure redundancy for name resolution, configure the preferred DNS server/primary address as 192.168.0.2, and the alternate DNS server/secondary address as 192.168.5.2. Reference: J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Part 1, Chapter 2, pp. 80-116 Question 7. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com has its headquarters in Chicago and branch offices in Dallas and Miami. You work in the Miami branch office. The Miami branch office has a file server named ITCertKeys-SR25 that hosts critical documents. ITCertKeys-SR25 is configured with a DHCP client reservation. ITCertKeys.com users from all three offices download documents from ITCertKeys-SR25. One day ITCertKeys.com users complain that they cannot access the documents on ITCertKeys-SR25. You discover that the DHCP server has failed. The DHCP server is located at headquarters. You have received instruction from the CIO to ensure that ITCertKeys-SR25 is available even if it is unable to obtain or renew a lease from the DHCP server. How could you accomplish this task? A. On the DHCP server, increase the DHCP lease period. B. Configure alternate IP settings for ITCertKeys-SR25 on the Alternate Configuration tab of the Internet Protocol (TCP/IP) properties. C. Configure the DHCP scope in the 169.254.0.1. - 169.254.255.254 range. D. On the DHCP server, configure the DHCP 001 Resource Location Servers reservation option for ITCertKeys-SR25. Answer: B Explanation: Windows Server 2003 includes the Alternate Configuration feature. The Windows Server 2003 servers can be configured to use an alternate static IP configuration if a DHCP server is unavailable. When a DHCP client determines that the DHCP server is unavailable, it will automatically change over and also configure the TCP/IP stack with the static address information specified on the Alternate Configuration tab of the Internet Protocol (TCP/IP) properties. Incorrect Answers: A: Increasing the lease period would result in DHCP clients requesting leases less frequently, but won't guarantee that ITCertKeys-SR25 will be available when the DHCP server is down. C: Modifying the DHCP scope to the 169.254.0.1. - 169.254.255.254 range will still be reliant on the DHCP server. D: Configuring the DHCP 001 Resource Location Servers reservation option for ITCertKeys-SR25 on the DHCP server will not ensure that ITCertKeys-SR25 will receive an IP address or have the IP address renewed. Reference: J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Part 1, Chapter 2, pp. 114, 117 Question 8. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a server named ITCertKeys-SR34. ITCertKeys-SR34 is configured as a DHCP server and has been authorized in Active Directory. The Telnet service has been installed and started on ITCertKeys-SR34. One day ITCertKeys.com users complain that they cannot access network resources. Your investigations reveal that the DHCP Server service on ITCertKeys-SR34 has stopped. You install the administrative tools on a client computer named ITCertKeys-WS291 and log on to the computer. When you open the DHCP console on ITCertKeys-WS291 and attempt to connect to ITCertKeys-SR34, you receive an error message that states: "Cannot find the DHCP Server." You then attempt to ping ITCertKeys-SR34 but fail. How can you connect to the DHCP Server service on ITCertKeys-SR34 by using the DHCP console on ITCertKeys-WS291? A. Establish a Telnet session to ITCertKeys-SR34 and then run the net start dhcp command. B. Establish a Telnet session to ITCertKeys-SR34 and then run the net start dhcpserver command. C. Establish a Telnet session to ITCertKeys-SR34 and then run the ipconfig /renew command. D. On ITCertKeys-WS291, run the netsh dhcp server\\ ITCertKeys-SR34 show server command. Answer: B Explanation: You can start the DHCP Server service by executing the Net Start Dhcpserver command at the command prompt. Telnet is a protocol that enables an Internet user to log on to and enter commands on a remote computer linked to the Internet, as if the user were using a text-based terminal directly attached to that computer. Telnet is part of the TCP/IP suite of protocols. The term telnet also refers to the software (client or server component) that implements this protocol. Given the fact that you can ping ITCertKeys-SR34 you should then establish a Telnet session to ITCertKeys-SR34 and then run the appropriate command. Reference: J. C. Mackin & Ian McLean, MCSA/MCSE self-paced training kit (exam 70-291): implementing, managing, and maintaining a Microsoft Windows Server 2003 network infrastructure, Microsoft Press, Redmond, 2004, p. 7-23 Question 9. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a server named ITCertKeys-SR51 that is configured as a print server for a print device that has a built-in network interface. The print device is used by the Sales department to print Sales reports. A ITCertKeys.com user named Clive Allen is a member of the Sales department. Clive Allen complains that he cannot print to the print device attached to ITCertKeys-SR51. You verify that the IP address for ITCertKeys-SR51 is correct and that the correct drivers for the print device are installed. You now want to verify that the print jobs are being sent to the correct MAC address for ITCertKeys-SR51. You log on to ITCertKeys-SR51. What should you do next? A. Run the net session command. B. Run the netstat command. C. Run the netsh command. D. Run the netcap command. Answer: D Explanation: Netstcap.exe is a command line tool that could be used to capture the network traffic. A filter can be created to be used during the capture to determine the MAC address the print jobs are being sent to. The Network Monitor Capture Utility ( Netcap.exe) can be used to capture network traffic in Network Monitor. Netcap provides capture abilities only from a command prompt; to open the resulting capture (.cap) files, you must use the full Network Monitor interface. Netcap is installed when you install the Support tools that are on the Windows XP CD-ROM. Netcap provides capture abilities that are similar to the version of Network Monitor that is included with the Windows Server products; however, you must use Netcap at a command prompt. Netcap installs the Network Monitor driver and binds it to all adapters when you first run the Netcap command. Incorrect Options: A: The net session command can be used to view the computer names and user names of users on a server, to see if users have files open, and to see how long each user's session has been idle. Net session manages server computer connections - used without parameters, net session displays information about all sessions with the local computer. B: The netstat command is not a utility to use when troubleshooting NetBIOS names, but is used to show what ports your computer is listening on.: -R is used to reload your LMHOSTS file located in %systemroot%\system32\drivers\etc., -r will show you which name resolutions have been answered via broadcasts, and which have been answered via a NetBIOS name server, -RR switch of the command utility refreshes your NetBIOS name with a configured WINS server. C: The Network Shell utility (Netsh.exe) can perform a wide range of system configuration tasks. You can use commands in the Netsh Interface IP context to configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and WINS servers) and to display configuration and statistical information. Reference: Microsoft Knowledge Base: 306794: How to Install the Support Tools from the Windows XP CD-ROM Network Monitor is provided with Windows Server products and Microsoft Systems Management Server (SMS). Microsoft Corporation, 2004 Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd & Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, pp. 686, 854-856, 926 Question 10. Network Topology Exhibit: LAN Settings Exhibit: You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a Microsoft Internet Security and Acceleration (ISA) Server computer named ITCertKeys-SR01, a DNS server named ITCertKeys-SR02, a DHCP server named ITCertKeys-SR03, a file server named ITCertKeys-SR21, and a Web server named ITCERTKEYS-SR25. ITCertKeys-SR25 also serves as a central antivirus server. ITCertKeys-SR21 is located on the 10.10.11.0 subnet and ITCertKeys-SR25 is located in the perimeter network. ITCertKeys-SR21 contains antivirus software that checks for new virus definitions on ITCertKeys-SR25 every hour. You can also access ITCertKeys-SR25 through a virus update Web page to perform manual virus definition updates. ITCertKeys-SR03 suffers a catastrophic failure and is removed from the network. Due to budgetary constraints, a replacement for ITCertKeys-SR03 will only be acquired in the next financial year. You need to redesign network addressing scheme, and change the IP addresses for ITCertKeys-SR01 to the addresses shown in the Network Topology exhibit. ITCertKeys-SR02 contains the new host (A) resource records for ITCertKeys-SR01. You receive reports about a new virus threat and want to protect the network immediately by manually downloading the new virus definitions to ITCertKeys-SR21. you log on to ITCertKeys-SR21 but discover that you cannot access the virus update Web page on ITCertKeys-SR25. The static TCP/IP configuration on ITCertKeys-SR21 uses ITCertKeys-SR02 as the preferred DNS server. You confirm that ITCertKeys-SR01 is configured properly. On ITCertKeys-SR21, you view the Internet Explorer LAN settings that are shown in the LAN Settings exhibit. What should you do to allow ITCertKeys-SR21 to connect to ITCertKeys-SR25? A. At a command prompt on ITCertKeys-SR21, run the ipconfig /flushdns command. B. In the LAN settings of Internet Explorer on ITCertKeys-SR21, select the Automatically detect settings check box. C. At a command prompt on ITCertKeys-SR01, run the ipconfig / flushdns command. D. At a command prompt on ITCertKeys-SR01, run the ipconfig /registerdns command. Answer: A Explanation: Running the ipconfig /flushdns command will flush and reset the DNS resolver cache which is necessary to allow connection. Run this command on ITCertKeys-SR21 to connect to ITCertKeys-SR25. Incorrect Answers: B: Selecting the "Automatically detect settings" checkbox is not going to allow ITCertKeys-SR21 to connect to WWW. C: The ipconfig /flushdns command flushes and resets the DNS resolver cache. This is not what is necessary. D: The ipconfig /registerdns command refreshes all DHCP leases and registers any related DNS names. This option is available only on Windows 2000 and newer computers that run the DHCP Client service. This is not going to allow ITCertKeys-SR21 to connect to WWW when it is run on ITCertKeys-SR01. Reference: James Chellis, Paul Robichaux and Matthew Sheltz, MCSA/MCSE: Windows Server 2003 Network Infrastructure Implementation, Management, and Maintenance Study Guide, p. 311
|
Question 1. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory forest. The functional level of the forest is set at Windows Server 2003. The ITCertKeys.com network contains a file server named ITCertKeys-SR07 that hosts a shared folder in a child domain in ITCertKeys.com's forest. ITCertKeys.com has a sister company that has its own Active Directory forest. You need to ensure that users, who belong to a child domain in the sister company's Active Directory forest, are provided with access to the shared folder in the child domain in ITCertKeys.com's Active Directory forest. You also need to ensure that these users are unable to access any other resources in ITCertKeys.com's forest. What should you do? A. You have to create an external trust, and configure it with the selective authentication option. B. You have to create a forest trust, and configure it with the domain-wide authentication option. C. You have to create an external trust, and configure it with the domain-wide authentication option. D. You have to create a forest trust, and configure it with the selective authentication option. Answer: A Explanation: An external trust is always nontransitive, and can be either one-way or two-way. This type of trust is used to create a relationship between a Windows Server 2003 domain and one running Windows NT 4.0. It can also be used to connect two domains that are in different forests, and don't have a forest trust connecting them. In this scenario, you have to create outgoing external trust from the domain where the file server is located to the sister company's domain where the users require access to a resource in ITCertKeys.com's forest. This will allow users from the sister company's domain to authenticate directly to ITCertKeys.com's resource domain. Selective authentication allows users from a trusted domain to authenticate only to those resources to which they are explicitly allowed to authenticate. Incorrect Answers: B, D: A forest trust is appropriate when users from multiple domains in one forest require access to resources in multiple domains in another forest. C: Configuring Domain-wide authentication would provide users from trusted domains the same level of access to local resources that local users have. Question 2. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. A new ITCertKeys.com security policy requires that all user passwords expire every 45 days. You configure a password policy that meets this requirement in a new Group Policy object (GPO) linked to the ITCertKeys.com domain. Users are now prompted to change their passwords on a regular basis. While performing a maintenance procedure on a domain controller three months later, you restart the domain controller in Directory Services Restore Mode (DSRM) and discover that the old administrative password still works. You need to ensure that DSRM password is changed on this domain controller. What should you do? A. You have to configure the password policy in the Default Domain Controllers Policy GPO in normal mode. B. You should reset the password for the local Administrator account in normal mode using Computer Management. C. You have to configure the password policy in the Default Domain Policy GPO in normal mode. D. You should reset the DSRM password in normal mode using the Ntdsutil utility. Answer: D Explanation: When you restart a domain controller in DSRM, the Active Directory service is not activated and the domain controller will act as a stand alone server. To log on to a computer in DSRM and to comply with the security policy, you need to set a password by using the Ntdsutil utility when the domain controller is operating in DSRM. Incorrect Answers: A, C: If the password policies were configured in the GPOs, it will not affect DSRM passwords on domain controllers. B: You will not find any local user accounts on a domain controller. Question 3. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory network named itcertkeys.com. ITCertKeys.com has headquarters in London and branch office in Paris. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains a Sales department. The headquarters in London contains a Windows Server 2003 computer named ITCERTKEYS-SR03 that hosts the ITCertKeys.com public Web site. The public Web site consists of the goods that are advertised by the Sales department. ITCERTKEYS-SR03 is running IIS 6.0. Due to the demand on the public Web site, you installed a new ASP.NET-based application on the public Web site. A ITCertKeys.com manager named Andy Reid is responsible for updating the public Web site on a regular basis. After the installation of the new ASP.NET-based application, Andy Reid access the public Web site, however, he received an error message stating that the page cannot be found. Andy Reid needs to access the public Web site to update the data. You need to ensure that the new ASP.NET-based application works. What should you do? A. You need to select support for Active Server Pages. B. You should assign the proper permissions to the Authenticated Users group for the new ASP.NET-based application. C. You need to acquire a server certificate from your corporate certification authority and install the certificate. D. You need to select only the required Web service extensions. Answer: D Explanation: By default, in Windows Server 2003, the Internet Information Services (IIS) has only static HTML content. You will only receive an HTTP error 404 if dynamic content is requested. You need to enable the support for the appropriate Web service extensions in IIS Manager to provide dynamic content. Incorrect Answers: A: Since ASP and ASP.NET are different, there is no need to support ASP. B: It is unlikely that the Authenticated Users group needs to be assigned any permission to access. public Web site allow anonymous access. C: The scenario does not state that the new application requires a certificate for SSL encryption or for another purpose, and even if it did, a certificate issued would not be trusted by the general public. Question 4. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains a Finance department. ITCertKeys.com contains a domain controller named ITCERTKEYS-DC01 which resides in the Finance department. Due to the confidential information of the data that reside on the domain controller, you need to make sure that the security is established at all time on ITCERTKEYS-DC01. You then access the Security Configuration and Analysis (SCA) MMC snap-in, and receive the following database log file as seen in the exhibit. Exhibit: You need to ensure that security is established on the ITCertKeys.com network around the clock. What should you do? A. Reconfigure the "Minimum Password Length" security policy. B. Reconfigure the "Lockout Duration" security policy. C. Reconfigure the "Password Must Meet Complexity Requirements" security policy. D. Reconfigure the "Minimum Password Age" security policy. Answer: A Explanation: The Security Configuration and Analysis (SCA) Microsoft Management Console (MMC) snap-in is used to evaluate a computer's security settings with a predefined security template. The exhibit shows that disparity exists between the value of the " Minimum Password Length" setting on ITCERTKEYS-DC01 and the setting's value that is configured in the currently loaded security template. Incorrect Answers: B, C, D: The Lockout Duration, Password Must Meet Complexity Requirements, and Minimum Password Age settings are marked as Not Configured. Reconfiguring these would result in inconsistent security on the ITCertKeys.com network as only ITCERTKEYS-DC01 will be configured with these settings. Question 5. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com is a relatively new company and at present has to share premises with other companies. Consequently there are added security risks and as a precautionary measure all the itcertkeys.com servers are located and maintained in a strong room and kept under lock and key. As a further precautionary measure you also applied the securedc.inf and the securews.inf security templates to the relative computers. There is however still the threat that unauthorized physical access could still be possible in lieu of the shared premises and unauthorized attempts at guessing the itcertkeys.com user's passwords. You received instructions from the CIO to ensure that added security measures are implemented to minimize the possibility of user passwords being at risk. What should you do? A. On all the domain controllers, you need to apply the hisecdc.inf predefined security template. B. You need to generate a system key with the Syskey utility, and then specify that this system key be stored locally. C. On all the member servers, you need to apply the hisecws.inf predefined security template. D. You need to generate a system key with the Syskey utility, and then specify that this system key be stored on a floppy disk. Answer: D Explanation: To provide protection to user passwords, you need to use the Syskey utility. This will allow you to generate a system key that is used to encrypt passwords. The three levels of protection that is offered by the Syskey utility are as follows: 1. Store the system key locally on a computer, which is not secure. 2. Use an administrative-assign password or 3. Store the system key on a floppy disk, which is required at startup. Incorrect Answers: A, C: Hisecdc.inf and hisecws.inf are more secure than securedc.inf and securews.inf, however, it will not stop the unauthorized user to guess passwords. B: Storing the system key locally on the computer is the least secure option. Question 6. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains a Sales department. The ITCertKeys.com network contains a file server named ITCERTKEYS-SR13. ITCERTKEYS-SR13 hosts a shared folder which keeps the latest goods which the users needs to access. A ITCertKeys.com employee named Andy Booth works in the Sales department. One morning Andy Booth complains that the performance of ITCERTKEYS-SR13 is very slow. To avoid that employees contact you regarding the performance of the file server, you are going to set counters to alarm you if any bottlenecks occur on ITCERTKEYS-SR13. . You then create a counter, and choose the following monitoring counters. 1. PhysicalDisk: %Disk Time 2. Processor: % Processor Time 3. Network Interface: Bytes Total/sec. What should your next step be? A. You should specify the threshold values for performance counters, which will produce a message to your workstation when reached. B. Navigate to the System performance object, and select a ProcessorQueue Length counter. C. Use the CSV format and configure a trace log that runs always, export the performance data to a spreadsheet manually. D. Use the CSV format and configure a counter log that record performance data on a constant basis. Answer: A Explanation: Alerts can be configured when thresholds are reached. This will allow you to receive a message when the threshold values are reached. Incorrect Answers: B: To find a bottleneck in a subsystem, the ProcessorQueue Length counter is used. This will not help you in defining an alert. C: If you want to record selected system application events, you should use the Trace logs. D: Although using this option will gather the required performance data for bottleneck detection, it would not enable you to configure an alert. Question 7. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com consists of a Research department. The ITCertKeys.com network contains a domain controller named ITCERTKEYS-DC03. ITCERTKEYS-DC03 is used to communicate with other companies which form part of the alliances. You do not want ITCERTKEYS-DC03 to slack in performance, because it will influence the tasks of the employees in ITCertKeys.com. You want to forward a network message to your client computer in your office when CPU utilization goes beyond 80 percent. You thus need to configure ITCERTKEYS-DC03 to forward a network message to your client computer when CPU utilization goes beyond 80 percent. What should you do? A. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the Services MMC snap-in. B. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the Performance Logs and Alerts MMC snap-in. C. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the Network Monitor. D. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the System Monitor. Answer: B Explanation: The Performance Logs and Alerts Microsoft Management Console (MMC) snap-in can be used to configure alerts that trigger an action. Incorrect Answers: A: The Services MMC snap-in can be used to view and modify system and network services that are installed on a Windows Server 2003 computer. You need to set alerts. C: Network Monitor is not the tool to be used in this case as it is usually used to capture and decode incoming an outgoing network packets. D: System Monitor is used to view real-time hardware and software performance data, but in this case you require the Performance Logs and Alerts Microsoft Management Console.. Question 8. You work as a network administrator for ITCertKeys.com. The network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com contains six domain controllers of which two each is configured to run Windows Server 2003, Windows 2000 Server, and Windows NT Server 4.0 The ITCertKeys.com departments are organized into organizational units (OUs). As such the Administration OU is named ITK_ADMIN, and the OU is named the ITK_SALES. All file servers for all departments are located in their respective OUs. The ITK_SALES OU is a child OU of the ITK_ADMIN OU. A new ITCertKeys.com written security policy states that the Administration department servers must be configured with security settings that are enhanced from the default settings. The ITCertKeys.com written security policy further also states that the Sales department servers must be configured with security settings that are enhanced from the default settings, and auditing should be enables for file and folder deletion. Your instructions are to plan the security policy settings of the Administration and Sales departments to ensure compliance with the written security policy. To this end you decide to make use of a Group Policy Objects (GPO) for each of these departments. What should you do next? A. One GPO must apply the Compatws.inf security template to computer objects. Link this GPO to the ITK_ADMIN OU. The second GPO must enable the Audit object access audit policy on computer objects. Link this GPO to the ITK_SALES OU. B. One GPO must apply the Securews.inf security template to computer objects. Link this GPO to the ITK_ADMIN OU. The second GPO must enable the Audit object access audit policy on computer objects. Link this GPO to the ITK_SALES OU. C. One GPO must apply to the Compatws.inf security template to computer objects. Link this GPO to the ITK_ADMIN OU. The second GPO must apply the Hisecws.inf security template to computer objects. Link this GPO to the ITK_SALES OU. D. One GPO must apply the Securews.inf security template to computer objects. Link this GPO to both the ITK_ADMIN and the ITK_SALES OUs. The second GPO must enable the Audit object access audit policy on computer objects. Link this GPO to the ITK_SALES OU. Answer: B Explanation: The Securews.inf template contains policy settings that increase the security on a workstation or member server to a level that remains compatible with most functions and applications. The template includes many of the same account and local policy settings as Securedc.inf, and implements digitally signed communications and greater anonymous user restrictions. Audit Object Access A user accesses an operating system element such as a file, folder, or registry key. To audit elements like these, you must enable this policy and you must enable auditing on the resource that you want to monitor. For example, to audit user accesses of a particular file or folder, you display its Properties dialog box with the Security tab active, navigate to the Auditing tab in the Advanced Security Settings dialog box for that file or folder, and then add the users or groups whose access to that file or folder you want to audit. Incorrect Answers: A, C: The Compatws.inf security template is designed for Windows NT compatible applications that require lower security settings in order to run. These settings are lower than the default settings. D: The ITK_SALES OU is a child OU of the ITK_ADMIN OU. GPO settings applied to parent OUs are inherited by child OUs; therefore we do not need to link the GPO to both the ITK_ADMIN OU and the ITK_SALES OU. Reference: Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, Chapters 9 and 10 Question 9. You work as the network administrator for ITCertKeys.com. The ITCertKeys.com network contains 50 application servers that are configured with Windows Server 2003. At present the security configuration of the ITCertKeys.com is not uniformly applied. Local administrators, based on their different knowledge and skill levels, were responsible for the configuration of the security settings on each of the application servers. This resulted in a wide variety of authentication methods, audit settings and account policy settings. ITCertKeys.com thus appointed a security team to complete a new network security design. Included in the design is a baseline configuration for the security settings on all servers. The baseline security settings use the hisecws.inf predefined security template. The design also requires modified settings for servers in an application server role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named application.inf that contains the required settings. You received instruction to plan the deployment of the new security design. Your plan must ensure that all application servers' security settings are standardized, and that after the security settings on all application servers comply with the design requirements. What should you do? A. First apply the setup security.inf template, and then apply the hisecws.inf template, and then the application.inf template. B. First apply the Application.inf template and then the Hisecws.inf template. C. First apply the Application.inf template, and then apply the setup.inf template, and then the hisecws.inf template. D. First apply the Setup.inf template and then the application.inf template Answer: A. Explanation: The servers currently have different security settings. Before applying our modified settings, we should reconfigure the servers with their default settings. This is what the security.inf template does. Now that our servers have the default settings, we can apply our baseline settings specified in the hisecws.inf template. Now we can apply our custom settings using the application.inf template. Incorrect Answers: B: The hisecws.inf template would overwrite the custom application.inf template. C: The setup.inf security template doesn't exist. To return a system to its default security settings, we use the security.inf template. D: The setup.inf security template doesn't exist. To return a system to its default security settings, we use the security.inf template. Reference: Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 13:62 David Watts & Will Willis, Windows Server 2003 Active Directory Infrastructure Exam Cram 2 (Exam 70-294): Que Publishing, Indianapolis, 2004, Chapter 8 Question 10. You work as a network administrator for ITCertKeys.com. The ITCertKeys.com network contains Terminal servers that host legacy applications. Only ITCertKeys.com users that have Power Users group membership can run these legacy applications. A new ITCertKeys.com security policy states that the Power Users Group must be empty on all servers. You are thus required to ensure that the legacy applications will be available to users on the servers when the new security requirement is enabled. What should you do? A. In the domain, the Domain Users Global group should be added to the Remote Desktop Users built-in group in the domain. B. On each terminal server, the Domain Users Global group should be added to the Remote Desktop Users local group. C. Allow the Local Users group to run the legacy applications my modifying the compatws.inf security template settings. Import the security settings into the default Domain Controllers Group Policy Object. D. Allow the Local Users group to run the legacy applications by modifying the compatws.inf security template settings. Apply the modified template to each terminal server. Answer: D Explanation: The default Windows 2000 security configuration gives members of the local Users group strict security settings, while members of the local Power Users group have security settings that are compatible with Windows NT 4.0 user assignments. This default configuration enables certified Windows 2000 applications to run in the standard Windows environment for Users, while still allowing applications that are not certified for Windows 2000 to run successfully under the less secure Power Users configuration. However, if Windows 2000 users are members of the Power Users group in order to run applications not certified for Windows 2000, this may be too insecure for some environments. Some organizations may find it preferable to assign users, by default, only as members of the Users group and then decrease the security privileges for the Users group to the level where applications not certified for Windows 2000 run successfully. The compatible template (compatws.inf) is designed for such organizations. By lowering the security levels on specific files, folders, and registry keys that are commonly accessed by applications, the compatible template allows most applications to run successfully under a User context. In addition, since it is assumed that the administrator applying the compatible template does not want users to be Power Users, all members of the Power Users group are removed. Incorrect Answers: A, B: Global group is a group that is available domain-wide in any domain functional level, so why would you add to another group. C: The Compatws.inf template is not intended for domain controllers, so you should not link it to a site, to the domain, or to the Domain Controllers OU Reference: Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 8:5 Dan Holme, and Orin Thomas, MCSA/MCSE Self-Paced Training Kit: Upgrading Your Certification to Microsoft Windows Server 2003: Managing, Maintaining, Planning, and Implementing a Microsoft Windows Server 2003 environment: Exams 70-292 and 70-296, Chapter 9 Question 11. SIMULATION You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a Web server named ITCERTKEYS-SR05 that hosts ITCertKeys.com's default Web site to which you have assigned a Web server certificate. You have created a virtual directory off the default Web site called ITKApp. Only users with a valid certificate should be allowed to access ITKApp, and only https should be used to make connections to ITKApp. A freelancer named Rory Allen recently accessed ITKApp from a client computer with the IP address of 192.168.100.67/26. You are informed that users from that particular subnet should not be allowed to access ITKApp any longer. You need to ensure that the appropriate configuration changes are made, while also ensuring that these changes do not affect access to the default web site or any of the other virtual directories. What should you do? To answer, configure the appropriate options to meet these requirements in the simulation. Answer: Open Administrative Tools by clicking Start, Programs, and then Administrative Tools; or Start, Control Panel, and then Administrative Tools. In Administrative Tools, open Internet Information Services (IIS) Manager to open the IIS Management console. In the right-hand pane of the IIS console, expand the ITCertKeys-SR05 (local computer) node, the Web Sites node, and then the Default Web Site node. Under the Default Web Site node, right-click on WebApp and select Properties from the pop-up menu. In the WebApp Properties dialog box that appears, click on the Directory Security tab. In the Secure Communications section of the Directory Security tab, click the Edit button to open the Secure Communications dialog box. In the Secure Communications dialog box, select the Require SSL check box and the Require client certificates radio button. Then click OK. In the Authentication and Access Control section of the Directory Security tab, click the Edit button to open the Authentication Methods dialog box. In the Authentication Methods dialog box, clear the Enable Anonymous Access check box and click OK. In the IP Address and Domain Name Restrictions section of the Directory Security tab, click the Edit button to open the IP Address and Domain Name Restrictions dialog box. In the IP Address and Domain Name Restrictions dialog box, select the Granted Access radio button next to the By default all computers will be: option and click the Add button in the Except the following: section. In the Deny Access dialog box that appears, select the Group of Computers radio button and enter the network address 192.168.100.64 in the Network ID text box, and enter 255.255.255.192 in the subnet mask text box. Then click OK to close the Deny Access dialog box. Click OK on the IP Address and Domain Name Restrictions dialog box to close the IP Address and Domain Name Restrictions dialog box. Finally, click OK on the WebApp Properties dialog box to close the WebApp Properties dialog box Explanation: In this scenario, the ITKApp virtual directory has been created off the default Web site, which has a Web server certificate assigned to it. You have to ensure that users connect to ITKApp using only https. You have to configure this restriction on the ITKApp virtual directory, not the default Web site. Enabling Require SSL and will ensure that users use only https. Enabling Require client certificates and clearing the that only users with Enable Anonymous Access check box will ensure that only users with valid certificates are able to access ITKApp. Configuring restrictions for the 192.168.100.64 IP address and 255.255.255.192 mask will ensure that users on the same subnet as the computer that Rory Allen used to access ITKApp are not allowed to access ITKApp any longer. Question 12. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCERTKEYS-SR07. ITCERTKEYS-SR07 is used to stores data for the Sales department at ITCertKeys.com. A ITCertKeys.com user named Rory Allen works in the Sales department. One morning Rory Allen informs you that he cannot access ITCERTKEYS-SR07. During the investigation you attempt to ping ITCERTKEYS-SR07 by host name and by IP Address. Both attempts are unsuccessful. You then issue the nbtstat –c command on your client computer named ITCERTKEYS-WS293 and discovers that ITCERTKEYS-SR07 is registered in WINS with the IP address of 192.168.5.64, according to the NetBIOS name cache on ITCERTKEYS-WS293. You suspect that the IP Address associated with ITCERTKEYS-SR07 in the NetBIOS name cache is incorrect. You attempt to resolve the problem by re-registering ITCERTKEYS-SR07 with WINS. What should you do NEXT? A. Run the ipconfig /registerdns command from a command prompt window on ITCERTKEYS- WS293. B. Run the ipconfig /release and ipconfig /renew commands from a command prompt window on ITCERTKEYS-WS293. C. Run the ipconfig /registerdns command from a command prompt window on ITCERTKEYS- SR07. D. Run the ipconfig /release and ipconfig /renew commands from a command prompt window on ITCERTKEYS-SR07. Answer: C Explanation: The problem can be that ITCERTKEYS-SR07's IP address has been changed, but the change has not been reflected in WINS and DNS. What is thus required is that ITCERTKEYS-SR07 needs to be reregistered with both its configured WINS server and DNS server. Only then will you ensure that ITCERTKEYS-SR07's current IP address is available. You have already re-registering ITCERTKEYS-SR07 with WINS. You now need to re-registering ITCERTKEYS-SR07 with DNS. Running the ipconfig /registerdns command on ITCERTKEYS-SR07 will force ITCERTKEYS-SR07 to re-register with DNS. Incorrect Answers: A: The ipconfig /registerdns command initiates manual dynamic registration for the DNS names and IP addresses that are configured at a computer. B, D: Issuing these commands is no guarantee to force ITCERTKEYS-SR07 to re-register with WINS and DNS.
|
Question 1. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The new ITCertKeys.com directive states that all departments in ITCertKeys.com should install Microsoft Windows Vista Business Edition on their respective workstations. You have been assigned to the Research department. To this end you are thus tasked with the responsibility to install Microsoft Windows Vista Business Edition on the Research Department's workstations. Following is a list of the workstation specifications as at present in the research department: 1. 1.2 GHz processor. 2. 256 MB of RAM. 3. 10 GB hard drive. 4. SVGA video card. 5. Integrated sound card. 6. 10/100 integrated network adapter. These computers are not ready to have Microsoft Windows Vista Business Edition installed. They lack certain minimum hardware requirements. You now need to identify these and upgrade the workstations accordingly so as to comply with the new ITCertKeys.com directive. What should you do? (Each correct answer presents part of the solution. Choose TWO.) A. You should upgrade the processor. B. You should upgrade the RAM. C. You should upgrade the video card. D. You should upgrade the hard drive. E. You should upgrade the network adapter. Answer: B, D Explanation: You must have at least 512 MB of RAM and a minimum 20 GB hard drive with 15 GB of free space to successfully install Windows Vista. Incorrect Answers: A: Windows Vista requires an 800 MHz CPU, so the current 1.2 GHz processor will be adequate and will thus not need to be upgraded. C: Windows Vista will function with an SVGA video card, although improvements in the user experience with Aero would require a Windows Display Driver Model (WDDM) capable video card. E: Windows Vista does not have a minimum network adapter requirement, making this option irrelevant in the circumstances. Question 2. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The new ITCertKeys.com directive states that all departments in ITCertKeys.com should install Microsoft Windows Vista Business Edition on their respective workstations. You have been assigned to the Research department. However, there is another company policy that states that all new installations and upgrades should be done on test computers prior to mass deployment. The Research department has a test computer named ITCertKeys-WS620. Following are the ITCertKeys-WS620 specifications: 1. Drive C (system drive) has 10 gigabytes (GB) of free space. 2. Drive D (programs drive) has 40 GB of free space. 3. Two memory slots exist, but only one is occupied with a 512 megabyte (MB) memory stick. 4. One 1.5 gigahertz (GHz) 32-bit processor is installed. To comply with the company policy and follow the new directive you thus plan to install Microsoft Windows Vista Business on ITCertKeys-WS620. Now you need to change the hardware configuration so that the computer can run Windows Vista Business. What should you do? A. You should install Windows Vista on Drive D. B. You need to free up space on Drive C. C. You should add more memory to the computer. D. You should add a faster processor to the computer. Answer: B Explanation: Operating systems must be installed on the system drive. In this scenario, the system drive on ITCertKeys-WS620 has only 10 GB of free space. Thus you should free up space on Drive C because Windows Vista requires 15 GB of free space for installation purposes. Incorrect Answers: A: You must install operating systems on the system drive. In this scenario, Drive C is the system drive. Thus you should not install Windows Vista on Drive D. C: The minimum memory capacity for a computer running Windows Vista is 512 MB and ITCertKeys-WS620 has 512 MB RAM. Thus you do not need to add more memory to the computer. D: There is no need to add a faster processor to the computer. The minimum processor speed for a computer running Windows Vista is 800 megahertz (MHz). Question 3. You work as the Desktop support technician at ITCertKeys.com. You have been instructed to deploy Microsoft Windows Vista operating system on all the ITCertKeys.com client computers. ITCertKeys.com is planning to deploy two sites: a primary and a secondary site. You want to carry out your duty be using the System Management Server (SMS) 2003 operating system deployment (OSD) Feature Pack. Consequently you need to install the SMS 2003 OSD Feature Pack and thus you need to take you first action. What should you do? A. SMS 2003 should be installed on the primary site server. B. SMS 2003 should be installed on the secondary site server. C. Windows Deployment Service (WDS) should be installed on the primary site server. D. Business Desktop Deployment (BDD) 2007 should be installed on the primary site server. Answer: A Explanation: Installing SMS 2003 on the primary site server will enable you to install SMS 2003 OSD Feature Pack. The System Management Server (SMS) 2003 operating system deployment (OSD) Feature Pack can be used to create a custom image to deploy Windows Vista operating system on the target computers. Incorrect Answers: B: SMS 2003 must be installed on the Primary site server and not on the secondary site server. You are however able to install SMS 2003 on all the site servers to support SMS 2003 OSD Feature Pack. C: WDS is used to deploy Windows Operation System on target computers using PXE network boot. It is in essence an enhanced version of Remote Installation Services (RIS) as it was used in previous versions of the Windows operating systems. You should not first install WDS on the primary site server. D: BDD 2007 is installed on the deployment server after SMS 2003 OSD Feature Pack is installed. Question 4. You work as the Desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been instructed to deploy Microsoft Windows Vista operating system on all the ITCertKeys.com client computers. You plan to make use of System Management Server (SMS) 2003 on a primary site server. You then use System Management Server (SMS) 2003 operating system deployment (OSD) Feature Pack to create a custom Windows Vista image. You need to deploy the Windows Vista image on the ITCertKeys.com client computers. The ITCertKeys.com client computers are currently using a mix of 32- and 64-bit processors. This means that you will need to take certain steps prior to deploying the image to the client computers. What should you do? (Each correct answer presents part of the solution. Choose TWO.) A. Check the size of the deployment logs. B. Identify the differences in 32- and 64-bit deployment. C. Verify that SMS 2003 OSD Feature Pack is installed on the client computer. D. Verify that the ITCertKeys.com computers have the appropriate system resources. E. Verify that the Windows Deployment Service (WDS) is installed on the ITCertKeys.com client computer. Answer: B, D Explanation: The ZTIvalidate.wsf file is used to determine that the target computer has the available resources required to deploy Windows operating system. Prior to deploying an SMS 2003 OSD Feature Pack on a target computer, you should verify that the computer has the appropriate system resources. You should also identify the differences in 64-bit and 32-bit deployment. BDD 2007 only supports only EM64T-enabled processors and the AMD 64 type processors. Incorrect Answers: A: Deployment logs are used to store information regarding the image installation process on each client computer. You should determine the storage capacity required for storing the deployment logs during the image installation process. One does not first determine the size of the deployment logs. C: The SMS 2003 OSD Feature Pack is installed on the primary site server and is used to create custom Windows image for Windows deployment on the target/client computers. You should thus not install it on the client computer. E: WDS is used to deploy Windows Operation System on target computers using PXE network boot. It is in essence an enhanced version of Remote Installation Services (RIS) as it was used in previous versions of the Windows operating systems. WDS is not installed on the client computer. Question 5. You are employed as an administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All client computers on the ITCertKeys.com network run Microsoft Windows Vista. A ITCertKeys.com policy states that all client computers should be configured to obtain all of the latest operating system updates. A new computer named ITCertKeys-WS624 was recently purchased. You received instructions to verify whether ITCertKeys-WS624 can obtain all of the latest operating system updates. What should you do? A. You need to confirm that ITCertKeys-WS624 has a Microsoft Windows Experience Index base score above 3.0. B. You need to configure Windows Defender to detect updates before scanning. C. You need to validate your Windows installation from the Microsoft Windows Genuine Advantage Web page. D. You need to run Microsoft Windows Vista Upgrade Advisor. Answer: C Question 6. You are employed as a network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network is divided into several departments of which the Sales department is one. The Sales department was assigned a client computer named ITCertKeys-WS622. Certkiller-WS622 has the following hardware configuration: 1. 512 MB of RAM 2. 10-GB hard disk 3. 933-MHz processor 4. 64-MB video adapter. You have received instructions from the manager to install Microsoft Windows Vista on ITCertKeys-WS622. Which hardware component fails the minimum hardware requirements? A. Memory. B. Hard disk. C. Processor. D. Video adapter. Answer: B Question 7. ITCertKeys.com has employed you as a desktop technician. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network is divided into several departments of which the Marketing department is one. The Marketing department was assigned a client computer named ITCertKeys-WS625. ITCertKeys-WS625 is currently running Microsoft Windows XP Professional. All the applications that are used in the Marketing department are third- party applications which are used daily in the department. You have received instructions from the CIO to upgrade ITCertKeys-WS625 to Microsoft Windows Vista. The CIO wants all the applications in used to be operational after the upgrade. You must comply with the CIO's request and thus need to determine whether the hardware and software on ITCertKeys-WS625 will support the upgrade and still leave all the applications operational. What should you do? A. You need to run the winnt32.exe /checkupgradeonly command. B. You need to run the mbsacli.exe command. C. You need to run the Microsoft Windows Vista Upgrade Advisor application. D. You need to compare ITCertKeys-WS625 system's hardware against the Microsoft Windows Vista Hardware Compatibility List (HCL). Answer: C Question 8. DRAG DROP You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com has a client computer named ITCertKeys-WS626. ITCertKeys-WS626 has a hard disk that has been partitioned in two equal parts of 50 Gigabytes (GB) each. Microsoft Windows XP Home has been installed in the primary partition. The second partition is yet to be formatted. You have been instructed ensure that ITCertKeys-WS626 has dual booting abilities. You need to accomplish this task with the least amount of administrative effort. What should you do? (Choose the correct options in the column on the left and place them in the correct order of execution in the work area on the right.) Answer: Explanation: The correct method would be to first format the second partition with NTFS, then boot the computer with the Windows Vista DVD and then installing Windows Vista on the second partition. This order of procedure would result in the least administrative effort since one should first install the oldest version of the Windows operating system first, then install each newer version in order because every new Windows version preserves backward compatibility for starting earlier Windows versions. Incorrect Answers: Do not change the file system on the second partition: If one does not change the file system then one will not be able to install Windows Vista on the computer. You need to either convert the file system to NTFS or format the partition with NTFS to accommodate the installation of Windows Vista. Create two partitions in the extended partition: This would be superfluous since there are already two partitions and you would not require more partitioning. First install Windows Vista on the primary partition: This will not work since you need to install the older version of the Windows operating system first and then install the newer version. First install Windows XP Home on the second partition: This is not the correct method to dual booting the computer. You should begin with installing the Windows XP Home on the primary partition first. Question 9. DRAG DROP You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. There is currently only one workstation that has been installed with Microsoft Windows Vista Business Edition. This workstation is named ITCertKeys-WS622. You have received instructions from the ITCertKeys.com manager to install Microsoft Windows Vista Business Edition on all the new workstations that has just been purchased. These new workstations must have the same build of Microsoft Windows Vista Business Edition as that deployed on ITCertKeys-WS622. You want to complete your task with the least amount of administrative effort. To this end you need to create an image of ITCertKeys-WS622 to deploy to the new workstations. Thus you take the bootable Windows PE CD that includes all the required deployment tools. What should you do next? (Choose the correct options in the column on the left and place them in the correct order of execution in the work area on the right.) Answer: Explanation: the correct plan of action would be as follows: 1. Use Sysprep to seal the master. Sysprep prepares an installed OS to be created into a deployable image by removing some computer specific information such as the workstation's Security Identifier (SID), which must be unique. 2. Boot the master with the Windows PE CD. Windows PE is a bootable OS that has many tools that can be used for creating and deploying images. Tools such as ImageX and Diskpart are run from Windows PE. 3. Use ImageX on the master to create the image file. ImageX is the Windows PE tool that is used to capture (and apply) OS images. 4. Boot the target with the Windows PE CD. 5. Use Diskpart to format the drive. Diskpart is a PE tool that is used to configure the hard drive on a PC. 6. Use ImageX to apply the image to the target. Question 10. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All the ITCertKeys.com workstations run Microsoft Windows 2000 Professional. You are responsible for the installation of operating systems on the ITCertKeys.com computers. You want to make use of the Microsoft Windows Vista DVD to perform a clean installation on the ITCertKeys.com workstations. To this end you place the DVD into the drive and start the first workstation only to find that it boots straight to Windows 2000 without starting the install of Microsoft Windows Vista. You have run checks on the BIOS of the workstations and to boot from DVD-ROM is not allowed, though you need to perform a clean install. What should you do? A. You should install new hard drives on these workstations. B. The BIOS settings of these workstations should be changed to boot from the local hard drive. C. You should update all the workstations' BIOS. D. You should use the Windows Vista floppy boot disk. Answer: C Explanation: If you attempt to boot from the DVD ROM drive and it does not work, the first place to check is the computer BIOS. Alternatively, (though not mentioned as an option to choose from) you can also start the computer with a network boot floppy disk or PXE and connect to the installation files on the DVD or over the network. Incorrect options: A: You should not install a new hard drive. Installing a new hard drive will not solve this problem because the Windows Vista setup files on the DVD still needs to be accessed to allow for this install. B: You should not change the BIOS settings to boot from the local hard drive. Changing the BIOS settings to boot from the local hard drive will only boot to the installed operating system. D: You cannot use the Windows Vista Setup floppy boot disk. Windows Vista does not come with a Setup floppy boot disk.
|
Question 1. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been assigned to the ITCertKeys.com help desk to aid all the ITCertKeys.com users who experience problems with their workstations. There are both desktop and laptop workstations in operation at ITCertKeys.com. Amy Wilson works as the Marketing manager at ITCertKeys.com. You have received instruction from the CIO to verify whether the workstation of Amy Wilson can obtain the most recent operating system updates. What should you do? A. To check whether your operating system can obtain the latest updates you need to run Microsoft Windows Vista Upgrade Advisor. B. To check you need to validate your Windows installation from the Microsoft Windows Genuine Advantage Web page. C. You have to make sure that your workstation has a Microsoft Windows Experience Index base score above 3.0. D. Windows Defender should be configured to detect updates before scanning. Answer: B Question 2. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been assigned to the ITCertKeys.com help desk to aid all the ITCertKeys.com users who experience problems with their workstations. The administrator instructs you to execute a clean installation of Microsoft Windows Vista on the first partition. Thereafter, you need to install Microsoft Windows XP Professional on the second partition of the same machine. A senior support technician informs you that he is able to log on to Windows XP Professional. However, he does not have the option to boot to Windows Vista. You need to ensure that you are able to dual boot the computer. What should you do? A. To achieve this you should edit the boot.ini file. Then you should the subsequent line: Multi(0)Disk(O)Rdisk(0)Partition(1)\Microsoft Windows B. You need to run the bootcfg.exe application with the /fastdetect option in order to dual boot computer. C. To ensure that you are able to dual boot the computer you should perform a clean installation of Windows Vista on the first partition. D. The msconfig.exe application should be run and the order of the operating systems in the boot.ini file should be changed. Answer: C Question 3. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been assigned to the ITCertKeys.com help desk to aid all the ITCertKeys.com users who experience trouble with their computers. A ITCertKeys.com employee named Andy Booth works as the accountant in the Finance department. Andy Booth uses a client computer named ITCertKeys-WS621. ITCertKeys-WS621 has the following hardware configuration: 1. 512 MB of RAM 2. 10-GB hard disk 3. 933-MHz processor 4. 64-MB video adapter. You have received instruction from the CIO to install Microsoft Windows Vista on ITCertKeys-WS621. The CIO also requests that you determine which hardware component fails to meet the minimum hardware requirements. Identify the hardware component you should choose? A. The processor will fail to meet the minimum hardware requirements. B. You should choose the hard disk since it will fail to meet the minimum hardware requirements. C. The video adapter will fail to meet the minimum hardware requirements. D. You need to choose the memory since it will fail to meet the minimum hardware requirements Answer: B Question 4. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been assigned to the ITCertKeys.com help desk to aid all the ITCertKeys.com users who experience problems with their workstations. ITCertKeys-WS622 is configured to run Microsoft Windows XP Professional. ITCertKeys-WS622 also runs 20 third-party applications. You receive a memo from management informing you of their plans to upgrade ITCertKeys-WS622 to Microsoft Windows Vista. The functionality of the existing 20 applications must be maintained after you upgrade your computer. The administrator asks you to determine whether the hardware and software on ITCertKeys-WS622 will support the upgrade. What should you do? A. You need to run the Microsoft Windows Vista Upgrade Advisor application in order to check whether the hardware and software will support the upgrade. B. To check whether the hardware and software will support the upgrade you need to run the mbsacli.exe command. C. The Microsoft Windows XP Professional system hardware needs to be compared to the Microsoft Windows Vista Hardware Compatibility List (HCL). D. To check if the hardware and software will support the upgrade you need to run the winnt32.exe /checkupgradeonly command. Answer: A Question 5. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network contains two workstations named ITCertKeys-WS620 and ITCertKeys-WS622. ITCertKeys-WS620 is configured to run Microsoft Windows XP Media Center Edition. ITCertKeys-WS622 is joined to a domain and is configured to run Microsoft Windows XP Professional. You have received instruction from the CIO to upgrade both computers to Microsoft Windows Vista. You need to accomplish this goal while keeping the existing information, functionality and applications. What actions should you perform? (Choose all that apply) A. To achieve this goal you need to upgrade ITCertKeys-WS622 to Microsoft Windows Vista Business Edition. B. This goal can be accomplished if you upgrade ITCertKeys-WS620 to Microsoft Windows Vista Business Edition. C. In order to keep the existing data, functionality and applications you should upgrade ITCertKeys-WS622 to Microsoft Windows Vista Home Premium Edition. D. In order to keep the existing data, functionality and applications ITCertKeys-WS620 should be upgraded to Microsoft Windows Vista Home Premium Edition. Answer: A, D Question 6. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The workstations on the ITCertKeys.com network are all configured to run Windows XP. You receive a memo to upgrade the workstations to Windows Vista. You make use of Windows Update Agent to download the new updates. You notice that the update files are corrupted. You receive instruction from the CIO to force Windows Update Agent to download the entire update again. What actions should you take? A. The first step should be to stop the Windows Update service and rename the C:\Program Files\WindowsUpdate folder. Thereafter you can restart the Windows Update service. B. To accomplish this you should run the wuauclt.exe /detectnow command. C. To download the entire update again you should stop the Windows Update service. You then rename the %systemroot%\SoftwareDistribution folder. Thereafter you can restart the Windows Update service. D. To download the entire update again you run the wuauclt.exe /resetauthorization /detectnow command. Answer: C Question 7. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have received instruction from the CIO to deploy Windows Vista on a computer by making use of a DVD. The DVD contains Windows Preinstallation Environment (WinPE) stored in winpe.wim, Imagex.exe. The DVD also contains a custom Windows Vista image stored in vista.wim. You need to apply the custom Windows Vista image to the computer. Identify the command you should use? A. You should make use of the imagex /append c: D:\vista.wim "Drive D" command. B. You should make use of the imagex /apply D:\vista.wim 1 C:\ command C. You should make use of the imagex /export D:\winpe.wim 1 C:\vista.wim "Image" command. D. You should make use of the imagex /apply D:\winpe.wim 1 C:\ command. Answer: B Question 8. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. Your duties include administering the ITCertKeys.com network. The client computers of ITCertKeys.com are all configured to run Microsoft Windows Vista. A ITCertKeys.com employee named Andy Reid reports that he is unable to install an application. You have received instruction from the CIO to install the application. What should you do? A. To be able to install the application you need to copy the contents of the CD-ROM to the local hard disk. Thereafter you will be able to run the application installation from the local hard disk. B. While Andy Reid is logged on you need to click Continue and install the application at the consent prompt. C. While Andy Reid is logged on at the credential prompt you have to provide him with administrative credentials. D. A .pwl file should be created that will store administrative credentials. Thereafter you can double-click the installation file. Answer: C Question 9. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been assigned to the ITCertKeys.com help desk to aid all the ITCertKeys.com users who experience problems with their workstations. The workstations of ITCertKeys.com are all configured to run Windows Vista. A ITCertKeys.com user named Andy Booth contacted the Help desk to report some problems that prevent him from carrying out his duties. He informs you that an error message is received when he attempts to start Windows. You discover that his workstation automatically downloads and installs a critical patch for the vulnerability in a system DLL file. You have received instruction from the CIO to restore the workstation of Andy Booth to a bootable state without installing the earlier update files. You need to accomplish this by using the least amount of administrative effort. How can you restore the workstation to a bootable state? A. The first step will be to execute a system restore from the Windows Vista installation DVD. B. You have to access the recovery console. Thereafter you should run fixmbr c: C. This can be accomplished by accessing the recovery console from the Windows Vista installation DVD and extracting the original system DLL file. Thereafter you can overwrite the faulty file. D. You should restart the workstation in safe mode. Thereafter you can restore the original system DLL file. Answer: A Question 10. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All the computers on the ITCertKeys.com network are configured to run Windows XP. These computers are all upgraded to Windows Vista. New updates are downloaded by making use of the Windows Update Agent. You discover that the update files are corrupted. You have received instruction from the CIO to force Windows Update Agent to download the entire update again. What should you do? A. You need to run the wuauclt.exe /resetauthorization /detectnow command. B. The wuauclt.exe /detectnow command should be run to accomplish this. C. You need to stop the Windows Update service and rename the %systemroot%\SoftwareDistribution folder. Thereafter you need to restart the Windows Update service. D. The Windows Update service should be stopped. Then you rename the C:\Program Files\WindowsUpdate folder. Thereafter you restart the Windows Update service. Answer: C
|
Question 1. ITCertKeys.com has an Active Directory forest that contains a single domain named ad. ITCertKeys.com. All domain controllers are configures as DNS servers and have Windows Server 2008 installed. The network has two Active directory-integrated zones: ITCertKeyses.com and ITCertKeysws.com. The company has instructed you to make sure that a user is able to modify records in ITCertKeyses.com while preventing the user to modify the SOA record in ITCertKeysws.com zone. What should you do to achieve this task? A. Modify the permissions of ITCertKeyses.com zone by accessing the DNS Manager Console B. Configure the user permissions on ITCertKeyses.com to include all the users and configure the user permissions on ITCertKeysws.com to allow only the administrators group to modify the records C. Modify the permission of ITCertKeysws.com zone by accessing the DNS Manager Console D. Modify the Domain Controllers organizational unit by accessing the Active Directory Users and Computers console. E. None of the above. Answer: A Explanation: To allow the user to modify records in ITCertKeyses.com and prevent him/her to modify the SOA record in ITCertKeysws.com zone, you should set the permissions of ITCertKeyses.com through DNS Manager Console. You set the permissions for the users to modify the records in ITCertKeyses.com. Since setting permission on one Active directory-integrated zone, you will be preventing the users to modify anything else on the other zones. Question 2. ITCertKeys.com has an Active Directory Domain Controller. All domain controllers nare configured as DNS servers and have Windows Server 2008 installed. Only one Active-Directory integrated DNS zone is configured on the domain. You have to make sure that outdated DNS records are removed from the DNS zone automatically. What should you do to achieve this task? A. Modify the TTL of the SOA record by accessing the zone properties B. Disable updates from the zone properties C. Execute netsh/Reset DNS command from the Command prompt D. Enable Scavenging by accessing the zone properties E. None of the above Answer: D Explanation: To remove the outdated DNS records from the DNS zone automatically, you should enable Scavenging through Zone properties. Scavenging will help you clean up old unused records in DNS. Since "clean up" really means "delete stuff" a good understanding of what you are doing and a healthy respect for "delete stuff" will keep you out of the hot grease. Because deletion is involved there are quite a few safety valves built into scavenging that take a long time to pop. When enabling scavenging, patience is required. Reference: http://www.gilham.org/Blog/Lists/Posts/Post.aspx?List=aab85845-88d2-4091-8088-a6bbce0a4304&ID=211 Question 3. ITCertKeys.com has a single Active Directory domain. You have configured all domain controllers in the network as DNS servers and they run Windows Server 2008. A domain controller named ITK1 has a standard Primary zone for ITCertKeys.com and a domain controller named ITK2 has a standard secondary zone for ITCertKeys.com. You have to make sure that the replication of the ITCertKeys.com zone is encrypted so you might not loose any zone data. What should you do to achieve this task? A. Create a stub zone and delete the secondary zone B. Convert the primary zone into an active directory zone and delete the secondary zone C. Change the interface where DNS server listens on both servers D. On the standard primary zone, configure zone transfer settings. After that modify the master servers lists on the secondary zone E. None of the above Answer: B Explanation: To make sure that the replication of the ITCertKeys.com zone is encrypted to prevent data loss. You should convert the primary zone into an active directory zone and delete the secondary zone Question 4. ITCertKeys.com has a main office and a branch office. All servers in both offices run Windows Server 2008. The offices are connected through a MAN link. ITCertKeys.com has an Active Directory domain that hosts a single domain called maks.ITCertKeys.com. There is a domain controller in the maks. ITCertKeys.com domain called ITK1. It is located in the main office. You have configured ITK1 as a DNS server for maks. ITCertKeys.com DNS zone. It is configured as a standard primary zone. You are instructed to install a new domain controller called ITK2 in the branch office. After installing the domain controller, you install DNS on ITK2. You want to ensure that the DNS service on ITK2 can update records and resolve DNS queries in the event of a MAN link failure. What should you do to achieve this objective? A. Configure the DNS on ITK1 to forward requests to ITK2 B. Add a secondary zone named raks. ITCertKeys.com on ITK2 C. Convert maks. ITCertKeys.com on ITK1 to an Active Directory-integrated zone D. Configure a new stub zone on ITK1 and set the forwarding option to ITK2 Answer: C Explanation: To make sure that the DNS service on ITK2 can update records and resolve DNS queries in the event of a MAN link failure, you should convert maks. ITCertKeys.com on ITK1 to an Active Directory-integrated zone. Active Directory-integrated DNS, offers two pluses over traditional zones. For one, the fault tolerance built into Active Directory eliminates the need for primary and secondary nameservers. Effectively, all nameservers using Active Directory-integrated zones are primary nameservers. This has a huge advantage for the use of dynamic DNS as well: namely, the wide availability of nameservers that can accept registrations. Recall that domain controllers and workstations register their locations and availability to the DNS zone using dynamic DNS. In a traditional DNS setup, only one type of nameserver can accept these registrations-the primary server, because it has the only read/write copy of a zone. By creating an Active Directory-integrated zone, all Windows Server 2008 nameservers that store their zone data in Active Directory can accept a dynamic registration, and the change will be propagated using Active Directory multimaster replication. Reference: http://safari.adobepress.com/9780596514112/active_directory-integrated_zones Question 5. ITCertKeys.com has a DNS server with 10 Active Directory Integrated Zones. For auditing purposes, you have to provide copies of the zone files of the DNS server to the security audit group. What should you do to achieve this task? A. Execute ntdsutil > Partition Management > Display commands B. execute ipconfig/registerdns command C. execute the dnscmd/ZoneExport command D. Execute dnscmd/Zoneoutput command Answer: C Question 6. ITCertKeys.com has a domain controller named EDC11 that runs Windows Server 2008. It is configured as a DNS server for ITCertKeys.com. You install the DNS server role on a member server named S1 and after this; you create a standard secondary zone for ITCertKeys.com. You configured EDC11 as the master server for the zone. What should you do to make sure that S1 receives zone updates from EDC11? A. On Server1, add a conditional forwarder. B. On DC1, modify the zone transfer settings for the contoso.com zone. C. Add the Server1 computer account to the DNSUpdateProxy group. D. On DC1, modify the permissions of contoso.com zone. Answer: B Question 7. ITCertKeys.com has a network consisting of an Active Directory forest named ebd.com. All servers have Windows Server 2008. All domain controllers are configured as DNS servers. The ebd.com DNS zone is stored in ForestDnsZones Active directory partition. A member server contains a standard primary DNS zone for eb.ebd.com. You need to make sure that all domain controllers can resolve names for eb.ebd.com. What should you do to achieve this task? A. Create a delegation in the ebd.com zone B. Change the properties of SOA record in the eb.ebd.com zone C. Add NS record in the ebd.com zone D. Create a secondary zone on a Global catalog server Answer: A Question 8. ITCertKeys.com has a main office and single branch office in another state. With a single Active-Directory domain forest, ITCertKeys.com has two domain controllers named ITK1 and ITK2 . Both of the domain controllers run Windows Server 2008. The branch office has a Read-only domain controller (RODC) named ITK3. While all domain controllers have DNS server role installed, they are configured as Active-Directory-integrated zones. All DNS zones are configured to allow secure updates only. You want to enable dynamic DNS updates on ITK3. What should you do to achieve this task? A. On DC1, create an active partition and configure the partition to store Active Directory- integrated zones B. Un-install the Active Directory Domain services on ITK3 and reinstall it as a writeable domain controller C. Reconfigure RODC on ITK3 to allow dynamic updates D. Execute dnscmd/ZoneResetType command on ITK3 Answer: B Explanation: To enable the dynamic DNS updates on ITK3, you should uninstall the Active Directory Domain services on ITK3 and reinstall it as a writeable domain controller. A writeable domain controller performs originating updates and outbound replication. Reference: http://msdn.microsoft.com/en-us/library/cc207937.aspx Question 9. ITCertKeys.com has a huge network that consists of an Active Directory Forest containing a single domain. Windows Server 2008 is installed on all domain controllers. They are configured as DNS servers. ITCertKeys.com has an active directory-integrated zone with two Active Directory sites. Each site contains five domain controllers. You added a new NS record to the zone. You have to make sure that all domain controllers immediately receive the new NS record. What should you do to achieve this task? A. Execute repadmin/syncall from the command prompt B. Reload the zone from the DNS Manager console C. Create an SOA record from the DNS Manager console D. Shutdown and then, restart the DNS server service from services snap-in Answer: A Explanation: Question 10 ITCertKeys.com has an Active Directory domain named comm. ITCertKeys.com. The domain contains two domain controllers named ITK1 and ITK2 . Both have the DNS server role installed. You install a new DNS server named ns. ITCertKeys.com on the perimeter network. You configure ITK1 to forward all unresolved name requests to ns. ITCertKeys.com. But you discover that the DNS forward option is unavailable on ITK2. You have to configure DNS forwarding on ITK2 server to forward unresolved name requests to ns. ITCertKeys.com server. Which of the following two actions should you perform to achieve this task? A. Clean the DNS cache on ITK2 B. configure conditional forwarding on ITK2 C. Delete the Root zone on ITK2 D. Add zone forwarding on ITK2 Answer: B, C
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.