|
There is only fifty-five questions, and only one where you have to program the router.
|
Question 1. You accidentally initiated an abort sequence. As a consequence, your SPARC-based SYSTEM WENT INTO THE prom MODE. Which two actions disable the default keyboard abort sequence? (Choose two) A. detach serial console device B. run the kbd -a disable command C. run the eeprom command to disable KEYBOARD_ABORT D. in PROM mode, change the value of keyboard to disable E. edit / etc/default/kbd to change the value of the variable KEYBOARD_ABORT to disable Answer: B, E Question 2. Your x86-based system with Solaris 10 OS installed on it is not booting correctly. You think the problem might be that a BIOS setting is not correctly configured. What should you do to abort the boot process and reboot into the BIOS configuration menu? A. While holding down the reset button, you power cycle the system. B. You press the middle mouse button, When the screen times out, you enter the BIOS configuration menu and examine the BIOS settings. C. You press the stop-A keys then typ reset-all. You reboot directly into the BIOS configuration menu and examine the BIOS settings. D. You press the Ctrl-Alt-Del keys and reboot the system, or press the reset button. When the screen tells indicates the key to enter the BIOS, you press it and examine your BIOS settings. Answer: D Question 3. Given: ap: : sysinit:/sbin/sutopush -f/etc/iu.ap sp: : sysinit:/sbin/soconfig -f /etc/sock2path smf: :sysinit:/lib/svc/bin/svc.startd >/dev/msglog 2<>/dev/msglog /dev/msglog 2<>/dev/msglog Which two statements are true? (choose two) A. This file must be read by the process inetd. B. When booting this system, svc.startd will start. C. This is a part of the content of the /etc/inittab file D. This system starts/lib/svc/bin/svc.startd for run level 1. E. When this system gets the powerfail signal, svc.startd will be respawned. Answer: B, C Question 4. There is a problem on a SPARC-based system that has several permanent, customized device aliases . The system's use of these aliases needs to be temporarily disabled, so that when the problem is cleared, they can be enabled without having to redefine them. Which sequence of OBP commands temporarily disables the customized device aliases defined on the system? A. use-nvramrc=false reset B. use-nvramrc?=false reset C. setenv use-nvramrc? false reset D. setenv use-nvramrc? = false reset Answer: C Question 5. An x86-based laptop has just had Solaris 10 OS installed. The graphics configuration has NOT been automatically detected and it is running without graphics. Which program can you run to create an Xsun configuration file? A. /user/X11/bin/Xserver B. /user/dt/bin/xsession C. /usr/x11/binxorgconfig D. /usr/openwin/bin/kdmconfig E. /usr/x11/bin/xorg -configure Answer: D Question 6. The SPARC-based workstation system in your accounts department need their PROMs upgraded. Some of the systems fail to upgrade. What is the cause? A. The patch is corrupt. B. The systems do not have enough memory C. The write protect jumper has not been set correctly. D. The system is running an earlier version of Solaris OS. Answer: C Question 7. A SPARC-based system does not boot and displays the message: "Timeout waiting for ARP/RARP packet" Which three actions should you take to check the boot environment of the system? (Choose three) A. check if the frame buffer is working properly B. check if the NVRAM alias net is set properly C. check if the NVRAM alias boot-file is set properly D. check if the PROM variable boot-device is set properly E. check if the PROM variable local-mac-address? Answer: B, D, E Question 8. You receive a complaint from a user who is unable to use the SSH service to access the user's lab system. You use a serial line to get in and check the SSH service. The svcs output is shown in the exhibit. What has caused the disruption of the SSH service? A. The service is disabled. B. The contract_id is missing C. There is no "next state" defined D. One of the dependencies has NOT been met. Answer: D As you can see /network/physical is disabled One of dependencies has not been meet therefore ssh not running So right answer is D Question 9. A SPARC-based system, but you are not sure of the physical path information; Which OBP command shows you this information/ A. printenv B. probe-all C. show-devs D. prtdiag -v E. probe-scsi-all Answer: C Question 10. As system administrator, you are asked to shut down the Apache HTTPD service that is running on a development server. You run the svcs grep apache command, and receive this output. Legacy_run Feb_02 1RC:/ETC/RC3_D/S50APACHE Based on this output, which two statements are tru? A. This service is managed by LRC. B. This service is NOT managed by SMF C. Any legacy_run state can NOT be manually shut down. D. In order to shut down this service, you need to execute the shutdown script in the /tc/init.d directory E. In order to shut down this service, you need to execute the following shutdown script svcadm – v disable /etc/init.d/s50apache Answer: B, D
|
Question 1. Cookies can be used to: A. spread viruses on a network. B. send personal information back to the Web server. C. execute programs on a Web server. D. target users for marketing. Answer: D Question 2. Where do SVG files render? A. On the client side B. In the XML markup C. On the server side D. In the Flash plug-in Answer: A Question 3. Consider the following code:What kind of code is shown in the preceding example? A. XML B. activescript C. VBScript D. HTML Answer: A Question 4. You have been asked to insert an image named kayak.jpg in a Web page. Which of the following code examples will validate as XHTML 1.0 Transitional? A. B. C. D. Answer: D Question 5. The best way to thwart a dictionary attack is by enforcing a: A. restricted access policy. B. proxy server policy. C. firewall configuration policy. D. strong password policy. Answer: D Question 6. SVG files can be defined as: A. a proprietary plug-in for displaying Flash files. B. a bitmap photo format. C. a cross-platform image-rendering plug-in. D. a way to describe two-dimensional graphics in XML. Answer: D Question 7. Which of the following plug-ins would be used to view paper-based documents that cannot be easily re-created using XHTML? A. Scalable Vector Graphics (SVG) B. Portable Document Format (PDF) C. Microsoft Fax Viewer D. Word processor applications Answer: B Question 8. You are using a style sheet. Which of the following examples of code are best suited for cross-platform design? A. font-family: Helvetica, Arial, sans-serif; B. font-family: bold, italics; C. font-family=monotype, courier D. font-family: Impact, Verdana, Geneva; Answer: A Question 9. SVG files can be defined as: A. a way to describe two-dimensional graphics in XML. B. a cross-platform image-rendering plug-in. C. a bitmap photo format. D. a proprietary plug-in for displaying Flash files. Answer: A Question 10. Which of the following is one of the advantages that SWF (Flash) files bring to Web-based environments? A. SWF files can stream images, so files can be uploaded quickly. B. SWF files use layers, so animation is linear and parallel. C. SWF files use vector images, so files can be easily modified. D. SWF files are compressed, so files download quickly. Answer: D 1942 Casablanca Michael Curtiz
|
Question 1. The goals for effective usability in an e-commerce site are to get customers to: A. find, compare and revisit. B. visit, learn and return. C. find, learn and review. D. visit, learn and purchase. Answer: D Question 2. Which of the following is the most effective way to build community with your online storefront? A. Provide a quantity discount. B. Generate an automatic order confirmation. C. Create an incentive-based program. D. Accept several different payment options. Answer: C Question 3. Which of the following is often used in place of photo identification and a signature whenever a credit card is used in an e-commerce transaction? A. Billing address verification B. Cookies deposited by the site's shopping cart C. The purchaser's public key D. Information verified by a Public Key Infrastructure (PKI) company Answer: A Question 4. The details of an e-commerce site order can be kept in memory, stored on the visitor's computer or stored on the Web server. This ability to remember the details of an order is known as: A. persisting an order. B. profiling an order. C. tracking an order. D. filling the shopping cart. Answer: A Question 5. You are transitioning from a traditional "brick-and-mortar storefront that accepts credit cards to a new e-commerce storefront. Which payment method would be most appropriate during the transition? A. Cash on delivery (c.o.d.) B. Credit card with offline processing C. Advance payment using check or money order D. Open Buying on the Internet (OBI) Answer: B Question 6. Which of the following site creation models would be most appropriate for a site needing easy administration and implementation as well as minimal business owner control? A. Online instant storefront B. Mid-level offline instant storefront C. Mid-level online instant storefront D. High-level offline instant storefront Answer: A Question 7. Before you can conduct usability testing, you should: A. identify the most-traveled path of your site. B. publish your site to a production server. C. identify browser compatibility issues. D. identify your potential customers. Answer: D Question 8. You are planning to install a database server in a mission-critical environment. What is the best way to ensure continuous data availability and reliability? A. Install a multiprocessor server. B. Establish a strict security policy. C. Provide fail-over clustering. D. Install multiple hot-swappable hard disk drives. Answer: C Question 9. A customer has placed an online order. The order has been written to a database for processing and the customer's credit card has been charged. What is the last interaction with the customer during the order process? A. Redirect the customer to the home page. B. Send a confirmation e-mail message to the customer. C. Update the customer profile. D. Send a shipping notification via e-mail to the customer. Answer: B Question 10. Which of the following is the most effective option for detecting a site attack by someone who wants to modify your customer database? A. Using antivirus software B. Implementing a firewall C. Limiting the open ports on the system D. Using an intrusion detection system Answer: D
|
Question 1. Your company has a single Active Directory forest that has an Active Directory domain named na.contoso.com. A server named Server1 runs the DNS server role. You notice stale resource records in the na.contoso.com zone. You have enabled DNS scavenging on Server1. Three weeks later, you notice that the stale resource records remain in na.contoso.com. You need to ensure that the stale resource records are removed from na.contoso.com. What should you do? A. Stop and restart the DNS service on Server1. B. Enable DNS scavenging on the na.contoso.com zone. C. Run the dnscmd Server1 /AgeAllRecords command on Server1. D. Run the dnscmd Server1 /StartScavenging command on Server1. Answer: D Question 2. Your company has an Active Directory domain named ad.contoso.com. The company also has a public namespace named contoso.com. You need to ensure that public DNS zone records cannot be copied. You must achieve this goal without impacting the functionality of public DNS name resolutions. What should you do? A. Disable the Notify feature for the contoso.com zone. B. Disable the Allow - Read permission for the Everyone group on the contoso.com DNS domain. C. Configure the All domain controllers in the domain zone replication option on ad.contoso.com. D. Configure the Allow zone transfers only to servers listed on the Name Servers option on contoso.com. Answer: D Question 3. Your company has a main office and a branch office. The main office has a domain controller named DC1 that hosts a DNS primary zone. The branch office has a DNS server named SRV1 that hosts a DNS secondary zone. All client computers are configured to use their local server for DNS resolution. You change the IP address of an existing server named SRV2 in the main office. You need to ensure that SRV1 reflects the change immediately. What should you do? A. Restart the DNS Server service on DC1. B. Run the dnscmd command by using the /zonerefresh option on DC1. C. Run the dnscmd command by using the /zonerefresh option on SRV1. D. Set the refresh interval to 10 minutes on the Start Of Authority (SOA) record. Answer: C Question 4. Your company has a single Active Directory domain. The company has a main office and a branch office. Both the offices have domain controllers that run Active Directory-integrated DNS zones. All client computers are configured to use the local domain controllers for DNS resolution. The domain controllers at the branch office location are configured as Read-Only Domain Controllers (RODC). You change the IP address of an existing server named SRV2 in the main office. You need the branch office DNS servers to reflect the change immediately. What should you do? A. Run the dnscmd /ZoneUpdateFromDs command on the branch office servers. B. Run the dnscmd /ZoneUpdateFromDs command on a domain controller in the main office. C. Change the domain controllers at the branch offices from RODCs to standard domain controllers. D. Decrease the Minimum (default) TTL option to 15 minutes on the Start of Authority (SOA) record for the zone. Answer: A Question 5. Your company has a server named Server1 that runs Windows Server 2008. Server1 runs the DHCP Server role and the DNS Server role. You also have a server named ServerCore that runs a Server Core installation of Windows Server 2008. All computers are configured to use only Server1 for DNS resolution. The IP address of Server1 is 192.168.0.1. The network interface on all the computers is named LAN. Server1 is temporarily offline. A new DNS server named Server2 has been configured to use the IP address 192.168.0.254. You need to configure ServerCore to use Server2 as the preferred DNS server and Server1 as the alternate DNS server. What should you do? A. Run the netsh interface ipv4 add dnsserver "LAN" static 192.168.0.254 index=1 command. B. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 192.168.0.1 both command. C. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 primary command and the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.1 both command. D. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 primary command and the netsh interface ipv4 add dnsserver "LAN" static 192.168.0.1 index=1 command. Answer: A Question 6. Your company has a domain controller named Server1 that runs Windows Server 2008 and the DNS server role. A server named Server2 runs a custom application. You need to configure DNS to include the following parameters for the custom application: Service Priority Weight Protocol Port number Host offering this service Which record should you create? A. Host Info (HINFO) B. Service Locator (SRV) C. Canonical Name (CNAME) D. Well-Known Service (WKS) Answer: B Question 7. Your company has a main office and two branch offices. Domain controllers in the main office host an Active Directory-integrated zone. The DNS servers in the branch offices host a secondary zone for the domain and use the main office DNS servers as the DNS Master servers for the zone. Each branch office has an application server. Users access the application server by using its fully qualified domain name. You need to ensure that users in the branch offices can access their local application server even if the WAN links are down for three days. What should you do? A. Increase the Expires After setting to 4 days on the Start of Authority (SOA) record for the zone. B. Increase the Refresh Interval setting to 4 days on the Start of Authority (SOA) record for the zone. C. Configure the Zone Aging / Scavenging Properties dialog box to enable Scavenge Stale resource records, and set the Refresh setting to 4 days. D. Configure the Zone Aging / Scavenging Properties dialog box to enable Scavenge Stale resource records, and set the No-refresh interval setting to 4 days. Answer: B Question 8. Your company has a single Active Directory forest that has a domain in North America named na.contoso.com and a domain in South America named sa.contoso.com. The client computers run Windows Vista. You need to configure the client computers in the North America office to improve the name resolution response time for resources in the South America office. What should you do? A. Configure a new GPO that disables the Local-Link Multicast Name Resolution feature. Apply the policy to all the client computers in the North America office. B. Configure a new GPO that enables the Local-Link Multicast Name Resolution feature. Apply the policy to all the client computers in the North America office. C. Configure a new GPO that configures the DNS Suffix Search List option to sa.contoso.com, na.contoso.com. Apply the policy to all the client computers in the North America office. D. Configure the priority value for the SRV records on each of the North America domain controllers to 5. Answer: C Question 9. Your company has multiple DNS servers in the main office. You plan to install DNS on a member server in a branch office. You need to ensure that the DNS server in the branch office is able to query any DNS server in the main office, and you need to limit the number of DNS records that are transferred to the DNS server in the branch office. What should you do? A. Configure a secondary zone on the DNS server in the branch office. B. Configure a stub zone on the DNS server in the branch office. C. Configure a stub zone on the DNS server in the main office. D. Configure a primary zone on the DNS server in the branch office. Answer: B Question 10. Your company has a DNS server named Server1. Your partner company has a DNS server named Server2. You create a stub zone on Server1. The master for the stub zone is Server2. Server2 fails. You discover that users are not able to resolve names for the partner company. You need to ensure that users are able to resolve names for the partner company in the event that Server2 fails. What should you do? A. Change the stub zone to a secondary zone on Server1. B. Open the SOA record for the zone on Server2. Change the Minimum (default) TTL setting to 12 hours. C. Open the DNS zone for the partner company on Server2. Create a new Route Through (RT) record and a new host (A) record for Server1. D. Open the primary DNS zone on Server2. Create a new Service Locator (SRV) record and a new host (A) record for Server1. Answer: B
|
Question 1. DRAG DROP You work as a network technician at ITCertKeys.com. Your boss, Mrs. ITCertKeys, in Cisco client security software applications. Match the applications with the descriptions. Answer: Question 2. Which two statements about Layer 3 access designs are correct? (Choose two.) A. Broadcast and fault domains are increased B. Limits on clustering and NIC teaming are removed C. Convergence time is fractionally slower than STP D. IP Address space is difficult to manage E. Fast uplink convergence is supported for failover and fallback Answer: D, E Question 3. Which two of these key fields are used to identify a flow in a traditional NetFlow implementation? (Choose two.) A. Destination IP Address B. Output Interface C. Source MAC address D. Next-hop IP Address E. Source Port F. Next-hop MAC Address Answer: A, E Question 4. Which of these is true of IP addressing with regard to VPN termination? A. Termination devices need routable addresses inside the VPN B. Designs should not include overlapping address spaces between sites, since NAT is not supported C. IGP routing protocols will update their routing tables over an IPSec VPN D. Addressing designs need to allow for summarization Answer: D Question 5. When is a first-hop redundancy protocol needed in the distribution layer? A. When preempt tuning of the default gateway is needed B. When the design implements Layer 2 between the access switch and the distribution switch C. When HSRP is not supported by the design D. When a robust method of backing up the default gateway is needed E. When multiple vendor devices need to be supported F. When the design implements Layer 3 between the access switch and the distribution switch Answer: F Question 6. Which of these practices should you follow when designing a Layer 3 routing protocol? A. Never peer on transit links B. Build squares for deterministic convergence C. Build inverted U designs for deterministic convergence D. Summarize routes at the distribution to the core to limit EIGRP queries or OSPF LSA propagation Answer: D Question 7. Which two statements correctly identify considerations to take into account when deciding on Campus QoS Design elements? (Choose two.) A. Call signaling must have guaranteed bandwidth service B. Strict-priority queuing should be limited to 50% of the capacity of the link C. At least 23 percent of the link bandwidth should be reserved for default best-effort class D. Voice needs to be assigned to the hardware priority queue E. Voice needs to be assigned to the software priority queue Answer: A, D Question 8. Which statement about IDS/IPS design is correct? A. An IPS should be deployed if the security policy does not support the denial of traffic B. Bandwidth considerations must be taken into account since IDS is deployed inline to traffic flow C. An IDS analyze a copy of the monitored traffic and not the actual forwarded packet D. Traffic impact considerations are increased when deploying an IDS over an IPS sensor Answer: C Question 9. In which two locations in an enterprise network can an IPS sensor be placed? (Choose two.) A. Between two layer devices without trunking B. Between two Layer 2 devices with trunking C. Between a Layer 2 device and a Layer 3 device with trunking D. Bridging two VLANs on one switch E. Bridging VLANs on two switches Answer: A, B Question 10. DRAG DROP You work as a network technician at ITCertKeys.com. Your boss, Mrs. ITCertKeys, in Cisco NAC appliance components. Match the applications with the appropriate descriptions. Answer: Explanation: Network admission control (NAC) is a collection of technologies that can be used to enhance network security services. Specifically, NAC can perform posture validation, which ensures that only permitted devices can communicate on the network. NAC appliance has Manager, servers and client like: 1. NAC Manager 2. NAC Server 3. NAC Profile Server 4. NAC Guest Server 5. NAC Client Agent 1. Cisco NAC Appliance Manager (Cisco NAM): Acts as a NAC Appliance administration server for defining policies 2. Cisco NAC Appliance Server (Cisco NAS): Acts as a policy enforcement server between the trusted and untrusted networks 3. Cisco NAC Appliance Agent (Cisco NAA): Acts as an optional agent for Windows-based clients 4. NAC Appliance Policy Updates: Checks the status of updates applied to operating systems, antivirus signatures, and other client software
|
Question 1. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains an application server named ITCertKeys -SR23. ITCertKeys -SR23 runs an in-house application which is critical to the company's business process. ITCertKeys -SR23 contains a single physical drive that is divided into two partitions with the drive letter C and D. Both partitions are formatted as FAT32. The in-house application is installed on drive D. During monitoring you notice that the drive D is low on free disk space. You need to create extra space for the in-house application. To maintain the functionality of the in-house application, it cannot be moved. You to add another physical disk drive to ITCertKeys -SR23. You need the disk space on the new disk drive to be available as storage space for the in-house application. What should you do? (Select all that apply) A. This can be accomplished by initializing the new disk as a basic disk on ITCertKeys -SR23. B. Your best option would be to convert drive D to NTFS on ITCertKeys -SR23. C. Your best option would be to format the new disk with NTFS on ITCertKeys -SR23. D. You should consider converting the disk that hosts drive D to a dynamic disk. E. On ITCertKeys -SR23 you need to extend drive D to encompass unallocated space on the new disk. Answer: B, D, E Explanation: In this case you must host drive D to a dynamic disk and convert drive D to NTFS. If drive D contains unallocated space, you can extend drive D to include the unallocated space. Drive D can also be extended to use the unallocated space in the new disk. Incorrect answers: A: There is no need to initialize the new disk as a basic disk. You can initialize the new disk directly to dynamic disk. C: To add the space on the new disk to drive D, you can create a spanned or a simple volume. To do this both of the disks must be dynamic disks and drive D should be formatted as NTFS. Only unformatted volumes or volumes that are formatted with NTFS can be extended. Question 2. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR12 that contains confidential data. ITCertKeys -SR12 contains of a hard disk system that consists of a software-based RAID-5 volume. A ITCertKeys.com user named Mia Hamm works in the administrative office. Mia Hamm needs to access data on ITCertKeys -SR12 regularly. One day Mia Hamm complains that ITCertKeys -SR12 response is much slower that before. During your investigation you discover that one of the hard disks in the RAID-5 volume on ITCertKeys -SR12 has failed. You need to improve the performance of ITCertKeys -SR12. What should you do? A. Your first option is to replace the failed disk on ITCertKeys -SR12. Then you can initialize the new disk in Disk Management. Your next step is to convert it into a dynamic disk. The last step would be to repair the volume. B. You should break the RAID-5 volume and remove the failed disk in the Disk Management on ITCertKeys -SR12. The next stepwould be to replace the failed disk and rebuild the RAID-5 volume. C. Your first step should be to replace the failed disk on ITCertKeys -SR12. Thereafter you need to convert the new disk to a dynamic disk in Disk Management. The last step would be toformat the disk making use of NTFS. D. You best option is to replace the failed disk on ITCertKeys -SR12. Thereafter you can reboot the computer. Answer: A Explanation: In this case you must replace the failed disk. Initializing the disk means to write a master boot record and a disk signature. The disk should be converted into dynamic volumes. Only dynamic volumes can work in RAID-5. You should then right click the region of the failed RAID-5 volume and select Repair Volume. Incorrect answers: B: This option is incorrect. You are unable to break RAID-5 volume. Only a RAID-1 or mirrored volume can be broken. C: This option is incorrect. You are unable to format a disk. Only volumes can be formatted. D: This will not work. Only unallocated space on a dynamic disk can be used to repair a RAID-5 volume with failed redundancy. Question 3. You work as the network administrator at ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a SQL Server 2000 named ITCertKeys -DB20. All of the hard disks of ITCertKeys -DB20 are dynamic disks. ITCertKeys -DB20 hosts a database named ITKCustomersDB that is located on a RAID-5 volume. The transaction logs for ITKCustomersDB are hosted on a separate mirrored volume. ITCertKeys.com users access ITKCustomersDB through an in-house client application. One day ITCertKeys -DB20 suffers a hardware failure that does not affect the hard disk subsystems. You receive instruction to move the hard disk subsystem from ITCertKeys -DB20 to a new SQL Server 2000 computer named ITCertKeys -DB21. You move the disks that host the RAID-5 volume with ITKCustomersDB and the disks that host the mirrored transaction logs to ITCertKeys -SR21. You want the users to access ITKCustomersDB without making changes to the in-house client application. What should you do? A. To ensure that the users are able to access ITKCustomersDB you need to reactivate the hard disks in Disk Management. B. The hard disks in Disk Management on ITCertKeys -DB21 should be repaired to ensure that the users are able to access ITKCustomersDB without making changes to the in-house client application. C. You should consider importing the foreign disks in Disk Management on ITCertKeys -DB21 in order to ensure that the users are able to access ITKCustomersDB without making changes to the in-house client application. D. This can be accomplished by initializing the hard disks in Disk Management to ensure that the users are able to access ITKCustomersDB without making changes to the in-house client application. Answer: C Explanation: Moving the hard disks to a new computer will mark them as foreign disks. The volumes on the disks will not be accessible. To make it accessible you should import the foreign disks. Incorrect answers: A: You would have reactivated the disks if the disks become unavailable due to a hardware problem or if the data was corrupted. In this case it is not necessary. B: Disks cannot be repaired. You are able to repair RAID-5 volumes. D: Only new disks need to be initialized before they can be used. These disks were moved to the server and must be imported. Question 4. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a server named ITCertKeys -SR18. ITCertKeys -SR18 has a single 120 GB hard disk drive named Disk0. Disk0 has been initialized as a basic disk and has been formatted with NTFS. The hard disk is partitioned into four logical partitions as shown in the following table: Drive Contents Size Free Space C System Volume 8 GB 4 GB D Application Data 40 GB 1 GB E User Data 40 GB 12 GB F None 32 GB 32 GB Drive D is becoming full. You need to increase the disk space for the applications data. However, the application on Drive D cannot be reconfigured to use free space from another volume. What should you do? A. You should consider extending Drive D: to encompass the disk space of Drive F. B. This can be accomplished by mounting Drive F: in an empty folder on Drive D. C. To ensure sufficient disk space you have to extend Drive F: to encompass Drive D. D. Your fist option would be to delete Drive F. Thereafter you will be able to extend Drive D. Answer: B Explanation: Any NTFS volume can be mapped to an empty folder on another NTFS volume. Incorrect Answers: A, C, D: Basic volumes cannot be extended. Question 5. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a Windows Server 2003 file server named ITCertKeys -SR11. During monitoring you notice that the free space on ITCertKeys -SR11 is very low. You decide to install a new 25 GB disk named disk1 on ITCertKeys -SR11. You want to convert disk1 to five logical drives of equal size. You want to be able to increase the size of the logical drives in the future without affecting the data that may already be stored on it. What should you do? A. Create five NTFS primary partitions on disk1. B. Create five NTFS extended partitions on disk1. C. Convert disk1 from basic to dynamic and create one NTFS primary partition on it. D. Convert disk1 from basic to dynamic and create five simple volumes on it. Answer: D Explanation: If you convert from basic to dynamic, they can be extended. Creating five simple volumes on disk1 will allows you to extend each volume using the unallocated space on disk1. Incorrect answers: A, B: Basic disks can support up to four partitions, which consists of three primary partitions and one extended partition. You cannot create more than one extended partition on a basic disk. C: You need to create five partitions of equal size, not one. Question 6. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR12. ITCertKeys -SR12 contains a single physical drive named Drive C on which the operating system is installed, and another drive named Drive D that contains a shared folder named UserData. The UserData folder is used to store ITCertKeys.com user data that is accessed by numerous in-house applications. Both drives are FAT32 drives. Both Drive C and Drive D are low on free disk space. You need to create extra disk space for the UserData folder. You cannot delete or backup the user data on ITCertKeys -SR12 because all data is currently required by the in-house applications. What should you do? A. Install an additional disk drive on ITCertKeys -SR12. Initialize the new disk drive as a basic disk. Extend Drive D to include unallocated space on the new disk drive. B. Install an additional disk drive on ITCertKeys -SR12. Convert Drive D to NTFS. Convert Drive D to a dynamic disk. Extend drive D to include unallocated space on the new disk drive. C. Install an additional disk drive on ITCertKeys -SR12. Format the new disk drive with FAT32. Extend Drive D to include unallocated space on the new disk drive. D. Install an additional disk drive on ITCertKeys -SR12. Convert Drive D to NTFS. Mount the new disk dive in the UserData folder on Drive D. Answer: B Explanation: In this case you must host drive D to a dynamic disk and convert drive D to NTFS. If drive D contains unallocated space, you can extend drive D to include the unallocated space. Drive D can also be extended to use the unallocated space in the new disk. Incorrect answers: A: There is no need to initialize the new disk as a basic disk. You can initialize the new disk directly to dynamic disk. C: To add the space on the new disk to drive D, you can create a spanned or a simple volume. To do this both of the disks should be must be dynamic disks and drive D should be formatted as NTFS. Only unformatted volumes or volumes that are formatted with NTFS can be extended. D: You can only mount a drive in an empty folder. UserData is not empty so you cannot mount the new drive in that folder. Question 7. DRAG DROP You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network contains 20 servers and 1,200 client computers. All servers on the ITCertKeys.com network run Windows Server 2003, some client computers run a mixture of different Windows operating systems, and the rest run MS-DOS. You install four new servers named ITCertKeys -SR21, ITCertKeys -SR22, ITCertKeys -SR23, and ITCertKeys -SR24 on the ITCertKeys.com network. ITCertKeys -SR21 contains a single volume that will store data that needs to be accessed by all the Windows based client computers. ITCertKeys -SR22 contains a single volume that will store data that needs to be accessed by MS-DOS client computers. No data on ITCertKeys -SR23 and ITCertKeys -SR24 will be accessed by any client computers. You intend to configure ITCertKeys -SR23 with a single partition that will span multiple disks and ITCertKeys -SR24 with two physical disks that will contains two partitions. You need to initialize the disk subsystems on the four servers to meet these requirements. What should you do? To answer, drag the disk configuration to the appropriate location in the Work Area. Answer: Explanation: A basic disk is a physical disk with primary and extended partitions. Prior to Windows 2000, Microsoft did not call disks basic because that was the only type of disk available. There were no dynamic disks. As long as you use the File Allocation Table (FAT or FAT32) file system, Windows XP Professional and Home editions, Windows 2000, Windows NT, Windows 9x, and the MS-DOS operating systems can access basic disks. The disks on ITCertKeys -SR21 and ITCertKeys -SR22 can be configured as basic. Because basic disk can support up to four partitions, the two disks of ITCertKeys -SR24 can also be configured as basic disks. Dynamic disks support five types of volumes: simple, spanned, mirrored, striped, and RAID-5. You can extend a volume on a dynamic disk. Dynamic disks can contain a virtually unlimited number of volumes, so you are not restricted to four volumes per disk as you are with basic disks. Regardless of the type of file system, only computers running Windows XP Professional, Windows 2000 Professional or Server, or Windows Server 2003 can directly access dynamic volumes on hard disks that are physically connected to the computer. For this reason only the disk on ITCertKeys -SR23 and ITCertKeys -SR24 can be configured as dynamic disks. Question 8. You work as a network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR34 that has two physical hard disk dives named disk0 and disk1. Disk1 contains a shared folder named ITK_Data that is used to store user data. A severe thunder storm causes a blackout disrupting all power to the ITCertKeys.com network. Fortunately, all ITCertKeys.com servers are protected by an Uninterruptible Power Supply (UPS) and you are able to perform a graceful shutdown of all ITCertKeys.com servers. When power is restored, you bring the network back online. However, several ITCertKeys.com users report that they are unable to connect to the ITK_Data folder on ITCertKeys -SR34. You log on to ITCertKeys -34 and discover that you cannot locate the ITK_Data folder in Windows Explorer. You open Disk Management on ITCertKeys -SR34 and see the display shown in the Disk Management exhibit. Disk Management Exhibit: You need to ensure that ITCertKeys.com users can access the files in the ITK_Data folder. What should you do? A. Select disk1 on ITCertKeys -SR34 and convert the disk to a dynamic disk. B. Select disk1 on ITCertKeys -SR34 and regenerate the disk. C. Select disk1 on ITCertKeys -SR34 and reactivate the disk D. Rescan the disks on ITCertKeys -SR34. Answer: C Explanation: On any offline disk all that is required is to have the disk reactivated to gain access to the data on the disk. Incorrect answers: A: Converting the disk to a dynamic disk would not solve the problem of data that is unavailable. B: On a failed disk there is no option to regenerate. D: Rescanning disks scans all attached disks for disk configuration changes and since there was no reconfiguration of any of the disks. Question 9. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network contains six database servers named ITCertKeys -DB01 through ITCertKeys -DB06 that each run a database application named DataApp1. The ITCertKeys.com written policy requires that when a new user is added to DataApp1, they must be added to the server that has the most available disk space. ITCertKeys.com hires ten new employees. The new employees will require access to DataApp1. You need to add these users to DataApp1. What should you do to ensure that you meet the written policy requirements when you add the new users to DataApp1? A. Review the application logs on each of the six database servers by using Event Viewer. B. Record the PhysicalDisk object on all six database servers by using Performance Logs and Alerts. C. Review the performance data on each of the six database servers by using Task Manager. D. Generate a histogram view of the LogicalDisk object on all six database servers by using System Monitor. Answer: D Explanation: System Monitor shows real-time performance data based on Object counters, and can display the log data recorded by Performance Logs And Alerts either in the form of Counter (interval polling) logs, or Trace (event-driven) logs. Logs written by Performance Logs And Alerts can be loaded into System Monitor for analysis. The System Monitor is designed for real-time reporting of data to a console interface, and can be reported in graph, histogram, or numeric form. This should aid you in ensuring that you meet the stated requirements. Incorrect answers: A: The Application log contains data written to it by software programs, it records events that are generated by application programs and network application services. Using Event Viewer to review application logs would thus not ensure that you add a new user to the server with the most available space. B: The Performance Logs And Alerts snap-in can do no configuration, only reporting data through Counter Logs as reported by providers (object counters) on a configured interval, or through Trace Logs as reported by event-driven providers. Thus this option will not work. C: Viewing performance data through the Task Manager is not what you need. Reference: Dan Balter, MCSA/MCSE Managing and Maintaining a Microsoft Windows Server 2003 Environment Exam Cram 2 (Exam 70-290), Chapter 6 Question 10. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a file server named ITCertKeys -SR21. ITCertKeys -SR21 has a 40-GB hard disk for system files and two 80-GB hard disks for data. The 80-GB hard disks configured as mirrored volumes and contain 65-GB of read-only data. ITCertKeys.com users connect to ITCertKeys -SR21 by using shortcuts on their desktops. Due to the growth of the ITCertKeys.com network, the performance of ITCertKeys -SR21 has become inadequate. You receive instruction from the CIO to replace ITCertKeys -SR21. The new server must contain the current data from ITCertKeys -SR21. You disconnect ITCertKeys -SR21 from the network. You build a replacement server and name it ITCertKeys -SR21. You now need to bring the new server online and re-establish redundancy as quickly as possible. You must also ensure that users can connect to ITCertKeys -SR21 by using their existing desktop shortcuts. What should you do? A. Create a new mirrored volume by using two 80-GB disks. Connect ITCertKeys -SR21 to the network and copy the data from the old ITCertKeys -SR21. When copying is complete, shut down the old ITCertKeys -SR21. B. Move the two 80-GB disks from the old ITCertKeys -SR21 to the new ITCertKeys -SR21. Scan the disks for changes and import the disks. Connect the new ITCertKeys -SR21 to the network. C. Break the mirror on the old ITCertKeys -SR21. Move one of the 80-GB disks from the old ITCertKeys -SR21 to the new ITCertKeys -SR21. Scan the disk for changes and initialize the disk. Select the spare disk and create the mirror. Connect the new ITCertKeys -SR21 to the network. D. Remove one of the 80-GB disks from the old ITCertKeys -SR21 and move it to the new ITCertKeys -SR21. Scan the disk for changes and import the disk. Connect the new ITCertKeys -SR21 to the network. Answer: B Explanation: You have to make use of the existing old ITCertKeys -SR21 disks to make sure that the current data will be brought online. When moving disks from one computer to another keep in mind that before disconnecting the disks from the old ITCertKeys -SR21 you must make sure the status of all volumes on each of the disks is healthy. For any volumes that are not healthy, repair the volumes before you move the disks. After you physically connect the disks to the new ITCertKeys -SR21, in Disk Management, open the Action menu and choose Rescan Disks. The scanning will detect changes. The new disk will show up as Dynamic/Foreign. By default, Dynamic/Foreign disks and should be brought online automatically, but if not, bring it online by right-clicking the disk and selecting Online. Furthermore, to make Dynamic/Foreign disks useable, you must import it. The disk group remains as is and the database does not change. When connecting new ITCertKeys -SR21 to the network you will enable users to use their existing shortcuts. Incorrect answers: A: Since ITCertKeys -SR21 is scheduled for replacement you need no mirroring to be done for the question states pertinently that you have to re-establish redundancy which means that redundancy used to be in place before. A mirrored volume (also known as RAID Level 1 or RAID-1) consists of two identical copies of a simple volume, each on a separate hard disk. Mirrored volumes provide fault tolerance in the event that one physical disk fails. C: By moving only one disk from the old ITCertKeys -SR21 to the new ITCertKeys -SR21 will affect not only the current amount of data available, but will also result in a lack of possible redundancy. D: Removing one old ITCertKeys -SR21 disk from the mirror will not enable you to accomplish your task successfully. Reference: Dan Balter, MCSA/MCSE Managing and Maintaining a Microsoft Windows Server 2003 Environment Exam Cram 2 (Exam 70-290), Chapter 3
|
Question 1. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a print server named ITCertKeys-PR01 that has a built-in network interface. A ITCertKeys.com user named Andy Reid is a member of the Research and Development department. Andy Reid complains that he cannot print to a print device attached to ITCertKeys-PR01. You have received instruction to ensure that Andy Reid can print to the print device. First you verify that the IP address for ITCertKeys-PR01 is correct and that the latest drivers for the print device are installed. You now want to verify that the print jobs are being sent to the correct MAC address for ITCertKeys-PR01. What should do? A. On ITCertKeys-PR01, run the net session command. B. On ITCertKeys-PR01, run the netstat command. C. On ITCertKeys-PR01, run the netsh command. D. On ITCertKeys-PR01, run the netcap command. Answer: D Explanation: Netstcap.exe is a command line tool that could be used to capture the network traffic. A filter can be created to be used during the capture to determine the MAC address the print jobs are being sent to. The Network Monitor Capture Utility ( Netcap.exe) can be used to capture network traffic in Network Monitor. Netcap provides capture abilities only from a command prompt; to open the resulting capture (.cap) files, you must use the full Network Monitor interface. Netcap is installed when you install the Support tools that are on the Windows XP CD-ROM. Netcap provides capture abilities that are similar to the version of Network Monitor that is included with the Windows Server products; however, you must use Netcap at a command prompt. Netcap installs the Network Monitor driver and binds it to all adapters when you first run the Netcap command. Incorrect Options: A: The net session command can be used to view the computer names and user names of users on a server, to see if users have files open, and to see how long each user's session has been idle. Net session manages server computer connections - used without parameters, net session displays information about all sessions with the local computer. B: The netstat command is not a utility to use when troubleshooting NetBIOS names, but is used to display TCP/IP and port information. C: The Network Shell utility (Netsh.exe) can perform a wide range of system configuration tasks. You can use commands in the Netsh Interface IP context to configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and WINS servers) and to display configuration and statistical information. Reference: Microsoft Knowledge Base: 306794: How to Install the Support Tools from the Windows XP CD-ROM Network Monitor is provided with Windows Server products and Microsoft Systems Management Server (SMS). Microsoft Corporation, 2004 Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd & Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, pp. 686, 854-856, 926 Question 2. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of two subnets. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. All servers are located in a central data center that uses a single IP subnet and all client computers are located in one subnet. The data center contains two routers named ITCertKeys-SR01 and ITCertKeys-SR02, two domain controllers named ITCertKeys-DC01 and ITCertKeys-DC02, and two file servers named ITCertKeys-SR03 and ITCertKeys-SR04. The IP addresses of these servers are indicated in the table below. Host name IP address ITCERTKEYS-DC01 10.10.10.1 ITCERTKEYS-DC02 10.10.10.2 ITCERTKEYS-SR01 10.10.1.1 ITCERTKEYS-SR02 10.10.1.2 ITCERTKEYS-SR03 10.10.11.1 ITCERTKEYS-SR04 10.10.11.2 You have received instruction from the CIO to install a new database server in the data center. You install Windows Server 2003 on a new server computer named ITCertKeys-DB01 and hand it over to a database administrator named Dean Austin. Dean Austin installs Microsoft SQL Server 2005 and makes some changes to the TCP/IP settings on ITCertKeys-DB01 as shown in the following table. Parameter Value IP address 10.10.1.3 Subnet mask 255.255.255.0 Default gateway 10.10.1.2 Later, Dean Austin complains that ITCertKeys-DB01 cannot communicate with the other servers in the data center. All other servers in the data center can communicate with the other servers as well as the client computers. You log on to ITCertKeys-DB01 and attempt to ping ITCertKeys-DC01 but you receive the following error message: "Destination host unreachable". What should you do to ensure that ITCertKeys-DB01 can communicate with the other computers in the ITCertKeys.com network? A. Configure ITCertKeys-DB01 with a default gateway of 10.10.1.1. B. Configure ITCertKeys-DB01 with a subnet mask of 255.255.0.0. C. Configure ITCertKeys-DB01 with an IP address of 10.10.10.3. D. Configure ITCertKeys-DB01 with an IP address of 10.10.11.3. Answer: B Explanation: Large networks are subdivided to create smaller subnetworks to reduce overall network traffic by keeping local traffic on the local subnet and sending all nonlocal traffic to the router. In order to create a subnetwork, we need to have a system for addressing that allows us to use the network ID and host ID within the class-based system. This is accomplished through the use of a subnet mask. To determine the appropriate custom subnet mask (typically referred to simply as subnet mask) for a network, you must first: 1. Determine the number of host bits to be used for subnetting. 2. Determine the new subnetted network IDs. 3. Determine the IP addresses for each new subnet. 4. Determine the appropriate subnet mask. Incorrect Answers: A: You need to assign the correct subnet mask to ensure connectivity. C, D: The problem in this scenario is not a faulty IP address. It is the appropriate subnet mask that has to be determined to enable connectivity. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p. 57 Question 3. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of two subnets named Subnet A and Subnet B. Subnet A and Subnet B are connected by a router. All computers on the ITCertKeys.com network are configured with static IP addresses. All network servers run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com hires a new Sales manager named Amy Wilson. You install a new client computer named ITCertKeys-WS291 for Amy Wilson. You then add ITCertKeys-WS291 to Subnet A. The relevant portion of the network is configured as shown in the exhibit. However, Amy Wilson complains that ITCertKeys-WS291 cannot communicate with other hosts on the network. What should you do to ensure that ITCertKeys-WS291 can communicate with all local and remote computers on the ITCertKeys.com network? A. Configure ITCertKeys-WS291 with a default gateway of 192.168.28.84. B. Configure ITCertKeys-WS291 with a default gateway of 192.168.2.1. C. Configure ITCertKeys-WS291 with a subnet mask of 255.255.255.128. D. Configure ITCertKeys-WS291 with a subnet mask of 255.255.255.192. Answer: C Explanation: It is evident from the exhibit that the file server and ITCertKeys-WS291 have a different subnet mask. This is the reason why they cannot communicate with each other. You must therefore change the subnet mask of ITCertKeys-WS291 to 255.255.255.128. Incorrect Answers: A, B: The problem is not the gateway IP address that is faulty, but rather the subnet mask. D: This option suggests the correct object that has to be changed, but it gives the wrong subnet mask. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p. 57 Question 4. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com has its headquarters in Chicago and branch offices in Dallas and Miami. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. You work in the Miami branch office. The network at the Miami branch office consists of 25 different subnets, each with a maximum of six computers. The network administrator at headquarters has allocated the 192.168.3.0/24 network address to the Miami branch office. You install a new server named ITCertKeys-SR21 in the Miami branch office. You need to configure the Internet Protocol (TCP/IP) properties for ITCertKeys-SR21. You configure ITCertKeys-SR21 with an IP address of 192.168.3.44. What subnet mask should you use? A. A subnet mask of 255.255.255.0. B. A subnet mask of 255.255.255.128. C. A subnet mask of 255.255.255.192. D. A subnet mask of 255.255.255.240. E. A subnet mask of 255.255.255.248. Answer: E Explanation: The network address is: 192.168.2.0/24, which means 11111111.11111111.11111111.0 in binary. Therefore, you can use the last octet to configure the 30 subnets and 6 hosts in each Subnet You need only six host PCs. When you convert to binary, it is: 00000111. As a result, you use 3 bits. This leaves 5 bits for the subnets 11111000 converted to decimal: 128+64+32+16+8=248, therefore the subnet mask will be: 255.255.255.248. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p.57 Question 5. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com has its headquarters in Chicago and a branch office in Dallas. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. You work in the Dallas branch office. The network at the Dallas branch office consists of a single subnet that contains 150 client computers and 12 servers. The network administrator at headquarters has allocated the 10.10.0.0/16 network address to the Dallas branch office. You have received instruction from your manager to place all servers at the Dallas branch office into a separate subnet that uses the 192.168.10 public addressing scheme. Your manager asks you to make allowance for a maximum of 30 servers in the new subnet. Which subnet mask should you use for the new subnet? A. 255.255.255.224 B. 255.255.255.240 C. 255.255.255.248 D. 255.255.255.252 E. 255.255.255.254 Answer: A Explanation: A 255.255.255.224 subnet mask gives five host address bits, so the maximum number of host addresses is 2 ^ 5 - 2 = 30 host addresses. Thus 255.255.255.224 is the only subnet mask that will allow for sufficient IP addresses in case of further growth, whilst still conserving as many current addresses as possible. Reference: Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, p. 62 Question 6. DRAG DROP You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. You have installed a new server named ITCertKeys-SR06 on the network. The relevant portion of the network is shown on the exhibit. You want to configure ITCertKeys-SR06 with a valid static IP configuration. ITCertKeys-SR06 must be able to communicate with all hosts on the network and on the internet. You also need to configure ITCertKeys-SR06 to use the DNS server on the local subnet for name resolution. In addition, you must configure redundancy for name resolution. How should you configure ITCertKeys-SR06? To answer drag the appropriate IP addresses and Subnet masks to the appropriate places. Answer: Explanation: The Class C address 192.168.0.100 has to be the IP address to enable ITCertKeys-SR06 to communicate with all hosts on the network and on the internet as 192.168.0.1, 192.168.0.2 and 192.168.0.110 are already in use. 192.168.5.2 and 192.168.5.100 are on the wrong subnet, and besides, 192.168.5.12 is already in use. The subnet mask for this Class C address is 255.255.255.0. The default gateway should be 192.168.0.1. To configure redundancy for name resolution, configure the preferred DNS server/primary address as 192.168.0.2, and the alternate DNS server/secondary address as 192.168.5.2. Reference: J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Part 1, Chapter 2, pp. 80-116 Question 7. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com has its headquarters in Chicago and branch offices in Dallas and Miami. You work in the Miami branch office. The Miami branch office has a file server named ITCertKeys-SR25 that hosts critical documents. ITCertKeys-SR25 is configured with a DHCP client reservation. ITCertKeys.com users from all three offices download documents from ITCertKeys-SR25. One day ITCertKeys.com users complain that they cannot access the documents on ITCertKeys-SR25. You discover that the DHCP server has failed. The DHCP server is located at headquarters. You have received instruction from the CIO to ensure that ITCertKeys-SR25 is available even if it is unable to obtain or renew a lease from the DHCP server. How could you accomplish this task? A. On the DHCP server, increase the DHCP lease period. B. Configure alternate IP settings for ITCertKeys-SR25 on the Alternate Configuration tab of the Internet Protocol (TCP/IP) properties. C. Configure the DHCP scope in the 169.254.0.1. - 169.254.255.254 range. D. On the DHCP server, configure the DHCP 001 Resource Location Servers reservation option for ITCertKeys-SR25. Answer: B Explanation: Windows Server 2003 includes the Alternate Configuration feature. The Windows Server 2003 servers can be configured to use an alternate static IP configuration if a DHCP server is unavailable. When a DHCP client determines that the DHCP server is unavailable, it will automatically change over and also configure the TCP/IP stack with the static address information specified on the Alternate Configuration tab of the Internet Protocol (TCP/IP) properties. Incorrect Answers: A: Increasing the lease period would result in DHCP clients requesting leases less frequently, but won't guarantee that ITCertKeys-SR25 will be available when the DHCP server is down. C: Modifying the DHCP scope to the 169.254.0.1. - 169.254.255.254 range will still be reliant on the DHCP server. D: Configuring the DHCP 001 Resource Location Servers reservation option for ITCertKeys-SR25 on the DHCP server will not ensure that ITCertKeys-SR25 will receive an IP address or have the IP address renewed. Reference: J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Part 1, Chapter 2, pp. 114, 117 Question 8. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a server named ITCertKeys-SR34. ITCertKeys-SR34 is configured as a DHCP server and has been authorized in Active Directory. The Telnet service has been installed and started on ITCertKeys-SR34. One day ITCertKeys.com users complain that they cannot access network resources. Your investigations reveal that the DHCP Server service on ITCertKeys-SR34 has stopped. You install the administrative tools on a client computer named ITCertKeys-WS291 and log on to the computer. When you open the DHCP console on ITCertKeys-WS291 and attempt to connect to ITCertKeys-SR34, you receive an error message that states: "Cannot find the DHCP Server." You then attempt to ping ITCertKeys-SR34 but fail. How can you connect to the DHCP Server service on ITCertKeys-SR34 by using the DHCP console on ITCertKeys-WS291? A. Establish a Telnet session to ITCertKeys-SR34 and then run the net start dhcp command. B. Establish a Telnet session to ITCertKeys-SR34 and then run the net start dhcpserver command. C. Establish a Telnet session to ITCertKeys-SR34 and then run the ipconfig /renew command. D. On ITCertKeys-WS291, run the netsh dhcp server\\ ITCertKeys-SR34 show server command. Answer: B Explanation: You can start the DHCP Server service by executing the Net Start Dhcpserver command at the command prompt. Telnet is a protocol that enables an Internet user to log on to and enter commands on a remote computer linked to the Internet, as if the user were using a text-based terminal directly attached to that computer. Telnet is part of the TCP/IP suite of protocols. The term telnet also refers to the software (client or server component) that implements this protocol. Given the fact that you can ping ITCertKeys-SR34 you should then establish a Telnet session to ITCertKeys-SR34 and then run the appropriate command. Reference: J. C. Mackin & Ian McLean, MCSA/MCSE self-paced training kit (exam 70-291): implementing, managing, and maintaining a Microsoft Windows Server 2003 network infrastructure, Microsoft Press, Redmond, 2004, p. 7-23 Question 9. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a server named ITCertKeys-SR51 that is configured as a print server for a print device that has a built-in network interface. The print device is used by the Sales department to print Sales reports. A ITCertKeys.com user named Clive Allen is a member of the Sales department. Clive Allen complains that he cannot print to the print device attached to ITCertKeys-SR51. You verify that the IP address for ITCertKeys-SR51 is correct and that the correct drivers for the print device are installed. You now want to verify that the print jobs are being sent to the correct MAC address for ITCertKeys-SR51. You log on to ITCertKeys-SR51. What should you do next? A. Run the net session command. B. Run the netstat command. C. Run the netsh command. D. Run the netcap command. Answer: D Explanation: Netstcap.exe is a command line tool that could be used to capture the network traffic. A filter can be created to be used during the capture to determine the MAC address the print jobs are being sent to. The Network Monitor Capture Utility ( Netcap.exe) can be used to capture network traffic in Network Monitor. Netcap provides capture abilities only from a command prompt; to open the resulting capture (.cap) files, you must use the full Network Monitor interface. Netcap is installed when you install the Support tools that are on the Windows XP CD-ROM. Netcap provides capture abilities that are similar to the version of Network Monitor that is included with the Windows Server products; however, you must use Netcap at a command prompt. Netcap installs the Network Monitor driver and binds it to all adapters when you first run the Netcap command. Incorrect Options: A: The net session command can be used to view the computer names and user names of users on a server, to see if users have files open, and to see how long each user's session has been idle. Net session manages server computer connections - used without parameters, net session displays information about all sessions with the local computer. B: The netstat command is not a utility to use when troubleshooting NetBIOS names, but is used to show what ports your computer is listening on.: -R is used to reload your LMHOSTS file located in %systemroot%\system32\drivers\etc., -r will show you which name resolutions have been answered via broadcasts, and which have been answered via a NetBIOS name server, -RR switch of the command utility refreshes your NetBIOS name with a configured WINS server. C: The Network Shell utility (Netsh.exe) can perform a wide range of system configuration tasks. You can use commands in the Netsh Interface IP context to configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and WINS servers) and to display configuration and statistical information. Reference: Microsoft Knowledge Base: 306794: How to Install the Support Tools from the Windows XP CD-ROM Network Monitor is provided with Windows Server products and Microsoft Systems Management Server (SMS). Microsoft Corporation, 2004 Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd & Laura Hunter, MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training System, pp. 686, 854-856, 926 Question 10. Network Topology Exhibit: LAN Settings Exhibit: You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. The ITCertKeys.com network contains a Microsoft Internet Security and Acceleration (ISA) Server computer named ITCertKeys-SR01, a DNS server named ITCertKeys-SR02, a DHCP server named ITCertKeys-SR03, a file server named ITCertKeys-SR21, and a Web server named ITCERTKEYS-SR25. ITCertKeys-SR25 also serves as a central antivirus server. ITCertKeys-SR21 is located on the 10.10.11.0 subnet and ITCertKeys-SR25 is located in the perimeter network. ITCertKeys-SR21 contains antivirus software that checks for new virus definitions on ITCertKeys-SR25 every hour. You can also access ITCertKeys-SR25 through a virus update Web page to perform manual virus definition updates. ITCertKeys-SR03 suffers a catastrophic failure and is removed from the network. Due to budgetary constraints, a replacement for ITCertKeys-SR03 will only be acquired in the next financial year. You need to redesign network addressing scheme, and change the IP addresses for ITCertKeys-SR01 to the addresses shown in the Network Topology exhibit. ITCertKeys-SR02 contains the new host (A) resource records for ITCertKeys-SR01. You receive reports about a new virus threat and want to protect the network immediately by manually downloading the new virus definitions to ITCertKeys-SR21. you log on to ITCertKeys-SR21 but discover that you cannot access the virus update Web page on ITCertKeys-SR25. The static TCP/IP configuration on ITCertKeys-SR21 uses ITCertKeys-SR02 as the preferred DNS server. You confirm that ITCertKeys-SR01 is configured properly. On ITCertKeys-SR21, you view the Internet Explorer LAN settings that are shown in the LAN Settings exhibit. What should you do to allow ITCertKeys-SR21 to connect to ITCertKeys-SR25? A. At a command prompt on ITCertKeys-SR21, run the ipconfig /flushdns command. B. In the LAN settings of Internet Explorer on ITCertKeys-SR21, select the Automatically detect settings check box. C. At a command prompt on ITCertKeys-SR01, run the ipconfig / flushdns command. D. At a command prompt on ITCertKeys-SR01, run the ipconfig /registerdns command. Answer: A Explanation: Running the ipconfig /flushdns command will flush and reset the DNS resolver cache which is necessary to allow connection. Run this command on ITCertKeys-SR21 to connect to ITCertKeys-SR25. Incorrect Answers: B: Selecting the "Automatically detect settings" checkbox is not going to allow ITCertKeys-SR21 to connect to WWW. C: The ipconfig /flushdns command flushes and resets the DNS resolver cache. This is not what is necessary. D: The ipconfig /registerdns command refreshes all DHCP leases and registers any related DNS names. This option is available only on Windows 2000 and newer computers that run the DHCP Client service. This is not going to allow ITCertKeys-SR21 to connect to WWW when it is run on ITCertKeys-SR01. Reference: James Chellis, Paul Robichaux and Matthew Sheltz, MCSA/MCSE: Windows Server 2003 Network Infrastructure Implementation, Management, and Maintenance Study Guide, p. 311
|
Question 1. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory forest. The functional level of the forest is set at Windows Server 2003. The ITCertKeys.com network contains a file server named ITCertKeys-SR07 that hosts a shared folder in a child domain in ITCertKeys.com's forest. ITCertKeys.com has a sister company that has its own Active Directory forest. You need to ensure that users, who belong to a child domain in the sister company's Active Directory forest, are provided with access to the shared folder in the child domain in ITCertKeys.com's Active Directory forest. You also need to ensure that these users are unable to access any other resources in ITCertKeys.com's forest. What should you do? A. You have to create an external trust, and configure it with the selective authentication option. B. You have to create a forest trust, and configure it with the domain-wide authentication option. C. You have to create an external trust, and configure it with the domain-wide authentication option. D. You have to create a forest trust, and configure it with the selective authentication option. Answer: A Explanation: An external trust is always nontransitive, and can be either one-way or two-way. This type of trust is used to create a relationship between a Windows Server 2003 domain and one running Windows NT 4.0. It can also be used to connect two domains that are in different forests, and don't have a forest trust connecting them. In this scenario, you have to create outgoing external trust from the domain where the file server is located to the sister company's domain where the users require access to a resource in ITCertKeys.com's forest. This will allow users from the sister company's domain to authenticate directly to ITCertKeys.com's resource domain. Selective authentication allows users from a trusted domain to authenticate only to those resources to which they are explicitly allowed to authenticate. Incorrect Answers: B, D: A forest trust is appropriate when users from multiple domains in one forest require access to resources in multiple domains in another forest. C: Configuring Domain-wide authentication would provide users from trusted domains the same level of access to local resources that local users have. Question 2. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. A new ITCertKeys.com security policy requires that all user passwords expire every 45 days. You configure a password policy that meets this requirement in a new Group Policy object (GPO) linked to the ITCertKeys.com domain. Users are now prompted to change their passwords on a regular basis. While performing a maintenance procedure on a domain controller three months later, you restart the domain controller in Directory Services Restore Mode (DSRM) and discover that the old administrative password still works. You need to ensure that DSRM password is changed on this domain controller. What should you do? A. You have to configure the password policy in the Default Domain Controllers Policy GPO in normal mode. B. You should reset the password for the local Administrator account in normal mode using Computer Management. C. You have to configure the password policy in the Default Domain Policy GPO in normal mode. D. You should reset the DSRM password in normal mode using the Ntdsutil utility. Answer: D Explanation: When you restart a domain controller in DSRM, the Active Directory service is not activated and the domain controller will act as a stand alone server. To log on to a computer in DSRM and to comply with the security policy, you need to set a password by using the Ntdsutil utility when the domain controller is operating in DSRM. Incorrect Answers: A, C: If the password policies were configured in the GPOs, it will not affect DSRM passwords on domain controllers. B: You will not find any local user accounts on a domain controller. Question 3. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory network named itcertkeys.com. ITCertKeys.com has headquarters in London and branch office in Paris. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains a Sales department. The headquarters in London contains a Windows Server 2003 computer named ITCERTKEYS-SR03 that hosts the ITCertKeys.com public Web site. The public Web site consists of the goods that are advertised by the Sales department. ITCERTKEYS-SR03 is running IIS 6.0. Due to the demand on the public Web site, you installed a new ASP.NET-based application on the public Web site. A ITCertKeys.com manager named Andy Reid is responsible for updating the public Web site on a regular basis. After the installation of the new ASP.NET-based application, Andy Reid access the public Web site, however, he received an error message stating that the page cannot be found. Andy Reid needs to access the public Web site to update the data. You need to ensure that the new ASP.NET-based application works. What should you do? A. You need to select support for Active Server Pages. B. You should assign the proper permissions to the Authenticated Users group for the new ASP.NET-based application. C. You need to acquire a server certificate from your corporate certification authority and install the certificate. D. You need to select only the required Web service extensions. Answer: D Explanation: By default, in Windows Server 2003, the Internet Information Services (IIS) has only static HTML content. You will only receive an HTTP error 404 if dynamic content is requested. You need to enable the support for the appropriate Web service extensions in IIS Manager to provide dynamic content. Incorrect Answers: A: Since ASP and ASP.NET are different, there is no need to support ASP. B: It is unlikely that the Authenticated Users group needs to be assigned any permission to access. public Web site allow anonymous access. C: The scenario does not state that the new application requires a certificate for SSL encryption or for another purpose, and even if it did, a certificate issued would not be trusted by the general public. Question 4. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains a Finance department. ITCertKeys.com contains a domain controller named ITCERTKEYS-DC01 which resides in the Finance department. Due to the confidential information of the data that reside on the domain controller, you need to make sure that the security is established at all time on ITCERTKEYS-DC01. You then access the Security Configuration and Analysis (SCA) MMC snap-in, and receive the following database log file as seen in the exhibit. Exhibit: You need to ensure that security is established on the ITCertKeys.com network around the clock. What should you do? A. Reconfigure the "Minimum Password Length" security policy. B. Reconfigure the "Lockout Duration" security policy. C. Reconfigure the "Password Must Meet Complexity Requirements" security policy. D. Reconfigure the "Minimum Password Age" security policy. Answer: A Explanation: The Security Configuration and Analysis (SCA) Microsoft Management Console (MMC) snap-in is used to evaluate a computer's security settings with a predefined security template. The exhibit shows that disparity exists between the value of the " Minimum Password Length" setting on ITCERTKEYS-DC01 and the setting's value that is configured in the currently loaded security template. Incorrect Answers: B, C, D: The Lockout Duration, Password Must Meet Complexity Requirements, and Minimum Password Age settings are marked as Not Configured. Reconfiguring these would result in inconsistent security on the ITCertKeys.com network as only ITCERTKEYS-DC01 will be configured with these settings. Question 5. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com is a relatively new company and at present has to share premises with other companies. Consequently there are added security risks and as a precautionary measure all the itcertkeys.com servers are located and maintained in a strong room and kept under lock and key. As a further precautionary measure you also applied the securedc.inf and the securews.inf security templates to the relative computers. There is however still the threat that unauthorized physical access could still be possible in lieu of the shared premises and unauthorized attempts at guessing the itcertkeys.com user's passwords. You received instructions from the CIO to ensure that added security measures are implemented to minimize the possibility of user passwords being at risk. What should you do? A. On all the domain controllers, you need to apply the hisecdc.inf predefined security template. B. You need to generate a system key with the Syskey utility, and then specify that this system key be stored locally. C. On all the member servers, you need to apply the hisecws.inf predefined security template. D. You need to generate a system key with the Syskey utility, and then specify that this system key be stored on a floppy disk. Answer: D Explanation: To provide protection to user passwords, you need to use the Syskey utility. This will allow you to generate a system key that is used to encrypt passwords. The three levels of protection that is offered by the Syskey utility are as follows: 1. Store the system key locally on a computer, which is not secure. 2. Use an administrative-assign password or 3. Store the system key on a floppy disk, which is required at startup. Incorrect Answers: A, C: Hisecdc.inf and hisecws.inf are more secure than securedc.inf and securews.inf, however, it will not stop the unauthorized user to guess passwords. B: Storing the system key locally on the computer is the least secure option. Question 6. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com contains a Sales department. The ITCertKeys.com network contains a file server named ITCERTKEYS-SR13. ITCERTKEYS-SR13 hosts a shared folder which keeps the latest goods which the users needs to access. A ITCertKeys.com employee named Andy Booth works in the Sales department. One morning Andy Booth complains that the performance of ITCERTKEYS-SR13 is very slow. To avoid that employees contact you regarding the performance of the file server, you are going to set counters to alarm you if any bottlenecks occur on ITCERTKEYS-SR13. . You then create a counter, and choose the following monitoring counters. 1. PhysicalDisk: %Disk Time 2. Processor: % Processor Time 3. Network Interface: Bytes Total/sec. What should your next step be? A. You should specify the threshold values for performance counters, which will produce a message to your workstation when reached. B. Navigate to the System performance object, and select a ProcessorQueue Length counter. C. Use the CSV format and configure a trace log that runs always, export the performance data to a spreadsheet manually. D. Use the CSV format and configure a counter log that record performance data on a constant basis. Answer: A Explanation: Alerts can be configured when thresholds are reached. This will allow you to receive a message when the threshold values are reached. Incorrect Answers: B: To find a bottleneck in a subsystem, the ProcessorQueue Length counter is used. This will not help you in defining an alert. C: If you want to record selected system application events, you should use the Trace logs. D: Although using this option will gather the required performance data for bottleneck detection, it would not enable you to configure an alert. Question 7. You work as the network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named itcertkeys.com. All servers on the ITCertKeys.com network run Windows Server 2003 and all client computers run Windows XP Professional. ITCertKeys.com consists of a Research department. The ITCertKeys.com network contains a domain controller named ITCERTKEYS-DC03. ITCERTKEYS-DC03 is used to communicate with other companies which form part of the alliances. You do not want ITCERTKEYS-DC03 to slack in performance, because it will influence the tasks of the employees in ITCertKeys.com. You want to forward a network message to your client computer in your office when CPU utilization goes beyond 80 percent. You thus need to configure ITCERTKEYS-DC03 to forward a network message to your client computer when CPU utilization goes beyond 80 percent. What should you do? A. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the Services MMC snap-in. B. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the Performance Logs and Alerts MMC snap-in. C. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the Network Monitor. D. On ITCERTKEYS-DC03 configure a network message to be sent to your client computer, by using the System Monitor. Answer: B Explanation: The Performance Logs and Alerts Microsoft Management Console (MMC) snap-in can be used to configure alerts that trigger an action. Incorrect Answers: A: The Services MMC snap-in can be used to view and modify system and network services that are installed on a Windows Server 2003 computer. You need to set alerts. C: Network Monitor is not the tool to be used in this case as it is usually used to capture and decode incoming an outgoing network packets. D: System Monitor is used to view real-time hardware and software performance data, but in this case you require the Performance Logs and Alerts Microsoft Management Console.. Question 8. You work as a network administrator for ITCertKeys.com. The network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com contains six domain controllers of which two each is configured to run Windows Server 2003, Windows 2000 Server, and Windows NT Server 4.0 The ITCertKeys.com departments are organized into organizational units (OUs). As such the Administration OU is named ITK_ADMIN, and the OU is named the ITK_SALES. All file servers for all departments are located in their respective OUs. The ITK_SALES OU is a child OU of the ITK_ADMIN OU. A new ITCertKeys.com written security policy states that the Administration department servers must be configured with security settings that are enhanced from the default settings. The ITCertKeys.com written security policy further also states that the Sales department servers must be configured with security settings that are enhanced from the default settings, and auditing should be enables for file and folder deletion. Your instructions are to plan the security policy settings of the Administration and Sales departments to ensure compliance with the written security policy. To this end you decide to make use of a Group Policy Objects (GPO) for each of these departments. What should you do next? A. One GPO must apply the Compatws.inf security template to computer objects. Link this GPO to the ITK_ADMIN OU. The second GPO must enable the Audit object access audit policy on computer objects. Link this GPO to the ITK_SALES OU. B. One GPO must apply the Securews.inf security template to computer objects. Link this GPO to the ITK_ADMIN OU. The second GPO must enable the Audit object access audit policy on computer objects. Link this GPO to the ITK_SALES OU. C. One GPO must apply to the Compatws.inf security template to computer objects. Link this GPO to the ITK_ADMIN OU. The second GPO must apply the Hisecws.inf security template to computer objects. Link this GPO to the ITK_SALES OU. D. One GPO must apply the Securews.inf security template to computer objects. Link this GPO to both the ITK_ADMIN and the ITK_SALES OUs. The second GPO must enable the Audit object access audit policy on computer objects. Link this GPO to the ITK_SALES OU. Answer: B Explanation: The Securews.inf template contains policy settings that increase the security on a workstation or member server to a level that remains compatible with most functions and applications. The template includes many of the same account and local policy settings as Securedc.inf, and implements digitally signed communications and greater anonymous user restrictions. Audit Object Access A user accesses an operating system element such as a file, folder, or registry key. To audit elements like these, you must enable this policy and you must enable auditing on the resource that you want to monitor. For example, to audit user accesses of a particular file or folder, you display its Properties dialog box with the Security tab active, navigate to the Auditing tab in the Advanced Security Settings dialog box for that file or folder, and then add the users or groups whose access to that file or folder you want to audit. Incorrect Answers: A, C: The Compatws.inf security template is designed for Windows NT compatible applications that require lower security settings in order to run. These settings are lower than the default settings. D: The ITK_SALES OU is a child OU of the ITK_ADMIN OU. GPO settings applied to parent OUs are inherited by child OUs; therefore we do not need to link the GPO to both the ITK_ADMIN OU and the ITK_SALES OU. Reference: Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, Chapters 9 and 10 Question 9. You work as the network administrator for ITCertKeys.com. The ITCertKeys.com network contains 50 application servers that are configured with Windows Server 2003. At present the security configuration of the ITCertKeys.com is not uniformly applied. Local administrators, based on their different knowledge and skill levels, were responsible for the configuration of the security settings on each of the application servers. This resulted in a wide variety of authentication methods, audit settings and account policy settings. ITCertKeys.com thus appointed a security team to complete a new network security design. Included in the design is a baseline configuration for the security settings on all servers. The baseline security settings use the hisecws.inf predefined security template. The design also requires modified settings for servers in an application server role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named application.inf that contains the required settings. You received instruction to plan the deployment of the new security design. Your plan must ensure that all application servers' security settings are standardized, and that after the security settings on all application servers comply with the design requirements. What should you do? A. First apply the setup security.inf template, and then apply the hisecws.inf template, and then the application.inf template. B. First apply the Application.inf template and then the Hisecws.inf template. C. First apply the Application.inf template, and then apply the setup.inf template, and then the hisecws.inf template. D. First apply the Setup.inf template and then the application.inf template Answer: A. Explanation: The servers currently have different security settings. Before applying our modified settings, we should reconfigure the servers with their default settings. This is what the security.inf template does. Now that our servers have the default settings, we can apply our baseline settings specified in the hisecws.inf template. Now we can apply our custom settings using the application.inf template. Incorrect Answers: B: The hisecws.inf template would overwrite the custom application.inf template. C: The setup.inf security template doesn't exist. To return a system to its default security settings, we use the security.inf template. D: The setup.inf security template doesn't exist. To return a system to its default security settings, we use the security.inf template. Reference: Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 13:62 David Watts & Will Willis, Windows Server 2003 Active Directory Infrastructure Exam Cram 2 (Exam 70-294): Que Publishing, Indianapolis, 2004, Chapter 8 Question 10. You work as a network administrator for ITCertKeys.com. The ITCertKeys.com network contains Terminal servers that host legacy applications. Only ITCertKeys.com users that have Power Users group membership can run these legacy applications. A new ITCertKeys.com security policy states that the Power Users Group must be empty on all servers. You are thus required to ensure that the legacy applications will be available to users on the servers when the new security requirement is enabled. What should you do? A. In the domain, the Domain Users Global group should be added to the Remote Desktop Users built-in group in the domain. B. On each terminal server, the Domain Users Global group should be added to the Remote Desktop Users local group. C. Allow the Local Users group to run the legacy applications my modifying the compatws.inf security template settings. Import the security settings into the default Domain Controllers Group Policy Object. D. Allow the Local Users group to run the legacy applications by modifying the compatws.inf security template settings. Apply the modified template to each terminal server. Answer: D Explanation: The default Windows 2000 security configuration gives members of the local Users group strict security settings, while members of the local Power Users group have security settings that are compatible with Windows NT 4.0 user assignments. This default configuration enables certified Windows 2000 applications to run in the standard Windows environment for Users, while still allowing applications that are not certified for Windows 2000 to run successfully under the less secure Power Users configuration. However, if Windows 2000 users are members of the Power Users group in order to run applications not certified for Windows 2000, this may be too insecure for some environments. Some organizations may find it preferable to assign users, by default, only as members of the Users group and then decrease the security privileges for the Users group to the level where applications not certified for Windows 2000 run successfully. The compatible template (compatws.inf) is designed for such organizations. By lowering the security levels on specific files, folders, and registry keys that are commonly accessed by applications, the compatible template allows most applications to run successfully under a User context. In addition, since it is assumed that the administrator applying the compatible template does not want users to be Power Users, all members of the Power Users group are removed. Incorrect Answers: A, B: Global group is a group that is available domain-wide in any domain functional level, so why would you add to another group. C: The Compatws.inf template is not intended for domain controllers, so you should not link it to a site, to the domain, or to the Domain Controllers OU Reference: Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294); Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 8:5 Dan Holme, and Orin Thomas, MCSA/MCSE Self-Paced Training Kit: Upgrading Your Certification to Microsoft Windows Server 2003: Managing, Maintaining, Planning, and Implementing a Microsoft Windows Server 2003 environment: Exams 70-292 and 70-296, Chapter 9
|
Question 1. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The new ITCertKeys.com directive states that all departments in ITCertKeys.com should install Microsoft Windows Vista Business Edition on their respective workstations. You have been assigned to the Research department. To this end you are thus tasked with the responsibility to install Microsoft Windows Vista Business Edition on the Research Department's workstations. Following is a list of the workstation specifications as at present in the research department: 1. 1.2 GHz processor. 2. 256 MB of RAM. 3. 10 GB hard drive. 4. SVGA video card. 5. Integrated sound card. 6. 10/100 integrated network adapter. These computers are not ready to have Microsoft Windows Vista Business Edition installed. They lack certain minimum hardware requirements. You now need to identify these and upgrade the workstations accordingly so as to comply with the new ITCertKeys.com directive. What should you do? (Each correct answer presents part of the solution. Choose TWO.) A. You should upgrade the processor. B. You should upgrade the RAM. C. You should upgrade the video card. D. You should upgrade the hard drive. E. You should upgrade the network adapter. Answer: B, D Explanation: You must have at least 512 MB of RAM and a minimum 20 GB hard drive with 15 GB of free space to successfully install Windows Vista. Incorrect Answers: A: Windows Vista requires an 800 MHz CPU, so the current 1.2 GHz processor will be adequate and will thus not need to be upgraded. C: Windows Vista will function with an SVGA video card, although improvements in the user experience with Aero would require a Windows Display Driver Model (WDDM) capable video card. E: Windows Vista does not have a minimum network adapter requirement, making this option irrelevant in the circumstances. Question 2. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The new ITCertKeys.com directive states that all departments in ITCertKeys.com should install Microsoft Windows Vista Business Edition on their respective workstations. You have been assigned to the Research department. However, there is another company policy that states that all new installations and upgrades should be done on test computers prior to mass deployment. The Research department has a test computer named ITCertKeys-WS620. Following are the ITCertKeys-WS620 specifications: 1. Drive C (system drive) has 10 gigabytes (GB) of free space. 2. Drive D (programs drive) has 40 GB of free space. 3. Two memory slots exist, but only one is occupied with a 512 megabyte (MB) memory stick. 4. One 1.5 gigahertz (GHz) 32-bit processor is installed. To comply with the company policy and follow the new directive you thus plan to install Microsoft Windows Vista Business on ITCertKeys-WS620. Now you need to change the hardware configuration so that the computer can run Windows Vista Business. What should you do? A. You should install Windows Vista on Drive D. B. You need to free up space on Drive C. C. You should add more memory to the computer. D. You should add a faster processor to the computer. Answer: B Explanation: Operating systems must be installed on the system drive. In this scenario, the system drive on ITCertKeys-WS620 has only 10 GB of free space. Thus you should free up space on Drive C because Windows Vista requires 15 GB of free space for installation purposes. Incorrect Answers: A: You must install operating systems on the system drive. In this scenario, Drive C is the system drive. Thus you should not install Windows Vista on Drive D. C: The minimum memory capacity for a computer running Windows Vista is 512 MB and ITCertKeys-WS620 has 512 MB RAM. Thus you do not need to add more memory to the computer. D: There is no need to add a faster processor to the computer. The minimum processor speed for a computer running Windows Vista is 800 megahertz (MHz). Question 3. You work as the Desktop support technician at ITCertKeys.com. You have been instructed to deploy Microsoft Windows Vista operating system on all the ITCertKeys.com client computers. ITCertKeys.com is planning to deploy two sites: a primary and a secondary site. You want to carry out your duty be using the System Management Server (SMS) 2003 operating system deployment (OSD) Feature Pack. Consequently you need to install the SMS 2003 OSD Feature Pack and thus you need to take you first action. What should you do? A. SMS 2003 should be installed on the primary site server. B. SMS 2003 should be installed on the secondary site server. C. Windows Deployment Service (WDS) should be installed on the primary site server. D. Business Desktop Deployment (BDD) 2007 should be installed on the primary site server. Answer: A Explanation: Installing SMS 2003 on the primary site server will enable you to install SMS 2003 OSD Feature Pack. The System Management Server (SMS) 2003 operating system deployment (OSD) Feature Pack can be used to create a custom image to deploy Windows Vista operating system on the target computers. Incorrect Answers: B: SMS 2003 must be installed on the Primary site server and not on the secondary site server. You are however able to install SMS 2003 on all the site servers to support SMS 2003 OSD Feature Pack. C: WDS is used to deploy Windows Operation System on target computers using PXE network boot. It is in essence an enhanced version of Remote Installation Services (RIS) as it was used in previous versions of the Windows operating systems. You should not first install WDS on the primary site server. D: BDD 2007 is installed on the deployment server after SMS 2003 OSD Feature Pack is installed. Question 4. You work as the Desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. You have been instructed to deploy Microsoft Windows Vista operating system on all the ITCertKeys.com client computers. You plan to make use of System Management Server (SMS) 2003 on a primary site server. You then use System Management Server (SMS) 2003 operating system deployment (OSD) Feature Pack to create a custom Windows Vista image. You need to deploy the Windows Vista image on the ITCertKeys.com client computers. The ITCertKeys.com client computers are currently using a mix of 32- and 64-bit processors. This means that you will need to take certain steps prior to deploying the image to the client computers. What should you do? (Each correct answer presents part of the solution. Choose TWO.) A. Check the size of the deployment logs. B. Identify the differences in 32- and 64-bit deployment. C. Verify that SMS 2003 OSD Feature Pack is installed on the client computer. D. Verify that the ITCertKeys.com computers have the appropriate system resources. E. Verify that the Windows Deployment Service (WDS) is installed on the ITCertKeys.com client computer. Answer: B, D Explanation: The ZTIvalidate.wsf file is used to determine that the target computer has the available resources required to deploy Windows operating system. Prior to deploying an SMS 2003 OSD Feature Pack on a target computer, you should verify that the computer has the appropriate system resources. You should also identify the differences in 64-bit and 32-bit deployment. BDD 2007 only supports only EM64T-enabled processors and the AMD 64 type processors. Incorrect Answers: A: Deployment logs are used to store information regarding the image installation process on each client computer. You should determine the storage capacity required for storing the deployment logs during the image installation process. One does not first determine the size of the deployment logs. C: The SMS 2003 OSD Feature Pack is installed on the primary site server and is used to create custom Windows image for Windows deployment on the target/client computers. You should thus not install it on the client computer. E: WDS is used to deploy Windows Operation System on target computers using PXE network boot. It is in essence an enhanced version of Remote Installation Services (RIS) as it was used in previous versions of the Windows operating systems. WDS is not installed on the client computer. Question 5. You are employed as an administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All client computers on the ITCertKeys.com network run Microsoft Windows Vista. A ITCertKeys.com policy states that all client computers should be configured to obtain all of the latest operating system updates. A new computer named ITCertKeys-WS624 was recently purchased. You received instructions to verify whether ITCertKeys-WS624 can obtain all of the latest operating system updates. What should you do? A. You need to confirm that ITCertKeys-WS624 has a Microsoft Windows Experience Index base score above 3.0. B. You need to configure Windows Defender to detect updates before scanning. C. You need to validate your Windows installation from the Microsoft Windows Genuine Advantage Web page. D. You need to run Microsoft Windows Vista Upgrade Advisor. Answer: C Question 6. You are employed as a network administrator at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network is divided into several departments of which the Sales department is one. The Sales department was assigned a client computer named ITCertKeys-WS622. Certkiller-WS622 has the following hardware configuration: 1. 512 MB of RAM 2. 10-GB hard disk 3. 933-MHz processor 4. 64-MB video adapter. You have received instructions from the manager to install Microsoft Windows Vista on ITCertKeys-WS622. Which hardware component fails the minimum hardware requirements? A. Memory. B. Hard disk. C. Processor. D. Video adapter. Answer: B Question 7. ITCertKeys.com has employed you as a desktop technician. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. The ITCertKeys.com network is divided into several departments of which the Marketing department is one. The Marketing department was assigned a client computer named ITCertKeys-WS625. ITCertKeys-WS625 is currently running Microsoft Windows XP Professional. All the applications that are used in the Marketing department are third- party applications which are used daily in the department. You have received instructions from the CIO to upgrade ITCertKeys-WS625 to Microsoft Windows Vista. The CIO wants all the applications in used to be operational after the upgrade. You must comply with the CIO's request and thus need to determine whether the hardware and software on ITCertKeys-WS625 will support the upgrade and still leave all the applications operational. What should you do? A. You need to run the winnt32.exe /checkupgradeonly command. B. You need to run the mbsacli.exe command. C. You need to run the Microsoft Windows Vista Upgrade Advisor application. D. You need to compare ITCertKeys-WS625 system's hardware against the Microsoft Windows Vista Hardware Compatibility List (HCL). Answer: C Question 8. DRAG DROP You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. ITCertKeys.com has a client computer named ITCertKeys-WS626. ITCertKeys-WS626 has a hard disk that has been partitioned in two equal parts of 50 Gigabytes (GB) each. Microsoft Windows XP Home has been installed in the primary partition. The second partition is yet to be formatted. You have been instructed ensure that ITCertKeys-WS626 has dual booting abilities. You need to accomplish this task with the least amount of administrative effort. What should you do? (Choose the correct options in the column on the left and place them in the correct order of execution in the work area on the right.) Answer: Explanation: The correct method would be to first format the second partition with NTFS, then boot the computer with the Windows Vista DVD and then installing Windows Vista on the second partition. This order of procedure would result in the least administrative effort since one should first install the oldest version of the Windows operating system first, then install each newer version in order because every new Windows version preserves backward compatibility for starting earlier Windows versions. Incorrect Answers: Do not change the file system on the second partition: If one does not change the file system then one will not be able to install Windows Vista on the computer. You need to either convert the file system to NTFS or format the partition with NTFS to accommodate the installation of Windows Vista. Create two partitions in the extended partition: This would be superfluous since there are already two partitions and you would not require more partitioning. First install Windows Vista on the primary partition: This will not work since you need to install the older version of the Windows operating system first and then install the newer version. First install Windows XP Home on the second partition: This is not the correct method to dual booting the computer. You should begin with installing the Windows XP Home on the primary partition first. Question 9. DRAG DROP You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. There is currently only one workstation that has been installed with Microsoft Windows Vista Business Edition. This workstation is named ITCertKeys-WS622. You have received instructions from the ITCertKeys.com manager to install Microsoft Windows Vista Business Edition on all the new workstations that has just been purchased. These new workstations must have the same build of Microsoft Windows Vista Business Edition as that deployed on ITCertKeys-WS622. You want to complete your task with the least amount of administrative effort. To this end you need to create an image of ITCertKeys-WS622 to deploy to the new workstations. Thus you take the bootable Windows PE CD that includes all the required deployment tools. What should you do next? (Choose the correct options in the column on the left and place them in the correct order of execution in the work area on the right.) Answer: Explanation: the correct plan of action would be as follows: 1. Use Sysprep to seal the master. Sysprep prepares an installed OS to be created into a deployable image by removing some computer specific information such as the workstation's Security Identifier (SID), which must be unique. 2. Boot the master with the Windows PE CD. Windows PE is a bootable OS that has many tools that can be used for creating and deploying images. Tools such as ImageX and Diskpart are run from Windows PE. 3. Use ImageX on the master to create the image file. ImageX is the Windows PE tool that is used to capture (and apply) OS images. 4. Boot the target with the Windows PE CD. 5. Use Diskpart to format the drive. Diskpart is a PE tool that is used to configure the hard drive on a PC. 6. Use ImageX to apply the image to the target. Question 10. You work as the desktop support technician at ITCertKeys.com. The ITCertKeys.com network consists of a single Active Directory domain named ITCertKeys.com. All the ITCertKeys.com workstations run Microsoft Windows 2000 Professional. You are responsible for the installation of operating systems on the ITCertKeys.com computers. You want to make use of the Microsoft Windows Vista DVD to perform a clean installation on the ITCertKeys.com workstations. To this end you place the DVD into the drive and start the first workstation only to find that it boots straight to Windows 2000 without starting the install of Microsoft Windows Vista. You have run checks on the BIOS of the workstations and to boot from DVD-ROM is not allowed, though you need to perform a clean install. What should you do? A. You should install new hard drives on these workstations. B. The BIOS settings of these workstations should be changed to boot from the local hard drive. C. You should update all the workstations' BIOS. D. You should use the Windows Vista floppy boot disk. Answer: C Explanation: If you attempt to boot from the DVD ROM drive and it does not work, the first place to check is the computer BIOS. Alternatively, (though not mentioned as an option to choose from) you can also start the computer with a network boot floppy disk or PXE and connect to the installation files on the DVD or over the network. Incorrect options: A: You should not install a new hard drive. Installing a new hard drive will not solve this problem because the Windows Vista setup files on the DVD still needs to be accessed to allow for this install. B: You should not change the BIOS settings to boot from the local hard drive. Changing the BIOS settings to boot from the local hard drive will only boot to the installed operating system. D: You cannot use the Windows Vista Setup floppy boot disk. Windows Vista does not come with a Setup floppy boot disk.
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.