Internet Information Server


1. What is the primary function of the MMC?

A. It is the main administration tool for IIS.
B. It provides the architectural structure for IIS.
C. It holds the metabase.
D. It provides a common environment

>> !
Answer: D

MMC does not, in itself, provide a function. Rather it provides a common environment for snap-ins, which provide the functionality.


2. What is stored in the Metabase? (Choose all that apply)

A. SSL key properties
B. Logging properties
C. Files properties
D. User properties

>> !
Answer: A, B & C

Some of the key properties stored in the metabase include:
- Computer and Web Site properties
- Logging properties
- FTP specific properties
- HTTP specific properties
- Virtual directory and directory properties
- File properties
- Filter properties
- SSL key properties


3. As the head of an Informatics Unit, you wish to supply members of your first-level support team various components of the Internet Service Manager. Three members are responsible for the MTS, five are responsible for Index Server. How can you give each member access to the snap-ins they need to do their job, without giving them access to the entire ISM?

A. Assign the appropriate permissions to the appropriate snap-in and allow access only to those team members that need them.
B. Create a MTS group and an Index Server group. Create a MMC console for each and assign permissions to the group.
C. Create customized MMC consoles, one including the Index Server snap-in, another with the MTS snap-in, and a third with the IIS snap-in only. Save the consoles to a file with the default extension of .msc. Share the appropriate consoles with the appropriate team members.
D. There is no way to control access to MMC.

>> !
Answer: C

Consoles can be configured and saved; then shared among members of the group. Saved consoles are not large files, so it is not impractical to create numerous consoles.


4. You want to create a proprietary authentication that meets the needs of your company. What technique should be used?

A. Create a Win32 program that will interact with the NT user database.
B. Create an ISAPI filter using the Win32 SDK.
C. Create a CGI script that handles all user authentication.
D. A proprietary authentication method cannot be created.

>> !
Answer: B

ISAPI (Microsoft Internet Server Application Programming Interface) is used as an alternative to CGI scripts. It has lower overhead, is fast loading and efficiently uses the resources available. ISAPI filters can be used to create custom authentication schemes and logging, as well as compression, encryption and analyses.


5. Which Internet Information Server service layer provides support for process isolation?

A. Transport Services
B. Internet Services
C. Application Services
D. Network Services

>> !
Answer: C

Application services is the top layer of IIS architecture. It provides IIS with housing components for ISAPI DLLs, translation from ISV to IIS features, support for multiple ISAPI DLLs, recovery for application failure and a unit for process isolation.


6. Which of the following are components of Application Services? (Choose all that apply)

A. ISAPI
B. Server Side Include
C. HTMLA (HTML-based Administration)
D. HTTP ODBC

>> !
Answer: A, B & D

Application Services components include: ISAPI, ASP, Index Server, HTTP ODBC, and SSI


7. How does a data request route through IIS 4.0?

A.
1. The data request enters the IIS server via NT System Services
2. The data is forwarded to Web Services
3. The data is passed to Application Services
4. The response retraces the data request's route.
B.
1. The data request enters the IIS server through Web Services.
2. The data is forwarded to Windows NT System Services
3. The data is passed to Application Services
4. The response retraces the data request's route.
C.
1. The data request enters the IIS server via NT System Services
2. The data is forwarded to Application Services
3. The data is passed to Web Services
4. The response retraces the data request's route.
D.
1. The data request enters the IIS Server via Application Services
2. The data is forwarded to Windows NT System Services
3. The data is passed to Web Services
4. The response retraces the data request's route.

>> !
Answer: A

NT System Services is the bottom layer of IIS architecture, Web Services is the middle layer, and Application Services the top layer. The data request enters at the bottom, goes through the layers to the top and then retraces its route back.


8. IIS 4.0 supports which TCP/IP protocols? (Choose all that apply)

A. File Transfer
B. Hypertext Transfer
C. Gopher
D. Network News Transfer
E. Simple Mail Transfer

>> !
Answer: A, B, D & E

Though supported in IIS 3.0, Gopher is no longer supported.


9. Which of the following connectors are supported by IIS 4.0? (Choose all that apply)

A. Microsoft Exchange Server/Web Connector
B. ODBC Connector
C. CGI
D. ISAPI Filters
E. Active Server Pages

>> !
Answer: A, B, C, D & E

All of the listed connectors are supported by IIS 4.0


10. In which layer of IIS architecture does data enter through TCP/IP and exit through WinSock

A. System Services
B. Internet Services
C. Web Services
D. Application Services
E. Presentation Services

>> !
Answer: A

NT System Services is the lowest layer in the IIS Server architecture. Data enters the layer through TCP/IP and exists through Windows Sockets.


11. The system administrator has told you that you can edit the metabase using an ASDI provider. Upon returning to your desk, what do you do?

A. Go to www.microsoft.com/downloads and download the latest ASDI provider.
B. Load HTMLA
C. Use the Resource Kit Utilities CD to load the appropriate tool.
D. Use REGEDT32.EXE

>> !
Answer: B

HTMLA, MMC and WSH are all Active Directory Service Interface (ASDI) providers and enable you to edit the metabase.


12. John works on the second floor of Tower A and the locked server room is on the twenty-fourth of Tower B. It is inconvenient to have to go to the server room every time he has an administrative task to perform on the IIS server, so John as decided to remotely manage the server from his NT 4.0 Workstation. What steps must he take to set this up?

A. He cannot remotely administer an IIS 4.0 Server from an NT 4.0 Workstation.
B. Run NT Option Pack installation program. Select Next, then Accept. Select Custom. Uncheck all components except for MMC and Option Pack Common Files. Under Peer Web Services, select ISM. Ensure this is the only component selected. Click next and follow the remainder of the instructions.
C. Run NT Option Pack installation program. Select Next, then Accept. Do a standard install. Under Peer Web Services, select ISM. Ensure this is the only component selected. Click next and follow the remainder of the instructions.
D. Run NT Option Pack installation program. Select Next, then Accept. Do a standard install. Under Internet Information Server, select ISM. Ensure this is the only component selected. Click next and follow the remainder of the instructions.

>> !
Answer: B

Do a custom install, and install only the MMC and Option Pack Common Files. Select only ISM under Peer Web Services. This will give you the ability to manage IIS and MTS remotely using the MMC. You must have administrative privileges on the server, or you will receive an "Access Denied' message.


13. In order to remotely administer an IIS server, you must connect to it. What steps do you take to do this?

A. It is not possible to remotely administer an IIS Server.
B. Open the ISM, right-click the IIS snap-in and select "Connect". Type in the domain name of the server you wish to manage and click OK.
C. Open the ISM, right-click the IIS snap-in and select "Connect". Type in the NetBIOS name of the server you wish to manage and click OK.
D. Open the ISM, right-click the domain name of the server, and select connect. Click OK.

>> !
Answer: C

Open the ISM, right-click the IIS snap-in and select "Connect". When typing in the name of the server, it must be the machine name not the domain name.


14. Your visitor's browser is requesting an ISAPI server-side script but lacks the appropriate credentials. Which error will be given to the browser in response to this request?

A. 403
B. 505
C. 911
D. 401

>> !
Answer: A

An http error code will appear when an unsuccessful attempt is made to connect to a web page. 403 - Forbidden or Connection refused by host occurs when a server denies access. This could be because of security permissions, missing password or a site requires registration for access.


15. The domain name for a Web server is www.xyz.com. If the product directory from this domain contained an .html file called widgets, the URL for this file would be:

A. http://www.xyz.com/Products/widgets.html
B. file://www.xyz.com/Products/widgets.html
C. http://widgets.html
D. http://www.xyz.com/widgets.html

>> !
Answer: A


16. Jana wants to create remote virtual servers. In order for her to do this, which of the following conditions is required?

A. Assign each site a unique host header name
B. Separate domains for every virtual server
C. Separate gateways for each virtual server
D. Install Proxy on each virtual server

>> !
Answer: A

Host Headers are used to allow multiple domain names to be hosted on an IIS Server using only one IP address. The other option to create a virtual server is to assign a unique IP address for each domain name assigned to the server.


17. After installing IIS4, you want to make sure that the WWW service is running. What two things can you do to test your installation?

A. Connect to the Internet using a client running IE 4.01, and specify the URL that points to the home directory of your Web server.
B. Ping the Web server from a computer that is connected to the Internet and running IE 4.01.
C. On the machine where IIS4 was just installed, use Internet Service Manager to confirm that the WWW service is running.
D. Using IE 4.01 on the machine where IIS4 was just installed, specify the URL that points to the home directory of your Web server.

>> !
Answer: A & D

The most quantitative proof that the WWW Service is running is to establish connectivity. By testing the connection, both locally (on the machine where IIS is installed) and remotely (through a client), it can be verified that the service is running. Pinging the Web server will only verify the TCP/IP connectivity, not the WWW Service.


18. UDP is supported by: (Choose all that apply)

A. WindowsSock Proxy
B. Web Proxy
C. Socks Proxy
D. Proxy Server 2.0 (all services)

>> !
Answer: A & B

SOCKS is a cross-platform mechanism that establishes secure communications between client and server computers. The Socks Proxy service supports SOCKS version 4.3a and allows users transparent access to the Internet by means of Proxy Server. The Socks Proxy service extends the redirection provided by the WindowsSock Proxy service to non-Windowsdows platforms. It uses TCP/IP and can be used for Telnet, FTP, Gopher, and HTTP. The Socks Proxy service does not support applications that rely on the UDP protocol.


19. Which of the following tasks should be performed to configure IIS 4.0 to support the WWW service? (Choose all that apply)

A. Set the bandwidth, user connections and default pages
B. Set user logon and authentication requirements.
C. Modify the port settings.
D. Enable the HTTP Keep-Alives.

>> !
Answer: A, B & D

Default web site and user connections are configured under the Web Site tab of the Properties sheet. Bandwidth and Keep-Alives are set under the Performance tab. User logon and authentication is found under the Directory Security tab. These items all affect performance or security. Modifying the port setting should only be used if you are hosting a secure web site where all authorized users will know what port the page is on. Otherwise, the port setting should be left at the default (80).


20. At the ABC company, administration has required internal users accessing the Web server to authenticate using a username and password with NT Challenge / Response authentication. External users are to authenticate using the anonymous account with BASIC (Clear Text) authentication. Where would you configure this?

A. Administrative Tools, User Manager for Domains, Policies, User Rights
B. Internet Service Manager, WWW Properties Sheet, Services Tab
C. Internet Service Manager, Web Site Properties Sheet, Directory Security, Edit
D. You cannot have more than one authentication method at the same time.

>> !
Answer: C

Using the ISM plug-in for the MMC, and right-clicking the WWW site, one can access the Properties sheet. Authentication schemes are found by clicking the Edit button in the Anonymous Access and Authentication Control box on the Directory Security tab.


21. Your client advertises on the internet with a Banner and wants to measure the success of her business's marketing effort by performing a cost/benefit analysis at the end of each month. She knows how much she pays for the Banner advertising but wishes to track the effectiveness of viewers looking at the banner. She asks you for your assistance in tracking this information. Which of the following will achieve this goal?

A. Enable logging on the Web Site property sheet. Use SSX to produce analysis reports.
B. Enable Log Access on the Home Directory tab of the Web property sheet.
C. Using Performance Monitor, monitor the SSLAccess Counter.
D. There is no way to accurately monitor hits on a web page using IIS 4.0. Rather, use FrontPage 98 to create a hit counter for your client.

>> !
Answer: A

Enabling logging will allow you to record details about user activity. Analysis can be done by using Usage Import (to import the log file into a database) and Report Writer (to produce analysis reports) in Site Server.


22. A user calls to complain that she cannot run an ISAPI application on the corporate intranet. She suspects her password, which she changed less than two minutes ago. The application runs on a virtual directory. What action would allow the user immediate access to the application?

A. entering her new password on the application's Directory Properties tab
B. giving her account Administrator rights
C. having her select a new password
D. stopping and restarting the WWW Service

>> !
Answer: D

Stopping and restarting the WWW Service will force an update of the user's security information.


23. When access a web site, which port is used by default?

A. Port 21
B. Port 23
C. Port 70
D. Port 80

>> !
Answer: D


24. Which of the following log formats is a customizable ASCII format?

A. MS IIS Log Format
B. W3C Extended Log Format
C. ODBC Logging
D. NCSA Common Log File Format

>> !
Answer: B

W3C Extended log file format is a customizable ASCII format.


25. Which of the following Log Formats are fixed (non-customizable)? (Choose all that apply)

A. MS IIS Log Format
B. W3C Extended Log Format
C. ODBC Logging
D. NCSA Common Log File Format

>> !
Answer: A, C & D

All available formats (except W3C Extended Log format) are fixed formats.


26. Microsoft IIS Log Format is:

A. dynamic and configurable
B. fixed (non-customizable)
C. no longer available with IIS 4.0
D. not an ASCII format

>> !
Answer: B

All available formats (except W3C Extended Log format) are fixed formats.


27. What are three good reasons to re-direct a browser?

A. Part of the Web site is under construction
B. The home directory was moved to a new location.
C. Performance tuning for the workstation
D. Many older browsers do not support the use of host header names

>> !
Answer: A, B & D

Redirecting a browser will eliminate the user getting a 404: Not found error code.


28. If you were setting up both a Web site and an FTP site on the same computer what would be the default home directory for the WWW service and the FTP service?

A. C:\Wwwroot and c:\Ftproot
B. C::\InetPub\Wwwroot and C:\InetPub\Ftproot
C. C:\InetPub\Wwwhome and C:\InetPub\Ftphome
D. C:\Wwwhome and C:\Ftphome

>> !
Answer: B

By default, the WWW Site and FTP Site are placed in the C:\InetPub directory.


29. To access files in your home directory on an intranet and your server name is MyServer, then browsers use the URL:

A. http://myserver
B. http://www.myserver.com
C. http://www.myserver.com/home
D. \\myserver

>> !
Answer: A

An intranet will use the computer name as the location of the home directory. The syntax would be: http://computername


30. If your site's Internet domain name is www.mydomain.com and your home directory is C:\Website\Mydomain, then browsers accessing files in your home directory will use the URL:

A. https://www.mydomain.com
B. ftp://www.microsoft.com
C. http://www.mydomain.com
D. http://www.mydomain.com/website

>> !
Answer: C

Your home directory is the central location for your published files in your Web site. Therefore, users wishing to access those files would go to http://www.mydomain.com.


31. How many home directories can each Web or FTP site have?

A. One
B. Two
C. Three
D. Four

>> !
Answer: A

Your home directory is the central location for your published files in your Web or FTP site. You assign the path for your home directory when configuring the site. As it is the central location, there can be only one.


32. What is Internet Information Server 4? Select the best answer.

A. IIS 4 is a website manager for the NT Server 4.0 OS
B. IIS 4 is an firewall server for the NT Server 4.0 OS
C. IIS 4 is a network file server for the NT Server 4.0 OS
D. IIS 4 is a network file and application server for the NT Server 4.0 OS

>> !
Answer: D


33. Which are true about Global Groups and Local Groups? (Choose all that apply)

A. Global Groups cannot contain Local Groups
B. Local Groups can contain Global Groups
C. Global Groups can contain Local Groups or Users
D. Local Groups can only contain Users

>> !
Answer: A & B


34. Who is the technical advisory group responsible for setting Internet standards?

A. Internet Architectural Authorities (IAA)
B. Internet Society (ISOC)
C. Internet Engineering Task Force (IETF))
D. Internet Architecture Board (IAB)

>> !
Answer: D


35. Which of the following is the best definition for Microsoft IIS 4.0?

A. Is a network file and application server for the NT server 4.0. It supports standard Information protocols and is highly extensive through the use of both ISAPI and CGI.
B. Is a network file and application server for the NT server 4.0 operating system. It supports customized protocols and is limited in its use of both ISAPI and CGI.
C. Is a network file and application server for the NT server 4.0 operating system. It supports standard Information protocols but is not compatible with ISAPI and CGI.
D. None of the above

>> !
Answer: A


36. Microsoft Internet Information Server 4.0 is the base component for implementing an Internet or intranet on the following operating systems: (Choose all that apply)

A. Windows NT Server 4.0
B. Windows NT Server 3.51
C. Windows NT Workstation 4.0
D. Windows NT Workstation 3.51
E. Windows 95

>> !
Answer: A, C & E


37. Listed below are some of the components of the NT 4.0 Option Pack. Which are considered core components of the IIS Platform? (Choose all that apply)

A. Microsoft Certificate Server 1.0
B. Microsoft Data Access Components 1.5
C. Microsoft Management Console 1.0
D. Microsoft Site Server Express 2.0
E. Microsoft Transaction Server 2.0

>> !
Answer: A, C, D & E


38. Which of the following is contained in the metabase? (Choose all that apply)

A. IIS help file location
B. Virtual directory security
C. Website home directory
D. MMC snap-in information
E. MIME mapping

>> !
Answer: A, B, C, D & E


39. You are installing IIS on a Windows 95 machine and want to use Index server. What do you need to do?

A. Choose Custom Install
B. Choose Minimum Install
C. Choose Typical Install
D. Install NT Server 4.0

>> !
Answer: D


40. Rhianna, the Director of R-U-Able Nursing Home, has requested that you install IIS 4.0 on her computer. Which of the following tasks are required before you perform the installation?

A. Configure a Microsoft Windows NT Server 4.0 computer.
B. Download the IIS 4.0 software from the Microsoft Web site.
C. Install Service Pack 3.
D. Configure the existing operating system software on Rhianna's computer to recognize IIS 4.0 when installed.
E. Verify that the TCP/IP protocol is being used.

>> !
Answer: A


41. You have just completed setting up IIS on your machine to manage the company intranet. Hours are from 6am to 6pm. You do not want logons or access to your server, or the network, after 6pm. How can you accomplish this? (Choose all that apply)

A. In User Manager for Domains, select all user accounts. Under the User menu, Properties Item, Hours button, deselect 6pm to 6am
B. In System Policy Editor, Default User, Properties, System, Restrictions, set logon hours. Add the Everyone group.
C. In User Manager for Domains, Policy Menu, Account Item, select "Forcibly Disconnect Remote Users from Server when Logon Hours Expire".
D. In System Policy Editor, create a new default group policy. In Properties, System, Restrictions, set logon hours. Add the Everyone group.
E. In System Policy Editor, Default Computer, Properties, NT System, Logon, set logon hours for the computer.

>> !
Answer: A & C


42. When implementing an Internet site for a single-domain environment, you can resolve the host header name by: (Choose all that apply)

A. using a HOSTS file on the client computer
B. using DNS
C. using a LMHOSTS file on the client computer.
D. none of the above.

>> !
Answer: A & B


43. Internet Information Server 4.0 will run on which three operating systems? (Choose all that apply)

A. Windows NT Server 3.51
B. Windows 95 OSR2
C. Windows NT Server 4.0 SP3
D. Windows NT Workstation 4.0
E. Windows for Workgroups 3.11

>> !
Answer: B, C & D


44. Which of the following are components of IIS 4.0? (Choose all that apply)

A. File Transfer Protocol Service
B. Gopher Service
C. Simple Mail Transfer Protocol Service
D. Microsoft Transaction Server
E. Certificate Server

>> !
Answer: A, C, D & E


45. Lauren, the system administrator, is installing IIS 4.0 on two computers: one is a Pentium and the other, an Alpha. After installation, she notices some differences between the two installs. What are they?

A. The Intel lacks Visual Basic and Visual J++ components and samples, as well as the Server-Side Java Virtual Machine.
B. The Alpha lacks Visual Basic and Visual J++ components and samples, as well as the Server-Side Java Virtual Machine.
C. The Intel lacks Visual InterDev and Visual C++ components, as well as the Server-Side Java Virtual Machine.
D. The Alpha lacks Visual InterDev and Visual C++ components, as well as the Server-Side Java Virtual Machine.

>> !
Answer: B


46. Judy wants to set up Internet Information Server to run Microsoft Transaction Server, but also wants to take advantage of the remote administration features of Internet Service Manager (HTML). Which installation options should Judy choose? (Choose all that apply)

A. Minimum
B. Maximum
C. Typical
D. Custom

>> !
Answer: A, C & D


47. Which of the following is the recommended hardware requirement to implement IIS 4.0 on an Intel x86 platform?

A. Processor: 486/50 MHz RAM: 16 MB Disk Space: 50 MB Monitor: VGA
B. Processor: 486/66 MHz RAM: 16 MB Disk Space: 50 MB Monitor: VGA
C. Processor: P90 MHz RAM: 32 MB Disk Space: 200 MB Monitor: Super VGA
D. Processor: 150 MHz RAM: 48 MB Disk Space: 50 MB Monitor: VGA
E. Processor: 200 MHz RAM: 64 MB Disk Space: 200 MB Monitor: Super VGA

>> !
Answer: C


48. Which of the following is the minimum hardware requirement to implement IIS 4.0 on an Intel x86 platform?

A. Processor: 486/50 MHz RAM: 16 MB Disk Space: 50 MB Monitor: VGA
B. Processor: 486/66 MHz RAM: 16 MB Disk Space: 50 MB Monitor: VGA
C. Processor: P90 MHz RAM: 32 MB Disk Space: 200 MB Monitor: Super VGA
D. Processor: 150 MHz RAM: 48 MB Disk Space: 50 MB Monitor: VGA
E. Processor: 200 MHz RAM: 64 MB Disk Space: 200 MB Monitor: Super VGA

>> !
Answer: A


49. Patrick is a Network Administrator who is responsible for maintaining a small network consisting of 2 NT Workstation:s and an NT server attached to a high-speed cable modem. Both clients access the Internet via the LAN through the Proxy Server. Currently, Proxy 1.0 is installed. When Patrick tries to install IIS4, he is told he must upgrade to Proxy 2.0 and he does so. After successfully upgrading from IIS3 to IIS4, none of the clients can see the Internet. Why?

A. IIS version 4.0 is not compatible with Microsoft Proxy Server 1.0.
B. Patrick used ISM for IIS 3.0 to configure administrative properties for IIS 4.0.
C. In order to install the newer IIS 4.0 version of this file, you must manually remove the older version of Default.ost
D. Present installations of Proxy Server 2.0 will not function properly after IIS 4.0 has been installed. You should rerun Proxy Server 2.0 Setup after installing IIS 4.0.

>> !
Answer: D


50. Using HTMLA, one can manage the server remotely from anywhere on the Internet. Which tasks cannot be managed remotely?

A. Certificate mapping
B. Managing user accounts
C. Adjusting server properties
D. Administering authentication keys
E. Tracking event logs

>> !
Answer: A


51. If you are using NTFS access permissions and users need to run CGI applications, what directory permissions will they need for the directory the application resides?

A. Create
B. Read
C. Special Access
D. Full Control

>> !
Answer: C


52. John, the system administrator for Widgets Technology, has been directed to implement an IIS 4.0 server. He is presently running NT 4.0 with SP 3 installed, on a PII/400, with 128 MB RAM and 500 MB of free hard disk space. The server is currently being used to run Exchange 5.0, which is running NetBEUI. There is no money in the budget to purchase or upgrade systems.

Required result:
Implement IIS 4.0 to provide the company's Internet presence as well as provide the employees with Internet mail access.

Optional Result 1:
Provide employees with secure access through a Web page to confidential information.

Optional Result 2:
Allow the webmaster to publish content to the Internet.

Proposed Solution:
Install IIS 4.0, and convert the partition to NTFS. Provide the company's Internet presence as well as provide the employees with Internet mail access.

A. The solution meets the required result and both optional res
B. The solution meets the required result and one optional resu
C. The solution meets the required result only.
D. The solution does not meet the required result.

>> !
Answer: D


53. John, the system administrator for Widgets Technology, has been directed to implement an IIS 4.0 serev. He is presently running NT 4.0 with SP 3 installed, on a PII/400, with 128 MB RAM and 500 MB of free hard disk space. The server is currently being used to run Exchange 5.0, which is running NetBEUI. There is no money in the budget to purchase or upgrade systems.

Required result:
Implement IIS 4.0 to provide the company's Internet presence as well as provide the employees with Internet mail access.

Optional Result 1:
Provide employees with secure access through a Web page to confidential information.

Optional Result 2:
Allow the webmaster to publish content to the Internet.

Proposed Solution:
Install TCP/IP protocol through the Network icon in Control Panel, and have the DHCP Server automatically assign the IP address. Install IIS 4.0 and verify that SMTP service is selected. Convert the partition to NTFS.

A. The solution meets the required result and both optional res
B. The solution meets the required result and one optional resu
C. The solution meets the required result only.
D. The solution does not meet the required result.

>> !
Answer: B


54. What administrative tools are provided with Internet Service Manager? (Choose all that apply)

A. Network Monitor
B. Performance Monitor
C. System Policy Editor
D. User Manager
E. Disk Administrator

>> !
Answer: B & D


55. What is a metabase?

A. A registry hive that controls the IIS 4.0 configuration deta
B. A memory resident data store that contains configuration par
C. IIS 4.0's replacement for the registry
D. A large SQL database that uses ODBC connectivity

>> !
Answer: B


56. You want to create a proprietary authentication that meets the needs of your company. What technique should be used?

A. Create a Win32 program that will interact with the Windows NT user database.
B. Create an ISAPI filter using the Win32 SDK.
C. Create a CGI script that handles all user authentication.
D. A proprietary authentication method cannot be created.

>> !
Answer: B


57. Which Internet Information Server service layer provides support for process isolation?

A. Transport Services
B. Internet Services
C. Application Services
D. Network Services

>> !
Answer: C


58. Which of the following are components of Application Services?

A. ISAPI
B. Server Side Include
C. HTMLA (HTML-based Administration)
D. HTTP ODBC

>> !
Answer: A


59. You are having trouble preventing an anonymous user from accessing your site. What measures should be taken to prevent this occurrence?

A. Disable the anonymous user account in Server Manager for Domains
B. Delete the anonymous user account in Server Manager for Domains.
C. Convert the current partition to NTFS.
D. In the Authentication Methods dialog box, make sure that the Allow Anonymous Access check box is not selected.

>> !
Answer: D


60. An anonymous user cannot access your site. What could be the cause? (Choose all that apply)

A. The anonymous user's password is the same in both Internet Service Mgr and User Mgr
B. The anonymous user's password is the different in Internet Service Mgr from User Mgr
C. Allow Anonymous Access is selected, but Allow Only Anonymous Access is not
D. The account IUSR_computername is disabled in User Manager

>> !
Answer: B & D


61. You need to be able to configure the extended logging features of the WWW service to display the resource accessed; for example, an HTML page, a CGI program, or a script. What field would you choose on the Extended Properties property sheet?

A. URI Query
B. Cookie
C. Http Status
D. URI Stem

>> !
Answer: D


62. Where would you start to change configuration properties pertaining to connections on the WWW Service: how many users can connect, and how long you tolerate an idle connection before dropping it?

A. Web Site property sheet
B. Directory property sheet
C. Optimization property sheet
D. Connections property sheet and the Idle time property sheet

>> !
Answer: A


63. You wish to maximize the security on your FTP server, while allowing the greatest number of users to download data. You have set the security for the FTP home directory to Read and Log Access. You have created virtual directories What else should you do?

A. Under the Security Accounts tab of the FTP Properties sheet, deselect Allow Anonymous Connections. Assign share and NTFS security permissions to NT users and groups. Access will be given only to valid NT user accounts.
B. In User Manager for Domains, create a Global Group, Anonymous. Create a specific account for anonymous access, and make it a member of the Anonymous Group. Under the Security Accounts tab of the FTP Properties sheet, select Allow Anonymous Connections. Assign share and NTFS security permissions to NT users and groups. Access will be given only to those using the correct anonymous username and password, or those with valid NT user accounts. Access level will depend on NT security.
C. Under the Security Accounts tab of the FTP Properties sheet, select Allow Anonymous Connections. Assign share and NTFS security permissions to the IUSR_COMPUTERNAME account and to valid NT users and groups. Access level will depend on NT security.
D. Under the Security Accounts tab of the FTP Properties sheet, select Allow Anonymous Connections and Allow only anonymous connections. Assign share and NTFS permissions to the default account created by NT. Access level will depend on NT security.

>> !
Answer: D


64. Patrick, a member of the Systems and Informatics Directorate of a Government department, has recently set up the subnetting scheme so that all Directorates are on their own subnet, using static IP addresses. The IP address is Class C, 192.1.1.x, with a subnet mask of 255.255.255.240. Systems and Informatics Directorate is using 192.1.1.16-31. Finance and Planning is using 192.1.1.32-47. Corporate is using 192.1.1.48-63. Human Resources are using 192.1.1.64-79. Publications are using 192.1.1.80-95. Shipping and Receiving is using 192.1.1.96-111. The remainder of the subnets are being held for future growth.
Patrick has also recently set up a private intranet site for the Human Resources Directorate. There will be sensitive information available on this site, and only senior members of this directorate should be able to access it.
Which two steps should Patrick take to accomplish this?

A. Under the WWW Service Properties, Directory Security Tab, IP Address and Domain Name Restrictions, select Deny Access.
B. Under the WWW Service Properties, Directory Security Tab, IP Address and Domain Name Restrictions, select Grant Access.
C. Click the Add button. Select Single Computer and add the first allowed IP Address. Click OK. Repeat this procedure until all allowed IP addresses have been added.
D. Click the Add button. Select Group of Computers. In the Network ID, type 192.1.1.64 (the first number belonging to the Human Resources subnet), and in the subnet mask box, enter 255.255.255.240.
E. Click the Add button. Select Domain Name. Type in Human Resources.

>> !
Answer: A & C


65. Chris administers a WWW Site that allows both anonymous access for the public and NT User Account access for corporate employees. The general public is to have access to the public page only, while the corporate employees need to be able to access the private intranet. Permissions have been set through NTFS security. Recently, he has discovered that a hacker has gotten hold of a number of NT Usernames and passwords, because the information has been transmitted in clear text format. How should Chris resolve this problem?

A. Under WWW Site Properties, Security Accounts Tab, Password Authentication Method, Edit Button, he should select Windows NT Challenge/Response Authentication so that the passwords are encrypted. Allow Anonymous Access should already be selected.
B. Under WWW Site Properties, Directory Security Tab, Password Authentication Method, Edit Button, he should deselect Allow Clear Text and select Basic Authentication, so that the passwords are encrypted.
C. Under WWW Site Properties, Directory Security Tab, Password Authentication Method, Edit Button, he should select Windows NT Challenge/Response Authentication, so that the passwords are encrypted. Allow Anonymous Access should already be selected.
D. Under WWW Site Properties, Security Accounts Tab, he should selection Allow only anonymous connections, so that no NT usernames or passwords are sent.

>> !
Answer: C


66. As the administrator of a Web Server, you wish to block access to one group of clients, whose IP addresses range from 152.1.32.1 to 152.1.63.254. What network ID and subnet mask would you use to accomplish this?

A. Under Network ID, enter 152.1.0.0. Under Subnet Mask, enter 255.255.192.0.
B. Under Network ID, enter 152.1.32.0. Under Subnet Mask, enter 255.255.224.0.
C. Under Network ID, enter 152.1.32.0. Under Subnet Mask, enter 255.255.192.0.
D. Under Network ID, enter 152.1.0.0. Under Subnet Mask, enter 255.255.224.0.

>> !
Answer: B


67. Ricki wants to use Host Headers to assign one IP address to multiple FTP sites. How does she do this?

A. Through the Host headers tab in the properties sheet.
B. Through the Host headers icon in Control Panel.
C. Through the Network Icon, Protocol tab, TCP/IP Properties.
D. She cannot do this.

>> !
Answer: D


68. While in the process of setting up virtual servers, Joseph decides to enable logging. He right clicks on the computer icon and brings up the master properties sheet. He then selects Logging.
After completing the setup of virtual server:s, he begins the testing stage. He notices that some servers are logging the information requested, while others are not. What is the problem?

A. There is no Master property sheet for the WWW Service.
B. Changing the settings on Master Property sheets will only change settings for actual servers, not virtual ones.
C. Changing the settings on Master Property sheets will only change settings for virtual servers, but not actual servers.
D. Changing the settings on Master Property sheets will only change settings for subsequent sites, not the ones previously created.

>> !
Answer: D


69. How do you adjust Performance Tuning for a WWW Site?

A. Through Control Panel, Services Icon, select WWW Services, Click Edit
B. Through MMC, Right Click WWW Service, Properties, Performance Tab
C. Through System Administrator, Click WWW Service, Properties, Configuration Tab
D. Through ISM, Right Click WWW Service, Performance Monitoring, Edit

>> !
Answer: B


70. Which of the following can be the Home Directory for a web site? (Choose all that apply)

A. \Wwwroot
B. Any directory on the local computer
C. A share located on another computer
D. A redirection to an URL
E. Only the default home directory configured for IIS at installation

>> !
Answer: A, B, C & D


71. Jack has been hired by a major movie studio to create web pages for upcoming releases. Always conscious of his customer base, Jack wants to ensure that the web pages for the more violent movies cannot be accessed by younger children whose parents are monitoring their Internet use. What should Jack do?

A. Jack should develop a Welcome page that lists the new releases and their theatre ratings. Parents will then be warned if the content is inappropriate for their children.
B. Under Web Site Properties, Directory Security, Jack should select Content Ratings, so that each page is automatically rated. If their browser supports this, parents will then be warned if the content is inappropriate for their children.
C. On the Web Server browser, View, Internet Options, Content Tab, Jack should enable Content Advisor. If their browser supports this, parents will then be warned if the content is inappropriate for their children.
D. Under Web Site Properties, HTTP Header, Jack should edit Content Ratings to set ratings on each site, so that each page is automatically rated. If their browser supports this, parents will then be warned if the content is inappropriate for their children.

>> !
Answer: D


72. Rather than have her users receive a 403 - Access Forbidden code when they go to a page on their Intranet for which they do not have permission, Nicole would like a more user-friendly message to appear "You do not have access rights to this page. Please use the 'back' button to return to your previous location.". How can she do this?

A. Using a redirector, Nicole can route those users to an URL which displays the message.
B. Nicole can configure the message using NT. NT's messenger service will notify users with the personal message when they do not have access to the site.
C. Using Custom Errors, Nicole can configure the message to appear after the 403 - Access Forbidden code.
D. This is not configurable, as the messages occur on the Internet and are out of Nicole's control.

>> !
Answer: C


73. What are the steps involved in creating a virtual directory?

A. Right click Web Site, click New, click Virtual Directory. Type the path (e.g.: :\inetpub\vdir).Click next. Create an alias. Click Finish
B. Right click Web Site, click New, click Virtual Directory. Create an alias. Click next. Type the path (e.g.: http://computername /inetpub/vdir). Click Next. Click Finish
C. Right click Web Site, click New, click Virtual Directory. Create an alias. Click next. Type the path (e.g.: c:\inetpub\vdir). Click Next. Click Finish
D. Right click Web Site, click New, click Virtual Directory. Click next. Type the path (e.g.: http://computername /inetpub/vdir). Click Next. Create an alias. Click Finish

>> !
Answer: C


74. What steps are involved to create a virtual server using Host Headers?

A. In ISM, right-click the computer icon. Click "New" and then "Web Site". Enter a description, click next, enter the loopback address, click next, enter the path (e.g.: c:\Inetpub\Vir), click next, choose the permissions, etc., click finish. Right click the new Web Site and access the properties dialog box. Click advanced. Select the IP address, and in the Host Header box enter the alias. Click OK. Click OK in the Advanced Multiple Web Site Configuration box.
B. In ISM, right-click the computer icon. Click "New" and then "Web Site". Enter a description, click next, enter the IP address of the computer running IIS, click next, enter the path (e.g.: c:\Inetpub\Vir), click next, choose the permissions, etc., click finish. Right click the new Web Site and access the properties dialog box. Click advanced. Select the IP address, and in the Host Header box enter the alias. Click OK. Click OK in the Advanced Multiple Web Site Configuration box.
C. In ISM, right-click the computer icon. Click "New" and then "Web Site". Enter a description, click next, enter the loopback address, click next, enter the path (e.g.: http://Inetpub/Vir), click next, choose the permissions, etc., click finish. Right click the new Web Site and access the properties dialog box. Click advanced. Select the IP address, and in the Host Header box enter the alias. Click OK. Click OK in the Advanced Multiple Web Site Configuration box.
D. In ISM, right-click the computer icon. Click "New" and then "Web Site". Enter a description, click next, enter the IP address of the computer running IIS, click next, enter the path (e.g.: (e.g.: http://Inetpub/Vir)), click next, choose the permissions, etc., click finish. Right click the new Web Site and access the properties dialog box. Click advanced. Select the IP address, and in the Host Header box enter the alias. Click OK. Click OK in the Advanced Multiple Web Site Configuration box.

>> !
Answer: B


75. When Host Headers have been enabled, what else must be done to allow users to view virtual servers? (Choose all that apply)

A. Install and configure DNS
B. Place a LMHOSTS file on each client's computer
C. Install WINS
D. Place a HOSTS file on each client's computer

>> !
Answer: A & D


76. Users have been complaining that they cannot access the new web sites that Sean has recently set up. He used host header names to operate multiple domain names under the same IP address. All users are using IE 4.0. Sean has doubled checked the set up and found the following information:

All ports have been set to 80
All sites have been assigned the same IP address
Each site has a unique host header name
All names have been registered with the DNS Server.

Everything looks fine, but no one can reach the sites. What is wrong?

A. Each web site must be on a separate port
B. The users' browsers are not compatible with host headers
C. Sean has forgotten to start the web sites
D. The names must be registered with a WINS Server also

>> !
Answer: C


77. What two ways can you access the Properties menu for an item in the MMC?

A. Right-click the object, select Properties
B. Under File, select Properties
C. Under Action, select Properties
D. Under Edit, select Properties

>> !
Answer: A & C


78. You wish to configure a server to run SQL, host an FTP Site and multiple web sites. You only have one IP Address. You are using Host Headers. How are you going to configure this?

A. You cannot host an FTP site and multiple web sites under one IP address. Host Headers can only be used for the WWW Service, and not for FTP.
B. Install SQL Server on a separate NTFS partition. Create one FTP Site, configure it appropriately. Create multiple web sites, use host headers to assign one IP address to the multiple sites.
C. You cannot install SQL Server on the same machine as your FTP and Web Sites.
D. Put SQL Server on a FAT partition. Assign it SSL security. Create one FTP Site, configure it appropriately. Create multiple web sites, use host headers to assign one IP address to the multiple sites.

>> !
Answer: B


79. Sharon calls you to inform you that she has recently been promoted to Manager and needs access to Reporter, a custom ISAPI application on the corporate intranet. You add her to the Managers group, who has NTFS Execute permission. Five minutes later, Sharon calls back. She is still unable to run the application, even though Mark, another member of the group, is having no problem. What can you do to allow Sharon immediate access to the application?

A. Assign Sharon's user account Execute permission.
B. Assign the Manager's group Read permission.
C. Stop and restart the WWW Service.
D. Assign Sharon's user account Read permission.

>> !
Answer: C


80. You are running an ISAPI application that is slowly utilizing more and more resources. How do you resolve this problem?

A. Implement Microsoft Transaction Server
B. Run the application in its own memory space
C. Covert it to a CGI script
D. Add RAM
E. Open the application in Word 97 and enter the following line: unable to follow directions Save the file.Before closing, highlight the new line of code and press SHIFT-F7 Verify the information contained in the right hand dialog box.

>> !
Answer: B


81. You want all your web pages to have the extension .HTMH. How do you add this so that users can access your pages?

A. Custom HTTP Headers
B. MIME Map
C. Default Directory
D. This cannot be done

>> !
Answer: B


82. For IDC, the ODBC Data Source Name must be a:

A. File DSN
B. System DSN
C. Global DSN
D. Public DSN

>> !
Answer: B


83. Which ODBC drivers can be used with the IDC? (Choose all that apply)

A. 32-bit SQL server
B. Access 2.0
C. Access 95
D. 32-bit FoxPro

>> !
Answer: A, C & D


84. The IDC DLL is built using:

A. CGI
B. VB
C. HTTP
D. ISAPI

>> !
Answer: D


85. Words ignored during a search are called:

A. Ignore words
B. Noise words
C. Common words
D. Non-indexed words

>> !
Answer: B


86. Free text queries begin with what prefix?

A. $Contents
B. $Free
C. $Query
D. $Index

>> !
Answer: A


87. A query of the form "setup program"[400] is called a/an:

A. Array query
B. Weighted query
C. Vector space query
D. Free text query

>> !
Answer: C


88. From the following list, identify the three main ADO objects:

A. Connection
B. Input
C. Command
D. Research
E. Recordset

>> !
Answer: A, C & E


89. ADO is designed to work with which of the following programming languages: (Choose all that apply)

A. Fortran
B. Visual Basic
C. C++
D. Java

>> !
Answer: B, C & D


90. A search condition consists of:

A. One or more predicates combined with AND, OR, and NOT.
B. A syntax statement.
C. The identity of the search source.
D. The FreeText Predicate only.

>> !
Answer: A


91. The child process that is responsible for filtering documents by identifying the correct filter DLL and word-breaker DLL associated with a specific document is:

A. Index
B. CiDaemon
C. CiCatalog
D. CiChild

>> !
Answer: B


92. What information is contained in the metabase.

A. IIS Help file location
B. Web site home directory location
C. MMC snap-in information
D. Site Server toolbar settings

>> !
Answer: B

The metabase includes all the entries pertinent to Internet Information Server administration. The different types of property settings stored in the metabase are:

  1. Computer and Web site properties
  2. Logging properties
  3. FTP-specific properties
  4. HTTP-specific properties
  5. Virtual directory and directory properties
  6. File properties
  7. ISAPI filter properties
  8. SSL key properties

The Web site home directory location is stored in the metabase and can be viewed using Internet Service Manager. MMC snap-in information is stored in the MMC configuration. Site Server toolbar settings are stored in that administrative application. The IIS Help file location is stored in the IIS Help application. The IIS metabase is located in %systemroot%\system32\Inetsrv\metabase.bin. Some parameters/settings stored in the metabase are:
  • Virtual roots
  • Mime map
  • Access rights
  • Bandwidth throttling
  • Maximum connections
  • HTTP keep-alive
  • Primary Scripting Language
  • FTP messages
  • Web Default Document
  • Enable Logging


93. John is accessing the Web site of his company from home. While browsing the site, he receives the following error message: HTTP/1.1 403 Access Forbidden Which of the following problems could be causing the above error.

A. The system administrator of the Web site changed John´s access to the Web site yesterday.
B. The default document has not been specified in the Web site, Properties, Documents tab.
C. The hypertext link John is trying to access is broken.
D. Windows Challenge/Response is being used.

>> !
Answer: B

The HTTP/1.1 403 Access Forbidden error may be caused by any of the following:

  1. The file designated as the default document for the site does not exist. This default file for a Web site is typically Default.htm or Default.asp.
  2. The site has been configured to use to use a secure channel over the HTTPS protocol, but the browser uses HTTP as its protocol instead.
  3. The user is trying to execute a CGI, ISAPI, or other execution program from a directory that does not allow programs to be executed.

HTTP 401.x errors refer to authentication failures. HTTP 403.x errors occur because access to data is forbidden. HTTP 404.x errors occur when a resource is not located. Here is a list of some common 401.x, 403.x, and 404.x errors:

401.1 Unauthorized -- Logon failed
401.2 Unauthorized -- Logon failed due to server configuration
401.3 Unauthorized -- Unauthorized due to ACL on resource
401.4 Unauthorized -- Authorization failed by filter
401.5 Unauthorized -- Authorization failed by ISAPI/CGI application
403.1 Forbidden -- Execute Access Denied
403.2 Forbidden -- Read Access Denied
403.3 Forbidden -- Write Access Denied
403.4 Forbidden -- SSL required (use https:// ... on client)
403.5 Forbidden -- SSL 128 required (128-bit version of SSL)
403.6 Forbidden -- IP Address rejected (client's IP address has been blocked)
403.7 Forbidden -- Client Certificate Required
403.8 Forbidden -- Site Access Denied (Web server is down or user does not have permission to connect to the site)
403.9 Forbidden -- Too many users
403.10 Forbidden -- Invalid configuration (on the Web server)
403.11 Forbidden -- Password change (user entered wrong password)
403.12 Forbidden -- Mapper denied access (client certificate map is denied access)
404 File not found


If the system administrator modifies John's access to the Web site, it will affect his access from work as well as from home. If John's browser does not support Windows NT Challenge/Response Authentication, and no other authentication method is supported by IIS, then he will get HTTP Error 401. If the hypertext link is broken, he will get HTTP Error 404 - file not found.


94. As a security measure, you change the TCP port in the FTP Site Properties to 19,860. Some users complain that they are unable to access the FTP site. What might be the cause of the problem.

A. You cannot set the TCP port to a number above1023.
B. The users having problems are still accessing port number 21.
C. The users must access port number 80.
D. You cannot set the TCP port to an even number.

>> !
Answer: B

If you want to limit access to your FTP site, you can change the control connection port number (default 21) to a TCP port number greater than 1023. This effectively "hides" your site. Any application using TCP or UDP for its transport is assigned a unique identification. This is known as its TCP (or UDP) port number. On the client, the application uses a dynamically assigned port number. On the server, the administrator can configure the port number. To connect to the server, the client application must know which port number is being used on the server so that it can direct packets to that application on the server. Since port numbers 1 through 1023 are already reserved for commonly used applications, an administrator should assign port numbers greater than 1023.


95. Which of the following is the default TCP port number for the WWW service.

A. 20
B. 21
C. 25
D. 80

>> !
Answer: D

A server application or process that uses TCP as a transport protocol has at least one preassigned port number. For example, the preassigned port numbers for FTP server services are 20 (data) and 21 (control); the preassigned port number for the SMTP service is 25; and the preassigned port number for the HTTP (WWW) service is 80. The preassigned port number for the NNTP service is 119. SSL connections are made through separate ports. For example, the SSL port for WWW is 443; the SSL port for NNTP is 563.


96. You want to monitor FTP service sessions in real time. What is the best utility to use.

A. netstat
B. Performance Monitor
C. Windows NT Application Event Monitor
D. FTP Logging

>> !
Answer: B

Both netstat and Performance Monitor are used to monitor FTP sessions. The major difference between the two tools is that netstat shows static information (a "snapshot") about events at a given point in time, whereas Performance Monitor shows events happening in real time. You can also use "Current Sessions" in FTP Site properties in Internet Service Manager to monitor current sessions. Windows NT Event Viewer only logs critical errors; it does not log application usage. FTP log files can be enabled to log usage, but they are generally processed offline and not in realtime.


97. What are the requirements for the installation of the SMTP service. (Choose all that apply)

A. DHCP
B. NTFS
C. TCP/IP on the clients
D. Server NetBIOS name resolution
E. Server host name resolution

>> !
Answer: B, C & E

NTFS is required for SMTP to provide file- and folder-level security (e.g., for Pickup and Queue mail folders). TCP/IP is required on all SMTP clients because SMTP is a TCP/IP application. TCP/IP uses host name resolution to resolve host names to IP addresses. NetBIOS name resolution resolves NetBIOS names to IP addresses, and only works on Windows operating systems. Other operating systems, such as Unix, may not use NetBIOS names. DHCP is not required for SMTP; it is a service for automatically configuring TCP/IP on clients.


98. During the installation of IIS on the Windows NT server named PCAGE, an account named IUSR_PCAGE is created. After one week Mike, the system administrator, changes that account´s default password in the Web Site Properties, Directory Security, Anonymous user account. The users start complaining that they cannot log on as anonymous users. What should Mike do to fix this problem.

A. Re-install IIS
B. Re-generate the randomly generated password
C. Change the IUSR_PCAGE account password in the User Manager to the same password assigned in IIS
D. Change the Guest account password in the User Manager to the same password assigned in IIS

>> !
Answer: C

The Internet Guest account specified here, IUSR_PCAGE, is automatically created during installation of IIS on the Windows NT server named PCAGE. It must be a valid Windows NT user account on the server computer, and the password specified in the Web Site Properties, Directory Security, Anonymous user account must match the password for this user in the computer's user database. The user accounts and passwords are configured using Windows NT User Manager. The Guest account mentioned in Choice D is the account, created during Windows NT installation, by which users who do not have a specific account can log on to Windows NT and access the file and print services of the server. The Internet Guest Account, IUSR_<computername>, which is created during IIS installation, is not the same as the Guest account mentioned in Choice D. Windows internally uses the Internet Guest account when anonymous users log in to access various IIS services such as WWW and FTP.


99. Mike was a member of the Sales group. In the restructuring of the company, he is promoted to the Finance department of the company. The Finance department people access an ISAPI application, Books.dll, over the intranet. Mike tries to use this application, but he receives an error message. Tom, another employee of the Finance department, is able to run the application without any problems. What is the best way to allow Mike to run the finance application.

A. Give Mike the appropriate NTFS file permissions on the finance application.
B. Add Mike to the Finance group using User Manager for Domains.
C. Configure Mike's account to give him access to all the files being accessed by the Finance department.
D. Mike has to use an SSL-enabled browser to use the finance application on the intranet.

>> !
Answer: B

To run the finance application, the user needs access to the Books.dll file. The two ways to allow Mike to run the finance application are to assign permissions on the file to his individual user account, or to add his account to the Finance group which has access to the file. When any user account is added to a group, it inherits all the permissions of that group. This is the best way to grant permissions. Note that this question assumes that Mike is not a member of any group which has No Access permission on Books.dll. If he were a member of such a group, he would automatically have No Access permission, no matter what other permissions he had through other groups.


100. What can be saved in the MMC file which has the extension .msc. (Choose all that apply)

A. Loaded snap-ins
B. Web site security settings
C. Window configuration
D. Virtual directory location
E. TCP port numbers for Web sites

>> !
Answer: A & C

Saving a console to a file preserves its list of loaded snap-ins and window configuration for later use. After you save a console, you can deliver it on a floppy disk or put it in a shared folder on your network. You can prevent users from changing the console by giving users read-only access to the shared folder containing the MMC file. Console files have a default extension of .msc.


101. John's friend gives him the URL of a new Web site he designed himself. John goes home and tries to access the new site, but he gets the following message: Error 403.2 Access Forbidden Why did John get this error message.

A. SSL is not being used on the browser.
B. SSL is being used on the browser.
C. Windows NT Challenge/Response is being used.
D. The NTFS file permissions are not correct.

>> !
Answer: D

The HTTP/1.1 403 Access Forbidden error may be caused by any of the following:

  1. The file designated as the default document for the site does not exist. This default file for a Web site is typically Default.htm or Default.asp.
  2. The site has been configured to use to use a secure channel over the HTTPS protocol, but the browser uses HTTP as its protocol instead.
  3. The user is trying to execute a CGI, ISAPI, or other execution program from a directory that does not allow programs to be executed.

HTTP 401.x errors refer to authentication failures. HTTP 403.x errors occur because access to data is forbidden. HTTP 404.x errors occur when a resource is not located. Here is a list of some common 401.x, 403.x, and 404.x errors:

401.1 Unauthorized -- Logon failed
401.2 Unauthorized -- Logon failed due to server configuration
401.3 Unauthorized -- Unauthorized due to ACL on resource
401.4 Unauthorized -- Authorization failed by filter
401.5 Unauthorized -- Authorization failed by ISAPI/CGI application
403.1 Forbidden -- Execute Access Denied
403.2 Forbidden -- Read Access Denied
403.3 Forbidden -- Write Access Denied
403.4 Forbidden -- SSL required (use https:// ... on client)
403.5 Forbidden -- SSL 128 required (128-bit version of SSL)
403.6 Forbidden -- IP Address rejected (client's IP address has been blocked)
403.7 Forbidden -- Client Certificate Required
403.8 Forbidden -- Site Access Denied (Web server is down or user does not have permission to connect to the site)
403.9 Forbidden -- Too many users
403.10 Forbidden -- Invalid configuration (on the Web server)
403.11 Forbidden -- Password change (user entered wrong password)
403.12 Forbidden -- Mapper denied access (client certificate map is denied access)
404 File not found

Error 403.2 occurs if the permissions (NTFS or IIS) on the file or folder being accessed are not sufficient. If the server had SSL-enabled content and the browser was using HTTP, John would get HTTP Error 403.4: SSL Required. An incorrect authentication method would result in authentication failure, and John would get HTTP Error 401.


102. Your company has been assigned one IP address from InterNic. You want to configure two virtual servers on IIS 4.0. What is the best way you can configure two virtual servers using just one IP address.

A. Assign the same IP address to each server.
B. You cannot configure two virtual servers using just one IP address. You must obtain another IP address.
C. Use custom HTTP headers on IIS 4.0.
D. Add host headers on IIS 4.0.

>> !
Answer: D

IIS 4.0 not only provides support for hosting multiple Web sites on a single computer running Windows NT Server, but also for hosting them on a single IP address. IIS provides this capability through the use of a host header that is supported by most newer browsers (Internet Explorer 4.0 and Netscape 4.0, for example) and some older ones. Host headers are supported by HTTP 1.1. Web sites have a descriptive name and can support one or more host header names. Host header names make the hosting of multiple domain names on one Web site possible. The browser sends the host header (which includes the name of the Web site it is trying to access) to the server. The client must also be able to resolve the host name to an IP address using DNS or a HOSTS file. Not all browsers support the use of host header names. If a visitor attempts to contact your site with an older browser that does not support host headers, the visitor gets the default Web site assigned to the address (if a default site is enabled), which may not necessarily be the site requested. Custom HTTP headers are used to send messages such as cache pages from the server to the browser. You can configure two virtual servers on a computer using the same or different IP addresses. The two virtual servers may use the same Web content or different Web content.


103. You are away from your office for a meeting with representatives of a prospective client. Your company creates Web sites for its customers. You want to show the representatives a sample of a site you developed, but they do not have an Internet connection. You have access to the Internet in your hotel room, and you have a laptop computer running Windows NT Server 4.0. You decide to download a Web site, along with all of its links and linked pages, onto your laptop to show the representatives. What can you use to do this.

A. Microsoft Certificate Server
B. Microsoft Transaction Server
C. Microsoft Index Server
D. Microsoft Site Server Express

>> !
Answer: D

You can use the Copy Site option in Site Server Express to copy a site from a Web server to your local hard disk as Control Analyzer builds up the Webmap. Microsoft Site Server Express 2.0 is available for Windows NT Server 4.0, Windows NT Workstation 4.0, and Windows 95. Internet Explorer also provides a way to download a Web site using subscriptions.


104. You have a Web site which contains a lot of image and audio files. You want to find out how may HTML pages have images which are larger than 32K. What is the easiest way to find this out?

A. Perform a Windows NT Explorer search for files larger than 32K.
B. Perform an Index Server search for files larger than 32K.
C. Use a Webmap in Site Server Express and search Load Size over 32K.
D. Set the Performance Monitor counter for Files over 32K.

>> !
Answer: C

The easiest and fastest way to search a Webmap is to use Site Server Express, Content Analyzer's predefined searches (called Quick Searches). With just a click, you can find all your broken links, hidden objects, images without ALT strings, and more. A Load Size over 32K search will return all pages whose load size (the size of the HTML page plus any linked inline resources, such as images) is larger than 32K.


105. You are the IIS administrator of your Web site, and you want to make your Web site secure. You want a certain range of computers to be unable to access the Web site. In the Directory Security tab and in the IP Address and Domain Name Restrictions in the Web Site properties, you check the Granted Access option and type the following in the exception list: IP address 125.45.65.32 and subnet mask 255.255.255.248. Which range of computers will be denied access to your Web site.

A. IP addresses 125.45.65.32 to 125.45.65.39
B. IP addresses 125.45.65.32 to 125.45.65.57
C. IP addresses 125.45.65.64 to 125.45.65.71
D. IP addresses 125.45.65.64 to 125.45.65.79

>> !
Answer: a

You can either deny access to every IP address with certain exceptions, or grant access to every IP address with certain exceptions. Using a subnet mask as a filter allows you to block host IDs into contiguous IP address units. The subnet mask 255.255.255.248 creates a block of 8 IP addresses; so in this question, 8 addresses are being denied access, and the range would be IP address 125.45.65.32 to IP address 125.45.65.39 (which is 8 IP addresses inclusive). The effective block (group) of IP addresses is a range of IP addresses for which all bits corresponding to 1s in the subnet mask are the same. In this question, this includes IP addresses (in binary representation) 0111 1101.0010 1101.0100 0001.0010 0xxx, where the last three bits (xxx) can have any one of eight possible values: 000, 001, 010, 011, 100, 101, 110, or 111. Translating all the possible values of xxx to decimal representation shows that this last byte (0010 0xxx) of an IP address in this block can be 32, 33, 34, 35, 36, 37, 38, or 39.


106. You have 2 IIS servers: one in Los Angeles and one in Seattle. Each location has 100 Web sites on its IIS server. To limit bandwidth usage, you want to change the maximum number of connections for each Web site to 1000. What is the easiest way to change the maximum connections parameter in Web Site Properties for each of the 200 Web sites.

A. Use Internet Service Manager to change ports on individual sites.
B. Use Internet Service Manager (HTML) to change ports on individual sites.
C. Write a VB script and run it at both IIS servers.
D. Write a VB script and run it at one IIS server.
E. Write a VB script and run it at all 200 virtual Web sites.

>> !
Answer: D

Using the Windows Scripting Host (WSH), administrators can automate the administration tasks on the server using any scripting language supported by Active Server Pages. For example, an administrator can write a Microsoft Visual Basic script to create a new virtual directory, and then with WSH, run the script file from the command line to create a new virtual directory on the Web site. Administrators can write a single script to target multiple Web sites, or multiple physical servers, to provide effective grouped server administration. In the above case, the administrator can run a VB Script and run it at one site to change the Web site properties of both the Los Angeles and Seattle servers.


107. You have installed a new content filter on the Index Server. You issue a query for documents that you know are in the directory in which the content filter is installed, but you get no response. What is the best way to fix this problem.

A. Force a full scan.
B. Force an incremental scan.
C. Force a master merge.
D. Force a shadow merge.

>> !
Answer: A

A content filter is an Index Server component that is responsible for reading a document from the disk and extracting the textual content from that document. Typically, filters are associated with particular document formats. For example, Microsoft Word documents have their contents extracted by a different filter than Microsoft Excel documents. The process of inventorying the virtual roots (and the physical directories to which the virtual roots point) to determine which documents should be indexed is called scanning. By default, all readable virtual roots are indexed. If some readable virtual roots should not be indexed, they can be configured by the administrator. There are two basic types of scans: Full Scan and Incremental Scan. In a full scan, all the documents in the inventoried directories are added to the list of documents to be filtered. A full scan is performed the first time a directory is added to the list of indexed directories. A full scan is also performed as part of recovery if a serious error occurs. In an incremental scan, only the documents that have been modified since the last time they were filtered are added to the list of documents to be filtered. You should force a full scan after installing a new filter, removing a filter, or repairing a filter's registration information. You should also force a full scan after making other global changes, such as changing the size of the characterization (the summary of the document) or adding a new word breaker. To perform a full scan, select the virtual directory in Index Server Manager and select Scan. In the Full Scan dialog box, click Yes to perform a full scan (clicking No will perform an incremental scan).


108. In IIS 4.0, where are the MIME settings stored.

A. Registry
B. Metabase
C. Windows Explorer, File, Options
D. Internet Service Manager

>> !
Answer: B

In IIS 4.0, MIME settings and other pertinent IIS information is stored in the metabase. The metabase includes all the entries pertinent to Internet Information Server administration. The different types of property settings stored in the metabase are:

  1. Computer and Web site properties
  2. Logging properties
  3. FTP-specific properties
  4. HTTP-specific properties
  5. Virtual directory and directory properties
  6. File properties
  7. ISAPI filter properties
  8. SSL key properties
In IIS 3.0, MIME settings are stored in the Registry, in the location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InetInfo\Parameters\MimeMap.


109. On your IIS server, you have defined a virtual directory on a server running NetWare Server 4.11. During virtual directory configuration, you enter the UNC path for the virtual directory. You have also configured the IUSR_<computername> account with the necessary Read permission using Windows NT User Manager for Domains. Anonymous users still cannot connect to the Web site on the virtual directory. What is the most likely reason that these users cannot connect to the site.

A. You cannot enter an UNC name for a NetWare-based virtual directory.
B. You have to give Execute permission on the resources to the IUSR_<computername> account.
C. You have to create a similar IUSR_<computername> account on the NetWare server which has access to the resources in the NetWare server.
D. You cannot have a virtual directory on a NetWare server. Copy the files from the NetWare server to the Windows NT server and make that the path to the virtual directory.

>> !
Answer: C

You can use remote virtual directories for folders stored on disks installed in other computers. As with local virtual directories, when configuring a remote virtual directory, you are asked to assign an alias to the folder. You must also supply the folder's universal naming convention (UNC) address. In order to access the folder with a UNC, you have to enter a valid user name and password. The user name and password you enter is automatically used by visitors who access data contained within this virtual directory. IUSR_<computername> is not automatically created on the NetWare server. You have to create a similar account for anonymous access on the NetWare server and give it access to the specified directory.


110. On your Microsoft Index Server, the word lists are taking up too much memory. What can you do to decrease the amount of memory used by the word lists. (Choose all that apply)

A. Decrease the number of word lists.
B. Increase the number of word lists.
C. Decrease the size of word lists.
D. Increase the size of word lists.
E. You cannot adjust the size of word lists.
F. You cannot adjust the number of word lists.

>> !
Answer: A & C

Word lists are small, temporary indexes stored in the server's RAM. Each word list contains data for a small number of documents. There are two registry parameters that deal with word lists: MaxWordLists (range 10 to 30, default 20) and MaxWordListSize (unit of 128 KB, range 10 to infinity, default 14). MaxWordLists is the maximum number of word lists that can exist at one time. MaxWordListSize is the maximum amount of memory that can be consumed by an individual word list; when this limit is reached, a new word list is created.
In the above question, if we decrease the number of word lists, the MaxWordLists value will be reached more often. When this happens it triggers a shadow merge, which frees up memory. If we decrease the size of the word lists, the MaxWordListSize value will be reached more often. When this happens it triggers the creation of new word lists. This in turn increases the number of word lists, causing the MaxWordLists number to be reached earlier. This, as described above, triggers an early shadow merge, which frees up memory.


111. Carol is interested in setting up a private Web site that would be accessed on the intranet. What can you use to authenticate users to this intranet Web site.

A. Microsoft Certificate Server
B. Microsoft Transaction Server
C. Microsoft Site Server
D. Microsoft Internet Information Server

>> !
Answer: A

Microsoft Certificate Server is a standards-based, highly customizable server application for managing the issuance, revocation, and renewal of digital certificates. Certificate Server generates certificates in standard X.509 format. These certificates can be used for any number of public-key applications including, but not limited to, the following:

-Server and client authentication under the Secure Sockets Layer (SSL) protocol
-Secure e-mail using Secure/Multipurpose Internet Mail Extensions (S/MIME)
-Secure payment using Secure Electronic Transaction (SET)


112. You are the IIS administrator of your Web site. In the IP Address and Domain Name Restrictions dialog box, you check the Denied Access option and type the following in the exception list: IP address 192.80.245.96 and subnet mask 255.255.255.224. Which range of computers will be granted access to your Web site.

A. IP addresses 192.80.245.48 to 192.80.245.63
B. IP addresses 192.80.245.48 to 192.80.245.79
C. IP addresses 192.80.245.96 to 192.80.245.111
D. IP addresses 192.80.245.96 to 192.80.245.127

>> !
Answer: D

You can either deny access to every IP address with certain exceptions, or grant access to every IP address with certain exceptions. Using a subnet mask allows you to block host IDs into contiguous IP address units. The subnet mask 255.255.255.224 creates a block of 32 IP addresses; so in this question, 32 addresses are being granted access, and the range would be IP address 192.80.245.96 to IP address 192.80.245.127 (which is 32 IP addresses inclusive). The effective block (group) of IP addresses is a range of IP addresses for which all bits corresponding to 1s in the subnet mask are the same. In this question, this includes IP addresses (in binary representation) 1100 0000.0101 0000.1111 0101.001x xxxx, where the last five bits (x xxxx) can have any one of thirty-two possible values:

00000, 00001, 00010, 00011, 00100, 00101, 00110, 00111,
01000, 01001, 01010, 01011, 01100, 01101, 01110, 01111,
10000, 10001, 10010, 10011, 10100, 10101, 10110, 10111,
11000, 11001, 11010, 11011, 11100, 11101, 11110, 11111.

Translating all the possible values of xxxxx to decimal representation shows that this last byte (001x xxxx) of an IP address in this block can be 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, or 127.


113. In Windows NT, which group should a user belong to if he has to manage IIS using the Internet Service Manager (HTML).

A. Everyone
B. Domain Users
C. Administrators
D. Internet Users

>> !
Answer: C

To use Internet Service Manager (HTML), you must be logged on to a user account that has Administrator privileges on the computer being administered. This can be the Administrator account, or any other account added to the Server Operators list in the Service Properties, Operators tab.


114. What would you use to add your company logo to the bottom of every page on your company's Web site.

A. .htx template
B. .htm template
C. server-side include
D. You cannot automatically add the logo. You must cut and paste it into each Web page

>> !
Answer: C

IIS and many other Web servers have a feature called server-side include (SSI) which automatically inserts the contents of a Web page in place of special HTML tags. This feature enables you to create a single page for headers, footers, navigation button bars, or any other set of common elements, and then include these elements in other pages. A .htx template is used to format the results of a database query.


115. Which of the following can you do from the Internet Service Manager (HTML). (Choose all that apply)

A. Start and stop the Web site.
B. Change the anonymous logon account for the Web site.
C. Change the type of password authentication.
D. Change the TCP port number.

>> !
Answer: A, B, C & D

The Internet Service Manager (HTML) program provides most of the same administrative functions as Internet Service Manager. You can use Internet Service Manager (HTML) with your Web browser to administer Internet Information Server over the Internet. Property changes which require coordination with Windows NT utilities (such as certificate mapping) cannot be made with the HTML version of Internet Service Manager.


116. You create a remote virtual directory called PCAGE on the IIS server PCAGE1. The physical directory is located on a server called PCAGE2. Anonymous users cannot access the virtual directory from your Web site. Which of the following is causing the problem.

A. The account name and password which IIS will use to access the virtual directory have not been assigned in Web Site Properties.
B. Users have not been assigned the necessary share permissions to access the directory.
C. IIS is configured for Basic authentication.
D. IIS is configured for Windows NT Challenge/Response authentication.

>> !
Answer: A

When you specify a virtual directory location that resides on another computer in the network, you should enter an account name and password that IIS will use to access the directory. You do not need to assign share permissions to anonymous users. By default, Windows NT uses the IUSR_<computername> account to represent an anonymous user. Multiple authentication methods (Anonymous Access, Basic, and Windows NT Challenge/Response) can be enabled on IIS simultaneously.


117. You are in an organization which has 200 Windows NT users. These users have to access three intranet Web sites which have been set up to use host headers. You do not have DNS enabled on the intranet. How can you let the users resolve the names of these intranet sites.

A. Add a HOSTS file on the Internet Information Server.
B. Add a HOSTS file on each client.
C. Add a LMHOSTS file on each client.
D. Add static IP addresses in the WINS server and enable WINS server resolution.

>> !
Answer: B

A client should be able to resolve a name used in a host header to its IP address. This can be done by using a host name resolution method, such as DNS or a HOSTS file. Install a HOSTS file on each client (in the %systemroot%\system32\etc\drivers folder). The file should contain entries for Web server names (as specified by the host headers) and their corresponding IP addresses. Since the name resolution has to be performed by the client (browser), the HOSTS file is not needed on the IIS computer. An administrator can choose to install a centralized HOSTS file on a server and let clients refer to this file for name resolution. This can be done using directory replication, or by specifying a different location for the HOSTS file in the Registry parameter DataBasePath.


118. You have an IIS 4.0 installation which has 32 MB of RAM and 44 MB of virtual memory. You get calls that the Index Server is slow, so you increase the property cache value. But the Index Server is still slow. Why.

A. The property cache is now using the RAM.
B. The property cache is now using the virtual memory.
C. The RAM is now using the virtual memory.
D. You cannot change the property cache value.

>> !
Answer: A

The property cache is a disk cache used to speed up queries for frequently accessed values (properties) of documents (such as path, abstract, title, attributes, and size). The property cache is a large data structure. The registry parameter PropertyStoreMappedCache controls how much of the property cache is always kept in memory. There are two cases in which you change the default setting:
First, on large index servers, increasing this value tends to yield better performance. But if the physical memory (RAM) is inadequate, the performance might suffer.
Second, if the default is not adequate to handle a heavy query load, and the system is overworked even when the index is up to date.
Hence if we increase the property cache value, it uses part of the RAM, which affects the performance of the system. The property cache is specified in 64 KB units; the default value is 16 (which is 16 * 64 KB, or 1 MB).


119. As a user, you have to download sensitive information from the Web server to your client. Which of the following would you use to access this information over the Internet.

A. SSL (Secure Sockets Layer)
B. Windows NT Challenge/Response Authentication
C. Microsoft Site Server
D. NTFS file system

>> !
Answer: A

You can configure your Web server's Secure Sockets Layer (SSL) security features to guarantee the integrity of your content, verify the identity of servers or clients, and encrypt network transmissions. Windows NT Challenge/Response authentication is a user authentication method which uses encrypted user names and passwords for security. It does not perform data encryption. Microsoft Site Server can be used to download a Web site, but does not itself provide security. The NTFS file system provides file- and folder-level security, but only on local disks.


120. You do not want users to be able to search for certain high-security documents in your company which have the word "CONFIDENTIAL" in the heading. How can you prevent them from doing this.

A. Use restrictive NTFS file permissions on the directory where documents are stored.
B. Use the word "CONFIDENTIAL" in the noise word file.
C. Use the word "CONFIDENTIAL" in the loud word file.
D. Use the word "CONFIDENTIAL" in the restricted word file.

>> !
Answer: B

Words that are not significant for searching are called noise words or stop words. If you do not want specific words to be in the result set, you can add these words to the noise word file. Noise words are stored in the %systemroot%\system32 directory in various noise word files (Noise.dat, by default). The noise word files are language-dependent. The noise word file for a particular language is specified in the registry under the key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ContentIndex\Language\\NoiseFile

For example, the noise word file for English_US is listed as the registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ContentIndex\Language\English_US\NoiseFile\noise.dat

The noise word files can be edited with a text editor to either add new words or remove words that are not considered "noise" at a particular installation. Note that querying for noise words will not yield any hits. If the user issuing the query does not have access permissions on a certain document, this document will not show up in the results list. Therefore, NTFS or virtual directory permissions can be applied to certain documents to hide them. Be aware, however, that these permissions will apply to all files in the directory, and can inadvertently hide other files.


121. You have configured a Web site to log usage in an ASCII text file. Where can you get information on the user names and number of hits for the Web site.

A. Web Application log in Event Viewer
B. Web Site Properties, Number of hits field
C. Web log file in %systemroot%\system32\LogFiles
D. Performance Monitor

>> !
Answer: C

You can configure your Web or FTP sites to log information about user activity. This logging should not be confused with the usual logging carried out through Windows NT Server; the logging in IIS is more extensive, and is viewed as ASCII text files or ODBC-compliant databases (not by using the Event Viewer). You can find out which users accessed your sites and what information they accessed. The following log file formats are available:
a) NCSA Common log file format (not available for FTP sites)
b) ODBC Logging
c) W3C Extended log file format
d) MS IIS log file format

NCSA, W3C, and MS IIS are ASCII text log file formats. Performance Monitor can also be used to provide some information (such as number of anonymous/non-anonymous connections), but it will not show user information (such as user names) or other detailed information.


122. In an organization, there are two domains: Finance and Technology. There is no trust relationship between the two domains. IIS 4.0 and Index Server 2.0 are running on the server Finance1 in the Finance domain. The server Technology1 is located in the Technology domain. The system administrator wants to index \\Technology1\Data. What should the administrator do to index the information using Microsoft Index Server. (Choose all that apply)

A. Create an account in the Technology domain that has access to the IIS server in the Finance domain.
B. Create an account in the Finance domain that has permission to connect to \\Technology1\Data.
C. Create a trust relationship in which the Technology domain trusts the Finance domain.
D. You cannot use Microsoft Index Server to index across domains; the servers should be in the same domain.

>> !
Answer: B & C

Windows NT supports multiple security domains. If you want to use Index Server to index data on a remote domain, the following requirements must be met:

  1. A trust relationship must exist between the two domains. The domain being accessed (the domain containing the documents) must trust the accessing domain (the domain in which Index Server is installed).
  2. A user account (e.g. WebUser) with Interactive Logon privileges should be created in the accessing domain (the domain in which Index Server is installed).
  3. A user account with access to the data being indexed should be used in the UNC paths (e.g. \\Technology1\Data) when configuring the virtual directory.
  4. Index Server should be stopped and restarted


123. When you run Microsoft Index Server (HTML), you see the following error message with certain browsers: Cannot open the Internet site http://localhost/iisadmin/isadmin/admin.htm What is the most likely cause of this error.

A. Allow Anonymous authentication is selected.
B. Basic authentication is selected.
C. Windows NT Challenge/Response authentication is selected.
D. None of the above.

>> !
Answer: A

By default, Index Server allows only the Administrative accounts to access the administrative functions of the server. If you only have Allow Anonymous selected in Microsoft Internet Service Manager Password Authentication, all users are denied access and will get the above error message. This is because anonymous users use the security context of IUSR_<computername>, but administrative privileges are required to administer an index server. Check either Basic or Microsoft Windows NT Challenge/Response authentication under Microsoft Internet Service Manager Password Authentication. Basic authentication will allow users to use any browser for Index Server administration. Windows NT Challenge/Response authentication is only supported by Internet Explorer 3.0 or later.


124. You have an application file with the extension .frm. Whenever you click its link, your browser opens it as a text file instead of running the associated application, FormBuild. What should you do to fix this problem.

A. Edit the text/html entry under \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Inetinfo\Parameters\MimeMap.
B. Create a MIME mapping for .frm on the IIS server.
C. Modify the MIME mapping for .frm on the IIS server, and use text/html as the MIME type.
D. Remove the MIME mapping for .frm on the IIS server.

>> !
Answer: B

The IIS server is probably sending an incorrect MIME type, or no MIME type at all, to the client. In Web Site Properties, select HTTP Headers, File Types in MimeMap to create or modify MIME mappings. Once the file type is registered (using a file name extension, such as .frm, and a MIME type, such as application/formbuild), the proper MIME type will be sent to the browser in the HTTP header.


125. What is the result of reducing the permissible amount of word lists in Index Server.

A. Shadow merges will occur less often.
B. Full scan will occur more often.
C. Master merges will occur more often.
D. The number of persistent indexes will increase.

>> !
Answer: C

Word lists are small, temporary indexes stored in the server's RAM. Each word list contains data for a small number of documents. There are two registry parameters that deal with word lists: MaxWordLists (range 10 to 30, default 20) and MaxWordListSize (unit of 128 KB, range 10 to infinity, default 14). MaxWordLists is the maximum number of word lists that can exist at one time. MaxWordListSize is the maximum amount of memory that can be consumed by an individual word list; when this limit is reached, a new word list is created. In the above question, if we decrease the number of word lists, the MaxWordLists value will be reached more often. When this happens it triggers a shadow merge, which frees up memory. When the total disk space occupied by shadow indexes exceeds the MaxShadowIndexSize parameter, the Index Server starts a master merge in order to combine the shadow indexes. Therefore, the result of reducing the permissible number of word lists in Index Server would be an increase in the frequency of master merges. The number of persistent indexes (shadow indexes) will increase temporarily, but the master merge will merge all indexes into a single persistent index.


126. You do not want anonymous users to be able to access your Web site. You have assigned the NTFS permission READ to the IUSR_<computername> account. What group should have NO ACCESS permission.

A. Everyone
B. Interactive
C. Network
D. Guests

>> !
Answer: D

The Internet Guest account, IUSR_<computername>, is created on installation of IIS and is added to the Guests group by default. This account is used for anonymous access to the Web site. By assigning No Access permission to Guests, you are denying access to all members of the Guests group, including IUSR_<computername>.


127. You have SSL (Secure Socket Layer) enabled on the Web site of PC Age, Inc. Which URLs will the users be able to access. (Choose all that apply)

A. http://www.pcage.com/public
B. https://www.pcage.com/private
C. httpssl://www.pcage.com/private
D. httpssi://www.pcage.com/private

>> !
Answer; A & B

When you have SSL (Secure Socket Layer) enabled on the Web site, authorized users can access the http://<yourcompany> and https://<yourcompany> directories. To access a directory secured by SSL, use https://. To access a directory not secured by SSL, use http://.


128. Which of the following rights should the IUSR_<computername> account have.

A. Access this computer from a network
B. Take ownership of files or other objects
C. Log on remotely
D. Log on locally

>> !
Answer: D

The Internet Guest account, IUSR_<computername>, is created during the setup of Microsoft Internet Information Server (IIS). All anonymous users use this account by default. IUSR_<computername> is only permitted to log on locally. No other rights are granted that could allow a hacker to damage your server or its files.


129. After you install SSL (Secure Socket Layer) on your Web server, the performance of the server decreases. What is the best way to fix this problem.

A. Remove SSL (Secure Socket Layer).
B. Increase the paging file size.
C. Upgrade to a faster processor.
D. Create more free space on the hard drive on which SSL (Secure Socket Layer) has been installed.

>> !
Answer: C

SSL uses the processor to encrypt data, so enabling SSL has a significant impact on the performance of the processor. SSL's efficiency depends on the speed of the processor, not on the paging file size or the amount of free disk space on the hard drive.


130. Your data that is retrieved using Index Server has grown to 200 MB, and people have started complaining that their Index Server queries are slow. You add another 100 MB free space to Index Server, but there is still no improvement in performance. How can you improve the query response.

A. Perform a master merge.
B. Perform a shadow merge.
C. Filter all documents into the 100 MB of free space.
D. Start and stop the WWW Service.

>> !
Answer: A

Query response can be improved by forcing a master merge so that a single compressed index is able to serve all queries. Too many persistent indexes (shadow indexes) can slow down queries.