Server 2003 Planning Network Infrastructure1. You are a network administrator for your Windows Server 2003 domain and you are updating the network configuration for your company. Part of your design calls for outlining the appropriate level of security for the different possible authentication methods for remote access clients. Your design needs to allow for a fairly strong level of security for remote access connections with regard to the authentication protocol that is to be used without the additional use of third-party hardware. It also needs to provide mutual authentication and it should not allow LAN Manager encoded responses or password changes. From the following choices, which authentication method would allow for the stated requirements, as well as provide support on Windows NT 4.0 and Microsoft Windows 98 operating systems for VPN connections using Microsoft Point-to-Point Encryption (MPPE)? A. Password Authentication Protocol (PAP) B. Shiva Password Authentication Protocol (SPAP) C. Challenge Handshake Authentication Protocol (CHAP) D. MS-CHAP version 1 E. MS-CHAP version 2
2. You are a network administrator for gunderville.com and you have been tasked with implementing an IPSec policy on your network. This is a requirement for data exchanges between SERVER05 and all client systems in the domain. You have right-clicked IP Security Policies in the MMC console and chosen Manage IP filter lists and filter actions in an effort to create the necessary filter list and the filter action. What is the next step? A. Assign the policies. B. Use IPSecMon to test your policy. C. Configure the authentication method to be used. D. Create the IPSec Policy.
3. You are the domain administrator for a Windows Server 2003 domain and you are troubleshooting a DNS name resolution issue for gunderville.com. Recently, a new server (PRINT10) was installed on a particular subnet and although there have been no reported issues with incoming connectivity to the server, there are issues with the server itself accessing network resources. Whenever PRINT10 attempts to access resources outside of the subnet, it appears that the server cannot reach them. You have tried to reach \\server01, which is outside of the subnet, and you receive an error message that the network resource is unavailable. When you attempt to reach \\sysapp2, which is on the subnet, you are able to access the resource. Which TCP/IP network troubleshooting tools can be used that would allow you to receive detailed information showing the route taken to reach a remote system or network gateway and return detailed statistics? (Choose all that apply) A. PATHPING B. PING C. TRACERT D. ROUTE E. NETSTAT
4. You are the domain administrator for a Windows Server 2003 domain and have been tasked with designing and deploying a Windows Clustering solution for your Terminal Services configuration. What are come of the concerns that need to be taken into consideration with this type of design? (Choose all that apply) A. Windows Server 2003, Enterprise Edition supports up to eight-node clusters and support for up to 32 GB of memory. B. Windows Server 2003 Standard Edition supports two-node clusters and support for up to 4 GB of memory. C. Server clustering will fail over all of the information that is held in the local nodes RAM. D. Server clustering does not fail over the information that is held in the local nodes RAM. E. Server Clustering and Terminal Services can coexist on the same server or node and be used to configure your Terminal Server in a high availability failover configuration. F. Server Clustering and Terminal Services cannot coexist on the same server or node.
5. You are the domain administrator for a Windows Server 2003 domain and have been tasked with designing and deploying a Windows Load Balancing Service solution for your Terminal Services configuration. What are come of the concerns that need to be taken into consideration with this type of design? (Choose all that apply) A. User information, system information, and common data should be stored in a multiple locations for fault tolerance and load balancing. B. WLBS relies on the client's IP address only if you are using No Affinity to determine which Terminal Server services a client. C. When a Terminal Server client simply disconnects from a Terminal Server during a session or has a loss of network connectivity, Terminal Server marks the client's session as disconnected. D. When a Terminal Server client logs off from a Terminal Server session, the Terminal Server marks the client's session as disconnected. E. The best way to allow disconnected clients to connect to the same Terminal Server to recover from a disconnected session is to have the client computers use static IP addresses and configured WLBS to use Single Affinity.
6. You are the server administrator for TERMSRV01, which is a Windows Server 2003 Terminal Server. You have decided that you need to perform a baseline reading of the system with System Monitor in an effort to have the baseline available for future comparison if needed. You have decided that system memory is going to be the biggest point of contingency in the near future. Which System Monitor counters should you enable to get information on the overall rate at which the processor handles both hard and soft page faults, as well as the number of times the disk was read to resolve hard page faults? (Choose all that apply) A. Memory\Page Faults/sec B. Memory\Pages Input/sec C. Memory\Page Reads/sec D. Memory\Pages Input/sec E. Memory\Pool Paged Bytes
7. You are the server administrator for TERMSRV01, which is a Windows Server 2003 Terminal Server. Your backup strategy utilizes one full backup and daily differential backups. TERMSRV01 has six 36GB SCSI3 10,000RPM drives and are set up using hardware RAID 5 with a low rebuild priority and has an online (hot) spare. The full backup is performed each Saturday at 9:00PM EST and takes 2 hours. The daily differential backups are performed each day at 9:00PM, Monday through Friday. There is no full backup or differential backup performed on Sunday. The amount of time needed for the differential backups varies, but it never exceeds 75 minutes. TERMSRV01 has a hard disk failure at approximately 6:00PM on a Saturday. At 6:10PM a second drive in the array fails. What needs to be done to bring the server back to working order so that users can access the data on the server? A. The failed drives need to be replaced and the data must be restored from the full backup. B. The failed drives must be replaced and the data must be restored from the full backup and the last differential backup. C. The failed drives must be replaced and the data must be restored from the full backup and all of the differential backups. D. The failed drives must be replaced. Nothing additional needs to be done because the RAID configuration with the online spare allows the system to continue to run.
8. You are the server administrator for TERMSRV01, which is a Windows Server 2003 Terminal Server. Your backup strategy utilizes one full backup and daily incremental backups. TERMSRV01 has six 36GB SCSI3 10,000RPM drives and are set up using hardware RAID 5 with a low rebuild priority and has an online (hot) spare. The full backup is performed each Saturday at 9:00PM EST and takes 2 hours. The daily incremental backups are performed each day at 9:00PM, Monday through Friday. There is no full backup or incremental backup performed on Sunday. The amount of time needed for the incremental backups varies, but it never exceeds 75 minutes. TERMSRV01 has a hard disk failure at approximately 6:00PM on a Saturday. At 6:10PM the online (hot) spare in the array fails. What needs to be done to bring the se rver back to working order so that users can access the data on the server? A. The failed drives must be replaced and the data must be restored from the full backup. B. The failed drives must be replaced and the data must be restored from the full backup and the last incremental backup. C. The failed drives must be replaced and the data must be restored from the full backup and all of the incremental backups. D. The failed drives must be replaced. Nothing additional needs to be done because the RAID configuration with the online spare allows the system to continue to run.
9. You are the server administrator for TERMSRV01, which is a Windows Server 2003 Terminal Server. Your backup strategy utilizes one full backup and daily incremental backups. You also have decided to enable and utilize volume shadow copy on the server. When you first enable volume shadow copy, what are the defaults that will be set? (Choose all that apply) A. The minimum amount of required disk space is 100MB. B. The minimum amount of required disk space is 2% of the total volume (used and free space). C. The maximum amount of required disk space is set to 10% of the total free amount of space for the volume by default. D. The maximum amount of required disk space is set to 10% of the total amount of space for the volume by default which includes used and free space. E. The storage area for the shadow copies is located on the same volume where shadow copy has been enabled and the volume must be formatted as NTFS. F. The storage area for the shadow copies is located on the same volume where shadow copy has been enabled and the volume can be any file system supported by Windows Server 2003.
10. You are the network administrator for gunderville.com and you need to put together system recovery documentation for using Automated System Recovery. You have outlined in your documentation that Automated System Recovery reads the disk configuration information from the floppy disk where it was kept to restore all of the disk signatures, volumes, and partitions. This is the information required to start your computer in a situation where there has been a system failure and that a simple installation of Windows is installed and starts in an effort to restore from backup using the backup ASR set created by the Automated System Recovery Preparation Wizard. You need to also call out some of the additional characteristics of Automated System Recovery so that system administrators are aware of when t his type of system recovery can and cannot be used and what the limits of it are. What are some of the additional characteristics and limitations of Automated System Recovery? (Choose all that apply) A. Automated System Recovery includes end user data from the local system. B. Automated System Recovery does not include end user data from the local system. C. Automated System Recovery supports most FAT16 volumes. D. Automated System Recovery supports NTFS volumes only. E. You can access the restore functionality of Automated System Recovery by pressing F2 when prompted in the text mode portion of setup. F. You can access the restore functionality of Automated System Recovery by pressing F6 when prompted in the text mode portion of setup.
11. You are the enterprise administrator for gunderville.com and you are configuring an IPSec policy for SERVER12 by using the Local Security Policy MMC. You configured this by expanding the Security Settings, right-clicking IP Security Policies, and then choosing Manage IP filter lists and filter actions. You clicked the Manage IP Filter Lists tab, and then click Add and entered a name and a description as needed. From here, you went to the Addressing tab, clicked My IP Address in the Source address box, and then clicked Any IP Address in the Destination address box. What is the status of this configuration after you complete this step? A. The filter is applied to inbound packets. B. The filter is applied to outbound packets. C. The filter is applied to inbound and outbound packets. D. The filter is applied to outbound packets and you will have configured a unidirectional IPSec security configuration.
12. You are a level-two help desk technician and you are trying to assist an end user with a problem she is having with her Windows XP Professional system. The user is having difficulty following the steps that you are offering to her over the phone and you have decided to offer Remote Assistance without an invitation. What conditions need to be met for your efforts to be successful? (Choose all that apply) A. To offer Remote Assistance to a user who has not sent an explicit invitation, the Offer Remote Assistance setting in Group Policy must be enabled and configured for the system in question. B. You must be listed as an assistant under the Offer Remote Assistance policy or be a member of the Administrators group on the computer where you are offering the Remote Assistance. C. Offer Remote Assistance will work only if the Solicited Remote Assistance policy is disabled. D. The user will not need to give permission before the offer of Remote Assistance is successful. E. The user must give explicit permission before the person making the Remote Assistance offer can control the user's computer.
13. You are a level-two server technician and you are trying to setup and configure a remote administration configuration for some of the servers that you administer at a remote site. Three of the servers at this remote location are running Windows Server 2003 Standard Edition and one is running Windows Server 2000 Advanced Server. For your efforts to be successful, what is the best way to configure the systems with the least amount of administrative effort and without any additional costs? A. Terminal Services in Remote Administration mode must be configured on the Windows Server 2003 Standard Edition servers and the Windows Server 2000 Advanced Server system. B. Terminal Services in Remote Administration mode must be configured on the Windows Server 2000 Advanced Server system. Terminal Services in Application mode must be configured on the Windows Server 2003 Standard Edition systems. C. Terminal Services in Remote Administration must be installed on the Windows Server 2000 Advanced Server system and you can use Remote Assistance on the Windows Server 2003 Standard Edition system. D. Terminal Services in Remote Administration mode must be configured on the Windows Server 2000 Advanced Server system and Remote Desktop for Administration can be used on the Windows Server 2003 Standard Edition systems.
14. You are the domain administrator for gunderville.com. Client systems in use include Windows NT4 Workstation, Windows 98, Windows 2000 Professional, and Windows XP Professional. Branch office one has all of the clients using DHCP locally and connected locally by a Layer 3 switch and back to the main office via an ISP connection to a VPN server at company headquarters. There are a total of 31 host systems at this location including the installed servers. Branch office two has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a Windows Server 2003 Routing and Remote Access server and a ISP connection to a VPN server at company headquarters. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 41 host systems at this location including the installed servers. Branch office three has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via an ISP connection to a VPN server at company headquarters. There are a total of 25 host systems at this location including the installed servers. You need to provide a security configuration for data transmissions that occur over the internet to the main company headquarters. You have decided to configure the L2TP and IPSec to provide the required security and authentication necessary. What additional steps need to be taken and/or considered to satisfy the needs as required? A. The Microsoft L2TP/IPSec VPN Client must be installed on all and any Windows 98 systems using the Dial-up Networking version 1.4 upgrade if they were making the connections to the VPN server individually. B. The Microsoft L2TP/IPSec VPN Client must be installed on all and any Windows 98 systems making VPN connections to the company headquarters via the RRAS server connection. C. The Microsoft L2TP/IPSec VPN Client must be installed on all and any Windows 98 systems that are using other tunneling protocol methods than L2TP. D. The Microsoft L2TP/IPSec VPN Client must be installed on all Windows 98 systems making the connections to the VPN server individually by way of the PPTP adapter.
15. You are the domain administrator for gunderville.com. Client systems in use include Windows NT4 Workstation, Windows 98, Windows 2000 Professional, and Windows XP Professional. Branch office one has all of the clients using DHCP locally and connected locally by a Layer 3 switch and back to the main office via an ISP connection to a VPN server at company headquarters. There are a total of 31 host systems at this location including the installed servers. Branch office two has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a Windows Server 2003 Routing and Remote Access server and a ISP connection to a VPN server at company headquarters. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 41 host systems at this location including the installed servers. Branch office three has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via an ISP connection to a VPN server at company headquarters. There are a total of 25 host systems at this location including the installed servers. You need to provide a security configuration for data transmissions that occur over the Internet to the main company headquarters. You have decided to configure the L2TP and IPSec to provide the required security and authentication necessary. You need to set up the appropriate auditing for all access attempts to the VPN server. Which settings in the Event Viewer need to be set and how? (Choose all that apply) A. Audit logon events should be set to log all success and failures. B. Audit logon events should be set to log all success only. C. Audit logon events should be set to log all failures only. D. Audit object access should be set to log all success and failures. E. Audit object access should be set to log all success only. F. Audit object access should be set to log all failures only.
16. You are the domain administrator for gunderville.com. You need to come up with a PKI design that allows for the key management storage to be handled via a hardware solution. You need to use a hardware solution for your key management, because the originating key is not allowed to be left on any networked system. You also need to maintain a high level of security for the key, which includes not allowing the key to be left on any networked system and to provide a solution for retrieval of the key in the event of its loss. You have decided to deploy your key management by keeping the key stored on a Zip disk and locking the disk in a fire proof safe. There is one duplicate copy of the Zip disk that was made and is held off-site at the same location where your off-site backup tapes are kept. The key was also emailed as an attachment to your lead systems and networking engineer in the company's main campus in another state as an additional backup resort. From the following options, choose the best outcome of this process. A. You were able to use a hardware solution for your key management, as the originating key is not allowed to be left on any networked system. B. Your actions allowed you to provide a solution for retrieval of the key in the event of its loss. C. You were able to maintain a high level of security for the key by not allowing the key to be left on any networked system. D. You were unable to complete any of your tasks with the actions taken.
17. You are the domain administrator for gunderville.com and you have been tasked with reviewing the current configuration of the Event Viewer logs for gunderville.com, sales.gunderville.com, and northamerica.gunderville.com and some of the member servers in the domains. You need to verify that there is no way to log on to any of the file and data server systems if the Event Viewer cannot log the logon events due to the fact that the logs are full or otherwise inaccessible. You need to verify that no log data is ever unintentionally lost. What steps need to be taken to complete this task? (Choose all that apply) A. Go to the Event Viewer and right-click Security Log, and then click Properties. B. Go to the Advanced tab on the System properties and select Startup and Recovery options. C. Configure the Event Viewer logs settings so that the logs will need to be manually cleared. D. Configure the Event Viewer logs settings so that the logs will be cleared every 30 days.
18. You are a domain administrator for gunderville.com with client systems running Windows 2000 Professional SP2 and Windows XP Professional with no service pack installed. You have been tasked with configuring the Windows Update client on all of the systems in your environment to use the local SUS server as opposed to the Windows Update Site. All of the desktop system accounts are in an OU called Desktops. All of the laptop system accounts are in an OU called Laptops. All of the member server accounts are in an OU called MemberServ. The domain controllers are in the default Domain Controllers OU. You need to verify that all of the clients are properly configured to use the local SUS server named SUS1 and to limit any impact to the current established environment and you also need to verify that t he Automatic Update properties are configured so that the updates are automatically downloaded and the installation is scheduled for 11:00PM each night. What steps are needed to configure the environment with the least amount of administrative effort? (Choose all that apply) A. Install service pack 4 on the Windows 2000 servers and desktops. B. Install service pack 1 on the Windows XP clients. C. Install the Windows Update client on the Windows XP systems. D. Install the Windows Update client on the Windows 2000 systems. E. Add a new group policy object to the domain object and enable the Specify intranet Microsoft update service location and point it to the http://SUS1 location. F. Enable the Configure Automatic Updates option and choose setting 4 - Auto download and schedule the install and choose 0 - every day 11:00.
19. You are the domain administrator for a Windows Server 2003 mixed mode domain. Currently there are 17 Windows Server 2003 systems in use across your enterprise, including 5 of the 17 installed as domain controllers. Clients and servers in your domain consist of 153 Windows 98 systems, 14 Windows ME systems, 281 Windows NT4 Workstations running SP6a, 592 Windows 2000 Professional systems, 47 Windows 2000 Server systems, and 192 Windows XP Professional systems. You have been tasked with performing an analysis of the systems in your environment by using the Microsoft Baseline Security Analyzer (MBSA). You realize that there are some client systems the tool will not be able to scan, but you are required to scan as many client systems as possible to report out at the next security staff meeting. You will be performing all of the scans remotely from a single console. What are the total number of client systems that will be able to be successfully scanned across the network? A. 1065 B. 1218 C. 1232 D. 951
20. You are one of the Web Hosting administrators for your company's e-commerce environment and you are trying to configure a remote access solution for your main web server running Windows Server 2003 Web Server Edition that will allow you the same access as sitting at the GUI console. There are no additional funds to spend in the web hosting environment and you cannot install any addition software other than what is on the approved vendor list. From following choices, which answer is your best and least expensive option? A. Configure Terminal Services in application mode on the Web server. B. Configure Terminal Services in remote administrative mode on the Web server. C. Enable Remote Desktop for Administration. D. Install a third-party remote access utility. E. Use Telnet to access the server locally.
21. You are the systems administrator for gunderville.com. Servers in the domain include Windows Server 2003 systems that were both newly installed and others that were upgraded to server 2003 from NT 4 and 2000. All of the domain controllers have additional security settings applied at the domain controllers OU. The upgraded servers that you need to work on are webbox.gunderville.com, spiff.gunderville.com, and skippy.gunderville.com. Webbox.gunderville.com is in an OU called WEB which also houses three other Windows Server 2003 systems and spiff.gunderville.com and skippy.gunderville.com are in an OU called STAT which also has seven other Windows Server 2003 systems as members. You need to assure that all of the Windows Server 2003 systems are running using the default security settings. You need to complete this action using the least amount of administrative effort. You also need to be sure to not impact any of the domain controllers in the domain or any of the client systems. A. Configure a GPO to apply the Setup security.inf template at the WEB and STAT OUs. B. Configure a GPO to apply the Basicsv.inf template at the domain object in the Active Directory. C. Configure a GPO to apply the Setup security.inf template at the domain object in the Active Directory. D. Configure a GPO to apply the Defltsv.inf template at the WEB and STAT OUs. E. Configure a GPO to apply the Defltsv.inf template at the domain object in the Active Directory. F. Configure a GPO to apply the Setup security.inf template as a local policy on the three servers.
22. You are the desktop administrator for gunderville.com and have been tasked with comparing your standard desktop build's security settings against the default configuration security settings that are applied during installation as well as comparing it to the settings that are found in the securews.inf template on all 16 Windows XP Professional systems in the KEPT OU. What is the easiest way to accomplish this task? A. Use the Security Configuration and Analysis tool against all of the systems. B. Use MBSA against all of the systems. C. Use SIGVERIF.exe against all of the systems. D. Use SFC.exe against all of the systems. E. Use Secedit against all of the systems.
23. You are the server administrator for gunderville.com. You have been tasked with comparing the security settings on your file and print servers against the default configuration security settings that are applied during installation as well as comparing it to the settings that are found in the ocfiless.inf template on spiff.gunderville.com. Which tools can be used to successfully accomplish this task? (Choose all that apply) A. Use the Security Configuration and Analysis tool. B. Use the MBSA utility. C. Use the SIGVERIF.exe tool. D. Use the SFC.exe tool. E. Use the Secedit command-line tool.
24. Charles is a network administrator for a medium-sized engineering company that hires a large number of college students during the summer months. The company operates a single domain Windows Server 2003 network with two sites corresponding to its San Jose and Los Angeles offices. Among the students hired at these offices are several computer science students who are entering their senior year and have been given the responsibility of maintaining user and group accounts. One September morning, Charles needed to delete the user accounts of several students who had recently returned to college. However, he discovered that one of these accounts had already been deleted. Earlier in the summer, he had appropriately configured the network to audit all objects in Active Directory. He now wants to verify the proper deletion of the student's account, and find out who has deleted the account. What should Charles do to accomplish this task with the least amount of administrative effort? A. He should look for Directory Service Access events in each domain controller's Security log. B. He should look for Account Management events in each domain controller's Security log. C. He should look for Object Access events in each domain controller's Security log. D. He should look for Process Tracking events in each domain controller's Security log.
25. You are the server administrator for gunderville.com and you have been tasked with standardizing the level of security applied to all of the Web servers in your testing lab. The testing lab is actually a child domain called test.lab.gunderville.com and contains only the 4 Web servers in the SETUP OU and five others in the LOCKD OU. You need to ensure that the security model of all of the Web servers is one in which all of the systems are meeting the following requirements: * Enforce password history = 24 passwords are remembered * Maximum password age = 42 days * Minimum password age = 2 days * Minimum password length = 8 characters * All Passwords meet complexity requirements How can you ensure that all of the systems meet these requirements without impacting client systems in the enterprise? Select the answer that meets the requirements and which is also the least amount of administrative effort. A. Modify the Securews.inf security template to meet all of the listed requirements and deploy it at the SETUP OU and the LOCKD OU. B. Deploy the Securews.inf security template at the SETUP OU and the LOCKD OU. C. Deploy the Securews.inf security template at the test.lab.gunderville.com domain. D. Create a custom security template with all of the required parameters and deploy it on the test.lab.gunderville.com domain object. E. Create a custom security template with all of the required parameters and deploy it at the SETUP OU and the LOCKD OU.
26. You are the domain administrator for northamerica.gunderville.com and you have been tasked with standardizing the level of security applied to all of the domain servers in your production environment. You need to ensure that the security model of all of the domain controllers is one in which all of the systems meet the following requirements: * Audit account logon events - both Success/Failure * Audit account management - both Success/Failure * Audit directory services access - both Success/Failure * Audit Logon events - both Success/Failure * Audit object access - both Success/Failure * Audit policy change - both Success/Failure * Audit privilege use - both Success/Failure * Audit process tracking - No auditing * Audit system events - both Success/Failure How can you ensure that all of the systems meet these requirements without impacting client systems in the domain? Select the answer that meets the requirements and requires the least amount of administrative effort. A. Deploy the Securedc.inf security template at the gunderville.com domain object. B. Deploy the Securedc.inf security template at the gunderville.com Domain Controllers OU. C. Deploy the Securedc.inf security template at the northamerica.gunderville.com Domain Controllers OU. D. Create a custom security template to meet all of the listed requirements and deploy it at the northamerica.gunderville.com domain object. E. Create a custom security template to meet all of the listed requirements and deploy it at the gunderville.com domain object. F. Create a custom security template to meet all of the listed requirements and deploy it at the northamerica.gunderville.com Domain Controllers OU.
27. You are the design architect for your company and you have been tasked with writing up the minimum system requirements for your company's public Web servers. You have been able to review the listed system requirements for the Windows Server 2003 Web Edition version of the operating system on the Microsoft Web site and have outlined that the recommended requirements should be the minimums for use in your production environment. From the following options, choose the selections that are considered the minimum supported hardware levels in your production environment for your company's public Web servers. (Choose all that apply) A. Minimum CPU speed 133MHz B. Minimum CPU speed 233MHz C. Minimum CPU speed 550MHz D. Minimum RAM 128MB E. Minimum RAM 256MB F. Minimum RAM 512MB
28. You are a desktop technician for the gunderville.com Windows Server 2003 domain running at Windows 2000 Server domain functional level (native mode). You have been tasked with configuring network connectivity for a small group of workstations as members of a workgroup on a segregated subnet for your engineering staff. Client systems in use are Windows 2000 Professional and Windows XP Professional systems. This subnet has connectivity via the local ISA server to the Internet but there is no other connectivity to the intranet. There is no DHCP server on this network and there are no network paths to one. The only network access that these clients need is with each other and to the ISA server and the Internet. Although there are not too many changes to the clients on this subnet, you will need to take into consideration that the subnet is not static and that other engineers from other sites may need to work in this workgroup from time to time. How can you configure network connectivity for this workgroup? Select the answer that uses the least amount of administrative effort. A. Have the clients use IP addresses from the ISA server assignment as they access the Internet. B. Configure the clients to use DHCP manual address assignment. C. Configure the client systems to assign themselves an IP address automatically. D. Manually configure all of the systems individually with a static IP address. E. Configure all clients to use NWLink to communicate with one another and the ISA server.
29. You are a network administrator for your Windows Server 2003 domain running at Windows 2000 Server domain functional level (native mode). You are designing the network configuration for your company at a new subsidiary. You need to use the 152.166.25.0 IP address that your company owns and segment the networks in this new location in such a way that you allow for 450 hosts per subnet currently and also allow for an anticipated growth of 40% for the client systems. Although the number of clients is expected to grow, the number of required subnets at this location is not and the current line of thinking is that no more than 30 subnets will ever be needed. You need to perform this task correctly and adjust for the anticipated growth numbers for clients and nothing additional. You should not calculate for any additional subnets than are necessary for the network configuration or for the total number of hosts per subnet whenever possible, yielding on the side of the host per subnet in the event of a configuration conflict. Which subnet mask should be used for the subnets at this location? A. 255.255.240.0 B. 255.255.248.0 C. 255.255.252.0 D. 255.255.254.0 E. 255.255.255.0
30. You are a network administrator for gunderville.com and you are designing the network configuration for your company at a new subsidiary. You have used the 152.166.25.0 IP address that your company owns and segmented the networks in this new location in such a way so as to allow for 450 hosts per subnet currently and also allow for an anticipated growth of 40% for the client systems. The overall network design of this location and to other remote locations is set up as such so that the distance between the two most remote subnets is 17 hops. You need to configure a routing solution for your design that will automatically allow for the update of routers in use. Which update method for routing can be used to dynamically update the routing information for your network so that static routing entries do not have to be manually maintained? A. Routing Information Protocol (RIP) version 1 B. Routing Information Protocol (RIP) version 2 C. Open Shortest Path First (OSPF) D. Interior Gateway Protocol (IGP) E. Only manual updates to the routes could be used.
31. You are a network administrator for your Windows 2003 Server forest. You have used the 190.185.55.0 IP address which your company owns and segmented the networks in this new location in such a way that allows for 50 hosts per subnet currently and also allow for an anticipated growth of 30% for the client systems. The design requirements for the subnets necessitate the use of the smallest number of hosts as possible while still meeting the design and growth needs of the environment. For the subnet range of addresses that start with 190.185.55.0, which IP address is the default broadcast IP address for the subnet? A. 190.185.55.127 using a subnet mask of 255.255.255.128 B. 190.185.55.255 using a subnet mask of 255.255.255.0 C. 190.185.55.63 using a subnet mask of 255.255.255.192 D. 190.185.55.31 using a subnet mask of 255.255.255.224 E. 190.185.55.255 using a subnet mask of 255.255.254.0
32. You are the network administrator for your Windows Server 2003 domain, and you have decided to use RIPv2 as your network's dynamic routing protocol, and you would like to configure router broadcasts by using multicast announcements. Your addressing scheme uses the CIDR address of 177.8.0.0 - 19 and the two most distant subnets in your environment are 15 hops from one another. Which of the following choices correctly identifies properties of RIPv2 with regard to your network setup? (Choose all that apply) A. Your RIPv2 routers can be configured to use multicast announcements. B. Your RIPv2 routers cannot be configured to use multicast announcements. C. RIPv2 routers support CIDR IP addressing. D. RIPv2 routers do not support CIDR IP addressing. E. The two most distant subnets in your environment are unreachable from one another using RIP; OSPF is needed for these subnets to reach one another. F. The two most distant subnets in your environment are reachable from one another using RIP.
33. You are the domain administrator for your Windows 2000 Server domain. You are one of the team members that have been picked to work on the network design implementation of migrating your network from Windows 2000 Server to Windows Server 2003. Your design has been outlined to require the planners to take into consideration availability, reliability, scalability, performance, and security of all network resources. Integration with the existing architecture is also required and you have been tasked with following best practices as outlined from Microsoft in an effort to deploy a design that is fully supported. During the design phase, you must break down the design into separate sections to consolidate efforts and prevent more overlap than is necessary. Which section of the network design process concerns itself with outlining the required services and technologies that will be needed to service the company and end user needs, such as how the physical sites will be designed and where network resources (such as domain controllers, DNS servers, Global Catalog servers and the like) will be placed throughout the environment? A. Physical design phase B. Conceptual design phase C. Logical design phase D. Overview design phase
34. You are the domain administrator for your Windows 2003 Server domain gunderville.com. You are one of the team members that has been picked to work on the network design upgrade of your Windows Server 2003 network with clients running Windows NT4 Workstation, Windows 2000 Professional, and Windows XP Professional. You have been tasked with outlining the required protocols that will be used on the network for SNA connectivity from the client systems to the to the AS/400 mainframe. From the following options, select the options that are true. (Choose all that apply) A. The DLC protocol is not available in Windows XP by default. B. The DLC protocol is not available in Windows 2000 by default. C. The DLC protocol is used by 3270 terminal emulators to communicate with IBM mainframes. D. The DLC protocol is used to print directly to Hewlett-Packard (HP) network printers. E. The NWLink protocol is used by 3270 terminal emulators to communicate with IBM mainframes. F. The DLC protocol is not available in Windows NT4 Workstation by default.
35. You have been tasked with connecting all three of your branch offices and your main office to the Internet. Branch office one has five Windows XP Professional workstations, three Windows 2000 Professional workstations, three Windows 98 clients, and two Windows Server 2003 systems. All of the clients use DHCP and are connected locally by a Layer 3 switch and connected to the main office via private leased lines. Branch two has five Windows 2000 Professional workstations, four XP Professional workstations, two Windows 2000 Servers and one Windows NT4 Server running service pack 6a. All of the clients use DHCP and are connected together locally by a layer 3 switch and back to the main office via private leased lines. Branch three has six Windows 2000 Professional workstations, seven XP Professional workstations, three Windows 2000 Servers, one Windows Server 2003 system and three Windows NT4 Servers running service pack 6a. All of the clients use DHCP and are connected together locally by a layer 3 switch and back to the main office via private leased lines. The main office has six Windows 2000 Professional workstations, ten XP Professional workstations, four Windows 2000 Servers, four Windows Server 2003 systems all interconnected by hubs. All of these clients use DHCP as well. You have been tasked to allow all of the systems to have Internet connectivity and to ensure that a moderate level of security is available for all of the systems in use and to utilize the least amount of administrative effort and cost. You also need to optimize the Internet connection for the clients without any additional cost whenever possible. Choose the options below that are some of the actions that you would take to complete this task as outlined. (Choose all that apply) A. Configure the IP address of ISA server as the proxy server in Internet Explorer on each client. B. Install ISA server and run it in integrated mode. C. Enable Routing and Remote Access services on one of the servers to connect to the Internet. D. Enable Internet Connection Sharing on one of the servers and manually configure all of the clients' default gateway with the IP address of this server. E. Install ISA server running in firewall mode. F. Enable Internet Connection Sharing on each of the clients.
36. You are the main server operator for your Windows Server 2003 domain and you have been tasked with troubleshooting one of the Windows Server 2003 Web Edition servers in your production environment which is performing sluggishly, even when there is very little network traffic coming in to the box. You have decided that the best course of action is to capture some performance data using System Monitor from a remote system. You have started the System Monitor from the Performance MMC. From the following options, choose the answers that are part of the necessary steps with setting up the System Monitor to capture performance data from a remote system. (Choose all that apply) A. In the Select counters from computer dialog box you would choose Connect to remote system and then type the name of the computer that you want to monitor in the Computer box. B. In the Select Counters dialog box, click Select counters from computer, and then type the name of the computer that you want to monitor in the Computer box. C. Expand Performance Logs and Alerts, right-click Counter Logs, and then click Connect to remote system. D. Expand Performance Logs and Alerts, right-click Counter Logs, and then click New Log Settings. Name the log, and then click OK. Once this is done, Click Add to add counters to the log. E. Click All counters, click All instances, click Add, and then click Close.
37. You have been tasked with connecting all three of your branch offices and your main office to the Internet. Branch one has five Windows XP Professional workstations, three Windows 2000 Professional workstations, three Windows 98 clients, and two Windows Server 2003 systems. All of the clients use DHCP and are connected locally by a Layer 3 switch and back to the main office via private leased lines. Branch two has five Windows 2000 Professional workstations, four XP Professional workstations, two Windows 2000 Servers, and one Windows NT4 Server running Service Pack 6a. All of the clients use DHCP and are connected locally by a Layer 3 switch and back to the main office via private leased lines. Branch three has six Windows 2000 Professional workstations, seven XP Professional workstations, three Windows 2000 Servers, one Windows Server 2003 system, and three Windows NT4 Servers running Service Pack 6a. All of the clients use DHCP and are connected together locally by a Layer 3 switch and back to the main office via private leased lines. The main office has six Windows 2000 Professional workstations, ten XP Professional workstations, four Windows 2000 Servers, four Windows Server 2003 systems all interconnected by hubs. All of these clients use DHCP as well. You have been tasked with allowing all of the systems to have Internet connectivity and to ensure that a moderate level of security is available for all of the systems in use, all utilizing the least amount of administrative effort and cost. You also need to optimize the Internet connection for the clients without any additional cost whenever possible. You have installed one of the servers in the main office as a Routing and Remote Access server to connect to the Internet and you have enabled a different system in the main office as an ISA server. However, there are issues with clients from all subnets not being able to successfully connect to the Internet. The Routing and Remote Access server can PING Internet root servers as can the ISA server but the same test from any client system fails. When you check the IP configuration for the ISA server you find that the internal NIC supports the following information: Description . . . . . . . . . . . : D-Link DFE-550TX FAST Ethernet 10/100 Adapter DHCP Enabled. . . . . . . . . . . No IP Address. . . . . . . . . . . . : 135.198.10.225 Subnet Mask . . . . . . . . . . . : 255.255.0.0 Default Gateway . . . . . . . . . 135.198.1.1 DNS Servers . . . . . . . . . . . : 135.198.203.179 135.198.20.40 Primary WINS Server . . . . . .135.198.1.202 When you check the IP configuration for the ISA server you find that the external NIC supports the following information: Description . . . . . . . . . . . : Intel FAST Ethernet 10/100 Adapter DHCP Enabled. . . . . . . . . . . No IP Address. . . . . . . . . . . . : 193.248.22.36 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . 193.248.22.1 DNS Servers . . . . . . . . . . . : 193.248.22.4 193.248.22.5 Primary WINS Server . . . . . .193.248.22.10 From the following choices, chose the one answer that is the most likely reason why there are issues with the Internet connection for the client systems. A. Both NICs are using IP addressing from different classful IP address ranges and this is causing an issue with the ISA configuration. B. Both NICs contain default gateway configuration settings, which is causing an issue with the ISA configuration. C. Both of the NICs are configured with different DNS servers which is causing issues with the ISA configuration. D. Both of the NICs are configured with different default gateways, which is causing issues with the ISA configuration; both default gateways need to be the same. E. Client systems on the network are separated by Layer 3 Switches, for this configuration solution to work, the network configuration would need to use routers. F. Client systems on the network are separated by Layer 3 Switches, for this configuration solution to work, the network configuration would need to use Layer 2 switches.
38. You have been tasked with connecting all three of your branch offices and your main office to the Internet.Branch one has five Windows XP Professional workstations, three Windows 2000 Professional workstations, three Windows 98 clients, and two Windows Server 2003 systems. All of the clients use manually configured IP addresses from the 170.25.68.0 range of addresses and are connected locally by a Layer 3 switch and back to the main office via private leased lines.Branch two has five Windows 2000 Professional workstations, four XP Professional workstations, two Windows 2000 Servers, and one Windows NT4 Server running service pack 6a. All of the clients use manually configured IP addresses from the 170.25.69.0 range of addresses and are connected locally by a Layer 3 switch and back to the main office via private leased lines. Branch three has six Windows 2000 Professional workstations, seven XP Professional workstations, three Windows 2000 Servers, one Windows Server 2003 system and three Windows NT4 Servers running service pack 6a. All of the clients use manually configured IP addresses from the 170.25.70.0 range of addresses and are connected locally by a Layer 3 switch and back to the main office via private leased lines. The main office has six Windows 2000 Professional workstations, ten XP Professional workstations, four Windows 2000 Servers, four Windows Server 2003 systems, all interconnected by hubs. All of these clients use manually configured IP addresses from the 170.25.71.0 range of addresses. You have been tasked with allowing all of the systems to have Internet connectivity and to utilize the least amount of administrative effort and cost whenever possible. You also need to optimize the Internet connection for the clients without any additional cost. You have installed one of the servers in the main office as a Routing and Remote Access server to connect to the Internet and you have enabled a different system in the main office as a system that will run with Internet Connection Sharing so that all of the systems will connect to the Internet via this one system. From the following choices, chose the one answer that is the most likely reason why there are issues with the Internet connection for the client systems. A. The client systems must be manually configured with IP addresses from the reserved private IP address range of Class A addresses in the 10.0.0.0 - 10.255.255.255 range. B. The client systems must be manually configured with IP addresses from the reserved range that APIPA utilizes. C. The client systems must be configured to obtain an IP address automatically. D. All of the client systems need to allocate IP addresses from a DHCP server designed to use any of the public ranges of fully routable IP addresses to fully utilize Internet Connection Sharing. E. Client systems on the network are separated by Layer 3 Switches, for this configuration solution to work, the network configuration would need to use routers. F. Client systems on the network are separated by Layer 3 Switches, for this configuration solution to work, the network configuration would need to use Layer 2 switches.
39. You are the desktop administrator for your Windows Server 2003 network and you are attempting to resolve some issues with client systems resolving server names. The DNS databases have been out of synchronization and some of this issue was made worse on the network by WINS database corruption as well, which lead to resolving NetBIOS names incorrectly. Work has been performed on the WINS database to rebuild the name table and synchronization on the DNS names has been forced and now all of the DNS servers are up to date. Which command can be run to refresh the name caching for the clients so that they will perform new name resolution lookups and not refer back to any previously stored name resolution information? A. IPCONFIG /FlushDNS must be run at a command prompt on all of the DNS servers. B. IPCONFIG /FlushDNS must be run at a command prompt on all of the client systems. C. FlushDNS must be run at a command prompt on all of the DNS servers. D. FlushDNS must be run at a command prompt on all of the client systems. E. FlushDNS must be run at a command prompt on all of the WINS servers so that all of the clients are forced to re-register their NetBIOS names.
40. You have been tasked with connecting all three of your branch offices and your main office to the Internet. Branch one has five Windows XP Professional workstations, three Windows 2000 Professional workstations, three Windows 98 clients, and two Windows Server 2003 systems. All of the clients use manually configured IP addresses from the 170.25.68.0 range of addresses and are connected locally by a Layer 3 switch at IP address 170.25.68.1 and back to the main office via private leased lines. Branch two has five Windows 2000 Professional workstations, four XP Professional workstations, two Windows 2000 Servers, and one Windows NT4 Server running Service Pack 6a. All of the clients use manually configured IP addresses from the 170.25.69.0 range of addresses and are connected locally by a Layer 3 switch at IP address 170.25.69.1and back to the main office via private leased lines. Branch three has six Windows 2000 Professional workstations, seven XP Professional workstations, three Windows 2000 Servers, one Windows Server 2003 system, and three Windows NT4 Servers running Service Pack 6a. All of the clients use manually configured IP addresses from the 170.25.70.0 range of addresses and are connected locally by a Layer 3 switch at IP address 170.25.70.1 and back to the main office via private leased lines. The main office has six Windows 2000 Professional workstations, ten XP Professional workstations, four Windows 2000 Servers, four Windows Server 2003 systems, all interconnected by hubs. All clients use manually configured IP addresses from the 192.168.0.2 /24 range of addresses. You have been tasked with providing all of the systems with Internet connectivity and to utilize the least amount of administrative effort and cost whenever possible. You also need to optimize the Internet connection for the clients without any additional cost. You have installed one of the servers in the main office as a Routing and Remote Access server to connect to the Internet and you have enabled a different system in the main office as a system that will run with Internet Connection Sharing so that all of the systems will connect to the Internet via this one system. All of the systems in the main office can connect to the Internet but none of the remote offices can. Computer systems can successfully communicate with one another across the switches successfully. What is the reason for the connectivity issue with the three branch offices? A. The client systems in the three branch offices must be manually configured with IP addresses from the reserved range used by APIPA. B. The client systems in the three branch offices must be configured to obtain an IP address automatically. C. All of the client systems need to allocate IP addresses from a DHCP server designed to use any of the public ranges of routable IP addresses to fully utilize Internet Connection Sharing. D. Client systems on the network are separated by Layer 3 switches, for this configuration to work, the network configuration would need to use routers. E. Client systems on the network are separated by Layer 3 Switches, for this configuration to work, the network configuration would need to use Layer 2 switches.
41. You are a desktop administrator for gunderville.com. Clients on your network are running a number of different operating systems, including Windows 98, ME, 2000, XP, and Server 2003. There are two WINS servers and two DNS servers local to each subnet and the clients are always configured to use those servers for name resolution only. Recently, a new server (SERVER12) was installed on a particular subnet and although there have been no reported issues with incoming connectivity to the server, there are issues with the server itself accessing network resources. Whenever SERVER12 attempts to access resources outside of the subnet, it appears that the server cannot reach them. You try to PING the remote server sales.gunderville.com from SERVER12 and you receive the following output: Pinging sales.gunderville.com with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for sales.gunderville.com: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) You then attempt to PING SERVER01 on the local subnet and you receive the following response: Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Ping statistics for 189.17.144.12: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milliseconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms You decide to check the IP configuration of the system by running IPCONFIG/ALL and receive the following output: Connection-specific DNS Suffix . : gunderville.com Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection Physical Address. . . . . . . . . : 05-10-H9-C1-A2-AB DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : No IP Address. . . . . . . . . . . . : 189.17.144.99 Subnet Mask . . . . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . . . . : 189.17.145.99 DHCP Server . . . . . . . . . . . : 189.17.144.250 DNS Servers . . . . . . . . . . . : 189.17.143.1 189.17.143.2 Primary WINS Server . . . . . . . : 189.17.145.3 Secondary WINS Server . . . . . . : 189.17.145.4 Lease Obtained. . . . . . . . . . : Monday, September 29, 2003 12:50:53 PM Lease Expires . . . . . . . . . . : Tuesday, September 30, 2003 12:50:53 PM What is the apparent reason for the outbound network connectivity issue from SERVER12? A. The default gateway is incorrect. B. The server's IP address is not correctly assigned for the subnet. C. Routing for the network is inconsistent or beginning to fail. D. The IP addresses entries for the DNS servers are incorrect. E. The IP addresses entries for the WINS servers are incorrect.
42. You are a desktop administrator for gunderville.com. Clients on your network are running a number of different operating systems, including Windows 98, ME, 2000, XP, and Server 2003. There are two WINS servers and two DNS servers local to each subnet and the clients are always configured to use those servers for name resolution only. Recently, a new server (SERVER12) was installed on a particular subnet and although there have been no reported issues with incoming connectivity to the server, there are issues with the server itself accessing network resources. Whenever SERVER12 attempts to access resources outside of the subnet, it appears that the server cannot reach them. You try to PING the remote server sales.gunderville.com from SERVER12 and you receive the following output: Pinging sales.gunderville.com [189.17.143.12] with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for sales.gunderville.com: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), You then attempt to PING SERVER01 on the local subnet and you receive the following response: Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Ping statistics for 189.17.144.12: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milliseconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms You decide to check the IP configuration of the system by running IPCONFIG/ALL and receive the following output: Connection-specific DNS Suffix . : gunderville.com Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection Physical Address. . . . . . . . . : 05-10-H9-C1-A2-AB DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : No IP Address. . . . . . . . . . . . : 189.17.144.99 Subnet Mask . . . . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . . . . : 189.17.143.99 DHCP Server . . . . . . . . . . . : 189.17.144.250 DNS Servers . . . . . . . . . . . : 189.17.145.1 189.17.145.2 Primary WINS Server . . . . . . . : 189.17.145.3 Secondary WINS Server . . . . . . : 189.17.145.4 Lease Obtained. . . . . . . . . . : Monday, September 29, 2003 12:50:53 PM Lease Expires . . . . . . . . . . : Tuesday, September 30, 2003 12:50:53 PM What is the apparent reason for the outbound network connectivity issue from SERVER12? A. The default gateway is incorrect. B. The server's IP address is not correctly assigned for the subnet. C. Routing for the network is inconsistent or beginning to fail. D. The IP addresses entries for the DNS servers are incorrect. E. The IP addresses entries for the WINS servers are incorrect.
43. You are a desktop administrator for gunderville.com. Clients on your network are running a number of different operating systems, including Windows 98, ME, 2000, XP, and Server 2003. Your network has a total of three remote locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two WINS servers and two DNS servers local to each subnet and the clients are always configured to use those servers for name resolution only. There are two domain controllers at the main site and one domain controller at each branch office. Branch office one has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a private leased line. Branch office two has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a demand dial connection. Branch office three has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a dedicated circuit. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in an 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4; DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. In this network design, where are the single points of failure where any service can be orphaned directly or through the loss of another network service? (Choose all that apply) A. DNS servers B. Domain controllers C. DHCP servers D. WAN links E. WINS servers
44. You are an enterprise administrator for gunderville.com, sales.gunderville.com, and commerce.gunderville.com. Your network design has a total of three remote office locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two domain controllers for gunderville.com at the main site and one domain controller at each branch office for gunderville.com. There are two domain controllers for sales.gunderville.com at the main site and one domain controller at each branch office for sales.gunderville.com. There are two domain controllers for commerce.gunderville.com at the main site and one domain controller at each branch office for commerce.gunderville.com. Branch office one has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a private leased line that is nearly 40% utilized at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. Branch office two has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a demand-dial connection. This primary demand-dial connection is nearly always on and runs at 60% capacity on average. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. Branch office three has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a dedicated circuit and runs at about 30% capacity at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in an 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4; DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. Your plan calls for installing two DNS servers at the main office; one of the DNS servers will hold the gunderville.com, sales.gunderville.com, and commerce.gunderville.com zones as a Standard Primary zone and the other DNS server in the main office will be hold a Standard Secondary copy of the three zones. The plan also calls for the placement of one DNS server with a Standard Secondary zone at each branch office. What factors need to be considered regarding putting this design plan together from this point forward? (Choose all that apply) A. The number of DNS zones that the DNS server is expected to host needs to be considered. B. The number and type of WAN links available. C. The placement of DNS servers. D. Backup strategy for the DNS servers. E. Which DNS servers will be used to resolve DNS names for other domains for which they are not authoritative.
45. You are an enterprise administrator for gunderville.com, sales.gunderville.com, and commerce.gunderville.com. Your network design has a total of three remote office locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two domain controllers for gunderville.com at the main site and one domain controller at each branch office for gunderville.com. There are two domain controllers for sales.gunderville.com at the main site and one domain controller at each branch office for sales.gunderville.com. There are two domain controllers for commerce.gunderville.com at the main site and one domain controller at each branch office for commerce.gunderville.com. Each domain controller is currently installed in the role of a DNS server and the zone information for DNS is Active Directory integrated. All of the domain controllers are Windows Server 2003 with the exception of one domain controller in branch office one in the sales.gunderville.com domain and one domain controller in branch office three in the commerce.gunderville.com domain. These two domain controllers are running Windows 2000 Advanced Server. Branch office one has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a private leased line that is nearly 40% utilized at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. Branch office two has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a demand-dial connection. This primary demand-dial connection is nearly always "on" and runs at 60% capacity on average. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. Branch office three has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a dedicated circuit and runs at about 30% capacity at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in an 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4; DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. You need to configure a method of DNS replication that will allow each DNS zone data set to be replicated to all domain controllers in that particular Active Directory domain. How should you set the zone replication scope? A. All DNS servers in the Active Directory forest. B. All DNS servers in the Active Directory domain. C. All domain controllers in the Active Directory domain. D. All domain controllers in a specified application directory partition.
46. You are an enterprise administrator for gunderville.com, sales.gunderville.com, and commerce.gunderville.com. Your network design has a total of three remote office locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two domain controllers for gunderville.com at the main site and one domain controller at each branch office for gunderville.com. There are two domain controllers for sales.gunderville.com at the main site and one domain controller at each branch office for sales.gunderville.com. There are two domain controllers for commerce.gunderville.com at the main site and one domain controller at each branch office for commerce.gunderville.com. Each DC is currently installed in the role of a DNS server and the zone information for DNS is Active Directory integrated. All of the domain controllers are Windows Server 2003 with the exception of one domain controller in branch office one in the sales.gunderville.com domain and one domain controller in branch office three in the commerce.gunderville.com domain. These two domain controllers are running Windows 2000 Advanced Server. Branch office one has all of the clients using DHCP and connected locally by a hub which is uplinked to a router back to the main office via a private leased line that is nearly 40% utilized at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. Branch office two has all of the clients using DHCP and connected locally by hub which is uplinked to a router back to the main office via a demand-dial connection. This primary demand-dial connection is nearly always on and runs at 60% capacity on average. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. Branch office three has all of the clients using DHCP and connected locally by hub which is uplinked to a router back to the main office via a dedicated circuit and runs at about 30% capacity at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in an 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4; DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. You need to configure a forwarding configuration for your DNS servers so that client systems will use DNSSRV12 at the company's main headquarters only to resolve DNS queries for internet hosts. What are the steps to accomplish this? (Choose all that apply) A. Start the DNS Management Console. B. Open Active Directory Users and Computers. C. Right-click the DNS zone under Forward Lookup Zones object and choose Properties. D. Right click the DNS Server object and choose Properties. E. On the Forwarder tab, check the Enable forwarders check-box and enter the IP address of the DNS servers you want to forward queries to in the IP address box. F. On the Start of Authority tab, check the Enable forwarders check-box and enter the IP address of the DNS servers you want to forward queries to in the IP address box.
47. You are an enterprise administrator for gunderville.com, sales.gunderville.com, and commerce.gunderville.com. Your network design has a total of three remote office locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two domain controllers for gunderville.com at the main site and one domain controller at each branch office for gunderville.com. There are two domain controllers for sales.gunderville.com at the main site and one domain controller at each branch office for sales.gunderville.com. There are two domain controllers for commerce.gunderville.com at the main site and one domain controller at each branch office for commerce.gunderville.com. Each domain controller is currently installed in the role of a DNS server and the zone information for DNS is Active Directory integrated. All of the domain controllers are Windows Server 2003 with the exception of one domain controller in branch office one in the sales.gunderville.com domain and one domain controller in branch office three in the commerce.gunderville.com domain. These two servers are running Windows 2000 Advanced Server. Your design plans called for extensive logging of the DNS server as part of the security and recovery measures for deploying the Windows Server 2003 DNS services in your forest. What are the steps to enable full logging on the DNS server? (Choose all that apply) A. Start the DNS Management Console. B. Open Active Directory Users and Computers. C. Right click the DNS zone under Forward Lookup Zones object and choose Properties. D. On the Start of Authority tab of the DNS zone where you want to enable the logging, check the All Events radio button under the Log the following events heading. E. Right-click the DNS server on which you need to enable Event logging, select the Event Logging tab, and select the All Events radio button under the Log the following events heading. F. Right-click the DNS server on which you need to enable Event logging, select the Security tab, and select the All Events radio button under the Log the following events heading.
48. You are an enterprise administrator for sales.gunderville.com. Your network design has a total of three remote office locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two domain controllers for gunderville.com at the main site and one domain controller at each branch office for gunderville.com. All of the DNS servers are Standard DNS zones. One of the two DNS servers at the main location hosts the Standard Primary zone and the other hosts the standard secondary zone. Branch Office three has a BIND 4.9.7 DNS server installed and you need to be able to integrate the existing server into the design as best as you can. Which DNS features can a BIND 4.9.7 DNS support? (Choose all that apply) A. SRV records B. Dynamic updates C. Support for WINS and WINS-R records D. Support for incremental zone transfer E. Support for fast zone transfer
49. You are the domain administrator for your Windows Server 2003 domain and you are in the process of setting up a NetBIOS name resolution for your domain. Your main location has a total of 44 host systems at this including the installed server systems. Client systems in use include Windows NT4 Workstation, Windows 98, Windows 2000 Professional, and Windows XP Professional. Branch office one has all of the clients using DHCP and connected locally by a Layer 2 switch and back to the main office via a private leased line that is nearly 40% utilized at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 27 host systems at this location including the installed servers. Branch office two has all of the clients using DHCP and connected locally by a Layer 2 switch and back to the main office via a demand-dial connection. This primary demand-dial connection is nearly always "on" and runs at 60% capacity on average. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 19 host systems at this location including the installed servers. Branch office three has all of the clients using DHCP and connected locally by a Layer 2 switch and back to the main office via a dedicated circuit and runs at about 30% capacity at all times. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 31 host systems at this location including the installed servers. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in an 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4; DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. In an effort to cut down on the amount of broadcast traffic on your network, you have decided to configure all of the clients to use WINS servers only to resolve NetBIOS names. There are two WINS servers installed at the main location; WINS1 and WINS2. How can you accomplish this task with the least amount of administrative effort for your clients and servers throughout the domain? (Choose all that apply) A. On the client systems, manually set the preferred primary and secondary WINS servers on the TCP/IP properties pages. B. On the server systems, manually set the preferred primary and secondary WINS servers on the TCP/IP Properties pages. C. On the client systems, manually configure the LMHOSTS file to identify the WINS servers to be used. D. On the server systems, manually configure the LMHOSTS file to identify the WINS servers to be used. E. Use the DHCP server advanced options to configure the client systems with the Primary and Secondary WINS servers that should be used. F. Enable WINS forward lookup on the WINS tab of the DNS zone for the domain.
50. You are the domain administrator for your Windows Server 2003 domain and you are in the process of setting up a NetBIOS name resolution for your domain. Your main location has a total of 44 host systems at this including the installed server systems. Client systems in use include Windows NT4 Workstation, Windows 98, Windows 2000 Professional, and Windows XP Professional. Branch office one has all of the clients using DHCP and connected locally by a Layer 2 switch and back to the main office via a private leased line. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 27 host systems at this location including the installed servers. Branch office two has all of the clients using DHCP and connected locally by a Layer 2 switch and back to the main office via a demand-dial connection. This primary demand-dial connection is nearly always on. There is a slower, secondary demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 19 host systems at this location including the installed servers. Branch office three has all of the clients using DHCP and connected locally by a Layer 2 switch and back to the main office via a dedicated circuit. There is also a demand-dial connection back to the main office that is used if the primary connection goes down. There are a total of 31 host systems at this location including the installed servers. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in a 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4 and DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. In an effort to cut down on the amount of broadcast traffic on your network, you have decided to configure all of the clients to use WINS servers only to resolve NetBIOS names. There are two WINS servers installed at the main location; WINSMAIN1 and WINSMAIN2 and there is one WINS server at each branch office. WINS1 is at branch office one, WINS2 is at branch office two, and WINS3 is at branch office three. You need to come up with a replication scheme that will allow you to minimize the convergence time for the WINS databases. How can you accomplish this task? A. Make WINSMAIN1 and WINSMAIN2 push/pull partners and configure WINS1, WINS2, and WINS3 as push partners, where WINS1 pushes to WINS2, which in turn pushes to WINS3. WINS3 would then push to WINSMAIN2. B. Make WINSMAIN1 and WINSMAIN2 push partners and configure WINS1, WINS2, and WINS3 as push/pull partners, where WINS1 push/pulls with WINS2, which in turn push/pulls to WINS3. WINS3 would then push to WINSMAIN2. C. Make WINSMAIN1 and WINSMAIN2 push/pull partners and configure WINS1, WINS2, and WINS3 as push/pull partners where WINS1 push/pulls with WINS2, which in turn push/pulls with WINS3. WINS3 would then push to WINSMAIN2. D. Make WINSMAIN1 and WINSMAIN2 pull partners and configure WINS1, WINS2, and WINS3 as pull partners, where WINS3 pulls from WINS2 and WINS3 pulls from WINS1 as well. WINS3 would then push to WINSMAIN2. E. Configure your setup sp that WINSMAIN1 and WINSMAIN2 are push/pull partners, WINSMAIN1 and WINS1 are push/pull partners, WINSMAIN1 and WINS2 are push/pull partners, and WINSMAIN1 and WINS3 are push/pull partners. F. Make WINSMAIN1 and WINSMAIN2 push/pull partners. You would then configure WINS1, WINS2, and WINS3 as push/pull partners where WINS3 push/pulls with WINS2, WINS3 push/pulls with WINS1 as well. WINSMAIN2 would then pull from WINS3.
51. You are the domain administrator for your Windows Server 2003 domain and you are in the process of setting up a NetBIOS name resolution for your domain. Your main location has a total of 44 host systems at this including the installed server systems. Client systems in use include Windows NT4 Workstation, Windows 98, Windows 2000 Professional, and Windows XP Professional. One of the servers in the site is running an application that requires that an available domain controller be specified locally in the LMHOSTS file for its use. You need to configure an entry in the LMHOSTS file for the domain controller. What is the proper syntax for this entry? A. 192.168.1.55 DC1 #DOM:gunderville B. 192.168.1.55 DC1 #PRE #DOM:gunderville C. DC1 192.168.1.55 #PRE #DOM:gunderville D. DC1 192.168.1.55 #DOM:gunderville E. 192.168.1.55 DC1 #PRE:gunderville
52. You are the domain administrator for your Windows Server 2003 domain and you are troubleshooting a DNS name resolution issue for gunderville.com. There are intermittent issues with DNS where the DNS server provides incorrect name resolution information to queries it is receiving for some FQDNs. You need to formulate the reasons behind why this might occur as the first steps to troubleshooting this issue. What are the three main reasons that this issue might occur with DNS? (Choose all that apply) A. Resource records (RRs) were not dynamically updated in a zone. B. The IP address on the DNS server needs to be updated. C. A static DNS resource record in the zone has incorrect information in it. D. Older cached lookups are being used when the resource is no longer available. E. SRV records on the server have been manually updated.
53. You are the domain administrator for your Windows Server 2003 domain and you are troubleshooting a DNS name resolution issue for gunderville.com. Recently, a new server (FILEPRINT06) was installed on a particular subnet and although there have been no reported issues with incoming connectivity to the server, there are issues with the server itself accessing network resources. Whenever FILEPRINT06 attempts to access resources outside of the subnet, it appears that the server cannot reach them. You try to PING the remote server DC2.gunderville.com from FILEPRINT06 and you receive the following output: Pinging sales.gunderville.com with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for sales.gunderville.com: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), You then attempt to PING SYS67 on the local subnet and you receive the following response: Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Reply from 189.17.144.12: bytes=32 timeandlt;1ms TTL=128 Ping statistics for 189.17.144.12: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milliseconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms You decide to check the IP configuration of the system by running IPCONFIG/ALL Connection-specific DNS Suffix . : gunderville.com Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection Physical Address. . . . . . . . . : 05-10-H9-C1-A2-AB DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : No IP Address. . . . . . . . . . . . : 189.17.144.92 Subnet Mask . . . . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . . . . : 189.17.145.99 DHCP Server . . . . . . . . . . . : 189.17.144.250 DNS Servers . . . . . . . . . . . : 189.17.143.1 189.17.143.2 Primary WINS Server . . . . . . . : 189.17.145.3 Secondary WINS Server . . . . . . : 189.17.145.4 Lease Obtained. . . . . . . . . . : Monday, September 29, 2003 12:50:53 PM Lease Expires . . . . . . . . . . : Tuesday, September 30, 2003 12:50:53 PM What is the apparent reason for the outbound network connectivity issue from FILEPRINT06? A. The IP addresses entries for the WINS servers are incorrect. B. The IP address on the DNS server is incorrect. C. The default gateway is incorrect. D. The server's IP address is not correctly assigned for the subnet. E. Routing for the network is inconsistent or beginning to fail.
54. You are a network administrator for your Windows Server 2003 domain and you are updating the network configuration for your company. You have used the 190.25.77.0 IP address that your company owns and segmented the networks in this new location in such a way so as to allow for 60 hosts per subnet currently and also allow for an anticipated growth of 15% for the client systems. The overall network design of this location and to other remote locations is set up so that the distance between the two most remote subnets is 14 hops between all 45 routers in use on the LAN. You need to configure a routing solution for your design that will automatically allow for the update of routers that are in use. Which routing protocols can be used to dynamically update the routing information for your network so that static routing entries do not have to be manually maintained? (Choose all that apply) A. Routing Information Protocol (RIP) version 1 B. Routing Information Protocol (RIP) version 2 C. Open Shortest Path First (OSPF) D. Interior Gateway Protocol (IGP)
55. You are a network administrator for your Windows Server 2003 domain and you are updating the network configuration for your company. You have used the 190.25.77.0 IP address that your company owns and segmented the networks in this new location in such a way so as to allow for 60 hosts per subnet currently and also allow for an anticipated growth of 15% for the client systems. Your design also calls for adding to your design a routing configuration that will allow you to forwarding of IP multicast traffic. You have decided to use the Routing and Remote Access Service on your Windows Server 2003 system to handle this requirement in your environment. As part of the design and configuration of this routing solution, you need to map out the TTL thresholds for the multicast scopes that will be used. TTL boundaries prevent the forwarding of IP multicast traffic with a TTL less than a specified value and they apply to all multicast packets regardless of the multicast group. What is the TTL threshold for a multicast restriction to a single site? A. 15 B. 1 C. 63 D. 127 E. 191 F. 255
56. You are a network administrator for your Windows Server 2003 domain and you are updating the network configuration for your company. Part of your design calls for configuring the appropriate Remote Access Policy for your client systems that connect to the internal network. You have been tasked with outlining the steps for junior network administrators. Which steps need to be taken to configure a Remote Access Policy? (Choose all that apply) A. Open the Routing and Remote Access MMC from the Administrative Tools menu and select the specific server you need to configure and then and then click Remote Access Policies from the available object subcategories. B. Open the Active Directory Users and Computers MMC from the Administrative Tools menu and select the specific server you need to configure and then and then click Remote Access Policies from the available object subcategories. C. From the Active Directory Users and Computers MMC, select Remote Access Policies in the tree pane under the specific server and either right-click it or go to Action to create a new Remote Access Policy. D. From the Routing and Remote Access MMC, select Remote Access Policies in the tree pane under the specific server and either right-click it or go to Action to create a new Remote Access Policy. E. By using the New Remote Access Policy wizard, you can either set up a custom policy or allow the wizard to continue configuring a typical policy for a common scenario. F. Once you have started the process of creating a new policy you are required to manually enter all of the specific information for the policy.
57. You are a network administrator for your Windows Server 2003 domain and you are updating the network configuration for your company. Part of your design calls for outlining the appropriate level of security of data that is transmitted on the network and adding that information into the standards documentation. You need to determine which types of network that cannot be secured using IPSec. Which IP traffic would you have to list as being exempt from securing via IPSec in your documentation when IPSec tunnel-mode is used? (Choose all that apply) A. Resource Reservation Protocol (RSVP) B. Unicast C. Broadcast D. DNS E. Multicast F. DHCP
58. You are a domain administrator and you have been tasked with reviewing the Domain Controllers Baseline Policy (Domain Controller.inf) to verify some of the settings that are enabled when the template is in use. Under this template, which of the following default users/groups can log on locally if none of the defaults have been changed? (Choose all that apply) A. Administrators B. Domain Users C. Remote Desktop Users D. Account Operators E. Print Operators F. Windows Authorization Access Group
59. You are a desktop administrator for gunderville.com. Clients on your network are running a number of different operating systems, including Windows 98, ME, 2000, XP, and Server 2003. Your network has a total of three remote locations configured as their own subnets and the main office location which is also configured as its own subnet. There are two WINS servers and two DNS servers local to each subnet and the clients are always configured to use those servers for name resolution only. There are two domain controllers at the main site and one domain controller at each branch office. Branch office one has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a private leased line. Branch office two has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a demand dial connection. Branch office three has all of the clients using DHCP and connected locally by a Layer 3 switch and back to the main office via a dedicated circuit. Currently, there are two DHCP servers at the main location servicing all of the clients on all four subnets. The two DHCP servers have four scopes in total installed on each of them in an 80/20 division arrangement. DHCP1 has 80 percent of Scope 1 and 2 and 20 percent of Scope 3 and 4; DHCP2 has 20 percent of Scope 1 and 2 and 80 percent of Scope 3 and 4. Lease durations for DHCP leases are 14 days. In this network design, where are the single points of failure where any service can be orphaned directly or through the loss of another network service? (Choose all that apply) A. DNS servers B. Domain controllers C. DHCP servers D. WAN links E. WINS servers
60. You are the domain administrator for gunderville.com. Client systems in use include Windows NT4 Workstation, Windows 98, Windows 2000 Professional, and Windows XP Professional. You have been tasked with setting up a Public Key Infrastructure (PKI) configuration for your domain and you are trying to decide whether or not you should use a third-party authentication service or use Windows Server 2003 to configure one or more CAs as a PKI to issue and manage your digital certificates. If you are planning to use your certificates outside of your own organization as well as internally, what is the best method for your design? A. Use Windows Server 2003 to configure one or more CAs as a PKI to issue and manage your digital certificates. B. Use a third-party authentication service to configure one or more CAs as a PKI to issue and manage your digital certificates. C. Add a third-party authentication service to your Windows Server 2003 system that is configured as a CA to issue and manage your digital certificates. D. Add your Windows Server 2003 system that is configured as a CA to issue and manage your digital certificates to a third-party authentication service that can authorize your certificates for public use.
|