Term
ITCertKeys.com has an IPv6 network which has 25 segments. As an administrator, you deploy a server on IPv6 network. What should you do to make sure that the server can communicate with systems on all segments of the IPv6 network?
A. Configure the IPv6 address on the server as 0000::2c0:d11f:fec8:3124/64
B. Configure the IPv6 address on the server as ff80::2c0:d11f:fec8:3124/64
C. Configure the IPv6 address on the server as fe80::2c0:d11f:fec8:3124/64
D. Configure the IPv6 address on the server as fd00:: 2c0:d11f:fec8:3124/8. |
|
Definition
|
|
Term
*You are a network administrator at ITCertKeys.com. You have upgraded all servers in the company to Windows Server 2008. ITCertKeys.com wants you to configure IPv6 addresses on all computers in the network. A global address prefix is assigned to you. The prefix is 3FFA:FF2B:4D:B000::/41. ITCertKeys.com has four departments. You have to assign a subnet to each department. In this way, which subnetted address prefix will you assign to the fourth department?
A. 3FFA:FF2B:4D:C800::/43
B. 3FFA:FF2B:4D:B400::/43
C. 3FFA:FF2B:4D:C000::/43
D. 3FFA:FF2B:4D:F000::/45
E. None of the above |
|
Definition
| Answer: A Explanation The option 3FFA:FF2B:4D: C800::/43 is correct. The subnetting in IPv6 is performed by determining the number of bits used for subnetting and the itemization of the new subnetted address prefixes. Usually the number of bits for subnetting is s, where 2^s = number of subnets to be created. In this scenario 2^s = 4 and therefore s=2. Then the itemizations of the new subnetted address prefixes are done. In this scenario, the correct subnetted address prefix is 3FFA:FF2B:4D:C800::/43. So option A is the correct answer. |
|
|
Term
*ITCertKeys network is configured to use Internet Protocol version (Ipv6). You installed a Dynamic Host Configuration Protocol (DHCP) server on a server named ITCertKeysDHCP1 running Windows 2008 server. You want to ensure that neither IP address nor other configuration settings are automatically allocated to DHCP clients on a subnet that does not use DHCPv6 from ITCertKeysDHCP1. How should you configure the Managed Address Configuration flag, and the other Stateful Configuration flag in the route advertisements?
A. Set both Managed Address Configuration and Other Stateful Configuration flag to 0
B. Set both Managed Address Configuration and Other Stateful Configuration flag to 1
C. Set both Managed Address Configuration to 0 and Other Stateful Configuration flag to 1 |
|
Definition
| Answer: A Explanation: This setting will ensure host will receive neither an IP address nor additional configuration information. |
|
|
Term
*You have upgraded hardware of DNS servers in your network. You also added two new domain controllers to the domain. All client computers use DHCP. Users are not able to logon to domain after the upgrade of DNS servers. What should you do to ensure that users are able to log on to the domain?
A. Restart the Netlogon service on the new DNS servers
B. Run ipconfig/registerdns at the command prompt of new DNS servers
C. Reconfigure the DHCP scope option 006 DNS name Servers with the new DNS servers IP addresses
D. Configure the network settings for workstations to Disable NetBIOS over TCP/IP
E. None of the above |
|
Definition
| Answer: C Explanation: To ensure that the users are able to log on to the domain, you should reconfigure the DHCP scope option 006 DNS name Server with the new DNS servers IP addresses. |
|
|
Term
*ITCertKeys Company has IPV6 network. The IPV6 network has 25 segments. You deployed a new Windows 2008 server on the IPV6 network. What should you do to ensure that the server could communicate with systems on all segments of the IPV6 network?
A. Configure the IPV6 address as fd00::2b0:d0ff:fee9:4143/8
B. Configure the IPV6 address as fe80::2b0: d0ff:fee9:4143/64
C. Configure the IPV6 address as ff80::2b0: d0ff:fee9:4143/64
D. Configure the IPV6 address as 0000::2b0: d0ff:fee9:4143/64
E. None of the above |
|
Definition
| Answer: A Explanation: To ensure that the server communicates with systems on all segments of the IPV6 network, you need to configure the IPV6 address as fd00::2b0:d0ff:fee9:4143 /8 because this address is the local unicast address type and is not routed on the Internet. It is generally filtered inbound. Reference: IPv6 Unicast Address Information http://www.netcraftsmen.net/welcher/papers/ipv6part02.html |
|
|
Term
*You are an administrator at ITCertKeys.com. ITCertKeys.com has opened a new Branch office at a new location. Windows Server 2008 is implemented on the servers. The initial network has 20 computers. You are asked to configure an appropriate IP addressing scheme in the network. Which network address should you use to accomplish this task?
A. 192.10.100.0/26
B. 192.10.100.0/30
C. 192.10.100.0/29
D. 192.10.100.0./31
E. None of the above |
|
Definition
| Answer: A Explanation To configure an appropriate IP addressing scheme in the network, you should use 192.10.100.0/57. In this scenario, 50 computers have to be configured in a network. Network address is calculated as follows: 1. Class A networks has a default subnet mask of 255.0.0.0 and use 0-127 as their first octet 2. Class B networks has a default subnet mask of 255.255.0.0 and it can use 128-191 as their first octet 3. Class C networks has a default subnet mask of 255.255.255.0 and it can 192-223 as their first octet You need to configure the network address to accommodate at least 50 hosts per subnet. To calculate the number of host bits, use the formula: 2^n-2 where n=32 bits. To configure 50 hosts, you need 192.10.100/26 network address which has maximum 62 hosts per subnet. The formula to calculate the hosts per subnet is: 32-26= 6 2^6-2= 62 So according to this calculation, network address 192.10.100/26 will be able to accommodate 50 hosts per subnet. We have deducted 6 bits from the total of 32 bits |
|
|
Term
*You are an enterprise administrator for ITCertKeys. The corporate network of the company consists of servers that run Windows Server 2008 and client computers that run Windows XP Service Pack 2 (SP2), Windows 2000 Professional, or Windows Vista. The company has decided to use IPv6 protocol on its network. Which of the following options would you choose to ensure that all client computers can use the IPv6 protocol?
A. Run the IPv6.exe tool on all the client computers.
B. Upgrade the Windows 2000 Professional computers to Windows XP SP2.
C. Upgrade all Windows 2000 Professional computers with Service Pack 4.
D. Install the Active Directory Client extension (DSClient.exe) on all the client computers. |
|
Definition
| Answer: B Explanation: To ensure that all computers can use the IPv6 protocol, you need to upgrade the Windows 2000 Professional computers to Windows XP SP2. IPv6 protocol is far superior to IPv4 protocol in terms of security, complexity, and quality of service (QoS). Therefore, all the new operating systems started using IPv6 protocol. The older operating systems such as Windows 2000 professional does not support Ipv6 therefore this needs to be upgraded to either Windows XP or Windows Vista. You can now get versions of Windows that fully support most aspects of IPv6 (namely Windows XP and Windows Server 2003) and you will soon be able to get versions of Windows that not only fully support IPv6 but also provide enhanced performance for IPv6 networking. Reference: IPv6 Support in Microsoft Windows/ Windows 2000 http://www.windowsnetworking.com/articles_tutorials/IPv6-Support-Microsoft-Windows.html |
|
|
Term
*You are an enterprise administrator for ITCertKeys. The company consists of a head office and two Branch offices. The corporate network of ITCertKeys consists of a single Active Directory domain called ITCertKeys.com. The computers in the Branch office locations use IPv4 and IPv6 protocols. Each Branch office is protected by a firewall that performs symmetric NAT. Which of the following options would you choose to allow peer-to-peer communication between all Branch offices?
A. Configure the use of Teredo in the firewall.
B. Configure the external interface of the firewall with a global IPv6 address.
C. Configure the internal interface of the firewall with a link local IPv6 address.
D. Configure dynamic NAT on the firewall. |
|
Definition
| Answer: A Explanation: To allow peer-to-peer communication between all Branch offices where each location is protected by a firewall that performs symmetric NAT, you need to configure the firewall to allow the use of Teredo. Teredo is an IPv6 transition technology that provides address assignment and host-to-host automatic tunneling for unicast IPv6 traffic when IPv6/IPv4 hosts are located behind one or multiple IPv4 network address translators (NATs). Teredo in Windows Vista and Windows Server "Longhorn" will work if one of the peers is behind a symmetric NAT and the other is behind a cone or restricted NAT. Reference: Teredo Overview http://technet.microsoft.com/en-us/liBRary/bb457011(TechNet.10).aspx |
|
|
Term
| Your company has a single Active Directory forest that has an Active Directory domain named na.contoso.com. A server named Server1 runs the DNS server role. You notice stale resource records in the na.contoso.com zone. You have enabled DNS scavenging on Server1. Three weeks later, you notice that the stale resource records remain in na.contoso.com. You need to ensure that the stale resource records are removed from na.contoso.com. What should you do? A. Stop and restart the DNS service on Server1. B. Enable DNS scavenging on the na.contoso.com zone. C. Run the dnscmd Server1 /AgeAllRecords command on Server1. D. Run the dnscmd Server1 /StartScavenging command on Server1. |
|
Definition
|
|
Term
Your company has an Active Directory domain named ad.contoso.com. The company also has a public namespace named contoso.com. You need to ensure that public DNS zone records cannot be copied. You must achieve this goal without impacting the functionality of public DNS name resolutions. What should you do?
A. Disable the Notify feature for the contoso.com zone.
B. Disable the Allow - Read permission for the Everyone group on the contoso.com DNS domain.
C. Configure the All domain controllers in the domain zone replication option on ad.contoso.com.
D. Configure the Allow zone transfers only to servers listed on the Name Servers option on contoso.com. |
|
Definition
|
|
Term
Your company has a main office and a branch office. The main office has a domain controller named DC1 that hosts a DNS primary zone. The branch office has a DNS server named SRV1 that hosts a DNS secondary zone. All client computers are configured to use their local server for DNS resolution. You change the IP address of an existing server named SRV2 in the main office. You need to ensure that SRV1 reflects the change immediately. What should you do?
A. Restart the DNS Server service on DC1.
B. Run the dnscmd command by using the /zonerefresh option on DC1.
C. Run the dnscmd command by using the /zonerefresh option on SRV1.
D. Set the refresh interval to 10 minutes on the Start Of Authority (SOA) record |
|
Definition
|
|
Term
Your company has a single Active Directory domain. The company has a main office and a branch office. Both the offices have domain controllers that run Active Directory-integrated DNS zones. All client computers are configured to use the local domain controllers for DNS resolution. The domain controllers at the branch office location are configured as Read-Only Domain Controllers (RODC). You change the IP address of an existing server named SRV2 in the main office. You need the branch office DNS servers to reflect the change immediately. What should you do?
A. Run the dnscmd /ZoneUpdateFromDs command on the branch office servers.
B. Run the dnscmd /ZoneUpdateFromDs command on a domain controller in the main office.
C. Change the domain controllers at the branch offices from RODCs to standard domain controllers.
D. Decrease the Minimum (default) TTL option to 15 minutes on the Start of Authority (SOA) record for the zone. |
|
Definition
|
|
Term
Your company has a server named Server1 that runs Windows Server 2008. Server1 runs the DHCP Server role and the DNS Server role. You also have a server named ServerCore that runs a Server Core installation of Windows Server 2008. All computers are configured to use only Server1 for DNS resolution. The IP address of Server1 is 192.168.0.1. The network interface on all the computers is named LAN. Server1 is temporarily offline. A new DNS server named Server2 has been configured to use the IP address 192.168.0.254. You need to configure ServerCore to use Server2 as the preferred DNS server and Server1 as the alternate DNS server. What should you do?
A. Run the netsh interface ipv4 add dnsserver "LAN" static 192.168.0.254 index=1 command.
B. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 192.168.0.1 both command.
C. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 primary command and the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.1 both command.
D. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 primary command and the netsh interface ipv4 add dnsserver "LAN" static 192.168.0.1 index=1 command. |
|
Definition
|
|
Term
| Your company has a main office and two branch offices. Domain controllers in the main office host an Active Directory-integrated zone. The DNS servers in the branch offices host a secondary zone for the domain and use the main office DNS servers as the DNS Master servers for the zone. Each branch office has an application server. Users access the application server by using its fully qualified domain name. You need to ensure that users in the branch offices can access their local application server even if the WAN links are down for three days. What should you do? A. Increase the Expires After setting to 4 days on the Start of Authority (SOA) record for the zone. B. Increase the Refresh Interval setting to 4 days on the Start of Authority (SOA) record for the zone. C. Configure the Zone Aging / Scavenging Properties dialog box to enable Scavenge Stale resource records, and set the Refresh setting to 4 days. D. Configure the Zone Aging / Scavenging Properties dialog box to enable Scavenge Stale resource records, and set the No-refresh interval setting to 4 days. |
|
Definition
|
|
Term
Your company has a single Active Directory forest that has a domain in North America named na.contoso.com and a domain in South America named sa.contoso.com. The client computers run Windows Vista. You need to configure the client computers in the North America office to improve the name resolution response time for resources in the South America office. What should you do?
A. Configure a new GPO that disables the Local-Link Multicast Name Resolution feature. Apply the policy to all the client computers in the North America office.
B. Configure a new GPO that enables the Local-Link Multicast Name Resolution feature. Apply the policy to all the client computers in the North America office.
C. Configure a new GPO that configures the DNS Suffix Search List option to sa.contoso.com, na.contoso.com. Apply the policy to all the client computers in the North America office.
D. Configure the priority value for the SRV records on each of the North America domain controllers to 5 |
|
Definition
|
|
Term
Your company has a DNS server named Server1. Your partner company has a DNS server named Server2. You create a stub zone on Server1. The master for the stub zone is Server2. Server2 fails. You discover that users are not able to resolve names for the partner company. You need to ensure that users are able to resolve names for the partner company in the event that Server2 fails. What should you do?
A. Change the stub zone to a secondary zone on Server1.
B. Open the SOA record for the zone on Server2. Change the Minimum (default) TTL setting to 12 hours.
C. Open the DNS zone for the partner company on Server2. Create a new Route Through (RT) record and a new host (A) record for Server1.
D. Open the primary DNS zone on Server2. Create a new Service Locator (SRV) record and a new host (A) record for Server1 |
|
Definition
|
|
Term
Your company has two servers that run Windows Server 2008 named Server2 and Server3. Both servers have the DNS server role installed. Server3 is configured to forward all DNS requests to Server2. You update a DNS record on Server2. You need to ensure that Server3 is able to immediately resolve the updated DNS record. What should you do?
A. Run the dnscmd . /clearcache command on Server3.
B. Run the ipconfig /flushdns command on Server3.
C. Decrease the Time-to-Live (TTL) on the Start of Authority (SOA) record of na.contoso.com to 15 minutes.
D. Increase the Retry Interval value on the Start of Authority (SOA) record of na.contoso.com to 15 minutes. |
|
Definition
|
|
Term
*You are an enterprise administrator for Itexamworld . The corporate network of the company
consists of servers that run Windows Server 2008 in an Active Directory domain.
The domain consists of two servers named Itexamworld Server1 and Itexamworld Server2.
You need to configure event subscription on the servers so that events from Itexamworld
Server2 can be collected and transferred to Itexamworld Server1. You configure the required
subscriptions by selecting the normal option for the event delivery optimization setting and
using the HTTP protocol.
However, you noticed that none of the subscriptions work. Which of the following
three options would you choose to ensure that the servers support event collectors?
(Each correct answer presents part of the solution)
A. Run the wecutil qc command on Itexamworld Server1
B. Run the wecutil qc command on Itexamworld Server2
C. Run the winrm quickconfig command on Itexamworld Server1
D. Run the winrm quickconfig command on Itexamworld Server2
E. Add the Itexamworld Server2account to the administrators group on Itexamworld Server1
F. Add the Itexamworld Server1account to the administrators group on Itexamworld Server2 |
|
Definition
Answer: A, D, F
Explanation:
To collect events from Itexamworld Server2 and transfer them to Itexamworld Server1, you
need to first run the wecutil qc command on Itexamworld Server1. This command enables
you to create and manage subscriptions to events that are forwarded from remote
computers. Then you need to run the winrm quickconfig command on Itexamworld Server2.
WinRM is required by Windows Event Forwarding as WS-Man is the protocol used by WSEventing.
Group Policy can be used to enable and configure Windows Remote Management
(WinRM or WS-Man) on the Source Computers. With WinRM, Group Policy can be used to
configure Source Computers (Clients) to forward events to a collector (or set of collectors).
Finally, you need to add the Itexamworld Server1 account to the administrators group
on Itexamworld Server2 so that access rights can be granted to the collector system on f the
forwarding computer.
Reference: uick and Dirty Large Scale Eventing for Windows
http://blogs.technet.com/otto/archive/2008/07/08/quick-and-dirty-enterprise-eventing-forwindows.
aspx
Reference: Collect Vista Events
http://www.prismmicrosys.com/newsletters_june2007.php |
|
|
Term
*You are an enterprise administrator for Itexamworld . The corporate network of the company
consists of 100 servers that run Windows Server 2008 in an Active Directory domain.
You have recently installed Windows Server 2008 on a new server and named it
Itexamworld Server1. You installed Web Server (IIS) role on it. The Itexamworld Server1
has no Reliability Monitor data currently, and the system stability share has never been
updated. Which of the following options would you choose to configure the Itexamworld
Server1 to collect the reliability monitor data?
A. On the Itexamworld Server1, run the perfmon.exe /sys command.
B. On the Itexamworld Server1Configure the Task scheduler service to start automatically.
C. On the Itexamworld Server1, configure the Remote Registry service to start automatically.
D. On the Itexamworld Server1, configure the Secondary Login service to start automatically.
E. None of the above. |
|
Definition
Answer: B
Explanation:
To configure the Itexamworld Server1 to collect the reliability monitor data, you need
to configure the Task scheduler service to start automatically.
Reliability Monitor uses data provided by the RACAgent scheduled task, a pre-defined task
that runs by default on a new installation of Windows Vista. The seamless integration
between the Task Scheduler user interface and the Event Viewer allows an event-triggered
task to be created with just five clicks.
In addition to events, the Task Scheduler in Windows Vista / Server 2008 supports a number
of other new types of triggers, including triggers that launch tasks at machine idle, startup, or
logon. Because you need Task Scheduler to collect reliability monitor data, you need to you
need to configure the Task scheduler service to start automatically. Reference: Network
Monitor 3.1 OneClick ... now what? / Task Scheduler Changes in Windows Vista and
Windows Server 2008 - Part One
http://blogs.technet.com/askperf/
Reference: What allows the Reliability Monitor to display data?
http://www.petri.co.il/reliability_monitor_windows_vista.htm
QUESTION |
|
|
Term
*You are an Enterprise administrator for Itexamworld .com. You have deployed a file server
on the corporate network on a server that runs Windows Server 2008. You configured a
shared folder on the server so that users can access shared files on the file server.
However, the users reported that they are unable to access the shared files.
The TCP/IP properties for the file server showed that it is configured to obtain IP address
automatically and the users computers were configured with IP addresses and subnet masks.
You need to ensure that users are able to access the shared files.
How should you configure the TCP/IP properties on the file server?
A. Configure the DNS server address.
B. Configure the default gateway on the file server.
C. Configure the file server with static IP address.
D. Add the domain to the DNS suffix on the network interface. |
|
Definition
Answer: C
Explanation:
To ensure that users are able to access the shared files, you need to configure a static IP
address on the file server because In order for both PC's to be able to communicate together,
the Ethernet adapters will need to be configured with a static IP address and a common
Subnet mask. As an example, assign one PC an IP address of 192.198.0.1 and assign the
second PC an IP address of 192.198.0.2. Both machines should use the Subnet mask
255.255.255.0.
Reference: need help to setup a lan connection between 2
http://en.kioskea.net/forum/affich-2335-need-help-to-setup-a-lan-connection-between-2 |
|
|
Term
*You are an Enterprise administrator for Itexamworld .com. The corporate network of the
company consists of a single Active Directory domain. All the servers on the corporate
network run Windows Server 2008.
The company has a server named Itexamworld FS1 that hosts the domain-based DFS
namespace named \\ Itexamworld .com\dfs. All domain users store their data in subfolders
within the DFS namespace. Which of the following options would you choose to prevent all
users, except administrators, from creating new folders or new files at the root of the \\
Itexamworld .com\dfs share?
A. On Itexamworld FS1, first configure the NTFS permissions for the C:\DFSroots\dfs
folder and then set the Create folders/append data special permission to Deny for the
Authenticated Users group and set the Full Control permission to Allow for the
Administrators group.
B. On Itexamworld FS1, start the Delegate Management Permissions Wizard for the
DFS namespace named \\ Itexamworld .com\dfs and then remove all groups that have the
permission type Explicit except the Administrators group.
C. Configure the \\ Itexamworld FS1\dfs shared folder permissions by setting the
permissions for the Authenticated Users group to Reader and the Administrators group to
Co-owner.
D. Run the dfscmd.exe \\ Itexamworld FS1\dfs /restore command on Itexamworld FS1.
E. None of the above |
|
Definition
Answer: C
Explanation:
To prevent all users, except administrators, from creating new folders or new files at the
root of the \\ Itexamworld .com\dfs share, you need to configure the \\ Itexamworld FS1\dfs
shared folder permissions by setting the permissions for the Authenticated Users group to
Reader and the Administrators group to Co-owner
Reader is allowed to only view the files and folders and a Co-owner is allowed viewing,
adding, changing, and deleting all files.
Reference: Managing Files and Folders in Windows Vista
http://www.informit.com/articles/article.aspx?p=698129&seqNum=29 |
|
|
Term
*You are an enterprise administrator for Itexamworld . The corporate network of Itexamworld
consists of a single Active Directory domain called Itexamworld .com. The domain consists
of a file server that runs Windows Server 2008.
A network users of the company started restoring a critical large file by using the Previous
Versions tab. The users wanted to view the progress of the file restoration. Which of the
following options would you choose to view the progress of the file restoration?
A. Click on Sessions under the Shared Folders node in the Computer Management.
B. Click on Open Files under the Shared Folders node in the Computer Management
C. Run vssadmin.exe query reverts on the command prompt.
D. Run shadow.exe /v on the command prompt.
E. None of the above |
|
Definition
Answer:C
Explanation:
To view the progress of the file restoration, you need to run vssadmin.exe query reverts
from the command prompt.
The Windows Server 2003 Volume Shadow Copy Service can also be administered from the
command line by using the VSSAdmin tool that is included with Windows Server 2003.
This tool replicates the features of the Shadow Copies tab of the volume Properties screen
and can be called from batch files and scripts. VSSAdmin does not follow the typical
"Command /switch" form, but instead uses a list of fixed commands to guide its function.
Query Reverts queries the status of in-progress revert operations.
Reference: Rapid Recovery with the Volume Shadow Copy Service / Command-Line
Management
http://technet.microsoft.com/en-us/magazine/cc196308.aspx |
|
|
Term
*You are an enterprise administrator for Itexamworld . The corporate network of the company
consists of a single Active Directory domain. All the servers in the domain run Windows
Server 2008. A member server Called Itexamworld Server1 has a SaleRecords folder created
on it on the D: drive.
The D:\ SaleRecords folder is corrupted. The most recent backup version is
01/28/2008-09:00. Which of the following options would you choose to restore all the files
in the D:\ SaleRecords folder back to the most recent backup version, without affecting other
folders on the server?
A. Run the Wbadmin start recovery -version: 01/28/2008-09:00-itemType:File
-items:d:\SaleRecords -overwrite -recursive -quiet command.
B. Run the Wbadmin start recovery -backuptarget:D: -version:
01/28/2008-09:00-overwrite -quiet command.
C. Run the Recover d:\ SaleRecords command.
D. Run the Wbadmin restore catalog -backuptarget:D: -version: 01/28/2008-09:00-quiet
command. |
|
Definition
Answer:A
Explanation:
To restore all the files in the D:\ SaleRecords folder back to the most recent backup
version without affecting other folders on the server, you need to run the Wbadmin start
recovery -version:10/29/2007-09:00 -itemType:File -items:d:\ SaleRecords-overwrite -
recursive -quiet command.
Wbadmin start recovery runs a recovery based on the parameters that are specified. In the
above query, the -version 10/29/2007-09:00 specifies the version identifier of the backup to
recover, -itemtype:File specifies type of items to recover. In this case it is the file that needs
to be recovered. The -items:d:\SaleRecords specifies that d:\SaleRecords folder needs to be
recovered. -Overwrite causes Windows Server Backup to overwrite the existing file with the
file from the backup. -recursive will only recover files which reside directly under the
specified folder. And -quiet runs the subcommand with no prompts to the user.
Reference: Wbadmin start recovery
http://technet2.microsoft.com/windowsserver2008/en/liBRary/52381316-a0fa-459f-b6a6-
01e31fb216121033.msp |
|
|
Term
*As an administrator at Itexamworld .com, you install a member server named ebms1 that has
Windows Server 2008 as its primary operating system. The Terminal Services role is
installed on the ebms1.
The Terminal Server user profiles are in a folder named as UPT on a server called
CKTS. On CKTS3, a home folder is placed for each user. As you monitor CKTS, you find
out that there is only 5% of hard disk space remaining because the users are
saving their files on their profiles on CKTS instead of using their home folders. You have to
limit the amount of disk space allocated to each user to 200 MB. What
should you do to achieve that?
A. On the ebms1, configure a group policy object. Configure a default quota limit to 200
MB and set a warning level policy
B. Create a new group policy object and link it to the CKTS. Configure the UPT folder to
limit the disk space quota to allocate 200 MB to all users.
C. Configure the disk quotas for the volume that hosts UPT folder. Limit the users to use
only 200 MB of space.
D. Configure each profile by activating disk quota on each profile. Apply folder
redirection settings to redirect the users to save their files on CKTS3
E. None of the above |
|
Definition
Answer: C
Explanation:
To limit the amount of disk space allocated to each user to 200 MB, you need to
configure the disk quotas for the volume that hosts UPT folder and then limit the users to use
only 200 MB of space.
Configuring a quota limit through group policy will not help in Terminal services
scenario. Also disk quotas cannot be configured for each user profile rather it is configured
on a volume or a folder.
Reference: Working with Quotas
http://technet2.microsoft.com/windowsserver2008/en/liBRary/31790148-eaf1-4115-
8a50-4ce7a4503d211033.msp
Reference: Setting Up File Sharing Services
http://safari.phptr.com/9780596514112/setting_up_file_sharing_services |
|
|
Term
*Network Access Protection (NAP) is configured on the Itexamworld Corporate
network with the default settings. You need to deploy an application that is mandatory to use
for all the employees of the company and needs to be installed to all the client computers
running Windows Vista. The application connects to a remote databaseat the backend.
However, when you tried to deploy the application, it failed to run on client computers.
On investigating the problem, you discovered that the anti-spyware software
running on the client computers is creating problems because it is not compatible with the
application that you are trying to install.
To correct the problem, you disabled the anti-spyware on the client computers, but
application still failed to run on the client computers. Which of the following options would
you choose to ensure that all the client computers could run the new
application?
A. Disable the An anti-spyware application is on setting on the Windows Security Health
Validator dialog box
B. Disable the Anti-spyware is up to date setting on the Windows Security Health
Validator dialog box
C. Configure the Error code resolution setting for the System Health agent failure option to
Healthy
D. Configure the Windows Defender service to the Manual Startup type on the client
computers. Re-start the Windows Defender Service.
E. None of the above |
|
Definition
Answer: A
Explanation:
The application failed even after disabling the anti-spyware on the client computers
because the client computers are supposed to be using anti-spyware application according
to Windows Security Health Validator (SHV) policy that is configured on the client
computers through NAP. To resolve the problem, you need to disable the anti-spyware
application is on setting on the Windows Security Health Validator dialog box Disabling the
Anti-spyware is up to date setting on the Windows Security Health Validator dialog box will
not help if anti-spyware application is on setting on because the Anti-spyware is up to date
setting will not ensure that the client is not using an anti-spyware application. Configuring
the Windows Defender service or configuring the
Error code resolution setting for the System Health agent failure option will not help
because neither Windows defender nor System Health agent is creating problem in his case.
Reference: An Introduction to Network Access Protection (Part 4)
http://www.windowsnetworKing.com/articles_tutorials/Introduction-Network-Access-Protection-
Part4.html |
|
|
Term
*The corporate network of Itexamworld consists of servers that have
Active Directory Certificate Services (AD CS) and Network Access
Protection (NAP) deployed on them.
A number of mobile users connect to the network wirelessly. You have NAP policies
configured for these users. Which of the following options would you choose to ensure that
NAP policies are enforced on portable computers that use a wireless connection to access the
network?
What should you do?
A. Use MS-CHAP v2 authentication on all portable computers.
B. Disable the Prevent connections to infrastructure networks option in the wireless
Group Policy settings in the Group Policy Management Console.
C. Use 802.1X authentication to on all access points.
D. Enable the Prevent connections to infrastructure networks option in the wireless
Group Policy settings in the Group Policy Management Console.
E. None of the above |
|
Definition
Answer: C
Explanation:
To ensure that NAP policies are enforced on portable computers that use a wireless
connection to access the network, you need to configure all access points to use 802.1X
authentication.
802.1X enforcement enforce health policy requirements every time a computer attempts
an 802.1X-authenticated network connection. 802.1X enforcement also actively monitor the
health status of the connected NAP client and applies the restricted access profile to the
connection if the client becomes noncompliant.
Reference: Microsoft Improves Security Policy Compliance with Network
Access Protection
http://www.microsoft.com/casestudies/casestudy.aspx?casestudyid=40000009
83 |
|
|
Term
*On the corporate network of Itexamworld the Network Access Protection (NAP)
is configured. Some users connect to the corporate network remotely. The remote computers
can cause security problems to the corporate network
Which of the following options would you choose to ensure that data transmissions between
remote client computers and the corporate network are as secure as
possible?
A. Use MS-CHAP v2 authentication for all VPN connections.
B. Configure a NAP policy for 802.1x wireless connections.
C. Restrict DHCP clients by using NAP.
D. Apply an IPSec NAP policy.
E. None of the above |
|
Definition
Answer: B
Explanation:
To ensure that NAP policies are enforced on portable computers that use a wireless
connection to access the network, you need to configure all access points to use 802.1X
authentication.
802.1X enforcement enforce health policy requirements every time a computer attempts
an 802.1X-authenticated network connection. 802.1X enforcement also actively monitor
the health status of the connected NAP client and applies the restricted access profile to
the connection if the client becomes noncompliant.
Reference: Microsoft Improves Security Policy Compliance with Network
Access Protection
http://www.microsoft.com/casestudies/casestudy.aspx?casestudyid=400000
0983 |
|
|
Term
*As a network administrator for Itexamworld , you have installed Windows 2008 Server on
all the server computers of the company and Windows XP Professional Service Pack 2 and
Windows Vista on all the client computers in the company.
The company now wants all the computers to join the corporate network but wants
to restrict non-compliant computers from communicating on the network. The computers
must meet the system health requirements as stated in the corporate security policy. Which
of the following roles service you should install to achieve this?
A. Network policy and Access services
B. Routing and Remote Access services
C. Terminal Services licensing
D. Terminal Services gateway
E. None of the above |
|
Definition
Answer: A
Explanation:
The Network Access Protection (NAP) is a component of the Network policy and Access
services that allow protecting network resources by enforcing compliance with system health
requirements.
Reference: Security and Policy Enforcement
http://www.microsoft.com/windowsserver2008/en/us/securitypolicy.
aspx |
|
|
Term
*Itexamworld uses Routing and Remote Access Service (RRAS) for remote users access on
their corporate network, which uses Active directory domain. The remote user computers are
not part of domain members.
The remote user's computers are source of virus infection on internal member servers. As a
desktop support technician for Itexamworld , which of the following options would you
choose to ensure that the corporate network of the company does not get infected with the
virus infections that the remote computers might be infected with.
A. Deploy anti-virus software on RRAS server and configure automatic updates for antivirus
software
B. Configure a network health policy which ensures that anti-virus software is running
and the anti-virus application is up to date
C. Configure a network health policy which enforces an anti-spy ware application and that
the anti-spy ware application is up to date
D. Create a separate OU for remote users. Deploy anti-virus software on OU by using a
group policy object (GPO)
E. None of the above |
|
Definition
Answer: B
Explanation:
To protect the network from virus infections transmitted via remote users, you need to
configure a network health policy which enforces that anti-virus software is running and the
anti-virus application is up to date. A network health policy can be configured by
implementing NAP.
Deploying anti-virus software on RRAS server will not ensure the implementation of
NAP, which is important to ensure that the client computers on a private network meet
administrator-defined requirements for system health. A network health policy which
enforces that an anti-spy ware application is running and is up to date will not help because
the anti-spyware software does not give protection from virus infections.
Reference: SolutionBase: Introducing Network Access Protection for Windows
http://techrepublic.com.com/2415-1035_11-177853.html
Reference: Network Access Protection
http://technet2.microsoft.com/windowsserver2008/en/liBRary/40dcd5ed-1cb9-4f29-
8470- f6b4548c8e121033.msp |
|
|
Term
*The corporate network of Itexamworld consists of a Windows Server 2008 single Active
Directory domain, All servers in the domain run Windows Server 2008. A domain server
called Itexamworld 3 functions as a NAT server.
Which forward port would you configure on Itexamworld 3 to Itexamworld 7 to ensure
that administrators can access the server, Itexamworld 7 by using Remote Desktop
Protocol (RDP).
A. forward port 1432 to Itexamworld 7
B. forward port 389 to Itexamworld 7
C. forward port 3339 to Itexamworld 7
D. forward port 3386 to Itexamworld 7
E. None of the above |
|
Definition
Answer: C
Explanation:
To ensure that administrators can access the server, Itexamworld 7 by using Remote Desktop
Protocol (RDP), you need to configure the Itexamworld 3 to forward port 3339 to
Itexamworld 7 The Remote Desktop Protocol is designed to work across TCP port 3389.If
you are attempting to connect to a remote machine that sits behind a firewall, then the
firewall must allow traffic to flow through TCP port 3389.
Reference: Troubleshooting Remote Desktop / The Remote Computer Cannot be Found
http://www.windowsnetworKing.com/articles_tutorials/Troubleshooting-Remote-Desktop.html |
|
|
Term
| *On the corporate network of Itexamworld , you deployed a Windows Server 2008 VPN server behind the firewall. The firewall is configured to allow only secured Web communications. Most of the remote users that connect to the corporate network through VPN use portable computers that run Windows Vista with the latest service pack. Which of the following type of connection would you create to enable remote users to connect to the corporate network as securely as possible without opening ports on the firewall? A. L2TP VPN connection B. SSTP VPN connection C. IPsec tunnel D. PPTP VPN connection E. None of the above |
|
Definition
Answer: D
SSTP establishes a connection over secure HTTPS; this allows clients to securely access networks behind NAT routers, firewalls and web proxies, without the concern for typical port blocking issues. |
|
|
Term
our company has a main office and a branch office.
Users in the branch office report that they are unable to access shared resources in the main office.
You discover that computers in the branch office have IP addresses in the range of 169.254.x.x.
You need to ensure that computers can connect to shared resources in both the main office and the branch office.
A. Configure a DHCP relay agent on a member server in the main office.
B. Configure a DHCP relay agent on a member server in the branch office.
C. Configure the Broadcast Address DHCP server option to include the main offices DHCP server address.
D. Configure the Resource Location Servers DHCP server option to include the main offices server IP addresses.
What should you do? |
|
Definition
|
|
Term
Your company has an IPv6 network that has 25 segments. You deploy a server on the IPv6 network.
You need to ensure that the server can communicate with all segments on the IPv6 network.
What should you do?
A. Configure the IPv6 address as fd00::2b0:d0ff:fee9:4143/8.
B. Configure the IPv6 address as fe80::2b0:d0ff:fee9:4143/64.
C. Configure the IPv6 address as ff80::2b0:d0ff:fee9:4143/64.
D. Configure the IPv6 address as 0000::2b0:d0ff:fee9:4143/64. |
|
Definition
|
|
Term
our company uses DHCP to lease IPv4 addresses to computers at the main office. A WAN link connects the main office to a branch office. All computers in the branch office are configured with static IP addresses. The branch office does not use DHCP and uses a different subnet.
You need to ensure that the portable computers can connect to network resources at the main office and the branch office.
How should you configure each portable computer?
A. Use a static IPv4 address in the range used at the branch office.
B. Use an alternate configuration that contains a static IP address in the range used at the main office.
C. Use the address that was assigned by the DHCP server as a static IP address.
D. Use an alternate configuration that contains a static IP address in the range used at the branch office. |
|
Definition
|
|
Term
Your company has servers that run Windows Server 2008. All client computers run Windows XP Service Pack 2 (SP2), Windows 2000 Professional, or Windows Vista.
You need to ensure that all computers can use the IPv6 protocol.
What should you do?
A. Install Service Pack 4 on all Windows 2000 Professional computers.
B. Upgrade the Windows 2000 Professional computers to Windows XP SP2.
C. Run the IPv6.exe tool on the Windows 2000 Professional and Windows XP computers.
D. Install the Active Directory Client extension (DSClient.exe) on the Windows 2000 Professional and Windows XP computers. |
|
Definition
|
|
Term
Your company has computers in multiple locations that use IPv4 and IPv6. Each location is protected by a firewall that performs symmetric NAT.
You need to allow peer-to-peer communication between all locations.
What should you do?
A. Configure dynamic NAT on the firewall.
B. Configure the firewall to allow the use of Teredo.
C. Configure a link local IPv6 address for the internal interface of the firewall.
D. Configure a global IPv6 address for the external interface of the firewall. |
|
Definition
|
|
Term
Your company has recently deployed a server that runs Windows Server 2008. The server has the IP information shown below:
IP address: 192.168.46.186
Subnet mask: 255.255.255.192
Default gateway: 192.168.46.1
Users on remote subnets report that they are unable to connect to the server.
You need to ensure all users are able to connect to the server.
What should you do?
A. Change the IP address to 192.168.46.129.
B. Change the IP address to 192.168.46.200.
C. Change the subnet mask to a 24-bit mask.
D. Change the subnet mask to a 27-bit mask. |
|
Definition
|
|
Term
You have a Windows Server 2008 computer that has an IP address of 172.16.45.9/21.
The server is configured to use IPv6 addressing.
You need to test IPv6 communication to a server that has an IP address of 172.16.40.18/21.
What should you do from a command prompt?
A. Type ping 172.16.45.9:::::.
B. Type ping ::9.45.16.172.
C. Type ping followed by the Link-local address of the server.
D. Type ping followed by the Site-local address of the server. |
|
Definition
|
|
Term
Your company has four DNS servers that run Windows Server 2008. Each server has a static IP address.
You need to prevent DHCP from assigning the addresses of the DNS servers to DHCP clients.
What should you do?
A. Create a new scope for the DNS servers.
B. Create a reservation for the DHCP server.
C. Configure the 005 Name Servers scope option.
D. Configure an exclusion that contains the IP addresses of the four DNS servers. |
|
Definition
|
|
Term
Your company has a single Active Directory domain. The domain runs at the functional level of Windows Server 2003.
You install the DHCP service on a server named DHCP1. You attempt to start the DHCP service, but it does not start.
You need to ensure that the DHCP service starts.
What should you do?
A. Restart DHCP1.
B. Configure a scope on DHCP1.
C. Activate the scope on DHCP1.
D. Authorize DHCP1 in the Active Directory domain. |
|
Definition
|
|
Term
Your company has an Active Directory forest. The corporate network uses DHCP to configure client computer IP addresses.
The DHCP server has a DHCP client reservation for a portable computer named WKS1. You install a second DHCP server on the network.
You need to ensure that WKS1 receives the DHCP reservation from the DHCP service.
What should you do?
A. Run the ipconfig /renew command on WKS1.
B. Run the netsh add helper command on WKS1.
C. Add the DHCP reservation for WKS1 to the second DHCP server.
D. Add both DHCP servers to the RAS and IAS Servers group in the Active Directory domain. |
|
Definition
|
|
Term
Your company has an IPv6 network that has 25 segments. You deploy a server on the IPv6 network. You need to ensure that the server can communicate with all segments on the IPv6 network. What should you do?
A.Configure the IPv6 address as fd00::2b0:d0ff:fee9:4143/8.
B.Configure the IPv6 address as fe80::2b0:d0ff:fee9:4143/64.
C.Configure the IPv6 address as ff80::2b0:d0ff:fee9:4143/64.
D.Configure the IPv6 address as 0000::2b0:d0ff:fee9:4143/64. |
|
Definition
|
|
Term
Your company uses DHCP to lease IPv4 addresses to computers at the main office. A WAN link connects the main office to a branch office. All computers in the branch office are configured with static IP addresses. The branch office does not use DHCP and uses a different subnet. You need to ensure that the portable computers can connect to network resources at the main office and the branch office. How should you configure each portable computer?
A.Use a static IPv4 address in the range used at the branch office.
B.Use an alternate configuration that contains a static IP address in the range used at the main office.
C.Use the address that was assigned by the DHCP server as a static IP address.
D.Use an alternate configuration that contains a static IP address in the range used at the branch office. |
|
Definition
|
|
Term
Your company has computers in multiple locations that use IPv4 and IPv6. Each location is protected by a firewall that performs symmetric NAT. You need to allow peer-to-peer communication between all locations. What should you do?
A.Configure dynamic NAT on the firewall.
B.Configure the firewall to allow the use of Teredo.
C.Configure a link local IPv6 address for the internal interface of the firewall.
D.Configure a global IPv6 address for the external interface of the firewall. |
|
Definition
|
|
Term
Your company has recently deployed a server that runs Windows Server 2008. The server has the IP information shown below: IP address: 192.168.46.186 Subnet mask: 255.255.255.192 Default gateway: 192.168.46.1 Users on remote subnets report that they are unable to connect to the server. You need to ensure all users are able to connect to the server. What should you do?
A.Change the IP address to 192.168.46.129.
B.Change the IP address to 192.168.46.200.
C.Change the subnet mask to a 24-bit mask.
D.Change the subnet mask to a 27-bit mask. |
|
Definition
|
|
Term
You have a Windows Server 2008 computer that has an IP address of 172.16.45.9/21. The server is configured to use IPv6 addressing. You need to test IPv6 communication to a server that has an IP address of 172.16.40.18/21. What should you do from a command prompt?
A.Type ping 172.16.45.9:::::.
B.Type ping ::9.45.16.172.
C.Type ping followed by the Link-local address of the server.
D.Type ping followed by the Site-local address of the server. |
|
Definition
|
|
Term
You configure a new file server that runs Windows Server 2008. Users access shared files on the file server. Users report that they are unable to access the shared files. The TCP/IP properties for the file server are configured as shown in the following exhibit. You need to ensure that users are able to access the shared files. How should you configure the TCP/IP properties on the file server?
A.Configure a static IP address.
B.Configure the default gateway.
C.Configure the DNS server address.
D.Add the domain to the DNS suffix on the network interface. |
|
Definition
|
|
Term
Your company has a single Active Directory domain. The domain runs at the functional level of Windows Server 2003. DHCP will not start. You need to ensure that the DHCP service starts. What should you do?
A.Restart DHCP1.
B.Configure a scope on DHCP1.
C.Activate the scope on DHCP1.
D.Authorize DHCP1 in the Active Directory domain. |
|
Definition
|
|
Term
Your company has an Active Directory forest. The corporate network uses DHCP to configure client computer IP addresses. The DHCP server has a DHCP client reservation for a portable computer named WKS1. You install a second DHCP server on the network. You need to ensure that WKS1 receives the DHCP reservation from the DHCP service. What should you do?
A.Run the ipconfig /renew command on WKS1.
B.Run the netsh add helper command on WKS1.
C.Add the DHCP reservation for WKS1 to the second DHCP server.
D.Add both DHCP servers to the RAS and IAS Servers group in the Active Directory domain |
|
Definition
|
|
Term
Your company has four DNS servers that run Windows Server 2008. Each server has a static IP address. You need to prevent DHCP from assigning the addresses of the DNS servers to DHCP clients. What should you do?
A.Create a new scope for the DNS servers.
B.Create a reservation for the DHCP server.
C.Configure the 005 Name Servers scope option.
D.Configure an exclusion that contains the IP addresses of the four DNS servers |
|
Definition
|
|
Term
Your company has a main office and a branch office. Users in the branch office report that they are unable to access shared resources in the main office. You discover that computers in the branch office have IP addresses in the range of 169.254.x.x. You need to ensure that computers can connect to shared resources in both the main office and the branch office. What should you do?
A.Configure a DHCP relay agent on a member server in the main office.
B.Configure a DHCP relay agent on a member server in the branch office.
C.Configure the Broadcast Address DHCP server option to include the main office address.
D.Configure the Resource Location Servers DHCP server option to include the main office addresses. |
|
Definition
|
|
Term
You have a DHCP server named Server1 and an application server named Server2. Both servers run Windows Server 2008. The DHCP server contains one scope. You need to ensure that Server2 always receives the same IP address. Server2 must receive its DNS settings and its WINS settings from DHCP. What should you do?
A.Create a multicast scope.
B.Assign a static IP address to Server2.
C.Create an exclusion range in the DHCP scope.
D.Create a DHCP reservation in the DHCP scope. |
|
Definition
|
|
Term
You have a DHCP server that runs Windows Server 2008. You need to reduce the size of the DHCP database. What should you do?
A.From the DHCP snap-in, reconcile the database.
B.From the folder that contains the DHCP database, run jetpack.exe dhcp.mdb temp.mdb.
C.From the properties of the dhcp.mdb file, enable the File is ready for archiving attribute.
D.From the properties of the dhcp.mdb file, enable the Compress contents to save disk space attribute. |
|
Definition
|
|
Term
You have a DHCP server that runs Windows Server 2008. The DHCP server has two network connections named LAN1 and LAN2. You need to prevent the DHCP server from responding to DHCP client requests on LAN2. The server must continue to respond to non-DHCP client requests on LAN2. What should you do?
A.From the DHCP snap-in, modify the bindings to associate only LAN1 with the DHCP service.
B.From the DHCP snap-in, create a new multicast scope.
C.From the properties of the LAN1 network connection, set the metric value to 1.
D.From the properties of the LAN2 network connection, set the metric value to 1 |
|
Definition
|
|
Term
You have a DHCP server that runs Windows Server 2008. You restore the DHCP database by using a recent backup. You need to prevent DHCP clients from receiving IP addresses that are currently in use on the network. What should you do?
A.Add the DHCP server option 15.
B.Add the DHCP server option 44.
C.Set the Conflict Detection value to 0.
D.Set the Conflict Detection value to 2. |
|
Definition
|
|
Term
Your network uses IPv4. You install a server that runs Windows Server 2008 at a branch office. The server is configured with two network interfaces. You need to configure routing on the server at the branch office. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A.Install the Routing and Remote Access Services role service.
B.Run the netsh ras ip set access ALL command.
C.Run the netsh interface ipv4 enable command.
D.Enable the IPv4 Router Routing and Remote Access option. |
|
Definition
|
|
Term
Your company has an IPv4 Ethernet network. A router named R1 connects your segment to the Internet. A router named R2 joins your subnet with a segment named Private1. The Private1 segment has a network address of 10.128.4.0/26. Your computer named WKS1 requires access to servers on the Private1 network. The WKS1 computer configuration is as shown in the following table. Network Addresses IPv4 Address 10.128.64.113 Subnet mask 255.255.252.0 Default Gateway 10.128.64.1 The routers are configured as shown in the following table. Router ID Addresses R1 interface 1 R1 interface 2 (To Internet) 10.128.64.1 131.107.108.37 R2 interface 1 R2 interface 2 10.128.64.10 10.128.4.1 WKS1 is unable to connect to the Private1 network by using the current configuration. You need to add a persistent route for the Private1 network to the routing table on WKS1. Which command should you run on WKS1?
A.Route add -p 10.128.4.0/22 10.128.4.1
B.Route add p 10.128.4.0/26 10.128.64.10
C.Route add p 10.128.4.0 mask 255.255.255.192 10.128.64.1
D.Route add p 10.128.64.10 mask 255.255.255.192 10.128.4.0 |
|
Definition
|
|
Term
Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2008. All client computers run Windows Vista. All computers are members of the Active Directory domain. You assign the Secure Server (Require Security) IPsec policy to Server1 by using a Group Policy object (GPO). Users report that they fail to connect to Server1. You need to ensure that users can connect to Server1. All connections to Server1 must be encrypted. What should you do?
A.Restart the IPsec Policy Agent service on Server1.
B.Assign the Client (Respond Only) IPsec policy to Server1.
C.Assign the Server (Request Security) IPsec policy to Server1.
D.Assign the Client (Respond Only) IPsec policy to all client computers. |
|
Definition
|
|
Term
Your company uses Active Directory-integrated DNS. Users require access to the Internet. You run a network capture. You notice the DNS server is sending DNS name resolution queries to a server named f.root-servers.net. You need to prevent the DNS server from sending queries to f.root-servers.net. The server must be able to resolve names for Internet hosts. Which two actions should you perform? (Each correct answer presents part of the solution.)
A.Enable forwarding to your ISP s DNS servers.
B.Disable the root hints on the DNS server.
C.Disable the netmask ordering option on the DNS server.
D.Configure Reverse Lookup Zones for the IP subnets on the network. |
|
Definition
|
|
Term
Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run Windows Server 2008. You need to ensure that all public DNS queries are channeled through a single-caching-only DNS server. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A.Disable the root hints.
B.Enable BIND secondaries.
C.Configure a forwarder to the caching DNS server.
D.Configure a GlobalNames host (A) record for the hostname of the caching DNS server. |
|
Definition
|
|
Term
You have a DHCP server named Server1 and an application server named Server2. Both servers run Windows Server 2008. The DHCP server contains one scope. You need to ensure that Server2 always receives the same IP address. Server2 must receive its DNS settings and its WINS settings from DHCP. What should you do?
A.Create a multicast scope.
B.Assign a static IP address to Server2.
C.Create an exclusion range in the DHCP scope.
D.Create a DHCP reservation in the DHCP scope. |
|
Definition
|
|
Term
Your company has recently deployed a server that runs Windows Server 2008. The server has the IP information shown below: IP address: 192.168.46.186 Subnet mask: 255.255.255.192 Default gateway: 192.168.46.1 Users on remote subnets report that they are unable to connect to the server. You need to ensure all users are able to connect to the server. What should you do?
A.Change the IP address to 192.168.46.129.
B.Change the IP address to 192.168.46.200.
C.Change the subnet mask to a 24-bit mask.
D.Change the subnet mask to a 27-bit mask. |
|
Definition
|
|
Term
You have a Windows Server 2008 computer that has an IP address of 172.145.9/21. The server is configured to use IPv6 addressing. You need to test IPv6 communication to a server that has an IP address of 172.16.40.18/21. What should you do from a command prompt?
A.Type ping 172.16.45.9:::::.
B.Type ping ::9.45.16.172.
� C.Type ping followed by the Link-local address of the server.
D.Type ping followed by the Site-local address of the server. |
|
Definition
|
|
Term
Your company has an IPv6 network that has 25 segments. You deploy a server on the IPv6 network. You need to ensure that the server can communicate with all segments on the IPv6 network. What should you do?
A.Configure the IPv6 address as fd00::2b0:d0ff:fee9:4143/8.
B.Configure the IPv6 address as fe80::2b0:d0ff:fee9:4143/64.
C.Configure the IPv6 address as ff80::2b0:d0ff:fee9:4143/64.
D.Configure the IPv6 address as 0000::2b0:d0ff:fee9:4143/64. |
|
Definition
|
|
Term
You configure a new file server that runs Windows Server 2008. Users access shared files on the file server. Users report that they are unable to access the shared files. The TCP/IP properties for the file server are configured as shown in the following exhibit. You need to ensure that users are able to access the shared files. How should you configure the TCP/IP properties on the file server?
A.Configure a static IP address.
B.Configure the default gateway.
C.Configure the DNS server address.�
D.Add the domain to the DNS suffix on the network interface. |
|
Definition
|
|
Term
Your company has a single Active Directory domain. The domain runs at the functional level of Windows Server 2003. You install the DHCP service on a server named DHCP1. You attempt to start the DHCP service, but it does not start. You need to ensure that the DHCP service starts. What should you do?
A.Restart DHCP1.
B.Configure a scope on DHCP1.
C.Activate the scope on DHCP1.
D.Authorize DHCP1 in the Active Directory domain. |
|
Definition
|
|
Term
You have a DHCP server that runs Windows Server 2008. You need to reduce the size of the DHCP database. What should you do?
A.From the DHCP snap-in, reconcile the database.
B.From the folder that contains the DHCP database, run jetpack.exe dhcp.mdb temp.mdb.
C.From the properties of the dhcp.mdb file, enable the File is ready for archiving attribute.
D.From the properties of the dhcp.mdb file, enable the Compress contents to save disk space attribute. |
|
Definition
|
|
Term
Your company has computers in multiple locations that use IPv4 and IPv6. Each location is protected by a firewall that performs symmetric NAT. You need to allow peer-to-peer communication between all locations. What should you do?
A.Configure dynamic NAT on the firewall.
B.Configure the firewall to allow the use of Teredo.
C.Configure a link local IPv6 address for the internal interface of the firewall.
D.Configure a global IPv6 address for the external interface of the firewall. |
|
Definition
|
|
Term
Your company uses DHCP to lease IPv4 addresses to computers at the main office. A WAN link connects the main office to a branch office. All computers in the branch office are configured with static IP addresses. The branch office does not use DHCP and uses a different subnet. You need to ensure that the portable computers can connect to network resources at the main office and the branch office. How should you configure each portable computer?
A.Use a static IPv4 address in the range used at the branch office.
B.Use an alternate configuration that contains a static IP address in the range used at the main office.
C.Use the address that was assigned by the DHCP server as a static IP address.
D.Use an alternate configuration that contains a static IP address in the range used at the branch office. |
|
Definition
|
|
Term
Your company has a domain controller named Server1 that runs Windows Server 2008 and the DNS server role. A server named Server2 runs a custom application. You need to configure DNS to include the following parameters for the custom application: Service Priority Weight Protocol Port number Host offering this service Which record should you create?
A. Host Info (HINFO)
B. Service Locator (SRV)
C. Canonical Name (CNAME)
D. Well-Known Service (WKS) |
|
Definition
|
|
Term
Your company has multiple DNS servers in the main office. You plan to install DNS on a member server in a branch office. You need to ensure that the DNS server in the branch office is able to query any DNS server in the main office, and you need to limit the number of DNS records that are transferred to the DNS server in the branch office. What should you do?
A. Configure a secondary zone on the DNS server in the branch office.
B. Configure a stub zone on the DNS server in the branch office.
C. Configure a stub zone on the DNS server in the main office.
D. Configure a primary zone on the DNS server in the branch office. |
|
Definition
|
|
Term
| Your company has a DNS server named Server1. Your partner company has a DNS server named Server2. You create a stub zone on Server1. The master for the stub zone is Server2. Server2 fails. You discover that users are not able to resolve names for the partner company. You need to ensure that users are able to resolve names for the partner company in the event that Server2 fails. What should you do? A. Change the stub zone to a secondary zone on Server1. B. Open the SOA record for the zone on Server2. Change the Minimum (default) TTL setting to 12 hours. C. Open the DNS zone for the partner company on Server2. Create a new Route Through (RT) record and a new host (A) record for Server1. D. Open the primary DNS zone on Server2. Create a new Service Locator (SRV) record and a new host (A) record for Server1. |
|
Definition
|
|
Term
Your company has a single Active Directory forest that has an Active Directory domain named na.contoso.com. A member server named Server2 runs the DNS server role. The Server2 DNS service hosts multiple secondary zones including na.contoso.com. You need to reconfigure Server2 as a caching-only DNS server. What should you do?
A. Uninstall and reinstall the DNS service on Server2.
B. Change all the DNS zones on Server2 to stub zones.
C. Disable and then enable t he DNS service on Server2.
D. Delete the na.contoso.com DNS zone domai n from Server2. Rest art the DNS service on Server2. |
|
Definition
|
|
Term
Your company has an Active Directory forest t hat has five domains. All DNS servers are domain controllers. You need to ensure that users from all domains are able to access a Web server named App1 by browsing to http: //App1. What should you do?
A. Configure and enable DFS-R on the App1 Web server.
B. Create a host (AAAA) record for the App1 Web server in the DNS zone for the forest root domain.
C. Create a zone named GlobalNames on a DNS server. Replicate the GlobalNames zone to all domain controllers in the forest. Create a host (A) record for the App1 Web server in the zone.
D. Create a zone named LegacyWINS on a DNS se rver. Replicate the LegacyWINS zone to all domain controllers in the forest. Create a host (A) record for the App1 Web server in the zone. |
|
Definition
|
|
Term
Your company has a single Active Directory dom ain. All servers run Wi ndows Server 2008. You install an additional DNS server that runs Windo ws Server 2008. You need to delete the pointer record for the IP address 10.3.2.127. What should you do?
A. Use DNS manager to delete the 127.in-addr.arpa zone.
B. Run the dnscmd /RecordDelete 10. 3.2.127 command at the command prompt.
C. Run the dnscmd /ZoneDelete 127.in -addr.arpa command at the command prompt.
D. Run the dnscmd /RecordDelete 10.in-add r.arpa. 127.2.3 PTR command at the command prompt. |
|
Definition
|
|
Term
Your company is designing it s public network. The network will use an IPv4 range of 131.107.40.0/22. The network must be configured as shown in the following exhibit. You need to configure subnets for each segment. Which network addresses should you assign?
A. Segment A: 131.107.40.0/23Segment B: 131.107.42.0/24Segment C:
131.107.43.0/25Segment D: 131.107.43.128/27
B. Segment A: 131.107.40.0/25Segmen t B: 131.107.40.128/26Segment C: 131.107.43.192/27Segment D: 131.107.43.224/30
C. Segment A: 131.107.40.0/23Segmen t B: 131.107.41.0/24Segment C: 131.107.41.128/25Segment D: 131.107.43.0/27
D. Segment A: 131.107.40.128/23Segm ent B: 131.107.43.0/24Segment C: 131.107.44.0/25Segment D: 131.107.44.128/27 |
|
Definition
|
|
Term
Your company has a single Active Directory domain. All servers run Windows Server 2008. The company network has 10 servers that perform as Web servers. All confidential files are located on a server named FSS1. The company security policy states that all confidential data must be transmitted in the most secure manner. When you monitor the network, you notice that the confidential files that are stored on the FSS1 server are being transmitted over the network without encryption. You need to ensure that encryption is always used when the confidential files on the FSS1 server are transmitted over the network. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Deactivate all LM and NTLM authentication methods on the FSS1 server.
B. Use IIS to publish the confidential files, acti vate SSL on the IIS server, and then open the files as a Web folder.
C. Use IPSec encryption between the FSS1 server and the computers of the users who need to access the confidential files.
D. Use the Server Message Block (SMB) signing bet ween the FSS1 server and the computers of the users who want to access the confidential files.
E. Activate offline files for the confidential files that are stored on the FSS1 server. In the Folder Advanced Properties dialog box, select t he Encrypt contents to secure data option. |
|
Definition
|
|
Term
You have a file server that runs Windows Server 2008. You configure quotas on the server. You need to view each users quota usage on a per folder basis. What should you do?
A. From File Server Resource Manager, create a File Screen.
B. From File Server Resource Manager, create a Storage Management report.
C. From the command prompt, run dirquota.exe quota list.
D. From the properties of each volume, review the Quota Entries list. |
|
Definition
|
|
Term
Your network consists of a single Active Directory domain. All servers run Windows Server 2008. You have a server named Server1 that hosts shared documents. Users report extremely slow response times when they try to open the shared documents on Server1. You log on to Server1 and observe real-time data indicating that the processor is operating at 100 percent of capacity. You need to gather additional data to diagnose the cause of the problem. What should you do?
A. In the Performance console, create a counter log to track processor usage.
B. In Event Viewer, open and review the application log for Performance events.
C. In Windows Reliability and Performance Monitor, use the Resource View to see the percentage of processor capacity used by each application.
D. In Windows Reliability and Performance Monitor, create an alert that will be triggered when processor usage exceeds 80 percent for more than five minutes on Server1.
|
|
Definition
|
|
Term
Your company has a main office and a branch office. The branch office has three servers that run a Server Core installation of Windows Server 2008. The servers are named Server1, Server2, and Server3. You want to configure the Event Logs subscription on Server1 to collect events from Server2 and Server3. You disc over that you cannot create a subscription on Server1 from another computer. You need to configure a subscription on Server1. Which two actions should you perform? (Each correct answer present s part of the solution. Choose two.)
A. Run the wecutil cs subscription.xml command on Server1.
B. Run the wevtutil im subscription.xml command on Server1.
C. Create an event collector subscription configuration file. Name the file subscription.xml.
D. Create a custom view on Server1 by using Event Viewer. Export the custom view to a file named subscription.xml. |
|
Definition
|
|
Term
You have two servers that run Windows Server 2008 named Server1 and Server2. You install WSUS on both servers. You need to configure WSUS on Server1 to receive updates from Server2. What should you do on Server1?
A. Configure a proxy server.
B. Configure an upstream server.
C. Create a new replica group.
D. Create a new computer group. |
|
Definition
|
|
Term
Your company has a network that has 100 server s. A server named Server1 is configured as a file server. Server1 is connected to a SAN and ha s 15 logical drives. You want to automatically run a data archiving script if the free space on any of the logical drives is below 30 percent. You need to automate the script execution. You create a new Data Collector Set. What should you do next?
A. Add the Event trace data collector.
B. Add the Performance counter alert.
C. Add the Performance counter data collector.
D. Add the System configuration data collector. |
|
Definition
|
|
Term
You install WSUS on a server that runs Windows Server 2008. You need to ensure that the traffic between the WSUS administrative Web site and the server administrators computer is encrypted. What should you do?
A. Configure SSL encryption on the WSUS server Web site.
B. Run the netdom trust /SecurePasswordPrompt command on the WSUS server.
C. Configure the NTFS permissions on the content directory to Deny Full Control permission to the Everyone group.
D. Configure the WSUS server to require Integrated Windows Authentication (IWA) when users connect to the WSUS server. |
|
Definition
|
|
