Sei sulla pagina 1di 10

1.

You are an enterprise administrator for XYZ. The corporate network of XYZ
consists of a single Active Directory forest called XYZ.com. The XYZ .com forest
contains six domains under it. All DNS servers in the forest run Windows Server
2008. Which of the following actions would you choose to ensure that all public DNS
queries are channeled through a single-caching-only DNS server? (Select all that
apply.)

A. Configure a forwarder.
B. Enable BINDsecondaries on a DNS Server.
C. Configure the root hints.
D. Configure a Global Names host (A) record for the hostname of the caching DNS
server.

Answer: A, C

2.
You are an enterprise administrator for XYZ. The corporate network of XYZ
consists of a single domain called XYZ.com. The domain contains an Integrated
Active Directory DNS zone the partner company of XYZ called XYZTECH also
consists of a domain called XYZTECH.com. The XYZ .com domain also consists of an
Integrated Active Directory DNS zone. Due to some network changes, the IP
addresses of the DNS servers in the XYZTECH.com need to be changed. Which of
the following options would you choose to ensure the name resolution for users in
XYZ.com to the resources in XYZTECH.com?

A. On each DNS server in XYZ.com, create a stub zone for XYZTECH.com.


B. Configure the Zone Replication Scope for XYZTECH.com to replicate to all DNS
servers in the forest.
C. Configure an application directory partition in the XYZ.com forest to enlist all DNS
servers in the XYZ.com forest in the partition.
D. Configure an application directory partition in the XYZTECH forest to enlist all
DNS servers in the XYZTECH forest in the partition.

Answer: A

3.
XYZ corporate network consists of Windows 2003 domain, wherein the client
computers are Windows 2000 Professional and Windows NT Workstations. In order
to have the name resolution of pre windows 2000 clients the management and IT
infrastructure team has decided to have two WINS servers in the network. Which of
the following will make sure that the WINS servers update each others database
dynamically?

A. Add LMHOSTS on each server


B. Configure each WINS server as a WINS client of the other WINS server
C. Configure a HOSTS table on each WINS Server
D. Configure each WINS server both as a push partner and as a pull partner of the
other WINS server

Answer: D

4.
Which service should you use so the computers on your network can resolve
NETBIOS names without any administrative work?

A. Telnet
B. DNS
C. FTP
D. HOSTS
E. WINS

Answer: E
5.
XYZ.com has servers that run Windows Server 2008. You are an administrator
at XYZ.com. To assign IPs dynamically to all client computers, you install and
configure a member server named XYZDHCP as a Dynamic Host Control Protocol
(DHCP) server. You configure all client computers to get their IP addresses
automatically from XYZDHCP. The users at client computers complain that their

machines are not receiving IP address from XYZDHCP. They say that their computers
are getting IP addresses from 129.168.x.x range. You find out that the DHCP server
has stopped. The settings on CKDHCP are configured correctly. What should you do
to make sure that the CKDHCP server is not stopped and all client machines are
obtaining IP addresses from CKDHCP server automatically?

A. Reconfigure the CKDHCP server to assign IP addresses to all client machines


using DNS settings
B. Restart the DHCP service on CKDHCP server
C. Restart the CKDHCP server
D. Authorize the DHCP server to assign IP addresses to client computers

Answer: D

6.
You are an enterprise administrator for XYZ. The corporate network of XYZ
consists of a DHCP server that runs Windows Server 2008. Which of the following
options would you choose to reduce the size of the DHCP database?

A. Enable the File is ready for archiving attribute of the dhcp.mdb file, from the
properties of dhcp.mdb file.
B. Enable the Compress contents to save disk space attribute of the dhcp.mdb file,
from the properties of
dhcp.mdb file.
C. Reconcile the database from the DHCP snap-in.
D. Run jetpack.exe dhcp.mdb temp.mdb from the folder that contains the DHCP
database.

Answer: D

7.
You are an enterprise administrator for XYZ. The company consists of a head
office and a branch office. The corporate network of the company consists of a

single Active Directory domain. All the servers in the domain run Windows Server
2008. Recently the branch office users have started complaining that they are
unable to access shared resources in the head office. To diagnose the problem, you
checked the IP addresses of the computers in the branch office and found that they
have IP addresses in the range of 169.254.x.x. Which of the following options would
you choose to ensure that branch office computers can connect to share resources
in both the head office and the branch office? What should you do?

A. Include the head offices DHCP server address in the Broadcast Address DHCP
server option
B. On a member server in the head office, configure a DHCP relay agent.
C. Include the main offices server IP addresses in the Resource Location Servers
DHCP server option.
D. On a member server in the branch office, configure a DHCP relay agent.

Answer: D

8.
As a network administrator, you have upgraded all servers to Windows
Server2008. You are required to configure IPv6 address to all computers in that
network. The company has four departments and a global address prefix
3FFA:FF2B:4D:B0Q0::/41 is assigned. You are required to assign a subnet to each
department. Which subnetted prefix will you assign to the fourth department?

A.3FFA:FF2B:4D:COOO::M3
B.3FFA:FF2B:4D:C800::/43
C.3FFA:FF2B:4D:F000::/4S
D.3FFA:rF2B:4D:B400::/43

Answer: B

9.
On a network configured to use IPv6, a Dynamic Host Configuration Protocol
(DHCP) server on a server called DHCP1 running on Windows 2008 server is
installed. Also, IP address and other configuration settings are not automatically
allocated to DHCP clients on a subnet that does not use DHCPvG from DHCP1. In
this case, how is the Managed Address Configuration flag and other stateful
configuration flag configured in the root advertisement?

A.Set both Managed Address Configurations to 1 and other stateful Configuration


flag to 0
B.Set Both Managed Address Configuration and Other Stateful Configuration flag to
0.
C.Set both Managed Address Configuration to 0 and Other stateful Configuration
flag to 1
D.Set both Managed Address Configuration and other stateful Configuration flag to 1

Answer: B

10. You are an enterprise administrator for XYZ. The company consists of a head
office and a branch office. The corporate network of the company consists of a
single Active Directory domain. All the servers in the domain run Windows Server
2008. The companys network uses IPv4 networking. You have recently installed a
new Windows Server 2008 server in the branch office and configured it with two
network interfaces. Which of the following options would you choose to configure
routing on the server at the branch office? (Choose two)

A. Enable the IPv4 Router Routing and Remote Access option on the server at the
branch office.
B. Run the netsh ras ip set access ALL command on the server at the branch office.
C. Install the Routing and Remote Access role on the server at the branch office.
D. Run the netsh interface ipv4 enable command on the server at the branch office.

Answer: A, C

11. Network Access Protection (NAP) will only work with certain operating systems
at the time of Windows 2008 Server release. What operating systems will NAP
support?

A. Window XP
B. Windows XP Service Pack 3
C. Windows Vista
D. Windows Server 2008

Answer: B, C, D

12. The corporate network of XYZ contains a Windows Server 2008 that has the
Network Policy Server (NPS) service role installed. Which of the following options
would you choose to allow VPN access to only the members of a global group
named XYZ Staff to the network?

A. Create a new network policy, define a group-based condition for XYZ Staff, Set
the access permission to Access Granted, and set the processing order of the policy
to 1.
B. Add XYZ Staff to the RAS and IAS Servers group.
C. Create a new network policy, define a group-based condition for XYZ Staff, Set
the access permission to Access Granted, and set the processing order of the policy
to 3.
D. Add XYZ Staff to the Network Configuration Operators group.
E. None of the above

Answer: A

13. On the corporate network of XYZ the Network Access Protection (NAP) is
configured. You have configured the 802.1x authentication to all the access points
that will be used to access to the corporate network using wireless computers to
ensure secure wireless access. Which of the following options would you choose to
ensure that all the client computers that try to access the corporate network are
evaluated by NAP?

A. Configure a Connection Request Policy having EAP-TLS as the only available


authentication method.
B. Configure all access points as RADIUS clients to the Remediation Servers.
C. Configure a Network Policy having the Remote Access Server as the only
available authentication method.
D. Configure all access points as RADIUS clients to the Network Policy Server (NPS).
E. None of the above

Answer: A

14. XYZ .com has a server with Active Directory Domain and an Enterprise Root
Certificate authority installed. To protect the VPN connection, XYZ.com has decided
to employ Network Access Protection (NAP) on the server. You are given the task for
implementing the NAP on the server. You build two servers named XYZ NPS and XYZ
VPN. You configure the functions on both servers as shown in the exhibit. What
should you do to ensure that the system health policy is implemented on all client
computers attempting to connect to the VPN server?

A. Configure a NAP role on an Enterprise Certificate Server


B. Reconfigure XYZ NPS as a Radius Client
C. Configure a NAP role and add it to a domain controller
D. Reconfigure XYZ VPN as a Radius client

Answer: D

15. You install a Windows Server 2008 with routing and remote access on a server
at XYZ.com. You configure the server to act as a corporate VPN (Virtual Private
Network) server. All the client computers at XYZ.com have Windows XP Professional,
Windows 2000 professional or Windows Vista installed. The remote users of
XYZ.com use this server to connect to the companys network domain. Sensitive
data is transmitted from the remote users through VPN server. The companys
security policy dictates that each user or computer should use public key
infrastructure (PKI) to connect to the domain for the transmission of sensitive
research data. You need to ensure that the VPN server meets those security
requirements. What should you do to secure the VPN connection?

A. Use the Kerberos version 5 authentication protocol to create a custom IPSec


policy
B. Use the Pre-shared authentication by creating a policy for a highly secure data
transmission
C. Open the command line on the server and run secedit/refreshpolicy
machine_policy
D. Implement L2TP/IPSec policy to create certificate-based authentication

Answer: D

16. XYZ has a corporate network. Network Access Protection is configured on it. As
per company policy, strict security measures are required to secure the data when it
is transmitted between the servers and the clients. Users connect to the corporate
network through their laptops or PCs to use network resources. You have to create a
strict access requirement that will stop any other person connecting to the
corporate network and using network resources. What should you do to implement
the restricted access control?

A. Add and configure an IPSec Enforcement Network policy


B. Add and configure 802.1 X Enforcement Network policies
C. Add and configure a Wired Network Group policy
D. Add and configure Extensible Authentication Protocol (EAP) Enforcement

Answer: A

17. You deploy a DFS server to the headquarters and each branch office and a DFS
name is hosted on each of the DFS servers. Management needs clients to connect
to their local DFS server if it is available and then connect to any other DFS server if
the local DFS server is not available. Which method you will configure?

A. Random Order
B. Lowest Cost
C. Excludes targets Outside Of the clients site
D. Clients fall Back to preferred Targets

Answer: A

18. You need to use disk quotas to send an e-mail to users when they have
consumed 800Mb of disk space and prevent users from consuming more than 1 GB
of disk space. How will configure it?

A. Create a hard quota with a 800mb limit and a second soft quota with a limit 1GB
B. Create a soft quota with a 800MB limit and a second quota with a 1GB limit.
C. Create a hard quota with a 1GB limit. Create a warning at 80 percent
D. Create a soft quota with a 800MB limit. Create a warning at 80 percent

Answer: C

19. You notice that Microsoft has released a Service Pack for Windows Vista.
However, when you open the

WSUS console and review updates, you do not see any service packs listed. You do
see recent security updates available. What is the most probable cause that no
service packs are available?

A. Microsoft does not provide the ability to deploy service packs using WSUS
B. Service packs are available only for Windows Server operating systems
C. WSUS is not properly downloading updates from Microsoft update servers
D. The Service Packs update type is not selected in the WSUS options

Answer: D

20. You notice that a new critical security update has been released to the
Microsoft update site. You want to download this update to your WSUS server and
install it on all of your corporate computers as soon as possible. You approve the
update for install to the All Computers computer group and set an install deadline of
11:00 p.m. of the same day. When you return to the office the next morning you
notice that the update was not installed on any Computers. What is the most likely
cause that the update was not installed?

A. The WSUS server lost connectivity to the Internet


B. You must approve the update for each computer individually
C. The Automatic Updates Detection Frequency is set to a period longer than the
amount of time that has elapsed since you approved the update
D. The client computers need to be rebooted before the update can be installed

Answer: C