Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
How many processors does the 64-bit version of Windows Server 2003 Datacenter
Edition support?
Selected
Answer: 64
Correct Answer:
32
Feedback: The 64-bit version of Windows Server 2003 Datacenter Edition supports
up to 64 processors. (Discussion starts on page 7.)
Question
1 out of 1 points
2
Which of the following is not an edition of Windows Server 2003?
Selected Corporate
Answer:
Correct Answer: Corporate
Feedback: Windows Server 2003 is available in Standard, Enterprise, Datacenter,
and Web editions. It is not available in a Corporate edition.
(Discussion starts on page 4.)
Question
1 out of 1 points
3
What is the maximum amount of RAM supported by the 32-bit version of Windows
Server 2003 Datacenter Edition?
Selected 64 GB
Answer:
Correct Answer: 64 GB
Feedback: The 32-bit version of Windows Server 2003 Datacenter Edition
supports 64 GB of RAM. (Discussion starts on page 7.)
Question
1 out of 1 points
4
Which of the following is not an organizational element of Active Directory?
Selected Branch
Answer:
Correct Answer: Branch
Feedback: A branch is not an organizational element of Active Directory. Trees,
organizational units, and domains are all organizational elements of
Active Directory. (Discussion starts on page 27.)
Question
1 out of 1 points
5
True or False: Before you create a domain controller, a DNS server must be available
on the network.
Selected False
Answer:
Correct Answer: False
Feedback: A DNS server is required to complete the installation of a domain
controller, but it need not be present before the installation is started.
If, during the installation process, Windows Server 2003 does not find
a DNS server, you will be prompted to install DNS on the system.
(Discussion starts on page 20.)
Question
1 out of 1 points
6
Why is it common practice to implement more than one domain controller per
domain?
Selected To provide fault
Answer: tolerance
Correct Answer: To provide fault
tolerance
Feedback: One reason to implement more than one domain controller per domain
is to provide fault tolerance. When more than one domain controller is
used per domain, each still holds a complete copy of the Active
Directory database. The domain database is not split up. The use of
multiple administrators is not related to how many domain controllers
are in use. When more than one domain controller is used per domain,
each still holds a complete copy of the Active Directory database.
Therefore, using multiple controllers will not reduce the number of
objects stored in the database on each domain controller. (Discussion
starts on page 28.)
Question
1 out of 1 points
7
You are installing an application that requires the Active Directory schema to be
extended. The application itself does not extend the schema, but the documentation
included with the application specifies that each user account must have a property
for the personal employer ID code. What steps would you take to achieve this?
Selected Using the Active Directory Schema snap-in, add an attribute to
Answer: the user account property for Employer ID Code.
Correct Using the Active Directory Schema snap-in, add an attribute to
Answer: the user account property for Employer ID Code.
Feedback: To provide an additional property for a user account, you would use
the Active Directory Schema snap-in to add an attribute to the user
account property. You would not create a new object calledEmployer
ID Code–it is a new property that is required. (Discussion starts on
page 30.)
Question
1 out of 1 points
8
You are setting up a new server to provide file and print services for the corporate
accounting department of your company. The accounting department has 78 users
and four printers. The server assigned to the accounting department is an eight-
processor system with 2 GB of RAM. The server used to be a corporate database
server, but a recent upgrade has made the system available. What edition of
Windows Server 2003 are you most likely to install on the server?
Selected Enterprise
Answer:
Correct Answer: Enterprise
Feedback: Windows Server 2003 Enterprise Edition supports up to eight
processors. Windows Server 2003 Web Edition supports only 10
inbound SMB connections, making it unsuitable for supporting the file
and print requirements of 78 users. Additionally, the Web Edition
supports only up to two processors. Windows Server 2002 Datacenter
Edition can be purchased only preinstalled on qualified hardware.
Windows Server 2003 Standard Edition supports only up to four
processors. (Discussion starts on page 4.)
Question
1 out of 1 points
9
Which of the following is a disadvantage of using answer files to automate the
installation of Windows Server 2003 on multiple systems?
Selected Certain parameters in the file must be changed for each
Answer: installation.
Correct Answer: Certain parameters in the file must be changed for each
installation.
Feedback: The main drawback of using answer files for a mass operating system
deployment is that each computer requires its own file. This is
because some of the settings supplied during the installation must be
unique, such as the computer name and IP address. There are no
restrictions on how many copies of the answer file can be used at
once. Answer files can be used with any edition of Windows Server
2003. Answer files do not need to have RIS installed and available on
the network in order to work. (Discussion starts on page 9.)
Question
1 out of 1 points
10
Which of the following statements about Windows Server 2003 Web Edition is true?
Selected The standard Client Access License (CAL) model does not
Answer: apply to computers running the Web Edition.
Correct The standard Client Access License (CAL) model does not
Answer: apply to computers running the Web Edition.
Feedback: The standard CAL model does not apply to computers running the
Web Edition. The operating system supports an unlimited number of
Web connections, but it is limited to 10 simultaneous Server
Message Block (SMB) connections. A computer running the Web
Edition can be a member of an Active Directory domain, but it cannot
function as a domain controller. The ICF and ICS features are not
included with the Web Edition, preventing the computer from
functioning as an Internet gateway. A computer running the Web
Edition cannot function as a DHCP server. (Discussion starts on
page 5.)
Question
1 out of 1 points
11
You have assigned a junior member of your team the task of producing a
specification for upgrading a mission-critical server from Windows 2000 to Windows
Server 2003. No additional budget is available for server hardware, so one major
consideration is that you cannot upgrade hardware. The existing server is a four-
processor system with 64 GB of RAM and fault-tolerant storage and network
subsystems. The junior team member has reviewed the technical specs and
requirements and has suggested that the most appropriate choice for the server is
Windows Server 2003 Datacenter Edition. What issues, if any, can you see with this
proposal?
Selected The Datacenter Edition is available only preinstalled on OEM
Answer: equipment. It cannot be purchased separately.
Correct The Datacenter Edition is available only preinstalled on OEM
Answer: equipment. It cannot be purchased separately.
Feedback: The Datacenter Edition can be purchased only preinstalled on a
system. Therefore, an existing system cannot be upgraded to the
Datacenter Edition. The Datacenter Edition supports 64 GB of RAM
in the 32-bit version and 512 GB of RAM in the 64-bit version. The
Datacenter Edition supports up to 64-way symmetric multiprocessing
(SMP) in the 64-bit version and 32-way SMP in the 32-bit version. It
cannot be installed on a system incapable of at least eight
processors. (Discussion starts on page 7.)
Question
1 out of 1 points
12
You have been asked to recommend a server for a small programming team that
develops enterprise-level data warehousing applications. The team sometimes uses
testing processes that can diminish network performance, so it will be placed on a
separate network from the rest of the organization.To create an environment similar
to the one in which the applications they develop will be used, you intend to
purchase a four-processor Intel Itanium system with 32 GB of RAM for their
exclusive use. Aside from the operating system, you want to avoid purchasing any
additional software. They will need automatic IP address allocation, secure Internet
access, and remote administration capabilities. Which of the following solutions
would you recommend?
Selected Buy a system with Windows Server 2003 Enterprise Edition
Answer: and enable ICF, ICS, DHCP, and Terminal Services.
Correct Buy a system with Windows Server 2003 Enterprise Edition
Answer: and enable ICF, ICS, DHCP, and Terminal Services.
Feedback: Windows Server 2003 Enterprise Edition provides support for 64-bit
Intel Itanium processors, ICF, ICS, and DHCP. It also supports
Terminal Services, which provides the required remote administration
functionality. Windows Server 2003 Datacenter Edition does not
support ICF or ICS. Windows Server 2003 Standard Edition is not
available in a 64-bit version. Windows Server 2003 Web Edition does
not support 64-bit hardware or the ICF or ICS. It also does not
support any more than 2 GB RAM. (Discussion starts on page 7.)
Question
1 out of 1 points
13
You are the systems administrator for a college with more than 700 students on a
single campus. You have two servers, one running Windows Server 2003
Enterprise Edition and the other running the Standard Edition. The college has two
libraries, one for business students and another for arts students. Both libraries run
a client management application from the Enterprise Edition server over Terminal
Services. The library manager for the arts library calls to tell you that he is
experiencing performance problems with the client management application. You
call the manager of the business library, who tells you that she has been running a
client inventory program for over an hour and has had no performance problems.
Upon investigation, you determine that when the business library manager is
running the inventory program, the performance of the arts library application is
affected. Which of the following tools would you use to manage this issue?
Selected WSRM
Answer:
Correct Answer: WSRM
Feedback: The Windows System Resource Manager (WSRM) can be used to
restrict the amount of system resources that can be used by a
Terminal Server user at any one time. Microsoft Metadirectory
Services (MMS) is a means of integrating multiple information
sources into a single, unified directory. MMS makes it possible to
combine Active Directory information with other directory services
and to create a unified view of all available information about a given
resource. The Internet Connection Firewall (ICF) provides protection
for Internet connections. Network Load Balancing (NLB) allows
network traffic to be distributed among multiple network interfaces in
a single system. (Discussion starts on page 7.)
Question
1 out of 1 points
14
You are the network administrator for a customs brokerage in Columbus, Ohio. You
have been asked to recommend a server operating system to support your
company's new intranet site. The server assigned for the purpose is a dual-
processor system with 512 MB of RAM. In addition to providing support for the
intranet site, the server will also act as a departmental server for the 17-person Web
development team. Which of the following editions of Windows Server 2003 are you
most likely to recommend?
Selected Standard Edition
Answer:
Correct Answer: Standard Edition
Feedback: The best solution is most likely the Standard Edition because it
includes the functionality of Microsoft Internet Information Services
(IIS) 6, it supports the available hardware, and it can provide file and
print services for the 17 members of the Web development team.
Although the Web Edition might seem like the most obvious choice in
this situation, there is an issue with the fact that the 17-person
development team also needs to access the server. The Web Edition
accommodates only 10 inbound connections for the purposes of file
access, so it would not be suitable. There is no Corporate Edition of
Windows Server 2003. While the Enterprise Edition would meet the
needs for your intranet, your needs do not justify its purchase over
the Standard Edition. (Discussion starts on page 5.)
Selected 3389
Answer:
Correct Answer: 3389
Feedback: Terminal Services uses TCP/IP port 3389. TCP/IP port 110 is used by
the POP3 protocol. TCP/IP port 80 is used by the HTTP protocol.
TCP/IP port 1863 is used by Windows Messenger. (Discussion starts on
page 54.)
Question
1 out of 1 points
2
By default, members of which groups are assigned remote access permission?
Selected
Answer: Administrators
Correct Answer:
Administrators
Feedback: By default, only members of the Administrators group are granted
remote access permission. (Discussion starts on page 47.)
Question
1 out of 1 points
3
Which of the following folders would you share out to make the Remote Desktop
Connection client software available to users?
Selected Systemroot\System32\Clients\Tsclient\Win32
Answer:
Correct Answer: Systemroot\System32\Clients\Tsclient\Win32
Feedback: Windows Server 2003 includes the Remote Desktop Connection files
on the installation CD and also copies them to
the Systemroot\System32\Clients\Tsclient\Win32 folder. It must be
shared out to make the files in this folder available to users.
(Discussion starts on page 51.)
Question
1 out of 1 points
4
You are the network administrator for a large finance house. You have a user who
wants to create an invitation for you to provide him with Remote Assistance. Which of
the following is the best way for the user to supply you with the invitation and the
password for the invitation?
Selected E-mail the invitation to you as an attachment, and then call
Answer: you with the password.
Correct E-mail the invitation to you as an attachment, and then call
Answer: you with the password.
Feedback: Although there are no specific rules about the communication of
invitations and corresponding passwords, best practice dictates that
you instruct users to supply the expert with the password using a
different medium from the one they are using to send the invitation.
(Discussion starts on page 55.)
Question
1 out of 1 points
5
You are the senior network administrator for an insurance company in Lincoln, NE.
You want to create some customized MMC consoles for a junior administrator who
has recently joined the company. You want to prevent him from opening new
windows or accessing a portion of the console tree, and you want to allow him to
view only one window in the console. Which of the following modes would you
configure for the custom MMC console?
Selected User Mode: Limited Access, Single Window
Answer:
Correct Answer: User Mode: Limited Access, Single Window
Feedback: User Mode: Limited Access, Single Window prevents users from
opening new windows or accessing a portion of the console tree, and
it allows them to view only one window in the console. User Mode:
Limited Access, Multiple Windows prevents users from opening new
windows or accessing a portion of the console tree, but it allows them
to view multiple windows in the console. There is no console mode
called User Mode: Limited Access, Single Window, No Open. There is
also no console mode called User Mode: Full Access, Single Window.
(Discussion starts on page 44.)
Question
1 out of 1 points
6
Under what circumstances can you use Remote Assistance to connect to an
unattended computer?
Selected You cannot connect to an unattended computer using
Answer: Remote Assistance.
Correct You cannot connect to an unattended computer using
Answer: Remote Assistance.
Feedback: For a Remote Assistance session to be started, a user must be
present at the client console to grant the expert access. You cannot
use Remote Assistance to connect to an unattended computer.
The answer “If you are logged in as an administrator” is incorrect.
Being logged in as administrator does not allow you to open a Remote
Assistance session on an unattended computer.
The answer “If the password to the administrator account on the
unattended computer is the same as the administrator account on
your system” is also incorrect. Password synchronization between
systems is not a requirement of Remote Assistance.
The answer “If you have a valid invitation issued from that computer”
is incorrect because a valid invitation is required to connect to a
remote computer. If the computer is unattended, a Remote Assistance
session cannot be started. (Discussion starts on page 57.)
Question
1 out of 1 points
7
On a computer running Windows Server 2003, which of the following procedures
would you follow to issue an invitation for Remote Assistance?
Selected Select Help And Support from the Start menu to open the Help
Answer: And Support Center window, and then click the Remote Assistance
hyperlink
Correct Select Help And Support from the Start menu to open the Help
Answer: And Support Center window, and then click the Remote Assistance
hyperlink
Feedback: To issue an invitation for Remote Assistance, you would Select Help
And Support from the Start menu to open the Help And Support
Center window and then click the Remote Assistance hyperlink.
The answer “Select Help And Support from the Start Menu to open the
Help And Support Center window, click the Get Help hyperlink, and
then select Remote Assistance” is incorrect. There is no Get Help
hyperlink in the Help And Support Center window. Help And Support
Center is not found in Control Panel. (Discussion starts on page 55.)
Question
1 out of 1 points
8
You are the network administrator for a property management firm with its head office
in Boulder, CO. The company has 16 offices across the United States. Each site has
a Windows Server 2003 system and 4 to 16 Windows XP Professional client
computers. Each site is linked via an ISDN line, and even though this creates a
private WAN, you are implementing firewalls at each location to provide security. You
are designing the specifications for the firewall, and you decide to provide Remote
Assistance to users on the remote sites. You also decide to allow users to send
invitations for Remote Assistance to the technical support department in Boulder over
Windows Messenger. How would you configure the firewall to accommodate this
configuration?
Selected Open ports 3389 and 1863
Answer:
Correct Answer: Open ports 3389 and 1863
Feedback: You must have port 3389 open on the firewall to provide remote
desktop functionality. Port 1863 must be open on the firewall for
invitations to be sent via Windows Messenger. Opening ports 2289
and 1863 would allow Windows Messenger traffic to pass through the
firewall, but Remote Assistance traffic would not be allowed through.
Opening ports 2058 and 1863 would allow Windows Messenger traffic
to pass through the firewall, but Remote Assistance traffic would not
be allowed through. Opening ports 3389 and 2058 would allow
Terminal Services traffic through the firewall but would not allow
Windows Messenger traffic through. (Discussion starts on page 57.)
Selected Pressing
Answer: Ctrl+Alt+Del
Correct Answer: Pressing
Ctrl+Alt+Del
Feedback: Task Manager can be started by pressing Ctrl+Alt+Del and clicking
Task Manager. None of the other answers are ways by which you can
start Task Manager. (Discussion starts on page 71.)
Question
1 out of 1 points
3
What does the Server: Bytes Total/Sec Performance console counter reflect?
Selected The amount of data sent and received by the server over all
Answer: of its network interfaces
Correct The amount of data sent and received by the server over all
Answer: of its network interfaces
Feedback: The Server: Bytes Total/Sec Performance console counter reflects the
amount of data sent and received by the server over all of its network
interfaces. The answer "The amount of data that is being written to the
page file every second" is incorrect. The amount of data that is being
written to the page file per second is reflected by the Memory:
Pages/Sec counter. The answer "The amount of data that is being
processed by the server service each second" is incorrect. There is no
counter that specifically reflects the amount of data being processed
by the server service each second. The answer "The amount of data
being written to disk each second" is incorrect. The amount of data
being written to disk each second is reflected by the PhysicalDisk:
Disk Bytes/sec counter. (Discussion starts on page 85.)
Question
1 out of 1 points
4
In a default configuration, members of which group(s) are permitted to view entries in
the Security log?
Selected
Answer: Administrators
Correct Answer:
Administrators
Feedback: By default, only members of the Administrators group are allowed to
view the Security log. All of the other answers are incorrect.
(Discussion starts on page 66.)
Question
1 out of 1 points
5
In Task Manager, what tab allows you to view which of the current user's processes
are running on the computer?
Selected Processes
Answer:
Correct Answer: Processes
Feedback: The Processes tab lists all of the current user's processes running on
the computer. The answer "Users" is incorrect. The Users tab lists all
of the users who are currently logged on to the computer. The answer
"Performance" is incorrect. The Performance tab displays a real-time
view of the computer's processor and memory utilization. The answer
"Applications" is incorrect. The Applications tab shows the status of
the user-level programs currently running on the computer.
(Discussion starts on page 73.)
Question
1 out of 1 points
6
If you have configured an event log retention setting of Do Not Overwrite Events
(Clear Log Manually), what happens when the maximum log file size is reached?
Selected Events are no longer written to the
Answer: file.
Correct Answer: Events are no longer written to the
file.
Feedback: If an event log retention setting is configured for Do Not Overwrite
Events (Clear Log Manually), when the maximum file size is reached
events will no longer be written to the file. The answer "A new file is
created with an EV1 extension" is incorrect. There is only ever one log
file per event log. The answer "The original file is copied to a BK1 file
and a new log file is started" is incorrect. There is only ever one log file
per event log. The answer "Events continue to be written to the file but
an alert is sent to the administrator prompting him or her to clear the
log manually" is incorrect. The Event Viewer does not send alerts to
the administrator when the log file is full. (Discussion starts on page
68.)
Question
1 out of 1 points
7
You are concerned that an unauthorized person has been logging into the system
with a username and password from another user, but when you check the Security
log in Event Viewer there are no events of any type recorded. What could be the
cause of this problem?
Selected Auditing has not been enabled.
Answer:
Correct Answer: Auditing has not been enabled.
Feedback: For events to be logged into the Security log, auditing must be
enabled on the system. The answer "The Security log file is full" is
incorrect. If the Security log file is full, it can still be viewed. The
answer "Only failed logon attempts are recorded in the Security log" is
incorrect. Both success and failure events can be written to the
Security log file. The answer "The system is not a domain controller
and so logon and logoff events are not recorded" is incorrect. The
status of the server as a domain controller does not affect the ability to
record logon security events. (Discussion starts on page 66.)
Question
1 out of 1 points
8
You are reconfiguring a SQL Server database application on a member server. The
reconfigurations seem to go smoothly, but after you have finished, a user calls you to
report that they are having an issue accessing certain records in the database. In
which of the following places are you most likely to look for events related to this
problem?
Selected In the Application log of Event
Answer: Viewer
Correct Answer: In the Application log of Event
Viewer
Feedback: Applications such as SQL Server write events to the Application log.
The answer "In the System log of Event Viewer" is incorrect. The
System log contains information about events generated by Windows
Server 2003 components, such as services and device drivers. It
would not contain events created by an application such as SQL
Server. The answer "In the Database log of Event Viewer" is incorrect.
Event Viewer does not have a Database log. The answer "In the
Security log of Event Viewer" is incorrect. The Security log contains
information about security-related events, such as failed logons,
attempts to access protected resources, such as shares and file
system elements, and success or failure of audited events.
(Discussion starts on page 66.)
Question
1 out of 1 points
9
In Event Viewer, you are configuring a filter that will display events that describe the
successful operation of an application, driver, or service, and events that relate to
significant problems, such as loss of data or loss of functionality. Which of the
following events would you include in the filter?
Selected Error,
Answer: Information
Correct Answer: Error,
Information
Feedback: Error events represent a significant problem, such as loss of data or
loss of functionality. Information events describe the successful
operation of an application, driver, or service. None of the other
answers are correct. (Discussion starts on page 67.)
Question
1 out of 1 points
10
You are troubleshooting a problem with a Windows Server 2003 system whereby
users cannot connect to the server. The server itself appears to be running, but you
notice that there is no link light on the port of the hub into which the server is
connected. As a result, you suspect that the network card in the server may have
failed. Where would you look to see events related to the network card?
Selected The System log of Event
Answer: Viewer
Correct Answer: The System log of Event
Viewer
Feedback: The system log contains information about events generated by
Windows Server 2003 components, such as services and device
drivers. In this case, if the network card driver failed to load because
the card had failed, the failure of the driver to load during system
startup would be recorded in the System log. The answer "The
Network log of Event Viewer" is incorrect. There is no Network log for
Event Viewer on Windows Server 2003. The answers "The
Application log of Event Viewer" and "The Security log of Event
Viewer" are incorrect. Events related to the network card would not
be recorded in the Application log or Security log of Event Viewer.
(Discussion starts on page 66.)
Question
1 out of 1 points
11
You are working on a Windows Server 2003 system that has just been installed by
another administrator. The administrator completed the installation but did not make
any configuration changes following the installation. While checking the maximum
log sizes in Event Viewer, you notice that the maximum size of the Security log is 16
MB. What does this tell you about the system?
Selected That the system is not a domain
Answer: controller
Correct Answer: That the system is not a domain
controller
Feedback: The default maximum file size for a Security log on a Windows
Server 2003 computer that is not a domain controller is 16 MB. The
answer "That Auditing has been enabled" is incorrect. The status of
auditing on the server does not affect the default size of the Security
log file. The answer "That the system is running either the DNS or
DHCP service" is incorrect. Whether DHCP or DNS is running on the
server does not influence the maximum size of the Security log file.
The answer "That the system is a domain controller" is incorrect. On
a server that is a domain controller, the size of the Security log is 128
MB. (Discussion starts on page 68.)
Question
1 out of 1 points
12
You have configured the Security log so that it must be cleared manually. One day,
while reviewing the log prior to archiving, you notice that there were a large number
of unsuccessful object accesses the previous night. You decide to save the file so
that it can be examined in Event Viewer by another administrator. Which of the
following file type(s) would you save the file as?
Selected
Answer: .evt
Correct Answer:
.evt
Feedback: The only file format that is recognized for viewing files in Event
Viewer is .evt. The answer ".evt, .txt" is incorrect. Although Event
Viewer can export files in a .txt format, these files then cannot be
viewed in Event Viewer. The answer ".evt, .txt, .csv" is incorrect.
Although Event Viewer can export files in a .txt or .csv format, these
files then cannot be viewed in Event Viewer. The answer ".evt, .csv"
is incorrect. Although Event Viewer can export files in a .csv format,
these files then cannot be viewed in Event Viewer. (Discussion starts
on page 71.)
Question
1 out of 1 points
13
You are the network administrator for a car dealership in Lexington, KY. You have a
single Windows Server 2003 system that is a domain controller, a DHCP and DNS
server, a file and print server, and the company e-mail server. The server also hosts
the company dealership database and sales and parts order processing system.
Early one morning, a user calls to report that the server appears to be running very
slowly. Using System Monitor, you examine some of the performance counters for
the server and make the following observations:
Server Work Queues: Queue Length = 9
Memory: Page Faults/Sec = 3
PhysicalDisk: % Disk Time = 45
Network Interface: Output Queue Length = 1
Which of the following system components are you most likely to examine for a
problem?
Selected
Answer: Processor
Correct Answer:
Processor
Feedback: The Server Work Queues: Queue Length counter specifies the
number of requests waiting to use a particular processor. This value
should be as low as possible, with values less than 4 being
acceptable. If the value is too high, upgrade the processor or add
another processor. The answer "Memory" is incorrect. The Memory:
Page Faults/Sec counter specifies the number of times per second
that the code or data needed for processing is not found in memory.
This value should be as low as possible, with values below 5 being
acceptable. The answer Network Interfaces is incorrect. The Network
Interface: Output Queue Length counter specifies the number of
packets waiting to be transmitted by the network interface adapter.
This value should be as low as possible, and preferably 0, although
values of 2 or less are acceptable. The answer "Hard Disk" is
incorrect. PhysicalDisk: % Disk Time counter specifies the
percentage of time that the disk drive is busy. This value should be
as low as possible, with values less than 50 percent being
acceptable. (Discussion starts on page 81.)
Question
1 out of 1 points
14
You are the network administrator for a publishing company in Portland, OR. The
network is comprised of 4 Windows Server 2003 systems and 122 workstation
systems, which are a mix of Windows XP Professional and Windows 2000
Professional systems. One morning, a user calls to report that the server seems
very slow. No changes to the server configuration have been made recently, but the
user reports that they are performing a daily database re-index. Upon inspection,
you notice that the PhysicalDisk: % Disk Time counter is 92 percent. Which of the
following would you do next?
Selected Examine memory-related
Answer: counters.
Correct Answer: Examine memory-related
counters.
Feedback: Before replacing disks or upgrading the disk subsystem, you should
first determine whether a lack of memory is causing the operating
system to access the disk too frequently. The answer "Install a larger
hard disk" is incorrect. Installing a larger hard disk would likely not
improve the situation. The PhysicalDisk: % Disk Time counter relates
to how much time the disk is in use, rather than the amount of data
that is stored on the disk. The answer "Install a faster hard disk" is
incorrect. Installing a faster hard disk may alleviate the problem, but
you would first determine why the PhysicalDisk: % Disk Time counter
is so high. The answer "Replace standalone drives with a RAID
array" is incorrect. Installing a RAID array may alleviate the problem,
but you would first determine why the PhysicalDisk: % Disk Time
counter is so high. (Discussion starts on page 81.)
Question
1 out of 1 points
15
You are one of three network administrators for a chain of garden centers, with 16
locations across the southwestern United States. All three administrators are based
at the head office in Scottsdale, AZ. Each garden center has its own Windows
Server 2003 system. The servers are all configured identically, and host the same
point-of-sale application. The servers are all linked back to the head office by a high
speed T-1 WAN link. One morning, you get a call from a user in one of the garden
centers complaining that the point-of-sale application is running very slowly. You
meet with the other administrators to determine a strategy for identifying the issue
with the server. One of the other administrators in the team suggests that you can
use Task Manager to view the performance statistics for the systems, while another
suggests that System Monitor would be a better choice. In this scenario, which of
the following is a reason why Task Manager might not work as well as System
Monitor in monitoring system resource usage?
Selected Task Manager cannot be used to monitor a remote
Answer: system.
Correct Answer: Task Manager cannot be used to monitor a remote
system.
Feedback: Task Manager can only be used to monitor the resources on the local
system. It cannot view information from other systems, which System
Monitor can. All of the other answers are incorrect. Both Task
Manager and System Monitor can be used to monitor these system
components. (Discussion starts on page 76.)
Question
1 out of 1 points
16
You are the network administrator for a glass manufacturer in Pittsburgh, PA. The
network consists of two Windows Server 2003 systems. Each server is an older
dual processor system with 768 MB of RAM. For some time now you have been
considering hardware upgrades for the servers, but budgets are tight. Both servers
are domain controllers. One server hosts DHCP and DNS server services, and is a
file and print server and the company e-mail server. The other server hosts the
company sales database and order processing system. As part of your morning
routine, you use System Monitor to view some of the performance counters for the
server and make the following observations:
Server Work Queues: Queue Length = 1
Memory: Available Bytes = 3,623,676
Memory: Page Faults/Sec = 3
Network Interface: Output Queue Length = 0
LogicalDisk: % Free Space = 47
What, if anything, might you look into in terms of upgrading the server?
Selected Install more
Answer: memory.
Correct Answer: Install more
memory.
Feedback: The Memory: Available Bytes counter specifies the amount of
available physical memory in bytes. This value should be as high as
possible, and should not fall below 5 percent of the system's total
physical memory. In this case, the byte value of the memory installed
in the system is 768,000,000. So, the Memory: Available Bytes
counter should be no lower than 38,400,000. The answer "Install a
faster processor" is incorrect. There is nothing in the counter values
that indicates the need for a faster processor. The answer "Install a
larger hard disk" is incorrect. There is nothing in the counter values
that indicates a shortage of hard disk space. The answer "Replace
the memory" is incorrect. There is nothing in the counter values that
denotes faulty memory. (Discussion starts on page 81.)
Question
1 out of 1 points
17
You are the network administrator for a real estate company in Chicago, IL. You
have a single Windows Server 2003 system that acts as domain controller and file
and print server and also hosts an intranet-based workgroup application. You back
up the system each night at 11:00 P.M. Normally the back up takes less than two
hours, but for the past two days the backup has still been running when you have
gotten into the office at 8:00 A.M. While talking to the technical support
representative from the backup software provider, they suggest that it could be one
of a number of problems. In order to determine what the problem is they ask you to
record information about the number of times per second that the code or data
needed for processing is not found in memory while the backup job is running. They
caution you, however, that you should only record the information while the backup
job is running. Recording the information during the day could severely impact
performance of the server. Which of the following would you do to achieve this?
Selected Configure a Trace log to run between 11:00 P.M. and 6:00
Answer: A.M. and record Page Faults.
Correct Configure a Trace log to run between 11:00 P.M. and 6:00
Answer: A.M. and record Page Faults.
Feedback: The Trace log feature of Performance Logs and Alerts can be
configured to record information such as page faults. The log can
also be scheduled to run at certain times. The answer "Configure a
Trace log to run between 11:00 P.M. and 6:00 A.M. and record Page
Faults" is incorrect. Task Manager is a real-time monitoring tool. It
does not provide the facility to record information to a file. The
answer "Configure System Monitor to display information in
histogram view between 2 and 4 A.M." is incorrect. System Monitor is
a real-time performance monitoring tool. You would use it to view
recorded information, but not to create it. The answer "Configure a
Trace log to run between 2 and 4 A.M. and record Memory Errors" is
incorrect. Recording "Memory Errors" is not an option for a Trace log.
(Discussion starts on page 86.)
Question
1 out of 1 points
18
You are the network administrator for an outdoor equipment wholesaler in Detroit,
MI. You have three locations. One is the head office from which the ordering and
distribution is handled. The other two locations are retail outlets—one in a retail park
on the edge of the city and another in a downtown location. Each of the retail outlets
has its own Windows Server 2003 system in its own domain. The retail park location
has a new server with 1 GB of RAM and four processors. The downtown store has
an older server with 512 MB of RAM and two processors that has been installed for
some time and was originally a Windows 2000 Server system. Staff in the
downtown store have been complaining that ever since a new point-of-sale
application was installed the server seems very slow. The retail park location is not
having any problems. Using System Monitor, you monitor the server in the retail
park location and the downtown location at the same time. You monitor counters
related to processor, memory, disk, and network on each of the servers. Of all the
counters you monitor, you notice that the Server: Bytes Total/Sec counter for the
downtown location is very high, while the other counters are very similar between
servers. Which of the following strategies might you use to cure this issue?
Selected Install a faster network
Answer: adapter.
Correct Answer: Install a faster network
adapter.
Feedback: The Server: Bytes Total/Sec counter reflects the amount of data (in
bytes) sent and received by the server over all of its network
interfaces. If this figure is more than 50 percent of the total bandwidth
capacity of the network interfaces in the server, you should consider
migrating some applications to another server to reduce the network
load on the server, or upgrade to faster network interfaces if possible.
In this example, because there is only one server in that location, the
only real option would be to install a faster network adapter. The
answer "Install a faster processor" is incorrect. Installing a faster
processor is unlikely to improve the situation. The answer "Install
more memory" is incorrect. Installing more memory is unlikely to
improve the situation. The answer "Move the application to another
server" is incorrect. As there is only one server in that location,
moving the application to another server would not be possible.
(Discussion starts on page 85.)
Question
1 out of 1 points
19
You are the network administrator for a property development company in Salt Lake
City, UT. You have a single Windows Server 2003 system that is a domain
controller, a DHCP and DNS server, a file and print server, and the company e-mail
server. The server also hosts a document management system. One Wednesday
afternoon, without warning, the server crashes. You reboot the server and it comes
up without a problem. You examine the system performance through System
Monitor, but everything seems in order. Two weeks later, the server crashes again.
As before, you reboot the server and it comes up without any errors. Immediately
after the restart, you use System Monitor and observe the following counters and
values.
Server Work Queues: Queue Length = 2
Memory: Page Faults/Sec = 2
Memory: Pages/Sec = 7
Memory: Available Bytes = 452,332,145
PhysicalDisk: % Disk Time = 34
Network Interface: Output Queue Length = 1
Two days later, you monitor the same counter statistics and note the following:
Server Work Queues: Queue Length = 1
Memory: Page Faults/Sec = 3
Memory: Pages/Sec = 11
Memory: Available Bytes = 124,342,841
PhysicalDisk: % Disk Time = 43
Network Interface: Output Queue Length = 0
Which of the following strategies are you likely to take with the server?
Selected Examine memory usage for each application on the
Answer: server.
Correct Answer: Examine memory usage for each application on the
server.
Feedback: A substantial decrease in the Memory: Available Bytes counter can
be caused by a memory leak. A memory leak is the result of a
program allocating memory for use but not freeing up that memory
when it is finished using it. Over time, the computer's free memory
can be totally consumed, degrading performance and ultimately
halting the system. In this scenario, the first thing you would do is
examine the memory usage for each application to determine if one
of the applications is responsible for a memory leak. The answer
"Move an application off of the server and on to another server" is
incorrect. This is not the first thing you would do in this scenario. The
answer "Upgrade the network card from a 10 Mbps card to a 100
Mbps card" is incorrect. There is nothing to indicate that network
performance is an issue. The answer "Nothing. The counter statistics
do not indicate any issues" is incorrect. There is a concern with the
statistics. (Discussion starts on page 81.)
Question
1 out of 1 points
20
You are the network administrator for an electrical goods importer in Brandon, FL.
You have a single Windows Server 2003 system that is a domain controller, a
DHCP and DNS server, a file and print server, and the company e-mail server. The
server also hosts the inventory database and sales order processing system. Early
one morning, a user calls to report that the server appears to be running very
slowly. Using System Monitor, you examine some of the performance counters for
the server and make the following observations:
Server Work Queues: Queue Length = 2
Memory: Page Faults/Sec = 9
Memory: Pages/Sec = 35
PhysicalDisk: % Disk Time = 5
Network Interface: Output Queue Length = 1
Which of the following are you most likely to do to cure the problem?
Selected Install more
Answer: memory.
Correct Answer: Install more
memory.
Feedback: The Memory: Page Faults/Sec counter specifies the number of times
per second that the code or data needed for processing is not found
in memory. This value should be as low as possible, with values
below 5 being acceptable. If this value is too high, you should
determine whether the system is experiencing an inordinate number
of hard faults by examining the Memory: Pages/Sec counter. If the
number of hard page faults is excessive (above 20), you should
either determine what process is causing the excessive paging or
install more random access memory (RAM) in the system. The
answer "Replace the memory" is incorrect. There are no counters
that indicate that the memory needs to be replaced. The answer
"Install a faster network interface" is incorrect. There are no counters
that indicate that the network interface needs to be upgraded. The
answer "Install a larger hard disk" is incorrect. There are no counters
that indicate that a larger hard disk is required. (Discussion starts on
page 81.)
Selected 20 GB
Answer:
Correct Answer: 20 GB
Feedback: The maximum uncompressed capacity of a DAT cartridge is 20 GB.
(Discussion starts on page 98.)
Question
1 out of 1 points
2
Which of the following is not a recognized type of backup?
Selected Supplemental
Answer:
Correct Answer: Supplemental
Feedback: Supplemental is not a recognized type of backup. Incremental,
differential, and full (also called normal) are all recognized types of
backup. (Discussion starts on page 103.)
Question
1 out of 1 points
3
Which of the following media has the largest data storage capacity?
Selected DVD
Answer:
Correct Answer: DVD
Feedback: DVDs of certain formats can hold more than 4 GB of data.
Zip cartridges can hold up to only 750 MB of data.
A CD can hold up to only 650 MB of data.
A Jaz cartridge can hold up to only 2 GB of data. (Discussion starts on
page 96.)
Question
1 out of 1 points
4
On a Windows Server 2003 system, where do you enable the volume shadow copy
feature?
Selected In Local Disk, Properties, Shadow Copies tab
Answer:
Correct Answer: In Local Disk, Properties, Shadow Copies tab
Feedback: Volume shadow copy is enabled through the Local Disk, Properties,
Shadow Copies tab. The other answers are incorrect. (Discussion
starts on page 118.)
Question
1 out of 1 points
5
Why is hardware data compression for backups preferred over software data
compression?
Selected Hardware compression occurs on the tape drive and does not
Answer: burden the system processor.
Correct Hardware compression occurs on the tape drive and does not
Answer: burden the system processor.
Feedback: Hardware compression occurs on the tape drive or tape drive
controller and therefore does not use system resources.
The answer “Hardware compression is more accurate than software
compression” is incorrect. Hardware and software compression are
equally accurate.
The answer “Hardware compression can be used with any type of
backup, including differential” is incorrect. The compression method is
not dependent on the type of backup being performed.
The answer “Hardware compression can gain much higher
compression ratios than software compression” is incorrect. There is
no evidence to suggest that hardware compression can gain higher
compression ratios than software compression. (Discussion starts on
page 112.)
Question
1 out of 1 points
6
Using a typical Grandfather-Father-Son tape rotation scheme, how often do you
normally use the father tape?
Selected Once a week
Answer:
Correct Answer: Once a week
Feedback: In a typical Grandfather-Father-Son rotation, the father tape is
generally used once a week.
The son tape is generally used on a daily basis.
The grandfather tape is generally used on a monthly basis.
(Discussion starts on page 111.)
Question
1 out of 1 points
7
What utility do you use to mark specific Active Directory objects as authoritative?
Selected Ntdsutil.exe
Answer:
Correct Answer: Ntdsutil.exe
Feedback: The Ntdsutil.exe command-line utility is used to mark specific Active
Directory objects as authoritative. The other answers are incorrect.
(Discussion starts on page 120.)
Question
1 out of 1 points
8
Which of the following backup types does not alter the archive bit on a newly created
file?
Selected
Answer: Differential
Correct Answer:
Differential
Feedback: Differential backups do not change the state of the archive bit.
During a full backup, the archive bit of a file is cleared.
During an incremental backup, the archive bit of a file is cleared.
Symmetrical is not a recognized type of backup. (Discussion starts on
page 103.)
Question
1 out of 1 points
9
Which of the following statements describes how to see earlier versions of a file on a
volume that has volume shadow copy enabled?
Selected In the Properties dialog box for a file in a shadowed volume,
Answer: select the Previous Versions tab.
Correct In the Properties dialog box for a file in a shadowed volume,
Answer: select the Previous Versions tab.
Feedback: To view previous versions of a file on a volume that has volume
shadow copy enabled, from the Properties dialog box for a file in a
shadow volume, you select the Previous Versions tab.
The other answers are not correct ways to view the previous versions
of a file on a volume that has volume shadow copy enabled.
(Discussion starts on page 118.)
Question 1 out of 1 points
10
If you do a full backup to a single tape on a Friday night and then an incremental
backup to tape on all other days of the week (including the weekend), if a system
failure occurs, what is the maximum number of tapes required to perform a full
restore?
Selected 7
Answer:
Correct Answer: 7
Feedback: In this scenario, the maximum number of tapes required to perform a
complete restore is seven: the full backup from Friday and then the
incremental backups from Saturday, Sunday, Monday, Tuesday,
Wednesday, and Thursday. (Discussion starts on page 103.)
Question
1 out of 1 points
11
True or False: In an authoritative restore of Active Directory, the objects in the
Active Directory database are restored with updated sequence numbers that
prevent them from being overwritten during the next replication pass.
Selected True
Answer:
Correct Answer: True
Feedback: In an authoritative restore, the objects in the Active Directory
database are restored with updated sequence numbers that prevent
them from being overwritten during the next replication pass.
(Discussion starts on page 121.)
Question
1 out of 1 points
12
While discussing the development of a new backup strategy for your company, a
colleague uses the term target. What is she referring to?
Selected The data object to be backed up
Answer:
Correct Answer: The data object to be backed up
Feedback: In a discussion of backup strategies, the term target refers to the
data object being backed up.
The term is not used to refer to the other backup components.
(Discussion starts on page 101.)
Question
1 out of 1 points
13
When you configure volume shadow copy, which of the following parameters cannot
be configured?
Selected Which folders on the drive should be included in the volume
Answer: shadow copy.
Correct Which folders on the drive should be included in the volume
Answer: shadow copy.
Feedback: The volume shadow copy feature can be enabled only on a drive-by-
drive basis. It is not possible to specify specific folders that should be
included. The drives that should be included, the maximum size of
the storage area for shadowed files, and the frequency with which
shadow copies are made are all configurable parameters for volume
shadow copy. (Discussion starts on page 118.)
Question
1 out of 1 points
14
After a system failure, you restart the system in Directory Services Restore Mode to
restore Active Directory from a backup. You are prompted for a username and
password, so you enter the username and password for the Administrator account,
but you are unable to log on. You used the Administrator account the previous day,
and the password has not been changed since then. What is the most likely cause
of the problem?
Selected You must use the restore mode password for the Administrator
Answer: account that you specified when you installed Active Directory.
Correct You must use the restore mode password for the Administrator
Answer: account that you specified when you installed Active Directory.
Feedback: When Active Directory is first installed, you are prompted for a
password to access Directory Services Restore Mode. You must use
the Administrator account and this password to enter Directory
Services Restore Mode.
Using the first password ever associated with the
Administratoraccount is not the correct way to enter Directory
Services Restore Mode, nor is using the username DSRESTORE or
using an account other than Administrator. (Discussion starts on
page 120.)
Question
1 out of 1 points
15
If you do a full backup to a single tape on a Friday night and then an incremental
backup to tape on all other days of the week (including the weekend), and a system
failure occurs on Monday morning, how many tapes are required to perform a full
restore?
Selected 3
Answer:
Correct Answer: 3
Feedback: In this scenario, you need three tapes to perform a full restore. You
first restore the full backup from Friday, and then the incremental
backups from Saturday and Sunday. (Discussion starts on page
103.)
Question
1 out of 1 points
16
If you are performing a full backup each Friday to a single tape and a differential
backup to a single tape on all other days of the week (including the weekend), what
is the minimum number of tapes required to accommodate seven days worth of
backups?
Selected 2
Answer:
Correct Answer: 2
Feedback: Because all files modified or created since the last full backup are
included in a differential backup, the minimum number of tapes
required to accommodate the backup cycle is two. In the real world, it
is more common to have multiple tapes to provide for offsite storage
and fault tolerance. (Discussion starts on page 103.)
Question
1 out of 1 points
17
How does using the volume shadow copy feature of Windows Server 2003 help
system administrators?
Selected It reduces the need to restore individual files from
Answer: backup.
Correct Answer: It reduces the need to restore individual files from
backup.
Feedback: Volume shadow copy reduces the need to restore individual files by
keeping previous versions of files on the volume. If a user
accidentally overwrites a file or makes unwanted changes to the file,
the user can retrieve a previous version. Using volume shadow copy
does not reduce the need to performsystem backups, does not allow
multiple copies of a file to be writtento different locations at the same
time, and does not reduce the amount of time that it takes to perform
a backup. (Discussion starts on page 118.)
Question
1 out of 1 points
18
True or False: There is always less data included in an incremental backup than a
full backup.
Selected False
Answer:
Correct Answer: False
Feedback: An incremental backup includes any files that have been changed or
created since the last full or incremental backup. If all of the files on a
drive have been changed or created since the last full or incremental
backup, the same amount of data is backed up for a full and an
incremental backup. (Discussion starts on page 103.)
Question
1 out of 1 points
19
You are the network administrator for a chemical wholesaler in Spokane,
Washington. You have a single Windows Server 2003 system with three disk drives.
One drive holds the system and boot partition, the second drive is used for file
storage, and the third drive is used to store the order processing system and sales
database. You back up the system with a full backup each Friday, and you do an
incremental backup on all other weekdays at 7 p.m. One of your suppliers sends
you electronic copies of its new product catalogs, along with ordering codes. In all,
there are 50 files named Cat1 through Cat50. You create a new folder called
Catalogs on the second drive in the server and copy the 50 catalog files into that
folder, and then you immediately create a differential backup of the entire drive and
store the tape for archive purposes. That night, you perform an incremental backup
of the drive as part of your standard backup cycle. What, if anything, will happen
during the incremental backup?
Selected The files in the Catalogs folder will be backed up, and the
Answer: archive bit will be changed from 1 to 0.
Correct The files in the Catalogs folder will be backed up, and the
Answer: archive bit will be changed from 1 to 0.
Feedback: Differential backups do not alter the state of the archive bit, so as
files are created on the drive, they are included with the incremental
backup and the archive bit is set to 0.
The answer “The files in the Catalogs folder will be backed up, and
the archive bit will be set to 1” is incorrect. Incremental backups reset
the archive bit on a file to 0 after it has been backed up.
The answer “The files in the Catalogs folder will not be backed up,
but the archive bit will be set to 1 so that those files will be backed up
the following day” is incorrect. If a backup does not take a copy of a
file, it does not alter the archive bit.
The answer “The files in the Catalog folder will not be backed up
because after you copied them to the folder you did not modify them”
is incorrect. Even though no changes were made to the files, the fact
that they are newly created on the drive would cause them to be
included in an incremental backup. (Discussion starts on page 103.)
Question
1 out of 1 points
20
You are the network administrator for a large architectural firm in New York. The
network comprises three Windows Server 2003 systems and 64 Windows XP
Professional systems. The server has four drives installed. One is used to hold the
boot and system partitions, and the other three are used for holding data. The data
drives are called DATA1, DATA2, and DATA3. Each drive is a 40 GB SCSI drive.
The DATA1 drive is 30 percent full, the DATA2 drive is 45 percent full, and the
DATA3 drive is 65 percent full.
The backup schedule consists of a full backup of each drive every Friday, and then
an incremental backup of each drive at 9 p.m. on all other days of the week. On
Thursday morning, the DATA2 drive fails completely. No replacement drive is
immediately available, so you decide that the best course of action is to restore the
data to one of the other drives. Which of the following procedures do you follow to
do this?
Selected Restore the full backup from Friday to DATA1, and then restore
Answer: the incremental backups from Monday, Tuesday, and Wednesday
to DATA1.
Correct Restore the full backup from Friday to DATA1, and then restore
Answer: the incremental backups from Monday, Tuesday, and Wednesday
to DATA1.
Feedback: When using a backup schedule with full and incremental backup
jobs, the latest full backup should be restored first, followed by the
incremental backups from the oldest to the most recent. The answer
“Restore the full backup from Friday to DATA1, and then restore the
incremental backups from Monday, Tuesday, and Wednesday to
DATA3” is incorrect. The full and incremental backups must be
restored to the same drive for the restore to be complete andup to
date. The answer “Restore the full backup from Friday to DATA3, and
then restore the incremental backups from Monday, Tuesday, and
Wednesday to DATA3” is incorrect. The DATA3 drive does not have
sufficient space to accommodate the restore. The answer “Restore
the full backup from Friday to DATA1, and then restore the
incremental backups from Wednesday, then Tuesday, then Monday
to DATA1” is incorrect. When you use a backup schedule with full
and incremental backup jobs, the latest full backup should be
restored first, followed by the incremental backups from the oldestto
the most recent. This answer choice does the reverse. (Discussion
starts on page 103.)
Question
1 out of 1 points
21
You are the network administrator for a water purification company in Rhode Island.
The network consists of three Windows Server 2003 systems, with 45 Windows XP
Professional client systems and 30 Windows 2000 Professional client systems. Two
of the servers are used as domain controllers. The other server is a member server
that hosts the corporate e-mail system and a sales database. Each server has two
hard disks in it, one for the system and boot partition and another for data.
You restructure the data on the data drive of your member server, and then you
perform a copy backup job using Windows Server 2003 Backup so you can store a
copy of the data offsite. After the backup is complete, no other changes are made to
the files on that drive, but a number of new files are created. That night, you run an
incremental backup as part of your standard backup schedule. Which files will be
included in the incremental backup?
Selected All files that were modified or created since the last
Answer: incremental or full backup.
Correct All files that were modified or created since the last
Answer: incremental or full backup.
Feedback: A copy backup job does not alter the archive bit of a file. Therefore,
the incremental backup will include all files that were created or
modified since the last full or incremental backup. The answer “All
files that were created since the copy backup job, but no other files”
is incorrect. The files created since the copy backup will be included
in the incremental backup, but other files will also be included. The
answer “All files that were modified or created since the last
differential backup” is incorrect. Differential backups do not change
the archive bit. Therefore, the backup program has no way of
knowing when the last differential backup was made. The answer
“None. All files that have changed will have already been backed up
by the copy backup job” is incorrect. The incremental backup will
include files from the data drive. (Discussion starts on page 103.)
Question
1 out of 1 points
22
You are the network administrator for a bank in San Diego. The network consists of
two Windows Server 2003 systems and 55 Windows XP Professional systems. Both
servers are domain controllers. One server hosts applications, including Microsoft
Exchange and Microsoft SQL Server, and the other server is dedicated to hosting
the bank's customer service database. The database is used to store requests from
customers, such as changes of address and requests for information about banking
products. Each server has two hard disks in it, one for the system and boot partition
and another for data.
Your backup cycle for each server includes a full backup every Friday and an
incremental backup on all other days of the week. Another administrator suggests
that you do a differential backup on Tuesday so the maximum number of tapes
needed for a complete restore would be four. What issues, if any, can you see with
this solution?
Selected The solution offers no
Answer: benefits.
Correct Answer: The solution offers no
benefits.
Feedback: Because the incremental backup on Monday would clear the archive
bit on modified or created files, the differential backup on Tuesday
would not include any other data that would not otherwise be
included in an incremental backup. So, if the drive failed on
Thursday, you would still need the full backup from Friday; then the
incremental from Saturday, Sunday, and Monday; the differential
from Tuesday; and the incremental from Wednesday. Therefore, the
proposed solution does not offer any benefit. The answer “None.
The proposed solution is appropriate and valid” is incorrect. There
are issues with the proposed solution. The answer “You cannot mix
incremental and differential backups in this way” is incorrect. There
are no specific restrictions on combining incremental and differential
backups. The answer “The differential backup would not back up
any data” is incorrect. The differential backup would include any files
that were created or modified since the last full or incremental
backup. Therefore, it would have data in it. (Discussion starts on
page 103.)
Question
1 out of 1 points
23
You are the network administrator for a fruit wholesaler in Orlando, Florida. The
network consists of three Windows Server 2003 systems and 110 Windows 2000
Professional systems. All three servers are used as domain controllers. One server
also acts as a file and print server, and it hosts Dynamic Host Configuration Protocol
(DHCP) and Domain Name System (DNS) server services. One of the other servers
is dedicated to hosting the company's order processing system. The order
processing system database is stored on a single drive. Last week, at 6:30 p.m., the
drive holding the order processing system failed. Even though you had a new drive
installed and a restore from the previous night's full backup completed within an
hour, the manager of the sales department was still disappointed because an entire
day's worth of orders was lost. As a result, that manager wants to start taking
backups in the middle of the day so the maximum amount of work he can lose is a
half day rather than a whole day.
The size of the order processing system is fairly static, at around 25 GB. The
manager gives you a 30-minute backup window between 12:30 and 1:00 p.m. when
you can have exclusive access to the database to complete a backup. He gives you
the necessary budget to buy a new drive to accommodate this request. Which of the
following drive types would you implement?
Selected 8
Answer: mm
Correct Answer: 8
mm
Feedback: 8-mm tape drives have a maximum capacity of 100 GB and a data
transfer rate of up to 1400 MB per minute. In a 30-minute window,
you could back up a maximum of 42 GB—more than enough to
accommodate the 25 GB database.
Jaz drives have a maximum capacity of 2 GB.
DVD typically has a capacity of about 4 GB.
Although quarter-inch cartridge (QIC) drives have a maximum
capacity of 50 GB, the maximum data transfer rate is 600 MB per
minute. In a 30-minute window, even if the maximum transfer rate
could be attained for the whole time, you would still only be able to
backup 18 GB, which is not enough to back up the database.
(Discussion starts on page 96.)
Question
1 out of 1 points
24
You are the network administrator for an electrical wholesaler in Bloomington,
Indiana. You have a single Windows Server 2003 system with three disk drives.
One drive holds the system and boot partition, the second is used for file storage,
and the third is used to store the customer database. You do a full backup each
Friday and a differential backup on all other weekdays at 9 p.m. On Wednesday at
11 a.m., the drive holding the customer database fails. You replace the drive
immediately with a spare drive. How would you go about restoring the data?
Selected Obtain the full backup from Friday and then the differential
Answer: backup from Tuesday. Restore the full backup, and then restore
the differential backup.
Correct Obtain the full backup from Friday and then the differential
Answer: backup from Tuesday. Restore the full backup, and then restore
the differential backup.
Feedback: When you restore from a backup schedule that involves a full backup
and a differential backup, you should restore the full backup first and
then restore the differential backup over the top. This results in the
latest set of data.
The answer “Obtain the full backup from Friday and then the
differential backup from Tuesday. Restore the differential backup,
and then restore the full backup” is incorrect. This is not the correct
order for restor-ing data.
The answer “Obtain the full backup from Friday and then the
differential backups from Monday and Tuesday. Restore the full
backup, and then restore the differential backups from Monday and
then Tuesday” is incorrect. When you use a differential backup, you
need only the latest full backup and the latest differential backup to
perform a complete restore.
The answer “Obtain the full backup from Friday and then the
differential backups from Monday and Tuesday. Restore the
differential backups from Monday and then Tuesday. Finally, restore
the full backup from Friday” is incorrect. When you use a differential
backup, you need only the latest full backup and the latest differential
backup to perform a complete restore. (Discussion starts on page
103.)
Question
1 out of 1 points
25
You are the network administrator for a telecommunications company in Rochester,
New York. The network consists of two Windows Server 2003 systems and 57
Windows XP Professional systems. Both servers are used as domain controllers.
One server hosts DHCP and DNS server services. It is also used as a file and print
server. The other server hosts a large SQL database. Each server has two hard
disks in it, one for the system and boot partition and another for data. The backup
cycle for each server comprises a full backup each Tuesday at 7 p.m. and a
differential backup on all other days of the week at 9 p.m. You are backing up to a
digital audio tape (DAT) drive. The backups have been operating flawlessly for
some time, but one Tuesday you notice that the backup of the drive holding the SQL
database has stopped and requested another tape. Upon investigation, you
determine that the SQL database has grown to 22 GB in size. Which of the following
strategies is the most cost-effective way to cure the problem?
Selected Enable compression so twice as much data can be backed
Answer: up to a single DAT tape.
Correct Enable compression so twice as much data can be backed
Answer: up to a single DAT tape.
Feedback: The capacity of a DAT tape is 20 GB uncompressed. In this case,
because the amount of data being written to the drive is 22 GB and is
too big to fit on the tape, compression is probably not being used.
Turning on compression would be the most cost-effective solution.
The answer “Purchase another DAT drive and split the backup job so
that it writes to more than one device” is incorrect. Although this is a
valid solution, it is not the most cost-effective solution. The answer
“Perform an incremental backup on Tuesdays so less data is backed
up” is incorrect. Incremental backups must be combined with a full
backup to ensure that a complete copy of the data is available.
The answer “Implement a higher-capacity backup system so all the
data will fit on a single tape” is incorrect. Although this is a valid
solution, it is not the most cost-effective solution. (Discussion starts
on page 96.)
Question
1 out of 1 points
26
You are the network administrator for an electronics manufacturer in Springfield,
Ohio. The network consists of four Windows Server 2003 systems and 262
Windows XP Professional systems. One server is assigned to each of four
departments—sales, manufacturing, administration, and distribution. Each server
has two hard disks in it, one for the system and boot partition and another for data.
The Active Directory structure consists of a single domain. The backup cycle for
each server comprises a full backup each Wednesday at 7 p.m. and an incremental
backup on all other days of the week at 7 p.m. You are using high-speed backup
devices, and the backups finish within an hour.
On Tuesday, a user from the manufacturing department calls to report that he
overwrote a file the previous day at 2:30 p.m. The file was created on Thursday at
11:30 p.m. and modified on Saturday at 4:15 p.m. That was the last modification to
the user's file before be overwrote it. Which of the following procedures would you
follow to restore the earlier version of the user's file?
Selected Restore the file from the incremental backup from
Answer: Saturday.
Correct Answer: Restore the file from the incremental backup from
Saturday.
Feedback: Because the file was modified on Saturday, it would be included on
Saturday's backup because it was modified on Saturday before the
backup was made. Therefore, to restore the previous version of the
user's file, you can simply restore the file from the incremental
backup performed on Saturday.
The answer “Restore the file from the incremental backup from
Thursday, and then restore the file from the incremental backup from
Sunday” is incorrect. The file would not be included in Thursday's
backup because at the time of the backup the file had not yet been
created. In addition, the file would not be included in Sunday's
backup.
The answer “Restore the file from the incremental backup from
Thursday, and then restore the file from the incremental backup from
Saturday” is incorrect. The file would not be included in Thursday's
backup because at the time of the backup the file had not yet been
created.
The answer “Restore the file from the incremental backup from
Sunday” is incorrect. The file would not be included in Sunday's
backup. (Discussion starts on page 103.)
Selected Power
Answer: Users
Correct Answer: Power
Users
Feedback: Power Users is not a built-in Active Directory group. Backup
Operators, Account Operators, and Network Configuration Operators
are all valid Active Directory groups. (Discussion starts on page 226.)
Question
1 out of 1 points
3
What happens to the local Administrators group when a computer is added to the
domain?
Selected The Domain Admins global group is added to the local
Answer: Administrators group.
Correct The Domain Admins global group is added to the local
Answer: Administrators group.
Feedback: When a computer is added to the domain, the Domain Admins global
group is added to the local Administrators group. It is not possible to
add a local group to a global group, so it is not possible to add the
local Administrators group to the Domain Admins global group. When
a computer is added to the domain, the Domain Admins global group
is not added to the Power Users group. There is no local group called
Computers. (Discussion starts on page 221.)
Question
1 out of 1 points
4
Where do you change the group scope?
Selected Global groups can include only users from within their
Answer: domain.
Correct Answer: Global groups can include only users from within their
domain.
Feedback: Global groups can include only users from within their domain. They
cannot include members from other domains in the tree, the forest, or
anywhere else in the Active Directory structure. (Discussion starts on
page 217.)
Question
1 out of 1 points
8
Which of the following tools do you use to raise the domain functional level of Active
Directory?
Selected Active Directory Domains and
Answer: Trusts
Correct Answer: Active Directory Domains and
Trusts
Feedback: Active Directory Domains and Trusts is used to raise the domain
functional level of Active Directory. None of the other tools listed can
be used for this purpose. (Discussion starts on page 212.)
Question
1 out of 1 points
9
You have installed a new Windows Server 2003 system on your test network. After
completing the installation, you run the Manage Your Server Wizard and configure
the system as a domain controller. There are no other servers on the network. What
will the domain functional level of the system be?
Selected Windows 2000 mixed
Answer:
Correct Answer: Windows 2000 mixed
Feedback: Windows 2000 mixed is the default domain functional level. Windows
2000 native and Windows Server 2003 interim are valid domain
functional levels, but they are not the default domain functional levels.
Windows Server 2003 single server is not a recognized domain
functional level. (Discussion starts on page 212.)
Question
1 out of 1 points
10
A user who is connected to the system via a Remote Desktop connection
automatically becomes a member of what special identity?
Selected
Answer: Interactive
Correct Answer:
Interactive
Feedback: A user who connects to the system via a Remote Desktop
connection automatically becomes a member of the Interactive
special identity. The user does not become part of the Dialup or
Anonymous Logon special identity. Remote Users is not a
recognized special identity. (Discussion starts on page 229.)
Question
1 out of 1 points
11
You are creating a script to streamline the process of adding new groups to Active
Directory. You add the following command to the file:
dsadd group "CN=Sales,CN=Users,DC=contoso,DC=com"
–member "CN=Administrator,CN=Users,DC=contoso,DC=com" -scope g
What is the result of this command?
Selected A global group called sales.users.contoso.com is created, with
Answer: the user Administrator as a member.
Correct A global group called sales.users.contoso.com is created, with
Answer: the user Administrator as a member.
Feedback: The Dsadd command is used to add new groups to Active Directory.
The command creates a new global group called
sales.users.contoso.com, and the user Administrator is made a
member of that group. The answer "The command produces an
error" is incorrect. The syntax and usage of the command is valid.
The answer "A universal group called sales.users.constoso.com is
created, with the user Administrator as a member" is incorrect. The "-
scope g" would cause a global group to be created. The answer "The
user administrator is removed from the sales.users.contoso.com
group, and the scope is changed to global" is incorrect. Group
membership cannot be changed using the Dsadd command.
(Discussion starts on page 239.)
Question
1 out of 1 points
12
Under what circumstances can you convert a global group to a universal group?
Question
1 out of 1 points
1
When creating a new computer account, under what circumstances would you select
the Assign This Computer Account As A Pre–Windows 2000 Computer check box?
Selected The system you are creating an account for is running
Answer: Windows NT 4.
Correct The system you are creating an account for is running
Answer: Windows NT 4.
Feedback: You should select the check box if you are creating a computer
account for a system running Windows NT 4. MS-DOS–based
operating systems such as Windows 98 and Windows Me can log on
to Active Directory with additional client software, but they do not have
a corresponding computer account object in Active Directory.
(Discussion starts on page 251.)
Question
1 out of 1 points
2
If the name of a computer is salesadminsouth07, what is the default pre–Windows
2000 computer name for the system?
Selected salesadminsouth
Answer:
Correct Answer: salesadminsouth
Feedback: The pre–Windows 2000 computer name is automatically generated
using the first 15 characters of the computer name. This makes the
pre–Windows 2000 computer name salesadminsouth. (Discussion
starts on page 251.)
Question
1 out of 1 points
3
On a Windows Server 2003 system, where do you go to join the computer to a
domain?
Selected Control Panel, System, Computer Name
Answer:
Correct Answer: Control Panel, System, Computer Name
Feedback: You join the computer to a domain using the Computer Name tab of
the System Properties dialog box, which is accessed by selecting
System in Control Panel. The computer name cannot be changed in
the Advanced or General tab of the System Properties dialog box.
There is no Network Identification tab in the System Properties dialog
box. (Discussion starts on page 254.)
Question
1 out of 1 points
4
What is the function of the Redircmp.exe command?
Selected You want to have the server collect user credentials and store
Answer: them on the domain controller as an MD5 hash.
Correct None of the more secure authentication options is available.
Answer:
Feedback: You should use Basic Authentication only when a more secure
authentication option is not available.
The answer "The application hosted by the server is written in the
BASIC programming language" is incorrect. The language in which
an application hosted by the system is written does not normally
affect the type of authentication system used.
The answer "You want to have the server collect user credentials and
store them on the domain controller as an MD5 hash" is incorrect.
This statement describes the Digest Authentication For Windows
Domain Servers authentication method.
The answer "You want the username and password for the user
transmitted in the form of a hash that prevents eavesdroppers from
accessing the user's credentials" is incorrect. This describes
Integrated Windows Authentication. (Discussion starts on page 312.)
Question
1 out of 1 points
16
True or False: If a user is assigned the Read NTFS permission to a file, and a group
of which the user is a member is denied all rights to the file, the user can still open
the file.
Selected False
Answer:
Correct Answer: False
Feedback: Denied permissions override allowed permissions, so if a group of
which the user is a member is denied access to a file, that permission
assignment cancels out the Read permission assigned directly to that
user. (Discussion starts on page 279.)
Question
0 out of 1 points
17
You have configured a virtual directory alias of info for the E:\sales\information
folder on the server. The Web site hosted by the server is www.contoso.com. Which
of the following URLs do you use to access the virtual directory?
Selected
Answer: www.contoso.com/information
Correct Answer: www.contoso.com/info
Feedback: The virtual directory alias feature allows you to specify a directory in
another location on the network that will appear as a subdirectory of
a Web site. If the virtual directory alias is info and the main Web site
is www.contoso.com, the URL for the virtual directory is
www.contoso.com/info. All of the other answers are incorrect.
(Discussion starts on page 311.)
Question
1 out of 1 points
18
To view the ownership, permissions, and attributes of a file, what is the minimum
standard NTFS permission required?
Selected
Answer: Read
Correct Answer:
Read
Feedback: The minimum permission required to view the ownership,
permissions, and attributes of a file is the NTFS Read standard
permission. The Read & Execute, Modify, and Full Control standard
permissions all grant more rights than those required to view the
ownership, permissions, and attributes of a file. (Discussion starts on
page 296.)
Question
0 out of 1 points
19
You are configuring IIS on a Windows Server 2003 system. After creating a new
home page for your corporate intranet, you want to make it available to users. You
are not using redirection of any kind. Where do you place the file?
Selected C:\IIS\WWWROOT
Answer:
Correct Answer: C::\INETPUB\WWWROOT
Feedback: By default, IIS looks in the C:\INETPUB\WWWROOT folder for pages
that comprise the default Web site. If you have created a new home
page, you place it in this directory. All of the other answers are
incorrect. (Discussion starts on page 309.)
Question
1 out of 1 points
20
You want a user to take ownership of a file or folder that she did not create. Which
of the following groups do you not add her to?
Selected Creator/Owner special
Answer: identity
Correct Answer: Creator/Owner special
identity
Feedback: You cannot amend the membership of special identity groups such
as Creator/Owner. By default, the Default Domain Controllers Policy
GPO grants all of the other groups listed the Restore Files And
Directories user right, which in turn grants the ability to take
ownership of a file. However, the appropriateness of making the user
a member of one of these groups depends on policy and best
practice. (Discussion starts on page 304.)
Question
1 out of 1 points
21
Which of the following Net commands do you use to create a new share called DEV
from the C:\development folder and allow up to five users to access the share at a
time?
Selected net share DEV=c:\development /grant:users, read
Answer: /users:5
Correct Answer: net share DEV=c:\development /grant:users, read
/users:5
Feedback: The correct use of the Net command to create a share is net share
sharename=directorypath. The /grant:principals switch is used to
specify what security principals are assigned access and what
permissions are assigned. The /users:numusers switch is used to
specify how many users are allowed to access a share at one time.
All of the other answers are incorrect. (Discussion starts on page
288.)
Question
0 out of 1 points
22
A user called JohnP is experiencing problems deleting a file out of a folder on the
server. Ordinarily he just opens the file—a report generated by the database hosted
on the system—but in this case, the file has become corrupted and he needs to
delete it. JohnP cannot delete the file, even though he believes he should be able
to. You determine that he is accessing the report through a share called REPORTS,
which was created on a folder called E:\REPORTS. When you investigate, you find
the following permission assignments:
Share Permissions on REPORTS:
Everyone - Read
NTFS Permissions on E:\REPORTS:
Everyone - Read & Execute
Sales - Modify
JohnP - Full Control
What are JohnP's effective permissions to the folder E:\REPORTS?
Selected Read & Execute
Answer:
Correct Answer: Read
Feedback: When you calculate effective permissions on a folder that is
accessed via a share, the most restrictive permission applies. In this
case, the share permission for JohnP is Read by virtue of his
membership in the Everyone special identity. As a member of the
Sales group and the Everyone special identity, JohnP receives the
Modify and Read & Execute NTFS permissions, but both of these are
superseded by JohnP having the Full Control NTFS permission.
However, the effective permission is dropped down to Read because
the share permission is the most restrictive and thus becomes
effective. All of the other answers are incorrect. (Discussion starts on
page 279.)
Question
0 out of 1 points
23
You are the network administrator for a marketing company in Pensacola. One
morning, you receive a call from a user called Psmith in the Marketing department
who is experiencing problems accessing a spreadsheet in a folder. According to
your system documentation, which is up to date, Psmith is a member of the
Marketing group but holds no other group memberships. You check the permissions
to the folder and see the following entries in the ACL:
Sales - Deny All
Psmith - Read
Sjones - Modify
Everyone - Write
Based on the entries in the ACL, what should Psmith be able to do with the file?
Selected [None Given]
Answer:
Correct Answer: Open the file, make changes, and save it as a new
file.
Feedback: Psmith receives the Read permission from his user permission
assignment and the Write permission from his membership in the
Everyone special identity. These nonrestrictive permissions result in
him receiving the greatest set of permissions, which in this case is
Write. With the Write permission, Psmith can open the file, make
changes to it, and save it as a new file.
The answer "Open the file but not make any changes" is incorrect. It
would be correct only if the user did not receive the Write permission
as part of the Everyone special identity.
The answer "Open the file but not save it as a new file" is also
incorrect, for the same reason.
The answer "He should not be able to open the file" is also incorrect.
The user is not a member of the Sales group, which is denied all
access, so he has at least the Read permission assigned to his user
account. (Discussion starts on page 279.)
Question
0 out of 1 points
24
A user is assigned the Change share permission to the \\SERVER2\DATA share
that represents the C:\Data folder on Server2. The user connects to the DATA share
across the network and opens a file from the \\SERVER2\DATA\SALES folder. He
then decides that he no longer needs that file, and he tries to delete it. However, he
is unable to do so and receives an error. Which of the following is a possible
explanation for this?
Selected [None Given]
Answer:
Correct Answer: NTFS permissions are restricting the user's access to the
folder.
Feedback: Of the answers listed, the only possible explanation for this situation
is that NTFS permissions are restricting the user's access to the
folder. When share and NTFS permissions are combined, the most
restrictive permission applies. In this scenario, the user might have
been assigned an NTFS permission that is more restrictive than the
Change share permission, either as a user or as a member of a
group. This would prevent the user from deleting the file.
The answer "The user is a member of a group that is assigned the
Read share permission to the DATA share" is incorrect. The user's
membership in this group would have no effect. The user's Change
permission would be effective because share permissions combine to
provide the highest level of access, which in this case is Change.
The answer "Share permissions on the SALES folder in the DATA
share are preventing the user from deleting the file" is incorrect.
When you connect to a share across the network, shared folder
permissions apply to the share and thus any folders that are
subfolders of the folder that is shared. You cannot apply a different
set of share permissions to the subfolders of the share without
creating a new share at that point. Even then, the user must connect
directly to that new share point to be subject to those share
permissions.
The answer "The user is a member of a group that has been denied
all permissions to the DATA share" is not a possible explanation.
Deny permissions overri
Question
0 out of 1 points
25
You are configuring permissions for users on your network. If a user is assigned the
Modify NTFS permission to the C:\DATA folder and the Read permission to the
C:\DATA\SALES folder, what is the user's effective permission to the C:\DATA
\SALES folder, assuming that no other NTFS permission or share permission
assignments have been made and that permission inheritance is not blocked?
Selected [None Given]
Answer:
Correct Answer: Read.
Feedback: An explicit permissions assignment overrides a permission
assignment at a higher level in the directory tree. In this case, the
Read permission assigned to the user on the C:\DATA\SALES folder
overrides the Modify permission assignment on the C:\DATA folder.
Therefore, the user's permissions are Read to the C:\DATA\SALES
folder.
The answer "Modify" is incorrect. If no subsequent permission
assignment was made, the user's permission would be Modify (as
long as permission inheritance had not been blocked).
The answer "Full Control" is incorrect. In this case, the most
permissive permission assigned is Modify. No circumstances in this
scenario would grant the user Full Control permissions.
The answer "There is insufficient information to answer this question"
is incorrect. There is sufficient information to answer this question.
(Discussion starts on page 279.)
Question
0 out of 1 points
26
You are the network administrator for a publishing company in San Diego. One
morning, a user calls to complain that he cannot delete a file from a shared folder.
You locate the folder, and in the Advanced Security Settings dialog box, you select
the Effective Permissions tab. You see that the user should indeed be able to delete
the file. Which of the following might be the cause of the problem?
Selected [None Given]
Answer:
Correct The effective permissions display does not factor in share
Answer: permissions.
Feedback: The effective permissions calculations made in the Effective
Permissions tab of the Advanced Security Settings dialog box factor
in only NTFS permissions and do not include share permissions,
which might be more restrictive. All of the other answers are
incorrect. Explicit permissions to groups, explicit permissions to
users, and explicit memberships in domain local groups are
considered in the effective permissions calculations. (Discussion
starts on page 303.)
Question
0 out of 1 points
27
You have just taken over as the network administrator for a paper manufacturer in
Springfield, Ohio. You are in the process of implementing a new file structure to
better accommodate users' needs and make file access more secure. Today, you
are working on the E:\SALES folder structure, which is used by the 65 users in the
Sales department. All 65 users need the ability to read files in the folder and run
programs from that folder. In addition, three managers need the ability to edit and
delete files in that folder. All of the users and managers in the Sales department are
members of the SALES group. Which of the following statements best describes
how to configure permissions to meet these requirements?
Selected [None Given]
Answer:
Correct Create a share, and assign the Full Control share permission to
Answer: the SALES group. Assign the SALES group the NTFS Read &
Execute permission. Assign the three managers in the Sales
department the NTFS Modify permission.
Feedback: Creating a share and assigning the Full Control share permission to
the SALES group eliminates the share as a restrictive permission
source for members of the group. Assigning the SALES group the
NTFS Read & Execute permission then grants the users in the
SALES group the rights needed to open files and run programs.
Finally, giving the NTFS Modify right to the three managers allows
them to read, write to, and delete files in the folder.
The answer "Create a share, and assign the Modify share permission
to the SALES group. Assign the SALES group the NTFS Read &
Execute permission. Assign the three managers in the Sales
department the NTFS Modify permission" is incorrect. The available
permissions for a share are Read, Change, and Full Control. Modify
is not a valid share permission.
The answer "Create a share, and assign the Read share permission
to the SALES group. Assign the SALES group the NTFS Read &
Execute permission. Assign the three managers in the Sales
department the NTFS Modify permission" is incorrect. If you assign
the Read permission to the Share for the SALES group, it becomes
the most restrictive permission. Granting any level of NTFS
permissions above Read has no effect.
The answer "Create a share, and assign the Full Control share
permission to the SALES group. Assign the SALES group the NTFS
Read permission. Assign the three managers in the Sales
department the NTFS Modify permission" is incorrect. Assigning only
the NTFS Read permi
Question
0 out of 1 points
28
You are the network administrator for a small furniture manufacturing company in
Portland, Oregon. The network comprises three Windows Server 2003 systems, all
of which are configured as domain controllers. Each server has three disk drives in
it. One drive is dedicated to the system and boot partition, and the other two drives
hold the company sales order-processing database. All of the drives use NTFS.
One day, a user reports that she has been configuring a folder that she created,
removing all of the users, including herself, from the ACL. Now she is unable to
access the files in the folder. How do you restore her access to the files in the
folder?
Selected [None Given]
Answer:
Correct Answer: Have the user assign herself permission to the folder
again.
Feedback: When a user creates a file or folder, she automatically becomes the
owner of that file. The owner of a file or folder has the right to modify
the ACL, which is how the user was able to edit the ACL in the first
place. Even though she cannot see the files in the folder, she can still
access and edit the ACL for the folder and add herself and other
users back into it.
The answer "Restore the folder and its files from a backup taken
before the user made the changes" is incorrect. There is no need to
do this to restore access to the files.
The answer "Retake ownership of the folder, and reassign
permissions to the users as necessary" is incorrect. There is no need
to perform this action to restore the users' access to the files.
The answer "Assign the user to the Creator/Owner special identity so
she can edit the ACL" is incorrect. You cannot edit the membership
of a special identity such as Creator/Owner. (Discussion starts on
page 304.)
Question
0 out of 1 points
29
You are the network administrator for a small craft supplies wholesaler in Memphis.
You have a single server running Windows Server 2003. You are using the FAT file
system and rely on share permissions to control access to data. You share out the
E:\SALES folder as SALES and assign the Sales group the Full Control share
permission. You then share out the E:\SALES\REPORTS folder as REPORTS and
assign the Sales group the Read permission to the share. Which of the following
actions can users not take on a file in the E:\SALES\REPORTS folder if they
connect to the SALES share?
Selected [None Given]
Answer:
Correct Answer: Change the permissions on a
file
Feedback: The ability to change file permissions is granted by the Full Control
share permission, but file permissions (NTFS) are available only on
drives that use the NTFS file system. In this case, you are using FAT,
so even though you have the Full Control share permission (by virtue
of the fact that you connected through the SALES share), you still
cannot configure file permissions. All of the other answers are
incorrect. You can open a file, delete a file, or change the attributes
of a file because your effective permissions are those granted at the
share from which you entered the file system. Even if you enter
another folder that is shared out, you are still subject to the
permissions granted at the share where you entered. (Discussion
starts on page 292.)
Question
0 out of 1 points
30
You are troubleshooting a file access problem reported by a user called SallyJ from
the Sales department. As a member of that department, she is a member of the
Sales group. She is connecting to a shared folder called DATA, which is shared on
the E:\DATA folder. You examine the share permissions and NTFS permissions on
the folder and see the following:
Share permissions for DATA share:
Sales - Change
NTFS permissions for E:\DATA folder:
Sales - Write
SallyJ - Read&Execute
No permissions are applied to any files in the folder. What should SallyJ be able to
do in the folder?
Selected [None Given]
Answer:
Correct Answer: Open files, make changes to those files, and create new
files.
Feedback: SallyJ's effective permission is Write because, although it is the more
powerful of the NTFS permissions, it is the most restrictive
permission of the share and NTFS permissions. Therefore, it
becomes the effective permission for SallyJ. The Write NTFS
permission allows you to open a file, make changes to that file, and
create new files. All of the other answers are incorrect. (Discussion
starts on page 291.)
Question
0 out of 1 points
31
You are the network administrator for a plumbing hardware wholesaler in
Rochester, New York. The network comprises two Windows Server 2003 systems,
both of which are domain controllers. Each server has two disk drives in it, one that
holds the system and boot partitions and another, called STORAGE, that is used to
store the company's sales order-processing database, inventory database, and
files. Four shares have been created on the server: SALES, INVENTORY, DATA,
and ARCHIVE. The permissions on the shares are set to Full Control for the
Everyone special identity. Folders in the shares are controlled via NTFS
permissions.
One Monday, you arrive at work to find that the STORAGE drive has failed.
Fortunately, your regular supplier is able to deliver a replacement drive within an
hour, and you install it in the server. After formatting the drive, You restore the data
from the previous night's backup and then perform a quick check to make sure the
data restore is successful. It is, so you inform users that they can use the sales
order-processing system and the inventory database. However, it quickly becomes
apparent that users cannot access either of these applications—they receive
CANNOT READ DATAFILE errors when they try to start either application. Which of
the following might be the cause of the problem?
Selected [None Given]
Answer:
Correct The shares that the users used to connect to the server
Answer: were removed.
Feedback: One disadvantage of using shares is that share information is not
included in a backup. Therefore, if you have to restore from a
backup, you must re-create shares, and the appropriate share
permissions, before users can access data via the shares.
The answer "The NTFS permissions on the folders were reset to
Read for the Everyone special identity during the restore process" is
incorrect. NTFS permissions are restored intact. They would not
change from their state when the folder was backed up.
The answer "The ACLs for the folders were re-created by the restore
process and are now empty" is incorrect. ACLs are not re-created by
the restore process.
The answer "The shares that the users used to connect to the server
were automatically set to deny access to the Everyone special
identity, as a security precaution" is incorrect. This is not the cause of
the problem. (Discussion starts on page 291.)
Question
0 out of 1 points
32
You are the network administrator for a small company that develops integrated
circuit chips for mobile communications manufacturers. The company network
comprises a single Windows Server 2003 system that provides file and print
services to the company's 25 users. Three of the users are working on a top-secret
project. They require a folder on the server that only they can access. Auditing is
enabled on the server, but the manager wants to make sure that no one, including
the Administrator, can access the files except the three engineers working on the
project.
The manager asks you to remove all entries from the ACL for the folder for users,
groups, and special identities other than the three engineers. Will this prevent all
others from seeing or opening the files in the folder?
Selected [None Given]
Answer:
Correct No. Someone else might be able to open or see the files, but
Answer: you will be able to tell if this has occurred.
Feedback: Any user who is a member of the Backup Operators or Server
Operators group can take ownership of a file because they are given
this right via the Default Domain Controllers Policy GPO. However, if
a user in this group takes ownership of the file and opens it, you will
be able to tell because the ownership of the file will change and the
event will be recorded by the auditing process. (Discussion starts on
page 304.)
Question
0 out of 1 points
33
You have configured a share for the Sales department called REPORTS and
assigned all of the users in the department the Read share permission. You have
also selected the All Files And Programs That Users Open From The Share Will Be
Automatically Available Offline option in the Offline Settings dialog box. What
happens if a user has a report open from the REPORTS share and the server
becomes unavailable?
Selected [None Given]
Answer:
Correct Answer: The files will be available offline but will have no security
on them.
Feedback: When the All Files And Programs That Users Open From The Share
Will Be Automatically Available Offline option is selected, any file that
the user is working on is cached locally, but security that would be
offered by the share is lost. Therefore, in this scenario the user will
be able to access the files and work on them while the server is
down, but the files will have no security on them.
The answer "The files will be available offline, but access to the files
will be controlled by the share permissions just as if they were being
accessed from the server" is incorrect. The share permissions would
no longer be effective.
The answer "The files will be available offline, but only if a connection
can be established to a domain controller that can verify the entries
in the ACL" is incorrect. Share permissions are not stored in the ACL
of a file.
The answer "The files will not be available offline" is incorrect. If the
All Files And Programs That Users Open From The Share Will Be
Automatically Available Offline option is selected in the Offline
Settings dialog box, the user will still be able to read the file if a
connection to the server is lost. (Discussion starts on page 289.)
Question
0 out of 1 points
34
You are the network administrator for a charity based in Dallas, Texas. You have a
single Windows Server 2003 system, running Active Directory, that provides file and
print server services to 50 users. The system was donated by a local business, and
while it is powerful enough for your needs, storage capacity on the server is limited.
Your manager has assured you that as soon as funds become available, you will be
able to purchase an additional disk drive, but in the meantime he has asked you to
use any available means to control the storage situation. As a result, you have
implemented disk quotas so that one user cannot monopolize all the available disk
space.
After creating a new directory structure for a user and copying a number of large
files from the user's workstation to the server, you want to make sure the files are
counted toward the user's disk quota. Which approach are you most likely to use?
Selected [None Given]
Answer:
Correct While logged on as a user account that is a member of the
Answer: Server Operators group, assign ownership of the files to the user.
Feedback: Of the approaches listed, the simplest is to assign ownership of the
files to the user. To do this, you must be logged on with an account
that has the Restore files and directories user right. Members of the
Server Operators group have this right, as do members of the
Administrators and Backup Operators groups.
The answer "Make the user a member of the Administrators group,
which allows her to take ownership of the files. Once she has done
that, remove her from the Administrators group" is valid, but it is not
the most likely approach.
The answer "Make the user a member of the Creator/Owner special
identity to allow her to take ownership of the files" is incorrect. You
cannot modify the membership of the Creator/Owner special identity.
The answer "Give the user the Modify NTFS permission so she can
take ownership of the files" is incorrect. The Modify NTFS permission
does not allow the security principal in possession of the right to take
ownership of a file or folder. (Discussion starts on page 304.)
Selected Manage
Answer: Properties
Correct Answer: Manage
Properties
Feedback: Manage Properties is not a standard printer permission on Windows
Server 2003. Print, Manage Printers, and Manage Documents are all
standard permissions on Windows Server 2003. (Discussion starts on
page 335.)
Question
1 out of 1 points
2
Where do you look to see if a printer is in offline mode?
Selected Ports
Answer:
Correct Answer: Ports
Feedback: Printer pooling is configured in the Ports tab of a printers properties.
All of the other answers are incorrect. (Discussion starts on page 338.)
Question
1 out of 1 points
4
Which of the following UNC paths do you use to connect to the LASERJ printer on
the SALES6 server?
Selected \\SALES6\LASERJ
Answer:
Correct Answer: \\SALES6\LASERJ
Feedback: Standard UNC naming is \\servername\sharename. In this case,
because you are connecting to the LASERJ printer on the SALES6
server, the correct UNC path is \\SALES6\LASERJ. (Discussion starts
on page 332.)
Question
1 out of 1 points
5
In what tab of a printer's properties do you configure redirection of print jobs?
Selected Ports
Answer:
Correct Answer: Ports
Feedback: Printer redirection is configured in the Ports tab of a printer's
properties. It cannot be configured in the Advanced, Device Settings,
or General tab. (Discussion starts on page 340.)
Question
1 out of 1 points
6
Where do you look to see error messages related to the spooler service?
COMPUTER NETWORK TECH 55 SEC 093 (31251) SPRING 2009 (L2009SP-CNT-55-093-31251) > COURSE MATERIALS > REVIEW
ASSESSMENT: TEST12