Presentation on theme: "70-296 Microsoft Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Environment for a W2K MCSE Visit:"— Presentation transcript:
Microsoft Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Environment for a W2K MCSE Visit: Pass4sureofficial.com is a reputable IT certification examination guide, study guides and audio exam provider, we not only ensure that you pass your exam in first attempt, but also you can get a high score to acquire Microsoft certification. If you use pass4sureofficial Certification questions and answers, you will experience actual exam questions/answers. We know exactly what is needed and have all the exam preparation material required to pass the exam. Our Microsoft exam prep covers over 95% of the questions and answers that may be appeared in your exam. Every point from pass4sure PDF, review will help you take Microsoft exam much easier and become Microsoft certified. All the Questions/Answers are taken from real exams. Here's what you can expect from the Pass4sureOfficial Microsoft course: * Up-to-Date Microsoft questions taken from the real exam. * 100% correct Microsoft answers you simply can't find in other courses. * All of our tests are easy to download. Your file will be saved as a PDF. * Microsoft brain dump free content featuring the real test questions. Microsoft certification exam is of core importance both in your Professional life and Microsoft certification path. With Microsoft certification you can get a good job easily in the market and get on your path for success. Professionals who passed Microsoft exam training are an absolute favorite in the industry. You will pass Microsoft certification test and career opportunities will be open for you.
QUESTION 1: You work as the network administrator at Certkiller.com. The Certkiller.com network consists of a single Active Directory forest. The functional level of the forest is set at Windows Server The Certkiller.com network contains a file server named Certkiller -SR07 that hosts a shared folder in a child domain in Certkiller.com's forest. Certkiller.com has a sister company that has its own Active Directory forest. You need to ensure that users, who belong to a child domain in the sister company's Active Directory forest, are provided with access to the shared folder in the child domain in Certkiller.com's Active Directory forest. You also need to ensure that these users are unable to access any other resources in Certkiller.com's forest.any other resources in Certkiller.com's forest. What should you do? A. You have to create an external trust, and configure it with the selective authentication trust, and configure it with the selective auth option. B. You have to create a forest trust, and configure it with the domain-wide authenticationust, and configure it with the domain-wide auth option. C. You have to create an external trust, and configure it with the domain-wide trust, and configure it with the domain-wide authentication option. D. You have to create a forest trust, and configure it with the selective authenticationust, and configure with the selective authenti option. Answer: A Explanation: An external trust is always nontransitive, and can be either one-way or two-way. This type of trust is used to create a relationship between a Windows Server 2003 domain and one running Windows NT 4.0. It can also be used to connect two domains that are in different forests, and don't have a forest trust connecting them. In this scenario, you have to create outgoing external trust from the domain where the file server is located to the sister company's domain where the users require access to a resource in Certkiller.com's forest. This will allow users from the sister company's domain to authenticate directly to Certkiller.com's resource domain. Selective authentication allows users from a trusted domain to authenticate only to those resources to which they are explicitly allowed to authenticate. Incorrect Answers: B, D: A forest trust is appropriate when users from multiple domains in one forest require access to resources in multiple domains in another forest. C: Configuring Domain-wide authentication would provide users from trusted domains the same level of access to local resources that local users have. QUESTION 2:
You work as the network administrator at Certkiller.com. The Certkiller.com network consists of a single Active Directory domain named Certkiller.com. All servers on the Certkiller.com network run Windows Server 2003 and all client computers run Windows XP Professional. A new Certkiller.com security policy requires that all user passwords expire every 45 days. You configure a password policy that meets this requirement in a new Group Policy object (GPO) linked to the Certkiller.com domain. Users are now prompted to change their passwords on a regular basis. While performing a maintenance procedure on a domain controller three months later, you restart the domain controller in Directory Services Restore Mode (DSRM) and discover that the old administrative password still works. You need to ensure that DSRM password is changed on this domain controller. What should you do? A. You have to configure the password policy in the Default Domain Controllers Policyssword policy in the Default Domain Controlle GPO in normal mode. B. You should reset the password for the local Administrator account in normal mode using for the local Administrator account in norma Computer Management. C. You have to configure the password policy in the Default Domain Policy GPO inssword policy in the Default Domain Policy GP normal mode. D. You should reset the DSRM password in normal mode using the Ntdsutil utility.password in normal mode using the Ntdsutil ut Answer: D Explanation: DSRM is a special mode in which a domain controller is started as a mode in which domain controller is started stand alone server, and the Active Directory service is not activated. DSRM is used Directory service is not activated. DSRM is to troubleshoot or perform maintenance on the Active Directory database. Duringenance on the Active Directory database. Duri Active Directory installation, an administrator can stet a password that a user must provide in order to log on to the computer in DSRM. To reset this password, you can use the Ntdsutil utility when the domain controller is operating in normal mode. The DSRM password cannot be reset when a computer is started in DSRM. Incorrect Answers: A, C: Password policies that are configured in GPOs cannot be used to specify passwords and do not affect DSRM passwords on domain controllers. B: No local user accounts exist on domain controllers, so the Local Users and Groups node will not appear in the Computer Management console on a domain controller. QUESTION 3: SIMULATION You work as the network administrator at Certkiller.com. The Certkiller.com network consists of a single Active Directory domain named Certkiller.com. All servers on the Certkiller.com network run Windows Server 2003 and all client computers run Windows XP Professional.
The Certkiller.com network contains a Web server named Certkiller -SR05 that hosts Certkiller.com's default Web site to which you have assigned a Web server certificate. You have created a virtual directory off the default Web site called WebApp. Only users with a valid certificate should be allowed to access WebApp, and only https should be used to make connections to WebApp. A freelancer named Rory Allen recently accessed WebApp from a client computer with the IP address of /26. You are informed that users from that particular subnet should not be allowed to access WebApp any longer. You need to ensure that the appropriate configuration changes are made, while also ensuring that these changes do not affect access to the default web site or any of the other virtual directories. What should you do? To answer, configure the appropriate options to meet these requirements in the simulation. Answer: Explanation: Open Administrative Tools by clicking Start, Programs, and then Administrative Tools;icking Start, Programs, and then Administrativ or Start, Control Panel, and then Administrative Tools. Administrative Tools. In Administrative Tools, open Internet Information Services (IIS) Manager to open the IIS Management console.
In the right-hand pane of the IIS console, expand the Certkiller -SR05 (local computer) console, expand the Certkiller -SR05 (local co node, the Web Sites node, and then the Default Web Site node.hen the Default Web Site node. Under the Default Web Site node, right-click on WebApp and select Properties from the pop-up menu.
In the WebApp Properties dialog box that appears, click on the Directory Security tab. box that appears, click on the Directory Secur In the Secure Communications section of the Directory Security tab, click the Edit button to open the Secure Communications dialog box.
In the Secure Communications dialog box, select the Require SSL check box and theialog box, select the Require SSL check box a Require client certificates radio button. Then click OK.button. Then click OK. In the Authentication and Access Control section of theDirectory Security tab, click the Edit button to open the Authentication Methods dialog box.
In the Authentication Methods dialog box, clear the Enable Anonymous Access checkialog box, clear the Enable Anonymous Acces box and click OK. In the IP Address and Domain Name Restrictions section of theDirectory Security tab, click the Edit button to open the IP Address and Domain Name Restrictions dialog box.
In the IP Address and Domain Name Restrictions dialog box, select the Granted Accessame Restrictions dialog box, select the Grante radio button next to the By default all computers will be: option and click the Add button all computers will be: option and click the A in the Except the following: section.ion. In the Deny Access dialog box that appears, select the Group of Computers radio button and enter the network address in the Network ID text box, and enter in the subnet mask text box. Then click OK to close the Deny Access dialog box.
Click OK on the IP Address and Domain Name Restrictions dialog box to close the IP Domain Name Restrictions dialog box to clos Address and Domain Name Restrictions dialog box.rictions dialog box. Finally, click OK on the WebApp Properties dialog box to close the WebApp Properties dialog box Explanation: In this scenario, the WebApp virtual directory has been created off the default Web site, which has a Web server certificate assigned to it. You have to ensure that users connect to WebApp using only https. You have to configure this restriction on the WebApp virtual directory, not the default Web site. Enabling Require SSL and will ensure that users use only https. Enabling Require client certificates and clearing the that only users withEnable Anonymous Access check box will ensure that only users with valid certificates are able to access WebApp. Configuring restrictions for the IP address and mask will ensure that users on the same subnet as the computer that Rory Allen used to access WebApp are not allowed to access WebApp any longer.bApp any longer.
Pass4SureOfficial.com Lifetime Membership Features; Pass4SureOfficial Lifetime Membership Package includes over 2500 Exams. All exams Questions and Answers are included in package. All Audio Guides are included free in package. All Study Guides are included free in package. Lifetime login access. Unlimited download, no account expiry, no hidden charges, just one time $99 payment. Free updates for Lifetime. Free Download Access to All new exams added in future. Accurate answers with explanations (If applicable). Verified answers researched by industry experts. Study Material updated on regular basis. Questions, Answers and Study Guides are downloadable in PDF format. Audio Exams are downloadable in MP3 format. No authorization code required to open exam. Portable anywhere. 100% success Guarantee. Fast, helpful support 24x7. View list of All exams (Q&A) downloads View list of All Study Guides (SG) downloads View list of All Audio Exams (AE) downloads Download All Exams Samples To purchase $99 Lifetime Full Access Membership click here 3COM ADOBE APC Apple BEA BICSI CheckPoint Cisco Citrix CIW CompTIA ComputerAssociates CWNP DELL ECCouncil EMC Enterasys ExamExpress Exin ExtremeNetworks Filemaker Fortinet Foundry Fujitsu GuidanceSoftware HDI Hitachi HP Huawei Hyperion IBM IISFA Intel ISACA ISC2 ISEB ISM Juniper Legato Lotus LPI McAfee McData Microsoft Mile2 NetworkAppliance Network-General Nokia Nortel Novell OMG Oracle PMI Polycom RedHat Sair SASInstitute SCP See-Beyond SNIA Sun Sybase Symantec TeraData TIA Tibco TruSecure Veritas Vmware