|
70-290
Q. 1 You are the network administrator for abc. The network
consists of a single Active Directory domain abc.com. All domain
controllers run Windows Server 2003. Users who enter an invalid
password more than twice in one day must be locked out.
You need to configure domain account
policy settings to enforce this rule. Which two actions should you
perform? (Each correct answer presents part of the solution. Choose
two)
A. Set
the minimum password age to one day.
B. Set
the maximum password age to one day.
C. Change
the Enforce password history setting to three passwords remembered.
D. Change
the Account lockout duration setting to 1440 minutes.
E. Change
the Account lockout threshold setting to three invalid logon
attempts.
F. Change
the Reset account lockout counter after setting to 1440 minutes.
Answer: E, F
Q. 2 You are the network administrator for abc. The network
consists of a single Active Directory domain abc.com. All domain
controllers run Windows Server 2003, and all client computers run
Windows XP Professional. abc acquires a
subsidiary. You receive a comma delimited file that contains the
names of all user accounts at the subsidiary. You need to import
these accounts into your domain. Which command should you use?
A. ldifde
B. csvde
C.
ntdsutil with the authoritative restore option
D. dsadd
user
Answer: B
Q. 4 You are the network administrator for abc. The network
consists of a single Active Directory domain named abc.com. The
domain contains Windows Server 2003 computers and Windows XP
Professional computers. All confidential
company files are stored on a file server named abc1. The written
company security states that all confidential data must be stored
and transmitted in a secure manner. To comply with the security
policy, you enable Encrypting File System (EFS) on the confidential
files. You also add EFS certificates to the data decryption field (DDF)
of the confidential files for the users who need to access them.
While performing network monitoring, you notice that the
confidential files that are stored on abc1 are being transmitted
over the network without encryption. You must ensure that encryption
is always used when the confidential files on abc1 are stored and
transmitted over the network. What are two possible ways to
accomplish this goal? (Each correct answer presents a complete
solution. Choose two).
40
A.
Enable offline files for the confidential files that are stored on
abc1, and select the Encrypt offline files to secure data check box
on the client computers of the users who need to access the files.
B.
Use IPSec encryption between abc1 and the client computers of the
users who need to access the confidential files.
C.
Use Server Message Block (SMB) signing between abc1 and the client
computers of the users who need to access the confidential files.
D.
Disable all LM and NTLM authentication methods on abc1.
E.
Use IIS to publish the confidential files. Enable SSL on the IIS
server. Open the files as a Web folder.
Answer: B, E
Q. 5 You are the network administrator for abc. Your network
consists of a single Active Directory domain named abc.com. All
network servers run Windows Server 2003. Each domain controller
contains one disk that is configured with both the system partition
and the boot partition. Every day, you
use custom software to perform a fall backup of user profiles and
user dat A. The custom backup software provides a bootable floppy
disk that includes the drivers for the backup medi A.
Every Sunday, you run the Automated System Recovery (ASR) wizard on
your domain controllers in conjunction with removable backup medi A.
Data is backed up in a file named Backup1.bkf. One Monday morning,
you install a new application on a domain controller named
abcDC1. When you restart abcDC1, you
receive the following error:
“NTLDR is missing. Pres any key to restart.”
You need to bring abcDC1 back online as quickly as possible.
What should you do?
A.
Restart abcDC1 by using the installation CD-ROM. Reinstall the
operating system and restore the contents of the latest full backup
by using the Restore wizard. Restart abcDC1.
B.
Restart abcDC1 by using the installation CD-ROM. Restore the
contents of Backup1.bkf by using the ASR disk. Restart abcDC1.
C.
Restart abcDC1 by using the bootable floppy disk. Copy the contents
of Backup1.bkf from the backup media to C:\winnt. Restart abcDC1.
D.
Restart abcDC1 by using the bootable floppy disk. Copy the contents
of the ASR disk to C:\. Restart abcDC1.
Answer: B
Q. 6 You are the network administrator for abc. The network
consists of a single Active Directory domain named abc.com. All five
domain controllers run Windows Server 2003, and all client computers
run Windows XP Professional. The domain’s
audit policy ensures that all account logon events are audited. A
temporary employee named abc uses a client computer named abc1. When
abc’s temporary assignment concludes, his employment is terminated.
Now you need to learn the times and dates when abc logged on to the
domain. You need to accomplish this goal by reviewing the minimum
amount of information. What should you do?
A.
Log on to abc1 as a local Administrator. Use Event Viewer to view
the local security log. Use the Find option to list only the events
for abc’s user account.
B.
Log on to abc1 as a local Administrator. Use Event Viewer to view
the local security log. Use the Find option to list only the events
for the abc1 computer account.
C.
Use Event Viewer to view the security log on each domain controller.
Use the Find option to list only the events for abc’s user account.
D.
Use Event Viewer to view the security log on each domain controller.
Set a filter to list only the events for abc’s user account.
E.
Use Event Viewer to view the security log on each domain controller.
Set a filter to list only the events for the abc1 computer account.
47
Answer: D
|
