Wednesday, November 30, 2011

Free Avaya 6401-1 Exam Q & A / Study Guide

Cisco CCNA Training, Cisco CCNA Certification

Best Avaya Certification Training and Avaya Exams Training and more Avaya exams log in to Certkingdom.com


QUESTION 1
You want to install ContactStore on a PC separate from the VoiceMail Pro PC . Which three steps
would you need to complete for ContactStore to function separately? (Choose three.)

A. Verify that the Voice Recording Library on the VoiceMail Pro server is shared on the customer’s network.
B. Verify that the ContactStore service has read and write permissions to the Voice Recording Library Share.
C. Verify that the ContactStore registry settings have been updated to see the Voice Recording Library share.
D. Verify that the VoiceMail Pro registry settings have been updated to point to the Voice Recording Library share.
E. Verify that the ContactStore licenses have been loaded onto the PC running the ContactStore application.

Answer: A,B,E

Reference: http://www.carrollcommunications.com/contact_store.html


QUESTION 2
A remote user wants to gain access to the network when using the RAS server.
Under which two conditions would you create an IP route? (Choose two.)

A. when the remote user’s dial-up connection method contains a DHCP address that is on a different subnet
B. when the user is on the same subnet as the IP Office
C. when the remote user’s dial-up connection method contains a static IP address that is on a different subnet
D. when the IP Office’s DHCP mode is set to Server or Dial In and the PC connection method is set to obtain an IP Address Automatically

Answer: A,C

Explanation:


QUESTION 3
A user (ext. 199) reports that their IMS client displays an error message when attempting to ring a
phone. What are three reasons that would prevent the IMS program from calling the phone?
(Choose three.)

A. The user profile in Manager has “199″ entered as the user name.
B. The phone is set for “Do Not Disturb”.
C. The user’s “Multi Line Option” is set to “Answer Pre-select”.
D. The user mailbox is set to “Blank” under Outlook Tools/Integrated Messaging.
E. The user’s profile has “System Phone” is set to “On”.

Answer: A,B,D

Explanation:


QUESTION 4
Click the Exhibit button.

A customer has two sites, each with an IP Office linked via a private digital line (E1/T1). The head
office is connected to the public network through a digital exchange line. The remote site gains
access to the public network via the head office.
How should Clock Quality be set in the IP Office on the lines marked X and Y in the exhibit?

A. X – Network — Y – Fallback
B. X ?Fallback — Y – Fallback
C. X ?Network — Y – Unsuitable
D. X ?Fallback — Y – Unsuitable

Answer: A
Reference: http://support.avaya.com/elmodocs2/ip_office/R3.1/maintenance.pdf(page 20)


QUESTION 5
Which two are used to turn on Small Community Networking within the main IP Office 500?
(Choose two.)

A. RAS
B. FastStart
C. Voice Networking
D. Professional License Enabled

Answer: C,D

Explanation:


QUESTION 6
How much space does a recording in VoiceMail Pro use on a hard drive?

A. 1MB per minute
B. 500KB per minute
C. 2MB per minute
D. 1.5MB per minute

Answer: A

Explanation:


QUESTION 7
Which two e-mail protocols are used by VoiceMail Pro to perform voicemail to e-mail? (Choose two.)

A. POP 3
B. SMTP
C. MAPI
D. IMAP

Answer: B,C

Explanation:


QUESTION 8
A customer is receiving calls to a hunt group and the callers are reporting that they are being
forced to wait much longer than VoiceMail Pro reported to them during the queued message. What
is a possible cause for this?

A. The hunt group has a priority set to 1.
B. The hunt group has a priority set to 3.
C. There are two routes going to the hunt group. Each has different priorities set.
D. Users in the hunt group have inconsistent priority settings. The users with a priority set to 3 are always busy.

Answer: C

Explanation:


QUESTION 9
What information do you need from a customer to be able to reproduce a call park problem?
(Choose three.)

A. accurate description of the problem
B. a System Monitor trace of the problem
C. a Network Assessment
D. the system configuration
E. information on the phones and lines being used

Answer: A,D,E

Explanation:


QUESTION 10
When using Small Community Networking which two features require the Small Community
Advanced License to function? (Choose two.)

A. Hot Desking
B. Hot Desking across the SCN
C. playing queued announcements
D. Break Out dialing

Answer: B,D

Explanation:

Cisco CCNA Training, Cisco CCNA Certification

Best Avaya Certification Training and Avaya Exams Training and more Avaya exams log in to Certkingdom.com

Sunday, November 27, 2011

Free Microsoft 70-291 Q & A / Study Guide Part II

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


QUESTION 1:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. The Certkingdom.com network contains a
print server named Certkingdom -PR01 that has a built-in network interface.
A Certkingdom.com user named Andy Reid is a member of the Research and
Development department. Andy Reid complains that he cannot print to a print
device attached to Certkingdom -PR01.
You have received instruction to ensure that Andy Reid can print to the print
device. First you verify that the IP address for Certkingdom -PR01 is correct and that
the latest drivers for the print device are installed. You now want to verify that the
print jobs are being sent to the correct MAC address for Certkingdom -PR01.
What should do?

A. On Certkingdom -PR01, run the net session command.
B. On Certkingdom -PR01, run the netstat command.
C. On Certkingdom -PR01, run the netsh command.
D. On Certkingdom -PR01, run the netcap command.

Answer: D

Explaination: Netstcap.exe is a command line tool that could be used to capture the
network traffic. A filter can be created to be used during the capture to determine the
MAC address the print jobs are being sent to. The Network Monitor Capture Utility (
Netcap.exe) can be used to capture network traffic in Network Monitor. Netcap provides
capture abilities only from a command prompt; to open the resulting capture (.cap) files,
you must use the full Network Monitor interface. Netcap is installed when you install the
Support tools that are on the Windows XP CD-ROM. Netcap provides capture abilities
that are similar to the version of Network Monitor that is included with the Windows
Server products; however, you must use Netcap at a command prompt. Netcap installs
the Network Monitor driver and binds it to all adapters when you first run the Netcap command.
Incorrect Options:
A: The net session command can be used to view the computer names and user names of
users on a server, to see if users have files open, and to see how long each user’s session
has been idle. Net session manages server computer connections – used without
parameters, net session displays information about all sessions with the local computer.
B: The netstat command is not a utility to use when troubleshooting NetBIOS names, but
is used to display TCP/IP and port information.
C: The Network Shell utility (Netsh.exe) can perform a wide range of system
configuration tasks. You can use commands in the Netsh Interface IP context to
configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and
WINS servers) and to display configuration and statistical information.
Reference:
Microsoft Knowledge Base: 306794: How to Install the Support Tools from the Windows
XP CD-ROM Network Monitor is provided with Windows Server products and
Microsoft Systems Management Server (SMS). Microsoft Corporation, 2004
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd & Laura Hunter,
MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows
Server 2003 Network Infrastructure Guide & DVD Training System, pp. 686, 854-856,
926


QUESTION 2:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of two subnets. All servers on the Certkingdom.com network run
Windows Server 2003 and all client computers run Windows XP Professional. All
servers are located in a central data center that uses a single IP subnet and all client
computers are located in one subnet.
The data center contains two routers named Certkingdom -SR01 and
Certkingdom -SR02, two domain controllers named Certkingdom -DC01 and
Certkingdom -DC02, and two file servers named Certkingdom -SR03 and
Certkingdom -SR04. The IP addresses of these servers are indicated in the table
below.

Host name IP address
Certkingdom-DC01 10.10.10.1
Certkingdom -DC02 10.10.10.2
Certkingdom -SR01 10.10.1.1
Certkingdom -SR02 10.10.1.2
Certkingdom -SR03 10.10.11.1
Certkingdom -SR04 10.10.11.2

You have received instruction from the CIO to install a new database server in the
data center. You install Windows Server 2003 on a new server computer named
Certkingdom -DB01 and hand it over to a database administrator named Dean
Austin. Dean Austin installs Microsoft SQL Server 2005 and makes some changes to
the TCP/IP settings on Certkingdom -DB01 as shown in the following table.

Parameter Value
IP address 10.10.1.3
Subnet mask 255.255.255.0
Default gateway 10.10.1.2

Later, Dean Austin complains that Certkingdom -DB01 cannot communicate with the
other servers in the data center. All other servers in the data center can
communicate with the other servers as well as the client computers. You log on to
Certkingdom -DB01 and attempt to ping Certkingdom -DC01 but you receive the
following error message: “Destination host unreachable”.
What should you do to ensure that Certkingdom -DB01 can communicate with the
other computers in the Certkingdom.com network?

A. Configure Certkingdom -DB01 with a default gateway of 10.10.1.1.
B. Configure Certkingdom -DB01 with a subnet mask of 255.255.0.0.
C. Configure Certkingdom -DB01 with an IP address of 10.10.10.3.
D. Configure Certkingdom -DB01 with an IP address of 10.10.11.3.

Answer: B

Explaination: Large networks are subdivided to create smaller subnetworks to reduce
overall network traffic by keeping local traffic on the local subnet and sending all
nonlocal traffic to the router. In order to create a subnetwork, we need to have a system
for addressing that allows us to use the network ID and host ID within the class-based
system. This is accomplished through the use of a subnet mask. To determine the
appropriate custom subnet mask (typically referred to simply as subnet mask) for a
network, you must first:
1. Determine the number of host bits to be used for subnetting.
2. Determine the new subnetted network IDs.
3. Determine the IP addresses for each new subnet.
4. Determine the appropriate subnet mask.
Incorrect Answers:
A: You need to assign the correct subnet mask to ensure connectivity.
C, D: The problem in this scenario is not a faulty IP address. It is the appropriate subnet
mask that has to be determined to enable connectivity.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter,
MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows
Server 2003 Network Infrastructure Guide & DVD Training System, p. 57


QUESTION 3:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of two subnets named Subnet A and Subnet B. Subnet A and
Subnet B are connected by a router. All computers on the Certkingdom.com network
are configured with static IP addresses. All network servers run Windows Server
2003 and all client computers run Windows XP Professional.
Certkingdom.com hires a new Sales manager named Amy Wilson. You install a new
client computer named Certkingdom -WS291 for Amy Wilson. You then add
Certkingdom -WS291 to Subnet A. The relevant portion of the network is configured
as shown in the exhibit.

However, Amy Wilson complains that Certkingdom -WS291 cannot communicate
with other hosts on the network.
What should you do to ensure that Certkingdom -WS291 can communicate with all
local and remote computers on the Certkingdom.com network?

A. Configure Certkingdom -WS291 with a default gateway of 192.168.28.84.
B. Configure Certkingdom -WS291 with a default gateway of 192.168.2.1.
C. Configure Certkingdom -WS291 with a subnet mask of 255.255.255.128.
D. Configure Certkingdom -WS291 with a subnet mask of 255.255.255.192.

Answer: C

Explaination: It is evident from the exhibit that the file server and
Certkingdom -WS291 have a different subnet mask. This is the reason why they
cannot communicate with each other. You must therefore change the subnet mask
of Certkingdom -WS291 to 255.255.255.128.
Incorrect Answers:
A, B: The problem is not the gateway IP address that is faulty, but rather the subnet
mask.
D: This option suggests the correct object that has to be changed, but it gives the wrong
subnet mask.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter,
MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows
Server 2003 Network Infrastructure Guide & DVD Training System, p. 57


QUESTION 4:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com
Certkingdom.com has its headquarters in Chicago and branch offices in Dallas and
Miami. All servers on the Certkingdom.com network run Windows Server 2003 and all
client computers run Windows XP Professional. You work in the Miami branch
office.
The network at the Miami branch office consists of 25 different subnets, each with a
maximum of six computers. The network administrator at headquarters has
allocated the 192.168.3.0/24 network address to the Miami branch office.
You install a new server named Certkingdom -SR21 in the Miami branch office. You
need to configure the Internet Protocol (TCP/IP) properties for Certkingdom -SR21.
You configure Certkingdom -SR21 with an IP address of 192.168.3.44. What subnet
mask should you use?

A. A subnet mask of 255.255.255.0.
B. A subnet mask of 255.255.255.128.
C. A subnet mask of 255.255.255.192.
D. A subnet mask of 255.255.255.240.
E. A subnet mask of 255.255.255.248.

Answer: E

Explaination: The network address is: 192.168.2.0/24, which means
11111111.11111111.11111111.0 in binary.
Therefore, you can use the last octet to configure the 30 subnets and 6 hosts in each
subnet
You need only six host PCs. When you convert to binary, it is: 00000111. As a result,
you use 3 bits.
This leaves 5 bits for the subnets 11111000 converted to decimal:
128+64+32+16+8=248, therefore the subnet mask will be: 255.255.255.248.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter,
MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows
Server 2003 Network Infrastructure Guide & DVD Training System, p.57


QUESTION 5:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com
Certkingdom.com has its headquarters in Chicago and a branch office in Dallas. All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. You work in the Dallas branch office.
The network at the Dallas branch office consists of a single subnet that contains 150
client computers and 12 servers. The network administrator at headquarters has
allocated the 10.10.0.0/16 network address to the Dallas branch office.
You have received instruction from your manager to place all servers at the Dallas
branch office into a separate subnet that uses the 192.168.10 public addressing
scheme. Your manager asks you to make allowance for a maximum of 30 servers in
the new subnet.
Which subnet mask should you use for the new subnet?

A. 255.255.255.224
B. 255.255.255.240
C. 255.255.255.248
D. 255.255.255.252
E. 255.255.255.254

Answer: A

Explaination: A 255.255.255.224 subnet mask gives five host address bits, so the
maximum number of host addresses is 2 ^ 5 – 2 = 30 host addresses. Thus
255.255.255.224 is the only subnet mask that will allow for sufficient IP addresses in
case of further growth, whilst still conserving as many current addresses as possible.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter,
MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows
Server 2003 Network Infrastructure Guide & DVD Training System, p. 62


QUESTION 6:

DRAG DROP
You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional.
You have installed a new server named Certkingdom -SR06 on the network. The
relevant portion of the network is shown on the exhibit.

You want to configure Certkingdom -SR06 with a valid static IP configuration.
Certkingdom -SR06 must be able to communicate with all hosts on the network and
on the internet. You also need to configure Certkingdom -SR06 to use the DNS server
on the local subnet for name resolution. In addition, you must configure redundancy
for name resolution.
How should you configure Certkingdom -SR06?
To answer drag the appropriate IP addresses and Subnet masks to the appropriate
places.

Answer:

Explaination:
The Class C address 192.168.0.100 has to be the IP address to enable
Certkingdom -SR06 to communicate with all hosts on the network and on the internet
as 192.168.0.1, 192.168.0.2 and 192.168.0.110 are already in use. 192.168.5.2 and
192.168.5.100 are on the wrong subnet, and besides, 192.168.5.12 is already in use.
The subnet mask for this Class C address is 255.255.255.0. The default gateway
should be 192.168.0.1. To configure redundancy for name resolution, configure the
preferred DNS server/primary address as 192.168.0.2, and the alternate DNS
server/secondary address as 192.168.5.2.
Reference:
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291):
Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network
Infrastructure, Part 1, Chapter 2, pp. 80-116


QUESTION 7:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. Certkingdom.com has its headquarters in
Chicago and branch offices in Dallas and Miami. You work in the Miami branch
office.
The Miami branch office has a file server named Certkingdom -SR25 that hosts
critical documents. Certkingdom -SR25 is configured with a DHCP client reservation.
Certkingdom.com users from all three offices download documents from
Certkingdom -SR25.
One day Certkingdom.com users complain that they cannot access the documents on
Certkingdom -SR25. You discover that the DHCP server has failed. The DHCP server
is located at headquarters.
You have received instruction from the CIO to ensure that Certkingdom -SR25 is
available even if it is unable to obtain or renew a lease from the DHCP server.
How could you accomplish this task?

A. On the DHCP server, increase the DHCP lease period.
B. Configure alternate IP settings for Certkingdom -SR25 on the Alternate Configuration
tab of the Internet Protocol (TCP/IP) properties.
C. Configure the DHCP scope in the 169.254.0.1. – 169.254.255.254 range.
D. On the DHCP server, configure the DHCP 001 Resource Location Servers reservation
option for Certkingdom -SR25.

Answer: B

Explaination: Windows Server 2003 includes the Alternate Configuration feature.
The Windows Server 2003 servers can be configured to use an alternate static IP
configuration if a DHCP server is unavailable. When a DHCP client determines that
the DHCP server is unavailable, it will automatically change over and also configure
the TCP/IP stack with the static address information specified on the Alternate
Configuration tab of the Internet Protocol (TCP/IP) properties.
Incorrect Answers:
A: Increasing the lease period would result in DHCP clients requesting leases less
frequently, but won’t guarantee that Certkingdom -SR25 will be available when the DHCP
server is down.
C: Modifying the DHCP scope to the 169.254.0.1. – 169.254.255.254 range will still be
reliant on the DHCP server.
D: Configuring the DHCP 001 Resource Location Servers reservation option for
Certkingdom -SR25 on the DHCP server will not ensure that Certkingdom -SR25 will
receive an IP address or have the IP address renewed.
Reference:
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291):
Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network
Infrastructure, Part 1, Chapter 2, pp. 114, 117


QUESTION 8:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. The Certkingdom.com network contains a
server named Certkingdom -SR34. Certkingdom -SR34 is configured as a DHCP server
and has been authorized in Active Directory. The Telnet service has been installed
and started on Certkingdom -SR34.
One day Certkingdom.com users complain that they cannot access network resources.
Your investigations reveal that the DHCP Server service on Certkingdom -SR34 has
stopped. You install the administrative tools on a client computer named
Certkingdom -WS291 and log on to the computer. When you open the DHCP console
on Certkingdom -WS291 and attempt to connect to Certkingdom -SR34, you receive an
error message that states: “Cannot find the DHCP Server.” You then attempt to
ping Certkingdom -SR34 but fail.
How can you connect to the DHCP Server service on Certkingdom -SR34 by using the
DHCP console on Certkingdom -WS291?

A. Establish a Telnet session to Certkingdom -SR34 and then run the net start dhcp
command.
B. Establish a Telnet session to Certkingdom -SR34 and then run the net start dhcpserver
command.
C. Establish a Telnet session to Certkingdom -SR34 and then run the ipconfig /renew
command.
D. On Certkingdom -WS291, run the netsh dhcp server\\ Certkingdom -SR34 show server
command.

Answer: B

Explaination: You can start the DHCP Server service by executing the Net Start
Dhcpserver command at the command prompt.
Telnet is a protocol that enables an Internet user to log on to and enter commands on a
remote computer linked to the Internet, as if the user were using a text-based terminal
directly attached to that computer. Telnet is part of the TCP/IP suite of protocols. The
term telnet also refers to the software (client or server component) that implements this
protocol.
Given the fact that you can ping Certkingdom -SR34 you should then establish a Telnet
session to Certkingdom -SR34 and then run the appropriate command.
Reference:
J. C. Mackin & Ian McLean, MCSA/MCSE self-paced training kit (exam 70-291):
implementing, managing, and maintaining a Microsoft Windows Server 2003 network
infrastructure, Microsoft Press, Redmond, 2004, p. 7-23


QUESTION 9:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. The Certkingdom.com network contains a
server named Certkingdom -SR51 that is configured as a print server for a print
device that has a built-in network interface. The print device is used by the Sales
department to print Sales reports.
A Certkingdom.com user named Clive Allen is a member of the Sales department. Clive
Allen complains that he cannot print to the print device attached to
Certkingdom -SR51.
You verify that the IP address for Certkingdom -SR51 is correct and that the correct
drivers for the print device are installed. You now want to verify that the print jobs
are being sent to the correct MAC address for Certkingdom -SR51.
You log on to Certkingdom -SR51. What should you do next?

A. Run the net session command.
B. Run the netstat command.
C. Run the netsh command.
D. Run the netcap command.

Answer: D

Explaination: Netstcap.exe is a command line tool that could be used to capture the
network traffic. A filter can be created to be used during the capture to determine the
MAC address the print jobs are being sent to. The Network Monitor Capture Utility (
Netcap.exe) can be used to capture network traffic in Network Monitor. Netcap provides
capture abilities only from a command prompt; to open the resulting capture (.cap) files,
you must use the full Network Monitor interface. Netcap is installed when you install the
Support tools that are on the Windows XP CD-ROM. Netcap provides capture abilities
that are similar to the version of Network Monitor that is included with the Windows
Server products; however, you must use Netcap at a command prompt. Netcap installs
the Network Monitor driver and binds it to all adapters when you first run the Netcap
command.
Incorrect Options:
A: The net session command can be used to view the computer names and user names of users
on a server, to see if users have files open, and to see how long each user’s session has
been idle. Net session manages server computer connections – used without parameters,
net session displays information about all sessions with the local computer.
B: The netstat command is not a utility to use when troubleshooting NetBIOS names, but
is used to show what ports your computer is listening on.: -R is used to reload your
LMHOSTS file located in %systemroot%\system32\drivers\etc., -r will show you which
name resolutions have been answered via broadcasts, and which have been answered via
a NetBIOS name server, -RR switch of the command utility refreshes your NetBIOS
name with a configured WINS server.
C: The Network Shell utility (Netsh.exe) can perform a wide range of system
configuration tasks. You can use commands in the Netsh Interface IP context to
configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and
WINS servers) and to display configuration and statistical information.
Reference:
Microsoft Knowledge Base: 306794: How to Install the Support Tools from the Windows
XP CD-ROM Network Monitor is provided with Windows Server products and
Microsoft Systems Management Server (SMS). Microsoft Corporation, 2004
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd & Laura Hunter,
MCSA/MCSE: Exam 70-291: Implementing, Managing, and Maintaining a Windows
Server 2003 Network Infrastructure Guide & DVD Training System, pp. 686, 854-856,
926


QUESTION 10:

Network Topology Exhibit:

LAN Settings Exhibit:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. The Certkingdom.com network contains a
Microsoft Internet Security and Acceleration (ISA) Server computer named
Certkingdom -SR01, a DNS server named Certkingdom -SR02, a DHCP server named
Certkingdom -SR03, a file server named Certkingdom -SR21, and a Web server named
Certkingdom-SR25. Certkingdom -SR25 also serves as a central antivirus server.
Certkingdom -SR21 is located on the 10.10.11.0 subnet and Certkingdom -SR25 is
located in the perimeter network. Certkingdom -SR21 contains antivirus software
that checks for new virus definitions on Certkingdom -SR25 every hour. You can also
access Certkingdom -SR25 through a virus update Web page to perform manual
virus definition updates.
Certkingdom -SR03 suffers a catastrophic failure and is removed from the network.
Due to budgetary constraints, a replacement for Certkingdom -SR03 will only be
acquired in the next financial year. You need to redesign network addressing
scheme, and change the IP addresses for Certkingdom -SR01 to the addresses shown
in the Network Topology exhibit.
Certkingdom -SR02 contains the new host (A) resource records for
Certkingdom -SR01.
You receive reports about a new virus threat and want to protect the network
immediately by manually downloading the new virus definitions to
Certkingdom -SR21. you log on to Certkingdom -SR21 but discover that you cannot
access the virus update Web page on Certkingdom -SR25. The static TCP/IP
configuration on Certkingdom -SR21 uses Certkingdom -SR02 as the preferred DNS
server.
You confirm that Certkingdom -SR01 is configured properly. On Certkingdom -SR21,
you view the Internet Explorer LAN settings that are shown in the LAN Settings
exhibit.
What should you do to allow Certkingdom -SR21 to connect to Certkingdom -SR25?

A. At a command prompt on Certkingdom -SR21, run the ipconfig /flushdns command.
B. In the LAN settings of Internet Explorer on Certkingdom -SR21, select the
Automatically detect settings check box.
C. At a command prompt on Certkingdom -SR01, run the ipconfig / flushdns command.
D. At a command prompt on Certkingdom -SR01, run the ipconfig /registerdns command.

Answer: A

Explaination: Running the ipconfig /flushdns command will flush and reset the DNS
resolver cache which is necessary to allow connection. Run this command on
Certkingdom -SR21 to connect to Certkingdom -SR25.
Incorrect Answers:
B: Selecting the “Automatically detect settings” checkbox is not going to allow
Certkingdom -SR21 to connect to WWW.
C: The ipconfig /flushdns command flushes and resets the DNS resolver cache. This is
not what is necessary.
D: The ipconfig /registerdns command refreshes all DHCP leases and registers any related
DNS names. This option is available only on Windows 2000 and newer computers that
run the DHCP Client service. This is not going to allow Certkingdom -SR21 to connect to
WWW when it is run on Certkingdom -SR01.
Reference:
James Chellis, Paul Robichaux and Matthew Sheltz, MCSA/MCSE: Windows Server
2003 Network Infrastructure Implementation, Management, and Maintenance Study
Guide, p. 311


QUESTION 11:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. The Certkingdom.com network contains a
DHCP server named Certkingdom -SR15 that is configured with a single scope.
Certkingdom.com hires a new Sales manager named Andy Reid. You install a new client
computer named Certkingdom -WS291 for Andy Reid. You connect
Certkingdom -WS291 to the network by plugging the network cable into the network
adapter on Certkingdom -WS291 and attempt to connect to Certkingdom -SR25.
However, you cannot access any of the servers on the network. When you open a
command prompt on Certkingdom -WS291 and run the ipconfig /renew command,
you receive the following response.

You log on to a client computer named Certkingdom -WS292 and run the ipconfig
/renew command successfully.
What should you do to ensure that Certkingdom -WS291 can receive its IP address
configuration from the Certkingdom -SR25?

A. Restart the DHCP service on Certkingdom -SR25.
B. Restart Certkingdom -WS291.
C. Restart Certkingdom -SR25.
D. Add additional IP addresses to the scope on Certkingdom -SR25.

Answer: B

Explaination: It is probable that the TCP/IP stack has a problem because the
computer is unable to send a DHCP discover broadcast packet. This can happen
when you insert a network cable after the PC has been started. You should restart
the client PC to successfully obtain a new IP address.
Incorrect Answers:
A, C, D: This is unnecessary because Certkingdom -WS292 did obtain an IP address from
the DHCP server, thus indicating that the DHCP server configuration is not the issue.
Reference:
Deborah Littlejohn Shinder and Dr. Thomas W. Shinder, MCSA/MCSE Exam 70-290:
Managing and Maintaining a Windows Server 2003 Environment Study Guide & DVD
Training System, p. 629


QUESTION 12:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows XP Professional. Certkingdom.com has its headquarters in
Chicago and branch offices in Dallas and Miami. The Certkingdom.com network
contains a DHCP server named Certkingdom -SR01. The relevant portion of the
network is shown in the following network diagram.

You work at headquarters. A Certkingdom.com employee named Andy Booth is one of
three employees that are relocated to headquarters from the Dallas office. Andy
Booth uses a portable client computer named Certkingdom -WS291. Andy Booth
complains that when he plugs Certkingdom -WS291 into the LAN connection in his
new cubicle, he cannot connect to network resources on the LAN or the Internet.
None of the other employees are experiencing the same problem.
When you run the ipconfig command from a command prompt on
Certkingdom -WS291, you see the output as shown in the exhibit.

What should you do to allow Certkingdom -WS291 to connect to network resources
on the LAN or the Internet?

A. Configure Certkingdom -WS291 with a subnet mask of 255.255.240.0.
B. Configure Certkingdom -WS291 with a default gateway of 192.168.3.12.
C. Configure Certkingdom -WS291 with a primary DNS suffix of Certkingdom.com
D. Configure Certkingdom -WS291 to automatically lease an IP address from
Certkingdom -SR01.

Answer: D

Explaination: The client computers on the subnet use DHCP to obtain their IP
configurations. Certkingdom -WS291 has a static IP address, and therefore cannot
obtain a valid IP configuration from the DHCP server.
Incorrect Answers:
A: By changing the subnet mask you will not ensure that Certkingdom -WS291 will
connect to other computers and the Internet.
B: Changing the default gateway will not enable Certkingdom -WS291 LAN connection.
Besides, 192.168.3.12 is the IP address of the DHCP server.
C: Adding a primary DNS suffix means that only domain names listed in that window
will be tried for resolution purposes. Both the connection-specific and primary DNS
suffix are ignored.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter,
Implementing, Managing, and Maintaining a Windows Server 2003 Network
Infrastructure Guide & DVD Training System, p. 515


QUESTION 13:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows 2000 Professional. Certkingdom.com has headquarters in
London and branch offices in Paris, Berlin, Milan, Madrid, Stockholm, Warsaw,
Minsk, and Athens. Each branch office has a server that provides DHCP Server
services and between two to twenty client computers. A client computer in each
branch office is configured with a shared dial-up connection. You work at
headquarters.
The Berlin branch office has only two client computers named Certkingdom -WS291
and Certkingdom -WS292. A Certkingdom.com user named Kara Lang works in the
Berlin office. One morning Kara Lang complains that the shared dial-up connection
on Certkingdom -WS291 is no longer working.
Your investigation reveals that Certkingdom -WS292 can connect to shared folders
on Certkingdom -WS291 and that Certkingdom -WS291 can connect to the network at
headquarters. However, Certkingdom -WS292 cannot connect to resources on the
network at headquarters.
What should you do to ensure that both Certkingdom -WS291 and
Certkingdom -WS292 can connect to resources on the network at headquarters?

A. Reconfigure Internet Connection Sharing on Certkingdom -WS291.
B. Configure the shared dial-up connection on Certkingdom -WS291 so that automatic
dialog is enabled.
C. Configure Certkingdom -WS292 to receive an IP lease from a DHCP server.
D. Configure Certkingdom -WS292 to use Certkingdom -WS291 for DNS name resolution.

Answer: C.

Explaination: The problem is most likely caused by an incorrect or non-existent
default gateway setting on Certkingdom -WS292. If you configure
Certkingdom -WS292 to use DHCP to obtain IP addressing information,
Certkingdom -WS292 will receive the correct settings from the ICS service on
Certkingdom -WS291.
Incorrect Answers:
A: The question refers to a shared dial-up connection on Certkingdom -WS291 not
working. If the dial-up connection is shared, then Internet Connection Sharing is enabled
already.
B: The question states that Certkingdom -WS291 automatically connects to the network at
the main office whenever the user on Certkingdom -WS291 attempts to access resources
located on the main office network. This indicates that automatic dial-up is already
configured.
D: Certkingdom -WS291 is not a DNS server. The ICS service has a DNS proxy that
would pass DNS requests to whichever DNS server Certkingdom -WS291 is using.
Reference:
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291):
Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 network
Infrastructure, Part 1, Chapters 1 & 2, pp. 45, 124


QUESTION 14:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and all client
computers run Windows NT Workstation 4.0. The network contains 2,500 client
computers that are configured with static IP addresses.
Certkingdom.com issues a new network policy that requires all network computers to
have dynamically assigned IP configurations. You enable the DHCP Server service
on a member server named Certkingdom -SR25. Three network support technicians
have been instructed to configure the IP properties on all client computers to
receive a DHCP lease from Certkingdom -SR25.
It is estimated that the change over will take two weeks to complete. You need to
ensure that the DHCP server will not lease an IP address that is statically
configured on a computer that the network support technicians have not yet seen to.
What should you do?

A. On Certkingdom -SR25, configure Conflict detection attempts to 1.
B. On Certkingdom -SR25, configure Conflict detection attempts to 3.
C. On Certkingdom -SR25, configure client reservations for each client computer’s MAC
address.
D. On Certkingdom -SR25, activate and reconcile the scopes.

Answer: A

Explaination: When conflict detection attempts are set, the DHCP server uses the
Packet Internet Groper (ping) process to test available scope IP addresses before
including these addresses in DHCP lease offers to clients. A successful ping means
that the IP address is in use on the network. This results in the DHCP server not
offering to lease the address to a client.
If the ping request fails and times out, it indicates that the IP address is not in use on the
network. In this case, the DHCP server offers to lease the address to a client. Each
additional conflict detection attempt delays the DHCP server response by a second while
waiting for the ping request to time out. This in turn increases the load on the server. A
value of no greater than two (2) is recommended for ping attempts.
Incorrect Answers:
B: Due to the latency involved in ping attempts, the higher the conflict detection value is
set, the longer the lease process will be for every client that uses the DHCP server.
C: Configuring client reservations for each client computer MAC address will involve a
physical visit to each and every client computer if you do not ping it successfully.
D: The scope would already be activated in this scenario.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter,
Implementing, Managing, and Maintaining a Windows Server 2003 Network
Infrastructure Guide & DVD Training System, pp. 208-209


QUESTION 15:

You work as the network administrator at Certkingdom.com The Certkingdom.com
network consists of a single Active Directory domain named Certkingdom.com All
servers on the Certkingdom.com network run Windows Server 2003 and client
computers run Windows XP Professional, Windows 2000 Professional, or Windows
NT Workstation. All client computers are configured with default settings.
The Certkingdom.com network contains a server named Certkingdom -SR31 that
functions as a DHCP and DNS server, and a server named Certkingdom -SR38 that
contains antivirus server software. All DNS zones on Certkingdom -SR31 are enabled
for DNS dynamic updates. The computer account for each client computer is the
owner of its own DNS host record. No other server provides DNS services.
What must you do to ensure that Certkingdom -SR38 can contact client computers by
using fully qualified domain names (FQDNs) to propagate virus definition updates?

A. On Certkingdom -SR31, modify the Dynamically update DNS A and PTR records only
if requested by the DHCP clients option.
B. On Certkingdom -SR38, modify the Always dynamically update DNS A and PTR
records option.
C. On Certkingdom -SR31, modify the Discard A and PTR records when lease is deleted
option.
D. On Certkingdom -SR31, modify the Dynamically update DNS A and PTR records for
DHCP clients that do not request dynamic updates (for example, clients running
Windows NT 4.0) option.

Answer: D

Explaination: Dynamically Update DNS A And PTR Records For DHCP Clients That
Do Not Request
Updates – This checkbox lets you handle these older clients graciously by making the
updates using a separate mechanism. When checking this check box you will ensure that
Certkingdom -SR38can resolve FQDNs for all client computers on the network under the
given circumstances and the role that Certkingdom -SR31 plays.
Incorrect Answers:
A: Dynamically Update DNS A And PTR Records Only If Requested By The DHCP
Clients – This radio button (which is on by default) tells the DHCP server to register the
update only if the DHCP client asks for DNS registration. When this button is active,
DHCP clients that aren’t hip to DDNS won’t have their DNS records updated. However,
Windows 2000, XP, and Server 2003 DHCP clients are smart enough to ask for the
updates.
B: Always Dynamically Update DNS A And PTR Records – This radio button forces the
DHCP server to register any client to which it issues a lease. This setting may add DNS
registrations for DHCP-enabled devices that don’t really need them, like printer servers;
however, it allows other clients (like Mac OS, Windows NT, and Linux machines) to
have their DNS information automatically updated. This is not what is required.
C: Discard A And PTR Records When Lease Is Deleted – When a DHCP lease expires,
what should happen to the DNS registration? Obviously, it would be nice if the DNS
record associated with a lease vanished when the lease expired; when this checkbox is
checked (as it is by default), that’s exactly what happens. If you uncheck this box, your
DNS will contain entries for expired leases that are no longer valid; when a particular IP
address is reissued on a new lease, the DNS will be updated, but in between leases you’ll
have incorrect data in your DNS-always something to avoid.
Reference:
James Chellis, Paul Robichaux and Matthew Sheltz, MCSA/MCSE: Windows Server
2003 Network Infrastructure Implementation, Management, and Maintenance Study
Guide, p. 246


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Friday, November 25, 2011

Free Microsoft 70-536 Q & A / Study Guide

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com



QUESTION 1
You work as the application developer at CertKingdom.com. CertKingdom.com uses Visual Studio.NET
2005 as its application development platform.
You are in the process of storing numerical values up to 2,100,000,000 into a variable and may
require storing negative values using a .NET Framework 2.0 application. You are required to
optimize memory usage
What should you do?

A. Int32
B. UInt16
C. UInt32
D. Int16

Answer: A

Explanation:
The Int32 type should be used in the scenario as it can be used to store positive and negative
numerical values from -2,147,483,648 to +2,147,483,647.
Incorrect Answers:
B: The UINT32 and UInt16 type should not be used in the scenario because they are used to store
only unsigned positive numbers.
Reference types
C: The UINT32 and UInt16 type should not be used in the scenario because they are used to store
only unsigned positive numbers.
Attributes
D: The Int16 type should not be used as you will only be allowed to store values from -32768 to
+32768.


QUESTION 2
You work as an application developer at CertKingdom.com. You are currently in the process of
creating a class that stores data about CertKingdom.com’s customers.
CertKingdom.com customers are assigned unique identifiers and various characteristics that may
include aliases, shipping instructions, and sales comments. These characteristics can change in
both size and data type.
You start by defining the Customer class as shown below:
public class Customer
{
private int custID;
private ArrayList attributes;
public int CustomerID
{
get {return custID;}
}
public Customer (int CustomerID)
{
this.custID = CustomerID;
this.attributes = new ArrayList ();
}
public void AddAttribute (object att)
{
attributes.Add (att);
}
}
You have to create the FindAttribute method for locating attributes in Customer objects no matter
what the data type is.
You need to ensure that the FindAttribute method returns the attribute if found, and you also need
to ensure type-safety when returning the attribute.
What should you do?

A. Use the following code to declare the FindAttribute method:
public T FindAttribute (T att)
{
//Find attribute and return the value
}
B. Use the following code to declare the FindAttribute method:
public object FindAttribute (object att)
{
//Find attribute and return the value
}
C. Use the following code to declare the FindAttribute method:
public T FindAttribute (T att)
{
//Find attribute and return the value
}
D. Use the following code to declare the FindAttribute method:
public string FindAttribute (string att)
{
//Find attribute and return the value
}

Answer: C

Explanation:
This code declares the method FindAttribute and specifies an argument named att using the T
placeholder as the argument and return data type. To ensure the FindAttribute method accepts
arguments of different types, you should specify an argument using a generic placeholder. The
argument att in this generic method will accept any valid data type and ensures type-safety by
returning that same data type.
Incorrect Answers:
A: You should not use this code because it does not declare the placeholder T. when declaring a
generic method, you have to use the < > bracketsto declare the place holder before using it.
B: You should not use this code because it does not guarantee type-safery.
D: You should not use this code because it will only accept a string argument and return a string
argument.
Generic types


QUESTION 3
You work as an application developer at CertKingdom.com. You are creating a custom exception
class named ProductDoesNotExistException so that custom exception messages are displayed in
a new application when the product specified by users is unavailable.
This custom exception class will take the ProductID as an argument to its constructor and expose
this value through the ProductID. You are now in the process of creating a method named
UpdateProduct. This method will be used to generate and manage the
ProductDoesNotExistException exception if the ProductID variable contains the value 0.
You need to ensure that use the appropriate code for the UpdateProduct method.
What should you do?

A. Make use of the following code:
public void UpdateProduct ()
{
try
{
if (ProductID == 0)
throw new ProductDoesNotExistException (ProductID);
}
catch (ProductDoesNotExistException ex)
{
MessageBox.Show (“There is no Product” + ex. ProductID);
}
}
B. Make use of the following code:
public void UpdateProduct ()
{
try
{
if (ProductID = = 0)
throw new Exception (“Invalid ProductID”);
}
catch (ProductDoesNotExistException ex)
{
MessageBox.Show (ex.Message);
}
}
C. Make use of the following code:
public void UpdateProduct ()
{
if (ProductID = = 0)
throw new ProductDoesNotExistException (ProductID);
}
D. Make use of the following code:
public void UpdateProduct ()
{
if (ProductID = = 0)
throw new Exception (“Invalid ProductID”);
}

Answer: A

Explanation:
This code verifies the value of the ProductID variable by using the if statement. If the ProductID
variable contains a value of 0, this code generates an exception of type
ProductDoesNotExistException . To explicitly generate an exception, you are required to use the
throw statement. The exception generated by using the throw statement can be handled by the
try…catch block. This code generates the custom exception by calling the constructor of the
custom exception class named ProductDoesNotExistException . The constructor argument is the
ProductID attached to the ProductDoesNotExistException object. This code then handles the
custom exception named ProductDoesNotExistException by using a catch block, which handles
exceptions by using a variable named ex of the type ProductDoesNotExistException . This code
displays the ” There is no Product ” error message by using the MessageBox.Show method and
concatenating the ex. ProductID to it.
Incorrect Answers:
B: You should not use the code that generates an exception of the type Exception and handles the
exception of the type ProductDoesNotExistException in the catch block. This code is incorrect
because you are required to generate a custom exception named ProductDoesNotExistException.
C: You should not use the codes that do not use a try…catch block because the application an
unhandled exception.
D: You should not use the codes that do not use a try…catch block because the application an
unhandled exception.


QUESTION 4
You work as the application developer at CertKingdom.com. CertKingdom.com uses Visual Studio.NET
2005 as its application development platform.
You have recently finished development of a class named TestReward and package the class in a
.NET 2.0 assembly named TestObj.dll. After you ship the assembly and it is used by client
applications, you decide to move the TestReward class from TestObj.dll assembly to the
TestRewardObj.dll Assembly. You are to ensure when you ship the updated TestObj.dll and
TestRewardObj.dll assemblies that the client applications continue to work and do not require
recompiling.
What should you do?

A. The TypeForwardedTo attribute should be used
B. The TypeConvertor.ConvertTo method should be used
C. The InternalsVisibleTo attribute should be used
D. The Type Convertor.ConvertFrom method should be used

Answer: A

Explanation:
The statement used for you to add a type from one assembly into another assembly is the
TypeForwardTo attribute which enables you not to have the application recompiled.
Incorrect Answers:
B: The TypeConverter class provides a unified way of converting different types of values to other
types and can not be used to move a type.
C: The method in question here specifies all nonpublic types in an assembly are visible to other
assemblies but can not be used to move types.Part 2: Manage a group of associated data in a
.NET Framework application by using collections. (Refer System.Collections namespace)
D: The TypeConverter class provides a unified way of converting different types of values to other
types and can not be used to move a type.


QUESTION 5
You work as an application developer at CertKingdom.com. You have recently created a custom
collection class named ShoppingList for a local supermarket. This custom class will include
ShoppinItem objects that have the public properties listed below.
* Name
* AisleNumber
* OnDiscount
You are required to enable users of your class to iterate through the ShoppingList collection, and
to list each product name and aisle number using the foreach statement.
You need to achieve this by declaring the appropriate code.
What code should you use?

A. public class ShoppingList : ICollection
{
// Class implementation
}
B. public class ShoppingList : IEnumerator, IEnumerable
{
// Class implementation
}
C. public class ShoppingList : Ilist
{
// Class implementation
}
D. public class ShoppingList : Enum
{
// Class implementation
}

Answer: B

Explanation:
You should implement the IEnumerable and IEnumerator interfaces of the System.Collections
namespace to ensure that your collection class supports foreach iteration. The IEnumerable
interface defines only one method named GetEnumerator that returns an object of type
IEnumerator of the System.Collections namespace and is used to support iteration over a
collection. The IEnumerator interface supports methods, such as Current , MoveNext , and Reset
to iterate through a collection. The Current method returns the current element of the collection.
The Move method positions the enumerator to the next available element of the collection. The
Reset method positions the enumerator before the first element of the collection.
Incorrect Answers:
A: You should not use the code that implements the ICollection interface because this interface is
used to define properties in a collection. Implementing this interface will not ensure that your
collection class supports foreach iteration because it does not inherit the IEnumerator interface.
C: You should not use the code that implements the Ilist interface because this interface is used to
define properties of a non-generic list of items accessed by index. Implementing this interface will
not ensure that your collection class supports foreach iteration because it does not inherit the
IEnumerator interface.
D: You should not use the code that inherits the Enum because this structure is used as a base
class for those classes that provide enumeration values. Inheriting the Enum structure will not
ensure that your collection class supports foreach iteration.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Monday, November 21, 2011

Free Microsoft 70-293 Q & A / Study Guide

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

QUESTION 1
You work as a network administrator for Certkingdom.com. The Certkingdom.com network consists of a single
Active Directory domain named Certkingdom.com. There are currently 120 Web servers running Windows
2000 Server and are contained in an Organizational Unit (OU) named ABC_WebServers
Certkingdom.com management took a decision to uABCrade all Web servers to Windows Server 2003.
You disable all services on the Web servers that are not required. After running the IIS Lockdown
Wizard on a recently deployed web server, you discover that services such as NNTP that are not
required are still enabled on the Web server.
How can you ensure that the services that are not required are forever disabled on the Web
servers without affecting the other servers on the network? Choose two.

A. Set up a GPO that will change the startup type for the services to Automatic.
B. By linking the GPO to the ABC_WebServers OU.
C. Set up a GPO with the Hisecws.inf security template imported into the GPO.
D. By linking the GPO to the domain.
E. Set up a GPO in order to set the startup type of the redundant services to Disabled.
F. By linking the GPO to the Domain Controllers OU.
G. Set up a GPO in order to apply a startup script to stop the redundant services.

Answer: B,E

Explanation: Windows Server 2003 installs a great many services with the operating system, and
configures a number of with the Automatic startup type, so that these services load automatically
when the system starts. Many of these services are not needed in a typical member server
configuration, and it is a good idea to disable the ones that the computer does not need. Services
are programs that run continuously in the background, waiting for another application to call on
them. Instead of controlling the services manually, using the Services console, you can configure
service parameters as part of a GPO. Applying the GPO to a container object causes the services
on all the computers in that container to be reconfigured. To configure service parameters in the
Group Policy Object Editor console, you browse to the Computer Configuration\Windows
Settings\Security Settings\System Services container and select the policies corresponding to the
services you want to control.
Reference:
Jill Spealman, Kurt Hudson & Melissa Craft, MCSE Self-Paced Training Kit (Exam 70-294);
Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory
Infrastructure, Microsoft Press, Redmond, Washington, 2004, p. 13:1-6


QUESTION 2
You are working as the administrator at Certkingdom.com. Certkingdom.com has headquarters in London and
branch offices in Berlin, Minsk, and Athens. The Berlin, Minsk and Athens branch offices each
have a Windows Server 2003 domain controller named ABC-DC01, ABC-DC02 and ABC-DC03
respectively. All client computers on the Certkingdom.com network run Windows XP Professional.
One morning users at the Minsk branch office complain that they are experiencing intermittent
problems authenticating to the domain. You believe that a specific client computer is the cause of
this issue and so need to discover the IP address client computer.
How would you capture authentication event details on ABC-DC02 in the Minsk branch office?

A. By monitoring the logon events using the SysMon utility.
B. By recording the connections to the NETLOGON share using the SysMon utility.
C. By recording the authentication events with the NetMon utility.
D. By monitoring the authentication events using the Performance and Reliability Monitor.

Answer: C

Explanation: The question states that you need to find out the IP address of the client computer
that is the source of the problem. Using Network Monitor to capture traffic is the only way to do
this.
Reference:

http://support.microsoft.com/default.aspx?scid=kb;en-us;175062

Martin Grasdal, Laura E. Hunter, Michael Cross, Laura Hunter, Debra Littlejohn Shinder, and Dr.
Thomas W. Shinder, Planning and Maintaining a Windows Server 2003 Network Infrastructure:
Exam 70-293 Study Guide & DVD Training System, Syngress Publishing, Inc., Rockland, MA,
Chapter 11, p. 826


QUESTION 3
You are working as the administrator at Certkingdom.com. Part of you job description includes the
deployment of applications on the Certkingdom.com network. To this end you operate by testing new
application deployment in a test environment prior to deployment on the production network.
The new application that should be tested requires 2 processors and 3 GB of RAM to run
successfully. Further requirements of this application also include shared folders and installation of
software on client computers. You install the application on a Windows Server 2003 Web Edition
computer and install the application on 30 test client computers.
During routine monitoring you discover that only a small amount of client computers are able to
connect and run the application. You decide to turn off the computers that are able to make a
connection and discover that the computers that failed to open the application can now run the
application.
How would you ensure that all client computers can connect to the server and run the application?

A. By running a second instance of the application on the server.
B. By increasing the Request Queue Limit on the Default Application Pool.
C. By modifying the test server operating system to Window Server 2003 Standard Edition.
D. By increasing the amount of RAM in the server to 4GB.

Answer: C

Explanation: Although Windows Server 2003 Web Edition supports up to 2GB of RAM, it
reserves 1GB of it for the operating system; only 1GB of RAM is available for the application.
Therefore, we need to install Window Server 2003 Standard Edition or Enterprise Edition to
support enough RAM.


QUESTION 4
You are an Enterprise administrator for Certkingdom.com. All servers on the corporate network run
Windows Server 2003 and all client computers run Windows XP.
The network contains a server named ABC-SR01 that has Routing and Remote Access service
and a modem installed which connects to an external phone line.
A partner company uses a dial-up connection to connect to ABC-SR01 to upload product and
inventory information. This connection happens between the hours of 1:00am and 2:00am every
morning and uses a domain user account to log on to ABC-SR01.
You have been asked by the security officer to secure the connection.
How can you ensure that the dial-up connection is initiated only from the partner company and that
access is restricted to just ABC-SR01? Choose three.

A. Set up the log on hours restriction for the domain user account to restrict the log on to between
the hours of 1:00am and 2:00am.
B. Set up a local user account on ABC-SR01. Have the dial-up connection configured to log on
with this account.
C. Set up the remote access policy on ABC-SR01 to allow the connection for the specified user
account between the hours of 1:00am and 2:00am.
D. Set up the remote access policy with the Verify Caller ID option to only allow calling from the
phone number of the partner company modem.
E. Set up the remote access policy to allow access to the domain user account only.

Answer: B,C,D

Explanation: To allow only the minimum amount of access to the network, ensure that only the
partner’s application can connect to your network over the dial-up connection, you need to first
create a local account named on ABC-SR01. You need to then add this account to the local Users
group and direct the partner company to use this account for remote access.
You can use a local account to provide remote access to users. The user account for a standalone
server or server running Active Directory contains a set of dial-in properties that are used
when allowing or denying a connection attempt made by a user. You can use the Remote Access
Permission (Dial-in or VPN) property to set remote access permission to be explicitly allowed,
denied, or determined through remote access policies.
Next, you need to configure a remote access policy on ABC-SR01 to allow the connection for only
the specified user account between 1 AM and 2 AM.
In all cases, remote access policies are used to authorize the connection attempt. If access is
explicitly allowed, remote access policy conditions, user account properties, or profile properties
can still deny the connection attempt.
You need to then configure the policy to allow only the specific calling station identifier of the
partner company’s computer. When the Verify Caller ID property is enabled, the server verifies the
caller’s phone number. If the caller’s phone number does not match the configured phone number,
the connection attempt is denied.
Reference: Dial-in properties of a user account

http://technet.microsoft.com/en-us/library/cc738142.aspx


QUESTION 5
You are an Enterprise administrator for Certkingdom.com. The company consists of an Active Directory
domain called ad.Certkingdom.com. All servers on the corporate network run Windows Server 2003. At
present there is no provision was made for Internet connectivity.
A server named ABC2 has the DNS server service role installed. The DNS zones on ABC2 are
shown below:

The corporate network also contains a UNIX-based DNS A server named ABC-SR25 hosts a
separate DNS zone on a separate network called Certkingdom.com. ABC-SR25 provides DNS services to
the UNIX-based computers and is configured to run the latest version of BIND and the Certkingdom.com
contains publicly accessible Web and mail servers.
The company has a security policy set, according to which, the resources located on the internal
network and the internal network’s DNS namespace should never be exposed to the Internet.
Besides this, according to the current network design, ABC-SR25 must attempt to resolve any
name resolution requests before sending them to name servers on the Internet.
The company plans to allow users of the internal network to access Internet-based resources. To
implement the security policy of the company, you decided to send all name resolution requests
for Internet-based resources from internal network computers through ABC2. You thus need to
devise a name resolution strategy for Internet access as well as configuring ABC2 so that it will
comply with the set criteria and restrictions.
Which two of the following options should you perform?

A. Have the Cache.dns file copied from ABC2 to ABC-SR25.
B. Have the root zone removed from ABC2.
C. ABC2 should be set up to forward requests to ABC-SR25.
D. Install Services for Unix on ABC2.
E. The root zone should be configured on ABC-SR25.
F. Disable recursion on ABC-SR25.

Answer: B,C

Explanation: To plan a name resolution strategy for Internet access and configure ABC2 so that it
sends all name resolution requests for Internet-based resources from internal network computers
through ABC2, you need to delete the root zone from ABC2. Configure ABC2 to forward requests
to ABC-SR25
A DNS server running Windows Server 2003 follows specific steps in its name-resolution process.
A DNS server first queries its cache, it checks its zone records, it sends requests to forwarders,
and then it tries resolution by using root servers.
The root zone indicates to your DNS server that it is a root Internet server. Therefore, your DNS
server does not use forwarders or root hints in the name-resolution process. Deleting the root
zone from ABC2 will allow you to first send requests to ABC2 and then forward requests to ABCSR25
by configuring forward lookup zone. If the root zone is configured, you will not be able to use
the DNS server to resolve queries for hosts in zones for which the server is not authoritative and
will not be able to use this DNS Server to resolve queries on the Internet.
Reference: How to configure DNS for Internet access in Windows Server 2003

http://support.microsoft.com/kb/323380

Reference: DNS Root Hints in Windows 2003

http://www.computerperformance.co.uk/w2k3/services/DNS_root_hints.htm

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Saturday, November 19, 2011

Free Microsoft 70-162 Exam Q & A/ Study Guide

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


QUESTION 1
You work as a Security Administrator at Certkingdom.com. The network consists of a single Active
Directory Domain Services (AD DS) domain with servers running Windows Server 2008 and client
computers running Windows 7 Professional.
A pool of Windows 2008 Servers hosts the Microsoft Exchange Server 2007 environment.
You have recently implemented Forefront Protection for Exchange Server (FPE) 2010 to improve
the security of the Microsoft Exchange Server 2007 environment.
You discover that some mailboxes have been infected by malware. However there are no
malware infection notifications in the Forefront Protection for Exchange Server Console.
You need to immediately check specific mailboxes to see if they are infected by the malware.
What should you do?

A. You should run a Forefront Client Security scan on the client computers.
B. You should use Forefront Protection for Exchange to perform a real-time scan of the mailboxes.
C. You should use Forefront Protection for Exchange to perform an on-demand scan of the
mailboxes.
D. You should install Microsoft Security Essentials on client computers.

Answer: C

Explanation:


QUESTION 2
You work as a Network Administrator at Certkingdom.com. Your responsibilities include the security of the
computers in the network. The network consists of a single Active Directory Domain Services (AD
DS) domain with servers running Windows Server 2008 and client computers running Windows 7
Professional.
A pool of Windows 2008 Servers hosts the Microsoft Exchange Server 2007 environment.
You have recently implemented Forefront Protection for Exchange Server (FPE) 2010 to improve
the security of the Microsoft Exchange Server 2007 environment.
How would you configure FPE to enable spam filtering?

A. By using the Forefront Management Shell to run the Set-FSEScheduledScan cmdlet.
B. By using the Forefront Management Shell to run Set-FseSpamFiltering the cmdlet.
C. By using the Forefront Management Shell to run the Set-FseSpamContentCheck cmdlet.
D. By using the Forefront Management Shell to run the Set-FSERealtimeScan cmdlet.

Answer: B

Explanation:


QUESTION 3
You are responsible for the security of the Certkingdom.com network. The network consists of a single
Active Directory Domain Services (AD DS) domain with servers running Windows Server 2008
and client computers running Windows 7 Professional.
The company uses Forefront Protection for Exchange Server (FPE) 2010 to protect the Microsoft
Exchange Server 2007 environment.
While monitoring the logs in the FPE console, you discover that users in the company have
received spam emails.
The subject line in each of the emails is: “Free access to our new online tournament!” You note
that the sender email address is spoofed to appear to be from a different domain for each email.
How can you block this spam attack in future?

A. You should configure an allowed sender custom filter in FPE.
B. You should configure a file filtering custom filter in FPE.
C. You should configure a keyword filtering custom filter in FPE.
D. You should configure a sender-domain custom filter in FPE.
E. You should configure a subject line filtering custom filter in FPE.

Answer: E

Explanation:


QUESTION 4
You work as a Network Administrator at Certkingdom.com. Your responsibilities include the security of the
computers in the network. The network consists of a single Active Directory Domain Services (AD
DS) domain named Certkingdom.com and includes servers running Windows Server 2008 and client
computers running Windows 7 Professional.
Four servers running Windows 2008 Server host the Microsoft Exchange Server 2007
environment.
Two servers named ABC-Edge1 and ABC-Edge2 are configured as Microsoft Exchange Edge
Transport servers.
Two servers named ABC-Mbox1 and ABC-Mbox2 are configured as Microsoft Exchange Mailbox
Servers and also run the Microsoft Exchange Hub Transport server roles.
You have recently implemented Forefront Protection for Exchange Server (FPE) 2010 to improve
the security of the Microsoft Exchange Server 2007 environment.
You need to configure email scanning in Forefront Protection for Exchange Server (FPE) 2010.
How should you configure FPE to scan all emails sent from within the Certkingdom.com domain to email
recipients in the Certkingdom.com domain?

A. You should configure FPE to perform Internal scanning on ABC-Mbox1 and ABC-Mbox2.
B. You should configure FPE to perform Internal scanning on ABC-Edge1 and ABC-Edge2.
C. You should configure FPE to perform Inbound scanning on ABC-Mbox1 and ABC-Mbox2.
D. You should configure FPE to perform Inbound scanning on ABC-Edge1 and ABC-Edge2.
E. You should configure FPE to perform Outbound scanning on ABC-Edge1 and ABC-Edge2.

Answer: A

Explanation:


QUESTION 5
You are responsible for the security of the Certkingdom.com network. The network consists of a single
Active Directory Domain Services (AD DS) domain named Certkingdom.com and includes servers running
Windows Server 2008 and client computers running Windows 7 Professional.
The network environment is secured using Microsoft Forefront.
A server named ABC-ShPoint1 runs Microsoft Office SharePoint Server 2010. The SharePoint
system is protected by Forefront Protection 2010 for SharePoint (FPSP).
How can you configure the environment to ensure that scanning is performed on all documents
that pass through the SharePoint Portal?

A. By logging into the SharePoint portal and configuring the scanning for uploaded and
downloaded documents.
B. By logging into the SharePoint Central Administration website and configuring the scanning for
uploaded and downloaded documents.
C. By logging into the Forefront Protection for SharePoint console and configuring the scanning for
uploaded and downloaded documents.
D. By logging into IIS Manager on the SharePoint Web Server and configuring the scanning for
uploaded and downloaded documents.
E. By logging into the Security Centre on the SharePoint Database Server and configuring the
scanning for uploaded and downloaded documents.

Answer: B

Explanation:

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Thursday, November 17, 2011

Microsoft 70-668 Q & A / Study Guide

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


QUESTION 1
What is the minimum number of servers required in the SharePoint farm to meet the technical
requirements?

A. 2 servers are required.
B. 4 servers are required.
C. 6 servers are required.
D. 8 servers are required.

Answer: B

Explanation:


QUESTION 2
Which of the following solutions should you configure to prevent users printing confidential
documents stored in SharePoint sites?

A. You should configure SQL Server administrative roles.
B. You should configure SQL Server permissions.
C. You should configure Active Directory Federation Services (AD FS).
D. You should configure Active Directory Rights Management Services (AD RMS).

Answer: D

Explanation:


QUESTION 3
Which of the following database solutions should you recommend to meet the technical
requirements?

A. You should recommend Network Load Balancing (NLB).
B. You should recommend database mirroring.
C. You should recommend database snapshots.
D. You should recommend SQL Server backups.

Answer: B

Explanation:


QUESTION 4
Which of the following solutions should you implement to meet the Excel Services technical
requirement?

A. You should perform in in-place upgrade.
B. You should perform a database attach upgrade.
C. You should export all lists that contain Excel files then import them into the new SharePoint
2010 environment.
D. You should upgrade Microsoft Office Excel 2007 on all computers to Microsoft Office Excel
2010.

Answer: A

Explanation:


QUESTION 5
How many content databases are required to meet the technical requirements?

A. 1
B. 2
C. 25
D. 26
E. 50

Answer: D

Explanation:

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Tuesday, November 15, 2011

Microsoft 70-291 Study Guide

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

TABLE OF CONTENTS

LIST OF TABLES

Topic 1: Installing and Deploying Windows Server 2003
Section 1.1: System Requirements
Section 1.2: Installing Windows Server 2003 from the CD-Rom
Section 1.3: Installing Windows Server 2003 from a Network Share
Section 1.4: Performing an Unattended Installation

1.4.1: Using an Unattended Answer File
1.4.2: Using the System Preparation Tool
1.4.3: Using Remote Installation Services (RIS)
Section 1.5: Windows Server 2003 Licensing
Section 1.6: Deploying Software Applications

1.6.1: Software Installation and Maintenance Technology
1.6.1.1: Acquiring and Modifying Software Packages
1.6.1.2: Deploying Software Packages
1.6.1.3: Assigning Software Packages
1.6.1.4: Publishing Software Packages
1.6.1.5: Deploying .zap Files
1.6.2: Upgrading Software
1.6.2.1: Mandatory Upgrades
1.6.2.2: Optional Upgrades
1.6.2.3: Redeploying Software
1.6.2.4: Removing or Disabling Software
1.6.3: Deploying Service Packs and Hotfixes
1.6.3.1: Installing Service Packs and Hotfixes
1.6.3.2: Removing a Service Pack or Hotfix
1.6.3.3: Slipstreaming Service Packs and Hotfixes
1.6.3.4: Adding Service Packs and Hotfixes to a Network Installation Share
1.6.3.5: Installing Multiple Hotfixes
1.6.4: Microsoft Software Update Services
1.6.4.1: Windows Update
1.6.4.2: Windows Update Catalog
1.6.4.3: Automatic Updates
1.6.4.4: Software Update Services
Section 1.7: The Windows Server 2003 Boot Process
1.7.1 Files Used in the Boot Process
1.7.2 The Boot.ini File
1.7.3: Advanced Boot Options
Section 1.8: The Recovery Console
1.8.1: Installing and Starting the Recovery Console
1.8.2: Using the Recovery Console

Topic 2: Configuring the Windows Server 2003 Network
Section 2.1: Creating Network Connections
Section 2.2: Configuring Automatic IP Addressing

2.2.1: DHCP Addressing
2.2.2: Automatic Private IP Addressing
2.2.3: The DHCP Lease Process
2.2.3.1: Automatic Lease Renewal
2.2.3.2: Manual Lease Renewal
2.2.4: DHCP and BOOTP Relay Agents
2.2.5: DHCP Backup and Fault Tolerance
Section 2.3: Testing IP Connections
2.3.1: Using the IPConfig Utility
2.3.2: Using the ping Utility
2.3.3: Using the tracert Utility
2.3.4: Using the net and nbtstat Utilities

Topic 3: Name Resolution
Section 3.1: NetBIOS Name Resolution
Section 3.2: Host Name Resolution
Section 3.3: Domain Name Space

3.3.1: DNS Zones
3.3.1.1: Zone Files
3.3.1.2: Resource Records
3.3.1.3: File Types
3.3.1.4: Zone Types
Section 3.4: Name Servers
3.4.1: Name Server Roles
3.4.2: Zone Transfers
3.4.3: Zone Transfer Security
3.4.4: Active Directory Integrated Zones
Section 3.5: Resolving Names
3.5.1 Forward Lookup Query
3.5.2 Reverse Lookup Query
3.5.3 DNS Recursion
Section 3.6: Installing the DNS Service
3.6.1: Configuring the DNS Service
3.6.2 Configuring a DNS Name Server
3.6.3 Creating Forward Lookup Zones and Reverse Lookup Zones
3.6.4 Configuring Clients for DNS
3.6.5: Configuring Dynamic DNS
3.6.5.1: Dynamic Updates
3.6.5.2: Secure Dynamic Updates
3.6.5.3 SRV Resource Records and A Resource Records
3.6.5.4 Creating Resource Records
3.6.5.5: Configuring Scavenging
Section 3.7: Troubleshooting DNS
3.7.1 Disabling DNS on an Interface

Topic 4: The Windows Server 2003 Network Infrastructure
Section 4.1: Directory Service Functionality
4.1.1: Simplified Administration
4.1.2: Scalability and Extensibility
Section 4.2: Active Directory Support for Client Computers
Section 4.3: Active Directory Structure

4.3.1: Logical Structure
4.3.1.1: Domains
4.3.1.2: Organizational Units (OUs)
4.3.1.3: Schema
4.3.2: Physical Structure
4.3.2.1: Sites
4.3.2.2: Domain Controllers
4.3.3: Domain Controller Roles
4.3.3.1: The Global Catalog
4.3.3.2: Master Operation Roles
4.3.3.3: PDC Emulator
4.3.3.4: RID Master
4.3.3.5: Infrastructure Master
4.3.3.6: Domain Naming Master
4.3.3.7: Schema Master
4.3.3.8: Seizing a Role Master
4.3.4: Renaming Domain Controllers
Section 4.4: Installing Active Directory Directory Services
4.4.1: The Database and Shared System Volume
4.4.2: Domain Functional Levels
4.4.2.1: Windows 2000 Mixed Domain Functional Level
4.4.2.2: Windows 2000 Native Domain Functional Level
4.4.2.3: Windows Server 2003 Domain Functional Level
4.4.3: Forest Functional Levels
Section 4.5: Active Directory Replication
4.5.1: Replication Within Sites
4.5.2: Replication Between Sites
4.5.2.1: Site Link Attributes
4.5.2.2: Site Link Bridges
4.5.3: Replication Latency
4.5.4: Resolving Replication Conflicts
4.5.5: Single Master Operations
Section 4.6: Active Directory Objects
4.6.1: Active Directory Naming Contexts
4.6.1.1: Application Naming Contexts
4.6.1.2: Configuration Naming Context
4.6.2: Moving Active Directory Objects
4.6.2.1: The MoveTree Utility
4.6.2.2: The ClonePrincipal
4.6.2.3: The Active Directory Migration Tool
4.6.3: Controlling Access to Active Directory Objects
4.6.4: Delegating Administrative Control
Section 4.7: Publishing Resources
4.7.1: Setting Up and Managing Published Printers
4.7.2: Setting Up and Managing Published Shared Folders
Section 4.8: Auditing Access to Active Directory Objects
4.8.1: Monitoring User Access to Shared Folders
4.8.1.1: Monitoring User Sessions
4.8.1.2: Sending Administrative Messages to Users

Topic 5: Creating and Managing User and Computer Accounts
Section 5.1: User Accounts

5.1.1: Local User Accounts
5.1.2: Domain User Accounts
5.1.2.1: Creating DomainUser Accounts
5.1.2.2: Copying Domain User Accounts
5.1.3: Built-In User Accounts
5.1.3.1: Administrator
5.1.3.2: Guest
5.1.3.3: HelpAssistant
5.1.3.4: Support_388945a0
Section 5.2: Computer Accounts
Section 5.3: Modifying User Accounts and Computer Accounts
Section 5.4: Group Accounts

5.4.1: Group Scope
5.4.2: Group Nesting
5.4.3: Creating Groups
5.4.4: Adding a User to a Group
Section 5.5: Managing The User Environment
5.5.1: User Profiles
5.5.1.1: Roaming User Profiles
5.5.1.2: Mandatory User Profiles
5.5.2: Administrative Templates
5.5.3: Desktop Security Settings
5.5.4: Group Policy Script Settings
5.5.5: Folder Redirection

Topic 6: Routing and Remote Access Service (RRAS)
Section 6.1: Routing and Remote Access Service Features
Section 6.2: Installation and Configuration
Section 6.3: Connecting to RRAS

6.3.1: Remote Access Protocols
6.3.2: The PPP Authentication Process
Section 6.4: Remote Access Security
6.4.1: Secure User Authentication
6.4.1.1: Mutual Authentication
6.4.1.2: Data Encryption
6.4.1.3: Callback
6.4.1.4: Caller ID
6.4.2: Managing Authentication
6.4.2.1: Windows Authentication
6.4.2.2: RADIUS Authentication and IAS
Section 6.5: Securing RRAS Clients
6.5.1: Remote Access Policies
6.5.2 The Connection Manager Administration Kit
Section 6.6: Virtual Private Networks (VNP)
6.6.1: VPN Protocols
6.6.2: Configuring VPN Protocols
6.6.3: IPSec and NAT Transversal
6.6.4: Integrating VPN in a Routed Network
6.6.5: Integrating VPN Servers with the Internet
6.6.6: Configuring Client VPN Settings
Section 6.7: RRAS Tools
Section 6.8: Routing

6.8.1: Routing Tables
6.8.1.1: Static Routing
6.8.1.2: Dynamic Routing
6.8.2: Routing Protocols
6.8.2.1: Routing Information Protocol (RIP)
6.8.2.2: Open Shortest Path First (OSPF)

Topic 7: Controlling Network Security
Section 7.1: Access Control List
Section 7.2: NTFS Permissions

7.2.1: NTFS Folder Permissions
7.2.2: NTFS File Permissions
7.2.3: Multiple NTFS Permissions
7.2.3.1: Cumulative Permissions
7.2.3.2: The Deny Permission
7.2.4: Setting NTFS Permissions
7.2.5: NTFS Permissions Inheritance
7.2.6: Assigning Special Access Permissions
7.2.6.1: Changing Permissions
7.2.6.2: Taking Ownership
Section 7.3: Copying and Moving Files and Folders
Section 7.4: Troubleshooting NTFS Permission Problems

Topic 8: Shared Files and Folders
Section 8.1: Shared Folder Permissions
Section 8.2: Shared Application Folders
Section 8.3: Data Folders
Section 8.4: Administrative Shared Folders
Section 8.5: Offline Files

8.5.1: Enabling Offline Files
8.5.2: Offline File Synchronization
Section 8.6: Combining Shared Folder Permissions and NTFS Permissions

Topic 9: Monitoring Network Resources
Section 9.1: Monitoring Access to Shared Folders
9.1.1: Monitoring Shared Folders
9.1.2: Modifying Shared Folder Properties
9.1.3: Monitoring Open Files
9.1.4: Disconnecting Users from Open Files
9.1.5: Monitoring Network Users
9.1.6: Monitoring User Sessions
9.1.7: Disconnecting Users
Section 9.2: Auditing
9.2.1: Using an Audit Policy
9.2.2: Using Event Viewer to View Security Logs
9.2.3: Setting Up Auditing
9.2.4: Auditing Object Access
9.2.4.1: Auditing Access to Files and Folders
9.2.4.2: Auditing Access to Printers
Section 9.3: Using Event Viewer
9.3.1: Viewing Security Logs
9.3.2: Locating Events
9.3.3: Managing Audit Logs
Section 9.4: Using Group Policy
Section 9.5: The Shutdown Event Tracker

Topic 10: Monitoring System Performance
Section 10.1: The System Monitor
Section 10.2: Adding Performance Counters
Section 10.3: Performance Logs and Alerts

10.3.1 Counter Logs and Tracer Logs
10.3.2 Alerts

INDEX

LIST OF TABLES
Table 1.1: Windows Server 2003 Minimum System Requirements
Table 1.2: Files Used in the Windows Server 2003 Boot Process
Table 1.3: ARC Path Naming Conventions
Table 1.4: Some Recovery Console Commands
Table 2.1: IPConfig Switches
Table 2.2: Ping Errors
Table 2.3: Nbstat Commands
Table 3.1: Top-Level Domains
Table 3.2: Zone Types
Table 4.1: Schema Active Directory Service Interface Objects
Table 4.2: Common Active Directory Objects
Table 4.3: Find Dialog Box Options
Table 4.4: Standard Active Directory Object Permissions
Table 5.1: The Dsadd Command-line Parameters
Table 5.2: The User Account Properties
Table 5.3: The Computer Account Properties
Table 5.4: The Dsmod Command-line Parameters
Table 5.5: The Dsadd Command-line Parameters
Table 5.6: Administrative Templates
Table 5.7: Desktop Security Settings
Table 5.8: Group Policy Settings to control the Network Environment
Table 5.9: Group Policy Settings to Control Access to the Administrative Tools
Table 6.1: Remote Access Policy Conditions
Table 6.2: Additional RADIUS Remote Access Policy Conditions
Table 6.3: Netsh Command-line Options
Table 6.4: Netsh global Commands
Table 6.5: Route Command Parameters
Table 7.1: Permission Inheritance Options
Table 7.2: Troubleshooting Permission problems
Table 8.1: Shared Folder Permissions
Table 9.1: Options for Filtering and Finding Events
Table 10.1: Some Useful Performance Counters

Implementing, Managing and Maintaining a
Microsoft Windows Server 2003
Network Infrastructure

Exam Code: 70-291
Certifications:

Microsoft Certified (MCP)
Microsoft Certified Systems Administrator (MCSA 2003) Core
Microsoft Certified Systems Engineer (MCSE 2003) Core

Prerequisites:
None

About This Study Guide
This Study Guide provides all the information required to pass the Microsoft 70-291 exam – Implementing,
Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure. It however, does not
represent a complete reference work but is organized around the specific skills that are tested in the exam.
Thus, the information contained in this Study Guide is specific to the 70-291 exam and not only to
Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure. It
includes the information required to answer questions related to the maintaining Windows Server 2003
environment, Windows 2000, Windows XP Professional, Windows NT, and Windows 98 that may be asked
during the exam. Topics covered in this Study Guide include: Installing Windows Server 2003,
Implementing, Managing, and Maintaining IP Addressing; Configuring TCP/IP Addressing on a Server
Computer; Managing DHCP; Managing DHCP Clients and Leases; Managing DHCP Relay Agent;
Managing DHCP Databases; Managing DHCP Scope Options; Managing Reservations and Reserved
Clients; Troubleshooting TCP/IP Addressing; Diagnosing and Resolve Issues Related To Automatic Private
IP Addressing (APIPA); Diagnosing and Resolve Issues Related To Incorrect TCP/IP Configuration;
Troubleshoot DHCP; Diagnosing and Resolving Issues Related to DHCP Authorization; Verifying DHCP
Reservation Configuration; Examining the System Event Log and DHCP Server Audit Log Files to Find
Related Events; Diagnosing and Resolve Issues Related To Configuration of DHCP Server and Scope
Options; Verifying the DHCP Relay Agent; Verifying Database Integrity; Implementing, Managing, and
Maintaining Name Resolution; Installing and Configuring the DNS Server Service; Configuring DNS
Server Options; Configuring DNS Zone Options; Configuring DNS Forwarding; Managing DNS; Manage
DNS Zone Settings; Manage DNS Record Settings; Manage DNS Server Options; Monitor DNS;
Implementing, Managing, and Maintaining Network Security; Implementing Secure Network
Administration Procedures; Using Security Templates; Monitoring Network Protocol Security;
Implementing, Managing, and Maintaining Routing and Remote Access; Configuring Routing and Remote
Access User Authentication; Configuring Remote Access Authentication Protocols; Configuring Internet
Authentication Service (IAS) To Provide Authentication for Routing and Remote Access Clients;
Configuring Routing and Remote Access Policies to Permit or Deny Access; Managing Remote Access;
Managing Packet Filters; Managing Routing and Remote Access Routing Interfaces; Managing Devices and
Ports; Managing Routing Protocols; Managing Routing and Remote Access Clients; Managing TCP/IP
Routing; Managing Routing Protocols; Managing Routing Tables; Managing Routing Ports; Implementing
Secure Access between Private Networks; Troubleshooting User Access to Remote Access Services;
Diagnosing and Resolving Issues Related To Remote Access VPNs; Diagnosing and Resolving Issues
Related To Establishing a Remote Access Connection; Diagnosing and Resolving User Access to Resources
beyond the Remote Access Server; Troubleshooting Routing and Remote Access Routing; Troubleshooting
Demand-Dial Routing; Troubleshooting Router-To-Router VPNs; Maintaining a Network Infrastructure;
Monitoring Network Traffic; Troubleshooting Connectivity to the Internet;

Intended Audience
This Study Guide is targeted specifically at people who wish to take the Microsoft MCSA / MCSE exam 70-
291 exam – Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network
Infrastructure. This information in this Study Guide is specific to the exam. It is not a complete reference
work. Although our Study Guides are aimed at new comers to the world of IT, the concepts dealt with in this
Study Guide are complex and require an understanding of material provided for the CompTIA A+,
Network+ and Server+ exams.

Note: There is a fair amount of overlap between the 70-291 and the 70-290
exams. Don’t skim over the information that seems familiar. Read over it
again to refresh your memory.

How To Use This Study Guide
To benefit from this Study Guide we recommend that you:

• Study each chapter carefully until you fully understand the information. This will require regular and
disciplined work.

• If possible, perform all the walk-throughs that are included in this Study Guide to gain practical
experience, referring back to the text so that you understand the information better. Remember, it is
easier to understand how tasks are performed by practicing those tasks rather than trying to memorize
each step.

• Be sure that you have studied and understand the entire Study Guide before you take the exam.

Note: Remember to pay special attention to these note boxes as they contain
important additional information that is specific to the exam.

Good luck!

Topic 1: Installing and Deploying Windows Server 2003
You can install Windows Server 2003 directly from the CD-Rom or from a network share. The Windows
Server 2003 installation process consists of five stages

Stage 1: Hard Drive Preparation: In text mode Setup checks the hard drive for consistency and errors. It
allows you to format and create the Windows Server 2003 partition if you need to and copies setup files to
the hard drive. Setup then reboots the computer.

Stage 2: Setup Wizard: The graphical user interface Setup Wizard gathers information from you; such as
regional settings, your name and organization, the Windows Server 2003 CD-key, and computer name. The
Windows Server 2003 Setup Program then creates the local Administrator user account and requests a
password for it.

Stage 3: Installing Network Components: After the Setup Wizard has gathered the necessary information
from you in Stage 2, it begins the network components installation. It detects your network adapter card;
allows you to choose which network components, such as the network client, file and printer sharing and
protocols, to install; allows you to join a workgroup or domain; and installs the components you have
chosen.

Stage 4: Completing the Installation: The Setup Wizard completes the installation by installing the startmenu
items and applying and saving the configuration settings you chose in the previous stages. It then
deletes the temporary setup files and reboots the computer.

Stage 5: Post Installation: After the installation is complete, you must perform the “Product Activation”
and configure your server. You should also check your device manager for undetected or nonfunctioning
hardware components.

Section 1.1: System Requirements
Before installing Windows Server 2003, you must ensure that the computer meets the minimum system
requirements for Windows Server 2003.

Table 1.1: Windows Server 2003 Minimum System Requirements

Component

Minimum Requirement
Processor Pentium 133 MHz (Pentium III 550 MHz recommended for Standard
Edition and Pentium III 733 MHz for Enterprise Edition)
Memory 128 MB Ram (256 MB Ram recommended)
Hard Disk Space 1.5 GB hard disk free space
Networking Standard network adapter card
Display Monitor and adapter with minimum resolution of the VGA standard
I/O devices CD-ROM, keyboard, mouse, or other pointing devices.

Section 1.2: Installing Windows Server 2003 from the CD-Rom
When installing Windows Server 2003 on a new computer from the CD-Rom you must boot directly from
the CD-Rom. Unlike Windows 2000, Windows Server 2003 does not support booting from boot disks.
Therefore, if your computer does not support booting from the CD-Rom, you must install Windows Server
2003 from a network share or from within an existing operating system.
Place the Windows Server 2003 installation disk in the CD-Rom and reboot the computer. During the boot
process you will be prompted to “press any key to boot from CD-Rom”. Once you have pressed a key
the installation of Windows Server 2003 will begin.

Section 1.3: Installing Windows Server 2003 from a Network Share
To install Windows Server 2003 over the network you must copy the i386 folder from the Windows Server
2003 Installation CD to a shared network folder. You must also ensure that the computer has a can connect
to the network share when it has booted.

Section 1.4: Performing an Unattended Installation
Microsoft allows for the automated installation of Windows Server 2003 through unattended installations.
There are three mechanisms through which an unattended installation can be performed. These are through:

• unattended answer files;
• disk imaging using the System Preparation Tool; and
• Remote Installation Services

1.4.1: Using an Unattended Answer File
The first mechanism you can use to perform an unattended installation of Windows Server 2003 is to use an
answer file. An answer file is an automated script that supply’s the Windows Server 2003 Setup program
with all the information it would require during the installation.

• You can use Setup Manager located in the deploy.cab file in the /support/tools folder of the Windows
Server 2003 Installation CD to create and modify an answer file or you can manually create the Answer
file. You can use Setup Manager to create an answer file for an unattended installation, a sysprep install,
and for a Remote Installation Services.

1.4.2: Using the System Preparation Tool
With disk imaging it is possible to install and configure Windows Server 2003 and all the applications and
application update packs on a test computer and then create an exact image of the hard drive that can then be
used to install Windows Server 2003 and the applications on other client computers. However, all the target
computers to which the image is to be applied must have the same hardware configuration as the test
computer. You will also have to change the computer name of all the target computers as each computer on
the network must have a unique name.

You should use the Sysprep, after installing and configuring Windows Server 2003, the applications and
application update packages on a test computer, to prepare the computer of disk imaging. You should then
run the disk imaging program after Sysprep has completed. Sysprep adds a mini-Setup Wizard to the disk
image that will request the user-specific information such as productID, user name, network configuration,
etc, on the first reboot of the target computer. This information can either be supplied by the user or by an
answer file.

1.4.3: Using Remote Installation Services (RIS)
Unlike Windows 2000 Server, Windows Server 2003 can be deployed using Remote Installation Services
(RIS). Remote installation is the process of connecting to Remote Installation Services (RIS) server from a
target computer and then performing an automated installation of Windows Server 2003 on the target
computer. This is the most effective method of deploying Windows Server 2003. Remote Installation allows
administrators to use a centrally located computer to install Windows Server 2003 on a target computer, i.e.
the computer on which the Windows Server 2003 operating system is to be installed, anywhere on a
network. It however requires that your network already has a Windows Server 2003 server infrastructure in
place and that the target computers support remote booting.

Section 1.5: Windows Server 2003 Licensing
The use of Windows Server 2003 requires two distinct types of licensing: a product license, i.e., the CDkey,
which allows you to install the Windows Server 2003 operating system on a computer; and a Client
Access License (CAL), which allows clients to connect to the Windows Server 2003 computer.
Windows Server 2003 provides three CAL modes: a per server mode, which sets the number of concurrent
users or clients that can log on to a specific Windows Server 2003 computer; a per user mode, which permits
an unlimited number of concurrent users to connect to the Windows Server 2003 computer, providing each
has a CAL; and a per device mode, which permits an unlimited number of concurrent client computers, or
devices, to connect to the Windows Server 2003 computer, providing that each device has a CAL.

Section 1.6: Deploying Software Applications
1.6.1: Software Installation and Maintenance Technology

The software installation and maintenance technology in Windows Server 2003 uses Group Policy in
conjunction with Windows Installer to automate and manage software installations, updates and removal
from a centralized location. Group Policy can be used to assign the software application to a group of users
that are members of an OU, and allows you to manage the various phases of software deployment.
There are four phases of software life cycle:

• Preparation: preparing the files that allows you to use Group Policy to deploy the application software.
This involves copying the Windows Installer package files to a software distribution point. The
Windows Installer application files can be obtained from the application’s vendor or can be created
through the use of third-party utilities.

• Deployment: the administrator creates a Group Policy Object (GPO) that installs the software on the
target computers and links the GPO to the appropriate Organizational Unit. During this phase the
software is installed.

• Maintenance: the software is upgraded with a new version or redeployed with a patch or a service pack.
MCSE 70-291

• Removal: to remove software that is no longer required, you must remove the Windows installer
package from the GPO that was used to deploy the software. The software is then automatically removed
when a user log on or when the computer restarts.

Windows Installer consists of Windows Installer service, which is a client-side service, and Windows
Installer package. Windows Installer package uses the .msi file extension that replaces the Setup.exe file and
contains all the information that Windows Installer services requires to install the software. The software
developer provides the Windows Installer package with the application. If a Windows Installer package does
not come with an application, you can create a Windows Installer package or repackage the application,
using a third-party utility. Alternatively you could create an application file (.zap) that uses the application’s
existing setup program. A .zap file is not a native Windows Installer package.

Advantages of using Native Windows Installer packages:
• Automatic File Repair when a critical application file becomes corrupt. The application automatically
returns to the installation source to retrieve a new copy of the file.

• Clean Removal without leaving orphaned files and without deleting shared files used by another
application.

• Transformable. You can customize a Windows Installer package to meet the requirements set by your
company by using authoring and repackaging tools. Transformed Windows Installer packages are
identified by the .mst file extension.

• Patches. Patches and upgrades can be applied to the installed applications. These patches use the .msp
file extension.

Note: A .zap file is not a native Windows Installer package and does not offer
the same benefits as Windows Installer packages. It therefore does not
support automatic repairing and cannot be transformed.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com