| 1. You administer a native-mode Windows
2000 Network. You have just installed the Routing and Remote
Access Service on a Windows 2000 Server computer and attached
a single modem. Several employees from the sales department
use the dial-up connection to access resources on the network
while they are on the road. You discover that the sales
people are being prevented from accessing the network because
of some employees, who work at home, are using the dial-up
connection to check their e-mail during the day. You want
to prevent all employees except for the remote sales people,
from dialing up to the RRAS server during business hours.
Which of the following actions should you take to
accomplish your objective?
A. Configure the dial-in properties for all users
to Deny Access and grant the remote sales people Allow
access permissions.
B. Configure the RRAS server for demand-dial routing connections.
C. Configure a remote access policy on the RRAS server.
D. Configure a Group Policy Object for the domain.
Answer: C
To enable only the remote sales people to dial-in
to the RRAS server, you should configure a remote access
policy on the RRAS server. Remote access policies specify
who is authorized to access a RRAS server. Remote access
policies will enable you to configure time constraints
for users. By selecting the user's dial-in permission
to "Control access through Remote Access Policy",
the user's permissions will be configured according
to the remote access policies that currently exist.
In this scenario, you should configure all users dial-in
permissions (except for the remote sales people) to "Control
access through Remote Access Policy". Then create
a remote access policy that will deny access during
regular business hours. Then set the remote sales people's
dial-in permissions to Allow access.
Option A would deny dial-in access at all times. You
only want to restrict access during business hours.
Demand-dial routing connections support inbound and
outbound connections. This setting will not accomplish
your objective.
Group Policy Objects (GPOs) cannot be used to control
remote access.
Objective 6: "Configuring and Troubleshooting
Windows 2000 Network Connections"
2. After installing Windows 2000 Server on a new computer, you try and
boot the computer but it fails. You receive an error message stating
that the Boot.ini file is missing. The computer's system partition
has been formatted with NTFS, so it is not possible to use an MS-DOS
floppy to boot the system and then copy the missing file from the Windows
2000 CD.
Which of the following describes the simplest solution
to the problem in this scenario?
A. You should use the latest System State backup to
restore the missing file to the Windows 2000 Server
computer.
B. Boot the computer using Safe mode from the Advanced Options menu and
then copy the missing file from a Windows 2000 CD.
C. You should use the ERD to boot the computer and then restore the missing
file to the Windows 2000 Server computer.
D. You should use the Recovery Console to copy the missing file from
the Windows 2000 CD.
Answer: D
The Boot.ini file is accessed during the Windows 2000
boot sequence and is used to build the operating system
menu choices that appear during startup. It also indicates
the location of the boot partition. If the Boot.ini
file is missing or corrupt, the boot sequence will
fail. An error message should appear indicating the
missing or corrupt file. In this scenario, the best
way to restore the missing Boot.ini file would be to
start the computer with a Windows 2000 CD, and then
use the Recovery Console to copy the missing file from
the Windows 2000 CD. Alternatively, you can install
the Recovery Console in advance so that it will appear
as an option in the startup menu. To do this, go the
I386 directory on the Windows 2000 CD and run Winnt32
/cmdcons.
The Emergency Repair Disk (ERD) will check the basic
system, System files, partition boot sector, startup
environment, and the Registry of a computer and will
copy missing or corrupt files from a Windows 2000 CD.
The ERD is not a bootable disk and can only be accessed
through the Windows 2000 CD or Windows 2000 Setup disks
created from the CD. In this scenario, you could not
have created an ERD because you have never successfully
booted the computer.
You cannot start the computer using Safe mode because
a critical file for the boot process is missing.
Using the latest System State backup to restore the
missing file is not a viable solution because you have
just installed the operating system on the computer
and therefore have not had the chance to backup the
system.
Objective 5: "Managing, Configuring, and Troubleshooting
Storage Use"
3. The network you administer includes Windows 2000
computers and NetWare servers. The Windows 2000 computers
have been configured to use only TCP/IP for all network
communication. The NetWare servers have been configured
to use only IPX/SPX. You have just installed a new
Windows 2000 Server computer on the network. You have
installed two network adapters in the new Windows 2000
Server computer so that it can use one of the adapters
for all communications with Windows 2000 computers,
and use the other adapter for all communications with
the NetWare servers. You must now configure the network
interfaces with the appropriate components.
Which of the following components should be installed
on the NetWare interface? (Choose all that apply)
A. Gateway Services for NetWare
B. Client for Microsoft Networks
C. File and Printer Sharing for Microsoft Networks
D. NWLink NetBIOS
E. NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
F. NetBEUI protocol
G. Internet Protocol (TCP/IP)
Answer: A, D, E
Gateway Services for NetWare (GSNW) should be installed
on a Windows 2000 Server computer to enable Windows
2000 clients to access NetWare resources through the
Windows 2000 Server computer. The NWLink NetBIOS protocol
enables computers to recognize other computers by using
NetBIOS computer names. NWLink IPX/SPX/NetBIOS Compatible
Transport Protocol is Microsoft's implementation of
the IPX and SPX protocols used by NetWare networks.
These three components must be enabled on the interface
that will be used to communicate with the NetWare servers.
The Client for Microsoft Networks component enables
the local computer to access resources on a Microsoft
network. Install this component on the interface that
will be used to communicate with Windows 2000 computers.
File and Printer Sharing for Microsoft Networks enables
other computers to access resources on the local computer
within a Microsoft network. Install this component
on the interface that will be used to communicate with
Windows 2000 computers.
NetBEUI is a fast, non-routable protocol designed
for use on small networks.
Internet Protocol (TCP/IP) is the most commonly used
wide area network protocol. Install this component
on the interface that will be used to communicate with
Windows 2000 computers.
Objective 6: "Configuring and Troubleshooting
Windows 2000 Network Connections"
4. You administer a network for a large company. You are about to install
a Windows 2000 Server computer that will be configured as a domain
controller that will provide mission-critical services. Therefore,
the server must be as reliable as possible. You are at the stage of
planning the disk configuration. Expense is not an issue, and you want
a fault tolerant system that performs as well as possible.
Which of the following disk configurations should
you use?
A. Mirrored Volumes
B. Striped Volumes
C. RAID-5 Volumes
D. Spanned Volumes
Answer: C
RAID-5 volumes provide fault tolerance and high performance.
RAID-5 volumes are similar to striped volumes because
they stripe data over multiple disks. A minimum of
three disks is required for a RAID-5 volume. RAID-5
places a parity stripe across all the disks in the
volume and uses this parity stripe to rebuild the volume
in case one disk fails. There are two ways to implement
RAID-5; Hardware RAID and software RAID offered by
Windows 2000. Hardware RAID uses special disk controllers
and specific drives and is therefore, more fault tolerant
and easier to recover from. Software RAID is implemented
through software and requires no special hardware.
Because expense is not an issue, you would most likely
want to use hardware RAID.
A mirrored volume configuration consists of two dynamic
disks in which one disk is a copy of another. Mirrored
volumes provide fault tolerance because if one disk
fails, the data on it can be restored from the other
disk. In other words, data saved to the primary disk
is mirrored to the secondary disk. This configuration
provides enhanced read performance because the head
that is closest to the requested data will provide
that data to the operating system. However, disk write
performance suffers slightly from the mirrored volume
configuration because one disk controller is responsible
for writing to two disks.
A striped volume usually provides the best read and
write performance. Striped volumes store data in equal
stripes across two or more dynamic disks. Because the
data is written sequentially in the stripes, multiple
read/write operations can occur simultaneously and
therefore increase the read/write performance. Striped
volumes do not provide fault tolerance.
A spanned volume consists of two or more dynamic disks
configured as a single volume. Data is written sequential
starting with one and then continuing to the next as
space on the first is used up. Performance is the same
as on a simple volume. A spanned volume does not provide
fault tolerance.
Objective 5: "Managing, Configuring, and Troubleshooting
Storage Use"
5. Your network includes Windows NT 4.0 users. You
have configured a system policy that prevents these
users from being able to browse shared network resources
using Network Neighborhood. The same Windows NT 4.0
users connect to a Windows 2000 Server computer running
Terminal Services in order to access several applications.
The Windows NT 4.0 users are able to browse shared
network resources through the Terminal Services computer.
You must prevent the Windows NT 4.0 users from having
access to these shared network resources?
Which of the following actions should you take to
accomplish your objective?
A. Configure a Group Policy object on the Terminal
Services computer.
B. Configure a system policy and save it to the Sysvol folder on a domain
controller.
C. Implement the Highly Secure security policy on the Terminal Services
computer.
D. Implement a mandatory user profile for each Windows NT user.
Answer: A
To prevent the Windows NT 4.0 users from accessing
shared network resources through the Terminal Services
computer, you should configure a GPO on the Terminal
Services computer which includes the appropriate policies.
The system policy in this scenario prevents Windows
NT 4.0 users from browsing the network when they log
on to their domain accounts from Windows NT 4.0 computers.
When a Windows NT 4.0 user connects to a Terminal Services
computer, they are required to log on again. System
policies only apply to Windows NT 4.0 computers. Therefore,
when Windows NT 4.0 users log on to the Windows 2000
Server computer running Terminal Services, the system
policy will no longer apply to that user. A GPO applied
to the Terminal Services computer will enable you to
apply the same restrictions to the Windows NT 4.0 users
when they connect to the Terminal Services computer.
A highly secure security policy should not be used
in this scenario.
Mandatory user profiles are created by administrators
and saved with the .man extension so that users are
unable to modify the profile in any way. Mandatory
user profiles should not be used in this scenario.
Objective 7: "Implementing, Monitoring, and Troubleshooting
Security"
|
