MCSE 70-293 Exam Quiz Test 2

50 Questions  I  By Saurabhsingh878
Please take the quiz to rate it.

MCSE Quizzes & Trivia
Hello FriendThis practice test helps you prepare for Microsoft certification exam 70-293, which counts toward MCSE certification. This practice test contains 50 questions, provided by Saurabh Singh.

  
Changes are done, please start the quiz.


Questions and Answers

Removing question excerpt is a premium feature

Upgrade and get a lot more done!
  • 1. 
    Which of the following methods can you use to reduce the amount of RIP traffic passing over the T-1 link to the home office?
    • A. 

      Set the Outgoing Packet Protocol setting to RIP Version 1 Broadcast

    • B. 

      Increase the Periodic Announcement Interval setting

    • C. 

      Set the Incoming Packet Protocol setting to RIP Version 1 Only

    • D. 

      Decrease the time Before Route Is Removed setting


  • 2. 
    On which of the RRAS configurations should you enable demand-dial routing?
    • A. 

      Neither

    • B. 

      Router01 only

    • C. 

      Router02 Only

    • D. 

      Both


  • 3. 
    In System Monitor, which performance object would you select to monitor the number of TCP/IP error messages transmitted and received by a computer?
    • A. 

      Network Interface

    • B. 

      TCPv4

    • C. 

      ICMP

    • D. 

      UDPv4


  • 4. 
    Which of the following are correct reasons that it is more critical to monitor DNS performance than DHCP or WINS performance?
    • A. 

      DNS servers might be accessible from the Internet, and DHCP and WINS servers are not.

    • B. 

      DNS servers are more likely to malfunction than DHCP or WINS servers.

    • C. 

      DNS server failures can have an immediate effect on network client performance.

    • D. 

      DNS servers have less effective monitoring tools.


  • 5. 
    Which of the following backup job types does not reset the archive bits on the files that it copies to the backup medium?
    • A. 

      Full

    • B. 

      Incremental

    • C. 

      Differential

    • D. 

      None of the above


  • 6. 
    Which of the following tape drive devices has the greatest capacity?
    • A. 

      LTO

    • B. 

      QIC

    • C. 

      DAT

    • D. 

      DLT


  • 7. 
    What is the approximate total amount of volatile data that you might have to back up each day?
    • A. 

      60 GB

    • B. 

      160 GB

    • C. 

      360 GB

    • D. 

      480 GB


  • 8. 
    Using the information in Table 6-1, which type of magnetic tape drive would best be suited for this network, assuming that you want to use only a single tape for your daily incremental backups?
    • A. 

      DLT

    • B. 

      8 mm

    • C. 

      QIC

    • D. 

      DAT


  • 9. 
    Which of the following System Monitor performance counters can you use to determine whether the DNS server is the target of a DoS attack?
    • A. 

      Segments Retransmitted/Sec in the TCPv4 performance object

    • B. 

      Zone Transfer Failure in the DNS performance object

    • C. 

      Datagrams Received/Sec in the UDPv4 performance object

    • D. 

      Total Query Received/Sec in the DNS performance object

    • E. 

      Messages/Sec in the ICMP performance object


  • 10. 
    Which of the following Nlb.exe commands do you use to shut down NLB operations on a cluster server without interrupting transactions currently in progress?
    • A. 

      Nlb drain

    • B. 

      Nlb params

    • C. 

      Nlb drainstop

    • D. 

      Nlb queryport


  • 11. 
    Which of the following failover policies provides the best compensation for multiple node failures?
    • A. 

      Failover pairs

    • B. 

      Hot-standby servers

    • C. 

      N+I

    • D. 

      Failover ring


  • 12. 
    You want to be able to use Network Load Balancing Manager, running on one of the Web servers, to configure all the servers in the NLB cluster. Other than this, very little noncluster communication between the Web servers is required. Which of the following communication models should you use to make this possible with the greatest economy? Explain your answer.
    • A. 

      Single network interface adapter in unicast mode

    • B. 

      Single network interface adapter in multicast mode

    • C. 

      Multiple network interface adapters in unicast mode

    • D. 

      Multiple network interface adapters in multicast mode


  • 13. 
    Which of the following storage hardware configurations should you use for the 4-node database server cluster? Explain your answer.
    • A. 

      Install a SCSI host adapter in each server and connect them all to a single SCSI bus

    • B. 

      Install a SCSI host adapter in each server and connect them all to a SCSI hub

    • C. 

      Install a Fibre Channel adapter in each server and connect them in an arbitrated loop

    • D. 

      Install a Fibre Channel adapter in each server and connect them all to a Fibre Channel switch


  • 14. 
    You have decided to partition your database server application to spread the load among the servers in the cluster. Which of the following failover policies will ensure that the entire database is constantly available without any server running multiple partitions, even if two servers fail? Explain your answer.
    • A. 

      Failover pairs. Split the database into two partitions and assign each one to an active server. Then, configure each of the active servers to fail over to one of the two remaining servers.

    • B. 

      Hot-standby server. Split the database into three partitions and assign each one to an active server. Then, configure each of the active servers to fail over to the one remaining server.

    • C. 

      N+I. Split the database into two partitions and assign each one to an active server. Then, configure each of the active servers to fail over to either one of the two remaining servers.

    • D. 

      Failover ring. Split the database into four partitions and assign each one to an active server. Then, configure each of the four servers to failover to the next server.


  • 15. 
    Which of the following Windows Server 2003 versions cannot function as a domain controller?
    • A. 

      Standard Edition

    • B. 

      Enterprise Edition

    • C. 

      Web Edition

    • D. 

      Datacenter Edition


  • 16. 
    Which of the following server roles require superior network performance?
    • A. 

      Domain controllers

    • B. 

      Infrastructure servers

    • C. 

      Web servers

    • D. 

      Database servers


  • 17. 
    Which of the following Windows Server 2003 features can you use to ensure that users supply passwords of a specified length?
    • A. 

      Audit policies

    • B. 

      Group policies

    • C. 

      Authentication protocols

    • D. 

      Access control lists


  • 18. 
    In which of the following folders on a Windows Server 2003 NTFS system drive with default permissions can a member of the Users group create a new file? (Choose all correct answers.)
    • A. 

      The root folder

    • B. 

      Documents And Settings

    • C. 

      The user’s home folder

    • D. 

      Windows


  • 19. 
    For which of the following account policies should you modify the default setting to prevent brute force attempts at password penetration?
    • A. 

      Minimum Password Age

    • B. 

      Store Passwords Using Reversible Encryption

    • C. 

      Account Lockout Threshold

    • D. 

      Enforce User Logon Restrictions


  • 20. 
    Which of the following policy modifications could you make to ensure that user passwords cannot be intercepted by analyzing captured packets?
    • A. 

      Change the Enforce Password History value to 10.

    • B. 

      Enable the Password Must Meet Complexity Requirements policy.

    • C. 

      Change the Account Lockout Threshold value to 3.

    • D. 

      Disable the Store Passwords Using Reversible Encryption policy.


  • 21. 
    Which of the following policy modifications would make it harder for intruders to penetrate user passwords by trial and error? (Choose all correct answers.)
    • A. 

      Change the Reset Account Logon Counter After value to 60 minutes.

    • B. 

      Enable the Password Must Meet Complexity Requirements policy.

    • C. 

      Change the Account Lockout Threshold value to 10.

    • D. 

      Enable the Minimum Password Age policy and set its value to 3.


  • 22. 
    You have discovered that some users are bypassing your security requirements by changing their passwords as required, and then immediately changing them back again. Which of the following policy changes would prevent this practice? (Choose all correct answers.)
    • A. 

      Change the Account Lockout Duration value to 600.

    • B. 

      Enable the Minimum Password Age policy and set its value to 28.

    • C. 

      Change the Enforce Password History value to 10.

    • D. 

      Change the Reset Account Logon Counter After value to 60.


  • 23. 
    Which of the following audit policies enables you to tell what applications were running when a security event occurred?
    • A. 

      Audit Object Access

    • B. 

      Audit Privilege Use

    • C. 

      Audit Process Tracking

    • D. 

      Audit System Events


  • 24. 
    After installing several member servers running Windows Server 2003 on your Active Directory network, you want to deploy a baseline security configuration that you have designed for the member servers only, using group policies. Which of the following tasks must you perform to accomplish this objective? (Choose all correct answers.)
    • A. 

      Create a new organizational unit

    • B. 

      Move the computer objects representing the member servers

    • C. 

      Create a new GPO

    • D. 

      Modify the domain GPO

    • E. 

      Apply a GPO to an organizational unit


  • 25. 
    With which of the following Active Directory object types can you associate a GPO? (Choose all correct answers.)
    • A. 

      Domain

    • B. 

      Computer

    • C. 

      Site

    • D. 

      Organizational unit

    • E. 

      Container


  • 26. 
    Which of the following tasks can users not perform when you enable the Security Options policy, Microsoft Network Server: Digitally Sign Communications (Always) on a computer running Windows Server 2003?
    • A. 

      Submit jobs to a print queue on the server

    • B. 

      View the print queues on the server

    • C. 

      Install printer drivers stored on the server

    • D. 

      Create printer shares on the server


  • 27. 
    Enabling which of the following audit policies is likely to require changing the Maximum Security Log Size value as well?
    • A. 

      Audit Process Tracking

    • B. 

      Audit Policy Change

    • C. 

      Audit Account Logon Events

    • D. 

      Audit Directory Service Access


  • 28. 
    Although Windows Server 2003 creates a GPO for the Domain Controllers container with default role-specific policy settings in it, you have other policy settings that you want to apply to your domain controllers. Which of the following methods can you use to apply these settings? (Choose all correct answers.)
    • A. 

      Modify the policy settings in the Domain Controllers container’s existing GPO.

    • B. 

      Create a new organizational unit object and create a GPO for it containing the desired policy settings. Then, move the Domain Controllers container to make it a child of the new object.

    • C. 

      Create a second GPO for the Domain Controllers container.

    • D. 

      Create a new child organizational unit object beneath the Domain Controllers container object, and then create a GPO for the new object containing the desired policy settings.


  • 29. 
    When creating a GPO for an organizational unit called Servers, you define a particular audit policy and configure it to audit successes only. When creating a GPO for an organizational unit called Infrastructure, which is a child of the Servers organizational unit, you configure the same policy to audit failures only. What is the effective value of that policy for a computer object in the Infrastructure container?
    • A. 

      Undefined

    • B. 

      Success only

    • C. 

      Failure only

    • D. 

      Success and Failure


  • 30. 
    For the domain controllers, you want to capture as much auditing information as possible, and you have decided to configure all the audit policies in the Domain Controllers container’s GPO to audit both successes and failures. Which of the following policies should you also configure to accomplish this goal? (Choose all correct answers.)
    • A. 

      Increase the default value of the Event Log policy, Maximum System Log Size

    • B. 

      Enable the Security Options policy, Audit: Audit the Use Of Backup and Restore Privilege.

    • C. 

      Increase the default value of the Event Log policy, Maximum Security Log Size.

    • D. 

      Disable the Security Options policy, Microsoft Network Client: Digitally Sign Communications (Always)


  • 31. 
    Which of the following system service policies should you set in the Domain Controllers container’s GPO with a startup type of Automatic? (Choose all correct answers.)
    • A. 

      File Replication Service

    • B. 

      Routing and Remote Access

    • C. 

      Intersite Messaging

    • D. 

      Kerberos Key Distribution Center

    • E. 

      Remote Procedure Call (RPC) Locator


  • 32. 
    Each file and print server has one printer and two hard drives for user data storage in addition to the system drive. You want users to be able to access the data drives on all the servers using a single directory structure and you want all users on the network to be able to send jobs to the printer on every server. Which of the following policy settings should you include in the FilePrint container’s GPO? (Choose all correct answers.)
    • A. 

      Add the shares on the file and print server drives to the Network Access: Shares That Can Be Accessed Anonymously security option.

    • B. 

      Enable the Print Spooler service.

    • C. 

      Disable the Microsoft Network Server: Digitally Sign Communications (Always) security option.

    • D. 

      Enable the Distributed File System service.


  • 33. 
    Which of the following policy changes can you configure in the GPO for the Web- Svrs container to add protection from Internet intruders?
    • A. 

      Enable the Network Access: Do Not Allow Anonymous Enumeration Of SAM accounts and Shares security option

    • B. 

      Enable the Accounts: Rename Administrator Account security option

    • C. 

      Revoke the Administrators group’s Debug Programs user right

    • D. 

      Disable the Interactive Logon: Do Not Require CTRL+ALT+DEL security option


  • 34. 
    A user calls your company’s network help desk to report that she has just sent a large print job to her departmental print server by mistake and wants to delete it from the print queue. However, when she tries to access the queue, she receives the error message “Unable to connect. Access denied.” You log on from your workstation with the user’s account and are able to access the print queue in the normal manner. Which of the following could be the problem?
    • A. 

      The Microsoft Network Server: Digitally Sign Communications (Always) security option is enabled on the print server.

    • B. 

      The Microsoft Network Server: Digitally Sign Communications (Always) security option is enabled on the user’s workstation.

    • C. 

      The Microsoft Network Client: Digitally Sign Communications (Always) security option is enabled on the print server.

    • D. 

      The Microsoft Network Client: Digitally Sign Communications (Always) security option is enabled on the user’s workstation.


  • 35. 
    In an effort to cooperate with your company’s new emphasis on security, you have used GPOs to enable all the available audit policies on the computers that are running Windows Server 2003. A few days after making these changes, you unlock the data center to find that your domain controller has shut down during the night. Which of the following modifications might prevent this from happening again? (Choose all correct answers.)
    • A. 

      Revoke the Administrators group’s Debug Programs user right.

    • B. 

      Increase the default value specified in the Maximum Security Log Size policy.

    • C. 

      Disable the Shutdown: Allow System to Be Shut Down Without Having To Log On security option.

    • D. 

      Disable the Audit: Shut Down System Immediately If Unable To Log Security audits security option.


  • 36. 
    You are the new administrator for an Active Directory network, and while it is clear that someone has changed the security configuration of the network’s domain controllers, your predecessor left no records of the exact changes he made. Which of the following security templates should you apply to the domain controllers to restore their default security settings, and then implement the highest possible level of security?
    • A. 

      Compatws.inf and then Securedc.inf

    • B. 

      Securedc.inf and then Hisecdc.inf

    • C. 

      Hisecdc.inf and then Setup Security.inf

    • D. 

      DC Security.inf and then Hisecdc.inf

    • E. 

      Setup Security.inf and then Securedc.inf


  • 37. 
    When you use the Security Configuration And Analysis snap-in to export a template, where do the settings in the new template come from?
    • A. 

      From the computer’s current security settings

    • B. 

      From the snap-in’s currently loaded database

    • C. 

      From the security template you imported into the database

    • D. 

      From a Group Policy Object you specify


  • 38. 
    After receiving the security templates from the consultant, you examine one of them by creating a new database in the Security Configuration And Analysis snapin on one of your Web servers, importing the new security template into the database, and performing an analysis. While examining the results of the analysis, you notice that there are quite a few discrepancies between the security settings you have configured on the computer and the settings in the template. You decide that you want to use a combination of the settings in the template and the settings you have already configured on the computer. Which of the following procedures should you use to create a composite security configuration and implement it on all your Web servers?
    • A. 

      In the new database you created, modify the values of the policies corresponding to the template settings you want to use. Then export the database to a new template and apply it to the Web servers’ organizational unit object.

    • B. 

      In the new database you created, modify the values of the policies corresponding to the current computer settings you want to use. Then export the database to a new template and apply it to the Web servers’ organizational unit object.

    • C. 

      Export the database to a new template without making any changes and apply it to the Web servers’ organizational unit object.

    • D. 

      Use the Secedit.exe program to apply only the individual policy settings from the template you want to use on the Web servers.


  • 39. 
    Which of the following tools can you use to compare the templates supplied by the consultant with the security configurations you have already created on your servers? (Choose all answers that are correct.)
    • A. 

      The Security Templates snap-in

    • B. 

      Secedit.exe

    • C. 

      The Security Configuration and Analysis snap-in

    • D. 

      The Group Policy Object Editor console


  • 40. 
    To deploy the security templates, you begin by creating an organizational unit object for each server role in your Active Directory tree. Which of the following procedures can you use to apply the security templates to the organizational units?  
    • A. 

      Use the Security Templates snap-in to create Group Policy Objects for each organizational unit using the supplied templates.

    • B. 

      Apply the templates to the correct organizational units using the Security Configuration and Analysis snap-in.

    • C. 

      Use Secedit.exe to apply the security templates to the appropriate Group Policy Objects.

    • D. 

      Create a Group Policy Object for each organizational unit and apply the appropriate template to it using the Group Policy Object Editor console.


  • 41. 
    Based on this information, which of the following statements is true?
    • A. 

      None of the three administrators has correctly configured the new domain controllers with the appropriate security settings.

    • B. 

      One of the three domain controllers is correctly configured with the appropriate security settings; the other two are not.

    • C. 

      Two of the three domain controllers are correctly configured with the appropriate security settings; the other one is not.

    • D. 

      All three of the new domain controllers are correctly configured with the appropriate security settings.


  • 42. 
    Which of the following pieces of information is not included as part of a digital certificate?
    • A. 

      Validity period

    • B. 

      Private key

    • C. 

      Signature algorithm identifier

    • D. 

      Public key


  • 43. 
    Which of the following types of certificates can be issued only by an enterprise certification authority?
    • A. 

      IPSec

    • B. 

      Smart card logon

    • C. 

      Software code signing

    • D. 

      Wireless network authentication


  • 44. 
    Which of the following modifications to a certificate configuration does not increase the burden on the CA’s processor?
    • A. 

      Increasing the key length

    • B. 

      Increasing the certificate’s lifetime

    • C. 

      Issuing new keys with each certificate renewal

    • D. 

      Changing the certificate type


  • 45. 
    Where does a root CA obtain its own certificate?
    • A. 

      From a third-party certification authority

    • B. 

      From a subordinate CA

    • C. 

      From another root CA

    • D. 

      From itself


  • 46. 
    Which of the following tools does an administrator use to manually issue certificates to clients of a stand-alone CA?
    • A. 

      The Certificates snap-in

    • B. 

      The Certification Authority console

    • C. 

      The Web Enrollment Support interface

    • D. 

      The Certificate Templates snap-in


  • 47. 
    Which of the following must a user have to receive certificates from an enterprise CA using auto-enrollment? (Choose all correct answers.)
    • A. 

      Permission to use certificate templates

    • B. 

      Membership in an organizational unit to which administrators have applied a Group Policy Object

    • C. 

      Access to Active Directory

    • D. 

      Access to the Certificates snap-in


  • 48. 
    After the initial deployment of the PKI, which of the CAs can safely be taken offline? (Choose all correct answers.)
    • A. 

      The root CA

    • B. 

      The intermediate CAs

    • C. 

      One of the issuing CAs at each office with an intermediate CA

    • D. 

      All the issuing CAs


  • 49. 
    Does the PKI design described here satisfy all the specified goals?
    • A. 

      . Yes, the design satisfies all the specified goals.

    • B. 

      No, the design satisfies the goals for the network’s internal users, but not for the external users.

    • C. 

      No, the design satisfies all the stated goals except for the goal of smart card logons.

    • D. 

      No, the design does not satisfy any of the stated goals.


  • 50. 
    Which of the following procedures can you use to ensure that only the employees in the R&D department receive certificates for smart card logons, EFS, and IPSec?
    • A. 

      Grant the R&D users the permissions they need to access the Certificates console, which they can use to request the appropriate certificates.

    • B. 

      Using Group Policy objects turn off auto-enrollment for the domain and enable auto-enrollment for an organizational unit containing the R&D users.

    • C. 

      Grant the R&D users permission to use the Smartcard Logon, Basic EFS, and IPSec certificate templates.

    • D. 

      Install the Certificate Services Web Enrollment Support module and restrict access to the certificate enrollment Web pages to the R&D users.


Back to top

Removing ad is a premium feature

Upgrade and get a lot more done!
Take Another Quiz
We have sent an email with your new password.