MCSA 70-290 Exam Questions

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Lexx_vnl
L
Lexx_vnl
Community Contributor
Quizzes Created: 1 | Total Attempts: 494
| Attempts: 494 | Questions: 173
Please wait...
Question 1 / 173
0 %
0/100
Score 0/100
1. What are the minimum NTFS permissions required to allow users to open docu
ments and run programs stored in a shared folder?

Explanation

The minimum NTFS permissions required to allow users to open documents and run programs stored in a shared folder is "Read & Execute". This permission allows users to view and open files, as well as execute programs and scripts within the folder. It does not grant the ability to modify or delete files, ensuring that the integrity of the shared folder is maintained.

Submit
Please wait...
About This Quiz
MCSA 70-290 Exam Questions - Quiz

Are you aspiring to be an information technology expert and are now working towards being a Microsoft certified solutions associate? The quick test below is set to help... see moreyou better prepare for the final exam towards getting the certification. Give it a try and all the best in the exams. see less

2. You have a database of users that is capable of exporting CSV files, select statements that are true.

Explanation

You can use a CSV file for importing user data into Active Directory. Windows Server 2003 will
fill in missing values with default values where possible, but if a mandatory item is missing from the file, then errors will occur during importing and the object will not be created.

Submit
3. What credentials are required for administration of a remote computer using the
MMC?

Explanation

To administer a remote computer using the MMC (Microsoft Management Console), administrative credentials are required. Administrative credentials provide the necessary privileges and permissions to perform administrative tasks on the remote computer. These credentials give the user the authority to make changes, configure settings, and manage various aspects of the remote computer's operations. Without administrative credentials, the user would not have the necessary access and permissions to perform these administrative tasks.

Submit
4. To monitor potential dictionary attacks against user passwords in your enterprise,
what is the single best auditing policy to configure, and what log or logs will you
evaluate?

Explanation

The Audit Policy to audit Account Logon failures is the most effective policy to specify under
these circumstances. Failed logons will generate events in the Security logs of all domain controllers.

Submit
5. A user, John, reports that his profile settings are not roaming properly when he logs on
to various computers on the network. John can log on to any computer in the environment
successfully, but his desktop wallpaper, shortcuts, and other preferential settings
are different on each computer.
You check the profile path in the user account properties, and see that it is set to
“D:\profiles\John”. You confirm that there is a folder named John in the profiles folder
on the D: drive of Server01, which is the server that contains the user profiles for the
network. The shared folder hosted off the profiles folder is also called Profiles.
Other users’ profiles are roaming correctly.
What should you do to fix the problem?

Explanation

The correct answer is to set the profile path for John to \\Server01\Profiles\%Username%. This will ensure that John's profile settings are properly roaming when he logs onto various computers on the network. By setting the profile path to the correct network location, John's desktop wallpaper, shortcuts, and other preferential settings will be consistent across all computers. Resetting John's password, setting the home directory, or copying the profile will not address the issue of his profile settings not roaming properly.

Submit
6. Which of the following LDIFDE commands changes the function of LDIFDE from
export to import?

Explanation

The LDIFDE command is used to import and export data from Active Directory. The "-i" option is used to change the function of LDIFDE from export to import. This means that when the command is executed with the "-i" option, it will import data into Active Directory instead of exporting it.

Submit
7. A folder is shared on a FAT32 volume. The Project Managers group is given Allow
Full Control permission. The Project Engineers group is given Allow Read permis
sion. Julie belongs to the Project Engineers group. She is promoted and is added
to the Project Managers group. What are her effective permissions to the folder?

Explanation

When Julie is promoted and added to the Project Managers group, her effective permissions to the folder would be Full Control. This is because the Project Managers group has been given Allow Full Control permission to the folder. As Julie now belongs to this group, she inherits the same permissions as the group, which means she also has Full Control over the folder.

Submit
8. Can an existing MMC snap-in be changed from local to remote context, or must a
snap-in of the same type be loaded into the MMC for remote connection?

Explanation

A snap-in’s context might be changed by accessing the properties of the snap-in. A snap-in does
not have to be reloaded to change its configuration

Submit
9. Which of the following are firewall-related constraints relating to Remote Assistance?

Explanation

Port 3389 must be open in order to establish a Remote Assistance connection. This port is used by the Remote Desktop Protocol (RDP) to allow communication between the two devices. By opening this port, the firewall allows incoming RDP traffic, which is necessary for Remote Assistance to function properly.

Submit
10. Scott Bishop is a power user at a remote site that includes 20 users. The site has a
Windows Server 2003 system providing file and print servers. There is a tape drive
installed on the system. Because there is no local, full-time administrator at the
site, you want to allow Scott to back up and restore the server. However, you want
to minimize the power and the privileges that Scott obtains, limiting his capabili
ties strictly to backup and restore. What is the best practice to provide Scott the
minimum necessary credentials to achieve his task?

Explanation

The Backup Operators group is
assigned, by default, the privilege to back up and restore files and folders.

Submit
11. You install a scanner on a computer running Windows Server 2003. When you try
to restart your computer, the operating system will not start. Which of the following
would be the least invasive recovery method to try first to restore the system
to operation?

Explanation

Safe mode would be the least invasive recovery method to try first to restore the system to operation. Safe mode starts Windows with a minimal set of drivers and services, allowing you to troubleshoot and fix any issues that may be preventing the operating system from starting normally. It disables unnecessary startup programs and only loads essential drivers, making it easier to identify and resolve any conflicts or errors. By starting in safe mode, you can potentially fix the problem without causing further damage or data loss.

Submit
12. You are concerned that the CPU on a print server that hosts 10 shared printers is not
able to process spool files quickly enough. Which of the following ways will you be
able to check whether your supposition is correct?

Explanation

To determine if the CPU on the print server is able to process spool files quickly enough, it is necessary to monitor the processor usage of the print spool over a normal working day. By configuring the Performance console to track the processor usage of the print spool (Process\%Processor Time\spoolsv) on the print server and displaying the average value, it will provide an accurate measurement of the CPU's performance. This will help determine if the CPU is able to handle the workload efficiently or if there is a need for optimization or upgrades.

Submit
13. An executive has returned from a business trip. Before the trip, she copied files
from a network folder to her hard drive. The folder is shared with other execu
tives, who modified their files in the folder while she was away. When she
returned, she moved her copy of the files to the network share, thereby updating
her files with the changes she made while away, but also overwriting all the files
that had been changed by other executives. The other executives are unhappy
that their files have been replaced with the versions that were active when she left
for her trip. Luckily, you performed a normal backup operation on the folder the
previous evening. What restore option should you choose?

Explanation

This option will not overwrite files that were changed by the executive
while she was away. Those files will have a date more recent than the backup. It will, however, restore the other executives’ files over the older versions she uploaded to the network.

Submit
14. A user reports that he or she cannot access the network by dialing in. The user can log
on successfully to a local computer in the office.
You confirm that the default Remote Access policies are in place on the Routing and
Remote Access Server computer. All modem devices pass diagnostic tests successfully.
What is likely the cause of the problem?

Explanation

The user does not have dial-in permission enabled in his or her user account properties. This means that even though the user can log on successfully to a local computer in the office, they do not have the necessary permissions to access the network by dialing in. The other options - Terminal Server access, computer account in the domain, and supplying correct credentials - are not relevant to this specific issue of dial-in access.

Submit
15. What option will be most useful to generate 100 new user objects, each of which
have identical profile path, home folder path, Title, Web Page, Company, Department,
and Manager settings?

Explanation

DSADD will be the most useful option. You can enter one command line that includes all the parameters. By leaving the UserDN parameter empty, you can enter the users’ distinguished
names one at a time in the command console. A user object template does not allow you to configure
options including Title, Telephone Number and Web Page. Generating a comma-delimited text file would be time-consuming, by comparison, and would be overkill, particularly when so many parameters are identical.

Submit
16. You are to back up a Windows Server 2003 file server every evening. You perform
a manual, normal backup. You will then schedule a backup job to run every
evening for the next two weeks. Which backup type will complete the fastest?

Explanation

The incremental backup type will complete the fastest. This is because an incremental backup only backs up the files that have changed since the last backup, whereas a normal backup backs up all selected files regardless of whether they have changed or not. Therefore, the incremental backup will have less data to process and transfer, resulting in a faster completion time.

Submit
17. You’re the administrator of the Windows Server 2003 computer that is configured
as a print server, and you want to administer the print services from a Web
browser on a client computer. The server is named Mktg1, but you don’t know the
share name of the printer. Which URL should you use to connect to the printer?

Explanation

To gain access to all printers on a print server by using a Web browser,
open the Web browser and connect to http://printserver/printers to view a list of printers. From
there you can access a specific printer. If you want to gain access to a specific printer without
first viewing a list of all printers, use http://printserver/printersharename.

Submit
18. You are configuring the permissions for a shared folder, Finance, on your file server,
Server01. You need to configure permissions for the Accounting and AccountingExec
groups on the folder to achieve the following objectives:
The Accounting group should have Read access to content in the Finance folder.
The AccountingExec group should have Change control over content in the Finance
folder.
All users need Read access to a file named Summary.rpt in the Finance folder. Users
should have access to no other files in the folder.
How will you configure share and NTFS permissions on the Finance folder?

Explanation

The correct answer is to set the share permissions for the Accounting and AccountingExec groups to Full Control, and the share permissions for the Users group to Read. This allows the Accounting and AccountingExec groups to have full control over the folder, while the Users group only has Read access. The NTFS permissions should be set to allow the Accounting group Read access, the AccountingExec group Modify access, and the Users group should have List and Read access on the Summary.rpt file. This ensures that all users have Read access to the Summary.rpt file, but no other files in the folder.

Submit
19. You are planning the deployment of Windows Server 2003 computers for a new
Active Directory domain in a large corporation that includes multiple separate
Active Directories maintained by each of the corporation’s subsidiaries. The company
has decided to roll out Exchange Server 2003 as a unified messaging platform
for all the subsidiaries, and plans to use Microsoft Metadirectory Services
(MMS) to synchronize appropriate properties of objects throughout the organization.
Which edition of Windows Server 2003 will provide the most cost-effective
solution for this deployment?

Explanation

Windows Server 2003, Enterprise Edition, is the most cost-effective solution that supports
MMS. Standard and Web editions do not support MMS.

Submit
20. The License Logging service tracks Per Device or Per User licenses by user name. A
company uses shift work with a total of 30 shift workers working 10 people to an
8-hour shift. Throughout a 24-hour period, three different users will use the same
Windows XP Professional workstation. Each of the 30 shift workers has an individual
logon account. What is the name of the method by which the usernames can be
grouped into lots of three so that only one Per Device license is recorded on the
License Logging server rather than 30 Per User devices?

Explanation

The method by which the usernames can be grouped into lots of three so that only one Per Device license is recorded on the License Logging server rather than 30 Per User devices is called License Groups. This allows multiple users to share a single device license, reducing the number of licenses required.

Submit
21. You are planning the deployment of Windows server 2003 computers for a department of 250 employees. The server will host the shared directories and shared folders for the department, and it will serve several printers to which departmental documents are sent. Which edition of Windows Server 2003 will provide the most cost-effective solution for the department?

Explanation

Windows Server 2003, Standard Edition is a robust platform for file and print services in a small- to medium-sized enterprise or department

Submit
22. What tool is used to enable Remote Desktop on a server?

Explanation

The correct answer is System properties in Control Panel. In order to enable Remote Desktop on a server, the System properties in Control Panel can be used. This tool allows users to configure various settings related to the system, including enabling Remote Desktop. By accessing the System properties, users can navigate to the Remote tab and enable Remote Desktop, allowing remote access to the server.

Submit
23. Which tool will allow you to identify accounts that have not been used for two
months?

Explanation

DSQUERY is the correct answer because it is a command-line tool in Windows Server that allows you to query the Active Directory for various information, including identifying accounts that have not been used for a specified period of time. By using the appropriate parameters and filters with DSQUERY, you can easily retrieve a list of accounts that have not been used for two months.

Submit
24. You want to ensure the highest level of security for your corporate intranet without
the infrastructure of certificate services. The goal is to provide authentication
that is transparent to users, and to allow you to secure intranet resources with the
group accounts existing in Active Directory. All users are within the corporate firewall.
What authentication method should you choose?

Explanation

Integrated Windows Authentication should be chosen as the authentication method in this scenario. This method allows users to authenticate using their Windows credentials, providing a seamless and transparent authentication experience. It leverages the existing group accounts in Active Directory, allowing for easy management and securing of intranet resources. Since all users are within the corporate firewall, this method can provide a high level of security without the need for additional infrastructure such as certificate services.

Submit
25. You’re setting up a printer pool on a Windows Server 2003 computer. The printer
pool contains three print devices, all identical. You open the properties for the
printer and select the Enable Printer Pooling option on the Ports tab. What must
you do next?

Explanation

Printer pooling is configured from the Ports tab of the printer’s properties
dialog box. To set up printer pooling, select the Enable Printer Pooling check box, and then
select or create the ports corresponding to printers that will be part of the pool.

Submit
26. A user has sent you a request, by e-mail, for a Remote Assistance session. You attempt
to connect to the user’s computer to establish the Remote Desktop session, but cannot
establish the network connection.
You are able to connect to the user’s computer to access the file system through the
C$ share.
What is the most likely cause of the problem?

Explanation

The most likely cause of the problem is that Port 3389 is not open on the firewall between your network segment and the network segment that the user's computer is on. This port is used for Remote Desktop Protocol (RDP) connections, and if it is closed on the firewall, you will not be able to establish a network connection for the Remote Assistance session.

Submit
27. Foley works as the systems administrator for a law firm. There is a group of 20 legal
secretaries who provide administrative support to the lawyers. All the secretaries use a
single high-speed laser printer shared on a Windows Server 2003 system. The secretaries
must print large documents on a regular basis. Although the high-speed laser
printer is fast, it is running almost constantly, printing documents. Some of the secretaries
have found that when they submit a job to the high-speed laser printer, it can
take almost 20 minutes for other jobs in the queue to be processed before their own
job is output. None of the secretaries want to scroll through a list of available printers
to check which one has the fewest jobs before submitting their documents. Which of
the following options should Foley consider to minimize the amount of time that printers
take to finish printing documents for all the secretaries?

Explanation

Ordering a second high-speed laser printer and creating a printer pool would allow the secretaries to print their documents more efficiently. With a printer pool, multiple printers can be connected to the print server, and the print jobs can be distributed across the available printers. This would reduce the wait time for each secretary as their jobs would be distributed among the printers in the pool, rather than waiting for their turn on a single printer.

Submit
28. Rooslan is the systems administrator for an organization that has four print servers. He
is currently trying to determine which of the four servers prints the most jobs each day
and which of the four servers prints the least jobs each day. He is considering creating
three new shared printers and needs to select the print server with the lowest number
of jobs printed. He also wants to check how many pages have been printed since the
last restart. Which of the following will enable him to do this?

Explanation

The correct answer is to run the Performance console on his Windows XP workstation and add the Total Jobs Printed counter object and the Total Pages Printed counter object for each of the four print servers that he wants to monitor. This will allow Rooslan to track the number of jobs and pages printed on each print server and determine which server has the lowest number of jobs printed.

Submit
29. You want to nest the IT Administrators group responsible for the Sales group
inside the Sales group so that its members will have access to the same resources
(set by permissions in an ACL) as the Sales group. From the Properties page of the
IT Administrators group, what tab will you access to make this setting?

Explanation

To nest the IT Administrators group responsible for the Sales group inside the Sales group, you would access the "Member of" tab from the Properties page of the IT Administrators group. This tab allows you to specify the groups that the IT Administrators group is a member of, thereby giving its members access to the same resources as the Sales group.

Submit
30. You’re administering a Windows Server 2003 computer configured as a print
server. Users in the Marketing group complain that they cannot print documents
using a printer on the server. You view the permissions in the printer’s properties.
The Marketing group is allowed Manage Documents permission. Why can’t the
users print to the printer?

Explanation

The Print permission allows users to send documents to the printer.

Submit
31. You need to remove a PnP device from a configuration temporarily, but want to
leave it physically connected to the computer. You want to minimize the amount
of work required to use the device later. Which of the following is the best option
to accomplish your goal?

Explanation

This method will allow for the temporary disabling of the device. All that
needs to be done for the device to be usable again is to Enable it. Other options require either
a reinstallation or rescanning of the computer to reactivate the device.

Submit
32. You are in the process of adding users, computers, and groups to your new Windows
Server 2003 domain. After several hundred objects have been added through batch
importing, you begin to add the last 24 computers that must be entered manually. After
entering three computer accounts successfully, you receive error messages and are
unable to add more computers to the domain.
All other network connectivity and server functions appear to be functioning normally.
What is the most likely cause of the problem?

Explanation

The most likely cause of the problem is that the RID Master role is unavailable. The RID Master role is responsible for assigning unique relative identifiers (RIDs) to each object created in the domain. When adding new computer accounts, the RID Master role is needed to assign unique RIDs to these accounts. If the RID Master role is unavailable, it would prevent the addition of new computer accounts, resulting in the error messages encountered after successfully adding three computer accounts manually.

Submit
33. What platforms are capable of joining a domain?

Explanation

The platforms that are capable of joining a domain are Windows NT 4, Windows 2000, Windows XP, and Windows Server 2003. These operating systems have the necessary features and functionalities to join a domain network, allowing users to authenticate and access resources within the domain. Windows 95, on the other hand, does not have the capability to join a domain.

Submit
34. A folder is shared on a NTFS volume, with the default share permissions. The
Project Managers group is given Allow Full Control NTFS permission. Julie, who
belongs to the Project Managers group, calls to report problems creating files in
the folder. Why can’t Julie create files?

Explanation

The default share permission in Windows Server 2003 is Everyone: Allow Read. Share permissions define the maximum effective permissions for files and folders in the share. The share permissions restrict the NTFS full control permission. To correct the problem, you would need to modify the share permissions to allow, at a minimum, the Project Managers group Change permission.

Submit
35. A folder called Reports on Server01 resides in the Marketing\Summary folder. The Marketing
folder is shared on the network with the name MKTG.
Users should not be able to read, modify, or add any files in the Marketing or Summary
folders, but need to have access to the files in the Reports folder.
What is the minimum NTFS permission that these users need on the Marketing and
Summary folders to access the files in the Reports folder from across the network?

Explanation

The minimum NTFS permission that these users need on the Marketing and Summary folders to access the files in the Reports folder from across the network is "Traverse Folder/Execute Files". This permission allows the users to navigate through the folders and execute files, but does not grant them the ability to read, modify, or add any files in the Marketing or Summary folders.

Submit
36. You’re setting up printing on a Windows Server 2003 computer. You attach a
printer, configure a logical printer, and submit documents for printing, but the
documents do not print completely and sometimes come out garbled. What is the
most likely cause of the problem?

Explanation

An incorrect printer driver can yield documents that are garbled or
incompletely printed. Install the correct printer driver.

Submit
37. Rooslan is responsible for licensing at a medium-sized organization that has three Windows
Server 2003 systems. These systems are named Server Alpha, Server Beta, and Server
Gamma. Server Alpha is licensed in Per Server mode and is configured with 500 CALs.
Server Beta is licensed in Per Server mode and is configured with 700 CALs. Server
Gamma is licensed in Per Server mode and is configured with 600 CALs. If there are
550 Windows XP Professional workstations at Rooslan’s company and 500 of those
access Server Alpha, 525 of them access Server Beta and 540 access Server Gamma
concurrently, how many per-server CALS are required at the organization?

Explanation

The number of CALs required for each server is determined by the maximum number of concurrent connections to that server. In this case, the maximum number of concurrent connections to Server Alpha is 500, to Server Beta is 525, and to Server Gamma is 540. Therefore, the total number of CALs required at the organization is the sum of these three numbers, which is 500 + 525 + 540 = 1,565.

Submit
38. You enable the password complexity policy for your domain. Describe the
requirements for passwords, and when those requirements will take effect.

Explanation

The correct answer is "All of the above" because enabling the password complexity policy for the domain means that the requirements for passwords will include not being based on the user's account name, having at least six characters, and containing at least one character from three of the four specified categories. These requirements will take effect immediately for all new accounts, and existing accounts will be affected when they next change their password.

Submit
39. Why is it a best practice to create a computer account in the domain prior to joining
a machine to the domain?

Explanation

It is a best practice to create a computer account in the domain prior to joining a machine to the domain because if an account is not created in advance, one will be generated automatically when the computer joins the domain, and that account will be located in the default Computers container. This means that computer policies, which are typically linked to specific OUs, will not apply to the newly joined computer. Additionally, most organizations have specific OUs for computers, so by not creating the computer object in advance, an extra step is required to move the computer object to the correct OU after joining the domain. By creating a computer object in advance, you can also specify which groups or users are allowed to join a system to the domain with that account.

Submit
40. You would like to test the restore procedures on your server, but would also like
to avoid affecting the production copies of the backed-up data. What is the best
restore location to use?

Explanation

Restoring to an alternate location will restore the folder structure and
files that were backed up. You can then compare the contents of the target location with the original backed-up files to verify the success of the restore procedure.

Submit
41. You’re administering a Windows Server 2003 computer configured as a print
server. You want to perform maintenance on a print device connected to the print
server. There are several documents in the print queue. You want to prevent the
documents from being printed to the printer, but you don’t want users to have to
resubmit the documents to the printer. What is the best way to do this?

Explanation

When you select the Pause Printing option, the documents will remain in the print queue until you resume printing. This option applies to all documents in the queue.

Submit
42. A Windows 2003 Server is configured as a print server. In the middle of the workday,
the printer fuse fails, and must be replaced. Users have already submitted jobs to
the printer, which uses IP address 192.168.1.81. An identical printer uses address
192.168.1.217, and is supported by other logical printers on the server. What
actions should you take so that users’ jobs can be printed without resubmission?

Explanation

Because the other printer is already supported by logical printers on
the server, there is no need to add a new port. Simply select the existing port.

Submit
43. Which of the following options will give you the clearest picture of printer utilization—
allowing you to understand the consumption of printer toner and paper?

Explanation

The Total Pages Printed counter gives the clearest picture of printer
toner and paper consumption, as such consumption is most closely associated with the number
of pages, not the number of jobs, printed. The spooler and object access events logged in the System and Security logs will be cumbersome at best and, most likely, completely unhelpful in this task.

Submit
44. What type of Group Policy software deployment should be used to distribute a
service pack?

Explanation

The correct answer is "Assigned in the Computer Configuration Software Settings." This is because when distributing a service pack, it is typically installed on the computer level rather than the user level. Assigning the software in the Computer Configuration Software Settings ensures that the service pack is deployed to all computers within the specified group policy scope.

Submit
45. You’re the administrator of a Windows Server 2003 computer. You want to fix any
file system errors and recover any bad sectors on your computer’s hard disk.
Which tool should you use?

Explanation

Check Disk is the correct tool to use in order to fix any file system errors and recover any bad sectors on a Windows Server 2003 computer's hard disk. Check Disk, also known as chkdsk, is a command-line utility that scans the file system and checks for errors. It can fix any errors it finds and also recover data from any bad sectors on the hard disk.

Submit
46. You’re setting up software RAID on your Windows Server 2003 computer to provide
fault tolerance to the data stored on that system. The computer is used as a
database server. The server performs many read operations but relatively few
write operations. As a result, you want a fault-tolerant solution that provides excellent
read performance. Which RAID solution should you use?

Explanation

Although RAID-5 has moderate write performance, it has excellent read
performance. RAID-1 has good read and write performance, but the read performance is not as
good as with RAID-5

Submit
47. In your Windows Server 2003 domain contoso.com, in the Pservers (Print Servers) OU
you have member server computer named Pserver01. This server has been offline for
a lengthy period, and is not communicating with other computers in the domain to
accept print jobs. You have determined that the password on this computer’s account
within the domain needs to be reset.
Which command can you issue to correctly reset the computer account?

Explanation

The correct command to reset the computer account for Pserver01 in the Pservers OU of the contoso.com domain is "dsmod computer CN=pserver01,CN=PSERVERS,DC=contoso,DC=com -reset". This command uses the "dsmod" tool to modify the computer object with the specified distinguished name (DN) and reset its account.

Submit
48. Rooslan is the senior systems administrator at a medium-sized organization. His office
is located at the company headquarters in Melbourne, Australia. He has just received a
telephone call from Alex, who is responsible for maintaining a server at one of the
organization’s branch sites in Auckland, New Zealand. The two sites are connected by
means of an ISDN PRI line. Alex is about to modify some registry settings on one of the
servers in Auckland and wants Rooslan to watch him remotely so that he can check
that Alex completes the procedure correctly. Which of the following technologies will
allow Rooslan to watch Alex modify the Auckland server’s registry and talk him
through any parts of the procedure that he does not understand?

Explanation

Remote Assistance is the technology that will allow Rooslan to watch Alex modify the Auckland server's registry and talk him through any parts of the procedure that he does not understand. Remote Assistance allows one user to remotely control another user's computer, view their screen, and interact with their system. This will enable Rooslan to observe Alex's actions and provide guidance in real-time, ensuring that the procedure is completed correctly.

Submit
49. You open a computer object and, on the Operating System tab, discover that no
properties are displayed. What causes these properties to be absent?

Explanation

When a system joins the domain, by default it populates the properties shown on the Operating System tab.

Submit
50. What type of disk region supports logical drives?

Explanation

Extended partitions support logical drives. An extended partition is a type of disk partition that can be divided into multiple logical drives. It allows for the creation of more than four partitions on a basic disk, which is the maximum limit for primary partitions. Logical drives are created within the extended partition and can be used to organize and store data separately from the primary partitions.

Submit
51. Rooslan is working with a Windows Server 2003 system that has been behaving erratically.
The System log is set to a maximum log size of 50 MB and to overwrite events
as needed. Rooslan wants to view Error events in the System log that have occurred
over the last week. How can he do this?

Explanation

To view Error events in the System log that have occurred over the last week, Rooslan should edit the properties of the System log in the Event Viewer. He should go to the Filters tab and ensure that only the Error check box is selected. Additionally, he should set the first event date to seven days ago and the last event date to today. This will filter the log to display only Error events within the specified time frame.

Submit
52. How do you make a profile mandatory?

Explanation

By renaming Ntuser.dat to Ntuser.man, the user profile is converted into a mandatory profile. This means that any changes made to the profile will not be saved when the user logs off. This can be useful in situations where a standardized profile needs to be enforced for all users, such as in a shared computer environment or for guest accounts.

Submit
53. Ou have been given the responsibility for maintaining user accounts, user profiles,
and user access to resources on your network. Currently, all users share a single profile
on the network, which allows for easy addition and deletion of objects to the users’
desktops, but also allows for desktop changes to be made and saved by the users. You
want to retain the ability to centrally manage user’s desktops, but want to prohibit
changes to desktop settings by the users.
What should you do?

Explanation

By modifying the file name of Ntuser.dat to Ntuser.man, you can enforce a mandatory user profile. A mandatory user profile is a read-only profile that cannot be modified by the user. This allows for centrally managing the user's desktop while prohibiting changes to desktop settings by the users.

Submit
54. A traveling user has been away from the office for several months. The laptop computer
with which the user travels is not configured for dial-in access to the corporate
network because it is used mostly for presentations and client documentation.
Upon returning to the office and connecting to the corporate network, the user is
unable to log on to his or her computer using a local account, and is presented with
the “Log on Failed” dialog box.
What should you do?

Explanation

The user is unable to log on to their computer using a local account, indicating that the password for the local account may have been forgotten or changed. Since the laptop is not configured for dial-in access to the corporate network, resetting the user's password in Active Directory or resetting the user's computer account in Active Directory would not resolve the issue. Disconnecting the computer from the network and restarting it may not have any effect on the local account login issue. Therefore, the best solution would be to use the password reset disk for that user to reset the password on the local computer.

Submit
55. You want to configure a logical printer so that large, low-priority documents will
be printed overnight. Which of the following options will you configure in the
printer’s Properties dialog box?

Explanation

The printer schedule allows a printer to receive jobs and hold them
until the printer is available. The default setting, Always Available, sends a job to the printer
when it is free. When you configure Available From / To, you specify the hours during which print
jobs can be sent to the printer.

Submit
56. What is the required amount of free disk space on a volume in order to provide
for complete defragmentation?

Explanation

To provide for complete defragmentation, a volume requires a certain amount of free disk space. The correct answer is 15 percent. This means that at least 15 percent of the total disk space on the volume needs to be available for defragmentation to occur effectively. Having this amount of free space allows the defragmentation process to rearrange and optimize the files on the volume more efficiently, resulting in improved performance and reduced fragmentation.

Submit
57. You are a network administrator managing a Windows Server 2003 domain, contoso.com.
As part of a network restructuring, new child domains of west.contoso.com and
east.contoso.com have been added to the forest. You need to move three computer
accounts for file server computers from the contoso.com domain to the west.contoso.com
domain. All servers to be moved are Windows Server 2003 member servers.
What should you do?

Explanation

The Movetree command-line tool is used to move objects between domains in a Windows Server 2003 environment. In this scenario, the task is to move computer accounts from the contoso.com domain to the west.contoso.com domain. Therefore, using the Movetree command-line tool is the appropriate solution. The other options mentioned (Active Directory Domains And Trusts, Active Directory Users And Computers, and Dsmove utility) are not specifically designed for moving computer accounts between domains.

Submit
58. A user, returning from an extended leave of absence powers on his or her computer,
Desk249, and attempts to log on to the domain but cannot do so. You attempt to log
on to the user’s computer, as a Domain Administrator, but cannot do so.
You return to your computer and search the Active Directory for the Desk249 computer,
but find that no computer with that name exists in the directory. You log on with
a local administrator account to the Desk249 computer and discover that the computer
still believes it is a part of the domain. After consideration, you determine that you
must re-create the computer account. You want to enable the user to log on at their
computer as soon as possible, and with the least amount of administrative effort.
What should you do?

Explanation

The correct answer is to log on to the Desk249 computer with the local administrator account, change the computer's domain membership to a workgroup named TEST, restart the computer, log on again with the local administrator account, rejoin the computer to the Active Directory domain using an account with domain administrator privileges, and then restart the computer again. This process ensures that the computer account is recreated and allows the user to log on to their computer as soon as possible with the least amount of administrative effort.

Submit
59. All computer users in your company access several applications through a single Terminal
Server, Server01, located on the same Local Area Network segment. You are running
a Windows Server 2003 Active Directory and DNS, and the Terminal Server is a
Windows Server 2003 server.
At the end of business on the previous day, you renamed the Terminal Server to App1.
You verified that the server was reachable using its new name through Terminal Services
both as administrator and as a regular user, and through Windows Explorer.
This morning, all users report that they cannot connect to the Terminal Server. You verify
that connection to the Terminal Server is possible through Windows Explorer, but
that user connection through Terminal Services is not possible. You are able to connect
to the Terminal Server as Administrator.
What is the most likely cause of the problem?

Explanation

The most likely cause of the problem is that the Terminal Server connection permissions need to be refreshed. This is indicated by the fact that the server is reachable through Windows Explorer, but user connection through Terminal Services is not possible. As the administrator, you are able to connect, suggesting that the issue is specific to user permissions. Refreshing the connection permissions should help resolve the problem.

Submit
60. Lee is concerned that another user in the office is attempting to log on to his workstation
using his account. He does not believe that this has yet occurred, but he would
like you to display a report of all the times that his account has experienced a logon
failure in the past month. As a way of testing his hypothesis, Lee placed a note near his
monitor with the words “Password = Gillian1948.” Gillian1948 is not his password. He
assumes that if someone had tried to log on to his workstation illicitly, then the dummy
password has been tried. Only Logon Events are being audited for both success and
failure in the domain. How can you generate a view in the Event Viewer to determine
if there have been failed attempts to log on using Lee’s user account?

Explanation

To determine if there have been failed attempts to log on using Lee's user account, the correct approach is to create a filter on the Security log. By looking only for failure audits and setting the Event Source to Security, the filter will display any instances where Lee's account has experienced a logon failure. By setting the First Event to a date one month ago and the Last Event to today, the filter will display the relevant logon failure events within the specified time frame.

Submit
61. Rooslan is working from home and is using a dial-up connection to his company’s
RRAS server, which allows him access to Windows Server 2003 systems on the corporate
LAN. It is 2:15 A.M. and the building that hosts the servers is unoccupied. Rooslan
would like to initiate a disk defragmentation on the hard disk drives of several of the
servers located at his office. Rooslan’s home Windows XP Professional workstation is
not a member of the company’s Windows Server 2003 domain. Which of the following
tools can Rooslan use to initiate a remote disk defragmentation?

Explanation

Rooslan can use Terminal Services Remote Administration mode to initiate a remote disk defragmentation. This mode allows him to remotely access and control Windows Server 2003 systems on the corporate LAN. By using this mode, Rooslan can connect to the servers and initiate the disk defragmentation process. This is possible even though his home Windows XP Professional workstation is not a member of the company's Windows Server 2003 domain.

Submit
62. You are the systems administrator for a medium-sized organization. You have received
several telephone calls from users at your company reporting that they are unable to
print large 160-page print jobs to a departmental shared printer. If they send jobs to a
printer shared on another server, they print with no trouble. If they break up the job
into 10-page lots, they are also able to print, although they find this method cumbersome.
The server that hosts the departmental shared printer also hosts a file share on the
same volume. Which of the following actions should you take to resolve this problem?

Explanation

The issue is that the users are unable to print large 160-page print jobs to a departmental shared printer on a specific server, but they can print without trouble when using a printer shared on another server or when breaking up the job into smaller lots. This suggests that the problem is related to the server's capacity or resources. By cleaning up the server's hard disk drive and removing unneeded files from the file share, the disk space will be increased, potentially resolving the issue and allowing the large print jobs to be processed successfully.

Submit
63. You manage the network for a team of 500 telephone sales representatives. You
have 550 licenses configured in Per Device or Per User licensing mode. A new
campaign is launched and you will hire another shift of 500 reps. What do you
need to do to most effectively manage license tracking and compliance?

Explanation

Creating license groups will allow you to effectively manage license tracking and compliance. By creating separate groups for the existing clients and the new hires, you can easily track and manage the licenses allocated to each group. This will ensure that you have a clear understanding of how many licenses are being used and by whom, making it easier to maintain compliance with licensing agreements. Revoking licenses or deleting existing licenses may result in a loss of licenses for the existing clients, while converting to Per Server licensing may not be necessary or provide the same level of license management.

Submit
64. Lee has two 100 GB SCSI hard disk drives connected to a Windows Server 2003 server
that he is responsible for administering. The server also has a single hardware RAID
controller that supports RAID-0, RAID-1 and RAID-5. Currently 70 GB on the first drive
is used and the second drive is empty. Lee is concerned that the hard disk drive of the
server might fail and he would lose all the information on the first disk drive. Lee has
considered regular backups but does not have the equipment with which to back up
70 GB on a regular basis. Lee would like to configure a solution that provides fault tolerance
for the first drive. Which of the following should he consider, given the current
configuration of his Windows Server 2003 server?

Explanation

Correct: Lee should configure the disks in a RAID-1, also known as disk
mirroring, configuration using the hardware RAID controller’s configuration utility.
The prior existence of data on the drives would also influence the options
available. Although it is possible to mirror a drive with existing data, converting it to RAID-5 or RAID-0 without deleting the data is not an option

Submit
65. You are working on a Windows Server 2003 system that has been upgraded from
Windows 2000 server. This server has a legacy SCSI RAID controller that is not Plug
and Play. The device appears to be working perfectly but you cannot see it within the
Device Manager. How can this device be viewed in the Device Manager?

Explanation

D. Correct: By default, non–Plug and Play hardware is not displayed in Device Manager.
To view such hardware in Device Manager, the Show Hidden Devices option
must be set. This will then show all “hidden” devices, which include non–Plug and
Play legacy devices such as the SCSI RAID controller described here.

Submit
66. A user has returned from an extended business trip, and reconnects his or her computer
to the network. The user is able to log on, but is not able to connect to any network
resources.
You examine the accounts associated with the user in Active Directory Users And Computers,
and note that the computer account for the user’s laptop is marked with a red
“X” icon.
What should you do to solve the problem?

Explanation

The correct answer is to reset the laptop computer account in Active Directory. When a computer account is marked with a red "X" icon, it indicates that the account is disabled or has some sort of issue. By resetting the laptop computer account in Active Directory, it will refresh the account and potentially resolve any connectivity issues the user is experiencing when trying to connect to network resources.

Submit
67. You’re setting up a Web site in IIS on Server01. The site’s Internet domain name is
adatum.com, and the site’s home directory is C:\Web\Adatum. Which URL should
Internet users use to access files in the home directory of the site?

Explanation

The correct answer is http://server01.adatum.com. This URL follows the format of "http://.", which is the standard way to access a website on the internet. In this case, the server name is server01 and the domain name is adatum.com. Therefore, users should use this URL to access files in the home directory of the site.

Submit
68. You are to back up a Windows Server 2003 file server every evening. You perform
a manual, normal backup. You will then schedule a backup job to run every
evening for the next two weeks. Which backup type will provide the simplest
recovery of lost data?

Explanation

Performing a manual normal backup is the best choice for the simplest recovery of lost data. A normal backup backs up all selected files and marks them as backed up. This means that when restoring data, only the latest normal backup needs to be restored, making the recovery process straightforward and efficient. Differential backups would require restoring both the latest normal backup and the latest differential backup, while incremental backups would require restoring the latest normal backup and all subsequent incremental backups. Daily backups would only backup files modified on that specific day, making the recovery process more complex.

Submit
69. As a part of your company’s policy, all actions by systems administrators related to
accounts, such as account creation, deletion, renaming, as well as group creation, deletion,
and renaming, and account disabling and password changes must be audited.
These events are to be stored in the Security log. To comply with this policy you are
currently editing the default domain GPO. Which audit event should you enable?

Explanation

To comply with the company's policy of auditing all actions related to accounts, such as creation, deletion, renaming, group creation, deletion, and renaming, account disabling, and password changes, the audit event that should be enabled is "Audit Successful Account Management." This will ensure that successful actions related to account management are recorded in the Security log for auditing purposes.

Submit
70. You are rolling out servers to provide Internet access to your company’s e-commerce
application. You anticipate four servers dedicated to the front-end Web
application and one server for a robust, active SQL database. Which editions will
provide the most cost-effective solution?

Explanation

Windows Server 2003, Web Edition, provides a cost-effective platform for the four Web application
servers. However, Web Edition will not support enterprise applications like SQL Server; the
edition of MSDE included with Web Edition allows only 25 concurrent connections. Therefore,
Windows Server 2003, Standard Edition, provides the most cost-effective platform for a SQL
Server.

Submit
71. Are all functions within a snap-in used on a local computer usable when connected
remotely?

Explanation

No, not all functionality is available. The Device Manager component in the Computer Management
snap-in, for example, can only be used to view remote computer configurations: no
changes can be made to the remote computer's device configuration.

Submit
72. You are configuring SUS for a group of Web servers. You want the Web servers to
update themselves nightly based on a list of approved updates on your SUS server.
However, once in a while an administrator is logged on, performing late-night
maintenance on a Web server, and you do not want update installation and potential
restart to interfere with those tasks. What Windows Update policy configuration
should you use in this scenario?

Explanation

You want the Web servers to update themselves, so you must schedule
the installation of updates. However, an administrator always has the option to cancel the
installation.

Submit
73. You’re setting up a backup job on a computer running Windows Server 2003. You
want to back up the registry, startup files, and th

Explanation

The correct answer is "System State". System State is a backup option in Windows Server 2003 that allows you to back up critical system components such as the registry, startup files, and system files. It includes important data like the Active Directory database, SYSVOL folder, and the registry hives. By selecting the System State option, you can ensure that all necessary components are backed up to restore the system in case of a failure or disaster.

Submit
74. Your company has placed 35 computers in various locations throughout the building to
allow access to company information when an employee is away from his or her desktop
computer. These computers are used to check e-mail, to read corporate news and
access policy information on the company’s intranet.
You want to make it possible for a user at one of these shared computers to change his
or her desktop settings, and to have these desktop settings apply to any of the other
shared computers.
What should you do?

Explanation

To allow a user at one of the shared computers to change their desktop settings and have them apply to any other shared computer, configuring a roaming profile and assigning it to each user in the domain is the correct solution. A roaming profile allows a user's settings and preferences to be stored on a network server, so when they log in to any shared computer, their personalized desktop settings will be applied. This ensures consistency and convenience for the user across different computers. Assigning the roaming profile to each user in the domain ensures that their settings are applied regardless of which shared computer they use.

Submit
75. You have been given an administrative task related to user accounts in the contoso.com
Active Directory. You need to move all accounts in the East group located in the Sales
OU into the newly created East Sales OU.
Which procedure will accomplish this task?

Explanation

not-available-via-ai

Submit
76. A user reports that he or she cannot log on to the network from a laptop running
Windows 98. The user can log on from a desktop computer that is running Windows XP.
Your environment is controlled by a Windows Server 2003 Active Directory domain.
The Windows 98 computer does not have the Active Directory Client installed.
What is the most likely cause of the problem?

Explanation

The most likely cause of the problem is that the user's password is longer than 14 characters. This is because Windows 98 does not support passwords longer than 14 characters, so the user would not be able to log on to the network from a laptop running Windows 98. The fact that the user can log on from a desktop computer running Windows XP suggests that the issue is specific to the Windows 98 computer.

Submit
77. You are interested in viewing Information and Warning events in the Application log
generated by disk quotas. You only wish to view these types of events, not information
and warning events from other sources. Which of the following steps should you take
to do this?

Explanation

To view Information and Warning events in the Application log specifically related to disk quotas, you need to edit the properties of the Application log in the Event Viewer. In the Filter tab, select the Information and Warning Events check boxes and uncheck the Error, Success Audit, and Failure Audit check boxes. Finally, set the Event Source to Disk Quota. This will ensure that only the desired events from disk quotas are displayed in the Application log.

Submit
78. Rooslan has been instructed by senior management to generate a report on the logon
activities of a particular user named Agim over the last two months. Management is trying
to use Agim’s logon activity to determine which days Agim came to work because
his attendance has been erratic. Logon events have been audited within the Windows
Server 2003 domain for the last six months. The size of all Event log files is set to
190,240 KB. No Event log has yet to be filled and data from the last six months is available.
Which of the following represents the best way to display the data relevant to
Rooslan’s task?

Explanation

The best way to display the data relevant to Rooslan's task is to create a filter on the Security log. By looking only for success audits and setting the Event Source to Security, Rooslan will be able to filter out irrelevant logon activities. Setting the User setting to Agim's account name will ensure that only Agim's logon activities are included in the report. Additionally, setting the Event ID to 538 will specifically filter for logon events. Finally, setting the First Event to a date two months ago and the Last Event to today will limit the report to the desired time period.

Submit
79. A user, Joe, is taking on additional network administrative responsibility for his department,
Finance. From Joe’s computer, logged on as Joe, you use the Run As command
with your administrative credentials to load the Active Directory Users And Computers
snap-in, and then you add Joe to the Department’s Itadmin3 group, which has delegated
administrative permissions for the user accounts in the Finance OU. You then
close the Active Directory Users And Computers snap-in.
When Joe attempts to reset a user’s password in the Finance OU, he is denied access.
What additional step do you need to take in order for the user to be able to perform
the delegated administrative duties?

Explanation

Instructing Joe to log off and then log on to his computer is the additional step needed for him to be able to perform the delegated administrative duties. When Joe used the Run As command to load the Active Directory Users And Computers snap-in, he was still logged on as himself and not as the administrative user. By logging off and logging back on, Joe will establish a new session with the administrative credentials, allowing him to have the necessary access and perform the delegated administrative tasks.

Submit
80. Laherty is the IT consultant for a small graphic design business that has a single volume
file server running Windows Server 2003. This file server also acts as a print server and
is connected to a color laser printer that is used to print poster-sized advertising material
as well as a normal black-and-white laser printer for letters and memos. Laherty has
configured disk quotas on this server allowing each of the eight users at the office to
store a maximum of 8 GB of files on the server. Laherty is the only one with access to
change permissions on the file server. Laherty visits this small business once a week.
When he is visiting this graphic design business on Friday, Rob, one of the users,
informs him that he has been unable to print several posters since Wednesday. Rob
also informs Laherty that he has been able to print documents to the black-and-white
printer. Rob has not tried to print any other large files to the color laser printer. Laherty
checks with other users at the business and finds that they have been able to print normally
to both printers. Laherty gets one of the other users to try to print Rob’s poster
file. The file prints successfully. Rob tries to print it again but cannot. Laherty gets Rob
to print a very small color picture to the printer and it completes successfully. Which of
the following reasons best explains why Rob is unable to print?

Explanation

Rob is unable to print because he is close to his allocated quota of disk space on the server. This means that he has almost reached the maximum limit of 8 GB of files that he is allowed to store on the server. As a result, he is unable to print the poster file because it would exceed his remaining disk space. The fact that he is able to print other documents to the black-and-white printer suggests that the issue is specific to the color laser printer, possibly due to the large file size of the poster.

Submit
81. In a domain running in Windows Server 2003 domain functional level, what security
principals can be a member of a global group?

Explanation

In a domain running in Windows Server 2003 domain functional level, all security principals, including users, computers, universal groups, and global groups, can be a member of a global group. This means that any security principal within the domain can be added to a global group for the purpose of granting permissions and access rights.

Submit
82. In the properties of a group, which tab will you access to add users to the group?

Explanation

To add users to a group, you would access the "Members" tab in the properties of the group. This tab allows you to view and manage the users who are part of the group. By adding users to the group through this tab, you can grant them access to the group's resources and privileges.

Submit
83. You’re implementing software RAID on your Windows Server 2003 computer. You
want to provide fault tolerance to the system and boot partitions. Which version of
RAID should you use?

Explanation

A mirrored volume can contain any partition, including the boot or system
partition.

Submit
84. Rooslan is a consultant who has been approached by a medium-sized organization for
his advice on the best way to optimize disk performance for three newly purchased
Windows Server 2003 systems. There are three different systems in question, all with
identical hardware. Each server has six 120 GB SCSI hard disk drives and no hardware
RAID controller. Rooslan has been presented with the following specifications from the
teams that will be using each Windows Server 2003 System.
The team that will use the first server has one goal. The team would like a second large
volume of approximately 600 GB that will contain all the data. The first volume of 120 GB
should contain the operating system files and the program files. Speed and fault tolerance
are not important to this team.
The team that will use the second server has three goals. The first goal is that the primary
volume be 120 GB in size, fault-tolerant, and host the operating system and program
files. The second goal is that the secondary volume be 120 GB in size, faulttolerant,
and store program data. The third goal is that the tertiary volume be 240 GB
in size and provide the fastest possible read/write speeds.
The team that will use the third server has two goals. The first goal is that the primary
volume must be approximately 120 GB in size, host the operating system and the program
files, and be fault-tolerant. The second goal is that the secondary volume must be
approximately 480 GB in size and have the best read/write performance possible.
Rooslan installs Windows Server 2003 on the first team’s server, using a full disk partition
on which he installs the operating system and the program files. Once he is in
Windows Server 2003 he converts the five other disks to dynamic and spans a single
volume across all these disks.
On the second team’s server, Rooslan installs Windows Server 2003 using the entire 120 GB
available on the disk. When he has Windows Server 2003 configured, he mirrors this
120 GB disk onto the second 120 GB disk. He then installs the relevant program files
onto this volume. He then creates two more mirrored pairs with the third and fourth
and the fifth and sixth 120 GB disks.
On the third team’s server, Rooslan installs Windows using the entire 120 GB available
on the first disk. When he has Windows configured he mirrors the 120 GB disk onto
the second 120 GB disk. He then installs the relevant program files onto this volume.
Rooslan then creates a RAID-5 volume using the final four 120 GB disks.
Which of the following statements accurately summarizes the number of team goals
that Rooslan accomplished?

Explanation

F. Correct: Rooslan achieved all the goals of the first team. For the second team, he
achieved the first and second goals. In choosing to mirror, rather than stripe, the
third volume, he did not create a volume of 240 GB with the fastest read/write
speed. The volume would have been 120 GB and would not have performed significantly
better than a simple volume. Rooslan achieved one goal of the third
team. He achieved the first goal, but by using RAID-5 instead of striping, he failed
to achieve the second. The second volume would have been 360 GB rather than
480 GB as specified, the equivalent of one drive lost in storing parity information.

Submit
85. You are configuring the properties of user accounts in the Sales OU of the contoso.com
domain. You wish their home directories to be stored on the network server computer
named Server01. The home directories are to be stored in a shared folder, named
Home, on the server’s D: drive. The share name is Homedir.
In the Home Folder property for each user, how will you set the home directories?

Explanation

You will set the home directories by using the path \\Server01\Homedir\%Username%. This path specifies that the home directories should be stored on the network server named Server01 in a shared folder named Homedir. The %Username% variable ensures that each user's home directory is unique and corresponds to their username.

Submit
86. You have configured several users to be able to connect to Server01 through Terminal
Services, and have modified the default configuration with the Terminal Services Configuration
console to allow for redirection of client printers. The goal is for all users of
the Terminal Server to be able to print to print devices configured on their local computer
from their Terminal Server session.
The users, however, report that they are unable to print to their locally configured print
devices.
What should you do to correct the problem?

Explanation

Enabling the Client/Server data redirection setting in Group Policy for each Terminal Server client computer will allow the users to redirect their locally configured print devices to their Terminal Server session. This will enable them to print to their local printers from within the Terminal Server session.

Submit
87. You are the systems administrator for a medium-sized organization and you are considering
employing Software Update Services to manage updates provided by
Microsoft for your Windows XP Professional systems. Your organization currently uses
a proxy solution running on another platform that requires username and password
authentication. The user and password database for the proxy is different from that
used in your Windows Server 2003 domain. Given this situation, which of the following
options is available to you in configuring a software update infrastructure?

Explanation

The correct answer states that SUS can be configured to authenticate against a proxy to download a list of updates for approval and download. Windows XP systems should be configured to check the SUS server to determine which updates are approved and then retrieve them from the SUS server. This option allows for centralized management of updates through SUS while also accommodating the proxy authentication requirement.

Submit
88. Rooslan is the systems administrator for a small company that has fewer than 100 users.
One Sunday when he was checking the backup tapes he noticed one of the color laser
printers printing out inappropriate pictures in violation of company policy. No one else
was in the office that day and he checked the remote access logs and found that 10
users were connected to the company network from home. He believes that the person
who printed these pictures would come in later to collect them before they would be
found when everyone returned to work on Monday morning. Of the 10 users who
were logged on by remote access at the time, only five had the requisite permissions
to print to that particular color laser printer. Rooslan configures a domain audit policy
for a particular type of audit event and then uses the Shared Printer’s advanced security
features to audit use on the group that has access to the printer. Which type of audit
event should Rooslan have configured in Group Policy to locate who has printed to
this particular printer on Sunday afternoon?

Explanation

Rooslan should have configured the "Audit Successful Object Access" type of audit event in Group Policy to locate who has printed to the particular printer on Sunday afternoon. This type of audit event will track successful attempts to access objects, such as the color laser printer, and will log information about the user who accessed the object. By enabling this audit event, Rooslan will be able to identify the user who printed the inappropriate pictures and violated company policy.

Submit
89. After a period of expansion, your company created a second domain. Last weekend,
a number of machines that had been in your domain were moved to the new
domain. When you open Active Directory Users And Computers, the objects for
those machines are still in your domain, and are displayed with a red “X” icon.
What is the most appropriate course of action?

Explanation

When the machines were removed from the domain, their accounts
were not deleted, probably due to permissions settings. The machines now belong to another
domain. These accounts are no longer necessary.

Submit
90. A hard disk on a server running Windows Server 2003 has failed. You replace the
disk, boot the system, initialize the disk, and create an NTFS volume on the new
disk. You now want to restore that data from the last backup job from the old disk.
How should you restore the data?

Explanation

Use the Backup utility to launch the Restore Wizard because the Backup utility is specifically designed for backing up and restoring data on Windows Server 2003. By using the Restore Wizard, you can easily select the backup job from the old disk and restore the data to the new disk. This ensures that the data is restored correctly and efficiently.

Submit
91. Which of the following properties and administrative tasks can be configured or
performed simultaneously on more than one user object?

Explanation

The properties and administrative tasks that can be configured or performed simultaneously on more than one user object are disabling and enabling user accounts. This means that multiple user accounts can be disabled or enabled at the same time, making it more efficient for administrators to manage user access and permissions.

Submit
92. Bill calls again to indicate that he still cannot access the departmental plan. You
use the Effective Permissions tool, select Bill’s account, and the tool indicates that
Bill is, in fact, allowed sufficient permissions. What might explain the discrepancy
between the results of the Effective Permissions tool and the issue Bill is reporting?

Explanation

The discrepancy between the results of the Effective Permissions tool and the issue Bill is reporting could be explained by multiple factors. Firstly, there could be a permission entry assigned to a logon-related account, such as Interactive or Network, that is denying access. Additionally, if the user is not logged on as a Domain Admin, they may not be able to read all group memberships, which could affect the resulting permissions report. Lastly, it is important to note that the Effective Permissions tool is only an approximation of a user's access, so there may be other factors at play that are not accurately reflected in the tool's results.

Submit
93. You are a systems administrator at a medium-sized organization. You maintain a test
lab of five Windows Server 2003 systems that are all members of your organization’s
single domain. Because the organization has had trouble in the past with some users
with sufficient privileges installing unsigned drivers on the system the default domain
GPO has been configured to block the installation of all unsigned drivers on computers
that are members of the domain. The domain GPO also blocks access for all users to
the System Properties and hides all icons on the desktop. Until recently this was
unproblematic; however you have just received a new batch of high-performance network
cards that you wish to test on your lab servers. These high performance network
cards ship with drivers that have not been digitally signed by Microsoft. Because you
cannot access the System Properties you cannot override the default domain GPO setting
that blocks the installation of unsigned drivers. Which of the following methods
allows you to override the default domain GPO and change the setting on your lab
servers to Warn but not change the overall setting for other computers in your domain?

Explanation

By creating a new organizational unit (OU) called Mylab and moving the computer accounts for the Windows Server 2003 systems into the Mylab OU, the systems administrator can create a separate group policy object (GPO) specifically for the lab servers. This new GPO can then be configured to set the Unsigned Driver Installation Behavior policy to Warn But Allow Installation, overriding the default domain GPO. By applying this new GPO to the Mylab OU, the setting will only affect the lab servers and not change the overall setting for other computers in the domain.

Submit
94. You have two modems connected to a Windows Server 2003 system that are used to
create a multilink connection to a remote site using on-demand routing. You have
found that the line quality to the remote site is not particularly high and you want to
modify the port speed of both modems. Which of the following administrative tools
would you use to do this?

Explanation

The Phone And Modem Options in Control Panel allows the user to configure and adjust modem settings, including the port speed. This tool is specifically designed to manage and modify modem settings, making it the appropriate choice for adjusting the modem speeds in this scenario. The Device Manager is used for managing hardware devices, but it does not provide specific options for adjusting modem speeds. The Routing And Remote Access console is used for managing network routing and does not have options for adjusting modem speeds. Editing the properties of the multilink connection in My Network Places does not provide options for adjusting modem speeds.

Submit
95. What variable can be used with the DSMOD and DSADD commands to create
user-specific home folders and profile folders?

Explanation

The correct answer is $Username$. This variable can be used with the DSMOD and DSADD commands to create user-specific home folders and profile folders. The dollar sign before the variable indicates that it is a special variable that will be replaced with the actual username when the command is executed. This allows for the creation of unique folders for each user based on their username.

Submit
96. You are hiring a team to tackle a software development project. There will be
three shifts of programmers, and each shift will include six programmers. Each
programmer uses four devices to develop and test the software, which authenticates
against a Windows Server 2003 computer. What is the minimum number of
CALs required if the servers involved are in Per Device or Per User licensing
mode?

Explanation

If you were to license based on devices, there are six times four
devices, or 24 devices. It will be more cost-effective to license based on the number of users, which is 18.

Submit
97. You’re setting up RAID-5 on your Windows Server 2003 computer. You plan to use
five hard disks, which are each 20 GB in size. What percentage of redundancy can
you anticipate with this configuration?

Explanation

RAID-5 volumes have a cost advantage over mirrored volumes because
disk usage is optimized. The more disks you have in the RAID-5 volume, the less the cost of the
redundant data stripe. If you’re using five disks in a RAID-5 configuration, you can anticipate 20
percent rate of redundancy.

Submit
98. You are the part-time systems administrator for a small desktop publishing business.
There is a Windows Server 2003 stand alone at your office. You have recently come
into possession of a legacy fax board, a device that allows multiple faxes to be sent and
received at the same time. You install the board on the Windows Server 2003 system
but discover that it does not work. You examine the Device Manager and notice that a
yellow warning with a black exclamation mark sits beside the fax board icon. You suspect
that there is an IRQ conflict with another device on this same system, a legacy
RAID controller. Which of the following describes the correct method of altering the
fax board’s configuration so that there is no IRQ conflict between the legacy fax board
and the legacy RAID controller?

Explanation

To resolve the IRQ conflict between the legacy fax board and the legacy RAID controller, the correct method is to select the fax board in the Device Manager. From the Action menu, select Properties. Then, go to the Resources tab and clear the Use Automatic Settings check box. Select the IRQ and click Change Settings. Scroll through the available IRQs until you find one that does not conflict with any others. Finally, click OK and restart the server. This will ensure that the fax board and RAID controller can function without any IRQ conflicts.

Submit
99. What would be the best way to give administrators the ability to administer a
server remotely through Terminal Services?

Explanation

It is a best practice to log on using an account with minimal credentials, then to launch administrative tools with higher-level credentials using Run As.

Submit
100. If your environment consists of two domains, one Windows Server 2003 and one
Windows NT 4, what group scopes can you use for assigning permissions on any
resource on any domain-member computer?

Explanation

In a Windows Server 2003 interim domain functional level domain, which is what you must be running to support a Windows NT 4 domain, you will only be able to use global groups as secu
rity principals. Domain local groups will only be useful on the domain controllers in the Windows
Server 2003 domain, and universal groups cannot be used as security groups in a Windows Server 2003 interim domain functional level domain.

Submit
101. An executive has a laptop running Windows XP, with a machine name of “TopDog.”
You want to allow the executive’s laptop to join the domain, and you want to be
sure that the computer is configured by the group policies linked to the Desktops
OU immediately. How can you achieve this goal?

Explanation

To achieve the goal of allowing the executive's laptop to join the domain and be configured by the group policies linked to the Desktops OU immediately, you need to create a computer object in the Desktops OU. Additionally, you should select the executive's user account for the property "The Following User Or Group Can Join This Computer To A Domain." This ensures that the laptop is added to the domain and receives the necessary group policies from the Desktops OU.

Submit
102. Oksana has scheduled a command-line disk defragmentation job to take place at 2 A.M.
every Sunday on all Windows Server 2003 systems at her site. This represents a perfect
time to perform such a task because the amount of activity on any of the servers at this
time is minimal. Checking through the logs on a Monday morning, Oksana finds that
the Sunday morning defragmentation did not occur on one of the volumes on one of
the Windows Server 2003 servers. Oksana logs onto the server from a remote desktop
connection and checks the Disk Defragmenter in the Computer Management Console.
Oksana decides to wait until the end of business that day and try to run the defragmentation
process again on this volume. At 6:30 P.M. she logs on from the remote desktop
again and attempts to initiate a defragmentation of the problematic volume. The process
fails again. What could be causing the failure, and which of the following steps
should Oksana take to defragment this volume?

Explanation

B. Correct: Disk defragmentation will fail only when a disk has errors. If a disk has
errors, it is classified as “dirty” by the operating system. The only way to change this state is to perform a Chkdsk operation on the disk and complete all required repairs.

Submit
103. You are the administrator of the Windows Server 2003 domain contoso.com. Your company
employs many temporary workers. Some of these workers are employed only
once, others are employed periodically on a recurring basis.
Your goal is to automate a process that will determine which accounts have not been
used within the last month and then disable them. If the accounts are needed again,
you will re-enable them at that time.
Which Directory Service command-line tool is the appropriate one to achieve your
goal?

Explanation

The correct answer is "dsquery user domainroot -inactive 4|dsmod user -disabled yes". This command-line tool combination allows the administrator to search for user accounts in the domain that have been inactive for the last 4 weeks and then disable those accounts. This meets the goal of automating the process of determining and disabling unused accounts, while still allowing for re-enabling if needed in the future.

Submit
104. You have configured several client computers with the Terminal Service client, Remote
Desktop Connection, and have configured a Terminal Server in Remote Desktop for
Administration (default) mode. When the users attempt to connect to the Terminal
Server, they receive an error message stating that the local policy of this system does
not permit them to log on interactively.
What should you do to correct the problem?

Explanation

To correct the problem, you should add the users to the Remote Desktop Users group. This will allow them to connect to the Terminal Server. By adding them to this group, they will have the necessary permissions to log on interactively and access the server remotely using Remote Desktop Connection.

Submit
105. What command should you use to unpack the single file download of a service
pack?

Explanation

The correct answer is ".exe -x". This is because the "-x" flag is commonly used to specify the extraction or unpacking process, and the ".exe" extension suggests that the file is an executable. Therefore, using ".exe -x" would indicate that the file should be executed with the extraction option, allowing the servicepack to be unpacked.

Submit
106. You recently added a disk to a computer. The disk had previously been used in a
Windows 2000 Server. The disk appears in Device Manager, but is not appearing
correctly in Disk Management. What task must you apply?

Explanation

To resolve the issue of the disk not appearing correctly in Disk Management after being added to the computer, the task that must be applied is to "Rescan". Rescanning the disks will prompt the computer to recheck and detect any newly added or changed disks, allowing the disk to be properly recognized and displayed in Disk Management.

Submit
107. You’re setting up a Windows Server 2003 computer and you want to protect the
data on the hard disk. You want to implement a solution that provides the fastest
disk I/O possible and supports the hot swapping of hard disks. Which RAID solution
should you use?

Explanation

Although hardware RAID is more expensive than software fault tolerance,
it provides faster disk I/O than software fault tolerance. In addition, hardware fault tolerance
solutions might implement hot swapping of hard disks to allow for replacement of a failed
hard disk without shutting down the computer and hot sparing so that a failed disk is automatically
replaced by an online spare.

Submit
108. Rooslan is the senior systems administrator for a medium-sized organization. Several
months ago he purchased and installed three Windows Server 2003 systems and configured
them as domain controllers. After a week of successful testing in Rooslan’s lab,
each server was shipped to a remote location in the organizational network as part of
the Windows Server 2003 rollout. Rooslan has just received a telephone call from a junior
administrator at one of the sites to which these domain controllers was shipped. The
junior administrator has noticed that when the domain controller starts an error report
appears that states that a device driver was unable to load during the boot process. The
junior administrator reports to Rooslan that he examined the Device Manager to see if
there is anything that indicates that a device is experiencing a fault, but there is no indication
that this is the case. Rooslan asks the junior administrator if he checked the hidden
devices and the junior administrator replied that he was unaware of how to
perform this task. Of the last 20 starts, the error has appeared three times. The error
appeared again this morning prompting the phone call to Rooslan. Before telephoning,
however, the junior administrator restarted the server and the error did not appear.
Rooslan initiates a remote desktop connection to the server to examine it. Which of the
following represents the path that Rooslan should follow to diagnose this fault?

Explanation

B. Correct: Because the system started without fault when the junior administrator called Rooslan, no fault will be evident in the Device Manager. Rooslan will be able to investigate further by looking at the system log, which has recorded the last few restarts, perhaps even more, and the problematic event will be recorded there.

Submit
109. Rooslan is the systems administrator of a Windows Server 2003 file server. The server
currently has two disk drives. The first disk, which is 30 gigabytes (GB) in size, hosts
all the operating system files. The second disk drive, which is 80 GB in size, hosts user
data on five separate shares. Each share corresponds to a specific department at
Rooslan’s organization. Each share is distributed into three separate folders. The first
folder is a departmental documents folder, the second is a collaboration folder, and the
third is an individual user data folder.
Users have read access to the departmental documents folder, read and write access to
the collaboration folder, and each individual user has full control over his or her unique
data folder. Only the individual user can access his or her data folder; other users cannot
read or write to the contents of that folder. The five-share system works well and
all employees in the organization understand where to store and find documents.A problem has developed in that the user data sections of each of the five departmental
shares are expanding so quickly that soon the disk that hosts the user data will be filled
to capacity. It is important to the managers of the organization that any solution does
not increase the number of shares that an employee must access.
Rooslan has the following goals:
Primary Goal: Add more space to each share so that the disk hosting the shared folders
does not become full.
Secondary Goals:
Retain only five shares and keep the user data directory as a folder off each departmental
share.
Provide fault tolerance for the file share.
Retain the security scheme currently in use so that individual users have full control
over their own directories and other users cannot access them.
Rooslan performs the following actions. During a scheduled period after midnight
when no users are connected to the server, Rooslan shuts down the server and installs
five 100 GB hard disk drives on the server. He then formats each drive as a single volume
with the NTFS file system. He then creates a new folder called Temp under each
of the folders hosting each department’s share. One by one, he then mounts the five
disks to each of the Temp folders so that each Temp folder now points to its own individual
mounted hard disk. Rooslan then copies the entire contents of the user data
folder into the Temp folder under each share, and then deletes the original user data
folder. Finally he renames the Temp folder with the name of the user data folder.How many of his goals has Rooslan achieved?

Explanation

Correct: Rooslan has achieved the primary goal by installing new 100 GB hard
disks and, by copying the user data across, he has added space to each of the
shares. Rooslan has achieved the first secondary goal by mounting the disks as the
user data folder. Under the current shared folder hierarchy, there is no need to
introduce extra shared folders. The files copied will not retain their NTFS permissions,
so the third secondary goal will not be achieved. Nowhere has it been mentioned
that any type of fault tolerance has been used; therefore, the second
secondary goal has not been achieved.

Submit
110. Orin’s company is auditing all the devices that are attached to its Windows Server 2003
systems. The auditors have demanded that printouts be generated listing a summary of
all devices that are installed on the system. This summary should include product version
numbers, bus type, and resource information.
Orin has the following goals:
Primary Goal: Provide a printout that contains a summary of all devices installed on the
system.
Secondary Goals:
Ensure that interrupt request (IRQ) resource information is included in this report.
Output the report to a file rather than a printer.
Orin proceeds as follows: From Computer Management in the Administrative Tools
program group, he opens the Device Manager, selects the Windows Server 2003 system
and, from the Action menu, selects Print. He then sets the report type to All Devices
And System Summary and clicks Print.
Which of the following goals has Orin achieved?

Explanation

B. Correct: Setting the report type to All Devices And System Summary will print an
extensive report for each device installed on the system, including resource information,
as well as generate a summary of the system. This achieves the primary
goal and the first of the secondary goals.

Submit
111. You have recently installed three legacy network cards on a Windows Server 2003
member server. Two of the network cards are working properly, but a third appears to
be conflicting with another device on your system. How can you determine which
other device on the system is conflicting with the third network card?

Explanation

By running the Device Manager and selecting the network card that has a yellow and black exclamation mark beside it, the user can access the properties of that network card. By going to the Resources tab and clearing the Use Automatic Settings check box, a list of conflicting devices will be displayed. This allows the user to determine which other device on the system is conflicting with the third network card.

Submit
112. A folder, Documents, on Server01 is shared as Docs$. The permissions on the shared
folder are set as follows:
■ Docs$ Shared Folder Permissions: Everyone–Full Control
■ Documents Folder NTFS Permissions: Authenticated Users–Read, Write; Managers–
Modify; Administrators–Full Control
Which of the following statements regarding access to the resource are true? (Select all
that apply.)

Explanation

All Users can access the shared folder from the network because the shared folder permissions are set to "Everyone-Full Control." Managers can delete files in the folder because their NTFS permissions are set to "Modify." Authenticated Users can write files in the folder because their NTFS permissions are set to "Read, Write."

Submit
113. A user calls the help desk and states that he or she cannot log on to the network. Using
Active Directory Users And Computers, you examine the Active Directory and determine
that the user account does not exist. Further investigation into the Directory Service
Event logs indicates that the account was deleted.
You re-create the user account in Active Directory Users And Computers. What else
will you need to do to complete the restoration of the user’s access to resources?
(Select all that apply.)

Explanation

To complete the restoration of the user's access to resources, you will need to place the user's account in the appropriate groups. This will ensure that the user has the necessary permissions to access the resources they need. Additionally, you will need to re-permission resources to which permission was given or denied based on the user account. This is necessary to ensure that the user has the correct level of access to these resources.

Submit
114. Which of the following is true about setup in Windows Server 2003? (Select all that
apply.)

Explanation

In Windows Server 2003, setup can be launched by booting to the CD-ROM, allowing for installation from a disc. Additionally, setup requires a non-blank password to meet complexity requirements, ensuring that the password meets certain criteria for security purposes.

Submit
115. A user has forgotten his or her password and attempts to log on several times with
an incorrect password. Eventually, the user receives a logon message indicating
that the account is either disabled or locked out. The message suggests that the
user contact an administrator. What must you do?

Explanation

Although the logon message text on Windows 2000 and other
previous operating system versions indicates that the account is disabled, the account is actually
locked. Windows Server 2003 displays an accurate message that the account is, in fact,
locked out. However, you can recognize the problem by examining what caused the message: a user forgot his or her password. You must unlock the account and reset the password.

Submit
116. What command-line tools will create a domain computer account in Active Directory?

Explanation

NETDOM and DSADD are command-line tools that can be used to create a domain computer account in Active Directory. NETDOM is a command-line tool used to manage Windows domains and trust relationships, and it includes the ability to create domain computer accounts. DSADD is another command-line tool used to add objects, including computer accounts, to Active Directory. Therefore, both NETDOM and DSADD can be used to create a domain computer account in Active Directory.

Submit
117. A user has accidentally deleted the data in a Microsoft Word document and saved
the document, thereby permanently altering the original file. A normal backup
operation was performed on the server the previous evening. Which restore
option should you select?

Explanation

The file does exist on the server, but the file has been corrupted. You should replace the file with the copy in the backup set.

Submit
118. What are the valid licensing modes in Windows Server 2003? Select all that apply.

Explanation

The valid licensing modes in Windows Server 2003 are Per Server and Per Device or Per User. Per Server licensing mode allows a certain number of concurrent connections to the server, regardless of the number of users or devices. Per Device or Per User licensing mode allows a specific device or user to access the server, regardless of the number of concurrent connections. Per Seat licensing mode is not a valid licensing mode in Windows Server 2003.

Submit
119. You have just installed a SCSI controller and three attached 100 GB SCSI disk drives to
your Windows Server 2003 system. You start the server after installing the hardware,
log on with an account that has administrative privileges and run the Disk Management
console. As soon as the console comes up, you are confronted by the Initialize And
Convert Disk Wizard. Which of the following can be done to the newly installed SCSI
disks by using this wizard? (Select all that apply.)

Explanation

A. Correct: The Initialize And Convert Disk Wizard runs each time a new disk is
added to the system and the disk management console is run. Limited in scope it
is only able to initialize a disk and convert it from basic to dynamic.
C. Correct: The Initialize And Convert Disk Wizard runs each time a new disk is
added to the system and the disk management console is run. Limited in scope,
the wizard is only able to initialize a disk and convert it from basic to dynamic.

Submit
120. A domain controller running Windows Server 2003 is failing to replicate with the other
domain controllers in the contoso.com domain. In Event Viewer, you note messages
that access has been denied to this domain controller. You suspect that the domain
controller’s password is not synchronized properly with the other domain controllers,
and should be reset.
What should you do?

Explanation

The correct answer is to use the Netdom command-line tool to reset the computer password on the domain controller. This is the appropriate tool for resetting the computer password in Active Directory. Restarting the server in the recovery console and using the console to reset the computer account is not the recommended solution for this issue. Resetting the account in Active Directory Users And Computers or using the Dsmod command-line tool are also not the correct methods for resetting the computer password.

Submit
121. You are the systems administrator for a medium-sized organization. You have been
instructed by management to generate an audit log of all users who attempt to access
a particular folder which stores confidential company financial information. Management
is interested not only in those users that successfully access the folder in question
but also those users who attempt to access the folder but are stopped because they
have insufficient NTFS permissions. Which of the following types of auditing should
you configure? (Select all that apply.)

Explanation

The correct answer is Successful Object Access and Failed Object Access. These two types of auditing will allow the systems administrator to generate an audit log of all users who attempt to access the particular folder. Successful Object Access will track the users who successfully access the folder, while Failed Object Access will track the users who attempt to access the folder but are stopped due to insufficient NTFS permissions. This will provide a comprehensive record of all access attempts to the confidential company financial information.

Submit
122. Rob is concerned that the network card on a file server he maintains needs to be
upgraded from 10 megabits to 100 megabits. He monitors the average Output Queue
Length on the network card over a period of a normal working day. Which values
should be a cause for concern and indicate that Rob should upgrade the network card?
(Select all that apply.)

Explanation

An Output Queue Length value of 2, 3, or 4 would indicate that there is a backlog of data waiting to be sent from the file server. This suggests that the current network card may not be able to handle the amount of data being processed, and upgrading to a faster network card would be necessary to improve performance and prevent bottlenecks.

Submit
123. Rob has set up a set of individual quotas for 250 users on a partition of a Windows
Server 2003 file server. Thirty of the users have a 10 MB quota, 45 have a 15 MB quota,
100 have a 30 MB quota, 25 have a 60 MB quota, and 50 have a 100 MB quota. There
are four other Windows Server 2003 systems that require exactly the same quota
scheme. Which of the following methods can Rob use to implement this quota scheme
on the four other servers?

Explanation

Rob can implement the same quota scheme on the four other servers by selecting all 250 quota entries from the quota entries page and exporting them to a file. He can then copy this file to the other servers and import it to the quota entries page of each partition where he wants to apply the quota scheme. This method allows him to easily replicate the same quotas across multiple servers without the need for a third-party quota management product.

Submit
124. Which tools allow you to output the telephone numbers for all users in an OU?

Explanation

DSQUERY will produce a list of user objects within an OU and can pipe that list to DSGET, which in turn can output particular properties, such as phone numbers.

Submit
125. You’re the administrator of a Windows Server 2003 computer. The computer’s
hard disk contains two data volumes: D and E. You enable disk quotas on volume
D and E that limit all users to 20 MB of total storage. However, you want to limit
storage in the users’ home folders, stored in D:\Users, to 10 MB per user. Is this
possible? Why or why not? Where can you implement quotas?

Explanation

You can implement quotas per-volume only. You cannot configure a
quota on the Users folder on volume D. The quota applies to the whole volume. You will also be
unable to set a quota of 20 MB per user of combined storage on volumes D and E. You could,
however, configure a limit of 15 MB on volume D and 5 MB on volume E, or some other combination
that totals 20 MB.

Submit
126. You are in charge of licensing at a small organization. Your company has 17 developers
and a sales force of 22. A total of 13 developers use two Windows XP Professional
workstations on their desks. Four of the developers also use Tablet PCs in addition to
their two Windows XP Professional workstations. The sales team works in pairs with
one Tablet PC used between a two-member sales team. The file server at the organization
is configured in Per Device or Per User mode. What is the minimum number of
licenses required to comply with licensing responsibilities?

Explanation

The organization has 17 developers who each use two Windows XP Professional workstations, totaling 34 workstations. Additionally, 4 of the developers use Tablet PCs, which adds another 4 workstations. The sales force of 22 works in pairs, so they only require 11 workstations. Therefore, the total number of workstations is 34 + 4 + 11 = 49. Since the file server is configured in Per Device mode, 49 Per Device licenses are required. Furthermore, since there are 17 developers and a sales force of 22, a minimum of 17 Per User licenses are required. Therefore, the minimum number of licenses required is 17 Per User licenses and 11 Per Device licenses.

Submit
127. You are the systems administrator for a small organization that has recently bought out
a rival company. Your organization has a Windows Server 2003 domain, of which all
computers are members. The rival company has six stand-alone Windows Server 2003
systems. The two networks have been integrated and there are no firewalls between
your Windows XP Professional workstation and the remote servers. Your Windows XP
Professional system is a member of the domain and you have Domain Administrator
privileges. You also have administrator credentials on each of the stand-alone servers.
You also have the telephone numbers of staff at each site who currently have administrative
privileges on each server and are logged on during business hours. Which of
the following tools can be used to configure the remote stand-alone Windows Server
2003 systems to join your organization’s domain? (Select any that apply.)

Explanation

not-available-via-ai

Submit
128. Rooslan is the administrator of a Windows Server 2003 system that runs Internet Information
Services. The server hosts a single Web site that contains confidential company
information. This information should only be accessible by specific hosts from particular
subnets within the corporate WAN. Rooslan would like to enable hosts to access
the server only from the following IP address ranges:
10.10.10.1 through 10.10.10.126
10.10.10.129 through 10.10.10.190
10.10.20.225 through 10.10.20.238
10.10.30.193 through 10.10.30.254
Rooslan edits the default Web site properties, navigates to the Directory Security tab,
and clicks Edit in the IP Address And Domain Name Restrictions frame. He selects
Denied Access and then clicks Add to list the exceptions. Which of the following Network
ID and Subnet Masks should he enter to limit access to the IP address ranges
specified above? (Select all that apply.)

Explanation

Rooslan wants to limit access to the IP address ranges specified above. To do this, he needs to enter the Network ID and Subnet Mask that correspond to each range. The correct answers are Network ID: 10.10.10.0, Subnet mask: 255.255.255.128, Network ID: 10.10.10.128, Subnet mask: 255.255.255.192, Network ID: 10.10.20.224, Subnet mask: 255.255.255.240, and Network ID: 10.10.30.192, Subnet mask: 255.255.255.192. These combinations of Network IDs and Subnet Masks accurately define the specified IP address ranges and will effectively limit access to the desired hosts from particular subnets within the corporate WAN.

Submit
129. How many simultaneous connections are possible to a Terminal Server running in
Remote Administration mode?

Explanation

Three; two remote connections and one at the console (but that’s not fair, is it?). Technically,then, two is the limit because the application-sharing components are not installed with Terminal Server configured in Remote Desktop mode for remote administration.

Submit
130. What tool will allow you to identify the site license server for your site?

Explanation

Active Directory Sites And Services is the correct answer because it is a tool that allows administrators to manage the replication of directory data among domain controllers in an Active Directory forest. It also allows you to view and manage the site topology, which includes the site license server for your site. By accessing Active Directory Sites And Services, you can easily identify the site license server for your site.

Submit
131. You have finished configuring a new display driver, and are prompted to restart
the computer for the changes to take effect. Shortly after logging on, the computer
screen goes blank, making working on the computer impossible. Which troubleshooting
techniques or tools will allow you to recover most easily from the problem
with the display driver?

Explanation

The Last Known Good Configuration option is useless
because you have logged on to the computer, making the last changes permanent. Safe mode will allow you to roll back the driver by using Device Manager.

Submit
132. You have just raised the domain functional level of your single-domain forest,
contoso.com, to Windows Server 2003. You want to take advantage of the security
group conversion possibilities available to you.
What security group conversion is possible at this domain functional level? (Choose all
that apply.)

Explanation

At the Windows Server 2003 domain functional level, you can convert a global group with user members to a universal group. This allows the group to be used across multiple domains in the forest. Additionally, you can convert a universal group with universal group members to a domain local group. This allows the group to be used within a specific domain in the forest.

Submit
133. There are several folders on a Windows Server 2003 domain controller that take up a
significant percentage of disk space on the system drive. These folders are as follows:
C:\Datastore\Compress
C:\Datastore\Encrypt
C:\Datastore\Indiperf
The Compress folder is compressed and all files and folders stored within it are also
compressed. The Encrypt folder is encrypted and all files and folders within it are also
encrypted. The Indiperf folder hosts user data. Each directory under the Indiperf directory
has permissions individually tailored to each user.
You take the following steps: install a single 100 GB hard disk drive, create three 30 GB
volumes on this drive, and, in the Datastore directory, you create the following folders:
C:\Datastore\Comptemp
C:\Datastore\Encrtemp
C:\Datastore\Inditemp
You then mount the first 30 GB volume to the Comptemp directory, the second 30 GB
volume to the Encrtemp directory, and the third 30 GB volume to the Inditemp directory.
You move the contents of the Compress directory to the Comptemp directory.
You copy the contents of the Encrypt directory to the Encrtemp directory. You move
the contents of the Datastore directory to the Inditemp directory.
You then delete the Compress, Encrypt, and Indiperf folders. Finally, you rename the
Comptemp directory Compress, the Encrtemp directory Encrypt, and the Inditemp
directory Indiperf.
Which of the following statements is true? (Select all that apply.)

Explanation

B. Correct: Files copied or moved between volumes, even if the volumes are
mounted, will inherit the compression attribute of the target folder. In this example
the compression attribute of the target folder was not set.
C. Correct: Encrypted files copied or moved between NTFS volumes will retain
their encryption status regardless of the attributes set on the target folder.
E Correct: Files moved between volumes inherit the NTFS permissions of their target
folder. All individual tailored NTFS permissions will be lost. The method of retaining the permissions is to back up the files and then restore them.

Submit
134. You need to create a batch file to automate the setting of the attributes for computers
within your Windows Server 2003 Active Directory domain, contoso.com. You want the
batch file to modify all computers in a specific OU within the domain. Your manual
input to the batch file will be the OU, the attribute, and the new value for the attribute.
All other input and output from the batch file should be automated.
Which Windows Server 2003 commands will you need to include in the batch file?
(Choose all that apply; each correct answer represents a partial solution.)

Explanation

The correct answer is Dsmod computer and Dsquery computer.

Dsmod computer command is used to modify computer objects in Active Directory. In this case, it can be used to modify the attributes of computers in a specific OU.

Dsquery computer command is used to query for computer objects in Active Directory. It can be used to retrieve a list of computers in a specific OU, which can then be used as input for the Dsmod command to modify their attributes.

Submit
135. What is the difference between a Windows Device CAL and a Windows User CAL?
(Select all that apply.)

Explanation

A Windows Device CAL allows a device, such as a workstation, to connect to a server regardless of how many users use that device. This means that multiple users can use the same device to connect to the server without needing individual CALs.

A Windows User CAL, on the other hand, allows a single user to access a server from multiple devices, such as workstations. This means that a user can use different devices to connect to the server, but they would still only need one CAL as long as it is the same user accessing the server.

Submit
136. You want to change the name of a stand-alone Windows Server 2003 system located at
a remote site on your organization’s network. The system works as an FTP and WWW
server and does not have a local administrator available. This server is not a member
of your organization’s Windows Server 2003 domain and your Windows XP Professional
workstation is. Which of the following tools can you use to accomplish this task?
(Select all that apply.)

Explanation

The Local Computer Management Console and Active Directory Users and Computers Console are not applicable in this scenario since the server is not a member of the organization's domain. However, the HTML Remote Administration Tools and Terminal Services Remote Administration mode can be used to remotely access and manage the server, allowing you to change its name.

Submit
137. A computer where you want to implement RAID-5 contains three disks, each with
2 GB of unallocated space. Using the Disk Management snap-in, you start the New
Volume Wizard by right-clicking one of the regions of unallocated space. When
you reach the Select Volume Type screen, the RAID-5 option is not available. What
is the most likely reason for this behavior?

Explanation

To configure a RAID-5 volume, at least three disks must be configured
for the dynamic storage type.

Submit
138. Rooslan is using several external universal serial bus (USB) hard disk drives as an extra
storage option on a Windows Server 2003 system that he administers. He is also using
an external USB CD-Writer and a Microsoft USB IntelliMouse and a USB keyboard.
Recently, Rooslan has noticed that the performance of some of the USB hard disk
drives has become erratic. He wants to generate a report on the current bandwidth and
power consumptions of various USB devices attached to the Windows Server 2003 system.
Which of the following will allow him to do this? (Select all that apply.)

Explanation

Rooslan can generate a report on the current bandwidth and power consumption of various USB devices attached to the Windows Server 2003 system by opening the Device Manager. By navigating to the USB Root Hub and selecting Properties, he can access the Power tab, which lists the power consumption of the attached devices. Additionally, by navigating to the USB Universal Host Controller and selecting Properties, he can access the Advanced tab, which lists the bandwidth-consuming devices and the bandwidth they use.

Submit
139. You are the systems administrator for a set of Windows Server 2003 systems that are
used as Web servers for a medium-sized Internet service provider (ISP). You must prepare
a report for your manager on the network adapters that are installed in each of the
servers. This report should include the adapter type, and the hardware resources it
uses such as IRQ. Because they experience sustained traffic load serving Web pages to
the Internet, there are several network adapters in each server. To make matters more
complex, these adapters have generally been added on an ad hoc basis so they are of
various make and manufacture. Which of the following methods can you use to generate
this report for your manager? (Select all that apply.)

Explanation

To generate a report on the network adapters installed in each server, the systems administrator can use two methods. Firstly, they can run the Device Manager on each Windows Server 2003 system, select Network Adapters, and then select Print from the Action menu. They should choose Selected Class or Device and click Print. Secondly, they can run WINMSD from the command prompt, select the Network node under the Components node, and then select the Adapters node. From the File menu, they can select Print. These methods will provide the necessary information about the adapter type and hardware resources used.

Submit
140. You are the systems administrator for a medium-sized organization that runs a single
Windows Server 2003 domain. The Default Domain Group Policy object has the following
password policy settings:
10 Passwords Remembered.
Maximum Password Age 10 days
Minimum Password Age 2 days
Minimum Password Length 10 characters
A group of 40 developers who work in a department in your organization has lobbied
management for a separate set of password policies specific to its members. The developers
want the minimum password age set to 0 days and the maximum password age
set to 28 days. Which of the following methods will allow you to alter the password
policy for this group of developers?

Explanation

Creating a child domain and moving the developers' accounts to this domain allows for the implementation of a separate password policy. By editing the Default Domain GPO of the child domain, the desired password policy settings can be applied specifically to the developers' accounts. This method ensures that the separate password policy only affects the targeted group, without impacting other users in the organization.

Submit
141. You are the systems administrator for several small businesses. One of the small businesses
that you work for has reported that the performance of its server appears to be
degrading. The server is configured as follows:
Volume Type File System Fault Tolerance Fragmentation
Drive C Dynamic NTFS Mirrored 9%
Drive D Basic NTFS None 13%
Drive E Dynamic NTFS Striped 23%
Drive F Dynamic NTFS RAID-5 32%
Drive G Dynamic NTFS RAID-5 41%
On which of the Windows Server 2003 system volumes will Windows recommend that
you run the defragmenter? (Select all that apply.)

Explanation

B. Correct: This figure is above the 10% threshold, so Windows will recommend a
defragmentation.
C. Correct: This figure is above the 10% threshold, so Windows will recommend a
defragmentation.
D. Correct: This figure is above the 10% threshold, so Windows will recommend a
defragmentation.
E. Correct: This figure is above the 10% threshold, so Windows will recommend a
defragmentation.

Submit
142. Your company has been using roaming profiles for members of the Sales and Information
Technology departments for the last 10 months. The profile data is stored on a
member-server running Microsoft Windows Server 2003. The file system in use on the
volume on the server hosting the profiles is FAT32. The share hosting the profiles is
called Profshare. Profile paths are correctly configured in each user’s properties.
Recently you have found that some users are able to access the data located in other’s
profiles. You want to secure the roaming user profiles on your network such that only
the user logging on to the profile will have access to the data contained within it.
What should you do? (Choose two; each answer is part of the complete solution.)

Explanation

To secure the roaming user profiles and ensure that only the user logging on to the profile has access to the data within it, two steps should be taken. Firstly, Read and Write permissions should be assigned on the folder where the profiles are stored, but only to those users who store roaming profiles. This will restrict access to only the intended users. Secondly, the volume where the profiles are stored should be converted to NTFS. NTFS provides more advanced security features compared to FAT32, such as file and folder level permissions, which will further enhance the security of the profiles.

Submit
143. You are the administrator of a Windows Server 2003 domain, contoso.com, that is set to
domain functional Level Windows 2000 mixed during a migration of your network.
You are planning your use of groups during this transitional period, and want to determine
what group types you can create and what scopes those groups may have.
What group type and scope possibilities exist at this functional level? (Choose all that
apply.)

Explanation

At the Windows 2000 mixed functional level, the possible group type and scope combinations are as follows:
- Domain Local Group: Security Type
- Domain Local Group: Distribution Type
- Global group: Security Type
- Global group: Distribution Type
- Universal group: Security Type

This means that you can create domain local groups with either security or distribution type, global groups with either security or distribution type, and universal groups with security type.

Submit
144. You attempt to connect to Server01 through the Remote Desktop for Administration client,
but receive a message that you cannot connect because the number of concurrent
connections has been exceeded.
You can connect with the Remote Desktop for Administration client to Server02,
Server03, and Server04, which are member servers in the same domain. You have
administrator privileges on each of these servers.
Server01 is not physically accessible to you, as it is in a remote location.
What steps should you take to resolve the problem? (Select all that apply.)

Explanation

To resolve the problem, you should first connect to Server02 with the Remote Desktop for Administration client. Then, connect to Server01 from the Terminal Services session on Server02 using the Terminal Services Manager. From there, you can disconnect one of the remote sessions on Server01 to free up a connection slot. This will allow you to connect to Server01 through the Remote Desktop for Administration client.

Submit
145. Mick works as the network administrator for an organization that has five branch
offices located across a city. The headquarters office has the only connection to the
Internet and also hosts a proxy server. Headquarters has 200 Windows XP Professional
workstations and several Windows Server 2003 systems. Each of the five branch offices
has 150 Windows XP Professional workstations and several Windows Server 2003 systems.
These branch offices are connected by ISDN BRI to the headquarters office. Currently
none of the Windows systems is able to receive updates from Microsoft’s
Windows Update server because they are unable to authenticate against the proxy.
Management has asked Mick to implement SUS throughout the organization so that
approved updates can be installed on workstations and servers. Management also
wants Mick to minimize the amount of update traffic running through the ISDN BRI
lines. Which of the following methods will achieve this goal?

Explanation

By configuring a SUS server in the headquarters location and synchronizing SUS servers in each branch office with the headquarters server, the organization can maintain a list of approved updates and download and store those updates. Additionally, by creating a Group Policy Object (GPO) and applying it at each site, clients can be instructed to use their local SUS server as their update server. This approach minimizes the amount of update traffic running through the ISDN BRI lines, as clients within each branch office will download updates from their local SUS server instead of the central server.

Submit
146. Rooslan is a systems administrator at a medium-sized organization that has a single
Windows Server 2003 domain. His team is responsible for installing and maintaining
six Windows Server 2003 systems. Each server has been configured as a stand-alone
server and is not a member of the 2003 domain. Twelve new disk drives have arrived
and two each are to be installed in each of these member servers. Rooslan delegates
this task to an intern named Alex that is visiting the organization this month. Rooslan
has configured Alex a simple user account that has been granted local logon rights on
each of the servers via the local Group Policy Object (GPO). Organizational policy dictates
that under no circumstances should Alex’s user account be made a member of the
Administrators group on any of the Windows Server 2003 servers. Rooslan then asks
Alex to convert each of the newly installed disks from basic to dynamic. Alex tries this
but finds that he is unable to perform this task. Which of the following can Rooslan do
without making Alex’s user account a member of the Administrators group on each of
these Windows Server 2003 stand-alone servers?

Explanation

A. Correct: The Backup Operators group has the right to perform the conversion
task.
D. Correct: This will work because users who have this right assigned through GPO
can perform tasks such as defragmentation and conversion.

Submit
147. Oksana is looking at a report generated by the disk defragmenter of her system. Her
system contains two volumes. The first volume is 100 GB and is mirrored on a second
100 GB disk. The second volume is 400 GB and uses RAID-5 over five 100 GB disks.
The report that Oksana is examining was an analysis performed on the second volume
rather than the first.
Oksana is puzzled because there seems to be several sections on the second volume
that are colored green. Green in a defragmenter analysis represents unmovable files.
Oksana is puzzled because she believed that the only files that were unmovable for the
disk defragmenter are located on the system or boot volumes. What is the cause of the
unmovable files listed on the defragmenter analysis of the second volume? (Select all
that apply.)

Explanation

B. Correct: Page files are unmovable files and therefore are reported in green by the
disk defragmenter analyzer. Similarly, the NTFS change journal, on NTFS volumes,
is also represented by the unmovable green.
E. Correct: Page files are unmovable files and therefore are reported in green by the
disk defragmenter analyzer. Similarly, the NTFS change journal, on NTFS volumes,
is also represented by the unmovable green.

Submit
148. You are configuring permissions for a shared folder on your network. You want all
Authenticated Users to have read access to the files when attaching to the folder across
the network from their computers, but only members of the Managers group should be
able to read the files when logged on locally to the computer containing the files. Managers
also need the ability to change the files when logged on locally.
All users are able to log on locally to the computer.
What permissions do you need to set on the shared folder? (Select all that apply.)

Explanation

The correct answer is NTFS–Managers–Change, Share Permission–Network–Read.

By setting NTFS permissions to "Managers-Change", only members of the Managers group will have the ability to change the files when logged on locally.

By setting Share Permission to "Network-Read", all Authenticated Users will have read access to the files when attaching to the folder across the network from their computers.

This combination of permissions ensures that only members of the Managers group can read and change the files when logged on locally, while all Authenticated Users can only read the files when accessing them over the network.

Submit
149. You are the administrator of a Windows Server 2003 IIS Web server. The Web site hosts
a group of discussion forums. There is a secure Web site that can only be accessed by
users entering a user name and password combination. One morning you have discovered
that the name of one of the accounts that use the secure Web site has been posted
maliciously to the forums. You delete the post, but you want to begin auditing to see
if anyone has tried to guess the password of the account by attempting to log on to the
secure site. The Windows Server 2003 system currently runs on a stand-alone server
that is not a member of a domain. Which type of event should you audit?

Explanation

You should audit "Audit Failed Account Logon Events" in order to see if anyone has tried to guess the password of the account by attempting to log on to the secure site. This event will record failed attempts to log on to an account, which will help you identify any unauthorized access attempts.

Submit
150. If you are using universal groups in your domain or forest, and you need to give
permission-based access to the members of the universal group, what configuration
must be true of the universal group?

Explanation

The correct answer is that the domain functional level must be Windows 2000 native or Windows Server 2003, and the universal group must be of the type security. This is because in order to give permission-based access to the members of a universal group, the domain functional level needs to be at least Windows 2000 native or Windows Server 2003. Additionally, the universal group needs to be of the type security, as security groups are used to assign permissions and access rights.

Submit
151. What are the minimum credentials necessary to create a Windows Server 2003
computer account in an OU in a domain? Consider all steps of the process.
Assume Active Directory does not yet have an account for the computer.

Explanation

The correct answers are d and h. Account Operators on a domain controller are assigned the minimum permissions necessary to create a computer object in the domain. You must be a member of the local Administrators group on the server to change its domain membership

Submit
152. You are deploying several Windows Server 2003 computers into your Windows NT 4
environment using the Sysprep utility. After deploying the image to all the servers, you
test network connections to each to ensure that the deployment has gone properly.
When you try to log on to Server03 remotely, a message indicating that the “Trust relationship
has failed” is displayed, and you are unable to connect.
What should you do to solve the problem? (Choose all that apply.)

Explanation

The "Trust relationship has failed" error message typically occurs when the computer's machine account password does not match the password stored in the domain controller. To solve this problem, you should create an account for Server03 in the domain to establish a new trust relationship. Additionally, joining Server03 to a workgroup and then rejoining it to the domain can also help resolve the issue. Finally, deleting the Server03 account from the domain and recreating it can also fix the problem.

Submit
153. You’re installing a printer on a client computer. The printer will connect to a logical
printer installed on a Windows Server 2003 print server. What type or types of
information could you provide to set up the printer? (Choose all that apply.)

Explanation

When you add a network printer, you can search for the printer
in Active Directory, enter the UNC or URL to the printer, or browse for the printer. When you connect
to the printer, the model is specified by the shared logical printer, and the driver is downloaded
automatically.

Submit
154. Which of the following provide the ability to recover from the failure of a single
hard drive?

Explanation

Mirrored volume and RAID-5 volume provide the ability to recover from the failure of a single hard drive. In a mirrored volume, data is duplicated on two separate hard drives, so if one drive fails, the other drive still contains a copy of the data. RAID-5 volume, on the other hand, distributes data and parity information across multiple drives, allowing for recovery in case of a single drive failure. Both of these options provide fault tolerance and data redundancy, ensuring that data is still accessible even if one drive fails.

Submit
155. You would like to view a list of devices connected to your Windows Server 2003 system
listed numerically by IRQ. Which of the following methods could you use to do
this? (Select all that apply.)

Explanation

You can use the Device Manager and from the View menu, select Resources By Connection to view a list of devices connected to your Windows Server 2003 system listed numerically by IRQ. Additionally, you can also use the Device Manager and from the View menu, select Resources By Type to achieve the same result.

Submit
156. Which of the following tools allow for the creation of Active Directory security principals
(user, computer, and group accounts) based on user or file input? (Choose all that
apply.)

Explanation

Active Directory Users And Computers, Ldifde, and Csvde are the tools that allow for the creation of Active Directory security principals based on user or file input. Active Directory Users And Computers is a graphical tool that enables the creation of user, computer, and group accounts. Ldifde is a command-line tool that can import or export data from Active Directory using LDIF (LDAP Data Interchange Format). Csvde is another command-line tool that can import or export data from Active Directory using CSV (Comma Separated Values) format. These tools provide different options for managing and manipulating Active Directory security principals.

Submit
157. Which of the following tools allows you to administer a share on a remote server?
Select all that apply.

Explanation

Windows Explorer can be used only to administer a local
share, so you would have to run a remote desktop session to the remote server, and run Windows Explorer in that session to manage that server’s shares. A more common, and a better, practice is to use the Shared Folders snap-in, which is included in the File Server Management console.

Submit
158. Oksana has recently replaced Rooslan as the systems administrator of six Windows
Server 2003 systems. These six servers are stand-alone systems and not members of
any domain. Several weeks into her tenure, Oksana receives the go-ahead to buy a
Digital Audio Tape (DAT) backup drive for each of the Windows Server 2003 systems.
At a prescheduled time she brings the servers down and installs the new hardware.
When all the servers have been brought up, Oksana logs on to each and is confronted
by the Add New Hardware Wizard. She begins the process of installing the software for
the new hardware but finds that the process fails because the driver cannot be
installed. Oksana then investigates the driver signing setting in the System Properties.
The driver signing option is set to Block with the other options dimmed. Although the
drivers have not been digitally signed by Microsoft, Oksana has decided that she wants
to use them and that they will pose no problems to the stability of the servers that she
administers. Which of the following actions can Oksana take to allow the installation of
unsigned drivers on all six of these Windows Server 2003 systems? (Select all that
apply.)

Explanation

Oksana should reconfigure the local GPO and set the Unsigned Driver Installation Behavior policy to Warn But Allow Installation. Additionally, she should check the Administrator Option / Make This Action The System Default check box in the Driver Signing Options dialog box, accessible from the System Properties. This will enable her to switch the option from Block to Warn. By doing so, Oksana will allow the installation of unsigned drivers on all six of the Windows Server 2003 systems she administers.

Submit
159. You are the administrator of a company that has decided to place computers in the
lobby for access to public company information. Members of the Sales department
need to be able to log on to these computers with their Domain user credentials for client
demonstrations, and public users will use the Guest account.
Members of the Sales department, whose desktop computers and user accounts are
contained in the Sales Organizational Unit (OU), are configured to use roaming profiles.
The shared computers in the lobby are contained in the Lobby OU.
You do not want the Sales users’ desktop computer profiles to be used when they log
on to one of the shared, lobby computers. All users of the lobby computers should
have the same desktop without the ability to save changes.
What configuration changes must you make? (Choose three; each answer represents a
partial solution.)

Explanation

To prevent the Sales users' desktop computer profiles from being used on the shared lobby computers, a local profile needs to be configured for the Guest account on one of the computers in the lobby. This profile should then be copied to the Default User folder on each computer in the lobby. Additionally, a Group Policy Object (GPO) needs to be created and linked to the Lobby OU. This GPO should enable the Only Allow Local User Profiles Computer Configuration policy. Finally, the file name of Ntuser.dat should be changed to Ntuser.man in the Default User folder on each computer in the lobby. These three configuration changes will ensure that all users of the lobby computers have the same desktop without the ability to save changes.

Submit
160. You are the systems administrator for a medium-sized organization that is considering
implementing SUS on all Windows XP Professional workstations and Windows Server
2003 systems companywide. Before a companywide rollout is to go ahead, a pilot program
is to be implemented. You have been assigned a lab with 10 Windows XP Professional
workstations, a Windows Server 2003 member server running SUS, a
Windows Server 2003 domain controller, and a stand-alone Windows Server 2003 system.
You wish to configure all systems except the server running SUS to use the SUS
server to automatically check for, download, and install updates at 7:00 A.M. each day.
Which of the following steps should you take to do this? (Select all that apply.)

Explanation

To configure all systems except the server running SUS to use the SUS server for automatic updates, the Windows XP Professional workstations and the Windows Server 2003 domain controller should be placed in a separate OU named Uptest. Then, a Group Policy Object (GPO) should be edited for the Uptest OU, specifying the address of the update server as the SUS server in the Specify Intranet Microsoft Update Service Location policy. The Configure Automatic Updates Policy should be set to automatic download and install with a scheduled install day of Every Day and a time of 7:00 A.M. This GPO should be applied to the Uptest OU. Additionally, on the stand-alone Windows Server 2003 system, the local GPO's Windows Update properties should be edited to specify the address of the update server as the SUS server and the same Configure Automatic Updates Policy should be set. This GPO should also be applied to the Uptest OU.

Submit
161. Alex is the systems administrator of a remote satellite tracking facility located in Outback,
Australia. The facility is connected by ISDN line to a central site in Sydney. Alex
is having some trouble configuring tracking software on the server and is on a support
call to an administrator at the central site who is attempting to talk him through it. The
administrator asks if Alex would be able to send a remote assistance invitation to him
so that he can better talk Alex through the procedure. Which of the following methods
will allow the administrator to receive Alex’s remote assistance invitation?

Explanation

The correct answer is that Alex can send a remote invitation to the administrator by using Windows Messenger and the Remote Assistance Wizard, Alex can e-mail a remote assistance invitation to the administrator using the Remote Assistance Wizard, Alex can create the invitation as a file and place it on an FTP server where the administrator can download it and access it, and Alex can create the invitation as a file and place it on a file share where the administrator can access it. These methods allow Alex to share the remote assistance invitation with the administrator, enabling them to connect and assist with the configuration of the tracking software.

Submit
162. Rooslan wants to get an idea as to why a particular Windows Server 2003 system is performing
poorly. He is unsure whether the problem is the disk drives, the processor, or
the amount of available memory. Which of the following should he do to get a better
idea about each system’s performance over the course of a day? (Select all that apply.)

Explanation

To get a better idea about the system's performance, Rooslan should use the Performance console to track the values of % Processor Time, Current Disk Queue Length, and Available MBytes. By configuring the view to display average values and running the console over the course of a normal operating day, he can gather data on the average performance of the system. This will help him identify any patterns or trends in the system's performance and determine if any of the components (disk drives, processor, or available memory) are causing the poor performance.

Submit
163. You have cleared the Enable Anonymous Access check box in Authentication Methods
of the Directory Security tab of the Default Web Site properties on a stand-alone Windows
Server 2003 system running IIS. Which of the following methods of authentication
are available to you? (Select all that apply.)

Explanation

By clearing the Enable Anonymous Access checkbox in the Authentication Methods of the Directory Security tab, you are disabling anonymous access to the Default Web Site. This means that users will be required to authenticate themselves before accessing the site. The available authentication methods in this scenario are Integrated Windows Authentication, Basic Authentication, and .NET Passport Authentication. Integrated Windows Authentication allows users to log in using their Windows credentials, Basic Authentication requires users to enter a username and password, and .NET Passport Authentication allows users to log in using their .NET Passport credentials.

Submit
164. Which locations allow you to change the domain membership of a Windows
Server 2003 computer?

Explanation

You can change the domain membership of a Windows Server 2003 computer by accessing the properties of My Computer, the Control Panel's System application, and the Network Connections folder. These locations provide the necessary settings and options to modify the domain membership of the computer. The Active Directory Users and Computers tool is used for managing user accounts and not for changing domain membership. The Users application in Control Panel is also not related to changing domain membership.

Submit
165. User has deleted a file in a shared folder on a server. The user opens the prop
erties of the folder and does not see a Previous Versions tab. Which of the follow
ing may be true? (Choose all that apply.)

Explanation

Shadow Copy is enabled per volume, not per folder. Once
Shadow Copy is enabled, any user with the client installed will see a Previous Versions tab for a file or folder that has changed. Shadow Copy is supported on FAT and NTFS volumes

Submit
166. Users at Contoso Ltd. use Microsoft Office applications to access resources on
Server01. Your job is to monitor Server01 to ensure that permissions are not too
restrictive, so that users are not prevented from achieving their assignments.
Which log, and which type of event, will provide the information you require?

Explanation

The correct answer is "Security log; Failure Event". Monitoring the Security log for Failure Events will provide information about any instances where permissions are too restrictive and users are being prevented from accessing resources on Server01. Failure events in the Security log typically indicate authentication or authorization issues, which can help identify any permission-related problems that may be impacting users' ability to complete their assignments.

Submit
167. You have just raised the domain functional level of your single-domain forest,
contoso.com, to Windows Server 2003. You want to take advantage of the security
group nesting possibilities available to you.
What Security group nesting is possible at this domain functional level? (Choose all that
apply.)

Explanation

At the Windows Server 2003 domain functional level, the possible security group nesting options are Domain Local in Domain Local, Global in Domain Local, Universal in Domain Local, and Global in Global. This means that you can nest a Domain Local security group within another Domain Local security group, a Global security group within a Domain Local security group, a Universal security group within a Domain Local security group, and a Global security group within another Global security group. These nesting possibilities allow for more flexible and granular control over security permissions within the single-domain forest.

Submit
168. Bill complains that he is unable to access the department plan. You open the Secu
rity tab for the plan and you find that all permissions on the document are inher
ited from the plan’s parent folder. There is a Deny Read permission assigned to a
group to which Bill belongs. Which of the following methods would enable Bill to
access the plan?

Explanation

To enable Bill to access the plan, the permissions on the plan need to be modified. This can be done by adding the permission "Bill:Allow Read" to the plan. Additionally, the "Allow Inheritable Permissions" option should be deselected, and the Deny permission should be removed by choosing the "Copy" option. Another possible solution is to remove Bill from the group that has been assigned the Deny permission. These actions will override the inherited permissions from the parent folder and grant Bill access to the department plan.

Submit
169. Which of the following are valid criteria for a security log filter to identify specific
file and folder access events? Select all that apply.

Explanation

The correct answer is the date of the event, the user that generated the event, and success or failure audit. These criteria are valid for a security log filter to identify specific file and folder access events. The date of the event allows for filtering events based on a specific time frame. The user that generated the event helps in identifying the individuals responsible for the access. Success or failure audit indicates whether the access attempt was successful or not. These criteria together provide a comprehensive filter for identifying specific file and folder access events.

Submit
170. A file server on your network will not start. After exhausting all other options, you
have decided to use Automated System Recovery (ASR) to recover the system. You
created an ASR backup immediately after you installed Microsoft Windows Server
2003 and another one two months ago after you installed a device driver. You perform
a full backup of data files once a week. What will ASR restore? (Choose all
that apply.)

Explanation

ASR will restore the disk configuration, operating system, and system state from two months ago. ASR is designed to restore the entire system to a previous state, including the disk configuration, operating system, and system state. It does not restore data files, as those are typically restored using regular backups.

Submit
171. You are configuring share permissions for a shared folder on a file server. You want all
Authenticated Users to be able to save files to the folder, read all files in the folder, and
modify or delete files that they own.
What are the correct permissions that you need to set on the shared folder to achieve
your objective? (Select all that apply.)

Explanation

The correct answer is "Authenticated Users–Read, Creator/Owner–Change". By setting the "Authenticated Users" group to have the "Read" permission, all authenticated users will be able to read files in the folder. Additionally, by giving the "Creator/Owner" the "Change" permission, users will be able to modify or delete files that they own.

Submit
172. Oksana is concerned that a new Web site that she is about to launch will quickly overload
her company’s connection to the Internet. The Web site will be hosted on a Windows
Server 2003 system running IIS 6.0 and contains streaming media as well as files for
download. Oksana has talked to the network administrator and he has suggested that
the Web site can use a maximum of 2 MB per second of the company’s bandwidth
without causing significant problems. Oksana would also like to limit the maximum
number of users connecting to the Web site to 200 at a time. Which of the following
should Oksana do to place these traffic restrictions on her Web site? (Select all that
apply.)

Explanation

To place traffic restrictions on her website, Oksana should edit the properties of the Web site. In the Performance Tab, she should select the "Limit The Network Bandwidth Available To This Web Site" check box and set the "Limit The Network Bandwidth Available To This Web Site: Maximum Bandwidth (in KB per second)" to 2,048. Additionally, she should select and set the "Connections Limited To" value at 200. By doing this, Oksana can ensure that her website does not overload the company's connection to the Internet by limiting the bandwidth and the number of simultaneous connections.

Submit
173. You are the Web site administrator of a Windows Server 2003 system hosted by your
ISP. You want to host several different Web sites off this server but your ISP is unable
to allocate your hosted server more than a single public IP address. The public IP
address you have been allocated is 207.46.248.234. The sites that you want to host are
as follows:
www.adatum.com
www.alpineskihouse.com
www.proseware.com
www.tailspintoys.com
Each site is to contain completely unique content totally unrelated to the other sites.
Which of the following steps should you take to resolve this problem? (Select two; each
selection forms a part of the correct answer.)

Explanation

To resolve the problem of hosting multiple websites with only one public IP address, two steps should be taken. First, the DNS server hosting the records for each website (www.adatum.com, www.alpineskihouse.com, www.proseware.com, and www.tailspintoys.com) should be configured to point these hosts' records at the IP address 207.46.248.234. This ensures that the DNS resolves each website's domain name to the correct IP address. Second, four separate web sites should be created using the Web Site Creation Wizard. The IP address for each web site should be set to 207.46.248.234, and the host header should be set to the respective web site name. The home directory for each web site should be configured to the directory that hosts the unique content for that website. The Default Web Site should be disabled to avoid conflicts.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Nov 20, 2008
    Quiz Created by
    Lexx_vnl
Cancel
  • All
    All (173)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
What are the minimum NTFS permissions required to allow users to open...
You have a database of users that is capable of exporting CSV files,...
What credentials are required for administration of a remote computer...
To monitor potential dictionary attacks against user passwords in your...
A user, John, reports that his profile settings are not roaming...
Which of the following LDIFDE commands changes the function of LDIFDE...
A folder is shared on a FAT32 volume. The Project Managers group is...
Can an existing MMC snap-in be changed from local to remote context,...
Which of the following are firewall-related constraints relating to...
Scott Bishop is a power user at a remote site that includes 20 users....
You install a scanner on a computer running Windows Server 2003. When...
You are concerned that the CPU on a print server that hosts 10 shared...
An executive has returned from a business trip. Before the trip, she...
A user reports that he or she cannot access the network by dialing in....
What option will be most useful to generate 100 new user objects, each...
You are to back up a Windows Server 2003 file server every evening....
You’re the administrator of the Windows Server 2003 computer that is...
You are configuring the permissions for a shared folder, Finance, on...
You are planning the deployment of Windows Server 2003 computers for a...
The License Logging service tracks Per Device or Per User licenses by...
You are planning the deployment of Windows server 2003 computers for a...
What tool is used to enable Remote Desktop on a server?
Which tool will allow you to identify accounts that have not been used...
You want to ensure the highest level of security for your corporate...
You’re setting up a printer pool on a Windows Server 2003 computer....
A user has sent you a request, by e-mail, for a Remote Assistance...
Foley works as the systems administrator for a law firm. There is a...
Rooslan is the systems administrator for an organization that has four...
You want to nest the IT Administrators group responsible for the Sales...
You’re administering a Windows Server 2003 computer configured as a...
You need to remove a PnP device from a configuration temporarily, but...
You are in the process of adding users, computers, and groups to your...
What platforms are capable of joining a domain?
A folder is shared on a NTFS volume, with the default share...
A folder called Reports on Server01 resides in the Marketing\Summary...
You’re setting up printing on a Windows Server 2003 computer. You...
Rooslan is responsible for licensing at a medium-sized organization...
You enable the password complexity policy for your domain. Describe...
Why is it a best practice to create a computer account in the domain...
You would like to test the restore procedures on your server, but...
You’re administering a Windows Server 2003 computer configured as a...
A Windows 2003 Server is configured as a print server. In the middle...
Which of the following options will give you the clearest picture of...
What type of Group Policy software deployment should be used to...
You’re the administrator of a Windows Server 2003 computer. You want...
You’re setting up software RAID on your Windows Server 2003 computer...
In your Windows Server 2003 domain contoso.com, in the Pservers (Print...
Rooslan is the senior systems administrator at a medium-sized...
You open a computer object and, on the Operating System tab, discover...
What type of disk region supports logical drives?
Rooslan is working with a Windows Server 2003 system that has been...
How do you make a profile mandatory?
Ou have been given the responsibility for maintaining user accounts,...
A traveling user has been away from the office for several months. The...
You want to configure a logical printer so that large, low-priority...
What is the required amount of free disk space on a volume in order to...
You are a network administrator managing a Windows Server 2003 domain,...
A user, returning from an extended leave of absence powers on his or...
All computer users in your company access several applications through...
Lee is concerned that another user in the office is attempting to log...
Rooslan is working from home and is using a dial-up connection to his...
You are the systems administrator for a medium-sized organization. You...
You manage the network for a team of 500 telephone sales...
Lee has two 100 GB SCSI hard disk drives connected to a Windows Server...
You are working on a Windows Server 2003 system that has been upgraded...
A user has returned from an extended business trip, and reconnects his...
You’re setting up a Web site in IIS on Server01. The site’s...
You are to back up a Windows Server 2003 file server every evening....
As a part of your company’s policy, all actions by systems...
You are rolling out servers to provide Internet access to your...
Are all functions within a snap-in used on a local computer usable...
You are configuring SUS for a group of Web servers. You want the Web...
You’re setting up a backup job on a computer running Windows Server...
Your company has placed 35 computers in various locations throughout...
You have been given an administrative task related to user accounts in...
A user reports that he or she cannot log on to the network from a...
You are interested in viewing Information and Warning events in the...
Rooslan has been instructed by senior management to generate a report...
A user, Joe, is taking on additional network administrative...
Laherty is the IT consultant for a small graphic design business that...
In a domain running in Windows Server 2003 domain functional level,...
In the properties of a group, which tab will you access to add users...
You’re implementing software RAID on your Windows Server 2003...
Rooslan is a consultant who has been approached by a medium-sized...
You are configuring the properties of user accounts in the Sales OU of...
You have configured several users to be able to connect to Server01...
You are the systems administrator for a medium-sized organization and...
Rooslan is the systems administrator for a small company that has...
After a period of expansion, your company created a second domain....
A hard disk on a server running Windows Server 2003 has failed. You...
Which of the following properties and administrative tasks can be...
Bill calls again to indicate that he still cannot access the...
You are a systems administrator at a medium-sized organization. You...
You have two modems connected to a Windows Server 2003 system that are...
What variable can be used with the DSMOD and DSADD commands to...
You are hiring a team to tackle a software development project. There...
You’re setting up RAID-5 on your Windows Server 2003 computer. You...
You are the part-time systems administrator for a small desktop...
What would be the best way to give administrators the ability to...
If your environment consists of two domains, one Windows Server 2003...
An executive has a laptop running Windows XP, with a machine name of...
Oksana has scheduled a command-line disk defragmentation job to take...
You are the administrator of the Windows Server 2003 domain...
You have configured several client computers with the Terminal Service...
What command should you use to unpack the single file download of a...
You recently added a disk to a computer. The disk had previously been...
You’re setting up a Windows Server 2003 computer and you want to...
Rooslan is the senior systems administrator for a medium-sized...
Rooslan is the systems administrator of a Windows Server 2003 file...
Orin’s company is auditing all the devices that are attached to its...
You have recently installed three legacy network cards on a Windows...
A folder, Documents, on Server01 is shared as Docs$. The permissions...
A user calls the help desk and states that he or she cannot log on to...
Which of the following is true about setup in Windows Server 2003?...
A user has forgotten his or her password and attempts to log on...
What command-line tools will create a domain computer account in...
A user has accidentally deleted the data in a Microsoft Word document...
What are the valid licensing modes in Windows Server 2003? Select all...
You have just installed a SCSI controller and three attached 100 GB...
A domain controller running Windows Server 2003 is failing to...
You are the systems administrator for a medium-sized organization. You...
Rob is concerned that the network card on a file server he maintains...
Rob has set up a set of individual quotas for 250 users on a partition...
Which tools allow you to output the telephone numbers for all users in...
You’re the administrator of a Windows Server 2003 computer. The...
You are in charge of licensing at a small organization. Your company...
You are the systems administrator for a small organization that has...
Rooslan is the administrator of a Windows Server 2003 system that runs...
How many simultaneous connections are possible to a Terminal Server...
What tool will allow you to identify the site license server for your...
You have finished configuring a new display driver, and are prompted...
You have just raised the domain functional level of your single-domain...
There are several folders on a Windows Server 2003 domain controller...
You need to create a batch file to automate the setting of the...
What is the difference between a Windows Device CAL and a Windows User...
You want to change the name of a stand-alone Windows Server 2003...
A computer where you want to implement RAID-5 contains three disks,...
Rooslan is using several external universal serial bus (USB) hard disk...
You are the systems administrator for a set of Windows Server 2003...
You are the systems administrator for a medium-sized organization that...
You are the systems administrator for several small businesses. One of...
Your company has been using roaming profiles for members of the Sales...
You are the administrator of a Windows Server 2003 domain,...
You attempt to connect to Server01 through the Remote Desktop for...
Mick works as the network administrator for an organization that has...
Rooslan is a systems administrator at a medium-sized organization that...
Oksana is looking at a report generated by the disk defragmenter of...
You are configuring permissions for a shared folder on your network....
You are the administrator of a Windows Server 2003 IIS Web server. The...
If you are using universal groups in your domain or forest, and you...
What are the minimum credentials necessary to create a Windows Server...
You are deploying several Windows Server 2003 computers into your...
You’re installing a printer on a client computer. The printer will...
Which of the following provide the ability to recover from the failure...
You would like to view a list of devices connected to your Windows...
Which of the following tools allow for the creation of Active...
Which of the following tools allows you to administer a share on a...
Oksana has recently replaced Rooslan as the systems administrator of...
You are the administrator of a company that has decided to place...
You are the systems administrator for a medium-sized organization that...
Alex is the systems administrator of a remote satellite tracking...
Rooslan wants to get an idea as to why a particular Windows Server...
You have cleared the Enable Anonymous Access check box in...
Which locations allow you to change the domain membership of a...
User has deleted a file in a shared folder on a server. The user opens...
Users at Contoso Ltd. use Microsoft Office applications to access...
You have just raised the domain functional level of your single-domain...
Bill complains that he is unable to access the department plan. You...
Which of the following are valid criteria for a security log filter to...
A file server on your network will not start. After exhausting all...
You are configuring share permissions for a shared folder on a file...
Oksana is concerned that a new Web site that she is about to launch...
You are the Web site administrator of a Windows Server 2003 system...
Alert!

Advertisement