Microsoft MCSE: 70-293 Practice Test- 2

42 Questions

Settings
MCSE Quizzes & Trivia

This is a Practice test on Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure. Take this practice test at the end of your studies to verify that you are prepared for the real exam. The certification exam is timed. Make sure you are able to pass the Microsoft MCSE: 70-293 practice test by a substantial margin before you take the real exam. So, let's try out the quiz. All the best!


Related Topics
Questions and Answers
  • 1. 
    To configure your resource server as a Web server, which of the following services is mandatory on your resource server?
    • A. 

      Internet Information Service (IIS)

    • B. 

      RAS/VPN Service

    • C. 

      Router Service

    • D. 

      File Server Service

  • 2. 
    You have configured a Windows Server 2003 network across 3 different physical sites, Site 1, Site 2 and Site 3. Each of these sites has 2 domain controllers. One of these sites, Site 3 does not need replication. In between the other two sites Site 1 and Site 2, the domain controllers are named S1DC1, S1DC2, S2DC1 and S2DC2 respectively. You are required to configure replication between S1DC1 and S2DC1 only. What should you do? Choose the most practical solution.
    • A. 

      Ensure there is a dedicated physical WAN link between S1DC1 and S2DC1 only for the purpose of replication.

    • B. 

      Configure S1DC1 and S2DC1 as Preferred Bridgehead Servers

    • C. 

      Configure S1DC2 and S2DC1 as Preferred Bridgehead Servers Standalone Servers

    • D. 

      Configure S1DC2 and S2DC2 as Preferred Bridgehead Servers.

  • 3. 
    You have just configured your resource server as a File Server. Before allowing users to access this resource server, you are required to ensure no user will be allowed to use more than 100 MB of disk space on this server and also will access the resource as per the roles they play in the organization. What should you do? Choose all that apply.
    • A. 

      Create groups based on roles and assign local permissions to resources accordingly to each group

    • B. 

      Divide hard disk into as many partitions as users and ensure each partition is not exceeding 100 MB disk space.

    • C. 

      Assign 100 MB Disk quota

    • D. 

      Create groups based on roles and assign share permissions to resources accordingly to each group.

    • E. 

      None of the above.

  • 4. 
    You are the administrator for Metro Tech World. Your company has recruited a team of research executives who need to research on a new project. For this reason, they will be extensively using the Internet and saving all relevant data on to the File Server that is already running a backend database for this project. You are required to ensure these executives will be assigned only 200 MB of disk space. As per written company policies, you are not allowed to use up the disk space on the server by logging the warnings relating to disk space as the team is quite large. What should you do next? Choose your course of action from the choices given below. Choose all that apply.
    • A. 

      Configure disk quota, by checking the options �setup disk quotas for new users�. Also, check to �deny disk usage exceeding disk limit�.

    • B. 

      Limit disk space to at least 200 MB

    • C. 

      Limit Disk space to 200 MB

    • D. 

      Email users who are nearing the disk limit to warn them.

    • E. 

      Set up a warning limit and the user will be informed through messages when they reach that limit.

  • 5. 
    You are the administrator for MetroTech World. Yours is a Windows Server 2003 network that is spread over 5 geographical location. The Head office in Canada has a DFS root whose replica is situated in New Jersey. You have WAN links that will be used for replication by DCs, DNS servers and the said DFS connection. The priority of WAN link usage has been assigned to DCs provided the other replications are not already in progress. Lately, the replication between the DFS root and its replica is so extensive that it is hampering the important replication process between the DCs and the DNS servers. You check the caching duration for the DFS and observe that it has been set for much lesser than default values. What should you do?
    • A. 

      Disable Caching

    • B. 

      Set Caching to default values

    • C. 

      Set Caching to values higher than the default values

    • D. 

      Set up a DDR connection between the DFS root and the replica

  • 6. 
    Which of the utility is used to prepare for a forest upgrade?
    • A. 

      Adprep / forestprep

    • B. 

      Adprep / domainprep

    • C. 

      Adprep

    • D. 

      Forestprep

  • 7. 
    Which of the following can disrupt the authentication process on a domain based Windows Server 2003 network?
    • A. 

      GC

    • B. 

      DC

    • C. 

      Member Server

    • D. 

      Stand alone server

  • 8. 
    Which of the following is the most simple and a preliminary method of recovering a DC that has crashed?
    • A. 

      Restart the DC

    • B. 

      Use the recovery console

    • C. 

      Use safe mode restart

    • D. 

      Last Known Good Configuration

  • 9. 
    Which of the following are the most effective methods of implementing Server availability on the network?
    • A. 

      Network load balancing

    • B. 

      Server clustering

    • C. 

      DFS implementation

    • D. 

      EFS implementation

  • 10. 
    Page file related inconsistencies are caused by which of the following components on the Server?
    • A. 

      Hard Disk Drive (HDD)

    • B. 

      Hard Disk Controller (HDC)

    • C. 

      Random Access Memory (RAM)

    • D. 

      CPU

  • 11. 
    You are the administrator for MetroTech World. Your Windows Server 2003 network is designed as follows: � Site 1, Site 2, Site 3 and Site 4 are very large in size. � Site 1 and Site 3 also have one stub network each communicating with them respectively. � There 12 DCs in the mentioned large sites. � The stub networks do not have DCs and depend upon their parent site for authentication and other ADS related activities. � The size of the stub network is very small and is negligible in terms of traffic. � The IP assignment for these stub networks also is taken care of by the DHCP server in the main site. � The stub networks each are connected to one DHCP relay agent respectively. You are now adding one more site to the network that is equally large as the other 4 large sites. This site has 15 DCs, 2 DHCP servers and DHCP relay agents that connect the clients to the Site 3 for IP assignment to provide load balancing and fault tolerance to the DHCP servers in the new site. You notice that over time quite a few clients are receiving IP duplication error message in the new site as well as the Site 3. What could the problem be?
    • A. 

      The site 3 and new site have duplicated IP address range for assigning to clients

    • B. 

      The DHCP relay agent is not correctly configured

    • C. 

      The DHCP server in the new site is no longer functioning

    • D. 

      The DHCP server in Site 3 is no longer functioning

  • 12. 
    You have recently configured fault tolerance between the DHCP servers on the 2 child domains of your network. Over the time you notice that too many renewals and relinquished addresses have created an inconsistency on the DHCP database at both ends. What should you do?
    • A. 

      Just restart the DHCP server, it will take care of the needful

    • B. 

      Right click on the database file and choose the refresh option

    • C. 

      Backup the database, compact the database and then restore it

    • D. 

      Compact the live database

  • 13. 
    Your network is suffering a bottle neck due to extensive replication by the DNS servers. You have enabled debug logging for the said DNS servers as you would like to capture information that will help you analyze the problem in detail. Which of the files will contain the captured data?
    • A. 

      Application log of the Event viewer.

    • B. 

      Debug.log file.

    • C. 

      Dns.log file.

    • D. 

      None of the above

  • 14. 
    You are the administrator for MetroTech World. Your Windows Server 2003 network presently spans over 4 sites. Your company has taken over a competitor firm that has a single site. You are now required to accommodate this new site within your network. As per company policies, this site will not be an integral part of the IP network range for another two months. But the users from your network will need to access resources on the new site right away; the reverse direction of resource access must be prohibited. You are required to instruct the administrator of the new site on how he will be assisting you in the said plan and implementation process. You request the administrator of that site to bring up a DHCP server that will be linked to your network but will have a separate IP address range from your network and also connect the network to the router which will communicate with your network. The resources will be assigned relevant access permissions on your end of the network by you and also the relevant access lists will be put into place in the router. The administrator of the new site carries out all the tasks assigned to him by you and brings up the DHCP server on the live network. The clients of that network are not able to receive an IP address from that DHCP server. What needs to be done?
    • A. 

      The administrator has to just restart the DHCP server one more time.

    • B. 

      The administrator has to authorize the new DHCP server

    • C. 

      You must authorize the new DHCP server

    • D. 

      You must assign a new range of IP address

  • 15. 
    Your company has acquired a manufacturing unit a few miles from their administrative office. You are required to configure a DC in this location. This DC will be a part of the company networks ADS and will replicate with the DCs in the main office using dedicated T1 lines. You will be administering this network remotely as it contains some resource servers that need to be accessed by users in the main network as well. Which of the following need to be enabled on these servers to enable you to administer them remotely? Choose the services that are most apt in the said situation.
    • A. 

      RAS/VPN service

    • B. 

      Remote Registry Service

    • C. 

      Server Service

    • D. 

      RPC service

  • 16. 
    Which of the following is an ideal location for the RAS server to reside? Choose two relevant options.
    • A. 

      Edge of the internal network

    • B. 

      Perimeter network

    • C. 

      Internal network

    • D. 

      Demilitarized zone

  • 17. 
    You have introduced a new subnet to the network. This subnet is a part of the perimeter network. The router to be connected to this network will be a multi-homed Windows Server 2003 based router that has one internal and one external interface to the subnet. You are required to configure this router to have logical path connection with 12 other subnets within the network. This network has a no hierarchy of subnets and is a linear network. Which of the following would be an ideal solution for this requirement?
    • A. 

      RIPv1

    • B. 

      RIPv2

    • C. 

      OSPF

    • D. 

      EIGRP

  • 18. 
    When assigning an IP address to the router interface, you can assign either a static or a dynamic IP address, so long as the subnet mask matches with the network to which the interface is physically connected. T/F?
    • A. 

      True

    • B. 

      False

  • 19. 
    OSPF is a routing protocol that has limitations of hop counts and cannot be used on scalable routing networks. T/F?
    • A. 

      True

    • B. 

      False

  • 20. 
    Which of the following can be used for the RADIUS server in case of a Windows Server 2003 network?
    • A. 

      IAS Server

    • B. 

      IIS Server

    • C. 

      RRAS Server

    • D. 

      RAS/VPN Server

  • 21. 
    Which of the following is minimum requirement to configure clustering as per Microsoft recommendations?
    • A. 

      At least 2 servers

    • B. 

      At least 1 PCI network interface card per server

    • C. 

      At least 2 PCI network interface card per server

    • D. 

      Local storage

    • E. 

      Network storage

  • 22. 
    You have implemented server clustering to share a database that is being accessed across a WAN link over the Administration office as well as a Warehouse of the client�s company. The servers had fault-tolerant network adapters that claimed to be of great use on the cluster service and hence you let them be when you configured the cluster service between servers in the two locations. During one of the communication glitches, the server cluster service failed and refused to recover automatically, which it was supposed to as per configurations. What could the problem be? Choose all that apply.
    • A. 

      The NICs should have been PCI cards rather than the existing fault tolerant ones.

    • B. 

      Fault tolerant NICs can hamper the process of recovery during failures

    • C. 

      A secondary WAN link must exist for backup of cluster information interchange.

    • D. 

      This scenario did not require a clustering in the first place, just DFS with replica would have sufficed.

  • 23. 
    You are the administrator for MetroTech World. Your company�s network is rapidly expanding. You have implemented DFS in your network. The root domain is Windows 2000 based whereas the entire new additional child domains are implementing Windows Server 20003 from the start. Your DFS server resides in the root domain. As a part of the expansion, the resources are getting shifted and relocated to new domains every now and then. These resources have links created for access in the DFS root. The flexibility in relocating these resources is creating utter confusion in the network. What should you do?
    • A. 

      Remove the DFS feature from your network until it has completely stabilized and share resources ordinarily as it was done in the pre-Windows 2000 era.

    • B. 

      Upgrade your root domain to Windows Server 2003 and the DFS also to Windows Server 2003 based DFS

    • C. 

      Ensure the resources that have DFS links created do not get relocated.

    • D. 

      Make a schedule for mailing users each time a resource gets relocated.

  • 24. 
    Which of the following statements that relate to DFS are true?
    • A. 

      It is a platform for distributed resource management

    • B. 

      It provides uniform convention for file systems

    • C. 

      It is a mapping of resources or collection of resources

    • D. 

      It is a cheap implementation of server clusters

  • 25. 
    Which of the following statements are true?
    • A. 

      TCP is the most secure protocol when concerned about network based attacks.

    • B. 

      UDP is the most secure protocol when concerned about network based attacks.

    • C. 

      When securing a network against network based attacks you need to employ specialized applications that are built for that purpose.

    • D. 

      Neither TCP nor UDP can help against network based attacks.

  • 26. 
    Which of the following user groups is meant for certificate authorization?
    • A. 

      The CA group

    • B. 

      Domain Admin group

    • C. 

      Certificate Publisher

    • D. 

      Certificate Manager

  • 27. 
    Which of the following protections is not possible by IPSec?
    • A. 

      Data Integrity

    • B. 

      Data Confidentiality

    • C. 

      Data origin authentication

    • D. 

      Anti-replay of data between trusted sources

    • E. 

      Anti-replay of data between non-trusted sources.

  • 28. 
    Your company is expanding its Windows Server 2003 network by bringing up sites that host about 12 domains across the globe. It is required that you configure secure communication between the sites since the communication across the network will be crossing the public domain across several geographical locations. The internal network resources must be totally secured against attacks that may be caused due to remote logins. You are also to consider security for travelling users who will be logging to the network from remote locations using their laptop. The platform from where these remote users will be logging in is unknown. Ensure that you do not compromise on the efficiency of the network to a great extent due to the proposed security plan. What should you do? Choose all that apply.
    • A. 

      Configure ISDN connection between sites and implement RAS/VPN for remote users.

    • B. 

      Implement site-to-site VPN using L2TP/IPSec

    • C. 

      Implement RADIUS using IAS server

    • D. 

      Implement VPN for dial-in users as well

    • E. 

      Secure the network by using end-to-end security of IPSec between all hosts.

  • 29. 
    You have been asked to design a security system wherein the access to the intranet web servers will be granted only to users who log in from a specific domain. The users who will be logging in are not IT-savvy and hence will not be able to go through any specific complex process to be granted permission to access the Web servers. What should you do? Choose all that apply. You create a certificate template called �User login� and then you create a GPO that applies to all authenticating users. The GPO states that the users must be enrolled. There exists an Enterprise CA on one of the Windows Server 2003 servers in the network. The user's login and fails to access the websites after login. What should you do? Each solution forms a part of the total solution. Choose all that apply.
    • A. 

      Create a Nat such that all authenticated users automatically get mapped to the Web servers.

    • B. 

      Deploy a certificate for all domain members to allow access to the Web server.

    • C. 

      Ensure the �auto-enroll� permission is assigned to the certificate.

    • D. 

      Configure a domain that will have automated policies to map users to web servers.

  • 30. 
    You have just created a perimeter network to strengthen the security to your network. The perimeter network will contain all the Web servers and the internal network will contain all the database servers. It is mandatory that there should be no communication between the internal network and the perimeter network. You have applied IPSec policies on both the networks to block traffic from the other. It is now required that an application hosted on the Web server needs to query the database server for its computing transactions and the Database Server need to communicate with the Web server to convey its response for queries. Which should you do? Choose all that apply.
    • A. 

      You will have to create an exception for the created IPSec policy in the internal network and allow the database server to accept queries from the Web server

    • B. 

      You will have to create an exception for the IPSec policy created and allow the Web server to receive a response from the database server

    • C. 

      Do away with the existing IPSec policies and recreate the relevant one keeping in mind the new requirements.

    • D. 

      Move the database servers to the same network as the Web servers

    • E. 

      Move the Web servers to the same network as the database servers.

  • 31. 
    Which of the following permissions are required by users who wish to auto-enrol as well as renew their certificates? Choose all that apply.
    • A. 

      Read

    • B. 

      Enroll

    • C. 

      Auto-enroll

    • D. 

      Modify

  • 32. 
    You have just enabled packet filtering and port filtering on your perimeter network. You leave port no. 80 open for secure Web server communications. You notice that the Web server is still inaccessible to the outside users. What could the problem be?
    • A. 

      You must not enable port filtering for a network when the Web server is apart of that network.

    • B. 

      You must unblock port 443 as well.

    • C. 

      You must block port 80 and unblock port 443.

    • D. 

      You must block 443 when unblocking port 80.

  • 33. 
    Which of the following will secure an end-to-end communication for a Windows- based VPN client? Choose the best
    • A. 

      Point-To-Point Tunneling Protocol (PPTP)

    • B. 

      Layer 2 Tunneling Protocol (L2TP)

    • C. 

      L2TP with IPSec (L2TP/IPSEC)

    • D. 

      IPSec

  • 34. 
    • A. 

      By using Kerberos authentication

    • B. 

      By setting up workgroups based on projects. Localize the resource servers to the workgroups and deny access to users outside of the project.

    • C. 

      By using host-based permit and block IP packets.

    • D. 

      By using host-based block IP packets.

  • 35. 
    Which of the following are the basic infrastructure requirements for Autoenrollment to work? Choose all that apply.
    • A. 

      Windows Server 2003 Schema

    • B. 

      Windows 2000 or Windows Server 2003 Schema

    • C. 

      Group policies or scripts

    • D. 

      Group policy updates

  • 36. 
    You are the administrator for WorldCom receivers. Their network has the existing Public Key Infrastructure (PKI) and Group Policy infrastructure in place. The computers are grouped in different Organization Units (OU), as per their roles in the network: desktops, domain controllers, etc. Policies are deployed on to the OUs by creating Group Policy Objects (GPOs) and linking them to the relevant OU. You have currently made some security policy changes; some of these changes apply to desktops, some to servers and some to domain controllers. In order to test these policies before deployment, you install a few XP machines, Windows Server 2003 Enterprise edition machines, and some Windows Server 2003 standard edition machines. Using the GPMC, you have duplicated the OUs for testing. While testing you want to achieve the following goals. -- Ensure that you do not disturb the production computers. -- Reduce administrative efforts. -- Minimize multiple links to GPOs. -- Decide where to place the test computers. What should you do? Choose all that apply.
    • A. 

      Create an OU named Policy test under the root.

    • B. 

      Create a child OU, one each under Policy test named desktop and servers, respectively.

    • C. 

      Create a child OU, one each under Policy test named domain controllers and servers, respectively.

    • D. 

      Create a child OU, one each under Policy test named desktop, domain controllers and servers, respectively.

  • 37. 
    You want to keep track of all errors of your Certificate Service in the Windows Server 2003 network. You are not happy about the kind of errors being logged in the Event viewer currently, as it does not furnish the details required by you. What must you do? Choose all that apply.
    • A. 

      Check the Event viewer now for detailed error logs.

    • B. 

      Run the Network Monitor to capture packets.

    • C. 

      Run the certutil �setreg command.

    • D. 

      Use the certutil command with �certlog-warning� level.

    • E. 

      Use the certutil command with �certlog-verbose� level.

  • 38. 
    If you were asked to implement a security template on a group of workstations that need some common configuration, which of the following would you choose?
    • A. 

      Hisecws.inf

    • B. 

      Hisecserver.inf

    • C. 

      Client (Respond only)

    • D. 

      Server (Request Security)

  • 39. 
    • A. 

      The resource server in ad1.Contoso.com is not configured properly as Enterprise CA.

    • B. 

      There could be a WAN link problem prohibiting the changes from ad1.contoso.com to flow down to ad2.contoso.com.

    • C. 

      The resource server configured as Enterprise CA in ad1.cotoso.com does not have the required permissions in ad2.contoso.com.

    • D. 

      Add the resource server of ad1.contoso.com that is configured as Enterprise CA to Cert Publishers group in the ad2.contoso.com.

    • E. 

      There is no trust between the ad1.contoso.com and the ad2.contoso.com.

  • 40. 
    Which of the following permissions are required to request for a certificate renewal? Choose all that apply.
    • A. 

      Read

    • B. 

      Enroll

    • C. 

      Auto-Enroll

    • D. 

      Renew

  • 41. 
    During a CA migration. The CSP is insignificant. T/F?
    • A. 

      True

    • B. 

      False

  • 42. 
    You are migrating from a Standalone CA to an Enterprise CA. You have a backup folder �C:\CA Backup� where you used to backup all the critical CA related information. As a first step towards migration, you begin with backing up the data. Which of the following needs to be backed up?
    • A. 

      Private keys

    • B. 

      Database log

    • C. 

      The version of existing service

    • D. 

      The database itself