MCSA/MCSE Practice Exam 70-290 Questions 61-80/184

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Jafetson
J
Jafetson
Community Contributor
Quizzes Created: 4 | Total Attempts: 3,860
Questions: 20 | Attempts: 722

SettingsSettingsSettings
MCSA/MCSE Practice Exam 70-290 Questions 61-80/184 - Quiz

Exam 70-290 Managing & Maintaining a Microsoft Windows Server 2003 Environment


Questions and Answers
  • 1. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). A user named User1 attempts to log on to a computer named Computer1 and receives the following error message: ! Your account is configured to prevent you to use this computer. Please try another computer.You need to ensure that User1 can log on to Computer1. What should you do?

    • A.

      From the properties of the User1 account, modify the Log On To setting.

    • B.

      From the properties of the User1 account, modify the Logon Hours setting.

    • C.

      From the properties of the Computer1 account, modify the Managed By setting.

    • D.

      From the local security policy of Computer1, modify the Deny log on locally setting.

    Correct Answer
    A. From the properties of the User1 account, modify the Log On To setting.
    Explanation
    The correct answer is to modify the Log On To setting in the properties of the User1 account. This setting allows you to specify the computers to which the user is allowed to log on. By modifying this setting, you can grant User1 permission to log on to Computer1. This will resolve the error message and allow User1 to log on successfully.

    Rate this question:

  • 2. 

    Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Your company's security policy states that domain users must be prevented from logging on to Server1 if a domain controller is unavailable. You disconnect Server1 from the network and discover that you can log on to Server1. You need to configure Server1 to comply with the company's security policy. What should you do on Server1?

    • A.

      From the local security policy, modify the Security Options.

    • B.

      From the local security policy, modify the User Rights Assignment.

    • C.

      From Active Directory Users and Computers, modify the properties of the Server1 account.

    • D.

      From Active Directory Users and Computers, modify the properties of the Domain Computers group.

    Correct Answer
    A. From the local security policy, modify the Security Options.
    Explanation
    To prevent domain users from logging on to Server1 if a domain controller is unavailable, you need to modify the Security Options in the local security policy of Server1. This can be done by configuring the "Interactive logon: Number of previous logons to cache" setting to 0. This setting determines the number of previous logons that are cached locally on a domain-joined computer. By setting it to 0, Server1 will not cache any logon credentials and will require a domain controller to authenticate users.

    Rate this question:

  • 3. 

    Your network consists of a single Active Directory domain. You have a member server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). You need to track all authentication attempts on Server1. What should you do?

    • A.

      Enable auditing of logon event events in Server1's local policy.

    • B.

      Enable auditing of logon event events in the Default Domain Controller Policy.

    • C.

      Enable auditing of account logon event events in Server1's local policy.

    • D.

      Enable auditing of account logon event events in the Default Domain Controller Policy.

    Correct Answer
    A. Enable auditing of logon event events in Server1's local policy.
    Explanation
    Enabling auditing of logon event events in Server1's local policy will allow you to track all authentication attempts on Server1. This setting will enable the server to generate audit events whenever a user attempts to log on or log off from the server. By enabling this auditing, you can monitor and track any unauthorized access attempts or suspicious login activities on the server.

    Rate this question:

  • 4. 

    Your network consists of a single Active Directory Domain. You have a VPN server that runs Windows Server 2003 Service Pack 2 (SP2). On the VPN server, you create several remote access policies. You view the properties of an account as shown in the exhibit:You need to select the Control access through Remote Access Policy remote access permission for User1. What should you do?

    • A.

      Add User1 to the Remote Desktop Users group.

    • B.

      Enable RADIUS authentication on the VPN server.

    • C.

      Raise the functional level of the domain to Windows 2000 native.

    • D.

      Select the Store password using reversible encryption option for User1.

    Correct Answer
    C. Raise the functional level of the domain to Windows 2000 native.
    Explanation
    The exhibit shows that the "Control access through Remote Access Policy" option is grayed out for User1. This means that User1 does not have the necessary permissions to be controlled through remote access policies. One possible reason for this is that the functional level of the domain is not set to Windows 2000 native. By raising the functional level of the domain to Windows 2000 native, User1 will have the required permissions and the "Control access through Remote Access Policy" option will become available for selection.

    Rate this question:

  • 5. 

    You have a stand alone server that runs Windows Server 2003 Service Pack 2 (SP2). You attempt to log on to the server by using the Administrator account and receive the following error message: ! Your account has been disabled. Please see your system administrator.You need to log on to the server by using the Administrator account. What should you do first?

    • A.

      Restart the server in Safe mode.

    • B.

      Restart the server by using the Last Known Good Configuration option.

    • C.

      Log on to another stand alone server as an Administrator.

    • D.

      Log on to the server by using an account that is a member of the Power Users group.

    Correct Answer
    A. Restart the server in Safe mode.
    Explanation
    Restarting the server in Safe mode is the first step to take in order to resolve the issue. Safe mode starts the computer with a minimal set of drivers and services, allowing the Administrator account to log in and make necessary changes. By starting the server in Safe mode, it is possible to access the necessary tools and settings to enable the disabled Administrator account and resolve the login issue.

    Rate this question:

  • 6. 

    You have a stand alone file server that runs Windows Server 2003 Service Pack 2 (SP2). You create an account named Admin1 and add it to the Power Users group. You attempt to log on to the server by using the Admin1 account and receive the following message: The local policy of this system does not permit you to log on interactively. You review the security settings as shown in the exhibit:You need to ensure that the Admin1 account can log on to the console of the server. What should you do?

    • A.

      Add the Admin1 account to the Administrators group.

    • B.

      Add the Admin1 account to the Allow log on locally policy.

    • C.

      Remove the Admin1 account from the Users group.

    • D.

      Remove the Users group from the Deny log on locally policy.

    Correct Answer
    D. Remove the Users group from the Deny log on locally policy.
    Explanation
    To ensure that the Admin1 account can log on to the console of the server, you need to remove the Users group from the Deny log on locally policy. This policy is preventing any user in the Users group from logging on to the server interactively. By removing the Users group from this policy, the Admin1 account will no longer be restricted and will be able to log on to the console of the server.

    Rate this question:

  • 7. 

    Your company has a main office and a branch office. Your network consists of a single Active Directory domain. All domain controllers are in the main office. The offices connect to one another by using a wide area network (WAN) link. The branch office has a computer named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). A domain user named User1 reports that he cannot log on to Server1 when the WAN link is unavailable. He reports that he can log on to Server1 when the WAN link is available.You need to ensure that User1 can log on to Server1 by using his domain account when the WAN link is unavailable. What should you do?

    • A.

      Modify the Default Domain Policy.

    • B.

      Modify the Default Domain Controller Policy.

    • C.

      Add User1 to the Domain Admins group in the domain.

    • D.

      Add User1 to the local Administrators group on Server1.

    Correct Answer
    A. Modify the Default Domain Policy.
  • 8. 

    Your network contains a file server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server 1 is configured as shown in the following table:You need to configure security to meet the following requirements:-Enable members of the Sales group to create, modify, and delete files and folders in the Sales folder.-Enable members of the Marketing group to create, modify, and delete files and folders in the Marketing folder.-Prevent users from modifying permissions when they access the shared files.What should you do?

    • A.

      Change the share permission on Userdata to Authenticated Users: Change.

    • B.

      Change the NTFS permission on Userdata to Authenticated Users: Modify.

    • C.

      Change the NTFS permission on Marketing to Marketing group: Write. Change the NTFS permission on Sales to Sales group: Write.

    • D.

      Remove the Userdata share. Share Sales and assign the Sales Group group Full Control share permission. Share Marketing and assign the Marketing Group group Full Control share permission.

    Correct Answer
    A. Change the share permission on Userdata to Authenticated Users: Change.
    Explanation
    To meet the requirements, you need to change the share permission on the Userdata folder to "Authenticated Users: Change". This will allow members of both the Sales group and the Marketing group to create, modify, and delete files and folders in their respective folders. By assigning the "Change" permission to Authenticated Users at the share level, you ensure that users cannot modify permissions when they access the shared files.

    Rate this question:

  • 9. 

    Your network contains a file server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 is configured as shown in the following table: A user named User1 belongs to the Helpdesk group and the Support group. You need to configure security to meet the following requirements: -Prevent User1 from changing files and folders in the Apps share. -Allow User1 to open and run applications in the Apps share. What should you do?

    • A.

      On the Apps share, assign User1 the Read share permission.

    • B.

      On the Apps folder, deny User1 the Write NTFS permission.

    • C.

      On the Apps folder, deny User1 the Modify NTFS permission.

    • D.

      On the Apps folder, assign User1 the Read & Execute NTFS permission.

    Correct Answer
    B. On the Apps folder, deny User1 the Write NTFS permission.
    Explanation
    To meet the requirements, you should deny User1 the Write NTFS permission on the Apps folder. This will prevent User1 from changing files and folders in the Apps share. However, User1 will still be able to open and run applications in the Apps share because the Read & Execute NTFS permission allows for the execution of files without being able to modify them.

    Rate this question:

  • 10. 

    Your network consists of a single Active Directory domain named contoso.com. All servers run Windows Server 2003 Service Pack 2 (SP2). The domain contains a domain Distributed File System (DFS) root named DFSroot. The network contains the offices shown in the following table: Server1 and Server2 currently each host a share named Applications. You need to implement a solution to meet the following requirements: -Automatically redirect users to the Applications folder in their local site. -Ensure that the contents of the Applications shares on Server1 and Server2 are automatically synchronized. What should you do?

    • A.

      In the DFS root, create one link named Applications that has \\server1\applications and \\server2 \applications as targets.

    • B.

      In the DFS root, create a root target that points to \\server1\applications. Create a second root target that points to \\server2\applications.

    • C.

      In the DFS root, create one link named Applications1 that has \\server1\applications as its target. Create a second link named Applications2 that has \\server2\applications as its target.

    • D.

      In the Main office computers OU, publish the \\server1\applications share. In the Branch office computers OU, publish the \\server2\applications share.

    Correct Answer
    A. In the DFS root, create one link named Applications that has \\server1\applications and \\server2 \applications as targets.
    Explanation
    Creating one link named Applications in the DFS root with \\server1\applications and \\server2\applications as targets will meet the requirements. This will automatically redirect users to the Applications folder in their local site and ensure that the contents of the Applications shares on Server1 and Server2 are automatically synchronized.

    Rate this question:

  • 11. 

    Your network contains a single Active Directory domain. All servers on the network are members of the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has two NTFS partitions. You create and share a folder named Data in the root of a partition on Server1. You log on to your computer by using the domain Administrator account and discover that you cannot modify files in the Data share. You need to ensure that the Administrator can modify files in the Data share. The solution must use the minimum amount of permissions. What should you do?

    • A.

      Modify the NTFS permissions on the Data folder.

    • B.

      Modify the share permissions on the Data share.

    • C.

      Add the domain administrator to the local Administrator's group on Server1.

    • D.

      Move the Data folder to a new file allocation table (FAT) partition. Share the folder by using the default permissions.

    Correct Answer
    B. Modify the share permissions on the Data share.
    Explanation
    The issue is that the domain Administrator account cannot modify files in the Data share. This indicates that the problem lies with the share permissions, not the NTFS permissions or the local Administrator's group. Modifying the share permissions on the Data share will allow the Administrator to modify files in the share, resolving the issue.

    Rate this question:

  • 12. 

    Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. All servers run Windows Server 2003 Service Pack 2 (SP2). The network contains 10 file servers. Each file server hosts a share named Apps. On each file server, a local group named App install local has permissions to the Apps share. A global group named App install global belongs to the App install local group on each file server. App install global is used only to control permissions for the Apps share. You create a global group named Helpdesk. You need to provide the Helpdesk group access to the Apps share on each file server. The Helpdesk group must have the same permissions as the App install global group. You must achieve this goal by using the minimum amount of administrative effort. What should you do?

    • A.

      Add the Helpdesk group to the App install global group.

    • B.

      Add the Helpdesk group to the App install local group on each file server.

    • C.

      Convert the App install global group to a universal group. Add the App install global group to the Helpdesk group.

    • D.

      Convert the Helpdesk group to a universal group. Add the Helpdesk group to the App install local group on each file server.

    Correct Answer
    A. Add the Helpdesk group to the App install global group.
  • 13. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You deploy a server named Server1 and install Terminal Server. After four months, users report that they can connect to Server1 by using Remote Desktop Connection, but are unable to log on. You verify that the user permissions have not changed. You need to ensure that users can log on to Server1 by using Remote Desktop Connection. What should you do?

    • A.

      Restart Server1.

    • B.

      Restore the system state of Server1.

    • C.

      Install and configure Terminal Server Licensing.

    • D.

      Modify the Terminal Services service account on Server1.

    Correct Answer
    C. Install and configure Terminal Server Licensing.
    Explanation
    To resolve the issue of users being unable to log on to Server1 using Remote Desktop Connection, you should install and configure Terminal Server Licensing. Terminal Server Licensing is responsible for managing the licenses required for users to connect to a terminal server. By installing and configuring this service, you can ensure that the appropriate licenses are available for users to log on to Server1 using Remote Desktop Connection. Restarting Server1, restoring the system state, or modifying the Terminal Services service account would not address the licensing issue and would not allow users to log on successfully.

    Rate this question:

  • 14. 

    You have a terminal server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Occasionally, users report that they cannot connect to the terminal server. You need identify user accounts that have multiple Terminal Services connections to Server1. Which tool should you use?

    • A.

      Remote Desktop

    • B.

      Terminal Server Licensing

    • C.

      Terminal Services Configuration

    • D.

      Terminal Services Manager

    Correct Answer
    D. Terminal Services Manager
    Explanation
    Terminal Services Manager should be used to identify user accounts that have multiple Terminal Services connections to Server1. This tool allows you to view and manage all active Terminal Services sessions on a server, including the user accounts associated with each session. By using Terminal Services Manager, you can easily identify which user accounts are connected to Server1 multiple times, helping you troubleshoot the issue of users being unable to connect to the terminal server.

    Rate this question:

  • 15. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You enable and configure Terminal Server on a server named Server1. A firewall separates Server1 from the internal network. Internal users report that they cannot connect to Server1 by using Remote Desktop Connection. You need to ensure that the users can connect to Server1 by using Remote Desktop Connection. Which port should you open on the firewall?

    • A.

      389

    • B.

      3268

    • C.

      3389

    • D.

      5900

    Correct Answer
    C. 3389
    Explanation
    In order to enable users to connect to Server1 using Remote Desktop Connection, port 3389 should be opened on the firewall. This port is the default port used by Windows for Remote Desktop Protocol (RDP) connections. By opening this port, the firewall will allow incoming RDP traffic to reach Server1, enabling users to establish remote desktop sessions.

    Rate this question:

  • 16. 

    You have a server that runs Windows Server 2003 Service Pack 2 (SP2). The server has Terminal Server installed. You have a new multi user application that you plan to install on the server. The setup program for the application is named setup.exe. You need to install the application on the server. You must ensure that the application can be used by all users. What should you do?

    • A.

      From the command prompt, run setup.exe.

    • B.

      From Add or Remove Programs, add a new program.

    • C.

      In Windows Explorer, use the Run As option to run setup.exe.

    • D.

      In Windows Explorer, use Compatibility mode to run setup.exe.

    Correct Answer
    B. From Add or Remove Programs, add a new program.
    Explanation
    The correct answer is to add the new program from the Add or Remove Programs feature. This is because the server has Terminal Server installed, which is designed for multi-user environments. By adding the program through this feature, it ensures that the application will be available for all users on the server. Running setup.exe from the command prompt, using the Run As option in Windows Explorer, or using Compatibility mode may not guarantee that the application will be accessible to all users on the server.

    Rate this question:

  • 17. 

    You have a terminal server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). From the Terminal Services Configuration console, you enable remote control of user sessions. You log on to Server1 as Administrator and attempt to take remote control of the admin1 user session as shown in the exhibit:You need to ensure that you can take remote control of the admin1 user session from the Terminal Services Manager console. What should you do?

    • A.

      Modify the Session settings of the admin1 account.

    • B.

      Modify the Session settings of the Administrator account.

    • C.

      Connect to Server1 by using Remote Desktop Connection.

    • D.

      Add the Administrator account to the HelpServicesGroup group.

    Correct Answer
    C. Connect to Server1 by using Remote Desktop Connection.
    Explanation
    To ensure that you can take remote control of the admin1 user session from the Terminal Services Manager console, you should connect to Server1 by using Remote Desktop Connection. This will allow you to establish a remote desktop session with Server1 and then use the Terminal Services Manager console to take control of the admin1 user session. Modifying the session settings of the admin1 or Administrator accounts or adding the Administrator account to the HelpServicesGroup group will not directly enable you to take remote control of the admin1 user session.

    Rate this question:

  • 18. 

    You have a terminal server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Windows Firewall is disabled on Server1. Server1 has two network adapters named NIC1 and NIC2. Both network adapters are connected to the same network segment. The IP address for NIC1 is 192.168.1.11. The IP address for NIC2 is 192.168.1.12. You regularly connect to Server1 by using Remote Desktop Connection. The NIC1 network adapter fails. You attempt to establish a Remote Desktop connection to 192.168.1.12, but the connection fails. You successfully connect to 192.168.1.12 by using Windows Explorer. You verify that IP filtering is disabled and that no IPSec policies are assigned. You need to ensure that you can establish Remote Desktop connections to Server1. What should you do?

    • A.

      From Windows Firewall, enable the Remote Desktop exception.

    • B.

      From Terminal Services Manager, modify the RDP TCP settings.

    • C.

      From the properties of NIC1, modify Internet Protocol (TCP/IP) settings.

    • D.

      From Windows Explorer, modify the %systemroot%\system32\drivers\etc\services file.

    Correct Answer
    B. From Terminal Services Manager, modify the RDP TCP settings.
  • 19. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You have a terminal server named Server1. A user reports that when he connects to Server1 by using Remote Desktop Connection, he cannot print. Other users report that they can print when they connect to Server1 by using Remote Desktop Connection. You examine the user's account properties as shown in the exhibit:You need to ensure that the user can print when he connects to Server1 by using Remote Desktop Connection. What should you do?

    • A.

      On Server1, modify the RDP TCP settings.

    • B.

      On Server1, modify the local security policy.

    • C.

      On the user's computer, modify the Windows Firewall settings.

    • D.

      On the user's computer, modify the Remote Desktop Connection settings.

    Correct Answer
    D. On the user's computer, modify the Remote Desktop Connection settings.
    Explanation
    The correct answer is to modify the Remote Desktop Connection settings on the user's computer. This is because the issue is specific to the user's account and not a server-wide problem. By modifying the Remote Desktop Connection settings on the user's computer, you can ensure that the necessary settings are enabled to allow printing when connecting to Server1.

    Rate this question:

  • 20. 

    You have two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 (SP2). From Server2, you connect to Server1 by using Remote Desktop Connection. When you attempt to log on, you receive the following error message:! The terminal server has exceeded the maximun number of allowed connections.You need to successfully log on to Server1 from Server2 by using Remote Desktop Connection. What should you do?

    • A.

      At the command prompt, run mstsc /console.

    • B.

      At the command prompt run mstsc /v:server1.

    • C.

      Open Remote Desktop Connection by using the Run As option.

    • D.

      Open Remote Desktop Connection by using Windows XP SP2 Compatibility mode.

    Correct Answer
    A. At the command prompt, run mstsc /console.
    Explanation
    The error message indicates that the terminal server has reached its maximum allowed connections. To successfully log on to Server1 from Server2 using Remote Desktop Connection, you can run the command "mstsc /console" at the command prompt. The "/console" switch is used to connect to the physical console session of the remote computer, allowing you to bypass the maximum allowed connections limit.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 20, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Aug 04, 2010
    Quiz Created by
    Jafetson

Related Topics

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.