MCSA/MCSE Practice Exam 70-290 Questions 61-80/184

20 Questions

Settings
MCSA/MCSE Practice Exam 70-290 Questions 61-80/184

Exam 70-290 Managing & Maintaining a Microsoft Windows Server 2003 Environment


Questions and Answers
  • 1. 
    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). A user named User1 attempts to log on to a computer named Computer1 and receives the following error message: ! Your account is configured to prevent you to use this computer. Please try another computer.You need to ensure that User1 can log on to Computer1. What should you do?
    • A. 

      From the properties of the User1 account, modify the Log On To setting.

    • B. 

      From the properties of the User1 account, modify the Logon Hours setting.

    • C. 

      From the properties of the Computer1 account, modify the Managed By setting.

    • D. 

      From the local security policy of Computer1, modify the Deny log on locally setting.

  • 2. 
    Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Your company's security policy states that domain users must be prevented from logging on to Server1 if a domain controller is unavailable. You disconnect Server1 from the network and discover that you can log on to Server1. You need to configure Server1 to comply with the company's security policy. What should you do on Server1?
    • A. 

      From the local security policy, modify the Security Options.

    • B. 

      From the local security policy, modify the User Rights Assignment.

    • C. 

      From Active Directory Users and Computers, modify the properties of the Server1 account.

    • D. 

      From Active Directory Users and Computers, modify the properties of the Domain Computers group.

  • 3. 
    Your network consists of a single Active Directory domain. You have a member server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). You need to track all authentication attempts on Server1. What should you do?
    • A. 

      Enable auditing of logon event events in Server1's local policy.

    • B. 

      Enable auditing of logon event events in the Default Domain Controller Policy.

    • C. 

      Enable auditing of account logon event events in Server1's local policy.

    • D. 

      Enable auditing of account logon event events in the Default Domain Controller Policy.

  • 4. 
    Your network consists of a single Active Directory Domain. You have a VPN server that runs Windows Server 2003 Service Pack 2 (SP2). On the VPN server, you create several remote access policies. You view the properties of an account as shown in the exhibit:You need to select the Control access through Remote Access Policy remote access permission for User1. What should you do?
    • A. 

      Add User1 to the Remote Desktop Users group.

    • B. 

      Enable RADIUS authentication on the VPN server.

    • C. 

      Raise the functional level of the domain to Windows 2000 native.

    • D. 

      Select the Store password using reversible encryption option for User1.

  • 5. 
    You have a stand alone server that runs Windows Server 2003 Service Pack 2 (SP2). You attempt to log on to the server by using the Administrator account and receive the following error message: ! Your account has been disabled. Please see your system administrator.You need to log on to the server by using the Administrator account. What should you do first?
    • A. 

      Restart the server in Safe mode.

    • B. 

      Restart the server by using the Last Known Good Configuration option.

    • C. 

      Log on to another stand alone server as an Administrator.

    • D. 

      Log on to the server by using an account that is a member of the Power Users group.

  • 6. 
    You have a stand alone file server that runs Windows Server 2003 Service Pack 2 (SP2). You create an account named Admin1 and add it to the Power Users group. You attempt to log on to the server by using the Admin1 account and receive the following message: The local policy of this system does not permit you to log on interactively. You review the security settings as shown in the exhibit:You need to ensure that the Admin1 account can log on to the console of the server. What should you do?
    • A. 

      Add the Admin1 account to the Administrators group.

    • B. 

      Add the Admin1 account to the Allow log on locally policy.

    • C. 

      Remove the Admin1 account from the Users group.

    • D. 

      Remove the Users group from the Deny log on locally policy.

  • 7. 
    Your company has a main office and a branch office. Your network consists of a single Active Directory domain. All domain controllers are in the main office. The offices connect to one another by using a wide area network (WAN) link. The branch office has a computer named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). A domain user named User1 reports that he cannot log on to Server1 when the WAN link is unavailable. He reports that he can log on to Server1 when the WAN link is available.You need to ensure that User1 can log on to Server1 by using his domain account when the WAN link is unavailable. What should you do?
    • A. 

      Modify the Default Domain Policy.

    • B. 

      Modify the Default Domain Controller Policy.

    • C. 

      Add User1 to the Domain Admins group in the domain.

    • D. 

      Add User1 to the local Administrators group on Server1.

  • 8. 
    Your network contains a file server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server 1 is configured as shown in the following table:You need to configure security to meet the following requirements:-Enable members of the Sales group to create, modify, and delete files and folders in the Sales folder.-Enable members of the Marketing group to create, modify, and delete files and folders in the Marketing folder.-Prevent users from modifying permissions when they access the shared files.What should you do?
    • A. 

      Change the share permission on Userdata to Authenticated Users: Change.

    • B. 

      Change the NTFS permission on Userdata to Authenticated Users: Modify.

    • C. 

      Change the NTFS permission on Marketing to Marketing group: Write. Change the NTFS permission on Sales to Sales group: Write.

    • D. 

      Remove the Userdata share. Share Sales and assign the Sales Group group Full Control share permission. Share Marketing and assign the Marketing Group group Full Control share permission.

  • 9. 
    Your network contains a file server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 is configured as shown in the following table: A user named User1 belongs to the Helpdesk group and the Support group. You need to configure security to meet the following requirements: -Prevent User1 from changing files and folders in the Apps share. -Allow User1 to open and run applications in the Apps share. What should you do?
    • A. 

      On the Apps share, assign User1 the Read share permission.

    • B. 

      On the Apps folder, deny User1 the Write NTFS permission.

    • C. 

      On the Apps folder, deny User1 the Modify NTFS permission.

    • D. 

      On the Apps folder, assign User1 the Read & Execute NTFS permission.

  • 10. 
    Your network consists of a single Active Directory domain named contoso.com. All servers run Windows Server 2003 Service Pack 2 (SP2). The domain contains a domain Distributed File System (DFS) root named DFSroot. The network contains the offices shown in the following table: Server1 and Server2 currently each host a share named Applications. You need to implement a solution to meet the following requirements: -Automatically redirect users to the Applications folder in their local site. -Ensure that the contents of the Applications shares on Server1 and Server2 are automatically synchronized. What should you do?
    • A. 

      In the DFS root, create one link named Applications that has \\server1\applications and \\server2 \applications as targets.

    • B. 

      In the DFS root, create a root target that points to \\server1\applications. Create a second root target that points to \\server2\applications.

    • C. 

      In the DFS root, create one link named Applications1 that has \\server1\applications as its target. Create a second link named Applications2 that has \\server2\applications as its target.

    • D. 

      In the Main office computers OU, publish the \\server1\applications share. In the Branch office computers OU, publish the \\server2\applications share.

  • 11. 
    Your network contains a single Active Directory domain. All servers on the network are members of the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has two NTFS partitions. You create and share a folder named Data in the root of a partition on Server1. You log on to your computer by using the domain Administrator account and discover that you cannot modify files in the Data share. You need to ensure that the Administrator can modify files in the Data share. The solution must use the minimum amount of permissions. What should you do?
    • A. 

      Modify the NTFS permissions on the Data folder.

    • B. 

      Modify the share permissions on the Data share.

    • C. 

      Add the domain administrator to the local Administrator's group on Server1.

    • D. 

      Move the Data folder to a new file allocation table (FAT) partition. Share the folder by using the default permissions.

  • 12. 
    Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. All servers run Windows Server 2003 Service Pack 2 (SP2). The network contains 10 file servers. Each file server hosts a share named Apps. On each file server, a local group named App install local has permissions to the Apps share. A global group named App install global belongs to the App install local group on each file server. App install global is used only to control permissions for the Apps share. You create a global group named Helpdesk. You need to provide the Helpdesk group access to the Apps share on each file server. The Helpdesk group must have the same permissions as the App install global group. You must achieve this goal by using the minimum amount of administrative effort. What should you do?
    • A. 

      Add the Helpdesk group to the App install global group.

    • B. 

      Add the Helpdesk group to the App install local group on each file server.

    • C. 

      Convert the App install global group to a universal group. Add the App install global group to the Helpdesk group.

    • D. 

      Convert the Helpdesk group to a universal group. Add the Helpdesk group to the App install local group on each file server.

  • 13. 
    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You deploy a server named Server1 and install Terminal Server. After four months, users report that they can connect to Server1 by using Remote Desktop Connection, but are unable to log on. You verify that the user permissions have not changed. You need to ensure that users can log on to Server1 by using Remote Desktop Connection. What should you do?
    • A. 

      Restart Server1.

    • B. 

      Restore the system state of Server1.

    • C. 

      Install and configure Terminal Server Licensing.

    • D. 

      Modify the Terminal Services service account on Server1.

  • 14. 
    You have a terminal server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Occasionally, users report that they cannot connect to the terminal server. You need identify user accounts that have multiple Terminal Services connections to Server1. Which tool should you use?
    • A. 

      Remote Desktop

    • B. 

      Terminal Server Licensing

    • C. 

      Terminal Services Configuration

    • D. 

      Terminal Services Manager

  • 15. 
    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You enable and configure Terminal Server on a server named Server1. A firewall separates Server1 from the internal network. Internal users report that they cannot connect to Server1 by using Remote Desktop Connection. You need to ensure that the users can connect to Server1 by using Remote Desktop Connection. Which port should you open on the firewall?
    • A. 

      389

    • B. 

      3268

    • C. 

      3389

    • D. 

      5900

  • 16. 
    You have a server that runs Windows Server 2003 Service Pack 2 (SP2). The server has Terminal Server installed. You have a new multi user application that you plan to install on the server. The setup program for the application is named setup.exe. You need to install the application on the server. You must ensure that the application can be used by all users. What should you do?
    • A. 

      From the command prompt, run setup.exe.

    • B. 

      From Add or Remove Programs, add a new program.

    • C. 

      In Windows Explorer, use the Run As option to run setup.exe.

    • D. 

      In Windows Explorer, use Compatibility mode to run setup.exe.

  • 17. 
    You have a terminal server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). From the Terminal Services Configuration console, you enable remote control of user sessions. You log on to Server1 as Administrator and attempt to take remote control of the admin1 user session as shown in the exhibit:You need to ensure that you can take remote control of the admin1 user session from the Terminal Services Manager console. What should you do?
    • A. 

      Modify the Session settings of the admin1 account.

    • B. 

      Modify the Session settings of the Administrator account.

    • C. 

      Connect to Server1 by using Remote Desktop Connection.

    • D. 

      Add the Administrator account to the HelpServicesGroup group.

  • 18. 
    You have a terminal server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Windows Firewall is disabled on Server1. Server1 has two network adapters named NIC1 and NIC2. Both network adapters are connected to the same network segment. The IP address for NIC1 is 192.168.1.11. The IP address for NIC2 is 192.168.1.12. You regularly connect to Server1 by using Remote Desktop Connection. The NIC1 network adapter fails. You attempt to establish a Remote Desktop connection to 192.168.1.12, but the connection fails. You successfully connect to 192.168.1.12 by using Windows Explorer. You verify that IP filtering is disabled and that no IPSec policies are assigned. You need to ensure that you can establish Remote Desktop connections to Server1. What should you do?
    • A. 

      From Windows Firewall, enable the Remote Desktop exception.

    • B. 

      From Terminal Services Manager, modify the RDP TCP settings.

    • C. 

      From the properties of NIC1, modify Internet Protocol (TCP/IP) settings.

    • D. 

      From Windows Explorer, modify the %systemroot%\system32\drivers\etc\services file.

  • 19. 
    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You have a terminal server named Server1. A user reports that when he connects to Server1 by using Remote Desktop Connection, he cannot print. Other users report that they can print when they connect to Server1 by using Remote Desktop Connection. You examine the user's account properties as shown in the exhibit:You need to ensure that the user can print when he connects to Server1 by using Remote Desktop Connection. What should you do?
    • A. 

      On Server1, modify the RDP TCP settings.

    • B. 

      On Server1, modify the local security policy.

    • C. 

      On the user's computer, modify the Windows Firewall settings.

    • D. 

      On the user's computer, modify the Remote Desktop Connection settings.

  • 20. 
    You have two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 (SP2). From Server2, you connect to Server1 by using Remote Desktop Connection. When you attempt to log on, you receive the following error message:! The terminal server has exceeded the maximun number of allowed connections.You need to successfully log on to Server1 from Server2 by using Remote Desktop Connection. What should you do?
    • A. 

      At the command prompt, run mstsc /console.

    • B. 

      At the command prompt run mstsc /v:server1.

    • C. 

      Open Remote Desktop Connection by using the Run As option.

    • D. 

      Open Remote Desktop Connection by using Windows XP SP2 Compatibility mode.