MCSA/MCSE Practice Exam 70-290 Questions 81-100/184

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Jafetson
J
Jafetson
Community Contributor
Quizzes Created: 4 | Total Attempts: 3,842
Questions: 20 | Attempts: 1,551

SettingsSettingsSettings
MCSA/MCSE Practice Exam 70-290 Questions 81-100/184 - Quiz

Exam 70-290 Managing & Maintaining a Microsoft Windows Server 2003 Environment


Questions and Answers
  • 1. 

    Your network consists of a single Active Directory domain. You have a terminal server that runs Windows Server 2003 Service Pack 2 (SP2). You need to prevent users from establishing multiple Remote Desktop connections to the server. What should you do?

    • A.

      Install and configure Terminal Server Licensing.

    • B.

      From Terminal Services Manager, modify the user sessions.

    • C.

      From Terminal Services Configuration, modify the server settings.

    • D.

      From Active Directory Users and Computers, modify the Sessions settings for each user account.

    Correct Answer
    C. From Terminal Services Configuration, modify the server settings.
    Explanation
    By modifying the server settings in Terminal Services Configuration, you can prevent users from establishing multiple Remote Desktop connections to the terminal server. This can be done by setting the maximum number of connections allowed to 1, effectively limiting each user to a single Remote Desktop session. Installing and configuring Terminal Server Licensing is not necessary for this specific requirement. Modifying the user sessions in Terminal Services Manager only allows you to disconnect or log off user sessions, but it does not prevent multiple connections. Modifying the Sessions settings for each user account in Active Directory Users and Computers is not a valid option for achieving this requirement.

    Rate this question:

  • 2. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You have a user account named User1. You need to identify which permissions User1 has on a file. What should you do?

    • A.

      At a command prompt, run Net file.

    • B.

      At a command prompt, run Attrib.exe.

    • C.

      From the file properties, view the Summary settings.

    • D.

      From the file properties, view the Advanced Security settings.

    Correct Answer
    D. From the file properties, view the Advanced Security settings.
    Explanation
    To identify the permissions that User1 has on a file, you should view the Advanced Security settings from the file properties. This will provide detailed information about the specific permissions assigned to User1, allowing you to determine the level of access they have to the file.

    Rate this question:

  • 3. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You have a file server that contains two volumes named C and D. Volume C contains a folder named User1data. User1 is the owner of all files in the User1data folder. You copy the User1data folder to volume D. You examine the ownership of the User1data folder on volume D and discover that your user account is listed as the owner. You need to ensure that User1 is the owner of the User1data folder on volume D. What should you do?

    • A.

      Modify the Advanced Security settings for the User1data folder.

    • B.

      Modify the Advanced Attributes settings for the User1data folder.

    • C.

      Delete the User1data folder on volume D. From Windows Explorer, move the User1data folder from volume C to volume D.

    • D.

      Delete the User1data folder on volume D. At the command prompt, use the Move command to move the User1data folder from volume C to volume D.

    Correct Answer
    A. Modify the Advanced Security settings for the User1data folder.
    Explanation
    To ensure that User1 is the owner of the User1data folder on volume D, you need to modify the Advanced Security settings for the folder. By doing so, you can change the ownership of the folder to User1, granting them full control over the folder and its contents. This can be done by accessing the properties of the User1data folder on volume D, navigating to the Security tab, and modifying the ownership settings to assign User1 as the owner.

    Rate this question:

  • 4. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). On a file server, you have a shared folder named Data. The Data folder has the permissions shown in the following table:You need to ensure that members of a group named Sales can modify content in the Data share. Sales group members must only be allowed to delete files that they create. Which additional permission should you assign to the Sales group?

    • A.

      On the Data folder, allow the Write permission.

    • B.

      On the Data folder, allow the Modify permission.

    • C.

      On the Data share, allow the Change permission.

    • D.

      On the Data share, allow the Full Control permission.

    Correct Answer
    A. On the Data folder, allow the Write permission.
    Explanation
    The Write permission allows users to create, modify, and delete files within a folder. By assigning the Write permission to the Sales group on the Data folder, members of the Sales group will be able to modify the content in the Data share. Additionally, since the question specifies that Sales group members should only be allowed to delete files that they create, the Write permission allows them to delete files that they have created while restricting their ability to delete files created by others. Therefore, assigning the Write permission to the Sales group on the Data folder fulfills the requirements stated in the question.

    Rate this question:

  • 5. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You assign NTFS permissions to a folder on a file server as shown in the following table:You share the folder and assign the Change permission to the Everyone group. A user named User1 is a member of Group1, Group2, and Group3. You need to identify the least restrictive NTFS permission that User1 has when he accesses the folder over the network. Which permission should you identify?

    • A.

      Full control

    • B.

      Modify

    • C.

      Read

    • D.

      Write

    Correct Answer
    B. Modify
    Explanation
    User1 has the least restrictive NTFS permission of "Modify" when accessing the folder over the network. This is because the "Modify" permission allows the user to make changes to the folder, including creating, deleting, and modifying files and folders. The "Full control" permission would grant User1 even more rights, such as changing permissions and taking ownership, while the "Read" and "Write" permissions would restrict certain actions, such as deleting files or creating new ones. Therefore, "Modify" is the least restrictive option for User1 in this scenario.

    Rate this question:

  • 6. 

    Your network consists of a single Active Directory domain. The domain includes a group named SalesUsers. You have a file server that runs Windows Server 2003 Service Pack 2 (SP2). The server has a folder named CorpData. You share the CorpData folder and assign the Domain Users group the Full Control share permission. In the CorpData folder, you create a folder named Sales. You need to configure security for the Sales folder to meet the following requirements: -Members of the SalesUsers group must be able to read, create, and modify all files and folders. -All other users must be able to view items in the folder. What should you do?

    • A.

      On the Sales folder, block permission inheritance and remove permissions. Assign the Allow Modify permission to the SalesUsers group.

    • B.

      On the Sales folder, block permission inheritance and copy permissions. On the Sales folder, assign the Allow Modify permission to the SalesUsers group.

    • C.

      On the CorpData share, change the share permission for Domain Users to Read. On the Sales folder, assign the Allow Modify permissions to the SalesUsers group.

    • D.

      On the CorpData folder, block permission inheritance and remove permissions. In the Sales folder, assign the Allow Modify permissions to the SalesUsers group.

    Correct Answer
    B. On the Sales folder, block permission inheritance and copy permissions. On the Sales folder, assign the Allow Modify permission to the SalesUsers group.
    Explanation
    The correct answer is to block permission inheritance on the Sales folder and copy permissions. This will allow you to configure unique permissions for the Sales folder without affecting the permissions of the parent folder (CorpData). Then, you should assign the Allow Modify permission to the SalesUsers group, which will allow them to read, create, and modify all files and folders in the Sales folder. This ensures that members of the SalesUsers group have the necessary permissions while all other users can only view items in the folder.

    Rate this question:

  • 7. 

    Your network consists of a single Active Directory domain. All network servers run Windows Server 2003 Service Pack 2 (SP2). You share a folder named Research. A user named User1 reports that he cannot access files in the Research share. You confirm that the Domain Users group is granted the Change permission for the Research share. You run the Cacls command as shown in the exhibit:You need to ensure that User1 can modify files in the Research share. You must prevent User1 from modifying permissions for the Research folder. To which group should you add User1?

    • A.

      Administrators

    • B.

      IT

    • C.

      Research

    • D.

      ResearchManagers

    Correct Answer
    D. ResearchManagers
    Explanation
    To ensure that User1 can modify files in the Research share but cannot modify permissions for the Research folder, User1 should be added to the ResearchManagers group. This group likely has the necessary permissions to modify files in the Research share, while preventing User1 from modifying permissions for the Research folder. Adding User1 to the Administrators group would give them too much control and the ability to modify permissions. The IT group is not mentioned as having any specific permissions for the Research share. The Research group may have access to the share, but it is not specified if they have the necessary permissions for modifying files.

    Rate this question:

  • 8. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have two global groups named Research and ResearchManagers. The Research group contains all users in a department named Research. The ResearchManagers group contains all managers in the Research department. All members of the ResearchManagers group are members of the Research group. You create a shared folder named Research. The permissions for the Research share are shown in the exhibit:You need to modify the share permissions to ensure that only members of the ResearchManagers group can add and modify files over the network. What should you do?

    • A.

      Remove the Domain Users group.

    • B.

      Change the permission assigned to the Research group to Allow Read.

    • C.

      Remove the Research group. Change the Domain Users permission to Allow Change.

    • D.

      Remove the Research group. Add the ResearchManagers group and assign the group Allow Change permission.

    Correct Answer
    D. Remove the Research group. Add the ResearchManagers group and assign the group Allow Change permission.
    Explanation
    To ensure that only members of the ResearchManagers group can add and modify files over the network, the Research group should be removed as it contains all users in the Research department. Then, the ResearchManagers group should be added and assigned the "Allow Change" permission. This will restrict access to the shared folder to only the members of the ResearchManagers group, effectively achieving the desired outcome.

    Rate this question:

  • 9. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). The primary group for all users is Domain Users. You share a folder named Data. The shared folder is located on a server named Server1. A user in the Research group named User1 reports that she cannot access files in the Data shared folder. You verify that User1 is not listed in the access control list of the shared folder. You examine the properties of the User1 account. The properties are shown in the exhibit:Other members of the Research group can add and modify files in the Data shared folder. You need to ensure that User1 can access files in the Data shared folder. What should you do?

    • A.

      Remove User1 from the IT group.

    • B.

      Assign the Change permission to User1.

    • C.

      Remove User1 from the Domain Users group.

    • D.

      Add User1 to the Server Operators group on Server1.

    Correct Answer
    A. Remove User1 from the IT group.
  • 10. 

    Your network consists of a single Active Directory domain. All network servers run Windows Server 2003 Service Pack 2 (SP2). You create a folder named CorporateData. You share the folder as CorpData and assign the Change permission to the Domain Users group. In the CorporateData folder, you create a folder named HumanResources. On the HumanResources folder, you assign the Modify permission to a global group named HRUsers. You share the HumanResources folder as HRData. You confirm that all users in the domain can view the files in the HRData share. You need to ensure that only HRUsers and administrators can access files in the HRData share. The solution must maintain user access to the CorpData share. What should you do?

    • A.

      On the CorpData share, assign the Read permission to Domain Users.

    • B.

      On the CorpData share, remove Domain Users and assign the Change permission to HRUsers.

    • C.

      On the CorporateData folder, disable permission inheritance and remove the inherited permissions.

    • D.

      On the HumanResources folder, disable permission inheritance and remove the inherited permissions.

    Correct Answer
    D. On the HumanResources folder, disable permission inheritance and remove the inherited permissions.
    Explanation
    By disabling permission inheritance and removing the inherited permissions on the HumanResources folder, you can ensure that only the permissions specifically assigned to the HRUsers group and administrators apply to that folder and its contents. This will restrict access to the HRData share to only HRUsers and administrators, while maintaining user access to the CorpData share.

    Rate this question:

  • 11. 

    Your network consists of a single Active Directory domain. All network servers run Windows Server 2003 Service Pack 2 (SP2). The domain includes two global groups named ResearchManagers and ResearchUsers. You create a share named ResearchData. On the ResearchData share, you assign the Change permission to ResearchUsers and ResearchManagers. The ResearchData folder contains a file named ResearchConfidential. rtf. The permissions for ResearchConfidential.rtf are configured as shown in the exhibit:Members of ResearchUsers report that when they try to open ResearchConfidential.rtf, they receive an access denied message. Users report that they can add and modify other files in ResearchData. You need to ensure that ResearchUsers members can open ResearchConfidential.rtf. The solution must prevent ResearchUsers members from modifying the file. What should you do?

    • A.

      On ResearchData, enable permission inheritance.

    • B.

      On ResearchConfidential.rtf, enable permission inheritance.

    • C.

      On ResearchData, assign the Read permission to ResearchUsers.

    • D.

      On ResearchConfidential.rtf, assign the Read permission to ResearchUsers.

    Correct Answer
    D. On ResearchConfidential.rtf, assign the Read permission to ResearchUsers.
    Explanation
    The correct answer is to assign the Read permission to ResearchUsers on ResearchConfidential.rtf. This will allow members of the ResearchUsers group to open the file, while still preventing them from modifying it. Enabling permission inheritance on ResearchData or ResearchConfidential.rtf would not address the issue of access denied for opening the file. Assigning the Read permission to ResearchUsers on ResearchData would grant them read access to all files in the share, not just ResearchConfidential.rtf. Therefore, the correct solution is to specifically assign the Read permission to ResearchUsers on ResearchConfidential.rtf.

    Rate this question:

  • 12. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You enable auditing for failed logon attempts on all domain controllers. You need to ensure that a record of failed logon attempts is retained for 90 days on all domain controllers. What should you do?

    • A.

      From the Security Templates snap in, open the hisecdc template. Modify the Retain System Log setting.

    • B.

      From the Security Templates snap in, open the securedc template. Modify the Retain Security Log setting.

    • C.

      Open the Default Domain Policy. Modify the Retain System Log setting.

    • D.

      Open the Default Domain Controller Policy. Modify the Retain Security Log setting.

    Correct Answer
    D. Open the Default Domain Controller Policy. Modify the Retain Security Log setting.
    Explanation
    To ensure that a record of failed logon attempts is retained for 90 days on all domain controllers, you should open the Default Domain Controller Policy and modify the Retain Security Log setting. This will configure the domain controllers to retain the security log entries related to failed logon attempts for the specified duration.

    Rate this question:

  • 13. 

    Your network consists of a single Active Directory domain that contains two domain controllers. Both domain controllers run Windows Server 2003 Service Pack 2 (SP2). Auditing of successful account logon events is enabled on all computers in the domain. You need to identify the last time a specific user logged on to the domain. What should you do?

    • A.

      Examine the System Event Log on the user's computer.

    • B.

      Examine the System Event Log on both domain controllers.

    • C.

      Examine the Security Event Log on both domain controllers.

    • D.

      Examine the Application Event Log on the user's computer.

    Correct Answer
    C. Examine the Security Event Log on both domain controllers.
    Explanation
    To identify the last time a specific user logged on to the domain, you should examine the Security Event Log on both domain controllers. The Security Event Log records all security-related events, including successful account logon events. By checking the Security Event Logs on both domain controllers, you can gather the necessary information to determine the last time the specific user logged on to the domain. The System Event Log on the user's computer and the Application Event Log on the user's computer are not relevant for this task, as they do not specifically track account logon events.

    Rate this question:

  • 14. 

    Your network consists of a single Active Directory domain. You have 10 Web servers run Windows Server 2003 Service Pack 2 (SP2). You need to archive all of the application event logs for all the Web servers. The archived logs must contain all information from the original logs. What should you do?

    • A.

      Connect to each Web Server by using Event Viewer. Save the Application logs as the CSV file type.

    • B.

      Connect to each Web Server by using Event Viewer. Save the Application logs as the Event Log file type.

    • C.

      On each Web server, open the Security Configuration and Analysis snap in, analyze the computer, and then export the settings.

    • D.

      Run Security Configuration Wizard for each Web Server. Save the data to an .inf file.

    Correct Answer
    B. Connect to each Web Server by using Event Viewer. Save the Application logs as the Event Log file type.
    Explanation
    To archive all the application event logs for the Web servers, you should connect to each server using Event Viewer and save the Application logs as the Event Log file type. This will ensure that all the information from the original logs is preserved in the archived logs. Saving the logs as the CSV file type would not retain all the information, and the other options are not relevant to archiving event logs.

    Rate this question:

  • 15. 

    You have a server that runs Windows Server 2003 Service Pack 2 (SP2). The server has one hard disk that contains one volume. You need to receive a notification when the volume has less than 15 percent free disk space. What should you do?

    • A.

      Configure a Trace Log by using the File details system provider.

    • B.

      Configure a Trace Log by using the Disk input/output system provider.

    • C.

      Configure an Alert by using a counter from the Logical Disk performance object.

    • D.

      Configure an Alert by using a counter from the Physical Disk performance object.

    Correct Answer
    C. Configure an Alert by using a counter from the Logical Disk performance object.
    Explanation
    To receive a notification when the volume has less than 15 percent free disk space, you should configure an Alert by using a counter from the Logical Disk performance object. This will allow you to monitor the disk space and set a threshold for the alert to trigger when the free disk space falls below 15 percent. By using the Logical Disk performance object, you can specifically monitor the disk space on the volume and receive notifications accordingly.

    Rate this question:

  • 16. 

    Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Service Pack 3 (SP3). You install and configure Microsoft Windows Server Update Services (WSUS) 3.0 on a member server named Server1. You create a new Group Policy Object named GPO1 that enables automatic updating. You link GPO1 to the domain. You need to ensure that each client computer obtains software updates from Server1. What should you do?

    • A.

      On each client computer, run Gpupdate /Force.

    • B.

      On each client computer, run wuauclt /detectnow.

    • C.

      From GPO1, configure the Enable client side targeting setting.

    • D.

      From GPO1, configure the Specify intranet Microsoft update service location setting.

    Correct Answer
    D. From GPO1, configure the Specify intranet Microsoft update service location setting.
    Explanation
    To ensure that each client computer obtains software updates from Server1, you should configure the "Specify intranet Microsoft update service location" setting from GPO1. This setting allows you to specify the location of the WSUS server (Server1) as the intranet Microsoft update service. By configuring this setting, the client computers will be directed to Server1 to obtain software updates. Running Gpupdate /Force or wuauclt /detectnow on each client computer will not achieve the desired result of obtaining updates from Server1.

    Rate this question:

  • 17. 

    You manage a software update infrastructure by using Windows Server Update Services (WSUS) 3.0. All client computers run Windows XP Professional Service Pack 3 (SP3). The client computers receive Automatic Updates from the WSUS server, and they are configured to install Automatic Updates immediately. From the Update Services console, you approve a required security update for all client computers. You need to force a client computer to apply the required security update as soon as possible. Which tool should you use?

    • A.

      Secedit

    • B.

      Wuauclt

    • C.

      Wsusutil

    • D.

      Gpupdate

    Correct Answer
    B. Wuauclt
    Explanation
    Wuauclt is the correct tool to use in this scenario. Wuauclt is a command-line tool that can be used to manage Windows Update Agent settings on client computers. By running the Wuauclt tool, you can force a client computer to immediately check for updates and install any approved updates from the WSUS server. This will ensure that the required security update is applied as soon as possible.

    Rate this question:

  • 18. 

    Your company has a main office and a branch office. In the main office, you have a server named Server1 that runs Windows Server Update Services (WSUS) 3.0. Server1 is the only WSUS server in the company. You plan to deploy WSUS 3.0 on a server named Server2 in the branch office. You need to configure WSUS on Server2 to meet the following rquirements: -Receive update approvals from Server1.-Prevent the modification of update approvals on Server2.-Allow administrators to monitor updates, monitor computer status, and configure a synchronization schedule on Server2. How should you configure Server2?

    • A.

      To use a proxy server

    • B.

      As a replica of Server1

    • C.

      As a stand alone WSUS 3.0 server

    • D.

      As an autonomous downstream server

    Correct Answer
    B. As a replica of Server1
    Explanation
    Server2 should be configured as a replica of Server1. This configuration will allow Server2 to receive update approvals from Server1, prevent the modification of update approvals on Server2, and allow administrators to monitor updates, monitor computer status, and configure a synchronization schedule on Server2. By configuring Server2 as a replica of Server1, it will synchronize with Server1 and mirror its settings and approvals, ensuring consistency between the main office and the branch office.

    Rate this question:

  • 19. 

    You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 hosts an ordering application that connects to a database cluster. A number of client computers are shared between employees. You need to implement a licensing solution that meets the following requirements: -Server1 must allow unlimited concurrent connections. -Client access license requirements must be minimized. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

    • A.

      Configure a license group for each shared computer.

    • B.

      Configure a local security group for each shared computer.

    • C.

      Configure Server1 to support Per Server licensing mode.

    • D.

      Configure Server1 to support either Per Device or Per User licensing mode.

    Correct Answer(s)
    A. Configure a license group for each shared computer.
    D. Configure Server1 to support either Per Device or Per User licensing mode.
    Explanation
    To meet the requirements of allowing unlimited concurrent connections and minimizing client access license requirements, two actions should be performed. First, configure a license group for each shared computer. This will ensure that the licensing is managed efficiently for each computer that is shared between employees. Second, configure Server1 to support either Per Device or Per User licensing mode. This will allow for flexibility in licensing, as it can be based on either the number of devices or the number of users accessing the server, whichever is more cost-effective.

    Rate this question:

  • 20. 

    Your network consists of a single Active Directory domain. You have two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 (SP2). Server1 is the site license server for the Default First Site Name site. You need to configure Server2 to be the site license server. What should you do?

    • A.

      From the Licensing console on Server1, modify the Products View configuration.

    • B.

      From the Licensing Control Panel applet on Server2, modify the Replication configuration.

    • C.

      From the Active Directory Sites and Services console, modify the Licensing Site Settings.

    • D.

      From the Active Directory Users and Computers console, modify the AdminSDHolder object.

    Correct Answer
    C. From the Active Directory Sites and Services console, modify the Licensing Site Settings.
    Explanation
    To configure Server2 as the site license server, you need to modify the Licensing Site Settings from the Active Directory Sites and Services console. This allows you to specify which server will act as the site license server for the Active Directory domain.

    Rate this question:

Related Topics

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.