MCSE 70-291 Exam Quiz Test 2

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Saurabhsingh878
S
Saurabhsingh878
Community Contributor
Quizzes Created: 4 | Total Attempts: 2,297
| Attempts: 689
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/33 Questions

    The address space used by your organization is 207.46.1.21–207.46.1.254. This space is not large enough to accommodate all 300 workers at once; as a result, your network frequently runs out of DHCP leases. Nevertheless, no more than 30 part-time employees work in the office on any given day. How can you make more efficient use of your current address space and provide enough leases for all workers?

    • Assign all laptops an alternate configuration address within a compatible address space.
    • Create a user class for part-time employees and adjust the lease duration in this user class to 1 day.
    • Increase conflict detection attempts on the DHCP server so as to prevent address conflicts.
    • Assign part-time employees addresses within one of the private address ranges.
Please wait...
MCSE 70-291 Exam Quiz Test 2 - Quiz
About This Quiz

Hello Friend
This practice test helps you prepare for Microsoftcertification exam 70-291, which counts toward MCSE certification. This practice test contains 33 questions, provided by Saurabh Singh.

Quiz Preview

  • 2. 
    During a communication session between two computers, the IP Security Monitor snap-in shows the status in Figure 11-48. What does this status mean? - ProProfs

    During a communication session between two computers, the IP Security Monitor snap-in shows the status in Figure 11-48. What does this status mean?

    • The communication is not encrypted as expected.

    • The communication is encrypted as expected.

    • The communication is not occurring.

    • The communication is not being received at this computer.

    Correct Answer
    A. The communication is encrypted as expected.
    Explanation
    The status shown in Figure 11-48 indicates that the communication is encrypted as expected.

    Rate this question:

  • 3. 

    Which of the following messages is not exchanged as part of a DHCP lease initialization?

    • Renew

    • Request

    • ACK

    • Discover

    Correct Answer
    A. Renew
    Explanation
    During the DHCP lease initialization process, the client sends a Discover message to find available DHCP servers. The server responds with an Offer message, indicating that it can provide an IP address to the client. The client then sends a Request message to confirm its desire to obtain the offered IP address. The server acknowledges this request by sending an ACK message, indicating that the lease has been successfully initialized. The Renew message, however, is not exchanged during the lease initialization process. It is used later in the lease lifecycle to request an extension of the lease duration.

    Rate this question:

  • 4. 

    You install a new application on a member server. The application reports that it is installing a service on the computer. The installation for the service requests a user name and password for which to run the service. You provide the name DOMAIN1\Service1. However, when you run the application for the first time, it is unable to start. You suspect that the account has not been given enough rights to start. What do you do?

    • On the member server, grant the Service1 account the Log on as a Service right.

    • In the domain, grant the Service1 account the Log on as a Service right.

    • On the member server, grant the Service1 account the Log on as a Batch Job right.

    • In the domain, grant the Service1 account the Log on as a Batch Job right.

    Correct Answer
    A. On the member server, grant the Service1 account the Log on as a Service right.
    Explanation
    You should grant the Service1 account the "Log on as a Service" right on the member server. This right allows the account to start and run services on the server. By granting this right specifically on the member server, you ensure that the account has the necessary permissions to start the service successfully.

    Rate this question:

  • 5. 

    A team of 20 of Fabrikam’s scientists are conducting research for 10 months in Ottawa, Ontario. They have set up a computer network that they want to connect periodically to the main office in Ithaca. How can you ensure that the incoming calls you receive to the network router at the main office are in fact originating from the router at the temporary Ottawa office?

    • Configure the answering router at the Ithaca office to authenticate all incoming calls.

    • Configure callback on the answering router at the Ithaca office.

    • Configure callback on the calling router at the Ottawa office.

    • Disable autostatic routes on both routers.

    Correct Answer
    A. Configure callback on the answering router at the Ithaca office.
    Explanation
    To ensure that the incoming calls received at the network router at the main office are originating from the router at the temporary Ottawa office, configuring callback on the answering router at the Ithaca office is the correct solution. Callback authentication is a security feature that verifies the caller's identity before establishing a connection. By enabling callback on the answering router, it will only accept incoming calls from the specific router at the Ottawa office, ensuring the authenticity of the connection and preventing unauthorized access.

    Rate this question:

  • 6. 

    You install a new application, which reports that it is installing a service on the computer. However, when you run the application for the first time, it is unable to start. You inspect the service dependencies for the new service and notice that a service that is required is not started. However, your security policy states that services must remain stopped unless another application requires them to be on. How should you configure the dependent service to start?

    • Automatic

    • Automatic, but pause the service

    • Manual

    • Disabled

    Correct Answer
    A. Manual
    Explanation
    The dependent service should be configured to start manually. This means that it will not start automatically when the computer starts up, but it can be started manually when needed. This configuration aligns with the security policy that states services must remain stopped unless another application requires them to be on. By setting the service to start manually, it ensures that it will only start when explicitly requested, reducing the risk of unnecessary services running in the background.

    Rate this question:

  • 7. 

    Netsh is used to create and assign an IPSec policy for a stand-alone server running Windows Server 2003. One of the commands used is the following, executed from the Netsh IPSec Static context: Add rule name=”SMTPBlock” policy=”smtp” filterlist=“smtp computerlist” filteraction=”negotiate smtp” description=”this rule negotiates smtp” Why is the policy not working?

    • The policy is set with the wrong IP addresses.

    • Each policy specifies a different encryption algorithm.

    • No encryption is taking place. The evidence is revealed in the soft SAs.

    • The policy is using Kerberos for authentication and the computer is not a member of a domain.

    Correct Answer
    A. The policy is using Kerberos for authentication and the computer is not a member of a domain.
    Explanation
    The policy is not working because it is using Kerberos for authentication, but the computer is not a member of a domain. Kerberos requires a domain environment to function properly, so if the computer is not part of a domain, the authentication process will fail and the policy will not be applied.

    Rate this question:

  • 8. 

    You are setting up 50 new client machines in the branch office. Another administrator has already configured DHCP in the branch office. When you bring the first client computer online, you notice that DHCP is not providing Primary or Alternate DNS servers along with the IP address. You need to troubleshoot DHCP and configure it so the client computers can gain access to internal resources as well as browse the Internet. How should you configure the DHCP server? (Choose all that apply.)

    • Set the DHCP server to provide clients the address to DNS1.

    • Set the DHCP server to provide clients the address to ISPDNS1.

    • Set the DHCP server to provide clients the address to DNS2.

    • Set the DHCP server to provide clients the address to ISPDNS2.

    Correct Answer(s)
    A. Set the DHCP server to provide clients the address to DNS1.
    A. Set the DHCP server to provide clients the address to DNS2.
    Explanation
    The DHCP server should be configured to provide clients with the address to DNS1 and DNS2. This will ensure that the client computers can gain access to internal resources and browse the Internet. By providing the addresses of both DNS servers, the client computers will be able to resolve both internal and external domain names.

    Rate this question:

  • 9. 

    Which action needs to be taken if you want to configure a DHCP server to update both A resource records and PTR resource records on behalf of a Windows NT 4 client?

    • No action is required.

    • On the DNS tab of the DHCP server properties dialog box, select Dynamically Update DNS a and PTR Records For DHCP Clients That Do Not Request Updates.

    • On the DNS tab of the DHCP server properties dialog box, select Always Dynamically Update DNS a and PTR Records.

    • Register the client as a dynamic host with the DHCP server.

    Correct Answer
    A. On the DNS tab of the DHCP server properties dialog box, select Dynamically Update DNS a and PTR Records For DHCP Clients That Do Not Request Updates.
    Explanation
    To configure a DHCP server to update both A resource records and PTR resource records on behalf of a Windows NT 4 client, you need to select the option "Dynamically Update DNS a and PTR Records For DHCP Clients That Do Not Request Updates" on the DNS tab of the DHCP server properties dialog box. This ensures that the DHCP server will automatically update the DNS and PTR records for clients that do not specifically request updates.

    Rate this question:

  • 10. 

    You install a new application, which reports that it is installing a service on the computer. However, when you run the application for the first time, it is unable to start. You inspect the event log to determine the nature of the problem. You receive an error stating “The service did not start due to a logon failure.” What should you do?

    • Grant the account the Logon As A Service right.

    • Change the password to the same name as the account.

    • Verify the user name of the account being used to run the service.

    • Grant the account administrative rights.

    Correct Answer
    A. Verify the user name of the account being used to run the service.
    Explanation
    The error message suggests that there is a problem with the user name of the account being used to run the service. It is possible that the account does not have the necessary permissions or the correct user name is not specified. To resolve the issue, it is recommended to verify the user name of the account being used to run the service and ensure that it has the appropriate permissions to start the service.

    Rate this question:

  • 11. 

    How can you ensure that only members of the R&D Subnet 2 can access the route to the new secure subnet?

    • Deploy OSPF on the network and configure the router connected to the secure subnet as an area border router.

    • Configure peer filtering on the router connected to the secure subnet.

    • Encrypt the routes using MPPE.

    • Do not deploy a routing protocol on the router connected to the secure subnet. Configure workstations in R&D Subnet 2 with static routes to the secure subnet.

    Correct Answer
    A. Do not deploy a routing protocol on the router connected to the secure subnet. Configure workstations in R&D Subnet 2 with static routes to the secure subnet.
  • 12. 

    Which steps might be necessary to recover from the application of a security template to a file server that prevented all users from accessing the server over the network? Choose the most efficient way.

    • Log on locally to the file server as Administrator and apply the root security template.

    • Log on locally to the file server as Administrator and apply the rollback template produced from the bad security template.

    • Log on remotely to the file server as Enterprise Admin and use the Local Security Policy console to change the user rights policies that might be incorrect.

    • Log on remotely to the file server as Administrator and apply the rollback template produced from the security template.

    Correct Answer
    A. Log on locally to the file server as Administrator and apply the rollback template produced from the bad security template.
    Explanation
    The most efficient way to recover from the application of a security template that prevented all users from accessing the server over the network is to log on locally to the file server as Administrator and apply the rollback template produced from the bad security template. This will revert the changes made by the bad security template and restore the server's previous settings, allowing users to access the server over the network again.

    Rate this question:

  • 13. 

    By default, how long do logged events last in DHCP server logs?

    • One day

    • One week

    • One month

    • Until the log grows beyond 1 MB

    Correct Answer
    A. One week
    Explanation
    The logged events in DHCP server logs last for one week by default. This means that the server will keep track of the events that occur within the network for a period of seven days. After this time, the events will be automatically deleted from the logs. This duration allows administrators to review and analyze the events within a reasonable timeframe, ensuring that any issues or problems can be identified and addressed in a timely manner.

    Rate this question:

  • 14. 

    You want to migrate a subnet to a new scope. You create a new scope and then deactivate the old scope. Which of the following is an appropriate next step?

    • Run the Ipconfig /release command and then the Ipconfig /renew command on every client computer.

    • Restart the DHCP Server service.

    • Delete the old scope.

    • Authorize the DHCP server.

    Correct Answer
    A. Run the Ipconfig /release command and then the Ipconfig /renew command on every client computer.
  • 15. 

    Your DHCP server crashes and cannot be brought back online. Your last backup is four days old. How can you best preserve the current address space without restarting all company computers?

    • Deploy a new DHCP server with the same address scope, and raise conflict detection attempts to 3.

    • Deploy a new DHCP server with the same address scope, and increase the new lease duration to 15 days.

    • Restore the previous DHCP database from a backup.

    • Run the Ipconfig /renew command on all computers.

    Correct Answer
    A. Deploy a new DHCP server with the same address scope, and raise conflict detection attempts to 3.
    Explanation
    To preserve the current address space without restarting all company computers after the DHCP server crash, the best solution is to deploy a new DHCP server with the same address scope and raise conflict detection attempts to 3. This ensures that any conflicts or overlapping IP addresses are properly detected and resolved before assigning them to the computers. By doing so, the company can maintain the current address space without causing any disruptions or conflicts among the computers on the network.

    Rate this question:

  • 16. 

    A user in the branch office reports that he cannot use Internet Explorer to view a commonly used Web site on the Internet. At your client computer in the main office, you run Nslookup to verify the target address and receive the correct address. At the user’s client computer, you also run Nslookup, but the address returned is incorrect. What should you do to troubleshoot? (Choose all that apply.)

    • Verify that the client is using the correct DNS servers.

    • Run Ipconfig /flushdns.

    • Select the Network Connections icon in Accessories.

    • Run Ipconfig /renew.

    Correct Answer(s)
    A. Verify that the client is using the correct DNS servers.
    A. Run Ipconfig /flushdns.
    Explanation
    To troubleshoot the issue, you should verify that the client is using the correct DNS servers. This is important because if the client is using incorrect DNS servers, it may not be able to resolve the correct address for the website. Additionally, running Ipconfig /flushdns can help clear any cached DNS entries on the client's computer, which may be causing the incorrect address to be returned.

    Rate this question:

  • 17. 

    Your boss wants to reserve 20 computers in a special subnet within the 192.168.0.0/24 range and place these computers on the same network segment as the other computers. To achieve this task, you deploy a new DHCP server to issue leases in the 192.168.0.0/24 address range and create 20 lease reservations for the new set of computers. However, after the new DHCP server is deployed, the scope does not issue any new leases even though it is activated. Which of the following would most likely cause this scenario?

    • You have not reconciled the scopes on the new DHCP server.

    • You have not verified the database consistency.

    • You have not excluded the range of addresses issued by the original DHCP computer.

    • You have not assigned the new DHCP server an address within the 192.168.0.0/24 range.

    Correct Answer
    A. You have not assigned the new DHCP server an address within the 192.168.0.0/24 range.
    Explanation
    The most likely cause of the scenario where the new DHCP server is not issuing any new leases, despite being activated, is that the new DHCP server has not been assigned an address within the 192.168.0.0/24 range. In order for the DHCP server to function properly and issue leases within a specific subnet, it needs to have an IP address that falls within that subnet. Since the boss wants to reserve 20 computers in the 192.168.0.0/24 range, the new DHCP server should also have an IP address within that range to be able to issue leases effectively.

    Rate this question:

  • 18. 

    You log on to the domain, map a drive to the share \\192.168.5.55\share, and then copy some files. You then use Kerbtray.exe to examine the Kerberos tickets. You find a ticket for your account and the service krgbt. You do not find a ticket for CIFS for this server. What is the most likely reason for this problem?

    • The ticket with the service krgbt is the ticket for this type of connection.

    • Using the IP address instead of server name means NTLM will be used.

    • The Kerbtray.exe utility shows only TGT tickets, and the share ticket is a user or session ticket.

    • The Kerbtray.exe utility shows only session tickets, and the share ticket is a TGT ticket.

    Correct Answer
    A. Using the IP address instead of server name means NTLM will be used.
    Explanation
    The most likely reason for not finding a ticket for CIFS for this server is that using the IP address instead of the server name means NTLM will be used. NTLM is an authentication protocol that is used when the server name is not specified, and it does not use Kerberos tickets. Therefore, if the user logs on to the domain and maps a drive using the IP address, it is likely that NTLM authentication is being used instead of Kerberos, which is why there is no ticket for CIFS.

    Rate this question:

  • 19. 

    You set up Performance Logs And Alerts to send a message to Computer2 to notify an operator when the network use on Computer1 gets too high. However, Computer2 never receives the message sent from Computer1. What must you do to enable messages to be sent by Computer1 and received by Computer2? (Choose all that apply.)

    • On Computer1, start the Messenger service.

    • On Computer1, start the Alerter service.

    • On Computer2, start the Messenger service.

    • On Computer2, start the Alerter service.

    Correct Answer(s)
    A. On Computer1, start the Alerter service.
    A. On Computer2, start the Messenger service.
    Explanation
    To enable messages to be sent from Computer1 and received by Computer2, you need to start the Alerter service on Computer1 and start the Messenger service on Computer2. The Alerter service on Computer1 will allow it to send messages, while the Messenger service on Computer2 will enable it to receive the messages sent from Computer1.

    Rate this question:

  • 20. 

    You suspect that a virus has infected your computer running Windows Server 2003. You believe this virus is transmitting data from your server over the network using a specific port. You want to determine which process is using a specific port. Which command should you run?

    • Nbtstat –RR

    • Nbtstat –r

    • Netstat –a

    • Netstat –o

    Correct Answer
    A. Netstat –o
    Explanation
    The correct answer is "Netstat -o". Netstat is a command-line tool used to display active network connections and listening ports on a computer. The "-o" option will display the process ID (PID) associated with each connection, allowing you to identify which process is using a specific port. By running this command, you can determine if any process on your Windows Server 2003 is using the suspected port and potentially identify the virus transmitting data over the network.

    Rate this question:

  • 21. 

    What is a good reason for assigning a policy by means of Netsh when Group Policy can be used to simply assign an IPSec policy across multiple computers?

    • Using Netsh is the only way to apply a policy that can be used to permit a user’s computer to be used for a telnet session with another computer while blocking all other telnet communications.

    • Using Netsh is more easily implemented when multiple machines need to be configured.

    • You can apply Netsh even if the computers are not joined in a domain, and Group Policy can work only in a domain.

    • You can use Netsh to create a persistent policy that will be used if Group Policy cannot be used.

    Correct Answer
    A. You can use Netsh to create a persistent policy that will be used if Group Policy cannot be used.
    Explanation
    Using Netsh allows for the creation of a persistent policy that can be used when Group Policy is not available. This means that even if the computers are not joined in a domain or if Group Policy cannot be used for any reason, the policy created using Netsh will still be applied. This provides a reliable and consistent way to assign a policy across multiple computers, ensuring that the desired settings are enforced regardless of the limitations of Group Policy.

    Rate this question:

  • 22. 

    What most likely accounts for the errors shown in the following DHCP audit log? 00,5/24/03,08:21:57,Started,,,, 54,5/24/03,08:21:58,Authorization failed,,domain1.local,,

    • The server has been started for the first time.

    • The server cannot communicate on the network.

    • The server has been unauthorized by a senior network manager.

    • The server is not running Windows Server 2003.

    Correct Answer
    A. The server has been started for the first time.
    Explanation
    The errors in the DHCP audit log most likely occurred because the server has been started for the first time. This can be inferred from the timestamp in the log entry, which shows the server starting at 08:21:57. Since the server is being started for the first time, it is possible that there are some configuration or authorization issues that need to be resolved, leading to the authorization failure mentioned in the log entry.

    Rate this question:

  • 23. 
    An IPSec policy has been assigned and communication is failing between two computers. The event shown in Figure 11-47 is found in the IP Security Monitor. Its timestamp indicates the event happened during the failure. What is the most likely reason for the failure? - ProProfs

    An IPSec policy has been assigned and communication is failing between two computers. The event shown in Figure 11-47 is found in the IP Security Monitor. Its timestamp indicates the event happened during the failure. What is the most likely reason for the failure?

    • The failure is due to an authentication error.

    • Main Mode negotiation is failing.

    • Quick Mode negotiation is failing.

    • The specific type of packets that the policy is supposed to be blocking are being blocked.

    Correct Answer
    A. Quick Mode negotiation is failing.
    Explanation
    The most likely reason for the failure is that the Quick Mode negotiation is failing. Quick Mode is the second phase of IPSec negotiation and is responsible for establishing the actual security associations and cryptographic keys between the two computers. If Quick Mode negotiation fails, it means that the computers are unable to establish a secure connection and therefore communication between them will fail.

    Rate this question:

  • 24. 

    You receive a report that Computer1 is responding slowly to user requests. You want a quick way to see which network traffic the server is using. You use Network Monitor. You want to see whether any general broadcast traffic is being sent to Computer1. Which counter should you enable?

    • Nonunicasts/Interval

    • Unicasts/Interval

    • Bytes Sent/Interval

    • Bytes Received/Interval

    Correct Answer
    A. Nonunicasts/Interval
    Explanation
    Enabling the "Nonunicasts/Interval" counter in Network Monitor will allow you to see whether any general broadcast traffic is being sent to Computer1. This counter specifically monitors the non-unicast traffic, which includes broadcast traffic. By monitoring this counter, you can quickly identify if there is any excessive broadcast traffic that may be causing the slow response to user requests on Computer1.

    Rate this question:

  • 25. 

    The DNS domain proseware.local is an Active Directory–integrated domain that requires secure dynamic updates. Your DHCP server is configured to register DNS records for downlevel clients, and is not a member of the DnsUpdateProxy group. Fifty client computers have recently been upgraded to Windows XP Professional from Windows NT 4. After the upgrade, users start reporting that they can no longer access some network resources. Which of the following solutions enables you to fix the problem with the least amount of administrative effort?  

    • Shut down and restart the upgraded client computers.

    • Run Ipconfig /renew, and then Ipconfig /registerdns on all client computers.

    • Enable aging and scavenging in the proseware.local zone, and then decrease the no-refresh and refresh intervals in aging/scavenging properties.

    • Add the DHCP server to the DnsUpdateProxy Windows security group.

    Correct Answer
    A. Enable aging and scavenging in the proseware.local zone, and then decrease the no-refresh and refresh intervals in aging/scavenging properties.
  • 26. 

    You have configured a subnet with two DHCP servers, DHCP1 and DHCP2. DHCP1 provides addresses within the first 80 percent of the subnet’s scope range, and DHCP2 provides addresses for the remaining 20 percent of the scope range. Computer ClientA obtains a fresh address from DHCP1, after which you immediately take DHCP1 off the network. How long will it take before ClientA attempts to obtain a new address from DHCP2?

    • Four days

    • Five days

    • Seven days

    • Eight days

    Correct Answer
    A. Seven days
    Explanation
    When ClientA obtains a fresh address from DHCP1 and DHCP1 is taken off the network immediately, ClientA will continue to use the obtained address until the lease expires. By default, the lease duration is 8 days. Therefore, it will take 7 days before ClientA attempts to obtain a new address from DHCP2, as it will wait for the lease to expire before attempting to renew it.

    Rate this question:

  • 27. 

    With the least amount of administrative effort, how can you best provide enough addresses for the 290 clients that require dynamic addressing and still allow for connectivity among all networked computers? (Choose only one answer.)

    • Create a new superscope and then add the 10.0.0.0/24 and 10.0.1.0/24 scopes to the new superscope.

    • Reconfigure the scope as 10.0.0.0/23 and set conflict detection attempts to 3. Restart all computers by using the Shutdown /i command.

    • Add a second DHCP server on the network segment to distribute address leases through the 10.0.1.0/24 scope.

    • Add a second DHCP server on the network segment to distribute address leases through the 10.0.0.0/24 scope. Restart all computers by using the Shutdown /i command.

    Correct Answer
    A. Reconfigure the scope as 10.0.0.0/23 and set conflict detection attempts to 3. Restart all computers by using the Shutdown /i command.
  • 28. 

    You have not modified the default settings for DNS on the DHCP client or server. Which of the following client record or records will be updated in DNS by the DHCP server? (Assume that the clients are running Windows XP.)

    • The PTR resource record

    • The A resource record

    • Both the PTR and A resource records

    • Neither the PTR nor the A resource record

    Correct Answer
    A. The PTR resource record
    Explanation
    The PTR resource record is used for reverse DNS lookup, which maps an IP address to a hostname. In this scenario, since the default settings for DNS on the DHCP client or server have not been modified, the DHCP server will update the PTR resource record in DNS. This allows for reverse DNS lookup to function properly. The A resource record, on the other hand, is used for forward DNS lookup, which maps a hostname to an IP address. Since the question states that the default settings have not been modified, it can be inferred that the A resource record will not be updated by the DHCP server. Therefore, the correct answer is the PTR resource record.

    Rate this question:

  • 29. 

    A user in the branch office reports that he cannot use Internet Explorer to open a commonly used Web site on the Internet. At your client computer in the main office, you are able to ping the target address. At the user’s client computer, you cannot ping the target address. What should you do to troubleshoot? (Choose all that apply.)

    • From the user’s client computer, run ping destination address.

    • From the user’s client computer, select To Repair The Network Connection.

    • From the DNS server, perform a simple query test.

    • From the DNS server, perform a recursive query test.

    Correct Answer(s)
    A. From the user’s client computer, run ping destination address.
    A. From the user’s client computer, select To Repair The Network Connection.
  • 30. 

    Which of the following settings can be applied using Security Configuration and analysis and a security template? (Choose all that apply.)

    • The password must be 15 characters long.

    • The Accountants group is not allowed to access this computer over the network.

    • IPSec must be used for all communications between Computer1 and Computer2.

    • The root file permissions should be Everyone Full Control.

    Correct Answer(s)
    A. The password must be 15 characters long.
    A. The Accountants group is not allowed to access this computer over the network.
    A. The root file permissions should be Everyone Full Control.
    Explanation
    Security Configuration and Analysis and a security template can be used to apply settings such as password length requirements, network access restrictions for specific user groups, and file permissions. In this case, the correct answer includes the settings for password length, network access for the Accountants group, and file permissions for the root folder.

    Rate this question:

  • 31. 

    IPSec can be used to secure communications between two computers. What else can it do? (Choose all that apply.)

    • Examine Kerberos tickets

    • Block transfer of specific protocol packets

    • Allow transfer of packets with a destination TCP port of 23 from any computer to the host computer

    • Permit one user to use telnet to access the computer while denying another user

    Correct Answer(s)
    A. Block transfer of specific protocol packets
    A. Allow transfer of packets with a destination TCP port of 23 from any computer to the host computer
    Explanation
    IPSec can block the transfer of specific protocol packets, allowing the user to specify which protocols should be blocked. It can also allow the transfer of packets with a destination TCP port of 23 from any computer to the host computer, enabling telnet access.

    Rate this question:

  • 32. 

    Company executives want to improve router security on the network and have made clear that they would not be satisfied with a solution that merely authenticates routers with a plaintext password. What other measures can you take to ensure that rogue routers are not deployed on the network and that network routes are not intercepted? (Choose all that apply.)

    • Deploy Active Directory directory service.

    • Configure RIP to use autostatic routes.

    • Configure RIP neighbors.

    • Configure peer filtering.

    • Configure route filtering.

    Correct Answer(s)
    A. Deploy Active Directory directory service.
    A. Configure RIP neighbors.
    A. Configure peer filtering.
    A. Configure route filtering.
  • 33. 

    After you enable the new scopes to issue addresses, some users begin to complain that they can no longer access network resources. Checking the DHCP server audit logs, you find several NACK messages. What steps should you take to resolve this problem? (Choose all that apply.)

    • Create a superscope on each DHCP server consisting of the active scopes deployed on the network segment.

    • Create client reservations for all appropriate clients on the original DHCP server.

    • On the original DHCP server, exclude the full range of addresses within the special 192.168.0.0/24 subnet.

    • On the new DHCP server, exclude the full range of addresses issued by the original DHCP server.

    Correct Answer(s)
    A. Create a superscope on each DHCP server consisting of the active scopes deployed on the network segment.
    A. On the original DHCP server, exclude the full range of addresses within the special 192.168.0.0/24 subnet.
    A. On the new DHCP server, exclude the full range of addresses issued by the original DHCP server.
    Explanation
    To resolve the problem of users being unable to access network resources after enabling new scopes to issue addresses, the following steps should be taken:
    - Create a superscope on each DHCP server consisting of the active scopes deployed on the network segment. This will allow the DHCP server to manage multiple scopes and provide IP addresses to clients.
    - On the original DHCP server, exclude the full range of addresses within the special 192.168.0.0/24 subnet. This ensures that the addresses within this subnet are not assigned by the DHCP server.
    - On the new DHCP server, exclude the full range of addresses issued by the original DHCP server. This prevents the new DHCP server from assigning addresses that are already assigned by the original DHCP server.

    Rate this question:

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 01, 2010
    Quiz Created by
    Saurabhsingh878

Recent Quizzes

MCSE 70-291 Exam Quiz Test 1 MCSE 70-291 Exam Quiz Test 1
MCSE 70-293 Exam Quiz Test 3 MCSE 70-293 Exam Quiz Test 3
MCSE 70-293 Exam Quiz Test 2 MCSE 70-293 Exam Quiz Test 2
MCSE: 70-293 Practice Questions Quiz MCSE: 70-293 Practice Questions Quiz
Microsoft MCSE: 70-293 Practice Exam - 1 Microsoft MCSE: 70-293 Practice Exam - 1
MCSA/MCSE Practice Exam 70-290 Questions 61-80/184 MCSA/MCSE Practice Exam 70-290 Questions 61-80/184
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.