MCSE 70-291 Exam Quiz Test 2

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Saurabhsingh878
S
Saurabhsingh878
Community Contributor
Quizzes Created: 4 | Total Attempts: 2,301
| Attempts: 689 | Questions: 33
Please wait...
Question 1 / 33
0 %
0/100
Score 0/100
1. The address space used by your organization is 207.46.1.21–207.46.1.254. This space is not large enough to accommodate all 300 workers at once; as a result, your network frequently runs out of DHCP leases. Nevertheless, no more than 30 part-time employees work in the office on any given day. How can you make more efficient use of your current address space and provide enough leases for all workers?

Explanation

By creating a user class for part-time employees and adjusting the lease duration to 1 day, the DHCP server can allocate and recycle IP addresses more efficiently. This ensures that addresses are not being held for longer than necessary, allowing for a larger pool of available addresses to accommodate all workers. This solution addresses the issue of running out of DHCP leases while considering the fact that only a maximum of 30 part-time employees work in the office on any given day.

Submit
Please wait...
About This Quiz
MCSE 70-291 Exam Quiz Test 2 - Quiz

Hello Friend
This practice test helps you prepare for Microsoftcertification exam 70-291, which counts toward MCSE certification. This practice test contains 33 questions, provided by Saurabh Singh.

2. During a communication session between two computers, the IP Security Monitor snap-in shows the status in Figure 11-48. What does this status mean?

Troubleshooting by viewing statistics

Explanation

The status shown in Figure 11-48 indicates that the communication is encrypted as expected.

Submit
3. Which of the following messages is not exchanged as part of a DHCP lease initialization?

Explanation

During the DHCP lease initialization process, the client sends a Discover message to find available DHCP servers. The server responds with an Offer message, indicating that it can provide an IP address to the client. The client then sends a Request message to confirm its desire to obtain the offered IP address. The server acknowledges this request by sending an ACK message, indicating that the lease has been successfully initialized. The Renew message, however, is not exchanged during the lease initialization process. It is used later in the lease lifecycle to request an extension of the lease duration.

Submit
4. You install a new application on a member server. The application reports that it is installing a service on the computer. The installation for the service requests a user name and password for which to run the service. You provide the name DOMAIN1\Service1. However, when you run the application for the first time, it is unable to start. You suspect that the account has not been given enough rights to start. What do you do?

Explanation

You should grant the Service1 account the "Log on as a Service" right on the member server. This right allows the account to start and run services on the server. By granting this right specifically on the member server, you ensure that the account has the necessary permissions to start the service successfully.

Submit
5. A team of 20 of Fabrikam’s scientists are conducting research for 10 months in Ottawa, Ontario. They have set up a computer network that they want to connect periodically to the main office in Ithaca. How can you ensure that the incoming calls you receive to the network router at the main office are in fact originating from the router at the temporary Ottawa office?

Explanation

To ensure that the incoming calls received at the network router at the main office are originating from the router at the temporary Ottawa office, configuring callback on the answering router at the Ithaca office is the correct solution. Callback authentication is a security feature that verifies the caller's identity before establishing a connection. By enabling callback on the answering router, it will only accept incoming calls from the specific router at the Ottawa office, ensuring the authenticity of the connection and preventing unauthorized access.

Submit
6. You install a new application, which reports that it is installing a service on the computer. However, when you run the application for the first time, it is unable to start. You inspect the service dependencies for the new service and notice that a service that is required is not started. However, your security policy states that services must remain stopped unless another application requires them to be on. How should you configure the dependent service to start?

Explanation

The dependent service should be configured to start manually. This means that it will not start automatically when the computer starts up, but it can be started manually when needed. This configuration aligns with the security policy that states services must remain stopped unless another application requires them to be on. By setting the service to start manually, it ensures that it will only start when explicitly requested, reducing the risk of unnecessary services running in the background.

Submit
7. Netsh is used to create and assign an IPSec policy for a stand-alone server running Windows Server 2003. One of the commands used is the following, executed from the Netsh IPSec Static context: Add rule name=”SMTPBlock” policy=”smtp” filterlist=“smtp computerlist” filteraction=”negotiate smtp” description=”this rule negotiates smtp” Why is the policy not working?

Explanation

The policy is not working because it is using Kerberos for authentication, but the computer is not a member of a domain. Kerberos requires a domain environment to function properly, so if the computer is not part of a domain, the authentication process will fail and the policy will not be applied.

Submit
8. You are setting up 50 new client machines in the branch office. Another administrator has already configured DHCP in the branch office. When you bring the first client computer online, you notice that DHCP is not providing Primary or Alternate DNS servers along with the IP address. You need to troubleshoot DHCP and configure it so the client computers can gain access to internal resources as well as browse the Internet. How should you configure the DHCP server? (Choose all that apply.)

Explanation

The DHCP server should be configured to provide clients with the address to DNS1 and DNS2. This will ensure that the client computers can gain access to internal resources and browse the Internet. By providing the addresses of both DNS servers, the client computers will be able to resolve both internal and external domain names.

Submit
9. Which action needs to be taken if you want to configure a DHCP server to update both A resource records and PTR resource records on behalf of a Windows NT 4 client?

Explanation

To configure a DHCP server to update both A resource records and PTR resource records on behalf of a Windows NT 4 client, you need to select the option "Dynamically Update DNS a and PTR Records For DHCP Clients That Do Not Request Updates" on the DNS tab of the DHCP server properties dialog box. This ensures that the DHCP server will automatically update the DNS and PTR records for clients that do not specifically request updates.

Submit
10. You install a new application, which reports that it is installing a service on the computer. However, when you run the application for the first time, it is unable to start. You inspect the event log to determine the nature of the problem. You receive an error stating “The service did not start due to a logon failure.” What should you do?

Explanation

The error message suggests that there is a problem with the user name of the account being used to run the service. It is possible that the account does not have the necessary permissions or the correct user name is not specified. To resolve the issue, it is recommended to verify the user name of the account being used to run the service and ensure that it has the appropriate permissions to start the service.

Submit
11. How can you ensure that only members of the R&D Subnet 2 can access the route to the new secure subnet?

Explanation

not-available-via-ai

Submit
12. Which steps might be necessary to recover from the application of a security template to a file server that prevented all users from accessing the server over the network? Choose the most efficient way.

Explanation

The most efficient way to recover from the application of a security template that prevented all users from accessing the server over the network is to log on locally to the file server as Administrator and apply the rollback template produced from the bad security template. This will revert the changes made by the bad security template and restore the server's previous settings, allowing users to access the server over the network again.

Submit
13. By default, how long do logged events last in DHCP server logs?

Explanation

The logged events in DHCP server logs last for one week by default. This means that the server will keep track of the events that occur within the network for a period of seven days. After this time, the events will be automatically deleted from the logs. This duration allows administrators to review and analyze the events within a reasonable timeframe, ensuring that any issues or problems can be identified and addressed in a timely manner.

Submit
14. You want to migrate a subnet to a new scope. You create a new scope and then deactivate the old scope. Which of the following is an appropriate next step?

Explanation

not-available-via-ai

Submit
15. Your DHCP server crashes and cannot be brought back online. Your last backup is four days old. How can you best preserve the current address space without restarting all company computers?

Explanation

To preserve the current address space without restarting all company computers after the DHCP server crash, the best solution is to deploy a new DHCP server with the same address scope and raise conflict detection attempts to 3. This ensures that any conflicts or overlapping IP addresses are properly detected and resolved before assigning them to the computers. By doing so, the company can maintain the current address space without causing any disruptions or conflicts among the computers on the network.

Submit
16. A user in the branch office reports that he cannot use Internet Explorer to view a commonly used Web site on the Internet. At your client computer in the main office, you run Nslookup to verify the target address and receive the correct address. At the user’s client computer, you also run Nslookup, but the address returned is incorrect. What should you do to troubleshoot? (Choose all that apply.)

Explanation

To troubleshoot the issue, you should verify that the client is using the correct DNS servers. This is important because if the client is using incorrect DNS servers, it may not be able to resolve the correct address for the website. Additionally, running Ipconfig /flushdns can help clear any cached DNS entries on the client's computer, which may be causing the incorrect address to be returned.

Submit
17. Your boss wants to reserve 20 computers in a special subnet within the 192.168.0.0/24 range and place these computers on the same network segment as the other computers. To achieve this task, you deploy a new DHCP server to issue leases in the 192.168.0.0/24 address range and create 20 lease reservations for the new set of computers. However, after the new DHCP server is deployed, the scope does not issue any new leases even though it is activated. Which of the following would most likely cause this scenario?

Explanation

The most likely cause of the scenario where the new DHCP server is not issuing any new leases, despite being activated, is that the new DHCP server has not been assigned an address within the 192.168.0.0/24 range. In order for the DHCP server to function properly and issue leases within a specific subnet, it needs to have an IP address that falls within that subnet. Since the boss wants to reserve 20 computers in the 192.168.0.0/24 range, the new DHCP server should also have an IP address within that range to be able to issue leases effectively.

Submit
18. You log on to the domain, map a drive to the share \\192.168.5.55\share, and then copy some files. You then use Kerbtray.exe to examine the Kerberos tickets. You find a ticket for your account and the service krgbt. You do not find a ticket for CIFS for this server. What is the most likely reason for this problem?

Explanation

The most likely reason for not finding a ticket for CIFS for this server is that using the IP address instead of the server name means NTLM will be used. NTLM is an authentication protocol that is used when the server name is not specified, and it does not use Kerberos tickets. Therefore, if the user logs on to the domain and maps a drive using the IP address, it is likely that NTLM authentication is being used instead of Kerberos, which is why there is no ticket for CIFS.

Submit
19. You set up Performance Logs And Alerts to send a message to Computer2 to notify an operator when the network use on Computer1 gets too high. However, Computer2 never receives the message sent from Computer1. What must you do to enable messages to be sent by Computer1 and received by Computer2? (Choose all that apply.)

Explanation

To enable messages to be sent from Computer1 and received by Computer2, you need to start the Alerter service on Computer1 and start the Messenger service on Computer2. The Alerter service on Computer1 will allow it to send messages, while the Messenger service on Computer2 will enable it to receive the messages sent from Computer1.

Submit
20. You suspect that a virus has infected your computer running Windows Server 2003. You believe this virus is transmitting data from your server over the network using a specific port. You want to determine which process is using a specific port. Which command should you run?

Explanation

The correct answer is "Netstat -o". Netstat is a command-line tool used to display active network connections and listening ports on a computer. The "-o" option will display the process ID (PID) associated with each connection, allowing you to identify which process is using a specific port. By running this command, you can determine if any process on your Windows Server 2003 is using the suspected port and potentially identify the virus transmitting data over the network.

Submit
21. What is a good reason for assigning a policy by means of Netsh when Group Policy can be used to simply assign an IPSec policy across multiple computers?

Explanation

Using Netsh allows for the creation of a persistent policy that can be used when Group Policy is not available. This means that even if the computers are not joined in a domain or if Group Policy cannot be used for any reason, the policy created using Netsh will still be applied. This provides a reliable and consistent way to assign a policy across multiple computers, ensuring that the desired settings are enforced regardless of the limitations of Group Policy.

Submit
22. What most likely accounts for the errors shown in the following DHCP audit log? 00,5/24/03,08:21:57,Started,,,, 54,5/24/03,08:21:58,Authorization failed,,domain1.local,,

Explanation

The errors in the DHCP audit log most likely occurred because the server has been started for the first time. This can be inferred from the timestamp in the log entry, which shows the server starting at 08:21:57. Since the server is being started for the first time, it is possible that there are some configuration or authorization issues that need to be resolved, leading to the authorization failure mentioned in the log entry.

Submit
23. An IPSec policy has been assigned and communication is failing between two computers. The event shown in Figure 11-47 is found in the IP Security Monitor. Its timestamp indicates the event happened during the failure. What is the most likely reason for the failure?

Viewing statistics

Explanation

The most likely reason for the failure is that the Quick Mode negotiation is failing. Quick Mode is the second phase of IPSec negotiation and is responsible for establishing the actual security associations and cryptographic keys between the two computers. If Quick Mode negotiation fails, it means that the computers are unable to establish a secure connection and therefore communication between them will fail.

Submit
24. You receive a report that Computer1 is responding slowly to user requests. You want a quick way to see which network traffic the server is using. You use Network Monitor. You want to see whether any general broadcast traffic is being sent to Computer1. Which counter should you enable?

Explanation

Enabling the "Nonunicasts/Interval" counter in Network Monitor will allow you to see whether any general broadcast traffic is being sent to Computer1. This counter specifically monitors the non-unicast traffic, which includes broadcast traffic. By monitoring this counter, you can quickly identify if there is any excessive broadcast traffic that may be causing the slow response to user requests on Computer1.

Submit
25. The DNS domain proseware.local is an Active Directory–integrated domain that requires secure dynamic updates. Your DHCP server is configured to register DNS records for downlevel clients, and is not a member of the DnsUpdateProxy group. Fifty client computers have recently been upgraded to Windows XP Professional from Windows NT 4. After the upgrade, users start reporting that they can no longer access some network resources. Which of the following solutions enables you to fix the problem with the least amount of administrative effort?  

Explanation

not-available-via-ai

Submit
26. You have configured a subnet with two DHCP servers, DHCP1 and DHCP2. DHCP1 provides addresses within the first 80 percent of the subnet’s scope range, and DHCP2 provides addresses for the remaining 20 percent of the scope range. Computer ClientA obtains a fresh address from DHCP1, after which you immediately take DHCP1 off the network. How long will it take before ClientA attempts to obtain a new address from DHCP2?

Explanation

When ClientA obtains a fresh address from DHCP1 and DHCP1 is taken off the network immediately, ClientA will continue to use the obtained address until the lease expires. By default, the lease duration is 8 days. Therefore, it will take 7 days before ClientA attempts to obtain a new address from DHCP2, as it will wait for the lease to expire before attempting to renew it.

Submit
27. With the least amount of administrative effort, how can you best provide enough addresses for the 290 clients that require dynamic addressing and still allow for connectivity among all networked computers? (Choose only one answer.)

Explanation

not-available-via-ai

Submit
28. You have not modified the default settings for DNS on the DHCP client or server. Which of the following client record or records will be updated in DNS by the DHCP server? (Assume that the clients are running Windows XP.)

Explanation

The PTR resource record is used for reverse DNS lookup, which maps an IP address to a hostname. In this scenario, since the default settings for DNS on the DHCP client or server have not been modified, the DHCP server will update the PTR resource record in DNS. This allows for reverse DNS lookup to function properly. The A resource record, on the other hand, is used for forward DNS lookup, which maps a hostname to an IP address. Since the question states that the default settings have not been modified, it can be inferred that the A resource record will not be updated by the DHCP server. Therefore, the correct answer is the PTR resource record.

Submit
29. A user in the branch office reports that he cannot use Internet Explorer to open a commonly used Web site on the Internet. At your client computer in the main office, you are able to ping the target address. At the user’s client computer, you cannot ping the target address. What should you do to troubleshoot? (Choose all that apply.)

Explanation

not-available-via-ai

Submit
30. Which of the following settings can be applied using Security Configuration and analysis and a security template? (Choose all that apply.)

Explanation

Security Configuration and Analysis and a security template can be used to apply settings such as password length requirements, network access restrictions for specific user groups, and file permissions. In this case, the correct answer includes the settings for password length, network access for the Accountants group, and file permissions for the root folder.

Submit
31. IPSec can be used to secure communications between two computers. What else can it do? (Choose all that apply.)

Explanation

IPSec can block the transfer of specific protocol packets, allowing the user to specify which protocols should be blocked. It can also allow the transfer of packets with a destination TCP port of 23 from any computer to the host computer, enabling telnet access.

Submit
32. Company executives want to improve router security on the network and have made clear that they would not be satisfied with a solution that merely authenticates routers with a plaintext password. What other measures can you take to ensure that rogue routers are not deployed on the network and that network routes are not intercepted? (Choose all that apply.)

Explanation

not-available-via-ai

Submit
33. After you enable the new scopes to issue addresses, some users begin to complain that they can no longer access network resources. Checking the DHCP server audit logs, you find several NACK messages. What steps should you take to resolve this problem? (Choose all that apply.)

Explanation

To resolve the problem of users being unable to access network resources after enabling new scopes to issue addresses, the following steps should be taken:
- Create a superscope on each DHCP server consisting of the active scopes deployed on the network segment. This will allow the DHCP server to manage multiple scopes and provide IP addresses to clients.
- On the original DHCP server, exclude the full range of addresses within the special 192.168.0.0/24 subnet. This ensures that the addresses within this subnet are not assigned by the DHCP server.
- On the new DHCP server, exclude the full range of addresses issued by the original DHCP server. This prevents the new DHCP server from assigning addresses that are already assigned by the original DHCP server.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 01, 2010
    Quiz Created by
    Saurabhsingh878
Cancel
  • All
    All (33)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
The address space used by your ...
During a communication session ...
Which ...
You ...
A ...
You ...
Netsh is used to create and ...
You are setting up 50 new client ...
Which ...
You ...
How ...
Which ...
By default, how long do logged events last in DHCP server logs?
You ...
Your DHCP server crashes and cannot ...
A ...
Your ...
You ...
You ...
You ...
What ...
What ...
An ...
You ...
The DNS domain proseware.local is ...
You ...
With ...
You have not modified the default ...
A ...
Which ...
IPSec ...
Company ...
After ...
Alert!

Advertisement