Windows Server 2003 70-290 Chpt. 7-9

21 Questions | Total Attempts: 694

SettingsSettingsSettings
Windows Server 2003 70-290 Chpt. 7-9 - Quiz

Windows Server 2003 70-290 Chpt. 7-9


Questions and Answers
  • 1. 
    In a domain running in Windows Server 2003 domain functional level, what security principals can be a member of a global group? (Choose all correct answers.)
    • A. 

      Users

    • B. 

      Computers

    • C. 

      Universal groups

    • D. 

      Global groups

  • 2. 
    In the properties of a group, which tab do you access to add users to the group?
    • A. 

      General

    • B. 

      Members

    • C. 

      Members Of

    • D. 

      Add Member

  • 3. 
    You want to nest the IT Administrators group responsible for the Sales group inside the Sales group so that its members will have access to the same resources (set by permissions in an ACL) as the Sales group. From the Properties page of the IT Administrators group, what tab do you access to make this setting?
    • A. 

      General

    • B. 

      Members

    • C. 

      Members Of

    • D. 

      Add Member

  • 4. 
    If your environment consists of two domains, one Windows Server 2003 and one Windows NT 4, what group scopes can you use for assigning permissions on any resource on any domain member computer?
    • A. 

      Domain Local Group

    • B. 

      Global Group

    • C. 

      Universal Group

    • D. 

      Security Group

  • 5. 
    Which of the following group scope modifications are not permitted? (Choose all correct answers.)
    • A. 

      Global to universal

    • B. 

      Domain local to universal

    • C. 

      Universal to global

    • D. 

      Domain local to local

    • E. 

      Global to domain local

  • 6. 
    You are attempting to delete a global security group in the Active Directory Users And Computers console, and the console will not let you complete the task. Which of the following could be causes of the failure? (Choose all correct answers.)
    • A. 

      There are still members in the group.

    • B. 

      One of the group’s members has the group set as its primary group.

    • C. 

      You do not have the proper permissions for the container in which the group is located.

    • D. 

      You cannot delete global groups from the Active Directory Users And Computers console.

  • 7. 
    You are the administrator of a Windows Server 2003 domain that is currently running at the Windows 2000 mixed domain functional level. Your Windows 2003 domain, contoso.com, has an external trust established with a Windows NT 4 domain, contoso_north, which makes contoso_north a trusted domain. You are planning the use of groups in your domain and need to determine what group scopes can be used in any domain in your forest. What group scope can be used in this context as a security principal?
    • A. 

      Domain local

    • B. 

      Global

    • C. 

      Universal

    • D. 

      Domain local with a nested global group

  • 8. 
    You are a network administrator who is building an Active Directory on a new network for a company called Fabrikam, Inc., and you have to create user objects for the 75 users in the Inside Sales department. You have already created the fabrikam.com domain and an OU called Inside Sales for this purpose. The human resources department has provided you with a list of the users’ names and has instructed you to create the account names by using the first initial and the last name. Each user object must also have the value Inside Sales in the Department property and Fabrikam, Inc. in the Company property. Using the first name in the list, Mark Lee, as an example, which of the following command-line formats would enable you to create the 75 user objects, with the required property values?
    • A. 

      Dsadd "Mark Lee" –company "Fabrikam, Inc." –dept "Inside Sales"

    • B. 

      Dsadd user CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com –company Fabrikam, Inc. –dept Inside Sales

    • C. 

      Dsadd –company "Fabrikam, Inc." –dept "Inside Sales" "CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com"

    • D. 

      Dsadd user "CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com" –company "Fabrikam, Inc." –dept "Inside Sales"

  • 9. 
    What are the minimum group memberships necessary to create a Windows Server 2003 computer account in an OU in a domain? Consider all steps of the process, and assume that the computer object for the system does not yet exist in Active Directory.(Choose all correct answers.)
    • A. 

      Domain Admins

    • B. 

      Enterprise Admins

    • C. 

      Account Operators on a domain controller

    • D. 

      Account Operators on the computer

    • E. 

      Administrators on the computer

  • 10. 
    Which of the following command-line tools can create a computer object in Active Directory?
    • A. 

      Dsmod.exe

    • B. 

      Dsrm.exe

    • C. 

      Netdom.exe

    • D. 

      Dsadd.exe

    • E. 

      Net.exe

  • 11. 
     Which of the following Windows platforms are capable of joining to a computer object in an Active Directory domain?
    • A. 

      Windows 2000

    • B. 

      Windows NT 4

    • C. 

      Windows 98

    • D. 

      Windows XP

    • E. 

      Windows Server 2003

  • 12. 
    After a period of expansion, your company created a second domain. Last weekend, a number of machines that had been in your domain were moved to the new domain. When you open Active Directory Users And Computers, the objects for those machines are still in your domain and are displayed with a red X icon. What is the most appropriate course of action?
    • A. 

      Enable the objects

    • B. 

      Disable the objects

    • C. 

      Reset the objects

    • D. 

      Delete the objects

  • 13. 
    A user reports that during a logon attempt, he received a message stating that the computer cannot contact the domain because the domain controller is down or the computer account might be missing. You open Active Directory Users And Computers and discover that the account for that computer is missing. What steps should you take?
    • A. 

      Create a computer account, disjoin the user's account from the domain, and then rejoin it to the domain.

    • B. 

      Reset the computer account, disjoin the user's account from the domain, and then rejoin it to the domain.

  • 14. 
    A user reports that during a logon attempt, he received a message stating that the computer cannot contact the domain because the domain controller is down or the computer account might be missing. You open Active Directory Users And Computers and see that the computer’s account appears normal. What steps should you take?
    • A. 

      Create a computer account, disjoin the user's account from the domain, and then rejoin it to the domain.

    • B. 

      Reset the computer account, disjoin the user's account from the domain, and then rejoin it to the domain.

  • 15. 
    In your Windows Server 2003 domain contoso.com, you have a computer object for a member server called Pserver01 in an OU called Pservers. This object represents a print server that has been offline for a lengthy period and is not communicating with other computers in the domain to accept print jobs. You have determined that the password on this computer’s account within the domain needs to be reset. Which command can you issue to correctly reset the computer account?
    • A. 

      Dsmod CN=pserver01,CN=PSERVERS,DC=contoso,DC=com –reset

    • B. 

      Dsmod computer pserver01.contoso.com –reset

    • C. 

      Dsmod contoso\pserver01 –reset

    • D. 

      Dsmod computer CN=pserver01,CN=PSERVERS,DC=contoso,DC=com –reset

  • 16. 
    Which of the following tools enables you to create a share on a remote server?(Choose all correct answers.)
    • A. 

      A custom MMC console containing the Shared Folders snap-in

    • B. 

      Windows Explorer running on the local machine, connected to the remote computer’s ADMIN$ share

    • C. 

      Net.exe

    • D. 

      The Computer Management console

  • 17. 
    What are the minimum NTFS permissions required to allow users to open documents and run programs stored in a shared folder?
    • A. 

      Full Control

    • B. 

      Modify

    • C. 

      Write

    • D. 

      Read & Execute

    • E. 

      List Folder Contents

  • 18. 
    Bill complains that he is unable to access the spreadsheet document containing the departmental budget. You open the Security tab for the document, and you find that all permissions for the document are inherited from its parent folder. The Deny Read permission is assigned to a group called Acctg3, of which Bill is a member. Which of the following methods would enable Bill to access the plan? (Choose all correct answers.)
    • A. 

      Modify the permissions on the parent folder by adding the permission Bill:Allow Full Control.

    • B. 

      Modify the permissions on the spreadsheet document by adding the permission Bill:Allow Read.

    • C. 

      Modify the permissions on the parent folder by adding the permission Bill:Allow Read.

    • D. 

      Modify the permissions on the spreadsheet document by deselecting Allow Inheritable Permissions, selecting Copy, and removing the Deny permission.

    • E. 

      Remove Bill from the group that is assigned the Deny permission.

  • 19. 
    You want to ensure the highest level of security for your corporate IIS intranet server without the added infrastructure of certificate services. The goal is to provide authentication that is transparent to users and to allow you to secure intranet resources with the group accounts existing in Active Directory. All users are within the corporate firewall. Which of the following authentication methods should you choose?
    • A. 

      Anonymous Access

    • B. 

      Basic Authentication

    • C. 

      .NET Passport Authentication

    • D. 

      Integrated Windows Authentication

  • 20. 
    You are configuring share permissions for a shared folder on a file server. You want all Authenticated Users to be able to save files to the folder, read all files in the folder, and modify or delete files that they own. What are the minimum permissions that you need to set on the shared folder to achieve your objective? (Choose all correct answers.)
    • A. 

      Authenticated Users: Full Control

    • B. 

      Authenticated Users: Read

    • C. 

      Creator Owner: Change

    • D. 

      Creator Owner: Read

  • 21. 
    The content files for your corporate Web server are currently stored on drive D of a Windows Server 2003 computer with IIS installed. The server is called Web1 and its URL is http://intranet.contoso.com. You have been instructed to create an IIS solution that will enable the human resources department to publish documents containing company benefit and policy information from its own server. You have also been told that the URL to access the HR information should be http://intranet.contoso.com/hr. What must you do to fulfill the instructions?
    • A. 

      Install IIS on the HR server.

    • B. 

      Create a new Web site on Web1 called hr.

    • C. 

      Install the FTP service on Web1.

    • D. 

      Create a virtual directory on Web1 with the alias hr.

Back to Top Back to top