默认题库 - MCSE(70-293)

多选题

You are the systems engineer for your company. The company has a main office in Los Angeles and two branch offices， one in Chicago and one in New York. The offices are connected to one another by dedicated T1 lines. Each office has its own local IT department and administrative staff. The company network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. All servers support firmware-based console redirection by means of the serial port. The server hardware does not support any other method of console redirection and cannot be upgraded to do so. The company is currently being reorganized. The IT departments from each branch office are being relocated to a new central data center in the Los Angeles office. Several servers from each branch office are also being relocated to the Los Angeles data center. Each branch office will retain 10 servers. A new written security policy includes the following requirements： • All servers must be remotely administered for all administrative tasks. • All servers must be administered from the Los Angeles office. • All remote administration connections must be authenticated and encrypted. Your current network configuration already adheres to the new written security policy for day-to-day server administration tasks performed on the servers. You need to plan a configuration for out-of-band management tasks for each office that meets the new security requirements. Which three actions should you take？（）

A. Connect each server’s serial port to a terminal concentrator. Connect the terminal concentrator to the network.
B. Connect a second network adapter to each server. Connect the second network adapter in each server to a separate network switch. Connect the management port on the switch to a WAN port on the office router. Enable IPSec on the router.
C. Enable Routing and Remote Access on a server in each branch office， and configure it as an L2TP/IPSec VPN server. Configure a remote access policy to allow only authorized administrative staff to make a VPN connection.
D. On each server， enable the Telnet service with a startup parameter of Automatic. Configure Telnet on each server to use only NTLM authentication. Apply the Server （Request Security） IPSec policy to all servers.
E. On each server， enable Emergency Management Services console redirection and the Emergency Management Services Special Administration Console （SAC）.

查看答案

单选题

You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. You administer a Network Load Balancing cluster that consists of three nodes. Each node runs Windows Server 2003 and contains a single network adapter. The Network Load Balancing cluster can run only in unicast mode. The Network Load Balancing cluster has converged successfully. To increase the utilization of the cluster， you decide to move a particular application to each node of the cluster. For this application to run， you must add a Network Load Balancing port rule to the nodes of the cluster. You start Network Load Balancing Manager on the second node of the cluster. However， Network Load Balancing Manager displays a message that it cannot communicate with the other two nodes of the cluster. You want to add the port rule to the nodes of the cluster. What should you do？（）

A. Use Network Load Balancing Manager on the Network Load Balancing default host to add the port rule.
B. Change the host priority of the second node to be the highest in the cluster， and then use Network Load Balancing Manager to add the port rule.
C. Run the nlb.exe drain command on each node， and then use Network Load Balancing Manager to add the port rule.
D. Add the port rule through Network Connections Properties on each node.

查看答案

单选题

You are a network administrator for your company. The network contains four Windows Server 2003 computers configured as a four-node server cluster. Each cluster node is the preferred owner of a clustered instance of Microsoft SQL Server 2000， and each cluster node is configured as a possible owner of all other instances of SQL Server. All nodes have identically configured hardware. All four nodes operate at a sustained 70 percent CPU average. You add a server that has identically configured hardware to the cluster as a fifth node. You want each SQL Server instance to continue operating at the same level of performance in the event of a single node failure. What should you do？（）

A. Clear the Affect group check box in the cluster resource properties for each SQL Server instance.
B. Configure the fifth node as the only possible owner other than the existing preferred owner of the cluster resources that are associated with each SQL Server instance.
Configure the fifth node as the preferred owner of each cluster group that contains an SQL Server instance.
D. Enable failback on each group that contains an SQL Server instance.

查看答案

单选题

You are a network administrator for your company. The company has a main office and two branch offices. The branch offices are connected to the main office by T1 lines. The network consists of three Active Directory sites， one for each office. All client computers run either Windows 2000 Professional or Windows XP Professional. Each office has a small data center that contains domain controllers， WINS， DNS， and DHCP servers， all running Windows Server 2003. Users in all offices connect to a file server in the main office to retrieve critical files. The network team reports that the WAN connections are severely congested during peak business hours. Users report poor file server performance during peak business hours. The design team is concerned that the file server is a single point of failure. The design team requests a plan to alleviate the WAN congestion during business hours and to provide high availability for the file server. You need to provide a solution that improves file server performance during peak hours and that provides high availability for file services. You need to minimize bandwidth utilization. What should you do？（）

A. Purchase two high-end servers and a shared fiber-attached disk array. Implement a file server cluster in the main office by using both new servers and the shared fiber-attached disk array.
B. Implement Offline Files on the client computers in the branch offices by using Synchronization Manager. Schedule synchronization to occur during off-peak hours.
C. Implement a stand-alone Distributed File System （DFS） root in the main office. Implement copies of shared folders for the branch offices. Schedule replication of shared folders to occur during off-peak hours by using scheduled tasks.
D. Implement a domain Distributed File System （DFS） root in the main office. Implement DFS replicas for the branch offices. Schedule replication to occur during off-peak hours.

查看答案

单选题

You are a network administrator for your company. The company has a main office and one branch office. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The company needs to connect the main office network and the branch office network by using Routing and Remote Access servers at each office. The networks will be connected by a VPN connection over the Internet. The company’s written security policy includes the following requirements for VPN connections over the Internet： All data must be encrypted with end-to-end encryption. VPN connection authentication must be at the computer level. Credential information must not be transmitted over the Internet as part of the authentication process. You need to configure security for VPN connection between the main office and the branch office. You need to comply with the written security policy. What should you do？（）

A. Use a PPTP connection with EAP-TLS authentication.
B. Use a PPTP connection with MS-CHAP v2 authentication.
C. Use an L2TP connection with EAP-TLS authentication.
D. Use an L2TP connection with MS-CHAP v2 authentication.

查看答案

单选题

You are a network administrator for your company. The network consists of a single Active Directory domain. All domain controllers and member servers run Windows Server 2003， Enterprise Edition. All client computers run Windows XP Professional. The company has one main office and one branch office. The two offices are connected by a T1 WAN connection. There is a hardware router at each end of the connection. The main office contains 10，000 client computers， and the branch office contains 5，000 client computers. You need to use DHCP to provide IP addresses to the Windows XP Professional computers in both offices. You need to minimize network configuration traffic on the WAN connection. Your solution needs to prevent any component involved in the DHCP architecture from becoming a single point of failure. What should you do？（）

At the main office， configure two Windows Server 2003 computers as a DHCP server cluster. Configure the branch office router as a DHCP relay agent.
B. At the main office， configure two Windows Server 2003 computers as a DHCP server cluster. At the branch office， configure a Windows Server 2003 computer as a DHCP relay agent.
C. At the main office， configure two Windows Server 2003 computers as a DHCP server cluster. At the branch office， configure two Windows Server 2003 computers as a DHCP server cluster.
D. At the main office， configure two Windows Server 2003 computers as DHCP servers. Configure one DHCP server to handle 80 percent of the IP address scope and the other DHCP server to handle 20 percent. Configure the branch office router as a DHCP relay agent.

查看答案

单选题

Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. All domain controllers run Active DirectoryCintegrated DNS. You create several static host （A） resource records. You need to verify that the DNS server is sending the correct host records to all client computers. Which command-line tool should you use？（）

A. netsh
B. tracert
C. ntdsutil
D. nslooku

查看答案

单选题

Your company has an Active Directory directory service domain. The domain functional level is Windows Server 2003. The company has a main office with two domain controllers （DCs）. Users log on to client computers by using user principal names （UPNs）. You plan to set up a new branch office with one domain controller. You need to ensure that when the branch office domain controllers connection to the main office is unavailable， users in the branch office can log on to the domain. What should you do？（）

Add a new domain controller in the branch office.
B. Configure the branch office domain controller as a global catalog server.
C. Transfer the RID Master role to the branch office domain controller.
D. Transfer the Infrastructure Master role to the branch office domain controller.

查看答案

单选题

You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003. All client computers run Windows XP Professional. The company has legacy applications that run on UNIX servers. The legacy applications use the LDAP protocol to query Active Directory for employee information. The domain controllers are currently configured with the default security settings. You need to configure enhanced security for the domain controllers. In particular， you want to configure stronger password settings， audit settings， and lockout settings. You want to minimize interference with the proper functioning of the legacy applications. You decide to use the predefined security templates. You need to choose the appropriate predefined security template to apply to the domain controllers. What should you do？（）

Apply the Setup security.inf template to the domain controllers.
B. Apply the DC security.inf template to the domain controllers.
C. Apply the Securedc.inf template to the domain controllers.
D. Apply the Rootsec.inf template to the domain controllers.

查看答案

单选题

You are the network administrator for your company. The network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. The domain contains an organizational unit （OU） named Servers that contains all of the company’s Windows Server 2003 resource servers. The domain also contains an OU named Workstations that contains all of the company’s Windows XP Professional client computers. You configure a baseline security template for resource servers named Server.inf and a baseline security template for client computers named Workstation.inf. The Server.inf template contains hundreds of settings， including file and registry permission settings that have inheritance propagation enabled. The Workstation.inf template contains 20 security settings， none of which contain file or registry permissions settings. The resource servers operate at near capacity during business hours. You need to apply the baseline security templates so that the settings will be periodically enforced. You need to accomplish this task by using the minimum amount of administrative effort and while minimizing the performance impact on the resource servers. What should you do？（）

A. Create a Group Policy object （GPO） and link it to the domain. Import both the Server.inf and the Workstation.inf templates into the GP
B. Import both the Server.inf and the Workstation.inf templates into the Default Domain Policy Group Policy object （GPO）.
C. On each resource server， create a weekly scheduled task to apply the Server.inf settings during off-peak hours by using the secedit command. Create a Group Policy object （GPO） and link it to the Workstations OImport the Workstation.inf template into the GP
D. On each resource server， create a weekly scheduled task to apply the Server.inf settings during off-peak hours by using the secedit command. Import the Workstation.inf template into the Default Domain Policy Group Policy object （GPO）.

查看答案