默认题库 - MCSE(70-293)

单选题

You are the systems engineer for your company. The network consists of a single Active Directory domain. The company has a main office and two branch offices. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional. Each branch office maintains a dedicated 256-Kbps connection to the main office. Each office also maintains a T1 connection to the Internet. Each office has a Microsoft Internet Security and Acceleration （ISA） Server 2000 computer， which provides firewall and proxy services on the Internet connection. Each branch office contains one domain controller and five servers that are not domain controllers. There is minimal administrative staff at the branch offices. A new company policy states that all servers must now be remotely administered by administrators in the main office. The policy states that all remote administration connections must be authenticated by the domain and that all traffic must be encrypted. The policy also states that the remote administration traffic must never be carried in clear text across the Internet. You choose to implement remote administration by enabling Remote Desktop connections on all servers on the network. You decide to use the Internet-connected T1 lines for remote administration connectivity between offices. Because administrative tasks might require simultaneous connections to multiple servers across the network， you need to ensure that administrators do not lose connections to servers in one office when they attempt to connect to servers in another office. What should you do？（）

A. Configure Routing and Remote Access on one server in each branch office. Create L2TP/IPSec VPN ports on these servers. Create new VPN connections on the administrators’ computers to connect to the VPN servers in the branch offices.
B. Configure a VPN server in each branch office. Create connections that use IPSec Authentication Header （AH） in tunnel mode from the main office connect to VPN servers in the branch offices.
Configure a local L2TP/IPSec VPN connection on the ISA Server 2000 firewall computer in the main office. Configure the ISA Server 2000 firewall computers at the branch offices as remote L2TP/IPSec VPN servers.
D. Configure a local PPTP VPN connection on the ISA Server 2000 firewall computers in each branch office. Configure the ISA Server 2000 firewall computer at the main office as a remote PPTP VPN server.

查看答案

单选题

You are the network administrator for your company. The network consists of a single Active Directory domain. The company has remote users in the sales department who work from home. The remote users’ client computers run Windows XP Professional， and they are not members of the domain. The remote users’ client computers have local Internet access through an ISP. The company is deploying a Windows Server 2003 computer named Server1 that has Routing and Remote Access installed. Server1 will function as a VPN server， and the remote users will use it to connect to the company network. Confidential research data will be transmitted from the remote users’ client computers. Security is critical to the company and Server1 must protect the remote users’ data transmissions to the main office. The remote client computers will use L2TP/IPSec to connect to the VPN server. You need to choose a secure authentication method. What should you do？（）

A. Use the authentication method of the default IPSec policies.
B. Create a custom IPSec policy and use the Kerberos version 5 authentication protocol.
Create a custom IPSec policy and use certificate-based authentication.
D. Create a custom IPSec policy and use preshared key authentication.
E. Use the authentication method of the Routing and Remote Access custom IPSec policy for L2TP connection.

查看答案

单选题

You are the network administrator for your company. You need to provide Internet name resolution services for the company. You set up a Windows Server 2003 computer running the DNS Server service to provide this network service. During testing， you notice the following intermittent problems： Name resolution queries sometimes take longer than one minute to resolve. Some valid name resolution queries receive the following error message in the Nslookup command-line tool： "Non-existent domain." You suspect that there is a problem with name resolution. You need to review the individual queries that the server handles. You want to configure monitoring on the DNS server to troubleshoot the problem. What should you do？（）

A. In the DNS server properties， on the Debug Logging tab， select the Log packets for debugging option.
B. In the DNS server properties， on the Event Logging tab， select the Errors and warnings option.
C. In System Monitor， monitor the Recursive Query Failure counter in the DNS object.
D. In the DNS server properties， on the Monitoring tab， select the monitoring options.

查看答案

单选题

You are a systems engineer for your company. Your company has 20，000 users in a large campus environment located in Los Angeles. Each department in the company is located in its own building. Each department has its own IT staff， which is responsible for all network administration within the building. The company’s network is divided into several IP subnets that are connected to one another by using dedicated routers. Each building on the company’s main campus contains at least one subnet， and possibly up to five subnets. Each building has at least one router. All routers use RIP version 2 （RIPv2） broadcasts. The company acquires a new business unit located in Denver. The Denver office has 25 users. The network in the Denver office is connected to the network at the main campus by using a leased frame relay connection. The network administrator at the Denver office installs a Windows Server 2003 computer and configures Routing and Remote Access on this server. The network administrator at the Denver office configures this server as a router and implements RIPv2 in Routing and Remote Access. Later， the Denver administrator reports that his router is not receiving routing table updates from the routers on the main campus network. He must manually add routing entries to the routing table to enable connectivity between the locations. You investigate and discover that the RIPv2 broadcasts are not being received at the Denver office. You also discover that no routing table announcements from the Denver office are being received on the main campus network. You need to ensure that the network in the Denver office can communicate with the main campus network and can send and receive automatic routing table updates as network conditions change. What should you do on the router in the Denver office？（）

A. Configure the router to use RIPv1 broadcasts.
B. Configure the router to use auto-static update mode.
C. Add the IP address ranges of the main campus network to the router’s Accept list and Announce list.
D. Add the IP addresses of the main campus routers to the router’s Neighbors list.

查看答案

多选题

Servers in your environment run Windows Server 2003. You plan to configure a highly available file server. You need to choose the appropriate high-availability technology and the minimum Windows Server 2003 edition for this server. Which technology and edition should you choose？（）

A. failover clustering
B. Network Load Balancing
C. Windows Server 2003， Standard Edition
D. Windows Server 2003， Enterprise Editio

查看答案

单选题

You are the systems engineer for Contoso， Ltd. The internal network consists of a Windows NT 4.0 domain. The company maintains a separate network that contains publicly accessible Web and mail servers. These Web and mail servers are members of a DNS domain named contoso.com. The contoso.com zone is hosted by a UNIX-based DNS server running BIND 4.8.1. Contoso， Ltd.， is planning to migrate to a Windows Server 2003 Active Directory domain-based network. The migration plan states that all client computers will be upgraded to Windows XP Professional and that all servers will be replaced with new computers running Windows Server 2003. The migration plan specifies the following requirements for DNS in the new environment： • Active Directory data must not be accessible from the Internet. • The DNS namespace must be contiguous to minimize confusion for users and administrators. • Users must be able to connect to resources in the contoso.com domain. • Users must be able to connect to resources located on the Internet. • The existing UNIX-based DNS server will continue to host the contoso.com domain. • The existing UNIX-based DNS server cannot be upgraded or replaced. You plan to install a Windows Server 2003 DNS server on the internal network. You need to configure this Windows-based DNS server to meet the requirements specified in the migration plan. What should you do？（）

A. Create a primary zone named ad.contoso.com on your Windows-based DNS server. Create a delegation record for the new zone on the UNIX-based DNS server. Configure forwarders on your Windows-based DNS server.
B. Create a primary zone named ad.contoso.com on the UNIX-based DNS server. Create a secondary zone on your Windows-based DNS server for the ad.contoso.com domain.
Create a primary zone named contoso-ad.com on your Windows-based DNS server. Create a secondary zone on the UNIX-based DNS server for the contoso-ad.com domain.
D. Create a primary zone named contoso-ad.com on the UNIX-based DNS server. Create a stub zone on the Windows-based DNS server for the contoso-ad.com domain. Configure conditional forwarders on your Windows-based DNS server for the contoso-ad.com and contoso.com domains.

查看答案

多选题

You are a network administrator for Alpine Ski House. The internal network has an Active Directory-integrated zone for the alpineskihouse.org domain. Computers on the internal network use the Active Directory-integrated DNS service for all host name resolution. The Alpine Ski House Web site and DNS server are hosted at a local ISP. The public Web site for Alpine Ski House is accessed at www.alpineskihouse.com. The DNS server at the ISP hosts the alpineskihouse.com domain. To improve support for the Web site， your company wants to move the Web site and DNS service from the ISP to the company’s perimeter network. The DNS server on the perimeter network must contain only the host （A） resource records for computers on the perimeter network. You install a Windows Server 2003 computer on the perimeter network to host the DNS service for the alpineskihouse.com domain. You need to ensure that the computers on the internal network can properly resolve host names for all internal resources， all perimeter resources， and all Internet resources. Which two actions should you take？（）

A. On the DNS server that is on the perimeter network， install a primary zone for alpineskihouse.com.
B. On the DNS server that is on the perimeter network， install a stub zone for alpineskihouse.com.
Configure the DNS server that is on the internal network to conditionally forward lookup requests to the DNS server that is on the perimeter network.
D. Configure the computers on the internal network to use one of the internal DNS servers as the preferred DNS server. Configure the the TCP/IP settings on the computers on the internal network to use the DNS server on the perimeter network as an alternate DNS server.
E. On the DNS server that is on the perimeter network， configure a root zone.

查看答案

单选题

You are a network administrator for your company. The network consists of a single Active Directory forest that contains three domains. The functional level of the forest and of all three domains is Window Server 2003. The company has a main office and 30 branch offices. Each branch office is connected to the main office by a 56-Kbps WAN connection. You configure the main office and each branch office as a separate Active Directory site. You deploy a Windows Server 2003 domain controller at the main office and at each branch office. Each domain controller is configured as a DNS server. You can log on to the network from client computers in the branch offices at any time. However， users in the branch offices report that they cannot log on to the network during peak hours. You need to allow users to log on to the network from branch office computers. You do not want to affect the performance of the branch office domain controllers. You need to minimize Active Directory replication traffic across the WAN connections. What should you do？（）

A. Use Active Directory Sites and Services to enable universal group membership caching for each branch office site.
B. Use the DNS console to configure the branch office DNS servers to forward requests to a DNS server in the main office.
C. Use Active Directory Sites and Services to configure each branch office domain controller as a global catalog server.
D. Use the DNS console to configure the branch office DNS servers to use an Active Directory-integrated zone.

查看答案

单选题

You are the network administrator for Tailspin Toys. The company has a main office and two branch offices. The network in the main office contains 10 servers and 100 client computers. Each branch office contains 5 servers and 50 client computers. Each branch office is connected to the main office by a direct T1 line. The network design requires that company IP addresses must be assigned from a single classful private IP address range. The network is assigned a class C private IP address range to allocate IP addresses for servers and client computers. Tailspin Toys acquires a company named Wingtip Toys. The acquisition will increase the number of servers to 20 and the number of client computers to 200 in the main office. The acquisition is expected to increase the number of servers to 20 and the number of client computers to 200 in the branch offices. The acquisition will also add 10 more branch offices. After the acquisition， all branch offices will be the same size. Each branch office will be connected to the main office by a direct T1 line. The new company will follow the Tailspin Toys network design requirements. You need to plan the IP addressing for the new company. You need to comply with the network design requirement. What should you do？（）

Assign the main office and each branch office a new class A private IP address range.
B. Assign the main office and each branch office a new class B private IP address range.
C. Assign the main office and each branch office a subnet from a new class B private IP address range.
D. Assign the main office and each branch office a subnet from the current class C private IP address range.

查看答案

多选题

You are a network administrator for Alpine Ski House. The network consists of a single Active Directory domain. The domain name is alpineskihouse.com. The network contains three Windows Server 2003 domain controllers. You are creating the recovery plan for the company. According to the existing backup plan， domain controllers are backed up by using normal backups each night. The normal backups of the domain controllers include the system state of each domain controller. Your recovery plan must incorporate the following organizational requirements. Active Directory objects that are accidentally or maliciously deleted must be recoverable. Active Directory must be restored to its most recent state as quickly as possible. Active Directory database replication must be minimized.You need to create a plan to restore a deleted organizational unit （OU）. Which two actions should you include in your plan？（）

A. Restart a domain controller in Directory Services Restore Mode.
B. Restart a domain controller in Safe Mode.
C. Use the Ntdsutil utility to perform an authoritative restore operation of the Active Directory database.
D. Restore the system state by using the Always replace the file on my computer option.
E. Use the Ntdsutil utility to perform an authoritative restore operation of the appropriate subtree.

查看答案