Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com
QUESTION 1
You work as It Admin at Certkingdom.com. The Certkingdom.com network consists of a domain named Certkingdom.com.
The servers at the Certkingdom.com network run Windows Server 2003. The Certkingdom.com network has a file
server named Certkingdom-SR18. Certkingdom-SR18 hosts shared folders.
During your routine monitoring, you notice that Certkingdom-SR18 has a connectivity issue. To investigate
further you run Network Monitor, but notices that during capturing, network packets were dropped.
What actions must you take to minimize the dropping of packets while monitoring Certkingdom-SR18?
A. You should configure a persistent demand-dial connection.
B. You should configure a two-way initiated demand-dial connection.
C. You should use dedicated capture mode when utilizing the Network Monitor.
D. You should select the Do not overwrite events option in the Event Viewer.
Answer: C
Explanation: The CPU of Certkingdom-SR18 runs on 80%, which indicates that there are not enough
resources to the network Monitor. Running Network Monitor in dedicated capture mode frees
resources on the computer for capturing dat
A. This results in fewer frames being dropped. The
capture statistics are not displayed or refreshed because the frames are copied to the capture
buffer.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, Implementing,
Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training
System, Syngress Publishing Inc., Rockland, 2003, p. 841
QUESTION 2
You work as the network administrator at Certkingdom.com. The Certkingdom.com network consists of a single
Active Directory domain named Certkingdom.com. The servers at the Certkingdom.com network run Windows
Server 2003 and the workstations, Windows XP Professional.
The Certkingdom.com network has a DNS server named Certkingdom-SR03 that does name resolution for host on
the Internet. Certkingdom.com users complain that they do not get the correct site when trying to access
Web site known to them.
What actions must you take to stop this from happening without disrupting production?
A. You should restart the DNS Server service.
B. You should select the Secure cache against pollution setting.
C. You should run the ipconfig/flushdns on Certkingdom-SR03.
D. You should run the ipconfig/registerdns on Certkingdom-SR03.
Answer: B
Explanation: When the Secure cache against pollution setting is disabled, all records received in
response to DNS queries are cached. This is true even when the records do not match to a
queried domain name. Enabling the Secure cache against pollution setting disables the ability to
pollute the DNS cache with incorrect information, and spoof DNS queries. With Windows Server
2003 the default setting is that caches are secured against pollution. This will then prevent users
that browse the Internet from being directed to the wrong websites.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE:
Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network
Infrastructure Guide & DVD Training System, Syngress Publishing Inc., Rockland, 2003, pp. 496-
497
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing,
Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Microsoft
Press, Redmond, 2003, Part 1, Chapter 3, pp. 285, 291
QUESTION 3
You work as the network administrator at Certkingdom.com. The Certkingdom.com network has a domain named
Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003 and the workstations,
Windows XP Professional.
The Certkingdom.com network has a server named Certkingdom-SR10 that runs Windows Server Update
Services (WSUS). During synchronization you notice that you cannot connect to the Windows
Update servers, however, you can access to other Web site not residing in the intranet.
What actions must you take to connect to the Windows Update servers?
A. You must run the ipconfig/registerdns.
B. You must configure the forwarders on Certkingdom-SR10.
C. You must set the authentication to the proxy server in the WSUS settings.
D. You must run the gpupdate /force command on Certkingdom-SR10.
Answer: C
Explanation: In the Software Update Services administration console, there is an option to
configure your internet connection settings. These settings include proxy server settings. If you
have a proxy server between the SUS server and the internet, you need to configure the proxy
server settings in the SUS options.
QUESTION 4
You work as the network administrator at Certkingdom.com. The Certkingdom.com network has a domain named
Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003. Certkingdom.com has a
subsidiary named Test Labs, Inc. that has a domain named testlabs.com.
The Certkingdom.com network has a DNS server named Certkingdom-SR05. Certkingdom-SR05 acts as a secondary
zone for testlabs.com
What actions must you take to track when the DNS server at Test Labs, Inc. sends notifications of
modifications in the zone of testlabs.com to Certkingdom-SR05?
A. You must run the gpresult command in verbose mode.
B. You must select debug logging and set the log to store Notification events on Certkingdom- SR05.
C. You must run the secedit command in analysis mode.
D. You must configure a two-way initiated demand-dial connection.
Answer: B
Explanation: Debug logging is disabled by default and has to be enabled on Certkingdom-SR05. Select
the Log packets for debugging check box to configure Debug Logging. To receive useful debug
logging information, you should select a Packet direction, a Transport protocol, and at least one
more option. You can also specify the file path and name, and the maximum size for the log file.
Enabling Debug Logging slows DNS server performance.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE:
Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network
Infrastructure Guide & DVD Training System, Syngress Publishing Inc., Rockland, 2003, p. 551
QUESTION 5
You work as the network administrator at Certkingdom.com. The Certkingdom.com network consists of a domain
named Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003.
The Certkingdom.com network has a Web server named Certkingdom-SR11. During a routine monitoring you
notice an increase in network traffic. Due to this you need to find out the MAC address of the
workstation that initiated the transfers and the command that was used. However, you action must
not effect Certkingdom-SR11.
What actions must you take?
A. You must run the ipconfig/registerdns.
B. You must use the Netmon utility.
C. You must capture the IP traffic to Certkingdom-SR11.
D. You must Enable Server Message Block (SMB) signing on all the workstations.
Answer: C
Explanation: Network Monitor tool allows you to capture dat
A. The tool also allows you to identify
its source from where it came from. The Network Monitor tool also allows you to analyze the
content of the message. Use a Network Monitor capture filter to capture IP traffic from any
computer to Certkingdom-SR11, and apply the capture filter before capturing the data.
Reference:
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, MCSA/MCSE:
Exam 70-291: Implementing, Managing, and Maintaining a Windows Server 2003 Network
Infrastructure Guide & DVD Training System, Syngress Publishing Inc., Rockland, 2003, pp. 198,
543
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing,
Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Microsoft
Press, Redmond, 2003, Part 1, Chapter 3, pp. 140, 144, 145.
QUESTION 6
You work as the network administrator at Certkingdom.com. The Certkingdom.com network has a domain named
Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003.
The Certkingdom.com network has only one DNS server named Certkingdom-SR11 that only hosts the zone for
Certkingdom.com. During the course of the day you have received complaints that the response time of
the connections to other workstations is very poor.
What actions must you take to see if it is the DNS client traffic on Certkingdom-SR11?
A. You must set up a log of the Total queries/sec and the DNS counters Dynamic updates/sec.
B. You must configure a Network Monitor capture filter.
C. You must run the gpresult command.
D. You must set up the Performance Logs and Alerts to note down the Physical-Disk object.
Answer: A
Explanation: The System Monitor utility is used to collect and measure the real-time performance
data for a local or remote computer on the network. Through System Monitor, you can view
current data or data from a log file. When you view current data, you are monitoring real-time
activity. When you view data from a log file, you are importing a log file from a previous session.
Using the System Monitor, you can generate statistics on the following types of information
regarding DNS services:
AXFR requests (all-zone transfer requests), IXFR requests (incremental zone transfer requests),
DNS server memory usage, Dynamic updates, DNS Notify events, Recursive queries, TCP and
UDP statistics, WINS statistics and Zone transfer issues. Thus to find out where DNS client traffic
is responsible for the slow speed at which computers connect within the Certkingdom.com domain, then
you should create a log of the Dynamic Updated/sec and the Total queries/sec given the fact that
Certkingdom-SR05 is the only DNS server in the domain.
Reference:
James Chellis, Paul Robichaux and Matthew Sheltz, MCSA/MCSE: Windows Server 2003
Network Infrastructure Implementation, Management, and Maintenance Study Guide, Sybex Inc.
Alameda, 2003, pp. 70-73, 304
QUESTION 7
You work as the network administrator at Certkingdom.com. The Certkingdom.com network has a domain named
Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003 and the workstations,
Windows XP Professional.
The Certkingdom.com network has a Web server named Certkingdom-SR10 that has the Internet Information
Services (IIS) 6.0 installed. Certkingdom-SR10 hosts a Web site that can be reached from the internal
network and the Internet. The internal traffic at Certkingdom.com needs authentication without a secure
protocol to access the Web site; however Internet traffic needs to authenticate with a secure
protocol.
What actions must you take to ensure that the all accesses to Certkingdom-SR10 use a secure protocol?
A. You need to configure the log to capture Notification events.
B. You need to apply the hisecdc.inf predefined security template.
C. You need to monitor network traffic and IIS logs.
D. You need to apply a custom security template.
Answer: C
Explanation: To make sure that the users are using a secure protocol, you must use the Network
Monitor. The Network Monitor allows you to capture frames directly from the network. As soon as
the frames are captured it will display and filter captured frames. The Network Monitor also allows
you to edit captured frames and transmit them on the network.
Reference:
Diana Huggins, Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam 70-291),
Chapter 4
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing,
Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Microsoft
Press, Redmond, 2003, 1: 26, 3: 3.
QUESTION 8
You work as the network administrator at Certkingdom.com. The Certkingdom.com network has a domain named
Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003 and the workstations,
Windows XP Professional.
The Certkingdom.com network has two servers, named Certkingdom-SR30 and Certkingdom-SR31, which contain file with
sensitive company information. You create a new OU named SenSrv and move Certkingdom-SR30 and
Certkingdom-SR31 to the new OU. You then create a new GPO that and configure it to encrypt all network
connections. You then link the GPO to the SenSrv OU.
How would you check to see if encrypted connections to Certkingdom-SR30 and Certkingdom-SR31 are taking
place?
A. By opening the Resultant Set of Policy console.
B. By running the Microsoft Baseline Security Analyzer (MBSA).
C. By applying the hisecdc.inf predefined security template.
D. By opening the IP Security Monitor console.
Answer: D
Explanation: Administrators can use the IP Security Monitor tool to confirm whether IP Security
(IPSec) communications are successfully secured. The tool can display the number of packets
that have been sent over the Authentication Header (AH) or Encapsulating Security Payload
(ESP) security protocols, and how many security associations and keys have been generated
since the computer was last started. The IP Security Monitor is implemented as a Microsoft
Management Console (MMC) snap-in on the Windows Server 2003 and Windows XP Professional
operating systems. It includes enhancements that allow you to view details about an active IPSec
policy, in addition to Quick Mode and Main Mode statistics, and active IPSec SAs. IP Security
Monitor also enables you to search for specific Main Mode or Quick Mode filters.
Reference:
Diana Huggins, Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam 70-291),
Chapter 5
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing,
Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Microsoft
Press, Redmond, 2003, p. 15: 20
Deborah Littlejohn Shinder, Dr. Thomas W. Shinder, Chad Todd and Laura Hunter, Implementing,
Managing, and Maintaining a Windows Server 2003 Network Infrastructure Guide & DVD Training
System, Syngress Publishing Inc., Rockland, 2003, p.795
QUESTION 9
You work as the network administrator at Certkingdom.com. The Certkingdom.com network consists of a domain
named Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003 and the
workstations, Windows XP Professional. The Certkingdom.com network has a DNS server named
Certkiller -SR03.
Certkingdom.com changes ISPs. Now you receive complaints that Certkingdom.com users cannot connect to Web
sites on the Internet by using the URL of the Web site.
You configure your workstation with the DNS server address of the new ISP. You can now
connect to Web sites by entering their URL in the browser.
How would you configure Certkingdom-SR03 to allow all users to connect to Internet Web sites without
causing connectivity problems on the internal network?
A. You need run the Oclist.exe command and the Security Configuration and Analysis console on
Certkingdom-SR03.
B. You need to utilize the default root hints of Certkingdom-SR03 and set up a forwarder to the new ISP.
C. You need run the Dcgpofix on Certkingdom-SR03 and set up forwarding to the new ISP.
D. You need to disable recursion and run the Security Configuration and Analysis console on
Certkingdom-SR03.
Answer: B
Explanation: Forwarders are used to inform DNS where to look for name resolution when not in
the local DNS database. With Windows Server 2003 conditional forwarding, recursive query
requests can be subject to different DNS forwarder servers based on the domain name queried.
The root hints file (cache hints file) contains host information needed to resolve names external of
the authoritative DNS domains. It holds names and addresses of root DNS servers which are
normally located on the Internet. In this situation where your network is connected to the Internet,
the root hints file should contain the addresses of the root DNS servers on the Internet. With the
default installation of Windows Server 2003, DNS uses the root hints file. It is not necessary to
configure forwarders to access the Internet. Even though it is recommended to configure
forwarders to point to your external domain, root hints will function quite fine.
Reference:
Diana Huggins, Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam 70-291),
Chapter 3
J. C. Mackin, Ian McLean, MCSA/MCSE Self-Paced Training Kit (exam 70-291): Implementing,
Managing, and Maintaining a Microsoft Windows Server 2003 network Infrastructure, Microsoft
Press, Redmond, 2003, Part 1, Chapters 4 & 5, pp. 193, pp. 194; and pp. 247.
QUESTION 10
You work as the network administrator at Certkingdom.com. The Certkingdom.com network consists of a domain
named Certkingdom.com. The servers at the Certkingdom.com network run Windows Server 2003 and the
workstations, Windows XP Professional.
Certkingdom.com has a Web server named Certkingdom-SR10 which is connected to the Internet. During the
course of the day you have received instructions from the CIO to use System Monitor to determine
how much bandwidth is used on Certkingdom-SR10’s Internet connection. You decide to use the Bytes
Total/sec counter with a sample rate of 10 seconds. You also plan to archive the logs once a day.
Due to limited hard drive space, you need to prevent the logs from getting too big.
What actions must you take to?
A. You should disable recursion.
B. You should create a one-way initiated demand-dial connection.
C. You should configure an alert trigger when the Datagrams/sec counter is high.
D. You should keep Certkingdom-SR10 on the existing counter and set the sample rate to 60 seconds.
Answer: D
Explanation: The function of the Network Interface Bytes Total/Sec counter is to measures the
total number of bytes that are sent/ received from the network interface. You use less processor
cycles when you reduce the sampling frequency.
Reference:
Dan Holme and Orin Thomas, MCSA/MCSE Self-Paced Training Kit (Exam 70-290): Managing
and Maintaining a Microsoft Windows Server 2003 Environment, Microsoft Press, Redmond, 2003,
Chapter 12, p. 479
Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com