This content was uploaded by our users and we assume good faith they have the permission to share this book. If you own the copyright to this book and it is wrongfully on our website, we offer a simple DMCA procedure to remove your content from our site. Start by pressing the button below!
Australia, Brazil, Japan, Korea, Mexico, Singapore, Spain, United Kingdom, United States
MCTS: Windows® Server 2008 70-642 Q&A Pierre Askmo, dti Publishing
Publisher and General Manager, Course Technology PTR: Stacy L. Hiquet Associate Director of Marketing: Sarah Panella Manager of Editorial Services: Heather Talbot Marketing Manager: Mark Hughes Acquisitions Editor: Megan Belanger Project/Copy Editor: Kezia Endsley
For product information and technology assistance, contact us at Cengage Learning Customer & Sales Support, 1-800-354-9706 For permission to use material from this text or product, submit all requests online at cengage.com/permissions. Further permissions questions can be e-mailed to [email protected].
PTR Editorial Services Coordinator: Jen Blaney
All trademarks are the property of their respective owners.
Interior Layout Tech: Bill Hartman
Library of Congress Control Number: 2008941544
CD-ROM Producer: Brandon Penticuff
ISBN-10: 1-59863-896-3
Cover Designer: Mike Tanamachi Proofreader: Sandy Doell
ISBN-13: 978-1-59863-896-7
eISBN-10: 1-43545-452-9 Course Technology, a part of Cengage Learning 20 Channel Center Street Boston, MA 02210 USA
Cengage Learning is a leading provider of customized learning solutions with office locations around the globe, including Singapore, the United Kingdom, Australia, Mexico, Brazil, and Japan. Locate your local office at: international.cengage.com/region.
Cengage Learning products are represented in Canada by Nelson Education, Ltd.
For your lifelong learning solutions, visit courseptr.com. Visit our corporate Web site at cengage.com.
Printed in Canada 1 2 3 4 5 6 7 12 11 10 09
ACKNOWLEDGMENTS
I
want to thank and recognize the dti Publishing team that made this book possible—Joe Celona and Joey Celona Jr. for their irreplaceable contributions to the formulation of the questions. Robert Miller should be recognized for his patient and hard work on the entirety of the texts and thanks to John Macomber and Anne-Marie Suckley for their very dedicated efforts in building and compiling the companion CertBlaster software on the CD.
ABOUT
P
THE
AUTHOR
resident and founder of dti Publishing Corp., Pierre Askmo has extensive experience in the IT certification field. He is the designer of the dtiMetrics™ assessment system. Mr. Askmo’s deep involvement in the IT industry is testified to by his early days’ involvement as a Cornerstone Founding Partner of the A+ Certification program at the Computing Technology Industry Association (CompTIA). Mr. Askmo went on to sit on the A+ Executive committee that designed the A+ certification program and to participate in the Network+ and Server+ Advisory panels. As a former member of the IT Skills Curriculum Group of the U.S. Department of Labor, Mr. Askmo contributed to define the mix of skills deemed necessary to succeed in the IT professions. Mr. Askmo has co-authored the Thomson Course Technology book A+ Q & A, and in 2004 was a co-author with Robert Miller of the book Network+ Certification (Prentice Hall). Mr. Askmo is also an item writer for IT certifications and has worked on CertBlaster test preparation titles for MCSE, MCSA, and now MCTS and MCITP. Mr. Askmo is also the designer of the new powerful and user-friendly dtiMetrics™ assessment system solution that helps students master essential computer concepts and prepare for IT certification.
elcome to MCTS: Windows Server 2008 70-642 Q&A. It is the exam preparation guide to help you pass Microsoft’s exam 70-642, which is one of three core exams in the Windows Server 2008 certification program. This book is aimed strictly at test preparation and review and includes review questions covering all exam 70-642 objectives, including: ■ ■ ■ ■ ■
Configuring IPv4 and IPv6 Configuring name resolution Configuring network access Configuring file and print services Monitoring and managing a network infrastructure
This book also incorporates four full practice exams on the powerful CertBlaster test prep and exam simulation software on the CD (for installation instructions, see Appendix C). Before you study this text, you should start by using the CertBlaster test prep software for one exam in Assessment mode. This will yield, after the test, a “Personal Study Plan” (PSP) that will tell you which exam objectives you need to focus on. If the PSP tells you that you need to study it all, so be it; it is still not a waste of time (more on CertBlaster in Chapter 2). Note that the chapters in this book are organized per main exam objective. Chapters 3 through 7 cover successively the main objectives seen in the previous list.Therefore, if the PSP directs you to just focus on a few objectives, you can easily zoom in on them in this book because of the way it is structured. If this book and the CertBlaster software are your only tools for preparing for this exam, you better be quite experienced or be in a class that covers the actual foundational knowledge required for the 70-642 exam.This book will help prepare the knowledgeable. It doesn’t teach the relevant content; it helps you prepare and take the exam. If you are on your own preparing for this exam and need additional material, check out Configuring Windows Server 2008 Network Infrastructure, by Tony Northrup and J.C. Mackin (published by MS Press). Good luck!
viii
Part I
PREPARING FOR THE TEST
This page intentionally left blank
CHAPTER
1
UNDERSTANDING EXAM 70-642: THE MICROSOFT CERTIFIED PROFESSIONAL (MCP) PROGRAM T
he MCP program has, over the years, seen many evolutions and today has grown into a complete, complex, and mature program. Currently the MCP includes a multitude of distinct tracks, although this book does not cover them all. Instead, it covers the certifications related to exam 70-642. Here are the MCTS and MCITP tracks: ■ ■
MCITP stands for Microsoft Certified Information Technology Professional MCTS stands for Microsoft Certified Technology Specialist
“Professional” ranks higher in the Microsoft certification hierarchy than “Specialist.” All the newer exams are prefaced by the “TS” for Technology Specialist or “PRO,” obviously for Professional, as in Information Technology Professional. The Microsoft Certified Technology Specialist (MCTS) is someone who has completed at least one MCTS exam.The MCTS denotes an individual who has demonstrated skills and knowledge of one product and is thus product specific. The Microsoft Certified Information Technology Professional (MCITP), on the other hand, is someone who has completed a suite of MCTS exams, determined by Microsoft. The MCITP denotes an individual who has demonstrated skills and knowledge over a group of Microsoft products. These product groupings are organized by Microsoft to reflect a well-defined IT job. The MCTS has knowledge about a specific product, whereas the wider-reaching MCITP has competence in a professional area (see Figure 1.1). You are studying this book to prepare for one or more of the following Microsoft certifications: ■ ■ ■
MCTS: Windows Server 2008 Network Infrastructure, Configuring MCITP: Server Administrator MCITP: Enterprise Administrator
To be an MCTS for Windows Server 2008 Network Infrastructure, Configuration, you need to successfully sit for exam 70-642. Using exam 70-642 to become an MCITP opens up two possibilities.You can become an MCITP: Server Administrator or an MCITP: Enterprise Administrator. The MCITP: Server Administrator requires that you pass three exams.You will need to pass two Microsoft Certified Technology Specialist (MCTS) exams, what Microsoft refers to as prerequisite exams, and you will also need one Professional Series exam.
3
1
4
MCTS: Windows Server 2008 70-642 Q&A Figure 1.1 The MCITP versus the MCTS.
The three exams are: ■
■
■
Exam 70-640, which earns you MCTS: Windows Server 2008 Active Directory, Configuration Exam 70-642, which earns you MCTS: Windows Server 2008 Network Infrastructure, Configuration Exam 70-646, which earns you PRO: Windows Server 2008, Server Administrator
The MCITP: Enterprise Administrator requires that you pass five exams (the three required for the MCITP: Server Administrator, plus two others): ■
■
■
■
■
MCTS Exam 70-640, which earns you Windows Server 2008 Active Directory, Configuration MCTS Exam 70-642, which earns you Windows Server 2008 Network Infrastructure, Configuration MCTS Exam 70-643, which earns you Windows Server 2008 Applications Infrastructure, Configuring Either Exam 70-620, MCTS: Windows Vista, Configuring or Exam 70-624, MCTS: Deploying and Maintaining Windows Vista Client and 2007 Microsoft Office System Desktops PRO Exam 70-647, Windows Server 2008, Enterprise Administrator
WHO IS
THE
70-642 EXAM INTENDED FOR?
According to Microsoft, the MCTS for Windows Server 2008 Network Infrastructure, Configuration exam is a credential aimed at IT professionals working in a computing environment of medium- to large-size companies.The MCTS candidate is expected to have a minimum of one year of experience implementing and managing a network operating system in an organization with the following characteristics: ■ ■ ■
Approximately 250 to 5,000 users A minimum of three physical locations A minimum of three domain controllers
Chapter 1 ■
■
Understanding Exam 70-642: The MCP Program
5
The typical services found on this type of network, such as messaging, a database, file and print, a proxy server, a firewall, the Internet, an intranet, remote access, and client computer management The typical connectivity requirements found on this type of network, such as connecting branch offices and individual users in remote locations to the corporate network and corporate networks connected to the Internet
As you can see, Microsoft expects you to have experience with a fairly complex computing environment. Having experience using these technologies is a necessary but probably not sufficient requirement. In fact, in a small way, your experience can at times get in the way of exam success. This is because some of the solutions implemented in the field, even though they work well or are fast and efficient, are not always the “correct answer” on the test. Having said that, experience will be useful more often on the exam than it will be a hindrance. If you are short on experience, you will have to make it up with training, alone or in a classroom.
NOTE If you are on your own preparing for this exam and need additional material, check out the book, Configuring Windows Server 2008 Network Infrastructure by Tony Northrup and J.C. Mackin (published by MS Press). This book covers all the exam objectives effectively and, to deepen your understanding of the subject, includes case scenarios, exercises, and best practices. For more training resources, check out Microsoft’s website at http://www.microsoft.com/learning/en/us/exams/ 70-642.mspx. If by the time you enter this link, it has been moved or does not work anymore, just go to www.microsoft.com and type 70-642 in the Search field.
THE EXAM OBJECTIVES Exam 70-642 is made up of the five following main objectives: ■ ■ ■ ■ ■
Configuring IPv4 and IPv6 Configuring name resolution Configuring network access Configuring file and print services Monitoring and managing a network infrastructure
Each of these has between four and six sub-objectives. Making sure you familiarize yourself with these objectives will help you in laying out your exam preparation strategy (see Chapter 2). The main point in understanding these objectives is that doing so will enable you to make your own decisions as to what is central and what is peripheral to your preparation for exam 70-642.
1
6
MCTS: Windows Server 2008 70-642 Q&A
Main Objective 1: Configuring IP Addressing and Services This first main objective has been given a relative weight of 24% (out of the five main objectives) by Microsoft. The relative weight is a numerical way to represent the relative importance of the objective, which typically translates in approximate number of questions on the exam. Assuming your exam consists of a total of 55 questions, it is reasonable to expect that this objective would be reflected in about 13 of those questions. For a detailed description of the issues covered in this objective, see Appendix B.
Main Objective 2: Configuring Name Resolution This second main objective has been given a relative weight of 27%, so if your exam consists of 55 questions, it’s reasonable to expect that this objective will be represented in about 15 of those questions (.27 × 55). For a detailed description of the issues covered in this objective, see Appendix B.
Main Objective 3: Configuring Network Access This third main objective has been given a relative weight of 22%. If you assume your exam consists of a total of 55 questions, this objective would be represented in about 12 of those questions. For a detailed description of the issues covered in this objective, see Appendix B.
Main Objective 4: Configuring File and Print Services This objective has a relative weight of 13%, which means it would be represented in about seven of 55 total questions. For a detailed description of the issues covered in this objective, see Appendix B.
Main Objective 5: Monitoring and Managing a Network Infrastructure This fifth and final main objective has a relative weight of 14%. Expect it therefore to consist of about eight questions. For a detailed description of the issues covered in this objective, see Appendix B.
SUMMARY As you have seen here, Microsoft expects you to have experience from a fairly complex computing environment. In addition to coming to the exam with this experience, make sure to study the exam objectives until you really understand their context and you understand not only why they are selected but also how one objective relates to another. Understanding the spirit in which the exam is constructed will help you focus your studies for maximum efficiency. If you are planning to prepare on your own for this exam and need additional material, I recommend Configuring Windows Server 2008 Network Infrastructure by Tony Northrup and J.C. Mackin (published by MS Press). This book covers all the exam objectives effectively and, to help you deepen your understanding of the subject, it includes case scenarios, exercises, and best practices.
CHAPTER
2
EXAM STRATEGIES AND TACTICS T
aking an exam is always a stressful experience so I have put together this chapter to help you minimize your stress and maximize your meaningful preparations. The first and best way to minimize the impact of stress is through knowledge—knowledge of the exam topic, knowledge of the exam format and finally, knowledge of the question types.The second best way to alleviate stress is through preparation. Preparation happens through careful planning and practice, practice, and then some more practice! So this chapter contains a few tidbits and some guidance on how to prepare.
SIGNING UP
FOR THE
TEST
To take the test, you need to buy a voucher (the cost is $125.00 at the time of this printing) and schedule your date.To do that, go to www.prometric.com and click on For Test Takers, as you can see in Figure 2.1. By the time you get there these pages may have changed but the idea should be more or less the same. Figure 2.1 Click on For Test Takers to sign up for the test.
This takes you to the next screen, where you use the drop-down menus to select Information Technology (IT) Certification and Microsoft, as shown in Figure 2.2. Once your selection is done, click GO. From the next screen, choose Schedule, Reschedule, Cancel, or Confirm an Exam. Next you can either Locate a Test Site or Schedule an Appointment; either one eventually gets you to the same steps of registering for the exam, selecting a time and date, and making payment (or if you have a paid voucher you will find a place to enter the voucher code).You will need a credit card to do the entire transaction online. If you do not have a credit card, you can mail in your payment but you will then have to wait for it to clear before booking your exam date.
7
2
8
MCTS: Windows Server 2008 70-642 Q&A Figure 2.2 Use the drop-down menus to find the right testing program.
AT
THE
TESTING CENTER
When you signed up, the program suggested a testing location (or several) to you. Make sure to leave yourself more time than you think it may take you to get there. Factors such as traffic or your unfamiliarity with the testing center area can add quite some time to your trip, and the last thing you need on exam day is a bunch of extra stress! When you arrive at your destination, you will need to sign in with the exam coordinator. He or she will ask you to show two forms of ID, with at least one of them being a government-issued photo ID. If you are really early and have some time to kill before your scheduled time, you can use your laptop to take the CertBlaster exams in Flash mode.This mode simulates flash cards where you press the spacebar to see the question, press it again to see the answer, and so on. Once you are signed in and your scheduled time is upon you, you will be asked to leave behind any and all books, bags, and anything else you brought (this is because all Microsoft Certification exams are completely closed book). After that you will be led into a closed examination room.
NOTE Although rare, every so often the exam software or the machine will crash. If that happens, remain calm; you will not be penalized. Call the exam coordinator and he or she will reboot the machine and relaunch the exam software. The program will “remember” your score, where you were, and how much time you have left. Resume calmly as if nothing happened.
All Prometric exams in general and all Microsoft exams in particular are computer based.You are not allowed to bring anything of your own into the testing room, but the exam coordinator will provide you with a sheet of paper and a pen.You will be given an opportunity to take a sample exam before the actual exam.You should take it to make sure you are comfortable with all the navigation features of the exam software (your CertBlaster is pretty close to it but not identical in all respects).You can take it more than once, but it’s questionable whether that would be an efficient use of your time. Once you are ready, tell the exam coordinator and you can now start your exam. It’s the moment of truth!
Chapter 2
Exam Strategies and Tactics
9
THE EXAM Always assume that the test will be harder and more stressful than you expect it to be; typically this is what most candidates feel once they sat for this test. This means prepare a lot, test yourself, and then prepare a lot more. In order to pass the test and thus get certified, you need to score 700 out of 1,000.The number of questions will vary, but for this one assume you’ll be given about 50–55 questions; it can be a bit less or a bit more. Say you have 50 questions on the exam, with a required score of 700 out of 1,000; you would figure that 35 correct (70% of 50) will guarantee a win. Wrong. Each question is individually weighted. So, one person might miss 16 questions and pass while another could arguably miss only 13 and fail. Some questions are multi-part and assigned partial credit.What this means is—never relax during the exam by assuming you got 35 correct and are home free. Since you don’t have the key to the weight given to each question, you don’t know what the exact cutoff is on your exam until you get the results. For this exam you will likely be facing a “fixed length” exam although you could also see a “shortform test.” At the time of printing of the book, Microsoft did not offer the adaptive testing for this exam so we are not going to elaborate on that format here. ■
■
In the fixed-length test you will be facing 50 to 70 questions, typically 50–55. All questions in this format (as well as in the short form test) enable you to mark the questions for review (from the check box in the top-left corner of the exam software). This allows you to return to a question as many times as you need (restricted by the time left on your exam, of course). I’ll discuss how to best use this feature later in this chapter. The short-form test has 25 to 30 questions with navigation features identical to the ones for the fixed-length format.
TEST TAKING STRATEGIES There is no silver bullet when it comes to test taking.There are probably as many test taking strategies as there are test takers out there. In the following sections, I list a couple of strategies that have served a lot of candidates well, including this author.
Circle In This strategy involves four major steps: 1. Go through the entire test quickly and answer all the “easy” ones. 2. Answer all the ones where you think you know the answer within a few seconds. If you are not sure, mark these for review. 3. For any questions where you draw a blank, mark these for review and do not answer them. 4. Circle back to all the questions marked for review. Your goal here is to identify the questions you need more time with and review those over and over again until you are done.You should skip any question when you do not immediately know the answer.When you do this (that is skip in the first run through), don’t mark any of the answers so as to not lead yourself down the potentially wrong path when you revisit them. Now, of course you do click answers for any and all questions you are confident about.
2
10
MCTS: Windows Server 2008 70-642 Q&A
Next if you are not sure about the answer, mark it for review (check the box on the top-left corner of the exam software). Afterwards, go back and re-read these questions to make sure you answered them correctly. By the end of the test, you might very well have circled back to some of the questions three to four times before you answer them. This will allow you to answer more questions with a high degree of confidence.An additional benefit of this method is that your brain doesn’t stop working on a question just because you are skipping to the next. Sometimes what seems insolvable on the first look becomes easy several minutes later on a second look. Finally, on occasion you will discover that a related or unrelated question that you read later may jog your memory and make it easier to answer a question you initially had a hard time with.
The Rake Some candidates prefer to answer every question the first time around and just mark for review (check the box in the top-left corner of the exam software) the ones they feel uncertain about.The idea is that this way you will be sure to have an answer for every question even if you run out of time.The risk with this strategy is of course that you let yourself get stuck on a couple of hard ones and still run out of time.
NOTE In the last minutes of the test, answer all; answer anything!
Whatever you do, when the end nears, make sure to check an answer, any answer at all. The reason for this is twofold—there are no minus points for incorrect answers and most questions are multiple choice. If you have a question with one correct answer out of four alternatives, you have a 25% chance to get it right even if you have absolutely no idea what the question is about. Now, assume you have four of those questions left and some 30 seconds to go.You now have a statistical probability that you will get one extra correct answer out of answering all of those A or B, or whatever. If you are unlucky, it could still be zero; if you are lucky it could even give you two correct, which could be the difference between failure and success on exam day. What is guaranteed, however, is that if you don’t answer these at all, you will get zero points on those questions.
COMMON QUESTION TYPES The most prevalent question type you will encounter on this exam is the multiple choice question with one or more correct alternatives. When it is a multiple choice single answer with four alternatives, you will typically have two or more obviously wrong alternatives and two credible answers, one of which is correct. If you know the answer, no problem; click it and move on. If you are uncertain and can see the two plausible ones, you now have narrowed it down to a 50% chance of getting it right, so make sure you click one of the two before it is too late. In this situation you can always mark it for review.When you are ready to answer the question, just click on the radio button next to the answer you want to choose.
Chapter 2
Exam Strategies and Tactics
11
The most important thing to remember on a multiple choice question is to read the entire stem very carefully, word by word. If the answer seems really obvious to you, great, but make sure to look out for any negatives, double negatives, or any other twists so you don’t fall into any obvious traps. A good tactic is to read the question and then try to come up with the answer before looking at the answer alternatives; sometimes this may keep you from being influenced by a smart distracter. Always look for clues in the stem; sometimes the way it is written will help you rule out one or more of the distracters if you just read it carefully enough. Figure 2.3 shows an example of a typical multiple choice question (note the negative in this one). Figure 2.3 A typical multiple choice exam question, with the use of a negative.
Another common question type is the “list and reorder” type of questions (you will see quite a few of those in the CertBlaster as well). The way these work is that you are given a set of items in a random order and asked to list them in the correct order. The way the Prometric exam software does this is to place the items in one of two frames separated by a column on which you will find controls. Click to highlight the item you think should be first on the list; then click the Add button or the arrow in the middle, and the item will be placed first in the second frame. Repeat this procedure with the other items until you have no items remaining in the right column. Figure 2.4 shows an example of the list and reorder window. Figure 2.4 An example list and reorder window.
“Create a tree” is another question format you are likely to face on the exam. Just as in the “list and reorder” question type, you will see two columns and you will be asked to organize the information.You are asked to organize the information along a hierarchy. To move an entry from the list to the desired location in the tree, you need to select the relevant tree node by clicking it, select the entry you want to move, and then click the Add button. As soon as you add an entry to a tree node, it appears with a + sign to the left of the node name.You can click it to expand the node and see the entries you have added. If you want to move any entry, just select it and click it and then click the Remove button.
2
12
MCTS: Windows Server 2008 70-642 Q&A
Another common question type is “drag and drop.” This question format requires you to drag a label to its correct spot, either in a table or in a graphic.You will simply click the item, drag to the desired spot, and let go of the mouse. If you made an error, you can click Reset if available or just re-drag and drop the item. Figure 2.5 shows an example where you must drag the labels in the left column to the Description column. This example is actually a variant of a list and reorder type question. Figure 2.5 The drag and drop type question, where you drag a term from one column to its match in the other column.
USING CERTBLASTER
FOR
TEST PREPARATION
Software-based test preparation is really important when it comes to MCP exams because they are all taken on the computer at the testing center. If this is your first Microsoft exam, then CertBlaster can be crucial as it will put you in the situation and familiarize you with the navigation and other important features. However, even if you’re a seasoned Microsoft test taker, it will still be very useful for you to use CertBlaster to gauge, among other things, how you do within the given time limit specifically on this exam topic. The home screen in CertBlaster contains the exams and the drills you have access to. The upper half of that screen contains the exams, as shown in Figure 2.6. The lower portion contains the drills, one per Microsoft exam objective, as shown in Figure 2.7. The exams consist of 50 questions, each drawn from the drills. A drill is a test bank that contains questions exclusively focused on one exam main domain. As an example, Exam 70-642 contains five main domains; therefore, you will find five drills in the 70-642 CertBlaster. Drill one will have
Chapter 2
Exam Strategies and Tactics
13
Figure 2.6 The top half of the CertBlaster home screen.
2 Figure 2.7 The bottom half of the CertBlaster home screen.
questions mapped to main domain one (Configuring IPv4 and IPv6). Furthermore, each main domain is assigned a weight in the overall certification; the value of that weight determines the number of questions available in each drill. Finally, the Exams pull questions from the drills in numbers reflecting the relative weight of the objectives. The CertBlaster test preparation software helps you study, cram, and simulate the exam. It has four modes: ■ ■ ■ ■
Assessment mode Study mode Flash mode Certification mode
Step 1: Assessment Mode and How It Is Personally Customized In assessment mode you are presented with a set number of questions aimed at offering a representative sample of the types of questions you’ll encounter on the exam.The assessment mode offers a time setting where you only see the questions and are expected to answer them as best you can. The main reason to take a test in assessment mode is of course to get a sense of where you stand. For that reason, CertBlaster’s assessment mode enables you to save or print your customized “Personal Testing Plan” (PTP), which is generated by CertBlaster based on your responses during the test. It will list the exam objectives and sub-objectives you need to revisit in order to perfect your exam preparation.This book’s chapter names (from Chapter 3 and up) are the main domains of the exam.The sub-objectives are listed underneath each question and typically appear in increasing order. Figure 2.8 shows an example. Figure 2.8 shows question number 86; the way you know which chapter it belongs to is by looking at the last line, which lists the exam number and then 1.3. This stands for Microsoft main domain 1 (Configuring IPv4 and IPv6) sub-objective 3 (Configure Routing).
14
MCTS: Windows Server 2008 70-642 Q&A Figure 2.8 The objectives are listed underneath each question and typically appear in increasing order.
This is why it will always be easy to go back to this book, PTP in hand, and find out which area you need to review. However, as I said in the Introduction, this is not a book where you learn the skills necessary for this exam; for that you will need a study guide. A good one is obviously Microsoft’s very own training kit.The PTP also includes for each question you missed, chapter and page references back to MCTS Self-Paced Training Kit (Exam 70-642): Configuring Windows Server® Network Infrastructure.
Step 2: Study Mode In study mode, you will be exposed to exam type questions in your own relaxing and customized learning environment.You can decide how many questions you want to handle for the sitting, you can take notes as you go through the questions, and you can see the answers and explanations if you so desire. You have unlimited time to do all this so make sure you take your time and give yourself the opportunity to understand why any given answer is correct. I can’t stress enough that rote memorizing is not the way to pass on exam day; comprehension is what stays with you and enables you to navigate successfully through the twists and turns of the question types and content that you are going to face.
Step 3: Certification Mode and How To “Feel” the Exam Without Taking It In certification mode, the exam conditions will be replicated as closely as possible.This means you will get a number of questions, type of questions, and distribution of questions over the different exam objectives to mimic as closely as possible the conditions of the exam. Obviously this is a timed exercise and you will not be able to see any of the answers or explanations. In order to feel comfortable with a CertBlaster result even in certification mode, you need a very high score (probably north of 95%). Also, be sure you got that score by understanding the question and answer and not by memorization alone. A score achieved through memorization will not necessarily translate to exam success, as the questions will not be identical to the ones you answer in CertBlaster.
Flash Mode Flash mode is a last-minute convenience device. It allows you to press your spacebar, see a question, press the spacebar again to see the answer, and so forth. As you can see, this replicates the act of studying with flash cards. And although not a main element of an exam strategy, it has its place as a final touch on your way to certification.This comes last; you can do it at home or at the testing center if there is a wait.
Chapter 2
Exam Strategies and Tactics
15
Important Features You Will Encounter in CertBlaster The most significant part of any CertBlaster are of course the questions. They are calibrated and mapped to the exam in a manner to help you best prepare for the types of reasoning you will need to win on exam day. In addition to this content component, some elements of the CertBlaster navigation will also help you prepare. Because these features are similar to the ones used on the exam software, they will familiarize you with the exam software feature well before exam day.The most significant of those features are the ones shown in Figure 2.9. Figure 2.9 Be sure you know how to use these elements of the test to your best advantage before you walk in the door of the exam.
These features act in the same way as they do on the actual exam. Just as on the exam, if you have skipped or marked questions for later, before it begins grading, CertBlaster will prompt you to answer such questions before it is too late (provided of course you have time left on the exam timer).
Additional CertBlaster Features That Will Help You Prepare Study mode offers the most features and help available. Figure 2.10 shows the top navigation in Study mode. Figure 2.10 CertBlaster’s Study mode offers lots of help and guidance.
The first several options are covered in the previous section.The Home button allows you to exit the test and go back to the exam and drills page, where you can select a new exam or drill. The Hint and Answer buttons contain the same content, although the Hint feature doesn’t give you the correct answer. Figure 2.11 shows what you would see after choosing an incorrect answer and then clicking the Answer button. Clicking Note in the navigation bar will open the CertBlaster notebook, where you can type a remark regarding the question you are studying. Once you have saved your note, you will see a paper clip attached to that question.This is useful if you are studying with friends, in a group, with an instructor, or simply want to remember any special issue concerning this question. Figure 2.12 shows the Note feature in action. After grading your test, CertBlaster then creates your Personal Testing Plan (PTP).The reason your customized PTP (based on your assessment result) is useful is because it helps you focus on your weak areas. It contains chapter and page references to the relevant MS Press book as well as references to the exam objectives (down to the sub-objective) that you need to pay attention to as a result of your assessment. To print or save your PTP, just click Next and a dialog box will prompt you. Figure 2.13 shows an example of a generic PTP.
2
16
MCTS: Windows Server 2008 70-642 Q&A Figure 2.11 The Answer feature on Study mode shows you the correct answer.
Figure 2.12 The Note feature allows you to write electronic notes and attach them to specific questions.
Figure 2.13 An example Personal Testing Plan.
Chapter 2
Exam Strategies and Tactics
17
SUMMARY This book and software aim at enhancing your exam readiness at all levels.The goal is to give you an insight into the exam procedures and format, as well as the types of questions you will face at the exam. I hope that the 800 practice questions in this book plus the CertBlaster software (on the CD at the end of this book) will contribute to your exam readiness and help you walk in on examination day feeling prepared and confident. Good luck!
2
This page intentionally left blank
Part II
PRACTICE TESTS
This page intentionally left blank
CHAPTER
3
CONFIGURING IPV4 AND IPV6 3
T
his chapter contains 192 questions that all fall under Microsoft’s first main exam objective for the 70-642 exam, “Configuring IPv4 and IPv6.”This main objective consists of the following three sub-objectives: ■ ■ ■
Microsoft has given this main exam objective a weight of 24%, which is why I have created 192 (out of a total of 800) test preparation questions for this chapter.
TEST PREPARATION QUESTIONS 1. On an IPv4 network, how many computers can be hosted on a network with an address of 192.168.244.0/23? A. 510 B. 1022 C. 30 D. 4,094 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 2. To determine the number of subnets in an IPv4 network, you should use which formula? A. S=2b B. S=2bx C. S=2b D. None of the above 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 3. On an IPv4 network, you are given the 172.20.43.0/24 address block and you want to change the subnet mask internally to /27. How many different subnets would this generate? A. 2 B. 8 C. 3 D. 0 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
21
22
MCTS: Windows Server 2008 70-642 Q&A
4. Translate 255.255.252.0 to slash notation. A. /22 B. /17 C. /30 D. /20 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 5. Change the following subnet mask from slash notation to dotted-decimal: /19. A. 255.255.192.0 B. 255.255.248.0 C. 255.255.224.0 D. 255.255.128.0 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 6. A default gateway must do which of the following? A. Share the same network ID and be located within the same broadcast domain as the hosts it is serving B. Always be left unconfigured for security reasons C. Be on a different broadcast domain from the hosts it is serving and have a different network ID D. Be on the same broadcast domain as the hosts it is serving and have a different network ID 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 7. What type of IPv4 address is 172.16.10.2? A. Public IPv4 B. Private IPv4 C. APIPA D. Private IPv6 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 8. Subnetting often causes which of the following? (Choose two.) A. Restricted broadcast traffic B. Reduced security C. Simplified administration D. Complicated administration E. All of the above 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
Chapter 3
Configuring IPv4 and IPv6
23
9. An IPv4 network has six computers and is using an address space of 206.82.110.0/29. You want to add 100 new computers; what should you do? A. Expand the network to the /27 address block B. Expand the network to the /25 address block C. Expand the network to the /30 address block D. Do nothing because /29 network is large enough 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 10. A network with a subnet mask of 255.255.252.0 will grant how many network hosts? A. 2500 B. 6 C. 20 D. 1022 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 11. What is the tunneling protocol that allows a private IPv6 network to communicate with a private IPv4 network? A. Teredo B. TCP/IP C. ISATAP D. 6to4 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 12. What does the 6to4 protocol do? A. Tunnels IPv6 traffic over IPv4 traffic through 6to4 routers B. Allows a private IPv6 network to communicate with a private IPv4 network through a 6to4 router C. Allows clients located behind an IPv4 NAT device to use IPv6 over the Internet D. Allows the use of IPv6 to communicate only if the client, server, and network infrastructure support it 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 13. Which protocol relies on an infrastructure that includes specific clients, servers, relays, and host-specific relays? A. 6to4 B. TCP/IP C. Teredo D. ISATAP 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
3
24
MCTS: Windows Server 2008 70-642 Q&A
14. The IPv6 address 2001:0DB8:3FA9:0000:0000:0000:00D3:9C5A can be rewritten in shorter form as which of these choices? A. 2001:DB8:3FA9::::D3:9C5A B. 21:DB8:3FA9::::D3:9C5A C. 2001:DB8:3FA9::D3:9C5A D. It cannot be written any shorter 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 15. What is the loopback address in IPv6? A. 127.0.0.1 B. 1:: C. ::0 D. ::1 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 16. Which of the following is an example of a ULA (Unique Local Address)? A. fd27:9abf:efb0:1::2 B. 2001:DB8:3FA9::D3:9C5A C. 192.168.0.0 D. Fe80:154d:3cd7:b33b:1bc1 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 17. 2001:DB8:3FA9::D3:9C5A is an example of what type of IPv6 address? A. Unique local address B. Link-local address C. Private address D. Global address 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 18. Link-local addresses are used for which of the following? A. Communication on the local subnet B. IPv6 to IPv4 conversion C. Used by ISPs D. Communication over the Internet 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 19. Choose the states of an IPv6 address. A. Deprecated B. Expired C. Tentative D. Valid E. Pending F. Preferred 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
Chapter 3
Configuring IPv4 and IPv6
25
20. Which type of IPv6 address do you need if you want to connect to the IPv6 Internet from a server? A. Link-local address B. Unique local address C. Site-local address D. Global address 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 21. Which IPv6 address type is needed for a private network with four subnets? A. Unique local address B. Site-local address C. Global address D. Link-local address 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 22. What are the types of IPv6 addresses? A. Site-local address B. Global address C. Unique global address D. Link-local address E. Link-global address F. Unique local address 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 23. What is NOT an advantage of using IPv6 over IPv4? A. Improved security B. It’s backward compatible C. Simpler configuration D. More addresses 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 24. Which type of transition technology allows an IPv4-only host to communicate with the IPv6 Internet? A. Teredo B. ISATAP C. 6to4 D. Next Generation 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
3
26
MCTS: Windows Server 2008 70-642 Q&A
25. Which one of the following is the part of the Teredo protocol infrastructure that forwards packets between Teredo clients on the IPv4 Internet and IPv6-only hosts? A. Teredo client B. Teredo server C. Teredo relay D. Teredo host-specific relay 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 26. What does a Teredo server do? A. Helps perform the address configuration B. Forwards packets between Teredo clients on the IPv4 Internet and IPv6-only hosts C. Only communicates with other Teredo servers D. Tunneling endpoint 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 27. Which of the following IPv4 addresses grants the greatest number of hosts? A. 131.107.100.48/28 B. 206.73.118.24/29 C. 206.73.118.0/26 D. 10.0.0.0/30 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 28. What are the ranges of IPv4 addresses? A. Public B. IANA C. Private D. APIPA E. APNIC F. Global 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 29. Who is responsible for dividing up the nonreserved portion of the IPv4 address space? A. FCC B. NSA C. IANA D. Local ISPs 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 30. Which of the following is an example of a private IPv4 address? A. 192.168.1.12 B. 206.73.118.103 C. 131.107.0.0 D. 127.0.0.1 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
Chapter 3
Configuring IPv4 and IPv6
27
31. Use the correct formula to determine the number of subnets, given that b=4. A. 8 B. 4 C. 2 D. 16 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 32. You want to add a new server to your network. The addresses of the computers on the network are 10.2.12.1, 10.2.41.23, 10.2.41.100, and 10.2.41.110.What should the subnet of the new server be? A. 255.0.0.0 B. 255.255.0.0 C. 255.255.255.0 D. 255.255.255.252 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 33. When using variable-length subnet masks (VLSMs), the subnet ID should always have a trailing what? A. 1 B. 0 C. Either 1 or 0 D. 2 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 34. If you are given an address block of 10.200.48.0 with a subnet mask of 255.255.240.0, how many supported hosts are granted? A. 510 B. 6 C. 2046 D. 4094 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 35. Which two options describe the two parts of an IPv4 address? A. Host ID B. Header C. Data D. Network ID E. Tail 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing
3
28
MCTS: Windows Server 2008 70-642 Q&A
36. How many bits in length is an IPv4 address? A. 64 B. 8 C. 32 D. 4 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 37. IPv6 uses ____________ instead of network broadcasts like IPv4 uses. A. Unicast B. Netcast C. Multicast D. Limited broadcast 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 38. Unicast IPv6 addresses are divided into two parts of how many bits each? A. A 32-bit component and a 32-bit component B. A 64-bit component and a 64-bit component C. A 32-bit component and a 64-bit component D. A 48-bit component and a 64-bit component 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 39. Which of the following are NOT types of IPv6 addresses? A. Link-local B. Public C. Global D. Unique local E. Private 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 40. Which of the following is an example of a link-local address (LLA)? A. fd27:9abf:efb0:1::2 B. 2001:DB8:3FA9::D3:9C5A C. 192.168.0.0 D. fe80:154d:3cd7:b33b:1bc1 70-642 Objective 1.1: Configure IPv4 and IPv6 addressing 41. Which DHCP option is comprised of a preferred list of IPv4 addresses for routers on the same subnet as its DHCP clients? A. 006 DNS Servers B. 051 Lease C. 003 Router D. 015 DNS Domain Name 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
Chapter 3
Configuring IPv4 and IPv6
29
42. The DHCP option “006 DNS Servers” provides the client with what? A. A preferred list of IPv4 addresses for routers on the same subnet as its DHCP clients B. The domain name that DHCP clients should use when resolving unqualified names during DNS domain name resolution. C. The IP addresses for DNS name servers that DHCP clients can contact and use to resolve a domain host name query D. A preferred NetBIOS name resolution method for the DHCP client to use 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 43. Which DHCP option specifies the domain name that DHCP clients should use when resolving unqualified names during DNS domain name resolution? A. 003 Router B. 006 DNS Servers C. 015 DNS Domain Name D. 044 WINS/NBNS Servers 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 44. Which DHCP option defines the IPv4 addresses of primary and secondary WINS servers for the DHCP client to use? A. 003 Router B. 006 DNS Servers C. 044 WINS/NBNS Servers D. 046 WINS/NBT Node Type 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 45. Which DHCP option is a preferred NetBIOS name resolution method for the DHCP client to use? A. 003 Router B. 006 DNS Servers C. 044 WINS/NBNS Servers D. 046 WINS/NBT Node Type 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 46. Which DHCP option assigns a special lease duration only to remote access clients? A. 006 DNS Servers B. 044 WINS/NBNS Servers C. 046 Remote Lease D. 051 Lease 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
3
30
MCTS: Windows Server 2008 70-642 Q&A
47. The Specify IPv4 DNS Server Settings page of the Add Roles wizard gives you the ability to change which options? A. 003 Router B. 006 DNS Servers C. 015 DNS Domain Name D. 044 WINS/NBNS Servers E. 051 Lease 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 48. The Specify IPv4 WINS Server Settings page enables you to configure which DHCP server option? A. 003 Router B. 006 DNS Servers C. 015 DNS Domain Name D. 044 WINS/NBNS Servers 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 49. Before a DHCP server can provide IP address leases to clients, which of the following needs to be defined by the DHCP server? A. DNS server B. Scope C. NetBIOS name D. WINS server 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 50. Which one of the following is optional when creating a scope using the Add Scope dialog box? A. Scope name B. Subnet type C. Default gateway D. Subnet mask 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 51. Which of the following describes a set of one or more IP addresses that is included within the range of a defined scope but that you do not want to lease to DHCP clients? A. Inclusion range B. Exclusion range C. Inclusion scope D. Exclusion scope 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
Chapter 3
Configuring IPv4 and IPv6
31
52. Which of the following describes a permanent address lease assignment by the DHCP server by associating an IP address with a MAC address? A. Inclusion B. Exclusion C. Reservation D. Scope 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 53. At which levels can you assign options? A. Server level B. Computer level C. Scope level D. Reservation level E. Local level F. Domain level 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 54. If you want an option to be applied to all scopes, leases, and reservations, it should be defined at which level? A. Scope level B. Server level C. Reservation level D. Domain level 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 55. If you want options to be defined only within the scope, they should be defined on which level? A. Server level B. Reservation level C. Domain level D. Scope level 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 56. Options at the reservation level apply to which of the following? A. All reservations B. Only that reservation C. All scopes on the server D. All leases and reservations within the scope 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
3
32
MCTS: Windows Server 2008 70-642 Q&A
57. What are the types of DHCP options classes? A. Administrator classes B. Vendor classes C. Server classes D. User classes 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 58. When you configure options for the Default User class, which clients are assigned these options? A. None B. All, unless the same option is defined in a class-specific option C. All; they override class specific options D. Only newly created clients 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 59. You want to add a DHCP server to a network to give addresses to the 192.168.1.0/24 range. But you have a DNS server with a statically defined address of 192.168.1.10. How should you create a scope that does not conflict with the DNS server? A. Create a reservation that assigns the 192.168.1.10 address to the DNS server B. Create two address ranges in the DHCP scope that exclude the 192.168.1.10 address C. Create an exclusion for the address 192.168.1.10 D. Change the address of the DNS server to something outside the range of the scope 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 60. Which of the following commands installs the DHCP Server role on a Server Core installation of Windows Server 2008? A. net start dhcpserver B. sc config dhcpserver start= auto C. netsh interface ipv4 set address "local area connection" dhcp D. start /w ocsetup DHCPServerCore 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 61. In order to start DHCP once it is installed on a Server Core installation of Windows Server 2008 for the first time, which command do you use? A. net start dhcpserver B. sc config dhcpserver start= auto C. netsh interface ipv4 set address "local area connection" dhcp D. start /w ocsetup DHCPServerCore 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
Chapter 3
Configuring IPv4 and IPv6
33
62. To configure the DHCP service to start automatically on a Server Core installation of Windows Server 2008, which of the following commands would you use? A. net start dhcpserver B. sc config dhcpserver start= auto C. netsh interface ipv4 set address "local area connection" dhcp D. start /w ocsetup DHCPServerCore 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 63. This type of DHCP options class is generally not configurable and is normally built into the software of the client. A. User class B. Vendor class C. Administrator class D. Software class 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 64. This type of DHCP options class is configurable. Administrators can create new versions of this class with the settings of their choice. A. User class B. Vendor class C. Administrator class D. Local class 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 65. What does the ipconfig/setclassid command allow you to do? A. Define a new user class at the DHCP server B. Assign selected client computers to a new user class C. Assign an ID to a new user class D. Define a set of options for a new user class 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 66. In the command, ipconfig /setclassid "local area connection" MCTS, what is the class ID? A. "local area connection” B. MCTS C. setclassid D. There is none 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
3
34
MCTS: Windows Server 2008 70-642 Q&A
67. Which of the following commands would configure a client to inherit the options defined in class TS and the options defined for the default user class? A. ipconfig /setclassid TS B. ipconfig /setclassid "local area connection" TS C. /setclassid "local area connection" TS D. ipconfig /TS 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 68. To which class do all DHCP clients belong? A. Vendor class B. Administrator class C. Default User class D. Everyone 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 69. In order to create an exclusion range you need to navigate to which location in the DHCP console tree? A. DHCP \ <server node> \ IPv4 \ Scope \ Address Pool B. DHCP \ <server node> \ IPv4 \ Scope \ Exclusions C. DHCP \ <server node> \ IPv4 \ Scope \ Reservations D. DHCP \ <server node> \ IPv4 \ Scope \ Ranges 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 70. You are the administrator of a network with a scope whose address range is 192.168.10.1–192.168.10.200. Within this range you have a number of statically assigned servers within the range of address: 192.168.10.20–192.168.10.30. What should you do in order to prevent conflicts? A. Create reservations for each of the servers B. Create exclusions for each server C. Set an exclusion range from 192.168.10.20–192.168.19.30 D. Change the addresses of the servers to out of the scope 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 71. What is the lease duration for the Wired subnet type when creating a new scope? A. Eight hours B. Eight days C. Six hours D. Six days 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
Chapter 3
Configuring IPv4 and IPv6
35
72. What is the lease duration for the Wireless subnet type when creating a new scope? A. Eight hours B. Eight days C. Six hours D. Six days 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 73. Which option in the Add Scope dialog box allows you to configure the 003 Router option? A. Scope name B. Subnet mask C. Default gateway D. Subnet type 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 74. In the Add Scope dialog box, which choices are available for the subnet type? A. Wired B. Long C. Short D. Wireless E. Default 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 75. Before a DHCP server can lease addresses from a scope to any DHCP clients in a domain environment, what do you need to do? A. Activate the server in Active Directory B. Authorize the server in Active Directory C. Upgrade the server D. Nothing 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 76. Before a DHCP server can lease address from a scope to any DHCP clients in a domain environment, you need to do what to the scope? A. Authorize B. Upgrade C. Activate D. Delete 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP)
3
36
MCTS: Windows Server 2008 70-642 Q&A
77. After you add a DHCP server to a network, you find that none of the computers on the network can communicate beyond the local network. Which option should you configure in order to fix this problem? A. 003 Router B. 006 DNS Servers C. 015 Domain Name D. 044 WINS/NBNS Servers 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 78. You are in charge of a network that has a DHCP server configured with a static IP address of 10.10.0.10/24 and a DNS server address of 10.10.1.1.The scope is configured with a range of 10.10.1.0/24. You then find out that the clients are not being leased addresses from the DHCP server. What should you do? A. Change the clients into DHCP clients B. Change the address of the DHCP server and redeploy it C. Turn DHCP on D. Change the address of the DNS server 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 79. Which of the following is NOT a valid DHCP option? A. 003 Router B. 006 DNS Servers C. 015 DHCP Domain Name D. 044 WINS/NBNS Servers 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 80. Which DHCP option has the address for the DNS name servers that DHCP clients can contact and use to resolve a domain host name query? A. 003 Router B. 006 DNS Servers C. 015 DNS Domain Name D. 044 WINS/NBNS Servers 70-642 Objective 1.2: Configure Dynamic Host Configuration Protocol (DHCP) 81. Which of the following commands provides the most detailed and reliable analysis of network performance? A. TraceRT B. PathPing C. Ping D. Ipconfig 70-642 Objective 1.3: Configure Routing
Chapter 3
Configuring IPv4 and IPv6
37
82. Routing protocols allow routers to do what? A. Trace network connections B. Set up ICMP C. Automatically adjust when network conditions change D. Set up security for data sent on the network 70-642 Objective 1.3: Configure Routing 83. Which of the following is a popular routing protocol? A. Routing Internet Protocol B. Internet Control Message Protocol C. TCP/IP D. IPSec 70-642 Objective 1.3: Configure Routing 84. Earlier versions of Windows support ____________, which is no longer included with Windows Server 2008. A. RIP B. ICMP C. IPSec D. OSPF 70-642 Objective 1.3: Configure Routing 85. When configuring the settings for Routing Internet Protocol (RIP), the General tab allows you to configure which settings? A. Manually list neighbors B. Configure announcement intervals C. Select the version of RIP and select if authentication is required D. Choose whether to filter router advertisements 70-642 Objective 1.3: Configure Routing 86. When configuring the settings for Routing Internet Protocol (RIP), the Security tab allows you to change which settings? A. Manually list neighbors B. Select the version of RIP and select if authentication is required C. Configure announcement intervals D. Choose whether to filter router advertisements 70-642 Objective 1.3: Configure Routing
3
38
MCTS: Windows Server 2008 70-642 Q&A
87. When configuring the settings for Routing Internet Protocol (RIP), the Neighbors tab allows you to configure which settings? A. Manually list neighbors B. Configure announcement intervals C. Select the version of RIP and select if authentication is required D. Choose whether to filter router advertisements 70-642 Objective 1.3: Configure Routing 88. The Advanced tab, when configuring the settings for Routing Internet Protocol (RIP), allows you to change what? A. Manually list neighbors B. Select the version of RIP and select if authentication is required C. Configure announcement intervals D. Choose whether to filter router advertisements 70-642 Objective 1.3: Configure Routing 89. Which of the following is NOT a tab in the Configure RIP Properties dialog box? A. General B. Advanced C. Policy D. Security 70-642 Objective 1.3: Configure Routing 90. Which of the following is a tab on the Configure RIP Properties dialog box? A. Neighbors B. Policy C. Configuration D. Remote Access 70-642 Objective 1.3: Configure Routing 91. Complete the following statement. A router’s IP address _______________. A. Has to be on a different subnet than the computer B. Must be on the same subnet as the computer C. Can be on any subnet D. Must be configured statically 70-642 Objective 1.3: Configure Routing 92. When using multiple default gateways, you need to configure your routing to do what? A. Use static routing B. Use DHCP C. Use only one default gateway D. Use both default gateways 70-642 Objective 1.3: Configure Routing
Chapter 3
Configuring IPv4 and IPv6
39
93. Which of the following is an example of when you need to use static routing? A. Multiple default gateways B. All networks C. Communication with different remote networks D. No networks 70-642 Objective 1.3: Configure Routing 94. Which command-line tool should you use to configure static routing on a specific network? A. IPconfig B. Route C. TraceRT D. Ping 70-642 Objective 1.3: Configure Routing 95. Using the command-line tool route, how would you allow access to the 192.168.6.0/24 network with the router at 192.168.1.4? A. route –p add 192.168.6.0 Mask 255.255.255.0 192.168.1.4 B. route –p add 192.168.2.0/24 192.168.1.2 C. route –p add 192.168.2.0 192.168.1.2 D. route –p add 192.168.2.0 255.255.255.0 192.168.1.2 70-642 Objective 1.3: Configure Routing 96. In order to view the routing table, which route command should you use? A. route show B. route table C. route print D. route routing 70-642 Objective 1.3: Configure Routing 97. When looking at the routing table, routes with a netmask of 0.0.0.0 show what? A. A router B. The default gateway C. A client D. An interface 70-642 Objective 1.3: Configure Routing 98. This section of the routing table shows any routes that are added statically. A. IPv4 route table B. IPv6 route table C. Persistent routes D. Static addresses 70-642 Objective 1.3: Configure Routing
3
40
MCTS: Windows Server 2008 70-642 Q&A
99. When looking at the routing table, routes with a netmask of 255.255.255.255 show what? A. A router B. The default gateway C. A client D. An interface 70-642 Objective 1.3: Configure Routing 100. A loopback interface shows which network destination(s) in the routing table? A. 127.0.0.0 or 127.0.0.1 B. 0.0.0.0 C. 255.255.255.255 D. 224.0.0.0 70-642 Objective 1.3: Configure Routing 101. A multicast address shows which network destination(s) in the routing table? A. 127.0.0.0 or 127.0.0.1 B. 0.0.0.0 C. 255.255.255.255 D. 224.0.0.0 70-642 Objective 1.3: Configure Routing 102. Assume the following is a line from the route print output: 0.0.0.0
0.0.0.0
192.168.0.1
192.168.0.200
25
What is the default gateway? A. 0.0.0.0 B. 192.168.0.1 C. 192.168.0.200 D. Not possible to tell from this information 70-642 Objective 1.3: Configure Routing 103. Assume the following is a line from the route print output: 0.0.0.0
0.0.0.0
192.168.0.1
192.168.0.200
What is the subnet mask? A. 0.0.0.0 B. 192.168.0.1 C. 192.168.0.200 D. Not possible to tell from this information 70-642 Objective 1.3: Configure Routing
25
Chapter 3
Configuring IPv4 and IPv6
41
104. Assume the following is a line from the route print output: 10.10.0.0
255.255.0.0
On-link
192.168.2.102
11
What is the network? A. 10.10.0.0/11 B. 10.10.0.0 with a subnet mask of 255.255.0.0 C. 192.168.2.102 with a subnet mask of 255.255.0.0 D. 192.168.2.102/11 70-642 Objective 1.3: Configure Routing
3
105. Assume the following is a line from the route print output: 10.10.0.0
255.255.0.0
On-link
192.168.2.102
11
When this computer sends traffic to the 10.10.0.0/16 network, it sends it to where? A. The default gateway B. The router at 192.168.2.102 C. The router at 10.10.0.0 D. Nowhere; it is not properly configured 70-642 Objective 1.3: Configure Routing 106. You are in charge of a network that has computers on the 192.168.5.0/24 network and computers on the 192.168.6.0/24 subnet.The computers on the 192.168.5.0/24 network use the default gateway 192.168.5.1.You connect a separate router to both networks.You want clients on the 192.168.5.0/24 network to connect to clients on the 192.168.6.0/24 network. If the router has an address of 192.168.5.2, which command should you run? A. route add 192.168.6.0 MASK 255.255.255.0 192.168.5.1 B. route add 192.168.6.0 MASK 255.255.255.0 192.168.5.2 C. route add 192.168.5.1 MASK 255.255.255.0 192.168.6.0 D. route add 192.168.5.2 MASK 255.255.255.0 192.168.6.0 70-642 Objective 1.3: Configure Routing 107. In the following command, what does the –p do? route –p add 192.168.6.0 MASK 255.255.255.0 192.168.5.2
A. Tells the computer to remove this route after a restart B. Tells the computer to make the route persistent C. Tells the computer to make it a static route D. Tells the computer to enable routing and remote access service 70-642 Objective 1.3: Configure Routing
42
MCTS: Windows Server 2008 70-642 Q&A
108. Which of the following commands allow users to view the list of routers that are between the client and server? (Choose two.) A. Ipconfig B. Ping C. PathPing D. TraceRT E. Msconfig 70-642 Objective 1.3: Configure Routing 109. In order to use Routing Internet Protocol version 2 on Windows Server 2008, you must first install what? A. RIPv2 Service B. Internet Protocol Service C. Routing and Remote Access Service D. OSPF Service 70-642 Objective 1.3: Configure Routing 110. You are in charge of a network with a server running Windows Server 2008 with two network interface cards. Each card is connected to a different subnet with multiple routers on each. If you want the server to automatically identify the routers and different subnets you must enable what? A. RIP B. OSPF C. IPSec D. TCP/IP 70-642 Objective 1.3: Configure Routing 111. Which of the following are examples of Internet protocols? A. IPSec B. RIP C. OSPF D. TCP/IP E. ICMP 70-642 Objective 1.3: Configure Routing 112. What is another name for a router or gateway? A. Interface B. Hop C. Upstream server D. Downstream server 70-642 Objective 1.3: Configure Routing
Chapter 3
Configuring IPv4 and IPv6
43
113. This is a list of all IP destinations and how a computer can connect to them. A. Routing table B. Route list C. Persistent list D. RIP 70-642 Objective 1.3: Configure Routing 114. The route print command displays what output? A. Active Internet protocols B. Default gateways C. Routing table D. The route that packets travel between the client and server 70-642 Objective 1.3: Configure Routing 115. Which of the following is NOT part of the routing table? A. IPv4 route table B. Interface list C. IPv6 route table D. Inactive routes 70-642 Objective 1.3: Configure Routing 116. When looking at the output from the route print command, the following line shows the what? 0.0.0.0
0.0.0.0
192.168.0.1
192.168.0.200
25
A. Interface B. Loopback interface C. Default gateway D. Multicast address 70-642 Objective 1.3: Configure Routing 117. If a route identifies an interface in the output of a route print command, which choice will be the netmask? A. 0.0.0.0 B. 255.255.255.255 C. 127.0.0.0 D. 224.0.0.0 70-642 Objective 1.3: Configure Routing 118. A network destination of 224.0.0.0 shown in the output of a route print command identifies which of the following? A. An interface B. Default gateway C. Persistent route D. Multicast address 70-642 Objective 1.3: Configure Routing
3
44
MCTS: Windows Server 2008 70-642 Q&A
119. The following output is the result of which command?
A. TraceRT B. PathPing C. route add D. route print 70-642 Objective 1.3: Configure Routing 120. If the hop appears as three asterisks (***) when you run a PathPing or TraceRT, what is disabled on the node? A. TCP/IP B. ICMP C. RIP D. OSPF 70-642 Objective 1.3: Configure Routing
Chapter 3
Configuring IPv4 and IPv6
45
121. The following output is an example of which command?
3
A. TraceRT B. PathPing C. Msconfig D. route print 70-642 Objective 1.3: Configure Routing 122. The following output is an example of which command?
A. TraceRT B. PathPing C. Msconfig D. route print 70-642 Objective 1.3: Configure Routing
46
MCTS: Windows Server 2008 70-642 Q&A
123. The following image shows an example of what?
A. route print command output B. TraceRT command output C. Static routing table D. Dynamic routing table 70-642 Objective 1.3: Configure Routing 124. Which of the choices is a way to provide security for data sent between two computers on an IP-based network? A. TCP/IP B. IPSec C. ICMP D. RIP 70-642 Objective 1.4: Configure IPSec 125. IPSec provides which of the following services? A. Data authentication B. Data modification C. Routing protocol D. Encryption E. Password protection 70-642 Objective 1.4: Configure IPSec 126. This service from IPSec ensures that data is not changed during the transit between the two computers. A. Data authentication B. Data modification C. Routing protocol D. Encryption 70-642 Objective 1.4: Configure IPSec 127. Which of the following is NOT part of the data authentication service of IPSec? A. Data origin authentication B. Data integrity C. Making data unreadable during transit D. Anti-replay protection 70-642 Objective 1.4: Configure IPSec
Chapter 3
Configuring IPv4 and IPv6
47
128. What service provided by IPSec will make data unreadable to non-authenticated users? A. Data authentication B. Data modification C. Routing protocol D. Encryption 70-642 Objective 1.4: Configure IPSec 129. Which of the following enforces IPSec in Windows Server 2008 and Windows Vista? (Choose two.) A. IPSec rules B. IPSec policies C. Connection security rules D. Connection security policies E. IETF 70-642 Objective 1.4: Configure IPSec 130. By default, IPSec policies attempt to negotiate which services? A. Authentication B. Encryption C. Authentication and encryption D. Neither of these 70-642 Objective 1.4: Configure IPSec 131. By default, connection security rules attempt to negotiate which services? A. Authentication B. Encryption C. Authentication and encryption D. Neither of these 70-642 Objective 1.4: Configure IPSec 132. In order to assign an IPSec policy to an individual computer, you must use which one of the following? A. Group Policy B. Local Security Policy C. The IPSec wizard D. GPO 70-642 Objective 1.4: Configure IPSec 133. In order to assign an IPSec policy to a group of computers, you must use which one of the following? A. Group Policy B. Local Security Policy C. The IPSec wizard D. GPO 70-642 Objective 1.4: Configure IPSec
3
48
MCTS: Windows Server 2008 70-642 Q&A
134. Each IPSec policy is made out of one or more IPSec policy ____________. A. Filter lists B. Filters C. Rules D. Lists 70-642 Objective 1.4: Configure IPSec 135. Each IPSec policy rule is related to one IP ____________ and one ____________. A. Filter list/Filter action B. Filter action/Rule C. Rule/Filter list D. List/Filter action 70-642 Objective 1.4: Configure IPSec 136. An IP filter list contains a set of one or more IP ____________. A. Rules B. Lists C. Actions D. Filters 70-642 Objective 1.4: Configure IPSec 137. Which of the following is NOT a possible filter action for a rule? A. Block B. Permit C. Negotiate Security D. Allow Once 70-642 Objective 1.4: Configure IPSec 138. Possible filter actions include block, permit, and what else? A. Allow once B. Negotiate security C. Block once D. Ban 70-642 Objective 1.4: Configure IPSec 139. If an IPSec policy rule has only one IP filter, does it still have an IP filter list? A. Not unless specified B. Yes, it always does C. No, it never does D. IPSec policy rules never have IP filter lists 70-642 Objective 1.4: Configure IPSec
Chapter 3
Configuring IPv4 and IPv6
49
140. One difference between IPSec policies and connection security rules is which of the following? A. Connection security rules do not include filters and filter actions B. IPSec policies do not include filters and filter actions C. Connection security rules do not block, allow, or negotiate security D. Connection security rules are not configurable 70-642 Objective 1.4: Configure IPSec 141. Connection security rules apply to which types of IP traffic? A. Only specified types B. None C. All D. Only IPv6 traffic 70-642 Objective 1.4: Configure IPSec 142. What should you use to configure the connection security rules for any computer in the Windows firewall? A. WFAS console B. Local Security Policy C. Group Policy D. The Connection Security Rule wizard 70-642 Objective 1.4: Configure IPSec 143. When data is sent between two computers in an IPSec connection, the data is protected and known as what? A. Authentication Header B. Encapsulating Security Payload C. Security Association D. WFAS 70-642 Objective 1.4: Configure IPSec 144. Protection for a Security Association is given by which of the following IPSec protocols? A. AH B. ESP C. TCP/IP D. RIP E. ICMP 70-642 Objective 1.4: Configure IPSec
3
50
MCTS: Windows Server 2008 70-642 Q&A
145. This IPSec protocol provides data origin authentication, data integrity, and anti-replay protection for the entire packet. A. AH B. ESP C. TCP/IP D. RIP 70-642 Objective 1.4: Configure IPSec 146. This IPSec protocol provides data encryption, data encryption, data origin authentication, date integrity, and anti-replay protection for the payload. A. AH B. ESP C. TCP/IP D. RIP 70-642 Objective 1.4: Configure IPSec 147. In order to secure data in a Security Association (SA), you can use which of the following? A. Only Authentication Header (AH) B. Only Encapsulating Security Payload (ESP) C. Both Authentication Header and Encapsulating Security Payload D. All of these choices are correct 70-642 Objective 1.4: Configure IPSec 148. Which protocol creates a policy that creates the Security Association (SA)? A. AH B. ESP C. IKE D. TCP/IP 70-642 Objective 1.4: Configure IPSec 149. To create a secure connection, IKE goes through a process with how many stages? A. One B. Two C. Three D. Depends on the complexity of the SA 70-642 Objective 1.4: Configure IPSec 150. The first stage of an IKE process is called what? A. Slow mode B. Quick mode C. Main mode D. Secondary mode 70-642 Objective 1.4: Configure IPSec
Chapter 3
Configuring IPv4 and IPv6
51
151. The second stage of an IKE process is called what? A. Slow mode B. Quick mode C. Main mode D. Secondary mode 70-642 Objective 1.4: Configure IPSec 152. This is the most common mode that IPSec will be used in. A. Main mode B. Quick mode C. Transport mode D. Tunnel mode 70-642 Objective 1.4: Configure IPSec 153. This mode of IPSec is used in most IPSec-based VPNs. A. Main mode B. Quick mode C. Transport mode D. Tunnel mode 70-642 Objective 1.4: Configure IPSec 154. When a VPN gateway is not compatible with L2TP/IPSec VPNs, you can use which mode of IPSec? A. Main mode B. Quick mode C. Transport mode D. Tunnel mode 70-642 Objective 1.4: Configure IPSec 155. In this mode, an IP packet is secured and then hidden with a new, unprotected IP header. A. Main mode B. Quick mode C. Transport mode D. Tunnel mode 70-642 Objective 1.4: Configure IPSec 156. Which of the following is NOT one of the three methods of authentication for IPSec? A. Kerberos B. Certificates C. Preshared Key D. Encryption 70-642 Objective 1.4: Configure IPSec
3
52
MCTS: Windows Server 2008 70-642 Q&A
157. This is the default method of authentication in Active Directory for IPSec. A. Kerberos B. Certificates C. Preshared Key D. Password 70-642 Objective 1.4: Configure IPSec 158. In this authentication method, each host must install a computer certificate from a CA. A. Kerberos B. Certificates C. Preshared Key D. CA 70-642 Objective 1.4: Configure IPSec 159. Which authentication method is the LEAST secure? A. Kerberos B. Certificates C. Preshared Key D. CA 70-642 Objective 1.4: Configure IPSec 160. When defined with this default IPSec policy, the computer will only respond, and never request. A. Client B. Server C. Secure Server D. Secure Client 70-642 Objective 1.4: Configure IPSec 161. When it’s assigned which of the following default IPSec policies, the computer will request security verification from the sender of unsecured traffic, but will allow the connection to be unsecured. A. Client B. Server C. Secure Server D. Secure Client 70-642 Objective 1.4: Configure IPSec 162. When assigned this default IPSec policy, a computer will only accept secure traffic. A. Client B. Server C. Secure Server D. Secure Client 70-642 Objective 1.4: Configure IPSec
Chapter 3
Configuring IPv4 and IPv6
53
163. A computer can have how many IPSec policies defined to it? A. One B. Two C. No limit D. Depends on the defined policies 70-642 Objective 1.4: Configure IPSec 164. Which of the following pages of the Create IP Security wizard allows you to configure IPSec to use tunnel mode? A. Tunnel Endpoint page B. Network Type page C. IP Filter page D. Tunnel Mode page 70-642 Objective 1.4: Configure IPSec 165. Which of the following pages of the Create IP Security wizard allows you to limit the rule to local networks or to remote access connections? A. Tunnel Endpoint page B. Network Type page C. IP Filter page D. Remote Access page 70-642 Objective 1.4: Configure IPSec 166. Which of the following pages of the Create IP Security wizard allows you to assign a set of IP filters? A. Tunnel Endpoint page B. Network Type page C. IP Filter List page D. Remote Access page 70-642 Objective 1.4: Configure IPSec 167. On the Filter Action page of the Security Rule wizard, which of the following is NOT a predefined IP filter for IPSec policy rules? A. Permit B. Deny C. Request Security D. Require Security 70-642 Objective 1.4: Configure IPSec
3
54
MCTS: Windows Server 2008 70-642 Q&A
168. Which of the following is the predefined IPSec policy rule that allows the IP packets to pass through unsecured? A. Permit B. Deny C. Request Security D. Require Security 70-642 Objective 1.4: Configure IPSec 169. Which of the following is the predefined IPSec policy rule that allows the IP packets to pass through without being secured but asks the clients to negotiate security? A. Permit B. Deny C. Request Security D. Require Security 70-642 Objective 1.4: Configure IPSec 170. Which of the following is the predefined IPSec policy rule that makes the local computer request security from the source of the IP packets? A. Permit B. Deny C. Request Security D. Require Security 70-642 Objective 1.4: Configure IPSec 171. Which of the following pages of the Security Rule wizard allows you to select the method of authentication? A. Filter Action page B. Authentication Method page C. IP Filter List page D. Network Type page 70-642 Objective 1.4: Configure IPSec 172. By default, which method of authentication do IPSec rules rely on? A. Kerberos B. Certificates C. Preshared Key D. No method 70-642 Objective 1.4: Configure IPSec
Chapter 3
Configuring IPv4 and IPv6
55
173. Which of the following is NOT one of the pages in the New Connection Security Rule wizard? A. Rule Type page B. Endpoints page C. Encryption page D. Authentication page 70-642 Objective 1.4: Configure IPSec 174. This page in the New Connection Security Rule wizard allows you to create a specific rule type. A. Endpoints page B. Authentication page C. Rule Type page D. Rules page 70-642 Objective 1.4: Configure IPSec 175. Which of the following is NOT one of the four rule types available in the New Connection Security Rule wizard? A. Isolation rule B. Authentication Exemption rule C. Server-To-Server rule D. Encryption rule 70-642 Objective 1.4: Configure IPSec 176. This rule type in the New Connection Security Rule wizard is the general rule used to authenticate based on the profile selected in the Network and Sharing Center. A. Isolation rule B. Authentication Exemption rule C. Server-To-Server rule D. Tunnel rule 70-642 Objective 1.4: Configure IPSec
3
56
MCTS: Windows Server 2008 70-642 Q&A
177. The following window shows you the network location used in which rule?
A. Isolation rule B. Authentication Exemption rule C. Server-To-Server rule D. Tunnel rule 70-642 Objective 1.4: Configure IPSec 178. Which term is used to describe the ability to use connection security rules to block traffic from outside computers? A. Local isolation B. Domain isolation C. Local exemption D. Domain exemption 70-642 Objective 1.4: Configure IPSec 179. This rule type is used to exempt computers or groups of computers or even IP ranges from having to authenticate themselves. A. Isolation rule B. Authentication Exemption rule C. Server-To-Server rule D. Tunnel rule 70-642 Objective 1.4: Configure IPSec
Chapter 3
Configuring IPv4 and IPv6
57
180. This premade rule type allows you to manually authenticate communications between a specific IP address and sets of IP addresses. A. Isolation rule B. Authentication Exemption rule C. Server-To-Server rule D. Tunnel rule 70-642 Objective 1.4: Configure IPSec 181. This rule type is used to set up IPSec tunnel mode for VPN gateways. A. Isolation rule B. Authentication Exemption rule C. Server-To-Server rule D. Tunnel rule 70-642 Objective 1.4: Configure IPSec 182. On the Rule Type page of the New Connection Security Rule wizard, you can use this rule to make special settings or combinations of other rule types. A. Isolation rule B. Tunnel rule C. Custom rule D. Server-To-Server rule 70-642 Objective 1.4: Configure IPSec 183. Which page of the New Connection Security Rule wizard allows you to pick the remote computers that you want to create an IPSec connection with? A. Rule Type page B. Endpoints page C. Requirements page D. Authentication Method page 70-642 Objective 1.4: Configure IPSec 184. Which page of the New Connection Security Rule wizard allows you to determine whether you want communications to be authenticated? A. Rule Type page B. Endpoints page C. Requirements page D. Authentication Method page 70-642 Objective 1.4: Configure IPSec
3
58
MCTS: Windows Server 2008 70-642 Q&A
185. Which page of the New Connection Security Rule wizard allows you to select the method that is used when computer endpoints are authenticated? A. Rule Type page B. Endpoints page C. Requirements page D. Authentication Method page 70-642 Objective 1.4: Configure IPSec 186. Which page of the New Connection Security Rule wizard allows you to limit which network location types apply to the rule? A. Requirements page B. Authentication Method page C. Profile page D. Name page 70-642 Objective 1.4: Configure IPSec 187. Which page of the New Connection Security Rule wizard allows you to add a name and a description to the new rule? A. Requirements page B. Description page C. Profile page D. Name page 70-642 Objective 1.4: Configure IPSec 188. Opening the properties of the following highlighted item will give you the ability to modify which settings?
Chapter 3
Configuring IPv4 and IPv6
59
A. IPSec defaults B. ICMP exemptions C. Import policy D. Export policy E. Clear policy 70-642 Objective 1.4: Configure IPSec 189. Using the following image, if you select Advanced in the Data Protection area and then click Customize, you can configure which of the following?
A. Data encryption B. Date authentication C. Preshared Key D. None of the above 70-642 Objective 1.4: Configure IPSec
3
60
MCTS: Windows Server 2008 70-642 Q&A
190. Changing the IPSec exemptions in the following image will have what effect?
A. Allow you to customize the IPSec default settings B. Allow you to change key negotiations C. Allow you to make ICMP exempt from IPSec D. All of the above 70-642 Objective 1.4: Configure IPSec 191. If you want network connection to be encrypted on the dtilearning.com domain, which of the following should you do? A. Use IPSec in tunnel mode B. Use IPSec with Authentication Header C. Use IPSec with Encapsulating Security Payload D. Use IPSec with PPTP 70-642 Objective 1.4: Configure IPSec 192. You are in charge of two domains that are on the same Active Directory forest.Which authentication method should you use for IPSec? A. Preshared Key B. Certificates C. Kerberos D. Any of the above will work 70-642 Objective 1.4: Configure IPSec
CHAPTER
4
CONFIGURING NAME RESOLUTION T
his chapter contains 208 questions that all fall under Microsoft’s second main exam objective for the 70-642 exam,“Configuring Name Resolution.”This main objective consists of the following five sub-objectives: ■ ■ ■ ■ ■
Configure Configure Configure Configure Configure
a Domain Name System (DNS) server DNS zones DNS records DNS replication name resolution for client computers
Microsoft has given this main exam objective a weight of 27%, which is why I created 208 (out of a total of 800) test preparation questions for this chapter.
TEST PREPARATION QUESTIONS 1. The best way to install a DNS server on a Domain Controller is which of the following? A. Install the DNS server first and then make it a Domain Controller B. Install the Domain Controller first, then install the DNS server C. Install both at the same time D. You can’t have a DNS server on a Domain Controller 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 2. Dcpromo.exe does what? A. It promotes a server to a Domain Controller B. Installs only the AD DS binaries C. Launches the AD DS Installation wizard D. Installs the DNS server 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 3. During the AD DS Installation wizard, the name that you configure for the Active Directory domain also becomes the name for what? A. An external forwarder B. The associated DNS zone C. A root hint D. Nothing; it’s only for the Active Directory domain 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
61
4
62
MCTS: Windows Server 2008 70-642 Q&A
4. In the AD DS Installation wizard, the option to install a DNS server on the same Domain Controller is ____________. A. Not given in this wizard B. Not selected by default C. Selected by default D. Not available because you cannot install a DNS server on a Domain Controller 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 5. During the AD DS Installation wizard, if you choose to install the DNS server, what is configured automatically? A. Only the DNS server B. Only the hosted Forward Lookup zone C. Nothing D. Both the DNS server and the hosted Forward Lookup zone 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 6. To get to the DNS manager, you can do which of the following? A. Run Dcpromo.exe B. Click Start, go to Administrative Tools, and select DNS C. Run DNSmanager.exe D. Click Start, go to Administrative Tools, select Managers, and then select DNS 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 7. Which of the following commands will convert a server into a Domain Controller? A. dcpromote B. promoDc C. dcpromo D. DNSpromo 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 8. Is it possible to install a DNS server on a standalone server or on a member server in an Active Directory domain by using dcpromo? A. Yes B. No C. Only if the server is not also a Domain Controller D. You can’t install a DNS server on an Active Directory domain 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 9. Is it possible to install a DNS server on a Server Core installation of Windows Server 2008 by using dcpromo? A. Yes B. No C. Only if you do not use an unattended file D. You can’t install a DNS server on an Active Directory domain 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
Chapter 4
Configuring Name Resolution
63
10. In order to install the Active Directory Domain Services role on a Server Core installation of Windows Server 2008, you need to type which of the following commands at the command prompt? A. dcpromote /unattend: B. dcpromo /unattend: C. dcpromo D. dcpromo /unattend 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 11. To create a dcpromo answer file, you must do which of the following? A. Run dcpromo on a computer running a Server Core installation of Windows Server 2008 B. Run dcpromo on a computer running a full installation of Windows Server 2008 C. Run dcpromo /unattend D. Run dcpromo /unattend: 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 12. Which of the following commands installs a DNS server on a standalone or member server running a Server Core installation of Windows Server 2008? A. start /w ocsetup DNS-Server-Core-Role B. start /w ocsetup DNS-Server-Core-Role /install C. start /w DNS-Server-Core-Role D. start /w DNS-Server-Core-Role /install 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 13. Which of the following commands uninstalls a DNS server on a standalone or member server running a Server Core installation of Windows Server 2008? A. start /w ocsetup DNS-Server-Core-Role B. start /w ocsetup DNS-Server-Core-Role /uninstall C. start /w DNS-Server-Core-Role D. start /w DNS-Server-Core-Role /uninstall 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 14. When it’s first created, how much cached information does a DNS server contain? A. It is configured in the installation B. None C. A DNS server can’t contain cached information D. It has a list of all clients connected to the DNS server 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 15. Which of the following is NOT a reason for a cached record to be cleared? A. It exceeded its TTL value B. The DNS Server service is restarted C. The cache is cleared manually D. The cache is cleared automatically when the client changes information 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
4
64
MCTS: Windows Server 2008 70-642 Q&A
16. What type of server does not host any zones and is not authoritative for any domain? A. No-zone servers B. Caching-only servers C. No-domain servers D. Low-cache servers 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 17. If your network contains a slow wide area network link between sites, which type of server can improve performance? A. No-zone servers B. No-domain servers C. Low-cache servers D. Caching-only servers 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 18. If you want to improve name resolution for a network that is administered by people with little technical expertise, you should use which type of DNS server? A. No-zone servers B. Low-cache servers C. Caching-only servers D. No-domain servers 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 19. When looking at the DNS Server Properties dialog box, which tab allows you to specify which of the local computer’s IP addresses the DNS server should listen to for DNS requests? A. Interfaces tab B. Root Hints tab C. Forwarders tab D. Advanced tab 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 20. In the DNS Server Properties dialog box when looking at the Interfaces tab, where will the server listen for DNS requests by default? A. Only the public address B. Only the private address C. All IP addresses D. It will not listen by default 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
Chapter 4
Configuring Name Resolution
65
21. In the DNS Server Properties dialog box, which tab allows you to view the data stored in the WINDOWS\System32\Dns\Cache.dns file? A. Interfaces tab B. Root Hints tab C. Forwarders tab D. Advanced tab 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 22. In the DNS Server Properties dialog box, which tab allows you to set up the local DNS server to forward DNS queries to upstream DNS servers? A. Interfaces tab B. Root Hints tab C. Forwarders tab D. Advanced tab 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 23. Which of the following is the name of a DNS server that receives unresolved queries sent by a forwarding DNS server? A. Gateway B. Downstream server C. Upstream server D. Forwarder 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 24. When does a DNS server use forwarding? A. If it is configured to use forwarding it will use it every time it receives a query B. If it is configured, it will use forwarding only if it cannot resolve a query C. By default DNS servers will forward all queries, unless configured otherwise D. DNS servers cannot forward queries 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 25. Which of the following is NOT a result of using forwarders for DNS servers? A. Optimization of name resolution performance B. More configuration C. Clients in child domains can resolve queries for names in parent domains D. Resolution of names securely 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
4
66
MCTS: Windows Server 2008 70-642 Q&A
26. If your network is connected to the Internet using a slow link, which of the following should you use to improve your name resolution performance? A. Forwarders B. Upstream servers C. Downstream servers D. Gateways 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 27. Which of the following will allow you to configure your DNS servers to send all external queries to a single DNS outside of your firewall, in order to securely resolve external names? A. Upstream servers B. Downstream servers C. Forwarders D. Gateways 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 28. In order for a client in a child domain to resolve a query for a name in a parent domain, you must use which of the following? A. An upstream server B. A gateway C. Forwarding D. DHCP 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 29. Which of the following terms is used to describe a DNS server setup that allows queries for specific domains to be sent to other specific DNS servers? A. Conditional forwarding B. Specific forwarding C. Exclusion D. Recursion 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 30. In which of the following scenarios would the use of conditional forwarding be very useful? A. In all types of network setups B. When two separate networks merge into one C. Any type of domain network D. When you have secondary and stub zones 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
Chapter 4
Configuring Name Resolution
67
31. You work for a company that merges with another, so a lease line is set up to connect the networks.You’re in charge of configuring the DNS servers to allow queries to the other company. What should you do? A. Configure the DNS server to use external forwarders B. Configure the DNS server to use root hints C. Configure the DNS server to use conditional forwarding D. Configure the DNS server to use cache-only servers 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 32. Which of the following CANNOT be configured in the DNS server properties dialog box? A. Conditional forwarding for a domain B. Root hints C. Interfaces D. Forwarding for local networks 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 33. To configure conditional forwarding for a domain, you should use which of the following? A. DNS Server Properties dialog box B. Dcpromo.exe C. DNS manager console tree D. Conditional forwarding is configured by default 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 34. You want to specify new root servers to replace the default ones. What should you do? A. Configure a new HOSTS file B. Replace the cache.dns file with a new one that has the new root servers C. Configure a new lmhosts file D. Set up conditional forwarding 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 35. You are in charge of a company that has two separate networks in different cities, one in Chicago and one in Newark.You want each office to be able to resolve names and browse the network of the other.You also want the users in each network to keep Internet connectivity. How should the DNS be configured? A. Configure root servers for Chicago and have the DNS servers in Newark forward queries to the servers in Chicago B. Use conditional forwarding to set up the parent DNS servers for each to send queries destined for the other to the DNS servers of the other C. Configure the DNS servers of each to use the same external forwarder D. Configure the DNS servers in each to forward queries to the other 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
4
68
MCTS: Windows Server 2008 70-642 Q&A
36. Which of the following boxes would you select in order to install a DNS server?
A. Hyper-V B. DNS Server C. DHCP Server D. Active Directory Domain Services 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 37. When a field is entered in the following box, it becomes the Active Directory domain name. What other value does it set? A. Forward Lookup zone B. Reverse Lookup zone C. DNS zone name D. Conditional Forwarder
70-642 Objective 2.1: Configure a Domain Name System (DNS) server
Chapter 4
Configuring Name Resolution
69
38. Which of the following check boxes allows you to install a DNS server along with an Active Directory Domain Controller?
4
A. DNS server B. Global Catalog C. Read-Only Domain Controller D. DNS server and Global Catalog 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 39. The Export Settings button allows you to do what?
A. Create a backup for the settings to use on the same server B. Create an answer file C. Create a list of settings that you used to create this server D. Install a program to back up your installation of DNS server 70-642 Objective 2.1: Configure a Domain Name System (DNS) server
70
MCTS: Windows Server 2008 70-642 Q&A
40. What is the name of the tab shown in the following image?
A. Interfaces B. Forwarders C. Advanced D. Root Hints 70-642 Objective 2.1: Configure a Domain Name System (DNS) server 41. When you install a DNS server with a Domain Controller, a ____________ is created automatically. A. DNS zone B. Static route C. Scope D. Stub zone 70-642 Objective 2.2: Configure DNS zones 42. You are forced to create zones manually when you do which of the following? A. Install a DNS server with a Domain Controller B. Install a DNS server on a Domain Controller C. Install a DNS server with a backup Domain Controller D. You never have to manually create DNS zones 70-642 Objective 2.2: Configure DNS zones 43. What is a database containing records that link names with addresses for a declared part of a DNS namespace? A. ICMP B. IPSec policy C. DNS zone D. Scope 70-642 Objective 2.2: Configure DNS zones
Chapter 4
Configuring Name Resolution
71
44. For any part of a DNS namespace presented by a domain name, there can be how many sources of authoritative zone data? A. One B. Two C. Five D. Unlimited 70-642 Objective 2.2: Configure DNS zones 45. In order to create a new zone, you should use which of the following? A. newzone command B. New Zone wizard C. Zone /new command D. All zones are created automatically 70-642 Objective 2.2: Configure DNS zones 46. Which of the following is not a page of the New Zone wizard? A. Zone Type B. Zone Name C. Static Update D. Active Directory Zone Replication Scope 70-642 Objective 2.2: Configure DNS zones 47. This page of the New Zone wizard allows you to create a primary, secondary, or stub zone. A. Zone Type B. Zone Name C. Dynamic Update D. Active Directory Zone Replication Scope 70-642 Objective 2.2: Configure DNS zones 48. Which of the following CANNOT be created on the Zone Type page of the New Zone wizard? A. Primary zone B. Secondary zone C. Forward Lookup zone D. Stub zone 70-642 Objective 2.2: Configure DNS zones 49. If you are creating a primary or stub zone on a Domain Controller, which of the choices are available? A. Create a secondary zone B. Create a Forward Lookup zone C. Store zone data in Active Directory D. Store zone data locally on the DNS server 70-642 Objective 2.2: Configure DNS zones
4
72
MCTS: Windows Server 2008 70-642 Q&A
50. Which zone is the main type? A. Primary B. Secondary C. Stub D. Lookup 70-642 Objective 2.2: Configure DNS zones 51. This type of zone provides read-write source data that enables the local DNS server to answer DNS queries. A. Primary B. Secondary C. Stub D. Lookup 70-642 Objective 2.2: Configure DNS zones 52. A DNS server becomes a primary source for information about a zone when which of the following events occurs? A. It hosts a primary zone B. It hosts a secondary zone C. Both A and B D. It hosts a stub zone 70-642 Objective 2.2: Configure DNS zones 53. Where does a DNS server store a master copy of its zone data? (Choose two.) A. In a local file B. In Active Directory Domain Services C. Locally on the clients D. A or B 70-642 Objective 2.2: Configure DNS zones 54. By default, when a primary zone is stored locally on the DNS server, what is the name of the file? A. Zone.dns B. Primary.dns C. Zone_name.dns D. Primary_zone.dns 70-642 Objective 2.2: Configure DNS zones 55. When a copy of the zone data is stored locally on a DNS server, the default location is which of the following? A. %systemroot%\DNS folder B. %systemroot%\windows\DNS folder C. %systemroot%\system32 folder D. %systemroot%\system32\DNS folder 70-642 Objective 2.2: Configure DNS zones
Chapter 4
Configuring Name Resolution
73
56. This zone type provides a read-only copy of a primary zone or another zone of the same type. A. Secondary zone B. Stub zone C. Forward Lookup zone D. Reverse Lookup zone 70-642 Objective 2.2: Configure DNS zones 57. This zone type is used to spread DNS query traffic in heavily used parts of the network. A. Stub zone B. Secondary zone C. Forward Lookup zone D. Primary zone 70-642 Objective 2.2: Configure DNS zones 58. If the server hosting the primary zone goes down, the server hosting which zone will take over providing name resolution? A. Stub zone B. Forward Lookup zone C. Secondary zone D. Primary zone 70-642 Objective 2.2: Configure DNS zones 59. This term is used to describe the source of data for a secondary zone. A. Owner B. Primary C. Master D. Transfer 70-642 Objective 2.2: Configure DNS zones 60. When data is copied from a master to a secondary zone it is called what? A. Master transfer B. Zone transfer C. Primary transfer D. Zone update 70-642 Objective 2.2: Configure DNS zones 61. A master can be which of the following? A. Primary zone B. Secondary zone C. Stub zone D. A and B 70-642 Objective 2.2: Configure DNS zones
4
74
MCTS: Windows Server 2008 70-642 Q&A
62. To set a master of a secondary zone when you create it using the New Zone wizard, you must do which of the following? A. Set the master to view the secondary zone as a slave B. Set the master when creating the secondary zone C. Either A or B D. You cannot set the master from the New Zone wizard 70-642 Objective 2.2: Configure DNS zones 63. Which of the following is NOT true about secondary zones? A. They are a read-only B. They can be stored in AD DS C. They get their data from masters D. The process to update their data is called zone transfers 70-642 Objective 2.2: Configure DNS zones 64. This zone type only contains resource records necessary to ID the DNS servers for the master zone. A. Stub zone B. Forward Lookup zone C. Secondary zone D. Primary zone 70-642 Objective 2.2: Configure DNS zones 65. This zone type is often used to let a parent zone like dtilearning.com keep an up-to-date list of the name servers available in a delegated child zone, like north.dtilearning.com. A. Forward Lookup zone B. Stub zone C. Secondary zone D. Primary zone 70-642 Objective 2.2: Configure DNS zones 66. This zone type can be used to simplify DNS administration and improve name resolution. A. Forward Lookup zone B. Secondary zone C. Primary zone D. Stub zone 70-642 Objective 2.2: Configure DNS zones 67. When you create a new primary or stub zone, you are also prompted to do which of the following? A. Store the zone locally B. Store the zone in Active Directory C. Create a secondary zone D. Store the zone on the DNS server 70-642 Objective 2.2: Configure DNS zones
Chapter 4
Configuring Name Resolution
75
68. The option to store zone data in Active Directory gives you which of the following benefits? A. Allows you to create a secondary zone B. Allows you to set up a secondary server C. Eliminates the need for a secondary server D. Eliminates the need for a secondary zone 70-642 Objective 2.2: Configure DNS zones 69. If you integrate a DNS zone with Active Directory, you do not need to set up a method for DNS zone transfers between primary and secondary servers. Why? A. Active Directory does the zone replication for you B. There is no need for primary servers in Active Directory C. There is no need for secondary servers in Active Directory D. All of these are correct 70-642 Objective 2.2: Configure DNS zones 70. An effect of using Active Directory with your DNS server is which of the following? A. Cannot replicate or update single properties of resource records B. Forces you to use a secondary server for zone transfers C. Allows single properties of resource records to be replicated and updated D. None of these is correct 70-642 Objective 2.2: Configure DNS zones 71. When using Active Directory integrated zones, you also get the optional benefit of what? A. Unrestricted dynamic updates B. Security for dynamic updates C. Faster name resolution D. Zone backups 70-642 Objective 2.2: Configure DNS zones 72. For regular Domain Controllers, the copy of a zone is of which type? A. Read-only B. Write-only C. Read-write D. None of the above 70-642 Objective 2.2: Configure DNS zones 73. For read-only Domain Controllers the copy of the zone is in which format? A. Read-only B. Write-only C. Read-write D. None of the above 70-642 Objective 2.2: Configure DNS zones
4
76
MCTS: Windows Server 2008 70-642 Q&A
74. If you clear the “Store the Zone in Active Directory” check box during the New Zone wizard, you create which type of zone? A. Default zone B. Standard zone C. Normal zone D. Local zone 70-642 Objective 2.2: Configure DNS zones 75. When you are creating a zone on a non-Domain Controller, this is your only option for a new zone. A. Normal zone B. Default zone C. Standard zone D. Local zone 70-642 Objective 2.2: Configure DNS zones 76. A standard zone stores its data in which of the following? A. Active Directory B. DNS clients C. Secondary server D. Local DNS server 70-642 Objective 2.2: Configure DNS zones 77. All primary copies of a standard zone are in which format? A. Read-only B. Write-only C. Read-write D. None of the above 70-642 Objective 2.2: Configure DNS zones 78. All secondary copies of a standard zone are in which format? A. Read-only B. Write-only C. Read-write D. None of the above 70-642 Objective 2.2: Configure DNS zones 79. In a standard zone model, if the primary zone becomes deactivated, what will happen? A. You can still make changes to the zone, but queries for names will fail B. You cannot make changes to the zone, but queries for names will succeed C. You cannot make changes to the zone and queries for names will fail D. You can still make changes to the zone, and queries for names will succeed 70-642 Objective 2.2: Configure DNS zones
Chapter 4
Configuring Name Resolution
77
80. The following page appears when you select which option on the Zone Type page of the New Zone wizard?
4
A. Primary zone B. Secondary zone C. Stub zone D. Store zone in Active Directory 70-642 Objective 2.2: Configure DNS zones 81. On the Active Directory Zone Replication Scope page, which option allows you to store the zone in all DNS servers that are also Domain Controllers in the entire Active Directory? A. To all DNS servers in this forest B. To all DNS servers in this domain C. To all Domain Controllers in this domain D. To all Domain Controllers specified in the scope of this directory partition 70-642 Objective 2.2: Configure DNS zones 82. On the Active Directory Zone Replication Scope page, which option allows you to store the zone in all DNS servers that are also Domain Controllers in the local Active Directory domain? A. To all DNS servers in this forest B. To all DNS servers in this domain C. To all Domain Controllers in this domain D. To all Domain Controllers specified in the scope of this directory partition 70-642 Objective 2.2: Configure DNS zones
78
MCTS: Windows Server 2008 70-642 Q&A
83. On the Active Directory Zone Replication Scope page, which option allows you to store the zone in all Domain Controllers in the local domain for compatibility with Windows 2000? A. To all DNS servers in this forest B. To all DNS servers in this domain C. To all Domain Controllers in this domain D. To all Domain Controllers specified in the scope of this directory partition 70-642 Objective 2.2: Configure DNS zones 84. On the Active Directory Zone Replication Scope page, which option allows you to store the zone in all Domain Controllers in a specific scope of a custom Active Directory partition? A. To all DNS servers in this forest B. To all DNS servers in this domain C. To all Domain Controllers in this domain D. To all Domain Controllers specified in the scope of this directory partition 70-642 Objective 2.2: Configure DNS zones 85. In this type of zone, the DNS server maps a fully qualified domain name (FQDN) to IP addresses. A. Forward Lookup zone B. Reverse Lookup zone C. Standard zone D. Active Directory-integrated zone 70-642 Objective 2.2: Configure DNS zones 86. In this type of zone, DNS servers map IP addresses to fully qualified domain names (FQDNs). A. Forward Lookup zone B. Reverse Lookup zone C. Standard zone D. Active Directory-integrated zone 70-642 Objective 2.2: Configure DNS zones 87. This type of zone answers queries to resolve fully qualified domain names (FQDNs) to IP addresses. A. Forward Lookup zone B. Reverse Lookup zone C. Standard zone D. Active Directory-integrated zone 70-642 Objective 2.2: Configure DNS zones 88. This type of zone answers queries to resolve IP addresses to fully qualified domain names (FQDNs). A. Forward Lookup zone B. Reverse Lookup zone C. Standard zone D. Active Directory-integrated zone 70-642 Objective 2.2: Configure DNS zones
Chapter 4
Configuring Name Resolution
79
89. Which type of zone takes the DNS domain name for which you want to provide resolution? A. Reverse Lookup zone B. Primary zone C. Secondary zone D. Forward Lookup zone 70-642 Objective 2.2: Configure DNS zones 90. Which zone type is named using a formula that takes the first three octets of the address space for which you want to provide name resolution, reverses them, and then adds an ending tag of in-addr.arpa? A. Reverse Lookup zone B. Primary zone C. Secondary zone D. Forward Lookup zone 70-642 Objective 2.2: Configure DNS zones 91. Inside a Forward Lookup zone, an entry that maps a host name to an address is known as which of the following? A. Host B. Pointer C. PTR record D. B record 70-642 Objective 2.3: Configure DNS records 92. Inside a Reverse Lookup zone, an entry that maps an address host ID to a host name is called which of the following? A. Host B. Pointer C. A record D. B record 70-642 Objective 2.3: Configure DNS records 93. You work at an organization that has two Active Directory domains named dtilearning.com and north.dtilearning.com. What should the two zones providing name resolution for those Active Directory domains be called? A. Both called dtilearning.com B. Both called north.dtilearning.com C. One called dtilearning.com and one called north.dtilearning.com D. The names do not matter 70-642 Objective 2.2: Configure DNS zones
4
80
MCTS: Windows Server 2008 70-642 Q&A
94. Using default settings, DNS clients with ____________ IP addresses attempt to update host and pointer records. A. Static B. Dynamic C. DHCP D. Workgroup 70-642 Objective 2.3: Configure DNS records 95. DNS clients that are also DHCP clients attempt to update which records? A. Host B. Pointer C. Both host and pointer D. None 70-642 Objective 2.3: Configure DNS records 96. When in a workgroup environment, the DHCP server updates which record when the IP configuration is renewed? A. Host B. Pointer C. Both host and pointer D. None 70-642 Objective 2.3: Configure DNS records 97. In order for dynamic DNS updates to work, the zone that the clients are attempting to use must ____________. A. Be configured for records B. Be configured to accept non-secure updates C. Be configured to accept dynamic updates D. Be configured to accept only secure updates 70-642 Objective 2.3: Configure DNS records 98. Which of the following are types of dynamic updates? A. Secure updates B. Insecure updates C. Non-secure updates D. Authenticated updates E. Non-authenticated updates 70-642 Objective 2.3: Configure DNS records
Chapter 4
Configuring Name Resolution
81
99. This type of dynamic update allows registrations from only Active Directory domain members and updates only from the computer that performed the registration. A. Authenticated update B. Secure update C. Registered update D. Non-secure update 70-642 Objective 2.3: Configure DNS records 100. This type of dynamic update allows updates from any computer. A. Non-authenticated update B. Non-registered update C. Non-secure update D. Secure update 70-642 Objective 2.3: Configure DNS records 101. The Dynamic Update page of the New Zone wizard allows you to specify all of the following EXCEPT which? A. Allow only secure updates B. Allow only non-secure updates C. Allow both secure and non-secure updates D. Don’t allow dynamic updates 70-642 Objective 2.3: Configure DNS records 102. Which of the following commands forces the DNS client to perform a dynamic update? A. ipconfig /update B. ipconfig /dns C. ipconfig /registerdns D. ipconfig /dynamic 70-642 Objective 2.3: Configure DNS records 103. What does a server require if you want to store a zone in Active Directory? A. The server needs to be a DNS server B. The server needs to be a DHCP server C. The server needs to be a WINS server D. The server needs to be a Domain Controller 70-642 Objective 2.2: Configure DNS zones 104. When you create a new zone, which record(s) is/are created automatically? A. Start of Authority (SOA) record B. Name Server (NS) record C. Both SOA and NS records D. No records are created automatically 70-642 Objective 2.3: Configure DNS records
4
82
MCTS: Windows Server 2008 70-642 Q&A
105. This type of record shows basic properties for the zone. A. Name Server (NS) B. Start of Authority (SOA) C. Mail Exchanger (MX) D. Alias (CNAME) 70-642 Objective 2.3: Configure DNS records 106. Which type of zone has the name of the server authoritative for the zone? A. Start of Authority (SOA) B. Mail Exchanger (MX) C. Alias (CNAME) D. Name Server (NS) 70-642 Objective 2.3: Configure DNS records 107. When a zone is loaded on a DNS server, which record is used to find the basic and authoritative properties of the zone? A. Mail Exchanger (MX) B. Start of Authority (SOA) C. Alias (CNAME) D. Name Server (NS) 70-642 Objective 2.3: Configure DNS records 108. What information is displayed in the Serial Number text box of the Start of Authority (SOA) tab? A. Revision number B. Full computer name of the primary DNS server in the zone C. A domain mailbox for a zone administrator D. Time before a zone renewal 70-642 Objective 2.3: Configure DNS records 109. When a zone is configured to have one or more secondary servers, what is it called when a secondary server queries the master server for the serial number of the zone? A. NS query B. SOA query C. Master query D. SN query 70-642 Objective 2.3: Configure DNS records 110. If after a SOA query, the serial number of the master zone is equal to that of the secondary server, what happens to the transfer? A. The transfer is made B. The transfer is not made C. The transfer is made only if that is the only secondary server D. It depends on how the master server is configured 70-642 Objective 2.3: Configure DNS records
Chapter 4
Configuring Name Resolution
83
111. If after an SOA query, the serial number of the master zone is greater than the serial number of the secondary server, what happens to the transfer? A. The transfer is made B. The transfer is not made C. The transfer is made only if that is the only secondary server D. It depends on how the master server is configured 70-642 Objective 2.3: Configure DNS records 112. In the Start of Authority (SOA) tab, after the Serial Number text box is a box labeled Increment. What does the Increment box do? A. Raises the serial number B. Lowers the serial number C. Forces a zone transfer D. Cancels the next zone transfer 70-642 Objective 2.3: Configure DNS records 113. What information is displayed in the Primary Server text box of the Start Of Authority (SOA) tab? A. Revision number B. Full computer name of the primary DNS server in the zone C. A domain mailbox for a zone administrator D. Time before a zone renewal 70-642 Objective 2.3: Configure DNS records 114. What information is displayed in the Responsible Person text box of the Start of Authority (SOA) tab? A. Revision number B. Full computer name of the primary DNS server in the zone C. A domain mailbox for a zone administrator D. Time before a zone renewal 70-642 Objective 2.3: Configure DNS records 115. What is the default name used in the Responsible Person text box of the Start of Authority (SOA) tab? A. Master B. Administrator C. Host master D. Rp 70-642 Objective 2.3: Configure DNS records
4
84
MCTS: Windows Server 2008 70-642 Q&A
116. The value placed in the Refresh Interval field of the Start of Authority (SOA) tab means which of the following? A. Revision number B. Length of time a secondary server will continue to answer queries without contact from its master server C. Time between zone renewal attempts D. Time before a zone renewal 70-642 Objective 2.3: Configure DNS records 117. The default value for the Refresh Interval field of the Start of Authority (SOA) tab is which of the following? A. 1 minute B. 15 minutes C. 1 hour D. 1 day 70-642 Objective 2.3: Configure DNS records 118. Increasing the Refresh Interval field of the Start of Authority (SOA) tab causes which of the following? A. Increased zone transfer traffic B. Decreased zone transfer traffic C. Increased retry interval D. None of the above 70-642 Objective 2.3: Configure DNS records 119. The value placed in the Retry Interval box of the Start of Authority (SOA) box determines which of the following? A. Revision number B. Length of time a secondary server will continue to answer queries without contact from its master server C. Time between zone renewal attempts D. Time before a zone renewal 70-642 Objective 2.3: Configure DNS records 120. The value configured in the Expires After field of the Start of Authority (SOA) tab determines which of the following? A. Revision number B. Length of time a secondary server will continue to answer queries without contact from its master server C. Time between zone renewal attempts D. Time before a zone renewal 70-642 Objective 2.3: Configure DNS records
Chapter 4
Configuring Name Resolution
85
121. The default value for the Expires After field of the Start of Authority (SOA) tab is which of the following? A. 1 minute B. 15 minutes C. 1 hour D. 1 day 70-642 Objective 2.3: Configure DNS records 122. The value configured for the Minimum (default) TTL box of the Start of Authority (SOA) tab determines which of the following? A. Default time to live B. Default retry interval C. Default expiration time D. Default refresh interval 70-642 Objective 2.3: Configure DNS records 123. The default value for the Minimum (default) TTL box of the Start of Authority (SOA) tab is which of the following? A. 1 minute B. 15 minutes C. 1 hour D. 1 day 70-642 Objective 2.3: Configure DNS records 124. This type of record specifies the authoritative server for a given zone. A. Start of Authority (SOA) server B. Name Server (NS) C. Mail Exchange (MX) D. Alias (CNAME) 70-642 Objective 2.3: Configure DNS records 125. On a Windows Server 2008 server hosting a primary zone, how is the name server record created? A. Automatically B. Manually C. Specified when creating the zone D. None of the above 70-642 Objective 2.3: Configure DNS records
4
86
MCTS: Windows Server 2008 70-642 Q&A
126. On a Windows Server 2008 server hosting a secondary zone, how is the name server record created? A. Automatically B. Manually C. Specified when creating the zone D. None of the above 70-642 Objective 2.3: Configure DNS records 127. The most common types of records that you need to create manually do NOT include which of the following? A. Host (A or AAAA) B. Mail Exchanger (MX) C. Pointer (PTR) D. Start of Authority (SOA) 70-642 Objective 2.3: Configure DNS records 128. Which of the following is a record that must be created manually? A. Mail Exchanger (MX) B. Start of Authority (SOA) C. Name Server (NS) D. Host (A or AAAA) 70-642 Objective 2.3: Configure DNS records 129. This type of record makes up the majority of resource records in a zone database. A. Host B. Alias C. Pointer D. Service location 70-642 Objective 2.3: Configure DNS records 130. Which type of record is used to tie names to IP addresses? A. Alias B. Pointer C. Host D. Name Server 70-642 Objective 2.3: Configure DNS records 131. You are having trouble with one of the computers on your network. You are able to ping other computers using an IP address but not by name.Which of the following would fix this problem? A. Create a new alias resource record B. Create a new pointer resource record C. Create a new Mail Exchanger resource record D. Create a new host resource record 70-642 Objective 2.3: Configure DNS records
Chapter 4
Configuring Name Resolution
87
132. If you are trying to fix a problem caused by a missing host record to a client computer that is using Windows 2000 or later, which of the following commands can you use? A. ipconfig /newhost B. ipconfig /registerdns C. ipconfig /host D. ipconfig /registerhost 70-642 Objective 2.3: Configure DNS records 133. This type of record is also known as the canonical name. A. Host B. Pointer C. Alias D. Mail Exchanger 70-642 Objective 2.3: Configure DNS records 134. Which type of record allows you to use multiple names for the same host? A. Host B. Alias C. Pointer D. Mail Exchanger 70-642 Objective 2.3: Configure DNS records 135. Often-used server names such as ftp or www are normally registered using which type of resource record? A. Alias B. Host C. Pointer D. Mail Exchanger 70-642 Objective 2.3: Configure DNS records 136. If a host tied to an A resource record located in the same zone needs to change names, which type of resource record would you use? A. Pointer B. Mail Exchanger C. Alias D. Service location 70-642 Objective 2.3: Configure DNS records 137. This type of record is used by email applications to find a mail server inside of a zone. A. Host B. Alias C. Mail Exchanger D. Service location 70-642 Objective 2.3: Configure DNS records
4
88
MCTS: Windows Server 2008 70-642 Q&A
138. Which type of record would allow a domain name such as dtilearning.com, inside of an email address such as [email protected], to be mapped to a host record for the computer hosting the mail server in the zone? A. Mail Exchanger B. Host C. Alias D. Service location 70-642 Objective 2.3: Configure DNS records 139. If no specific mail server is specified in an email address, which record is used to find the mail server? A. Service location B. Host C. Alias D. Mail Exchanger 70-642 Objective 2.3: Configure DNS records 140. Located inside the dtilearing.com.dns zone file are the following lines.Which type of resource record does this show? @ @ @
A. Host B. Alias C. Mail Exchanger D. Pointer 70-642 Objective 2.3: Configure DNS records 141. In the following example of a portion of the dtilearing.com.dns zone file, which of the mail servers would be given the highest preference? @ @ @ @
A. Mailserv1 B. Mailserv2 C. Mailserv3 D. Mailserv4 70-642 Objective 2.3: Configure DNS records
Chapter 4
Configuring Name Resolution
89
142. Which type of resource record is used in Reverse Lookup zones to only support reverse lookups? A. Host B. Alias C. Pointer D. Mail Exchanger 70-642 Objective 2.3: Configure DNS records 143. The following example from a zone file is which type of resource record? 10
PTR
server1.dtilearning.com
A. Host B. Alias C. Pointer D. Service location 70-642 Objective 2.3: Configure DNS records 144. This type of resource record is used to find the location of certain services on the domain. A. Host B. Pointer C. Service location D. Alias 70-642 Objective 2.3: Configure DNS records 145. If a computer wants to find a Domain Controller in the dtilearning.com domain, which of the following is the correct SRV query? A. _ldap._tcp.dtilearning.com B. _ldap.dtilearning.com C. _tcp.dtilearing.com D. _ldap._tcp.SRV.dtilearning.com 70-642 Objective 2.3: Configure DNS records 146. The following is an example of which type of record that was created manually? _ldap._tcp
SRV SRV
0 0 389 10 0 389
dc1.dtilearning.com dc2.dtilearning.com
A. Host B. Alias C. Pointer D. Service location 70-642 Objective 2.3: Configure DNS records
4
90
MCTS: Windows Server 2008 70-642 Q&A
147. When you specify a WINS server in the WINS tab in the properties of a Forward Lookup zone, which type of resource record is created? A. Pointer B. WINS C. WINS-R D. Service location 70-642 Objective 2.3: Configure DNS records 148. When you specify a WINS server in the WINS tab in the properties of a Reverse Lookup zone, which type of resource record is created? A. WINS B. WINS-R C. Pointer D. Host 70-642 Objective 2.3: Configure DNS records 149. What term is used to describe the process of using timestamps to track the age of dynamically registered resource records? A. Scavenging B. Timestamping C. Aging D. Tracking 70-642 Objective 2.3: Configure DNS records 150. Which term is used to describe the process of deleting old resource records in which timestamps have been placed? A. Scavenging B. Aging C. Tracking D. Timestamping 70-642 Objective 2.3: Configure DNS records 151. ____________ can be used only when ____________ is enabled. A. Aging/scavenging B. Scavenging/aging C. Tracking/timestamping D. Timestamping/tracking 70-642 Objective 2.3: Configure DNS records 152. To enable aging for a certain zone, it must be enabled at which of the following levels? A. Server B. Zone C. Local D. Server and Zone 70-642 Objective 2.3: Configure DNS records
Chapter 4
Configuring Name Resolution
91
153. When a resource record is created manually, what is the default timestamp assigned to the record? A. 0 B. 10 C. 50 D. 99 70-642 Objective 2.3: Configure DNS records 154. What is the name of the period after a timestamp whereby a zone or server will not accept a timestamp refresh? A. No-refresh interval B. Refresh interval C. No-accept interval D. Reject interval 70-642 Objective 2.3: Configure DNS records 155. This feature prevents the server from loading unnecessary refreshes and reduces unneeded zone traffic. A. Refresh interval B. Reject interval C. No-refresh interval D. Loading interval 70-642 Objective 2.3: Configure DNS records 156. The default no-refresh interval is which of the following? A. 1 day B. 7 days C. 14 days D. 1 month 70-642 Objective 2.3: Configure DNS records 157. This is the period after the no-refresh interval in which timestamps refreshes are accepted. A. Refresh interval B. Renew interval C. Scavenge interval D. Fresh interval 70-642 Objective 2.3: Configure DNS records 158. Records can be scavenged only after which interval(s) expire? A. No-refresh B. Refresh C. No-refresh and refresh D. Records can be scavenged at any time 70-642 Objective 2.3: Configure DNS records
4
92
MCTS: Windows Server 2008 70-642 Q&A
159. The default setting for the refresh interval is which of the following? A. 1 day B. 7 days C. 14 days D. 1 month 70-642 Objective 2.3: Configure DNS records 160. The refresh interval should be ____________ the no-refresh interval. A. Less than B. Less than or equal to C. Greater than D. Greater than or equal to 70-642 Objective 2.3: Configure DNS records 161. This type of zone will give you access to selected resources through single-label names without using WINS. A. Standard B. Active Directory-integrated C. GlobalNames D. Global 70-642 Objective 2.2: Configure DNS zones 162. The three basic steps to setting up a GlobalNames zone are the following EXECPT for which? A. Enable GlobalNames zone support B. Create a Reverse Lookup zone called GlobalNames C. Create a Forward Lookup zone called GlobalNames D. Add alias resource records to the zone 70-642 Objective 2.2: Configure DNS zones 163. Which of the following is the correct command you must use on every DNS in which the GlobalNames zone will be created? A. dnscmd . /config /enableglobalnamessupport 1 B. /enableglobalnamessupport 1 C. /config /enableglobalnamessupport 1 D. dnscmd /enableglobalnamessupport 1 70-642 Objective 2.2: Configure DNS zones 164. When creating a GlobalNames zone, which type of zone do you have to create? A. A Reverse Lookup zone renamed GlobalNames B. A Forward Lookup zone renamed GlobalNames C. A standard zone renamed GlobalNames D. A Global zone 70-642 Objective 2.2: Configure DNS zones
Chapter 4
Configuring Name Resolution
93
165. Which type of record do you need to add to the GlobalNames zone to provide single-label name resolution? A. Host B. Pointer C. Service location D. Alias 70-642 Objective 2.2: Configure DNS zones 166. Active Directory-integrated zones can be installed on which type of server? A. On any DNS server B. Only on Domain Controllers C. On Domain Controllers with a DNS server role D. On any type of server 70-642 Objective 2.4: Configure DNS replication 167. Which of the following is NOT a reason that Active Directory-integrated zones are preferable to standard zones? A. Multimaster data replication B. Simpler configuration C. Improved security D. No need for a domain 70-642 Objective 2.4: Configure DNS replication 168. This term is used to describe the data structure in Active Directory that separates data for replication purposes. A. Break B. Partition C. Application D. Directory 70-642 Objective 2.4: Configure DNS replication 169. Which of the following are the two default application directory partitions? A. LocalDNSZones B. ForestDNSZones C. ClientDNSZones D. DomainDNSZones E. ServerDNSZones 70-642 Objective 2.4: Configure DNS replication
4
94
MCTS: Windows Server 2008 70-642 Q&A
170. By default when creating a new application directory partition, where does the partition exist? A. Only on the server in which it was created B. On all servers in Active Directory C. On all clients D. None of the above 70-642 Objective 2.4: Configure DNS replication 171. The Active Directory Zone Replication Scope page gives you four options in which to store the zone. Which option stores the new zone in the ForestDNSZones partition? A. To All DNS Servers In This Forest B. To All DNS Servers In This Domain C. To All Domain Controllers In This Domain D. To All Domain Controllers Specified In The Scope Of This Directory Partition 70-642 Objective 2.4: Configure DNS replication 172. The Active Directory Zone Replication Scope page gives you four options in which to store the zone. Which option stores the new zone in the DomainDNSZones partition? A. To All DNS Servers In This Forest B. To All DNS Servers In This Domain C. To All Domain Controllers In This Domain D. To All Domain Controllers Specified In The Scope Of This Directory Partition 70-642 Objective 2.4: Configure DNS replication 173. The Active Directory Zone Replication Scope page gives you four options in which to store the zone. Which option stores the zone in the domain partition? A. To All DNS Servers In This Forest B. To All DNS Servers In This Domain C. To All Domain Controllers In This Domain D. To All Domain Controllers Specified In The Scope Of This Directory Partition 70-642 Objective 2.4: Configure DNS replication 174. The Active Directory Zone Replication Scope page gives you four options in which to store the zone.Which option stores the zone in the user-created application directory partition that is specified in the drop-down list box? A. To All DNS Servers In This Forest B. To All DNS Servers In This Domain C. To All Domain Controllers In This Domain D. To All Domain Controllers Specified In The Scope Of This Directory Partition 70-642 Objective 2.4: Configure DNS replication
Chapter 4
Configuring Name Resolution
95
175. In the following image, which option would you select in order to change the replication scope for the zone?
4
A. Pause B. Type: Change C. Replication: Change D. Aging 70-642 Objective 2.4: Configure DNS replication 176. Which of the following commands would create a custom application directory partition? A. dnscmd servername /createdirectorypartition FQDN B. dnscmd servername /enlistdirectorypartition FQDN C. dnscmd /createdirectorypartition FQDN D. /createpartition FQDN 70-642 Objective 2.4: Configure DNS replication 177. To add DNS servers to a created custom application directory partition, you would use which of the following commands? A. dnscmd servername /createdirectorypartition FQDN B. dnscmd servername /enlistdirectorypartition FQDN C. dnscmd /enlistorypartition FQDN D. /enlisttion FQDN 70-642 Objective 2.4: Configure DNS replication 178. Which of the following is the proper use of the command to add application directory partitions if the partition is to be names DNSpart1 on a computer named serv1 in the Active Directory domain dtilearning.com? A. dnscmd serv1 /createpartition DNSpart1.dtilearning.com B. dnscmd serv1 /createdirectorypartition DNSpart1.dtilearning.com C. dnscmd serv1 /createapplicationdirectorypartition DNSpart1.dtilearning.com D. dnscmd serv1 /create DNSpart1.dtilearning.com 70-642 Objective 2.4: Configure DNS replication
96
MCTS: Windows Server 2008 70-642 Q&A
179. If you want to add a computer named serv2 to the application directory partition, which command would you use? The partition is called DNSpart1 and the domain is dtilearning.com. A. dnscmd /enlist serv2 DNSpart1.dtilearning.com B. dnscmd serv2 /enlist DNSpart1.dtilearning.com C. dnscmd serv2 /enlistdirectorypartition DNSpart1.dtilearning.com D. dnscmd /enlistdirectorypartition serv2 DNSpart1.dtilearning.com 70-642 Objective 2.4: Configure DNS replication 180. Assuming all of your DNS servers are also Domain Controllers, you would want to use which of the following to keep zone data the same among the DNS servers? A. Active Directory-integrated zones B. Active Directory replication C. Zone transfers D. Zone copies 70-642 Objective 2.4: Configure DNS replication 181. This term is used to describe when a secondary zone pulls a copy of the zone data from a master zone. A. Active Directory replication B. Zone copy C. Zone transfer D. Active Directory copy 70-642 Objective 2.4: Configure DNS replication 182. The master of a secondary zone can be which of the following? A. Primary zone B. Secondary zone C. Active Directory-integrated primary zone D. All of the above 70-642 Objective 2.4: Configure DNS replication 183. If your DNS server is not a Domain Controller also, where must the zone data be stored? A. Active Directory B. Local text file on the DNS server C. Local text file on the clients D. Local text file on the Domain Controller 70-642 Objective 2.4: Configure DNS replication 184. Which of the following events will NOT trigger a zone transfer? A. When the refresh interval of the primary zone’s SOA resource record expires B. When a server hosting a secondary server starts C. When a server hosting a primary server starts D. When a change occurs in the setup of the primary zone and this zone is configured to send updates when it is modified 70-642 Objective 2.4: Configure DNS replication
Chapter 4
Configuring Name Resolution
97
185. Match the following terms with their correct definition in the table. A. Secondary zone B. Zone transfer C. Primary zone D. Stub zone Zone copies that occur between a master and a secondary zone in order to keep zone data up to date. A read-write copy that is the original source for zone data for a part of a DNS namespace. A standard zone stored in a text file in read-only format. A zone that consists of a list of servers authoritative for names in a DNS domain. 70-642 Objective 2.4: Configure DNS replication 186. Match the following sub-options from the Zone Transfers tab of the Zone Properties dialog box by writing the letter in the correct cell. A. Allows you to give a list of secondary servers that will allow zone transfers. B. Allows anyone with network access to the DNS server to have complete access to the contents of the zone. C. Allows zone transfers only to secondary DNS servers that have a Name Server record in the zone. To any server Only to servers listed on the Name Servers tab Only to the following servers 70-642 Objective 2.4: Configure DNS replication 187. Which option of the Zone transfers tab of the Zone Properties dialog box is the least secure? A. To any server B. Only to servers listed on the Name Servers tab C. Only to the following servers D. The same level of security is available on all these options 70-642 Objective 2.4: Configure DNS replication 188. Which type of zone contains only the basic records in the master zone? A. Standard zone B. Secondary zone C. Stub zone D. Small zone 70-642 Objective 2.4: Configure DNS replication
4
98
MCTS: Windows Server 2008 70-642 Q&A
189. Which of the following is the command to open the System Properties dialog box? A. sysdm.cpl B. sysprop.cpl C. prop.cpl D. dm.cpl 70-642 Objective 2.5: Configure name resolution for client computers 190. Which of the following commands will output the computer’s host name? A. host B. hname C. hostname D. name 70-642 Objective 2.5: Configure name resolution for client computers 191. Match the parts of the full computer name pc1.dtilearning.com to their type by writing the letter in the correct cell. A. Hostname B. Primary DNS suffix pc1 dtilearning.com 70-642 Objective 2.5: Configure name resolution for client computers 192. This type of suffix is used with a certain network connection. A. Network-specific suffix B. Connection-specific suffix C. Interface-specific suffix D. Network connection suffix 70-642 Objective 2.5: Configure name resolution for client computers 193. Which of the following options is used to assign the connection-specific suffix? A. 003 Router B. 006 DNS Servers C. 015 DNS Domain Name D. 044 WINS/NBNS Servers 70-642 Objective 2.5: Configure name resolution for client computers
Chapter 4
Configuring Name Resolution
99
194. When a DNS domain suffix search is run, what is the correct order that the DNS client uses if the query fails? A. Use a connection-specific suffix assigned to a network adapter B. Use the parent suffix of the primary DNS suffix C. Use the primary DNS suffix of the local computer Step 1 Step 2 Step 3 70-642 Objective 2.5: Configure name resolution for client computers 195. You are on a computer with a full name of bob_pc.north.dtilearning.com, and you have the following connection-specific suffixes: sub1.north.dtilearning.com and sub2.north.dtilearning.com. On this computer you run a search for a computer named Mark_pc. Which of the following describes the first name that the DNS client will attempt to use as the full DNS name? A. Mark_pc.dtilearning.com B. Mark_pc.sub1.north.dtilearning.com C. Mark_pc.sub2.north.dtilearning.com D. Mark_pc.north.dtilearning.com 70-642 Objective 2.5: Configure name resolution for client computers 196. You are on a computer with a full name of bob_pc.north.dtilearning.com, and you have the following connection-specific suffixes: sub1.north.dtilearning.com and sub2.north.dtilearning.com. On this computer you run a search for a computer named Mark_pc. Which of the following describes the second name that the DNS client will attempt to use as the full DNS name if the first choice fails? A. Mark_pc.dtilearning.com B. Mark_pc.sub1.north.dtilearning.com C. Mark_pc.sub2.north.dtilearning.com D. Both B and C 70-642 Objective 2.5: Configure name resolution for client computers 197. You are on a computer with a full name of bob_pc.north.dtilearning.com, and you have the following connection-specific suffixes: sub1.north.dtilearning.com and sub2.north.dtilearning.com. On this computer you run a search for a computer named Mark_pc.Which of the following describes the LAST name that the DNS client will attempt to use as the full DNS name? A. Mark_pc.dtilearning.com B. Mark_pc.sub1.north.dtilearning.com C. Mark_pc.sub2.north.dtilearning.com D. Mark_pc.north.dtilearning.com 70-642 Objective 2.5: Configure name resolution for client computers
4
100
MCTS: Windows Server 2008 70-642 Q&A
198. When a server running Windows Server 2008 is configured with the appropriate settings, it can accept the dynamic registration and updates of the following EXCEPT which? A. A B. AAAA C. MX D. PTR 70-642 Objective 2.5: Configure name resolution for client computers 199. This type of record is a Forward Lookup zone that returns an address when queried using a name. A. Host B. Pointer C. Mail Exchanger D. Service location 70-642 Objective 2.5: Configure name resolution for client computers 200. In order to attempt a computer to force a registration in DNS, you would use which of the following commands? A. ipconfig /renew B. ipconfig /registerdns C. ipconfig /displaydns D. ipconfig /flushdns 70-642 Objective 2.5: Configure name resolution for client computers 201. To force an update of pointer records in a DHCP environment, which of the following commands should be used? A. ipconfig /renew B. ipconfig /registerdns C. ipconfig /displaydns D. ipconfig /flushdns 70-642 Objective 2.5: Configure name resolution for client computers 202. DNS clients check the ____________ before they try to query a DNS server. A. DNS local host B. DNS resolver cache C. DHCP host cache D. DHCP resolver cache 70-642 Objective 2.5: Configure name resolution for client computers 203. In order to display the DNS client cache, you would use which of the following commands? A. ipconfig /renew B. ipconfig /registerdns C. ipconfig /displaydns D. ipconfig /flushdns 70-642 Objective 2.5: Configure name resolution for client computers
Chapter 4
Configuring Name Resolution
101
204. Which of the following commands would be used to clear a DNS client cache? A. ipconfig /renew B. ipconfig /registerdns C. ipconfig /displaydns D. ipconfig /flushdns 70-642 Objective 2.5: Configure name resolution for client computers 205. If you recently fixed a DNS problem on your network, but one of the computers is still receiving errors, which of the following commands should you use to help resolve this problem? A. ipconfig /renew B. ipconfig /displaydns C. ipconfig /flushdns D. ipconfig /registerdns 70-642 Objective 2.5: Configure name resolution for client computers 206. Match the following commands with their uses. A. ipconfig /flushdns B. ipconfig /displaydns C. ipconfig /registerdns D. ipconfig /renew Display the DNS client cache Clear the DNS client cache Force a client to attempt dynamic registration of its records Force an update of pointer records on a DHCP client 70-642 Objective 2.5: Configure name resolution for client computers 207. DNS clients will NEVER attempt to register which type of IPv4 addresses? A. Private B. Link-local C. Public D. APIPA 70-642 Objective 2.5: Configure name resolution for client computers 208. DNS clients will never attempt to register which type of IPv6 address? A. Link-local B. Global C. Unique local D. APIPA 70-642 Objective 2.5: Configure name resolution for client computers
4
This page intentionally left blank
CHAPTER
5
CONFIGURING NETWORK ACCESS T
his chapter contains 175 questions that all fall under Microsoft’s third main exam objective for the 70-642 exam, “Configuring Network Access.” This main objective consists of the following five sub-objectives: ■ ■ ■ ■ ■
Microsoft has given this main exam objective a weight of 22%, which is why I created 175 (out of a total of 800) test preparation questions for this chapter.
TEST PREPARATION QUESTIONS 1. Which of the following will provide remote network access to users? A. Dial-up B. Wireless C. VPN D. Both A and C 70-642 Objective 3.1: Configure remote access 2. Which type of remote access gives the user a high level of privacy but low performance? A. Dial-up B. Wireless C. VPN D. All of the above 70-642 Objective 3.1: Configure remote access 3. Which type of remote access gives the user high performance but opens the internal network up to possible attacks? A. Dial-up B. Wireless C. VPN D. None of the above 70-642 Objective 3.1: Configure remote access
103
5
104
MCTS: Windows Server 2008 70-642 Q&A
4. This remote access technique is often seen as outdated. A. VPN B. Dial-up C. Wireless D. WEP 70-642 Objective 3.1: Configure remote access 5. If you use a modem to connect to a remote access server over a phone line, you are using which remote access technique? A. VPN B. Wireless C. WEP D. Dial-up 70-642 Objective 3.1: Configure remote access 6. Which of the following is NOT an advantage for using dial-up over a VPN? A. Do not need an Internet connection B. Small privacy risks C. High bandwidth possibility D. Consistent performance 70-642 Objective 3.1: Configure remote access 7. Which of the following remote access techniques sends its traffic across the public switched telephone network (PSTN)? A. VPN B. Dial-up C. Wireless D. Broadband 70-642 Objective 3.1: Configure remote access 8. Which of the following is NOT a disadvantage of using the dial-up remote access technique? A. High cost B. Low bandwidth C. Requires Internet connection D. Slow web browsing 70-642 Objective 3.1: Configure remote access
Chapter 5
Configuring Network Access
105
9. Separate the items in the Attributes list into the advantages of dial-up and the advantages of VPNs. Attributes No Internet connection required High bandwidth potential Small privacy risks Consistent performance Low cost Dial-Up Advantages
VPN Advantages
5 70-642 Objective 3.1: Configure remote access 10. Separate the items in the Attributes list into the disadvantages of dial-up and the disadvantages of VPNs. VPN Attributes Internet connection required Low bandwidth High latency High cost Dial-Up Disadvantages
70-642 Objective 3.1: Configure remote access
VPN Disadvantages
106
MCTS: Windows Server 2008 70-642 Q&A
11. Match the items in the Attributes list with the correct column based on whether they are advantages or disadvantages when using dial-up. Dial-Up Attributes No Internet connection required Bandwidth potential Privacy risks Performance Cost of scalability Advantages
Disadvantages
70-642 Objective 3.1: Configure remote access 12. Match the following terms with the correct column based on whether they are advantages or disadvantages when using VPNs. Attributes Latency Bandwidth potential Internet required Cost VPN Advantages
VPN Disadvantages
70-642 Objective 3.1: Configure remote access 13. Which type of remote access technique uses the Internet to send its traffic to the remote access server? A. Dial-up B. VPN C. Wireless D. All of the above 70-642 Objective 3.1: Configure remote access
Chapter 5
Configuring Network Access
107
14. A VPN server requires how many connections to the Internet? A. 1 B. 2 C. 10 D. One for each user connected to the server 70-642 Objective 3.1: Configure remote access 15. Which of the following is NOT an advantage to using the VPN remote access technique? A. High bandwidth potential B. Low cost for the user C. Low cost for the server D. Low latency 70-642 Objective 3.1: Configure remote access 16. Which of the following is NOT a disadvantage to using the VPN remote access technique? A. Requires Internet connection B. High latency C. Poor efficiency with slower connections D. High cost 70-642 Objective 3.1: Configure remote access 17. When a company uses the dial-up remote access method and needs more than one dial-up connection, what specific piece of hardware would the company use? A. Modem B. Modem swarm C. Modem bank D. Modem block 70-642 Objective 3.1: Configure remote access 18. This device accepts dial-up connections and submits authentication requests to a RADIUS server. A. Modem B. Modem bank C. Modem server D. Switch 70-642 Objective 3.1: Configure remote access 19. Organizations often have an ISP manage the modem bank and accept dial-up connections. Using this system, the ISP configures the modem bank to send authentication requests to which server? A. DNS server B. Domain Controller C. RADIUS D. VPN server 70-642 Objective 3.1: Configure remote access
5
108
MCTS: Windows Server 2008 70-642 Q&A
20. Which of the following VPN technologies uses Point-to-Point Protocol (PPP) authentication for user-level authentication and Microsoft Point-to-Point Encryption (MPPE) for data encryption? A. Point-to-Point Tunneling Protocol (PPTP) B. Layer Two Tunneling Protocol (L2TP) C. Secure Socket Tunneling Protocol (SSTP) D. None of the above 70-642 Objective 3.1: Configure remote access 21. Which of the following VPN technologies uses Point-to-Point Protocol (PPP) authentication methods for user-level authentication and IPSec for encryption? A. Point-to-Point Tunneling Protocol (PPTP) B. Layer Two Tunneling Protocol (L2TP) C. Secure Socket Tunneling Protocol (SSTP) D. None of the above 70-642 Objective 3.1: Configure remote access 22. Which of the following VPN technologies uses Point-To-Point Protocol (PPP) authentication methods for user-level authentication and uses Hypertext Transfer Protocol (HTTP) encapsulation over a Secure Sockets Layer (SSL) channel for data encryption? A. Point-to-Point Tunneling Protocol (PPTP) B. Layer Two Tunneling Protocol (L2TP) C. Secure Socket Tunneling Protocol (SSTP) D. None of the above 70-642 Objective 3.1: Configure remote access 23. Match the following protocols with the VPN technology that uses them. Protocols Point-to-Point Protocol (PPP) Hypertext Transfer Protocol (HTTP) IPSec Microsoft Point-to-Point Encryption (MPPE) Point-to-Point Tunneling Protocol (PPTP)
Layer Two Tunneling Protocol (L2TP)
70-642 Objective 3.1: Configure remote access
Secure Socket Tunneling Protocol (SSTP)
Chapter 5
Configuring Network Access
109
24. Which type of VPN technology can travel through many firewalls, NATs, and proxy servers that would normally cause other VPN technologies to fail? A. Layer Two Tunneling Protocol (L2TP) B. Secure Socket Tunneling Protocol (SSTP) C. Point-to-Point Tunneling Protocol (PPTP) D. Travers Tunneling Protocol (TTP) 70-642 Objective 3.1: Configure remote access 25. Which type of VPN technology is supported only by Windows Server 2008 and Windows Vista with Service Pack 1? A. Secure Socket Tunneling Protocol (SSTP) B. Layer Two Tunneling Protocol (L2TP) C. Point-to-Point Tunneling Protocol (PPTP) D. None of the above 70-642 Objective 3.1: Configure remote access 26. By default, Windows Server 2008 VPN server can support how many VPN technologies at the same time? A. 1 B. 2 C. 3 D. 10 70-642 Objective 3.1: Configure remote access 27. When configuring a VPN server, you need to have two network cards. One should be connected to the public Internet. Where should the other one be connected? A. To a direct line to the VPN client B. To a modem bank C. To the intranet D. To a direct line to your Domain Controller 70-642 Objective 3.1: Configure remote access 28. With the default settings, how many ports does Windows Server 2008 create for each of the three VPN technologies? A. 1 B. 24 C. 64 D. 128 70-642 Objective 3.1: Configure remote access
5
110
MCTS: Windows Server 2008 70-642 Q&A
29. Each VPN connection requires how many ports? A. 1 B. 2 C. 24 D. 128 70-642 Objective 3.1: Configure remote access 30. You recently added a VPN server to an existing web server, but you can no longer connect to the web server. What is causing this problem? A. You cannot have anything else hosted on a VPN server B. The problem is unrelated to either the web server or the VPN server C. You need to add packet filters and exceptions for Windows Firewall to allow traffic for the web server D. None of the above 70-642 Objective 3.1: Configure remote access 31. Match the following connection restrictions with their uses. Connection Restrictions A. Controls access based on the IP address of the wireless access point. B. Restricts the connection for certain portions of the week or day. C. Controls access depending on the IP address of the client when the Windows Server 2008 computer is acting as a VPN server. D. Requires certain protocols and authentication methods. E. Allows connections from a specific phone number. F. Allows you to restrict access to modems, wireless access points, or VPN connections. G. Requires the user or computer to be in a certain group. H. Controls access depending on the IP address of the client when the Windows Server 2008 computer is acting as a RADIUS server. Connection Restriction
Use Windows Groups, Machine Groups, and User Groups Day and Time Restrictions Access Client IPv4 Address and Access Client IPv6 Address Client IPv4 Address and Client IPv6 Address NAS IPv4 Address and NAS IPv6 Address Authentication Type, Allowed EAP Types, Framed Protocol, Service Type, and Tunnel Type Calling Station ID NAS Port Type
70-642 Objective 3.1: Configure remote access
Chapter 5
Configuring Network Access
111
32. Which of the following connection restrictions force the computer or user to belong to a specific group? A. Windows Groups, Machine Groups, and User Groups B. Day and Time Restrictions C. Calling Station ID D. NAS Port Type 70-642 Objective 3.1: Configure remote access 33. Which of the following connection restrictions limit usage to specific days or times? A. Calling Station ID B. NAS Port Type C. Day and Time Restrictions D. NAS IPv4 Address and NAS IPv6 Address 70-642 Objective 3.1: Configure remote access 34. This connection restriction controls access based on the IP address of the client when the server is acting as a VPN server. A. Access Client IPv4 Address and Access Client IPv6 Address B. Client IPv4 Address and Client IPv6 Address C. NAS IPv4 Address and NAS IPv6 Address D. NAS Port Type 70-642 Objective 3.1: Configure remote access 35. Which connection restriction limits access based on the IP address of the client when the server is acting as a RADIUS server? A. Access Client IPv4 Address and Access Client IPv6 Address B. Client IPv4 Address and Client IPv6 Address C. NAS IPv4 Address and NAS IPv6 Address D. NAS Port Type 70-642 Objective 3.1: Configure remote access 36. Which connection restriction limits access based on the IP address of the wireless access point? A. NAS IPv4 Address and NAS IPv6 Address B. Access Client IPv4 Address and Access Client IPv6 Address C. NAS Port Type D. Client IPv4 Address and Client IPv6 Address 70-642 Objective 3.1: Configure remote access
5
112
MCTS: Windows Server 2008 70-642 Q&A
37. This connection restriction limits connections by requiring specific authentication methods or protocols. A. Authentication Type,Allowed EAP Types, Framed Protocol, Service Type, and Tunnel Type B. Calling Station ID C. NAS Port Type D. Client IPv4 Address and Client IPv6 Address 70-642 Objective 3.1: Configure remote access 38. Which connection restriction accepts connections from only specific phone numbers? A. NAS Port Type B. Client IPv4 Address and Client IPv6 Address C. NAS IPv4 Address and NAS IPv6 Address D. Calling Station ID 70-642 Objective 3.1: Configure remote access 39. This connection restriction is used to restrict access to modems, wireless access points, or VPN connections. A. Calling Station ID B. NAS IPv4 Address and NAS IPv6 Address C. Authentication Type,Allowed EAP Types, Framed Protocol, Service Type, and Tunnel Type D. NAS Port Type 70-642 Objective 3.1: Configure remote access 40. When you are using Network Access Protection (NAP) and a computer connects to your network, NAP will check for which of the following requirements? A. That the computer is virus-free B. That the computer has a key logger C. That the computer has the latest operating system updates D. None of the above 70-642 Objective 3.2: Configure Network Access Protection (NAP) 41. Which of the following is designed to connect hosts to separate resources when they have different health states? A. IPSec B. DHCP C. NAP D. TCP/IP 70-642 Objective 3.2: Configure Network Access Protection (NAP) 42. A network resource must ____________ network access to enforce NAP. A. Allow B. Deny C. Allow or Deny D. None of the above 70-642 Objective 3.2: Configure Network Access Protection (NAP)
Chapter 5
Configuring Network Access
113
43. Which of the following is NOT a NAP enforcement type? A. IPSec connection security B. 802.1X access points C. VPN servers D. Active Directory Domain Controllers 70-642 Objective 3.2: Configure Network Access Protection (NAP) 44. Which NAP enforcement type requires clients to perform a NAP health check before they are granted a health certificate? A. IPSec connection security B. 802.1X access points C. VPN servers D. DHCP servers 70-642 Objective 3.2: Configure Network Access Protection (NAP) 45. Which enforcement type allows you to require health checks on a per-IP address basis? A. 802.1X access points B. VPN servers C. IPSec connection security D. DHCP servers 70-642 Objective 3.2: Configure Network Access Protection (NAP) 46. This connection enforcement type can allow only healthy computers to communicate with healthy computers. A. DHCP servers B. VPN servers C. 802.1X access points D. IPSec connection security 70-642 Objective 3.2: Configure Network Access Protection (NAP) 47. Which enforcement type uses Ethernet switches or wireless access points that use a specific type of authentication? A. IPSec connection security B. VPN servers C. 802.1X access points D. DHCP servers 70-642 Objective 3.2: Configure Network Access Protection (NAP) 48. Which of the following NAP enforcement types would grant client computers full network access but connect noncompliant computers to a remediation network? A. 802.1X access points B. VPN servers C. DHCP servers D. IPSec connection security 70-642 Objective 3.2: Configure Network Access Protection (NAP)
5
114
MCTS: Windows Server 2008 70-642 Q&A
49. Which two of the following are the methods that 802.1X uses to control the level of access computers receive? A. ACL B. WAN C. IPSec D. VPN E. VLAN 70-642 Objective 3.2: Configure Network Access Protection (NAP) 50. Which of the following is a set of IPv4 or IPv6 packet filters configured on the 802.1X access point? A. VLAN B. ACL C. IP list D. Address list 70-642 Objective 3.2: Configure Network Access Protection (NAP) 51. Which of the following is a group of ports on a switch that are grouped together to create a separate network? A. ACL B. SLAN C. WLAN D. VLAN 70-642 Objective 3.2: Configure Network Access Protection (NAP) 52. Which NAP enforcement type enforces NAP for remote access connections that use a VPN server running Windows Server 2008 and Routing and Remote Access? A. IPSec connection security B. DHCP server C. Routing and Remote Access D. VPN server 70-642 Objective 3.2: Configure Network Access Protection (NAP) 53. Which NAP enforcement type requires a Windows 2008 server to also be running the DHCP service? A. IPSec connection security B. VPN server C. DHCP server D. DNS server 70-642 Objective 3.2: Configure Network Access Protection (NAP)
Chapter 5
Configuring Network Access
115
54. Using which enforcement type will give noncompliant computers an IP address with a subnet mask of 255.255.255.255 and no default gateway? A. VPN server B. 802.1X access points C. IPSec connection security D. DHCP server 70-642 Objective 3.2: Configure Network Access Protection (NAP) 55. Which of the following are the two main components of a NAP health validation? A. System Health Agent (SHAs) B. Statement of Health (SoH) C. System Health Validators (SHVs) D. SoH Response (SoHR) E. System Health Client (SHC) 70-642 Objective 3.2: Configure Network Access Protection (NAP) 56. What is the client component that creates a Statement of Health? A. SHA B. SHV C. SoHR D. SHC 70-642 Objective 3.2: Configure Network Access Protection (NAP) 57. What is the server component that analyzes the Statement of Health and creates a Statement of Health Response? A. System Health Agents (SHAs) B. System Health Clients (SHCs) C. System Health Servers (SHSs) D. System Health Validators (SHVs) 70-642 Objective 3.2: Configure Network Access Protection (NAP) 58. Match the phases of a NAP deployment (Limited Access,Testing, and Monitoring) with their correct explanations. Deployment Phase
Explanation Uses different examples of different OS, client configurations, and enforcement types. Launches NAP but does not limit connections yet. Launches NAP and enables NAP enforcement.
59. During which phase of NAP deployment does the administrator try different operating systems, client configurations, and enforcement points? A. Testing B. Monitoring C. Limited Access D. Example 70-642 Objective 3.2: Configure Network Access Protection (NAP) 60. During which phase of NAP deployment is the NAP notified of failed health requirements but does not limit connections? A. Testing B. Monitoring C. Limited Access D. Notification 70-642 Objective 3.2: Configure Network Access Protection (NAP) 61. During which phase of NAP deployment will you begin to deny access to your network? A. Testing B. Limited Access C. Denial D. Monitoring 70-642 Objective 3.2: Configure Network Access Protection (NAP) 62. If you have a RADUIS server running Windows Server 2003 and Internet Authentication Service, which of the following will you need to do in order to make it into a Network Policy Server? A. Upgrade to Windows Server 2008 B. Configure it as a NAP health policy server C. Both A and B D. None of the above 70-642 Objective 3.2: Configure Network Access Protection (NAP) 63. If you are running a RADIUS server on a non-Windows operating system and you want to make it into a Network Policy Server, which of the following must you do? A. Upgrade it to Windows Server 2008 B. Configure it as a NAP health policy server C. Both A and B D. You can’t make it into a Network Policy Server 70-642 Objective 3.2: Configure Network Access Protection (NAP)
Chapter 5
Configuring Network Access
117
64. When you install the HRA role service, it configures which of the following in order to handle the certificates? A. Certification Authority B. Certification Service C. Certification Application D. Certification Server 70-642 Objective 3.2: Configure Network Access Protection (NAP) 65. When you install the HRA role service, which of the following is configured and named DomainHRA? A. A certification authority B. DHCP server C. Domain Controller D. A web application 70-642 Objective 3.2: Configure Network Access Protection (NAP) 66. Which of the following is NOT one of the sub-nodes used to configure the client NAP settings? A. Enforcement Clients B. User Interface Settings C. Enforcement Servers D. Health Registration Settings 70-642 Objective 3.2: Configure Network Access Protection (NAP) 67. Which of the following sub-nodes used to configure the client NAP settings requires you to configure one policy that forces clients to use that policy? A. Enforcement Clients B. User Interface Settings C. Health Registration Settings D. Client Settings 70-642 Objective 3.2: Configure Network Access Protection (NAP) 68. Which sub-node used to configure the client NAP settings is used to change the text portions of the NAP client interface? A. Enforcement Clients B. User Interface Settings C. NAP client Interface D. Health Registration Settings 70-642 Objective 3.2: Configure Network Access Protection (NAP)
5
118
MCTS: Windows Server 2008 70-642 Q&A
69. Which of the following sub-nodes must be configured in order to configure cryptographic settings for NAP clients? A. Request Policy B. Trusted Server Group C. NAP Client Configuration D. User Interface Settings 70-642 Objective 3.2: Configure Network Access Protection (NAP) 70. Which command is used to check a client’s NAP configuration? A. netsh nap client show B. netsh nap client show state C. netsh nap client show state /all D. netsh nap client 70-642 Objective 3.2: Configure Network Access Protection (NAP) 71. Which of the following commands will enable the DHCP Quarantine enforcement client? A. netsh nap client set enforcement enable B. netsh nap client set enforcement DHCP enable C. netsh nap client enforcement DHCP enable D. netsh nap client set enforcement 79617 enable 70-642 Objective 3.2: Configure Network Access Protection (NAP) 72. What one of the following is NOT part of a health requirement policy? A. Connection request policy B. System health validators C. Full access server group D. Network policy 70-642 Objective 3.2: Configure Network Access Protection (NAP) 73. What is the name of the policy that determines whether a request should be processed by the Name Policy Server? A. Connection request policy B. System health validators C. Remediation server group D. Network policy 70-642 Objective 3.2: Configure Network Access Protection (NAP) 74. This policy determines the health checks that a client must pass in order to be considered compliant. A. Connection request policy B. System health validators C. Remediation server group D. Network policy 70-642 Objective 3.2: Configure Network Access Protection (NAP)
Chapter 5
Configuring Network Access
119
75. Match the items in the Attributes list with the correct column based on whether they are advantages or disadvantages when using wireless networks. Wireless Network Attributes Impact on place of deployment Mobility Security of WEP and WPA Non-physical connection Default security settings Speed of deployment Wireless Network Benefits
Wireless Network Problems
70-642 Objective 3.4: Configure wireless access 76. You are asked to set up a network at a historical landmark, but because of local building laws you are not allowed to physically modify any part of the building. What should you do? A. Set up a network, but run wires along the ground B. Set up a network and run the wires like normal, thus ignoring the law C. Set up a wireless network D. Tell the company it’s not possible to have a network 70-642 Objective 3.4: Configure wireless access 77. Hotels, airports, and coffee shops often have a ____________ network for customers to use. A. Wired B. Bluetooth C. WAN D. Wireless 70-642 Objective 3.4: Configure wireless access 78. If you want to deploy a network in your home but have only a limited amount of time, which type of network should you set up? A. Wired B. Wireless C. Bluetooth D. Same amount of time for all types of networks 70-642 Objective 3.4: Configure wireless access
5
120
MCTS: Windows Server 2008 70-642 Q&A
79. Using a ____________ network will allow you to connect to other users without a network infrastructure. A. Wired B. WAN C. Wireless D. None of the above 70-642 Objective 3.4: Configure wireless access 80. Which of the following statements is true? 1. Physical connections are more secure. 2. Non-physical connections are more secure. A. The first B. The second C. They are both true D. Neither is true 70-642 Objective 3.4: Configure wireless access 81. By default, the majority of wireless access points have which of the following enabled? A. Authentication B. Encryption C. Both authentication and encryption D. Neither authentication nor encryption 70-642 Objective 3.4: Configure wireless access 82. Are Wired Equivalent Protection (WEP) and Wi-Fi Protected Access (WPA) vulnerable to cracking attacks? A. Yes B. Only WEP is C. Only WPA is D. Neither is vulnerable 70-642 Objective 3.4: Configure wireless access 83. Which of the following is the original wireless network type, with a theoretical network throughput of 11 Mbps? A. 802.11a B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access
Chapter 5
Configuring Network Access
121
84. Which of the wireless network types has a theoretical network throughput of 54 Mbps? A. 802.11d B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access 85. This wireless network type has a theoretical network throughput of 250 Mbps. A. 802.11a B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access 86. Match the following wireless network types with their definitions. Network Type 802.11a 802.11b 802.11g 802.11n Network Type
Definition Uses the 5.4 GHz range. Has a theoretical network throughput of 11 Mbps. Has a theoretical network throughput of 54 Mbps. Has a theoretical network throughput of 250 Mbps.
70-642 Objective 3.4: Configure wireless access 87. Which wireless network type uses the range 5.4 GHz instead of 2.4 GHz? A. 802.11a B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access
5
122
MCTS: Windows Server 2008 70-642 Q&A
88. Match the following wireless security standards with their use. Wireless Security Standard Wi-Fi Protected Access (WPA) WPA2 Wired Equivalent Protection (WEP) Standard
Use Original wireless security standard requires you to enter a key or passphrase. Has stronger cryptography than WEP but still has vulnerabilities. Most advanced wireless security standard and most secure.
70-642 Objective 3.4: Configure wireless access 89. Which wireless network security standard lets the user connect without any authentication or encryption? A. Wi-Fi Protected Access (WPA) B. No security C. Wired Equivalent Protection (WEP) D. WPA2 70-642 Objective 3.4: Configure wireless access 90. Which wireless network security standard gives the user a universally supported method of authentication and encryption? A. No security B. Wi-Fi Protected Access (WPA) C. Wired Equivalent Protection (WEP) D. WPA2 70-642 Objective 3.4: Configure wireless access 91. WEP is able to use ____________ encryption. A. 64-bit B. 128-bit C. Both 64-bit and 128-bit D. 256-bit 70-642 Objective 3.4: Configure wireless access 92. Which wireless network security standard offers the second highest level of cryptography? A. No security B. WPA C. WEP D. WPA2 70-642 Objective 3.4: Configure wireless access
Chapter 5
Configuring Network Access
123
93. Match these two types of WPAs (WPA-PSK and WPA-EAP) with their methods. Uses a pre-shared key. Gives authentication requests to a RADIUS server. 70-642 Objective 3.4: Configure wireless access 94. Which type of WPA uses a static key and is vulnerable to brute force attacks? A. WPA-PSK B. WPA-KEY C. WPA-EAP D. WPA-RAD 70-642 Objective 3.4: Configure wireless access 95. Which type of WPA uses a RADIUS server to authenticate requests, making it the more secure type? A. WPA-KEY B. WPA-PSK C. WPA-EAP D. WPA-RAD 70-642 Objective 3.4: Configure wireless access 96. Which wireless network security standard is also called IEEE 802.11i? A. No security B. WEP C. WPA D. WPA2 70-642 Objective 3.4: Configure wireless access 97. Which wireless network security standard provides the best security and protection from attacks? A. No security B. WPA2 C. WEP D. WPA 70-642 Objective 3.4: Configure wireless access 98. Order the following from the most secure to the least. A. 64-bit WEP B. WPA-EAP C. 128-bit WEP D. WPA2-EAP E. WPA-PSK F. WPA2-PSK 70-642 Objective 3.4: Configure wireless access
5
124
MCTS: Windows Server 2008 70-642 Q&A
99. Match the two wireless network modes (infrastructure mode and ad hoc mode) with their uses. Mode
Use Wireless access points act as central hubs. Wireless communications occur directly between wireless clients.
70-642 Objective 3.4: Configure wireless access 100. Which of the following is the correct wireless network mode that allows a user to connect to an access point that acts as a central hub for wireless clients? A. Infrastructure mode B. Hub mode C. Ad hoc mode D. P2P mode 70-642 Objective 3.4: Configure wireless access 101. What type of wireless network mode should be used if you are out of range of an access point but want to share a video with other wireless clients? A. Infrastructure mode B. Hub mode C. Ad hoc mode D. P2P mode 70-642 Objective 3.4: Configure wireless access 102. Match the following authentication modes for windows wireless clients. User Only Computer and User Computer Only Windows authenticates to the wireless network before showing the Windows logon screen. Windows authenticates after the user logs on. Windows authenticates before the user logs on. And after going through the Windows logon it will authenticate using the user attributes. 70-642 Objective 3.4: Configure wireless access
Chapter 5
Configuring Network Access
125
103. You are in charge of setting up the authentication mode for wireless Windows clients. If you want them to be authenticated before showing the Windows logon screen which mode should you use? A. User Only B. Computer and User C. None of the above D. Computer Only 70-642 Objective 3.3: Configure network authentication 104. You are in charge of setting up the authentication mode for wireless Windows clients.Which authentication mode should you use if you want the users to be authenticated after they supply their Windows logon credentials? A. Computer Only B. User Only C. Computer and User D. None of the above 70-642 Objective 3.3: Configure network authentication 105. You are in charge of setting up the authentication mode for wireless Windows clients.Which authentication mode should you use if you want the clients to be authenticated before and after a Windows logon? A. Computer Only B. User Only C. Computer and User D. None of the above 70-642 Objective 3.3: Configure network authentication 106. What feature do both Windows Vista and Windows Server 2008 have that allows administrators to set up user authentication to the wireless network to happen before the user logs on to the network? A. Pre logon B. Single Sign On C. Multiple Sign On D. Single Logon 70-642 Objective 3.3: Configure network authentication
5
126
MCTS: Windows Server 2008 70-642 Q&A
107. Match the following authentication methods with their requirements. Authentication Method Smart Card or Other Certificate Secured Password (EAP-MSCHAP v2) Protected EAP (PEAP) Authentication Method
Requirements Requires you to set up a computer certificate on a RADIUS server and a computer certificate or user certificate on all wireless client computers. Requires you to set up a computer certificate on a RADIUS server and a computer certificate or user certificate on all wireless client computers. Also requires that the user provide a certificate or a Smart Card. Requires computer certificates to be installed on all RADIUS servers and requires all client computers to trust the CA that gave them the computer certificate.
70-642 Objective 3.3: Configure network authentication 108. Which authentication method requires a computer certificate on a RADIUS server and a computer certificate or user certificate on all wireless client computers? A. PEAP B. Smart Card C. EAP-MSCHAP v2 D. None of the above 70-642 Objective 3.3: Configure network authentication 109. Which authentication method requires that the user insert a device to provide a certificate? A. PEAP B. Smart Card C. EAP-MSCHAP v2 D. None of the above 70-642 Objective 3.3: Configure network authentication 110. Which authentication method requires computer certificates to be installed on all RADIUS servers and requires all client computers to trust the CA? A. PEAP B. Smart Card C. EAP-MSCHAP v2 D. None of the above 70-642 Objective 3.3: Configure network authentication
Chapter 5
Configuring Network Access
127
111. If you want to add a layer of abstraction between your access points and your RADIUS servers, you would add which of the following? A. DNS server B. DHCP server C. WINS server D. RADIUS proxy 70-642 Objective 3.3: Configure network authentication 112. You are the administrator of a network with two different domains that do not trust each other.You want to allow the different domains to manage their own RADIUS servers.Which of the following should you use to allow this? A. VPN server B. Dial-in server C. Domain Controller D. RADIUS proxy 70-642 Objective 3.3: Configure network authentication 113. The protected EAP authentication method is compatible with which enforcement method? A. IPSec B. 802.1x C. VPN server D. DHCP server 70-642 Objective 3.3: Configure network authentication 114. You are the administrator of a network.You are charged with configuring the firewall for the web server, but you also want only internal users to be able to use remote desktop on the servers. Which of the following should you do? A. Configure an authorized connection for each private connection B. Configure the firewall scope C. Configure the firewall settings with Group Policy D. None of the above 70-642 Objective 3.5: Configure firewall settings 115. Which of the following firewall functions should you use to block connections from external sources, but allow connections from the internal network? A. Authorization B. Filter C. Scope D. Rule 70-642 Objective 3.5: Configure firewall settings
5
128
MCTS: Windows Server 2008 70-642 Q&A
116. Which of the following can be used to examine the packets that are sent to and from your computer? A. Firewall B. Filter C. Wireless access point D. NAP 70-642 Objective 3.5: Configure firewall settings 117. Match these three firewall profiles to their security settings—Private, Public, and Domain. Profile
Security Settings Allows some incoming connections. Applied whenever a member computer’s Domain Controller is accessible. Allows some incoming connections. No networks are considered this by default. The default profile type; blocks all incoming traffic.
70-642 Objective 3.5: Configure firewall settings 118. The ____________ profile is used on computers connected to its Active Directory domain. A. Directory profile B. Domain profile C. Private profile D. Public profile 70-642 Objective 3.5: Configure firewall settings 119. A user’s home office network would most likely be under which of the following profiles? A. Domain B. Private C. Home D. Public 70-642 Objective 3.5: Configure firewall settings 120. By default, which type of firewall profile is never assigned automatically? A. Domain B. Private C. Public D. Local 70-642 Objective 3.5: Configure firewall settings
Chapter 5
Configuring Network Access
129
121. By default, this firewall profile is assigned to all new network connections. A. Domain B. Private C. Public D. Home 70-642 Objective 3.5: Configure firewall settings 122. Which of the following is the firewall profile that blocks all incoming traffic? A. Private B. Domain C. Office D. Public 70-642 Objective 3.5: Configure firewall settings 123. Unless changed manually, the settings on which firewall profile will not allow any kind of incoming connections? A. Public B. Private C. Domain D. Home 70-642 Objective 3.5: Configure firewall settings 124. Which two firewall profile types will allow some incoming connections by default? A. Private B. Home C. Domain D. Public E. Office 70-642 Objective 3.5: Configure firewall settings 125. Which one of the following statements regarding firewalls is true? 1. If you add a Windows feature it will automatically enable the correct rules for that feature. 2. If you add a third-party program, Windows will automatically enable the correct rules for the program. A. The first statement is true B. The second statement is true C. Both statements are true D. Neither is true 70-642 Objective 3.5: Configure firewall settings
5
130
MCTS: Windows Server 2008 70-642 Q&A
126. You are in charge of an internal server.You want to allow only certain subnets that contain possible users to be able to connect to the server. Which of the following should you use to do this? A. Firewall profile B. Firewall scope C. Port filtering D. None of the above 70-642 Objective 3.5: Configure firewall settings 127. Match the following options of the Rule Type page with their uses. Option Program Predefined Custom Port Option
Rule Type Blocks connections for a specific executable file. Blocks connections for a specific TCP or UDP port number. Controls connections for Windows components. Can combine program and port information.
70-642 Objective 3.5: Configure firewall settings 128. Which option of the Rule Type page will allow you to block connections for a specific executable file? A. Program B. Port C. Predefined D. Custom 70-642 Objective 3.5: Configure firewall settings 129. You are asked to block connections for a specific port.You are on the Rule Type page.Which of the following options need to be modified to do this? A. Program B. Port C. Predefined D. Custom 70-642 Objective 3.5: Configure firewall settings
Chapter 5
Configuring Network Access
131
130. If you want to allow a specific application to connect only on specific internal subnets, which of the following should you use? A. Firewall profiles B. Firewall scope C. Filtering D. None of the above 70-642 Objective 3.5: Configure firewall settings 131. Which of the following firewall options on the Rule Type page will allow you to control connections for a Windows component? A. Program B. Port C. Predefined D. Custom 70-642 Objective 3.5: Configure firewall settings 132. Select the correct firewall option from the Rule Type page that will allow you to combine program and port information. A. Program B. Port C. Predefined D. Custom 70-642 Objective 3.5: Configure firewall settings 133. Which of the following is NOT one of the options from the Action page in the New Inbound Rule wizard? A. Allow the connection B. Allow the connection if it is secure C. Allow the connection from a specified source D. Block the connection 70-642 Objective 3.5: Configure firewall settings 134. The Windows Firewall option to “Allow the Connection If It Is Secure” on the Action page of the New Inbound Rule wizard requires which type of protection? A. EAP B. WAP C. LDAP D. IPSec 70-642 Objective 3.5: Configure firewall settings
5
132
MCTS: Windows Server 2008 70-642 Q&A
135. Which of the following statements about the Action page of the New Inbound Rule wizard of Windows Firewall is true? 1. The Allow Connection option will allow all connections to connect. 2. The Block the Connection option will block only those specified in the previous pages of the wizard. A. The first statement is true B. The second statement is true C. Both statements are true D. Both statements are false 70-642 Objective 3.5: Configure firewall settings 136. What does the Allow Connection option do on the Action page of the New Inbound Rule wizard of Windows Firewall? A. Allows all connections from any source B. Allows connections only from the sources specified in the previous pages C. Allows any connection from a source that does not match the criteria specified in the previous pages. D. None of the above 70-642 Objective 3.5: Configure firewall settings 137. From a security standpoint, which of the following is more risky to a computer network? A. Allowing outbound connections B. Allowing inbound connections C. Both are high risk D. Neither has any risk 70-642 Objective 3.5: Configure firewall settings 138. From of the following issues, select the one that CANNOT be solved by blocking outbound connections. A. Malware sending confidential information to an outside source. B. Worms or viruses trying to replicate other computers. C. Worms or viruses trying to infect a computer from a local source. D. Users accessing unapproved applications to send information to the Internet. 70-642 Objective 3.5: Configure firewall settings 139. By default, which of the following does not have outbound rules enabled? A. DHCP requests B. DNS requests C. IPv4 and related protocols D. IPv6 and related protocols 70-642 Objective 3.5: Configure firewall settings
Chapter 5
Configuring Network Access
133
140. You are the administrator of a network and you want to allow a mobile computer to Remote Desktop into your network. Which of the following precautions would you take to prevent issues with your firewall? A. Add exceptions for each mobile computer B. Add a firewall scope for the subnet that the mobile computer will use C. Disable the firewall D. None of the above 70-642 Objective 3.5: Configure firewall settings 141. You are the administrator of a network where the accounting users run a program that sends confidential accounting data to a central server.You have a firewall, but the program has no built-in authorization methods to prevent unauthorized users from accessing this data.Which of the following should you do to fix this problem? A. Add a firewall scope for the accounting subnet B. Add a firewall connection authorization for the accounting group C. Make the firewall block all connections to the data D. Find a new program 70-642 Objective 3.5: Configure firewall settings 142. Which of the following GPO nodes can only be used on Windows Vista and Windows Server 2008 computers? A. Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall With Advanced Security\Windows Vista and Windows Server 2008 B. Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall With Advanced Security\Windows Firewall with Advanced Security C. Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall D. Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall\Windows Vista and Windows Server 2008 70-642 Objective 3.5: Configure firewall settings 143. Which of the following nodes can be used on Windows XP,Windows Server 2003,Windows Vista, and Windows Server 2008? A. Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall With Advanced Security\Windows Vista and Windows Server 2008 B. Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall With Advanced Security\Windows Firewall with Advanced Security C. Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall D. Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall\Windows Vista and Windows Server 2008 70-642 Objective 3.5: Configure firewall settings
5
134
MCTS: Windows Server 2008 70-642 Q&A
144. When managing Windows Firewall settings by using Group Policy, which of the following is true about using the GPOs? A. You should create only one GPO that covers all versions of Windows B. You should create separate GPOs for each Windows Vista/Windows Server 2008 and Windows XP/Windows Server 2003 C. You should only create a GPO for Windows Vista/Windows Server 2008 computers D. None of the above is true 70-642 Objective 3.5: Configure firewall settings 145. If you want to monitor the traffic that the firewall is blocking, what should you enable? A. Filtering B. Scope C. Authorization D. Logging 70-642 Objective 3.5: Configure firewall settings 146. By default, where does Windows store log entries? A. %SystemRoot%\System32\LogFiles\Firewall\Pfirewall.log B. %SystemRoot%\Windows\Windows Firewall\Pfirewall.log C. %SystemRoot%\Windows\LogFiles\Windows Firewall\Pfirewall.log D. %SystemRoot%\LogFiles\Firewall\Pfirewall.log 70-642 Objective 3.5: Configure firewall settings 147. By default, Windows Firewall stores how much of the log data? A. Last 5MB B. Last 5GB C. Last 4KB D. Last 128KB 70-642 Objective 3.5: Configure firewall settings 148. Which of the following is a simple tool that can be used to find port numbers for outgoing communication from programs running on that computer? A. Ping B. TraceRT C. PathPing D. Netstat 70-642 Objective 3.5: Configure firewall settings
Chapter 5
Configuring Network Access
135
149. After you run a netstat –a –b command on a computer running the dtilearning.exe program, you get the following results: Proto Local Address TCP 0.0.0.0:135 [dtilearning.exe]
Foreign Address DCserver1:0
State Listening
What is the port number that the program is listening on? A. 0 B. 0.0.0.0 C. 135 D. Cannot determine from the information given 70-642 Objective 3.5: Configure firewall settings 150. Which of the following is NOT a default mobile firewall profile? A. Domain B. Home C. Private D. Public 70-642 Objective 3.5: Configure firewall settings 151. When you connect to a free hotspot such as a coffee shop or airport, you should use which firewall profile? A. Domain B. Private C. Secure D. Public 70-642 Objective 3.5: Configure firewall settings 152. By default, which firewall profile will block all incoming traffic but will allow outgoing traffic? A. Public B. Private C. Domain D. None of the above 70-642 Objective 3.5: Configure firewall settings 153. You are put in charge of configuring the firewall rules for the servers in your network.Which of the following should you do to ensure that the servers will still operate without a Domain Controller if they fail? A. You should only configure the Domain profile B. You should only modify the Domain and Public profiles C. You should configure all of the profile types D. You should configure the Public and Private profile types 70-642 Objective 3.5: Configure firewall settings
5
136
MCTS: Windows Server 2008 70-642 Q&A
154. What is the purpose of a firewall? A. To remove viruses and worms B. To block all traffic C. To drop unwanted traffic but allow wanted traffic D. To stop hackers 70-642 Objective 3.5: Configure firewall settings 155. Which of the following is NOT a valid wireless authentication method? A. Computer Only B. User Only C. Domain Only D. Computer and User 70-642 Objective 3.3: Configure network authentication 156. What is the best way to issue trusted certificates to clients? A. Use a RADIUS server B. Use a DHCP server C. Use an enterprise PKI D. Use PEAP 70-642 Objective 3.3: Configure network authentication 157. If you want to send requests to different RADIUS servers that are based on different criteria, what should you use? A. A DNS server B. A firewall C. A RADIUS proxy D. None of the above 70-642 Objective 3.3: Configure network authentication 158. You are in charge of a network that has multiple RADIUS servers. One of the servers is having issues with the amount of traffic it is receiving.Which of the following should you do to solve this? A. Use a RADIUS proxy B. Add another RADIUS server C. Add more network infrastructure D. None of the above 70-642 Objective 3.3: Configure network authentication
Chapter 5
Configuring Network Access
137
159. Which of the following could be seen as a standards-based authentication mechanism? A. DNS B. DHCP C. RADIUS D. None of the above 70-642 Objective 3.3: Configure network authentication 160. Another name for a RADIUS log file is? A. IAS log B. RAD log C. RS log D. WPA log 70-642 Objective 3.3: Configure network authentication 161. Where is the RADIUS log file stored by default? A. %SystemRoot%\system32 B. %SystemRoot%\Windows C. %SystemRoot%\Windows\LogFiles D. %SystemRoot%\system32\LogFiles 70-642 Objective 3.3: Configure network authentication 162. If a wireless user attempts to connect to an access point that is configured to use a Windows Server 2008 computer as a RADIUS server, which of the following will happen? A. The system will block the user from logging on B. The system will monitor all activity of the user C. The system will add an event to the Security event log D. None of the above 70-642 Objective 3.3: Configure network authentication 163. Failed attempts to access an access point will show up as what in the Security event log? A. Failed B. Denied C. Audit denied D. Audit failure 70-642 Objective 3.3: Configure network authentication 164. Attempts to connect to an access point that are accepted by the RADIUS authentication are shown as which in the event log? A. Success B. Pass C. Audit success D. Audit pass 70-642 Objective 3.3 Configure network authentication
5
138
MCTS: Windows Server 2008 70-642 Q&A
165. Which of the following is the correct command to enable trace logging? A. netsh ras set tr * en B. netsh tr log C. netsh trace D. netsh logging 70-642 Objective 3.3: Configure network authentication 166. Where is the default location for the trace log? A. %SystemRoot%\IASNAP.log B. %SystemRoot%\system32\tracing\IASNAP.log C. %SystemRoot%\tracing\IASNAP.log D. %SystemRoot%\Windows\IASNAP.log 70-642 Objective 3.3: Configure network authentication 167. What type of log will provide you with the most detailed information that can be used for troubleshooting? A. RADIUS log B. IAS log C. Trace log D. They all give the same amount of information 70-642 Objective 3.3: Configure network authentication 168. Which of the following is the most common form of wireless network? A. 802.11a B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access 169. Which of the following network types has a theoretical network throughput of 54 Mbps? A. 802.11a B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access 170. What is the benefit of using 802.11g in 802.11g-only mode? A. Better security B. Improved reliability C. Improved speed D. None of the above 70-642 Objective 3.4: Configure wireless access
Chapter 5
Configuring Network Access
139
171. Which mode of 802.11g will allow 802.11g to connect to 802.11b networks? A. Multiple mode B. Mixed mode C. 802.11g-only D. 802.11g-b mode 70-642 Objective 3.4: Configure wireless access 172. Which type of 802.11 wireless networks uses a different frequency range? A. 802.11a B. 802.11b C. 802.11g D. 802.11n 70-642 Objective 3.4: Configure wireless access 173. Which of the following is the weakest form of wireless network security? A. WEP 64-bit B. WEP 128-bit C. WPA-PSK D. WPA-EAP 70-642 Objective 3.4: Configure wireless access 174. Which of the following types of remote access allows a user to connect to a target network without needing a connection to the Internet? A. Dial-up B. VPN C. Both A and B D. None of the above 70-642 Objective 3.1: Configure remote access 175. Which of the following is a major drawback of using VPN as your remote access choice? A. Poor latency B. High cost C. Poor bandwidth D. None of the above 70-642 Objective 3.1: Configure remote access
5
This page intentionally left blank
CHAPTER
6
CONFIGURING FILE AND PRINT SERVICES T
his chapter contains 104 questions that all fall under Microsoft’s fourth main exam objective for the 70-642 exam, “Configuring File and Print Services.” This main objective consists of the following six sub-objectives: ■ ■ ■ ■ ■ ■
Configure a file server Configure Distributed File System (DFS) Configure shadow copy services Configure backup and restore Manage disk quotas Configure and monitor print services
TEST PREPARATION QUESTIONS 1. Which of the following commands will give you information on how to configure NTFS permissions from a script or command prompt? A. ntfs/? B. icacl/help C. icacls/? D. icancals/permissions 70-642 Objective 4.1: Configure a file server 2. Which of the following NTFS file permissions gives full access to a specific user and administrator but denies all access to other users? A. System files B. Program files C. User files D. None of the above 70-642 Objective 4.1: Configure a file server
141
6
142
MCTS: Windows Server 2008 70-642 Q&A
3. The default NTFS permission that does not allow users to write to the %SystemRoot% folder is which of the following? A. User files B. System files C. Root files D. Program files 70-642 Objective 4.1: Configure a file server 4. What are the default NTFS permissions for the %ProgramFiles% folder? A. Give administrators full control but users read-only access B. Allow users and administrators to read and write C. Allow users to read and write but allow administrators to read-only D. None of the above 70-642 Objective 4.1: Configure a file server 5. You are the administrator of a network and want to allow a specific user to view the files in a folder, but not to open them. Which permission should you assign to this user? A. List Folder Contents B. Read C. Write D. Modify 70-642 Objective 4.1: Configure a file server 6. You are in charge of applying permissions to users in a network.You want to allow a specific user only the ability to view a file. Which of the following permissions should you give the user? A. List Folder Contents B. Read and Execute C. Read D. Write 70-642 Objective 4.1: Configure a file server 7. You are the administrator of a network.You want to allow a specific group of users the ability to run applications but not to modify the files in any way. Which permission should you apply to this group? A. Read and Execute B. Read C. Write D. Modify 70-642 Objective 4.1: Configure a file server
Chapter 6
Configuring File and Print Services
143
8. You are in charge of setting file permissions for a network.You want to allow users to add files to a folder, but not be allowed to view the other files or modify them.Which of the following permissions should you apply? A. Read and Execute B. Write C. Modify D. Full control 70-642 Objective 4.1: Configure a file server 9. You are in charge of setting up file permissions for a network.You want to allow a group of users to read, edit, and delete files and folders. Which permissions should you apply? A. Modify B. Read and execute C. Write D. Full control 70-642 Objective 4.1: Configure a file server 10. You are the administrator of a network.You want to give yourself the ability to modify the permissions of a file or folder. Which permission should you assign yourself for this file or folder? A. Read and execute B. Write C. Modify D. Full control 70-642 Objective 4.1: Configure a file server 11. Which of the following is the correct command to grant a user administrator write and delete permissions to a file? A. icacls c:\windows\* /save AclFile /T B. icacls file /grant write :(D, WDAC) C. icacls file /grant delete :(D, WDAC) D. icacls file /grant administrator:(D, WDAC) 70-642 Objective 4.1: Configure a file server 12. Which of the following will protect files and folders if an attacker removes the hard disk and places it in another computer? A. NTFS B. IPSec C. EFS D. None of the above 70-642 Objective 4.1: Configure a file server
6
144
MCTS: Windows Server 2008 70-642 Q&A
13. Which of the following options from the EFS Properties dialog box will prevent the use of software certificates for EFS if it is checked? A. File Encryption Using Encrypting File System (EFS) B. Encrypt the Contents of the User’s Documents Folder C. Require a Smart Card for EFS D. Create Caching-Capable User Key From Smart Card 70-642 Objective 4.1: Configure a file server 14. Which of the following Group Policy settings will encrypt offline files? A. Computer Configuration\Policies\Administrative Templates\Network\Offline B. Computer Configuration\Policies\Administrative Templates\Network\Offline Encrypt the Offline Files Cache C. Computer Configuration\Policies\Administrative Templates\Network\Offline Allow Indexing of Encrypted Files D. Computer Configuration\Policies\Administrative Templates\Network\Offline for Offline Files 70-642 Objective 4.1: Configure a file server
Files\EFS Files\ Files\ Files\EFS
15. If you want to disable the ability to index encrypted files, which Group Policy setting would you use? A. Computer Configuration\Policies\Administrative Templates\Network\Offline Files\ Encrypt the Offline Files Cache B. Computer Configuration\Policies\Administrative Templates\Windows Components\ Search\Allow Indexing of Encrypted Files C. Computer Configuration\Policies\Administrative Templates\Network\Offline Files\EFS for Offline Files D. Computer Configuration\Policies\Administrative Templates\Windows Components\Search\Allow Indexing with EFS 70-642 Objective 4.1: Configure a file server
Chapter 6
Configuring File and Print Services
145
16. Match the following roles from the Select Role Services page with their uses. Role File Server Resources Manager Services for Network File System File Server Windows Search Service Windows Server 2003 File Services Distributed File System Role
Use Allows the use of the Share and Storage Management snap-in. Enables the sharing of files using the DFS namespace. Will install tools for creating storage reports and configuring quotas. Allows you to connect to the UNIX client computers that use FS for file sharing. Allows for faster searching. Gives compatibility for computers running Windows Server 2003.
70-642 Objective 4.1: Configure a file server 17. You want to make it so a server can use the Share and Storage Management snap-in.Which role should you add? A. File Server B. File Server Resources Manager C. Services for Network File System D. Windows Search service 70-642 Objective 4.1: Configure a file server 18. You want to install tools to your server that will allow you create storage reports, configure quotas, and define file-screening policies. Which role should you assign to get these results? A. File Server B. Services for Network File System C. File Server Resources Manager D. Windows Search Service 70-642 Objective 4.1: Configure a file server
6
146
MCTS: Windows Server 2008 70-642 Q&A
19. Which of the following Windows Server 2008 technologies would you utilize to control file access on a file server while Windows is running? Select the best answer. A. DFS B. EFS C. NTFS D. All of the above 70-642 TS Objective 4.1: Configure a file server 20. Which of the following Windows Server 2008 technologies would you utilize to control file privacy on a file server? A. DFS B. EFS C. NTFS D. All of the above 70-642 TS Objective 4.1: Configure a file server 21. Which of the following Windows Server 2008 technologies would you utilize to provide redundancy on a file server? A. DFS B. EFS C. NTFS D. Quotas 70-642 TS Objective 4.1: Configure a file server 22. Which of the following Windows Server 2008 technologies would you utilize to provide replication between file servers? A. DFS B. EFS C. NTFS D. None of the above 70-642 TS Objective 4.1: Configure a file server 23. Which of the following Windows Server 2008 technologies would you utilize to control file space utilization on a file server? A. DFS B. EFS C. NTFS D. Quotas 70-642 TS Objective 4.1: Configure a file server
Chapter 6
Configuring File and Print Services
147
24. Which of the following Windows Server 2008 technologies would you utilize to recover from file corruption on a file server? A. DFS B. Shadow copies C. EFS D. NTFS 70-642 TS Objective 4.1: Configure a file server 25. The NTFS file system provides default permissions for three different file types.Which of the following is NOT one of the three file types? A. User files B. System files C. Windows files D. Program files 70-642 TS Objective 4.1: Configure a file server 26. Which of the following NTFS basic file types gives users full control of their own files? A. User files B. System files C. Program files D. All of the above 70-642 TS Objective 4.1: Configure a file server 27. Which of the following NTFS basic file types gives users read permission but not write permissions to files of this type? A. User files B. System files C. Program files D. All of the above 70-642 TS Objective 4.1: Configure a file server 28. Which of the following NTFS basic file types gives users read and run access? A. User files B. System files C. Program files D. Windows files 70-642 TS Objective 4.1: Configure a file server 29. Which of the following NTFS basic file types gives administrators full control of files? A. User files B. System files C. Program files D. All of the above 70-642 TS Objective 4.1: Configure a file server
6
148
MCTS: Windows Server 2008 70-642 Q&A
30. What are the default user access permissions to any new folder created in the root of a disk? A. Full control B. Run C. Read D. No access 70-642 TS Objective 4.1: Configure a file server 31. What are the default administrator access permissions to any new folder created in the root of a disk? A. Full control B. Run C. Read D. No access 70-642 TS Objective 4.1: Configure a file server 32. Which of the following is a valid permission that an administrator may need to assign to users or groups to control file or folder permissions on a file server? A. List Folder Contents B. Read and Execute C. Write D. Modify E. Full control F. All of the above 70-642 TS Objective 4.1: Configure a file server 33. Which of the following permissions is designed to give a user the rights to view and open the contents of a folder and run an application? Select the best answer. A. List folder contents B. Read C. Write D. Read and Execute E. Modify 70-642 TS Objective 4.1: Configure a file server 34. Where is the Security tab located that allows you to edit Permissions? A. Advanced tab B. Control Panel C. File or Folder Properties dialog box D. All of above 70-642 TS Objective 4.1: Configure a file server
Chapter 6
Configuring File and Print Services
149
35. Marsha is a member of the marketing group.The marketing group has full control of the marketing shared folder on the FILE01 file server. Which of the following will remove the full control permission from Marsha? A. Marsha becomes a member of the sales group, which has Read permission to the marketing share B. Marsha is assigned Read and Execute permission on her user account C. Marsha becomes a member of the Public Group, which has Deny permission to the Marketing share D. Any of the above will remove Marsha’s full control permission 70-642 TS Objective 4.1: Configure a file server 36. There are six file and seven standard folder permissions that can be applied to both users and groups. If the standard permissions do not meet your needs, there are a dozen or so more permissions available. How do you assign special permissions? A. From the Special tab of the File or Folder Properties dialog box B. From the Security tab C. From the Advanced tab D. From the Advanced button on the Security tab 70-642 TS Objective 4.1: Configure a file server 37. NTFS file permissions can be assigned from a command prompt or can be scripted. Which of the following commands would you use? A. incan B. ical C. icals D. Permissions cannot be assigned at the command prompt 70-642 TS Objective 4.1: Configure a file server 38. In which of the following situations are NTFS permissions in effect? A. When logged on locally B. When accessing folders across the network C. On an Active Directory domain D. All of the above 70-642 TS Objective 4.1: Configure a file server 39. Which of the following techniques can someone use to successfully access NTFS protected files or folders? A. Remove the hard disk containing the files and install it on a different computer B. Reinstall the operating system from the actual physical computer where the files or folders are located C. Boot the computer on a different operating system with a boot disk D. All of the above 70-642 TS Objective 4.1: Configure a file server
6
150
MCTS: Windows Server 2008 70-642 Q&A
40. Which of the following techniques can someone use to successfully access EFS protected files or folders? A. Remove the hard disk containing the files and install them on a different computer B. Reinstall the operating system from the actual physical computer where the files or folders are located C. Boot the computer on a different operating system with a boot disk D. None of the above 70-642 TS Objective 4.1: Configure a file server 41. Where do you find the EFS encryption option? A. From the Advanced button on the General tab B. On the Special tab of the File or Folder Properties dialog box C. On the Security tab D. On the Advanced tab 70-642 TS Objective 4.1: Configure a file server 42. When EFS is enabled on certain files, how do those files appear when viewed in Windows Explorer? A. Normal looking B. Blue C. Green D. Pink 70-642 TS Objective 4.1: Configure a file server 43. The first time EFS is enabled on a standalone computer, you may be prompted to back up your key. Do you need to back up the key? A. Keys are stored in AD and don’t need to be backed up B. Backup keys are important in case you lose your password C. Backup keys are important for standalone computers D. EFS files can be accessed by copying them to another computer 70-642 TS Objective 4.1: Configure a file server 44. If you need to share an EFS protected file on the network, you will have to do which of the following? A. You cannot share EFS encrypted files B. Open the Properties box, select Advanced, and then add the shared user to the User Access dialog box C. Open the Properties box, select Advanced, and then select Share D. Nothing 70-642 TS Objective 4.1: Configure a file server
Chapter 6
Configuring File and Print Services
151
45. Which of the following Windows operating systems have the File Services server role? A. Windows Server B. Windows Server 2000 C. Windows Server 2003 D. Windows Server 2008 E. All of the above 70-642 TS Objective 4.1: Configure a file server 46. Which of the following File Services roles will support connectivity for UNIX clients? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 47. Which of the following File Services roles will allow you to use the Share and Storage Management snap-in? A. DFS B. File Server C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 48. Which of the following File Services roles will prompt you to configure a namespace to utilize it? A. DFS B. File Server C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 49. Which of the following File Services roles will support configuring disk quotas? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server
6
152
MCTS: Windows Server 2008 70-642 Q&A
50. Which of the following File Services roles will prompt you to enable indexing on the local disks? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 51. Which of the following File Services roles will support connectivity for Windows Server 2003 file servers? A. File Server B. DFS C. File Server Resources Manager D. Windows Server 2003 File Services E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 52. Which of the following File Services roles will install tools for generating storage reports? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 53. Which of the following File Services roles will allow files to be replicated between servers? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 54. Which of the following File Services roles will support connectivity for clients that use Network File System (NFS) for file sharing? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server
Chapter 6
Configuring File and Print Services
153
55. Which of the following File Services roles will support defining file screening policies? A. File Server Resources Manager B. File Server C. DFS D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 56. Which of the following File Services roles is not intended for enterprise use? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.1: Configure a file server 57. You are adding the File Services roles to your Windows Server 2008 machine.Where do you begin? A. Open Server Manager B. Use the command prompt C. Open the MMC D. Any of the above 70-642 TS Objective 4.1: Configure a file server 58. Which of the following is NOT a File Services role? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. IIS 70-642 TS Objective 4.1: Configure a file server 59. Disk quotas are used to monitor user disk space usage. Which of the following can be used to configure disk quota in Windows Server 2008? A. Quota Management console B. The dirQuota command C. Group Policy D. Windows Explorer E. All of the above 70-642 TS Objective 4.5: Manage disk quotas
6
154
MCTS: Windows Server 2008 70-642 Q&A
60. Which disk quota tool is recommended for Windows Server 2008? A. Quota Management console B. DirQuota C. Group Policy D. Windows Explorer 70-642 TS Objective 4.5: Manage disk quotas 61. Which of the following Windows Server 2008 Services roles will you install to use the Quota Management console? A. File Server B. DFS C. File Server Resources Manager D. Services for Network File Systems E. Windows Search Service 70-642 TS Objective 4.5: Manage disk quotas 62. The Quota Management console provides which of the following to manage disk storage in Windows Server 2008? A. Hard Quota B. Extensions C. E-mail warning D. Soft Quotas E. All of the above 70-642 TS Objective 4.5: Manage disk quotas 63. The Quota Management console is based on standard templates as examples but custom templates can be created. What is the first step in creating a custom template? A. Download the custom template B. In the Quota Template dialog box, click New Custom Template C. Copy a standard template D. Any of the above 70-642 TS Objective 4.5: Manage disk quotas 64. Which of the following defines what happens when a user reaches a quota or percentage of a quota? A. Threshold B. Alert C. Critical Warning D. Step 70-642 TS Objective 4.5: Manage disk quotas
Chapter 6
Configuring File and Print Services
155
65. Which of the following are options on the Add Threshold dialog box? A. Email B. Command C. Event log D. Report E. All of the above 70-642 TS Objective 4.5: Manage disk quotas 66. Disk quotas can be configured at the command prompt. Which of the following commands will create a 200MB hard limit on D:\data? A. quota add /path:D:\data /Limit:200MB/Hard B. dirQuota add/path:D:\data /Limit:200MB/Hard C. dirQuota Quota add /path:D:\data /Limit:200MB/Hard D. dirQuota Quota add/path:D:\data /Limit:200MB/Type:Hard 70-642 TS Objective 4.5: Manage disk quotas 67. To obtain information on using the dirQuota command, which of the following commands would you use? A. dirQuota help B. dirQuota /help C. dirQuota /? D. Any of the above will work 70-642 TS Objective 4.5: Manage disk quotas 68. When using disk quotas in Windows Explorer, events are logged when the “Log Event When a User Exceeds their Quota Limit” check box is selected.What is the event ID for this in the system log? A. 36 B. 37 C. 63 D. 64 70-642 TS Objective 4.5: Manage disk quotas 69. When using disk quotas in Windows Explorer, events are logged when the “Log Event When a User Exceeds their Warning Level” check box is selected. What is the event ID for this in the system log? A. 36 B. 37 C. 63 D. 64 70-642 TS Objective 4.5: Manage disk quotas
6
156
MCTS: Windows Server 2008 70-642 Q&A
70. Disk quotas can be enforced with Group Policy settings in Group Policy Manager. Which one of the following policies turns on disk quotas? A. Default Quota Limit and Warning Level B. Log Events When Quota Limit Exceeded C. Enforce Disk Quota Limit D. Enable Disk Quotas 70-642 TS Objective 4.5: Manage disk quotas 71. Disk quotas can be enforced with Group Policy settings in Group Policy Manager. Which one of the following policies defines the quota limit? A. Default Quota Limit and Warning Level B. Log Events When Quota Limit Exceeded C. Enforce Disk Quota Limit D. Enable Disk Quotas 70-642 TS Objective 4.5: Manage disk quotas 72. Disk quotas can be enforced with Group Policy settings in Group Policy Manager. Which one of the following policies will deny disk space to users exceeding quota limits? A. Default Quota Limit and Warning Level B. Log Events When Quota Limit Exceeded C. Enforce Disk Quota Limit D. Enable Disk Quotas 70-642 TS Objective 4.5: Manage disk quotas 73. Sharing a folder from Windows Explorer allows users on other computers to access the share locally on their computers.Which of the following permissions found in the Windows Server 2008 File Sharing dialog box provides just read and write access? A. Reader B. Contributor C. Co-owner D. Owner 70-642 TS Objective 4.1: Configure a file server 74. The Provision a Shared Folder wizard allows you to do which of the following by following the steps in the wizard? A. Configure quotas B. Set NTFS permissions C. Set share protocols D. Filter file types E. Publish to DFS F. All of the above 70-642 TS Objective 4.2: Configure Distributed File System
Chapter 6
Configuring File and Print Services
157
75. Client computers can connect to shared folders across the network with the following format: \\server_name\share_name. Which of the following best describes this format? A. DFS B. Net share C. UNC D. SMB 70-642 TS Objective 4.2: Configure Distributed File System 76. What is the main advantage of an organization utilizing the Distributed File System? A. It provides for hundreds of file servers B. It allows you to connect to a share with a UNC path C. It provides a single namespace and single drive letter for all shares D. All of the above 70-642 TS Objective 4.2: Configure Distributed File System 77. If your Active Directory domain is DTILearning.com, which of the following would you use to create the DFS namespace? A. DTILearning.local B. DFS.DTILearning C. \\dtilearning\dts D. \\dtilearning.com\dfs_name 70-642 TS Objective 4.2: Configure Distributed File System 78. After adding the DFS role to your Windows Server 2008 computer, which of the following names will you need to enter into the DFS New Namespace wizard? A. Server name B. Share name C. Domain name D. All of the above 70-642 TS Objective 4.2: Configure Distributed File System 79. After the DFS service is installed and the namespace is created, the DFS settings are adjusted using the Namespace Properties dialog box. Which of the Namespace Properties dialog box tabs allows you to enter a description for the namespace? A. General B. Referrals C. Advanced D. None of the above has that option 70-642 TS Objective 4.2: Configure Distributed File System
6
158
MCTS: Windows Server 2008 70-642 Q&A
80. After the DFS service is installed and the namespace is created, the DFS settings are adjusted using the Namespace Properties dialog box. Which of the Namespace Properties dialog box tabs allows you to change how clients access the root of the namespace? A. General B. Referrals C. Advanced D. None of the above 70-642 TS Objective 4.2: Configure Distributed File System 81. After the DFS service is installed and the namespace is created, the DFS settings are adjusted using the namespace properties dialog box. Which of the Namespace Properties dialog box tabs allows you to choose from querying a PDC or using the closest DC for namespace changes? A. General B. Referrals C. Advanced D. None of the above has that option 70-642 TS Objective 4.2: Configure Distributed File System 82. The Referrals tab of the DFS Properties dialog box controls how multiple targets in a referral list are ordered.Which of the following options will direct DFS clients to the closest target computer? A. Random Order B. Lowest Cost C. Exclude Targets Outside of Client Site D. None of the above 70-642 TS Objective 4.2: Configure Distributed File System 83. One of Windows Server 2008 backup capabilities is the shadow copies feature.Which of the following best describes its main purpose? A. Network backup capability B. Off-site backups C. Allows backup software access to file in use D. All of the above 70-642 TS Objective 4.3: Configure shadow copy services 84. On which tab of the Managing Shadow Copies dialog box would you set the size limits for the shadow copy? A. Shadow Copies dialog box B. Select a Volume list C. Settings D. Schedule 70-642 TS Objective 4.3: Configure shadow copy services
Chapter 6
Configuring File and Print Services
159
85. If an application updates a file after a shadow copy is made, the old file is replaced with the new one. A. True B. False 70-642 TS Objective 4.3: Configure shadow copy services 86. From the command prompt, which command would you use to view available shadow copies and the time they were created? A. list shadows B. vssadmin shadowsstorage C. vssadmin list shadows D. vassadmin listshadowsstorage 70-642 TS Objective 4.3: Configure shadow copy services 87. Which command would you use at the command prompt to view the storage currently allocated to shadow copies? A. vssadmin list Original Volume B. vssadmin list shadowstorage C. vssadmin show Originating Machine D. vssadmin view Shadow copy volume 70-642 TS Objective 4.3: Configure shadow copy services 88. Windows Backup creates an image in a folder in the root of the backup media. What is that folder called? A. WindowsBackup B. WindowsImage C. WindowsImagBkup D. WindowsImageBackup 70-642 TS Objective 4.4: Configure backup and restore 89. The Windows Backup disk images are in the same format as the Complete PC Backup files created in Windows Vista. What is the naming format for the .vhd disk image? A. "Backup
