4. You are the network administrator for your company. The network consists of a single Active Directory domain.All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company's written security policy states that all network connections with these servers must be encrypted byusing an IPSec policy. You place the two servers inan organizationalunit (OU) named SecureServers.You configure a Group Policyobject (GPO) that requires encryptionfor all connections. You assignthe GPO to the SecureServers OU. You need to verify that users are connecting to the twoservers by using encrypted connections.What should you do?
A. Run the net viewcommand.
B. Run the gpresult command.
C. Use the IPSecurity Monitor console.
D. Use the IPSec Policy Management console.
Answer: C
5.You are the network administrator for your company.The network consists of a single Active Directorydomain. All servers runWindows Server 2003. One domain controller onthe network is configured as acertification authority (CA). The network contains a Web server that runs IIS 6.0 and hosts a secure intranet site. The server also hosts other sites that do not requireHTTPS. You configure a server certificate on the IIS server by using a certificatefrom your internal CA. All users are required to connect to the intranetsite byusing HTTPS. Some users report that they cannot connect tothe secureintranet site by using HTTPS. You confirm that all users can connect to the nonsecure sites hosted on the Web server byusing HTTP. You want to view the failedHTTPS requests. What should you do?
A. Review the log files created by IIS on the Web server.
B. Review the security log in Event Viewer on the Web server.
C. Review the security log in Event Viewer on the CA.
D. Review the contents of the Failed Requests folder on the CA.
Answer: A
6. You are the network administrator for your company. The network consists of a single Active Directory domain. All servers runWindows Server 2003. The network contains a Web server thatruns IIS 6.0 and hosts a secure intranet site. All users are required to connect to the intranet site by authenticating and using HTTPS. However,becausean automated Web applicationmust connect to the Web site by using HTTP, you cannot configure the intranet site to require HTTPS. You need to collect information about which users are connecting to the Web site by using HTTPS. What should you do?
A. Check the application log on theWeb server.
B. Use Network Monitor to capture network traffic on the Web server.
C. Review the log files created by IIS on the Web server.
D. Configure a performance log to capture allWeb service counters. Review the performance log data.
Answer: C
7. You are the network administrator for your company.The network consists of a single Active Directorydomain. All servers runWindows Server 2003. The network contains a Web server named Server1 that runs IIS 6.0 and hosts a secure Web site. The Web site is accessible from the intranet, as well as from the Internet. All users must authenticate when they connect to Server1.All users on the Internetmust use a secure protocol to connect to the Web site. Users on the intranet do not need touse a secure protocol. You need verify that all users are using a secure protocol to connect toServer1 from the Internet. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Monitor the events in the application log on Server1.
B. Monitor the events in the security log on Server1.
C. Monitor the Web server connections on Server1 byusing a performance log.
D. Monitor network traffic to Server1 byusing Network Monitor.E. Monitor the IIS logs onServer1.
Answer: D, E
8. You are the administrator of an Active Directory domain. All servers runWindows Server 2003. All clientcomputers runWindows XPProfessional.A server named Filesrv1 contains confidential data that is only available to users in the human resources (HR) department. You want all computers in the HR department to connect to Filesrv1 by using an IPSec policy.You assign theServer (Request Security)
IPSec policy to Filesrv1. Using Network Monitor, you notice that some computers in the HR department connect to Filesrv1 without using the IPSec policy.You need to configure Filesrv1 to ensure that all computers connect to it by using the IPSec policy.What should you do?
A. Assign the Secure Server (Require Security) IPSec policy.
B. Assign the Client (Respond Only) IPSec policy.
C. Unassign the Server (Request Security) IPSec policy.
D. Restart the IPSec Services service.
Answer: A
9. You are the network administrator for your company. All servers run Windows Server 2003.You configure the Routing and Remote Access service on a server named Server2. Server2 is connected to a modem pool and supports eight simultaneous inbound connections.You instruct remote users to dial in to Server2from their home computers.The company's written business policy states that the only client computer operating systems that should besupported for dialup access are Windows 95, Windows 98, Windows 2000 Professional, and Windows XPProfessional.You need to configure the remote access
policy to support the most secure authentication methods possible.Youwant to enable onlythe necessary authentication methods based on the supported client computers that will be connecting. Which authentication method or methods should you enable? (Choose all that apply.)
A. PAP
B. SPAP
C. CHAP
D. MSCHAPVersion1
E. MSCHAPVersion 2
Answer: D, E
10. You are the administrator of a Windows Server 2003computer named Server1.The networkcontains another Windows Server 2003 computer named Server2 thathas the DNS and WINS services installed.
Two hundred Windows 2000 Professional computers regularly connect to Server1 to access file and print resources. Administrators report that network traffic has increased and that response times for requests
for network resources on Server1 have increased. You need to identify whether Server1 is receiving requests for resources through NetBIOS broadcasts. What should you do?
A. Use Network Monitor to capture traffic between Server1 and all client computers.
B. Use Network Monitor to capture traffic between Server1 and Server2.
C. Monitor EventViewer for Net Logon error or warning events.
D. Run the tracert command on Server1.
Answer: A
11. You are the administrator of aWindows Server 2003 computer named Server1. Server1 is an FTP server located inthecompany's internal network.Administrators report an increased amount of FTP traffic to Server1.You need to configure Server1 to achieve the following goals:Identify the media access control (MAC) address of any computer that is performing FTP transfers from Server1. Find out the exact FTP commands that were executed. Ensure that you donot disruptthe operation of Server1.What should you do?
A. Configure a performance alert to write an event tothe application event log whenever the number ofestablished FTP connections exceeds 1.
B. Use a Network Monitor filter tocaptureIP traffic from any computer to Server1.
C. Run the finger command on Server1 to identify the source of the FTP requests.
D. Run the arp command on Server1 to identify the source of the FTP requests.
Answer: B
12. You are the administrator of anActive Directory domain. The network contains a Windows Server 2003domain controller named Server1.Users report that they experience intermittent delayswhen they log on to Server1. Administrators report that replication attempts between Server1 and other domain
controllers are occasionallydelayed.You need to verify the cause of the intermittent connection delays to Server1.You also need to find out whetherthe problem is related to a hardware deficiency on Server1.You need to track these delays over a period of one day.What should you do first?
A. Run the netdiag /verbose command to perform a network diagnostic test on Server1.
B. Run the replmon command to view the Active Directory replication status on Server1.
C. Use Network Monitor to view the network traffic packet contents between Server1 and all other computers.
D. Create a System Monitor counter to track the queue lengths on the network adapter on Server1.
Answer: D
