70-294 Finanl Totatl

Question
4 out of 4 points
1
You are the network administrator of Coho Vineyard. There are three domain controllers in your
domain. The Domain Name System (DNS) structure for your domain is maintained on two
computers running Microsoft Windows Server 2003 that are configured as member servers.
You discover several replication error messages in the Event Viewer. Some of the messages
indicate that the bridgehead server in Site01 is having trouble making a connection to the
bridgehead server in Site02. You’d like to check your replication topology. Furthermore, you
need to verify that your domain controllers in each site are able to properly register their records
with the DNS server. Which of the following utilities can help you to perform these tasks?
(Choose three.)
Selected
Answers: a. Replmon
c. Repadmin
e. Dcdiag
Correct Answers:
a. Replmon
c. Repadmin
e. Dcdiag
Question 4 out of 4 points

2
You manage a network with a single Active Directory domain and five Active Directory sites.
The business opens two new locations. The computers that will function as domain controllers
at those sites are already in place. However, these computers are configured as member
servers running Windows Server 2003 Standard Edition. You plan to create separate site
structures for these locations. When these computers are installed, you want to be sure that
they are automatically added to the appropriate site. What tasks must you complete before the
computers are installed as domain controllers? (Choose two.)
Selected
Answers: Create sites for the new location.
Create new subnets for the new location.
Correct Answers:
Create sites for the new location.

3
You are sent to diagnose a replication issue in the Coho Vineyard network. DC1,
DC2, DC3, and DC4 are domain controllers on the network. Domain Name
System (DNS) is Active Directory–integrated and set to replicate to all servers in
the forest. DC1 and DC3 are global catalog servers. All domain controllers run the
DNS Server service. The Active Directory infrastructure for Coho Winery is as
shown in the following figure.
The network administrator has noticed that there are some differences between the
partitions that are available on each domain controller. Which partition do you
expect to be different between DC2 and DC4? (Choose two.)
Exhibit.jpg
Selected
Answer: c.
Domain naming context (NC)
Correct Answer:
c.

4
How often does the knowledge consistency checker (KCC) run?
Selected
Answer: Every 15 minutes
Correct Answer:
Every 15 minutes

5
What does the multi-master replication model of Windows Server 2003 require?
Selected
Answer: All domain controllers participate in the replication process.
Correct Answer:
All domain controllers participate in the replication process.

6
Recently two new Windows 2003 Domain Name System (DNS) Servers were installed on the
network, replacing the previous Windows 2000 DNS Servers. Currently, the network supports
3000 client computers. Two thousand users in the organization are mobile and connect with
laptops to the network. You receive a call from the network administrator of the help desk. He
tells you the results from performing an Nslookup indicate that the DNS server has several
records for systems that are no longer on the network. He informs you that this issue is
causing resource access issues. What should you do to correct this issue?
Selected
Answer: Configure and enable aging and scavenging.
Correct Answer:
Configure and enable aging and scavenging.

7
Which of the following are valid ways to launch the Active Directory Installation Wizard?
(Choose two.)
Selected
Answers: Use Add Or Remove Programs in Control Panel.
Use Dcpromo.exe.
Correct Answers:
From the Manage Your Server Web page.
Use Dcpromo.exe.

8
You are the network administrator for Coho Vineyard and Winery. You’ve just finished
installing an Active Directory domain named cohovineyardandwinery.com. Both the winery and
vineyard are in the same physical location and on the same local area network (LAN). You
expect to have a maximum of 150 client computers on your domain. Your manager tells you
there is a problem with the name you’ve created. The board of directors has informed him that
the domain name is too long. They want you to use the name cohowinery.com. Your manager
wants to be able to use the cohovineyard.com domain name and suffix for his e-mail address
and logon. What solution can you provide to incorporate the use of both cohovineyard.com
and cohowinery.com to meet these requests? (Choose three.)
Selected
Answers: Rename the forest root domain to cohowinery.com.
Configure an additional user principal name (UPN) suffix of

cohovineyard.com.
Configure your manager’s UPN suffix for cohovineyard.com.
Correct Answers:
Rename the forest root domain to cohowinery.com.
Configure an additional user principal name (UPN) suffix of

cohovineyard.com.
Configure your manager’s UPN suffix for cohovineyard.com.

9
You are the administrator of a small network. You recently installed a new Windows 2003 DNS
server. A network user calls to tell you that he is receiving an error report from a computer with
Internet Protocol (IP) address 10.0.0.200. You are not familiar with that IP address. You issue
a ping –a 10.0.0.200 to attempt to resolve the host name. The ping does not return a host
name in the reply. Later, you locate this computer and determine the appropriate host name.
You want to ensure that when you use the ping –a command to resolve the host name in the
future, the host name is returned. How could you accomplish this task? (Choose two.)
Selected
Answers: Add a reverse lookup zone.
Configure a Pointer (PTR) record for the 10.0.0.200 address that maps
the proper host name.
Correct

10
Andy’s user account resides in the west.london.cohowinery.com domain. He needs to gain
access to a shared folder in the south.paris.cohovineyard.com domain. Andy is able to do
this, but he complains that it seems to take a very long time to establish the shared folder
connection. Other users in the south.paris.cohovineyard.com domain require frequent access
to resources shared in the west.london.cohowinery.com domain. You want to reduce the
amount of time it takes for these users to access resources across the forest. What should
you do?
Selected
Answer: Create a global group named Shortcut-Users and make all users who
require access to the resources shared on these domains members of the
global group.
Correct
Answer: Create a shortcut trust between south.paris.cohovineyard.com and
west.london.cohowinery.com.

11
A global catalog is required for logon to be successful when the Microsoft Windows 2003
Server domain functional level is set to Windows 2000 mixed. True or False?
Selected
Answer: False
Correct Answer:
False

12
When universal group membership caching is enabled on a domain controller, what needs to
be available to provide the user’s universal group membership information the first time a
user logs on in a domain with a functional level of Windows 2000 native or later?
Selected
Answer: Global catalog server
Correct Answer:
Global catalog server

13
You work as a consultant for Tailspin Toys. There are three domain controllers in your
domain. The name of the domain is tailspintoys.com. All domain controllers are running
Microsoft Windows 2003 Server in Windows 2000 native functional level. The relative
identifier (RID) master has failed and is unrecoverable. Before you seize the RID master
using another domain controller, what should you do?
Selected
Answer: Use Repadmin to check for the latest updates.
Correct Answer:
Use Repadmin to check for the latest updates.

14
You are the network administrator of Proseware, Inc., which has a single Active Directory
domain named proseware.com. The domain mode is set to Windows 2000 native functional
level. There are three domain controllers on the network. The domain controllers all run
Microsoft Windows Server 2003, Enterprise Edition and are named ServerX, ServerY, and
ServerZ. ServerX holds all of the operations master roles for the domain. ServerY is
configured as the global catalog server. The network uses Active Directory–integrated
Domain Name System (DNS) and all domain controllers are DNS servers. There are 900
client computers on your network. All client computers run Microsoft Windows XP
Professional. You are configuring a new site for a new branch office. Three hundred client
computers are added to this location. A 512-Kbps wide area network (WAN) link connects
the branch office to the original company network. You move ServerZ to the branch office
location physically, as well as in Active Directory Sites and Services. The branch office
manager asks if you can increase the speed of user logons. What can you do to improve the
speed of user logons, without negatively affecting logon speed at the company’s original
location?
Selected
Answer: Enable universal group membership caching on the site associated
with the branch office.
Correct
Answer: Enable universal group membership caching on the site associated
with the branch office.

15
Which Flexible Single Master Operations (FSMO) role is forest-wide?
Selected
Answer: Domain naming master
Correct Answer:
Domain naming master

16
You are the administrator of an Active Directory domain named cohowinery.com. There are
five domain controllers in your domain. Two of the domain controllers run Windows 2000
Server and the other three run Windows NT Server 4.0. The three domain controllers that run
Windows NT Server 4.0 do not meet the hardware requirements to run Windows Server
2003. Client computers run Windows 2000 Professional, as well as Windows NT Workstation
4.0. You receive a memo from the corporate security team that says all of the domains in the
forest will be raised to Windows Server 2003 functional level at the end of the month. Select
only the essential change or changes that you must make in your current network
configuration before your network will be able to comply with the security team’s
requirements.
Selected
Answer: Remove or replace the existing Windows NT Server 4.0 domain
controllers. Upgrade the existing Windows 2000 Server domain controllers to
Windows Server 2003.
Correct

17
Which of the following is an object class created when Active Directory is installed?
Selected
Answer: Computer
Correct Answer:
Computer

18
Which of the following files exists on all domain controllers?
Selected
Answer: Ntds.dit
Correct Answer:
Ntds.dit

19
You are the network administrator of a single Active Directory domain. You have four domain
controllers on this domain. These servers are named Server01, Server02, Server03, and
Server04. Server01 is the first domain controller in your domain. Server02 is the second
domain controller in the domain. You also have 50 client computers running the Windows XP
Professional operating system. Which of the following hardware or software failures would
require you to reinstall Active Directory from backup?
Selected
Answer: Unrecoverable hardware problem that causes both Server01 and
Server02 to fail
Correct
Answer: Unrecoverable hardware problem that causes all domain controllers
to fail simultaneously

20
What is Microsoft’s recommended maximum number for nested organizational units (OUs)?
Selected
Answer: 10
Correct Answer:
10

21
Local user accounts are replicated to all domain controllers. True or False?
Selected
Answer: False
Correct Answer:
False

22
Which domain functional level will not allow you to convert a security group to a distribution
group?
Selected
Answer: Windows 2000 mixed
Correct Answer:
Windows 2000 mixed

23
Which utility can be used to set or modify a user’s password?
Selected
Answer: LDIFDE
Correct Answer:
LDIFDE

24
You want to use a batch file to create a user account named Nancy in an OU named
TeleSales. The user account password must be set to MSPress#1. Which of the following
commands will accomplish this goal?
Selected
Answer: dsadd user cn=Nancy,ou=TeleSales,dc=contoso,dc=com -pwd
MSPress#1
Correct
Answer: dsadd user cn=Nancy,ou=TeleSales,dc=contoso,dc=com -pwd
MSPress#1

25
You want to use a batch file to create a user named John in an organizational unit (OU)
named Sales that is part of the contoso.com domain. Which of the following commands will
accomplish this goal?
Selected
Answer: dsadd ou ou=sales,dc=contoso,dc=com user=john
Correct Answer:
dsadd user cn=john,ou=Sales,dc=contoso,dc=com
Question
0 out of 5 points
1
You are tasked with raising the forest functional levels for your organization to Windows 2003
interim. In order to raise the functional level, what must be true? (Choose all that apply.)
Selected
Answers: Must be a member of the Domain Admins Group.
The functional level of a forest can be raised only on the server that holds
the Primary Domain Controller (PDC) emulator role.
All domain controllers in the entire forest must be running an operating

system supported by the targeted forest functional level.
Correct
Answers: Must be a member of the Enterprise Admins Group.

The functional level of a forest can be raised only on a server that holds the
Schema Operations master role.
2
You are tasked with the planning and implementation of Active Directory within your
organization. Your company currently has a mixed environment of Windows NT servers and
Windows 2000 servers. You are currently working with a network consultant to assist in
planning an upgrade of all servers to Windows Server 2003 over the next six months. Until you
migrate to Windows Server 2003, what functional level should the domain and forest use,
respectively?
Selected
Answer: Windows 2000 native, Windows Server 2003
Correct Answer:
Windows 2000 mixed, Windows 2000

3
What is a logical object in Active Directory that is used to represent two or more IP subnets
connected by a fast link?
Selected
Answer: Site
Correct Answer:
Site

4
What functional level is required for cross-forest trusts?
Selected
Answer: Windows Server 2003
Correct Answer:
Windows Server 2003

5
What is the correct definition of a shortcut trust?
Selected
Answer: A manually created trust that allows child domains in separate trees to
communicate more efficiently by eliminating the tree-walking of a trust path
Correct

6
Selected
Answer: Unique name
Correct Answer:
Computer

7
Windows NT Server 4.0 do not meet the hardware requirements to run Windows Server 2003.
Client computers run Windows 2000 Professional, as well as Windows NT Workstation 4.0.
You receive a memo from the corporate security team that says all of the domains in the forest
will be raised to Windows Server 2003 functional level at the end of the month. Select only the
essential change or changes that you must make in your current network configuration before
your network will be able to comply with the security team’s requirements.
Selected
Correct

8
What is the default domain functional level for a Windows 2003 Server on a new installation?
Selected
Answer: Windows 2000 native
Correct Answer:
Windows 2000 mixed

9
You are planning to upgrade your company network. Currently users log on to each server in
order to access resources on those servers. The network contains three servers and 25 client
computers. All of the client computers on your network run Windows XP Professional. Several
of the client computers on the network share files. All client computers are configured in
workgroups. There are 10 workgroups configured on the existing network. Your manager
plans to purchase Windows Server 2003 to replace the existing servers on the network. You
want to implement a network administrative model that supports single sign-on. You also want
to ensure that users can be authenticated to all shared resources on the network, whether
they are located on the client computers or on the new servers. Your manager wants you to
ensure that the administrative model is fault tolerant. Furthermore, your company is expanding
rapidly and you want to implement an administrative model that can handle a 10-fold increase
in the number of client computers. What should you do?
Selected
Answer: Configure two Windows Server 2003 computers as domain controllers.
Configure the client computers as members of the domain.
Correct

10
Your directory integration team has decided that your domain must provide support to a user
password on the inetOrgPerson account. Currently, your domain functional level is Windows
2000 native. Which of the following must be true in order for you to support this new
requirement? (Choose three.)
Selected
Answers: You must raise the domain functional level to Windows Server 2003.
Correct
Answers: You must log on to the server that holds the Primary Domain Controller
(PDC) emulator role.
You must be a member of the Domain Admins group.
You must raise the domain functional level to Windows Server 2003.

11
You are the domain administrator for cpandl.com. The domain controllers for this domain,
named DC1 and DC2, are running Microsoft Windows Server 2003 Standard Edition. The
Domain Name System (DNS) servers for your domain, named DNS1 and DNS2, are running
Windows Server 2003 Enterprise Edition. DC1 and DC2 are configured to use DNS1 and
DNS2 as their Preferred and Alternate DNS servers. DNS1 and DNS2 are configured to
allow Zone Transfers To Any Server. You need to verify that the service location (SRV)
resource records were added appropriately to your DNS server. Which of the following steps
should you take? (Choose two.)
Selected
Answers: Issue the command ls –t SRV cpandl.com.
Correct Answers:
Run Nslookup on DC2.
Issue the command ls –t SRV cpandl.com.

12
As the network administrator for a small company your duties include troubleshooting and
maintaining the Domain Name System (DNS) server for cohowinery.com domain. You notice
a lot of records have been added to the DNS database during the last month. You realize
that some of these host records are from computers that are not members of your domain.
You must ensure that computers that are not members of your domain cannot add records to
the DNS database. You must also ensure that all domain member host records can be
updated only by the computers that registered the records. What should you do?
Selected
Answer: Scavenge stale resource records.
Correct Answer:
Allow Secure Dynamic Updates only.

13
Select all requirements for installing Windows Server 2003 Active Directory. (Choose two.)
Selected
Answers: 200 MB minimum free space
NTFS partition
Correct Answers:
NTFS partition
250 MB minimum free space

14
You are the network administrator for the Active Directory domain named wingtiptoys.com.
Your domain has three child domains and is the forest root domain for a separate domain
tree named litwareinc.com. Each domain has three domain controllers that host an Active
Directory-integrated zone for their own domain. Many of the domain controllers are
geographically separated from your domain. Users in other domains have noticed a
significant delay when accessing resources in your domain. You’ve noticed that there is
significant host name resolution activity across wide area network (WAN) links between your
domain and others. You’d like to reduce this traffic and improve user response times. What
should you do?
Selected
Answer: Configure all client computers in the wingtiptoys.com domain to use
litwareinc.com DNS servers as their Preferred and Alternate DNS servers.
Correct
Answer: Configure the wingtiptoys.com domain to be a ForestDNSZone.

15
You are the network administrator for Coho Vineyard. Your network is not connected to the
Internet, but all computers use the Transmission Control Protocol/Internet Protocol (TCP/IP).
The Windows Internet Name Service (WINS) is the only name resolution service in use on
your network. There are three domain controllers on your network. These domain controllers
are named DC1, DC2, and DC3. These domain controllers run Microsoft Windows NT Server
4.0. Most of your client computers run Microsoft Windows NT Workstation 4.0 or Microsoft
Windows XP Professional. Your network also includes three Windows NT Server 4.0 Remote
Access Service (RAS) servers. There are no plans to upgrade the RAS servers or the
Backup Domain Controller (BDC) servers at this time. DC1 is a Windows NT Server 4.0
Primary Domain Controller (PDC). You upgrade DC1 to run Microsoft Windows Server 2003
Standard Edition. Active Directory installation starts automatically. Which of the following
options must you choose during Active Directory installation to support your current network
environment? (Choose three.)
Selected
Answers: Choose the Windows Server 2003 interim forest functional level.
Correct Answers:
Choose the Windows Server 2003 interim forest functional level.
Select pre–Windows 2000 compatible permissions.
Install and configure Domain Name System (DNS) automatically.

16
Your company’s domain named contoso.com has a two-way external trust with a Windows
NT Server 4.0 domain named NWTRADERS. Contoso.com also has other trust relationships
in place with other companies. Your manager tells you he no longer wants your domain to
trust NWTRADERS, but he wants all other trust relationships to remain in place. What should
you do in Active Directory Domains And Trusts?
Selected
Answer: Remove the outgoing trust to NWTRADERS.
Correct Answer:
Remove the outgoing trust to NWTRADERS.

17
You are the network administrator for the cohowinery.com domain. You need to add a new
user principal name (UPN) suffix to your existing domain. You are currently logged on using
an account that is a member of Domain Users only. What must you do in order to add this
new UPN suffix? (Choose two.)
Selected
Answers: Log on using an account that is a member of the Enterprise Admins
group.
Use the Active Directory Domains And Trusts console.
Correct Answers:
Log on using an account that is a member of the Enterprise Admins
group.

18
You have just completed an installation of Active Directory and restarted the new domain
controller. When performing post-installation tasks, you notice that the application directory
partition was not created. How would you correct this problem?
Selected
Answer: Create default DNS application directory partitions in the Domain
Name System (DNS) Console.
Correct

19
You are an administrator for contoso.com. Contoso.com has two child domains,
west.contoso.com and east.contoso.com. The contoso.com domain is using the Windows
2000 native domain functional level. The west.costoso.com domain is in the Windows 2000
mixed domain functional level. The east.contoso.com domain is in the Windows Server 2003
interim domain functional level. You attempt to raise the functional level of the forest, but you
receive an error message. What must you do before you can raise the forest functional level?
(Choose two.)
Selected
Answers: Raise the domain functional level of contoso.com.
Create separate Active Directory sites for east.contoso.com and

west.contoso.com.
Correct
Answers: Raise the domain functional level of west.contoso.com.
Raise the domain functional level of east.contoso.com.

20
You are a network administrator for an Active Directory domain named fabrikam.com. Three
domain controllers named DC1, DC2, and DC3 are part of your network. These domain
controllers run Microsoft Windows Server 2003 Standard Edition and host the Active
Directory-integrated Domain Name System (DNS). There are 500 Microsoft Windows XP
Professional client computers on your network. There are also 40 Windows NT Workstation
4.0 client computers, as well as 50 Microsoft Windows 95 computers on the network. All of
the client computers have the latest service packs installed. Previously, your network had a
domain named FABRIKAM, which was hosted by computers that ran Microsoft Windows NT
Server 4.0. There were also two Windows Internet Name Service (WINS) servers that
provided name resolution services on the network. After upgrading to Windows Server 2003,
your help desk received a few calls from users unable to connect to resources. You log on
without a problem from a Windows XP Professional client computer to your domain. Which of
the following actions must you perform to ensure that all network users are able to access
resources? (Choose two.)
Selected
Answers: Upgrade the Windows 95 client computers.
Upgrade the Windows NT Workstation 4.0 client computers.

Correct
Ensure that all client computers list one of the domain controllers as
their preferred or primary DNS server.
Question
5 out of 5 points
1
You are installing a new Active Directory domain and forest. During this installation an error
message is displayed. The error message states that an Active Directory domain controller for
the domain contoso.com could not be contacted. Ensure that the DNS domain name is typed
correctly. All Internet Protocol (IP) settings for servers are statically configured. How would you
respond to this error message?
Selected
Answer: Install Active Directory–integrated DNS during the Active Directory
installation.
Correct Answer:
Install Active Directory–integrated DNS during the Active Directory
installation.

2
You are the network administrator for contoso.com, which is an Active Directory domain. All
domain controllers in the domain run Windows Server 2003 Standard Edition. There is also a
Kerberos realm and a Windows Server NT 4.0 domain on your network. The Kerberos realm is
named fabrikam.com and is hosted by UNIX servers. The Windows NT Server 4.0 domain is
named ADATUM. Members of the fabrikam.com realm need to access resources on
contoso.com. Users on ADATUM also need access to resources on contoso.com. What
should you do in order to provide access to these domain resources, without giving access to
resources that are not required? (Choose two.)
Selected
Answers: Configure a trust relationship so that ADATUM trusts contoso.com.
Configure a trust relationship so that contoso.com trusts

fabrikam.com.
Correct Answers:
Configure a trust relationship so that contoso.com trusts ADATUM.

fabrikam.com.

3
(Choose two.)
Selected Answers:
Raise the domain functional level of west.contoso.com.
Correct Answers:

4
The purpose of DomainDnsZones is to contain all Domain Name System (DNS) servers in the
forest. True or False?
Selected
Answer: True
Correct Answer:
False

5
Selected
Correct

6
maintaining the Domain Name System (DNS) server for cohowinery.com domain. You notice a
lot of records have been added to the DNS database during the last month. You realize that
some of these host records are from computers that are not members of your domain. You
must ensure that computers that are not members of your domain cannot add records to the
DNS database. You must also ensure that all domain member host records can be updated
only by the computers that registered the records. What should you do?
Selected
Answer: Allow Secure Dynamic Updates only.
Correct Answer:

7
The Domain Name System (DNS) must be installed prior to an Active Directory installation.
True or False?
Selected
Answer: False
Correct Answer:
False

8
A client is attempting to log on to the cohowinery.com domain. What service will provide the
client with the name of a domain controller in the domain?
Selected
Answer: DNS
Correct Answer:
DNS

9
Your company’s domain named contoso.com has a two-way external trust with a Windows NT
Server 4.0 domain named NWTRADERS. Contoso.com also has other trust relationships in
place with other companies. Your manager tells you he no longer wants your domain to trust
NWTRADERS, but he wants all other trust relationships to remain in place. What should you
do in Active Directory Domains And Trusts?
Selected
Correct Answer:

10
Selected
Correct Answers:

11
Selected

The functional level of a forest can be raised only on a server that holds
the Schema Operations master role.
Correct


12
Selected
Answer: 10
Correct Answer:
10

13
You upgrade your Primary Domain Controller (PDC) from Windows NT Server 4.0 to
Windows Server 2003. You have one Windows NT Server 4.0 Backup Domain Controller
(BDC) on your network. You successfully configure an Active Directory domain named
Contoso.com. You select a domain functional level of Windows Server 2003 Interim during
the upgrade process. You receive two computers named Server01 and Server02 from
another company. These computers run the Windows 2000 Server operating system. They
were configured as member servers on the other company’s domain. There are no trust
relationships configured between your company domain and the other company’s domain.
Your manager wants you to configure Server01 and Server02 as additional domain
controllers in your existing Active Directory domain. The manager does not want you to
modify the configuration or operating system on any one of the existing domain controllers.
What should you do? Choose three.
Selected
Answers: Raise the forest functional level to Windows Server 2003.
Install Server01 and Server02 as additional domain controllers for the

contoso.com domain.
Install Server01 and Server02 as new domain controllers for the

ad.contoso.com domain. Configure Server01 and Server02 as DNS servers for
the ad.contoso.com zone.
Correct
Answers: Upgrade Server01 and Server02 to Windows Server 2003.
Configure the Preferred DNS server option of Server01 and Server02 to

point to a Domain Name System (DNS) server that maintains or has access to
the service resource (SRV) DNS records for contoso.com.

contoso.com domain.

14
Selected

Correct

15
Selected
Answer: Computer
Correct Answer:
Computer

16
Selected
Answer: Ntds.dit
Correct Answer:
Ntds.dit

17
requirements.
Selected
Correct
18
Selected
Correct

19
planning an upgrade of all servers to Windows Server 2003 over the next six months. Until
you migrate to Windows Server 2003, what functional level should the domain and forest
use, respectively?
Selected
Answer: Windows 2000 mixed, Windows 2000
Correct Answer:

20
Which of the following is a directory service standard after which Active Directory was
modeled?
Selected
Answer: LDAP
Correct Answer:
LDAP
Question
0 out of 10 points
1
You manage the Wingtip Toys network, which has a single Active Directory domain.
Every domain controller runs Windows Server 2003. You are tasked to configure a
site structure for your network. All local area network (LAN) segments are high-
speed with plenty of available bandwidth. All wide area network (WAN) segments
have limited bandwidth. The network infrastructure is as shown in the following
figure.
ServerA, ServerB, and ServerC are domain controllers for your domain. You create
two sites named MainSite and BranchSite. Now you must place the domain controllers
in the appropriate site. How should you place the domain controllers? (Choose three.)
Exhibit.jpg
Selected
Answers: a. ServerA in MainSite
c. ServerB in BranchSite
d. ServerC in MainSite
Correct Answers:
a. ServerA in MainSite
b. ServerB in MainSite
e. ServerC in BranchSite

2
Selected
Correct Answer:
Every 15 minutes

3
How does Active Directory optimize intrasite replication? (Choose three.)
Selected
Answers: The knowledge consistency checker (KCC) creates a dual counter-rotating
ring for the replication path.
As the site grows, additional connection objects are created to ensure that
no more than three hops or routes exist between domain controllers.
When a change is marked as urgent, replication is triggered immediately,

bypassing the five-minute default.
Correct

4
You are a network administrator for the Baldwin Museum of Science. The company has an
Active Directory domain named baldwinmuseumofscience.com. The Baldwin Museum of
Science has three locations in the northwestern United States. You’ve been assigned to
create sites for each location: Seattle, Washington; Portland, Oregon; and Mt. Shasta City,
California. Each location has a router and a different Internet Protocol (IP) subnet. The Seattle
site has four domain controllers. Each of the other sites has two domain controllers. Seattle is
connected to Portland by a T-1 leased line. Portland is connected to Mt. Shasta City by a 512-
Kbps frame-relay connection.
You want to ensure that each location is able to replicate data to the other. You create new
sites and new subnets for each location: Seattle, Portland, and Mt. Shasta City. You also
create a site link that connects Seattle and Portland. What else must you do to configure a
functional site structure? (Choose two.)
Selected
Answers: Create a site link that connects the Default-First-Site-Name and Seattle.
Move the computer objects in Active Directory Sites And Services to the
appropriate sites.
Correct
Answers: Create a site link that connects Portland and Mt. Shasta City.
appropriate sites.

5
Exhibit.jpg
Selected
Answer: b. Schema
Correct Answer:
c.

6
How many different types of partitions are there within Active Directory?
Selected
Answer: 4
Correct Answer:
4

7
When a domain controller is added to a site, it becomes a part of which of the following?
Selected
Answer: Replica ring
Correct Answer:
Replica ring

8
Selected
Correct Answer:

9
"Ok, I wanted to give you a hint on this one: don't forget about the default-first-site and read
the question carefully. this is a good examples of the little details you need to pay attention to
on the cert"
You manage the fabrikam.com Active Directory domain. The network
infrastructure for this domain is shown in the following figure. Nothing beyond
the default site structure has been created. There are approximately 100 users at
each building and all wide area network (WAN) links are considered slow.
What is the minimum number of sites that would have to be added to reduce
replication traffic over the WAN links?
Exhibit.jpg
Selected
Answer: b. 2
Correct Answer:
b. 2

10
You are viewing the replication topology for your domain, woodgrovebank.com, as
shown in the figure.
All of the domain controllers run Windows Server 2003 and are in the same site.
Replication intervals have not been modified. If everything on your network is working
properly, what delay would you expect from the time when the user account is created
on DC1 to the time DC5 receives the added user account?
sitea.jpg
Selected
Answer: c. More than 10 minutes, but no more than 15 minutes
Correct Answer:
b. More than five minutes, but no more than 10 minutes
Question
10 out of 10 points
1
"Ok, I wanted to give you a hint on this one: don't forget about the default-first-site and read the
question carefully. this is a good examples of the little details you need to pay attention to on
the cert"
You manage the fabrikam.com Active Directory domain. The network infrastructure
for this domain is shown in the following figure. Nothing beyond the default site
structure has been created. There are approximately 100 users at each building and
all wide area network (WAN) links are considered slow.
Exhibit.jpg
Selected
Answer: b. 2
Correct Answer:
b. 2

2
You are a network administrator for Blue Yonder Airlines, which has just expanded to three
new locations. Each location has its own Internet Protocol (IP) subnet, router, domain
controller, and global catalog server. All sites utilize Microsoft Windows XP Professional or
Microsoft Windows 2000 Professional client computers. All domain controllers run the
Windows Server 2003 Standard Edition operating system. Domain controllers also run the
DNS Server service and have Active Directory–integrated DNS zones for the domain. You
want to create sites for each new location. You also want to ensure that users of that local site
can be authenticated within their local site. You want to be able to control when new directory
information is passed to each site. What must you do? (Choose three.)
Selected
Answers: Create sites and subnets for each new location.
Move the computer accounts for the appropriate domain controllers into
each site. Add a domain controller to the site that doesn’t have one.
Create organizational units (OUs) for each site and move appropriate
domain controller computer accounts into those OUs.
Correct
Configure client DNS server settings to contact the local domain controller
as their preferred DNS server.

3
You work as a network administrator for Contoso, Ltd., which has two offices named
Headquarters (HQ) and Branch. HQ is linked to the Branch office with a slow WAN link.
The network is configured with one domain named contoso.com in the forest. Nothing
beyond the default site structure has been created. Your manager hires a consultant to
create two sites between HQ and the Branch office.
The consultant completes the following tasks:
* Configurestwo Windows Server 2003 computers, named DC4 and DC5, as
domain controllers.
* Sends DC4 and DC5 from HQ to the Branch office.
* Renames the Default-First-Site-Name site to HQ.
* Creates a site named Branch.
* Creates a site link named HQ-Branch.
The consultant is unable to complete the task. Your manager assigns you
to ensure that Active Directory replication does not occur between the hours of
12:00 P.M. and 5:00 P.M. What tasks must you perform before you can make the
configuration change your manager has requested? (Choose two.)
Selected
Answers: Add service location (SRV) resource records to the DNS server
for all domain controllers in the HQ site.
Add a new domain to the forest and move the Branch site onto
the new domain
Correct
Answers: Move all the domain controllers in the regional office to the site
named Branch
Add subnets to the subnet container for both sites and associate
them with the appropriate site

4
When will automatic placement of domain controllers into their site occur?
Selected
Answer: When the site topology is established prior to installing domain
controllers
Correct Answer:
When the site topology is established prior to installing domain
controllers

5
Selected
Correct Answer:
Replica ring

6
Selected
Correct Answer:
Every 15 minutes

7
You are the network administrator of Coho Vineyard. There are three domain controllers in
your domain. The Domain Name System (DNS) structure for your domain is maintained on
two computers running Microsoft Windows Server 2003 that are configured as member
servers. You discover several replication error messages in the Event Viewer. Some of the
messages indicate that the bridgehead server in Site01 is having trouble making a connection
to the bridgehead server in Site02. You’d like to check your replication topology. Furthermore,
you need to verify that your domain controllers in each site are able to properly register their
records with the DNS server. Which of the following utilities can help you to perform these
tasks? (Choose three.)
Selected
Answers: e. Dcdiag
Correct Answers:
a. Replmon
c. Repadmin
e. Dcdiag

8
You are the system administrator for a sales company in the United Kingdom (UK) that
has three regional offices: north, Midlands, and south. Inside each office there is a
domain controller for the domain contoso.com. The domain has three sites, with one for
each regional office, named North, Mid, and South, respectively. There is a site link from
site North to site Mid named NM, a site link from South to Mid named SM, and a site link
from North to South named NS. Site link cost, frequency, and schedule are at their
default values.
You have been tasked with configuring the cost and frequency to control
replication to meet the following criteria:
* Create a configuration whereby the site links named NM and SM are used as the
preferred site links for replication.
* Replication should not occur more than once every four hours.
Which of the following tasks must you complete? (Choose two.)
Selected
Answers: Set the frequency to 120 on all site links
Set the cost to 50 on site links NM and SM.
Correct Answers:
Set the frequency to 240 on all site links
Set the cost to 240 on all site links

9
Selected
Answer: 4
Correct Answer:
4

10
California. Each location has a router and a different Internet Protocol (IP) subnet. The
Seattle site has four domain controllers. Each of the other sites has two domain controllers.
Seattle is connected to Portland by a T-1 leased line. Portland is connected to Mt. Shasta
City by a 512-Kbps frame-relay connection.
Selected
Move the computer objects in Active Directory Sites And Services to

the appropriate sites.
Correct

Question
10 out of 10 points
1
Selected
Correct Answer:
Replica ring

2
Selected
Correct Answers:

3
on the cert"
Exhibit.jpg
Selected
Answer: b. 2
Correct Answer:
b. 2

4
Selected
controllers
Correct Answer:
controllers

5
Selected
Answers: a. Replmon
c. Repadmin
e. Dcdiag
Correct Answers:
a. Replmon
c. Repadmin
e. Dcdiag

6
You are viewing the replication topology for your domain, woodgrovebank.com, as shown
in the figure.
sitea.jpg
Selected
Answer: b. More than five minutes, but no more than 10 minutes
Correct Answer:

7
Selected
Answer: 4
Correct Answer:
4

8
Selected
Correct

9
default values.
Selected
Correct Answers:

10
You are viewing the replication topology for your domain,

wideworldimporters.com, as shown in the following figure.
All of the domain controllers run Windows Server 2003 and are in the same
site. The replication intervals have not been modified. If everything on your
network is working properly, what delay would you expect from the time when
the user account is deleted on ServerA to the time ServerE receives the change?
Exhibit.jpg
Selected
Correct Answer:
c. More than 10 minutes, but no more than 15 minutes
Question
10 out of 10 points
1
Selected
Answer: False
Correct Answer:
False

2
You work as a local administrator for Wingtip Toys. Tailspin Toys is the main supplier of
merchandise sold by Wingtip Toys. Wingtip Toys hosts a domain named wingtiptoys.com.
Tailspin Toys hosts a domain named tailspintoys.com. These domains are in separate forests.
Tailspin Toys employees often work at the Wingtip Toys location and often request access to
e-mail and other resources. Your manager wants to allow users from Tailspin Toys to be able
to log on to their network from Wingtip Toys offices. There are five computers set up in a
conference room at Wingtip Toys for use by Tailspin Toys employees. What are the
requirements for the Tailspin Toys employees to be able to log on to their network resources
when visiting Wingtip Toys?
Selected
Answer: Create a universal group on the Tailspin Toys domain and enable universal
group membership caching. Then add all users on the domain to the universal
group.
Correct
Answer: Establish a cross-forest trust between the domains. Ensure there is a global
catalog on the tailspintoys.com domain. Employees at the Tailspin Toys
location log on using User Principal Name (UPN) credentials when at the
Wingtip Toys offices.

3
Which of the following is a Flexible Single Master Operations (FSMO) role that is specific to a
domain?
Selected
Answer: RID master
Correct Answer:
RID master

4
You are a network administrator for Trey Research. The network uses Active Directory and all
domain controllers run Microsoft Windows Server 2003, Enterprise Edition. There are five
domain controllers on your domain. All domain controllers are in the same site. There are
1,000 client computers on the network. All client computers run Microsoft Windows XP
Professional and are members of the Active Directory domain. You are considering opening a
new branch office for Trey Research. In preparation for this, one of your colleagues is testing
some experimental site configurations on a test network in a separate forest that has three
domain controllers. Several users have recently complained that the system time on their
computers is 15 minutes late and, although they’ve tried to reset it, the operating system
keeps changing the system time back to the incorrect time. Then you observe that the system
time on all of the computers on the network is 15 minutes late. You need to ensure that all of
the computers on your network have the correct system time. What should you do?
Selected
Answer: Configure the Primary Domain Controller (PDC) emulator with the
appropriate time. Set this computer to synchronize its clock with a reliable
external time source.
Correct

5
Selected
Correct Answer:

6
You work as a consultant for Coho Winery. All domain controllers are running Microsoft
Windows 2003 Server in Windows 2000 native functional level. There are three domain
controllers for the domain cohowinery.com. ServerA holds the Flexible Single Master
Operations (FSMO) roles for the domain and ServerB holds the FSMO roles for the forest. The
domain is using Active Directory–integrated Domain Name System (DNS). The DNS server
service is installed on ServerC. The IT administrator is running a script on ServerB to add
1000 user accounts. The script has been used successfully in the past. When he runs the
script, it fails. In the Directory Services event log, he finds Event 16651: The request for a new
account-identifier pool has failed. He calls you and reports the error message. He tells you that
ServerA has experienced a hard disk failure and is not recoverable. What can you do to allow
him to run the script?
Selected
Answer: Use ServerB to seize the PDC emulator.
Correct Answer:
Use ServerC to seize the domain-wide FSMO roles.

7
be available to provide the user’s universal group membership information the first time a user
logs on in a domain with a functional level of Windows 2000 native or later?
Selected
Correct Answer:

8
You maintain an Active Directory infrastructure for Margie’s Travel. There are four domain
controllers and three Active Directory sites. The domain uses Active Directory–integrated
Domain Name System (DNS). All domain controllers run Microsoft Windows Server 2003,
Standard Edition and are configured as DNS servers. Two domain controllers, named ServerA
and ServerB, are located in the company’s main site. The other two domain controllers are
named ServerC and ServerD. They are divided between the two branch sites. You configure a
custom application for each Active Directory site. The application is site aware and queries
domain controllers on port 3268 to gather information. The application uses DNS service
location (SRV) resource records to determine the location of domain controllers providing
services on port 3268. The application is not functioning as efficiently at the branch office
locations as it does in the main office location. How can you improve the performance of this
application?
Selected
Answer: Enable universal group membership caching for each branch site.
Correct Answer:
Configure a DNS server on a member server at each branch site.

9
What are the main functions of the global catalog?
Selected
Answer: Facilitation of searches for objects in the forest, resolution of User
Principal Names (UPN) and provision of universal group membership
information.
Correct
information.

10
You are the network administrator of The Phone Company network. The network has a single
Active Directory domain. There are four domain controllers named Server01, Server02,
Server03, and Server04. All domain controllers run Microsoft Windows Server 2003,
Standard Edition. The Primary Domain Controller (PDC) emulator, relative identifier (RID)
master, and domain naming master roles are all assigned to Server01. Server02 is assigned
as the infrastructure master. Server03 is assigned as the schema master. Server04 is
designated as a global catalog server. A consultant is trying to install Microsoft Exchange
2000 on your network. Although the consultant is using the default Administrator account for
the network, he is receiving an error message informing him that an operations master is not
available. Which server is most likely offline or otherwise unavailable?
Selected
Answer: Server03
Correct Answer:
Server03
Question
10 out of 10 points
1
When universal group membership caching is enabled on a domain controller, what needs to be
available to provide the user’s universal group membership information the first time a user logs
on in a domain with a functional level of Windows 2000 native or later?
Selected
Correct Answer:

2
Selected
Answer: False
Correct Answer:
False

3
Selected
Correct

4
domain?
Selected
Answer: RID master
Correct Answer:
RID master

5
You work as a consultant for Tailspin Toys. There are three domain controllers in your domain.
The name of the domain is tailspintoys.com. All domain controllers are running Microsoft
Windows 2003 Server in Windows 2000 native functional level. The relative identifier (RID)
master has failed and is unrecoverable. Before you seize the RID master using another
domain controller, what should you do?
Selected
Answer: Disconnect the other domain controllers from the domain.
Correct Answer:

6
Selected
information.
Correct
information.

7
You are a network administrator for Contoso. Contoso.com is an Active Directory domain. The
domain functional level is Windows 2000 native. There are three domain controllers named
ServerA, ServerB, and ServerC. All domain controllers are in the same site. ServerA holds all
operations master roles for the domain. ServerB is configured as a global catalog server.
Universal group membership caching is enabled for the site. All domain controllers run
Windows Server 2003, Standard Edition. You create a new user account for Ben Smith. Ten
minutes later, Ben attempts to log on and receives the error message that he is unable to log
on due to an account restriction. Amy is also a user on the network. Amy has been with the
company for five years. She is able to log on successfully. Assuming Ben’s account is
configured correctly, why might he be receiving this error message?
Selected
Answer: Replication has not yet occurred between ServerA and ServerB.
Correct Answer:
ServerB is unavailable.

8
Selected
Correct

9
Selected
Answer: Use ServerC to seize the domain-wide FSMO roles.
Correct Answer:

10
Selected
Correct Answer:
Question
10 out of 10 points
1
ServerZ. ServerX holds all of the operations master roles for the domain. ServerY is configured
as the global catalog server. The network uses Active Directory–integrated Domain Name
System (DNS) and all domain controllers are DNS servers. There are 900 client computers on
your network. All client computers run Microsoft Windows XP Professional. You are configuring
a new site for a new branch office. Three hundred client computers are added to this location. A
512-Kbps wide area network (WAN) link connects the branch office to the original company
network. You move ServerZ to the branch office location physically, as well as in Active
Directory Sites and Services. The branch office manager asks if you can increase the speed of
user logons. What can you do to improve the speed of user logons, without negatively affecting
logon speed at the company’s original location?
Selected
Answer: Enable universal group membership caching on the site associated with
the branch office.
Correct
the branch office.

2
Selected
Correct

3
You are the network administrator of the Wingtip Toys network. The network has a single
Active Directory domain. There are three domain controllers named ServerA, ServerB, and
ServerC. All domain controllers run Microsoft Windows Server 2003, Standard Edition.
ServerA is assigned as the Primary Domain Controller (PDC) emulator and relative identifier
(RID) master. ServerB is assigned as the infrastructure master and is the only global catalog
server for your network. ServerC is assigned as the domain naming master. ServerD is
assigned as the schema master. You are planning to add a child domain to your network.
What changes should you make to the way the operations master roles are assigned?
Selected
Answer: Transfer the PDC emulator role to ServerD.
Correct Answer:
Configure ServerC as the global catalog server, instead of ServerB.

4
application?
Selected
Answer: Configure a DNS server on a member server at each branch site.
Correct Answer:

5
Selected
Correct Answer:

6
domain?
Selected
Answer: RID master
Correct Answer:
RID master

7
Selected
Correct

8
Selected
Answer: False
Correct Answer:
False

9
Selected
Correct Answer:

10
You are the network administrator of The Phone Company network. The network has a
single Active Directory domain. There are four domain controllers named Server01,
Server02, Server03, and Server04. All domain controllers run Microsoft Windows Server
2003, Standard Edition. The Primary Domain Controller (PDC) emulator, relative identifier
(RID) master, and domain naming master roles are all assigned to Server01. Server02 is
assigned as the infrastructure master. Server03 is assigned as the schema master. Server04
is designated as a global catalog server. A consultant is trying to install Microsoft Exchange
Selected
Answer: Server03
Correct Answer:
Server03
Question
10 out of 10 points
1
By default, which objects are affected by the Default Domain Policy GPO settings?
Selected
Answer: All users and computers in the domain
Correct Answer:
All users and computers in the domain

2
You are the network administrator for Adventure Works. The Active Directory
structure is as shown in the following figure. All member servers and domain
controllers run Microsoft Windows Server 2003, Standard Edition. All client
computers run Microsoft Windows XP Professional.
<Review Exhibit>
You create an unlinked Group Policy Object (GPO) named GPO1 that installs
virus-scanning software on computer objects. You need to ensure that this policy is
applied to all computers in the entire forest. What should you do?
Exhibit.JPG
Selected
Answer: b. Link GPO1 to Site1
Correct Answer:
b. Link GPO1 to Site1

3
You are the network administrator for Lucerne Publishing. The organizational unit
structure is as shown in the following figure. There are three domain controllers
running Microsoft Windows Server 2003, Enterprise Edition. There are three
member server computers running Microsoft Windows Server 2003, Standard
Edition. There are 500 client computers on the network running Microsoft
Windows XP Professional.
<Review The Exhibit>
Bene1 is a Group Policy Object (GPO). Bene1 is configured with the Remove
And Prevent Access To The Shut Down Command setting enabled. Bene1 is
linked to the Benefits OU. The Benefits OU has Block Policy Inheritance
enabled.
When Ben logs on to Benefits1, he is able to access Control Panel. You want to
ensure that when Ben logs on to any computer in the domain, he is not able to
access Control Panel. What should you do?
Exhibit.JPG
Selected
Answer: a. Link Bene1 to the Accounting OU
Correct Answer:
a. Link Bene1 to the Accounting OU

4
Group Policy is read and applied in which order by default?
Selected
Answer: Local, Sites, Domain, Organizational Units
Correct Answer:
Local, Sites, Domain, Organizational Units

5
Which tool is used to modify Group Policy settings?
Selected
Answer: Active Directory Users And Computers
Correct Answer:
Active Directory Users And Computers

6
The Block Policy Inheritance setting can be applied to individual Group Policy Objects (GPOs).
True or False?
Selected
Answer: False
Correct Answer:
False

7
The Default Domain Controllers Policy GPO affects all users and computers by default. True
or False?
Selected
Answer: False
Correct Answer:
False

8
Which .adm template can you use to configure Automatic Updates?
Selected
Answer: Wuau
Correct Answer:
Wuau

9
You are the network administrator for Coho Vineyard. There are three organizational units for
the Accounting department named Accts, AcctPay, and AcctRec. You have a Group Policy
Object named Excel1 linked to the Accts OU. The Group Policy Object (GPO) is configured to
install Microsoft Excel to computers. Your manager wants this software installed on all
computers in the Accounting department. How can you arrange these organizational units to
achieve this goal and efficiently apply the Excel1 GPO?
Selected
Answer: Make the AcctPay OU and AcctRec OU subordinate to the Accts
OU.
Correct Answer:
Make the AcctPay OU and AcctRec OU subordinate to the Accts
OU.

10
The Local Computer Policy supports folder redirection in Windows Server 2003. True or
False?
Selected
Answer: False
Correct Answer:
False

1
Users can reset the CrashOnAuditFail value in the registry. True or False?
Selected
Answer: False
Correct Answer:
False

2
Which administrative tool can be used to link a Group Policy Object (GPO) to a site?
Selected
Answer: Active Directory Users And Computers (MMC snap-in)
Correct Answer:
Active Directory Sites And Services (MMC snap-in)

3
You work for Contoso, Ltd., as a system administrator. There is a domain controller on the
network named ServerA. There is a member server on the network named ServerB. There are
three client computers named Client1, Client2, and Client3. A GPO named RemoveRun1 is
linked to the domain. The RemoveRun1 GPO is configured with the Remove Run Menu From
Start Menu setting. Client2 is showing the Run menu when you click on the Start menu. You
must ensure that the Run menu is removed from the Start menu immediately. Where do you
execute the gpupdate.exe utility to apply the RemoveRun GPO?
Selected
Answer: ServerA
Correct Answer:
Client2

4
When does an Administrator need to reset the CrashOnAuditFail value in the registry?
Selected
Answer: When the event log is full and the Audit: Shut Down System Immediately
If Unable To Log Security Audits policy setting is enabled
Correct
Answer: When the event log is full and the Audit: Shut Down System Immediately
If Unable To Log Security Audits policy setting is enabled

5
You work for Coho Vineyard as a system administrator. There are two domain controllers on
the network named ServerA and ServerB. There is a member server on the network named
ServerC. There is a DHCP server named ServerD and a DNS server named ServerE. A GPO
named RemoveRun1 is linked to the domain controllers organizational unit (OU). The
RemoveRun1 GPO is configured with the Remove Run Menu From Start Menu setting as
Enabled. ServerB is showing the Run menu when you click on the Start menu. You must
ensure that the Run menu is removed from ServerB immediately. Where do you execute the
Gpupdate.exe tool to apply the RemoveRun GPO?
Selected
Answer: ServerC
Correct Answer:
ServerB
Selected
Answer: When the event log is full and the Audit: Shut Down System Immediately If Unable To
Log Security Audits policy setting is enabled
Correct
Answer: When the event log is full and the Audit: Shut Down System Immediately If Unable To
Log Security Audits policy setting is enabled

3
Which administrative tool can be used to link a Group Policy Object (GPO) to an OU?
Selected
Answer: Active Directory Users And Computers (MMC snap-in)
Correct Answer:
Active Directory Users And Computers (MMC snap-in)

4
Which administrative tool can be used to link a Group Policy Object (GPO) to a site?
Selected
Answer: Active Directory Sites And Services (MMC snap-in)
Correct Answer:
Active Directory Sites And Services (MMC snap-in)

5
You work for Contoso, Ltd., as a system administrator. There is a domain controller on the
network named ServerA. There is a member server on the network named ServerB. There are
three client computers named Client1, Client2, and Client3. A GPO named RemoveRun1 is
linked to the domain. The RemoveRun1 GPO is configured with the Remove Run Menu From
Start Menu setting. Client2 is showing the Run menu when you click on the Start menu. You
must ensure that the Run menu is removed from the Start menu immediately. Where do you
execute the gpupdate.exe utility to apply the RemoveRun GPO?
Selected
Answer: Client2
Correct Answer:
Client2
Question
0 out of 5 points
1
Selected
Answers: Must be a member of the Domain Admins Group.
The functional level of a forest can be raised only on the server that holds
the Primary Domain Controller (PDC) emulator role.

Correct

The functional level of a forest can be raised only on a server that holds the
Schema Operations master role.

2
planning an upgrade of all servers to Windows Server 2003 over the next six months. Until you
migrate to Windows Server 2003, what functional level should the domain and forest use,
respectively?
Selected
Answer: Windows 2000 native, Windows Server 2003
Correct Answer:

3
What is a logical object in Active Directory that is used to represent two or more IP subnets
connected by a fast link?
Selected
Answer: Site
Correct Answer:
Site

4
What functional level is required for cross-forest trusts?
Selected
Answer: Windows Server 2003
Correct Answer:
Windows Server 2003

5
Selected
Correct

6
Selected
Answer: Unique name
Correct Answer:
Computer

7
Windows NT Server 4.0 do not meet the hardware requirements to run Windows Server 2003.
Client computers run Windows 2000 Professional, as well as Windows NT Workstation 4.0.
You receive a memo from the corporate security team that says all of the domains in the forest
will be raised to Windows Server 2003 functional level at the end of the month. Select only the
essential change or changes that you must make in your current network configuration before
your network will be able to comply with the security team’s requirements.
Selected
Correct

8
What is the default domain functional level for a Windows 2003 Server on a new installation?
Selected
Answer: Windows 2000 native
Correct Answer:
Windows 2000 mixed

9
You are planning to upgrade your company network. Currently users log on to each server in
order to access resources on those servers. The network contains three servers and 25 client
computers. All of the client computers on your network run Windows XP Professional. Several
of the client computers on the network share files. All client computers are configured in
workgroups. There are 10 workgroups configured on the existing network. Your manager
plans to purchase Windows Server 2003 to replace the existing servers on the network. You
want to implement a network administrative model that supports single sign-on. You also want
to ensure that users can be authenticated to all shared resources on the network, whether
they are located on the client computers or on the new servers. Your manager wants you to
ensure that the administrative model is fault tolerant. Furthermore, your company is expanding
rapidly and you want to implement an administrative model that can handle a 10-fold increase
in the number of client computers. What should you do?
Selected
Correct

10
Selected
Answers: You must raise the domain functional level to Windows Server 2003.
Correct

11
You are the domain administrator for cpandl.com. The domain controllers for this domain,
named DC1 and DC2, are running Microsoft Windows Server 2003 Standard Edition. The
Domain Name System (DNS) servers for your domain, named DNS1 and DNS2, are running
Windows Server 2003 Enterprise Edition. DC1 and DC2 are configured to use DNS1 and
DNS2 as their Preferred and Alternate DNS servers. DNS1 and DNS2 are configured to
allow Zone Transfers To Any Server. You need to verify that the service location (SRV)
resource records were added appropriately to your DNS server. Which of the following steps
should you take? (Choose two.)
Selected
Answers: Issue the command ls –t SRV cpandl.com.
Correct Answers:
Run Nslookup on DC2.
Issue the command ls –t SRV cpandl.com.

12
maintaining the Domain Name System (DNS) server for cohowinery.com domain. You notice
a lot of records have been added to the DNS database during the last month. You realize
that some of these host records are from computers that are not members of your domain.
You must ensure that computers that are not members of your domain cannot add records to
the DNS database. You must also ensure that all domain member host records can be
updated only by the computers that registered the records. What should you do?
Selected
Answer: Scavenge stale resource records.
Correct Answer:

13
Select all requirements for installing Windows Server 2003 Active Directory. (Choose two.)
Selected
Answers: 200 MB minimum free space
NTFS partition
Correct Answers:
NTFS partition
250 MB minimum free space

14
You are the network administrator for the Active Directory domain named wingtiptoys.com.
Your domain has three child domains and is the forest root domain for a separate domain
tree named litwareinc.com. Each domain has three domain controllers that host an Active
Directory-integrated zone for their own domain. Many of the domain controllers are
geographically separated from your domain. Users in other domains have noticed a
significant delay when accessing resources in your domain. You’ve noticed that there is
significant host name resolution activity across wide area network (WAN) links between your
domain and others. You’d like to reduce this traffic and improve user response times. What
should you do?
Selected
Answer: Configure all client computers in the wingtiptoys.com domain to use
litwareinc.com DNS servers as their Preferred and Alternate DNS servers.
Correct
Answer: Configure the wingtiptoys.com domain to be a ForestDNSZone.

15
Selected
Correct Answers:

16
Your company’s domain named contoso.com has a two-way external trust with a Windows
NT Server 4.0 domain named NWTRADERS. Contoso.com also has other trust relationships
in place with other companies. Your manager tells you he no longer wants your domain to
trust NWTRADERS, but he wants all other trust relationships to remain in place. What should
you do in Active Directory Domains And Trusts?
Selected
Correct Answer:

17
You are the network administrator for the cohowinery.com domain. You need to add a new
user principal name (UPN) suffix to your existing domain. You are currently logged on using
an account that is a member of Domain Users only. What must you do in order to add this
new UPN suffix? (Choose two.)
Selected
Answers: Log on using an account that is a member of the Enterprise Admins
group.
Correct Answers:
Log on using an account that is a member of the Enterprise Admins
group.

18
You have just completed an installation of Active Directory and restarted the new domain
controller. When performing post-installation tasks, you notice that the application directory
partition was not created. How would you correct this problem?
Selected
Correct

19
(Choose two.)
Selected
Answers: Raise the domain functional level of contoso.com.
Create separate Active Directory sites for east.contoso.com and

west.contoso.com.
Correct
Answers: Raise the domain functional level of west.contoso.com.

20
You are a network administrator for an Active Directory domain named fabrikam.com. Three
domain controllers named DC1, DC2, and DC3 are part of your network. These domain
controllers run Microsoft Windows Server 2003 Standard Edition and host the Active
Directory-integrated Domain Name System (DNS). There are 500 Microsoft Windows XP
Professional client computers on your network. There are also 40 Windows NT Workstation
4.0 client computers, as well as 50 Microsoft Windows 95 computers on the network. All of
the client computers have the latest service packs installed. Previously, your network had a
domain named FABRIKAM, which was hosted by computers that ran Microsoft Windows NT
Server 4.0. There were also two Windows Internet Name Service (WINS) servers that
provided name resolution services on the network. After upgrading to Windows Server 2003,
your help desk received a few calls from users unable to connect to resources. You log on
without a problem from a Windows XP Professional client computer to your domain. Which of
the following actions must you perform to ensure that all network users are able to access
resources? (Choose two.)
Selected
Upgrade the Windows NT Workstation 4.0 client computers.

Correct
Ensure that all client computers list one of the domain controllers as
their preferred or primary DNS server.
Question
5 out of 5 points
1
You are installing a new Active Directory domain and forest. During this installation an error
message is displayed. The error message states that an Active Directory domain controller for
the domain contoso.com could not be contacted. Ensure that the DNS domain name is typed
correctly. All Internet Protocol (IP) settings for servers are statically configured. How would you
respond to this error message?
Selected
Answer: Install Active Directory–integrated DNS during the Active Directory
installation.
Correct Answer:
Install Active Directory–integrated DNS during the Active Directory
installation.

2
You are the network administrator for contoso.com, which is an Active Directory domain. All
domain controllers in the domain run Windows Server 2003 Standard Edition. There is also a
Kerberos realm and a Windows Server NT 4.0 domain on your network. The Kerberos realm is
named fabrikam.com and is hosted by UNIX servers. The Windows NT Server 4.0 domain is
named ADATUM. Members of the fabrikam.com realm need to access resources on
contoso.com. Users on ADATUM also need access to resources on contoso.com. What
should you do in order to provide access to these domain resources, without giving access to
resources that are not required? (Choose two.)
Selected
Answers: Configure a trust relationship so that ADATUM trusts contoso.com.

fabrikam.com.
Correct Answers:
Configure a trust relationship so that contoso.com trusts ADATUM.

fabrikam.com.

3
(Choose two.)
Selected Answers:
Correct Answers:

4
The purpose of DomainDnsZones is to contain all Domain Name System (DNS) servers in the
forest. True or False?
Selected
Answer: True
Correct Answer:
False

5
Selected
Correct

6
maintaining the Domain Name System (DNS) server for cohowinery.com domain. You notice a
lot of records have been added to the DNS database during the last month. You realize that
some of these host records are from computers that are not members of your domain. You
must ensure that computers that are not members of your domain cannot add records to the
DNS database. You must also ensure that all domain member host records can be updated
only by the computers that registered the records. What should you do?
Selected
Answer: Allow Secure Dynamic Updates only.
Correct Answer:

7
The Domain Name System (DNS) must be installed prior to an Active Directory installation.
True or False?
Selected
Answer: False
Correct Answer:
False

8
A client is attempting to log on to the cohowinery.com domain. What service will provide the
client with the name of a domain controller in the domain?
Selected
Answer: DNS
Correct Answer:
DNS

9
Your company’s domain named contoso.com has a two-way external trust with a Windows NT
Server 4.0 domain named NWTRADERS. Contoso.com also has other trust relationships in
place with other companies. Your manager tells you he no longer wants your domain to trust
NWTRADERS, but he wants all other trust relationships to remain in place. What should you
do in Active Directory Domains And Trusts?
Selected
Correct Answer:

10
Selected
Correct Answers:

11
Selected

Correct


12
Selected
Answer: 10
Correct Answer:
10

13
You upgrade your Primary Domain Controller (PDC) from Windows NT Server 4.0 to
Windows Server 2003. You have one Windows NT Server 4.0 Backup Domain Controller
(BDC) on your network. You successfully configure an Active Directory domain named
Contoso.com. You select a domain functional level of Windows Server 2003 Interim during
the upgrade process. You receive two computers named Server01 and Server02 from
another company. These computers run the Windows 2000 Server operating system. They
were configured as member servers on the other company’s domain. There are no trust
relationships configured between your company domain and the other company’s domain.
Your manager wants you to configure Server01 and Server02 as additional domain
controllers in your existing Active Directory domain. The manager does not want you to
modify the configuration or operating system on any one of the existing domain controllers.
What should you do? Choose three.
Selected
Answers: Raise the forest functional level to Windows Server 2003.

contoso.com domain.
Install Server01 and Server02 as new domain controllers for the

ad.contoso.com domain. Configure Server01 and Server02 as DNS servers for
the ad.contoso.com zone.
Correct
Answers: Upgrade Server01 and Server02 to Windows Server 2003.
Configure the Preferred DNS server option of Server01 and Server02 to

point to a Domain Name System (DNS) server that maintains or has access to
the service resource (SRV) DNS records for contoso.com.

contoso.com domain.

14
Selected

Correct

15
Selected
Answer: Computer
Correct Answer:
Computer

16
Selected
Answer: Ntds.dit
Correct Answer:
Ntds.dit

17
requirements.
Selected
Correct
18
Selected
Correct

19
planning an upgrade of all servers to Windows Server 2003 over the next six months. Until
you migrate to Windows Server 2003, what functional level should the domain and forest
use, respectively?
Selected
Answer: Windows 2000 mixed, Windows 2000
Correct Answer:

20
Which of the following is a directory service standard after which Active Directory was
modeled?
Selected
Answer: LDAP
Correct Answer:
LDAP
Question
0 out of 10 points
1
You manage the Wingtip Toys network, which has a single Active Directory domain.
Every domain controller runs Windows Server 2003. You are tasked to configure a
site structure for your network. All local area network (LAN) segments are high-
speed with plenty of available bandwidth. All wide area network (WAN) segments
have limited bandwidth. The network infrastructure is as shown in the following
figure.
ServerA, ServerB, and ServerC are domain controllers for your domain. You create
two sites named MainSite and BranchSite. Now you must place the domain controllers
in the appropriate site. How should you place the domain controllers? (Choose three.)
Exhibit.jpg
Selected
Answers: a. ServerA in MainSite
c. ServerB in BranchSite
d. ServerC in MainSite
Correct Answers:
a. ServerA in MainSite
b. ServerB in MainSite
e. ServerC in BranchSite

2
Selected
Correct Answer:
Every 15 minutes

3
How does Active Directory optimize intrasite replication? (Choose three.)
Selected

Correct

4
California. Each location has a router and a different Internet Protocol (IP) subnet. The Seattle
site has four domain controllers. Each of the other sites has two domain controllers. Seattle is
connected to Portland by a T-1 leased line. Portland is connected to Mt. Shasta City by a 512-
Kbps frame-relay connection.
Selected
Answers: Create a site link that connects the Default-First-Site-Name and Seattle.
appropriate sites.
Correct
appropriate sites.

5
Exhibit.jpg
Selected
Answer: b. Schema
Correct Answer:
c.

6
Selected
Answer: 4
Correct Answer:
4

7
Selected
Correct Answer:
Replica ring

8
Selected
Correct Answer:

9
on the cert"
Exhibit.jpg
Selected
Answer: b. 2
Correct Answer:
b. 2

10
You are viewing the replication topology for your domain, woodgrovebank.com, as
shown in the figure.
sitea.jpg
Selected
Correct Answer:
Question
10 out of 10 points
1
"Ok, I wanted to give you a hint on this one: don't forget about the default-first-site and read the
question carefully. this is a good examples of the little details you need to pay attention to on
the cert"
You manage the fabrikam.com Active Directory domain. The network infrastructure
for this domain is shown in the following figure. Nothing beyond the default site
structure has been created. There are approximately 100 users at each building and
all wide area network (WAN) links are considered slow.
Exhibit.jpg
Selected
Answer: b. 2
Correct Answer:
b. 2

2
Selected
Create organizational units (OUs) for each site and move appropriate
domain controller computer accounts into those OUs.
Correct

3
You work as a network administrator for Contoso, Ltd., which has two offices named
Headquarters (HQ) and Branch. HQ is linked to the Branch office with a slow WAN link.
The network is configured with one domain named contoso.com in the forest. Nothing
beyond the default site structure has been created. Your manager hires a consultant to
create two sites between HQ and the Branch office.
The consultant completes the following tasks:
* Configurestwo Windows Server 2003 computers, named DC4 and DC5, as
domain controllers.
* Sends DC4 and DC5 from HQ to the Branch office.
* Renames the Default-First-Site-Name site to HQ.
* Creates a site named Branch.
* Creates a site link named HQ-Branch.
The consultant is unable to complete the task. Your manager assigns you
to ensure that Active Directory replication does not occur between the hours of
12:00 P.M. and 5:00 P.M. What tasks must you perform before you can make the
configuration change your manager has requested? (Choose two.)
Selected
Answers: Add service location (SRV) resource records to the DNS server
for all domain controllers in the HQ site.
Add a new domain to the forest and move the Branch site onto
the new domain
Correct
Answers: Move all the domain controllers in the regional office to the site
named Branch
Add subnets to the subnet container for both sites and associate
them with the appropriate site

4
Selected
controllers
Correct Answer:
controllers

5
Selected
Correct Answer:
Replica ring

6
Selected
Correct Answer:
Every 15 minutes

7
Selected
Answers: e. Dcdiag
Correct Answers:
a. Replmon
c. Repadmin
e. Dcdiag

8
default values.
Selected
Set the cost to 50 on site links NM and SM.
Correct Answers:

9
Selected
Answer: 4
Correct Answer:
4

10
California. Each location has a router and a different Internet Protocol (IP) subnet. The
Seattle site has four domain controllers. Each of the other sites has two domain controllers.
Seattle is connected to Portland by a T-1 leased line. Portland is connected to Mt. Shasta
City by a 512-Kbps frame-relay connection.
Selected

Correct

Question
10 out of 10 points
1
Selected
Correct Answer:
Replica ring

2
Selected
Correct Answers:

3
on the cert"
Exhibit.jpg
Selected
Answer: b. 2
Correct Answer:
b. 2

4
Selected
controllers
Correct Answer:
controllers

5
Selected
Answers: a. Replmon
c. Repadmin
e. Dcdiag
Correct Answers:
a. Replmon
c. Repadmin
e. Dcdiag

6
You are viewing the replication topology for your domain, woodgrovebank.com, as shown
in the figure.
sitea.jpg
Selected
Answer: b. More than five minutes, but no more than 10 minutes
Correct Answer:

7
Selected
Answer: 4
Correct Answer:
4

8
Selected
Correct

9
default values.
Selected
Correct Answers:

10
You are viewing the replication topology for your domain,

wideworldimporters.com, as shown in the following figure.
All of the domain controllers run Windows Server 2003 and are in the same
site. The replication intervals have not been modified. If everything on your
network is working properly, what delay would you expect from the time when
the user account is deleted on ServerA to the time ServerE receives the change?
Exhibit.jpg
Selected
Correct Answer:
c. More than 10 minutes, but no more than 15 minutes
Question
10 out of 10 points
1
Selected
Answer: False
Correct Answer:
False

2
Selected
Answer: Create a universal group on the Tailspin Toys domain and enable universal
group membership caching. Then add all users on the domain to the universal
group.
Correct

3
domain?
Selected
Answer: RID master
Correct Answer:
RID master

4
Selected
Correct

5
Selected
Correct Answer:

6
Selected
Answer: Use ServerB to seize the PDC emulator.
Correct Answer:

7
be available to provide the user’s universal group membership information the first time a user
logs on in a domain with a functional level of Windows 2000 native or later?
Selected
Correct Answer:

8
application?
Selected
Answer: Enable universal group membership caching for each branch site.
Correct Answer:

9
Selected
information.
Correct
information.

10
You are the network administrator of The Phone Company network. The network has a single
Active Directory domain. There are four domain controllers named Server01, Server02,
Server03, and Server04. All domain controllers run Microsoft Windows Server 2003,
Standard Edition. The Primary Domain Controller (PDC) emulator, relative identifier (RID)
master, and domain naming master roles are all assigned to Server01. Server02 is assigned
as the infrastructure master. Server03 is assigned as the schema master. Server04 is
designated as a global catalog server. A consultant is trying to install Microsoft Exchange
Selected
Answer: Server03
Correct Answer:
Server03
Question
10 out of 10 points
1
When universal group membership caching is enabled on a domain controller, what needs to be
available to provide the user’s universal group membership information the first time a user logs
on in a domain with a functional level of Windows 2000 native or later?
Selected
Correct Answer:

2
Selected
Answer: False
Correct Answer:
False

3
Selected
Correct

4
domain?
Selected
Answer: RID master
Correct Answer:
RID master

5
You work as a consultant for Tailspin Toys. There are three domain controllers in your domain.
The name of the domain is tailspintoys.com. All domain controllers are running Microsoft
Windows 2003 Server in Windows 2000 native functional level. The relative identifier (RID)
master has failed and is unrecoverable. Before you seize the RID master using another
domain controller, what should you do?
Selected
Answer: Disconnect the other domain controllers from the domain.
Correct Answer:

6
Selected
information.
Correct
information.

7
You are a network administrator for Contoso. Contoso.com is an Active Directory domain. The
domain functional level is Windows 2000 native. There are three domain controllers named
ServerA, ServerB, and ServerC. All domain controllers are in the same site. ServerA holds all
operations master roles for the domain. ServerB is configured as a global catalog server.
Universal group membership caching is enabled for the site. All domain controllers run
Windows Server 2003, Standard Edition. You create a new user account for Ben Smith. Ten
minutes later, Ben attempts to log on and receives the error message that he is unable to log
on due to an account restriction. Amy is also a user on the network. Amy has been with the
company for five years. She is able to log on successfully. Assuming Ben’s account is
configured correctly, why might he be receiving this error message?
Selected
Answer: Replication has not yet occurred between ServerA and ServerB.
Correct Answer:
ServerB is unavailable.

8
Selected
Correct

9
Selected
Correct Answer:

10
Selected
Correct Answer:
Question
10 out of 10 points
1
ServerZ. ServerX holds all of the operations master roles for the domain. ServerY is configured
as the global catalog server. The network uses Active Directory–integrated Domain Name
System (DNS) and all domain controllers are DNS servers. There are 900 client computers on
your network. All client computers run Microsoft Windows XP Professional. You are configuring
a new site for a new branch office. Three hundred client computers are added to this location. A
512-Kbps wide area network (WAN) link connects the branch office to the original company
network. You move ServerZ to the branch office location physically, as well as in Active
Directory Sites and Services. The branch office manager asks if you can increase the speed of
user logons. What can you do to improve the speed of user logons, without negatively affecting
logon speed at the company’s original location?
Selected
the branch office.
Correct
the branch office.

2
Selected
Correct

3
You are the network administrator of the Wingtip Toys network. The network has a single
Active Directory domain. There are three domain controllers named ServerA, ServerB, and
ServerC. All domain controllers run Microsoft Windows Server 2003, Standard Edition.
ServerA is assigned as the Primary Domain Controller (PDC) emulator and relative identifier
(RID) master. ServerB is assigned as the infrastructure master and is the only global catalog
server for your network. ServerC is assigned as the domain naming master. ServerD is
assigned as the schema master. You are planning to add a child domain to your network.
What changes should you make to the way the operations master roles are assigned?
Selected
Answer: Transfer the PDC emulator role to ServerD.
Correct Answer:
Configure ServerC as the global catalog server, instead of ServerB.

4
application?
Selected
Answer: Configure a DNS server on a member server at each branch site.
Correct Answer:

5
Selected
Correct Answer:

6
domain?
Selected
Answer: RID master
Correct Answer:
RID master

7
Selected
Correct

8
Selected
Answer: False
Correct Answer:
False

9
Selected
Correct Answer:

10
You are the network administrator of The Phone Company network. The network has a
single Active Directory domain. There are four domain controllers named Server01,
Server02, Server03, and Server04. All domain controllers run Microsoft Windows Server
2003, Standard Edition. The Primary Domain Controller (PDC) emulator, relative identifier
(RID) master, and domain naming master roles are all assigned to Server01. Server02 is
assigned as the infrastructure master. Server03 is assigned as the schema master. Server04
is designated as a global catalog server. A consultant is trying to install Microsoft Exchange
Selected
Answer: Server03
Correct Answer:
Server03

70-294 Finanl Totatl

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

70-294 Finanl Totatl

Загружено:

Авторское право:

Доступные форматы

Question

Question 4 out of 4 points

Create new subnets for the new location.

Create new subnets for the new location.

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 0 out of 4 points

Question 4 out of 4 points

Configure an additional user principal name (UPN) suffix of

Configure your manager’s UPN suffix for cohovineyard.com.

Configure an additional user principal name (UPN) suffix of

Configure your manager’s UPN suffix for cohovineyard.com.

Question 4 out of 4 points

Question 0 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 0 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 4 out of 4 points

Question 0 out of 4 points

All domain controllers in the entire forest must be running an operating

All domain controllers in the entire forest must be running an operating

Question 5 out of 5 points

Question 5 out of 5 points

Question 5 out of 5 points

Question 0 out of 5 points

Question 5 out of 5 points

Question 0 out of 5 points

Question 5 out of 5 points

Question 0 out of 5 points

You must be a member of the Domain Admins group.

Question 0 out of 5 points

Issue the command ls –t SRV cpandl.com.

Question 0 out of 5 points

Question 0 out of 5 points

250 MB minimum free space

Question 0 out of 5 points

Question 0 out of 5 points

Select pre–Windows 2000 compatible permissions.

Install and configure Domain Name System (DNS) automatically.

Question 5 out of 5 points

Question 5 out of 5 points

Use the Active Directory Domains And Trusts console.

Use the Active Directory Domains And Trusts console.

Question 5 out of 5 points

Question 0 out of 5 points

Create separate Active Directory sites for east.contoso.com and

Raise the domain functional level of east.contoso.com.

Question 0 out of 5 points

Upgrade the Windows NT Workstation 4.0 client computers.

Question 0 out of 5 points

Configure a trust relationship so that contoso.com trusts