Trandumper name = Trandumper exam = 70-240 Does anyone still use the trandumper? It will not work with IE5.5. I have formatted Chowdry's dump for it and it is working good i am taking the 240 test in a couple days, wish me luck :P I will post how i do as well. My study tools other then working with 2000 for a year were MCSE Exam notes, Exam cram for 215 and 216 and these websites: http://www.microsoft.com/seminar/1033/Index/BrowseTitle.htm <---online seminars http://www.mcse-education.com/studyguides.htm <---links to other test http://www.mcse-education.com/win2k.htm http://windows.microsoft.com/windows2000/en/server/help/ http://livefaq.webhostme.com/ http://bradisit.com/mcse.htm <---also has cisco stuff http://www.2000exams.com/ <---great practice tests http://cert21.com/mcse/ <---more practice tests http://www.mcseguide.com/2000/2000.htm http://www.mcmcse.com/topsites/index.html As you can tell i have been studying this for a while now and i hope i pass it. If you see me post again that means i passed it otherwise i would be to embarassed to post if i fail it. For those of you that know how trandumper works here you go. name = Top Dump 240 Edited By Scatman -215 exam = 70-240 85. you have five windows 98 computers on which windows 2000 has to be installed. All five computers are connected to an NT-based network. You plan to install the systems from the network. How will you accomplish this task ? A) connect to shared setup files on the computer on which you want to install windows 2000 B) run the WINNT.EXE file from the shared folder on the computers running windows 98 C) run the WINNT.EXE file from the shared folder on the computers running windows 98 D) on a network server , share the installation files, by copying the files from the I386 folder on the CD-Rom to shared folder . Answer: acd WINNT.EXE should be run while installing Windows 2000 on a computer running Windows 95, Windows 98, Windows NT 3.51, Windows NT 4.0, or a version of Windows 2000. 86 . your new computer does not have any operating system. You want to install windows 2000 server on it . you decide to install the server using windows 2000 server floppy disk method. How will you create the windows 2000 setup floppy disks ? A) insert windows 2000 CD-Rom in the drive, of the system running windows 95 or 98 B) insert a blank , formatted , 3.5-inch, 1.2-mb disk into the floppy disk drive. Click on start menu and then click run C) insert a blank formatted, 5.25-inch, 1.2-mb disk into the floppy disk drive. Click on start menu and then run click D) in the open box, type d:\I386\WINNT /ox . Answer: ab You can create a set of floppy disks by using the MAKEBOOT.EXE utility in the Bootdisk folder of the Windows 2000 setup CD-ROM. You can create the setup disks from a computer running any version of Windows or MS-DOS. Ref.: TechNet Technical Information CD, Chapter 13 - Repair, Recovery, and Restore 87 . you have a Pentium 200 Mhz windows 98 system with 64mb Ram , you want to Install windows 2000 server on this system. The system is connected to the network. You want to automate the installation process by using unattended installation method. How will you accomplish this task ? A) upgrade the system with minimum 128mb RAM B) upgrade the system with minimum 256mb RAM C) upgrade the processor with Pentium-3 D) create an \i386 folder on the distribution share of the network server. Copy the contents of the \i386 folder from the windows 2000 server CD and answer file to the folder that you created E) Go to the distribution folder that contains installation files, on the computer running windows 98 and run command : WINNT32 /unattended: /s: F) go to the distribution folder that contains installation files, on the computer running windows 98 and run command : WINNT32 /b: /d: . Answer: ade To start Windows 2000 setup in unattended setup mode from Windows 95 or Windows 98, Windows NT, or Windows 2000, a user must specify: WINNT32 /unattendeD) /s:. Where: is a file that contains answers to questions that should be automated during installation. is the location of the Windows 2000 installation files. Ref.: TechNet Technical Information CD, TopiC) MS Windows 2000 Unattended Setup Parameters Guide. 88. you have to deploy thirty new computers as a part of corporate expansion. You plan to install windows 2000 server using automated installation method. You will have to create unattended answer files for it . how will you create unattended Answer files ? A) run DCPROMO.EXE to create answer files and specify platform for the answer file, The level of automation , and create sub-folders in the distribution folder B) run setup manager application to create answer files and specify the platform for the answer file, the level of automation , default user information , create distribution folders, configure network setting a1nd other options C) create the file manually with a text editor such as notepad D) run setup manager application to create answer files and specify platform For the answer file, the level of automation , create sub-folders in the distribution folder, system components and other options . Answer: bc You can use Setup Manager to create answer files, and by specifying the following parameters, results are generated as answer file parameters: Specify platform for the answer file (Microsoft Windows2000 Professional, Windows 2000 Server, Remote Operating System Installation, or Sysprep) · Specify the level of automation for unattended Setup mode. (Levels include "Provide Defaults," "Fully Automated," "Hide Pages," "Read Only," and "GUI-mode Setup.") · Specify default user information · Define computer name options, including creating a /UDF to access a file of valid computer names · Configure network settings · Add commands to the [GuiRunOnce] section · Create distribution folders · Add files to the distribution folders · Add a custom logo and background files · Specify a time zone · Specify TAPI information · Specify code pages · Specify regional options · Create Cmdlines.txt files Setup Manager cannot perform the following functions: · Create sub-folders in the distribution folder · Create Txtsetup.oem files · Specify system components, such as Internet Information Services DCPROMO.EXE runs Active Directory Installation wizard. The Setup Manager application is available on the Microsoft Windows 2000 Server CD-ROM in the DEPLOY.CAB file of the \Support\Tools folder. Ref.: TechNet Technical Information CD, TopiC) Chapter 25 - Automating Client Installation and Upgrade, Creating the Answer File with Setup Manager 89. you want to install windows 2000 server on nine Pentium 133Mhz windows 98 systems having 256mb RAM. You want to automate the installation . the hardware of master computer and the computers on which you are installing windows 2000 server are similar , expect the mass storage device controllers . the hard drives of all the computers on which windows 2000 server is being installed have multiple partitions. How will you accomplish the task ? A) start the reference computer and connect to the distribution folder B) start the reference computer and connect to the system folder C) to run setup, click start > click run ,and then type: WINNT32 /unattend:unattend.txt / s:install_source / syspart:second_drive /tempdrive:second_drive where: “unattend.txt” is an answer file used for unattended setup.“Install_source” is location of windows 2000 server files. “second_drive” is an optional second drive on which you pre-install windows 2000 and other applications. D) to run setup, click start > click run , and then type WINNT32 /unattend:unattend.txt /s:install_source /syspart:second_drive Where: “unattend.txt” is an answer file used for unattended setup . “install_source” is the location of the windows 2000 server files. “second_drive” is an optional second drive on which you pre-install windows 2000 and other applications . Answer: ac For hard drives with multiple partitions, To start Windows 2000 Setup in unattended Setup mode from Windows 9x, Windows NT, or Windows 2000, a user must use WINNT32.EXE is used to install Windows 2000 to the active partition, if the partition contains sufficient space. Otherwise, setup looks for additional partitions containing sufficient space and prompts you to choose the desired partition. For automated installations, you can bypass the prompt by running setup with the /tempdrive parameter to automatically point to the desired partition. /tempdrive copies all the installation files to a temporary directory on the target drive. Specification of this option implies that Windows 2000 must be installed in the specified drive. This option is only valid for Winnt32.exe. The /tempdrive parameter, like the /t switch for the Winnt.exe command, is useful when the hard disk has multiple partitions or hard disks to ensure the correct drive is chosen without user intervention. Ref.: TechNet Technical Information CD, TopiC) MS Windows 2000 Unattended Setup Parameters Guide 90 . you are appointed as a network administrator in an enterprise. You have been Assigned the task of installing windows 2000 and some other applications on a computer in the network . you plan to automate the installation tasks on multiple computers . after resolving your critical planning issues, you decide to automate the installation of server Applications using a batch file unattended installation feature . how will you configure it? A) create the batch file containing lines similar to the following example :Start /wait \ (where is the path to the executable file that starts the installation. Is the name of the executable file that starts the installation . are any available quite-mode parameters appropriate for the application you want to install . B) create the batch file containing lines similar to the following example :Run to application>\ (where is the path of distribution folder that starts the installation. is the name of the .cab file that starts the installation . are any available quite-mode parameters appropriate for the application that you want to install.) C) copy the batch file to the distribution folders or another location that can be accessed during setup D) with .bat as the name of the batch file, include any entry in the [Guirunonce] section of the answer file to run the batch file. Answer: acd To install applications using a batch file: Create the batch file containing lines similar to the following example: Start /wait \ Start /wait \ Exit where: is the path to the executable file that starts the installation. This path must be available during setup. is the name of the executable file that starts the installation. are any available quiet-mode parameters appropriate for the application you want to install. Copy the batch file to the distribution folders or another location that can be accessed during setup. With .bat as the name of the batch file, include an entry in the [GuiRunOnce] section of the answer file to run the batch file, similar to the following example. The example assumes that the batch file has been copied to the Sysprep folder on the local hard disk, though it can be located wherever that Setup has access to, during an installation. [GuiRunOnce] "%systemdrive%\sysprep\.bat" "\.exe" "\.exe" "%systemdrive%\sysprep\sysprep.exe -quiet" where: \ and \ are fully qualified paths to additional applications or utility installations or configuration tools. This can also be a path to another batch file. These paths must be available during setup. Applications that use the same type of installation mechanism may not run properly if a /wait command is not used. (Ref. TechNet Technical Information CD - Chapter13) 91 . Andrew has a Pentium 166Mhx system with windows NT server 3.5 64mb RAM. He wants to upgrade this system to windows 2000 server for exploring new features of this network operting system . what steps will he take ? A) replace the processor with Pentium 200Mhz B) add additional 64mb RAM C) first upgrade windows NT server 3.5 to windows NT server 3.51 or 4.0 And then upgrade with windows 2000 server D) boot with windows NT 3.5, insert the windows 2000 server CD-Rom in drive and run WINNT.EXE and specify the same directory for windows 2000 server files E) boot with windows NT 3.5, insert the windows 2000 server CD-Rom in drive And run WINNT.EXE and specify a new directory for windows 2000 server files . Answer: bc You cannot directly upgrade to Windows 2000 Server if you have a Windows NT Server version earlier than 3.51. You must first upgrade to Windows NT Server 3.51 or 4.0. Secondly, the minimum hardware requirements for Windows 2000 Server is, Pentium 133MHz system with 128MB RAM. Ref.: TechNet Technical Information CD, Chapter 3 - Planning Your Windows 2000 Server Installation 92 . Arian is working as a network administrator ina company . he decides to update the emergency repair disk for all the windows 2000 server computers on the network , as he is very concerned about fault tolerance. How will he create the emergency repair disk? A) insert a blank formatted 1.44Mb floppy disk in the drive B) insert a blank formatted 1.2Mb floppy disk in the drive C) in windows 2000, click start > program > accessing > system tools And then click backup, on the welcome tab, click emergency repair disk D) in windows 2000, click start > run and type RDISK and press enter . Answer: ac Windows 2000 backup program is used to create emergency repair disk. On event of a system failure, starting the system with setup boot disk and using the emergency repair disk can restore the core system files. (Ref.: TechNet Technical Information issue: April 2000, article: Appendix A - System Recovery and troubleshooting) 93 . you are network administrator of a windows 2000 server based network that has Basic disk configuration. Company’s important data is stored on this disk . this disk was recently upgraded from basic to dynamic volume. Now as the data size has become large, you want to extend the dynamic volume, but are unable to do it. What is the most likely problem ? A) you are not logged on as account operator B) the new disk has no file system C) volume was upgraded from basic to dynamic volume D) the upgraded volume is corrupted Answer: c A simple or extended volume, which was upgraded from basic to dynamic cannot be extended. It can only be extended if the volume has been created as a dynamic volume. Ref.: TechNet Technical Information CD, Windows 2000 Server Manual, Article "Storing data" 94 . your system dual-boots between windows 98 and windows 2000. all the partitions use FAT32 file system. Windows 2000, has a mirror set with system and boot partition, with basic disk configuration. You upgrade basic disk to dynamic disk. After upgrading the disk you are unable to boot with windows 98. what is the likely problem ? A) COMMAND.COM file in windows 98 is corrupted B) the disk is not upgraded successfully C) dynamic disk configuration does not support windows 98 D) basic disk configuration is not upgraded successfully . Answer: c When you upgrade a basic disk to a dynamic disk, the disk cannot have partitions or logical drives, nor can it be accessed by MS-DOS or Windows operating systems, but can only be accessed through Windows 2000. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing data") 95 . your windows 2000 server has two physical disks, each have two partitions with basic disk configuration. These partitions use FAT32 file system . you want to upgrade one partition on each disk with a dynamic volume and the other with a basic volume, but are unable to do it . what is the likely problem ? A) you cannot upgrade from basic storage to dynamic storage B) you cannot use both basic and dynamic disks on the same computer system C) all volumes on a physical disk must be either basic or dynamic D) disk management snap-in for the Microsoft management console (MMC)Does not support FAT#@ file system . Answer: c You can use both basic and dynamic disks on the same computer system, and also with any combination of file systems (file allocation table [FAT], including FAT16 and FAT32, and NTFS file system). However, all volumes on a physical disk must be either basic or dynamic. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing Data") 96 . Andrew is a member of administrator group. The windows 2000 server on the network requires more space to storage date. Andrew adds a new hard disk on the windows 2000 server computer, and starts the system. He attempts to create partition and format the disk so that he can start using it, but is unable to do so .what is the most likely problem ? A) network policy settings prevent him from completing this task B) Andrew is not a member of administrator group C) hard disk is not compatible with windows 2000 D) Andrew is not logged on as server operator . Answer: a You must be logged on as an Administrator or be a member of the Administrators group to be able to manage new disks. But if your computer is connected to a network, network policy settings may also prevent you from completing this procedure. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing data") 97 . Laura has a system with windows 2000 server operating system and dynamic disk configuration . he wants to convert the dynamic disk configuration back to basic disk Configuration with out any data loss. What steps will he takes ? A) log on as a administrator or a member of the administrator group . first back up the data , or move it to another volume B) log on as an account operator . first move the data to another volume C) remove all volumes from the dynamic disk before you can change it back to a basic disk . open disk manager , right click the dynamic disk you want to change back to a basic disk, and then see revert to dynamic disk D) remove all volumes from the dynamic disk before you can change it back to a basic disk. open disk management , right-click the dynamic disk you want to change back to a basic disk, and then see revert to basic disk E) create a new partition using the same drive letter or volume mount point that was used with the dynamic volume and restore the data . Answer: ade A basic disk can be upgraded to dynamic disk without data loss . However, all volumes should be removed before reverting a dynamic disk back to basic disk. To avoid data loss the data should either be backed up or moved to another volume. Once the volume is reverted back to basic disk, a new partition using the same drive letter or volume mount point that was used with the dynamic volume can be created and data restored back on it, but you have to be logged on as an Administrator or be a member of the Administrators group to accomplish this. Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Resource Kit, Chapter 32 - Disk Concepts and Troubleshooting 98 . you are installing windows 2000 on your computer which dual-boot with windows NT 4.0 . you are concerned about data security so, you plan to use mirror set with system and boot partition. Which type of disk configuration will you use ? A) basic disk configuration B) dynamic volumes configuration C) dynamic disk configuration D) strip set Answer: a Basic disk configuration will be used as, dynamic disk configuration is not supported by prior versions of Windows operating system. And also because mirror set cannot be configured on dynamic disk configuration. (TechNet Technical Information CD, issue: April 2000, article: Storing data) 99 . your computer has IDE drive that contains the system and boot partition. You add Three new SCSI drives as you are running out of disk space . the three drives consist of a 1GB drive and two 750MB drives . due to your concern for fault tolerance, you plan to use disk striping with parity. How much space will be used for parity ? A) 1000MB B) 2250MB C) 750MB D) 2GB Answer: c All partitions on stripe set with parity should be the same size. In this question a 750MB partition is available for parity which is the size of one drive (partition). 100. you have implemented a windows 2000 based network in your company. You want on windows 2000 server more disk space and optimal local disk performance but You cannot add more hard disk due to company’s short budget. So you want any other less expensive alternative for it. How will you accomplish it ? A) demand for extending budget B) create strip set with exiting volumes C) install remote storage on server D) add SCSI hard disk on server . Answer: c Remote Storage makes it easy for you to extend disk space on your server computer without adding more hard disks. Remote Storage automatically copies eligible files on your local volumes to a tape library. Remote Storage then monitors the amount of space available on your local volumes. File data is cached locally so that it can be accessed quickly as needed. Since removable tapes in a library are less expensive per megabyte (MB) than hard disks, this can be an economical way to provide both maximum data storage and optimal local disk performance. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 101 . your windows 2000 based network has 250 users. You want to assign a limited amount of disk space for the users, because the users stored large amount of unnecessary data that takes space on hard disk. Due to inefficient use of disk space . your network is suffering from low disk space. What will you do ? A) apply disk quota limits for your users B) set disk space limit in user profiles C) add larger capacity disk D) delete all the data from the users directory . Answer: a In Windows 2000 Server you can apply disk quota limits according to realistic disk space requirements for your users. Start by classifying your users by the amount of disk space that you anticipate they will require. (For example: users in the multimedia department may require a large amount of disk space.) You also can structure your volumes by those classes, and then use disk quotas to limit the amount of disk space allowed for the users on each volume. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 102 . you are network administrator of a windows 2000 based network with 10 windows 2000 servers and 500 clients. Your network has centralized data storage for users data. The data is stored on windows 2000 server with FAT32 file system. Required result: set the disk space limit for all the users Optional result 1: file level security on users data Optional result 2: domain controller computers can manage the disk space limit remotely. Suggested solution: share the disk drive that stores user’s data and apply disk quota Limit for the users from quota tab on disk properties page. On remote computer , logged On as a member of account operator group, map the shared drive as network drive. A) suggested solution produces only required result B) suggested solution produces required result and one of the optional results C) suggested solution produces required result and both of the optional results D) suggested solution does not produces the required result Answer: d On which disk you want to apply Disk Quota limit, must be NTFS partition. If the volume is not formatted with the NTFS file system, or if you are not logged on as a member of the Administrators group, the Quota tab is not displayed in the volume's Properties dialog box. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 103 . you are network administrator of windows 2000 based network with 10 windows 2000 servers and 500 clients. You have configured disk quota system on volumes that is used to store users data. You limit the disk space for all the users. One day your boss asks you to report to how much disk space in used by any user individually. How will you accomplish this task easily ? A) click on quota entries on quota tab of the volume for which you want to create a report , while the quota entries window is open , open a Microsoft word document , select the entries in quota entries windows and drag the rows to word document B) ask your assistants to note it on notepad from quota entries windows C) click on quota entries on quota tab page of the volume for which you want to create a report , while the quota window open, write down it manually on the paper . Answer: a From the Quota Entries window, select the entries for the users, and drag the rows to the program you are using to create the report; for example, you can drag the objects to a Microsoft Excel spreadsheet or a Microsoft Word document. The transferred data retains the same column and entry order as in the Quota Entries window. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 104 . you are network administrator of a windows 2000 based network with 10 windows 2000 servers and 500 clients. You have configured disk quota system on a Volume, which Is used to store users data. You want to export these quota settings on another volume. How will you accomplish this task ? A) on the quota tab page of the volume to which you want to export quota Settings, make sure quotas are enabled, and then click quota entries , click The user quota records you want to export . in quota entries window click quota menu > export , in the export quota settings dialog box, specify a destination folder, type in a file name for the saved settings, and then click save . B) open two quota entries window, one for the source disk volume from which you want to export quota records, and one for the destination volume into which you are exporting The quota records. Then drag quota records from the source volumes quota entries window to the destination volumes quota entries window. C) open quota entries windows for the disk volume from which you want to export Quota records, then drag quota records to the Microsoft word document, then save the document . Answer: ab You can use both methods to set quota settings on another volume: Open two Quota Entries window, one for the source disk volume from which you want to export quota records, and one for the destination volume into which you are exporting the quota records. Then drag quota records from the source volume's Quota Entries window to the destination volume's Quota Entries window. You can also drag a selected quota setting to a folder where an export file is automatically created. On the Quota tab page of the volume to which you want to export quota settings, make sure quotas are enabled, and then click Quota Entries, click the user quota records you want to export. In Quota Entries window click Quota menu > Export, in the Export Quota Settings dialog box, specify a destination folder, type in a file name for the saved settings, and then click Save. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 105 . Mary has been recently appointed as a network administrator in cyber logic inc. there is a window 2000 server which has been configured with disk quota system on a volume to track disk space use on per-user basis. The quota limits and warning levels is set for most of the volume users, but for some of the users quota limits and warning levels are not set. Mary wants to set up quota limits and warning levels for them also. How will she accomplish this task ? A) apply quotas by adding new quota entries for users in the quota entries window and set quota limits and warning levels B) apply disk quotas by adding new quota entries for all volume users in the quota entries window C) apply disk quotas by adding new quota entries for all volume users in the sharing tab page . D) apply file level security on volume and then set quota limits and warning level from security tab page . Answer: a You use the New Quota Entry feature to set up quota limits and warning levels before the user. This is useful when you do not want to use the default disk space limit and warning level values for a particular user. Typically, the default disk space limit and warning level values established by the volume administrator are sufficient for new users of the volume. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 106 . you have a windows 2000 server on the network , which has configured with disk quota system . you to want to delete a quota entry for user account . but you are unable to delete it. What is the most likely problem ? A) the files owned by that user are existing on that volume B) quota entries cannot be deleted C) the files owned by that user are not exist on that volume D) only user can be delete quota entries . Answer: a You cannot delete a quota entry for a user account until all files that the user owns have been removed from the volume or another user has taken ownership of the files. To delete the quota entry, Move, delete, or take ownership of all files that the user owns on that volume (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 107 . you have installed windows 2000 server using mirrored volume for your fault tolerance configuration . your mirrored volume includes the system and boot partition. The secondary drive in the mirrored volume fails. What will you do to recover from the failure ? A) break the mirrored volume through disk management , replace the failed hardware, use disk management to create a new mirror using the free space on the new hard drive. B) break the mirrored volume, replace the failed hardware use disk management to regenerate the mirrored volume. C) replace the failed hardware, boot in the safe mode, then use the disk administrator utility to regenerate the mirror set . Answer: a When a member of a mirrored volume is orphaned, you have to break the mirrored volume to expose the remaining volume as a separate volume. The remaining member of the mirrored volume receives the drive letter that was assigned to the complete mirrored volume. The orphaned volume receives the next available drive letter or a new letter assigned to it. Then a new-mirrored volume can be created from unused free space on another disk. On restarting the computer, the data from the working volume is copied to the new member of the mirrored volume. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Chapter13 - Repair, Recovery and Restore) 108 . your network has four windows 2000 servers. All the servers have basic mirrored volumes (mirror set). One of the disks that contain a part of mirrored volume has either got disconnected or has failed . the mirrored volumes status becomes failed redundancy and the disk’s status remains online. You decide to repair the volume . the system has a dynamic disk with sufficient free space for the new mirror, you want to use this disk for repairing the mirrored volume, but unable to do it . what Is the likely problem ? A) you cannot use dynamic disk to repair basic mirrored volume (mirror set) B) hard disk controller has failed C) you are using basic disk to repair the volume D) you have not installed windows 2000 properly . Answer: a A basic disk and not a dynamic disk, must be used to repair a basic mirrored volume (mirror set). An additional basic disk with sufficient free space is required for the new mirror while repairing a mirrored volume on a basic disk. If an additional disk is not available, the Repair Volume option is unavailable and you cannot repair the volume. (TechNet Technical Information CD, issue: April 2000, article: Storing Data) 109 . a folder on a windows 2000 domain is shared between administrators ., marketing, and accounting groups. All the groups on that folder have full control permission. You do not want the users of marketing and accounting group to be able to change the attributes on that folder. Through which of the following will you accomplish This ? A) read extended attributes B) read attributes C) write attributes D) delete Answer: c The following special permissions are features of Full Control folder permissions: Traverse Folder/Execute File, List Folder/Read Data, Read Attributes, Read Extended Attributes, Create Files/Write Data, Create Folders/Append Data, Write Attributes, Write Extended Attributes, Delete Sub-folders and Files, Delete, Read Permissions, Change Permissions, Take Ownership, Synchronize. Write Attributes allows or denies changing the attributes of a file or folder, such as Read Only or Hidden. These attributes are defined by NTFS. Read Extended Attributes allows or denies viewing the extended attributes of a file or folder. Extended attributes are defined by programs and may vary by program. Delete allows or denies deleting the file or folder. Read Attributes allows or denies viewing the attributes of a file or folder, such as Read Only and Hidden. These attributes are defined by NTFS. Ref: TechNet Technical Information CD, article: Security 110 . you are installing a windows 2000-based network for Infotech inc. the network has ninety windows 2000 clients, six windows 2000 and two unix servers. You want to make TCP/IP the primary network protocol , as the company has multiple operating environments you are going to install and configure TCP/IP on all computers on the network . you also decide to assign IP address automatically . what will you configure for automatic addressing of TCP/IP protocol ? A) configure DHCP scope of IP addresses and active the scope and exclude static IP addresses from the scope. B) assign dynamic IP address to the unix systems C) configure the workstations and servers except unix and DHCP server to “obtain an IP address from a DHCP server” D) install the DHCP server service on all workstations . Answer: ac 111 . you are a network administrator of a windows 2000-based network. You are concerned about data security for sensitive data of your company . the data is stored on a domain controller shared by several users. You decide to encrypt the data so that only the owner of the protected data can access it . but , at the same time you are worried about administrative burden of encrypting and decrypting the data. You want to use a method , which makes encryption easy to manage, difficult to attack , and transparent to the file owner and to applications. How will you accomplish this task ? A) use Microsoft encrypted authentication B) use third party encryption method C) encrypt the data and store it in safe place D) use encrypting file system (EFS) to encrypt data. Answer: d EFS can be used to encrypt sensitive data in files that are stored on disks using the NTFS file system. It runs as an integrated system service, which makes EFS easy to manage, difficult to attack, and transparent to the file owner and to applications. Only the owner of the protected file can open the file and work in it. No administrative effort is required to begin using EFS, and most operations are transparent. You also have the option to disable EFS by configuring EFS recovery policy. EFS is designed to protect the privacy of sensitive data. Besides the user who encrypts a file, only designated recovery agent personnel can decrypt it. (Ref. TechNet Technical Information CD, February 2000, Windows 2000 Server Resource Kit book Chapter 15 -EFS) 112 . your computer has windows 2000 server computer with FAT file system , which is shared by several users. This system stores some sensitive data on it . you plan to encrypt the data to protect it from unauthorized access. Required result: the data should be secure and encrypted. Administrative effort should be minimum. You should have the ability to recover encrypted files, in case file owner leaves your company with out information .other permission on encrypted files should be Unaffected . Optional result 1: file-level security is required on the disk on which the data is stored Optional result 2: should not have any burden on file owner to encrypt or decrypt the file Suggested solution: convert FAT file system to windows 2000 NTFS file system. Use third party data encryption . Which results does the suggested solution produce ? A) suggested solution produce the required result and both of the optional results B) suggested solution produces the required result and one of the optional results C) suggested solution produces only the required result D) suggested solution does not produce the required result . Answer: d This solution does not produce the required result due to lack of minimum administrative effort because the user has to decrypt the file before every use and re-encrypt it when finished. If the user forgets to encrypt a file, the file is unprotected. And, because the user must go to the trouble of specifying that a file be encrypted and decrypted on each use. Ref.: TechNet Technical Information CD, Chapter 15 - Encrypting File System 113 . Adrian is working as a sales executive in a multinational company . he wants to secure all secret data, so that only he can access it . all data is stored on a windows 2000 domain . data quantity is very large it is kept in compressed form. He decides to encrypt the data encrypting file system (EFS). When he attempts to encrypt data, he is unable to do it . what is the most likely cause ? A) windows 2000 does not support EFS B) the data is stored on NTFS file system C) EFS encryption does not support compressed files D) the data is stored on FAT32 file system . Answer: c Windows 2000 domain can only use NTFS file system. Here, the compressed data is the cause of the problem, as compressed data cannot be encrypted with EFS. Ref.: TechNet Technical Information CD Chapter 15 - Encrypting File System, TopiC) Troubleshooting EFS. 114 . you are working as a network administrator in an enterprise. To upgrade the knowledge of your assistants , you decide to teach them about windows 2000 server’s New encrypting file system (EFS) features and requirements . which of the following statements are most suitable for EFS ? A) EFS works on both windows 2000 NTFS and FAT32 file system . B) EFS works only on windows 2000 NTFS file system . C) EFS does not run if there is no recovery agent certificate, but it does designate a recovery agent account by default and generates the necessary certificate . D) you can use EFS to encrypt or decrypt data on a remote computer , but you cannot use it to send encrypted data over the network . Answer: bcd 115 . as a domain administrator you set EFS encryption on a shared folder by selecting the “ apply changes to this folder only” option. Some files and sub-folder already exists on this folder you copy a file in the folder. After some time another user copies a file to the folder. What will be the encryption status on the files ? A) files that exist in the folder before encryption will remain unchanged . B) files that exist in the folder before encryption , will be protected with domain administrator’s private key . C) files copied by the domain administrator to the folder will be protected with his private key . D) files copied to the folder by the other user will be protected with users private key . Answer: acd 116 . Allen is working as sales executive in cyber systems inc. he is a member of domain users sales group . he suspects unauthorized access on his confidential documents. To find the culprit , who is accessing his documents he attempts to audit files and folders , but is unable to do it . what is the most likely problem ? A) he is not a member of account operator group B) he is not a member of account operators group C) these files and folders are in use at the time of audit D) he has read only permission on those files and folders E) he has not logged on as a member of administrator’s group . Answer: e To audit files and folders, you must be logged on as a member of the Administrators group. 117. you have decided to install windows 2000 onto a computer , which is currently running DOS 6.22 operating system. Which command will you use to install the windows 2000 server ? A) setup.exe B) WINNT.EXE C) WINNT32.EXE D) INSTALL.EXE E) SETUP32.EXE Answer: b You have to run WINNT.EXE when installing Windows 2000 on a computer running MS-DOS or Windows 3.x. 118 . Allen is the network administrator of a company, which has four Pentium 200Mhz MS-DOS systems and two windows 3.x systems , for installation of windows 2000 server. All the systems are connected to the network . he wants to automate the installation of windows 2000 server on these computer . what steps will he take to accomplish the task ? A) create an \i386 folder on the distribution share of the network server . copy the contents of the \i386 folder from the windows 2000 server CD and answer file to the folder that you created . B) on the local hard disk, share the installation files , by copying the files from the \i386 folder on the CD-ROM to A) drive . C) go to the distribution folder that contains installation files, on the computers running MS-DOS or windows 3.x and run command: WINNT /u: /s: /t:. Answer: ac To start Windows 2000 setup in unattended setup mode from MS-DOS, Windows 3.1 or Windows for Workgroups, a user must specify: WINNT /u: /s: /t:. To start Windows 2000 setup in unattended setup mode from Windows 95, Windows 98, Windows NT, or Windows 2000, a user must specify: WINNT32 /unattendeD) /s:. Where: is a file that contains answers to questions that should be automated during installation.is the location of the Windows 2000 installation files. /t (Optional): copies all the installation files to a temporary directory on the target drive. This option implies that Windows 2000 must be installed in the specified drive and is only valid for WINNT.EXE. Ref.: TechNet Technical Information CD, TopiC) MS Windows 2000 Unattended Setup Parameters Guide. 119 . you want to install windows 2000 server on nine Pentium 133Mhz, windows 98 Systems having 256MB RAM. You want the installation to be automated . the master Computer from which you will perform the installation and the computers on which you are installing windows 2000 server have different hardware. All the systems re connected To the network . which installation method will you choose to perform automated installation ? A) sysprep method B) syspart method C) systems management server method D) bootable CD method . Answer: b Syspart method is used for clean installations on computers that have dissimilar hardware. Sysprep method is used when the master computer and the target computers have identical hardware, which includes the HAL and mass storage device controllers. Systems Management Server method is used to perform managed upgrades of Windows 2000 Server on multiple systems, especially those that are geographically dispersed. Bootable CD method is used on a computer whose basic input/output system (BIOS) allows it to start from the CD. Ref.: TechNet Technical Information CD, TopiC) MS Windows 2000 Unattended Setup Parameters Guide 120 . Mathew is working in a company as network administrator . Mathew’s boss wants to know about the various methods of installation of windows 2000 server . how will Mathew describe the automated installation method ? A) Syspart method is for clean installation on computers that have dissimilar hardware . B) Sysprep method is used when the master computer and the target computers have identical hardware , which includes the Hal and mass storage device controllers. C) systems management server method is used to perform managed upgrades of windows 2000 server to multiple systems, especially those that are geographically dispersed . D) the bootable CD method is used with a computer whose basic input/output system (Bios) allows it to start from CD . E) syspart method is for clean installations on computers that have identical hardware. F) the boot able CD method is used when the master computer and the target computers have identical hardware , which includes the HAL and mass storage device controllers . Answer: abcd 121 . you are appointed as a network administrator in an enterprise. You have been assigned the task of installing windows 2000 and some other applications on each computer on the network . “ BUT” in the enterprise environment , it is not cost effective to install windows 2000 and other applications using the standard interactive setup on each computer . you plan to perform automated installation on multiple computers . which of the following installation tasks can be automated ? A) the core operating system of windows 2000 server B) any application that does not run as a service C) any application that runs as a service D) additional language support for windows 2000 server through the installation of various language packs . Answer: abd To greatly lower the total cost of ownership (TCO), you can perform automated installations of Windows 2000 Server on multiple computers. You can automate the installation of the following: The core operating system of Windows 2000 Server Any application that does not run as a service Additional language support for Windows 2000 Server through the installation of various languages packs Service Packs for Windows 2000 Server 122 . recently , Andrew installed windows 2000 server as a member server on a computer . now , he wants to promote the member server as domain controller . he also wants to automate this task. How will he accomplish this task ? A) run the DCPROMO.EXE command from the “ Guirunonce” section of the UNATTENDE.TXT answer file . B) run the sysprep.exe command from the “GuiRunOnce” section of the UNATTENDE.DOC answer file . C) run the DOMAINPROMO.EXE command from the “RunOnce” section of the UNATTENDE.TXT answer file . D) run the PROMOTE.EXE command from the “Guirunonce” section of the UNATTENDE.INF answer file . Answer: a After installing Windows 2000 Server, you can automate the process of creating a domain controller by using the Active Directory Installation wizard. Run the DCPROMO.EXE command from the [GuiRunOnce] section of the UNATTEND.TXT answer file. 123 .NT server 4.0 is installed on your computer. The computer has one hard drive with one FAT partition that is defined as C:\ . service pack 4.0 is also installed on it . you want to configure the computer to dual-boot windows 2000 also keep the previous data intact. You also require support for variety of features including active directory , user accounts , and other important security features . how will you configure the system to fulfill all these requirements ? A: boot with windows NT , insert the CD-Rom in drive . using windows explorer , change to CD-ROM drive , go to the I386 folder , double-click INSTALL.EXE and follow the setup instructions . B) change the WINNT folder, double-click SETUP.EXE and follow the setup instructions . C) boot with windows NT , insert the CD-Rom in the drive . using NT explorer , change to the CD-Rom drive , go to the i386 folder , double-click WINNT32.EXE and follow the setup instructions . D) using file manager , change to the CD-Rom drive . change to WINNT folder , double-click SETUP.EXE and follow the instructions . E) after completing setup, boot with windows 2000 , use CONVERT.EXE to convert the partition to NTFS file system . F) format hard disk with NTFS file system , then run WINNT.EXE and follow the setup instructions . Answer: ce To configure the computer to dual-boot Windows 2000 with Windows NT 4.0, which is previously installed on computer you take following step: Boot with Windows NT, insert the CD-ROM in the drive. Using NT Explorer, change to the CD-ROM drive, go to the I386 folder, double-click WINNT32.EXE and follow the setup instructions. After completing setup, boot with Windows 2000, use CONVERT.EXE to convert the partition to NTFS file system. After completing setup, to keep previous data intact and support for variety of features like Active Directory, user accounts, and other important security boot with Windows 2000. Convert the FAT file system to NTFS through CONVERT.EXE utility. Ref.: TechNet Technical Information CD, Chapter 3 - Planning Your Windows 2000 Server Installation 124 . your windows 2000 server has a stripe set with parity, with basic disk configuration. These partitions use FAT file system . you want to change the existing strip set with parity with RAID 5 volumes. What will you do to accomplish this task ? A) upgrade strip set with parity with RAID-5 volumes . B) break strip set wit parity then create RAID-volumes . C) upgrade basic disk to dynamic disk . D) change strip set with parity to volume set . Answer: c On upgrading a basic disk to a dynamic disk, the existing partitions on the basic disk become simple volumes on the dynamic disk. Any existing mirrored volumes (mirror sets), striped volumes (stripe sets), RAID-5 volumes (stripe sets with parity), or spanned volumes (volume sets) become dynamic mirrored volumes, dynamic striped volumes, dynamic RAID-5 volumes, or dynamic spanned volumes, respectively. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing data") 125. Andrew is a member of administrators group . the windows 2000 server on the network requires more space to store data . Andrew adds a new hard disk on the windows 2000 server computer , and starts the system . how will he create partition and format disk so that he can start using it ? A) go to start menu > program > administrator tools > computer management . B) go to start menu > program > MS-DOS prompt , run FDISK and then format the disk . C) in the console tree under storage , click on disk management , go to action menu and click rescan disks . D) go to start menu > program > administrator tools > disk manager . Answer: ac Disk Management tool can be used to manage new disks through the following steps: Go to Start menu > Program > Administrative Tools > Computer Management. In the console tree under Storage, click on Disk Management, go to Action menu and click Rescan disks. We cannot use MS-DOS prompt to run FDISK and Disk Manager, since it is not available in Windows 2000. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article: Storing data) 126 . your windows 2000 server has striped volumes, with dynamic disk configuration. These partitions use FAT file system . as an administrator you want to extend the existing striped volumes , since the amount of existing data is large , but are unable To do it . what is the most likely cause of the problem ? A) striped , mirrored , and RAID-5 volumes cannot be extended . B) you cannot extend volume formatted using FAT or FAT32 . C) you are not logged on as account operator . D) the new disk has no file system . Answer: ab Volumes formatted with FAT or FAT32 cannot be extended. A volume can be extended only if it contains no file system or is formatted using NTFS. Striped, mirrored, and RAID-5 volumes cannot be extended. You have to be logged on as an Administrator or a member of the Administrators group to be able to extend volumes. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing data") 127 . your company has windows 2000-based network that has 200 workstations . you want to manage the disks on all these computers remotely from domain controllers . How will you accomplish this ? A) choose local computer , type the name of the workstation computer , and then finish . B) go to start menu > run , type disk manager , and then click ok . on the cosole menu , click on ADD/REMOVE snap-in , and then click add . C) choose disk management , and then click add . choose another computer radio button , type the name of the remote computer , and then finish . D) go to start menu > run , type MMC , and then click ok . on the console menu , click on ADD/REMOVE snap-in , and then click ADD. Answer: cd If disks are to be managed on remote computers then the client and server computers must be members of the same domain or within a trusted domain. The user of the client computer must be a member of the Administrators or Server Operators group on the remote computer. Follow these steps to manage these disks: Go to Start menu > Run, type MMC, and then click OK. On the Console menu, see Add/Remove Snap-in, and then click Add. Choose Disk Management, and then click Add. Choose Another Computer radio button, and then type the name of the remote computer and then Finish. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article: Storing data) 128 . ahmer is a member of administrator group . he wants to make the server an application server . as windows 2000 server requires more space to store application files, he adds a new hard disk on windows 2000 server computer and also tries to extend the system and boot volume. The system and boot volume use simple volume , but he is unable to extend the volume . what is the most likely reason ? A) you are not logged on as domain user . B) the new disk has no file system . C) volume was upgraded from basic to dynamic . D) the system and boot volumes cannot be extended . Answer: d Neither the system volume nor the boot volume can be extended in dynamic disk. Windows 2000 cannot extend any dynamic volume that existed as a basic volume before the dynamic disk upgrade, and the system and boot volumes (which may be one and the same) are likely the same volumes that existed under basic disk. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Resource Kit, Chapter 32 - Disk Concepts and Troubleshooting) 129 . you are going to install windows 2000 server . you decide to use RAID-5 volume disk configuration for fault tolerance . what are the minimum disk drive requirements for implementing RAID-5 volumes ? A) one B) two C) thirty two D) three Answer: d Minimum three disks are required for RAID-5 volumes 130 . you have installed windows 2000 server on a FAT32 file system . you want to use the NTFS features , so you decide to convert your D) drive to NTFS . you also want to preserve the existing information . what is the easiest way to accomplish this task ? A) delete FAT32 partition and create new one. B) use server manager to convert FAT32 partition C) use CONVERT.EXE command line utility . D) use FDISK.EXE. Answer: c We can use CONVERT.EXE command line utility to convert FAT32 file system without any data loss. 131 . Allen is logged on to windows 2000 system, as a member of administrator group. He wants to change the drive letter of system partition to confuse other user to prevent to access the system partition . but he is unable to do it . what is the most likely cause ? A) the drive letter of the system volume or boot volume cannot be changed . B) he has no proper permission . C) the partition is in use by a program in the system . D) the partition is corrupted . Answer: a You cannot change the drive letter of the system volume or boot volume. (Ref.: Technet Technical Information CD, issue: April 2000, article: Storing Data) 132 . you have implemented a windows 2000 based network in your company . you want inexpensive solution for adding more space on windows 2000 server , so you decide to setup remote storage . how will you setup remote storage on the server ? A) open on ADD/Remove program in control panel, click on ADD/Remove windows Components , select the remote storage check box , and click next and restart the computer . after restart open remote storage and follow the instructions of remote Storage setup wizard . B) click on remote storage setup in program menu , and follow the instructions of setup wizard . C) insert windows 2000 server CD-Rom in drive , run setup.exe and then select remote storage wizard from custom installation and follow the instructions . Answer: a If you want to setup Remote Storage on existing Windows 2000 Server, you have to do it: Open on Add/Remove Program in Control Panel, click on Add/Remove Windows Components, select the Remote Storage check box, and click Next and then restart the computer. The first time you open Remote Storage after it is installed, the Remote Storage Setup wizard guides you through the steps required to fully configure it for operation. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 133 . you are administrator of a windows 2000 based network with 10 windows 2000 servers and 500 clients . your network has centralized data storage for user’s data. Te data is stored on windows 2000 server with FAT32 file system . Required result: set the disk space limit for all the users . Optional result 1: file level security on users data . Optional result 2: domain controller computers can manage the disk space limit remotely. Suggested solution: convert FAT32 file system to NTFS on the disk drive that stores user’s data and share the drive . apply disk quota limit for the users from quota tab on disk properties page. On remote computer , logged on as a member of administrator group, map the shared drive as network drive . A) suggested solution produces only required result . B) suggested solution produces required result and one of the optional results. C) suggested solution produces required result and both of the optional result . D) suggested solution does not produce the required result . Answer: c In Windows 2000 Server you can apply disk quota limits according to realistic disk space requirements for your users. On which disk you want to apply Disk Quota limit, must be NTFS partition. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 134 . you are network administrator of a windows 2000 based network with 10 windows 2000 severs and 500 clients . your network has centralized data storage for user’s data . you want to limit the disk space for all users. So you decide to configure disk quota system . you also wants that users cannot write additional data on the disk, when their assigned quota limit is full. What will you do ? A) from quota tab page on disk properties page, select the enable quota management check box , and then click ok . B) from sharing tab page on disk properties page , select the enable quota management check box , and then click ok . C) from quota tab page on disk properties page , select the enable quota management check box, select the deny disk space to users exceeding quota limit check box , and then click ok . Answer: c You can configure the disk quota system to deny disk space to users of the volume who exceed their assigned quota limit, users cannot write additional data to the volume without first deleting or moving some existing files from the volume. To deny disk space to users who exceed their limit, Right-click the volume for which you want to deny disk space use, and then click Properties then go to Quota tab page, select the Enable quota management check box, select the Deny disk space to users exceeding quota limit check box, and then click OK. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 135 . you are administrator of windows 2000 based network with 10 windows 2000 servers and 500 clients. You have configured disk quota system on a volume, which is used to store users data. You want to import these quota settings on another volume . how will you accomplish this task ? A) open two quota entries window, one for the volume from which you Import quota records , and one for the volume into which you want to import quota records. Then drag quota records from the source volume’s quota entries window to the destination volume’s quota entries window. B) open two windows explorer window , one for the volume from which you import quota records, and one for the volume into which you want to import quota records. Then drag the source volume onto the destination volume quota entries window. C) on the quota tab page of the volume to which you want to import quota Settings. Click quota entries , in quota entries window click quota menu > import , in import quota settings dialog box select the name of the file that contains the quota settings, and then click open . Answer: ac You can use both methods to set quota settings on another volume: Open two Quota Entries window, one for the volume from which you import quota records, and one for the volume into which you want to import quota records. Then drag quota records from the source volume's Quota Entries window to the destination volume's Quota Entries window. On the Quota tab page of the volume to which you want to import quota settings, click Quota Entries, in Quota Entries window click Quota menu > Import, in Import Quota Settings dialog box select the name of the file that contains the quota settings, and then click Open. Disk quota settings are saved in a file format that is exclusive to the Disk Quotas utility and that is used only for importing and exporting quota settings from one volume to another. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 136 . you are network administrator of a windows 2000 based network with 10 windows 2000 servers and 500 clients . you have configured disk quota system on a volume because , you want to track disk space use on per-user basis, but you don’t want to deny users access to a volume . how will you accomplish this task ? A) enable quota and do not limit disk space use B) disable quota and limit disk space use C) enable quota and limit disk space use D) disable quota and do not limit disk space use . Answer: a Enabling quotas and not limiting disk space use are useful when you do not want to deny users access to a volume, but want to track disk space use on a per-user basis. When you enable disk quotas for a volume, volume usage is automatically tracked for new users from that point on. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 137 . Joe is network administrator in TechMart inc. that has 5 windows 2000 servers and 150 clients. One of the servers on the network that stores users data has FAT32 file system . joe want to apply disk quota system on that server , so he converts the files FAT32 volume to NTFS, and applies the disk quota settings . after doing this task , he sees the report for disk space being used by users. But the disk space is not counted and shown against users, which actually owned by the users . what is the problem ? A) file system is not converted to NTFS B) the disk quota system is not applied properly C) files created on FAT32 volumes are owned by the system . D) volume converted from FAT32 to NTFS , changes the users ownership on file system’s ownership . Answer: c The disk quotas are based on file ownership, any changes to a volume that affect ownership status of the files on it, including file system conversion, might affect disk quotas for the volume. Because files on FAT and FAT32 volumes are owned by the system, files on volumes that have been converted from FAT or FAT32 to NTFS are not counted against the users who owned the files. In this case, the files are counted against the Administrator account. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Storing Data) 138 . as a network administrator you are very concerned about fault tolerance . you plan to use RAID-5 volume across six drivers as your fault-tolerance solution . the next day you find one of the drivers has failed . what will you do ? A) use disk administrator to break the RAID-5 volume , replace the drive , then regenerate the stripe set . B) use disk administrator to break the RAID-5 volume, then restore the data from tape backup . C) replace the failed drive , use disk management , select new area of free space , and then regenerate the volume . D) replace the drive, recreate the RAID-5 volume ,then restore the data from tap backup . Answer: c When a member of a mirrored volume or a RAID-5 volume fails, it becomes an orphan. Data for the orphaned member can be regenerated from the remaining members. A new area of free space, which is the same size or larger than the other members of the RAID-5 volume should be selected in Disk Management, and then data regenerated. The fault-tolerance driver reads the information from the stripes on the other member disks and then re-creates the data of the missing member and writes it to the new member on restarting the computer. To regenerate a RAID-5 volume, the volume must be locked by the operating system. All network connections to the volume are lost when a volume is regenerated. (Ref.: TechNet Technical Information CD, issue: April 2000, article: Disaster protection) 139 . you have installed windows 2000 server using disk RAID-5 volumes as your fault tolerance configuration . you have eight drives installed in RAID-5 volumes. Over the weekend two of the drives in the strip set fail . what will you do to recover from the failure ? A) replace the failed hardware , use disk administrator utility to regenerate the RAID-5 volumes . B) break the RAID-5 volumes , replace failed hardware , use the disk management to regenerate a new RAID-5 volume , then restore the data from the tape backup. C) replace failed hardware , boot to the last known good configuration option , then restore the data from tape backup. Answer: b The only option on failure of more than one drive is, to recreate the RAID-5 volumes and restore the data from tape backup. 140 . you have windows 2000 server with dynamic configuration . one of the disk on that system is marked as offline due to disk is corrupted . you want to reactivate that disk. How will you accomplish this task ? A) Logged on as an administrator or a member of the administrator group. B) logged on as server operator or a member of server operator group . C) open disk management , right click on the disk marked offline and then click reactivate disk . D) open disk administrator , right click on the disk marked offline and then click repair disk . Answer: ac To reactivate a missing or offline disk, Open Disk Management, right click on the disk marked Offline and then click Reactivate Disk. The disk should be marked Online after the disk is reactivated. You must be logged on as an administrator or a member of the Administrators group in order to complete this procedure. If your computer is connected to a network, network policy settings may also prevent you from completing this procedure. Only dynamic disks can be reactivated. (Ref.: Technet Technical Information CD, issue: April 2000, article: Storing Data) 141 . you are installing a windows 2000-based network for techmart inc. both clients and servers in the network have windows 2000. as the company uses the internet very often it has installed TCP/IP as primary network protocol . you also plan to assign static IP addresses . how will you install TCP/IP protocol ? A) in control panel , double-click network . on the protocols tab , click add ,select TCP/IP Protocol , and then click ok . B) type the path to windows 2000 source files ,click continue , and then click close . the Microsoft TCP/IP properties dialog box appears . C) in my computer , double-click on my network places . on the protocols tab , click install , select TCP/IP protocol and then click ok . D) click on specify an IP address option , and type your assigned IP address, subnet mask , and default gateway and click ok . Answer: abd 26 . you are using TCP/IP protocol on your network . you use DHCP to assign the network’s IP addresses automatically . you have a shortage of IP addresses , so you expand the scope of your DHCP server . after two days you realize that you have set the scope improperly . you re-configure the DHCP server . while the server was wrongly configured some DHCP clients received IP addresses from the DHCP server . what command will you use to force the clients to drop the DHCP configuration information ? A) DHCP /release B) IPCONFIG /all C) IPCONFIG /release D) IPCONFIG /renew Answer: c At the command prompt, type IPCONFIG /release and then press ENTER to release the existing IP address. Ref.: TechNet Server Utilities CD, issue: January 2000, MOC1555 142 . your network has a windows 2000 server computer with FAT file system , which is shared by several users. This system stores some sensitive data on it . you decide to encrypt the sensitive data to protect it from unauthorized access. Required result: the data should be secure and encrypted . administrative effort should be minimum . you should have the ability to recover encrypted files , in case the file owner leaves your company without information . other permissions on encrypted files should be unaffected . Optional result 1: file-level security is required on the disk on which the data is stored . Optional result 2: should not have any burden on file owner to encrypt or decrypt the file. Suggested solution: convert FAT file system to windows 2000 NTFS file system use encryption file system (EFS) to encrypt data . Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results. B) suggested solution produces the required result and one of the optional results . C) suggested solution produces only required result D) suggested solution does not produce the required result . Answer: a EFS is available only on Windows 2000 NTFS volumes and is designed for use only if the system is configured with one or more recovery agent administrators. Designated user accounts, called recovery agent accounts, are issued recovery agent certificates with public keys and private keys that are used for EFS data recovery operations. Recovery agent accounts are designated by EFS recovery policy. By default, the recovery agent account is the highest-level Administrator account. So in case any data owner leaves the company without information, the recovery agent can recover the encrypted data. Using EFS other permissions on encrypted files will be unaffected. Ref.: TechNet Technical Information CD, Chapter 15 - Encrypting File System 143 . you are network administrator of a windows 2000 based network . you are asked about the encryption method for files and folders using EFS , what answer will you give? A) to encrypt a folder , select it through windows explorer > click file > click properties > click general tab > click advanced . select the encrypt contents to source data check box > Click ok. From confirm attribute changes dialog box you select the files and folders to be encrypted . through windows explorer, turn on EFS for an individual file in exactly the same way as you do for folder . B) you can encrypt and decrypt folders or files by using the CIPHER command at command prompt .C:\>chipper /e/ C) you can encrypt and decrypt folders or files by using the ENCRYP command at command prompt .C:\> ENCRYP /d/a Answer: ab There are two methods for encrypt a folder: To encrypt a folder, select it in Windows Explorer, and then click File > Properties > General tab, and then click Advanced. Select the Encrypt Contents to Secure Data check box, and then click OK. From Confirm Attribute Changes dialog box you choose which files and folders to encrypt. By using Windows Explorer, turn on EFS for an individual file in exactly the same way as you do for a folder. You can encrypt and decrypt folders or files by using the CIPHER command at the command prompt.C:\>cipher /e /a 144 . your boss receives hundreds of confidential mails every week. He wants to secure these mails from unauthorized access. He know that file encryption with efs is a very tedious job as he will have to encrypt the large number of files one by one. So he calls you to solve his problem. What will you do ? A) copy all the mail in windows 2000 systems folders B) spend hours to encrypt all the mail one by one C) create a new folder then select it in windows explorer > file > properties>general tab > advanced. Select the encrypt contents to secure data check box and click ok. From confirm attribute changes dialog box select apply changes to this folder, subfolders and files option D) select systems folder in windows explorer > file > properties > general tab >advanced. Select the encrypt contents to secure data check box > ok .from confirm attribute changes dialog box select apply changes to this folder, subfolders and files option E) copy all mail in the encrypted folder . answer: ce The encryption at folder level is better than individual file level encryption as it is easier and does not require each file to be encrypted individually when it is saved. When a file is copied or created in the encrypted folder, it gets encrypted automatically. It also ensures that the data remains encrypted during and after editing, provided the application editing is also done in the same folder. Ref: TechNet Technical Information CD, article: Encrypting File System 145 . as a network administrator you create a shared folder and a sub-folder on a domain controller , and encrypt the folder by selecting the “apply changes to this folder only” option . a domain user creates a file and copies it to the shared folder . after some time another user copies a file to the sub-folder . what will be the encryption status on the files ? A) file copied to folder , will be protected wit user’s private key B) file copied to folder , will remain unchanged C) file copied to sub-folder , will be protected with user’s private key D) file copied to sub-folder . will remain unchanged . Answer: ad You encrypt the folder with "Apply Changes to This Folder Only" option. The encryption will only be applied to files copied to that folder. As this option will not affect the sub-folder the files copied to the sub-folder will not be encrypted. Ref: TechNet Technical Information CD, article: Encrypting File System 146 . Allen is working as a network administrator in cyber systems inc. he complains of unauthorized access from some one in the management . so he decides to secure the Company’s secret data from unauthorized access. He also wants to find the culprit Responsible for it . what are the different types of folder access on which , he can audit for success and failed attempts ? A) displaying names of files in the folder B) displaying folder attributes C) changing folder attributes D) creating sub-directories and files E) creating a new folder F) going to the folder’s sub-directories G) displaying the folders owner and permissions H) running the folder I) deleting the folder J) removing the folder permissions K) changing folder permissions L) changing folder ownership . Answer: abcdfgIkL 147 . Andrew is a network administrator in info systems inc. he receives complains from the management that someone is trying to hack their passwords due to which their accounts get locked frequently . which of the following events will he audit to trace the hacker ? A) failure audit for logon/logoff B) success and failure audit for file-access and object-access C) success audit for logon/logoff D) success and failure audit for file-access, printers, and object-accesss. Answer: a name = Top Dump 240 Edited By Scatman -210 exam = 70-240 1. choudry is hired by a company for network installation of 5 windows 2000 servers and 150 windows 2000 professional clients. Choudry wants to install the clients using automated installation method, so he uses the setup manager to create the answer file. Which of the following are the most common answer file specifications created by setup manager ? A) installation path B) destination computer name C) product ID D) shared path E) setup file path Answer: abc Given here are answer file specifications created by Setup Manager: Installation path specifies the desired path on the destination computer in which Windows 2000 Server is to be installed. Upgrade option specifies whether to upgrade from Windows 95, Windows 98, Windows NT Workstation 4.0, or Windows 2000. Destination computer name specifies the username, organization name, and computer name to apply to the destination computer. Product ID specifies the product identification number obtained from product documentation. Workgroup or domain specifies the name of the workgroup or domain to which the computer belongs. Time zone specifies the time zone for the computer. Network configuration information specifies the network adapter type and configuration with network protocols. Ref: Microsoft TechNet CD, Volume 4: Chapter 5 - Customizing and Automating Installations 2 . Mian is working as a network administrator in seashore travels. They are using windows 98-based client on windows 2000-based domain network. He upgrades his System windows 2000 professional. After that he clones another system on the network through Sysprep utility. After cloning system is unable to come to network after rebooting .what is the most likely cause ? A) you cannot use cloning while you are on the network B) after cloning both systems has same name C) cloning was not completed successfully D) drivers used in system are not compatible Answer: b If a Sysprep source computer is created with a computer name, that same computer name will be duplicated when the computer is cloned. This will restrict only one system on the network with same name at a time. Microsoft recommends cloning workstations while they are members of a workgroup rather than a domain. The reason for this has to do with machine account names. Windows NT domains use the machine account name to establish trust relationships between the domain controllers and the workstations. If computers are added to the domain prior to being cloned, the computer name will need to be changed after the clone procedure is complete for this workstation to be able to participate in the domain. For this reason, it is best to prepare the computer as a workgroup member and then perform the clone procedure. After the installation is verified as successful and Sysprep has been run, the workstation can be added to the domain with a unique machine name. Ref.: Microsoft TechNet CD Microsoft 2000 Professional Technical Notes Deploying MS Windows 2000 Professional and MS Office 2000 Using Sysprep 3 . your company has a research facility in a city several hundred miles from its Headquarters. The company wants to use Microsoft windows 2000 professional as the Platform for its personal computers. This will primarily involve using windows nt Workstation 4.0 as the platform for high-end and distributed processing , high-level security , and local area network functions. As you define hardware configurations, Verify that the components are compatible with windows 2000 professional. For example, you may require to verify compatibility for the following components : Sound adapters, network adapters , video adapters, universal serial bus (usb) adapters, compact disc and DVD drivers. How will you accomplish this task ? A) run winnt32 /checkupgradeonly B) run setup /upgrade C) run winnt/checkupgradeonly D) check incompatibility list of hardware vender Answer: a You can use Windows 2000 Professional Setup to check for hardware compatibility. Run Setup in Check Upgrade Only mode to obtain log files those indicate hardware and software incompatibilities and device drivers that require to be updated. Use the following command line format for Check Upgrade Only mode: WINNT32 /checkupgradeonly Ref: Microsoft TechNet CD, Volume 4: Chapter 3 - Deploying Windows 2000 Professional 4 . a multinational financial services organization comprised of seven separate operating companies has primary headquarters located in north America, Europe , Asia minor , and southeast Asia . their current client operating systems in use at each operating company include seventy percent windows nt workstation 4.0 , approximately fifteen percent windows nt work station 3.51 , ten percent unix and about five percent windows 95. as an administrator you want to upgrade all the clients with windows 2000 professional .how will you accomplish this task? A) upgrade windows nt 3.51, windows nt 4.0 and windows 95 clients with windows 2000 B) remove unix and then install windows 2000 professional C) upgrade unix and then install windows 2000 professional D) remove windows nt 3.52 , windows nt 4.0 and windows 95 clients and then install windows 2000. Answer: ab Windows 2000 Professional Setup includes the ability to upgrade Windows 3.51, Windows 95, Windows 98, and Windows NT Workstation version 3.51 and version 4.0. After an upgrade the user's operating system settings, applications, and data are preserved. Ref: Microsoft TechNet CD, Volume 4: Chapter 4 - Installing Windows 2000 Professional 5 . Ali is working as a network administrator in sysnet inc. the network has 5 windows 2000 servers and 200 windows 2000 professional clients. One day , a user complains about client system failure. So , you use safe and other startup options to recover the system but fail to recover it. What will be your next step to recover the system ? A) start the system with setup disk, choose repair option and then choose recovery console by pressing C B) start the system with emergency repair disk(ERD) and then use recovery console C) start the system with setup disks and run setup.exe from command prompt D) start the system in VGA mode Answer: a In Windows NT 4.0, you can only access an NTFS drive from within the Windows NT 4.0 operating system. This makes the task of repairing or fixing the NTFS partition, difficult. The only solution is to reinstall Windows NT 4.0 to access the NTFS volume or to run the repair process. Both are time-consuming processes. In Windows 2000 Professional, by using the Recovery Console the Administrator can Read and Write to the NTFS volume by using the four Windows 2000 Professional boot floppy disks or by starting from the Windows 2000 operating system CD. This gives Administrators the ability to copy and delete system files and to repair the system. Note:, By default, only Administrator account can access an NTFS volume using Recovery Console as they have to logon to the system before accessing the hard drives. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 4 - Installing Windows 2000 Professional" 6. To reduce costs, PAKnet corporation wants to standardize on one client operating system .windows for work group is already installed on the system. The company dose not want any previous setting on the client systems . so, it decides to implement windows 2000 professional as client operating system. How can this be done ? A) run winnt.exe from windows for work groups command prompt B) run install.exe from windows for workgroups command prompt C) format the drive, boot floppy disk and run install.exe D) run setup.exe from windows for work groups command prompt Answer: a Running WINNT.EXE performs a clean installation of Windows 2000 Professional. You can run the WINNT.EXE command at MS-DOS, Windows 3.1, or Windows for Workgroups 3.11 command prompt. Ref: Microsoft TechNet CD, Volume 4: Chapter 4 - Installing Windows 2000 Professional 7. you have been hired by a company to upgrade their exiting windows 95/98-based System to windows 2000 professional. your study following points : · The desktop machines meet the hardware requirements and are on the HCL · 10 percent of the desktop machines do not have ACPI bios available from the hardware manufacturer: all use the same none-ACPI HAL · 90 % of the desktop machines either have an ACPI BIOS or can be upgraded from the hardware manufacturer. They all use the same ACPI HAL you decided to use image deployment method for installation .based on this scenario, how many images will you have to create ? A) one B) two C) three D) four Answer: b In this scenario, if you use the image deployment method, two images will have to be createD) one for the machines that do not have ACPI and one for the machines that do. Ref.: Microsoft TechNet CD Microsoft 2000 Professional Technical Notes Deploying MS Windows 2000 Professional and MS Office 2000 Using Sysprep 8 . a company will initially be setting up a windows 2000 test lab for evaluation and tools prototyping , which will be used by several staff members. Eventually , the company plans to provide approximately 120 desktop computers For use with windows 2000 professional. All the systems previously had 3.1 based clients. The network administrator of the company wants to automate The installation of windows 2000 professional. How will he accomplish this task? A) use winnt /u command B) run unattend.exe command C) run setup.exe from command prompt D) use winnt 32.exe /unattend command Answer: a Unattended installations allow Administrators to completely or partially automate installation of Windows 2000 Professional on multiple computers, requiring minimal user input. Commands: WINNT /u: Use WINNT.EXE when running Setup on Microsoft MS-DOS or Microsoft Windows 3.1-based clients. WINNT32 /unattend: Use WINNT32.EXE when upgrading Windows 95, Windows 98, Windows NT Workstation 4.0, or beta versions of Windows 2000 to Windows 2000 Professional. Ref: Microsoft TechNet CD , Volume 4: Chapter 5 - Customizing and Automating Installations 9 . PAKNET inc. wants to expand its central office located in Dallas. You have been hired by the company to deploy Microsoft windows 2000 operating system on 400 new identical computers. After studying the network you found that network is relatively slow. You want to automate your process to deploy operating system and some applications together with same configuration. You are not configuring user and group during installation. Which of the following will you use to accomplish this task ? A) remote installation services (RIS) B) system preparation tool (Sysprep) C) winnt32 /u D) Microsoft system management system (SMS) Answer: b The Microsoft Windows 2000 operating system has many options to automate the installation of Windows 2000, as well as applications such as Microsoft Office 2000. Sysprep: Sysprep is used to install an identical configuration, including applications, on multiple computers. Sysprep allows you to duplicate a custom image based on a Windows 2000 Professional installation from a master computer to destination computers. Both the master and destination computers must have similar hardware and software configurations. The master computer and the destination computers must have the same HAL and mass storage device controllers. You can also use Sysprep if you have slow network links, in which case you can burn the image of the master computer on CDs and use the CDs to distribute the customized installation. WinNT or WinNT32: These tools are appropriate for installing Windows 2000 Professional on a large number of clients with different hardware and software configurations. The disadvantage of this tool is that you must install applications individually on each computer. RIS: You can use RIS when you want to standardize a Windows 2000 Professional configuration on new computers or on computers with an existing operating system that you can replace with Windows 2000 Professional. RIS uses the Pre-Boot eXecution environment (PXE) to initiate a Windows 2000 Professional installation from a RIS server computer and then install the operating system on a client's hard disk. SMS: You can use Systems Management Server for upgrades of Windows-based clients only, not for clean installations. We have clearly two choices RIS or Sysprep. As question states network is slow we will always prefer Sysprep. Ref.: Microsoft TechNet CD) Customizing and Automating Installation 10 . Sehar using windows 2000 professional on his desktop as stand-alone system. She want to search for some documents that she created three month’s ago. But she did not remember file name. So she is trying to search that document by the include text within documents through windows 2000 search assistant. Which of the following windows 2000 services provides this type of facility ? A) indexing service B) browser service C) workstation service D) search service Answer: ? Indexing Service is a Windows 2000 service that extracts information from a set of documents and organizes it in a way that makes it quick and easy to access that information through the Windows 2000 Search Assistant, the Indexing Service query form, or a Web browser. This information can include text from within a document (its contents), and the characteristics and parameters of the document (its properties), such as the author's name. After the index is created, you can search, or query the index for documents that contain keywords, phrases, or properties. For example, you can run a query for all documents containing the word 'product' or you can run a query for all Microsoft Office documents written by a specific author. Indexing Service returns a list of all documents that meet the search criteria. Indexing Service can index the following types of documents in several languages: *HTML *Text *Microsoft Office 95 and later *Internet mail and news *Any other document for which a document filter is available Indexing Service automatically stores all the index information in the System or the Web catalogs. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 9 - Managing Files, Folders, and Search Methods 11. your windows 2000 server has two physical disks, each have two partitions with basic disk configuration. These partitions use FAT32 file system. You want to Upgrade one partition on each disk with a dynamic volume and the other with a basic volume, but are unable to do it. What is the likely problem ? A) you cannot upgrade from basic to dynamic storage B) you cannot use both basic and dynamic disks on the same computer system C) all volumes on a physical disk must be either basic or dynamic D) disk management snap-in for the Microsoft management console (MMC) Dose not support FAT32 file system Answer: c You can use both basic and dynamic disks on the same computer system, and also with any combination of file systems (file allocation table [FAT], including FAT16 and FAT32, and NTFS file system). However, all volumes on a physical disk must be either basic or dynamic. Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing Data" 12 . sales folder has a file named xfile.doc that contains critical information about your company . this folder resides on an ntfs volume . the company’s senior Sales manager asks you to provide security for that file.you make a backup of that File and keep it in a locked cupboard. Then , you assign no access permission for sales group. John , a member of sales group, accidentally deletes that file .though you restore the file from backup, but you are confused how john was able to delete the file despite having no access permission on that file. What is the most likely cause ? A) john is a member of another group having full control permissions on that file B) no access permissions does not work on files C) sales group has full control permission on sales folder D) no access permissions does not restrict of files . Answer: c Although NTFS provides access controls to individual files and folders, users can perform certain actions even if permissions are set on a file or folder to prevent access. If any file has No Access permission and user has Full Control rights in the folder on which it resides, then he will be able to delete the file as Full Control rights in the folder allow the user to delete the contents of the folder. Ref: Microsoft TechNet CD Chapter 17 - File Systems 13 . the company’s current IT environment is a homogenous windows NT server 4.0 environment with a broad mix of windows NT 4.0 , windows 95, and Microsoft windows 98 clients. Windows NT client has NTFS partition and company decides to install windows 2000 professional and windows 98 on all clients with dual booting. They also want the data stored on workstation to be accessible from both operating systems. How will they do to achieve this ? A) on windows 98 client, install windows 2000 in new directory B) remove windows NT 4.0 from client system, delete the NTFS partition and create new FAT or FAT32 partition, install windows 98 and then install windows 2000 in new directory C) upgrade windows NT 4.0 with windows 98 client system and then install windows 2000 in new directory D) upgrade windows 95 client with windows 98 and then install windows 2000 Answer: abd NTFS is the recommended file system for Windows 2000. However, there are specific reasons that you may want to use another file system. If you format a partition with NTFS, only Windows 2000 can gain access to files subsequently created on that partition. If you plan to access files from other operating systems (including Microsoft MS-DOS), it is best to install a FAT file system. Windows 2000 supports FAT, FAT32, and NTFS partition and Windows 98 supports both FAT and FAT32 whereas Windows NT 4.0 supports FAT and NTFS file systems. So, there is no requirement to change the file system on Windows 95 and 98 clients. Since Windows NT 4.0 is using NTFS file system, the file system should be changed with FAT or FAT32 for accessing the data from Windows 98 clients. Ref: Microsoft TechNet CD, Volume 4: Chapter 4 - Installing Windows 2000 Professional 14 . You are moving an uncompressed file from folder1 to folder2. folder2 is compressed. What will be the status of the file after it has been moved from folder1 to folder2 ? A) it will remain uncompressed B) windows 2000 will change the status of folder to uncompressed C) it will become compressed D) windows 2000 will not allow you to move an uncompressed file to a compressed folder Answer: a When you move an uncompressed file or folder to another folder, the file remains uncompressed, regardless of the compression state of the folder to which it is moved. Ref: Microsoft TechNet CD Chapter 17 - File Systems 15 . you are copying file1 from sales folder to marketing folder. Target folder contains the file with the same name. File1 in the sales folder is in uncompressed state while file1 in marketing folder is in compressed state. What will be the attribute of file1 after it has been copied to the marketing folder ? A) it becomes compressed B) it will remain uncompressed C) windows 2000 will not allow you to copy uncompressed files to a folder Having same file name with different attributes D) windows 2000 will make another copy of file with a different attribute from the file in target folder Answer: a When you copy a file to a folder that already contains a file of the same name, the copied file takes on the compression attribute of the target file, regardless of the compression state of the folder. Ref: Microsoft TechNet CD Chapter 17 - File Systems 16 . your hard disk has two partitions. C drive is using fat32 file system and d drive has ntfs volumes. You want to copy max.doc from sales folder in drive d to sales folder in drive c. sales folder in drive d has compressed attributes. What will be the state of the file after it has been copied ? A) it will remain compressed B) it will become uncompressed C) windows 2000 does not allow you to copy a file from fat32 to ntfs D) windows 2000 will change the attribute of folder to un compressed Answer: b Windows 2000 supports compression only on NTFS volumes, compressed NTFS files moved or copied to a FAT volume are automatically decompressed. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 17 - File Systems 17 . you are responsible to back up data from network. Impdata folder, which is on NTFS partition, has been assigned an file permission change for sales group. You have taken back up on the previous day. Somehow the partition, on which sales folder resides, becomes corrupt. You restore data on another drive that has FAT32 partition. What will happen to the permissions ? A) file permissions will be lost B) FAT32 will assign permission everyone full control to the folder C) file permission will be retained D) windows 2000 does not allow you to restore backup on FAT partition if backup is taken from NTFS Answer: a If you restore data on FAT volume, you lose all security settings and other file information specific to NTFS. Ref: Microsoft TechNet CD Chapter 17 - File Systems 18 . Khan is implementing the security system in windows 2000 environment. He is trying encrypt a file, which is on NTFS partition, but is unable to do it. What is the most likely problem ? A) NTFS does not permit encryption of files B) file compression attribute is compressed C) encryption can only be applied on folders D) Khan does not have sufficient permission Answer: b You cannot encrypt files or folders that are compressed. To resolve the problem you should first, uncompress the file or folder, and then encrypt it. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 17 - File Systems 19 . you have configured your hard disk as FAT32 for faster access and dual booting . now you want to convert this partition to NTFS for security purpose. You also want to retain settings of other files. Which command line tool will you use to achieve this ? A) upgrade B) convert C) enhance D) change Answer: b You can upgrade FAT16 and FAT32 volumes to NTFS by using the Convert tool. Conversion of disk volume from FAT to NTFS requires sufficient amount of available free disk space to build the NTFS disk structures. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 17 - File Systems 20 . you do not want the accounting personnel to send big printing jobs in the morning hours. So, you plan to limit their hours of operation to a specific printer. How will you achieve this ? A) through print manager for domains, limit the hours for the account group B) limit the hours using hours tab of the printer in the control panel C) schedule the printer service by using the AT command D) enter the hours of operation in the scheduling tab of the properties window of the printer Answer: d 21 . your boss recently have bought an expensive laser printer. Some of the managers of different departments of your company also want to use this printer. Your boss is afraid that if he gives access to the managers , other people in the department will also try to use the printer when he is not around. Your boss asks your advice how to limit the access of other users . what will you suggest ? A) assign the everyone group no access to your printer B) remove the every one group’s print permission from your printer C) add managers to a group and grant print permissions to this group on your printer D) create a hidden share for your printer by putting a $ sign at the end of the share name, so that other workers are not able to see your printer share Answer: bc 22 . which of the following option must be specified to install and configure TCP/IP printer ? A) IP address or printer name B) gateway C) port name D) host name Answer: ac Select an installed printer, click File, and then click Properties, click the Ports tab, and then click Add Port. Click Standard TCP/IP Port, and then click New Port. This starts the Add Standard TCP/IP Printer Port wizard, type a name or the IP address of a print device in the Printer Name or IP Address text box.Type a host-resolvable port name, which can be any character string, in the Port Name text box, or use the default name that the wizard supplies, and then click Next. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 14 – Printing 23 . Andrew is a marketing executive in techmart inc.. he has a laptop with windows 2000 professional. He is working from site, he wants to print some Documents to the company’s printer. Through which feature of windows 2000 he can accomplish this task? A) internet faxing B) efs C) active directory service D) internet printing Answer: d Windows 2000 supports Internet printing. This makes it possible to use printers located anywhere in the world by sending print jobs using Hypertext Transfer Protocol (HTTP). Using Microsoft Internet Information Services or a Web Peer Server, Windows 2000 creates a Web page that provides information about printers and provides the transport for printing over the Internet. Using the Internet, printers can be used to replace fax machines or postal mail. Use an Internet printer as you would any other Windows 2000 installed printer. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 14 – Printing 24 . ASAD is configuring different devices in windows 2000 professional. He installs a sound card and it is performing properly , but when he trace the device in device manager he is unable to see it . what is the most likely problem ? A) the sound card installed by him is a non plug and play device B) windows 2000 does not show multimedia related devices in device manager By default C) show multimedia option in device manager is not enabled D) It is hidden by default Answer: ad Device Manager does not display all devices by default. Non-PlugPlay devicescertain other devices are hidden and so cannot be seen. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 19 - Device Management 25 . what are the two major tools that we can use in windows 2000 for monitoring Performance of the system ? A) task manager B) performance console C) disk manager D) network optimizer Answer: ab Performance console and Task Manager are the primary monitoring tools in Windows 2000. Task Manageris used for an immediate overview of system activity and performance, while the Performance console provides detailed information that can be used for troubleshooting and bottleneck analysis. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 27 - Overview of Performance Monitoring 26 . ahmer is working as a network administrator in perfect solution inc. organization has a network with fifty windows 2000 professional nodes, two windows 2000 servers. He is planning to analyse system performance on a regular basis. He has made a group of counter to monitor in each system. Which of the following tool will be use for this ? A) task manager B) system monitor C) performance logs and alerts D) network optimizer Answer: b System Monitor is hosted in Microsoft Management Console (MMC) so you can save a console file containing a group of counters that you want to monitor. You can install it on any other computer and be able to monitor the same types of data on that computer. This is useful in monitoring other systems that you administer. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 27 - Overview of Performance Monitoring 27 . dukes insurance company of America serves nearly forty million customers world wide, offering a variety of products and financial services. The Company uses windows 2000 server for networking and ntfs partition on their Disks. One of the users complains that his windows 2000 server is not starting. You find that the ntfs-formatted system volume with corrupted or deleted system files is preventing the computer from starting. Which tool will you use to resolve This problem ? A) safe mode boot B) network monitor C) recovery console D) performance monitor Answer: ac Microsoft Windows 2000 uses Safe Mode and Recovery Console for resolving the problem on the operating system files. Safe Mode bypasses blocking issues such as, system corruption or installation of incompatible drivers or system services enabling the Administrator to resolve the problem. Recovery Console is used by Administrator to copy system files from the operating system CD and troubleshoot other system problems without installing a second copy of the operating system. Ref: Microsoft TechNet CD Chapter 17 - File Systems 28 . you are working as a network administrator on a company that has windows NT 4.0 based network 10 windows NT server and 250 windows 98 clients . you are upgraded the windows 98 clients with windows 2000 professional . as you read about new features of windows 2000 like search for network resources by specifying attributes of the objects and managing the configuration of each user’s desktop centrally. But you are unable to use this features how will you do to remove this problem ? A) upgrade the windows NT server 4.0 with windows 2000 server B) upgrade the windows NT server 4.0 with windows 2000 professional C) reinstall windows NT server 4.0 D) install windows NT service pack 4.0 on server Answer: a You have not upgraded Windows NT 4.0 to Windows 2000 Server that is the reason IntelliMirror and Active Directory is not available and you are not able to use those feature. When you use Windows 2000 Professional on a Windows 2000 Server Active Directory network, two new features are available: IntelliMirror and Active Directory. With IntelliMirror, user's documents can be stored, or mirrored, on a centrally managed server. This feature allows users to log on to any computer in the network and obtain access to their documents and files from that computer. Active Directory allows users to search for network resources by specifying attributes of the object they need, such as a printer capable of printing in color. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 9 - Managing Files, Folders, and Search Methods 29 . paknet corp. has a windows 2000 based network with 300 windows 2000 professional client. As network administrator ahmer wants when a user log on to any computer on the network all user-specific settings of a user’s windows 2000 professional environment , including program items, screen colors , printers connections, window size and position , and desktop preferences, they receive changes made as they existed when they logged off. How will you accomplish this task ? A) create local user profile B) create reaming user profile C) create mandatory user profile D) create system policy Answer: b A user profile is created for each user when the user logs on to a computer for the first time. User profiles include all user-specific settings of a user's Windows 2000 Professional environment, including program items, screen colors, network connections, printer connections, mouse settings, window size and position, and desktop preferences. User profiles provide several advantages to users. Create roaming user profile, and store it on a network server. This profile is available when a user logs on to any computer on the network. Any changes made to roaming user profiles are automatically updated on the server when the user logs off. 30 . aamir has windows 2000 professional system , most of the time when he is working , he goes to window explorer frequently and views each folder with different views settings for ease ?? working . but when goes next time on the folder the particular view settings for that folder are present. How will he remove this problem ? A) in windows explorer from tools > folder options dialog box , in view tab, Mark the “remember each folders view settings” check box B) in windows explorer from view > folder options dialog box, in view tab , mark the “show file attribute in detail view” check box C) in explorer from settings > internet options dialog box , in view tab , mark the “ launch folder windows in a separate process” check box D) in windows explorer from tools > internet options dialog box , in general tab , mark the “ remember each folder’s view settings” check box Answer: a In Windows 2000 Professional, the view you use is not always permanently saved in Windows Explorer. You can control whether the views you use are saved permanently or temporarily by using the Remember each folder's view settings check box on the View tab of the Folder Options dialog box. By default the Remember each folder's view settings option is enabled. When you choose to leave this setting enabled, the following happens: *The changes you make to a folder's view is automatically saved when you close the folder. *The view you use to view one folder is not applied to other folders. *When you open a folder, it opens in the view you used when you last viewed it. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 9 - Managing Files, Folders, and Search Methods 31 . you are configuring TCP/IP in the network. You also have to configure IP addresses and subnet masks. What role does subnet mask play in a TCP/IP based network ? A) it is configured to mask a portion of the IP address so that IP can distinguish network ID from host ID B) it is configured for better routing of information packed in routed network C) it is configured in WAN connections to carry network messages across WAN link lines D) it is used to route mails and messages between the network Answer: a Configuring TCP/IP requires three parameters- IP address, subnet mask and default gateway. IP address is unique address of the adapter, subnet mask is configured to mask a portion of the IP address so that IP can distinguish the network ID from the host ID and default gateway is an IP address of the router's network adapter. 32 . basit is in-charge of network implementation of Adrian inc. he plans to use TCP/IP on windows 2000 server-based network. He wants to reduce the complexity of administering address configurations by using a server computer to centrally manage IP addresses other relating configuration details used on the network. How will he achieve this ? A) use dynamic host configuration protocol (DHCP) B) use windows internet name service (WINS) C) use domain name service (DNS) D) use directory replicatior service (DRS) E: use network address translation (NAT) service Answer: a Dynamic Host Configuration Protocol (DHCP), is a TCP/IP standard which has been designed for reducing the complexity of administering address configurations by using a server computer to centrally manage IP addresses and other related configuration details used on the network. DNS resolves domain name to IP address. WINS resolves NetBIOS name to IP address. Ref.: Windows 2000 Server Help: DHCPCONCEPTS 33 . while checking your network you find that DCHP client does not have an IP address . which the following steps will you take to find the problem ? A) check related client hardware B) ping DHCP server from another computer in the network C) call network administrator D) run command IPCONFIG /all Answer: ab If DHCP client does not have an IP address or has address 0.0.0.0 it means it has been unable to contact DHCP server. You will have to take a few steps- First, to check that related client hardware (cables and network adapters) are working properly. If yes, Ccheck whether the DHCP server is available in the network or not by pinging DHCP server from another client on the same network as the affected DHCP clients. Ref.: Windows 2000 Server Help: DHCPCONCEPTS Troubleshooting. 34 . you are a network administrator of a large organization . you are configuring RAS for your network .you have employees who work from home. They use different computers like windows 95 , unix , and MACINTOSH. You want to protect your network from intrusions and provide maximum bandwidth You can to the dial-in users . Required result: all remote clients should be able to dial-in to your network Optional result 1: the dial-in connection should be secure Optional result 2: the connecting user should be able to combine several dial-up Lines Suggested solution: configure RAS to require Microsoft encrypted authentication. Also select require data encryption. Use RAS callback feature. Allow dial-in clients to use multi?? Feature Which results does the suggested solution produce ? A) suggested solution produces the require and both optional results B) suggested solution produces the required result and one of the optional results C) suggested solution produces only the require result D) suggested solution does not produce the required result Answer: b Configuring RAS will fulfill the required result. Enabling multilink will fulfill the second optional result. Only one optional will be fulfilled as Callback options cannot be set if multilink is enabled as it will lapse some security. 35 . you are installing windows 2000 professional on a system in the network. After joining the windows 2000 domain, you attempt to logon to the domain. The following message is displayed : The system cannot log you on due to the following error : There is a time difference between the client and server. Please try again or consult your system administrator. What is the most likely cause for this error ? A) windows 2000 professional client time is not synchronized with domain controller’s time B) domain controller has been scheduled not to attach client at that time C) domain controller is in different time zone than client D) system files of the client have been corrupted Answer: a In Windows 2000 architecture, Kerberos security inspects the time stamp of the authentication request sent by the client who is logged on. Current time of the client and the domain controller is compared. If there is significant difference, domain controller does not authenticate. To rectify this problem, you will have to logon locally to an administrative account and synchronize the time between the Windows 2000 Professional client and the domain controller. Ref: Microsoft TechNet CD Chapter 23 - Windows 2000 Professional on Microsoft Networks 36 . you have configured a TCP/IP based windows 2000 network in choudry inc. you have just installed windows 2000 professional on one of your systems and joined the domain . when attempt to logon to a windows 2000 domain using a user’s password the following message displayed : Your account has been disabled . please see your system administrator You check for account information in domain controller and find that the account is not disabled . what is the most likely cause ? A) you can use only administrators account to logon for the first time B) you have supplied incorrect password C) the user account has been configured for logging on by using a smart card D) windows 2000 professional client time is not synchronized with domain controller’s time Answer: c The user account has been configured for logging on by using a smart card. Each user account object in Active Directory contains a User must logon using a smart card option. If this option is selected and you attempt to logon without using a smart card, you receive the preceding message even though your account is not actually disabled. Contact your Network Administrator to disable the User must logon using smart card option. Ref: Microsoft TechNet CD Chapter 23 - Windows 2000 Professional on Microsoft Networks 37. you have installed windows 2000 professional in one of the systems and connected it to domain. after creating a computer account in the domain , you attempt to logon locally by using a non-administrative account . the following message is displayed: The system could not lo you on . make sure your user name and domain are correct and type your password again. What is the most likely cause for this error ? A) local account has not been made B) you are providing wrong domain name C) your account does not have permission to logon locally D) you are supplying wrong password Answer: a Creation of a domain computer account does not migrate domain user accounts to the local computer. The local accounts must be created manually (by hand or through scripting). Ref: Microsoft TechNet CD Chapter 23 - Windows 2000 Professional on Microsoft Networks 38 . you are a network administrator of a windows 2000 based network. You are asked about encryption methods for files and folders using EFS , what answer will you give ? A) to encrypt a folder , select it through windows explorer > click file > click properties > click general tab > click advanced . select the encrypt contents to secure data check box>click ok. from confirm attribute changes dialog box you select the file and folders to be encrypted. Through windows explorer, turn on EFS for an individual file in exactly the same way as you do for the folder. B) you can encrypt and decrypt folders and files by using the CIPHER command at command prompt.C:\>cipher /e /a C) you can encrypt and decrypt folders and files by using the ENCRYP command At command prompt.C:\>ENCRYP /d /a D) to encrypt a folder, select it through windows explorer> click file> click general tab> click encryption. Select the encrypt contents to secure data radio button > click ok. From confirm attribute changes dialog box select the files and folders to be encrypted. Through control panel, turn on EFS for an individual file in exactly the same way as you for a folder. Answer: ab There are two methods for encrypt a folder: one To encrypt a folder, select it in Windows Explorer, and then click File > Properties > General tab, and then click Advanced. Select the Encrypt Contents to Secure Data check box, and then click OK. From Confirm Attribute Changes dialog box you choose which files and folders to encrypt. By using Windows Explorer, turn on EFS for an individual file in exactly the same way as you do for a folder. Two You can encrypt and decrypt folders or files by using the CIPHER command at the command prompt.C:\>cipher /e /a 39 . as a domain administrator you set EFS encryption on a shared folder by selecting the “apply changes to this folder only” option . some files and a sub-folder already exists on this folder you copy a file in the folder . after some time another user copies a file to the folder. What will be the encryption status on the files ? A) files that exist in the folder before encryption will remain unchanged B) files that exist in the folder before encryption , will be protected with domain Administrator’s private key C) files copied by the domain administrator to the folder will be protected with his private key D) files copied to the folder by the other user will be protected with user’s private key E: files copied to the folder by the other user will be protected by domain administrator’s private key Answer: acd 40 . David has a stand alone system with windows 2000 professional . he wants to know the management features that are not available in his system. which of the following features are not available ? A) software installation and maintenance B) remote installation C) roaming user profiles D) user profiles E) folder redirection F) internet explorer maintenance Answer: abce You can use all of the Group Policy snap-ins on a local computer that you can use when Group Policy is focused on an Active Directory container. However, the following activities require Windows 2000 Server, an Active Directory infrastructure, and a client running Windows 2000: *Software installation and maintenance, that is, the ability to centrally manage software for groups of users and computers. *Remote user data and settings management, including folder redirection, which allows special folders to be redirected to the network. *Installation of the operating system on a remote computer. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 7 - Introduction to Configuration and Management 41 . you had configured the start menu but whenever john logged in certain menu item are not visible . what could be the reason ? A) john has no proper permission B) menu items are disabled through group / user policy setting C) menu items are corrupted D) menu items are disable through user profile setting Answer: b You can use Group Policy settings or a combination of Group Policy settings to control access to the Start menu. Table 8.4 lists and describes each Group Policy setting that can affect the Start menu. Other Group Policy settings you enforce can affect how the Start menu Group Policy settings work. For additional information, right-click the Group Policy setting Note: When the desktop doesn’t behave as you expect, you can run the Gpresult.exe file on the workstation to view local and domain Group Policy settings currently in effect. Certain Group Policy settings override other Group Policy settings, some disable user interface elements, others leave user interface elements intact but disabled. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 8 - Customizing the Desktop 42 . you have implemented active directory group policy in your network. Some windows 2000 professional clients have their own local group policy. If a local group policy setting is configured for enabled and the active directory group policy is set To not configured . which policy prevail ? A) active directory policy setting will prevail B) local group policy will prevail C) system will hang after booting D) in the active directory managed network you cannot set local group policy Answer: b If a local Group Policy setting is configured for Enabled or Disabled and the Active Directory Group Policy setting is set to Not Configured, the local Group Policy setting prevails on that computer. Ref.: TechNet Search "local Group Policy" Setting Local Group Policy Settings 43 . you have recently spent days specifying and configuring the profile that will be used by the sales users. All users share a common profile and you want to configure it in such a way that any user cannot change the profile and affect the profile for other users. What step will you take to achieve this ? A) through system policy editor , specify that the policy is mandatory B) set the read only attribute on user profile C) rename the NTUSER.DAT to NTUSER.MAN D) change the profile name Answer: c In Windows 2000 Professional, user profiles automatically create and maintain the desktop settings for each user's work environment on the local computer. A user profile is created for each user when the user logs on to a computer for the first time.User profiles include all user-specific settings of a user's Windows 2000 Professional environment including program items, screen colors, network connections, printer connections, mouse settings, window size and position, and desktop preferences.User profiles provide several advantages to users. For example, when users logon to their workstations, they receive the desktop settings as they existed when they logged off. Also, when several users logon to the same computer each receives a customized desktop.Mandatory user profiles are stored on a network server and are downloaded each time the user logs on. This profile does not get updated when the user logs off. It is useful for situations where consistent or job-specific settings are required. Only Administrators can make changes to mandatory user profiles. If the mandatory user profile is unavailable, the user cannot logon. Ref: Microsoft TechNet CD, Volume 4: Chapter 7 - Introduction to Configuration and Management 44 . tech perfect inc. hires you to upgrade their 50 identical windows 98 computers to windows 2000 professional. Before upgrading u want to check for hardware compatibility. Which command line utility will you use for this ? A) WINNT32CHECKUPGRADE B) WINNT32 /checkupgradeonly C) WINNTCHECKUPGRADE D) WINCHECKUPGRADE Answer: b You can run Setup in check-upgrade-only mode to obtain log files that indicate hardware and software incompatibilities and device drivers that need to be updated. The command line format for check-upgrade-only mode is: winnt32 /checkupgradeonly Ref.: Microsoft TechNet CD) Customizing and Automating Installation 45. choudry industrial equipment plans to replace its windows 95 and 98 client cooperating systems with a customized solution incorporating the most current host technologies. By utilizing windows 2000 professional in conjuction with other key Microsoft products, the company also wants to preseve system settings, application , and data. How will the company accomplish this task ? A) install windows 2000 professional in new directory B) install windows 2000 professional in new partition C) upgrade with windows 2000 D) remove windows 95 and 98 and upgrade with windows 2000. Answer: c Windows 2000 Professional Setup includes the ability to upgrade Windows 95, Windows 98, and Windows NT Workstation version 3.51 and version 4.0. After an upgrade, the user's operating system settings, applications, and data are preserved. If you are currently using an operating system that does not support an upgrade, such as Microsoft Windows 3.1 or OS/2, you must install a new copy of Windows 2000 Professional and then reinstall all your applications. You should also reset your personal preferences, such as application settings and Windows settings. Ref: Microsoft TechNet CD Chapter 4 - Installing Windows 2000 Professional Chapter 3 - Deploying Windows 2000 Professional 46 . a company has research facility in a city several hundred miles from its headquarters. The company wants to use Microsoft windows ™ 2000 professional As platform for its personal computers. This will primarily involve using windows NT workstation 4.0 and windows 98 as the platform for high-end and distributed processing, high-level security, and local area network functions. But , company’s network administrator is worried about installing and configuring windows 2000. so, he wants to know about its enhancement and new features. Which of the following statements about windows 2000 are correct ? A) windows 2000 supports plug and play technology B) windows 2000 professional setup comes with a compatibility-mode option C) windows 2000 has upgrade path for windows NT only D) windows 2000 has upgrade path for windows NT, windows 95 and 98 Answer: abd Windows 2000 Professional installation and upgrade procedures have been enhanced from previous versions of the operating system. The following is a brief description of these enhancements. Support for Plug and Play Devices Microsoft Windows 2000 now supports Plug and Play technology. A Plug and Play system requires the interaction of operating system, basic input/output system (BIOS), devices, and device drivers. Compatibility Check Options Windows 2000 Professional Setup comes with a compatibility-mode option that can be used before installing Windows 2000 Professional to examine hardware and software for known problems that may be encountered during the Setup process. It creates a report to determine which hardware files and upgrade packs are required to successfully run Windows 2000. Ref: Microsoft TechNet CD, Volume 4: Chapter 4 - Installing Windows 2000 Professional 47 . Andrew has a new Pentium 200 MHz system with 4gb hard disk. He wants to install windows 2000 professional on this system . he also wants four partitions on the hard disk, one for system and boot partition and three for storing data. How will he accomplish this ? A) create a 2gb partition on disk. Install windows 2000 on that partition and then use disk management to create three other partitions from the rest of disk space B) create a 600mb partition on disk .install windows 2000 on that partition and then use disk management to create two other partitions from the rest of disk space C) create a 600mb partition on disk. Install windows 2000 on that partition and then use disk manager to create two other partitions from the rest of disk space D) install windows 2000 on un-partitioned space. After installing, create four equal size partitions. Answer: a It is recommended that you install Windows 2000 Professional on a 2GB or larger partition. Although, Windows 2000 Professional requires a minimum of 650MB of free disk space for installation, using a larger installation partition provides flexibility for adding future updates, operating system tools, and other files. During setup, you only have to create and size the partition on which you want to install Windows 2000 Professional. After it is installed, you can use Disk Management to make changes or create new partitions on your hard disk. Disk Manager is not available in Windows 2000. Ref: Microsoft TechNet CD, Volume 4: Chapter 4 - Installing Windows 2000 Professional 48 . the company’s the company’s current IT environment is a homogenous windows NT server 4.0 environment with a broad mix of windows NT 4.0, windows 95, and Microsoft windows 98 clients. For standardizing the client system , you decide to upgrade all the systems to windows 2000 professional. How will you accomplish this task ? A) boot with previous client operating system, insert CD-Rom and run WINNT32.exe B) boot with setup disk and run setup.exe from command prompt C) boot with previous client operating system , insert CD-Rom and run setup32.exe D) boot the system with CD-Rom and run WINNT.EXE Answer: a Upgrading from Windows NT Workstation 4.0 and 3.51, Windows 98, and Windows 95 to Windows 2000 Professional must be done from within the existing operating system by using WINNT32.EXE. To launch Setup from within an operating system, run WINNT32.EXE from the command prompt as well as any additional command-line options you may require. Ref: Microsoft TechNet CD, Volume 4: Chapter 4 - Installing Windows 2000 Professional 49 . you want to upgrade windows 95 and 98 client computers to windows 2000 professional . your company has windows based network. You have created master images to run the install for upgrades. Some of the systems are of different types hardware wise and software wise. You decided to use distribution folder. Which of the following option is best for this situation ? A) create distribution folder on windows 2000 server B) create distribution folder on each client system C) create one distribution folder for windows 95 clients and one for windows 98 clients on windows 2000 server D) you cannot use distribution folder for upgrades, it can be used only for fresh installation . Answer: a The distribution folders should reside on a Windows NT Server- or Windows 2000 Server-based server. When working with several workstation images, or when your image process gets complex, it is helpful to build a distribution folder for your workstation builds. By having a central point for image creation and storage, your testing is easier and provides a centralized location for files and drivers that should be applied to the system. A distribution folder also helps when the image needs to be enhanced for things such as adding support for multiple languages etc. Building a distribution folder and creating any master images from this location can assure you that the files you require are being copied and are consistent across multiple builds. Ref.: Microsoft TechNet CD Microsoft 2000 Professional Technical Notes Deploying MS Windows 2000 Professional and MS Office 2000 Using Sysprep 50 . a company will initially be setting up a windows 2000 test lab for evaluation and tools prototyping , which will be used by staff members. Eventually, the company plans to provide approximately 120 desktop computers for use with windows 2000 professional. Network administrator of the company wants unattended installation of windows 2000 professional, which requires unattended installation of windows 2000 professional, which requires unattended answer file . how will he create answer file, efficiently ? A) create answer file with setup manager B) create answer file using notepad C) create answer file using file manager D) run winnt.exe /c to create answer file Answer: a Setup Manager is a wizard that guides you through the process of creating a custom answer file. You can use it to set many of the answer file parameters that customize and automate an installation. Using this tool also minimizes data-entry errors that are more likely to happen when using a text editor to create the answer file. Ref: Microsoft TechNet CD, Volume 4: Chapter 5 - Customizing and Automating Installations 51 . smith is working as network administrator in micro systems inc. which support Thousands of desktop computers . he wants to install windows 2000 professional on Client computers . it is expensive and inefficient to install the operating system manually on each computer , and to answer every question setup asks. Which of the following methods provided by the windows 2000 professional for automated installation ? A) using SYSREP.EXE B) using remote installation services C) using WINNT.EXE and WINNT32.EXE D) using setup32.exe Answer: abc Disk duplication using Sysprep.exe. Disk duplication, or imaging, is a method for duplicating a configuration to multiple destination computers. The destination computers might be part of a network or non-networked. Sysprep works on computers that have similar hardware configurations with identical hardware controllers and hardware abstraction layers (HALs) as the source computer. Remote Installations using Remote Installation Services. Remote installation allows you to perform clean installations of Windows 2000 Professional on clients that are part of a Microsoft® Windows® 2000 Server-based network and that are properly configured to support RIS. With this technology, clients use a RIS server to start remotely and to install Windows 2000 Professional and applications. Unattended installations using Winnt.exe and Winnt32.exe. Unattended installations allow administrators to completely or partially automate installation of Windows 2000 Professional on multiple computers, requiring minimal user input. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 5 - Customizing and Automating Installations 52 . smith uses windows 2000 professional with windows 2000 server . he wants to manage workstations centrally for basic tasks such as : installing an initial operating system on a new computer managing the configuration of each user’s desktop managing how software is deployed and installed on personal computers to ensure that users have the software that they require to perform their jobs which of the following windows 2000 technology will he use to simplify these tasks ? A) EFS B) disk quota C) remote installation services (RIS) D) Intellimirror Answer: d IntelliMirror technologies can help you manage user and computer information and settings. IntelliMirror uses Group Policy and Active Directory, directory service to manage computers using centrally defined settings that are based on user business roles, group memberships, and locations. Depending on the requirements of your organization, you can use the three IntelliMirror features listed earlier either separately or together. Change and configuration management includes User Data Management, Software Installation and Maintenance, and User Settings Management, which are collectively known as the IntelliMirror management technologies. IntelliMirror feature increases the availability of the user's computing environment by storing information, settings, and applications.By using change and configuration management features, you can perform the following tasks: Define computing environment settings centrally for both groups of users and groups of computers and enforce those settings. Allow users to logon to any computer on the network and have the same computing environment available to them including access to data, applications, and preference settings. Replace a computer quickly and then regenerate its settings, thus restoring data, applications, preferences, and Group Policy settings. Ref: Microsoft TechNet CD Chapter 7 - Introduction to Configuration and Management 53 . which of the following ways are available to synchronize files between the locally cached version and the network resource version of files ? A) quick synchronization B) incremental synchronization C) full synchronization D) differential synchronization Answer: ac You have only two ways of synchoronization, FullQuick. DifferentialIncremental synchoronization are not awailable with Windows 2000. In full synchronization, the most current version of every cached network file is cached to the local drive. A quick synchronization is faster, but might not provide the most current version of every network file that has been made available offline. A quick synchronization does ensure that a complete version of every file is available. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 9 - Managing Files, Folders, and Search Methods 54 . your windows 2000 server has striped volumes, with dynamic disk configuration. These partitions use FAT file system . as an administrator you want to extend the existing striped volumes , since the amount of existing data is large, but are unable to do it . what is the most likely cause of the problem ? A) striped , mirrored , and RAID-5 volumes cannot be extended B) you cannot extend volumes formatted using FAT or FAT32 C) you are not logged on as account operator D) the new disk has no file system . Answer: ab Volumes formatted with FAT or FAT32 cannot be extended. A volume can be extended only if it contains no file system or is formatted using NTFS. Striped, mirrored, and RAID-5 volumes cannot be extended. You have to be logged on as an Administrator or a member of the Administrators group to be able to extend volumes. (Ref.: TechNet Technical Information CD, April 2000, Windows 2000 Server Manual, Article "Storing data") 55 . sales folder has a file named Xfile.doc that contains critical information about your company . this folder resides on an NTFS volume . the company’s senior sales manager asks you to provide security for that file . you make a backup of that file and keep it in a locked cupboard . what other steps will you take to prevent files from being deleted ? A) set no access permission on the file B) set permission for the folders containing the files that do not supercede the file’s permission C) hide that file D) set property of that file to read only Answer: ab Although NTFS provides access controls to individual files and folders, users can perform certain actions even if permissions are set on a file or folder to prevent access. If any file has No Access permission and user has Full Control rights in the folder on which it resides then he will be able to delete the file as Full Control rights in the folder allow the user to delete the contents of the folder. To prevent files from being deleted, you must set permission on the file itself and must set permission for folders containing the file that does not supercede the file's permission. Ref: Microsoft TechNet CD Chapter 17 - File Systems 56 . Shinozaki employs approximately 19,500 full and part-time employees. Most of the Executive staff, finance, and procurement departments (about 3,000 people) are at The Lindenhurst headquarters. Each regional warehouse employs about 350 people To take inventory and receive, track, price , and ship products. They use Networked personal computers. each retail office employs about 20 people who Perform tasks ranging from sales to automotive technical assistance. each retail Office has about 20 windows NT work station 4.0 and local windows nt server 4.0 for file and print services. these systems are connected to their regional warehouse for technical specifications, product availability, and purchasing. All the clients and servers in the retail offices use fat file system. As network administrator you want to upgrade all the clients and servers in retail offices with windows 2000 with larger partition , improved security, compression, and encryption features. How will you achieve this ? a) . upgrade all systems to windows 2000 and convert fat file system to NTFS . b). first convert fat file system to NTFS then upgrade to windows 2000. c). upgrade all systems to windows 2000 and convert fat file system to fat32. D). upgrade all systems to windows 2000, convert fat file system to fat32, And use any third party encryption program for encryption. Answer: a Although Windows 2000 Professional supports FAT16, FAT32, and NTFS file systems, but to take advantage of the full potential of Windows 2000 Professional it is recommended to use the NTFS file system. NTFS has all the basic capabilities of FAT16 and FAT32 with the added advantage of advanced storage features such as, compression, improved security, and larger partitions and file sizes. There are many advantages to using NTFS. Among these are: · Increased robustness - NTFS is a transactional file system and can automatically recover from many errors. · Increased security - Access to files can be secured and files and folders can be encrypted. · Support for large media. · Support for large hard disks, up to 2TB(Terabyte)). The maximum drive size for NTFS is much greater than that for FAT and as drive size increases, performance with NTFS does not degrade as it does with FAT. · Faster access. Windows 2000 NTFS has been improved over Windows NT 4.0 NTFS with such features as: · Encryption - Can be used to protect the contents of individual files from unauthorized use. · Volume extension - Volumes can now be extended without having to restart the computer. · Disk Quotas - Administrators can allocate the amount of disk space for individual users on a per-user basis. · Distributed Link Tracking - Can be used to preserve shortcuts when files are moved from one volume to another or to a different computer. · Mount points - Can be used to place another volume onto an NTFS folder avoiding the use of additional drive letters. · Full text and property indexing - Allows fast searching and retrieval of files and documents. If you convert the FAT file system to NTFS on Windows NT 4.0 and then install Windows 2000, you cannot use new features of Windows 2000 NTFS such as, Encryption, Disk Quotas, Mount Points, etc., because of the old NTFS version. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 4 - Installing Windows 2000 Professional 57 . you are copying a compressed file from folder1 to folder2 . folder2 is uncompressed . what will be the status of the file after it has been copied from folder1 to folder2 ? A) it will remain compressed B) it will become uncompressed C) windows 2000 will not allow you to copy a compressed file to an uncompressed folder D) windows 2000 will change the status of folder to compressed. Answer: b When you copy a file to a folder, the file takes the compression attribute of the target folder. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 17 - File Systems 58 . your hard disk has two partitions. C drive is using fat32 file system and d drive has NTFS volumes. You want to copy max.doc from sales folder in drive d to sales folder in drive c. sales folder in drive d has compressed attributes. What will be the state of the file after it has been copied ? A) it will remain compressed B) it will become uncompressed C) windows 2000 does not allow you to copy a file from fat32 to ntfs D) windows 2000 will change the attribute of folder to un compressed Answer: b Windows 2000 supports compression only on NTFS volumes, compressed NTFS files moved or copied to a FAT volume are automatically decompressed. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 17 - File Systems 59 . David is working as a network administrator. He wants to change the permissions of domain users for all files in the folder DATA from change to read. What steps will he take ? A) change permission in DATA folder B) in the property dialog box, on the security tab, enable the option allow inheritable permissions from parent to propagate to this file object C) enable option inherit permissions from parent folder in each file’s property D) manually change permission in each file . Answer: ab NTFS included with Windows 2000 provides for inheritable permissions. In the Properties dialog box, on the Security tab, you can set the option Allow inheritable permissions from parent to propagate to this file object. This option is enabled by default. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 17 - File Systems 60 . as security is your prime concern you want to set permissions on individual files and folders. Which file system will you choose to implement on windows 2000 ? A) FAT B) FAT16 C) FAT32 D) NTFS Answer: d You cannot set permissions on individual files and folders while using FAT, FAT16, FAT32. You will have to use NTFS instead. Ref: Microsoft TechNet CD Chapter 17 - File Systems 61 . a user recently installed windows 2000 on a relatively small drive c, and is concerned about unnecessary use of storage space on drive c. she knows that the default Document folder, my documents , is on drive c. the computer is being extensively used To create and edit digital photos, vector-based graphic art, and desktop publishing (DTP) Files. As these type of documents consume a lot of disk storage space , she wants to save Her documents in another drive D that has ample space, but does not want to use another volume label . how will she configure my documents folder for her requirement ? A) create a volume mount point to drive c under my documents folder called art B) configure sub-folder of art folder that actually resides on another volume in drive d C) configure both drives as volume set D) map folder of drive d through windows explorer by the name of my documents. Answer: ab You can add volumes to systems without adding separate drive letters for each new volume. A volume mount point can be placed in any empty folder of the host NTFS volume. Ref: Microsoft TechNet CD Chapter 17 - File Systems 62 . you have a printer connected to the server. The share name of the printer is HP670. your boss asks you to take a printout of the latest documents made for the sales Department , using the printer. But he wants that the electronic copy of all the documents printed , are kept in such a way , so that , later when he wants them , he can get multiple copies of this document. How will you achieve this ? A) create a printer pool for the printer , assign the print job to it B) check the hold printed documents option on the scheduling tab of the printers properties page C) set the number of copies to two in the device setting tab of printers properties page D) check the keep documents after they have printed option on the scheduling tab of the printers properties page. Answer: d 63 . it is the end of the month. This is the time when you have to print your company’s monthly reports and submit them to your boss the next day. The problem is that , you have only one printing device. If you start printing the reports it may take the entire day and may not be able to give other printing jobs , which are short and are required immediately. How will you configure the printer so that you can print the short jobs immediately as well as get your reports on time ? A) create a printer called daily. Specify that users who send long jobs should configure the print job to only be submitted after working hours . B) create two logical printers , one called daily and other called reports. Give the reports printer a priority of 1 and the daily printer 99.submit the long jobs to reports printer C) create two logical printers , one called daily and the other called reports. Give the reports printer a priority of 99 and daily printer a priority of 1 . specify that normal jobs be sent to daily printer and long jobs be submitted to reports printer D) create two logical printers , one called daily and other called reports. Use the scheduling tab to specify that the reports printer is only available during off-peak hours. Use the scheduling tab to specify that the daily printer is available 24 hours a day. Specify that normal jobs be sent to the daily printer and long jobs be submitted to the reports printer . Answer: d If you have long print jobs that should only be printed during low volume hours, the best solution is to create a printer with limited hours and specify that users send their long jobs to this specified printer. If you try to manage the printers through priority, then as soon as the high priority jobs finish printing, the print device will take jobs from the low priority jobs, which would tie up the print device for long hours. This will prevent you from using the printer until the long job has completed printing. 64 . which of the following print permission is available to the administrative group but not available to general user to manage a printer job queue ? A) restart a job from the beginning B) see all jobs C) view and change job settings such as priority and person notified upon completion D) pause or resume printer operation E) pause , cancel , reschedule , or redirect any job . Answer: de Users have different levels of access to manage a printer job queue depending on their security permissions. Users working with printer queues are typically separated into two groups: *Administrative users: These users have Manage Printers and Manage Documents permissions. They have wide control over how the printer operates, regardless of where the print job originated. *General users: These users have Print permissions, which include viewing general information about a printer and managing documents that they send to the printer. They cannot control other people's print jobs. Task Administrative User General User See all jobs Yes Yes Pause or resume printer operation Yes No Pause, cancel, reschedule, or redirect any job Yes No Pause, cancel, reschedule, or redirect own job Yes Yes Restart a job from the beginning Yes Yes View and change job settings such as priority Yes Yes and person notified upon completion View form, paper source, page orientation, number of Yes Yes copies 65 . you have upgrade your windows 95 system to windows 2000 professional . after upgradation your system’s network adapter is creating problem . an outdated device driver for this adapter may be the cause of the problem . from where will you change the system device driver ? A) you cannot update your driver in windows 2000, you will have to un-install it first and then re-install the driver B) through update driver in device properties dialog box in device manager C) through control panel > update driver D) you can upgrade drivers through update driver in server manager . Answer: b If your device is not working properly and you suspect that you have either an outdated device driver or wrong device driver for your device, you can change your device driver from Device Manager. To change the device driver using Device Manager do the following: 1. In Device Manager, expand the device class. The tree expands to show the available devices. 2. Click the device whose driver has to be changed, and then click Properties. The Device Properties dialog box is displayed. 3. Click the Driver tab. 4. Click Update Driver in the Device Properties dialog box. The Upgrade Device Driver wizard is displayed. 5. Click Next. 6. The wizard asks whether you want to search for a better driver. If you want Windows 2000 Professional to detect your driver automatically, click Search for a suitable driver for my device. Or If you want to choose a driver yourself, click Display a list of the known drivers for this device so that I can choose a specific driver. 7. Click Next and follow the instructions to upgrade the driver. Ref.: TechNet April 2000 Search "Update Drivers" "Device Management" 66 . your organization’s network is based on windows 2000 . one of the users complains that his system is responding slowly. Memory object counter of pages/sec is 50. how will you resolve this bottleneck ? A) add more ram B) reboot the system C) close current application D) add another hard disk Answer: a If pages/second counter is more than 20, it means there is shortage of primary memory (RAM). Adding more RAM is the only solution. 25 . which of the following tools does performance console provide for monitoring the system ? A) task manager B) system monitor C) performance logs and alters D) network optimizer Answer: bc Performance console provides detailed information that can be used for troubleshooting and bottleneck analysis. The Performance console hosts two tools: System Monitor, and Performance Logs and Alerts. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 27 - Overview of Performance Monitoring 67 . you have recently configured performance monitor for your windows NT server . you configured counters for processor, memory , disk and network access. After you run performance monitor for a month , you notice that all counters that track disk statistics are flat . what steps will you take to resolve this problem ? A) run DISKPERF B) run DISKCOUNT -y C) start DISKPERF service D) restart your computer Answer: ad You always have to run DISKPERF utility on the server/system whose disk is to be monitored. 68 . since last few days, your windows 2000 professional system has been performing slowly . disk performance may be the cause of this problem . the disk sub-system has a lot of data waiting to be transferred . which performance counter will you monitor ? A) pages/sec B) interrupts/sec C) current disk queue length D) processor queue length Answer: c 69 . you are working as a network administrator on a company that has windows NT 4.0 based network 10 windows NT server250 windows 98 clients. You have upgraded the windows 98 clients with windows 2000 professional . as you read about new features of windows 2000 like search for network resources by specifying attribute of the objectsmanaging the configuration of each user’s desktop centrally . but you are unable to use this features. What is the most likely reason ? A) those features are only available when you use windows 2000 professional on a windows 2000 server active directory network B) windows 2000 professional do not support those feature C) upgrading from windows 98 to windows 2000 professional do not allow users to use this feature D) only windows 2000 server support this feature . Answer: a You have not upgraded Windows NT 4.0 to Windows 2000 Server that is the reason IntelliMirrorActive Directory is not available and you are not able to use those feature. When you use Windows 2000 Professional on a Windows 2000 Server Active Directory network, two new features are available: IntelliMirror and Active Directory. With IntelliMirror, user's documents can be stored, or mirrored, on a centrally managed server. This feature allows users to log on to any computer in the network and obtain access to their documents and files from that computer. Active Directory allows users to search for network resources by specifying attributes of the object they need, such as a printer capable of printing in color. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 9 - Managing Files, Folders, and Search Methods 70 . when you install windows 2000 professional , in which folder user profile will create ? A) %SystemDrive%\documents and settings B) %systemdrive %\profile C) %systemdrive%\Winnt\System32 D) %systemdrive%\documents Answer: a When you install Windows 2000 Professional, a user profile is created on the %SystemDrive%\Documents and Settings partition. When a user logs on to a Windows 2000 Professional-based computer, the name of the folder that is created is derived from the user account name, and, if necessary, the user account name is appended with the name of the local computer or domain that is applicable to the user who is logging on. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 7 - Introduction to Configuration and Management 71 . Monica has been assigned to configure the network of Albright inc. she decides to use windows 2000 for networking . the network uses Microsoft-based systems. She has to configure the protocols on the systems. Required result: proper communication between client computer and domain controllers Optional result 1: replication of directory information between domain controllers Optional result 2: no extra protocol should be used in the network to reduce the burden Of binding protocols Suggested solution: configure TCP/IP in all clients and servers Which results does the suggested solution produce ? A) suggested solution does not produce the required result B) suggested solution produces the required result and both optional results C) suggested solution produces only the required result D) suggested solution produces the required result and one of the optional result . Answer: b Windows 2000 requires TCP/IP for proper communication between client computers and domain controllers, and also replication of directory information between domain controllers. You can use other network protocols with TCP/IP, but only if applications require these protocols. Ref.: MSDN Library MOC1555 default.htm module 3 review 72 . you are installing a windows 2000-based network for TechMart inc. both clients and servers in the network have windows 2000. as the company uses the internet very often it has installed TCP/IP as primary network protocol . you also plan to assign static IP addresses. How will you install TCP/IP protocol ? A) in control panel , double-click network . on the protocols tab , click add, select TCP/IP protocol, and then click ok B) type the path to the windows 2000 source files, click continue, and then click close. The Microsoft TCP/IP properties dialog box appears C) in my computer , double-click on my network places. On the protocols tab, click install, select TCP/IP protocol and then click ok D) click on specify an IP address option , and type your assigned IP address, subnet mask , and default gateway and click ok . Answer: abd 73 . while checking your network you find that DHCP client does not have IP address. You have checked for client and server configuration and found it correct . what is the most likely reason for this ? A) DHCP server is unavailable B) it is manually configured and has overridden DHCP leased address C) DHCP server is unavailable D) WINS resolution is not enabled . Answer: AC Not sure this one did not have an Answer- Ron If all the DHCP client and server configurations are correct and still the client is unable to contact a DHCP server and obtain an IP address lease, it is either because of a network hardware failure or because the DHCP server is unavailable. Ref.: Windows 2000 Server Help: DHCPCONCEPTS Troubleshooting. 74 . Albright inc. Is using a windows 2000 single-segment network . they have configured a DHCP server for automatic IP addressing . all the systems were working fine until suddenly one day some of the DHCP clients stopped receiving IP addresses from DHCP server . what is the most likely cause for it ? A) clients lease period is over B) IP address of the DHCP server has changed C) DHCP server is not working D) client system is not configured to take IP address automatically from DHCP server. Answer: b The IP address of the DHCP server has changed and now DHCP clients cannot get IP addresses. A DHCP server can only service requests for a scope that has a network ID that which is the same as the network ID of its IP address. To resolve errors make sure that the DHCP server IP address falls in the same network range as the scope it is servicing. For example, a server with an IP address in the 112.168.0.0 network cannot assign addresses from scope 10.0.0.0 unless superscopes are used. Ref.: Windows 2000 help DHCPCONCEPTS Troubleshooting: Troubleshooting DHCP clients 75. you are working for a large accounting firm .some of the accountants work on remote site with clients and require access to the corporate resources. You propose to setup an RAS server so that the accountants can dial-in to your network from their windows 95 notebook computers. Security is the prime concern for you . in order to get the project approved , you require all passwords and data to be encrypted during transmission . how will you configure the RAS server security ? A) require encrypted authentication B) require Microsoft encrypted authentication C) require secure sockets layer (SSL) encryption D) require c2/e-2 complaint encryption services Answer: b If you require data to be encrypted for security reasons then you have only one option that is to use, Require Microsoft Encryption, Authentication. 76 . you are installing windows 2000 professional on a system in the network. After joining the windows 2000 domain , you attempt to logon to the domain .the following message is displayed: The system cannot log you on due to the following error : There is a time difference between the client and server .please try again or consult your system administrator . The problem may be due to time difference between client and domain controller . how will you solve the problem ? A) logon locally to an administrative account of the domain controller , synchronize the time manually on the domain controller B) skip logon authentication of the client , change time zone manually to match with domain controller C) configure client to be a stand-alone system. Synchronize time with domain controller and add client to domain once again D) logon locally to an administrative account , synchronize the time between the client And the server . Answer: d In Windows 2000 architecture, Kerberos security inspects the time stamp of the authentication request sent by the client who is logged on. Current time of the client and the domain controller is compared. If there is significant difference, domain controller does not authenticate. To rectify this problem, you will have to logon locally to an administrative account, and synchronize the time between the Windows 2000 Professional client and the domain controller. Ref: Microsoft TechNet CD Chapter 23 - Windows 2000 Professional on Microsoft Networks 77 . you are configuring a windows 2000 based network . when you attempt to name a computer , the following message is displayed : The new computer name may not be the same as the workgroup (DOMAIN) name. What is the most likely cause for this error ? A) you are trying to give a name to the computer . which is identical or similar to the domain or workgroup name B) you are giving a name that is greater then fifteen characters in length C) no computer account has been made in the domain controller with the name you are providing to the client D) your system is currently not attached to the domain . Answer: a In a Windows NT workgroup or domain or in a Windows 2000 domain where NetBIOS has not been disabled on all clients and servers, the first fifteen characters of Windows 2000 Professional computer cannot be the same as the names of existing clients, workgroups, or domains. Ref: Microsoft TechNet CD Chapter 23 - Windows 2000 Professional on Microsoft Networks 78 . you are a network administrator of a windows 2000-based network. You are concerned about data security for sensitive data of your company . the data is stored on a domain controller shared by several users . you decide to encrypt the data so that only the owner the protected data can access it . but , at the same time you are worried about administrator burden of encryption and decrypting the data. You want to use a method , which makes encryption easy to manage, difficult to attack, and transparent to the file owner and to applications . how will you accomplish this task ? A) use Microsoft encrypted authentication B) use third party encryption method C) encrypt the data and store it in safe place D) use encrypting file system (EFS) to encrypt data . Answer: d EFS can be used to encrypt sensitive data in files that are stored on disks using the NTFS file system. It runs as an integrated system service, which makes EFS easy to manage, difficult to attack, and transparent to the file owner and to applications. Only the owner of the protected file can open the file and work in it. No administrative effort is required to begin using EFS, and most operations are transparent. You also have the option to disable EFS by configuring EFS recovery policy. EFS is designed to protect the privacy of sensitive data. Besides the user who encrypts a file, only designated recovery agent personnel can decrypt it. (Ref. TechNet Technical Information CD, February 2000, Windows 2000 Server Resource Kit book Chapter 15 -EFS) 79 . your boss receives hundreds of confidential mails every week. He wants to secure these mails from unauthorized access. He know that file encryption with efs is a very tedious job as he will have to encrypt the large number of files one by one. So he calls you to solve his problem. What will you do ? A) copy all the mail in windows 2000 systems folders B) spend hours to encrypt all the mail one by one C) create a new folder then select it in windows explorer > file > properties>general tab > advanced. Select the encrypt contents to secure data check box and click ok. From confirm attribute changes dialog box select apply changes to this folder, subfolders and files option D) select systems folder in windows explorer > file > properties > general tab > advanced. Select the encrypt contents to secure data check box > ok .from confirm attribute changes dialog box select apply changes to this folder, subfolders and files option E) copy all mail in the encrypted folder . answer: ce The encryption at folder level is better than individual file level encryption as it is easier and does not require each file to be encrypted individually when it is saved. When a file is copied or created in the encrypted folder, it gets encrypted automatically. It also ensures that the data remains encrypted during and after editing, provided the application editing is also done in the same folder. Ref: TechNet Technical Information CD, article: Encrypting File System 80 . you are administrator in perfect solution inc. you have two network accounts, Admn and duser for checking various settings. You logon to the network through admin account create a file called data.doc .after some time you logon to the system using duser account and try to open data.doc . you receive “accesss denied “ message .what is the most likely reason for it ? A) you have encrypted the file before closing it through admin account B) you cannot access one file from two different accounts C) windows 2000 keeps track of the creator of file in file property an denies access to any Other user D) file has become corrupted . Answer: a Users work with encrypted files and folders just as they do with any other files and folders. Encryption is transparent to the user who encrypted the file, the system automatically decrypts the file or folder when the user accesses it. When the file is saved, encryption is reapplied. However, intruders who try to access the encrypted files or folders receive an "Access Denied" message if they try to open, copy, move, or rename the encrypted file or folder. Ref: Microsoft TechNet CD Chapter 17 - File Systems 81 . how many types of group policy scripts exits that the scripts extension of group policy allow you to assign scripts to run when the computer starts down or when users log on off their computers ? A) group policy startup scripts B) group policy shutdown scripts C) legacy logon scripts D) group policy stand by script E) group policy Netlogon script F) group policy logon script G) group policy logoff scripts . Answer: abcfg The Scripts extensions of Group Policy allows you to assign scripts to run when the computer starts or shuts down or when users log on or off their computers. The names of scripts and their command lines (in the form of registry keys and values) are stored in the Registry.pol file, as described earlier in this chapter. The following five script types exist: *Group Policy logon scripts *Group Policy logoff scripts *Group Policy startup scripts *Group Policy shutdown scripts *Legacy logon scripts (those specified on the User object). Because Windows Script Host supports scripts written in either VBScript or JavaScript, you can enter a command line entry such as CheckBios.vbs in the logon script path of the user object. By default, each of these script types runs asynchronously, and the window is hidden. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 7 - Introduction to Configuration and Management 82 . you are network administrator in tech pacific inc. your network is a windows 2000 domain-based network . you have implemented domain group policy settings on the network . your assistant is configuring a stand-alone windows 2000 professional-based system .he has applied local group policy on it . after configuring it , he makes this computer a member of the domain. There is some conflict in the local and domain group policies . which policy will prevail ? A) domain group policy B) local group policy C) system will hang if policies conflicts D) you cannot join system to the network if policy confliction occur. Answer: a If you use local Group Policy settings initially and then make the computer a member of a domain that has Group Policy settings implemented, local Group Policy settings are processed first, and domain-based Group Policy settings are processed next. If there is a conflict between the settings, the domain Group Policy setting prevails. However, if a computer subsequently leaves the domain, local Group Policy settings reapply. Ref.: TechNet Search "local Group Policy" Setting Local Group Policy Settings 83 . smith is working as network administrator in mico systems inc. which support thousands of desktop computers .he upgrades windows 98 clients with windows 2000 professional . he wants to change the user profile on that system , but he is unable to find the profile on the location as windows 98 system . in which location the file Is stored ? A) %systemdrive%\winnt\profiles B) %systemroot%\windows\profiles C) %systemroot%\profile D) %systemdrive%\documents and settings . Answer: d The naming convention for user profile folders in Windows 2000 is different from the naming convention that is used in Microsoft Windows NT 4.0 and earlier versions of Windows. There is a new location for user profile folders in Windows 2000 and also a new way to create subfolders for individual user profiles. If you upgrade from Windows NT, the user profile folders are stored in the same location as in Windows NT. This location is as follows:%SystemRoot%\Profiles When you upgrade to Windows 2000 from Windows 95 or Windows 98, a new folder for user profiles is created on the same partition as the Windows 2000 installation: %SystemDrive%:\Documents and Settings Note The appropriate path to the user profiles folder is represented as %UserProfile%. Ref: Microsoft TechNet CD April 2000 issue 8, Volume 4: Chapter 7 - Introduction to Configuration and Management 84 . tech perfect inc. has took over sams solution inc. sams office has windows 2000-based domain network .their clients have windows 2000 professional installed . active directory is implemented in their domain. You are working as network administrator in tech perfect inc. your domain is well-managed active directory domain . you want those windows 2000 professional system to join your current domain but you also want to ensure that unauthorized changes have not been made to the system configuration. What will you do to accomplish this ? A) nothing to do . active directory group policy settings will override in any case B) windows 2000 professional system cannot hop domains C) re-install the operating system and applications D) re-define local group policy on windows 2000 professional systems . Answer: c If you deploy Windows 2000 Professional in an unmanaged environment and later want to move Windows 2000 Professional computers into a managed Active Directory domain, you have to reinstall the operating system and applications to ensure that unauthorized changes have not been made to the system configuration. Further, if a local Group Policy setting is configured for Enabled or Disabled and the Active Directory Group Policy setting is set to Not Configured, the local Group Policy setting prevails on that computer. Ref.: TechNet Search "local Group Policy" Setting Local Group Policy Settings name = Top Dump 240 Edited By Scatman -217 exam = 70-240 208 . your network is divided into three sites : new york , texas and Washington . you have created two sites links : one site link NT connects the new york site and the texas site over IP with cost = 4. two site link WT connects the Washington site and the texas site over IP with cost =3 . there is no site link between the new york site and the Washington site . what will be cost of NT-WT site link bridge , which connects site link NT and site link WT ? A) seven B) four C) three D) one E) thirty five Answer: a The site link bridge NT-WT implies that an IP message can be sent from New York site to Washington site with cost 4+3 = 7. Ref: TechNet: Technical Information CD Chapter 6 - Active Directory Replication 209 . you upgrade your windows NT 4.0 computer , installed as a member server to Windows 2000 server and are also installing active directory . which of the following Are valid options for active directory configuration ? A) an additional domain controller in an existing domain B) added to an existing domain C) additional domain controller in an existing domain D) new domain Answer: ab Installation of Active Directory occurs through different paths, depending on nature of Windows 2000 Server installation. The following are the scenarios for installing Windows 2000 Server: When you install Windows 2000 Server as the first operating system (fresh install) or replace or upgrade an existing operating system on a computer that is not a domain controller, you create either a Windows 2000 stand-alone server or member server, and then install Active Directory as one of the following: A new domain An additional domain controller in an existing domain When you upgrade an existing Windows NT 4.0 backup domain controller, the Active Directory Installation wizard starts automatically after the upgrade setup is completed. In this case, there are two choices; do either of the following: Add Active Directory, which creates an additional domain controller in an existing domain. Convert the backup domain controller to a member server added to an existing domain. When you upgrade an existing Windows NT 4.0 based primary domain controller, you have to install Active Directory as a new domain. Ref: TechNet: Technical Information CD Apr. 2000 Volume 8 issue 4: Chapter 2 - Active Directory Data storage 210 . what are the perquisites of installing active directory ? A) you should logon as a member of the administrator group. B) you should be logged on as an administrator. C) computer is running windows 2000 server D) at least one partition is formatted with NTFS v5. E) computer is running windows 2000 advance server . Answer: acd The Active Directory Installation wizard requires 200MB) of disk space for the Active Directory database and 50MB for the ESENT transaction log files. When you start the Active Directory Installation wizard, the following checks are performed before the wizard user interface actually appears: The current user is logged on to the local computer as a member of the Administrators group on the local computer. The computer is running Windows 2000 Server. A previous installation or removal of Active Directory has not taken place without the computer having first been restarted. The Active Directory Installation wizard is not currently running. An installation or removal operation of Active Directory is not already in progress. At least one logical disk drive is formatted with the NTFS v5 file system. Ref: TechNet: Technical Information CD Apr. 2000 Volume 8 issue 4: Chapter 2 - Active Directory Data storage 211 . your windows 2000 network contains multiple sites and domains . you have implemented global catalog server in your windows 2000 network . how will you Replicate information after you add new domain to the forest ? A) do nothing , it will be replicated automatically B) create a site link C) after adding new domain , replicate information manually D) create a connection object Answer: a The Global Catalog is built automatically by the Active Directory replication system. All the directory partitions on a Global Catalog server, whether full or partial partitions, are stored in a single directory database (Ntds.dit) on that server. When a new domain is added to the forest, the information about the new domain is stored in the configuration directory partition, which reaches the Global Catalog server (and all domain controllers) through replication of forest-wide information. When a new Global Catalog server is designated, this information is also stored in the configuration directory partition and replicated to all domain controllers in the forest. Ref: TechNet: Technical Information CD Apr. 2000 Volume 8 issue 4: Chapter 2 - Active Directory Data storage 212 . you are network administrator of a big oak inc . the organization has four branch Offices in Tokyo , Paris , new york and Washington . Tokyo , paris and new york offices Are connected to the corporate headquarter with 56-kbps dial-up links . the Washington Branch office is connected to the corporate headquarter with a T1 line . how many sites Will be required for this network ? A) two B) three C) four D) seven Answer: c This network will require four sites: one site for each of the three branch offices that are connected with 56-Kbps dial-up links, and one site containing both the corporate headquarters and the fourth will be the branch office with the T1 connection. 213 . you are concern about the fault tolerance of your active directory so decide to Take backup of it using tools given for backup. Which of the following options will you Choose to backup active s\directory and all other system components and services On which active directory Is dependent ? A) entire server B) selected files C) system state data D) entire domain E) active directory Answer: c The backup utility has only three options: Entire server Selected files System State data The correct answer is System State data. System State data includes Active Directory and all other system components and services on which Active Directory is dependent. i.e. The system startup files System registry COM+ class registration database File Replication service (the SYSVOL directory) Certificate Services database (if it is installed) Domain Name System (if it is installed) Cluster service (if it is installed) While Selected file only takes backup of files selected by users and Entire server takes backup for server components. There are no such options as Active Directory backup or Entire Domain. Ref: TechNet: Technical Information CD Feb. 2000 Volume 8 issue 2: Active Directory Backup and Restore 214 . Peach tree inc. has offices at various locations through out the world. Most of the Offices have more than one domain . the company upgrades its systems from windows NT 4.0 to windows 2000 and also configure the active directory including all the sites And domain . the company management is concerned about the backup of active directory . they want to configure backup so that it runs in unattended mode every Friday after office hours and data is verified for any errors the next day . Required result : take backup of entire active directory , including active directory for The entire domain throughout your network worldwide . Optional result 1: schedule to run unattended backup after office hours Optional result 2 : check for verification of data backed up. Suggested solution : take a state backup of every domain controller in the network , Choose advanced option in backup wizard and schedule the backup to run unattended On every Friday after office hours . also choose option for data verification . verify backup results using event viewer on the next day . Which results does the suggested solution produce ? A) suggested solution produces the required result and only one of the optional results . B) suggested solution produces only the required result . C) suggested solution does not produce the required result D) suggested solution produces the required result and both optional results . Answer: d To take backup of entire Active Directory you should take a state backup of every domain controller in network because the backup tool only supports local backups of Active Directory. To take full backup, you must perform a backup on every domain controller in the enterprise. Active Directory cannot be backed up on a remote computer; this is a limitation of the Windows 2000 Backup tool. You can set advanced backup options using the Backup wizard by clicking Advanced on the final wizard screen. This allows you to set or configure several parameters, including: Data verification Hardware compression Media label Setting for backup job appended to a previous job Setting to schedule the backup to run unattended at another time Although data verification setting is done in the Advanced option but the verification is reported in Event Viewer. If there are differences in the files, the event type will be "Error" otherwise; the event type will be "Information". Ref: TechNet: Technical Information CD Active Directory Backup and Restore 215 . Subway inc. have multiple domain controllers, in a network based on windows 4.0 All the systems have been upgraded to windows 2000 sometime back ; no backup has Been taken since the upgrade was performed . one of the domain controllers crash. How will you restore active directory data of the crashed system ? Required result : repair windows 2000 installation . Optional result 1 : restore active directory to the current state Suggested solution : first use the sites and services snap-in on an existing domain Controller to delete any references to the old domain controller . then, on the damaged System , reinstall windows 2000 server , restore a domain controller by reinstalling Windows 2000 server on the damaged system , making it a domain controller . Which results does the suggested solution produce ? A) suggested solution produces the required result and the optional result . B) suggested solution produces only the optional result . C) suggested solution produce only the required result D) suggested solution does not produce the required result . Answer: a There are two ways to restore Active Directory. You can reinstall Windows 2000, and then let normal replication repopulate Active Directory, or you can restore Active Directory from a backup. As the question states that no backup is available for Active Directory, so we have to use first method i.e. reinstall Windows 2000, and then let normal replication repopulate Active Directory. The complete steps to restore Active Directory using this method is given below: 1. Use the Sites and Services snap-in on an existing domain controller to delete any references to the old domain controller. 2. On the damaged system, reinstall Windows 2000 Server. 3. On that server, use the Active Directory Installation wizard to reinstall Active Directory. 4. Promote the server to be a domain controller. Active Directory and SYSVOL are brought up-to-date through replication from a domain controller. Ref: TechNet: Technical Information CD Active Directory Backup and Restore 216 . Subway inc. have multiple domain controllers in their network . all domain controllers have windows 2000 with active directory configured on them . you make Some changes to active directory configuration after taking a full backup of state data. A few days after you make changes you realize that there is some error and want to roll Back the changes to its previous state . how will you rollback to previous state ? Required result : restore backup of active directory Option result 1 : the old object and configuration should be replicated to all the domain Controllers . Suggested solution : you should perform authoritative restore after you perform Non-authoritative restore using the backup tool . Which result does the suggested solution produce ? A) suggested solution produces the required result and the optional result . B) suggested solution produces only the optional result C) suggested solution produces only the required result D) suggested solution does not produce the required result . Answer: a After Active Directory is restored non-authoritatively from a backup, you should use the Ntdsutil tool to mark restored objects as authoritative so that they update existing copies of those objects throughout the forest, even if the authoritatively restored replica set is older than the current replicas, the older data is replicated to all of its replication partners. The authoritative restore feature of the Ntdsutil tool is meant to be used sparingly because it restores the directory to an earlier state and any updates that were made after that point are lost. You can use it to selectively modify individual objects, sub-trees, organizational units, and even an entire forest, but do so only if you have identified a specific problem and you know that restore can fix it. Ref: TechNet: Technical Information CD Feb. 2000 Volume 8 issue 2: Active Directory Backup and Restore 217 . which of the following are correct in a situation when an object is moved from Marketing OU to sales OU ? A) permissions that are granted directly to objects remain the same . B) the objects inherit permissions from new OU . C) any permissions inherited from the previous OU will remain the same . D) you cannot move multiple objects at the same time . Answer: ab You can move objects between OUs in Active Directory when organizational or administrative functions change, for example, when an employee moves from one department to another. The following conditions apply when you move objects between OUs: Permissions that are granted directly to objects remain the same. The objects inherit permissions from the new OU. Any permission inherited from the previous OU will no longer affect the objects. You can move multiple objects at the same time. Ref: MOC 1560A) Module 6 Administrating Active Directory. 218 . you want to delegate administrative control of all computer accounts in an OU to A specific user . what is the simplest method for grating the required permissions ? A) right-click each computer account , and click delegate control to run the delegation Of control wizard . grant control of computer accounts to the user . B) right-click the domain controller account , and click delegate control to run The delegation of control wizard . grant control of the domain controller to the user. C) right-click the OU, and click delegate control to run the delegation of control wizard. Grant control on the OUs to the user . Answer: c Right-click the OU, and click Delegate Control to run the Delegation of Control wizard. Grant control of the OU to the user, and limit the user's control to computer accounts within that OU. Ref: MOC 1560A) Module 6 Administrating Active Directory. 219 . Big oak inc. is implementing a windows 2000 network . the company’s offices are at multiple locations (sites) and each location has multiple domain controllers. You Implement the active directory , which gets replicated successfully to domain controllers in the same site but not between other sites . which of the following object will you Make, so that it starts replicating object between different sites ? A) site link object B) server object C) site link bridge D) connection object Answer: a If you have more than one site, you must create links to connect the sites for replication. In Active Directory, a site link object identifies a set of sites that can be scheduled to communicate at uniform cost through a transport between sites. Site links specify the schedule, how and when periodic replication occurs over the link. Ref: TechNet: Technical Information CD Mar. 2000 Volume 8 issue 3: Chapter 6 - Active Directory Replication 220 . peach tree inc. has offices at various locations through out the world configured as sites. Most of the sites have more than one domain. You have installed active directory. The connection object gets created automatically for replication between Domain controllers in the same site but it does not get created for intersite replication. What will you do to resolve the problem ? A) create site link B) create connection object manually C) create organization unit (OU) D) create site link bridge Answer: a Connection objects are created automatically by the KCC for replication both within a site and between sites. For connection objects to be created between two sites, however, you must manually create a link that connects the two sites. These links, implemented through site link objects in Active Directory, identify the transport protocol and scheduling required replication between two sites. Administrators use Active Directory Sites and Services to create the site links, and the KCC creates the connections accordingly when it generates the intersite topology. Ref: TechNet: Technical Information CD Mar. 2000 Volume 8 issue 3: Chapter 6 - Active Directory Replication 221 . your windows 2000 network has a single site and two domain controllers with in The site. In the situation which of the following features will be applicable for replication between these two domain controllers ? A) replication traffic with in a site is uncompressed B) replication traffic with in a site is compressed C) changes to the password on a computer account replicated immediately D) changes to the account lockout policy replicated immediately. Answer: acd Replication within a site is designed to work with fast, reliable connections. As a site assumes fast, highly reliable links, replication traffic within a site is uncompressed. Certain security-sensitive updates are replicated immediately within a site. These security-sensitive updates are: Changes to the account lockout policy Changes to the domain password policy Changes to the password on a computer account Replication of a newly locked-out account Changes to a Local Security Authority (LSA) secret Ref: MOC 1560A) Module 5 Administrating Active Directory. 222 . the windows 2000 based network of an advertising agency has multiple sites with Multiple domain controllers installed . each site also has multiple domains . you are setting up replication for active directory . how many network protocols will you require To install for replication with in the sites and for replication between the sites ? A) remote procedure call (RPC) over IP B) only TCP/IP C) SMTP for replication between domain controllers in different domains D) SMTP for replication between domain controllers with in sites . Answer: ac Active Directory requires a network protocol for replication traffic. Within a single site, t only one protocol is used for replication. In a multiple site structure, you must select a single replication protocol for replication between sites. Replication Within a Site Active Directory replication uses remote procedure call (RPC) over IP for replication within a site. RPC is an industry standard protocol for client/server communications that is compatible with most type of networks. For replication within a site, RPC provides uniform, high-speed connectivity. Replication Between Sites When you configure replication between sites, you must choose between replication protocols: RPC over IP, or the Simple Mail Transfer Protocol (SMTP). However, you can use SMTP only for replication between domain controllers in different domains. In most cases, choose RPC over IP for replication between sites. Note: Active Directory Sites and Services labels the protocol for connections within a site as RPC and the protocol for connections between sites as IP. Both labels, however, mean that the connection uses RPC over IP. Ref: MOC 1560A) Module 5 Administrating Active Directory. 223 . what are the prerequisites for installing DNS services in a windows 2000 server Computer ? A) configure TCP/IP with a static IP address before you install the DNS B) configure active directory before you install the DNS server service C) configure DHCP before you install the DNS server service . D) configure dynamic IP address before you install the DNS server service Answer: a Computers running Windows 2000 are configured as Dynamic Host Configuration Protocol (DHCP) clients by default. Therefore, you must configure TCP/IP with static IP address before you install the DNS Server service and perform any other DNS configurations. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 224 . you have multiple sites in your windows 2000 network . each site has multiple domain controllers installed . a DNS server service is also installed and is running . you Have also installed and configured active directory . how will you create the active Directory integrated zone ? A) start new zone wizard for server in DNS console . specify zone type as forward lookup or reverse lookup. B) start new zone wizard for server in active directory console . specify zone Type as forward lookup or reverse lookup. C) start new zone wizard for server in Microsoft management console . specify zone type as active directory integrated zone . Answer: a To add an Active Directory integrated zone follow the following steps: In the DNS console, right-click the appropriate server name, and then click Create New Zone. In the Create New Zone wizard, click Next. On the Select a Zone Type page, click Active Directory integrated and then click Next. The wizard then prompts you to specify a zone lookup type, whether forward or reverse. Forward lookup: When you select Forward lookup, the Create New Zone wizard prompts you to specify the zone name. It will automatically create the zone, the zone database file, and the SOA (start of authority) and NS (name server) resource records. The contents of the zone database file are replicated to all domain controllers in the domain. Reverse lookup: When you select Reverse lookup, the Create New Zone wizard prompts you to specify the network identification and subnet mask, to verify the zone name. It will automatically create the zone, the zone database file, and the SOA and NS resource records. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 225 . how will you configure a zone for dynamic updates ? A) open the property dialog box for DNS and click allow updates in the dynamic updates. B) open the property dialog box for zone and click allow updates in the Dynamic updates. C) open the property dialog box for active directory and click allow updates in dynamic Updates . D) open the property dialog box fro group policy and click allow updates in dynamic updates . Answer: bc To configure a zone for dynamic updates, open the Properties dialog box for the zone. On the General tab, click Allow Updates in the Dynamic update list box. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 226 . you are configuring an active directory integrated forward lookup zone . after it has been configured successfully you try to locate the zone database file that is associated With that zone on the hard disk of the DNS name server but do not find it . where is the zone database information stored ? A) in active directory B) on each client computer C) on DHCP server D) in a file on the DNS server in the \DNS directory . Answer: a If you are configuring an Active Directory integrated forward lookup zone all the settings will be stored in Active Directory. Therefore, there will be no files stored, that are associated with the zone on the hard disk of the DNS name server. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 227 . all the domain controllers in your network are configured for DHCP . each time the system boots it gets a new IP address from the DHCP server . you have also configured the active directory on the domain controllers . you want to configure your DNS setting so that it dynamically updates DNS data whenever the IP address of domain Controllers change . how will you configure for dynamic updates ? A) configure each domain controller for dynamic updates . B) configure your DHCP server for DNS dynamic updates . C) configure your DNS server for dynamic updates . D) configure active directory for dynamic updates . Answer: b To enable DNS dynamic updates in the DHCP server, open the DHCP console, and then open the Properties dialog box for the DHCP server. Select the Enable Dynamic update of DNS client information check box in the Dynamic DNS tab. And then select the Update according to client request option to allow the DHCP client computer to update the A (host) resource record, and the DHCP server to update the PTR (pointer) resource record. If you want to allow the DHCP server to update both the A (host) and PTR (pointer) resource records, regardless of the DHCP client computer's request, select the Always update forward and reverse lookup option. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 228 . big oak inc. has hired two new marketing persons , many s. gold and Mary j. gold. The company has single domain called bigoak.com , and the user accounts for both the new employees have to be created in the marketing OU. Accounts naming convention is defined as : Use the first two letter of an employees first name followed by the first six characters of The last name . first letter of middle name can be used if required to enforce unique usernames . what two downlevel logon names will you use ? A) bigoak\magold B) magold@bigoak.com C) bigoak\mapgold D) mapgold@bigoak.com Answer: ac According to convention the values for first name, last name, full name, UPN, and downlevel logon name for these two employees will be: Mary S. Gold First name: Mary Middle Name: S. Last name: Gold UPN: MaGold@BigOak.com Downlevel logon name: BigOak\MaGold Mary P. Gold First name: Mary Middle Name: P. Last name: Gold UPN: MaPGold@BigOak.com Downlevel logon name: BigOak\MaPGold Ref: MOC 1560A) Module 6 Administrating Active Directory. 229 . John is a member of sales and accounts group. He has no access on accounts file Through his membership of sales group and full access through his membership in accounts group. He also has write permission assigned on the accounts file through his User account . what will be his effective permissions on the accounts files ? A) write access B) no access C) full access D) read access Answer: b You can either allow or deny permissions. Denied permissions take precedence over any permissions that you otherwise allow for user accounts and groups. If you deny permission for a user to gain access to an object, the user will not have that permission, even if you allow the permission to a group of which the user is a member. You should deny permissions only when it is necessary to deny permission to a specific user who is a member of a group with allowed permissions. Note: Always ensure that all objects have at least one user with the Full Control permission. Otherwise some objects can become inaccessible, even to an Administrator. Ref: MOC 1560A) Module 6 Administrating Active Directory. 230 . you want to configure your windows 2000 network in such a way that whenever a user logs in he gets all of his personal files (stored in my document ) locally , regardless of the system he logs on to so that he does not have to access it from the network . how will you configure this ? A) configure login script so that each time the user logs on , his personal file Should be copied to the local system . B) configure system policy C) use folder redirection in group policy . D) you do not require to configure it , as this will be done automatically . Answer: c The Folder Redirection in Group Policy help you to redirect any of the following folders in a user profile to an alternate location: Application data Desktop Documents My Pictures Start menu My Documents folder is part of the roaming user profile. This means that the My Documents folder and its contents are copied back and forth between the client computer and the server when users log on and log off. Relocating the My Documents folder outside the user profile can significantly decrease that time. Storing user data on the network (rather than on the local computer) so that the data is managed and protected by the information technology department. You can also configure standard Desktop and Start menu settings using Folder Redirection. Ref: MOC 1560A) Module 8: Using Group Policy to Manage Desktop Environments 231 . you want to redirect my documents folder using folder redirection in group policy. How will you configure the settings ? A) right-click the folder that you wish to redirect , and then click properties specify setting for target and settings tab . B) open group policy , choose folder you wish to redirect . C) select user , specify setting for redirection of folder D) select OU, specify setting for redirection of folder . Answer: a Follow these steps to configure folder redirection: Open the appropriate GPO in Group Policy. Select Windows Settings under User Configuration, and then expand Folder Redirection. Right-click the folder that you wish to redirect, and then click Properties. Set option for redirection under Target Tab. Ref: MOC 1560A) Module 8: Using Group Policy to Manage Desktop Environments 232 . you want to configure windows 2000 system for centralized management of software installations, updates and removal . how will you configure using group policy snap-in and its extensions in Microsoft management console (MMC) ? A) use administrative templates B) use security C) use scripts D) use deployments E) use folder redirection Answer: b Group Policy snap-in and its extensions in Microsoft Management Console (MMC) is used to define Group Policy settings for desktop configurations. The following Group Policy extensions are used to configure Group Policy settings: Administrative Templates: It is used to configure the application settings, desktop appearances, and behavior of system services. Administrative Templates store all the configuration information in the Registry. Security: It is used to configure settings for local computers, domains, and network security and software installations. It also helps in central management of software installations, updates, and removal. Scripts: You can write scripts which will be run when a computer starts and shuts down, and when a user logs on and logs off. Folder Redirection: Stores user's folders on the network. Ref: MOC 1560A) Module 8: Using Group Policy to Manage Desktop Environments 233. your company’s network is based on windows 2000. you have to deploy two Applications , Microsoft office 2000 and an accounting application. All users in your Organization use Microsoft office use Microsoft office 2000 on daily basis . some users Outside the department also use accounting application on daily basis . some users outside the accounting department require occasional access to accounting application . if you have a single domain , and each department has their own OU, at what level in a GPO will you assign the accounting application ? Required result : Microsoft office should be available to all users . Optional result 1 : accounting application should be available to accounting departments users . Optional result 2 : accounting application should be available to all users for occasional use . Suggested solution : assign Microsoft office in a GPO at the domain level. Accounting application will be assigned in a GPO at the accounting departments OU. Which results does the suggested solution produce ? A) suggested solution produce the required result and both the optional results . B) suggested solution produces the required result and one of the optional results . C) suggested solution produces only the required result. D) suggested solution does not produce the required result . Answer: b According to suggested solution Microsoft Office will be available to all the users but Accounting application will only be available to Accounting department users. To provide occasional access to Accounting application to other users you also have to assign it in a GPO at the domain level. Ref: MOC 1560A) Module 9: Using Group Policy to Manage Software 234 . John complains that he is unable to locate some objects by using find option in active directory . earlier he was able to locate them . you find that johns access permission has changed recently . what is the likely reason ? A) the user must have read permission for an object B) the user must have full control permission for an object C) the user must have write permission for an object D) the user does not require any permissions for an object , but cannot have no access for An object . Answer: a Global Catalog Server contains the access permission for an object. If users do not have Read permission for an object, they cannot view or locate the object. Ref: MOC 1560A) Module 6 Administrating Active Directory. 235. you want to audit file access through security events . your system has the FAT partition in windows explorer you select the folder on which you want to track access, but Find that security tab is disabled , you had enabled audit object access. What is the likely Problem ? A) convert FAT partition to NTFS B) install security services for server C) set security option to all in audit dialog box . D) convert FAT partition to NTFS or FAT32 . Answer: a Events are not audited by default. If you have Administrator permissions, you can specify what type of system events are audited through Group Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy. For file and object access, you can then specify: Files and printers to monitor Type of file and object access to monitor Users or groups to monitor You can audit file and folder access only on NTFS drives. 236 . which utility will you use to install active directory on a windows 2000 server computer ? A) Dcpromo B) ADSetup C) setup D) NTSetup /A Answer: a There are two options to install Active Directory on a Windows 2000 Server 1. Use the Active Directory Installation wizard. Or 2. Run Dcpromo from the Start menu, Run option. You can also use a text file to perform an unattended (silent) installation of Active Directory, by typing Dcpromo /Answer: Ref: TechNet: Technical Information CD Apr. 2000 Volume 8 issue 4: Chapter 2 - Active Directory Data storage 237 . you are installing windows 2000 server as a primary domain controller . after the Setup is completed the installation wizard for active directory starts automatically . which Of the following options will be valid option for active directory configuration ? A) an additional domain controller in an existing domain B) added to an existing domain C) additional domain controller in an existing domain D) new domain Answer: d Installation of Active Directory occurs through different paths, depending on nature of Windows 2000 Server installation. The following are the scenarios for installing Windows 2000 Server: 1) When you install Windows 2000 Server as the first operating system (fresh install) or replace or upgrade an existing operating system on a computer that is not a domain controller, you create either a Windows 2000 stand-alone server or member server, and then install Active Directory as one of the following: a) A new domain b) An additional domain controller in an existing domain 2) When you upgrade an existing Windows NT 4.0 backup domain controller, the Active Directory Installation wizard starts automatically after the upgrade setup is completed. In this case, there are two choices; do either of the following: a) Add Active Directory, which creates an additional domain controller in an existing domain. b) Convert the backup domain controller to a member server added to an existing domain. 3) When you upgrade an existing Windows NT 4.0 based primary domain controller, you have to install Active Directory as a new domain. Ref: TechNet: Technical Information CD Apr. 2000 Volume 8 issue 4: Chapter 2 - Active Directory Data storage 237 . what does the global catalog server store ? A) a global catalog server is a domain controller that stores write able copy of domain directory , schema directory and configuration directory partition . B) a global catalog server is a domain controller that stores partial read only copy of all Other domain directory partitions in the forest . C) a global catalog server is a domain controller that stores write able copy of all other Domain directory partitions in the forest . Answer: ab Every domain controller in a forest stores three full, writeable directory partitions: a domain directory partition, a schema directory partition, and a configuration directory partition. A Global Catalog server is a domain controller that stores these writeable directory partitions, as well as a partial, Read Only copy of all other domain directory partitions in the forest. Ref: TechNet: Technical Information CD Chapter 2 - Active Directory Data storage 238 . how will you designate windows 2000 server to global catalog server ? A) first windows 2000 domain controller in a forest is automatically designated As a global catalog server . B) any windows 2000 domain controller can be designated as a global catalog Server through an NTDS settings properties dialog box in active directory sites and services . C) any windows 2000 system can be designated as a global catalog server through An NTDS settings properties dialog box in active directory sites and services . Answer: b The first domain controller in a forest is automatically designated as a Global Catalog. Thereafter, a domain controller can be designated as a Global Catalog in the NTDS Settings Properties dialog box in Active Directory Sites and Services. The NTDS Settings object is a child of the server object, which is a child of the site object in the Sites container. When you select the Global Catalog Server check box, the domain controller is added to the Global Catalog replication topology and populated by means of normal replication process. When you change an attribute that is flagged as belonging in the Global Catalog in any domain, it is replicated to all Global Catalog servers. Ref: TechNet: Technical Information CD Chapter 2 - Active Directory Data storage 239. Peach tree inc. has offices at various locations through out the world . most of the Offices have more than one domain . the company upgrades it systems from windows NT 4.0 to windows 2000 and also configure the active directory including all the sites and domain . the company management is concerned about the backup of active directory. Which of the following tools will start the backup at the command prompt ? A) NTbackup B) Asbackup C) backup D) Activebackup Answer: a Backup is a GUI system tool in Accessories, but since question is asking about the command prompt utility, NTbackup is the correct option. ADbackup and Activebackup do not exist. Ref: TechNet Technical Information CD Active Directory Backup and Restore 240 . which of the following active directory files are included in the backup set when Active directory backup is taken ? A) Ntds.dit B) Edb.chk C) Edb.log D) res1.log and res2.log E) Edb.db F) Ntds.chk Answer: abcd Following files are included with Active Directory if you take backup of System State data Ntds.dit: The Active Directory database Edb.chk: The checkpoint file Edb*.log: The transaction logs: each 10MB size Res1.log and res2.log: Reserved transaction logs The default folder for Active Directory files is Winnt\Ntds. But, you can specify a different folder when you promote a server to a domain controller. There are no such files like edb.db and ntds.chk Ref: TechNet: Technical Information CD Feb. 2000 Volume 8 issue 2: Active Directory Backup and Restore 241 . peach tree inc. has offices at various locations through out the world. Most of the Offices have more than one domain . the company upgrades its systems from windows NT 4.0 to windows 2000 and also configures the active directory including all the sites And domain . the company management is concerned about the backup of active directory . they want to configure backup so that it runs in unattended mode every Friday after office hours and data is verified for any errors the next day. Required result : take backup of entire active directory , including active directory for All domains throughout the company’s network world wide . Optional result 1 : schedule to run unattended backup after office hours Optional result 2 : check for verification of data backed up . Suggested solution : take a state backup of every domain controller in the network , run AT command to schedule the backup to run unattended at every Friday after office hours. Next day run NTbackup /v from start menu > run option , to verify data And report any error . Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results . B) suggested solution produces the required result and one of the optional results . C) suggested solution produces only the required result . D) suggested solution does not produce the required result . Answer: c To take backup of entire Active Directory you should take a state backup of every domain controller in network because the Backup tool only supports local backups of Active Directory. You must perform a backup on every domain controller in the enterprise to entirely backup Active Directory. Active Directory cannot be backed up on a remote computer. This is a limitation of the Windows 2000 Backup tool. You can set advanced backup options using the Backup Wizard by clicking Advanced on the final wizard screen. This allows you to set or configure several parameters, including: Data verification, Hardware compression, Media labels, Setting for backup job appended to a previous job Setting to schedule the backup to run unattended at another time. Although data verification setting is done in the Advanced option but verification is reported in the Event Viewer. If there are differences in the files, the event type is "Error" Otherwise; the event type is "Information.Ref: TechNet: Technical Information CD Feb. 2000 Volume 8 issue 2: Active Directory Backup and Restore 242 . subway inc. have multiple domain controllers , in the network based on windows 4.0. all the systems have been upgraded to windows 2000 sometime back; no backup has been taken since the upgrade was performed . one of the domain controllers crash . how will you restore active directory data ? Required result : repair windows 2000 installation Optional result 1 : restores active directory to the current state . Suggested solution : reinstall windows 2000 server . this will automatically update Active directory using replication . Which results does the suggested solution produce ? A) suggested solution produces only the optional result B) suggested solution produces the required result and the optional result C) suggested solution produces only the required result D) suggested solution does not produce the required result . Answer: c There are two ways to restore Active Directory. You can reinstall Windows 2000, and then let normal replication repopulate Active Directory, or you can restore Active Directory from a backup. As the question states that no backup is available for Active Directory, so we have to use first method i.e. reinstall Windows 2000, and then let normal replication repopulate Active Directory. The complete steps to restore Active Directory using this method is given below: Use the Sites and Services snap-in on an existing domain controller to delete any references to the old domain controller. On the damaged system, reinstall Windows 2000 Server. On that server, use the Active Directory Installation wizard to reinstall Active Directory. Promote the server to be a domain controller. Active Directory and SYSVOL are brought up-to-date through replication from a domain controller. Ref: TechNet: Technical Information CD Feb. 2000 Volume 8 issue 2: Active Directory Backup and Restore 243 . subway inc. have multiple domain controllers in their network . all the domain controllers have windows 2000 with active directory configured on them . you make some changes to active directory configuration after taking full backup of state data . a Few days after you make changes you realize that there is some error and want to roll back the changes to its previous state . how will you rollback to previous state ? Required result : restore backup of active directory . Optional result 1 : the old object and configuration should be replicated to all domain Controllers . Suggested solution : you should perform a non-authoritative restore using the backup tool. Which results does the suggested solution produce ? A) suggested solution produces the required result and the optional result B) suggested solution produces only the optional result C) suggested solution produces only the required result D) suggested solution does not produce the required result . Answer: c If you do not perform authoritative restore using backup tools once after Active Directory restore. It will be updated through normal replication, and overwrite any changes since last backup. This will be not fulfill the optional result. To fulfill the optional result you should use the Ntdsutil tool to mark restored objects as authoritative after Active Directory is restored non-authoritatively from a backup. This will update existing copies of those objects throughout the forest, even if the authoritatively restored replica set is older than the current replicas. In this way the older data is replicated to all its replication partners. The authoritative restore feature of the Ntdsutil tool is meant to be used sparingly because it restores the directory to an earlier state and any updates that were made after that point are lost. You can use it to selectively modify individual objects, sub-trees, organizational units, and even an entire forest, but do so only if you have identified a specific problem and you know restore can fix it. Ref: TechNet: Technical Information CD Feb. 2000 Volume 8 issue 2: Active Directory Backup and Restore 244 . what happens to the permissions of an object when it is moved from one OU to Another ? A) permissions that are granted directly to the object are removed B) permissions that are granted directly to the object remain the same C) the object inherits permissions from the new OU D) the object does not inherit permissions from the new OU. Answer: ac Permissions that are granted directly to the object remain the same. The object also inherits permission from the new OU. Any permissions that were inherited from the previous OU no longer affect the object. Ref: MOC 1560A) Module 6 Administrating Active Directory. 245 .your organization has two branch offices , one in paris and other in new york , configured as different sites in your windows 2000 network . each site contains two Domain controllers . one of the domain controllers in paris , which had replication connection with another domain controller in new york , experiences a hard disk failure . What will you do to establish connection again after the hard disk has been replaced ? A) configure a new connection object manually B) you do not require to configure connections it will be done automatically C) configure a new site link D) configure a new transport object . Answer: b You do not have to configure a new connection object manually. The Knowledge Consistency Checker (KCC) will automatically create a new connection object, connecting the remaining domain controllers in Paris to the domain controllers in New York. 246 . Peach tree inc. is setting up a network on windows 2000. they have offices in three cities namely , new york (NY) , seattle (ST) , texas (TX). NY and ST are well connected , while the connection between NY, TX and ST , TX is not very good . traffic on the WAN link is high during daytime , but you want maximum bandwidth for your Inter-office communication . which of the following is appropriate setting for site link in The given scenario ? A) create low cost site links between NY and ST B) create medium-cost site links between NY and ST C) create High-cost site links between NY and ST D) create medium-cost site links between ST, TX and NY , TX . E) create high-cost site links between ST, TX and NY , TX . F) create low-cost site links between ST, TX and NY , TX . G) schedule replication after office hours H) schedule replication every hour . Answer: adg When there are multiple sites you should configure site link as given below: Create low-cost site links between the sites that are well connected. Create medium-cost site links between sites, which are connected over a comparable transport, for example: Full mesh links (remote sites that are connected over telecommunication links). Frame relay cloud links (a point-to-point system that uses a private virtual circuit). Medium area network (MAN) links with T1 connections. Identify remaining WAN links. Create a site link for each pair of sites that cross a WAN link. Create a schedule that meets user requirements. Avoid high-frequency time. Ref: TechNet: Technical Information CD Mar. 2000 Volume 8 issue 3: Chapter 6 - Active Directory Replication 247 . you have two servers objects in your active directory and are manually setting up Connection objects for replication . how many connection objects should be created to implement full replication ? A) one B) two C) none D) four Answer: b A connection object represents a one-way replication path between two server objects and points to the replication source. Domain controllers that are linked by a connection object are replication partners. For example, to fully replicate directory information between domain controller A and domain controller B, two connection objects are required. One connection object enables replication from domain controller A to domain controller B; this connection object exists in the NTDS Settings object of domain controller B. A second connection object enables replication from domain controller B to domain controller A; this connection object exists in the NTDS Settings object of domain controller A. Connection objects are created in two ways: Automatically by the KCC running on the destination domain controller, or Manually by an Administrator. Ref: MOC 1560A) Module 5 Administrating Active Directory. 248. Adrian inc. have a windows 2000 based network , which has two sites and a domain controller within each site . in this setup which of the following features will be Applicable for replication between the two sites ? A) replication traffic within a site is uncompressed . B) replication traffic within a site is compressed C) changes to the password on a computer account are replicated immediately . D) schedule and interval can be configured for replication . Answer: bd Replication between sites is designed under the assumption that the network links between sites have limited available bandwidth and may not be reliable. Replication between sites does not occur through a change notification process. When and how often replication occurs between sites are defined by configurable values, such as a schedule and an interval. The schedule determines at what times replication is allowed to occur and the interval specifies how often domain controllers check for changes during the time that replication is allowed to occur. Replication traffic between sites is designed to optimize bandwidth. This is accomplished by compressing all replication traffic between sites. Replication traffic is compressed to 10% to 15% of its original size before it is transmitted. Although compression optimizes network bandwidth, it imposes an additional processing load on domain controllers. Note: Urgent replication is not available for replication between sites. Ref: MOC 1560A) Module 5 Administrating Active Directory. 249 . you are the network administrator of big oak inc. the organization has four branch Offices in Tokyo, paris , new york and Washington . Tokyo , paris and new york offices Are connected to the corporate headquarter with 56-kbps dial-up links. The Washington Branch office is connected to the corporate headquarters with a T1 line. You have created Site links that join paris and new york , Washington and Tokyo , and Washington and new york . will these site links allow full replication to occur ? A) yes these sites links will allow full replication to occur . B) no, these site links will only allow partial replication to occur . C) these site links will allow full replication to occur if the full replication switch Was used creating the site . Answer: a Yes, these site links will allow full replication to occur. Although there are no site links between every site, but only a replication path that connects all the sites. For example, although there is no direct link between Tokyo and Paris, domain controllers in Tokyo can replicate with domain controllers in Washington, which can then replicate with domain controllers in New York, which can then replicate with domain controllers in Paris. 16 . how many types of zone configurations are available in windows 2000 ? A) standard primary B) standard secondary C) backup primary D) active directory integrated Answer: abd There are three types of zone configurations available in Windows 2000: Standard primary: The master copy of a zone database file. The standard primary zone is stored in a standard text file. Standard secondary: A replica of an existing zone database file. Standard secondary zones are Read Only and are stored in standard text files. You can create a standard secondary zone to provide fault tolerance so that a valid copy of the zone information exists in case the primary or any other DNS name server fails. Standard secondary zones also perform load balancing because they provide the same client support as a standard primary zone. Active Directory integrateD) A zone database file that is stored in Active Directory. Updates of the zone are performed during Active Directory replication. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 250 . you are setting up active directory on your domain controller . there are two sites On the network , and both the sites have multiple domain controllers installed. One of the Windows 2000 servers is also running the DNS server service . which of the following Are prerequisites for converting existing zones to an active directory integrated zone , In this scenario ? A) the server running the DNS server service should be running on a domain controller . B) the server running the DNS server service should be running on a primary domain Controller . C) the server running the DNS server should also be running the DHCP server Services . D) active directory integrated zones can only be created on DNS name servers that are Configured to run the DNS dynamic update protocol . Answer: ad Although it is possible to convert an existing standard primary zone to an Active Directory integrated zone, you should be aware of the following facts before you convert an existing zone to an Active Directory integrated zone: DNS Server must be a domain controller. The DNS name servers should be configured to run the DNS dynamic update protocol. Active Directory integrated zones are stored in Active Directory. Therefore, no physical file for zone database exists on a primary server. When you store a zone in Active Directory, the zone database file is copied into Active Directory, and deleted on the primary server for the zone. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 251 . All the domain controllers in your network are configured for DHCP. Each time the system boots it gets a new IP address from the DHCP server . you have also configured the active directory on the domain controllers . you want to configure Your DNS setting so that it dynamically updates DNS data only, if the zone type is active Directory integrated , whenever the IP address of domain controller is changed . how will you configure for dynamic updates ? A) update none , the zone for active directory integrated will always be updated . B) allow updates C) allow only secure updates D) allow only active directory updates Answer: c There are only three options available for dynamic updates: None: It disables dynamic updates for the zone. Allow Updates: It allows all DNS dynamic update requests for the zone. Allow Only Secure Updates: It allows only DNS dynamic updates that use secure DNS for the zone. If zone type is Active Directory integrated then only the Allow Only Secure Updates option appears in the Dynamic update list. This option enables secure dynamic updates. With secure dynamic updates, the authoritative DNS name server only accepts updates from client computers and servers that are authorized to send dynamic updates. Secure dynamic updates provide the following benefits: · Protect zones and resource records from being modified by users without authorization. · Enable you to specify exactly which users and groups can modify zones and resource records. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 252 . you want to install active directory on your windows 2000 system. You have already installed the DNS and want to check it using the DNS console ? which options will be available ? A) run loopback test . B) use the test now button on the client computer’s TCP/IP properties C) run the ping utility from the DNS console . D) use the test now button on the monitoring tab of the properties dialog box for the server . Answer: d Use the Test Now button on the Monitoring tab of the Properties dialog box for the server in the DNS console. You can perform a simple query, a recursive query, or both to check proper installation of DNS. Ref: MOC 1560A) Module 3: Implementing DNS in Windows 2000 253 . you are working on active directory . you want to provide the minimum access required , to john on sales OU so that he can create other OUs within it. What is the minimum permission required on an OU in order to create other OUs within it ? A) create organizational unit object B) read access C) write access D) full control Answer: a You must have the Create Organizational Unit Objects permission in order to create an OU and also have the List Contents permission in order to view the objects in the container. Ref: MOC 1560A) Module 6 Administrating Active Directory. 254 . John is a member of sales group. He has read access on some accounts files through his membership of sales group . he also has write permission assigned on the Accounts file through his user account . what will be his effective permission on the accounts files ? A) both read and write B) read only C) write only D) no access, due to conflict In permission . Answer: a A user can be a member of multiple groups, each with different permissions that provide different levels of access to objects. When you grant permission to a user for access to an object, and that user is a member of a group to which you granted a different permission, the user's effective permissions are a combination of the user and the group permissions. For example, if a user has Read permission and is a member of a group with Write permission, the user's effective permission is Read and Write. Ref: MOC 1560A) Module 6 Administrating Active Directory. 255 . which of the following options are available for modifying the inheritance rules for specific GPOs , if the default inheritance order does not meet your company’s requirement ? A) no override B) block inheritance C) partial override D) inherit from . Answer: ab Windows 2000 provides two options for changing the default processing: No Override: This option is used to prevent child containers from overriding a GPO that is set in a higher-level GPO. This option is useful for enforcing Group Policy that represents company-wide business rules. The No Override option is set on a per-GPO basis. You may set this option on one or more GPOs as required. When more than one GPO is set as No Override, the GPO with a No Override option that is highest in the Active Directory hierarchy takes precedence. Block Inheritance: This option is used to allow a child container to block policy inheritance from parent containers. This option is useful when an OU requires unique Group Policy settings. The Block Inheritance option applies to all GPOs from parent containers. In case of a conflict, No Override option always takes precedence over Block Inheritance option. Ref: MOC 1560A) Module 8 Using Group Policy to Manage Desktop Environments 256 . you are setting up your network using Microsoft windows 2000 system . you want to enforce a standard desktop and start menu option to all the users , regardless of the computer they logon to . how will you configure it ? A) use folder redirection in group policy . B) create a standard configuration for desktop and start menu setting file and copy it to each system . C) configure system policy Answer: a You can configure standard Desktop and Start menu settings using Folder Redirection. The Folder Redirection in Group Policy helps you to redirect any of the following folders in a user profile to an alternate location: Application data Desktop Documents My Pictures Start menu If you reallocate My Documents folder outside the user profile, it saves time. By default My Documents folder is part of the roaming user profile. This means that the My Documents folder and its contents are copied back and forth between the client computer and the server when users logon and log off. Also storing user data on the network (rather than on the local computer) helps information technology department to manage and protect data. Ref: MOC 1560A) Module 8: Using Group Policy to Manage Desktop Environments 257 . you are managing the group policy . one of the accounts application is required By all the users regardless of which computer they logon to. Where will you assign the Accounts application to meet this requirement ? A) assign application to computer B) assign application to users C) assign application to site D) assign application to domain . Answer: a You should assign the application to the computer, if the application is required for all users. Ref: MOC 1560A) Module 9: Using Group Policy to Manage Software 258 . you are deploying Microsoft word to remote system using group policy for a particular user . after verifying for successful deployment of the software you find that the shortcut for it has not been created in the remote system and also that the application Is not appearing in the ADD/Remove program option . what is the likely problem ? A) the user is a member of a security group that is blocking the application of this GPO. B) the application was never deployed C) you should run NetSetup command for remote deployment . Answer: a If there is a problem in deployment you can do the following to verify the deployment: Check for the application name. If the application name is shown in Add/Remove Programs but there is no Start menu shortcut available, the application has been published rather than assigned. If the application is not shown in Add/Remove Programs, then the application was never deployed, or it was deployed in the wrong OU, or the user is a member of a security group that is blocking the application of this GPO. Sometimes deployment fails, as the user is unable to access network distribution point (shared folder). To verify access to the network distribution point you can click on Run option from the Start and specify universal naming convention (UNC) name of the distribution point (shared folder). Check for any conflict in the Group Policy. It is possible to assign a user an application at one level of Active Directory (for example, the domain), and then deny them access to that application at a lower level (for example, an OU). Ref: MOC 1560A) Module 9: Using Group Policy to Manage Software 259 . you are working on a Microsoft windows 2000 network . you are upgrading all Your previous applications to the latest version. Required result : upgrade accounts application to its latest version . Optional result 1: upgrade Microsoft office 97 to Microsoft office 2000. Optional result 2: some of the systems in the network are old and will not support new Versions of accounts application. You want to leave the old accounts application as it is, In these systems and use the old account application . Suggested solution : deploy the new version of accounts application as a mandatory upgrade . deploy the new version as an optional upgrade for Microsoft office . Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results . B) suggested solution produces the required result and one of the optional results . C) suggested solution produces the required result . D) suggested solution does not produce the required result . Answer: b As both versions of Accounts application are required it should be installed as Optional upgrade. The detail of upgrade option is given below: Mandatory upgrades: It automatically replaces an older version of a program with the upgraded version. Optional upgrades: It allows users to use either the old or the new version of a program. After an optional upgrade, users can also use both versions of the application simultaneously. Ref: MOC 1560A) Module 9: Using Group Policy to Manage Software 260 . you want to audit file access through security events . your system has NTFS partition . in windows explorer you select a folder on which you want to track access, but Find that security tab is disabled. What is the likely problem ? A) audit object access is not enabled B) audit object access is enabled C) partition is formatted as NTFS v4, upgraded it to NTFS v5. D) audit security access is not enabled . Answer: a Events are not audited by default. If you have Administrator permissions, you can specify what type of system events are audited through Group Policy > Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy. For file and object access, you can then specify: Files and printers to monitor Type of file and object access to monitor Users or groups to monitor Note: You can audit file and folder access only on NTFS drives (both v4 or higher). 261 . you are working on a windows 2000 based network. You suspect that some unauthorized users are trying to access files from your folder . you have implemented Audit on file and object access. Which utility will you use to check the security events ? A) windows explorer B) event viewer C) audit viewer D) system utility . Answer: b To check security events generated by Auditing use Event Viewer and view the audit messages in the Security Log mode. name = Top Dump 240 Edited By Scatman -216 exam = 70-240 148 . Venus over land tours inc. , wants to expand their network . the management decides to install windows 2000 server based network . the exhibit shows a network plan with several clients who require to connect to the internet through a windows 2000 router . they plan to install NAT for this purpose . as the number of their clients is high , they require a class a private network range . which of the following is correct class a network address range that is set aside for private use and barred from routing over the network ? A) 124.0.0.0 to 124.125.255.255 B) 10.0.0.0 to 10.255.255.255 C) 127.0.0.0 to 127.255.255.255 D) 15.0.0.0 to 15.255.255.255 Answer: b In RFC 1597 (Address Allocation for Private Network) and RFC 1631 (Network Address Translation) for security reasons, certain address ranges were set aside for private use and barred from routing over the Internet. At the same time, a method was put in place to translate the private addresses into public addresses so that users could access the Internet through the translating device. RFC 1597 has set aside the following address ranges for private use: Class A ............ 10.0.0.0 to 10.255.255.255 Class B ............ 172.16.0.0 to 172.31.255.255 Class C ............ 192.168.0.0 to 192.168.255.255 149 . you have been hired by acme inc. for networking . you have decided to implement a windows 2000-based network . some of the clients are non-Microsoft clients . you want to have service on the network that can enable client computers on the network to register and resolve domain name . which service will you install ? A) dynamic host configuration protocol (DHCP) B) windows internet name service (WINS) C) domain name service (DNS) D) directory Replicator service (DRS) E) network address translation (NAT) service . Answer: c The Domain Name Service (DNS) is an Internet and TCP/IP standard name service. The DNS service enables client computers on your network to register and resolve DNS domain names. Ref.: Windows 2000 Server Help: DNSCONCEPTS DNS 150 . which service is installed to resolve internet names to IP address ? A) wins B) DNS C) DHCP D) LMHOST Answer: b DNS is used to resolve Internet names (host names) to IP addresses. 151 . a computer named COMP1 on subnet a cannot connect to a windows NT sever computer on subnet b by using the command NET USE f : \\factory.bytecomp.com\data. But other computers on subnet a using the same command can connect to the server . COMP1 can ping the server using the IP address but is unable to connect . what is the most likely cause ? A) there is no entry for factory.bytecomp.com on the DNS server B) COMP1 is not configured with an IP address for a DNS server C) COMP1 is not configured with an IP address for a WINS server D) COMP1 is not configured to use DNS for NetBIOS name resolution . Answer: b It is possible that the computer COMP1 is not configured with an IP address for a DNS server, therefore it is not connecting to the server through DNS server. 152 . Acme inc. wants to deploy a network consisting of 10 servers and 200 clients. As a Network administrator it is your responsibility to plan for the network . you have decided to implement routed network and segmented network in two parts . Required result : you are required to provide automatic IP address assignment to all client computers for less administrative burden. Optional result 1 : clients on each segment should be able to get their IP address lease. Optional result 2 : clients should be able to get IP address in case of DHCP server failure. Suggested solution : install DHCP server and configuration clients to assign automatic IP address from that server . install DHCP relay agent on the same sever and configure it to take requests from DHCP clients on the segment other than where DHCP server is installed . Which result does the suggested solution produce ? A) suggested solution produces the required result and both the optional results. B) suggested solution produces the required result only C) suggested solution produces the required result and one of the optional results . D) suggested solution does not produce the required result . Answer: b Required result gets fulfilled if DHCP service is used. To fulfill the first optional result it is necessary to install DHCP relay agent on the segment other than on which the server is installed. Hence the first optional does not get fulfilled and neither does second optional get fulfilled as nothing has been done for fault tolerance. To fulfill this optional it is necessary to have at least one more DHCP server installed on the network. Ref.: Microsoft Windows 2000 Help DHCP Concepts 153 . while checking your network you find that DHCP client does not have an IP address. Which of the following steps will you take to find the problem ? A) check related client hardware B) ping DHCP server from another computer in the network C) call network administrator D) run command IPCONFIG /all Answer: ab If DHCP client does not have an IP address or has address 0.0.0.0 it means it has been unable to contact DHCP server. You will have to take a few steps- First, to check that related client hardware (cables and network adapters) are working properly. If yes, Ccheck whether the DHCP server is available in the network or not by pinging DHCP server from another client on the same network as the affected DHCP clients. Ref.: Windows 2000 Server Help: DHCPCONCEPTS Troubleshooting. 154 . Albright inc. is using a windows 2000 single-segment network . they have configured a DHCP server for automatic IP addressing . all systems were working fine until suddenly one day some of the DHCP clients stopped receiving IP addresses from the DHCP server . what is the most likely reason for it ? A) client lease period is over B) IP address of the DHCP server has changed C) DHCP server is not working D) client system is not configured to take IP address automatically from DHCP server. Answer: b The IP address of the DHCP server has changed and now DHCP clients cannot get IP addresses. A DHCP server can only service requests for a scope that has a network ID that which is the same as the network ID of its IP address. To resolve errors make sure that the DHCP server IP address falls in the same network range as the scope it is servicing. For example, a server with an IP address in the 112.168.0.0 network cannot assign addresses from scope 10.0.0.0 unless superscopes are used. Ref.: Windows 2000 help DHCPCONCEPTS Troubleshooting: Troubleshooting DHCP clients 155 . you are the network administrator of acme inc . during a regular checkup the DHCP server appears to have suffered some data corruption . you find that the server Is reporting jet database errors. How will you troubleshoot this problem ? A) use DHCP server data recovery option to restore the database and correct the reported errors. B) restore DHCP data from last backup C) re-install DHCP server D) re-boot DHCP server Answer: a Data recovery options of DHCP server should be used to restore and correct the database for reported errors. Reconcile feature in the DHCP console can be used if your server finds any inconsistency in the database. Ref.: Windows 2000 help DHCPCONCEPTS Troubleshooting: Troubleshooting DHCP server 156 . Acme inc. wants to deploy a network containing of 10 servers and 200 clients . as a network administrator it is your responsibility to plan for the network. You have decided to implement a routed network and a segment network in two parts . Required result : you are required to provide automatic IP address assignment to all client computers for less administrative burden . Optional result 1 : clients on each segment should be able to get their IP address lease. Optional result 2: clients should be able to get IP address in case of DHCP server failure. Suggested solution : install DHCP server and configure clients to assign automatic IP address from that server . install DHCP relay agent on the other segment than where the DHCP server is installed . Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results B) suggested solution produces only the required result C) suggested solution produces the required result and only one of the optional results. D) suggested solution does not produce the required result . Answer: c Required result gets fulfilled as DHCP service is used. To fulfill the first optional result it is necessary to install DHCP relay agent on the segment other than on which the server is installed, hence the first optional also gets fulfilled. The second optional does not get fulfilled as nothing has been done for fault tolerance. To fulfill this optional it is necessary to have at least one more DHCP server installed on the network. 157 . Adrian inc. wants to deploy a network consisting of 10 servers and 200 clients. All the machines are on Microsoft windows platform . the company requires connectivity Between all the computers and has installed a network to ensure it . they want to be able to use TCP/IP and allow users to connect other computers using their computer names. They also want to be able to use internet explorer to connect to sites on the internet by name. None of the servers have any services configured except those that are installed by default . Required result : to minimize the amount of administration it is required to maintain TCP/IP configurations on all the computers on the network . Optional result 1: to allow users to use computer names to connect to other computers on their network . Optional result 2: to allow users to use www addresses to access internet sites . Suggested solution : configure all the computers as DHCP clients and configure server As a DHCP server with all the TCP/IP configurations setup in its scope. Configure WINS service in one of the servers . Which results does the suggested solution produce ? A) suggested solution produces the required results and both of the optional results . B) suggested solution produce only the required result C) suggested solution produces the required result and one of the optional results. D) suggested solution does not produce the required result / Answer: c Configuring DHCP will ensure that all clients have TCP/IP addresses and that the TCP/IP protocol is configured completely. By configuring WINS users will be able to connect computers by their names. But nothing has been done for users to use WWW addresses to access Internet sites. Hence suggested solution produces only required and one of the optional results. To fulfill the other optional result, DNS should have been configured to provide name resolution outside the organization. 158. Adrian has been assigned to install a network in his company office. He plans to implement a windows 2000-based network . he has to configure a network that consists of fifty nodes and three servers . estimated annual growth in number of systems is ten percent . Required result : all IP address assignment should be automatic Optional result 1 : scope is to be assigned in such a manner that network can use same scope for at least two years . Optional result 2 : configure network in such a way that applications requiring only NetBEUI protocol can also work . Suggested solution : configure network with TCP/IP . implement DHCP on the network To assign IP address automatically .create an IP address scope for fifty systems . assign DHCP servers IP address manually . remove all network protocols other than TCP/IP for faster access . Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results B) suggested solution produces only the required result C) suggested solution produces the required result and one of the optional results. D) suggested solution does not produce the required result . Answer: b DHCP is configured for automatic assignment of IP address. But DHCP scope is defined in the suggested solution for the current situation. It does not allow you to meet with their annual growth for two years. All the protocol except TCP/IP has been removed so application that requires NetBEUI protocol will not work. 159 .while checking your network you find that DHCP client does not have an IP address. You have checked for client and server configurations and found it correct . what is the most likely reason for this ? A) DHCP server is unavailable B) it is manually configured and has overridden DHCP leased address C) DHCP server is unavailable D) WINS resolution is not enabled . Answer: ac If all the DHCP client and server configurations are correct and still the client is unable to contact a DHCP server and obtain an IP address lease, it is either because of a network hardware failure or because the DHCP server is unavailable. Ref.: Windows 2000 Server Help: DHCPCONCEPTS Troubleshooting. 160 . you have installed the DHCP server service on a member server in a domain and have configured a scope , for automatic IP addressing , but clients cannot lease addresses. You open the DHCP console and notice that the DHCP server icon is marked with a red arrow . what is the most likely reason for it ? A) the DHCP server service has not been installed B) the DHCP server service is authorized to operate in the domain and has valid scopes defined , but none are activated . C) the DHCP server service is not authorized to operate in the domain D) the DHCP server service is authorized to operate in the domain , but does not have any valid scopes defined . Answer: c The DHCP Server service is not authorized to operate in the domain. A member of the Enterprise Admins group must authorize the DHCP server before the DHCP Server service starts on the member server. Ref.: MOC1560 A Module 12 review q2. 161. your network is windows 2000-based on which you are configuring RRAS. You have to configure protocol for virtual private network (VPN). Required result : to install protocol for more secure network Optional result 1 : configure protocol for lesser bandwidth Suggested solution : install PPTP protocol Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results. B) suggested solution produces the required result and one of the optional results . C) suggested solution does not produce the required result D) suggested solution produces only the required result . Answer: c PPTP is not good choice as far as security is concerned and if compared to L2TP it takes more bandwidth but supports lesser internetworks. L2TP supports a larger variety of internetworks, supports header compression, and cooperates with IPSec for encryption. Ref.: MOC1560 A Module 11 review q1. 162 . you are configuring remote access service on windows 2000-based network . you know that remote access protocols control the connection , establishment , and transmission of data over wide area network (WAN) links . the operating system and LAN protocols used on remote access clients and servers dictates the remote access protocols are supported by windows 2000 remote access ? A) ppp B) slip C) netbeui D) AsyBEUI Answer: abd There are three types of remote access protocols supported by Windows 2000 remote access: Point-to-Point Protocol (PPP) is an industry-standard set of protocols. It provides the best security possible, multi-protocol support, and interoperability. Serial Line Internet Protocol (SLIP) is used by older remote access servers. Microsoft RAS protocol, also known as Asynchronous NetBEUI or AsyBEUI, is a remote access protocol used by remote access clients that are running older Microsoft operating systems, such as Microsoft Windows NT 3.1, Windows for Workgroups, MS-DOS, and LAN Manager. Ref.: Microsoft TechNet Technical Information Feb 2000 Chapter 7 Remote Access Server 163. you are experiencing frequent problems with incorrectly configured computers on your network . some of the computers cannot communicate because the invalid IP addresses . others cannot communicate because of duplicate IP addresses. What will you do to prevent these problems ? A) install and configure a computer running windows 2000 server as a DHCP server . B) configure all client computers as DHCP clients . C) make an IP address plan and manually assign IP address to all the clients D) install and configure EINS for NetBIOS to IP address resolution . Answer: ab It is clearly mentioned in the question that the frequent problems are due to incorrectly configured computers and from invalid or duplicate IP addresses on the network. So prime requirement is to automate IP address assignments to all the computers on the network. Windows 2000 provides DHCP service for this purpose. You will have to configure a computer running Windows 2000 server as a DHCP server and will have to configure all client computers to act as DHCP clients and obtain IP addresses from DHCP server. Ref.: MSDN Library MOC1555 default.htm module 3 review 164 . you are configuring remote access service on a windows 2000 server . you configure PPP and Callback .for better RAS management you want to see the PPP connection establishment process in windows 2000. which of the following tools will you use ? A) network monitor B) PPP tracing C) protocol analyzer D) RAS manager Answer: ab To see the PPP connection establishment process in Windows 2000, there are two tools available, namely Network Monitor and PPP tracing. Network Monitor is a packet capture and analysis tool. It is used to capture all PPP packets sent over a serial link including connection establishment and PPP-encapsulated user data. PPP tracing is used to create a log of the PPP packets exchanged during the PPP connection establishment process. Ref.: Microsoft TechNet Technical Information April 2000 Chapter 7 Remote Access Server ""A Sample PPP Connection"" 165 . you are working for a large accounting firm . some of the accountants work on remote sites with clients and require access to the corporate resources . you propose to Setup an RAS server so that the accountants can dial-in to your network from their windows 95 notebook computers. Security is the prime concern for you . in order to get the project approved , you require all passwords and data to be encrypted during transmission . how will you configure the RAS server security ? A) require encrypted authentication B) require Microsoft encrypted authentication C) require secure sockets layer (SSL) encryption D) require C-2/E-2 compliant encryption services Answer: b If you require data to be encrypted for security reasons then you have only one option that is to use, Require Microsoft Encryption, Authentication. 166 . your company have offices in three different locations. You are planning to connect three locations over telephone lines through RAS . what is the minimum number of subnets required to be configured ? A) one B) two C) three D) four Answer: c At least one for each location. The network topology at each office may require additional subnets. Ref.: MSDN Library MOC1555 default.htm module 3 review 167 . Monica has been assigned to configure the network of Albright inc .she decides to use windows 2000 for networking . the network uses Microsoft based systems. She has to configure the protocols on the systems . Required result : proper communication between client computer and domain controllers. Optional result 1: replication of directory information between domain controllers . Optional result 2 : no extra protocol should be used in the network to reduce the burden of binding protocols . Suggested solution : configure TCP/IP in all clients and servers . Which results does the suggested solution produce ? A) suggested solution does not produce the required result . B) suggested solution produces the required result and both optional results. C) suggested solution produces only the required result D) suggested solution produces the required result and one of the optional results. Answer: b Windows 2000 requires TCP/IP for proper communication between client computers and domain controllers, and also replication of directory information between domain controllers. You can use other network protocols with TCP/IP, but only if applications require these protocols. Ref.: MSDN Library MOC1555 default.htm module 3 review 168 . you are installing window 2000-based network for techmart inc. both clients and servers in the network have windows 2000 . as the company uses the internet very often it has installed TCP/IP as primary network protocol . you also plan to assign static IP addresses . how will you install TCP/IP protocol ? A) in control panel , double-click network . on the protocols tab , click add, select TCP/IP Protocol , and then click ok . B) type the path to the windows 2000 source files , click continue , and then click close. The Microsoft TCP/IP properties dialog box appears . C) in my computer , double-click on my network places . on the protocols tab, click install , select TCP/IP protocol and then click ok . D) click on specify an IP address option , and type your assigned IP address, subnet mask , and default gateway and click ok . Answer: abd 169 . you have been hired by a network consultancy to implement a windows 2000 network in one of their clients office .to reduce administrative burden you are required to provide solutions for configuring dynamic replicated database services that can register And solve NetBIOS names to IP addresses used in the network . which service will you configure ? A) dynamic host configuration protocol (DHCP) B) windows internet naming service (WINS) C) domain name service (DNS) D) directory Replicator service (DRS) E) network address translation (NAT) service Answer: b Windows Internet Name Service (WINS) is used to resolve and register NetBIOS names to IP addresses. It also provides a dynamic replicated database service. Ref.: Windows 2000 Server Help: WINSCONCEPTS 170 . Mike is trying to backup a WINS server but WINS backups are failing consistently . what is the likely reason ? A) specified WINS backup directory is a remote drive B) backup program is virus affected C) as WINS database regularly updates itself , it is not possible to take WINS Database backup D) network failure . Answer: a It seems that Mike is trying to take backup of WINS server database file on a remote drive. Make sure that the path for the WINS backup directory is on a local disk on the WINS server. Ref.: Windows 2000 Server Help: WINSCONCEPTS Troubleshooting 171. you are planning a large network of ten class c internet domains connected through routers . you plan to use TCP/IP protocol on the network . you wish to configure systems so that windows networking computers can translate the NetBIOS names to IP Addresses . which service will you install ? A) DNS B) DHCP C) WINS D) bootp Answer: c WINS resolves NetBIOS names to IP addresses, dynamically. 172 . you have three subnets : subnet A , subnet B , and subnet C. the workstations in subnet A and B use WINS server located in subnet A . the workstations in subnet C use its own subnet . what will you configure so that the users of subnet A and C can browse Each others systems , freely ? A) WINS Replication B) DNS Replication C) Database Replication D) SAM database replication . Answer: a WINS replication: Replication of WINS server database records to another WINS server. WINS supports the ability of having multiple WINS servers for clients to register and query, while allowing these servers to replicate, or share, their databases with each other. The benefit of this database sharing is that eventually each WINS server will know about all the other WINS clients that have registered with its WINS partners. This offers better name resolution for clients. WINS replication allows users of each subnet to browse systems of other subnets freely. DNS replication, Database replication and SAM database replication will not work in this case. Ref.: Microsoft TechNet Technical Information CD Search "WINS replication", "Capacity Planning for Your Windows NT Server Network" 173 . US construction Equipment inc . , an industry leader in scaffolding and formwork , is one of the fastest growing construction equipment distributors in America and a top supplier of scaffolding around the world . the organization has a windows 2000 server based network . Rick , a network administrator , facing problems with WINS client connectivity . he wants to repopulate the client entries and to replicate them to other WINS servers . the network Is quite busy, so clients cannot be rebooted right away . Which tool will he use to repopulate client entries and replicate them to WINS partner without rebooting the clients ? A) NBTSTAT –A B) NBTSTAT –r C) NBSTAT –RR D) NBSTAT –C Answer: c A newer version of command line tool, NBTSTAT -RR, new in Windows 2000, allows to purge the local NetBIOS name cache of remote names and force immediate renewal and re-registration of the local names of client. This utility is especially helpful to repopulate the client entries and to replicate them to the WINS partner without rebooting the clients. NBTSTAT -clists the remote name cache including the IP address. NBTSTAT -Alists the remote machine's name table, given its IP address. NBTSTAT -rlists name resolved by broadcast and via WINS. Ref.: CD Technical Information April 2000 MS Windows 2000 TCP/IP implementation details 174. John, a network consultant , has been hired by an organization to configure their Office LAN on windows 2000. he configure the LAN as a single segmented network . the organization has fifty systems . he configured two WINS servers but finds that the WINS server cannot pull or push replications to another WINS server . he can successfully ping other servers . what is the likely reason for this ? A) failed network B) server is not configured correctly as either a push or pull partner of the other server . C) other server is not releasing threads D) there can be only one WINS server in the network . Answer: b A failed network is not possible as it is mentioned in the question that he can successfully ping other servers. Releasing of threads is not related with the above said problem. If the other WINS server is located on the same network or can be successfully pinged, the server may not be configured correctly as either a push or pull partner of the other server. Ref.: Windows 2000 Server Help: WINSCONCEPTS Troubleshooting 175 . you have upgraded you NT server 4.0 windows server 2000. some exiting applications on the network require to connect to other computers . sometimes they Connect using direct hosting to communicate with other computers running windows 2000. what will you do to achieve this ? A) Disable NetBIOS support B) uninstall NetBEUI protocol C) bind protocols giving TCP/IP a top priority D) Disable WINS resolution Answer: a Windows 2000 redirector and server components support direct hosting to communicate with other computers running Windows 2000. Direct hosting uses DNS for name resolution.Both, NetBIOS and direct hosting, are enabled by default and both are tried simultaneously when a new connection is established. The first to succeed in connecting is used for further attempts. To force all traffic to use direct hosting only, NetBIOS support should be disabled. Ref.: CD Technical Information April 2000 MS Windows 2000 TCP/IP implementation details 176 . you are network administrator of tech perfect inc. the organization has a windows 2000 based network . you have enabled WINS for NetBIOS computer name-to IP address resolution . you are facing problems as sometimes users change their computer NetBIOS name to the same name as that of the server . what steps will you take to restrict users from changing their systems NetBIOS names ? A) you cannot restrict users to change their system name. B) restrict users access to altering features of clients through system policy. C) check each system , manually , and make rules for users that they cannot change their Systems name. D) restrict users through permissions in user manager for domains . Answer: b All Windows clients that participate in the WINS process always register NetBIOS names. These names are configured through the System utility in Control Panel and can be altered anytime. Problems arise if a user changes a computer's NetBIOS name to the same name as that of a Windows 2000 computer or to the name of an existing Windows NT domain. This client impersonates the server and essentially is registered with the WINS service as a Windows 2000 computer. This problem occurs when the server or domain controller is not available to defend the name in a WINS challenge. To avoid this problem, you can take the following two steps: · First is to place static entries in WINS database ensuring that no user can configure his or her computer to dynamically impersonate a server. But, this is least desirable as it is more administratively intensive than the use of dynamic registration of the computer NetBIOS name. · Second is to set the client computer's configuration so that users cannot alter the NetBIOS name of their computer. You can control Windows 95 and Windows NT Workstation clients through system policies that determine what access a user can or cannot have to altering features on their own computers. Ref.: CD Technical Information April 2000 MS Windows 2000 TCP/IP implementation details, WINS, NetBIOS, Name resolution 177 . which protocols are mostly used by routers to exchange information with each other ? A) transmission control protocol (TCP) B) internet protocol (IP) C) open shortest path first (OSPF) D) routing information protocol (RIP) Answer: cd Routers exchange information with each other by using these two protocols: · Routing Information Protocol (RIP) · Open Shortest Path First (OSPF) 178 . you are working in a small organization which has a windows 2000 based network. You have deployed automated NAT to automate the entire demand-dial internet Connection setup including , configuration NAT , distributing private addresses using DHCP, and arranging for DNS resolution using a proxy service to the DNS server at th ISP . which service does NAT use for this ? A) internet connection sharing (ICS) B) domain name service (DNS) C) IP forwarder D) windows internet naming service (WINS). Answer: a In Windows 2000, automated form of NAT deployment is suitable for small office/home office, or a visiting consultant. The automatic method uses a new service called Internet Connection Sharing (ICS). The ICS suite of services automates the entire demand-dial Internet connection setup, including configuring NAT, distributing private addresses using DHCP, and arranging for DNS resolution using a proxy service to the DNS server at the ISP. 179 . Brain is configuring his office network . he wants the same naming structure as the Internet and automatic updates of DNS domains . how will he configure the network ? A) use DHCP for internet name resolution B) use DNS C) use WINS D) integrate DNS with WINS Answer: d DNS uses the same naming structure as the Internet, allowing you to standardize on one naming scheme. For automatic updates of DNS domains, DNS can be integrated with WINS so that you do not have to manually update the DNS database. Ref.: MSDN Library MOC1555 default.htm module 3 review 180 . you are working for a company dealing in internet consultancy . one day you try to connect to remote host via FTP, but cannot connect . the next time when you try getting connected using the IP address, you get connected . what should be configured to be able to connect to the host via host name ? A) ARP B) DHCP C) DNS D) WINS Answer: c DNS is used to resolve host name to IP address. 181 . you have two DNS servers and plan to install a third . the third DNS server will be used to resolve DNS queries for resources that are located on the internet . how will you configure it ? A) as a primary name server B) as a secondary name server C) as a forwarder for the existing DNS server D) as a forwarder for a WINS server . Answer: c If DNS server is to be used to resolve DNS queries for resources, that are located on the Internet, we should configure it as a forwarder for the existing DNS server to optimize for the best results. 182 . Rick is in-charge of network implementation of Adrian inc. he plans to use TCP/IP On windows 2000 server-based network . he wants to reduce the complexity of administering addresses and other related configuration details used on the network . How will he achieve this ? A) use dynamic host configuration protocol (DHCP) B) use windows internet name service (WINS) C) use domain name service (DNS) D) use directory Replicator service (DRS) E) use network address translation (NAT) service . Answer: a Dynamic Host Configuration Protocol (DHCP), is a TCP/IP standard which has been designed for reducing the complexity of administering address configurations by using a server computer to centrally manage IP addresses and other related configuration details used on the network. DNS resolves domain name to IP address. WINS resolves NetBIOS name to IP address. Ref.: Windows 2000 Server Help: DHCPCONCEPTS 183. you are working with soul Inc., which has a windows 2000-based network with 200 systems. You have installed DHCP for auto IP addressing . one of the client appears to have automatically assigned itself as IP address that is incorrect for the current network. What is the most likely reason for it ? A) the DHCP client could not find a DHCP server and has used the automatic private IP addressing (APIPA) feature to configure its IP addresses . B) you have configured the wrong client IP address in address reservation option. C) DHCP server may be on the other side of router . while attempting to get a lease the client fails and the other proxy DHCP server on the same subnet assigns the address. Answer: a If the Windows 2000 or Windows 98 DHCP client could is unable not to find a DHCP server the client will automatically assign itself an IP address. DHCP client uses the Automatic Private IP Addressing (APIPA) feature to configure its IP address. For solution: Use the ping PING command to test connectivity from the client to the server. Verify or manually attempt to renew the client lease. Disable APIPA at the client if necessary. Ref.: Windows 2000 help DHCPCONCEPTS Troubleshooting: Troubleshooting DHCP clients 184 . your company’s network is based on windows 2000 . there are 1000 systems Installed in the network . you have installed DHCP server in your network for automated IP address assignments to clients. You know very well that if a DHCP server is wrongly Configured then it can cause serious problems like assigning incorrect IP addresses to clients or negatively acknowledging DHCP clients , attempting to renew current address Leases . what will you do to avoid such problems ? A) configure each DHCP client to renew their lease from certain DHCP servers . B) configure each DHCP server with different scopes C) deploy active directory for authorizing DHCP servers D) use only one DHCP server . Answer: c If an unauthorized DHCP server starts, it may either begin leasing incorrect IP addresses to clients or negatively acknowledging DHCP clients attempting to renew current address leases. This can produce problems for DHCP clients. To avoid these problems in Windows 2000, servers are verified as legal in the network before they can service clients. Active Directory is deployed for authorizing DHCP servers. Ref.: Windows 2000 Help DHCPCONCEPTS search string ""active directory"" AND ""DHCP"" Authorizing DHCP servers. 185 . Adrian inc. is using a windows 2000, routed network . you have been assigned a Job to install DHCP server for automatic IP addressing of clients. All the DHCP clients That are located across the router from subnet where the DHCP server resides are unable To receive as address from the server . what is the most likely reason for it ? A) DHCP relay agent is not installed B) DHCP does not work on a routed network C) DHCP server is not running , currently D) DHCP clients across the router are configured improperly . Answer: a In a routed network DHCP should have a DHCP relay agent installed on the segment other than on which the server has been installed, for automatically assigning IP addresses. 186 . Adrian inc. wants to deploy a network consisting of 10 servers and 200 clients. All The machines are on Microsoft windows platform. The company requires connectivity Between all the computers and has installed a network to ensure it . they want to be able to use TCP/IP and allow users to connect other computers using their computer names . they also want to be able to use internet explorer to connect to sites on the internet by name. None of the servers have any service configured except those that are installed By default . Required result : to minimize the amount of administration required to maintain TCP/IP configuration on all the computers on the network . Optional result 1 : to allow users to use computer names to connect to other computers On their network . Optional result 2 : to allow users to use www addresses to access internet sites. Suggested solution : configure all the computers as DHCP clients and configure servers As a DHCP server with all the TCP/IP configurations setup in its scope. Which results does the suggested solution produce ? A) suggested solution produces only the required result . B) suggested solution produces the required result and one of the optional results. C) suggested solution produces the required result and one of the optional results. D) suggested solution does not produce the required result . Answer: a Although configuring DHCP will ensure that all clients have TCP/IP addresses and that the TCP/IP protocol is configured completely, nothing has been done for name resolution. To fulfill both the optional results, a Windows 2000 server will have to be configured with the WINS service to provide name resolution on the Microsoft computers, and DNS should be configured to provide name resolution outside the organization. 187 . Adrian inc. wants to deploy a network consisting of 10 servers and 200 clients. All the machines are on Microsoft windows platform . the company requires connectivity Between all the computers and has installed a network to ensure it . they want to be able to use TCP/IP and allow users to connect other computers using the computer names . they also want to be able to use internet explorer to connect to sites on the internet by name . none of the servers have any services configured except those that are installed by default . Required result : to minimize the amount of administration , required to maintain TCP/IP Configurations on all the computers on the network . Optional result 1 : to allow users to use computer names to connect to other computers on their network. Optional result 2: to allow users to use www addresses to access internet sites. Suggested solution : configure all the computers as DHCP clients and configure server As a DHCP serve with all the TCP/IP configurations setup in its scope. Configure DNS service and WINS service in one of the servers. Which results does the suggested solution produce ? A) suggested solution produces the required result and both optional results. B) suggested solution produces only the required result. C) suggested solution produces the required result and one of the optional results. D) suggested solution does not produce the required result . Answer: a Configuring DHCP will ensure that all clients have TCP/IP addresses and that the TCP/IP protocol is configured completely. By configuring WINS users will be able to connect computer by their names. For users to use WWW addresses to access Internet sites, DNS has been configured to provide name resolution outside the organization. Hence suggested solution produces required result and both optional results. 188 . Adrian has been assigned to install a network In his company office . he plans to implement a windows 2000-based network . he has to configure a network that consists of fifty nodes and three servers . estimated annual growth in number of systems is ten percent . Required result : all IP address assignment should be automatic. Optional result 1 : scope is to be assigned in such a manner that network can use same scope for at least two years. Optional result 2 : configure network with TCP/IP. Implement DHCP on the network To assign IP address automatically . create an IP address scope for eighty systems. Assign DHCP servers IP address manually . install NetBEUI protocol . remove all other Network protocols for faster access. Which result does the suggested solution produce ? A) suggested solution produces the required result and both optional results . B) suggested solution produces only the required result . C) suggested solution produces the required result and one of the optional results . D) suggested solution does not produce the required result . Answer: a DHCP is configured for automatic assignment of IP address. DHCP scope as defined in the suggested solution has considered future growth of systems in next two years hence meets first optional. As NetBEUI is also installed in the network, applications that require NetBEUI protocol will work. Ref.: Microsoft Windows 2000 Help DHCP Concepts 189 . you are network administrator of acme inc. you have installed DHCP for automatic IP addressing . you want to get statistics of the total number of scopes and Addresses on the server , the number of available addresses versus the number of depleted addresses, and the number of leases being processed per second . which of the following tool will you use ? A) network monitor B) performance monitor C) DHCP monitor D) DHCP console . Answer: d Windows 2000 Server provides DHCP console to get report on various queries. DHCP can display the total number of scopes and addresses on the server, the number of available addresses versus the number of depleted addresses, and the number of leases being processed per second. Ref.: MOC1560 A Module 12 review q1. 190 . you are using TCP/IP protocol on your network . you use DHCP to assign the Networks IP addresses automatically . you have a shortage of IP addresses, so you Expand the scope of your DHCP server . after two days you realize that you have set The scope improperly . you re-configure the DHCP server . while the server was Wrongly configured some DHCP clients received IP addresses from the DHCP server. What command will you use to force the clients to drop the DHCP configuration information ? A) DHCP /release B) IPCONFIG /all C) IPCONFIG /all D) IPCONFIG /renew Answer: c At the command prompt, type IPCONFIG /release and then press ENTER to release the existing IP address. Ref.: TechNet Server Utilities CD, issue: January 2000, MOC1555 191 . you are configuring remote access service for windows 2000 network . which type of remote access connectivity does windows 2000 remote access provide ? A) Dial-up remote access B) virtual private network (VPN) remote access C) network address translation (NAT) service for remote accesss D) active directory service for remote access . Answer: ab Windows 2000 remote access provides two different types of remote access connectivity: Dial-up remote access: With dial-up remote access, a remote access client uses the telecommunications infrastructure to create a temporary connection to a port on a remote access server. Once the virtual connection is created, the rest of the connection parameters can be configured. Virtual Private Network (VPN) remote access: With Virtual Private Network remote access, a VPN client uses an IP internetwork to create a virtual point-to-point connection with a remote access server acting as the VPN server. Once the virtual point-to-point connection is created, the rest of the connection parameters can be configured. Ref.: Microsoft TechNet Technical Information CD Chapter 7 Remote Access Server 192 . you are working on TCP/IP-based windows 2000 network . you have been assigned a job to configure RAS server . DHCP is installed in your network for automatic assignment of client IP address. How will you configure IP address of RAS Server ? A) configure the remote access server with a static IP address pool , which is a subnet Of addresses from the subnet to which the remote access server is attached . B) configure the remote access server to use DHCP to obtain IP addresses for remote access clients . C) assign an IP address manually on RAS server Answer: b If you installed a DHCP server, configure the remote access server to use DHCP to obtain IP addresses for remote access clients. If you did not install a DHCP server, configure the remote access server with a static IP address pool, which is a subset of addresses from the subnet to which the remote access server is attached. Ref.: Windows 2000 Help RRASCONCEPTS Best Practice. 193 . your network is windows 2000-based on which you are configuring RRAS. You have to configure protocol for virtual private network (VPN) Required result : to install protocol for more secure network Optional result 1: configure protocol for lesser bandwidth Optional result 2 : support for different types of internetworks. Suggested solution : install L2TP protocol . Which result does the suggested solution produce ? A) suggested solution does not produce the required result. B) suggested solution produces only required result . C) suggested solution produce the required result and both optional results . D) suggested solution produces the required result and one of the optional results . Answer: c L2TP protocol supports different types of internetworks, supports header compression, and cooperates with IPSec for encryption. Ref.: MOC1560 A Module 11 review. 194 . you are a network administrator of a large organization . you are configuring RAS for your network . you have employees who work from home . they use different Computers like windows 95, unix , and macintosh . you want to protect your network From intrusion and also provide the maximum bandwidth you can to the dial-in users . Required result : all remote clients should be able to dial-in to your network . Optional result 1 : the dial-in connection should be secure Optional result 2 : the connecting user should be able to combine several dial-up lines. Suggested solution : configure RAS to require Microsoft encrypted authentication . also select require data encryption . use the RAS callback feature . allow dial-in Clients to use the multilink feature . Which results do the suggested solution produce ? A) suggested solution produces the required result and both optional results . B) suggested solution produces the required result and one of the optional results . C) suggested solution produces only the required result . D) suggested solution does not produce the required result . Answer: b Configuring RAS will fulfill the required result. Enabling multilink will fulfill the second optional result. Only one optional will be fulfilled, as Callback options cannot be set if multilink is enabled as it will lapse some security. Ref.: TechNet Technical information CD, Chapter 7 - RAS Security 195 . you want to implement a RAS server so that users can access network resources From remote locations . you have two issues . you want the highest level of security But, as users will be using their own personal computers you have no way of knowing What platform or software they are using to dial-in. while security is important , access is even more important . based on this information , which encryption option will you select? A) allow any authentication including clear text B) require encrypted authentication C) require C2/E2 compliant encryption D) require Microsoft encrypted authentication Answer: a For maximum security and data encryption you can use Require Microsoft Encrypted Authentication option while configuring RAS, but it requires Microsoft platform at both the ends, i.e. on the RAS server and the clients. as question states that access to resources is more important so apply Any Authentication including Clear Text. 196 . Monica has been assigned to configure the network of Albright inc . she decides to use windows 2000 for networking . the network uses Microsoft-based systems . she Has to configure the protocols on the systems. Required result : proper communication between client computer and domain controllers. Optional result 1: replication of directory information between domain controllers. Optional result 2: no extra protocol should be used in the network to reduce the burden Of biding protocols. Suggested solution : configure NetBEUI in all clients and servers Which results does the suggested solution produce ? A) suggested solution produces only the required result B) suggested solution produces the required result and both the optional C) suggested solution produces the required result and one of the optional result D) suggested solution does not produce the required result . Answer: d Windows 2000 requires TCP/IP for proper communication between client computers and domain controllers, and also replication of directory information between domain controllers. You can use other network protocols with TCP/IP, but only if applications require these protocols. Ref.: MSDN Library MOC1555 default.htm module 3 review 197 . you are installing a windows 2000-based network for infotech inc. the network has ninety windows 2000 clients , six windows 2000 servers and two unix servers. You want to make TCP/IP the primary network protocol , as the company has multiple Operating environments . you are going to install and configure TCP/IP on all Computers on the network . you also decide to assign IP address automatically . what Will you configure for automatic addressing of TCP/IP protocol ? A) configure DHCP scope of IP addresses and activate the scope and exclude static IP addresses from the scope . B) assign dynamic IP address to unix systems. C) configure the workstations and servers except unix and DHCP server to obtain IP address from a DHCP server . D) install the DHCP server service on all workstations. E) assign static IP address to he unix systems F) install the DHCP server service on server and assign IP address manually On that server . Answer: acef 198 . you are configuring TCP/IP in the network . you also have to configure IP addresses and subnet masks. What role does subnet mask play in a TCP/IP based network? A) it is configured to mask a portion of the IP address so that IP can distinguish network ID from host ID . B) it is configured for better routing of information packed in routed network . C) it is configured in WAN connections to carry network messages across WAN D) it is used to route mails and messages between the network . Answer: a Configuring TCP/IP requires three parameters- IP address, subnet mask and default gateway. IP address is unique address of the adapter, subnet mask is configured to mask a portion of the IP address so that IP can distinguish the network ID from the host ID and default gateway is an IP address of the router's network adapter. 199 . which service enables users to locate systems on remote networks easily , as well as reduces the use of local IP broadcasts for NetBIOS name resolution ? A) dynamic host configuration protocol (DHCP). B) windows internet name service (WINS). C) domain name service (DNS). D) directory Replicator service (DRS) E) network address translation (NAT) service . Answer: b DHCP is used to automatically assign IP address to client computers. DNS resolves domain name to IP address. NAT is not used to resolve names to IP addresses. WINS reduces the use of local IP broadcasts for NetBIOS name resolution and enables users to locate systems on remote networks easily. WINS registrations are done automatically each time clients start and join the network, the WINS database is automatically updated when dynamic address configuration changes are made. When a DHCP server issues a new or changed IP address to a WINS-enabled client computer, WINS information for the client is updated. This requires no manual changes to be made by either a user or network Administrator. Ref.: Windows 2000 Server Help: WINSCONCEPTS Concepts, Understanding WINS 200 . in the network of acme inc. , there are 400 computers . most of them use DHCP for automatic IP addressing . some of them are non-DHCP clients . you are required To configure WINS fro NetBIOS name to IP address resolution .how will you accomplish this task ? A) configure WINS server to take entry from DHCP for all DHCP clients B) manually add each network connection that does not use DHCP C) WINS will automatically take all the entries of each network connection . Answer: ab WINS automatically configures DHCP clients but you have to manually add each network connection that does not use DHCP. 201 . you have given same names to two computers on your TCP/IP based network . but , their IP addresses are different . what will happen when you install WINS for NetBIOS name resolution? A) both computers will be registered with WINS and you will be able to PING The IP address of both computers B) neither computer will be registered with WINS , but you will be able to ping them. C) only one computer will be registered with WINS , but you will be able to ping the IP address of both computers . Answer: c You cannot have duplicate NetBIOS names on your Windows NT network using WINS for name resolution. Only the first one to request registration with WINS will succeed, the other will receive a negative acknowledgement. However, you can always PING IP address of a host, because PING.EXE does not care about the computer name. 202 . you have been hired as a consultant for setting up TCP/IP on a network having Microsoft windows-based computers. The network consists of five subnets, each With its own domain controller . the main requirement of the network is that every Host should be able to browse every other computer and have peer-to-peer connections. The network should also register and resolve computer names automatically through a central database . which of the following Is the best choice to install on the network ? A) the SNMP service on all domain controllers B) WINS servers C) HOSTS files D) DNS servers Answer: b WINS server is used to resolve computer names to IP addresses and register them automatically and dynamically through a central database. DNS server is used to resolve host names to IP addresses through a centralized database. HOSTS files are used to resolve host names to IP addresses but this file does not have centralized database and each system has to update its file if any changes take place. DHCP server is used to assign IP addresses automatically to the client computers. Ref.: Microsoft TechNet Technical Information CD Search "Finger", "Appendix A TCP/IP Utility References" 203 . Fred Is working as a network administrator in acme inc. after configuring WINS Service in a routed network he finds that the WINS server cannot pull or push replications to another WINS server . what is the most likely reason for this ? A) failed router B) the other WINS server is not configured as a pull partner C) the other WINS server is required to be configured as a push partner D) there can be only WINS server in the network . Answer: a If the other WINS server is located across a router, then a failed router may be the most likely problem, besides other problems. Fred should check for network connectivity to the server. He can find the cause of the problem by pinging the other WINS server to know which system is not connected to the server. Ref.: Windows 2000 Server Help: WINSCONCEPTS Troubleshooting 204 . Sehar is looking after the network of cyber hut inc. she is having an intermittent Problem with WINS not replicating between servers on her network . all the routers Are working properly , all WINS server configurations are correct , and all servers Can be pinged . what is the most likely cause of the problem ? A) failed network B) the replication pattern in use on the network is not correct C) server is not configured correctly as either a push or pull partner of the other server . D) there can be only one WINS server in the network . Answer: b A failed network is not possible as it is mentioned in the question that he can successfully ping other servers. If the other WINS server is located on the same network or can be successfully pinged, the server may not be configured correctly as either a push or pull partner of the other server. But the question clearly mentions that all the settings are proper so the most likely cause may be the replication pattern error, as Microsoft recommends that there should not be more than twenty WINS servers. Ref.: Windows 2000 Server Help: WINSCONCEPTS Troubleshooting 205 . you have upgraded your windows NT server 4.0 windows server 2000. you are Using direct hosting to communicate with other computers . your network consists of Mixed clients including windows 95 and windows NT workstation . some of your Clients are unable to browse, locate , or create file and print share connections to a Windows 2000 computer . what is the most likely cause ? A) NetBIOS support has been disabled B) NetBEUI protocol has become corrupt . C) windows 2000 does not support applications and services that depend on NetBIOS . D) you can use only windows 2000 clients in a windows 2000 network . Answer: a Windows 2000 redirector and server components support direct hosting to communicate with other computers running Windows 2000. Direct hosting uses DNS for name resolution. Both, NetBIOS and direct hosting, are enabled by default and both are tried simultaneously when a new connection is established. The first to succeed in connecting is used for further attempts. To force all traffic to use direct hosting only, NetBIOS support should be disabled. Applications and services that depend on NetBIOS no longer function after this is done.So before disabling NetBIOS support, it is important to verify that no clients or applications require it. Pre-Windows 2000 computers will be unable to browse, locate, or create file and print share connections to a Windows 2000 computer if NetBIOS is disabled. Ref.: CD Technical Information April 2000 MS Windows 2000 TCP/IP implementation details 206 . network setup in your organization is such that all clients are configured to use An internal DNS server to resolve addresses on the private network . you want to Configure a demand-dial router to connect to the internet . in this scenario , which service Will you configure to pass queries to an interNIC root server directly ? A) WINS B) DNS C) DHCP D) LMHOSTS file Answer: b If your clients are configured to use an internal DNS server to resolve addresses on your private network and you configure a demand-dial router to connect to the Internet, you must configure your DNS server to pass queries to an InterNIC root server either directly or through NAT. 207 . your organization has offices in different cities. The organization has a windows 2000 based WAN connection . to ensure an error free connectivity , you are checking the network path for weak links . which utility will you use to find this ? A) ping B) TRACERT C) PATHPING D) IPCONFIG Answer: c PATHPING will ping each hop along the route for a set period of time and show you the delay and packet loss along with the tracing functionality of TRACERT which will help determine if there is a weak link in the path. Ref.: CD Technical Information April 2000 MS Windows 2000 TCP/IP implementation details Rikishi Submit your own braindump through our submission form Have a question about a braindump? Don't understand why the answer is the answer? Think the answer might be wrong? Ask it on the discussion forum If you see any braindumps with copyrighted information please email the webmaster