| 1. | Which of the following statements are true about IPsec policies in windows server 2003? |
| a. | | L2TP and L2TP/IPSec cannot be used in combination for all VPN connections |
| b. | | IPSec cannot be used in tunnel mode for gateway-to-gateway tunnels |
| c. | | Securing communication between domain members and domain controllers is not recommended |
| d. | | Destination multicast and broadcast address can be filtered
|
|
|
|
|
|
|
| 2. | Which of the following security tool should be used to secure communication between an Exchange 2003 front-end server and a back-end server? |
| a. | | IPSec |
| b. | | TLS |
| c. | | SSl |
| d. | | Basic authentication
|
|
|
|
|
|
|
| 3. | Tom is the network administrator for a company. His network consists of windows 2003 and 2000 domain controllers and clients running on windows XP. He is using IPsec with 3DES to provide network security and data confidentiality. Later on, it was discovered that communication with server 2003 is secured but windows 2000 provides some level of confidentiality rather than blocking all communications. How can he provide more security in windows 2003 server with 3DES? |
| a. | | Install High encryption pack or service pack 2 or later |
| b. | | Use client (respond only)ipsec policy in windows server 2000 |
| c. | | Create new ipsec rule for windows 2000 filtering ip traffic |
| d. | | Set shorter time for session key
|
|
|
|
|
|
|
| 4. | Mary is the network administrator for a company running on windows 2003 domain controller. She wants to create an ip sec policy that will always be applied if local or active-directory based policies are corrupted or not applied. How can she be sure that at least one ip sec policy must always be configured if other policies are missing? |
| a. | | Local cached policies are always applied if no policy is discovered |
| b. | | Create persistent ipsec policy using netsh utility |
| c. | | Apply two ipsec policies for fault tolerance |
| d. | | Always use a pre-shared key
|
|
|
|
|
|
|
| 5. | Which of the following statements hold true regarding windows server 2003 ipsec peers connected with internet? |
| a. | | Always use kerberos authentication for computers connected with internet |
| b. | | Certificate provides more security over internet |
| c. | | Unsecure communication over internet allow data accessible with risk |
| d. | | Always exclude the name of a CA while requesting over internet
|
|
|
|
|
|
|
| 6. | While running mbsacli.exe from CD-ROM in windows server 2003, an administrator gets an error message reporting the catalog file to be corrupted or damaged and stops scanning. Which of the following may be the problem of that error? |
| a. | | Administrative privileges are missing |
| b. | | mbsacli.exe file is corrupted |
| c. | | wsusscan.cab is residing at read-only location |
| d. | | Stop all anti-virus softwares before running mbsacli.exe
|
|
|
|
|
|
|
| 7. | Joseph is the administrator for a company running on windows 2003 domain environment. When he ran the MBSA utility to scan the security vulnerabilities in his server, it always reports telnet problem. Upon checking the telnet service, it was found disabled. How can he configure the MBSA so that it does not report incorrect information related to telnet? |
| a. | | Remove telnet parameter from service.txt file |
| b. | | Install latest version of MBSA |
| c. | | MBSA doesnot support telnet |
| d. | | Modify the hosts file
|
|
|
|
|
|
|
| 8. | Brooke is a network administrator in a company. The SUS server is installed in windows 2003 domain server. While using SUS server, SUS was found to be unable in deploying windows XP SP2 to its clients even though no problem was encountered in pushing hot fixes or patches. What may be the cause of this problem? |
| a. | | SP can't be deployed through SUS server |
| b. | | Size of Service pack exceeds than recommended for SUS server |
| c. | | Service Pack may be corrupted or damaged |
| d. | | Clients not supported for service pack
|
|
|
|
|
|
|
| 9. | Which of the following multicast address is used by the ALLSPF routers to send its routing table information to other OSPF routers? |
| a. | | 224.0.0.6 |
| b. | | 224.0.0.9 |
| c. | | 224.0.0.5 |
| d. | | 224.0.0.10
|
|
|
|
|
|
|
| 10. | Which of the following statements hold true regarding Multicasting and Unicasting routing? |
| a. | | Multicast traffic is sent to an ambiguous group destination |
| b. | | Unicast forwarding table summarized group addresses |
| c. | | Unicast routing table summarized globally unique destinations |
| d. | | Unicast routing protocol update IP multicast forwarding table
|
|
|
|
|
|
|
| 11. | Which of the following protocols are supported by IP Multicasting? |
| a. | | IGMP |
| b. | | ICMP |
| c. | | MOSPF(Multicast Extension to OSPF) |
| d. | | PIM (Protocol-Independent Multicast) |
| e. | | RIP |
| f. | | All of the above
|
|
|
|
|
|
|
| 12. | Danny is a network administrator for a Web site hosting company. His company has more than 10 sites hosted on windows server 2003. For improving web performance, NLB with clustering is configured. After configuring NLB, he got a duplicate address error message. He want to know the reason for this error message and how to overcome it? |
| a. | | NLB and clustered address are the same |
| b. | | Two mac addresses are mapped to the same IP address in cluster modes |
| c. | | Configure NLB before assigning cluster address |
| d. | | Restart the NLB and configuration services
|
|
|
|
|
|
|
| 13. | Which protocol is required to be enabled on router, when using NLB in either multicast or unicast mode? |
| a. | | Proxy ARP |
| b. | | Inverse ARP |
| c. | | Reverse ARP |
| d. | | NetBEUI
|
|
|
|
|
|
|
| 14. | After implementing a 5-Node cluster in windows server 2003, the convergence begins but never completes after the cluster hosts start. What may be the reason? |
| a. | | Different port rules entered on each clustered host |
| b. | | Hubs/switches working on mismatched duplexing |
| c. | | Hosts configured with different cluster opertaion modes |
| d. | | Low system r4esources on cluster hosts |
| e. | | Cluster'IP address not configured on one or more host
|
|
|
|
|
|
|
| 15. | Which information structure does the OSI model follow? |
| a. | | Data |
| b. | | Segment |
| c. | | Frame |
| d. | | Packet
|
|
|
|
|
|
|
| 16. | Which of the following are connection-oriented protocols? |
| a. | | TCP |
| b. | | UDP |
| c. | | IPX |
| d. | | SPX
|
|
|
|
|
|
|
| 17. | Which of the following are types of fiber-optic media? |
| a. | | Multimode |
| b. | | Single mode |
| c. | | Dual mode |
| d. | | Thread mode
|
|
|
|
|
|
|
| 18. | Thomas is a network administrator for a company. His network is running a windows 2003 domain and windows XP clients. He is using Basic Firewall in windows server 2003 to protect his network from outside. How will he configure the server to log maximum information related to echo requests reaching to his network? |
| a. | | Enable audit system events |
| b. | | Enable remote access logging |
| c. | | Logging is enabled by default in %windir%/tracing directory |
| d. | | Enable W3C Extended Log File Format Logging
|
|
|
|
|
|
|
| 19. | A network has one subnet running domain controller in windows 2003 server and 50 XP clients which use DNS and Web server on DC. The company expansion needs a new subnet where 100 XP clients will use the newly installed application server in their subnet. Later on, some user reports slow access while connecting or using resources from application server. Both subnets have same problems. How can the application server impact on network be determined? |
| a. | | Open performance monitor and select ICMP received Echo reply/sec counter |
| b. | | Open system monitor, select network Interface object and compare the Packet Received Non-unicast/sec with baseline |
| c. | | Use network monitor and filter the broadcast traffic and compare against baseline |
| d. | | Use network monitor default state as it would display only broadcast traffic
|
|
|
|
|
|
|
| 20. | Tom is an administrator for a company running windows 2003 server. He has installed two network adapters and configured ICF in server for filtering and securing network traffic. ICF logging is enabled to log dropped packets and active connections. Later on, it was discovered that information is collected each time by ICF is overwritten from pfirewall.log file. The events that are deleted from pfirewall.log file are to be checked. Which of the following ICF should be used to save old events. |
| a. | | pfirewall.log.old |
| b. | | event viewer |
| c. | | network monitor |
| d. | | pfirewallold.log
|
|
|
|
|
|
|
| 21. | A company has one domain controller running on windows server 2003. Sometimes, the server is unavailable due to some maintenance but the user's working must not be disturbed. How can the users login in to domain controller even if it is unavailable? |
| a. | | Configure the reversible encryption password policy for domain users |
| b. | | Set the number of previous logon cache |
| c. | | Enable the Allow anonymous SID/Name translation policy |
| d. | | Users can never login if domain controller is offline
|
|
|
|
|
|
|
| 22. | Tom is the network administrator in windows 2003 domain environment having 100 windows XP clients. He is worried that some users in his network might open attachments in e-mails that can adversely affect the network. He needs to use in-built operating features that disallow users from running specific file types in e-mails. What should he do? |
| a. | | Configure Internet connections firewall in windows XP |
| b. | | Block virus infected mail from Proxy server |
| c. | | Use third party anti-virus |
| d. | | Apply software restriction policies
|
|
|
|
|
|
|
| 23. | Which rule should be created in windows server 2003 to prevent the virus or Trojan horse to be able to run in a network? |
| a. | | Certificate rule |
| b. | | Hash rule |
| c. | | Internet zone rule |
| d. | | Path rule
|
|
|
|
|
|
|
