70-294 Microsoft Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure

70-294 Microsoft Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure

http://www.TwPass.com

70-294

Microsoft

Planning, Implementing, and Maintaining a Microsoft Windows Server

2003 AD Infrastructure

http://www.twpass.com/twpass.com/exam.aspx?eCode= 70-294

The 70-294 practice exam is written and formatted by Certified Senior IT Professionals working in today's prospering companies and data centers all over the world! The 70-294 Practice Test covers all the exam topics and objectives and will prepare you for success quickly and efficiently.

The 70-294 exam is very challenging, but with our 70-294 questions and answers practice exam, you can feel confident in obtaining your success on the 70-294 exam on your FIRST TRY!

Microsoft 70-294 Exam Features

- Detailed questions and answers for 70-294 exam

- Try a demo before buying any Microsoft exam

- 70-294 questions and answers, updated regularly

- Verified 70-294 answers by Experts and bear almost 100% accuracy

- 70-294 tested and verified before publishing

- 70-294 exam questions with exhibits

- 70-294 same questions as real exam with multiple choice options

Acquiring Microsoft certifications are becoming a huge task in the field of I.T. More over these exams like 70-294 exam are now continuously updating and accepting this challenge is itself a task.

This 70-294 test is an important part of Microsoft certifications. We have the resources to prepare you for this. The 70-294 exam is essential and core part of Microsoft certifications and once you clear the exam you will be able to solve the real life problems yourself.Want to take

advantage of the Real 70-294 Test and save time and money while developing your skills to pass your Microsoft 70-294 Exam? Let us help you climb that ladder of success and pass your 70-294 now!

70-294

QUESTION:

1

You work as the IT Admin at ABC.com. The ABC.com network has a forest that operates at the forest functional level of Windows Server 2003. The forest has a root domain named

ABC.com, and two child domains named north.ABC.com and south.ABC.com. Each domain has a security group named Research which holds the user accounts for that domain. Two domain controllers are situated in each of these domains. One domain controller in each domain hosts a copy of the global catalog. The global catalog server in the ABC.com domain holds the domain naming and the schema master roles. The global catalog server in north.ABC.com and south.ABC.com holds the relative ID (RID), infrastructure, and PDC emulator master roles. A ABC.com user named Ally Wagner, in the south.ABC.com domain, was recently married. When Ally Wagner got back, she asked you to change her surname in her user account. After changing Ally Wagner�s user account to Ally Hamm, you notice that her user account is still incorrectly specified as Ally Wagner in the Research group. Which of the following master roles should you move to the domain controller that does not have the

Global Catalog in each domain?

A. The domain naming master role.

B. The infrastructure master role.

C. The RID master role.

D. The schema master role.

E. The PDC emulator master role.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=1

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

2

DRAG DROP You work as the IT Network Admin at ABC.com. The ABC.com network has a forest with two child domains named us.ABC.com and uk.ABC.com. All servers and domain controllers on the ABC.com network have Windows 2000 Server installed. You have been given the task to uABCrade the domain controllers in uk.ABC.com to Windows Server 2003.

You therefore need to take the appropriate steps that are required to prepare the forest for the impending deployment. Which of the following actions should you take?

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=2

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

3

You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com. ABC.com has offices in London and Berlin, which are configured as separate sites.

A Backup of ABC.com�s Ntds.dit file is performed outside of business hours, seven days a

week. The domain has an OU named Research that currently holds no Active Directory objects. During the course of the business day an administrator in Berlin removes the Research

OU, while an administrator in London simultaneously places existing Active Directory objects in it. The London administrator is later informed of the removal, and now realizes that the objects that were placed into the Research OU are missing. The CIO has subsequently instructed you to make sure that a Research OU and the missing Active Directory objects are available to the London administrator. The CIO also informs you that your solution should have no impact on network connectivity and resources. You have already created a new OU, and named it Research. Which of the following actions should you take NEXT?

A. You should transfer the objects from the LostAndFound container to the new

Research OU

B. You should recreate the objects and then place the replicas in a Domain Group

Policy that should be linked to all OUs.

C. You should restore the objects to the new Research OU nonauthoritatively.

D. You should restore the objects to the new Research OU authoritatively.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=3

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

4

You work as a IT Admin at ABC.com. ABC.com has its headquarters located in Dallas and branch division in Miami. The Dallas and Miami division represent separate sites. The Dallas and Miami divisions are linked to each other via a WAN link. You have added a domain controller named ABC-SR01 to the Miami division and configured it as a global catalog server. You have just completed configuring the site link between the Dallas and Miami divisions. The CIO at ABC.com has instructed you to make sure that Miami workstations authenticate to the network via ABC-SR01. The CIO also informs you that the replication of domain changes has to happen instantaneously. Which of the following actions should you take?

A. You should reduce the site link interval.

B. You should reduce the site link cost.

C. You should combine the Dallas and Miami sites into a single site

D. You should increase the site link cost.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=4

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

5

You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com is made up of four divisions named Sales, Marketing, Finance and Research. The ABC.com network has an organizational unit (OU) named after each division that holds the user accounts of all employees working in

that specific division. 5 You need to install a new application for all employees in the

Marketing division. You start by creating an installation package and a Group Policy object

(GPO). You plan to make use of the new GPO to deploy the package to the workstations in the

Marketing division. You therefore connect the GPO to the Marketing OU. However, the application does not install. The CIO informs you that the application must be installed and that you should make sure that marketing application is not installed on workstations in the other ABC.com divisions. How will you accomplish the task?

A. Advise the Marketing users to reboot their workstations.

B. Edit the GPO and assign the application to user accounts with Marketing OU membership.

C. Connect the GPO to the ABC.com domain.

D. Connect the GPO to the OU that contains computer accounts and not the Marketing

OU.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=5

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

6

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com has its headquarters in Chicago and a branch office in Dallas. Each office is configured as an Active Directory site, and the branch office is connected to the Chicago headquarters by a T1 connection. The

Chicago headquarters contains two domain controllers named ABC-DC01 and ABC-DC02.

The Dallas branch office also contains two domain controllers named ABC-DC03 and ABC-

DC04. You plan to install a new server named ABC-DC05 in the Chicago office and a new server named ABC-DC06 in the Dallas branch office. ABC-DC05 and ABC-DC06 have much better hardware resources than the other domain controllers. 6 Management wants the servers that have the best hardware resources to deal with Active Directory replication in each site. Which of the following actions should you take?

A. Your best option would be to set ABC-DC02 and ABC-DC04 up as the preferred bridgehead servers.

B. Your best option would be to set ABC-DC05 and ABC-DC06 up as the preferred bridgehead servers in the domain.

C. Your best option would be to set ABC-DC05 and ABC-DC06 up as the preferred bridgehead servers for RPC traffic.

D. Your best option would be to run the DCPROMO command on ABC-DC05 and

ABC-DC06.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=6

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

7

7 You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com with all servers installed with Windows Server 2003 and all workstations with

Windows XP Professional. All the workstations� computer accounts are placed in an organizational unit (OU) named ClientComputers. A new ABC.com security policy requires that users must be assigned local Power Users group membership and not local Administrators group membership on all workstations on the network. This means that the security policy does not allow users to have administrative rights to domain controllers and member servers.

In addition to this, it does not allow Power Users group membership to be modified in any way by members of the local Administrators group on workstations. You must implement a solution to comply with the requirements of the written security policy with group membership assignment occurring automatically. Which of the following actions should you take?

A. Write a logon script that makes the Domain Users group a member of the local

Power Users group and link the logon script to the ClientComputers OU.

B. Set up a Group Policy object (GPO) that makes the Domain Users group a member of the local Power Users group and link the GPO to the ClientComputers OU.

C. Set up a Group Policy Object (GPO) that makes all users members of the Default

Domain Administrators group.

D. Make the written security policy the Default Domain Policy.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=7

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

8

You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com. All servers on the ABC.com network have Windows Server 2003 installed.

ABC.com makes use of Group Policy objects (GPOs) to deploy applications to workstations.

ABC.com employees in the Data Processing division can decide between two applications to view information based on the specific data formats and features they want. You must create a

GPO to deploy either application depending on the selection made by the employee. Which of the following is an action that you should take to achieve the above goals?

A. Configure the GPO to assign each of the applications to the workstations.

B. Configure the GPO to publish each of the applications without using file extension activation.

C. Create a transformation package to install each application on demand.

D. Configure two GPOs that each assigns an application.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=8

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

9

You work as the IT Admin at ABC.com. The ABC.com network has a forest with a domain named ABC.com and two child domain named us.ABC.com and uk.ABC.com. All servers in the forest have Windows Server 2003 installed and the functional level of the forest is set at

Windows Server 2003. All domains have Web servers and database servers that have

computer accounts in the default Computers container in their specific domains. ABC.com wants the IT division, which is located at a central site, to administer the Web server computer accounts throughout the forest. Furthermore, the IT divisions in each domain must only administer the computer accounts of the database servers in their respective domains. You must delegate authority to the various IT divisions so that they can design a solution to meet the requirements. You start this task by designing the organizational unit (OU) solution that supports the requirements for the delegation of authority. Which of the following actions should you take? (Choose two) 9

A. Configure a top-level OU for all Web server computer accounts under the ABC.com domain.

B. Configure a top-level OU for all database server computer accounts under the

ABC.com domain.

C. Configure a top-level OU for all Web server computer accounts under each domain.

D. Configure a top-level OU for all database server computer accounts under each domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=9

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

10

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. ABC.com is made up of four divisions named Sales, Marketing, Finance and Research. The ABC.com network has an organizational unit (OU) named after each division that holds the user accounts of all employees working in that specific division. The workstations used by the Sales employees are contained in an organizational unit (OU) named

SalesComputers. The SalesComputers OU belongs to the Sales OU. You have recently deployed a new installation package for the application to all user accounts in the Sales OU.

You have also generated a Group Policy object (GPO) that will deploy the installation package. You have to make sure that when an employee is shifted to another division, the application is uninstalled from that specific user�s workstation. When Mia Hamm is shifted from the Sales division to the Finance division a month later, you remove Mia Hamm from the

Sales OU and include her in the Finance OU. The next morning you discover that Mia Hamm s workstation is still running the Sales applications although she was removed from the Sales

OU. Which of the following actions should you take? (Choose all that apply.) 10

A. Restore Mia Hamm s membership to the Sales OU.

B. Edit the GPO to ensure that the software installation package is removed.

C. Set up the software installation package to ensure automatic software uninstallation when Mia Hamm�s user account is no longer a part of Sales OU.

D. Remove the client computer object for Mia Hamm�s computer from the

SalesComputers OU.

E. Verify that Mia Hamm can log on to the ABC.com domain.

F. Remove Mia Hamm from the Sales global group.

G. Move Mia Hamm�s user account to the Finance OU again.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=10

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

11

You work as the IT Admin at ABC.com. The ABC.com network has a forest that contains multiple domains. ABC.com has headquarters in London and branch offices in Paris, Berlin,

Milan, Madrid, Stockholm, Warsaw, Minsk, and Athens. All domain controllers on the

ABC.com network have Windows 2000 Server installed and each domain contains user objects for six ABC.com branch offices. The administrators in the Paris and Berlin branch offices provide help desk support to users in all ABC.com�s domains. The customer support administrators mostly deal with requests to change group membership. One morning, the customer support administrators complain that group membership changes are frequently lost, with the result that they have to recreate quite a large number of group membership changes.

You investigate the issue and suspect that it is being triggered by replication conflicts that take place when numerous requests are happening at the same time. In an attempt to resolve the issue, you perform uABCradation of all domain controllers to Windows Server 2003 but the problem is still not solved. 11 How can you decrease the volume of lost group membership changes?

A. Check whether the RID master operations role has malfunctioned.

B. Set the functional level of both the domain and the forest to Windows Server 2003.

C. Reduce the cost of the site links.

D. Check whether the Domain naming master operations role has malfunctioned.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=11

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

12

You work as a network administrator at ABC.com. The ABC.com network has a domain named ABC.com, which contains several print and file servers. ABC.com is made up of several departments that have organizational units (OU) named named after them. These

OU�s contain the computer accounts for their respective departments. Each department has two print and file servers. ABC.com wants you to make use of Group Policy Objects (GPOs) to deploy computer configurations for the print and file servers. ABC.com would like the subsequent settings to be applied: � All print and file servers must have certain configurations applied to them. � The Sales servers should have certain configurations applied only to them.

12 � The Marketing servers should have certain configurations, which should take precedence, applied only to them. You have thus been instructed to design an organizational unit (OU) solution that meets these requirements. You also have to use the least number of

GPOs with one link each, whilst using the default security permissions for GPO links. Which of the following actions should you take?

A. You should set up two child OUs named ABCPrintServers and ABCFileServers in the ABCServers OU.

B. You should set up a top-level OU named ABCServers at the domain level.

C. You should set up two child OUs named SalesServers and MarketingServers in the

ABCPrintServers and ABCFileServers OUs respectively.

D. You should set up two top-level OUs named SalesServers and MarketingServers at the domain level.

E. You should set up two child OUs named ABCPrintServers and ABCFileServers in both the SalesServers and MarketingServers OUs.

F. You should set up two child OUs named SalesServers and MarketingServers in the

ABCServers OU.

G. You should set up two top-level OUs named ABCPrintServers and ABCFileServers at the domain level.

H. You should set up two child OUs named SalesServers and MarketingServers in the

ABCPrintServers and ABCFileServers OUs.

I. You should set up two child OUs named ABCPrintServers and ABCFileServers in the SalesServers and MarketingServers OUs.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=12

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

13

You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. You are in the process of configuring a recently created Group Policy object (GPO) to publish an .msi file that will install a new finance application. ABC.com users who are using the outdated application must have the choice to either continue using the outdated application or switching to the new application.

However, both applications cannot be installed on the same workstation simultaneously. 13

Which of the following actions should you take meet these requirements?

A. By setting up a transformation package to uABCrade the application on demand.

Configure a GPO to assign the transformation package.

B. By setting up a transformation package to uABCrade the application on demand.

Configure a GPO to publish the transformation package.

C. By creating a GPO that can be used to assign the new application and configuring it to uABCrade and replace the current finance application.

D. By creating a GPO that can be used to publish the new application and configuring it to uABCrade and replace the current financeapplication.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=13

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

14

You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. The ABC.com network currently makes use of a domain controller named ABC-DC01. When ABC-DC01 goes offline due to a faulty hard disk, you reboot it in Directory Services Restore Mode and enter your usual user

name and password when prompted to log on. However, you are presented with a message informing you that your logon attempt was not successful. Which of the following actions should you take to log onto ABC-DC01?

A. You should make use of administrator as your user name and the password that you used to set up Active Directory.

B. You should make use of your usual user name and the password that you used to set up Active Directory.

C. You should make use of your usual user name and the password for the local administrator account.

D. You should arrange the hard disks in a mirror array.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=14

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

15

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. Only IT users are configured as local administrators on the workstations. A new accounting application package is stored in an

.msi file, which is stored in a shared folder named ABCData on a server. The Allow - Read permission for ABCData has been granted to the Authenticated Users group. You inform the users that they have open the .msi file in the ABCData folder in order to install the new accounting package. Soon afterward you receive reports from various users saying that they are presented with an error message when they try to install the application. Which of the following actions should you take to make sure of a successful application installation?

(Choose all that apply.)

A. You should change the Default Domain Policy Group Policy Object (GPO).

B. You should publish the accounting application to all user workstations.

C. You should assign the accounting application to all user workstations.

D. You should assign users the necessary permissions for generating temporary files in the ABCData folder.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=15

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

16

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. 15 ABC.com has its headquarters in Atlanta and a branch office in Miami. The two offices are configured a separate sites that belong to the ABC.com domain. ABC.com has domain controllers located in the Atlanta and Miami sites. However, the operations master roles are located at the Atlanta site.The two sites are connected via a dedicated WAN link, as well as a site link that is used for

replication outside of business hours. You must configure separate GPOs that can be used to administer configurations of computers in the respective sites. You want the GPOs to be generated and applied in the correct site as soon as possible. Which of the following actions should you take?

A. The Atlanta and Miami sites should be connected using a remote procedure call

(RPC) connection object.

B. Configure a global catalog in each site.

C. Check whether the Infrastructure master role has malfunctioned.

D. Access the Group Policy and Active Directory consoles and configure it to access a domain controller in the site in which you should apply the GPO.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=16

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

17

You work as the network administrator at ABC.com. ABC.com has its headquarters in Chicago and a branch office in Dallas. The headquarters and branch office are configured as Active

Directory sites in the ABC.com domain. All servers on the ABC.com network have Windows

Server 2003 installed and all workstations have Windows XP Professional installed. A

128Kbps WAN connection links the branch office to ABC.com�s headquarters. Both the headquarters and branch office have two domain controllers. ABC-DC01 and ABC-DC02 are located at the headquarters, and ABC-DC03 and ABC-DC04 are located at the branch office.

ABC-DC01 is configured as an Active Directory-integrated DNS server and as a global catalog server. 16 A ABC.com employee named Dean Austin works in the Dallas branch office. One morning Dean complains that logging on to the network takes an exceptionally long time.

Which of the following actions should you take to reduce the logon time in the Dallas branch office?

A. Promote a server in the Dallas branch office to be an extra domain controller.

B. Use the Active Directory Sites and Services console to enable universal group membership caching for ABC-DC03.

C. Use the Active Directory Sites and Services console to move ABC-DC02 to the branch office site.

D. Decrease the replication interval�s value at the site link between Chicago headquarters and the Dallas branch office.

E. Increase the site link cost between the sites.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=17

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

18

You work as the IT Admin at ABC.com. The ABC.com network has a domain named

ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. All workstations in the ABC.com domain are contained in an organizational unit (OU) named ABC_Computers and all users

have user accounts in an OU named ABC_Users. ABC.com is made up of four divisions named Sales, Marketing, Finance and Research.You have received instruction from the CIO to make an application available to senior employees in the Finance division. The senior employees will need to access the application irrespective of the workstation they use. The the

Finance division employees will receive an e-mail message containing a hyperlink to the new application. When updates for the new application becomes available, you decide to make use of a Group Policy Object (GPO) to deploy the update to the workstations that are running the application. Which combination of the following options would you use? (Choose Two)

A. By seting up a new GPO and configure it to deploy the update with the aid of a WMI filter.

B. By seting up a new GPO and configure it to require the update to be deployed.

C. By setting up a new Default Domain Policy that is configured to deploy the update to all computers.

D. By setting up a new GPO and configure it to enable automatic updates and to deploy the update.

E. By linking the GPO to the ABC_Computers OU.

F. By linking the GPO to the domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=18

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

19

The ABC.com network has domain named ABC.com. The ABC.com network consists of seven servers that have Windows Server 2003 installed. Five of the servers are configured as domain controllers, of which two are functional as DNS servers named ABC-SR01 and ABC-

SR02. You are preparing to add a child domain named north.ABC.com. Thereafter, you join a

Windows Server 2003 server named ABC-SR03 to the domain. A short time later you are informed that the first domain controller in the domain has gone offline. The CIO instructs you to carry on adding the new child domain and promoting ABC-SR03 to a domain controller in the north.ABC.com domain. As you try to execute the dcpromo command on ABC-SR03, you are presented with an error message stating that the operation has failed as a result of Active

Directory not being able to contact the domain naming master. Which of the following actions should you take? (Choose all that apply)

A. Access the DNS client settings on ABC-SR03 and configure it to make use of the

DNS server that is cached for the domain.

B. Set up a ABC.com domain controller to have all operations master roles.

C. Set up an existing domain controller to have a copy of the global catalog.

D. Set up an existing domain controller to enable universal caching.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=19

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

20

19 The ABC.com network has a domain named ABC.com. Sites have been configured for

ABC.com�s Research Division, Sales Division and Finance Division. There are currently seven domain controllers across all the sites. All servers and domain controllers on the

ABC.com network have Windows Server 2003 installed and all workstations have Windows

XP Professional installed. Since ABC.com is a growing company, there are plans to add a

Marketing section in one of the divisions. To this end you create new computer and user objects for the division to which the Marketing section will be added. These objects are to be created in the existing organizational units (OUs). You therefore start to create the objects on a domain controller named ABC-DC03. However, halfway through the process the operation fails and you are therefore unable to create the remainder of the objects. You then investigate the problem and discover that a WAN link to one of the divisions is unavailable. The division in question has only one domain controller, which is configured to host a single operations master role. Which of the following is the role hosted by this domain controller?

A. The PDC emulator role.

B. The Domain naming master role.

C. The Relative ID (RID) master role.

D. The Infrastructure master role.

E. The Schema master role.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=20

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

21

The ABC.com network has a domain named ABC.com. The network is configured in such a way that all user, group, and computer objects are stored in their default Active Directory containers. In the Research division there are two administrators named Dean Austin and Clive

Wilson. Currently Dean Austin creates, deletes, and manages user objects for the Research division, while Clive Wilson manages the memberships for the global group objects associated with the Research division. Dean Austin and Clive Wilson have requested that they be given responsibility for only 20 the objects that they are accountable for. You, therefore, want to define the organizational unit (OU) structure accordingly, with the least amount of administrative effort. Which of the following actions should you take? (Choose three.)

A. Create an OU named ResearchOU, and then create two child objects named

ResearchUsers and ResearchGroups and move the appropriate objects to each container.

B. Create an OU named ResearchOU and move the appropriate user and group objects to the container.

C. Deny Dean Austin the right to modify group memberships on the ResearchOU.

D. Allow Dean Austin the right to manage user objects on the ResearchOU.

E. Allow Dean Austin the right to manage all objects on the ResearchUsers OU.

F. Deny Dean Austin the right to manage group memberships for objects in the

ResearchGroups OU.

G. Deny Clive Wilson the right to manage user objects on the ResearchOU.

H. Allow Clive Wilson the right to modify group memberships on the ResearchOU.

I. Allow Clive Wilson the right to manage all objects in the ResearchGroups OU.

J. Deny Clive Wilson the right to manage user objects in the ResearchUsers OU.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=21

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

22

The ABC.com network has a domain named ABC.com. ABC.com has its headquaters in

Chicago and a branch office in Dallas. The Chicago and Dallas offices are configured as separate sites. The Chicago site has two servers named ABC-SR01 and ABC-SR02. The

Dallas site has two servers named ABC-SR03 and ABC-SR04. Multiple domain controllers are located in Chicago and one domain controller, named ABC-DC05, is located in Dallas. All domain controllers have the same hardware configuration and are 21 configured to have back ups made on a daily basis. A few days after creating new user objects on ABC-DC05, you discover that it has gone offline due to faulty hardware. To resolve the issue, you install a new hard disk on ABC-DC05, and then use the most recent available backup to restore ABC-

DC05. You then find that the new user objects which you have created on ABC-DC05 have disappeared. You must now manually recreate each lost user object. How can ensure in the event of hard disk failures on any of the servers. Active Directory data loss is kept to a minimum?

A. Promote one of the servers in the Dallas site to a domain controller.

B. Transfer the Active Directory log files to an external hard disk in each of the domain controllers.

C. Promote all servers in the domain to domain controllers.

D. Connect the Chicago and Dallas sites using a new site link.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=22

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

23

You have recently been hired by ABC.com as IT Admin. You will be responsible for administering a single Active Directory forest that houses twenty two domains. ABC.com has all of their forest domains forming part of one Microsoft Exchange 2000 Server organization.

ABC.com has configured twelve of the forest domains to house servers running Windows

Server 2003 with the functional level of all ABC.com domains set to Windows 2000 native.

You must set up a solution whereby you create groups that will only be used to send e-mails to all ABC.com user accounts that will make use of as little replication traffic as possible, and that it must also reduce the volume of the Active Directory database. Which combination of the following actions should you take? (Choose all that apply) 22

A. By setting up global distribution groups in every domain.

B. By setting up universal security groups.

C. By setting up global security groups in every domain.

D. By adding the required users from each domain as global distribution group members in the same domain.

E. By adding the required users in the same domain as members of the security group in the same domain.

F. By setting up universal distribution groups.

G. By adding the required users from each domain as universal distribution group members.

H. By adding the required users from each domain as universal security group members.

I. By adding the global security group members in every domain as universal security group members.

J. By adding the global distribution groups in every domain as universal distribution group members.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=23

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

24

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. ABC.com has its headquarters in Chicago and a branch division in Dallas and each configured as a separate site with two domain controllers each. All servers on the

ABC.com network have Windows Server 2003 installed and all workstations have Windows

XP Professional installed. A new ABC.com written security policy dictates a warning message should be displayed on the monitors of all client computers prior to any user logging on. You must modify the warning message. You access a GPO linked to the ABC.com domain to 23 make the modifications. During the course of the business day you discover that the warning is displayed to network users in the Chicago division but not by network users in the

Dallas division. What option should you select for warning message appears uniformly throughout the network?

A. Make use of Replication Monitor to effect immediate replication between the

Chicago and Dallas sites.

B. You should check whether the infrastructure master role has malfunctioned.

C. You should check whether the computer accounts in the Chicago site have the correct permissions.

D. Run the repadmin command on a domain controller in the Dallas site.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=24

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

25

You have recently been hired by ABC.com as a network administrator. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server

2003 installed and all workstations have Windows XP Professional installed. The ABC.com domain has Windows Server 2003 print servers that have printer objects. You must only assign the ABCSupport group the permissions that they require to manage the printers, print queues and printer objects in Active Directory. How can you achieve the above goal?

A. Access the Built-in container, and add the ABCSupport group to the Server

Operators group.

B. Access the Built-in container, and add the ABCSupport group to the

HelpServicesGroup.

C. Log on to the print servers, and add the ABCSupport group to the Print Operators group. 24

D. Log on to the print servers, and add the ABCSupport group to the Power Users group.

E. Access the Built-in container, and add the ABCSupport group to the Print Operators group.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=25

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

26

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed. Half the workstations have Windows XP Professional installed, and the rest have either Windows 2000 Professional or Windows NT Workstation

4.0 installed. All computer accounts reside in an organizational unit (OU) named

Workstations, while all user accounts reside in an OU named Users. ABC.com�s updated security policy stipulates that a warning message has to be displayed at log on for all

ABC.com users. Which combination of the following actions must you perform to adhere to the updated security policy? (Choose all that apply)

A. By configuring a new GPO containing the relevant settings in the interactive logon section.

B. By configuring the appropriate changes to the default Domain Policy containing the relevant settints in the interactive logon section.

C. By generating a system policy file, named Ntconfig.pol, and configuring it with the applicable settings.

D. By using Replication Monitor to force replication

E. By linking the GPO to the ABC.com domain.

F. By adding a copy of the Ntconfig.pol file in the correct folder on the server.

G. By running the repadmin command on a domain controller in the Dallas site.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=26

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

27

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed. You are preparing to set up ten Windows XP

Professional workstations in a kiosk for ABC.com these workstations are to be for the exclusive use of customers to browse public Web sites, and must therefore only have a Web browser application installed. The kiosk computers must be joined to the domain. You then create a new organizational unit (OU), named CustomerWorkstations, and add the ten computer accounts to it. You configure each workstation to automatically log on at start up using a user account, named Customer, which does not have any administrative rights. Your

next task is to set up the kiosk computers to only access public Web sites. Which combination of the following actions should you take to accomplish the task without affecting any other users and computers on the ABC.com network? (Choose all that apply)

A. Set up a new Group Policy object (GPO) and link it to the ABC.com domain.

B. Set up a new Group Policy object (GPO) and link it to the CustomerWorkstations

OU.

C. Set up the GPO so that it contains a Public Groups policy which places all users in the local Guests group of each of the ten Windows XP Professional workstations. 26

D. Set up the new GPO to have loopback mode enbled in the computer settings.

E. Set up the new GPO to have the user settings allow only Internet Explorer to run.

F. Set up the new GPO be applicable to the Customer account exclusively.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=27

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

28

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com makes use of an OU named MemberServers to store all computer accounts of member servers and an OU named ABCUsers used to store all user accounts. The

Development division servers store confidential development records. Development division users use local user accounts on the Development division servers. ABC.com has recently updated the security policy for the development servers, which has resulted in you having to modify the account lockout and password settings. 27 Which combination of the following actions should be taken to achieve this goal with the least mount of administrative effort?

A. A new OU should be set up under the Servers OU, and the development servers must be added to it.

B. A new OU should be set up under the ABCUsers OU, and the development user accounts must be added to it.

C. A new domain should be set up under the ABC.com domain, and the development servers must be added to it.

D. A Group Policy object (GPO) should be set up that contains the account lockout and password settings.

E. A Group Policy object (GPO) that contains the account lockout and password settings should be set up.

F. The GPO should be linked to the new OU.

G. You should link the GPO to the new domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=28

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

29

The ABC.com network consists of two companies named Research.com and ABC.com. The network has a forest that is made of two domains named ABC.com and research.com. The

ABC.com domain has two child domains named us.ABC.com and uk.ABC.com. The functional level of the forest is set at Windows Server 2003. ABC.com has configured their

Directory Services object with the default settings and the ABC.com forest has 12000 objects, which are modified on a regular basis. You must make sure that your backup solution will allow for the restore Active Directory objects in the uk.ABC.com domain using backups that were performed up to four months ago. 28 Which of the following utilities could you use in this scenario? (Choose TWO.)

A. ADSIEdit

B. Ntdsutil

C. nbtstat

D. Ldp

E. Netstat

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=29

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

30

The ABC.com network has a domain named ABC.com. ABC.com is made up of four divisions named Sales, Marketing, Finance and Research. An organizational unit (OU) named

Finance contains the file servers, user accounts and groups of the Finance division.

Adminsitrators of the Finance division have to connect to the file servers to perform administrative duties. Each file server has a local group named Finance Admins, which provides them with the necessary permissions to fulfill their administrative responsibilities. A new ABC.com security policy requires that only the user accounts for managers in the Finance division must be allowed memebership of the Finance Admins group. How can you provider maximum security for Finance Admins group membership? 29

A. You have to configure a new Restricted Group GPO for each Finance Admins group.

B. You have to create a universal group named Finance Admins and add the user accounts for finance managers to it.

C. You should link the GPO to the Finance OU.

D. You should add the file servers to the Finance OU.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=30

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

31

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com is made up of four divisions named Sales, Marketing, Finance and

Research. ABC.com has a file server named ABC-SR12 that stores files for the Research division. You must deploy the Remote Administration Tools software package to the network administrators. The network administrators belongs an OU named ABC_Admin. You then place an .msi file into a shared folder named ABC_Share on ABC-SR12. You also create a

GPO named ABC_GPO. You then use a software installation policy to deploy the package.

You then link the ABC_GPO to the NetAdmin OU, which contains the workstations and the network administrators. You then received complaints from the network administrators that they do not have the Remote Administration Tools on their workstations. You also notice that the package is not available on your computer. You then go through the event log and notice that the application failed to install because the source could not be found. Which of the following actions should you take to make sure that the package is deployed to the network administrators? 30

A. To ensure that the package is correctly deployed you need to specify ABC-

SR12\ABC_Share as the default package location in the Computer

Configuration\Software installation node in ABC_GPO.

B. Your best option would be to permit the Authenticated Users group Allow � Read permissions for ABC-SR12\TestShare.

C. You can accomplish this by reconfiguring ABC_GPO.

D. Your first step would be to remove the first software installation policy in

ABC_GPO. Thereafter you will be able to create an additional software installation policy that will assign the package.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=31

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

32

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. ABC.com has its head office in London, and branch offices in Manchester and Leeds. These offices are configured as separate sites that host all ABC.com�s domain controllers. The ABC.com domain contains an organizational unit (OU) named Finance, which contains two child OUs named Paid and Outstanding. You have received instruction from the

CIO to have the Windows Update service disabled on all workstations in the domain.

However, workstations in the Finance OU must continue to have the Windows Update service installed. Which combination of the following actions should you take and still make use of the least amount of Group Policy objects (GPOs)? (Choose all that apply)

A. By setting up a new GPO specified to disable Windows Update under the User

Configuration section of the GPO.

B. By setting up a new GPO specified to disable Windows Update under the Computer

Configuration section of the GPO.

C. By linking the GPO to the ABC.com domain.

D. By linking the GPO to the London, Manchester and Leeds sites.

E. By enabling Block Policy inheritance on the Finance OU.

F. By enabling No Override on the GPO.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=32

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

33

The ABC.com network has a domain named ABC.com. ABC.com is made up of three divisions named Sales, Marketing and Finance. ABC.com has an organizational unit named after each division. The Finance OU hosts two child OUs named Products and Research.

Management wants you to install a finance application to the user accounts in the Finance, as well as the Research OU. It is important that the application is not installed for users that are members of the Products OU. You have to ensure that a visual application is installed for members of the Products OU only. You must design a Group Policy Object (GPO) solution to meet the requirements. Which of the following actions should you take FIRST?

A. You should set up a new GPO named ABCDistribution specified to deploy both the finance and the visual applications, and link it to the Finance OU.

B. You should set up a new GPO named ABCFinance specified to deploy the finance application, and link it to the Finance OU.

C. You should set up a new GPO named ABCVisual specified to deploy the visual application, and link it to the Finance OU.

D. You should set up a new GPO named ABCVisual sepcified to deploy the visual application, and link it to the Products OU.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=33

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

34

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. The functional level of the domain is set at Windows 2000 native. ABC.com has recently purchased 20 new servers to accommodate the rapid growth that the company experienced. These new servers will be used for deploying a new application. You must create a new organizational unit (OU) named R&D, which will be used to store the required resources for the new application. The global group named AdminGlobal will be responsible for allowing access to the application servers only. You must enable AdminGlobal to assign permissions for application servers. Which combination of the following actions should you take to make sure that you adhere to the principle of least privilege? (Choose two)

A. You should have a Group Policy object (GPO) created for restricted groups that specifies the AdminGlobal group as a member of the Power Users on each application server, and then link it to R&D OU.

B. You should add the AdminGlobal group to a security group.

C. You should set up a Domain Local security group, and configure it to allow suitable access to the application servers.

D. You should assign the AdminGlobal group permission to add or remove members from the Domain Local security group.

E. You should make the AdminGlobal group the Server Operators group.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=34

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

35

All servers on the ABC.com network have Windows Server 2003 installed. A domain controller named ABC-DC01 is configured as an enterprise root certification authority (CA).

33 An existing ABC.com security policy stipulates that all connections to external computers must make use of IPSec for secure connections. Furthermore, this means that all IPSec connections must have a computer certificate. Which of the following actions should you take to make sure that all ABC.com�s computers adhere to the security policy?

A. You should automatically issue user certificates from your enterprise CA to all users on the ABC.com network by using a GPO. Then you can import the root CA certificate of a partner company into the Trusted Root Certification Authorities user certificate store.

B. Navigate to the computer settings section to set up a new automatic certificate request in the Default Domain Policy Group Policy object (GPO).

C. You should acquire a computer certificate from a commercial CA and then save it into the Personal computer certificate store on all ABC.com computers.

D. You should acquire a user certificate from a commercial CA to digitally encrypt all communications that occur to and from all ABC.com computers.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=35

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

36

The ABC.com network has a domain named ABC.com. All servers in the ABC.com domain run Windows Server 2003. Your job description involves the planning of the domain structure for 34 ABC.com. You must create a new child domain in the ABC.com domain. To this end you deploy a new Windows server 2003 computer named ABC-SR10 on the network. Then you check for successful communication with the other computers on the ABC.com network.

You then decide to make use of Active Directory Installation Wizard to create the new child domain. You navigate to the location in which you want to deploy the first domain controller.

You then get prompted to specify a user account from the parent domain. However, your efforts fail and the promotion of ABC-SR10 to a domain controller comes to naught. Instead you receive an error message that states that no domain controllers for the parent domain can be found. Which of the following actions should you take to rectify the error in the child domain that prevents you from promoting the server to a domain controller?

A. For the purpose of name resolution, ABC-SR10 should be configured to use another

DNS server.

B. ABC-SR10 should be configured to make use of another WINS server for the purpose of name resolution.

C. To rectify the error the Active Directory Installation Wizard should be run again.

When prompted you need to specify a user account that enjoys Schema Admins group membership.

D. Prior to joining ABC-SR10 to the ABC.com domain, you need to run the Active

Directory Installation Wizard yet again.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=36

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

37

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed. 35 ABC.com has its headquarters in Chicago and offices in Dallas and Miami. The ABC.com domain has an organizational unit (OU) configured for the Dallas and Miami offices. ABC.com resources are governed by means of

Group Policy objects (GPOs) linked to these OUs. The Dallas and Miami office OU�s are further organized to each include an OU named Users and an OU named Desktops. User accounts are located in the Users OU and computer accounts are located in the Desktops OU.

Both the Dallas and Miami office has a designated manager for desktop and manager support for their respective office. One morning you notice that the volume of support calls for the

ABC.com branch office managers have increased. You discover that there are users who are modifying their workstations. This proves to be an untenable situation. How can you configure a new restrictive GPO that will immediately prevent all users other than the designated managers from using administrative tools and desktop features?

A. By linking the GPO to the Desktops OU of Dallas and Miami offices.

B. By linking the GPO to the Users OU of Dallas and Miami offices.

C. By placing the branch administrative user�s computer accounts in a new OU under

Dallas and Maimi Desktops OU.

D. By placing Miami and Dallas office�s administrative user�s account in a new OU under its respective Users OU.

E. By applying an appropriate filter to include the user accounts of the Dallas and

Miami managers from being affected by the GPO.

F. By applying an appropriate filter to exclude the user accounts of Dalls and Miami managers from being affected by the GPO.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=37

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

38

The ABC.com network has a domain named ABC.com. ABC.com has an organizational unit, named ABCData, which hosts numerous computer accounts. ABC.com also has a Group

Policy Object linked to the domain, named ABCSec, which is configured to enable security settings. How can you apply these security settings computer accounts hosted in theABCData

OU with the least amount of GPO links without affecting any other computer accounts?

A. You should change the discretionary access control list (DACL) for ABCSec.

B. You should disable the User Configuration section of ABCSec.

C. You should link ABCSec to ABCData.

D. You should remove the link from ABCSec to the domain.

E. You should assign the computer accounts in the ABCData OU the Allow - Read and the Allow - Apply Group Policy permissions.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=38

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

39

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com has its headquarters in Atlanta and a branch office in Georgia. These offices are configured as separate sites. ABC.com has a dedicated WAN link, as well as a site link that connects Atlanta and Georgia. All domain controllers are located in the Atlanta site.

You receive instruction to redirect the My Documents folder of all ABC.com users. You use a

Group Policy object (GPO) to perform the redirection and link it to the domain. ABC.com users in Atlanta report that their folders have been effectively redirected. ABC.com users in

Georgia, however, report that their folders are not being redirected. Which of the following actions should you take rectify this problem?

A. Edit the GPO, enable the User Group Policy loopback processing mode policy, choose replace, and define the required policy settings.

B. Edit the GPO, enable the User Group Policy loopback processing mode policy, choose merge mode, and define the required policy settings. 37

C. Link the GPO to Atlanta and to Georgia rather than the domain.

D. Disable Group Policy slow link detection in a new GPO that is linked to Georgia.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=39

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

40

The ABC.com network has a forest that contains numerous domains spread across several sites.

All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. After certain users in a remote site reports that the logon process took longer than normal when they logged on in the morning, you investigate this phenomenon and detect that you are unable to execute administrative tasks on the domain controller named ABC-DC10 remotely. This domain controller is located in the same site as the users who sent in the report. You ask a fellow administrator named Andy Booth, who is stationed at that site, to log on to ABC-DC10 interactively to verify its functionality. Andy

Booth reports that the ABC-DC10 seems to be operating as it should. You have received instruction from the CIO to ensure that you are able to administer ABC-DC10 remotely.

Which of the following actions should you take?

A. Your first step should be to change the replication interval for the site link that connects the remote site to your site to a lower value.

B. On ABC-DC10 you need to ensure that the Net Logon service is restarted.

C. Your best option is to make sure that replication is forced between ABC-DC10 and another domain controller in the same domain.

D. You should consider enabling NetBIOS over TCP/IP on ABC-DC10.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=40

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

41

The ABC.com network has a forest with a forest root domain named ABC.com and two child domains named north.ABC.com and south.ABC.com. The functional level of the forest is set at

Windows 2000 and the functional level of all three domains is set at Windows 2000 native. All domain controllers run Windows 2000 Server. You have administrative privileges in the north.ABC.com domain. Your user account is included in the Schema Admins, Domain

Admins, and Domain Users security groups. Which of the following actions should you take to update the schema and configuration partitions in Active Directory?

A. Execute the adprep.exe command with the /forestprep parameter for the ABC.com domain on the PDC emulator.

B. Restart the schema master in Directory Services Restore Mode before executing the adprep.exe command with the /forestprep parameter.

C. Make sure that your user account is a member of the Enterprise Admins security group before executing the adprep.exe command with the /forestprep parameter on the schema master.

D. Execute the adprep.exe command with the /domain prep parameterfor the ABC.com domain on the PDC emulator.

E. In each domain in the forest, execute the adprep.exe command with the /domainprep parameter on the infrastructure master.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=41

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

42

The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com recently entered into partnership with Weyland Industries. The Weyland

Industries network users access resources located in the ABC.com domain. You must prepare to place the Weyland Industries computer accounts in an organizational unit (OU) named

WeyUsers. ABC.com and Weyland Industries wants you to ensure that the workstations are always updated when Microsoft Update releases new security hotfixes and service packs.

Which of the following actions should you take? (Choose all that apply)

A. You should add Weyland Industries network users to a global group.

B. You should add Weyland Industries network users to a universal group.

C. You should configure a new Group Policy object (GPO) which configures the client computers to automatically download and install updates from Microsoft update servers from the Internet.

D. You should link the new GPO to the WeyUsers OU.

E. You should link the new GPO to the ABC.com domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=42

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

43

The ABC.com network has a forest named ABC.com, which has a single domain named uk.ABC.com. ABC.com recently entered into partnership with Weyland Industries. The

Weyland Industries network users access resources in the uk.ABC.com domain. Consequently

ABC.com has introduced a new security polcy that requires all the Weyland Industries user accounts that exists in uk.ABC.com to make use of secure password protection. Which of the following actions should you take to make sure that the new policy is enforced?

A. You should have the Default Domain Policy GPO of the uk.ABC.com domain modified to put the Password must meet complexity requirements policy into effect.

B. You should make use of a GPO to set up the Password must meet complexity requirements policy, and then have the GPO linked to the forest.

C. You should have the Weyland Industries users added to a universal group and make use of a GPO to set up the Password must meet complexity requirements policy, and then have the GPO linked to the uk.ABC.com domain.

D. You should have the Weyland Industries users added to a global group and then use a GPO to set up the Password must meet complexity requirements policy, and then have the GPO linked to the uk.ABC.com forest.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=43

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

44

The ABC.com network has a domain named ABC.com. ABC.com has recently decided to place all the network domain controllers in an organizational unit (OU) named KingServers.

ABC.com recently entered into partnership with Weyland Industries and added the Weyland

41 Industries computers, which are stand-alone servers, to an organizational unit (OU) named

WeyServers. During the course of the day you receive instruction from ABC.com to prepare a computer named ABC-SR01 with the appropriate security settings, which will then be applied to the Weyland Industries servers. Which of the following actions should you take? (Choose all that apply)

A. You should consider having the security settings configured on ABC-SR01 exported to a custom template.

B. You should consider making use of the netsh dump command on ABC-SR01 to create a script.

C. You should consider making use of the netsh show config command on ABC-SR01 to create a script.

D. You should consider making use of the netsh set config command on ABC-SR01 to create a script.

E. You should then have a Group Policy Object (GPO) created which uses the script, and link it to the KingServers OU.

F. You should then have a Group Policy Object (GPO) created to import the settings from the custom template, and then link it to the WeyServers OU.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=44

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

45

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP Professional installed. ABC.com recently entered into partnership with Weyland Industries whose network users consequently have access to a file server, as well as receive and send e-mail via the ABC.com domain. The Weyland Industries workstations are configured with the same settings. ABC.com 42 introduces a new security policy that requires the Weyland Industries network users being prevented from installing additional files and modifying their desktop settings. Which combination of the following actions should you take to make sure that that the security policy requirements are suitably met? (Choose two)

A. You should add the Weyland Industries network users to a universal group named

WeyUsers.

B. You should add the Weyland Industries network users to an organizational unit (OU) named WeyUsers.

C. You should add the Weyland Industries network users to a global group named

WeyUsers.

D. You should apply the restrictive security policy by means of a Group Policy Object

(GPO) that is configured accordingly and linked to the WeyUsers OU.

E. You should have a Group Policy Object (GPO) set up that specifies the required restrictions in the User Configuration section which will be linked to the WeyUsers OU.

F. You should have a Group Policy Object (GPO) set up that specifies the required restrictions in the User Configuration section which will be linked to the domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=45

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

46

The ABC.com network has a forest named ABC.com and two domains named us.ABC.com and uk.ABC.com. The forest operates in a Windows 2000 native functional level. All servers on the ABC.com network have Windows 2000 Server Service Pack 4 (SP4) installed and all workstations have Windows XP Professional installed. ABC.com currently makes use of a computer named ABC-DC01, which is configured as a domain controller. You are preparing to uABCrade the forest functional level to Windows Server 2003. Thus you remove ABC-

DC01 from the domain to uABCrade the remaining servers to Windows Server 2003. During the course of the day you receive instruction from ABC.com to redeploy ABC-DC01 as a supplementary domain controller in the us.ABC.com domain. 43 You have started by executing the dcpromo /forceremoval command to demote ABC-DC01 to a member server.

Which of the following actions should you take NEXT?

A. You should open Active Directory Users and Computers to add a computer account for ABCDC01 in the uk.ABC.com domain.

B. You should install Windows Server 2003 on ABC-DC01 prior to executing the dcpromo command which promotes ABC-DC01 to be a new domain controller on the us.ABC.com domain.

C. You should open Active Directory Users and Computers to add a computer account for ABCDC01 in the us.ABC.com domain.

D. You should install Windows Server 2003 on ABC-DC01 prior to executing the dcpromo command which promotes ABC-DC01 to be a new domain controller on the uk.ABC.com domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=46

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

47

The ABC.com network has a forest that contains a single domain named ABC.com. The functional level of the domain is set at Windows Server 2003. All servers on the ABC.com network have Windows Server 2003 installed and all workstations have Windows XP

Professional installed. A server named ABC-SR01 is used to store files. ABC.com recently entered into partnership with Weyland Industries. The Weyland Industries network is named weyland.com and its functional level is set at Windows NT 4.0. Due to the partnership all

Weyland Industries network users will also save their documents and files to ABCSR01. You must thus make sure that the files on ABC-SR01 are accessible to the Weyland Industries network users without allowing any Weyland Industries administrators the ability to assign permissions for servers in the weyland.com domain to network users in the ABC.com domain.

44 How can you achieve the above tasks?

A. You should consider employing the netdom command utility to set up a temporary two-way realm trust relationship where the ABC.com domain trusts the weyland.com domain.

B. You should consider employing the netdom command utility to set up a one-way external realm relationship where the ABC.com domain trusts the weyland.com domain.

C. You should consider employing the netdom command utility to set up a one-way external trust relationship where the ABC.com domain trusts the weyland.com domain.

D. You should consider employing the netdom command utility to set up a temporary one-way external trust relationship where the ABC.com domain trusts the weyland.com domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=47

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

48

Your company is expanding its single location with five new offices, all in different states.

Each location will have 10 marketing employees or less to supplement the 25 already employed at the main office. Your security engineer says that all employees will abide by the same company security policy. They will hire another systems administrator at your office to

handle the increased workload. When asked about how the company�s single-domain

Windows Server 2003 Active Directory will be affected by the expansion, you reply that new servers will have to be installed at the remote locations. Your manager wants to know what server hardware and software to budget for. What do you tell him? (Choose one.)

A. Five servers and five copies of Windows Server 2003 Datacenter Edition

B. Five servers and five copies of Windows Server 2003 Standard

C. Ten servers and ten copies of Windows Server 2003 Enterprise Edition

D. Ten servers and ten copies of Windows Server 2003 Standard

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=48

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

49

You have an OU called Support. You have a GPO called RegEdit. The only setting in the

RegEdit GPO is that the use of the Registry editing tools has been disabled in the User

Configuration node. For performance reasons, the decision has been made to limit the numbers of GPOs that are processed at logon. The decision has been made to remove the requirement to disable the use of the Registry editing tools. What should your course of action be to implement the new decisions?

A. Remove the RegEdit GPO from the Support OU.

B. Create a new GPO that enables the use of the Registry editing tools. Apply the new

GPO to the Support OU.

C. Edit the Registry on the computers used by the Support OU that will allow for use of the Registry editing tools.

D. Configure a local GPO to allow the use of the Registry editing tools. Set the No

Override option to this policy.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=49

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

50

You created three OUs for your domain: one called Corp, and two child OUs called Sales and

Tech. You create two GPOs, one called Desktop and the other called Network. The Desktop

GPO specifies the desktop settings for all users. The Network GPO specifies the network and

Registry policies. The Desktop policy prohibits users from being able to change their wallpaper. You first apply the Desktop GPO to the Corp OU, and then apply the Network

GPO to the Corp OU. You delegated control of the OU to the senior member of the Tech group. Later, the Tech OU manager modifies the Desktop GPO to allow his users to change their wallpaper. What should you do to ensure that their changes will not take effect?

A. Nothing, since the GPOs were not applied to the Tech OU, they will not affect the users.

B. You should set No Override on the Tech OU so that its settings are not overridden.

C. You should set No Override on the Corp OU so that its settings are not overridden.

D. You should set Block Inheritance on the Tech OU so that the settings from the parent

OU are not applied to the child OU.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=50

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

51

A company uses a single-master domain model, with resource domains for each of its divisions. It has registered two domains under the names www.dotnetforce.com and www.w3force.com. In this situation, which Active Directory information will be replicated between DCs in the dotnetforce.com and the w3force.com domains? 46

A. Domain-naming context

B. Schema-naming context

C. Configuration-naming context

D. GC

E. SYSVOL

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=51

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

52

Steffie, an system administrator, has implemented two sites that are connected by a site link.

The Cost property is set to 100, and the Replicate Every property is set to 50 minutes. How often will the replication occur?

A. Every 5 minutes

B. Every 50 minutes

C. Every 180 minutes

D. The replication frequency cannot be determined.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=52

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

53

Michael is an enterprise administrator for ABC, Inc. He is installing Microsoft Exchange 2000 into his domain. His domain, ABC.biz, has two sites and one child domain: CA.ABC.biz, a subsidiary in Sacramento, California. Michael logs on to the domain with his focus on a local

DC and as a member of the Enterprise Admins group. During the Exchange installation, he runs across errors that restrict him from completing the installation. Which is a possible reason for this problem?

A. Exchange 2000 cannot run on Windows Server 2003 domains because the schemas are incompatible.

B. The RID FSMO is unavailable.

C. The Domain Naming FSMO is unavailable.

D. Michael must log on as a member of the Schema Admins group.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=53

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

54

47 Heather has been hired to come into your company and install a customized Directoryenabled application. Only the users in your branch office located in Fresno, California use this application. Your headquarters is in Santa Rosa, California, and you created a site for each location and set up directory replication over the slow WAN link to occur only at night.

Access between the sites occurs at that time, but occasionally you allow the sites to connect during the day when a certain threshold of requests is reached. You create a temporary account for Heather and place the new account in the Schema Admins group. Heather begins to install the application but soon realizes that the schema will not let her extend it, as the application requires? Which is a possible reason for this?

A. She must install the application in Santa Rosa and then set up Terminal Services for the users in Fresno to access the application remotely.

B. She needs to wait for the schema extension requests to be processed between the two sites.

C. The Schema FSMO is unavailable.

D. The schema can only be extended on the DC that holds the Schema FSMO.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=54

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

55

You have a network with a main office and a satellite office. The functional level of your network is Windows 2000 Native. The satellite office has a DC. The main office has a DC and a GC server. You encounter a problem with the link between the main office and the satellite office. You are concerned that users will not be able to log on at the satellite office because they cannot access the GC. To your surprise, they are still able to log on to the domain. How is this possible?

A. The DC at the branch office could be set to cache Universal Group information, allowing clients to still log on.

B. The GC isn�t required for logon, simply for searching the directory after you are logged on.

C. The DC at the satellite office is operating in the role of Schema Master and can authenticate without a GC server.

D. The users are logging on locally and not authenticating to the domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=55

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

56

You have multiple locations that are part of the Default-First-Site-Name site. These locations are in Florida, Oregon, and Iowa. You have instituted GC servers at each location. While monitoring your network, you are noticing a lot of replication traffic between the locations.

How can you remedy the amount of replication traffic and how that traffic is handled?

A. Implement the use of Subnet objects 48

B. Implement the use of Object classes

C. Implement the use of sites

D. Implement the use of site connectors

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=56

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

57

You have just set up a Windows Server 2003 Active Directory network, and you want to use group policies to control user configuration. You have configured local policies on some of the machines in your domain, and you also want to configure some site and OU policies for more granular control, but you are concerned about policies at different levels �canceling each other out.�Which of the following types of GPOs will override settings applied at the domain level?

(Choose all that apply.)

A. Local

B. OU

C. Site

D. Domain

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=57

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

58

You have been asked to set up a group policy environment in a new Windows Server 2003

Active Directory network. Your supervisor has asked if local computer settings will override settings applied in a domain GPO. You explain to him that policies applied later in the processing order generally take precedence over policies set earlier. In what order are group policies applied?

A. OU policies, domain policies, site policies, local policies

B. Site policies, domain policies, OU policies, local policies

C. Local policies, site policies, domain policies, OU policies

D. Local policies, OU policies, domain policies, site policies

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=58

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

59

What term describes what happens when a user double-clicks on a file with an associated extension that launches the installation of a package configured in Group Policy? 49

A. Folder redirection

B. Document invocation

C. Blocking inheritance

D. No override

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=59

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

60

Your supervisor asks you how Active Directory knows which transactions have been committed to the database. You explain that this is tracked in a file known as:

A. Edb.log

B. Ntds.dit

C. Edb.chk

D. Edb00001.log

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=60

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

61

You are the network administrator for your company. The company s logical network design consists of a single Active Directory domain. All servers run Windows Server 2003, and all client computers run Windows XP Professional. Organizational units (OUs) are created for each department in the domain as shown in the exhibit. (Click the Exhibit(s) button.) Multiple

Group Policy objects (GPOs) are created for and linked to each OU. 50 You are considering moving users from the APayables OU into the Acct OU. You are considering moving computers from the Acct OU into the APayables OU. However, you are concerned that this action will result in restrictive group policy settings applied to the users and computers after they are moved. You want to identify any existing policies that may cause disruptions for these users and computers before performing this operation. Unfortunately not all computers are turned on and not all users are logged in. What should you do?

A. From the Acct OU, run Resultant Set of Policies (RSoP) in Logging mode.

B. From the Acct OU, run Resultant Set of Policies (RSoP) in Planning mode.

C. From the APayables OU, run Resultant Set of Policies (RSoP) in Logging mode.

D. From the APayables OU, run Resultant Set of Policies (RSoP) in Planning mode.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=61

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

62

You are the network administrator for your company. The company s logical network design consists of a single Active Directory domain. All network servers run Windows Server 2003, and all network clients run Windows XP Professional. You are planning on performing some network maintenance that will result in the network being 51 unavailable to dial-in users next weekend. You want to use group policy to deploy the following logon banner to provide advance notice of the event to network users: The network will be unavailable for local or remote access this weekend. Please download any files on Friday that you will require access to over the weekend. The network will be available 8

A.M. Monday. You create a new Group Policy object (GPO) that will be linked at the domain level to deploy the logon banner. You must configure the appropriate policy setting that will deploy the logon banner using the least amount of administrative effort.

What should you do? A. Enable the Scripts (Startup/Shutdown) policy and create a script that displays the desired message text.

B. Enable the Interactive logon: Message text for users attempting to log on policy and define the desired message text.

C. Enable the Interactive logon: Message title for users attempting to log on policy and define the desired message text.

D. Enable the Domain controller: Allow server operators to schedule tasks policy, create a batch file that displays the desired message text, and use Schtasks to run the new batch file.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=62

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

63

You are a network administrator of an Active Directory forest named company.com. A business partner s network consists of another forest named partner.com. The forests are presented in the following exhibit. The functional level of both forests is Windows Server

2003. Users in the child1.company.com domain in your forest need access to resources in the branch2.partner.com domain in the partner s forest. Administrators in the partner s forest should be able to assign permissions for 52 resources in branch2.partner.com only to users from child1.company.com. Administrators in your forest should not be able to assign permissions in their domains to users from the partner s forest. In cooperation with an administrator of the partner.com forest, you must configure the appropriate trust relationship.

Which of the following trust relationships should you create?

A. an external trust where the branch2.partner.com domain trusts the child1.company.com domain

B. an external trust where the child1.company.com domain trusts the branch2.partner.com domain

C. a forest trust where the partner.com forest trusts the company.com forest

D. a forest trust where the company.com forest trusts the partner.com forest

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=63

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

64

You are the network administrator for your company. The company s logical network design consists of a single Active Directory domain. All servers run Windows Server 2003, and all client computers run Windows XP Professional. You are using the Ntdsutil utility to authoritatively restore an organizational unit (OU) that was mistakenly deleted. The deleted

OU, named Orders, was located in the weconsult.com domain. Which command should be entered at the authoritative restore prompt to authoritatively restore the deleted OU?

A. ntdsutil OU=orders,DC=weconsult,DC=com

B. restore subtree OU=orders,DC=weconsult,DC=com

C. restore database OU=orders,DC=weconsult,DC=com

D. authoritative restore OU=orders,DC=weconsult,DC=com

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=64

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

65

You are a network administrator for your company. Your corporate network consists of a single Active Directory domain whose functional level is Windows Server 2003. Different groups of domain users require different configurations of the same applications that will be hosted on an application server in the domain. You must configure the appropriate COM+ partitions and assign access to the appropriate users. 53 Which of the following should you do? Select all that apply.

A. For each configuration of each application, create a COM+ partition on the application server.

B. For each configuration of each application, create a COM+ partition in Active

Directory.

C. Create COM+ partition sets on the application server.

D. Create COM+ partition sets in Active Directory.

E. Assign domain users to the appropriate COM+ partitions on the application server.

F. Assign domain users to the appropriate COM+ partitions in Active Directory.

G. Assign domain users to the appropriate COM+ partition sets on the application server.

H. Assign domain users to the appropriate COM+ partition sets in Active Directory.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=65

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

66

You are implementing an Active Directory forest for your company. You install Windows

Server 2003 on a computer, name it DC1 and promote it to the first domain controller in a new domain in a new forest. Then, you install Windows Server 2003 on another computer, name it

DC2 and promote it to an additional domain controller in the existing domain. Now, you want to create a new domain. You install Windows Server 2003 on a new computer, name it DC3

and start the Active Directory Installation wizard. You specify that DC3 will be a domain controller in a new domain in a new domain tree in the existing forest. You receive an error message that indicates that DC3 cannot be promoted to a domain controller. Your investigation reveals that DC1 has failed due to a hardware problem. The replacement part necessary to bring DC1 back online will be delivered within the next few days. However, you must continue the deployment of Active Directory immediately, and you must promote DC3 to a domain controller in a new domain. Which of the following should you do?

A. Promote DC3 to a domain controller in a new child domain.

B. Join DC3 to the existing domain and then promote it to a domain controller in a new tree-root domain.

C. Promote DC3 to an additional domain controller in the existing domain and then join it to a new tree-root domain.

D. Configure DC2 to hold all operations master roles and then promote DC3 to a new domain controller in a new tree-root domain.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=66

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

67

Your company consists of the central office and two branch offices. Your corporate network consists of a single Active Directory domain that spans three sites. One site is configured for each 54 of the offices. The warehouse and the Sales department are located in the central office. The IT personnel at the central office should have the authority to manage all user and computer objects in the domain. Local IT administrators at each of the two branch offices will manage all users and computers in their respective sites. Additionally, one IT administrator will manage users and computers in the warehouse, and another IT administrator will manage users and computers in the Sales department. You must design an organizational unit (OU) structure that will allow you to delegate the appropriate level of authority to IT personnel. You should create the minimum number of OUs. Which of the following OU structures should you create? 55 56

A. A

B. B

C. C

D. D

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=67

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

68

You administer an Active Directory forest for your company. All servers on your network run

Windows Server 2003. The company s written security policy dictates that all users must log on only by using smart cards and that administrators should not log on by using their administrative credentials. The Interactive logon: Smart card removal behavior policy is set to

Force Logoff in the Default Domain Policy Group Policy object (GPO). You must be able to perform various administrative tasks on any server on the network by using the least administrative effort. Which of the following should you do?

A. On all servers, install two smart card readers and use a secondary logon to perform administrative tasks.

B. On your workstation, configure Remote Desktop connections to all servers and disable the local security policy that forces logoff when a smart card is removed.

C. On your workstation, install two smart card readers and configure Remote Desktop connections to all servers.

D. On your workstation, install the Windows Server 2003 Administrative Tools pack and use the Run as command to perform administrative tasks remotely.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=68

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

69

You are a network administrator for your company. The corporate network consists of a single

Active Directory domain and three sites that are presented in the following exhibit. 57 There are two domain controllers in each of the sites, and one domain controller in each site is designated as a preferred bridgehead server. The network is not fully routed, and the default bridging of all site links is disabled. You want changes made to Active Directory in any of the sites to be propagated to the other sites even if any one domain controller in each site fails.

Which of the following should you do?

A. Bridge the two site links.

B. Create a site link between Site1 and Site3.

C. Designate both domain controllers in Site2 as preferred bridgehead servers.

D. Reconfigure each site so that there are no preferred bridgehead servers.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=69

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

70

You want to optimize the performance of write operations and provide fault tolerance to the

Active Directory database on a Windows Server 2003 domain controller. Currently, the data files and transaction log files are installed at their default locations. You add two RAID devices to the computer; one device is configured as RAID 1, and the other is configured as

RAID 5. Which of the following should you do? Select two choices. Each correct answer is part of the solution.

A. Move the data file to the RAID-1 device.

B. Move the data file to the RAID-5 device.

C. Move the transaction logs to the RAID-1 device.

D. Move the transaction logs to the RAID-5 device. 58

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=70

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

71

You are a network administrator for your company. The corporate network consists of a single

Active Directory domain where all servers run Windows Server 2003 and all client computers run Windows XP Professional. There is an enterprise root certification authority (CA) on your network. The company s written security policy dictates that all computers use IPSec for all communications within the corporate internal network and that all computers use certificates for mutual authentication. Additionally, all computers must use IPSec for communications with computers on a partner company s network. The partner company uses its own private root CA. Which of the following should you do?

A. Obtain a computer certificate from a commercial CA and import it into the Personal computer certificate store on all computers on your network.

B. Use a GPO to automatically issue computer certificates from your enterprise CA to all computers on your network and to import the partner s root CA certificate into the

Trusted Root Certification Authorities computer certificate store.

C. Obtain a user certificate from a commercial CA and import it into the Personal user certificate store on all computers on your network.

D. Use a GPO to automatically issue user certificates from your enterprise CA to all users on your network and to import the partner s root CA certificate into the Trusted

Root Certification Authorities user certificate store.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=71

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

72

You are a network administrator for your company. The corporate network consists of a single

Active Directory domain where all servers run Windows Server 2003 and all client computers run Windows XP Professional. You are planning to install Software Update Service (SUS) on a server named SUS1. You want to test updates on specifically designated computers and approve the appropriate updates before deploying them on the network. Which of the following should you do?

A. In a GPO, specify SUS1 as the update service location and apply the GPO to computers.

B. In a GPO, specify SUS1 as the update service location and apply the GPO to users.

C. In a GPO, specify that update files be downloaded from SUS1 and apply the GPO to computers.

D. In a GPO, specify that update files be downloaded from SUS1 and apply the GPO to users. 59

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=72

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

73

An employee has retired from the company, and you have just disabled his account so no one can log on to the domain as this user. When this change is made, where will it be stored in the directory?

A. Domain partition

B. Configuration partition

C. Schema partition

D. Application partition

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=73

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

74

Your company�s employees are represented by two unions. Management has a union that represents the managers� interests, while others in the company belong to another union. Each union requires that dues be deducted from paychecks to pay for their representation. The

Finance department has requested that a field be added to each user account, so that a code can be entered on the account to show which union each employee belongs to. They have asked you to create this field. When this new attribute has been added to user objects, where will it be stored in the directory?

A. Domain partition

B. Configuration partition

C. Schema partition

D. Application partition

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=74

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

75

A RID server has temporarily gone offline. During this time, you seize the RID Master role on another DC. After the original RID server becomes available again, you are concerned that duplicate SIDs might now exist for objects in Active Directory. Which of the following tools would you use to find and delete duplicates? 60

A. Active Directory Users and Computers

B. MOVETREE

C. WHOAMI

D. NTDSUTIL

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=75

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

76

You want to use Remote Assistance to help users with problems by connecting to their machine and taking control of it remotely. When this action is performed, which of the following accounts is automatically created and used?

A. HelpAssistant

B. Support_388945a0

C. Guest

D. InetOrgPerson

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=76

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

77

You are a new network administrator for a Windows Server 2003 domain. In making user support calls, you have noticed that many users are relying on simplistic passwords such as their children�s or pets� names. Passwords on the network are set to never expire, so some users have been using these weak passwords for years. You change the default Group Policy to require strong passwords. Several weeks later, you notice that the network users are still able to log on using their weak passwords. What is the most likely reason why the weak passwords are still in effect?

A. You must force the users to change their passwords before the strong password settings will take effect.

B. The Group Policy settings have not replicated throughout the network yet.

C. Password policies need to be set at the organizational unit (OU) level, not the domain level.

D. The users reverted back to their passwords the next time they were prompted to change them.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=77

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

78

61 You have created an e-commerce Web application that allows your customers to purchase your company�s products via the Internet. Management is concerned that customers will not feel comfortable providing their credit card information over the Internet. What is the most important step to secure this application so that your customers will feel confident that they are transmitting their information securely and to the correct Web site?

A. Use IP restrictions so that only your customers� specific IP addresses can connect to the ecommerce application.

B. Issue each of your customers a smart card that they can use to authenticate to your ecommerce Web site.

C. Place your company�s Web server behind a firewall to prevent unauthorized access to customer information.

D. Install a Secure Sockets Layer (SSL) certificate on your Web server.

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=78

-------------------------------------------------------------------------------------------------------------------------------------

QUESTION:

79

What FSMO roles should exist in a child domain in a Windows Server 2003 forest? (Choose all that apply.)

A. Schema Master

B. Domain Naming Master

C. PDC Emulator

D. RID Master

E. GC

F. Infrastructure Master

Answer:

http://www.twpass.com/twpass.com/exam.aspx?ecode=70-294&qno=79

-------------------------------------------------------------------------------------------------------------------------------------

TwPass Certification Exam Features;

- TwPass offers over

2500

Certification exams for professionals.

- More than

98,800

Satisfied Customers Worldwide.

- Average

99.8%

Success Rate.

- Over

120

Global Certification Vendors Covered.

- Services of Professional & Certified Experts available via support.

- Free 90 days updates to match real exam scenarios.

- Instant Download Access!

No Setup required.

- Price as low as $19, which is 80% more cost effective than others.

- Verified answers researched by industry experts.

- Study Material

updated

on regular basis.

- Questions / Answers are downloadable in

PDF

format.

- Mobile Device Supported (Android, iPhone, iPod, iPad)

-

No authorization

code required to open exam.

-

Portable

anywhere.

-

Guaranteed Success

.

- Fast, helpful support 24x7.

View list of All Exams (AE);

http://www.twpass.com/twpass.com/vendors.aspx

Download Any Certication Exam DEMO.

http://www.twpass.com/twpass.com/vendors.aspx

To purchase Full version of exam click below; http://www.TwPass.com/

Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement