Exam Name: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
Last Update: "August, 2009"
70-291 Downloadable, Printable Exams (in PDF format):
We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our 70-291 Preparation Exam Material provides you everything you will need to take a certification examination. Details are researched and produced by Certification Experts who are constantly using industry experience to produce precise, logical and verified explanations for the answers. You may get questions from different web sites or books, but logic is the key.
Microsoft 70-291 Exam - Cheat-Test.com
1. You are the network administrator for BlueYonder Airlines.The company uses a single Active Directory domain named blueyonderairlines.com. The company network consists of three subnets. The subnetsare connected by two hardware routers. Each subnet contains one Windows Server 2003 computer with the Routing and Remote Access service enabled andconfigured.The relevant portion of the network is configured as shown in the Network exhibit. (Click the Exhibitbutton.)
Users on the 192.168.30.0/24 subnet report that they cannot access resources on Server1.You verify that Server1 and Server2 can connectto each other. You run thetracert command on Server3 and view the output shown intheTracert exhibit. (Click the Exhibit button.)
You need to ensure that users on all three segments of the network can access resources on Server1. What should you do?
A. Modify the route to the 192.168.30.0 network in the routing table on Router1.
B. Modify the route to the 192.168.10.0 network in the routing table on Router2.
C. Modify the route to the 192.168.30.0 network in the routing table on Server1.
D. Modify the route to the 192.168.10.0 network in the routing table on Server2.
E. Modify the route to the 192.168.10.0 network in the routing table onServer3.
Answer: B
2. You are the network administrator for your company. All servers run Windows Server 2003. All servers are configured with static IP addresses. All client computers run Windows XP Professional. All client computers are configured as DHCPclients.The company has amain office and one branchoffice. The offices are separated by a router. A DHCP server is deployed in each office.One of the DHCP serversshuts down unexpectedly. It takes four hours to repair the server. Duringthattime, several mobile users connect their portable computers to the networkand report that they cannot connect to shared resources onthe network. After the server is repaired, you create a new scope on each DHCP server that includes IPaddresses for the other office.You activate the scopes. You test the new DHCP configuration byshutting down the DHCP server inthe main office. You find out that the client computers in the main office are not receiving IPaddresses from the DHCP server in the branch office.You need to ensure that when the DHCPserver in one office fails, the client computers will receive a correct IPaddress configuration from the DHCPserver in the other office.What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Configure the router between the offices to forward BOOTP broadcasts.
B. Configure the DHCP server in each office witha DHCPscope thatincludes the same IP addresses as the DHCPserver in the other office. Activate the scope.
C. Configurethe DHCP server in each office with anadditional network adapter. Connect each new network adapter to the local network.Assign anIP address fromthe other office'snetwork toeach new network adapter.
D. Install and configure a DHCP relay agent in each office.
Answer: A, D
3. You are the network administrator for your company. All servers run Windows Server 2003. All servers are configured with static IP addresses. All client computers run Windows XP Professional. All client computers are configured as DHCPclients.The company has amain office and one branchoffice. The offices are separated by a router. A DHCP server is deployed in each office.The DHCP servers are named DHCP1 and DHCP2. You configure scopes onthe DHCP1 and DHCP2 as shown in the following table.
You shut down DHCP1 for scheduled maintenance. While DHCP1 is shutdown, client computers inboth offices continue to receive correct IP address assignments fromDHCP2. You restart DHCP1. Several users report that when they restart their computers, they receiveerror messages stating that a duplicate IP address exists on the network.You need to ensure that these error messages do not appear when you shut down and restart a DHCP server.Youneed to ensure that changes you make does not affect the current DHCP functionality. What should you do?
A. On each DHCP server, configure a superscope that includes both DHCP scopes.
B. Configure the router between the offices to block all broadcasts.
C. Modify the Main scope on DHCP1 to include addresses 10.1.16.0 through 10.1.27.254. Modify the Branch scope on DHCP2 to include addresses 10.2.16.0 through 10.2.27.254.
D. Modify the Main scope on DHCP2 to include addresses 10.1.16.0 through 10.1.31.254. Modify the Branch scope on DHCP1 to include addresses 10.2.16.0 through 10.2.31.254.
Answer: C
4. You are the network administrator for your company. The network consists of a single Active Directory domain.All servers run Windows Server 2003. All client computers run Windows XP Professional.Two of the servers on the network contain highly confidential documents. The company's written security policy states that all network connections with these servers must be encrypted byusing an IPSec policy. You place the two servers inan organizationalunit (OU) named SecureServers.You configure a Group Policyobject (GPO) that requires encryptionfor all connections. You assignthe GPO to the SecureServers OU. You need to verify that users are connecting to the twoservers by using encrypted connections.What should you do?
A. Run the net viewcommand.
B. Run the gpresult command.
C. Use the IPSecurity Monitor console.
D. Use the IPSec Policy Management console.
Answer: C
5.You are the network administrator for your company.The network consists of a single Active Directorydomain. All servers runWindows Server 2003. One domain controller onthe network is configured as acertification authority (CA). The network contains a Web server that runs IIS 6.0 and hosts a secure intranet site. The server also hosts other sites that do not requireHTTPS. You configure a server certificate on the IIS server by using a certificatefrom your internal CA. All users are required to connect to the intranetsite byusing HTTPS. Some users report that they cannot connect tothe secureintranet site by using HTTPS. You confirm that all users can connect to the nonsecure sites hosted on the Web server byusing HTTP. You want to view the failedHTTPS requests. What should you do?
A. Review the log files created by IIS on the Web server.
B. Review the security log in Event Viewer on the Web server.
C. Review the security log in Event Viewer on the CA.
D. Review the contents of the Failed Requests folder on the CA.
Answer: A
6. You are the network administrator for your company. The network consists of a single Active Directory domain. All servers runWindows Server 2003. The network contains a Web server thatruns IIS 6.0 and hosts a secure intranet site. All users are required to connect to the intranet site by authenticating and using HTTPS. However,becausean automated Web applicationmust connect to the Web site by using HTTP, you cannot configure the intranet site to require HTTPS. You need to collect information about which users are connecting to the Web site by using HTTPS. What should you do?
A. Check the application log on theWeb server.
B. Use Network Monitor to capture network traffic on the Web server.
C. Review the log files created by IIS on the Web server.
D. Configure a performance log to capture allWeb service counters. Review the performance log data.
Answer: C
7. You are the network administrator for your company.The network consists of a single Active Directorydomain. All servers runWindows Server 2003. The network contains a Web server named Server1 that runs IIS 6.0 and hosts a secure Web site. The Web site is accessible from the intranet, as well as from the Internet. All users must authenticate when they connect to Server1.All users on the Internetmust use a secure protocol to connect to the Web site. Users on the intranet do not need touse a secure protocol. You need verify that all users are using a secure protocol to connect toServer1 from the Internet. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Monitor the events in the application log on Server1.
B. Monitor the events in the security log on Server1.
C. Monitor the Web server connections on Server1 byusing a performance log.
D. Monitor network traffic to Server1 byusing Network Monitor.E. Monitor the IIS logs onServer1.
Answer: D, E
8. You are the administrator of an Active Directory domain. All servers runWindows Server 2003. All clientcomputers runWindows XPProfessional.A server named Filesrv1 contains confidential data that is only available to users in the human resources (HR) department. You want all computers in the HR department to connect to Filesrv1 by using an IPSec policy.You assign theServer (Request Security)
IPSec policy to Filesrv1. Using Network Monitor, you notice that some computers in the HR department connect to Filesrv1 without using the IPSec policy.You need to configure Filesrv1 to ensure that all computers connect to it by using the IPSec policy.What should you do?
A. Assign the Secure Server (Require Security) IPSec policy.
B. Assign the Client (Respond Only) IPSec policy.
C. Unassign the Server (Request Security) IPSec policy.
D. Restart the IPSec Services service.
Answer: A
9. You are the network administrator for your company. All servers run Windows Server 2003.You configure the Routing and Remote Access service on a server named Server2. Server2 is connected to a modem pool and supports eight simultaneous inbound connections.You instruct remote users to dial in to Server2from their home computers.The company's written business policy states that the only client computer operating systems that should besupported for dialup access are Windows 95, Windows 98, Windows 2000 Professional, and Windows XPProfessional.You need to configure the remote access
policy to support the most secure authentication methods possible.Youwant to enable onlythe necessary authentication methods based on the supported client computers that will be connecting. Which authentication method or methods should you enable? (Choose all that apply.)
A. PAP
B. SPAP
C. CHAP
D. MSCHAPVersion1
E. MSCHAPVersion 2
Answer: D, E
10. You are the administrator of a Windows Server 2003computer named Server1.The networkcontains another Windows Server 2003 computer named Server2 thathas the DNS and WINS services installed.
Two hundred Windows 2000 Professional computers regularly connect to Server1 to access file and print resources. Administrators report that network traffic has increased and that response times for requests
for network resources on Server1 have increased. You need to identify whether Server1 is receiving requests for resources through NetBIOS broadcasts. What should you do?
A. Use Network Monitor to capture traffic between Server1 and all client computers.
B. Use Network Monitor to capture traffic between Server1 and Server2.
C. Monitor EventViewer for Net Logon error or warning events.
D. Run the tracert command on Server1.
Answer: A
11. You are the administrator of aWindows Server 2003 computer named Server1. Server1 is an FTP server located inthecompany's internal network.Administrators report an increased amount of FTP traffic to Server1.You need to configure Server1 to achieve the following goals:Identify the media access control (MAC) address of any computer that is performing FTP transfers from Server1. Find out the exact FTP commands that were executed. Ensure that you donot disruptthe operation of Server1.What should you do?
A. Configure a performance alert to write an event tothe application event log whenever the number ofestablished FTP connections exceeds 1.
B. Use a Network Monitor filter tocaptureIP traffic from any computer to Server1.
C. Run the finger command on Server1 to identify the source of the FTP requests.
D. Run the arp command on Server1 to identify the source of the FTP requests.
Answer: B
12. You are the administrator of anActive Directory domain. The network contains a Windows Server 2003domain controller named Server1.Users report that they experience intermittent delayswhen they log on to Server1. Administrators report that replication attempts between Server1 and other domain
controllers are occasionallydelayed.You need to verify the cause of the intermittent connection delays to Server1.You also need to find out whetherthe problem is related to a hardware deficiency on Server1.You need to track these delays over a period of one day.What should you do first?
A. Run the netdiag /verbose command to perform a network diagnostic test on Server1.
B. Run the replmon command to view the Active Directory replication status on Server1.
C. Use Network Monitor to view the network traffic packet contents between Server1 and all other computers.
D. Create a System Monitor counter to track the queue lengths on the network adapter on Server1.
Answer: D
