Ms Exchange 2003 70-284 & 70-285

Certkillers for the Exchange 2003 Admin and Design tests. These include actual exam questions.

Download link: http://rapidshare.com/files/113271949/070-284a.pdf

Download link: http://rapidshare.com/files/113271951/070-285.pdf

QUESTION 1
You work as the network administrator for citycentral.com. You have recently
received instruction to start designing a solution for the desktop computers. The
solution you are designing should ensure that the user’s desktop is protected when
they leave their computers unattended. Your solution should require the least
amount of administrative effort.
What should you do?
A. A security template should be used that configures all computers to automatically log
off users when their logon time expires. The new template should be imported into the
local security policy on all domain controllers
B. An administrative template should be created and enable and password protect a
screen saver. You should then import thee new template into the Default Domain Policy
GPO
C. All computers should be configured to automatically log off users when their logon
time expires in the Default Domain Controller Policy GPO
D. You should enable a screen saver and password protect it in the Default Domain
Policy GPO
Answer: D
Explanation:
In the scenario you should consider enabling a screen saver and protect it with a
password. By maguide this configuration you ensure that all the computers on the
domain require a password to log on if the computer is left unattended for a period
of time defined.
1. City Central Utilities does not apply security patches consistently to the network
computers. Because of this some network computers were recently infected by a virus
which could have been avoided if the security patches were up-to-date. Most of the City
Central Utilities network users do not lock their computers when leaving it unattended
over extended periods of time. This action has recently caused contents of a sensitive

Actualtests.org – The Power of Knowing
document to me made public because it was left open on the user portable computer. An
unauthorized user has viewed the documents while delivering files to the office
Incorrect Answers:
A, C: These options should not be used in the scenario because the option is used to have
users disconnected from the local computer when logging on outside their valid logon
hours.
B: This option should not be used in the scenario because you are required to use the
least administrative effort. This option involves to much administrative effort.
Topic 2, TestLabs, Inc., Scenario
Background
TestLabs, Inc. is national company that specialized in the development and retail of
pharmaceutical medicines. The company is closely aligned to the Medical Science
department at the University of Chicago.
Physical Locations
TestLabs, Inc. has its headquarters in Chicago and a branch office in Detroit. The two
offices are connected by a 128 Kbps ISDN line.
TestLab, Inc. users and departments are distributed among the two offices as shown in
the following table:
Business Processes
Members of the IT department use client computers to remotely administer all servers
and domain controllers on the TestLabs, Inc. network.
Users update an internal tracguide Web application that tracks the testing and development
of new pharmaceutical drugs. The tracguide Web application is available on an internal
Web site that is hosted on a Web server named TL-SR07. TL-SR07 is running Internet
Information Services (IIS) 6.0.
Directory Services
The TestLabs, Inc. network consists of a single Active Directory domain named
testlabs.com. All servers on the TestLabs, Inc. network run Windows Server 2003,
Enterprise Edition. The IT department in Chicago is responsible for the administration of
Active Directory.
Each office is organized into a separate organizational unit (OU) with the user and
computer accounts located in child OUs as shown in the Organizational Unit Hierarchy
exhibit.

Actualtests.org – The Power of Knowing
The ChicagoAdmins, HRAdmins, ResearchAdmins, and ManufacturingAdmins global
user groups are located in their respective OUs and have full control of that OU.
Network Infrastructure
The HR department uses a legacy application that can run only on Windows NT
Workstation 4.0. The client computers for all other departments run Windows XP
Professional.
The testlabs.com domain has a public key infrastructure (PKI) that comprises of an
internal root certification authority (CA) and an internal subordinate enterprise C
A. The
internal subordinate enterprise CA issues certificates to users and computers.
The Chicago office has three domain controllers named TL-DC01, TL-DC02, and
TL-DC03. The Detroit office has one domain controller named TL-DC04.
The Chicago office has a Microsoft Internet Security and Acceleration (ISA) Server 2000
computer named TL-SR05, and wireless access points (APs). TL-SR05 and the wireless
APs support wireless desktop and portable client computers in the Research department.
IEEE 802.1x, RADIUS, and Wired Equivalent Privacy (WEP) is implemented in the
wireless network infrastructure.
Problem Statements
Chief Information Officer:
“Security is my main concern. We must improve security on client computers, servers,
and domain controllers. We should implement a secure password policy. Legislation
requires that the servers in the Research department display a logon message that tells
users that access to the server is restricted to authorized users.”
System Administrator:
“Our current patch management solution is problematic. It requires too much time,
consumes too much bandwidth and leads to too much down time. Each department needs
different security patches. We need a test network to test security patches and updates
before they are deployed to the rest of the network. After testing a patch, it must be
deployed automatically to servers in the appropriate department. We need to limit the
network bandwidth used to obtain and deploy security patches.”
Chief Security Officer:

Donwload Free PassGuide Braindumps-The Most Realistic Practice Questions and Answers,Help You Pass any Exams

Actualtests.org – The Power of Knowing
“My main concern is permission escalation and unauthorized access to the wireless
network. We need to know when an administrator changes the user permissions on server
or on a domain controller and when the local security account manager objects on any
server are changed.”
“We must also improve the secure of the wireless network in the Chicago office. We
must ensure that only Research department users can connect to the wireless network.
We need to implement the most secure method for authenticating users that access the
wireless networks and we need to protect the data that is transmitted between the wireless
client computers and the wireless access points. We must also ensure that our wireless
client computers receive the required wireless network access security settings
automatically.”
Backup Operator:
“We run backups of all users’ My Document folders but some users in the Detroit office
have changed the location of their My Documents folders to network folders on one to
the servers in their office. We should prevent them from doing this so that we can
effectively backup user data.”
Research Department Manager:
“Members of the ResearchAdmins group is a problem. I suspect we have unauthorized
users in this group. We need to restrict membership to this group to authorized users.”
“We store documents in a network share named Projects on a file server named TL-SR06.
Users in my department need to encrypt data in the Projects folder from our client
computers but we can’t. Every time we try to we receive an error message stating that we
cannot encrypt data located in the Projects folder. We need to be able to encrypt this
data.”
Written Security Policy
The following requirements are included in the written security policy for TestLabs, Inc.
1. Passwords must be at least eight characters long and must contain uppercase and
lowercase letters and numbers.
2. Passwords may not contain all or part of the user’s account name.
3. Passwords must have a minimum password age must be 15 days and a maximum
password age of 45 days.
4. Access to data on servers in the Manufacturing department must be logged.
5. All servers on the TestLabs, Inc. network, including domain controllers, must be
configured and managed from the Chicago office.
6. A standard set of security settings must be deployed to all servers in the HR, Research,
and Development departments.
7. The services on domain controllers and the administrators that have permission to stop
and start services must be managed from the Chicago office.
8. All servers must be examined regularly for missing security patches and service packs.
9. All servers must be examined regularly to ensure that they are not running any
unnecessary services.
10. The TL-SR07 must be examined regularly for missing IIS Security patches.
11. The Web site users and the files they download must be logged to a Microsoft SQL
Server database server named TL-DB05.
12. Medical Science department users from the University of Chicago who use Windows
95 or Windows 98 client computers must have the Active Directory Client Extensions

Actualtests.org – The Power of Knowing
software installed to be able to authenticate to domain controllers on the TestLabs, Inc.
network.
Topic 2, TestLabs, Inc. (11 Questions)
QUESTION 2
You are designing a certificate distribution method to meet the requirements of the
Chief Security Officer.
What should you do? (Each correct answer presents part of the solution. Choose
THREE.)
A. Instruct the users in the Research department to submit a request for user certificates
from the CA Web site enrollment page.
B. Create a Group Policy object (GPO) and configure it to allow autoenrollment of user
and computer certificates.
C. Link the Group Policy object (GPO) to the Research OU.
D. Instruct the users in the Research department to run the gpupdate command.
E. Link the Group Policy object (GPO) to the testlabs.com domain.
F. Configure certificate templates.
Answer: B, C, F
Explanation:
The Auto-enrollment features are set by CA administrators in the certificate templates
and will automatically issue certificates.
Group Policy Object (GPO) is a set or sets of rules for managing client configuration
settings that pertain to desktop lockdowns and the launching of applications. GPOs are
data structures that are attached in a specific hierarchy to selected Active Directory
Objects. It can be applied to sites, domains, or organizational units. This reduces the
administrative effort required to apply the same policies on an individual basis. In this
scenario we need to apply the GPO to the Research department OU as only members in
the Research department must be able to access the wireless network.
Incorrect answers:
A: Instructing users to submit requests for a user certificate from the CA web site
enrollment page would require unnecessary user intervention. The chief security officer
wants wireless client computers to receive the required wireless network access security
settings automatically, i.e., without user intervention.
D: The gpupdate command forces a GPO update.
E: The GPO must be applied at the Research OU level as only members in the Research
department must be able to access the wireless network. Applying the GPO at the domain
level will allow all users to access the wireless network.
Reference:
Elias N. Khnaser, Susan Snedak, Chris Peiris and Rob Amini, MCSE Designing Security
for a Windows Server 2003 Network Exam 70-298 Study Guide, Chapters 3, 4 & 9, pp.
181, 197, 566-569
James Chellis, Paul Robichaux & Matthew Sheltz, MCSA/MCSE: Windows Server 2003

Actualtests.org – The Power of Knowing
Network Infrastructure Implementation, Management, and Maintenance Study Guide, p.
21
QUESTION 3
DRAG DROP
You are planning the configuration of the servers in the Research department to
meet the requirements of the Chief Information Officer. You decide to use a Group
Policy object to implement the configuration.
What should you do? (To answer, drag the appropriate steps from the pane on the
left and arrange them in the correct order in the pane on the right.)
Answer:
Explanation:
GPOs can be applied to sites, domains, or organizational units. We need the GPO to
apply to the servers in the Research department; therefore we must apply the GPO to the
Server OU in the Research department. Network users perform an interactive logon when
they present their network credentials to the operating system of the computer that they
are attempting to log on to. Thus an interactive logon is a logon when the user logs on
from the computer where the user account is stored on the computer’s local database.
This is also called a local logon. This will be the way to go about designing a method to
configure the servers in the development department since this department is in Denver.
1. W need a logon message that tells users that access to servers in the development
department is restricted to authorized users only.
2. We must improve security on client computers, servers, and domain controllers by
implementing a secure password policy.
Incorrect answers:

Actualtests.org – The Power of Knowing
This is not the way to log on interactively. You will have to them the Log On Locally
user right. Otherwise users will receive an error message that they cannot log on
interactively.
A screensaver requiring a password is not complying with security policy since the
servers would still be available from other workstations through the network.
We need the GPO to apply to the servers in the Research department; therefore we must
apply the GPO to the Server OU in the Research department.
Free download:passguide Microsoft 70-284 Free download:passguide Microsoft 70-284

password:www.certbible.org

PassGuide Cisco Exams Questions & Training Materials

1. Free MCSE Installing, Configuring, & Administering Microsoft Exchange 2003r : 70-284
2. Free Managing and Maintaining a Windows Server 2003 Environment 70-292
3. Free MCSE Self-Paced Training Kit (Exam 70-294): Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure, Second Edition
4. Free 70-284 MCSE 2K3 Messaging Installing, Configuring, and Administering MS Exchange
5. Free CBT NUGGETS MICROSOFT 70-284 Exchange 2003 Administration
6. Free MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide (70-294)
7. Free 70-284, 70-290, 70-291, 70-293 And 70-294, Windows Server 2003
8. Free Microsoft.Cert-70-315.Practice.Exam.v7.0
9. Free Mcse mcsa 70-290/70-291 VCE & Sims
10. Free VTC Designing Active Directory For Windows Server 2003 (70-297)
11. Free 70-294 Exams
12. Free passguide Exchange Server 2007 70-236 v2.73