p4s microsoft 70-290 corrections

for this question,correct answer is “Devices: Unsigned driver installtion behavior”. Also see below p42.2 corrections!
P4S 2.20 corrections:
_____________________________
question 4: Devices: Unsigned driver installtion behavior. ****Local Policies Snap-in*****
question 60: Change and Modify                             ****Roger with PublicData*****
question 67: Wednesday and Copy                            ****Previous Versions on*****
question 74: B                           ******Observer actions from console*******
question 75: Correct answer is missing: It should be Manage Documents permission on the printer           *****Marie print jobs*******
question 116: Local Policies             *****Group policy Editor on*******
question 119: A     *****Disk0 and 1 then 3rd added*****
question 152: Allow Write    *****ManagerData properties on*****
question 167: B, E     *****1500 users with XP and NT using RDP*****
question 173: B, C     *****Disk bottleneck monitor*****
question 191: Change, Allow Modify   *****UserData properties on*****
question 192: Allow List Folder Contents, Read     ****Roger and ManagerData****
question 203: E     *****RDP discon. & Server6****
question 209: D     *****Replace SCSI= reactivate****
question 229: Apply onto: This Folder Only, Deny Create Files / Write Data   ***Perm for APPS*
question 234: Share permissions: Read. NTFS permission: List Folder Contents, Read and Execute, Read.       *****Managers group ACL Sharing and Security****
QUESTION 1 :
You work as the network administrator at Certkiller .com. The Certkiller .com
network is a single Active Directory named Certkiller .com. All servers on the
Certkiller .com network run Windows Server 2003 and the client computers run
Windows XP Professional.
Certkiller .com recently entered into a joint venture with TestLab.com. Due to joint
venture, you need to establish a business-to business (B2B) connection between the
two companies. The major requirements that should be met are that:
1. All data transmitted between the two companies must be encrypted.
2. Access to data must be audited to provide nonrepudiation.
3. Two application servers must be used to communicate between the two
companies.
4. These application servers must make use of A Virtual Private Network (VPN)
connection.
5. IP Security (IPSec) must be used to encrypt the data.
The two application servers are currently configured to require security with the
following settings:
1. They should use IPSec with DES encryption.
2. They should use certificates for authentication purposes.
3. They should use Diffie-Hellman group 2048 for key exchange.
You received instruction to increase security. What should you do? (Choose all that
apply.)
A. Make use of Diffie-Hellman group 1 for key exchange.
B. Make use of Kerberos authentication.
C. Make use of 3DES for encryption purposes.
D. Do NOT send Certificate Authority name in the payload.
E. Make use of a pre-shared key for authentication purposes.

Actualtest.org – The Power of Knowing
Answer: C, D
Explanation: Triple DES (3DES) makes use of 128-bit key encryption and hashes that
data three times. This makes it more secure that DES encryption. DES only hashes data
once.
Furthermore you can prevent the Certificate Authority (CA) name from being sent as part
of the payload. This should keep the data about the company private from interlopers
because when a CA name is sent, it is sent prior to negotiating security, it is sent in clear
text.
Incorrect answers:
A: The Diffie-Hellman group 1 is less secure than Diffie-Hellman group 2048.
B: Kerberos authentication will not be appropriate because the outside company is not
part of the domain. Furthermore, Kerberos authentication across the Internet will result in
the computer name and domain name being sent over the Internet during the negotiation.
E: Pre-shared keys are not secure since they are stored in clear text on the computer.
QUESTION 2:
You work as the network administrator at CertKiller.com. The CertKiller.com
network is a single Active Directory domain named Certkiller .com. The network
consists of an internal LAN and a perimeter network. The perimeter network is
running Windows Server 2003 and holds a public Web server and an external
firewall.
The CertKiller.com internal network consists of Domain Name System (DNS)
servers, e-mail servers as well as file servers. All these servers run Windows Server
2003 except for a Web server that runs UNIX.
Certkiller .com acquires another company named TestLabs, Inc. You are currently
adding the testlabs.com domain to the CertKiller.com network. The testlabs.com
domain is to be a separate tree in the forest. The domain controllers for the
testlabs.com domain will all be configured with Windows Server 2003.
CertKiller.com’s written security policy states that IP Security (IPSec) policy and
Kerberos authentication must be used. You need to provide for security in the entire
forest. To this end you received instruction to configure IPSec on the filters on the
permit communication in the forest. You want to accomplish this task using the
least amount of administrative effort
What should you do?
A. Create input and output filters on the Certkiller .com domain.
B. Create a single mirrored filter for traffic in the forest.
C. Create a mirrored filter for each domain for communication in the forest.
D. Create a filter on each domain for communication in the forest.
Answer: B

Donwload Free PassGuide Braindumps-The Most Realistic Practice Questions and Answers,Help You Pass any Exams

Actualtest.org – The Power of Knowing
Explanation: A single mirrored filter can filter traffic going from the original
domain to the new domain and vice versa. Even though you are creating a single
mirrored filter, it must be defined in an IPSec policy in a Group Policy object
(GPO) at the domain level in each of the domains. This way the same mirrored filter
is applied in each domain.
Incorrect answers:
A: This solution will work is implemented on both domains, but this solution will require
more than the minimum amount of administrative effort required.
C: You do not need to configure two mirrored filters, one per domain. A single mirrored
filter will be able to filter traffic going both ways in the forest.
D: You do not have to create a filter on each domain. The scenario describes only one
action for the filter to perform – permit. One mirrored filter will be able to filter traffic
going both ways in the forest.
Reference:
Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining
a Microsoft Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond,
Washington, 2004, Chapter 12.
QUESTION 3:
You work as the network administrator at Certkiller .com. The Certkiller .com
network is a single Active Directory network that consists of three subnets as
illustrated in the exhibit. All servers on the Certkiller .com network run Windows
Server 2003 and all client computers run Windows XP Professional.
Two servers named Certkiller -DC01 and Certkiller -DC02 are configured as
domain controllers and run the Domain Name System (DNS) service. The forward
lookup zone is configured as an Active Directory-integrated zone. The

Actualtest.org – The Power of Knowing
Certkiller .com written security policy states that all client computers should not be
allowed to log on to the domain unless authenticated by a domain controller.
IP configuration for the Certkiller .com client computers is supplied by a Network
Address Translation (NAT) server named Certkiller -SR06 that is located in
SubnetC. The alternate IP configuration is set to default. Both Certkiller -SR07
and Certkiller -SR08 run Microsoft Windows Server 2003 and Remote Access
Service and function as Dynamic Host Configuration Protocol (DHCP) Relay
Agents.
Some of the Certkiller .com users in SubnetA lodged a complaint that they are unable
to log on to the network while the rest of the users in SubnetA complained about
being unable to connect to the Internet. The users in SubnetB and SubnetC are
unaffected. You received instruction to determine the cause of the problem. You
logon to a client computer in SubnetA and conduct some tests locally. You then
discover that you are able to log on to the network, but cannot access the Internet.
What should you do?
A. Use the ipconfig command to determine the address setting on a computer that is
unable to log on to the network.
B. Use the ping command to contact Certkiller -SR05.
C. Use the pathping command to contact Certkiller -SR04.
D. Use the tracert command to try and reach an address on the Internet.
Answer: D
Explanation: The Tracert command is used when you need to check where there is a
break in the route to the destination. By using tracert to reach a host on the Internet, you
will include all the computers in the potential failure path. The NAT server provides both
DHCP and Internet access services to the network. Since there is a domain controller in
the same subnet, SubnetA, as the clients, there is the indication that the client computers
are all getting the wrong IP configuration. All windows XP Professional clients that
cannot contact the DHCP server would use the default APIP
A. An APIPA address would
not provide the computer with a DNS server’s address, so the domain controller would
not be accessible and the user would be unable to log on.
Incorrect answers:
A: IPconfig is used to view address settings for computers and displays the current
configuration. This is not going to yield the proper information to determine the cause of
the problem. It will not determine which device is causing the DHCP request to fail.
B: The Ping command is used to verify if a host computer can connect to the network
resources or not. This is not the tool for this problem as it will not tell you whether the
problem was related to the Router or the NAT server.
C: The pathping command reports packet loss rates at each of the routers on the path. this
tool will allow you to determine which router is causing the problem, but it will not
identify the NAT server as the problem.

Free download:pass4sure Microsoft 70-290
Free download:testking Microsoft 70-290

password:www.certbible.org

High quality IT Certification Training Exam Questions, Study Guides and Practice Tests are in Downloadable PassGuide Testing Engine,Successful for IT Certification or Full Refund for you.Contact Us:Sales@PassGuide.com

Type	Exam Bible	New Questions & Answers	Latest Updated	Download link
PDF	All Certbible 's Exam Dumps	597	1 days ago	Available

PassGuide Training Materials & Practice Tests

• Download Pass4sure Microsoft Microsoft Windows Vista, Configuring
• Pass4sure Microsoft Exam mb2-631 v2.73
• pass4sure Microsoft Business Solutions Exam MB2-632 v2.83
• Pass4sure Microsoft TS 70-649 Exam v2.85
• Microsoft Pass4Sure 70-526 v2 73 2008-04-30 by Moataz G Salama 82q.vce
• Microsoft Pass4Sure 70-291 v2008 by Mahmoud Manchester 104q.vce
• Microsoft Pass4Sure 70-640 by Hazem hafez 84q.vce
• (offer) Pass4sure Microsoft 70-270 Ver 2.93
• Microsoft Preparation Certification for Microsoft Candidates
• Pass4sure Microsoft Windows Vista, Configuring Exam 70-622 v2.73 vce