pass4sure Microsoft Mcse 2003 70-284 v2.93

MCSE Installing, Configuring, and Administering Microsoft Exchange 2003 Server : 70-284 Exam

Exam Number/Code: 70-284
Exam Name: MCSE Installing, Configuring, and Administering Microsoft Exchange 2003 Server
VUE Code: 70-284
Questions Type: Multiple choice,
Real Exam Question Numbers: 30
Exam Language(s): English

“MCSE Installing, Configuring, and Administering Microsoft Exchange 2003 Server”, also known as 70-284 exam, is a Microsoft certification.
Preparing for the 70-284 exam? Searching 70-284 Test Questions, 70-284 Practice Exam, 70-284 Dumps?

With the complete collection of questions and answers, Pass4sure has assembled to take you through 150 questions to your 70-284 Exam preparation. In the 70-284 exam resources, you will cover every field and category in MCSE helping to ready you for your successful Microsoft Certification.

QUESTION 1
You need to design an access control strategy to prevent unauthorized users from
modifying the registry on the DNS servers.
What should you do?
A. Change the RestrictAnonymous registry subkey from 0 to 1 or 2.
B. Ensure that DNS1 and DNS2 have to correct permissions set on the WINREG subkey
for all groups.
C. Create a Domain Local group and add unauthorized users in this group on DNS1 and
DNS2.
D. Remove the Domain Users group from the Remote Desktop users group on DNS1 and
DNS2.
Answer: B
Explanation: The WINREG subkey controls the users and groups that can connect
remotely to the computer and modify its registry settings. If the key has been deleted then
all users can connect remotely and modify the registry settings. By default the
Administrators group has Allow-Full Control permission for this subkey. The Backup
Operators group has Allow-Read permission. This is what is required for the proper
administration of the server.
1. We need to ensure that both DNS1 and DNS2 are protected against this accidental
modification.
2. I want to see only administrators able to remotely connect to DNS1 and DNS2 to
modify the registry settings.
3. I also want to have the ability to detect all attempts to log on interactively to either of
these servers.”
Incorrect answers:
A: The RestrictAnonymous registry subkey is used to restrict anonymous users from
displaying lists of users and their security permissions on the computer. This setting
whether set to 1 or 2; will not affect the ability to connect remotely to a computer to
modify its registry.
C: In AGDLP, the recommended way to assign permissions to a resource, user accounts
are added to global groups, and then global groups are added to Domain Local groups.

Actualtests.org – The Power of Knowing
Permissions or user rights assignments are finally assigned to the Domain Local group.
Regardless: in this scenario you want to prevent unauthorized users from modifying the
registry. Thus this option is incorrect.
D: The Remote Desktop Users group is able to create Remote Desktop connections to the
local computer. Usually this group is not populated and members of the local
Administrators group can access the computer via Remote Desktop connection. It is
mentioned in the case study:
1. DNS1 and DNS2 are both configured with the default remote Desktop connection
settings.
Thus the Domain Users group is not a default member of the Remote Desktop Users
group. This option is thus not correct.
Reference:
Elias N. Khnaser, Susan Snedak, Chris Peiris & Rob Amini, MCSE Designing Security
for a Windows Server 2003 Network Exam 70-298 Study Guide, Chapter 8, p. 454
QUESTION 2
You need to test the remote access security solutions. To this end in the test
environment in the Chicago office, you install an IAS server on TestRAS1. After
RADIUS clients have been configured appropriately, users in the test environment
who attempt to connect via TestVPN1 are not authenticated. You need to address
this issue for deployment to the production network. You thus need to ensure that
all Testdomain user accounts are authenticated using the IAS on TestRAS1
What should you do?
A. Upgrade TestRAS1 to domain controller.
B. Upgrade both TestRAS1 and TestVPN1 to domain controllers.
C. Add TestRAS1 to the RAS and IAS Servers group in Active Directory.
D. Add TestRAS1 and TestVPN1 to the RAS and IAS Servers group in Active Directory.
Answer: C
Explanation: Given that the RADIUS clients have been configured appropriately, you
need to ensure that the RADIUS server is properly configured. For TestRAS1 to be able
to perform authentication, it must have permission to read the attributes from the user
object in Active Directory. By default this permission is not granted when RAS/IAS is
installed on a member server. This permission is assigned when you add the server, in
this case, TestRAS1 to the built-in RAS and IAS Servers security group.
Incorrect answers:
A: In the production environment, RAS1 is not a domain controller. This will make the
test invalid.
B: The test results would be invalid. Besides if TestRas1 were to be upgraded to domain
controller status then you will add additional security concerns to the design.
D: This will be obsolete since you only require the IAS server to access user attributes in
Active Directory. There is no need to add TestVPN also to the RAS and IAS Servers
group in Active Directory.
Reference:

Actualtests.org – The Power of Knowing
Elias N. Khnaser, Susan Snedak, Chris Peiris and Rob Amini, MCSE Designing Security
for a Windows Server 2003 Network Exam 70-298 Study Guide, Chapter 6, pp. 369-370
James Chellis, Paul Robichaux & Matthew Sheltz, MCSA/MCSE: Windows Server 2003
Network Infrastructure Implementation, Management, and Maintenance Study Guide, p.
335
Topic 4, Stanford Finance, Scenario
Background
Stanford Finance is an international company that specializes in the provision of
investment and financial services for its clients. Stanford Finance operates across two
continents, namely Europe and North America.
Physical Locations
The Stanford Finance head quarters are located in New York and branch offices in
Chicago, USA; London, England; and Milan, Italy.
Directory Services
Currently the Stanford Finance Active Directory infrastructure is as follows:
The network consists of a single Active Directory forest. The forest contains three
domains named stanford.com, west.stanford.com, and east.stanford.com respectively.
The functional level of the forest is set at Windows Server 2003. The Active Directory
Infrastructure exhibit illustrates the current Active Directory infrastructure.
Web Services
The Stanford Finance web presence is provided by two Web sites that are hosted by
using Internet Information Services (IIS) 6.0.
1. The one site is a secure Web site that is accessed by the employees to store and update
customer records. This site is also accessed by customers to make use of the on-line
services that are offered to them. All users who want to gain access to the resources on

Actualtests.org – The Power of Knowing
this secure Web site must connect to the domain and be authenticated.
2. The other Web site is a public site that provides general information regarding the
company. This site is accessible to any Internet user. They are not required to log in.
Organizational Unit (OU) Hierarchy
There are four top-level Organizational Units (OUs) – these are used to organize the
Stanford Finance departments such as: Investments, Current Accounts, Credit Accounts,
Portfolio Management.
There are two further top-level OUs namely Computers and Customers.
1. The Computers OU contains all the Stanford Finance desktop computer accounts.
2. The Customers OU contains all the user accounts that have been created for the
Stanford Finance customers as well as the computer accounts for the users’ laptop
computers.
The OU structure of the Stanford Finance network is shown in the OU Structure exhibit.
Network Infrastructure
Connectivity:
The local area network (LAN) at each of the offices is running at 512 Kbps. Each of the
offices is connected to the head quarters via a T3 connection. The New York office is
connected to the Internet and the other offices connects to the Internet through the New
York office.
Servers and workstations:
All Stanford Finance servers run Microsoft Windows Server 2003.
All Stanford Finance client computers run Microsoft Windows 98, Microsoft Windows
NT Workstation 4.0, Microsoft Windows 2000 Professional, and Microsoft Windows XP
Professional; with the Chicago- and New York offices running Windows XP
Professional. All servers and client computers are members of the domain.
Each office contains:
1. a minimum of two domain controllers
2. a file server that is used to store all confidential customer data
3. an on-site IT department that performs desktop maintenance and troubleshooting tasks
The New York office contains:
A Central IT department that performs all server-level operations remotely
Backup strategy:
At present the Stanford Finance backup strategy is as follows:
1. A full data backup on all servers on a weekly basis.
2. Differential backups on most servers twice a week.
3. Daily backups on some file servers that store frequently changed data files.

Donwload Free PassGuide Braindumps-The Most Realistic Practice Questions and Answers,Help You Pass any Exams

Actualtests.org – The Power of Knowing
Planned Changes
Stanford Finance is entering into a joint venture with Willow Bridge, Ltd., which
operates as a worldwide asset management company. The Willow Bridge, Ltd., network
consists of a single Windows 2000 Active Directory domain. There are currently no plans
that involve the upgrading of the Willow Bridge, Ltd., servers to Windows Server 2003.
The Internet will be used as the medium of communication and collaboration between
Stanford Finance and Willow Bridge, Ltd., A Shared folder named Customer Data will be
located on a Stanford Finance Web server that is located on the internal network.
Customer Data will be used by both companies.
Access to all resources’ integrity and security should be ensured. Thus only authorized
users should have access. In the budget provision will be made for the purchase of
equipment that will support the user of smart cards for authorized users. There are no
additional funds for IT infrastructure upgrades except for the fact that all Stanford
Finance client computers in Milan will be upgraded to Windows XP Professional in the
next fiscal year. The IT department must maximize the existing hardware and software to
meet the security requirements.
Problem Statements
The following business problems must be considered:
1. It is difficult to maintain all client computers with the latest security patches.
Security patches must be installed by using the minimum amount of WAN bandwidth.
2. The information technology (IT) department in each office must test security patches
before deploying them to client computers.
3. All users who remotely connect to the network should do so using a smart card. A
personal identification number (PIN) should be required to prevent unauthorized use of a
lost or stolen card.
4. In the case of Stanford Finance users logging on to the network using different
computers, their user credential must never be stored on the local computer and should
never be exposed to other users.
5. Unauthorized users have modified the registry on some servers. Unauthorized users
must not be able to modify the registry on company servers.
6. Access to resources is assigned per user, which causes administrative overhead. This
administrative overhead must be reduced.
7. Stanford Finance offers online services that must be available to customers and the
partner company, Willow Bridge, Ltd., on a twenty four hour basis. Access to Customer
Data in the New York office must be available to the Willow Bridge, Ltd., users as well.
8. Stanford Finance is in a joint venture with Willow Bridge Ltd to provide investment and
asset management services for customers. Willow Bridge, Ltd., users have access to the
extranet in the New York office. These users need to be able to access Customer Data
that is located on a file server in the New York internal network.
9. Users from Willow Bridge, Ltd., require access to information stored on a Microsoft
SQL Server 2000 computer that is located on the New York internal network. Users on
the internal network must also be able to access the information on the SQL Server by
using Microsoft Access 2000.
Chief Information Officer (CIO) problem statement
“Before the joint venture our focus has been to prevent external threats. With the joint
venture we find ourselves in, we need to prevent internal threats as well. It was brought

Actualtests.org – The Power of Knowing
to our attention that recently confidential customer information was released to the
public. In addition I have a further suspicion that unauthorized users are attempting to
delete or modify files. From time to time we need to review who has access to company
resources. We need to make use of our infrastructure’s security features to meet our
security needs so as to avoid unnecessary expenses.”
“Most customer data should be retained on Customer Data for a minimum period of three
months, after which it will be stored on tape for a further three years. The three month
period is to accommodate all customers to make use of our on-line service to track their
investments.
All customer records that are retained on-line compel us to retain any audit logs that
detail user access to this data for as long as the data is kept on line. This means that all
Web access information should be retained for a minimum of three months. Server event
logs that document other network resource access must thus also be retained.”
“This also means that we should reduce storage costs. To this end we should plan the data
retention strategy so that only the minimum number of backup tapes is kept.”
IT administrator problem statement:
“We currently have a situation where all users, including our customers who have
authorized access, download their security updates from the official Microsoft Windows
Update Web site. This results in an inconsistent deployment of security patches. Only
some customers install the required security patches, while most of the Stanford Finance
users install security patches when instructed to do so by their respective office IT
departments. There should be a real concern regarding a fact that a remote user will fail
to keep up to date with critical security patches and in this way introduce a virus that
could exploit this vulnerability into the Stanford Finance network.”
“Before security patches are deployed, all domain computers must first be examined for
security configuration errors and missing security patches. This type of analysis should
be performed as a routine until we are confident in the new patch management system.”
Written Security Policy
Following is a list of the requirements that must be met by the Stanford Finance written
security policy:
1. All customer information must be kept confidential.
2. All access to customer information must be tracked.
3. The public Web site is to be used for marketing information and service offering
literature. Stanford Finance must track unauthorized modification of the marketing
information only.
4. Management must be able to access company financial information that is stored in
Microsoft SQL Server 2000 databases and in shared folders.
5. All e-mail messages sent between Stanford Finance and Willow Bridge, Ltd., must be
encrypted.
6. Authorized users must make use of smart cards and PINs to access company resources.
7. All users must be responsible for their own smart card and PIN.
8. All content updates to the Web server must be protected from interception.
9. An encrypted channel must be used when remote server administration is being
conducted.
10. No perimeter network servers may be accessed via Remote Desktop for
Administration.

Actualtests.org – The Power of Knowing
Topic 4, Stanford Finance. (10 Questions)
QUESTION 3
You need to design a smart card issuance system that will meet the Stanford
Finance security requirements. You need to take certain steps in the design to issue
the smart cards.
What should you do?
A. All smart card recipients will receive their smart cards via certified mail to their
primary address.
Smart card recipients should present a Stanford Finance bill or correspondence as proof
of identity.
A complex PIN in a sealed security envelope must be issued to each smart card holder.
B. All smart card recipients must, in person, sign a security agreement when issued the
smart cards at the Stanford Finance offices.
Smart card recipients should present two forms of identification: one should have a
photo.
A temporary PIN must be issued to each smart card holder which must be changed
during the card-issuance process.
C. All smart card recipients must register online before a smart card is issued via
registered mail to their primary address.
A temporary PIN must be issued online to each smart card holder which must be
changed when the recipient receives the card.
D. Smart card recipients should present at least a Stanford Finance bill or correspondence
as form of identification.
All recipients should register for their smart cards by providing detailed information
using the Web-based application form.
A complex PIN must be issued to each smart card recipient.
Answer: B
Explanation: Using smart cards and two-factor authentication will provide added
security to the authentication process for the remote users. Each recipient should actually
go to the Stanford offices in person, with two types of identification, one which is at least
a government issued identity document that has photo identification. There they should
sign a security agreement when receiving a temporary PIN. This temporary Pin must be
used by the recipient at a Smart Card Enrollment station to immediately establish a new
private PIN. Thus no Stanford Finance employee will have access to a recipient’s PIN
which makes the recipient fully responsible for the security of the new PIN.
1. Authorized users must make use of smart cards and PINs to access company resources.
2. All users must be responsible for their own smart card and PIN.
Incorrect answers:
A: Mailing smart cards is not recommended, even if the mail is certified. This will
definitely violate the security requirements. Using a Stanford Finance bill does not
provide the required level of security.

Actualtests.org – The Power of Knowing
C: Recipients should not be allowed to register online as a form of identification. This
can be risky. Further allowing the Stanford Finance employee to establish the PIN online
albeit temporary adds additional risk to the number of individuals who have access to the
PIN. And it also reduces the recipient’s responsibility for smart card security.
D: Making use of complex PINs in sealed security envelopes will make it difficult for the
PIN to be stolen, but this would not be user friendly. It may require some recipients to
write it down which makes it vulnerable to compromise. This option is akin to registering
online which should not be allowed.

Free download:pass4sure Microsoft 70-284
Free download:testking Microsoft 70-284

password:www.certbible.org

High quality IT Certification Training Exam Questions, Study Guides and Practice Tests are in Downloadable PassGuide Testing Engine,Successful for IT Certification or Full Refund for you.Contact Us:Sales@PassGuide.com

Type	Exam Bible	New Questions & Answers	Latest Updated	Download link
PDF	All Certbible 's Exam Dumps	597	1 days ago	Available

PassGuide Training Materials & Practice Tests

• download pass4sure microsoft MCSE 2003 70-293 Value Pack
• pass4sure MCSE 2003 Security 70-294 Value Pack braindumps
• Pass4sure mcse 70-291 Value Pack
• Microsoft Pass4Sure 70-350 v2 73 by Mohan 132q.vce
• mcse testking pass4sure microsoft press book
• Pass4sure Microsoft 70-271 v2.93
• Pass4sure For Many Cisco Exams
• pass4sure MCSE 2003 Security Certification Exams
• free pass4sure MCSE 2003 Certification Exams Boot camp & Braindump
• (offer) Pass4sure Microsoft 70-270 Ver 2.93