Pass4sure Microsoft MCSE Exam 70-294 v2008-18-05 by Ali Starian 108q vce
- Wednesday, May 21, 2008, 0:21
- Cert Tests
- 116 views
- Add a comment
The Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 credential is intended for IT professionals who work in the typically complex computing environment of medium to large companies. An MCSE candidate should have at least one year of experience implementing and administering a network operating system in environments that have the following characteristics:
QUESTION 1
You work as a network domain administrator at Certkiller .com. The Certkiller .com
network consists of a single Active Directory domain named Certkiller .com. The
Certkiller .com network contains twenty-five Windows Server 2003 servers and 5,200
client computers running Windows 2000 Professional:
1. Two of the servers function as domain controllers.
2. The rest are used as file servers, intranet servers, or database servers.
The Certkiller .com organization unit (OU) structure is based on the defined server
roles.
The relevant portion of the Active Directory structure is illustrated in the Exhibit
below:
You are responsible for the management of security baseline settings. Other than
the domain controllers, all servers should be furnished with security baseline
settings. To this end you create:
1. A security template named SRsecurity.inf. SRsecurity.inf includes the required
NTFS- and registry permissions for all the servers, intranet server, as well as the
database servers.
2. A security template named FSRsecurity.inf
3. A security template named IntSRsecurity.inf
Actualtests.org – The Power of Knowing
4. A security template named DBserversecurity.inf
You received instruction to deploy these security templates with the least amount of
administrative effort.
What should you do to accomplish this task? (Each correct answer presents part of
the solution. Choose two.)
A. Create a GPO
Link it to the domain.
Import the SRsecurity.inf template into the new GPO.
B. Create a new GPO for the File Servers-, the Intranet Server- and the Database Servers
OUs respectively.
Link each GPO to the File Servers-, the Intranet Server- and the Database Servers OUs
respectively.
Import the FSRsecurity.inf, the IntSRsecurity.inf and the DBserversecurity.inf security
templates into their respectiveGPOs.
C. Create a GPO
Link it to the File Servers-, the Intranet Server- and the Database Servers OUs.
Import the SRsecurity.inf template into the new GPO.
D. Create a GPO
Link it to the Servers OU.
Import the SRsecurity.inf template into the new GPO.
E. Create a new GPO for the File Servers-, the Intranet Server- and the Database Servers
OUs respectively.
Link each GPO to the Servers OUs.
Import the FSRsecurity.inf, the IntSRsecurity.inf and the DBserversecurity.inf security
templates into their respectiveGPOs.
Answer: B, D
Explanation: The SRsecurity.inf security template should be applied to all servers
located in the Servers OU. To this end you need to create a GPO, link it to the Servers
OU and import the appropriate security template into the GPO. This way the
SRsecurity.inf settings will apply to all the servers in the Servers OU. In the same fashion
you should link the respective security templates to the respective newly created GPOs to
have them applied to the correct groups of servers. These methods represent the least
amount of administrative effort.
Incorrect answers:
A: This GPO should be linked to the Servers OU and not the domain. This is not a
recommended practice.
C: GPOs that contain role-specific security settings should be applied at the OU level to
ensure that those security settings will apply to only the members of that specific OU.
E: Linking each of the different GPOs to the Servers OU will not ensure that the servers
of a specific type of server receive the appropriate server-specific security settings.
QUESTION 2
Actualtests.org – The Power of Knowing
You work as the network administrator at Certkiller .com. The Certkiller .com
network consists of a single Active Directory domain named Certkiller .com. The
Certkiller .com network contains ten Windows Server 2003 computers and 1,200
client computers running Windows XP Professional. The servers, the domain
controllers, and the client computers form their own OUs respectively. The client
computers comprises of desktop computers as well as laptop computers.
The Certkiller .com written security policy states that Encrypting File System (EFS)
should only be implemented on the client computers. You then create a domain
account to serve as the data recovery agent for the entire domain.
All the security settings that are required on all the computers in the domain are
contained in a Group Policy Object (GPO) named DomainSecGPO.
DomainSecGPO is currently set up to allow users to encrypt files with EFS. You
need to configure the appropriate settings to ensure that the Certkiller .com written
security policy is adhered to. You need to accomplish this task with the least amount
of administrative effort.
What should you do? (Each correct answer presents part of the solution. Choose all
that apply.)
A. Create a new GPO that allows users to use EFS.
B. Configure DomainSec GPO to prevent users from using EFS.
C. Create a new GPO that prevents users to use EFS.
D. Configure DomainSec GPO to allow users to use EFS.
E. Link the new GPO to the Clients OU.
F. Link the new GPO to the Desktop computers and Portable computers OUs.
Answer: A, B, E
Explanation: EFS can be used to encrypt data on NTFS volumes. DomainSecGPO is
configured at domain level. This means that all computers including the servers support
EFS. This violates the Certkiller .com written security policy. You should thus disable
EFS support on domain level by configuring DomainSecGPO to prevent users from using
EFS. Then to enable client computers to encrypt data, you should create a new GPO that
supports EFS and link it to the Clients OU.
Incorrect answers:
C: This would be incorrect since the users who make use of the Clients OU will require
making use of EFS so as to comply with the written security policy.
D: This is a superfluous option. This is in violation of the Certkiller .com written security
policy since all computers, servers and client computers are already supporting EFS. This
should in fact be changed.
F: This is incorrect the GPO should be linked to the Clients OU
QUESTION 3
You work as the network security administrator at Certkiller .com. The
Certkiller .com network consists of a single Active Directory domain named
Certkiller .com. The Certkiller .com network contains twenty Windows Server 2003
Actualtests.org – The Power of Knowing
computers and 1,500 client computers of which 950 is running Windows XP
Professional, 300 is running Windows 2000 Professional and 250 is running
Windows NT Workstation 4.0.
You are responsible for the implementation of security templates at Certkiller .com.
All client computer accounts on the Certkiller .com network are contained in an
Organizational Unit (OU) named Clients OU. All Certkiller .com employees enjoy
Users group membership. You created a Group Policy Object (GPO) named
Clients_GPO and link it to the Clients OU. You then import the Securews.inf
security template into the Clients_GPO. You then perform a clean installation of
Windows XP Professional on all the Windows NT Workstation 4.0 client computers
as well as the Windows 2000 Professional computers after which you verify that
Clients_GPO is applied to each of these computers.
The next morning you received reports from several Certkiller .com users
complaining that they are unable to run an application on their Windows XP
Professional client computers, instead they encounter an error message that informs
them that they do not have the appropriate permissions to run that particular
application. This application stored user data in the Program Files folder structure.
Previously these users had no trouble running this specific application on their
Windows NT Workstation 4.0 computers.
You need to perform several tasks:
1. Ensure that the application will run on Windows XP Professional computers
without compromising the security settings in the Securews.inf security template.
2. You should not affect the security settings that apply to the other computers in
the domain.
3. You should not grant the members with the problems to access the application
more permissions than is necessary.
What should you do?
A. Make these members part of the Administrators group on their computers.
B. Make these members part of the local Power Users group on their computers.
C. The Compatws.inf security template should be imported into the Clients_GPO.
D. The Setup security.inf security template should be imported into the Clients_GPO.
Answer: B
Explanation: The default security settings for the Windows XP Professional operating
system are preventing the Users group from being granted too much authority. However,
to run legacy/customized applications under Windows XP Professional, members of the
Users group must be granted the same kind of user right and permissions as members of
the Power Users group.
Incorrect answers:
A: Making these members part of the Administrators group would be granting them more
permissions than is necessary.
C: Applying the Compatws.inf security template would overwrite the settings that have
been applied by the securews.inf security template. The question states pertinently that
you should not alter the existing security settings.
Actualtests.org – The Power of Knowing
D: Applying the Setup security.inf security template will also overwrite the settings that
have been applied by the securews.inf security template. Furthermore, it is not
recommended to apply this template through using a GPO.
| • | 250 to 5,000 or more users |
| • | Three or more physical locations |
| • | Three or more domain controllers |
| • | Network services and resources such as messaging, database, file and print, proxy server, firewall, Internet, intranet, remote access, and client computer management |
| • | Connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet |
In addition, an MCSE candidate should have at least one year of experience in the following areas:
| • | Implementing and administering a desktop operating system |
| • | Designing a network infrastructure |
Exam Number/Code: 70-294
Exam Name: MCSE Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure
VUE Code: 70-294
Questions Type: Multiple choice,
Real Exam Question Numbers: 35
Exam Language(s): English
“MCSE Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure”, also known as 70-294 exam, is a Microsoft certification.
Preparing for the 70-294 exam? Searching 70-294 Test Questions, 70-294 Practice Exam, 70-294 Dumps?
With the complete collection of questions and answers, Pass4sure has assembled to take you through 175 Q & A + 3 Real labs to your 70-294 Exam preparation. In the 70-294 exam resources, you will cover every field and category in MCSE helping to ready you for your successful Microsoft Certification.
Questions and Answers : 175 Q & A + 3 Real labs
Updated: 2008-2-13
Market Price: $69.99
MCSE Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure : 70-294 Exam
Microsoft Pass4Sure 70-294 v2008-18-05 by Ali Starian 108q.rar
Free download:pass4sure Microsoft 70-294
Free download:testking Microsoft 70-294
password:www.certbible.org
High quality IT Certification Training Exam Questions, Study Guides and Practice Tests are in Downloadable PassGuide Testing Engine,Successful for IT Certification or Full Refund for you.Contact Us:Sales@PassGuide.com|
Type |
Exam Bible | New Questions & Answers |
Latest Updated |
Download link |
| All Certbible 's Exam Dumps |
597 |
1 days ago | Available |
PassGuide Training Materials & Practice Tests
About the Author
Free Certification Exam Download has written 10018 stories on this site.
If you have any doubts about legality of content or you have another suspicions, feel free to contact us:CertGuard@Gmail.com
Write a Comment
Gravatars are small images that can show your personality. You can get your gravatar for free today!
