VTC MSCE suite 70-284, 70-291, 70-294, 70-298, Vista

VTC MSCE suite 70-284, 70-291, 70-294, 70-298, Vista
QUESTION 1 :
You work as the network administrator at Certkiller .com. The Certkiller .com
network consists of a single Active Directory domain named Certkiller .com. All
domain controllers and servers on the Certkiller .com network run Windows Server
2003. All client computers run Windows XP Professional. All domain controllers
have the DNS service enabled. On the Certkiller .com network, DNS is configured
using a single Active Directory-intergraded zone. There are no secondary DNS
zones.
The updated Certkiller .com written security policy includes new requirements that
must be implemented to secure all domain controllers. You are responsible for
ensuring that these requirements are enforced. You plan to configure an IPSec
security policy to secure all domain controllers. To enforce the requirements of the
updated Certkiller .com written security policy, you only include ports in the Permit
filter action that are used for Active Directory authentication and replication. You
assign the new IPSec security policy for all domain controllers.
Users immediately complain that they cannot access any domain controllers. You
investigate the issue and discover that no users are able to connect to any domain
controllers. You must still enforce the requirements of the updated Certkiller .com
written security policy.
What should you do?
A. Include TCP port 53 in the filter with the Permit filter action.
B. Include TCP port 80 in the filter with the Permit filter action.
C. Include UDP port 53 in the filter with the Permit filter action.
D. Include UDP port 137 in the filter with the Permit filter action.

Actualtest.org – The Power of Knowing
Answer: C
Explanation: The issue that you have stems from the domain controllers being
unable to respond to DNS name resolution requests from your client computers.
DNS name resolution requests are sent to domain controllers through UDP port 53.
You must allow traffic to pass through to your domain controllers on UDP port 53
to resolve the existing issue.
Incorrect answers:
A: While TCP port 53 is used by DNS, DNS uses this port to perform zone transfers.
This port is not necessary because the question states that there is a single Active
Directory-intergraded zone.
B: TCP port 80 does not need to be included in the filter with the Permit filter
action because the port is used by clients attempting to connect to a Remote Desktop
Web Connection server.
D: UDP port 137 is used by the Windows Internet Name Service (WINS). Nothing is
mentioned about WINS running on any of your servers.
QUESTION 2:
You work as the network administrator at Certkiller .com. The Certkiller .com
network consists of a single Active Directory domain named Certkiller .com. All
servers on the Certkiller .com network run Windows Server 2003. Half the client
computers run Windows XP Professional and the rest run Windows 2000
Professional or Windows 98. Active Directory software is installed on all Windows
98 client computers.
The two main departments in the Certkiller .com business structure is the Sales
department and Finance department. All servers in the Sales department reside in
an organizational unit (OU) named SalesServers, and all servers in the Finance
department reside in an organizational unit named FinanceServers. All client
computers reside in a single organizational unit named Workstations. The client
computers in the Sales department run Windows XP Professional or Windows 98.
The new Certkiller .com written security policy requires that all communication with
servers in the Finance department be encrypted. All communications with other
servers should be encrypted when possible. The written security policy also requires
users in each of the two departments to access servers located in their respective
department.
To enforce these requirements, you plan to configure IPSec policy. You want to use
the default IPSec policies to enforce these requirements immediately. You plan to
configure custom IPSec policies at a later date. You assign the Client (Respond
Only) IPSec policy to client computers in the Workstations OU.
What else should you do? Choose two correct answers. Each correct answer
presents only part of the complete solution. Choose two.
A. Assign the Secure Server (Require Security) IPSec policy to the servers in the
SalesServers OU.

Actualtest.org – The Power of Knowing
B. Assign the Secure Server (Request Security) IPSec policy to the servers in the
SalesServers OU.
C. Assign the Secure Server (Require Security) IPSec policy to the servers in the
FinanceServers OU.
D. Assign the Secure Server (Request Security) IPSec policy to the servers in the
FinanceServers OU.
Answer: B, C
Explanation: You have to assign the Secure Server (Require Security)
IPSec policy to the servers in the FinanceServers OU because the security policy
specifies that all communications with these servers be secured. Only specific
reference is made to the Sales department having Windows 98 computers. You can
therefore conclude that all client computers in the Finance department run
Windows XP Professional or Windows 2000 Professional, of which both support
IPSec.
Because you currently have Windows 98 operating system client computers on the
network which are used in Sales department, you can only assign the Server (Request
Security) IPSec policy for servers in the SalesServers OU. Windows 98 client computers
do not support IPSec. Assigning the Server (Request Security) IPSec policy for servers in
the SalesServers OU will result in these servers requesting IPSec to be used for data
communications. If the other computer supports IPSec, secure data communication will
take place. If the other computer does not support IPSec, the servers will still allow
unsecured communication with that computer.
Incorrect answers:
A: If you assign the Secure Server (Require Security) IPSec policy to the servers in
the SalesServers OU, no users that have Windows 98 client computers will be able to
access servers in their department.
D: If you assign the Secure Server (Request Security) IPSec policy to the servers in
the FinanceServers OU, the servers will allow connections from clients that do not
support IPSec. The question states that all communication with servers in the Finance
department be encrypted.
QUESTION 3:
You work as the network administrator at CertKiller.com. The CertKiller.com
network consists of a single Active Directory domain named Certkiller .com. All
servers on the CertKiller.com network run Windows Server 2003 and all client
computers run Windows XP Professional.
An organizational unit (OU) named DbServers contains the three database servers
on the CertKiller.com network. Because the database servers contain confidential
company information, they are physically secured in a locked computer room. An
IPSec policy named Policy1 is assigned to all servers in the DbServers OU through
the DbPolicy GPO linked to the DbServers OU.
Policy1 has the following rules:

Actualtest.org – The Power of Knowing
1. Rule 1:
* Filters traffic on Port 1433 from any IP address.
* Filter Action: Negotiate Security – ESP.
* Kerberos authentication.
1. Rule 2:
* Filters traffic from any IP address.
* Filter Action: Block
The new CertKiller.com written security policy requires network administrators to
remotely administer all servers in the DbServers OU. Network administrators must
only use Windows Server 2003 Administration Tools to manage the database
servers. All administrative tasks must be performed from a single Windows XP
Professional client computer named Certkiller -WS555. The CertKiller.com written
security policy requires that all administrative traffic between the database servers
and Certkiller -WS555 be encrypted.
You need to enforce the requirements of the CertKiller.com written security policy.
All existing security policy rules must remain unaffected by your solution. You
assign the Client (Respond Only) IPSec policy to Certkiller -WS555.
What else should you do? (Each correct answer presents part of the solution.
Choose TWO.)
A. Create a new rule in Policy1.
Include a filter of traffic on any port from Certkiller -WS555.
B. Create a new rule in Policy1.
Include a filter of traffic on port 3389 from Certkiller -WS555.
C. Set the Filter Action: Negotiate Security – ESP, Kerberos authentication.
D. Assign the Server (Request Security) IPSec policy to Certkiller -WS55.
Answer: A, C
Explanation: You have to add a new rule to the current IPSec policy assigned to the
database servers. In the rule, you should permit traffic originating from
Certkiller -WS55 to the database servers. The source in the rule should be
Certkiller -WS555. To encrypt traffic passed between Certkiller -WS55 and the
database servers, you must set the Filter Action: Negotiate Security – ESP, Kerberos
authentication.
Incorrect answers:
B: The question states that the administrators are going to use Windows Server
2003 Administration Tools to manage the database servers. Nothing is mentioned on
administrators using Terminal Services or Remote Desktop to remotely administer the
servers. Port 3389 is used by Terminal Services and Remote Desktop.
D: You already assigned the Client (Respond Only) IPSec policy to

Certkiller -WS555.

Download: (Click here to check the links before you download)
rapidshare.com/files/48885892/VTC-MCSE.part01.rar
rapidshare.com/files/48890239/VTC-MCSE.part02.rar
rapidshare.com/files/48897988/VTC-MCSE.part03.rar
rapidshare.com/files/48900334/VTC-MCSE.part04.rar
rapidshare.com/files/48907433/VTC-MCSE.part05.rar
rapidshare.com/files/48941741/VTC-MCSE.part06.rar
rapidshare.com/files/48944654/VTC-MCSE.part07.rar
rapidshare.com/files/48947215/VTC-MCSE.part08.rar
rapidshare.com/files/48949891/VTC-MCSE.part09.rar
rapidshare.com/files/48952379/VTC-MCSE.part10.rar
rapidshare.com/files/48954970/VTC-MCSE.part11.rar
rapidshare.com/files/48957525/VTC-MCSE.part12.rar
rapidshare.com/files/48960209/VTC-MCSE.part13.rar
rapidshare.com/files/48963067/VTC-MCSE.part14.rar
rapidshare.com/files/48965632/VTC-MCSE.part15.rar
rapidshare.com/files/48968181/VTC-MCSE.part16.rar
rapidshare.com/files/49046338/VTC-MCSE.part17.rar

Free download:passguide Microsoft 70-291
Free download:passguide Microsoft 70-291

password:www.certbible.org

PassGuide Cisco Exams Questions & Training Materials

1. Free Download Latest 070-297 dumps from here…
2. Free 70-291 syngress ebook
3. Free Preplogic 15 Min Study Guides(70-270,290,291 & 293), Good Before exams and Interview(70-620,622,623)
4. Free [offer] 70-294 Updated, All for passing exam
5. Free MCSA/MCSE/MCDBA Self-Paced Training Kit: Microsoft SQL Server(TM) 2000 System Administration, Exam 70-228, Second Edition (Pro-Certification) (Paperback)
6. Free Exam-Pack 70-622: Microsoft Windows Vista Client Support Supporting and Troubleshooting Applications on a Windows Vista Client for Enterprise Support Technicians
7. Free Mcse mcsa 70-290/70-291 VCE & Sims
8. Free Microsoft PassGuide 70-350 v2 73 by Mohan 132q.vce
9. Free VTC Designing Active Directory For Windows Server 2003 (70-297)
10. Free Testinside 70-291 Printable
11. Free Offer, Microsoft 70-290 shares
12. Free Passguide Microsoft MCSE Exam 70-294 v2008-18-05 by Ali Starian 108q vce