All servers in your environment run Windows Server 2003. You are planning a backup and recovery strategy. You need to ensure that you can back up all data including open files. What should you use?

Your company has an Active Directory directory service domain. You have a four-node failover cluster that is a member of the domain. The quorum log is corrupted. You do not have a backup of the quorum log file. You need to recover from the corrupted quorum log. What should you do first?

Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You have an Enterprise root certification authority (CA). Several critical certificates are compromised. You revoke the compromised certificates. You need to ensure that as soon as possible, client computers do not trust the revoked certificates. What should you do?

Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are designing a security plan to reduce the risk in the event of a brute force password attack.
You need to modify Group Policy settings to record unauthorized access attempts. Which two settings should you configure? (Each correct answer presents part of the solution. Choose two.)

Your company has an Active Directory directory service domain. All file servers run Windows Server 2003 and are located in the FilePrint organizational unit (OU). You create a security template named FilePrint.inf that modifies existing audit settings and disables unwanted services.
You need to apply the FilePrint.inf security template to all file servers, and you must ensure that the security settings applied by the template cannot be overwritten.
What should you do?

You are a network administrator for your company. You need to test a new application. The application requires two processors and 2 GB of RAM. The application also requires shared folders on the application server and requires the installation of software on the client computers. You create the test plan. You assemble a server in the test lab. You install Windows Server 2003, Web Edition on the server. You install the application on the server. You install the client software components for the application on
20 client computers in the test lab. You test the application. You discover that only some of the client computers can run the application. You turn off the client computers that ran the application successfully, and you test again. The client computers that failed in the first test now run the application successfully.
You need to identify the cause of the failure and update your test plan. What should you do?

You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 50 application servers that run Windows Server 2003. The security configuration of the application servers is not uniform. The application servers were deployed by local administrators who configured the settings for each of the application servers differently based on their knowledge and skills. The application servers are configured with different authentication methods, audit settings, and account policy settings. The security team recently completed a new network security design. The design includes a baseline configuration for security settings on all servers.
The baseline security settings use the Hisecws.inf predefined security template. The design also requires modified settings for servers in an application role. These settings include system service startup requirements, renaming the administrator account, and more stringent account lockout policies. The security team created a security template named Application.inf that contains the modified settings. You need to plan the deployment of the new security design. You need to ensure that all security settings for the application servers are standardized, and that after the deployment, the security settings on all application servers meet the design requirements.
What should you do?

You are the network administrator for your company. The network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. The domain contains an organizational unit (OU) named Servers that contains all of the company’s Windows Server 2003 resource servers. The domain also contains an OU named Workstations that contains all of the company’s Windows XP Professional client computers. You configure a baseline security template for resource servers named Server.inf and a baseline security template for client computers named Workstation.inf. The Server.inf template contains hundreds of settings, including file and registry permission settings that have inheritance propagation enabled. The Workstation.inf template contains security settings, none of which contain file or registry permissions settings. The resource servers operate at near capacity during business hours.
You need to apply the baseline security templates so that the settings will be periodically enforced. You need to accomplish this task by using the minimum amount of administrative effort and while minimizing the performance impact on the resource servers.
What should you do?

Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You install a Windows Server 2003 Enterprise root certification authority (CA). Users are unable to auto-enroll by using an existing version 2 User certificate template that has two registration authorities assigned. Users have the Enroll and Read permissions for the template.
You need to ensure that all users can auto-enroll by using the template. What should you do?