Which two actions should you include in your plan?
You are a network administrator for your company. The design team provides you with the following list of requirements for server disaster recovery. No more than two sets of tapes can be used to restore to the previous day. A full backup of each server must be stored off-site. A full backup of each server that is no more than one week old must be available on-site. Backups must never run during business hours.
Tapes may be recalled from off-site storage only if the on-site tapes are corrupted or damaged.A full backup of all servers requires approximately 24 hours. Backing up all files that change during one week requires approximately 4 hours. Business hours for the company are Monday through Friday, from 6.00 A.M. to 10.00 P.M.
You need to provide a backup rotation plan that meets the design team’s requirements.
Which two actions should you include in your plan? (Each correct answer presents part of the solution. Choose two.)
What should you do?
You are the network administrator for your company. The network contains an application server running Windows Server 2003. Users report that the application server intermittently responds slowly. When the application server is responding slowly, requests that normally take 1 second to complete take more than 30 seconds to complete. You suspect that the slow server response is because of high broadcast traffic on the network. You need to plan how to monitor the application server and to have a message generated when broadcast traffic is high. You also want to minimize the creation of false alarms when nonbroadcast traffic is high. What should you do?
What should you do?
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003, Standard Edition. You have multiple DNS servers. You plan to deploy a new network device that uses IPv6. The device does not support dynamic updates of DNS resource records. You need to ensure that client computers can resolve the fully qualified domain name (FQDN) of the device to its IPv6 address. What should you do?
What should you do first?
Servers in your company run Windows Server 2003. You use dynamically assigned IP addresses. You set up a new client computer that has an IP address of 169.254.1.10. The client computer cannot access the Internet. You verify that physical network connectivity for the client computer is functional. The DHCP server shows 253 IP leases active on the 192.168.0.0/24 network that the client computer is attached to. You need to restore network connectivity on the new client computer. What should you do
first?
Which two actions should you take?
You are the network administrator for your company. The network contains Windows Server 2003 computers and Windows XP Professional computers. The company deploys two DNS servers. Both DNS servers run Windows Server 2003. One DNS server is inside of the corporate firewall, and the other DNS server is outside of the firewall. The external DNS server provides name resolution for the external Internet name of the company on the Internet, and it is configured with root hints. The internal DNS server hosts the DNS zones related to the internal network configuration, and it is not configured with root hints.You want to limit the exposure of the client computers to DNS-related attacks from the Internet, without limiting their access to Internet-based sites.
Which two actions should you take? (Each correct answer presents part of the solution. Choose two.)
Which two actions should you take?
You are a network administrator for Alpine Ski House. The internal network has an Active Directory-integrated zone for the alpineskihouse.org domain. Computers on the internal network use the Active Directory-integrated DNS service for all host name resolution. The Alpine Ski House Web site and DNS server are hosted at a local ISP. The public Web site for Alpine Ski House is accessed at www.alpineskihouse.com. The DNS server at the ISP hosts the alpineskihouse.com domain. To improve support for the Web site, your company wants to move the Web site and DNS service from the ISP to the company’s perimeter network. The DNS server on the perimeter network must contain only the host (A) resource records for computers on the perimeter network. You install a Windows Server 2003 computer on the perimeter network to host the DNS service for the alpineskihouse.com domain.
You need to ensure that the computers on the internal network can properly resolve host names for all internal resources, all perimeter resources, and all Internet resources.
Which two actions should you take? (Each correct answer presents part of the solution. Choose two.)
What should you do?
All servers in your company run Windows Server 2003. All client computers use dynamically assigned IP addresses and DNS for name resolution. A few client computers also use WINS for name resolution. Client computers have difficulty resolving some server names by using a DNS server. You need to ensure that client computers can always resolve server names by using a DNS server. What should you do?
What should you back up?
Your company has an Active Directory directory service domain with three domain controllers that run Windows Server 2003. You plan to apply a security template to the domain controllers. You need to ensure that you can roll back the security settings of the domain controllers after you apply the security template. What should you back up?
Which predefined security template should you use?
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. Your security baseline requires you to control local group membership on all member servers. You need to automatically remove users from the Power Users group on member servers. You must ensure that only the Domain Admins security group and the local Administrator account are members of the local Administrators group. Which predefined security template should you use?
What should you do?
You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains 10 domain controllers and 50 servers in application server roles. All servers run Windows Server 2003. The application servers are configured with custom security settings that are specific to their roles as application servers. Application servers are required to audit account logon events, object access events, and system events. Application servers are required to have passwords that meet complexity requirements, to enforce password history, and to enforce password aging. Application servers must also be protected against man-in-the-middle attacks during authentication.
You need to deploy and refresh the custom security settings on a routine basis. You also need to be able to verify the custom security settings during audits. What should you do?