What should you do next?
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You control remote access to the internal network by using several custom remote access policies. You need to enforce a maximum session time for all remote connections. In the Routing and Remote Access console, you create a new remote session policy. What should you do next?
Which IP address scheme should you choose?
Your company has 1,000 computers and network devices. Your network uses private IP address ranges. You plan to create subnets that each contain a maximum of 30 hosts. You need to choose the appropriate IP address scheme for your network. Which IP address scheme should you choose?
What should you specify in your design?
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. All servers are located in an organizational unit (OU) named Servers. You need to design an IPSec policy strategy that provides security for the duration of the server startup process. What should you specify in your design?
What should you do?
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You assign an IPSec policy to a member server. Group Policy does not apply the IPSec policy when the member server communicates with a domain controller. You need to find out why Group Policy is not applying the new IPSec policy. What should you do?
What should you do?
You are the network administrator for your company. The network consists of a single Active Directory domain. The company has remote users in the sales department who work from home. The remote users’ client computers run Windows XP Professional, and they are not members of the domain. The remote users’ client computers have local Internet access through an ISP. The company is deploying a Windows Server 2003 computer named Server1 that has Routing and Remote Access installed. Server1 will function as a VPN server, and the remote users will use it to connect to the company network.
Confidential research data will be transmitted from the remote users’ client computers. Security is critical to the company and Server1 must protect the remote users’ data transmissions to the main office. The remote client computers will use L2TP/IPSec to connect to the VPN server. You need to choose a secure authentication method.
What should you do?
What should you do?
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are planning security policies for remote network administration. You plan to deploy the policies by using Group Policy. You must support the following requirements. Tier 1 support technicians must be able to request support from Tier 2 support technicians.Tier 1 support technicians must not be able to remotely connect to server consoles.Tier 2 support technicians must be able to remotely connect to server consoles.
You need to ensure that support technicians have the appropriate remote administration access to all servers.
What should you do?
Which two Security Options policy settings should you enable?
Your company has an Active Directory directory service domain. All client computers run Windows XP Professional. You are upgrading your servers from Windows 2000 Server to Windows Server 2003. You need to ensure that all network traffic between all computers uses server message block (SMB) signing, while maintaining client computer connectivity.
Which two Security Options policy settings should you enable? (Each correct answer presents part of the solution. Choose two.)
What should you do?
You are the network administrator for your company. The network consists of a single Active Directory domain. The company has a main office in San Francisco and branch offices in Paris and Bogota. Each branch office contains a Windows Server 2003 domain controller. All client computers run Windows XP Professional. Users in the Bogota office report intermittent problems authenticating to the domain.
You suspect that a specific client computer is causing the problem. You need to capture the authentication event details on the domain controller in the Bogota office so that you can find out the IP address of the client computer that is the source of the problem. What should you do?
What should you do?
Your company has an Active Directory directory service domain. You are setting up a six-node Windows Server 2003 file services cluster. You plan to configure a Fibre Channel SAN to store six 2-TB volumes that will be used as cluster resources. You need to prevent interference to your storage logical unit numbers (LUNs) from other clusters that use the SAN. What should you do?
What should you do?
Your company has an Active Directory directory service domain with a single site. All servers run Windows Server 2003. All Web servers run IIS 6.0. Web servers on the internal network are member servers. Web servers in the perimeter network (also known as DMZ) are stand-alone servers. All Web servers on the internal network are located in a single organizational unit (OU). You create a security template for Web servers. You need to apply the security template to all Web servers in the perimeter network.
What should you do?