Which command should you run?
Your network consists of a single Active Directory domain named Contoso.com.All servers run Windows
Server 2003 Service Pack 2 (SP2).All client computers run Windows XP Professional Service Pack 3 (SP3).
You create an organizational unit (OU) that contains a computer account named Computer1. A Group Policy object (GPO) is linked to the OU and contains settings to enforce the use of IPSec.
You log on to Computer1 by using a user account named User1.
You need to verify that the IPSec settings have been applied.
Which command should you run?
Which two actions should you perform?
You are the network administrator for your company.The network consists of a single Active Directory domain.All servers run Windows Server 2003. All client computers run Windows XP Professional.
You need to implement a new software update infrastructure.You discover that security patches, critical updates, and service packs have never been installed on any client computer on the network.
You install Windows Server Update Services (WSUS) on a Windows Server 2003 computer named Server5. You synchronize and approve all of the current security patches, critical updates, and service packs.
You need to ensure that all client computers receive all Microsoft security patches, critical updates, and service packs.
Which two actions should you perform? (Each correct answer presents part of the solution.Choose two.)
What should you do?
Your network contains a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2).Server1 has IPSec enabled.
Several users report that they cannot connect to Server1.
You need to see how many IPSec connection attempts failed due to authentication failures.
What should you do?
What should you do?
You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2).Server1 has Windows Server Update Services (WSUS) 3.0 installed.Server1 has a WSUS client named Computer1.
You need to view a list of all critical updates that have not been installed on Computer1.
What should you do?
What should you do?
Your network consists of a single Active Directory domain.All servers run Windows Server 2003 Service Pack 2 (SP2).All client computers run Windows XP Professional Service Pack 3 (SP3).
You install and configure Windows Server Update Services (WSUS) 3.0 on a server named Server1.
You need to configure one client computer to check for software updates from Server1 every morning at 02:30.
What should you do?
Which two actions should you perform?
You have a file server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2).Server1 has a shared folder named Research.Research contains confidential documents.
You need to identify the actions that users perform on the contents of the Research shared folder.You must minimize the amount of information that is gathered.
Which two actions should you perform? (Each correct answer presents part of the solution.Choose two.)
What should you do?
You have a server that runs Windows Server 2003 Service Pack 2 (SP2).The server is configured as a network address translation (NAT) router.The server has two network adapters and provides Internet access for the network.
You need to prevent traffic on port 21 from being sent to the Internet.All other outbound traffic must be allowed.
What should you do?
What should you do?
Your network consists of a single Active Directory domain.All servers run Windows Server 2003 Service Pack 2 (SP2).
You have two servers named Server1 and Server2. Both servers have Windows Server Update Services (WSUS) 0 installed.
You need to ensure that Server2 automatically receives the same update approvals as Server1.
What should you do?
What should you do?
You are the network administrator for your company.The network consists of a single Active Directory domain.The functional level of the domain is Windows Server 2003. All client computers in the domain run Windows XP Professional.
An application named Inventory.exe is installed on all computers in the domain to remotely gather software inventory information.The application runs as a service in the security context of the Local System.The startup type of the service is set to Automatic.
In the Default Domain Policy Group Policy object (GPO), the security administrator has configured a software restriction policy that is applied to all computers in the domain.The policy contains a hash rule for the Inventory.exe application, and the hash rule is configured with a security level of Unrestricted.
The client computers on the network are attacked by a worm that is distributed by e-mail messages received over the Internet.The worm detects the presence of Inventory.exe on a computer, then starts a new instance of the application in the security context of the logged-on user.The worm exploits a bug in the application to cause the computer to fail.
You need to ensure that Inventory.exe cannot be started by the worm, while still allowing the application to run as a service.
What should you do?
What should you do?
Your network consists of a single Active Directory domain.All servers run Windows Server 2003 Service Pack 2 (SP2).
You have two DNS servers named Server1 and Server2. Server1 hosts an Active Directory-integrated zone for contoso.com.Server2 hosts a secondary zone for contoso.com.
The serial number for the contoso.com zone is currently 985413.
You need to verify whether Server2 has the most up-to-date version of the zone.
What should you do?