You need to plan a strategy for providing customers with access to the additional databases
You are a security administrator for your company. The network consists of two Active Directory domains. These domains each belong to separate Active Directory forests. The domain named graphicdesigninstitute.com is used primarily to support company employees. The domain named fineartschool.net is used to support company customers. The functional level of all domains is Windows Server 2003 interim mode.
A one-way external trust relationship exists in which the graphicdesigninstitute.com domain trusts the fineartschool.net domain. A Windows Server 2003 computer named Server1 is a member of the fineartschool.net domain. Server1 provides customers access to a Microsoft SQL Server 2000 database. The user accounts used by customers reside in the local account database on Server1. All of the customer user accounts belong to a local computer group named Customers. SQL Server is configured to use Windows lntegrated authentication. Your company has additional SQL Server 2000 databases that reside on three Windows Server 2003 computers. These computers are member servers in the graphicdesigninstitute.com domain.
The company’s written security policy states that customer user accounts must reside on computers in the fineartschool.net domain. You need to plan a strategy for providing customers with access to the additional databases.
You want to achieve this goal by using the minimum amount of administrative effort. What should you do?
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution
Your company has a main office and three branch offices. Each office is configured as a separate Active Directory site that has its own domain controller. You disable an account that has administrative rights. You need to immediately replicate the disabled account information to all sites. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
You need to minimize DNS zone transfer traffic over the WAN links
Your company has a main office and two branch offices that are connected by WAN links. The main office runs the DNS Server service on three domain controllers. The zone for your domain is configured as an Active Directory-integrated zone.
Each branch office has a single member server that hosts a secondary zone for the domain. The DNS servers in the branch offices use the main office DNS server as the DNS Master server for the zone. You need to minimize DNS zone transfer traffic over the WAN links.
What should you do?
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution
You are a security administrator for your company. Your company uses an accounting and payroll application. Twenty payroll clerks use the application to input data from their client computers to a database running on a Microsoft SQL Server 2000 computer named Server1.
You need to prevent unauthorized interception of the data as it travels over the company network. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
You need to add the new server as a domain controller in your domain
Your company has a single Active Directory domain. All domain controllers run Windows Server 2003.
You install Windows Server 2008 R2 on a server.
You need to add the new server as a domain controller in your domain.
What should you do first?
What should you configure from Group Policy?
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers. All client computers run Windows
7. You create a new zone named secure.contoso.com and configure the zone to use DNSSEC. You need to ensure that all client computers verify whether the name and address information of secure.contoso.com is validated by the DNS servers. What should you configure from Group Policy?
You need to prevent users from running VBS files regardless of how they arrive on client computers
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.
The company occasionally experiences downtime because of malicious lnternet worms that arrive as Microsoft Visual Basic Scripting Edition (VBS) files. You examine several client computers and discover that VBS files are downloaded by using Microsoft Outlook, instant messaging, or peer-to-peer file sharing programs.
You need to prevent users from running VBS files regardless of how they arrive on client computers. What should you do?
You need to ensure that all domain controllers can resolve names for dev
Your network consists of an Active Directory forest named contoso.com. All servers run Windows Server 2008 R2. All domain controllers are configured as DNS servers. The contoso.com DNS zone is stored in the ForestDnsZones Active Directory application partition. You have a member server that contains a standard primary DNS zone for dev.contoso.com. You need to ensure that all domain controllers can resolve names for dev.contoso.com. What should you do?
You need to provide a user with the ability to manage records in the zone
You manage a domain controller that runs Windows Server 2008 R2 and the DNS Server server role. The DNS server hosts an Active Directory-integrated zone for your domain. You need to provide a user with the ability to manage records in the zone. The user must not be able to modify the DNS server settings.
What should you do?
You need to ensure that users from the domain can successfully establish a VPN connection to Server3
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The network contains three member servers named Server1, Server2, and Server3.
The three member servers are connected to the Internet. You plan to implement remote access to the company network for users that work from home. You configure and enable Routing and Remote Access on Server1 and Server2. An assistant, who is an administrator on all member servers, configures and enables Routing and Remote Access on Server3. Users from the domain can successfully establish VPN connections from the lnternet to Server1 and Server2. However, users cannot establish a VPN connection to Server3. You discover that Server3 can only authenticate Internet VPN connections from local user accounts.
You need to ensure that users from the domain can successfully establish a VPN connection to Server3. What should you do?