You need to restore name resolution in the branch office
Your company has a main office and a branch office. The company network has two WINS servers. You have an application that requires NetBIOS name resolution. The WINS servers are configured as shown in the following table.
You discover that the WINS addresses on all client computers in both offices are configured in the following order of use:
10.1.0.23
10.6.0.254
You reconfigure the WINS addresses on all client computers in the branch office in the following order of use:
10.6.0.254
10.1.0.23
After the reconfiguration, users in the branch office are unable to connect to the servers that are located in the main office.
You need to restore name resolution in the branch office. What should you do?
You need to select an appropriate certification authority (CA) to serve as the issuer for your Web server SSL
You are a security administrator for your company. The network contains a Windows Server 2003 computer that runs IIS.
You use this server to host an lnternet Web site for customer product purchasing. You plan to use SSL on this server. You do not want customers to receive a certificate-related security alert when they use SSL to connect to your Web site.
You need to select an appropriate certification authority (CA) to serve as the issuer for your Web server SSL certificate. What should you do?
You need to install an Office 2007 application only on the computers in the Sales organizational unit
Your company has an Active Directory forest. Each branch office has an organizational unit and a child organizational unit named Sales. The Sales organizational unit contains all users and computers of the sales department. You need to install an Office 2007 application only on the computers in the Sales organizational unit. You create a GPO named SalesApp GPO. What should you do next?
You need to ensure that you can modify the start of authority (SOA) record for contoso
Your network contains an Active Directory domain named contoso.com.
From DNS Manager, you open the properties of contoso.com as shown in the exhibit. (Refer to the Exhibit)
You need to ensure that you can modify the start of authority (SOA) record for contoso.com. What should you do?
You need to implement the written security policy
You are a security administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.
A server named Server1 is not a member of the domain. All other computers are members of the domain. The network contains an enterprise certification authority (CA). All computers on the network trust the CA. The company’s written security policy states that all network traffic from the computers in the domain to Server1 must be encrypted. Server1 must not be added to the domain. You configure a Group Policy object (GPO) that assigns the predefined IPSec policy named Client (Respond Only). You link the GPO to the domain. You configure Server1 to use the predefined IPSec policy named Secure Server (Require Security). When you test this configuration, you cannot connect to Server1 from the computers in the domain.
You need to implement the written security policy. What should you do?
You need to configure Active Directory replication between Site1 and Site2
You have an existing Active Directory site named Site1. You create a new Active Directory site and name it Site2.
You need to configure Active Directory replication between Site1 and Site2. You install a new domain controller.
You create the site link between Site1 and Site2.
What should you do next?
You need to ensure that the stale resource records are removed from na
Your company has a single Active Directory forest that has an Active Directory domain named na.contoso.com.
A server named Server1 runs the DNS Server server role. You notice stale resource records in the na.contoso.com zone. You have enabled DNS scavenging on Server1. Three weeks later, you notice that the stale resource records remain in na.contoso.com. You need to ensure that the stale resource records are removed from na.contoso.com.
What should you do?
Which three actions should you perform to configure IPSec? (Each correct answer presents part of the solution
You are a security administrator for your company. The network consists of a perimeter network that is configured as shown in the exhibit. (Click the Exhibit button.)
All computers in the perimeter network run Windows Server 2003. The company’s written security policy states the following: All computers must pass a security inspection before they are placed in the perimeter network. Only computers that pass inspection are permitted to communicate with firewalls or other computers that pass inspection. All communication in the perimeter network is inspected by a networ based intrusion-detection system (IDS). Communication between computers in the perimeter network must use the strongest possible authentication methods.You decide to deploy IPSec in the perimeter network to enforce the written security policy. You enable IPSec on the firewall computers.
You need to plan IPSec configuration for the Windows Server 2003 computers so that it meets the written security policy. Which three actions should you perform to configure IPSec? (Each correct answer presents part of the solution. Choose three.)
You need to ensure that the user is able to log on to the domain
Your company has an Active Directory domain. A user attempts to log on to the domain from a client computer and receives the following message: “This user account has expired. Ask your administrator to reactivate the account.” You need to ensure that the user is able to log on to the domain. What should you do?
You need to configure the DNS system in the Contoso forest to provide name resolution for resources in both fo
Contoso Ltd. has a single Active Directory forest that has five domains. Each domain has two DNS servers. Each DNS server hosts Active Directory-integrated zones for all five domains. All domain controllers run Windows Server 2008 R2.
Contoso acquires a company named Tailspin Toys. Tailspin Toys has a single Active Directory forest that contains a single domain.
You need to configure the DNS system in the Contoso forest to provide name resolution for resources in both forests.
What should you do?