You need to ensure that all users receive the DNS suffix search order from the GPO
You have a single Active Directory directory service domain with Windows XP client computers. Some users receive their DNS suffix search orders by using DHCP, and some users configure their DNS suffix search orders manually. You link a new Group Policy object (GPO) to the domain to specify a DNS suffix search order for client computers. Some users report that they are not receiving the new DNS suffix search order from the GPO. You need to ensure that all users receive the DNS suffix search order from the GPO. What should you do?
Which console should you use?
Your company has a single Active Directory directory service forest with three domains. All servers in your environment run Windows Server 2003. You are planning a public key infrastructure (PKI). You plan to deploy one root certification authority (CA), one policy CA, and two issuing CAs. You need to manage the health of all the CAs simultaneously.
Which console should you use?
You need to ensure that the finance users have access to their databases regardless of which client computer t
You have a single Active Directory directory service domain. User accounts and computer accounts in the finance department are located in an organizational unit (OU) named Finance. The users in the finance department use local databases that are saved to either the My Documents folder or to the users desktop. The finance users each have a primary client computer, but they frequently log on to a secondary client computer. Users report that the databases that they use when they are logged on to their primary client computer are not available when they log on to their secondary client computer. You need to ensure that the finance users have access to their databases regardless of which client computer they log on to. Logon times and logoff times must not increase as a result of this change. What should you do?
You need to ensure that client computers can correctly resolve host names
Your company has a single Active Directory directory service domain. You have one primary DNS server and four secondary DNS servers. All DNS servers run Windows Server 2003. The DNS zone is not Active DirectoryCintegrated. Client computers are configured to use only secondary DNS servers for name resolution.
Client computers are receiving stale information in response to host name inquiries. You find out that the primary DNS server returns correct information. You need to ensure that client computers can correctly resolve host names.
What should you do?
You need to ensure that GPOs are applied to users in the appropriate site with minimal delay
You are the network administrator for your company. The network consists of a single Active Directory domain with two sites. The two sites are named Site1 and Site2. All servers run Windows Server 2003. The company has two offices, and each office is configured as one of the sites. A 256-Kbps leased line connects the two offices. In addition, a site link connects the two sites. The site link is configured to replicate during off-peak hours. There are domain controllers in both sites. Site1 contains all of the operations master role holders. You plan to create Group Policy objects (GPOs) for each site. Some GPOs will be used to resolve potential support issues for a specific site, and so you need to minimize any delay in the propagation of GPOs. You need to ensure that GPOs are applied to users in the appropriate site with minimal delay. What should you do?
You need to encrypt IP traffic that is sent between client computers and database servers
All servers in your environment run Windows Server 2003. Your companys member servers and client computers are located on the corporate network. Database servers are located on a separate network segment.
You need to encrypt IP traffic that is sent between client computers and database servers.
What should you do?
What should you do?
You are the network administrator for your company. The network consists of a single Active Directory domain. All user accounts for users in the engineering department are located in an organizational unit (OU) named Engineering. These users’ client computers are all located in an OU named EngineeringWorkstations, which is a child OU if the Engineering OU. All users in the engineering department are members of a global group named Engineers. You create a Group Policy object (GPO) that assigns a software installation package to users in the Engineering OU. To comply with the licensing requirements for the application, the application must be uninstalled from a user’s computer when that user is moved out of the Engineering OU. A user named Francesca is transferred out of the engineering department. The user account for Francesca is moved into an OU named Research. Francesca reports that the application is still installed on her computer. You must ensure that the application is automatically uninstalled from Francesca’s computer. The application must remain on the computers of all users who are still in the Engineering OU. What should you do?
You need to ensure that users from the partner company can access the application by using IPSec
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. Your company uses an internal certification authority (CA). Your company has a partnership with another company that has its own Active Directory domain. Users from the partner company require access to an application that resides on a member server on your network. You need to ensure that users from the partner company can access the application by using IPSec.
What should you do?
Which action or actions should you take? (Choose all that apply
You are a network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The functional level
of the domain is Windows Server 2003. The organizational unit (OU) structure is shown in the exhibit.
Your company uses an X.500 directory service enabled product to support a sales and marketing application. The application is used only by users in the sales department and the marketing department. The application uses InetOrgPerson objects as user accounts. InetOrgPerson objects have been created in Active Directory for all Sales and Marketing users. These users are instructed to log on by using their InetOrgPerson object as their user account. Microsoft Identity Integration Server is configured to copy changes to InetOrgPerson objects from Active Directory to the X.500 directory service enabled product. All InetOrgPerson objects for marketing employees are located in the Marketing OU. All InetOrgPerson objects for sales employees are located in the Sales OU. Mikhail is another administrator in your company. Mikhail is responsible for managing the objects for users who require access to the X.500 directory service enabled product. You need to configure Active Directory to allow Mikhail to perform his responsibilities. Which action or actions should you take? (Choose all that apply.)
You need to ensure that the member server can communicate with the private network and with hosts on the Inter
All servers in your environment run Windows Server 2003. A member server has a single network adapter named NIC1 that is connected to a private network. You add a second network adapter named NIC2 to the member server, and you connect NIC2 to a public network. The member server can communicate with the private network but is not able to communicate with hosts on the Internet. You need to ensure that the member server can communicate with the private network and with hosts on the Internet.
What should you do?