You need to grant a user in the contoso
You have a single Active Directory directory service forest with two domains named contoso.com and corp.contoso.com. You need to grant a user in the contoso.com domain the permission to create Group Policy objects (GPOs) in the corp.contoso.com domain. What should you do?
You need to pinpoint the location of the network issue
All servers in your environment run Windows Server 2003. Your companys network includes multiple network segments and multiple routers. A member server that has the Routing and
Remote Access service (RRAS) installed provides Internet connectivity for all client computers. The RRAS server is located in a perimeter network (also known as DMZ). A client computer named Client1 is unable to connect to the Internet. The RRAS server is able to connect to the Internet.
You need to pinpoint the location of the network issue.
What should you do?
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional with the most recent service pack. All client computers have computer accounts in an organizational unit (OU) named CompanyComputers. The company requires all computers to be kept up-to-date with service packs and hotfixes from Microsoft. Administrators will manually update servers as required. You need to configure the network so that client computers are automatically updated as new critical updates are issued. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
You need to ensure that all computers on the internal network can connect to Server1 by name
All servers and client computers in your company are configured to use WINS for name resolution. The internal network is separated from a perimeter network (also known as DMZ) by a third-party firewall. Firewall rules do not allow name resolution between the internal network and the perimeter network.
You move a Windows Server 2003 server named Server1 to the perimeter network. You need to ensure that all computers on the internal network can connect to Server1 by name.
What should you do?
You need to ensure that the Standard Desktop GPO is applied only to users in the HR global security group
You have a single Active Directory directory service domain. Users work in one of four departments. You are planning to implement a Standard Desktop policy. You will test this Standard Desktop policy on the users in the HR department prior to applying it to the rest of the companys users. You create a Group Policy object (GPO) named Standard Desktop and apply the desired settings to the GPO. You need to ensure that the Standard Desktop GPO is applied only to users in the HR global security group. What should you do?
You need to ensure that when the branch office domain controllers connection to the main office is unavailable
Your company has an Active Directory directory service domain. The domain functional level is Windows Server 2003. The company has a main office with two domain controllers (DCs). Users log on to client computers by using user principal names (UPNs).
You plan to set up a new branch office with one domain controller. You need to ensure that when the branch office domain controllers connection to the main office is unavailable, users in the branch office can log on to the domain.
What should you do?
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional. Except for IT staff, users are not local administrators on client computers. The company obtains a new application for order processing. This application must be installed on each client computer. The application is contained in an .msi file. You copy the .msi file to a shared folder on a file server. You assign the
Authenticated Users group the Allow – Read permission for the shared folder. To deploy the application, you instruct users to double-click the .msi file in the shared folder. When users attempt to install the application, they receive an error message, and setup fails. You need to configure the network so that the application can be installed successfully. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
Which command-line tool should you use?
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. All domain controllers run Active DirectoryCintegrated DNS. You create several static host (A) resource records.
You need to verify that the DNS server is sending the correct host records to all client computers.
Which command-line tool should you use?
You need to ensure that if users locally change the Internet Explorer settings, the settings are changed back
You have a single Active Directory directory service domain. You create a new Group Policy object (GPO) to enforce several Internet Explorer settings for users. Several users change their local Internet Explorer settings from the settings that are defined in the GPO. You need to ensure that if users locally change the Internet Explorer settings, the settings are changed back to those defined in the GPO. What should you do?
What should your plan include?
Your company has an Active Directory directory service domain. All servers run Windows Server 2003. You are developing a security monitoring plan. You must monitor the files that are stored in a specific directory on a member server.
You have the following requirements:
Log all attempts to access the files.Retain log information until the full weekly backup occurs. You need to ensure that the security monitoring plan meets the requirements.
What should your plan include?