You are a network administrator for your company. The company has a main office and one branch office. The network consists of a single Active Directory domain. All servers run Windows Server 2003.
The company needs to connect the main office network and the branch office network by using Routing and Remote Access servers at each office. The networks will be connected by a VPN connection over the Internet. The company’s written security policy includes the following requirements for VPN connections over the Internet. All data must be encrypted with end-to-end encryption. VPN connection authentication must be at the computer level. Credential information must not be transmitted over the Internet as part of the authentication process.
You need to configure security for VPN connection between the main office and the branch office. You need to comply with the written security policy.
What should you do?

Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You are designing a public key infrastructure (PKI) that uses Certificate Services. You have the following requirements. The root certification authority (CA) must be offline unless maintenance is required. You must use certificate templates. You need to specify the CA types to use in your PKI.
Which two types should you specify? (Each correct answer presents part of the solution. Choose two.)

Your company has an Active Directory directory service domain. A server that runs Windows Server 2003 as an Enterprise certification authority (CA) has role separation enabled. You create a new Active Directory security group named CA Database Admins, and you assign the CA Administrator role to the security group. You disable role separation on the Enterprise CA. Members of the CA Database Admins security group are unable to delete more than one row at a time from the CA database.
You need to ensure that members of the CA Database Admins security group can delete multiple rows at a time from the CA database.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

All servers in your company run Windows Server 2003. You are planning the installation of a database server. The server requires 64 GB of RAM. You need to choose the minimum edition of Windows Server 2003 that you can use for this installation. Which edition should you choose?

You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. All servers run Windows Server 2003 and all client computers run Windows XP Professional.You are planning a security update infrastructure.
You need to find out which computers are exposed to known vulnerabilities. You need to collect the information on existing vulnerabilities for each computer every night. You want this process to occur automatically.
What should you do?

Your company has multiple Active Directory directory service domains. All servers in your environment run Windows Server 2003. You need to apply a predefined security template to the domain controllers to ensure that network communications cannot be intercepted and decoded.
Which predefined template should you use?

You are a network administrator for your company. You need to test a new application. The application requires two processors and 2 GB of RAM. The application also requires shared folders on the application server and requires the installation of software on the client computers.
You create the test plan. You assemble a server in the test lab. You install Windows Server 2003, Web Edition on the server. You install the application on the server. You install the client software components for the application on 20 client computers in the test lab. You test the application. You discover that only some of the client computers can run the application. You turn off the client computers that ran the application successfully, and you test again. The client computers that failed in the first test now run the application successfully.
You need to identify the cause of the failure and update your test plan.
What should you do?

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The network contains servers that have Terminal Server enabled. The terminal servers host legacy applications that currently require users to be members of the Power Users group. A new requirement in the company’s written security policy states that the Power Users group must be empty on all resource servers.
You need to maintain the ability to run the legacy applications on the terminal servers when the new security requirement is implemented.
What should you do?

Your company has an Active Directory directory service domain. All servers run Windows Server 2003 SP2. You need to create and test security policies based on multiple server roles. Which tool should you use?