Microsoft 70-293 Real Exam Questions

The Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 credential is intended for IT professionals who work in the typically complex computing environment of medium-sized to large companies.

1: Your company has an Active Directory directory service domain. The domain functional level is Windows Server 2003. The company has a main office with two domain controllers (DCs). Users log on to client computers by using user principal names (UPNs). You plan to set up a new branch office with one domain controller.  You need to ensure that when the branch office domain controllers connection to the main office is unavailable, users in the branch office can log on to the domain. What should you do?

A.Add a new domain controller in the branch office.
B.Configure the branch office domain controller as a global catalog server.
C.Transfer the RID Master role to the branch office domain controller.
D.Transfer the Infrastructure Master role to the branch office domain controller.
Correct Answers: B

2: All servers and client computers in your company are configured to use WINS for name resolution. The internal network is separated from a perimeter network (also known as DMZ) by a third-party firewall. Firewall rules do not allow name resolution between the internal network and the perimeter network. You move a Windows Server 2003 server named Server1 to the perimeter network. You need to ensure that all computers on the internal network can connect to Server1 by name. What should you do?

A.Create an LMHOSTS file on Server1.
B.Create a static WINS entry for Server1.
C.Configure Server1 to use Broadcast (B-node) mode.
D.Configure Server1 to use Peer-to-Peer (P-node) mode.
Correct Answers: B

3: All servers in your environment run Windows Server 2003. Your companys network includes multiple network segments and multiple routers. A member server that has the Routing and Remote Access service (RRAS) installed provides Internet connectivity for all client computers. The RRAS server is located in a perimeter network (also known as DMZ). A client computer named Client1 is unable to connect to the Internet. The RRAS server is able to connect to the Internet. You need to pinpoint the location of the network issue. What should you do?

A.Use the nbtstat command-line tool on Client1.
B.Use the pathping command-line tool on Client1.
C.Run the nbtstat -r command on the RRAS server.
D.Run the ping -a Client1 command on the RRAS server.
Correct Answers: B

4: Your company has 250 client computers connected to the office LAN. The company has a pool of five public IP addresses. All client computers have dynamically assigned IP addresses. You need to provide all client computers with Internet access. What should you use?

A.DHCP Relay Agent
B.Routing Information Protocol (RIP)
C.Internet Group Management Protocol (IGMP)
D.Network Address Translation (NAT)/Basic Firewall
Correct Answers: D

5: Your company has an Active Directory directory service domain. All servers in your environment run Windows Server 2003 and are members of the domain. You apply an IPSec policy to a Group Policy container that contains all servers. One server does not appear to have the policy applied. You need to identify which IPSec policies are being applied to the server. Which tool should you use?

A.Resultant Set of Policy (RSoP) in logging mode
B.Resultant Set of Policy (RSoP) in planning mode
C.Ipsecpol
D.Ipseccmd
Correct Answers: A

6: Your company has a single Active Directory directory service domain. Member servers run Windows Server 2003. You need to ensure that server message block (SMB) signing is enabled for incoming SMB sessions. Which Group Policy setting should you enable?

A.Microsoft network client: Digitally sign communications (always)
B.Microsoft network client: Send unencrypted password to connect to third-party SMB servers
C.Microsoft network server: Digitally sign communications (always)
D.Domain member: Digitally encrypt or sign secure channel data (always)
Correct Answers: A

7: Your company has a single Active Directory domain. All servers in your environment run Windows Server 2003. You plan to remove all Terminal Services access for the domain controllers. You need to ensure that administrators can access domain controller console sessions locally and not remotely. What should you do?

A.Remove all members of the Remote Desktop Active Directory users group.
B.Enable the Set rules for remote control of terminal services user sessions Group Policy object (GPO).
C.Disable the Set Allow users to connect remotely using terminal services local Group Policy object (GPO).
D.Enable the Set the time limit for active connections Group Policy object (GPO), and set the active session limit to 0.
Correct Answers: C
Explanation:

8: Your company has an Active Directory directory service domain. File servers run Windows Server 2003 and are joined to the domain. Client computers run Windows XP Professional. You need to encrypt data communications between file servers and client computers by using IPSec. Which IPSec transport mode and IPSec authentication method should you use?

A.Authentication Header (AH) and Kerberos
B.Authentication Header (AH) and preshared key
C.Encapsulating Security Payload (ESP) and Kerberos
D.Encapsulating Security Payload (ESP) and preshared key
Correct Answers: C

9: Your company has a single Active Directory directory service domain. You create a Group Policy object (GPO) named Baseline and link it to an organizational unit (OU) named Member Computers. You need to ensure that any computer that is added to the domain by any user receives settings specified by the Baseline GPO. What should you?

A.Link the Baseline GPO to the domain.
B.Link the Baseline GPO to the Computers container.
C.Redirect the Users container to the Member Computers OU.
D.Redirect the Computers container to the Member Computers OU.
Correct Answers: D

10: Your company has an Active Directory directory service domain. All servers run Windows Server 2003 SP2. You need to create and test security policies based on multiple server roles. Which tool should you use?

A.Resultant Set of Policy (RSoP)
B.Microsoft Security Assessment Tool
C.Security Configuration Wizard (SCW)
D.Microsoft Baseline Security Analyzer (MBSA)
Correct Answers: C

Download  |  Password: ciscobibles.com