Coho Vineyard is an importer and distributor of fine wines from around the world.
Physical Locations
The company's main office is located in Los Angeles. The company has two branch
offices in the following locations:
1. Paris
2. Sydney
The company plans to open two additional branch offices within the next year.
These offices will be located in Barcelona and Lisbon.
Planned Changes
To reduce costs and streamline business processes, the company wants to implement
a Windows Server 2003 Active Directory environment.
Business Processes
Coho Vineyard consists of the following departments:
1. Accounting
2. Distribution
QUESTION NO: 1
As part of your design, you are evaluating whether to upgrade all domains to
Windows Server 2003.
Based on current configurations, which server or servers prevent you from
achieving this goal? (Choose all that apply)
A. DC2
B. DC3
C. DC4
D. DC5
E. DC6
F. Server1
Answer: D, E
Explanation:
The question asks what is preventing you from upgrading the DOMAINS to Windows
Server 2003. The correct answer is D and E. Both these servers are PDC in their domain.
The problem is that they are RISC servers. There is no RISC version of Windows 2003
so the domain cannot be upgraded.
Incorrect Options:
A, B and C: These BDC's are running Pentium processors which do support Windows
Server 2003. Furthermore, BDC's can be upgraded from Windows NT Server 4.0
domains to Windows Server 2003 domains.
F: The case study says that Server1 is currently hosting a mission critical application, and that the application vendor does not support running this application on any operating system other than Windows NT Server 4.0.
QUESTION NO: 2
You are designing the Windows Server 2003 Active Directory forest structure to
meet the business and technical requirements.
Which forest structure should you use?
A. One Active Directory forest with one domain.
B. One Active Directory forest with three domains.
C. One Active Directory forest with four domains.
D. Two Active Directory forests with one domain in each forest.
E. Three Active Directory forests with one domain in each forest.
Answer: A
Explanation:
In the security section of the case study it states: "Regional network administrators must have only limited control over the Active Directory Service. They will be responsible for managing user and computer accounts for their regions. Therefore, the locations will become OU's and we will delegate control."
The network administrator in the Los Angeles office will manage all domain controllers, configure sites and perform other high-level administrative tasks. This would then be the Root of the forest. There was no reason in the case study given that would state the requirement of a multi domain model such as different passwords or schema. It is for this reason that B, C, D and E are incorrect.
QUESTION NO: 3
You are designing the top-level organizational unit (OU) structure to meet the
business and technical requirements. Your design must accommodate the
anticipated growth of the company.
Which top-level OU structure should you use?
A. Paris OU, Sydney OU, Los Angeles OU, Lisbon-Barcelona OU
B. IT Administration OU, All CohoVineyard Departments OU, All CohoVineyard
Offices OU
C. Sales OU, Purchasing OU, Marketing OU, Accounting OU, Distribution OU, Human
Resources OU
D. CohoVineyard Users OU, CohoVineyard Computers OU, CohoVineyard Servers OU,
CohoVineyard Applications OU
Answer: A
Explanation:
In the security section of the case study it states: "Regional network administrators must
have only limited control over the Active Directory Service. They will be responsible for
managing user and computer accounts for their regions".
Under the Organizational Roles section it states: "Because of the small size of the
Barcelona branch office, it will have no IT staff and no servers. The Lisbon IT staff will
manage users and computers for both the Lisbon and Barcelona branch offices". This
justifies the creation of the "Lisbon-Barcelona" OU
Although you should not create separate OUs based on geographic locations just because
it's an obvious dividing point for structure, there are times when it is an appropriate
decision. When the network is dispersed over a wide area and connected by slower wide
area network (WAN) links, you can make it easier to design site boundaries by creating a
separate OU for each location and then creating nested OUs that delegate administrative
control.
Sites in Active Directory provide a way to abstract the logical organization of the
directory structure (the forest, domain, and organizational unit [OU] structure) from the
physical layout of the network. Sites take the responsibility for representing the physical
layout within Active Directory. Because sites are independent of the domain structure, a
single domain can include multiple sites or a single site can include multiple domains.
QUESTION NO: 4
As part of your design, you are evaluating whether a second-level organizational
unit (OU) structure is required.
Which factor necessitates the need for a second-level OU structure?
A. Audit policy settings
B. Software deployment needs
C. Client operating systems in use
D. Delegation of administrative authority
Answer: B
Explanation:
The Active Directory Section states: "Departments within Coho Vineyard have thier own
unique needs, which include but are not limited to, specialized departmental
applications." This would justify a 2nd level OU structure by Departments.
Creating OUs based on software management needs allows you to target applications to
the appropriate set of users.
Incorrect Options:
A: Audit policy settings is an administrative tool, and "D" says: "rules for OU placement
at lower levels of the domain are based more on user and computer management than
delegating administrative privileges."
C: There are no organizational requirements specific to either Windows Workstation 4.0
or Windows XP Professional. In addition, all workstations are to be standardized to
Windows XP.
D: The rules for OU placement at lower levels of the domain are based more on user and
computer management than delegating administrative privileges.
QUESTION NO: 5
You are designing a DNS name resolution strategy to meet the business and
technical requirements.
Which action or actions should you perform? (Choose all that apply)
A. Create an Active Directory-integrated zone named cohovineyard.com on a domain
controller in Los Angeles.
B. Create an Active Directory-integrated zone named paris.cohovineyard.com on a
domain controller in Paris.
C. Create an Active Directory-integrated zone named sydney.cohovineyard.com on a
domain controller in Sydney.
D. On a domain controller in Los Angeles, delegate paris.cohovineyard.com to a domain
controller in Paris.
E. On a domain controller in Los Angeles, delegate sydney.cohovineyard.com to a
domain controller in Sydney.
Answer: A
Explanation:
We only have a single domain, and the Network Infrastructure section states: "A
domain-naming strategy must be identified that reduces administrative complexity and is
intuitive to other users." You can't get anymore simple than a Single Active Directory
Domain.
In this type of zone, the DNS database is stored within Active Directory. All DNS servers
in an Active Directory-integrated zone are considered primary servers because the DNS
information actually becomes part of the Active Directory database; any DNS server can
be updated and any of them can resolve client requests. Active Directory is responsible
for replicating zone information between DNS servers, often making replication quicker
and making it a part of Active Directory management instead of a separate management
practice
The Active Directory section states: "Centralized control over Active Directory must
be maintained by the network administrator in the Los Angeles office."
Therefore, B,C, D and E are incorrect.
QUESTION NO: 6
You are designing a plan for maintaining the WINS infrastructure on the new
Windows Server 2003 Active Directory environment.
Which factor or factors necessitate the need to maintain the WINS infrastructure?
(Choose all that apply)
A. Client operating systems in use.
B. Server operating systems in use.
C. VPN client access by using PPTP.
D. Installation of Active Directory client software.
Answer: A, B
Explanation:
Server1 will not be upgraded due to the mission critical application. Until the upgrade of
the client computers to Windows XP Pro takes place, there are still several that are
running pre-Windows 2000 operating systems.
As long as there are computers running versions of Windows older than Windows 2000,
there will be a need for WINS.
Incorrect Options:
C: Point-to-Point Tunneling Protocol (PPTP) is a data-link layer protocol used to provide
secured communications for virtual private network (VPN) connections.
D: In environments that include any combination of Windows 95, Windows 98,
Windows Me, and Windows NT 4.0, the Active Directory client software will need to be
installed on these systems in order to participate in an Active Directory domain.
QUESTION NO: 7
You are designing a DNS implementation strategy for the Paris office.
Which two actions should you perform? (Each correct answer presents part of the
solution. Choose two)
A. Create an Active Directory-integrated zone named cohovineyard.com.
B. Create an Active Directory-integrated zone named paris.cohovineyard.com.
C. Create a standard primary zone named paris.cohovineyard.com.
D. Configure all computers in Paris to use DC3 as their DNS server.
E. Configure all computers in Paris to use DC6 as their DNS server.
Answer: A, D
Explanation:
In the Network Infrastructure Section it states: "One domain controller in each of the
current offices will have the DNS service installed. DNS name resolution traffic must be
minimized over all WAN links". The local server for Paris is DC3, which is also a domain controller. Also, seeing as how DC3 is a local server, it would minimize traffic over its WAN link.
Incorrect Options:
B: paris.cohovineyard.com is not a valid domain name.
C: The master copy of the DNS database resides in a standard ASCII text file, in this
zone. Only this primary zone can be directly modified.
E: DC6 is located in Sydney, so this option would increase traffic on the WAN lines.
QUESTION NO: 8
You are designing a strategy for implementing Internet Authentication Service
(IAS) to meet the business and technical requirements.
What should you do?
A. Install IAS on VPN1, VPN2, and VPN3.
B. Install IAS, on VPN1.
Configure VPN2 and VPN3 as RADIUS clients.
C. Install IAS on VPN1.
Configure VPN1, VPN2, and VPN3 as RADIUS clients.
D. Install IAS on DC1.
Configure VPN2 and VPN3 as RADIUS clients.
Create all remote access policies on VPN1.
E. Install IAS on DC2.
Configure VPN2 and VPN3 as RADIUS clients.
Configure remote access logging on VPN1.
Answer: C
Explanation:
Internet Authentication Service (IAS) Server is Microsoft's implementation of Remote
Authentication Dial-In User Service (RADIUS). A RADIUS server is a server that
authenticates, authorizes, and performs accounting functions when a connection attempt
is made from a remote access client. It is also a network access server (NAS) that is
running IAS. A RADIUS client can be a dial-up server, VPN server, or a wireless access
point (AP). "C" is the most likely answer because it conforms to the above rule, except that the
policies have not been included.
Incorrect Options:
A: Only one IAS server is required.
B: All VPN servers have to be IAS clients.
D and E: Policies are created on the IAS server.
QUESTION NO: 9
You are designing a DNS infrastructure to meet the Internet name resolution
requirements.
What should you do?
A. Create a standard primary zone named "." on all DNS servers.
B. Create an Active Directory-integrated zone named "." on a DNS server on Los
Angeles.
C. Configure all DNS servers to use forwarders. Specify the IP address of the DNS server
at the local ISP.
D. Enable default root hints on all DNS servers.
E. Disable recursion on all DNS servers.
Answer: C
Explanation:
Since all clients will use their local DNS servers for name resolution, they will need to
have Forwarders enabled on the DNS servers for Internet Host Name resolution.
If your organization is connected to the Internet by means of a slow wide area link, you
can optimize name resolution performance by channeling all DNS queries through a
forwarder.
QUESTION NO: 10
You are designing the placement of the PDC emulator role to meet the business and
technical requirements.
In which location should you place the PDC emulator role? (Choose all that apply)
A. Los Angeles
B. Paris
C. Sydney
D. Lisbon
E. Barcelona
Answer: A
Explanation:
When upgrading Windows NT 4.0 and earlier domains, only one domain controller
running Windows Server 2003 can create security principals (users, groups, and
computer accounts). This single domain controller is configured as a PDC emulator
master. The PDC emulator master emulates a Windows NT 4.0 and earlier PDC.
Los Angeles has the most NT 4.0 users, so placing it there would minimize traffic over
the WAN lines.
Therefore, B, C, D and E are incorrect.
QUESTION NO: 11
You are designing the IP addressing scheme for the new Barcelona office.
Which network address or addresses are valid for your design? (Choose all that
apply)
A. 10.10.10.0/28
B. 10.10.255.0/24
C. 131.15.0.0/24
D. 151.10.10.0/24
E. 192.168.11.0/25
Answer: A, B, E
Explanation:
Private addresses are confined to specific ranges that can be used by any private network
but that cannot be seen on the public Internet. For example, a user connecting computers
in a home TCP/IP network does not need to assign a public IP address to each host. The
user instead can take advantage of the address ranges shown in the table to provide
addresses for hosts on the network.
Table of Private Address Ranges
Incorrect Options:
C and D: The case study says that the IT staff in the Lisbon office will manage users in
the Barcelona office because Barcelona will not have any servers installed. It also says
that a VPN server will provide NAT services, which enables a local-area network (LAN)
to use one set of Internet Protocol (IP) addresses for internal traffic and a second set of
addresses for external traffic.
0 comments:
Post a Comment