- Introduction
- Install and Configure Network Services for Interoperability
- Monitor, Configure, Troubleshoot, and Control Access to Printers
- Monitor, Configure, Troubleshoot, and Control Access to Files, Folders, and Shared Folders
- Monitor, Configure, Troubleshoot, and Control Access to Web Sites
- Practice Questions
- Need to Know More?
Practice Questions
Question 1
You are responsible for managing the operation of an IIS 5.0 server. You must meet the following performance requirements:
You must limit the performance impact of one Web site on the server.
You must limit the network usage of two Web sites.
You must track access to the Web sites.
You must ensure users are allowed only to access files on the local server.
The proposed solution is to access the Default Web site's Properties page Home Directory tab, and select Log Visits and Index this Resource. On the same tab, you deselect Directory browsing.
Which of the following does the proposed solution provide? (Choose all that apply.)
The proposed solution limits the performance impact of one Web site on the server.
The proposed solution limits the network usage of two Web sites.
The proposed solution tracks access to the Web sites.
The proposed solution limits user access to those only on the local server.
Answers C and D are correct. Choosing the Log Visits selection tracks user access to the Web site. Selecting Directory Browsing limits the users access to sites outside the local server because the users are not allowed outside the directory hosting the Web site. Additional configuration settings are required to limit Web sites performance impact and network usage. Therefore, answers A and B are incorrect.
Question 2
NWLink is Microsoft's implementation of which of the following protocols?
TCP/IP
NetBEUI
IPX/SPX
Ethernet
Answer C is correct. IPX/SPX is the standard protocol for NetWare versions prior to NetWare 5, and is still supported by NetWare. To provide connectivity to NetWare resources, Microsoft developed their own version of the protocol called NWLink. TCP/IP is an industry standard protocol supported by Windows 2000 and has no Microsoft version. NetBEUI is a legacy protocol for Microsoft networking and has no ties to NWLink. Ethernet is an industry standard network type, not a protocol. Therefore answers A, B, and D are incorrect.
Question 3
Your Windows 2000 Server is configured with both FAT32 and NTFS volumes. You must configure the server to provide the most secure access possible to all files on the server and meet the following security requirements:
You must limit local access to change or delete files and folder all groups except Administrators.
You must track all failed file and folder access attempts.
You must allow members of the Accounting group complete access to the files in the Accounting and Payroll folders on the NTFS volume.
You must not allow remote access to the Everyone group to the Security Management folder on the FAT volume.
The proposed solution is to change the Security Policy settings. In the User Rights Assignments policies, change Log On Locally to include only Administrators. In the Audit Policy settings, change Audit Directory Security Access to Failure. On the Permissions for the Security Management folder, remove the Everyone group.
Which of the following does the proposed solution provide? (Choose all that apply.)
The proposed solution limits local access to delete files and folders for all groups except Administrators.
The proposed solution tracks all failed file and folder access attempts.
The proposed solution allows members of the Accounting group complete access to the files in the Accounting and Payroll folders.
The proposed solution restricts remote access for Everyone to the Security Management folder.
Answers A and D are correct. Because the server includes FAT and NTFS volumes, the only method for ensuring security is to limit local access to the server. Explicitly denying the Everyone group access to the share will ensure they are not able to access the Security Management folder. The security policy settings for Audit Directory Security apply to Active Directory components, not necessarily file and folder access. The proposed solution does not address the Accounting ad Payroll folders. Therefore, answers B and C are incorrect.
Question 4
Which of the following will not trigger an FRS inter-site update?
Account lockout due to failed logon attempts.
Change to the domain controller user policies.
Change to the domain controller Local Security Authority.
Change to the relative identifier master role owner.
Answers B is correct. Inter-site updates are strictly scheduled to reduce network traffic. However, there are three triggers that will initiate an inter-site update: account lockout due to failed logon attempts, change to the domain controller LSA, and change in the owner of the RID master.
Question 5
You are configuring access for client computers to access NetWare resources on your network. The services offered by the NetWare servers are required nearly as often as Windows 2000 services. In this environment, what is the best method for allowing Windows clients access to NetWare resources?
Install GSNW on the Windows 2000 Server.
Install CSNW on the Windows 2000 Server.
Install GSNW on the Windows clients.
Install CSNW on the Windows clients.
Answer D is correct. Although the Gateway Services for NetWare are intended to provide client access to NetWare resources through the Windows 2000 Server Gateway, it is intended to be a limited-use solution. If the clients require frequent access to NetWare resources, installing the Client Services for NetWare on the client systems is a better option. Installing CSNW on the server would not provide access for the Windows clients on the network. There is no GSNW for client computers. Therefore, answers A, B, and C are incorrect.
Question 6
You receive a phone call from a user on the network who is having problems printing. They have sent a document to the printer and have yet to receive their hard copy. You have the user double-click on the printer definition on their system and they see a large backlog of jobs waiting from various users on the network waiting to print. The user notes that their job is sixth in the queue behind jobs from other users. You ask the user to select the first job in the queue, then select Cancel from the Document menu. Unfortunately, the user receives a message they do not have sufficient rights to cancel this print job. Which of the following printer permissions must be assigned to the user to allow them to cancel the pending print job?
Manage Documents
Manage Printer
Manage Server
Answer B is correct. The Manage Documents permission lets users manipulate their own print jobs, as well as other users' print jobs. Print allows users the ability to cancel their own jobs, but not other's print jobs; therefore, answer A is incorrect. Manage Printer allows the user to change the settings for the printer itself; therefore, answer C is incorrect. There is no printer permission setting called Manage Server; therefore, answer D is incorrect.
Question 7
The Corporate Policies and Procedures department has requested that shared folders be included on all Windows 2000 Servers to provide copies of the company's procedures to all employees. Policies pertaining to certain departments may be contained in individual folders on other servers. The proposed solution must meet the following requirements:
You must provide secure read-only access to the polices documents on the server.
You must ensure copies of the policies are available to all users at all times.
You must ensure departmental policies are accessible from the Policies folder.
Members of the Policies and Procedures department should have administrator access to the documents in the folders.
The proposed solution is to implement a Policies and Procedures folder on the NTFS volume of all servers. Members of the Policies and Procedures group are assigned Full Control NTFS permissions to the folders. Use Dfs to provide links from the Policies and Procedures folder to departmental policies folders on other servers.
Which of the following does the proposed solution provide? (Choose all that apply.)
The proposed solution provides secure read-only access to the policies documents on the server.
The proposed solution ensures copies of the policies are available to all users at all times.
The proposed solution ensures departmental policies can be accessed from within the Policies folder.
The proposed solution gives members of the Policies and Procedures group administrator access to the documents in the folders.
Answers C and D are correct. Utilizing Dfs to link departmental folders to the Policies folder ensures that they can easily be accessed from within the Policies folder. Setting NTFS Full Control for the Policies and Procedures group gives them administrative control over the files in the folders. Permissions for other groups are not specified in the solution and there is no provision for synchronizing files on different servers. Therefore, answers A and B are incorrect.
Question 8
You are establishing an intranet site for employee access to files and important company information. All client computers are running Windows 98 or Windows 2000 Professional. The proposed solution must meet the following security requirements:
You must use an authentication method that is supported by all clients.
You must use an encrypted authentication method.
You must ensure all requested are authenticated.
You must choose an authentication protocol that is part of the HTTP specification.
The proposed solution is to configure the Web site to allow anonymous access and also use Integrated Windows authentication.
Which of the following does the proposed solution provide? (Choose all that apply.)
The proposed solution uses an authentication method supported by all clients.
The proposed solution uses an encrypted authentication method.
The proposed solution ensures all requests are authenticated.
The proposed solution uses a protocol that is part of the HTTP specification.
Answers A and B are correct. Integrated Windows authentication is an encrypted authentication method supported by both Windows 98 and Windows 2000 Professional computers. The proposed solution does not require authentication because it allows anonymous access. Integrated Windows authentication is not part of the HTTP spec. Therefore, answers C and D are incorrect.
Question 9
You would like to limit the number of share names network users must remember to access their files each day. There are a wide variety of shared resources on multiple systems on the network, including Windows 2000 Professional systems, Windows 2000 Server systems configured as member servers, and standalone Windows 2000 Servers. Which of the following can be used to provide simplified access for users?
Create a WebDAV folder to the root of the primary Windows 2000 Server.
Create a domain Dfs root on the PDC and add links to the shared resources on then network.
Create an FRS process to synchronize files across all servers on the network.
Create a domain Dfs root on a standalone server and add links to the shared resources on the network.
Answer B is correct. A domain Dfs root with links to the shared network resources will bring all shares into a single location to simplify access for users. A WebDAV folder is used to access shared resources from a Web browser, but does not bring all shares together. Using FRS to synchronize files on all servers will not simplify access to network resources. A domain Dfs root cannot be created on a standalone server. Therefore, answers A, C, and D are incorrect.
Question 10
Which of the following services do not require an NTFS volume for operation? (Choose all that apply.)
WebDAV folders
File Services for Macintosh
Domain-based Dfs
IIS 5.0 Web sites
Print Services for Unix
Answers A, D, and E are correct. File Services for Macintosh and Domain-based Dfs both require NTFS to operate. The other features listed can operate on either FAT or NTFS volumes. Therefore, answers B and C are incorrect.