Exam 70-297 preparation questions

Exam 70-297 study material

Made available by Testkingprep.com

Free 70-297 Exam Preparation Questions

Exam 70-297: Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure

For Latest 70-297 Exam Questions and study guides- visit- http://www.testkingprep.com/70-297.html

http://www.testkingprep.com/70-297.html



Case Study # 15

Overview Hax Importer is an import corporation which was set up six years ago by merging two smaller America importers. The business of this company is importing speciality products from other countries. One importer had office in the West Cost, while the other one had offices on the East Cost. The company institutes a 24-hour working day and 7-day workweek system. This is for keeping communications with its worldwide suppliers and customers.

Physical Locations The head office of the company resides in Boston which also serves as the East Coast regional office. There are two branch offices in the East Coast region. The two branch offices are located in Quebec and Ottawa. The office of the West Coast region resides in Los Angeles. There are two branch offices in the West Coast region. The two branch offices are respectively located in Vancouver and Portland. Even though both the Boston and Los Angeles offices make business and IT decisions, the CEO and the IT manager work from the Los Angeles office.

Planned Changes In order to enable better control over administration and to cut down long- term IT expense, the company intends to have a Windows Server 2003 Active Directory environment deployed. There are five main departments in the company: Accounting, Administration Distribution, Marketing, Sales departments. There is experienced IT staff in the Boston and Los Angeles offices. All offices have been assigned some IT staff to offer day-to-day troubleshooting and user support. The following are the IT responsibilities:1 IT staff in all offices are responsible for providing day-to-day troubleshooting and network maintenance, supporting end users, creating and maintaining user and computer accounts for the respective office. 2 IT manager in the Boston office is responsible for monitoring all IT operations, approving all IT expense and budgets, implementing company-wide high-level IT changes, for example, the installation of Active Directory-aware applications. In addition, IT manager manages day-today operations of the East Coast offices, and are in charge of the installation and configuration of domain controllers for East Coast offices. 3 Network administrators in the Los Angeles office are in charge of day-to-day operations of the East Coast offices. Besides this, they manage the installation and configuration of domain controllers for the West Coast offices.

Directory Services At present, there are six Windows NT 4.0 domains configured in a multimaster domain model in your company. This is shown in the Existing Domain Model exhibit. The company maintains user accounts for users in the East Coast region in the Boston master domain. While maintaining user accounts for users in the West Coast region in the Los Angeles master domain. Computer accounts are maintained in the domain that associated with the respective office. Data can be accessed among all offices. But most data access requirements are on the basis of region. Users in the West Coast region often need to access data on servers in the West Coast region. Users in the East Coast region often need to access data on servers in the East Coast region.

Network infrastructure The Existing Network Infrastructure exhibit shows the configuration of the existing network Infrastructure. Your company has installed Windows NT Workstation 4.0 on all client computers with the latest service pack installed. As soon as the migration to Active Directory is finished, the company will upgrade these computers to Windows XP Professional. At present, for all network hosts, public addresses are used by all offices. Even though the company has made a plan to have the IP addressing scheme to private addresses only, this change will be made as a separate planning process that will not be performed in the short term. The company has assigned the following five network addresses to the Boston office at


present: 131.107.10.0/24 131.107.11.0/24 131.107.12.0/24 131.107.13.0/24 131.107.14.0/24 There is no other network addresses for the Boston office. There is a server named DHCP01 in your company. All DHCP services are provided for the Boston office by DHCP01. The Boston LAN Infrastructure exhibit shows the configuration of the existing Boston LAN Infrastructure.

Problem Statements The company must consider the following three business problems: 1 As for delegate administrative tasks, the company intends to maintain more strictly control over resources and a more granular environment. 2 Subordinate IT staff has removed the IT manager from the Administrators group in all domains mistakenly, but the Boston domain is an exception. Therefore, it is necessary to restrict the responsibility scope of subordinate IT staff. 3 Since the company runs the 24-hour workday system, the existing environment must be affected as little as possible by any technology deployments.

Chief Executive Officer I??d like Hax Importer to get a consolidated network environment to help cut down long-term costs and to provide efficiency in our business operations. I cannot tolerate network outages, and downtime should be reduced at all cost. The company has distributed funds to make sure that the regular business operations will not be affected by the migration.

IT manager IT staff has got more administrative power than necessary to exercise their responsibilities. But this is necessary in the existing domain environment, since it is quite difficulty to manage and control the existing domain environment. More strict control over domain administration should be allowed by envisioned domain model. I will be in charge of the IT budget and all major IT decisions. And the network should be completely under my control. For East Coast offices, I will perform day-to-day domain management tasks. In the new environment, the number of domain should be limited to streamline network administration. The network administrator in the Los Angeles office will have no administrative authority over the East Coast offices. But the West Coast offices will be in the charge of that administrator. This contains high-level domain administrative tasks, for example, installing domain controllers. In every office, day-to-day administration and technical support will be offered by IT staff. Adding user accounts and computers accounts to the network, resetting lost passwords and the installation of client computers are also included.

Office Worker The internal network can not be accessed from outside of the company's offices by us. If some type of remote access was provided in the future, productivity will be increased.

Business Drivers The company must consider the following four business requirements. 1 A registered name for Hax Importer is haximporter.com. 2 A third-party vendor maintains a Web ordering system for the company. External customers and business partners are able to access resources through the Web ordering system. The company intends to keep a clear distinction between internal and external resources. 3 For the purpose of simple and easy use, a domain naming strategy must be worked out. The strategy must indicates the resources and users that are contained within the domain. 4 Whether users use their user principal name(UPN) or their pre-Windows 2000 user logon name to log on to the network, the naming strategy must be intuitive.

Organizational Goals The company must consider the following four Organizational goals: 1 The company must implement password policies which needs all users to have a complex password with at least 10 characters. In addition, when the user has failed to log on since they use the


wrong password, accounts should be locked out. These accounts will be unlocked by the appropriate IT staff. 2 The company needs an incremental migration to Active Directory. In the process of the migration, users should be allowed to get access to all required resources. Regular business operations should not be affected by the migration. 3 Domains should only be implemented to meet the new IT administration structure of the company. No other domains should be implemented. 4 After the migration is complete, all current Windows NT 4.0 domains will not be used.

Security The company must consider the following six security requirements: 1 Some configuration should be made to have the IT manager a member of the Administrators groups of all computers in the forest. This configuration must be consistently enforced. Only the IT manager has the authority of undoing this configuration. 2 Only authorized users can be offered with VPN access. The internal network resources should not be accessed by unauthenticated users from outside the offices of the company. 3 There is at least one domain controller in each office. Two domain controllers will be assigned to any office if it has more than 180 users. 4 The company must set replication intervals for Active Directory to ensure consistent and up-to-date domain information. By doing this, domain controllers receive the changes made to the domain database in the same domain with a delay that does not exceed 5 hours. In order to provide an efficient replication infrastructure, the replication intervals should be set to closely match this requirement while not exceeding it. 5 The company should install an application on all domain controllers. This application will help in domain administration and account management. Any user directly logging on to a domain controller must have the same environment and applications available. This is for offering a consistent environment for the IT staff. 6 Any WAN link that has less than 256 kbps of available bandwidth is not allowed to have global catalog information replicated over that link. Any office that does not contain a global catalog server must be able to authenticate users if a WAN link fails.

Network Infrastructure The company must consider the following eight infrastructure requirements: 1 A fault-tolerant DHCP solution will be implemented by the Boston office. At present the Boston office is provided with all DHCP services by DHCP01. 2 In the Boston office, the company will implement a new server which is named DHCP02. 3 When a single DHCP server failure occurs or is removed from the network, the other DHCP server must be able to service all DHCP clients. Both DHCP servers will have Windows Server 2003 installed. 4 The IP addresses will be received by only client computers through DHCP. Static IP addresses are configured to all servers and other network devices. 5 The company must configure all domain controllers as DNS servers. Records contained by DNS servers should only be for their domain. 6 In each office, a Windows Server 2003 computer must be configured with a single modem, and dial-up access will only be provided to the Domain Admins group and the Enterprise Admins group. When dialing in to these servers, smart cards will be required to be authenticated. 7 Once the company complete the migration, users will also be probided with VPN access to the network by the Windows Server 2003 computer that currently provides users with Internet access by using the network address translation(NAT). With this VPN acess, users will be able to access domain resources, such as e-mail, shared files, internal Web servers, and other resources. 8 About 50 kbps of bandwidth will be consumed by each VPN connection on the basis of current user trends.


Case Study # 16

Overview SunBright is a large supplier that provides electrical services for Individuals and corporations throughout Europe. The electricity of SunBright is purchased from large power-producing companies, small wind-energy providers, for example, local farmers and ranchers.

Physical Locations The company has a head office and three branch offices. The four offices are respectively in Den Haag, Bremen, Mons, and Marseille. There are about 850 users in the head office. And there are two or more satellite offices in the region of each branch office. The table below shows the number of users and satellite offices.

Planned Changes During the past year, the company has developed with the fastest speed, and it will keep on its prosperous. In order to maintain communications with its customers, the company has realized that it is essential to institutes a 24-hour working day and 7-day workweek system. Therefore, the company wants to implement a Windows Server 2003 environment to meet these demands.

Business Processes The Organizational Structure exhibit below shows the organization structure of the company. The above four offices have its own IT staff. No IT staff is at the satellite offices. Most of the IT staff is at the Den Haag office. The IT staff at the branch offices support their respective satellite offices. The branch offices and satellite offices offer regional customer support. There is a mission-critical application named App01 for your company. App01 is used by your company for monitoring the power network and detecting any power failures. Once App01 detects failure, detailed information about the power failure is sent to the field technician who is closest to the failure site. App01 is available to all users within the company. App01 uses a shared user account to log on to the App01 database which deals with security within the database.


Directory Services At the head office and the branch offices, App01 runs on UNIX servers. Each UNIX server has its own security accounts database. For all servers in corresponding office, a Standard user account and password are used by each office. In each office, network administrators know the user account and password combination. Network administrators in each office work independently, but the head office is in charge of making company- wide decisions. At present, Windows domain structure is not used by the company.

Network Infrastructure Windows XP Professional has been installed on all client computers. A switched 100-Mbps Ethernet network is used by each office. The company connects the branch offices and most of the satellite offices by using its own private leased lines. Some satellite offices use ISDN lines to connect to the nearest branch office. Since the telephone expense of these satellite offices is very high, the company wants to reduce network traffic through the ISDN lines to cut down the costs. VPN connections over the Internet are used as a backup for connecting the different offices.

Problem Statements The company must consider the following two business problems: 1 According to the indication of a service item, power failures must be solved within one day. But the company cannot fulfill this on time, hence it cannot be assured. In the past year, the company did not solve 40 power failures on time. Since the company could not find out the location of the problem occurred, the resolution of the failure was delayed. 2 According to the indication of another service item, in order to make sure enough bandwidth for App01, the IT department must assure available bandwidth of 28 Kbps. The company is not

sure how long it can continue to guarantee this requirement since the available bandwidth decreases every month at present. The Available Bandwidth exhibit below shows the available bandwidth. Since the data is not centrally managed and the security settings are inappropriate, some problems in the confidentiality of customer information occur

Chief Executive Officer In order to provide customers of SunBright with the most reliable service possible, we want to perform the upgrade of App01 to a new application named App02. During this process, power failures are inevitable, but if we quickly detect the problem and identify the source, we can restore power more quickly.

Chief Information Officer Data from App01 is now saved in different locations. What I care about is that who has access to the data and how to reconstruct the data if experiencing a disaster.

Network Administrator At present we perform our own administration task at each office. All network administrators will work together to replace App01 with App02. Since NewApp will be centralized, we are worrying about the availability of our monitoring infrastructure will be affected by a failure at the Den Haag office. To us, the most important thing is the ability of monitoring the state of the power network. As soon as a failure occurs in the power network, it must be detected immediately.

Customer Service Representative Sometimes customers call us, reporting a power failure two or three times for the same failure. Therefore, we have to ask the customer for the same information about the power failure. I wan0074to be able to view the content of the first time that the customer reported and avoid the repeated inquiry.

Business Drivers The company must consider the following business requirements:


1 A common namespace: cpandl.com must be shared by all offices when the company changes its infrastructure. 2 The company must improve the availability of the monitoring infrastructure and customer support, 3 The company will use App02 to take the place of App01.

App02 is a multitier application a shown in the following NewApp Architecture exhibit. 1 The company wants that detailed information about power failures must be received by customers through the telephone. Customer service representatives need detailed real-time information about the power failures, so they can inform customers about how long power failures will last. 2 Each branch office must be able to maintain account policies whichmeet its unique national legal requirements.

Organizational Goals The company must consider the following three organizational requirements 1 It is expected that the number of customers will increase by 45% in the following two years. 2 If justified, upgrades of bandwidth can be permitted, although they are discouraged. 3 Although the company has no intention of setting up more offices in the near future, future company growth must be allowed by the new environment.

Security The company must consider the following security requirements. 1 Security of App02 must be Active Directory integrated. 2 Only network administrators will administer DNS servers from the Amsterdam office. 3 For App02, Network administrators must have Full Control permissions. 4 Information about customers and power failures must be available to internal users. Only public information can be accessed by customers. 5 Other locations must not be affected by a complete power failure in one location. 6 Network administrators should only be allowed to use smart card authentication to access App02 database servers. But network administrators must be able to log on to users' computers to solve problems without using a smart card. 7 Computers that have smart card readers installed must automatically get the App02 management tools installed.

Customer Requirements The company must consider the following customer requirements: 1 App02 must be able to be accessed 24 hours a day, seven days a week. 2 Client applications that connect directly to App02 must use the NetBIOS name of App02. 3 The amount of electricity they have delivered must be able to be viewed by Wind-energy suppliers. These suppliers should be able to use the Internet to connect to App02. 4 The branch offices need to use their local resources as much as possible to reduce WAN traffic.

Active Directory The company must consider the following three Active Directory requirements: 1 SunBright must achieve better control of resources. 2 The company must reduce Replication latency between sites to the least. 3 The company must guarantee that data can be recovered if a disaster occurs.

Network Infrastructure The company must consider the following three infrastructure requirements 1 In order to improve customer service, information from App01 databases in all locations must be consolidated in the App02 database. 2 The number of services at the satellite offices must be kept to the fewest. 3 A valid IP address must always be obtained by client computers, even when a DHCP server is


not available for 24 hours. 4 Field technicians must be able use a remote connection to connect directly to the App02 database from their Laptops. When they have to make a remote connection, they will connect to then earest branch office.

Users The company must consider the following two user requirements 1 All users must have their desktop computers automatically deployed with Microsoft Office and App02. Network administrators at the branch offices must be able to decide which components of Office get installed at their locations. 2 Each user's manager will be responsible for resetting user passwords. All customer service representatives need to have the ability of resetting the passwords of the wind-energy providers.


Case Study# 16(Questions)

Question: 1 According to the company requirement, you are designing the top-level organizational unit (OU) structure for the company. What should you do? (Choose more than one)

A. After an OU named NorthAmerica is created, all user accounts should be placed in the NorthAmerica OU.

B. After an OU named Servers is created, all server computer accounts should be placed in the Servers OU.

C. After an OU named Sales is created, all sales user accounts should be placed in the Sales OU. D. After an OU named Montreal is created, all Montreal user accounts should be placed in the

Montreal OU. E. After an OU named East is created, all user accounts from the East Coast offices should be placed

in the East OU.

Answer: D

Question: 2 According to the company requirement, you are designing the DNS topology to meet the business and technical requirements. Which DNS structure should be used?

A. Two primary zones should be used. B. One primary zone should be used. C. One Active Directory-integrated zone should be used. The zone has set the replication scope to all

domain controllers in the domain D. One Active Directory-integrated zone should be used. The zone has set the replication scope to all

DNS servers in the forest E. Two Active Directory-integrated zones should be used. The two zones have set the replication scopes

to all DNS servers in the forest F. Two Active Directory-integrated zones should be used. The two zones have set the replication scopes

to all domain controllers in the domain

Answer: E

Question: 3 In order to make users be able to remotely access internal resources, you are designing a strategy. Of the following services, which should be allowed on the public interface of the NAT server? (Choose more than one)

A. VPN gateway should be allowed. B. HTTP should be allowed. C. SMTP should be allowed. D. LDAP should be allowed. E. POP3 should be allowed.


Answer: D

Question: 4 In order to migrate domain user accounts to the new Windows Server 2003 Active Directory environment, you are designing a strategy. You need to create trust relationships manually to perform this operation. Now you have to identify the minimum number of trust relationships needed. Which design should be used? A. one two-way cross-forest trust relationship B. one external trust relationship C. two external trust relationships D. six external trust relationships E. twelve external trust relationships

Answer: B

Question: 5 According to the company requirement, you are designing the Active Directory replication topology. The diagram below shows the site links in the work area. Each site link includes only the two sites it is shown between. The replication intervals need to be configured for the site links. So what action should you perform? To answer, drag the appropriate replication interval or intervals to the correct location or locations in the work area.

Answer: Question: 6


According to the company requirement, you are designing the Active Directory site topology to meet the business and technical requirements. Of the following sites, which one will require universal group membership caching? (Choose all that apply.)

A. Ottawa B. Quebec C. Boston D. Portland E. Vancouver F. Los Angeles

Answer: B, D, E

Question: 7 For the proposed Active Directory environment, you are asked to design a DNS naming strategy. Of the following domain names, which should be used? (Choose more than one)

A. east.wideworldimporters.com B. west.wideworldimporters.com C. wideworldimporters.com D. newyork.wideworldimporters.com E. seattle.wideworldimporters.com F. sanfrancisco.wideworldimporters.com Answer: A, B


Question: 8 According to the company requirement, you are designing the NetBIOS domain naming strategy for the company. Of the following NetBIOS domain names, which should be used? (Choose all that apply.)

A. Hax Importer B. quebec C. east D. west E. boston F. northamerica

Answer: C, D

Question: 9 For dial-up remote access, you are asked to design the security to meet the business and technical requirements. Of the following mechanisms, which should be used? (Choose more than one.)

A. MPPE 56-bit encryption should be used. B. EAP-TLS authentication should be used. C. MS-CHAP v2 authentication should be used. D. a stand-alone certificate server should be used. E. an enterprise certificate server should be used.

Answer: B, E

Question: 10 According to the company requirement, you are asked to place global catalog servers in the appropriate sites. What action should you perform? To answer, drag the global catalog server to the correct site or sites in the work area.


Answer:


Question: 11 According to the company requirement, you are asked to evaluate whether the currently available network bandwidth is adequate to run NewApp. To accomplish this task, what action should be performed? (Choose more than one)

A. For App02, a test environment should be established to analyze how much bandwidth is required for App02.

B. Information about App02 should be collected by using a debug version of App02. C. Data about the saturation of each WAN link should be collected by using Performance Monitor. D. You should analyze the data that is transmitted over the network for App01 by using Network

Monitor. E. SNMP should be installed on all computers that are connected to App01 to obtain information about

App01.

Answer: A, C, D

Question: 12 According to the company requirement, you are designing a VPN strategy to meet the business and technical requirements. On the basis of the current infrastructure, how many VPN connections can be supported at most?


A. 70 VPN connections can be supported at most. B. 25 VPN connections can be supported at most. C. 35 VPN connections can be supported at most. D. 256 VPN connections can be supported at most. E. 128 VPN connections can be supported at most.

Answer: C

Question: 13 In order to meet the service-level agreement requirements, you are asked to make sure that there is enough bandwidth available. Which action should be performed? (Choose more than one)

A. Network usage characteristics should be analyzed for App02. For the WAN lines, an upgrade plan should be created on the basis of these results.

B. All WAN lines should be upgraded in six months. C. Before implementing App02, all WAN lines should be upgraded. D. The cause of a peak should be analyzed in network usage in February.

Answer: A, D

Question: 14 According to the company requirement, you are asked to make sure the network administrators are able to administer the App02 database servers. In order to accomplish this task, which action should be performed? (Choose more than one.)

A. You should force all users who have to log on to the App02 servers to use smart cards by using the account properties.

B. For all users who log on to any of the App02 servers, an organizational unit (OU) should be created.

C. For the App02 users, an organizational unit (OU) named App02 Users should be created. D. For the App02 servers, an organizational unit (OU) named App02 Servers should be created. E. For the App02 Users OU, a Group Policy object (GPO) should be created to enforce the use of IPSec. F. For all App02 servers, a global group should be created. Then this group should be added to the

App02 Servers OU. G. For the App02, a Group Policy object (GPO) Servers OU should be created to enforce the use of

smart cards.

Answer: A, C

Question: 15 Since the company plans to perform the migration of the UNIX user accounts to Active Directory, you are assigned a task to design a strategy. Which action should be performed? (Choose more than one.)

A. All user accounts should be imported only from the UNIX servers to a text file. B. The user accounts should be imported as inetOrgPerson objects. C. You should use the Ldifde command-line tool to have the user accounts imported into Active

Directory. D. After random passwords are assigned to each user object, the passwords should be securely

distributed to the users. E. Users should be asked to use the same user name and password as they used on the UNIX

servers. F. The same strong password is created for each user object, users should be required to change their

passwords at first logon. G. After all user accounts and their passwords are exported from the UNIX servers to a text file, this file


should be encrypted to achieve extra security.

Answer: A, B, D

Question: 16 You are designing a site topology to meet the business and technical requirements. What should you do?

A. The Knowledge Consistency Checker (KCC) should be disabled and site replication should be manually configured.

B. The replication interval between sites should be increased. C. SMTP should be used as the transport protocol for replication. D. In order to represent the physical topology, site links should be created.

Answer: D

Question: 17 For all computers in all offices, you are asked to design a NetBIOS name resolution strategy. What action should you perform to accomplish your task? To answer, drag the appropriate name resolution component or components to the correct location or locations in the work area.

Answer: Question: 18


For the satellite offices that use ISDN lines to connect to the branch offices, you are asked to have the DNS name resolution optimized. What action should be performed?

A. At these satellite offices, a DNS server should be placed with secondary zones of all domains. B. At these satellite offices, caching-only DNS servers should be used. C. For all client computers, a Hosts file should be configured at these satellite offices. D. At these satellite offices, a DNS server should be configured to use WINS forward lookup.

Answer: B

Question: 19 According to the company requirement, you are designing the new forest structure and migration strategy to meet the business and technical requirements. What action should you perform?

A. Upgrade the Portland domain. B. Upgrade the Orlando domain. C. Use ADMT to migrate accounts from the Portland domain to the Orlando domain. D. Restructure the Portland domain. E. Restructure the Orlando domain.

Answer: B, C, E

Question: 20 According to the company requirement, you are designing the Active Directory infrastructure to meet the business and technical requirements. After you run ADSizer, you find that it provides a solution. The solution contains only one domain controller for Den Haag. What action should be performed?


A. The users among sites should be distributed in ADSizer and the number of domain controllers should be recalculated.

B. In Den Haag, at least two domain controllers should be placed. C. The domain controller should be configured as a bridgehead server. D. The domain controller should be configured as a global catalog server.

Answer: B

Question: 21 According to the company requirement, you are designing a DHCP solution to meet the business and technical requirements. What action should you perform to accomplish your task?

A. Increase the default lease time on all DHCP servers. B. Split all address ranges across multiple DHCP servers. C. Configure duplicate scopes on at least two DHCP servers. D. Force client computers to obtain an IP address from Automatic Private IP Addressing (APIPA).

Answer: B Case Study #17

Overview Paul's Orchard is an import corporation which was set up six years ago. The business of this company is importing fine wines from other countries all over the world. It also plays the role of Distributor.

Physical Locations The company has a head office and two branch offices. The three offices are respectively located in is located in San Francisco, London, Melbourne. Since the company develops rapidly, it has planed to set up two new branch offices in Porto and Madrid in the following year

Planned Changes The company intends to implement a Windows Server 2003 Active Directory environment to cut down costs and streamline business processes.

Business Processes There are seven departments in Paul's Orchard. The seven departments contain the Sales, Purchasing, Marketing, Distribution, Accounting, HR and IT departments. All internal servers and resources are maintained by the IT department. At present the e-mail infrastructure is outsourced to an ISP in San Francisco. In the San Francisco office, a mission-critical application is hosted on a Windows NT Server 4.0 computer which is named S01. Users can access this application from all departments and offices in the company. At present, this application is not supported to run on other operating system except Windows NT Server 4.0.

Directory Services There are three Windows NT 4.0 domains configured in a single master domain model. Look at the Existing Domain Model exhibit. The company maintains all user accounts in the Paul's Orchard domain. Client computeraccounts are managed locally in each regional domain. Regional network administrator in Melbourne, London and San Francisco are responsible for managing and maintains user and computer accounts for their corresponding offices. In the San Francisco office, the CIO are in charge of monitor all IT operation for all offices; theNetwork Administrator manages all aspects of the network for all offices; help desk staff is responsible for supporting all users in all offices and performing tasks such as resetting user account passwords. The Existing Network Infrastructure exhibit below shows the current network infrastructure. At present, all offices connect to the Internet directly through Windows 2000 Server computers. These servers perform network address translation (NAT). A PPTP tunnel between all offices is provided by these servers.The table below shows the existing server hardware.


Client Computers and Users The table below shows the existing user population for each office and department. The table below shows the current operating systems that are installed on the client computers.

Problem Statements The company must consider the following business problems: 1 Your company has added all IT staff to the Administrators group of the Paul's Orchard domain because of security limitations of Windows NT Server 4.0. Their administrative rights should be limited only to their specific areas of responsibility. 2 It is difficult to maintain the current environment because lacking control over IT procedures and processes.

Chief Executive Officer The existing IT infrastructure at Paul's Orchard has adverse effects on business operations. In order to accommodate the anticipated growth, IT operations need to be streamlined.

Chief Information Officer The company needs to reorganize the current IT environment needs. Corporate standards need to be implemented. At present unauthorized and unlicensed software are installed by users. These installations need to be implemented. Although administrative roles have been clearly defined, they are not enforced. Therefore, the company has to enforce the rules. The company has already distributed the IT budget for the next year. The company won't purchase any new server hardware for the existing offices. And the company has budgeted new server hardware for the new offices. E-mail services will be implemented by using Microsoft Exchange Server 2003 after completing deploying Active Directory. The internal IT staff will be in charge of maintaining the Exchange Server 2003 infrastructure. In addition, we want to provide VPN access to the network for all users.

Network Administrator It is necessary to provide all users and computers with standardized settings. The existing IT administration practices need to be reevaluated, and the company needs to enforce new practices that are more effective.

Office Worker It is uneasy to use the current environment. Since information is scattered on the network, makingit difficult to find. The division of labour is vague that it is not clear who should be responsible for solving network and computer problems. Most users manage their own computers due to this chaos. We would like that when we work remotely, we are able to connect to the network.

Business Drivers The company must consider the following four business requirements: 1 Paul's Orchard.com is the existing namespace that is used for the externally hosted e-mail infrastructure. When e-mail services are implemented internally, this namespace will be used. 2 If a single domain controller fails, fault tolerance must be provided by the new environment. 3 Each location is offered with extremely reliable service by the ISP. The company is not planning to provide for redundant links. The current level of network outages that are caused by WAN link failures is allowed. 4 For all server computers wherever possible, Windows Server 2003 will become the corporate standard to improve network support. Client computers will be standardized over the next tw years to run Windows XP Professional.

Organizational Goals The company must consider the following organizational requirements: 1 Branch offices in Porto and Madrid will be implemented in the next year. It is expected that the Porto branch office will have 65 users and client computers. The Madrid branch office will have less


than10 users and client computers. 2 Since the Madrid branch office has a small size, it will have no IT staff and no servers. The Porto IT staff will be in charge of managing users and computers for both the Porto and Madrid branch offices. 3 The company has purchased two servers for the Porto branch office. One will be specified as a domain controller. The other server will be a VPN server and will also provide NAT services.

Security The company must consider the following five security requirements: 1 The control of Regional network administrators over the Active Directory service must be limited. They will be in charge of managing user and computer accounts for their regions. In addition, they will manage local servers. 2 All domain controllers, configure sites will be under the management of the network administrator in the San Francisco office, other high-level administrative tasks will be performed by them. 3 Users will have limited access to their computers. Only certain desktop settings will be allowed to be modified by them, and unauthorized applications will not be allowed to be installed by them. 4 At present, some users have blank passwords. Password security standards must be implemented. 5 For tracking all unauthorized logon attempts to the domain, security auditing must be implemented. Auditing must not be enabled on any client computers.

Active Directory The company must consider the following three Active Directory requirements 1 The network administrator in the San Francisco office must be in charge of maintaining centralized control over Active Directory. The help desk staff and the regional network administrators will be granted the limited access to Active Directory. 2 It is estimated that bandwidth usage will increase incrementally, though bandwidth is not an issue at present. In order to meet the demands of this projected growth, WAN traffic should be reduced to the least in the design. 3 Departments within Paul's Orchard have their own unique needs, including specialized departmental applications.

Network Infrastructure The company must consider the following infrastructure requirements: 1 The Remote access security and restrictions for all offices must be implemented and managed centrally by the network administrator in the San Francisco office. Only one set of remote access policies must exist for the company. 2 The company must choose a domain-naming strategy. This strategy must reduce administrative complexity and is intuitive to the users. 3 In each of the current offices, the DNS service installed will be installed on one domain controller. The company must reduce DNS name resolution traffic over all WAN links to the least.


Case Study # 17(Questions) Question: 1 As part of your design, you are considering whether to have all domains upgraded to Windows Server 2003. On the basis of the current configurations, which server prevents you from achieving the goal? (Choose more than one.)

A. S01 prevents you from achieving the goal. B. DC02 prevents you from achieving the goal. C. DC03 prevents you from achieving the goal. D. DC04 prevents you from achieving the goal.


E. DC05 prevents you from achieving the goal. F. DC06 prevents you from achieving the goal.

Answer: E, F

Question: 2 According to the company requirement, you are asked to design the Windows Server 2003 Active Directory forest structure to meet the business and technical requirements. Of the following forest structures, which one should be used?

A. three Active Directory forests with one domain in each forest B. one Active Directory forest with one domain C. one Active Directory forest with three domains D. one Active Directory forest with four domains E. two Active Directory forests with one domain in each forest

Answer: B

Question: 3 According to the company requirement, you are asked to design the top-level organizational unit (OU) structure to meet the business and technical requirements. Your design must meet the demands of expected growth of the company. Which top-level OU structure should be used?

A. Sales OU, Purchasing OU, Marketing OU, Accounting OU, Distribution OU, HR OU B. Paul's Orchard Users OU, Paul's Orchard Computers OU, Paul's Orchard Servers OU, Paul's

Orchard Applications OU C. London OU, Melbourne OU, San Francisco OU, Porto-Madrid OU D. IT Administration OU, All Paul's Orchard Departments OU, All Paul's Orchard Offices OU

Answer: C

Question: 4 In order to apply the security policy settings to meet the business and technical requirements, you are designing a plan. Where should you implement the auditing and password policy settings? To answer, drag the appropriate policy setting or settings to the correct location or locations in the work area.


Answer:


Question: 5 As part of your design, you are considering whether a second-level organizational unit (OU) structure is needed. Your company CIO tells you that it is needed. Of the following factors, which one make a second-level OU structure necessary?

A. delegation of administrative authority B. audit policy settings C. software deployment needs D. client operating systems in use

Answer: C

Question: 6 According to the company requirement, you are asked to design a DNS name resolution strategy to meet the business and technical requirements. What should you do? (Choose more than one.)

A. On a domain controller in San Francisco, london.paul's orchard.com should be delegated to a domain controller in London.

B. On a domain controller in San Francisc, an Active Directory-integrated zone named paul's orchard.com should be created.

C. On a domain controller in London, an Active Directory-integrated zone named London. paul's orchard.com should be created.

D. On a domain controller in Los Angeles, melbourne.paul's orchard.com should be delegated to a


domain controller in Melbourne. E. On a domain controller in Melbourne, an Active Directory-integrated zone named

melbourne.paul's orchard.com should be created.

Answer: B

Question: 7 According to the company requirement, you have to maintain the WINS infrastructure in the new Windows Server 2003 Active Directory environment. Therefore, you have to design a plan for it. Of the following factors, which makes maintenance of the WINS infrastructure necessary? (Choose more than one)

A. VPN client access by using PPTP B. client operating systems in use C. server operating systems in use D. installation of Active Directory client software

Answer: B, C

Question: 8 According to the company requirement, you are designing a DNS strategy to meet the business and technical requirements. What should you do? (Choose more than one.)

A. For each domain, a dynamic forward lookup zone should be created. B. For each subnet, a dynamic reverse lookup zone should be created. C. For each DNS server, the BIND secondaries option should be enabled. D. In the branch offices, caching-only DNS servers should be installed.

Answer: A, B

Question: 9 According to the company requirement, for the London office, you are asked to design a DNS implementation strategy. Which should you to accomplish your task? (Choose more than one.)

A. A standard primary zone named london. paul's orchard.com should be created. B. All computers in London should be configured to use DC03 as their DNS server. C. All computers in London should be configured to use DC06 as their DNS server. D. An Active Directory-integrated zone named paul's orchard.com should be created. E. An Active Directory-integrated zone named london.paul's orchard.com should be created.

Answer: B, D

Question: 10 According to the company requirement, Internet Authentication Service (IAS) should be implemented to meet the business and technical requirements. Therefore, you are designing a strategy. What action should you perform?

A. On VPN1, IAS should be installed. Then VPN1, VPN2, and VPN3 should be configured as RADIUS clients.

B. On VPN1, VPN2, and VPN3, IAS should be installed. C. On VPN1, IAS should be installed. Then VPN2 and VPN3 should be configured as RADIUS clients. D. On DC2, IAS should be installed. Then VPN2 and VPN3 should be configured as RADIUS

clients. On VPN1, remote access logging should be configured. E. On DC1, IAS should be installed. Then VPN2 and VPN3 should be configured as RADIUS


clients. All remote access policies should be created on VPN1.

Answer: A

Question: 11 In order to meet the Internet name resolution requirements, you are asked to design a DNS infrastructure. What action should you perform?

A. On all DNS servers, recursion should be disabled. B. On all DNS servers, default root hints should be enabled. C. On all DNS servers, a standard primary zone named "." should be created. D. On a DNS server in San Francisco, an Active Directory-integrated zone named "." should be

created. E. All DNS servers should be configured to use forwarders and the IP address of the DNS server

should be specified at the local ISP.

Answer: E

Question: 12 According to the company requirement, you have to place the PDC emulator role in the appropriate location. So where should the PDC emulator role be placed? (Choose more than one)

A. Porto B. London C. Madrid D. Melbourne E. San Francisco

Answer: D

Question: 13 According to the company requirement, you have to design the IP addressing scheme for the new Madrid office. Of the following network addresses, which are invalid for your design? (Choose more than one)

A. 131.15.0.0/24 B. 10.10.10.0/28 C. 10.10.255.0/24 D. 192.168.11.0/25 E. 151.10.10.0/24

Answer: A, E


For complete Exam 70-297 Training kits and Self-Paced Study Material

Visit:http://www.testkingprep.com/70-297.html

http://www.testkingprep.com/


http://www.testkingprep.com/



Exam 70-297 preparation questions

Documents

Transcript of Exam 70-297 preparation questions