-
You need to design the Exchange 2003 server configuration for remote e-mail access. What should you do?()
A . Configure the front-end servers in each branch office to be members of a new Active Directory site
B . Configure the back-end servers to have server encryption certificates issued by a commercial certification authority (CA)
C . Configure two back-end servers to be members of a Network Load Balancing cluster. Configure Network Load Balancing for inbound RPC connections
D . Configure multiple front-end servers in each branch office to be members of a Network Load Balancing cluster. Configure Network Load Balancing for inbound HTTPS connectio
-
You need to design the database permissions for access from the terminals to the database server. Which action or actions should you perform?()
A . Create a database role named BankTerminals.
B . Grant the BankTerminals role the Execute permission for the WoodgroveBanking database.
C . Grant database access to the Windows Bank Terminals group, and add the group to the BankTerminals role.
D . Grant the BankTerminals role the Execute permission for the Bank schema.
E . Grant the Windows Bank Terminals group the Execute permission for the Bank schema.
F . Grant the BankTerminals role the Execute permission for all stored procedures and user-defined functions in the Bank schema.
-
You need to design an access control and permission strategy for user objects in Active Directory.What should you do?()
A . Make the members of the AdvancedSupport security group members of the Domain Admins security group
B . Give each desktop support technician permission to reset passwords for the top-level OU that contains user accounts at their own location
C . Delegate full control over all OUs that contain user accounts to all AllSupport security group
D . Change the permissions on the domain object and its child objects so that the BasicSupport security group is denied permissions. Then, add a permission to each OU that contains user accounts that allows AllSupport security group members to reset passwords in that OU
-
You need to design an e-mail access strategy for remote users. What should you do? ()
A . Instruct remote users to connect to their e-mail by using RPC
B . Instruct remote users to connect to Outlook Web Access by using only HTTPS
C . Instruct remote users to connect to the company network by using PPTP connections
D . Instruct remote users to connectd to their e-mail by using RPC over HTTP Configure the HTTP servers to require encryption.
-
You are designing an integration test plan for a Windows Azure .NET 3.5 application. You need to recommend a testing environment that allows developers to debug the application while accessing data in the cloud. What should you recommend?()
A . Run the application on Windows Azure. Use the development storage account.
B . Run the application on Windows Azure. Use a Windows Azure Storage account.
C . Run the application in the development fabric. Use the development storage account.
D . Run the application in the development fabric. Use a Windows Azure Storage account
-
You need to design a solution so that users in the retail outlets can access their e-mail on the Exchange 2003 servers. What should you do?()
A . Install an Exchange 2003 server infrastructure that will support POP3 connections from the Internet. Install a user certificate on each client computer at the retail outlets. Instruct the users to sign and encrypt all outbound e-mail messages
B . Install an Exchange 2003 server infrastructure that will support encrypted POP3 connections from the Internet. Configure the client computer in the retail outlets to use an encrypted connection to the POP3 server
C . Install an Exchange 2003 server infrastructure that will support encrypted Microsoft Outlook Web Access connections from the Internet. Instruct all users at the retail outlets to access their e-mail by using Microsoft Internet Explorer 5.5 or later to connect to the secure Microsoft Outlook Web Access server
D . Install an Exchange 2003 server infrastructure that will support encrypted IMAP4 connections from the Internet. Configure the client computers in the retail outlets to use an encrypted connection to the IMAP4 server
-
You are designing a Windows Azure web application that does not use ASP.NET. The application requires a standalone Win32 interpreter. You need to recommend an approach for allowing access to the interpreter. What should you recommend?()
A . Use a web role. Configure the interpreter as an ISAPI filter.
B . Use a web role. Configure a FastCGI handler for the interpreter and set the path to the interpreter.
C . Use a worker role with an internal endpoint. Enable native code execution.
D . Use a worker role with an external endpoint. Configure a FastCGI handler for the interpreter and set the path to the root.
-
You need to design a remote access strategy for portable computers. Your solution must meet business requirements. What should you do?()
A . Issue a computer certificate to P_RAS1. Reconfigure the remote access policy on P_RAS1 to accept only EAP-MD5 authentication. Then, specify that P_RAS1’s computer certificate is to be used for authentication
B . Issue a user certificate to the Administrator account on P_RAS1. Reconfigure the remote access policy to accept only EAP-MD5 authentication. Then, specify that the Administrator account’s user certificate is to be used for authentication
C . Issue a computer certificate to P_RAS1. Reconfigure the remote access policy to accept only EAP-TLS authentication. Then, specify the P_RAS1’s computer certificate is to be used for authentication
D . Issue a user certificate to the Administrator account on P_RAS1. Reconfigure the remote access policy to accept only EAP-TLS authentication. Then, specify that the Administrator account’s user certificate is to be used for authenticatio
-
You need to design the configuration of the Windows Server 2003 Routing and Remote Access server in the Seattle office to meet business requirements. What should you do?()
A . Configure a remote access policy on the Routing and Remote Access server to require MS-CHAP v2 for all connections
B . Use a Group Policy object (GPO) to configure a Restricted Groups policy that applies to the Routing and Remote Access server. Use this Restricted Groups policy to remove all accounts form the local Users group, and then add authorized computer accounts
C . Configure the Routing and Remote Access server to use only PPTP connections
D . Configure the Routing and Remote Access server to use only IPSec over L2TP connections.Configure IPSec to use certificate
-
You need to design a remote access solution for the mobile sales users in the litwareinc.com domain. Which two actions should you perform?()
A . Configure autoenrollment for user certificates and computer certificates
B . Configure Web enrollment for user certificates and computer certificates
C . Configure a Certificate Services hierarchy in the litwareinc.com domain
D . Configure qualified subordination between the litwareinc.com and the contoso.com domains
E . Configure PEAP authentication on the remote access server
-
You need to design an access control solution for customer information. Your solution must meet security requirements.What should you do?()
A . Configure the Web site to require SSL connections. Configure the Web site to require client certificates. Enable and configure client certificate mapping on the Web site
B . Configure the Web site to require SSL connections. Disable anonymous access to the Web site.Assign the Allow – Read permission to the customer user accounts for the folder that contains the Web site files
C . Configure the Web site to use only Microsoft .NET Passport authentication. Specify the den.corp.woodgrovebank.com domain as the default domain for .NET Passport authentication.Configure a custom local IPSec policy on the Web servers to require IPSec communications
D . Configure the Web site to use only Windows Integrated authentication. Configure a custom local IPSec policy on the Web servers to require IPSec communications. Configure the IPSec policy to use certificate-based authentication and encryptio
-
You need to design a configuration for the Microsoft Outlook Web Access servers. What should you do?()
A . Create a Network Load Balancing cluster that contains the Outlook Web Access servers
B . Create a Microsoft Cluster Server cluster that contains the Outlook Web Access servers
C . Create public DNS host (A) resource records for each Outlook Web Access server. Instruct each user to connect to the server that contains his or her mailbox
D . Install Microsoft Application Center 2000 on the Outlook Web Access servers. Create a Web cluster that contains all of the Outlook Web Access server
-
You need to design an access control strategy for the external and intranet Web sites. Which two actions should you perform?()
A . Enable SSL on the external Web site by using a Microsoft cryptographic service provider (CSP)
B . Enable Microsoft .NET Passport authentication on the external Web site. Use Passport Level 0 with SSL on the external Web site
C . Enable SSL on the external Web site by using a commercial digital certificate
D . Enable SSL on the intranet Web site by using an internal server certificate
E . Enable SSL on the external Web site by using an internal server certificate
-
You need to design a hosting service option for customers who want to access their databases by using their own Active Directory domain accounts. What should you do?()
A . Design a hosting service option that duplicates each customer’s domain user account as SQL Serverlogin account.
B . Design a hosting service option that provides VPN-based connectivity from each customer’s network tothe SQL Server computer that hosts that customer’s daabase or databases.
C . Design a hosting service option that provides a dedicated server to each customer.Join that server to that customer’s Active Directory domain
D . Design a hosting service option that configures a unique instance of SQL Server 2005 for each customer.Configure that instance to use Integrated Windows authentication.
-
You need to design a remote access strategy for the customer support users when they work from home. Your solution must meet security requirements. What should you do?()
A . Deploy an L2TP/IPsec VPN server in each call center. Configure the portable computers as L2TP VPN clients
B . Create IPSec tunnel mode connections between the customer support users home and the company’s Internet-facing routers
C . Create IP packet filters on the company’s Internet-facing routers to allow the Remote Desktop Protocol (RDP).Create IPSec filters on the terminal servers to allow only connections that use RDP
D . Create IP packet filters on the company’s Internet-facing routers to allow the IPSec protocols. Assign the Secure Server (Require Security) IPSec policy to the terminal servers. Assign the Client (Respond only) IPSec policy to the portable computer
-
You need to design a domain model that meets the company business and security requirements for controlling access to the new Web-based ordering application. What should you do?()
A . Create a child OU within the existing domain
B . Create a child domain of the existing domain
C . Create a new domain in a new forest. Configure the new domain to trust the existing domain
D . Create a new tree in the existing forest. Configure the new domain to trust the existing domai
-
You need to design an access control strategy for the Payment folder for the Sales Managers group. What should you do?()
A . Use IPSec in transport mode
B . Use Encrypting File System (EFS) over Web Distributed Authoring and Versioning (WebDAV)
C . Use PEAP-EAP-TLS
D . Use Encrypting File System (EFS) remote encryptio
-
You are designing a security strategy for users who need remote access to the corporate network. What should you do?()
A . Configure Internet Authentication Service (IAS) for accounting.
B . Configure the server running Routing and Remote Access to support L2TP.
C . Configure the server running Routing and Remote Access to restrict dial-in traffic to the NewApp servers only.
D . Create a separate account for remote access users. Configure these accounts to access the NewApp server only.
-
You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do?()
A . Install Internet Authentication Services (IAS) on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients
B . Install Internet Authentication Services (IAS) on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients
C . Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection
D . Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connectio
-
You need to design an authentication solution for wireless network access. Your solution must meet business and technical requirements. Which two actions should you perform?()
A . Deploy an offline enterprise root CA in the corp.woodgrovebank.com domain. Deploy subordinate enterprise root CAs in each child domain. Install Internet Authentication Service (IAS) on one member server in the la.corp.woodgrovebank.com domain and one member server in the den.corp.woodgrovebank.com domain
B . Deploy an enterprise root CA in each domain. Install Internet Authentication Service (IAS) on a member server in the corp.woodgrovebank.com domain. Install the Routing and Remote Access service on a member server in each child domain, and configure these servers as RADIUS clients
C . Enroll and deploy user certificates to all administrators in each domain. Enroll and deploy computer certificates to all portable computers that have wireless network adapters. Configure each portable computer to use Protected EAP (PEAP) for authentication
D . Enroll and deploy computer certificates to all portable computers that have wireless network adapters. Configure each portable computer to use EAP-MS-CHAP v2 for authentication. Configure each portable computer to connect to the Internet Authentication Service (IAS) server
-
You need to design a security strategy for a remote e-mail access. What should you do?()
A . Require remote users to access e-mails by using Outlook Mobile Access
B . Require Outlook Web Access users to install the secure MIME ActiveX-Control and to encrypt all messages
C . On Outlook Web Access servers that accept connections from the Internet configure IIS to require SSL for all connections
D . On Outlook Web Access servers that accept connections from the Internet configure IIS to require Integrated Windows Authenticatio
-
You need to design an access control strategy for the Contact Info and the Order History folders. What should you do?()
A . Create a domain local group named Customer Relations in the northwindtraders.com domain. Add the Sales group and the Sales Managers groups to the Customer Relations group. Add the Customer Relationships group to the Customer Information folder. Assign the appropriate permissions. Add the accounts for the sales department users in Boston to the Boston Customer Relationship group. Add the Boston Customer Relationships group to the Customer Relations group. Disable inheritance on the Payment folder
B . Create a domain local group named Customer Relations in the boston.northwindtraders.com domain. Add the Customer Relations group to the Customer Information folder. Assign the appropriate permissions. Add the Boston Customer Relations group to the Customer Relations group. Disable permission inheritance on the Payment folder
C . Create a domain local group named Customer Relations in the boston.northwindtraders.com domain. Add the Customer Relations group to the Order History folder. Assign the appropriate permissions. Add the Boston Customer Relations group to the Customer Relations group. Disable permission inheritance on the Payment folder
D . Create a domain local group named Customer Relations in the boston.northwindtraders.com domain. Add the Customer Relations group to the Customer Information folder. Assign the appropriate permissions. Add the Boston Customer Relations group to the Customer **MISSING**
-
You need to design an access control strategy that meets business and security requirements. Your solution must minimize forestwide replication. What should you do?()
A . Create a global group for each department and a global group for each location. Add users to their respective departmental groups as members. Place the departmental global groups within the location global groups. Assign the location global groups to file and printer resources in their respective domains, and then assign permissions for the file and printer resources by using the location global groups
B . Create a global group for each department, and add the respective users as members. Create domain local groups for file and printer resources. Add the global groups to the respective domain local groups. Then, assign permissions to the file and printer resources by using the domain local groups
C . Create a local group on each server and add the authorized users as members. Assign appropriate permissions for the file and printer resources to the local groups
D . Create a universal group for each location, and add the respective users as members. Assign the universal groups to file and printer resources. Then, assign permissions by using the universal grou
-
You need to design an access control strategy for the marketing application. You solution must minimize impact on server and network performance. What should you do?()
A . Require client computers to connect to the marketing application by using a VPN connection
B . Use IPSec to encrypt communications between the servers in the New York and Atlanta offices
C . Require the high security setting on Terminal Services connections to the marketing application
D . Configure all marketing application Web pages to require SSL