Managing and Maintaining Physical and Logical Devices
- In order to convert a hard disk from a basic disk to a dynamic disk, you can use Disk Management or DISKPART.EXE tool.
- The data disk’s status is Unreadable on the file server. In order to enable users to access data stored on the file server, you will have to rescan the disk. For dynamic disks, the Unreadable status usually results from corruption or I/O errors on part of the disk, rather than the failure of the entire disk.
- Microsoft Windows 2003 offers two types of disk storage configurations: basic disk and dynamic disk.
- In order to increase the space for storing users’ data, you will have to use the Disk Management tool to extend the users’ data volume by using the unallocated space of a disk. Administrators can extend simple or extended volumes that are not system or boot volumes as long as there is available disk space. Administrators can extend a simple or spanned volume on a dynamic disk if it does not have a file system or if it is formatted using the NTFS file system.
- Gateway is a network interconnectivity device that translates different communication protocols and is used to connect dissimilar network technologies.
- The non-Plug-and-Play device can be installed only with the Add New Hardware Wizard.
- In order to update the device driver on a computer, you will have to go to Device Manager. Right-click the device and click Properties. In the Driver tab, you will then have to click the Update Driver command button to update the driver.
- Setting File Signature Verification to Block prevents all unsigned drivers from being installed.
- In order to create a partition on Disk1, you will have to take the following steps:
- In the Detail pane of Disk Management, right-click Disk1 and then click Initialize Disk to initialize the disk.
- Right-click on the unallocated region of Disk1 and click New Partition in the pop-up menu.
New disks appear as Not Initialized. Before an administrator can create partitions on a disk, you must first initialize it.
- You can enable the network interface card by using the Device Manager utility. The devices can be disabled or enabled from their Properties dialog boxes.
- You need to ensure that in case of server failure, a server is returned to the original state as soon as possible. In order to bring the server back to its original state, you will have to create an Automated System Recovery Disk.
- You installed a hotfix and a new driver for the network adapter on a member server successfully. When you restart the server and log on to the member server locally, you find that the server is unable to communicate to the computers in the network. The most likely cause of the issue is that the new network adaptor driver is malfunctioning. To resolve the issue, you will have to use the Roll Back Driver option in the network adapter’s properties in the Device Manager utility.
- The yellow question mark beside a device in Device Manager indicates that the device is installed, but the operating system is unable to find and install the driver for it.
- RAID-0, also known as stripe set, stores data in stripes on two or more physical disks. Stripe set does not provide fault tolerance but offers better performance as compared to mirror set (RAID-1) and stripe set with parity (RAID-5). Stripe set uses a minimum of two and a maximum of thirty-two hard disk drives.
- The minimum number of hard disk drives required for implementing RAID-5 is three.
- Raid-1 refers to mirroring.
- In order to deny disk space to users who exceed their limit, right-click the volume for which you want to deny disk space, then click Properties, go to the Quota tab page, select the Enable quota management check box, select the Deny disk space to users exceeding quota limit check box, and then click the OK button.
- In order to completely defragment the disk, you will have to remove the page file from the disk. The page file cannot be moved during defragmentation.
- The SystemProcessor Queue Length should not be more than one. The value more than one indicates that the processor is unable to handle queries and needs to be upgraded or an extra processor to be placed.
- For configuring six hard disks into a fault tolerant volume that should have the maximum space for storing data, you will have to use RAID5 volume. RAID5 provides data redundancy at a cost of only one additional disk for the volume, while a mirrored volume uses another disk of the same disk size as that of the original data. A RAID-5 volume has a better read performance as compared to a mirrored volume.
- A drive in the RAID-5 volume fails. In order to restore the RAID-5 volume, you will have to replace the failed drive with a new one, use Disk Management, select a new area of free space, and then regenerate the volume.
- In order to run the DISK CLEANUP utility automatically, you will have to use the EVENTTRIGGERS command-line tool.
- The performance of one of the member servers has deteriorated due to a large number of unused files and folders on the hard disk of the server. In order to optimize the performance of the member server, you will have to use the DISK CLEANUP utility.
- The RAID-5 volume has failed. You shut down the server and replace the failed disk with a new disk and restart the server. You now want to bring it back to its previous state. In order to bring the RAID-5 volume back to its previous state, you will have to perform the following steps:
- Open Command Prompt and type diskpart. At the Diskpart prompt, type list volume and make note of the volume number of the RAID-5 volume.
- At the Diskpart prompt, type list disk and make note of the disk to be replaced. Then type select volume-n and after that repair disk=N.
- In order to check the hard disk performance on which the files are being saved, you will have to choose the LogicalDisk performance object and monitor the Average Disk Queue Length counter.
- A disks of the RAID-5 array has failed. You replace the failed disk with a new one. You restart the server, and run the Disk Management utility. The status of the RAID-5 array disks shows Disk3 as not initialized and its status as unknown. The array also lists a missing offline dynamic disk. In order to restore the fault tolerant RAID-5 array volume, you will have to take the following steps in the given order:
- Initialize Disk3 and convert it as a dynamic disk.
- Repair the RAID-5 array volume to include Disk3.
- A computer has three hard disks working as basic disks. One hard disk is used for the operating system and the other two are used for storing the printing data. Users complain that the speed of printing is slow. In order to get the fastest speed of printing, you will have to convert the two hard disks used for printing data to dynamic disks and create a striped volume. The striped volume improves printing performance because it provides a faster Read/Write speed as compared to other dynamic volumes.
- In order to create a mirrored volume on a server, you will have to take the following steps:
- In the Administrative tools, double-click to open Computer Management (local) on the server.
- Click Storage and then click Disk Management. Right-click the unallocated space on the dynamic disk on which the mirrored volume is to be created, and then click New Volume.
- In the New Volume Wizard, click Next, click Mirrored, and follow the instructions.
- In order to ensure that you are notified if there is less than 500MB of available disk space for users’ data, you will have to create a performance alert and configure the alert to monitor the LogicalDisk performance objects for volume D. Performance alert detects when a predefined counter value rises above or falls below the configured threshold and notifies a user by means of the Messenger service.
- Striped volumes are dynamic volumes that contain disk space from two to thirty-two hard disks. Data that is written to a striped volume is divided by the operating system into chunks of 64KB. The operating system stores each chunk on a separate disk. Since, in a striped volume, a large amount of data is divided into identical portions, it is faster to read or write the data from a striped volume than from a spanned volume. Striped volumes are not fault tolerant. RAID-0 volumes are also referred to as striped volumes.
- A minimum of three disks are required for RAID5 array.
- RAID 0 creates a stripe set but does not provide data redundancy.
- When a member of a mirrored volume or a RAID5 volume fails, it becomes an orphan. Data for the orphaned member can be regenerated from the remaining members. A new area of free space, which is of the same size or larger than the other members of RAID5 volume should be selected in Disk Management and then data should be regenerated.
- Although striping with parity allows for fault-tolerance and excellent speed, using a combination of RAID-5 for your data and mirroring for the log will give you more fault tolerance.
- The RJ-11 connector is used by an analog modem to connect to a phone line.
- Use the Device Manager utility to disable a device on a computer.
- After installation of a driver for an ISA sound card on a Windows 2003 server, you restart the server. The newly installed driver fails and now the server is unable to start. In order to make the server working again, you will have to reboot the server in safe mode and disable the malfunctioning driver.
- Microsoft Diagnostics (MSD) is a program that provides the ability to examine different aspects of a computer’s hardware and software setup. It can provide information about the computer type, memory, video, network, OS version, mouse type, other adapters being used, disk drives being used, number of LPT ports being used, number of COM ports being used, IRQ status, TSR programs, and the device drivers
- The server is unable to boot due to the malfunctioning device driver. In order to resolve the issue, you will have to start the server in Safe Mode, remove the driver by using Device Manager, and again restart the server.
- In order to customize a user’s environment for computers on a network when the computers are booted, you will have to use the Computer Configuration component of the GPO.
- The speed of a database servers is slow. You monitor the performance counters of the database server and find that the System/Processor Queue Length is five. In order to improve the performance of the database server, you will have to install an extra processor.
- In order to configure a partition on FSERV, you will have to enable the Logical Disk Manager Administrative Service. This service performs administrative services for disk management requests and configures hard disk drives and volumes. The Logical Disk Manager Administrative Service is started only when a drive or partition is configured or a new drive is detected. This service does not start by default.
- In order to update the device driver of the network interface card on a computer, you will have to Open Device Manager on the computer and expand the Network adapters. You should then right-click the network adapter, and after that, click Update Driver to run the Hardware Update Wizard. In the Update Wizard, you should specify the path to the location where you have downloaded the updated driver.
- The Unsigned driver installation behavior policy configuration can be found under Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options.
To analyze the capabilities of the simulation software, you can download a demo version and evaluate the PrepKit free of cost. Click the link below:
70-290 – MCSE Windows Server 2003 Environment
Download link: https://www.ucertify.com/exams/Microsoft/70-290.html
Managing Users, Computers, and Groups
- In order to receive the changes made by users on a desktop when users log on to any client computer on the network, you will have to create a roaming profile.
- In order to ensure that a shortcut is available to the new users who log on to a server, you will have to modify the C:\Documents and Settings\Default User folder. When a new user logs on to a computer for the first time, a new profile is created for that user by copying the Default User profile folder and renaming the folder by the names of users who are logging on. Any settings in the Default User profile folder will be applied to any new user.
- Profile Assistant is used to specify your registration and demographic information. Internet Explorer automatically sends this information to Web sites that require it. This saves you from having to type the same information every time you visit a new Web site. This information cannot be viewed on your computer or shared with others without your permission.
- A mandatory user profile is a roaming user profile that cannot be modified and saved by a user. It is created by changing the name of the NTUSER.DAT file in the directory to NTUSER.MAN and entering the profile UNC path into the User Profile Path located in the User Environment Profile dialog box for each user.
- The “X” mark on a computer account in the Active Directory Users and Computers window indicates that the computer account is disabled.
- The RENDOM command-line utility is used to rename the domain.
- The NETDOM and DSADD command-line utilities can be used to create a computer account in a Windows 2003 domain.
- LDIFDE is a command-line tool in the Windows Server 2003 operating system. It is used to create, modify, and delete objects on computers running on Windows Server 2003 and Windows XP Professional. LDIFDE is also used to extend the schema, export Active Directory user and group information to other applications or services, and populate Active Directory with data from other directory services.
- By default, group policies are inherited from the site, then from the domain, and then finally from the organizational unit level. The order and the level in which group policy objects are applied (by linking them to their targets) determine the group policy settings that a user or a computer actually receives.
- The global catalog is built automatically by the Active Directory replication system. All directory partitions on a Global Catalog server, whether full or partial partitions, are stored in a single directory database (NTDS.DIT) on the same server.
- Windows 2003 allows you to rename and restructure domains in a forest. The RENDOM utility is used for renaming and restructuring the domains.
- Universal security groups cannot be created in a Windows 2000 mixed-mode domain.
- To enable a group members’ access on a shared folder, you will have to change their group type from a distribution group to a security group.
- In order to take a backup of users data, including the currently opened files, you can enable the volume shadow copy feature.
- EVENTTRIGGERS.EXE is a command-line tool that is used to view, set, or delete trigger events. It can be used to specify an event log trigger condition that launches a task to gather additional information about the condition or to take action to automatically resolve the issue. Event triggers are commonly used to automate system maintenance by launching a batch file or tool when a specific event occurs.
- The following two conditions must be met before raising the forest level to Windows Server 2003. All domain controllers in the forest must run Windows Server 2003 and all domain functional levels in the forest must be raised to Windows Server 2003.
- In a Windows 2003 trust environment, the Kerberos version 5 and NTLM protocols are used to authenticate users and applications
- Windows Server 2003 supports the following two types of groups: Security groups and Distribution groups.
- The following group scopes can be used for groups to assign permissions: Domain local, Global, and Universal.
- The scope of a group defines two characteristics: It determines the level of security applying to a group and which users can be added to a group.
- The universal group membership caching feature can be enabled on any domain controller in a site. The domain controller, with universal group membership caching enabled, contacts a Global Catalog server whenever a user attempts to log on for the first time. The server then caches the user information locally and uses this information to authenticate the user the next time he attempts to log on.
- In order to monitor the remote computers and analyze their performance statistics on a regular basis, you will have to use the System Monitor tool.
- If the location of the DNS has changed, it is necessary to update the TCP/IP configuration on all the computers so that they can reach the correct DNS server successfully.
- In order to find out the number of unsuccessful log on attempts made by the unauthorized users and create a report on the unsuccessful log on attempts, You will have to do the following:
- Edit the Default Domain Controller Group Policy object. Set the auditing on the Audit account logon events policy for Failure.
- Run Event Viewer and view the local security log to create a report on the unsuccessful log on attempts.
- In multiple network environments, a service named Windows Internet Naming Service (WINS) is used to resolve the NetBIOS names to their IP addresses. It is necessary to integrate a network with WINS if the network contains computers that run previous versions of Windows such as Windows NT, Windows 98, and Windows Me. The WINS server maintains a database of NetBIOS names to IP address mappings similar to the DNS server. The client computers that are configured with the IP address of the WINS server send name resolution requests to the WINS server. The WINS server then resolves these requests and sends the corresponding IP addresses to the clients.
- In order to ensure that a user is not allowed to log on to the domain after he completes a project, you will have to set the Account Expires date in the user’s account properties.
- In order to change the a user’s account password, you will have to run the following command on the command prompt:
- The Group Policy Management Console (GPMC) is a tool for managing group policies in Windows Server 2003. GPMC is used to backup, restore, import, and copy group policy objects. It also provides a reporting interface on how group policy objects (GPOs) have been deployed. GPMC helps administrators in managing group policy for multiple domains for multiple domains and sites within one or more forests.
- In order to enable Martha’s user account, you will have to run the following command on the command prompt: DSMOD user martha -disabled no
- The Block Policy Inheritance option specifies that Group Policy settings for an object are not inherited from its parents. This might be used when a child OU requires completely different settings from a parent OU. Blocking policy inheritance should be managed carefully, since this option allows other systems administrators to override the option with other settings. The Block Policy inheritance option blocks Group Policy objects that apply higher in the Active Directory hierarchy of domains, and organizational units. It does not block Group Policy objects if they have No Override enabled.
- In order to disable several user accounts belonging to different groups in the domain, you will have to take the following actions:
- Create a saved query to obtain a list of the user accounts that are to be disabled.
- Select all the user accounts, right-click the mouse button, and choose the Disable Account option.
- A user named Rick tries to log on to the domain from his computer, but he is unable to do so. Rick receives an error message that his account is locked out. He is also unable to remember his password. In order to enable Rick to log on to the domain, you will have to take the following steps:
- Unlock Rick’s user account.
- Reset Rick’s account password.
- Use the DSMOVE command with the appropriate parameters to move the user accounts into their respective OUs.
- Resultant Set of Policy (RSoP) is the sum of the group policies applied to a user or computer.
- The GPUPDATE command is used to refresh the local and Active Directory-based group policy settings.
- Organizational units (OUs) are defined to delegate administration, to administer group policy, or to hide objects. Delegating administration is the prime reason for defining OUs.
- Deploying the GPOs at the domain ensures that any computer included in the network later automatically receives the settings of the GPOs.
- In order for the policies to be applied through GPO, users must be having the rights to Read and Apply the GPO.
- The Forest trust helps Windows 2003 Server to make multiple forest deployment easier.
- When an application is assigned to a user, it is advertised to the user the next time he or she logs on to a client computer. The application assigned appears on the Start menu and the registry is updated accordingly. This process is known as “advertisement”.
- If at any point of time, an application is no longer required, you should remove it by using the removal option in the GPO through which the application is installed. There are two types of removal that you can choose from: Forced and Optional. The Forced removal option immediately uninstalls the software from users and computers. The Optional removal option allows users to continue to use the software but prevents new installations. After software removal is processed, you should delete the GPO so that the application is no longer available.
- The ADPREP tool is used to prepare Windows 2000 domains and forests for an upgrade to Windows Server 2003. It extends the schema, updates default security descriptors of selected objects, and adds new directory objects as required by some applications.
- You can import the user accounts from the comma-separated file with the least administrative efforts, using the CSVDE command-line tool.
- The CSVDE and LDIFDE command-line tools are used to import and export the Active Directory objects.
- In order to log on to the domain from a computer and re-establish its domain membership with a minimum of administrative effort, you will have to reset the computer account for the computer in the Active Directory Users and Computers console on a domain controller. You will then have to add ClientXP to the domain.
- The Windows Server 2003 functional level supports only the Windows Server 2003 operating system for domain controllers.
- The /force switch used with the GPUPDATE command reapplies all settings ignoring all processing optimizations.
- GPMC is used to back up, restore, import, and copy group policy objects. It also provides a reporting interface on how group policy objects (GPOs) have been deployed.
- IP Security Monitor allows administrators to view details about an active IPSec policy that is applied by the domain or locally.
- Network administrators use ADSIEdit for performing common administrative tasks such as adding, deleting, and moving objects with a directory service.
- The DSQUERY command queries Active Directory directory service and provides the required result.
- The Enforce Password History setting sets how frequently old passwords can be reused. Setting the Enforce Password History to a higher value will track a larger number of old passwords by using a password history that is unique for each user. This will prevent the users from reusing their old passwords frequently. The recommended value for the Enforce Password History setting is 20 passwords.
- The Account Lockout Threshold policy determines the number of failed logon attempts after which a user account will be locked out. A locked out account cannot be used until the account lockout duration expires or an administrator resets it.
- Security templates are used to apply consistent security to multiple computers. Security templates work as a security policy, but they can be applied to any computer and provide an easy way to apply a customized set of default security settings.
- In order to enable Rick’s account to log on to the domain, a user will have to use the DSMOD command-line tool as follows: DSMOD user UserDN -disabled No
- In order to prevent unauthorized users from logging on to the network, you will have to take the following steps:
- Set the Minimum Password Length to a higher value. This will provide longer passwords that are harder to crack as compared to shorter ones. The recommended value for the Minimum Password Length setting is 14 characters.
- Set the Account Lockout Duration to a higher value. This will lock out the account for a longer duration. Once the account is locked, only an administrator can unlock the account before the set duration. The recommended value for the Account Lockout Duration setting is 120 minutes.
- Set the Enforce Password History to a higher value. The Enforce Password History setting sets how frequently old passwords can be reused. Setting the Enforce Password History to a higher value will track a larger number of old passwords by using a password history that is unique for each user. This will prevent the users from reusing their old passwords frequently. The recommended value for the Enforce Password History setting is 20 passwords.
- Permissions View (Permview.exe) is a tool used to display the optional, minimal, and refused permission sets requested by an assembly. It also displays declarative security used by an assembly.
- A Standard User account allows a user to install and uninstall software and hardware, change the account password and picture associated with the account, which appears on the Windows Welcome screen and on the Start menu when a user logs on.
- In order to ensure that a user does not work beyond the working hours of the company, you can take either of the following actions:
- Change the properties of Rick’s user account to set the permitted logon hours to be from 9:00 AM to 6:00 PM.
- Change the properties of a user account to set the denied logon hours to be from 6:00 PM to 9:00 AM.
- The Delegation of Control wizard enables Administrators to delegate other Administrators with the necessary permissions on specific Active Directory objects.
- Password Authentication Protocol (PAP) is a Windows RRAS authentication protocol that uses completely unencrypted passwords. It is the least sophisticated authentication protocol, used mostly when a client calls a server running an operating system other than Windows. PAP uses plain text passwords.
- Exchange Server supports Secure Socket Layer (SSL) for passing credentials. SSL ensures that passwords and e-mail body text remain secure while traveling between client and server.
- In order to ensure that users are able to log on to the network from their Windows 98 client computers, you will have to install Active Directory Client on the Windows 98 client computers.
- A user has forgotten his password. You will have to open Active Directory Users and Computers and select user account. He will then have to right-click the account, reset the password, and provide the new password.
- In order to ensure that all users are authenticated by a domain controller when they unlock the client computers by using Ctrl Alt Del, you will have to Enable the Interactive logon: Require Domain Controller authentication to unlock setting on the local security policy of the client computers.
- A group policy that is created by an administrator affects all users on a computer or all users on a domain. Group policies can be used for defining, customizing, and controlling the functioning of network resources, computers, and operating systems. They can be set for a single computer with multiple users, for users in workgroups, or for computers in a domain.
- Enabling the Extensible Authentication Protocol check box and require smart card authentication on the Routing and Remote Access server on the network forces remote users to use smart cards for authentication when they connect to the network.
- PAP uses plain text passwords.
Pass 70-290 exam in the first attempt. Full featured Tests. 538 questions with answers and 135 study notes articles and exam tips, click the link below:
70-290 – MCSE Windows Server 2003 Environment
Download link: https://www.ucertify.com/exams/Microsoft/70-290.html
Managing and Maintaining Access to Resources
- If you copy a file from one folder to another folder (on the same volume or on the different volumes), the file will have the same permissions as the destination folder.
- In order to prohibit a particular user from connecting to a member server from the network, you will have to assign the Deny access to this computer from the network logon right to the user.
- The Shadow Copies feature of Windows Server 2003 is used by administrators and users to recover files or folders from damage as quickly as possible.
- Users report that when they try to connect to the Terminal Server, they receive the following error message “The local policy of this system does not allow you to logon interactively.” According to the error message, users are not able to logon to the local policy of the system, so you have to grant them the right to log on locally. Log On Locally user right allows a user to log on to the computer where the user account has been defined.
- To enable Remote Desktop on one of the member servers, you will have to use System Properties in Control Panel, click the Remote tab and enable the Remote Desktop check box.
- In order to ensure that all the members of a domain group can log on to the terminal servers, you will have to add the domain group to the Remote Desktop Users group on the terminal server.
- The TSSHUTDN command is used to shut down a Terminal server.
- TSPROF copies the Terminal Server user configuration information (displayed in User Manager for Domains) from one user to another. TSPROF can also update the profile path for a user.
- In order to rename the user account, you will have to use the following command: DSMOVE rick -newname john
- In order to configure Terminal server so that the users are prevented from opening more than one session, you will have to set the Restrict each user to one session option to yes on the Terminal Services Configuration\Server Settings window on the terminal server.
- You want to perform a function of sending queries to the server and to obtain detailed responses at command prompt. You also want to update resource records correctly in a zone and debug other server related problems. In order to accomplish the task, you will have to run NSLOOKUP command.
- Server (Request Security) policy allows the server to request IPSec negotiation, but will allow unsecured communication if the other computer is not IPSec aware
- Query process displays information about processes running on a terminal server. You can use this command to find out which program a specific user is running, and also which users are running a specific program.
- Advanced Configuration and Power Interface (ACPI) defines power management on a wide range of mobile, desktop, and server computers and peripherals.
- The IP Security Monitor console shows IPSec statistics and active security associations (SA). After establishing the connections, you can see the created SA. If the connections are established, but there is no SA, it indicates that the traffic was not protected by IPSec.
- To segregate certain servers from other domain controllers, create a new OU for those server. A separate OU will help you implement the policies on those servers only.
- The MBSA utility scans the security updates against the complete list of available security updates listed in the MSSECURE.XML file. This file is downloaded by MBSA at runtime from the Internet.
- Predefined security templates are used for creating security policies for a network or computer. These security templates can be used to configure an individual computer or group of computers. By default, the predefined security templates are stored in the SYSTEMROOTSECURITYTEMPLATES folder.
- A client computer has a shared folder named DATA. The company employees use this folder. They often complain that they are unable to access this folder. You find that this problem occurs whenever more than ten users are trying to access the folder. In order to ensure that all employees are able to access the shared folder simultaneously, you will have to move the shared folder on one of the servers. Moving the shared folder on the server will allow more concurrent connections.
- You have created a shared folder as a hidden share by suffixing the $ sign after the share name. To enable a shared folder to be visible to all the users browsing the network, you will have to remove the $ sign.
Managing and Maintaining a Server Environment
- NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems.
- NETSTAT is used to show the state of current TCP/IP connections.
- NBTSTAT with /c switch is used to list the cache of NetBIOS names and IP addresses.
- NETSTAT is a command-line utility that displays protocol-related statistics and the state of current TCP/IP connections.
- PING utility is used to test connectivity with a host on a TCP/IP-based network.
- PING is used to verify the existence of a host in a network.
- The TRACERT utility traces the path taken by TCP/IP packets to a remote computer.
- The PING LOCALHOST command is used to verify that TCP/IP is bound correctly to the network adapter by communicating with the loopback address 127.0.0.1.
- NBTSTAT -n displays the list of local NetBIOS names.
- Event Viewer is used to locate the source of problems by monitoring system logs, security logs, and application logs.
- The TRACERT utility tells how many hops (maximum 30) away the target device is.
- The EVENTQUERY utility lists the events and event properties from one or more event logs.
- Account logon events are generated when a domain user account is authenticated on a domain controller. The event is logged in the domain controller’s security log.
- System Monitor is used to track items such as, I/O, memory usage, user connections, and locks.
- The Security log contains events related to logon events by users. It also logs events such as opening, creating or deleting of files, folders, and other resources.
- A dependency service failure message in Windows Server 2003 comes under the system log in the Event Viewer utility.
- In order to track access to account management events on the domain controllers, view the security log in the Event Viewer utility.
- The EVENTQUERY utility lists the events and event properties from one or more event logs.
- You receive an error message from one of the member servers during the boot process that a dependency service has failed to start. In order to obtain more information about the error, you will have to run the Event Viewer utility and check the System log.
- In order to identify the person who has deleted a user account, you will have to use the Event Viewer tool and filter the security event log for the Account Management events on the domain controller.
- The ARP utility is used to display and modify the IP-to-Mac address translation table used by the ARP protocol.
- Configure Automatic Updates in order to update the server with the latest patches from Start > Control Panel > System. Click the Automatic Updates tab and select the check box.
- When the Software Update Services is used to deploy security updates, the security updates must be approved before the client computers download and install them.
- In order to ensure that the downloading and synchronization of the software updates take a minimum amount of time, you will have to select only the languages that are required. This will avoid downloading the same software updates in different languages, which are not required.
- TRACERT is a route-tracing Windows utility that displays the path an IP packet takes to reach its destination. It shows the Fully Qualified Domain Name (FQDN) and the IP address of each gateway along the route to the remote host.
- In order to deploy an application to all the client computers in the Sales OU, you will have to deploy the application by linking a GPO at the Sales OU. Linking the GPO at the Sales OU will deploy the application on all the client computers with a minimum of administrative effort.
- The synchronization log of SUS stores information about the synchronization of contents.
- In order to update the server with the latest patches, you will have to configure the Automatic Updates from Start > Control Panel > System. In the System Properties dialog box, you will then have to click the Automatic Updates tab and select the Keep my computer up to date check box.
- Software Update Services (SUS) is a tool used to acquire and distribute critical Windows patches to computers running Windows operating systems.
- In order to ensure that all client computers in an organizational unit (OU) receive the most recently released patch and future security patches from SUSERV, you will have to open the Group Policy object (GPO) for the OU and configure the Computer Configuration/Administrative Templates/Windows Components/Windows Update setting.
- Per Device or Per User licensing mode is a new licensing mode in Windows 2003. It enables all network devices or users to access all the servers on a network. In this mode, the number of simultaneous connections to any server is unlimited. Per Device or Per User is the normal licensing mode for a server product that is installed on multiple servers in a network. It is the best option if clients frequently use multiple servers on the network. This licensing mode requires one Client Access License for each device.
- NTDSUTIL.EXE is a command-line tool that is used to manage Active Directory.
- FTP is the primary TCP/IP protocol used to transfer text and binary files over the Internet.
- Both PING and TRACERT use ICMP echo requests to diagnose a TCP/IP configuration.
- Telnet uses port 23 by default.
- Telnet enables you to access a UNIX server, using a text-based connection.
- PPP, SLIP, and PPTP are remote access protocols.
- Configure Your Server Wizard guides users in installing and configuring server roles.
- The ADMINPAK allows administrators to install the Windows Server 2003 management tools onto a Windows XP Professional or Windows Server 2003 computers in order to perform remote server management functions.
- NTDSUTIL.EXE is a command-line tool that is used to manage Active Directory. This utility is used to perform the following tasks:
- Performing database maintenance of Active Directory.
- Managing and controlling operations master roles.
- Removing metadata left behind by domain controllers.
Note: The NTDSUTIL utility is supposed to be used by experienced administrators.
- Internet Authentication Service (IAS) performs centralized connection authentication, authorization, and accounting for dial-up and virtual private network (VPN), remote access, and router-to-router connections.
- Internet connection sharing (ICS) provides the ability to connect a home network or a private network to the Internet.
- The use of smart cards for user authentication is a strong form of authentication.
- Microsoft Windows Server 2003 Automated Deployment Services (ADS) is used by administrators to build and manage very large and scaled out deployment of Windows servers. It includes a new set of imaging tools for rapidly deploying Windows 2000 Server and Windows Server 2003 remotely. ADS offers improved communication security and a reliable script execution framework. It uses the image-based deployment method.
- Use the Point-to-Point Tunneling (PPTP) protocol to connect to the company’s private network securely by a remote client using a public network such as the Internet.
- In order to enable a server to offer remote assistance, you will have to perform the following actions:
- Log on as administrator on the server. Run gpedit.msc to edit the local Group Policy.
- In the Computer Configuration, expand Administrative Templates and System. Click Remote Assistance.
- Double-click Offer Remote Assistance, and select Enabled.
- A user can use Remote Assistance to invite a trusted person to chat with him, observe his working screen, and with users permission, remotely control his computer.
- You have added all user information such as phone number, address, e-mail, etc. while creating a user account in the domain. In order to get a user’s e-mail address, you will have to run the following command: DSGET user rick -email
- A gateway server is used to provide Windows client access to an AS400 mainframe.
- The two modes available with the RSoP Wizard to collect data for RSoP queries are Logging mode and Planning mode.
- The Advanced System Information-Policy tool is used to create an RSoP query and view the result in HTML format.
- When an application is published to a user, the published application stores the advertisement attributes in the Active Directory. Users can then install the application either by using Add/Remove Programs in the Control Panel or by clicking any file associated with the application.
- The Apply to All Users Except Administrators option is available to prevent restrictions from affecting the administrators’ accounts in the domain. This option allows administrators to bypass the restrictions applied by the policy.
- Microsoft Windows 2000 Server uses the File Replication Service (FRS) to replicate system policies and logon scripts stored in the system volume (SYSVOL). Each domain controller keeps a copy of SYSVOL for the network clients to access the resources.
- Network Monitor works as a protocol analyzer and captures packets from the network and analyzes their contents in detail.
- The GPUPDATE command is used to refresh the local and Active Directory-based group policy settings. It also refreshes security settings.
- If the No Override configuration is set to a GPO, no policy configured in the GPO can be overridden.
- LPR is a utility used to print a file to a host running a Line Printer Daemon (LPD) server.
- A user sends print jobs to a print server. However, the jobs are not printing and no users are able to print the documents successfully. You find that these documents are being spooled. To enable users to print on the printer, you will have to first stop and then restart the spooler service by using the following commands: To stop the Print Spooler service: NET STOP spooler To start the Print Spooler service: NET START spooler
- Sharing a printer on the member server, which is part of the domain, automatically publishes the printer in Active Directory.
- The large print jobs send by users on the network are not printing and they are printing small documents successfully. In order to ensure that the users are able to print large print jobs on the print server, you will have to increase the free disk space on the print server by deleting unnecessary files from the print server’s hard disk drive. The large print jobs are not printing because the print spool does not have enough free disk space for large print jobs. The printer is able to print small jobs because the print spool has space for small print jobs.
- In order to find the printer in Active Directory and print the documents from remote computers, you will have to share the printer on print server. Sharing a printer on the server, which is part of the domain, will automatically publish the printer in Active Directory.
- In order to capture only a specific type of traffic, configure a capture filter.
- You will have to choose the PhysicalDisk\% Disk Time and Memory\Available Bytes counters to identify the bottlenecks on the hardware such as the hard disk drive and memory.
- Enabling universal group membership caching on one of the domain controllers in each site will minimize the logon traffic on the WAN link.
- Only the Performance Logs and Alerts snap-in is able to send alerts by analyzing network data.
- RJ-45 connector is used to connect a 10BaseT Ethernet cable to an NIC on a desktop computer.
- Ethernet uses CSMA/CD technology.
- The disk quota does not support FAT32 partitions.
- In order to enable disk quota on a server, you will have to take the following steps:
- In the Local Disk Properties Window, select the Enable quota management check box.
- Select the Deny disk space to users exceeding quota limit.
- Select the default quota limit to 50 MB and set warning level to 50 MB.
- In the quota logging options, select the Log event when a user exceeds their quota limit option.
- The Task Manager utility provides information about programs and processes running on a computer. By using Task Manager, a user can end or run programs, end processes, and display a dynamic overview of his computer’s performance. Task Manager provides an immediate overview of system activity and performance.
- In order to provide permissions to a user to monitor performance counters on the file server locally and from remote computers, add the user’s account to the Performance Monitor Users group.
- In order to set the disk quota limit on FSERV, you will have to convert the FAT32 file system into the NTFS file system.
- A collection of one or more threads that is ready but not able to run on the processor due to another active thread that is currently running is called the processor queue. The SystemProcessor Queue Length counter shows how many threads are ready in the processor queue, but not currently able to use the processor.
- A % Processor Time counter above 85% is considered to be a threshold for a processor. If this counter exceeds the threshold value in a computer, performance of the computer will degrade. In order to improve the performance, you will have to upgrade to a faster processor or install an additional processor on the server.
- The HFNETCHK utility is a command-line tool. Administrators use it to centrally assess a computer or group of computers about the absence of security updates.
- The Remote Registry service enables administrators to modify registry settings on the domain controller remotely.
- WINS and LMHOSTS files reduce the use of local IP broadcasts for NetBIOS name resolution, and enable users to easily locate computers on remote networks.
- Routers prevent broadcasts from crossing over subnets.
- Hubs can be replaced by switches to control the network traffic efficiently.
- The % Network utilization counter indicates how close the network is to full capacity.
- The PTR records resolves the IP addresses to host names.
- In order to enable a user to collect and view the real-time performance data of a server using System Monitor, you will have to add the users account to Performance Log Users group or Performance Monitor Users group on the domain. Users who are the members of these two built in new security groups in Windows Server 2003 can only use the System Monitor to access and manipulate sensitive performance data.
- Use the URLScan tool to view all the incoming requests to an Internet Information Services (IIS) server and allow only requests that comply with a rule set, created by you, to be processed.
- In order to find out the applications that are running at a higher priority level than normal, you will have to run Task Manager on APPSERV. You will then have to click the Processes tab and view the Base Priority column. The Base Priority column shows the priority ranking that determines the order in which the threads of a process are scheduled for the processor. The Task Manager utility can be used to view and change base priorities. With the /realtime switch, an application runs in the realtime priority class.
- The server is responding slowly to database queries. You find that the Pages/sec counter is 35 and the memory utilization is high. Adding more RAM to the server will reduce this value and hence improve the performance of the server.
- Caching-only DNS servers do not perform zone transfers.
- MX record and A record are required to be created in the DNS server to enable the mail server to receive mails from the Internet.
- Subnetting the network reduces traffic congestion and optimizes the IP address space.
- Subnetting is used to segment a large network into smaller networks.
- To automatically assign IP addresses to each computer on a small private network, you can use the Automatic Private IP Addressing (APIPA) feature of Windows 2000.
- With an L2TP connection, you have to use the IPSec protocol for data encryption.
- IPSEC is used with a tunneling protocol to provide security.
- Network Load Balancing (NLB) evenly distributes the traffic load across all hosts.
- In order to access folder as a Web folder using Internet Explorer, you will have to install Frontpage Extension on the server.
- Simple Mail Transfer Protocol (SMTP) acts as a member of the TCP/IP suite of protocols that governs the exchange of an electronic mail between message transfer agents.
- SUS can be installed only on NTFS partitions.
- IP packet filters allow or block packets from passing through specified ports. They can filter packets based on service type, port number, source computer name, or destination computer name.
- A security issue has arisen due to the change in the permissions on a member server. In order to revert back to the original permissions on the member server, you will have to import the DEFLTSV.INF security template into the local security policy of the member server.
- Network Load Balancing (NLB) is one of the two types of clustering supported by Windows 2003. It is used to provide high availability, and reliability of the application servers.
- There are four security zones found in Internet Explorer: Internet, Local Intranet, Trusted Sites, and Restricted Sites. Each zone or group has four security levels: High, Medium, Medium-Low, and Low. These levels determine the type of content a user can download and run. Security zones allow users to set the appropriate level of security for the various types of Web contents that they are likely to visit.
Managing and Implementing Disaster Recovery
- Firewall is a security facility used to protect the network of an organization from external attacks by intruders.
- Sudden reduction in system resources and Corrupted or missing files are symptoms of a virus attack.
- Firewall is used to protect the network against unauthorized access.
- Safe Mode is a Windows feature used to start a computer with basic drivers, such as mouse, keyboard, etc. It bypasses blocking issues, such as system corruption, or installation of incompatible drivers or system services, enabling the Administrator to resolve such issues.
- In a nonauthoritative restore operation, the objects in the restored directory are not treated as authoritative. The restored objects are updated with changes held on other domain controllers in the domain.
- System State data includes registry, COM Class Registration database, system files, boot files, and files under Windows File Protection.
- The System State data is a collection of system-specific data maintained by the operating system. It includes registry, COM Class Registration database, system files, boot files, and files under Windows File Protection. If the server is a Web server, the System State data also includes IIS Meta directory.
- The most likely cause of not finding the Previous Versions tab in the shared folder’s Properties dialog box is that the volume on which the shared folder is stored is not enabled for shadow copy.
- In order to enable the members of a group to access the previous versions of the files in the a folder from their Windows XP Professional client computers, you will have to use Group Policy to deploy the Previous Versions Client pack by running TWCLI32.MSI from the \Windows\System32\Clients\Twclient folder.
- A global catalog is created automatically on the first domain controller in the forest.
- The Windows Server 2003 Backup application supports the following three types of restoration methods: Primary restore, Non-authoritative restore, and Authoritative restore.
- Run the NTDSUTIL utility to authoritatively restore the Active Directory component.
- When an object is deleted from Active Directory, the original object is removed from it, and an object is created that contains a small subset of the object’s original attributes. This object is called tombstone. This tombstone object remains in Active Directory for the duration of the tombstone lifetime (by default, it is configured as 60 days) before it gets completely removed.
- Full and incremental backup methods clear the archive bit of files after performing backup.
- A full backup is required for taking a differential backup.
- Incremental backup backs up only those files that have been created or changed since the last full or incremental backup.
- You want to take a backup of all the data on a server once a week. You want to take a backup of the data every day that was changed after the last backup. You also want to minimize the amount of data that must be backed up every day. In order to accomplish the task, a user will have to take a full backup of the data once a week and an incremental backup every day.
- In order to minimize the number of tapes required to backup data, you should perform a full backup every Friday. Performing differential backups from Monday to Thursday will reduce the number of tapes required to restore data. This is because in an event of data loss, you will have to restore only the last full backup and the last differential backup.
- An unshielded twisted-pair connection uses an RJ-45 connector.
- Repeater, hub, router, and bridge are network connectivity devices.
- Time Domain Reflectometer (TDR) is used to detect breaks in network cables.
- Security Configuration and Analysis Tool is used to import and export templates. It is also used to compare a template with the security settings of the local computer.
- If pinging the server’s own loopback address fails, it shows that the server’s NIC is not working.
- In order to back up the critical information that is related to the installation of SUS, you will have to perform the following steps:
- Take a backup of the IIS metabase by using the IIS administration tool.
- Use the BACKUP utility to take a backup of the IIS metabase file, the default Web site, and the content storage location.
- You are testing the disaster recovery plan of the company. During the testing of the recovery plan, you find that some servers have been restored with another server’s data. In order to improve the disaster recovery plan, you will have to maintain a printed tape backup report, so that it can be confirmed that the data is getting stored on the appropriate server.
- An administrator can use a combination of a normal backup and a differential backup to save time in taking backups as well as for the restoration of data. If data becomes corrupt at any time, only the latest normal and the latest differential backup sets are required to be restored. Although this combination is easier and takes lesser time for restoration, it takes more time to take backups if data changes frequently.
- To ensure that a user is able to back up files, his account will have to be added to the Backup Operator group or he must be provided the ownership of the files.
Download Link:
70-290 – MCSE Windows Server 2003 Environment
Download link: https://www.ucertify.com/exams/Microsoft/70-290.html