Top 16 braindumps 70-293 for client (65 to 80)

70-293 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

Get it now →

Product Description:
Exam Number/Code: 70-293
Exam name: Planning and Maintaining a Windows Server 2003 Network Infrastructure
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Free Certification Real IT 70-293 Exam pdf Collection

Printable of 70-293 practice question materials and vce for Microsoft certification for consumer, Real Success Guaranteed with Updated 70-293 pdf dumps vce Materials. 100% PASS Planning and Maintaining a Windows Server 2003 Network Infrastructure exam Today!

2016 Apr 70-293 Study Guide Questions:

Q65. You are the network administrator for your company. The network contains a single Active Directory domain. All computers on the network are members of the domain. All domain controllers run Windows Server 2003. You are planning a public key infrastructure (PKI). The PKI design documents for your company specify that certificates that users request to encrypt files must have a validity period of two years. The validity period of a Basic EFS certificate is one year. In the Certificates Templates console, you attempt to change the validity period for the Basic EFS certificate template. However, the console does not allow you to change the value. You need to ensure that you can change the value of the validity period of the certificate that users request to encrypt files. What should you do? 

A. Install an enterprise certification authority (CA) in each domain. 

B. Instruct users to connect to the certification authority (CA) Web enrollment pages to request a Basic EFS certificate. 

C. Create a duplicate of the Basic EFS certificate template. Enable the new template for issuing certificate authorities. 

D. Assign the Domain Admins group the Allow - Full Control permission for the Basic EFS certificate template. 

Answer: C 


Q66. Your company has an Active Directory directory service domain. The internal network includes two DNS servers that run Windows Server 2003. All client computers run Windows 7 and use these two DNS servers for name resolution. From the Root Hints tab, you remove all root hints from both DNS servers. You need to ensure that client computers can access Internet sites by using domain names and can continue resolving internal network addresses. What should you do? 

A. Configure both DNS servers to use forwarders to your ISPs DNS servers. 

B. On both DNS servers, enable the Use root hints if no forwarders are available setting. 

C. Configure all client computers to use a public DNS server for name resolution. 

D. On all client computers, enable the Use this connections DNS suffix in DNS registration setting. 

Answer: A 


Q67. All servers in your company run Windows Server 2003. You are planning the installation of new servers to support Windows Media Services in a Web farm. Your plan includes multicast content delivery of media to users. You need to choose the minimum edition of Windows Server 2003 to support this installation. 

Which edition should you choose? 

A. Windows Server 2003, Web Edition 

B. Windows Server 2003, Standard Edition 

C. Windows Server 2003, Enterprise Edition 

D. Windows Server 2003, Datacenter Edition 

Answer: C 


Q68. You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains two IP subnets connected by a Windows Server 2003 computer running Routing and Remote Access. All servers run Windows Server 2003. All client computers run Windows XP Professional. Each subnet contains a domain controller. Each subnet contains a DHCP server, which provides TCP/IP configuration information to the computers on only its subnet. The relevant portion of the network is shown in the exhibit. (Click the Exhibit button.) You recently implemented a Microsoft Internet Security and Acceleration (ISA) Server 2000 array on the network to provide Internet connectivity. The ISA Server array uses Network Load Balancing on the internal adapters. The array's Network Load Balancing cluster address is 

172.30.32.1. You configure the DHCP server on Subnet1 to provide the array's Network Load Balancing cluster address as the new default gateway. You configure the DHCP server on Subnet2 to provide the IP address 172.30.64.1 as the default gateway for Subnet2. Users on Subnet2 report that they cannot connect to Internet-based resources. They can successfully connect to resources located on Subnet1. Users on Subnet1 can successfully connect to Internet-based resources. You investigate and discover that no Internet requests from computers on Subnet2 are being received by the ISA Server array. You need to provide Internet connectivity to users on Subnet2. What should you do? 


A. Configure the DHCP server on Subnet2 to provide the address 172.30.32.2 as the default gateway. 

B. Configure the DHCP server on Subnet2 to provide the address 172.30.32.1 as the default gateway. 

C. On the Routing and Remote Access server, add a default route to 131.107.72.17. 

D. On the Routing and Remote Access server, add a default route to 172.30.32.1. 

Answer: D 


Q69. Your company has a single Active Directory directory service domain. You have multiple member servers that run Windows Server 2003 SP2 and are configured as Enterprise certification authorities (CAs). Your CAs accept auto-enrollment requests but do not issue new certificates. You ascertain that multiple Active Directory security groups are missing from the configuration. You need to create the security groups that are necessary to ensure that all users can auto-enroll. 

What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.) 

A. Create a CERTSVC_DCOM_ACCESS security group that contains the Everyone security group. 

B. Create a CERTSVC_DCOM_ACCESS security group that contains all the Enterprise CA computer accounts. 

C. Create a Certificate Publishers security group as a domain local group that contains all the Enterprise CA computer accounts. 

D. Create a Certificate Publishers security group as a universal group that contains all the user accounts that have Registration Authority privileges. 

Answer: AC 


70-293 vce

Most up-to-date 70-293 exam cost:

Q70. All servers in your environment run Windows Server 2003. Your companys member servers and client computers are located on the corporate network. Database servers are located on a separate network segment. 

You need to encrypt IP traffic that is sent between client computers and database servers. What should you do? 

A. Deploy IPSec in Tunnel mode. 

B. Deploy IPSec in Transport mode. 

C. Deploy a Routing and Remote Access service (RRAS) server that uses Layer Two Tunneling Protocol (L2TP). 

D. Deploy a Routing and Remote Access service (RRAS) server that uses Point-to-Point Tunneling Protocol (PPTP). 

Answer: A 


Q71. Your company has an Active Directory directory service domain . All servers run Windows Server 2003. Your company has the following Active Directory objects: 

An organizational unit (OU) named Dev Users that contains user accounts for all developer team members An OU named Dev Groups that contains group objects for the developer team A Group Policy object (GPO) named Secure Dev Users that is linked to the Dev Users OU A GPO named Secure Dev Groups that is linked to the Dev Groups OU You need to enable the auditing of failed attempts to modify group objects for the developer team. 

What should you do? 

A. Modify the audit policy in the Secure Dev Users GPO. 

B. Modify the audit policy in the Secure Dev Groups GPO. 

C. Modify the audit policy in the Local Security Policy GPO. 

D. Modify the audit policy in the Default Domain Controllers Policy GPO. 

Answer: D 


Q72. You are a network administrator for Company. The network consists of 20 Active Directory domains. All servers run Windows Server 2003. Company has 240 offices. Each office is configured as an Active Directory site. Company has a branch office that contains four users. 

User objects for these users are stored in the australia.Company.com domain. The branch office is connected to the corporate network by a 56-Kbps WAN connection. The branch office contains a domain controller named Company17 that is configured as an additional domain controller for the australia.Company.com domain. An Active Directory site is configured for the branch office. Company17 is a member of this site. An IP site link exists between the branch office and the main office. The WAN connection is available only during business hours. Users in the branch office report slow response times on the WAN connection. You examine the WAN connection and discover that the problem is caused by Active Directory replication. You need to improve the performance of the WAN connection. What should you do? 

A. Configure Company17as a global catalog server 

B. Enable universal group membership caching in the branch office. 

C. Remove Active Directory from Company17 and configure Company17 as a member server. 

D. On the site link that connects the branch office to the corporate network, increase the replication interval. 

Answer: D 


Q73. You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The network contains servers that have Terminal Server enabled. The terminal servers host legacy applications that currently require users to be members of the Power Users group. A new requirement in the company's written security policy states that the Power Users group must be empty on all resource servers. You need to maintain the ability to run the legacy applications on the terminal servers when the new security requirement is implemented. What should you do? 

A. Add the Domain Users global group to the Remote Desktop Users built-in group in the domain. 

B. Modify the Compatws.inf security template settings to allow members of the local Users group to run the applications. Import the security template into the Default Domain Controllers Policy Group Policy object (GPO). 

C. Modify the Compatws.inf security template settings to allow members of the local Users group to run the applications. Apply the modified template to each terminal server. 

D. Add the Domain Users global group to the Remote Desktop Users local group on each terminal server. 

Answer: C 


Q74. You are the network administrator for your company. The network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2003. The domain contains an organizational unit (OU) named Servers that contains all of the company's Windows Server 2003 resource servers. The domain also contains an OU named Workstations that contains all of the company's Windows XP Professional client computers. You configure a baseline security template for resource servers named Server.inf and a baseline security template for client computers named Workstation.inf. The Server.inf template contains hundreds of settings, including file and registry permission settings that have inheritance propagation enabled. The Workstation.inf template contains 20 security settings, none of which contain file or registry permissions settings. The resource servers operate at near capacity during business hours. You need to apply the baseline security templates so that the settings will be periodically enforced. You need to accomplish this task by using the minimum amount of administrative effort and while minimizing the performance impact on the resource servers. What should you do? 

A. On each resource server, create a weekly scheduled task to apply the Server.inf settings during off-peak hours by using the secedit command. Create a Group Policy object (GPO) and link it to the Workstations OU. Import the Workstation.inf template into the GPO. 

B. Import both the Server.inf and the Workstation.inf templates into the Default Domain Policy Group Policy object (GPO). 

C. On each resource server, create a weekly scheduled task to apply the Server.inf settings during off-peak hours by using the secedit command. Import the Workstation.inf template into the Default Domain Policy Group Policy object (GPO). 

D. Create a Group Policy object (GPO) and link it to the domain. Import both the Server.inf and the Workstation.inf templates into the GPO. 

Answer: A 


70-293 exams

Approved 70-293 pack:

Q75. You are a network administrator for Company. All client computers run Windows XP Professional. 

You administer a Windows Server 2003 file server named CompnaySrvC. CompnaySrvC contains two volumes configured as drive G and Drive H. Shared folders for the accounting department are stored on drive G. Shared folders for the marketing department are stored on drive G and on drive 

H. Drive H has sufficient space to store all of the shared folders with 400 GB of free space. The design team specifies the following requirements for the files in the marketing shared folders on CompnaySrvC: 

. The files must be backed up, even if they are open. 

. Backups can be performed during business hours, if required. 

. Users must be able to restore the files. 

You need to create a plan that will allow the backup and recovery of folders and files in accordance with the requirements. You need to minimize data loss. 

Which two actions should you take? (Each correct answer presents part of the solution. Choose two) 

A. Customize all shared folders by using the Documents template. 

B. Place all marketing shared folders on drive H. Enable Shadow Copies of Shared Folders on the volume. 

C. Configure all backups by selecting the Disable volume shadow copy check box. 

D. Install the Previous Versions client software on all marketing client computers. 

E. Assign all users the Allow – Full Control NTFS permissions for the marketing shared folders. 

Answer: BD 


Q76. All the servers in your company run Windows Server 2003. You configure a server as a stand-alone certification authority (CA) that uses role separation. Members of the local Administrators group are no longer able to perform role-based administration of the CA. You need to ensure that members of the local Administrators group can perform role-based administration of the CA. 

What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.) 

A. Assign the Auditor role to the local Administrators group. 

B. Assign the Backup Operator role to the local Administrators group. 

C. Remove the CA Administrator role from the local Administrators group. 

D. Remove the Certificate Manager role from the local Administrators group. 

Answer: CD 


Q77. You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. You administer a three-node Network Load Balancing cluster. Each cluster node runs Windows Server 2003 and has a single network adapter. The cluster has converged successfully. You notice that the nodes in the cluster run at almost full capacity most of the time. You want to add a fourth node to the cluster. You enable and configure Network Load Balancing on the fourth node. However, the cluster does not converge to a four-node cluster. In the System log on the existing three nodes, you find the exact same TCP/IP error event. The event has the following description: "The system detected an address conflict for IP address 10.50.8.70 with the system having network hardware address 02:BF:0*32:08:46." In the System log on the new fourth node, you find a similar TCP/error event with the following description: "The system detected an address conflict for IP address 

10.50.8.70 with the system having network hardware address 03:BF:0*32:08:46." Only the hardware address is different in the two descriptions. You verify that IP address 10.50.8.70 is configured as the cluster IP address on all four nodes. You want to configure a four-node Network Load Balancing cluster. What should you do? 

A. On the fourth node, run the wlbs.exe reload command. 

B. On the fourth node, run the nlb.exe resume command. 

C. Configure the fourth node to use multicast mode. 

D. Remove 10.50.8.70 from the Network Connections Properties of the fourth node. 

Answer: C 


Q78. You are a network administrator for your company. The network consists of a single Windows 2000 Active Directory forest that has four domains. All client computers run Windows XP Professional. The company's written security policy states that all e-mail messages must be electronically signed when sent to other employees. You decide to deploy Certificate Services and automatically enroll users for e-mail authentication certificates. You install Windows Server 2003 on two member servers and install Certificate Services. You configure one Windows Server 2003 computer as a root certification authority (CA). You configure the other Windows Server 2003 server as an enterprise subordinate CA. You open Certificate Templates on the enterprise subordinate CA, but you are unable to configure certificates templates for autoenrollment. The Certificate Templates administration tool is shown in the exhibit. (Click the Exhibit button.) 


You need to configure Active Directory to support autoenrollment of certificates. What should you do? 

A. Run the adprep /forestprep command on the schema operations master. 

B. Run the adprep /domainprep command on a Windows 2000 Server domain controller that is in the same domain as the enterprise subordinate CA. 

C. Place the enterprise subordinate CA's computer account in the Cert Publishers Domain Local group. 

D. Install Active Directory on the Windows Server 2003 member server that is functioning as the enterprise subordinate CA. Configure this server as an additional domain controller in the Windows 2000 Active Directory domain. 

Answer: A 


Q79. Your company has a file server that runs Windows Server 2003. You are planning a backup and recovery strategy for the file server. You have the following requirements. Back up the file server nightly. Minimize the disk space that is used by the backups. Ensure that you can restore the file server data to any backup point within the past 7 days. You schedule a normal backup to run weekly. You need to schedule an additional nightly backup that supports the requirements. 

Which type of backup should you schedule? 

A. Copy 

B. Normal 

C. Differential 

D. Incremental 

Answer: D 


Q80. All servers in your environment run Windows Server 2003. You are planning security policies for remote network administration for your company# s Tier 1, Tier 2, and Tier 3 support technicians . You r security policies must support the requirements shown in the following table. 


You enable Terminal Services for Tier 3 support technicians. You need to ensure that support technicians have the appropriate remote administration access to all servers. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Enable Offer Remote Assistance for Tier 1 and Tier 2 support technicians. 

B. Enable Offer Remote Assistance for Tier 3 support technicians. 

C. Enable Solicited Remote Assistance for Tier 1 and Tier 2 support technicians. 

D. Enable Solicited Remote Assistance for Tier 3 support technicians. 


Answer: BC 



see more 70-293 - Planning and Maintaining a Windows Server 2003 Network Infrastructure