Question 1 5 out of 5 points The most widely used IP addressing scheme is __ _____. Selected Answer: IPv4 Correct Answer: IPv4 Question 2 5 out of 5 points The most recent and largest address space IP addressing scheme is ______. Selected Answer: IPv6 Correct Answer: IPv6 Question 3 0 out of 5 points To distribute IP addresses automatically, a network administrator would configure the ______ service. Selected Answer: DHCP Correct Answer: Dynamic Host Configuration Protocol (DHCP) Question 4 5 out of 5 points The first attempt at breaking up IP address space used _ _ to provide address ranges of differing sizes. Selected Answer: classful addressing Correct Answer: classful addressing Question 5 5 out of 5 points Prior to the introduction of the Domain Name System, computers used __ __ to map human-readable named to IP addresses. Selected Answer: HOSTS files Correct Answer: HOSTS files Question 6 5 out of 5 points A(n) _¬___ is used to separate the host address portion of an IP address from the network address. Selected Answer: Subnet Mask Correct Answer: subnet mask Question 7 0 out of 5 points The subnet mask within the TCP/IP configuration is used to distinguish the ____ from the host address. Selected Answer: network Correct Answer: network address Question 8 0 out of 5 points In dotted-decimal notation, each IPv4 address is broken up into four ____. Selected Answer: bytes Correct Answer: octets Question 9 5 out of 5 points Server computers and other systems that need to be accessed reliably by network clients should be configured with a(n) ____. Selected Answer: static IP address Correct Answer: static IP address Question 10 0 out of 5 points The method of breaking up IP address space into address ranges of flexible size is called ___. Selected Answer: subnetting Correct Answer: Classless Inter-Domain Routing (CIDR) Question 11 5 out of 5 points What must each host on a TCP/IP network be configured with in order to communicate with other hosts? Selected Answer: IP address Correct Answer: IP address Question 12 5 out of 5 points What is the process of transmitting TCP/IP traffic from one IP subnet to another? Selected Answer: Routing Correct Answer: Routing Question 13 5 out of 5 points An IP network that is formatted such as 192.168.1.0/24 is referred to as what type of notation? Selected Answer: CIDR notation Correct Answer: CIDR notation Question 14 5 out of 5 points What is the default network protocol of the Internet and most modern corporate networks? Selected Answer: TCP/IP Correct Answer: TCP/IP Question 15 5 out of 5 points What was used by TCP/IP networks to perform name resolution prior to the introduction of the Domain Name System (DNS)? Selected Answer: HOSTS files Correct Answer: HOSTS files Question 16 5 out of 5 points What is the process of dividing a large TCP/IP address space into multiple smaller networks called? Selected Answer: Subnetting Correct Answer: Subnetting Question 17 5 out of 5 points What technology is used by private network ranges that has extended the useful life of IPv4 addressing and slowed the adoption rate of IPv6? Selected Answer: NAT Correct Answer: NAT Question 18 5 out of 5 points Which TCP/IP configuration item allows client computers to communicate with other computers that are located on remote networks? Selected Answer: Default gateway Correct Answer: Default gateway Question 19 5 out of 5 points On a TCP/IP network that uses the Domain Name System (DNS) for name resolution, what unique configuration item must each TCP/IP host possess? Selected Answer: Fully qualified domain name Correct Answer: Fully qualified domain name Question 20 5 out of 5 points In what format are IPv4 IP addresses most commonly written? Selected Answer: Dotted-decimal Correct Answer: Dotted-decimal Question 1 5 out of 5 points The ability to use the installation process to fix problems with an existing Windows Server system is called ___ _______. Selected Answer: repair mode Correct Answer: repair mode Question 2 5 out of 5 points Installation of just the necessary components for a particular server role, without the GUI and other software features, is called ____ ______. Selected Answer: server core Correct Answer: server core Question 3 5 out of 5 points The ____ ______ screen appears by default when the Windows Server 2008 operating system is first installed. Selected Answer: initial configuration tasks Correct Answer: Initial Configuration Tasks Question 4 0 out of 5 points A(n) ___ _____ offers the best performance of any multi-disk configuration option within the Disk Management MMC, but does so at the expense of fault tolerance. Selected Answer: spanned volume Correct Answer: striped volume Question 5 5 out of 5 points The feature that allows users on different computers to access the Internet through a single connection is called___ _______. Selected Answer: internet connection sharing (ICS) Correct Answer: Internet Connection Sharing Question 6 5 out of 5 points The ___ _______ provides a single point of administration to configure networking and firewall configuration tasks on a Windows Server 2008 computer. Selected Answer: Network and Sharing Center Correct Answer: Network and Sharing Center Question 7 5 out of 5 points The setting describing the network environment, such as home or public network, is called the ____ ______. Selected Answer: Network location Correct Answer: network location Question 8 5 out of 5 points Unsolicited inbound traffic can be blocked through the use of the ____ ___. Selected Answer: firewall Correct Answer: Windows firewall Question 9 5 out of 5 points The network location setting controls the behavior of ___ _______. Selected Answer: network discovery Correct Answer: network discovery Question 10 5 out of 5 points Once a disk is converted from a basic disk to a(n) __ _____, it can only be accessed only by operating systems that support dynamic disks: Windows 2000 Professional, Windows XP Professional, Windows Vista Business, Enterprise or Ultimate, Windows 2000 Server, Windows Server 2003, and Windows Server 2008. Selected Answer: dynamic disk Correct Answer: dynamic disk Question 11 5 out of 5 points What type of license key allows you to host an activation service locally within your own network? Selected Answer: Key Management System (KMS) Correct Answer: Key Management System (KMS) Question 12 0 out of 5 points What type of volume uses 50% of available drive space to provide fault tolerance for the volume? Selected Answer: RAID-5 Correct Answer: RAID-1 Question 13 5 out of 5 points Which disk formatting option will cause a disk to appear as a folder within an existing volume? Selected Answer: Mount point Correct Answer: Mount point Question 14 5 out of 5 points Which Windows Server 2008 feature installs and configured wireless connections and wireless LAN profiles? Selected Answer: Wireless Networking Correct Answer: Wireless Networking Question 15 0 out of 5 points What was the primary means of name resolution on Windows networks prior to the introduction of Windows 2000 and Active Directory? Selected Answer: HOSTS files Correct Answer: NetBIOS Question 16 5 out of 5 points Which feature is used to perform backups and restores of Windows volumes? Selected Answer: Windows Server Backup Correct Answer: Windows Server Backup Question 17 5 out of 5 points Which networking service is used to automatically associate NetBIOS names with IP addresses? Selected Answer: WINS Correct Answer: WINS Question 18 5 out of 5 points Which disk partition style is recommended for disks larger than 2TB or disks that are used in Itanium computers? Selected Answer: GUID Partition Table (GPT) Correct Answer: GUID Partition Table (GPT) Question 19 5 out of 5 points What is used to manage the licensing process for volume licenses of Windows Vista and Windows Server 2008? Selected Answer: Volume Activation Correct Answer: Volume Activation Question 20 5 out of 5 points Which volume contains the operating system files on a Windows computer? Selected Answer: Boot volume Correct Answer: Boot volume Question 1 50 out of 50 points Match the term in Column 1 to its description in Column 2. Question Correct Match Selected Match This DHCP message type is sent by a DHCP client when it no longer requires the use of an IP address that it has leased from a DHCP server. E. DHCPRELEASE E. DHCPRELEASE You can configure one of these to ensure that a DHCP client always receives the same IP address from a particular DHCP server. H. reservation H. reservation This is used to ensure that a particular address or block of addresses within a scope is not assigned to DHCP clients by a DHCP server. F. exclusion range F. exclusion range You must do this to any DHCP server that needs to function within an Active Directory domain. A. authorize A. authorize A DHCP client will send this message type if it determines that an IP address offered by a DHCP server is already in use. D. DHCPDECLINE D. DHCPDECLINE This is performed by a DHCP server when corruption is detected within the DHCP database. B. automatic restore B. automatic restore The DHCP database is based on this database technology G. Joint Engine Technology (JET) G. Joint Engine Technology (JET) Authorizing DHCP servers in Active Directory is designed to prevent against these. I. rogue DHCP server I. rogue DHCP server These provide DHCP parameters to DHCP clients based on vendor or user type. C. class options C. class options This defaults to 87.5% of the total DHCP lease. J. T2 J. T2 Question 2 5 out of 5 points Which of the following DHCP message types is sent first in the process of obtaining an address lease? Selected Answer: DHCPDISCOVER Correct Answer: DHCPDISCOVER Question 3 5 out of 5 points At which layer of the OSI model does DHCP operate? Selected Answer: Application layer Correct Answer: Application layer Question 4 5 out of 5 points What protocol is used by the Trivial File Transfer Protocol (TFTP)? Selected Answer: User Datagram Protocol (UDP) Correct Answer: User Datagram Protocol (UDP) Question 5 5 out of 5 points A DHCP client first attempts to reacquire its lease at half the lease time, which is known as: Selected Answer: T1 Correct Answer: T1 Question 6 5 out of 5 points The _______ is composed of the remaining addresses within a DHCP scope once all exclusion ranges have been applied. Selected Answer: available address pool Correct Answer: available address pool Question 7 5 out of 5 points The following is a lightweight version of FTP that uses the UDP protocol, which is used by the BOOTP protocol to transmit network configuration information Selected Answer: TFTP Correct Answer: TFTP Question 8 5 out of 5 points The following process will populate DHCP client lease information from the registry to the DHCP database: Selected Answer: Reconciliation Correct Answer: Reconciliation Question 9 5 out of 5 points The following is an administrative grouping of scopes that is used to support multiple logical subnets on a single network segment: Selected Answer: superscope Correct Answer: superscope Question 10 5 out of 5 points This indicates the location of the last information that was successfully written from transaction logs to a database file, such as a DHCP database. Selected Answer: Checkpoint file Correct Answer: Checkpoint file Question 11 5 out of 5 points The following is a hexadecimal address that is uniquely associated with a specific Network Interface Card (NIC): Selected Answer: MAC Correct Answer: MAC Question 1 5 out of 5 points A(n) _ _ will transfer all records within a zone from a primary server to a secondary server. Selected Answer: full zon transfer (AXFR) Correct Answer: full zone transfer (AXFR) Question 2 5 out of 5 points A(n) _ _ creates an alias for an existing A record. Selected Answer: CNAME record Correct Answer: CNAME Record Question 3 5 out of 5 points A(n) _ _ is used by e-mail systems such as Microsoft Exchange to locate mail servers in different networks. Selected Answer: Mail Exchanger (MX) record Correct Answer: Mail Exchanger (MX) record Question 4 5 out of 5 points The _ _ allows IPv6 hosts to map host names to IP addresses. Selected Answer: ip6.arpa domain Correct Answer: ip6.arpa domain Question 5 5 out of 5 points contoso.com is an example of a(n) _ _ within the .com top-level domain. Selected Answer: second-level domain Correct Answer: second-level domain Question 6 5 out of 5 points The _ _ application scope will replicate DNS data to all DNS servers within a domain. Selected Answer: DomainDNSZones Correct Answer: DomainDNSZones Question 7 5 out of 5 points A(n) _ _ stores DNS data in a text file on the server hard drive, rather than as part of Active Directory. Selected Answer: file-backed zone Correct Answer: file-backed zone Question 8 5 out of 5 points Each DNS record has a(n) _ _ that indicates the maximum time that a record will be cached by a DNS server before it is discarded. Selected Answer: (TTL) Time To Live Correct Answer: Time to Live (TTL) Question 9 5 out of 5 points A DNS server is considered _ _ for each zone that it hosts. Selected Answer: authoritative Correct Answer: authoritative Question 10 5 out of 5 points A DNS domain name like .uk or .it is an example of a(n) _ _ domain. Selected Answer: country code Correct Answer: country code Question 11 5 out of 5 points This DNS configuration item will forward DNS queries to different servers based on the domain name of the query. Selected Answer: Conditional forwarder Correct Answer: Conditional forwarder Question 12 5 out of 5 points This type of zone takes human-readable FQDNs and translates them into IP addresses. Selected Answer: Forward lookup zone Correct Answer: Forward lookup zone Question 13 5 out of 5 points This zone is used in combination with IP addresses to resolve queries for IPv4 IP addresses: Selected Answer: in.addr-arpa Correct Answer: in.addr-arpa Question 14 5 out of 5 points The IPv6 DNS host record is referred to as a(n): Selected Answer: AAAA record Correct Answer: AAAA record Question 15 5 out of 5 points A DNS server that hosts a primary or secondary zone containing a particular record can issue the following response to a query for that record: Selected Answer: Authoritative answer Correct Answer: Authoritative answer Question 16 5 out of 5 points You can secure an Active Directory-integrated DNS server, zone, or record by applying the following to it: Selected Answer: Discretionary Access Control List Correct Answer: Discretionary Access Control List Question 17 5 out of 5 points This zone type contains only SOA, name server, and glue records for the relevant zone. Selected Answer: Stub zone Correct Answer: Stub zone Question 18 5 out of 5 points Data from a primary zone is transmitted to secondary zones using the following: Selected Answer: Zone transfer Correct Answer: Zone transfer Question 19 5 out of 5 points These contain the names and IP addresses of the DNS servers authoritative for the root zone. Selected Answer: Root Hints Correct Answer: Root Hints Question 20 5 out of 5 points The following feature is available only on Active Directory-integrated DNS zones: Selected Answer: Secure dynamic updates Correct Answer: Secure dynamic updates Question 2 5 out of 5 points The IP address 255.255.255.255 represents ___________ in the IP Routing table. Selected Answer: Limited broadcast address Correct Answer: Limited broadcast address Question 3 5 out of 5 points To allow users to specify a call-back number when they connect to a remote access server via modem, you will enable the following setting: Selected Answer: Set by Caller Correct Answer: Set by Caller Question 4 5 out of 5 points Routing Information Protocol v2 (RIPv2) is an example of a: Selected Answer: Routing protocol Correct Answer: Routing protocol Question 5 5 out of 5 points Windows Server 2008 can provide remote access services through a Virtual Private Network (VPN) or through: Selected Answer: Dial-Up Networking (DUN) Correct Answer: Dial-Up Networking (DUN) Question 6 5 out of 5 points When a workstation ends a session with an 802.1X-secured network port, it sends the following to inform the network access server to set the port back to an Unauthorized status: Selected Answer: EAP-Logoff Correct Answer: EAP-Logoff Question 7 5 out of 5 points If an IP Routing Table contains two routes to the same destination network, the route with the lowest __________ will be selected first. Selected Answer: Metric Correct Answer: Metric Question 8 5 out of 5 points Network information at the Network Layer of the OSI model is organized into: Selected Answer: Packets Correct Answer: Packets Question 9 0 out of 5 points In an 802.1X infrastructure, an NPS or RADIUS server performs the role of the: Selected Answer: Authenticator Correct Answer: Authorization Server (AS) Question 10 5 out of 5 points The following RRAS service allows multiple computers on an internal network to share a single public IP address to access the Internet: Selected Answer: Network Address Translation (NAT) Correct Answer: Network Address Translation (NAT) Question 11 5 out of 5 points The following route is used by a computer s default gateway to send traffic to remote networks: Selected Answer: Default route Correct Answer: Default route Question 1 40 out of 50 points Match the following definitions with the appropriate term. Question Correct Match Selected Match This type of router is well-suited for a small organization with low levels of network traffic utilization. I. software-based router I. software-based router Network data at the Data Link Layer is organized into these. B. frames B. frames This is used as the Windows Server 2008 implementation of a RADIUS server. F. Network Policy Server (NPS) F. Network Policy Server (NPS) This routing protocol was supported in Windows Server 2003 but is no longer available with the Routing and Remote Access server role in Windows Server 2008. G. Open Shortest Path First (OSPF) G. Open Shortest Path First (OSPF) This address corresponds to the 127.0.0.1 address used for TCP/IP diagnostics and troubleshooting. D. loopback address D. loopback address Question 1 5 out of 5 points The DFS Replication engine uses a form of replication called _ _. Selected Answer: multiple master replication Correct Answer: multiple master replication Question 2 5 out of 5 points In the Distributed File System, the actual shared folders referred to by the virtual folders in the namespace are known as _ _. Selected Answer: targets Correct Answer: targets Question 3 5 out of 5 points DFS Replication relies on a protocol called _ _ for file replication. Selected Answer: remote differential compression (RDC) Correct Answer: Remote Differential Compression (RDC) Question 4 5 out of 5 points A DFS replication topology in which every server replicates with every other server is called a(n) _ Topology. Selected Answer: full mesh Correct Answer: full mesh Question 5 5 out of 5 points The basic file-sharing capabilities of a Windows server are provided by the _ _ service. Selected Answer: server Correct Answer: Server Question 6 5 out of 5 points To keep a DFS folder s multiple targets synchronized, you must create a(n) _ _. Selected Answer: replication group Correct Answer: replication group Question 7 5 out of 5 points The __ __ allows you to simplify the view of file shares located across multiple servers as they appear to your user base. Selected Answer: distributed file service (DFS) Correct Answer: Distributed File Service (DFS) Question 8 5 out of 5 points A(n) __ __ appears to the operating system as though it is a physically separate disk and can host an operating system Selected Answer: primary partition Correct Answer: primary partition Question 9 5 out of 5 points A(n) __ __ enables you to limit DFS replication traffic to specific pairs of members. Selected Answer: hub/spoke topology Correct Answer: hub/spoke topology Question 10 5 out of 5 points A DFS __ __ enables you to create a single directory tree that contains references to shared folders located on multiple separate file servers. Selected Answer: namespace Correct Answer: namespace Question 11 5 out of 5 points An alternative to the multimaster replication model used in DFS is: Selected Answer: Single master replication Correct Answer: Single master replication Question 12 5 out of 5 points A server in a replication group is referred to as a: Selected Answer: Member Correct Answer: Member Question 13 5 out of 5 points This refers to the ability of DFS clients to revert back to folder targets that have been unavailable due to server or network outages. Selected Answer: Client failback Correct Answer: Client failback Question 14 5 out of 5 points A disk partition that can hold data but not an operating system is called a(n): Selected Answer: Extended partition Correct Answer: Extended partition Question 15 5 out of 5 points This DFS component is responsible for maintaining a list of DFS shared folders and responding to user requests for those folders. Selected Answer: Namespace server Correct Answer: Namespace server Question 16 5 out of 5 points A DFS __________ contains a virtual representation of the shared folders on all DFS target servers. Selected Answer: Namespace Correct Answer: Namespace Question 17 5 out of 5 points The Distributed File System uses the following replication model to keep servers in a replication group up to date: Selected Answer: Multiple Master Replication Correct Answer: Multiple Master Replication Question 18 5 out of 5 points In this topology, every member of a DFS replication group replicates with every other member, for full replication connectivity. Selected Answer: Full mesh replication Correct Answer: Full mesh replication Question 19 5 out of 5 points The following service is required on a Windows Server 2008 server in order to enable file sharing: Selected Answer: Server Service Correct Answer: Server Service Question 20 5 out of 5 points To enable replication for a DFS folder with multiple folder targets, you must create the following: Selected Answer: Replication group Correct Answer: Replication group Question 1 5 out of 5 points A(n) __ is the software interface through which a computer communicates with a print device. Selected Answer: printer Correct Answer: printer Question 2 5 out of 5 points When you connect a single print server to multiple print devices, you create what is called a(n) __. Selected Answer: printer pool Correct Answer: printer pool Question 3 5 out of 5 points By default, all printers assign the Allow Print permission to the __ special identity, which enables all users to access the printer and manage their own documents. Selected Answer: everyone Correct Answer: Everyone Question 4 5 out of 5 points Users with the __ permission can go beyond just manipulating queued documents; they can reconfigure the printer itself. Selected Answer: manage Correct Answer: Manage Printers Question 5 5 out of 5 points The ____ is the default print format used by the Windows 2000, Windows XP, and Windows Server 2003 operating systems. Selected Answer: EMF interim Correct Answer: Enhanced Metafile Format (EMF) Question 6 5 out of 5 points A(n) ____ is a device driver that converts the print jobs generated by applications into an appropriate string of commands for a specific print device. Selected Answer: printer driver Correct Answer: printer driver Question 7 5 out of 5 points The ____ allows clients to print documents using HTTP traffic over an intranet or the World Wide Web. Selected Answer: Internet Printing Protocol (IPP) Correct Answer: Internet Printing Protocol (IPP) Question 8 5 out of 5 points Users with the ____ permission to a printer have the ability to pause, resume, restart, and cancel their own documents, but not documents created by any other user. Selected Answer: print Correct Answer: Print Question 9 5 out of 5 points A(n) ____ print architecture consists of one print device connected to one computer. Selected Answer: locally-attached print device Correct Answer: locally attached print device Question 10 0 out of 5 points ____ such as Printer Not Ready are a useful way for administrators to determine what printers need attention throughout a Windows Server 2008 network. Selected Answer: Default Filters Correct Answer: Custom filters Question 11 5 out of 5 points Which printer permission allows users to pause, resume, restart and cancel all users' documents, and to control job settings for all documents? Selected Answer: Manage Documents Correct Answer: Manage Documents Question 12 5 out of 5 points What document format is a new, platform-independent format included with Windows Vista and Windows Server 2008? Selected Answer: XML Paper Specification (XPS) Correct Answer: XML Paper Specification (XPS) Question 13 5 out of 5 points What kind of device receives print jobs from clients and sends them to either locally-attached or network-attached printer devices? Selected Answer: Print server Correct Answer: Print server Question 14 3 out of 5 points What kind of print device is connected to a TCP/IP network, either directly or through another computer? Selected Answer: Network-attached print device Correct Answer: Print server Question 15 5 out of 5 points What can you create to connect a single print server to multiple print devices? Selected Answer: Printer pool Correct Answer: Printer pool Question 16 5 out of 5 points What permission allows a user to share a printer, delete a printer, and change a printer's properties? Selected Answer: Manage Printers Correct Answer: Manage Printers Question 17 0 out of 5 points What kind of printer is directly attached to a single computer, regardless of the interface it uses to connect? Selected Answer: Network-attached printer Correct Answer: Local printer Question 18 5 out of 5 points What protocol allows users to print documents through an IIS server? Selected Answer: IPP Correct Answer: IPP Question 19 5 out of 5 points What describes the actual hardware that produces hard copy documents on paper or other print media? Selected Answer: Print device Correct Answer: Print device Question 20 5 out of 5 points What permission allows users to pause, manage and cancel only those printer documents that they have created? Selected Answer: Print Correct Answer: Print Question 2 5 out of 5 points This feature will automatically check for software updates that are published on a WSUS server. Selected Answer: Automatic Updates Correct Answer: Automatic Updates Question 3 5 out of 5 points This view of the Windows Event Viewer allows you to configure a Windows Server 2008 computer to act as a repository for Event Viewer entries from one or more remote computers. Selected Answer: Forwarded Events Correct Answer: Forwarded Events Question 4 5 out of 5 points The following user group can view both real-time and historical data within the Performance Monitor console, but cannot create or modify Data Collector Sets: Selected Answer: Performance Monitor Users Correct Answer: Performance Monitor Users Question 5 5 out of 5 points In order to collect events from remote computers that match the criteria of one or more event filters that you define, you will create one or more of the following: Selected Answer: Subscription Correct Answer: Subscription Question 6 5 out of 5 points What protocol does the Windows Event Viewer use to configure event forwarding? Selected Answer: WS-Management Correct Answer: WS-Management Question 7 5 out of 5 points This is a new Event Log in Windows Server 2008, used to capture information regarding operating system and application installations and un-installations. Selected Answer: Setup Log Correct Answer: Setup Log Question 8 5 out of 5 points The following service allows you to configure a single server as a repository of Event Viewer information for multiple computers: Selected Answer: Windows Event Collector Service Correct Answer: Windows Event Collector Service Question 9 5 out of 5 points The following allows you to display only those packets matching a particular set of criterion among a larger set of packets that have been captured by Network Monitor: Selected Answer: Display Filter Correct Answer: Display Filter Question 10 5 out of 5 points The following user group can view both real-time and historical data within the Performance Monitor console, and can also create and modify Data Collector Sets: Selected Answer: Performance Log Users Correct Answer: Performance Log Users Question 11 5 out of 5 points The following is a server-side component within WSUS that retrieves the latest critical updates from the Windows Update Web site: Selected Answer: Content Synchronization Service Correct Answer: Content Synchronization Service Question 1 5 out of 5 points The __ __ was configured in Windows 2000, Windows Server 2003, and Windows XP IPSec policies to ensure that the computer responds to requests for secure communication. Selected Answer: default response rule Correct Answer: default response rule Question 2 5 out of 5 points A(n) __ __ attack is one in which a malicious user masquerades as the legitimate sender or recipient of network traffic. Selected Answer: identity spoofing Correct Answer: identity spoofing Question 3 5 out of 5 points The strongest form of NT LAN Manager authentication is __ __. Selected Answer: NTVMv2 Correct Answer: NTLMv2 authentication Question 4 0 out of 5 points IPSec __ __ is used to provide end-to-end security, in which both hosts support IPSec using the same authentication protocols. Selected Answer: policy Correct Answer: transport mode Question 5 5 out of 5 points A(n) __ __ connection security rule allows you to restrict inbound and outbound connections based on certain sets of criteria, such as membership in a particular Active Directory domain. Selected Answer: Isolation Correct Answer: Isolation Question 6 5 out of 5 points Microsoft Network Monitor is an example of a real-world __ __. Selected Answer: packet sniffing Correct Answer: packet sniffer Question 7 0 out of 5 points The Windows Firewall with Advanced Security MMC snap-in allows you to integrate IPSec into the Windows Firewall by configuring one or more __ __. Selected Answer: features Correct Answer: Connection Security Rules Question 8 5 out of 5 points The default __ __ for IPSec connections in an Active Directory environment is the Kerberos v5 protocol. Selected Answer: authentication method Correct Answer: authentication method Question 9 5 out of 5 points Each Windows Firewall exception can be configured with a specific __ __ to control which computers the local computer will accept connections from. Selected Answer: range of IP addresses Correct Answer: scope Question 10 5 out of 5 points A(n) __ __ must occur before secure traffic can be sent, in order to determine the type of traffic to be secured and how it will be secured Selected Answer: negotiation Correct Answer: quick mode negotiation Question 11 5 out of 5 points This is used to provide gateway-to-gateway protection for site-to-site communications that cross the Internet (or other public networks). Selected Answer: Tunnel mode Correct Answer: Tunnel mode Question 12 5 out of 5 points Windows Server 2003 supports the following feature, which is used to determine new keying material through a new Diffie-Hellman exchange on a regular basis: Selected Answer: Dynamic rekeying Correct Answer: Dynamic rekeying Question 13 5 out of 5 points The following protocol provides confidentiality (in addition to authentication, integrity, and anti-replay) for the IP payload: Selected Answer: Encapsulating Security Payload (ESP) Correct Answer: Encapsulating Security Payload (ESP) Question 14 5 out of 5 points This suite of protocols was introduced to provide a series of cryptographic algorithms that can be used to provide security for all TCP/IP hosts at the Internet layer, regardless of the actual application that is sending or receiving data. Selected Answer: IPSec Correct Answer: IPSec Question 15 5 out of 5 points The following is a value contained in a received IKE message that is used to help identify the corresponding main mode SA: Selected Answer: Cookie Correct Answer: Cookie Question 16 5 out of 5 points This Connection Security Rule allows you to specify one or more computers that do not need to be authenticated in order to pass traffic. Selected Answer: Authentication exemption Correct Answer: Authentication exemption Question 17 5 out of 5 points You can configure the Windows Firewall to allow one or more inbound connections based on any of the following that you configure: Selected Answer: Exception Correct Answer: Exception Question 18 5 out of 5 points An IP Filter in which traffic that is defined in one direction will also be defined in the opposite direction is said to be: Selected Answer: Mirrored Correct Answer: Mirrored Question 19 5 out of 5 points The following NTLM Authentication type is disabled by default in Windows Server 2003 and Windows Server 2008 servers; it should not be used in a production environment as it is weak and can be easily hacked by malicious users: Selected Answer: LM authentication Correct Answer: LM authentication Question 20 5 out of 5 points This is a mathematical value that is used to provide an integrity check for a TCP or UDP packet. Selected Answer: Checksum Correct Answer: Checksum Question 1 5 out of 5 points A(n) _ _ is a CA that integrates with Active Directory and allows for auto-enrollment of user and computer certificates through the use of Group Policy and certificate templates. Selected Answer: enterprise CA Correct Answer: enterprise CA Question 2 5 out of 5 points The top-level CA in any PKI hierarchy is the _ _. Selected Answer: root CA Correct Answer: root CA Question 3 0 out of 5 points One alternative to using public key cryptography is by using a(n) _ _. Selected Answer: certificate authority Correct Answer: shared secret key Question 4 5 out of 5 points Each PKI certificate consists of a public key that is widely known, and a(n) _ _ that is known only to the user or computer who holds the certificate. Selected Answer: private key Correct Answer: private key Question 5 0 out of 5 points Users can request certificates via the web using the _ _ service. Selected Answer: online responder Correct Answer: Certification Authority Web Enrollment Question 6 0 out of 5 points A __ __ obtains PKI health certificates from client computers when the IPSec NAP enforcement method is used. Selected Answer: internet protocol security (IPSe) enforcement Correct Answer: Health Registration Authority (HRA) Question 7 0 out of 5 points The __ __ method is the only NAP enforcement agent that can be deployed in the absence of an Active Directory domain. Selected Answer: DHCP Correct Answer: DHCP enforcement Question 8 5 out of 5 points __ __ provide continuous monitoring of system compliance on all NAP clients. Selected Answer: System Health Agents (SHAs) Correct Answer: System Health Agents (SHAs) Question 9 0 out of 5 points The __ __ distributes Statement of Health information to the appropriate System Health Validators. Selected Answer: NAP agent Correct Answer: NAP administration server Question 10 0 out of 5 points Each System Health Agent provides a __ __ regarding its health status. Selected Answer: System Statement of Health (SSCH) Correct Answer: Statement of Health (SOH) Question 11 5 out of 5 points Each server that functions as a CA must be configured with a(n): Selected Answer: Revocation configuration Correct Answer: Revocation configuration Question 12 5 out of 5 points An organization can have one or more of these to distribute the load of issuing certificates in a geographically dispersed organization: Selected Answer: Intermediate CA Correct Answer: Intermediate CA Question 13 5 out of 5 points In order to authenticate using a smart card that has been configured for their use, a user must have the following installed at their workstation: Selected Answer: smart card reader Correct Answer: smart card reader Question 14 5 out of 5 points Which component of Active Directory Certificate Services uses the Online Certificate Status Protocol to respond to client requests? Selected Answer: Online Responder Correct Answer: Online Responder Question 15 5 out of 5 points The IPSec NAP Enforcement method relies on this type of PKI certificate to perform its enforcements: Selected Answer: health certificate Correct Answer: health certificate Question 16 5 out of 5 points A server that operates the NAP Enforcement Server components is referred to as a(n): Selected Answer: enforcement point Correct Answer: enforcement point Question 17 5 out of 5 points The Network Device Enrollment Service (NDES) uses the following protocol to enroll network devices for PKI certificates: Selected Answer: Simple Certificate Enrollment Protocol Correct Answer: Simple Certificate Enrollment Protocol Question 18 0 out of 5 points Statements of Health from each SHA are combined to create a: Selected Answer: System Statement of Health Response Correct Answer: System Statement of Health Question 19 5 out of 5 points The following NAP component transmits information between the NAP Enforcement Clients and the System Health Agents: Selected Answer: NAP Agent Correct Answer: NAP Agent Question 20 5 out of 5 points This provides a detailed explanation of how a particular Certification Authority manages certificates and keys Selected Answer: Certificate Practice Statement Correct Answer: Certificate Practice Statement Question 2 5 out of 5 points This type of backup will completely reformat the target drive that hosts the backup files. Selected Answer: Scheduled backup Correct Answer: Scheduled backup Question 3 5 out of 5 points This type of disk quota allows the user to access storage space beyond the allotted amount and simply sends an email notification when the quota has been exceeded. Selected Answer: soft quota Correct Answer: soft quota Question 4 5 out of 5 points This type of restore can be used to recover an entire server after it has experienced a hardware failure or other disaster recovery scenario. Selected Answer: bare-metal restore Correct Answer: bare-metal restore Question 5 5 out of 5 points This backup type will retain the Application log files on the local server after the backup is completed. Selected Answer: Copy backup Correct Answer: Copy backup Question 6 5 out of 5 points This quota type prohibits users from consuming any disk space beyond what has been defined within the quota. Selected Answer: hard quota Correct Answer: hard quota Question 7 5 out of 5 points This is the only type of quota available on servers that do not have the File Server Resource Manager role service installed. Selected Answer: NTFS quota Correct Answer: NTFS quota Question 8 5 out of 5 points All Windows disk quotas are based on the following to determine the amount of space being used by a particular user. Selected Answer: file ownership Correct Answer: file ownership Question 9 5 out of 5 points This backup type will update the server s backup history and will clear the Application Log files on the server. Selected Answer: VSS full backup Correct Answer: VSS full backup Question 10 5 out of 5 points This collection of disk quota settings can be used to create numerous quota assignments all containing consistent configuration settings. Selected Answer: quota template Correct Answer: quota template Question 11 5 out of 5 points This backup technology was introduced by Windows Server 2008 and relies on the Volume Shadow Copy Service (VSS). Selected Answer: Windows Server Backup Correct Answer: Windows Server Backup Administrators can specify these to dictate the percentage of available disk space at which actions associated with disk quotas will take effect. F. threshold F. threshold This is a new command-line and task-based scripting technology that is included with Windows Server 2008. I. Windows Powershell I. Windows Powershell This is a limit that is placed on the disk space a user is permitted to consume in a particular volume or folder. A. disk quota disk quota This controls what types of traffic will be recorded by Network Monitor when you press F10. D. Capture Filter D. Capture Filter This right must be granted to Performance Log Users to allow them to create and manage Data Collector Sets. H. Log on as a batch user H. Log on as a batch user This custom view in the Event Viewer collects Critical, Error, and Warning events from all logs on a particular server. A. Administrative Events A. Administrative Events This capture mode enables Network Monitor to listen to all traffic that is being passed on a particular network segment. J. promiscuous mode J. promiscuous mode This service is used by WSUS to optimize network traffic while downloading updates. C. Background Intelligent Transfer Service (BITS) C. Background Intelligent Transfer Service (BITS) This type of forwarded event is initiated by the server acting as the event repository. E. collector initiated E. collector initiated This is the command-line method of launching the Performance Monitor MMC snap-in. I. perfmon I. perfmon This log provides a view of events related to software that has been installed on a Windows server computer. B. Application Log B. Application Log This is collected to provide a real-time view into the behavior and performance of a server and its applications. G. event trace data G. event trace data This allows you to organize a set of performance counters, event traces, and system configuration data into a single reusable configuration item. F. Data Collector Set F. Data Collector Set