Microsoft Managing & Maintaining a Windows Server 2003

Managing and Maintaining Physical and Logical Devices

Managing Users, Computers, and Groups

Pass 70-290 exam in the first attempt. Full featured Tests. 538 questions with answers and 135 study notes articles and exam tips, click the link below:

70-290 – MCSE Windows Server 2003 Environment
Download link:
https://www.ucertify.com/exams/Microsoft/70-290.html

Managing and Maintaining Access to Resources

  • If you copy a file from one folder to another folder (on the same volume or on the different volumes), the file will have the same permissions as the destination folder.
  • In order to prohibit a particular user from connecting to a member server from the network, you will have to assign the Deny access to this computer from the network logon right to the user.
  • The Shadow Copies feature of Windows Server 2003 is used by administrators and users to recover files or folders from damage as quickly as possible.
  • Users report that when they try to connect to the Terminal Server, they receive the following error message “The local policy of this system does not allow you to logon interactively.” According to the error message, users are not able to logon to the local policy of the system, so you have to grant them the right to log on locally. Log On Locally user right allows a user to log on to the computer where the user account has been defined.
  • To enable Remote Desktop on one of the member servers, you will have to use System Properties in Control Panel, click the Remote tab and enable the Remote Desktop check box.
  • In order to ensure that all the members of a domain group can log on to the terminal servers, you will have to add the domain group to the Remote Desktop Users group on the terminal server.
  • The TSSHUTDN command is used to shut down a Terminal server.
  • TSPROF copies the Terminal Server user configuration information (displayed in User Manager for Domains) from one user to another. TSPROF can also update the profile path for a user.
  • In order to rename the user account, you will have to use the following command: DSMOVE rick -newname john
  • In order to configure Terminal server so that the users are prevented from opening more than one session, you will have to set the Restrict each user to one session option to yes on the Terminal Services Configuration\Server Settings window on the terminal server.
  • You want to perform a function of sending queries to the server and to obtain detailed responses at command prompt. You also want to update resource records correctly in a zone and debug other server related problems. In order to accomplish the task, you will have to run NSLOOKUP command.
  • Server (Request Security) policy allows the server to request IPSec negotiation, but will allow unsecured communication if the other computer is not IPSec aware
  • Query process displays information about processes running on a terminal server. You can use this command to find out which program a specific user is running, and also which users are running a specific program.
  • Advanced Configuration and Power Interface (ACPI) defines power management on a wide range of mobile, desktop, and server computers and peripherals.
  • The IP Security Monitor console shows IPSec statistics and active security associations (SA). After establishing the connections, you can see the created SA. If the connections are established, but there is no SA, it indicates that the traffic was not protected by IPSec.
  • To segregate certain servers from other domain controllers, create a new OU for those server. A separate OU will help you implement the policies on those servers only.
  • The MBSA utility scans the security updates against the complete list of available security updates listed in the MSSECURE.XML file. This file is downloaded by MBSA at runtime from the Internet.
  • Predefined security templates are used for creating security policies for a network or computer. These security templates can be used to configure an individual computer or group of computers. By default, the predefined security templates are stored in the SYSTEMROOTSECURITYTEMPLATES folder.
  • A client computer has a shared folder named DATA. The company employees use this folder. They often complain that they are unable to access this folder. You find that this problem occurs whenever more than ten users are trying to access the folder. In order to ensure that all employees are able to access the shared folder simultaneously, you will have to move the shared folder on one of the servers. Moving the shared folder on the server will allow more concurrent connections.
  • You have created a shared folder as a hidden share by suffixing the $ sign after the share name. To enable a shared folder to be visible to all the users browsing the network, you will have to remove the $ sign.

Managing and Maintaining a Server Environment

  • NSLOOKUP is a tool for diagnosing and troubleshooting Domain Name System (DNS) problems.
  • NETSTAT is used to show the state of current TCP/IP connections.
  • NBTSTAT with /c switch is used to list the cache of NetBIOS names and IP addresses.
  • NETSTAT is a command-line utility that displays protocol-related statistics and the state of current TCP/IP connections.
  • PING utility is used to test connectivity with a host on a TCP/IP-based network.
  • PING is used to verify the existence of a host in a network.
  • The TRACERT utility traces the path taken by TCP/IP packets to a remote computer.
  • The PING LOCALHOST command is used to verify that TCP/IP is bound correctly to the network adapter by communicating with the loopback address 127.0.0.1.
  • NBTSTAT -n displays the list of local NetBIOS names.
  • Event Viewer is used to locate the source of problems by monitoring system logs, security logs, and application logs.
  • The TRACERT utility tells how many hops (maximum 30) away the target device is.
  • The EVENTQUERY utility lists the events and event properties from one or more event logs.
  • Account logon events are generated when a domain user account is authenticated on a domain controller. The event is logged in the domain controller’s security log.
  • System Monitor is used to track items such as, I/O, memory usage, user connections, and locks.
  • The Security log contains events related to logon events by users. It also logs events such as opening, creating or deleting of files, folders, and other resources.
  • A dependency service failure message in Windows Server 2003 comes under the system log in the Event Viewer utility.
  • In order to track access to account management events on the domain controllers, view the security log in the Event Viewer utility.
  • The EVENTQUERY utility lists the events and event properties from one or more event logs.
  • You receive an error message from one of the member servers during the boot process that a dependency service has failed to start. In order to obtain more information about the error, you will have to run the Event Viewer utility and check the System log.
  • In order to identify the person who has deleted a user account, you will have to use the Event Viewer tool and filter the security event log for the Account Management events on the domain controller.
  • The ARP utility is used to display and modify the IP-to-Mac address translation table used by the ARP protocol.
  • Configure Automatic Updates in order to update the server with the latest patches from Start > Control Panel > System. Click the Automatic Updates tab and select the check box.
  • When the Software Update Services is used to deploy security updates, the security updates must be approved before the client computers download and install them.
  • In order to ensure that the downloading and synchronization of the software updates take a minimum amount of time, you will have to select only the languages that are required. This will avoid downloading the same software updates in different languages, which are not required.
  • TRACERT is a route-tracing Windows utility that displays the path an IP packet takes to reach its destination. It shows the Fully Qualified Domain Name (FQDN) and the IP address of each gateway along the route to the remote host.
  • In order to deploy an application to all the client computers in the Sales OU, you will have to deploy the application by linking a GPO at the Sales OU. Linking the GPO at the Sales OU will deploy the application on all the client computers with a minimum of administrative effort.
  • The synchronization log of SUS stores information about the synchronization of contents.
  • In order to update the server with the latest patches, you will have to configure the Automatic Updates from Start > Control Panel > System. In the System Properties dialog box, you will then have to click the Automatic Updates tab and select the Keep my computer up to date check box.
  • Software Update Services (SUS) is a tool used to acquire and distribute critical Windows patches to computers running Windows operating systems.
  • In order to ensure that all client computers in an organizational unit (OU) receive the most recently released patch and future security patches from SUSERV, you will have to open the Group Policy object (GPO) for the OU and configure the Computer Configuration/Administrative Templates/Windows Components/Windows Update setting.
  • Per Device or Per User licensing mode is a new licensing mode in Windows 2003. It enables all network devices or users to access all the servers on a network. In this mode, the number of simultaneous connections to any server is unlimited. Per Device or Per User is the normal licensing mode for a server product that is installed on multiple servers in a network. It is the best option if clients frequently use multiple servers on the network. This licensing mode requires one Client Access License for each device.
  • NTDSUTIL.EXE is a command-line tool that is used to manage Active Directory.
  • FTP is the primary TCP/IP protocol used to transfer text and binary files over the Internet.
  • Both PING and TRACERT use ICMP echo requests to diagnose a TCP/IP configuration.
  • Telnet uses port 23 by default.
  • Telnet enables you to access a UNIX server, using a text-based connection.
  • PPP, SLIP, and PPTP are remote access protocols.
  • Configure Your Server Wizard guides users in installing and configuring server roles.
  • The ADMINPAK allows administrators to install the Windows Server 2003 management tools onto a Windows XP Professional or Windows Server 2003 computers in order to perform remote server management functions.
  • NTDSUTIL.EXE is a command-line tool that is used to manage Active Directory. This utility is used to perform the following tasks:
    • Performing database maintenance of Active Directory.
    • Managing and controlling operations master roles.
    • Removing metadata left behind by domain controllers.

    Note: The NTDSUTIL utility is supposed to be used by experienced administrators.

  • Internet Authentication Service (IAS) performs centralized connection authentication, authorization, and accounting for dial-up and virtual private network (VPN), remote access, and router-to-router connections.
  • Internet connection sharing (ICS) provides the ability to connect a home network or a private network to the Internet.
  • The use of smart cards for user authentication is a strong form of authentication.
  • Microsoft Windows Server 2003 Automated Deployment Services (ADS) is used by administrators to build and manage very large and scaled out deployment of Windows servers. It includes a new set of imaging tools for rapidly deploying Windows 2000 Server and Windows Server 2003 remotely. ADS offers improved communication security and a reliable script execution framework. It uses the image-based deployment method.
  • Use the Point-to-Point Tunneling (PPTP) protocol to connect to the company’s private network securely by a remote client using a public network such as the Internet.
  • In order to enable a server to offer remote assistance, you will have to perform the following actions:
    • Log on as administrator on the server. Run gpedit.msc to edit the local Group Policy.
    • In the Computer Configuration, expand Administrative Templates and System. Click Remote Assistance.
    • Double-click Offer Remote Assistance, and select Enabled.
  • A user can use Remote Assistance to invite a trusted person to chat with him, observe his working screen, and with users permission, remotely control his computer.
  • You have added all user information such as phone number, address, e-mail, etc. while creating a user account in the domain. In order to get a user’s e-mail address, you will have to run the following command: DSGET user rick -email
  • A gateway server is used to provide Windows client access to an AS400 mainframe.
  • The two modes available with the RSoP Wizard to collect data for RSoP queries are Logging mode and Planning mode.
  • The Advanced System Information-Policy tool is used to create an RSoP query and view the result in HTML format.
  • When an application is published to a user, the published application stores the advertisement attributes in the Active Directory. Users can then install the application either by using Add/Remove Programs in the Control Panel or by clicking any file associated with the application.
  • The Apply to All Users Except Administrators option is available to prevent restrictions from affecting the administrators’ accounts in the domain. This option allows administrators to bypass the restrictions applied by the policy.
  • Microsoft Windows 2000 Server uses the File Replication Service (FRS) to replicate system policies and logon scripts stored in the system volume (SYSVOL). Each domain controller keeps a copy of SYSVOL for the network clients to access the resources.
  • Network Monitor works as a protocol analyzer and captures packets from the network and analyzes their contents in detail.
  • The GPUPDATE command is used to refresh the local and Active Directory-based group policy settings. It also refreshes security settings.
  • If the No Override configuration is set to a GPO, no policy configured in the GPO can be overridden.
  • LPR is a utility used to print a file to a host running a Line Printer Daemon (LPD) server.
  • A user sends print jobs to a print server. However, the jobs are not printing and no users are able to print the documents successfully. You find that these documents are being spooled. To enable users to print on the printer, you will have to first stop and then restart the spooler service by using the following commands: To stop the Print Spooler service: NET STOP spooler To start the Print Spooler service: NET START spooler
  • Sharing a printer on the member server, which is part of the domain, automatically publishes the printer in Active Directory.
  • The large print jobs send by users on the network are not printing and they are printing small documents successfully. In order to ensure that the users are able to print large print jobs on the print server, you will have to increase the free disk space on the print server by deleting unnecessary files from the print server’s hard disk drive. The large print jobs are not printing because the print spool does not have enough free disk space for large print jobs. The printer is able to print small jobs because the print spool has space for small print jobs.
  • In order to find the printer in Active Directory and print the documents from remote computers, you will have to share the printer on print server. Sharing a printer on the server, which is part of the domain, will automatically publish the printer in Active Directory.
  • In order to capture only a specific type of traffic, configure a capture filter.
  • You will have to choose the PhysicalDisk\% Disk Time and Memory\Available Bytes counters to identify the bottlenecks on the hardware such as the hard disk drive and memory.
  • Enabling universal group membership caching on one of the domain controllers in each site will minimize the logon traffic on the WAN link.
  • Only the Performance Logs and Alerts snap-in is able to send alerts by analyzing network data.
  • RJ-45 connector is used to connect a 10BaseT Ethernet cable to an NIC on a desktop computer.
  • Ethernet uses CSMA/CD technology.
  • The disk quota does not support FAT32 partitions.
  • In order to enable disk quota on a server, you will have to take the following steps:
    • In the Local Disk Properties Window, select the Enable quota management check box.
    • Select the Deny disk space to users exceeding quota limit.
    • Select the default quota limit to 50 MB and set warning level to 50 MB.
    • In the quota logging options, select the Log event when a user exceeds their quota limit option.
  • The Task Manager utility provides information about programs and processes running on a computer. By using Task Manager, a user can end or run programs, end processes, and display a dynamic overview of his computer’s performance. Task Manager provides an immediate overview of system activity and performance.
  • In order to provide permissions to a user to monitor performance counters on the file server locally and from remote computers, add the user’s account to the Performance Monitor Users group.
  • In order to set the disk quota limit on FSERV, you will have to convert the FAT32 file system into the NTFS file system.
  • A collection of one or more threads that is ready but not able to run on the processor due to another active thread that is currently running is called the processor queue. The SystemProcessor Queue Length counter shows how many threads are ready in the processor queue, but not currently able to use the processor.
  • A % Processor Time counter above 85% is considered to be a threshold for a processor. If this counter exceeds the threshold value in a computer, performance of the computer will degrade. In order to improve the performance, you will have to upgrade to a faster processor or install an additional processor on the server.
  • The HFNETCHK utility is a command-line tool. Administrators use it to centrally assess a computer or group of computers about the absence of security updates.
  • The Remote Registry service enables administrators to modify registry settings on the domain controller remotely.
  • WINS and LMHOSTS files reduce the use of local IP broadcasts for NetBIOS name resolution, and enable users to easily locate computers on remote networks.
  • Routers prevent broadcasts from crossing over subnets.
  • Hubs can be replaced by switches to control the network traffic efficiently.
  • The % Network utilization counter indicates how close the network is to full capacity.
  • The PTR records resolves the IP addresses to host names.
  • In order to enable a user to collect and view the real-time performance data of a server using System Monitor, you will have to add the users account to Performance Log Users group or Performance Monitor Users group on the domain. Users who are the members of these two built in new security groups in Windows Server 2003 can only use the System Monitor to access and manipulate sensitive performance data.
  • Use the URLScan tool to view all the incoming requests to an Internet Information Services (IIS) server and allow only requests that comply with a rule set, created by you, to be processed.
  • In order to find out the applications that are running at a higher priority level than normal, you will have to run Task Manager on APPSERV. You will then have to click the Processes tab and view the Base Priority column. The Base Priority column shows the priority ranking that determines the order in which the threads of a process are scheduled for the processor. The Task Manager utility can be used to view and change base priorities. With the /realtime switch, an application runs in the realtime priority class.
  • The server is responding slowly to database queries. You find that the Pages/sec counter is 35 and the memory utilization is high. Adding more RAM to the server will reduce this value and hence improve the performance of the server.
  • Caching-only DNS servers do not perform zone transfers.
  • MX record and A record are required to be created in the DNS server to enable the mail server to receive mails from the Internet.
  • Subnetting the network reduces traffic congestion and optimizes the IP address space.
  • Subnetting is used to segment a large network into smaller networks.
  • To automatically assign IP addresses to each computer on a small private network, you can use the Automatic Private IP Addressing (APIPA) feature of Windows 2000.
  • With an L2TP connection, you have to use the IPSec protocol for data encryption.
  • IPSEC is used with a tunneling protocol to provide security.
  • Network Load Balancing (NLB) evenly distributes the traffic load across all hosts.
  • In order to access folder as a Web folder using Internet Explorer, you will have to install Frontpage Extension on the server.
  • Simple Mail Transfer Protocol (SMTP) acts as a member of the TCP/IP suite of protocols that governs the exchange of an electronic mail between message transfer agents.
  • SUS can be installed only on NTFS partitions.
  • IP packet filters allow or block packets from passing through specified ports. They can filter packets based on service type, port number, source computer name, or destination computer name.
  • A security issue has arisen due to the change in the permissions on a member server. In order to revert back to the original permissions on the member server, you will have to import the DEFLTSV.INF security template into the local security policy of the member server.
  • Network Load Balancing (NLB) is one of the two types of clustering supported by Windows 2003. It is used to provide high availability, and reliability of the application servers.
  • There are four security zones found in Internet Explorer: Internet, Local Intranet, Trusted Sites, and Restricted Sites. Each zone or group has four security levels: High, Medium, Medium-Low, and Low. These levels determine the type of content a user can download and run. Security zones allow users to set the appropriate level of security for the various types of Web contents that they are likely to visit.

Managing and Implementing Disaster Recovery

  • Firewall is a security facility used to protect the network of an organization from external attacks by intruders.
  • Sudden reduction in system resources and Corrupted or missing files are symptoms of a virus attack.
  • Firewall is used to protect the network against unauthorized access.
  • Safe Mode is a Windows feature used to start a computer with basic drivers, such as mouse, keyboard, etc. It bypasses blocking issues, such as system corruption, or installation of incompatible drivers or system services, enabling the Administrator to resolve such issues.
  • In a nonauthoritative restore operation, the objects in the restored directory are not treated as authoritative. The restored objects are updated with changes held on other domain controllers in the domain.
  • System State data includes registry, COM Class Registration database, system files, boot files, and files under Windows File Protection.
  • The System State data is a collection of system-specific data maintained by the operating system. It includes registry, COM Class Registration database, system files, boot files, and files under Windows File Protection. If the server is a Web server, the System State data also includes IIS Meta directory.
  • The most likely cause of not finding the Previous Versions tab in the shared folder’s Properties dialog box is that the volume on which the shared folder is stored is not enabled for shadow copy.
  • In order to enable the members of a group to access the previous versions of the files in the a folder from their Windows XP Professional client computers, you will have to use Group Policy to deploy the Previous Versions Client pack by running TWCLI32.MSI from the \Windows\System32\Clients\Twclient folder.
  • A global catalog is created automatically on the first domain controller in the forest.
  • The Windows Server 2003 Backup application supports the following three types of restoration methods: Primary restore, Non-authoritative restore, and Authoritative restore.
  • Run the NTDSUTIL utility to authoritatively restore the Active Directory component.
  • When an object is deleted from Active Directory, the original object is removed from it, and an object is created that contains a small subset of the object’s original attributes. This object is called tombstone. This tombstone object remains in Active Directory for the duration of the tombstone lifetime (by default, it is configured as 60 days) before it gets completely removed.
  • Full and incremental backup methods clear the archive bit of files after performing backup.
  • A full backup is required for taking a differential backup.
  • Incremental backup backs up only those files that have been created or changed since the last full or incremental backup.
  • You want to take a backup of all the data on a server once a week. You want to take a backup of the data every day that was changed after the last backup. You also want to minimize the amount of data that must be backed up every day. In order to accomplish the task, a user will have to take a full backup of the data once a week and an incremental backup every day.
  • In order to minimize the number of tapes required to backup data, you should perform a full backup every Friday. Performing differential backups from Monday to Thursday will reduce the number of tapes required to restore data. This is because in an event of data loss, you will have to restore only the last full backup and the last differential backup.
  • An unshielded twisted-pair connection uses an RJ-45 connector.
  • Repeater, hub, router, and bridge are network connectivity devices.
  • Time Domain Reflectometer (TDR) is used to detect breaks in network cables.
  • Security Configuration and Analysis Tool is used to import and export templates. It is also used to compare a template with the security settings of the local computer.
  • If pinging the server’s own loopback address fails, it shows that the server’s NIC is not working.
  • In order to back up the critical information that is related to the installation of SUS, you will have to perform the following steps:
    1. Take a backup of the IIS metabase by using the IIS administration tool.
    2. Use the BACKUP utility to take a backup of the IIS metabase file, the default Web site, and the content storage location.
  • You are testing the disaster recovery plan of the company. During the testing of the recovery plan, you find that some servers have been restored with another server’s data. In order to improve the disaster recovery plan, you will have to maintain a printed tape backup report, so that it can be confirmed that the data is getting stored on the appropriate server.
  • An administrator can use a combination of a normal backup and a differential backup to save time in taking backups as well as for the restoration of data. If data becomes corrupt at any time, only the latest normal and the latest differential backup sets are required to be restored. Although this combination is easier and takes lesser time for restoration, it takes more time to take backups if data changes frequently.
  • To ensure that a user is able to back up files, his account will have to be added to the Backup Operator group or he must be provided the ownership of the files.