Exam 1 1. A starting address of 192.0.0.0 and an ending address of 223.255.255.255 is a member of which network class? A. Class A B. Class B C. Class C D. Class D Answer: C A Class C address falls within the 192.0.0.0223.255.255.255 range. 2. What IPv6 address is equivalent to APIPA IPv4 address? A. global unicast address B. link-local unicast address C. unique local unicast address D. Teredo address Answer: B In IPv6, systems that assign themselves an address automatically create a link-local unicast address, which is essentially the equivalent of an Automatic Private IP Addressing (APIPA) address in IPv4. All link-local addresses have the same network identifier: a 10-bit FP of 11111110 010 followed by 54 zeroes, resulting in the following network address: fe80:0000:0000:0000/64. 3. Which zone enables a host to determine another host’s name based on its IP address? A. standard primary zone B. standard secondary zone C. reverse-lookup zone D. stub zone Answer: C Most queries sent to a DNS server are forward queries—that is, they request an IP address based on a DNS name. DNS also provides a reverselookup zone that enables a host to determine another host’s name based on its IP address. 4. You have a network address of 172.24.23.0 with a subnet mask of 255.255.255.0. How many subnets can your organization use? A. 127 B. 254 C. D. 510 1022 Answer: B Because the default subnet mask for a 172.24.23.0 network is 255.255.0.0, you use 8 bits to define subnets and the last 8 bits to define the host addresses. With 8 subnet bits, you take 2^8–2, which gives you 254 subnet addresses. 5. A __________ is the process by which one DNS server sends a name resolution request to another DNS server. A. rotation B. registration request C. cycle request D. referral Answer: D DNS relies heavily on communication between servers, especially in the form of referrals. A referral is the process by which one DNS server sends a name resolution request to another DNS server. 6. What is the minimum forest functional level to support the Active Directory Recycle Bin? A. Windows 2000 B. Windows Server 2003 C. Windows Server 2008 D. Windows Server 2008 R2 Answer: D To support the Active Directory Recycle Bin, you must be using the Windows Server 2008 R2 functional level. 7. Which administrative model has local administrators at each site? A. centralized B. distributed C. mixed D. dispersed Answer: B In a distributed model, enterprise administrators delegate administrative tasks among IT staff members and senior non-IT personnel scattered around the enterprise. This model is most suitable for an organization with relatively large regional or branch offices that maintain their own IT staffs and their own servers and other network resources. The AD DS hierarchy might include multiple forest and/or domains. Task delegation to IT staffers is typically based on geography, but you might delegate low-level tasks to non-IT personnel. 8. Which of the following statements are true regarding forest and domain functional levels? A. After you upgrade to a higher forest functional level, you cannot go back. B. You can upgrade a functional level only once. C. You can downgrade a functional level only once. D. You can upgrade or downgrade a functional level as needed. Answer: A By raising the functional level of a domain or a forest, you enable certain new AD DS features. To raise a functional level, all domain controllers involved must be running a certain Windows Server version or later. Since it actually changes the schema/defined format of objects, it cannot be undone once it has been upgraded. 9. Active Directory __________ provide the means by which you can control replication traffic. A. services B. sites C. domains D. forests Answer: B The strict definition of a site is an area of an AD DS network in which all domain controllers are well connected—that is, connected by a fast and reliable network link. The site topology is completely independent of forests and domain; you can have one domain that encompasses many sites or a single site that includes multiple domains. 10. The primary goal of inter-site replication is to minimize the usage of __________. A. Active Directory B. administrative labor C. bandwidth D. financial support Answer: C The primary goal of inter-site replication is to minimize bandwidth usage. Unlike intra-site replication, inter-site replication compresses data that is replicated between sites, thus reducing the amount of network traffic used by Active Directory replication. 11. What program do you use to manage your subnets used within your organization? A. Active Directory Users and Computers B. Active Directory Sites and Services C. Active Directory Domains and Trusts D. Group Policy Management console Answer: B To create additional sites and subnets, use the Active Directory Sites and Services console. Because the site infrastructure is separate from the forest and domain infrastructure, the only AD DS objects that appear in both the Active Directory Sites and Services console and the Active Directory Users and Computers console are those representing domain controllers. 12. What is a method of controlling settings across your network? A. Group Policy B. Active Directory C. FSMO roles D. MMC Answer: A Group Policy is a method of controlling settings across your network. Group Policy consists of user and computer settings on the Windows Server 2008/Windows Server 2003 family, Microsoft Windows 2000 family, Window Vista, and Microsoft Windows XP Professional platforms that can be implemented during computer startup and shutdown and user logon and logoff. 13. Which migration path do you use to upgrade an existing domain controller to Windows Server 2003 R2? A. domain upgrade migration B. domain restructure migration C. upgrade-then-restructure migration D. full migration Answer: A In a domain upgrade migration, you either upgrade an existing domain controller in your source domain to Windows Server 2008 R2 or install a new domain controller running Windows Server 2008 R2 into the domain. In this model, the process upgrades all objects in your source domain at the same time, leaving you with the same domain structure as before the migration. After the upgrade is complete, the target is created and the source ceases to exist. 14. What does AD FS perform for the user? A. provides automatic encryption B. C. D. creates a duplicate user account in the connecting domain manages password on connecting domain provides a single sign-on to the partner network Answer: D From the administrator’s perspective, AD FS enables each organization to maintain autonomy over its own user accounts and its own resources. From a user’s perspective, AD FS is invisible; a single logon provides access to both local network resources and those of the partner network. 15. What Windows service provides authentication services to users outside your organization without having to expose AD DS domain controllers to an insecure environment? A. Active Directory Lightweight Directory Services B. Active Directory Certificate Services C. Active Directory Federation Services D. Active Directory Rights Management Services Answer: A You can use AD LDS to provide authentication services to users outside the enterprise without having to expose AD DS domain controllers to an insecure environment. 16. To use the Active Directory Schema, what command do you need to execute to register the schema management library? A. regedit schm.dll B. regschema.msc C. schema -enable D. regsvr32 schmmgmt.dll Answer: D The Active Directory Schema console does not appear in the Administrative tools program group, nor does the Active Directory Schema snap-in appear by default in the Add Standalone Snap-in dialog box in Microsoft Management Console (MMC). Before you can add the snap-in, you must register the schema management library on your computer using the regsvr32 schmmgmt.dll command at a command prompt. 17. You have a corporate office and several branch offices. Where should you place the FMSO roles? A. the corporate office B. the largest branch site C. the branch site with the fastest link D. divided between the corporate office and the largest branch site Answer: A Flexible Single master Operations (FSMO), also known as operations masters, do not belong in branch offices except in cases where the branch office has its own domain or forest. For medium and small offices that represent only part of a larger domain, the operations masters should be located in the headquarters site, where IT staffers perform most of the domain administration tasks. 18. How do you promote a server to the domain controller that requires Domain Admins privileges on a remote site that does not have an Active Directory administrator? A. You have to use SysPrep on the server. B. You have to run the AdPrep /InstallRODC command on the server. C. You have to stage an RODC installation. D. You have to install the Remote installation tools. Answer: C RODC is short for Read-Only Domain Controller. If no one in the branch office has administrative credentials for the domain, Windows Server 2008 and Windows Server 2008 R2 provides the ability to stage an RODC installation. Staging an installation enables a domain administrator to create the necessary AD DS account for the RODC before the server is actually deployed. 19. Which mode of BranchCache caches the files on multiple workstations? A. distributed cache mode B. hosted cache mode C. server mode D. centralized mode Answer: A In distributed cache mode, each Windows 7 workstation on the branch office network caches data from the content server on its local drive and shares that cached data with other local workstations. 20. Which of the following is not a phase of the software life cycle? A. B. C. D. planning implementation evaluation removal Answer: C The four phases of the software life cycle are planning, implementation, maintenance, and removal. 21. Which product is designed for large enterprises and can be used to deploy applications as well as perform a wide variety of other network management tasks? A. Microsoft Server Update Services B. System Management Server C. Microsoft System Center Configuration Manager 2007 D. Microsoft System Center Essentials 2007 Answer: C Microsoft System Center Configuration Manager 2007 is an application designed for large enterprises, to deploy applications as well as perform a wide variety of other network management tasks such as baselining computers and keeping track of how often an application is used. 22. In IIS, what is a host for user-developed application code that is responsible for processing requests it receives from protocol listeners? A. application pool B. memory pool C. worker process D. server side pool Answer: C A worker process is a host for user-developed application code, which is responsible for processing requests it receives from protocol listeners— modules that wait for incoming client requests—and returning the results to the client. 23. With RDP, client connection requests arrive over which TCP port? A. 3333 B. 3303 C. 3389 D. 3339 Answer: C TCP port 3389 is the well-known port number for the RDP protocol. 24. Which of the following is not a WSUS architecture configuration? A. B. C. D. single WSUS server replica WSUS servers disconnected WSUS servers PDC WSUS servers Answer: D The four basic Windows Server Update Services (WSUS) architecture configurations are as follows: single WSUS server, replica WSUS servers, autonomous WSUS servers, and disconnected WSUS servers. 25. How do you install WSUS with Windows Server 2003 R2? A. Add it as a role using the Server Management console. B. Download and install it from the Microsoft Download website. C. Download and install it from the Windows Update site. D. Install it from a DVD purchased from Microsoft. Answer: B With Windows Server 2003 R2, WSUS was a separate (although free) program that you had to download and install manually. 26. From where can you synchronize a server that runs WSUS? A. public Windows Update servers B. another server running WSUS C. manually configured content distribution point D. all of the above Answer: D A server that runs WSUS can be synchronized from the public Windows Update servers, from another server running WSUS, or from a manually configured content distribution point. WSUS servers can download and store content locally, or they can use the content on the Windows Update website. 27. When SCCM determines a computer’s desired configuration, what does it compare to a client computer? A. preset configuration B. test configuration C. configuration baseline D. predefined configuration Answer: C You can download preconfigured baselines that conform to Microsoft best practices or build your own by using Configuration Manager. 28. Which network is the most protected? A. internal network B. perimeter network C. demilitarized zone D. Internet Answer: A Most components of an enterprise network—infrastructure as well as clients and servers—must be protected from potential intruders on the Internet. An internal network is surrounded by firewalls, providing the maximum possible protection. However, some elements of the network also need to be accessible from the Internet or provide internal users with access to the Internet. 29. The driving factor behind combining administration of the Windows Firewall with IPSec policies is to streamline network administration on which type of computer? A. Windows Server 2008 B. Windows Server 2003 C. Windows Vista D. Windows 2000 Answer: A The driving factor behind combining administration of the Windows Firewall with IPSec policies is to streamline network administration on a Windows Server 2008 computer. 30. Which VPN protocol is used over TCP port 443? A. L2TP with IPSec B. IKEv2 C. PPTP D. SSTP Answer: D First introduced in Windows Server 2008 and supported only by clients running Windows Vista SP1 or later, Secure Sockets Tunneling Protocol (SSTP) encapsulates PPP traffic using the Secure Sockets Layer (SSL) protocol supported by virtually all web servers. The advantage of this is that you do not have to open an additional external firewall port in the server, because SSTP uses the same TCP port 443 as SSL. SSTP uses certificates for authentication, with the EAP-TLS authentication protocol, and in addition to data encryption, provides integrity checking and enhanced key negotiation services. 31. The NAP agent combines each Statement of Health Response into what? A. System Statement of Health Response B. System Statement of Health Requirement C. Statement of Health Requirement D. System Statement of Health Policy Answer: A The System Health Agents (SHAs) on the client computers monitor specific services and generates a Statement of Health (SoH) for the service it monitors and forwards it to the NAP Agent on the client computer. The NAP agent combines each Statement of Health to generate a System SoH. The NAP agent then transmits the System SoH to the NAP Health Policy Server. The NAP Health Policy Server evaluates the System SoH it receives from the client to determine if the client is compliant or not. 32. What volume type is essentially a method for combining the space from multiple dynamic disks into a single large volume? A. B. C. D. simple spanned striped RAID 5 Answer: B A spanned volume is essentially a method for combining the space from multiple dynamic disks into a single large volume. Windows Server 2008 writes to the spanned volume by filling all space on the first disk and then proceeds to fill each additional disk in turn. 33. What is the first step in designing a file-sharing strategy? A. deciding how many shares to create and where to create them B. determining usernames and passwords C. deciding security measures D. projecting anticipated storage needs and procuring appropriate server hardware and disk arrays Answer: D For the first step in designing a file-sharing strategy begins before you even install the server operating system, you need to project your anticipated storage needs and procure appropriate server hardware and disk arrays. When you are ready to begin configuring file sharing, you then decide how many shares to create and where to create them. 34. By default, what topology do replication groups use? A. hub and spoke B. full mesh C. partial mesh D. mesh/spoke Answer: B The larger the DFS deployment, the more complicated the replication process becomes. By default, replication groups use a full mesh topology, which means that every member in a group replicates with every other member. For relatively small DFS deployments, this solution is satisfactory, but the full mesh topology can generate a huge amount of network traffic on larger installations. 35. What enables you to protect specific types of information from unauthorized consumption and distribution, even by users who have the appropriate credentials and permissions to access the information? A. Digital Rights Management B. Digital Media Management C. Digital Authenticity Management D. Digital File Management Answer: A Digital Rights Management (DRM) enables you to protect specific types of information from unauthorized consumption and distribution, even by users who have the appropriate credentials and permissions to access the information. 36. What microchip used in laptop computers stores cryptographic information such as encryption keys? A. Mobile Encryptor B. SMB C. FEC D. TPM Answer: D In Windows 7 Ultimate and Enterprise editions, BitLocker Drive Encryption uses a computer’s built-in Trusted Platform Module (TPM) microchip to store cryptographic information, such as encryption keys. Information stored on the TPM can be more secure from external software attacks and physical theft. BitLocker Drive Encryption can use a TPM to validate the integrity of a computer’s boot manager and boot files at startup, and to guarantee that a computer’s hard disk has not been tampered with while the operating system was offline. 37. Which of the following can you not install on a server running Virtual Server 2005 R2 SP1? A. Windows Server 2003 B. Windows Server 2003 R2 C. Windows NT D. Windows Server 2008 Answer: D Windows Server 2005 R2 can be installed on Windows Server 2003 (Standard, Enterprise, and Datacenter editions), Windows XP, and Windows Vista. Host machines running under Virtual Server 2005 R2 include the following 32-bit operating systems: Windows Server 2003, Windows Server 2003 R2, Windows Server 2000, Windows NT Server 4.0, and Windows XP. 38. Which of the following is not a requirement to install the Hyper-V role in Windows? A. An x64 version of Windows Server 2008 or Windows Server 2008 R2 B. 64-bit processor and BIOs that support hardware-assisted virtualization C. 4 GB of memory D. Hardware Data Execute Prevention Answer: C To install Hyper-V, you need the following: An x64 version of Windows Server 2008 or Windows Server 2008 R2 64-bit processors and BIOS that support hardware-assisted virtualization (Intel VT or AMD-V) technology Hardware Data Execution Prevention (DEP), which Intel describes as eXecuted Disable (XD) and AMD describes as No eXecute (NS); this technology is used in CPUs to segregate memory areas for use by either storage of processor instructions or for storage of data While there are no memory requirements for Hyper-V, you will need to have ample memory to run the host Windows as well as any virtual servers that you need to run. 40. What tool would you use to migrate physical servers to virtual servers? A. Hyper-V Enterprise Console B. System Center Virtual Machine Manager C. Hyper-V Server Manager D. VM Console Answer: B System Center Virtual Machine Manager provides the following benefits: Centrally creates and manages virtual machines across an organization Quickly and easily consolidates multiple physical servers onto virtual hosts Migrates servers from physical to virtual Moves virtualized servers from one Hyper-V host to another to provide easy and quick transition and to provide fault tolerance Delegates permissions so that non-administrative users can create and manage their own VMs 41. When planning App-V applications, which of the following statements are true? A. Each branch office should have its own Virtual Application Server. B. You should have one App-V application per server. C. D. You need to designate 1 GB of memory per application. App-V can be used only on 64-bit operating systems. Answer: A When planning the deployment of App-V, because WAN links are generally too slow, you should ensure that each branch office has its own Virtual Application server. 42. Which of the following specifies a value assigned by the CA that uniquely identifies the certificate? A. signature algorithm B. serial number C. version D. subject Answer: B A serial number specifies a value assigned by the Certificate Authority (CA) that uniquely identifies the certificate. 43. Which of the following is not a role that can be selected when you install Active Directory Certificate Services on a Windows Server 2008 computer? A. subordinate B. enterprise C. standalone D. intermediate Answer: D Unlike the strictly defined root, subordinate, enterprise, and standalone CAs, intermediate and issuing servers are not roles that you select when you install Active Directory Certificate Services on a Windows Server 2008 computer. 44. Smartcard User is a version __________ certificate template. A. 1 B. 2 C. 3 D. 4 Answer: A Smartcard User is a version 1 certificate template. 45. __________ CRLs are shorter lists of certificates that have been revoked since the last full CRL was published. A. Modified B. Decrement C. D. Delta Comparison Answer: C Applications discover that a certificate has been revoked by retrieving the certificate revocation list (CRL) from the CA. The two kinds of CRLs are Full CRLs, which contain a complete list of all of a CA’s revoked certificates Delta CRLs, which are shorter lists of certificates that have been revoked since the last full CRL was published After an application retrieves a full CRL, it can then download the shorter delta CRL to discover newly revoked certificates. 46. Which of the following is not a main criterion to consider when evaluating the suitability of a storage device for backups? A. speed B. capacity C. cost D. scalability Answer: D The three main criteria to consider when evaluating the suitability of a storage device for backups are capacity, cost, and speed. 47. When files are written to a computer’s hard disk for the first time, their archive bits are activated and set to a value of __________. A. 0 B. 1 C. 2 D. 3 Answer: B When files are written to a computer’s hard disk for the first time, their archive bits are activated, meaning that they are set to a value of 1. 48. What type of backup site is turned off and must be manually turned on and enabled to replace a primary site? A. cold site B. hot site C. warm site D. intermediate site Answer: A A cold site is turned off and must be manually turned on and enabled to replace a primary site. It may or may not have a backup copy of all applications and data and may or may not have the proper hardware and software already installed and configured. Of course, if a disaster does occur and you do not have the proper hardware and software already installed and configured, it will take longer to activate in the event of a disaster, especially if you have to ship and restore data. 49. What is the traditional choice for server and network backups? A. optical disk B. hard disk drive C. magnetic tape D. tape library Answer: C Magnetic tape is the traditional choice for server and network backups. 50. What is the capacity of a state-of-the-art single-tape magnetic tape drive? A. 400 to 600 GB B. 600 to 800 GB C. 800 to 1,000 GB D. 1 TB Answer: C A state-of-the-art magnetic tape drive today has a single-tape capacity of 800 to 1,000 GB and a maximum transfer speed of 60 to 120 MB/sec (megabytes per second). 51. Which of the following is not an item that you need to back up regularly? A. operating system temporary files B. application temporary files C. memory paging file D. all of the above Answer: D In most cases, backing up all of a computer’s data regularly is not necessary. Including all operating system files each time you run a backup job might not be worthwhile. Most operating systems and applications create temporary files as they run, which you do not need to back up. Because the operating system automatically creates the memory paging file, you can save space on your backup media by omitting it and files like it from your backup jobs. 52. Which type of backup job backs up only the files that have changed since the last full backup and does not reset their archive bits? A. full B. differential C. incremental D. partial Answer: B A differential backup job backs up only the files that have changed since the last full backup and does not reset their archive bits. 53. Which backup is faster to restore? A. full B. partial C. incremental D. differential Answer: D Restoring from differential backups is simpler and faster than others because you have to restore only the last full backup and the most recent differential. 54. When using Windows Server Backup for scheduled backup jobs, which type of drives can you use as a backup? A. optical disks B. external hard disks C. network shares D. all of the above Answer: B When you create a scheduled backup job, the options are somewhat different from a single, interactive job. You cannot use optical disks or network shares as backup drives; instead, you must use a hard disk connected to the computer, either internal or external. 55. With Windows Server Backup, how many jobs maximum are stored on a backup disk? A. 417 B. 450 C. 500 D. 512 Answer: D When Windows Server Backup takes control of a backup disk, it creates new, separate files for the backup job(s) it performs each day. The system retains the files for all the old jobs until the disk is filled or 512 jobs are stored on the disk, whichever comes first. 56. What is a system design protocol and associated implementation that ensures a certain degree of operational continuity during a given measurement period? A. B. C. D. service-level agreements redundancy high availability fault tolerance Answer: C High availability is a system design protocol and associated implementation that ensures a certain degree of operational continuity during a given measurement period. Generally, the term downtime is used to refer to periods when a system is unavailable. Availability is usually expressed as a percentage of uptime in a given year. 57. What do you call multiple computers that are configured as one virtual server to share the workload among multiple computers? A. failover clustering B. network load balancing C. RAID D. teaming Answer: B As far as the users are concerned, they are accessing the virtual machine and the requests are distributed among the nodes within the cluster. NLB enhances the availability and scalability of Internet server applications such as those used on Web, FTP, firewall, proxy, virtual private network (VPN), and other mission-critical servers. 58. Which version of Windows Server 2008 R2 does not support network load balancing? A. Web edition B. Standard edition C. Enterprise edition D. Datacenter edition Answer: A Load balancing is available in Windows Server 2008 R2 Standard, Enterprise, and Datacenter editions. It is not available in the Web edition. 59. Which of the following is part of the recommended hardware environment for a failover cluster? A. duplicate servers B. shared storage C. redundant network connections D. all of the above Answer: D The recommended hardware environment for a failover cluster calls for an elaborate setup, including duplicate servers, shared storage, and redundant network connections. 60. In which operating system is the Previous Versions Client not available by default? A. Windows Vista B. Windows XP Service Pack 2 C. Windows Server 2003 D. Windows XP Service Pack 1 Answer: D To access the shadow copies stored on a server, a computer must be running the Previous Versions Client, which is included with Windows Vista, Windows XP SP2 and SP3, Windows Server 2008, and Windows Server 2003.