Learn About Upgrading Your MCSE on Windows Server 2003

These questions are based on 70-649: TS: Upgrading Your MCSE on Windows Server 2003 to Windows Server 2008, Technology Specialist
Microsoft
Self Test Software Practice Test

Objective: Configuring network access.
Sub-objective: Configure IPv4 and IPv6 addressing.

Single answer, multiple-choice

You are the network administrator for your company. The company network consists of Windows Server 2008 server computers and Windows Vista client computers. You have the following eight Internet Protocol version 6 (IPv6) subnetted address prefixes:

1. 3FFE:FFFF:0:C000::/54
2. 3FFE:FFFF:0:C400::/54
3. 3FFE:FFFF:0:C800::/54
4. 3FFE:FFFF:0:CC00::/54
5. 3FFE:FFFF:0:D000::/54
6. 3FFE:FFFF:0:D400::/54
7. 3FFE:FFFF:0:D800::/54
8. 3FFE:FFFF:0:DC00::/54

What would be the original prefix length for the global address prefix 3FFE:FFFF:0:C000::?

A. 51
B. 52
C. 53
D. 54

Answer:
A

Tutorial:
The original prefix length for the global address prefix 3FFE:FFFF:0:C000:: is 51. The eight IPv6 subnetted address prefixes are the result of 3-bit subnetting of the global address prefix 3FFE:FFFF:0:C000::/51. To perform 3-bit subnetting of the global address prefix 3FFE:FFFF:0:C000::/51 you must use the following calculations:

Hexadecimal value of the subnet ID being subnetted, F = 0xC000

Subnetting bits, s = 3

Network bits, m = 51

Number of bits within the subnet ID that are already fixed, f = 51 – 48 = 3

Number of prefixes, n = 2^3 = 8

Incremental value between each successive subnet ID expressed in hexadecimal, i = 2^16-(f+s)

i = 2^16-(3+3) = 1024 = 0x400

New prefix length, P = 51+ 3 = 54

All other options are incorrect.

References:

TechNet Home > Networking > Tasks > Evaluation & Planning > TCP/IP Fundamentals for Microsoft Windows > Chapter 4 – Subnetting

TechNet Home > Community > Columns > Cable Guy > The Cable Guy – October 2005 > Changes to IPv6 in Windows Vista and Windows Server 2008

TechNet Home > Networking > Introduction to IP Version 6

Objective: Configure Terminal Services.
Sub-objective: Configure Terminal Services server options.

Single answer, multiple-choice

You install Terminal Services on a Windows Server 2008 computer named TS1. You install several business applications on TS1. You want to enable all users on the network to access these application remotely. To achieve this, you add all applications to the RemoteApps list.

You also want to ensure malicious users are unable to access any program not listed in the RemoteApps list. What should you do?

A. Remove the business applications from the RemoteApps list.
B. Select the Block remote users from starting unlisted programs. Remote users will only be able to start RemoteApps that you list. (Recommended) option on the Terminal Server tab in the RemoteApp Deployment Settings dialogue box.
C. Select the Allow users to start both listed and unlisted programs option on the Terminal Server tab in the RemoteApp Deployment Settings dialogue box.
D. Clear the Make a remote desktop connection to this terminal server available in TS Web Access option on the Terminal Server tab in the RemoteApp Deployment Settings dialogue box.

Answer:
B

Tutorial:

You should select the Block remote users from starting unlisted programs. Remote users will only be able to start RemoteApps that you list. (Recommended) option on the Terminal Server tab in the RemoteApp Deployment Settings dialogue box. RemoteApp programs are programs that are accessed remotely through Terminal Services so that they appear to be running on the local computer of the end user.

You can use several methods to deploy RemoteApp programs, such as creating a Remote Desktop Protocol (.rdp) file or linking to the program on a Web site using TS Web Access. The .rdp package contains settings that are required to run RemoteApp programs. You can configure Terminal Server deployment settings to define how users will connect to the Terminal Server to access RemoteApp programs. You can configure the Terminal Server tab in the RemoteApp Deployment Settings dialogue box to specify the connection settings, desktop access and access to unlisted programs.

When you want to prevent malicious users from accessing programs other than specific end-user applications, you should select the Block remote users from starting unlisted programs. Remote users will only be able to start RemoteApps that you list. (Recommended) option.

You should not remove the business applications from the RemoteApps list. In this scenario, you want to enable all users on the network to access applications installed on TS1. Removing the programs from the RemoteApps list would prevent users from accessing programs installed on TS1.

You should not select the Allow users to start both listed and unlisted programs option on the Terminal Server tab in the RemoteApp Deployment Settings dialogue box. Selecting this option would allow users to start any program remotely from an .rdp file on initial connection, in addition to those programs listed in the RemoteApps list. Selecting the Allow users to start both listed and unlisted programs option will not ensure that malicious users are unable to access the programs not listed in the RemoteApps list.

You should not clear the Make a remote desktop connection to this terminal server available in TS Web Access option on the Terminal Server tab in the RemoteApp Deployment Settings dialogue box. This option provides a link to the full Terminal Server desktop through TS Web Access. Clearing the Make a remote desktop connection to this terminal server available in TS Web Access option will not ensure that malicious users are unable to access the programs not listed in the RemoteApps list.

Reference:

Windows Server 2008 Technical Library > Terminal Services > Evaluation > Windows Server "Longhorn" Beta 3 Terminal Services RemoteApp Step-By-Step Guide

Objective: Configure a Web Services Infrastructure.
Sub-objective: Migrate sites and Web applications.

Single answer, multiple-choice

You are the systems administrator of DreamSuites Corp. The company's network consists of a single Active Directory domain. The network contains an Internet Information Services (IIS) 7.0 server, named IISSrv, that runs Windows Server 2008. IISSrv hosts an application named Graphics within the DreamSuites Web site that uses a virtual directory named IISSrvGFXLogos.

You discover that the performance of IISSrv has degraded due to low disk space. You install a new file server on the network, named File1, and move the content of the virtual directory to the File1DreamSuitesGFXData folder. What should you do to ensure users are able to access the content of the File1DreamSuitesGFXData folder?

A. Run the Appcmd set vdir /vdir.name:"DreamSuites/Graphics/Logos" /physicalPath:File1DreamSuitesGFXData command.
B. Run the Appcmd set vdir /vdir.name:"DreamSuites/Graphics/Logos" /path:File1DreamSuitesGFXData command.
C. Run the Appcmd set vdir /vdir.name:"Logos" /physicalPath:File1DreamSuitesGFXData command.
D. Run the Appcmd set vdir /vdir.name:"Logos" /path:File1DreamSuitesGFXData command.

Answer:
A

Tutorial:
You should run the Appcmd set vdir /vdir.name:"DreamSuites/Graphics/Logos" /physicalPath:File1DreamSuitesGFXData command. A virtual directory is a directory name that corresponds to a physical directory on the Web server. The names of virtual directories are used in URL addresses. A virtual directory allows you to include directory content in a Web site or Web application without needing to move the content physically into that Web site or Web application directory. When you move the location of a virtual directory's content in the file system, you must also update the physical path in IIS to ensure users are able to access the content of the virtual directory.

You can run the Appcmd set vdir command with the /vdir.name and /physicalPath parameters to change the path to a virtual directory's content. The /vdir.name parameter specifies the virtual path of the virtual directory. The /physicalPath parameter specifies the physical path to the content used by the application.

For example, to change the physical path to the location File1DreamSuitesGFXData for a virtual directory named Logos in an application named Graphics within a Web site named DreamSuites, you should run the following command: Appcmd set vdir /vdir.name:"DreamSuites/Graphics/Logos" /physicalPath:File1DreamSuitesGFXData.

You should not run the Appcmd set vdir /vdir.name:"DreamSuites/Graphics/Logos" /path:File1DreamSuitesGFXData command. The /path parameter is used to specify the virtual path to the virtual directory. When you want to change the physical path to a virtual directory's content, you must use the /physicalPath parameter. The /physicalPath parameter specifies the physical path to the content used by the application.

You should not run the Appcmd set vdir /vdir.name:"Logos" /physicalPath:File1DreamSuitesGFXData command. In this scenario, the Logos virtual directory created in the Graphics application in the DreamSuites Web site. Therefore, you should specify the complete path to the virtual directory, which is DreamSuites/Graphics/Logos.

You should not run the Appcmd set vdir /vdir.name:"Logos" /path:File1DreamSuitesGFXData command. In this scenario, the Logos virtual directory created in the Graphics application in the DreamSuites Web site. Therefore, you should specify the complete path to the virtual directory, which is DreamSuites/Graphics/Logos. Also, to change the physical path to a virtual directory's content, you must use the /physicalPath parameter to specify the physical path to the content used by the application.

Reference:

Windows Server 2008 Technical Library > Web Server > Operations > IIS 7.0 Beta: Operations Guide > IIS 7.0 Beta: Configure a Web Server to Serve Content > IIS 7.0 Beta: Managing Virtual Directories in IIS 7.0 > IIS 7.0 Beta: Change the Physical Path to Virtual Directory Content

Objective: Configure Server Roles.
Sub-objective: Configure Active Directory Certificate Services.

Multiple answer, multiple-choice

You are the systems administrator for your company. The company's network consists of a single Active Directory domain running Windows Server 2008 servers. Your company wants to provide smart cards to all users to log on to the domain. To achieve this, you are required to install an enterprise root certification authority (CA) in your domain. Which two actions should you perform to install an enterprise root CA? (Each correct answer presents a part of the solution. Choose two.)

A. Install Windows Server 2008 Enterprise edition on a server in the network.
B. Add the new CA to the domain.
C. Install Windows Server 2008 Standard edition on a server in the network.
D. Install Active Directory Lightweight Directory Services (AD LDS) on a server in the network.
E. Leave the CA in a workgroup.

Answer:
A, B

Tutorial:
You should install Windows Server 2008 Enterprise edition on a server in the network and add the server to the domain. Active Directory Certificate Services (AD CS) provides services for creating and managing public key certificates that are used in software security systems that employ public key technologies. You can use the Add Roles Wizard to install the AD CS role on a Windows Server 2008 computer. A CA can be an enterprise CA or a stand-alone CA.

Installing an enterprise CA is appropriate if the CA is a member of a domain and can use access Directory Services to issue and manage certificates. You should install a stand-alone CA if the CA does not use Directory Services data to issue or manage certificates. When installing a CA, you can also specify whether the CA is a root CA or a subordinate CA. You should install a root CA if you are installing the first or only CA in a public key infrastructure. You should install a subordinate CA if your CA will obtain its CA certificate from another CA higher in a public key infrastructure.

An enterprise CA requires access to AD DS. Enterprise CAs can only be installed on servers running Windows Server 2008 Enterprise or Windows Server 2008 Datacenter editions. A stand-alone CA does not require the use of AD DS, but it can be configured to use AD DS. An enterprise root CA must be a member of the domain, while allowing a stand-alone to access CA to access AD is optional.

You should not Install Windows Server 2008 Standard edition on a server because Enterprise CAs can only be installed on servers running Windows Server 2008 Enterprise or Windows Server 2008 Datacenter editions.

You should not install AD LDS on the server because an enterprise CA requires AD DS.

You should not leave the CA in a work group because an enterprise root CA must be a member of the domain in order to store its information in AD.

References:

Windows Server 2008 Technical Library > Active Directory Certificate Services > Evaluation > Windows Server Active Directory Certificate Services Step-by-Step Guide

Windows Server 2003 Technical Library > Windows Server 2003: Product Help > Windows Server 2003 Product Help > Security > Public Key Infrastructure > Certificate Services > Certificate Services Concepts > Understanding Certificate Services > Windows Server TechCenter > Certification Authorities > Types of certification authorities

Windows Server 2003 Technical Library > Windows Server 2003: Product Help > Windows Server 2003 Product Help > Security > Public Key Infrastructure > Certificate Services > Certificate Services Concepts > Understanding Certificate Services > Windows Server TechCenter > Certification Authorities > Stand-alone certification authorities

Windows Server 2003 Technical Library > Windows Server 2003: Product Help > Windows Server 2003 Product Help > Security > Public Key Infrastructure > Certificate Services > Certificate Services Concepts > Understanding Certificate Services > Windows Server TechCenter > Certification Authorities > Enterprise certification authorities

Objective: Maintain the Active Directory Environment.
Sub-objective: Configure backup and recovery.

Single answer, multiple-choice

You are the systems administrator for your company. You install Windows Server 2008 on a computer and configure it as a file server, named FileSrv. The FileSrv computer contains four hard disks that are configured as basic disks. You want to configure Redundant Array of Independent Disks (RAID) 0+1 on FileSrv for performance and fault tolerance of data. To achieve this, you need to convert the basic disks in FileSrv to dynamic disks. Which command should you use?

A. Diskpart.exe
B. Chkdsk.exe
C. Fsutil.exe
D. Fdisk.exe

Answer:
A

Tutorial:
You should use the Diskpart.exe command. RAID is commonly implemented for both performance and fault tolerance. There are various RAID levels that you can choose from to provide fault tolerance, performance or both. RAID 0 uses disk striping and offers the fastest read and write performance, but it does not offer any fault tolerance. If a single disk in a RAID 0 array is lost, all data is lost and will need to be recovered from backup.

RAID 1 uses disk mirroring with two disks. This configuration produces slow writes, but relatively quick reads, and it provides a means to maintain high data availability on servers because a single disk can be lost without any loss of data. RAID 0+1 combines RAID 0 and RAID 1, and offers the performance of RAID 0 and the fault tolerance of RAID 1. To be able to configure RAID 0+1, you must have dynamic disks. If your disks are configured as basic disks, you can convert them to dynamic disks with the Diskpart.exe utility. The Diskpart utility enables a superset of the actions that are supported by the Disk Management snap-in. You can use the Diskpart convert dynamic command to change a basic disk into a dynamic disk.

The Chkdsk.exe command cannot be used to convert a basic disk to dynamic disk. Chkdsk.exe is a command-line utility that creates and displays a status report for a disk based on the file system. The Chkdsk utility also lists and corrects errors on the disk.

You should not use the Fsutil.exe command. Fsutil.exe is a command-line utility that can be used to perform many FAT and NTFS file system related tasks, such as managing reparse points, managing sparse files, dismounting a volume or extending a volume. The Fsutil utility cannot be used to convert a basic disk to dynamic disk.

The Fdisk.exe command cannot be used to convert a basic disk to dynamic disk. Fdisk.exe is a command-line utility that can be used to partition a hard disk. You can use the Fdisk utility to create, change, delete or display current partitions on the hard disk and to assign a drive letter to each allocated space on the hard disk.

References:

Microsoft Help and Support > A Description of the Diskpart Command-Line Utility

Windows Server TechCenter > Windows Server 2003 Technical Library > Windows Server 2003: Deployment > Windows Server 2003 Deployment Guide > Planning Server Deployments > Planning for Storage > Planning for Fault Tolerance > Achieving Fault Tolerance by Using RAID

Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: