The Ezonexam network administrator wants to ensure that only a single web server can connect to pot Fa0/1 on a catalyst switch. The server is plugged into the switch's Fast Eth. 0/1 port and the network administrator is about to bring the server online. W

第1题：

Your network contains a single Active Directory domain. All servers on the network are members of the domain. You have a server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). Server1 has two NTFS partitions. You create and share a folder named Data in the root of a partition on Server1. You log on to your computer by using the domain Administrator account and discover that you cannot modify files in the Data share. You need to ensure that the Administrator can modify files in the Data share. The solution must use the minimum amount of permissions. What should you do? （）

• A、Modify the NTFS permissions on the Data folder.
• B、Modify the share permissions on the Data share.
• C、Add the domain administrator to the local Administrator’s group on Server1.
• D、Move the Data folder to a new file allocation table (FAT) partition. Share the folder by using the default permissions.

第2题：

An administrator has just installed a web server for the company's Internet site. After bringing the system online, customers notify the administrator that they cannot connect to the server. The administrator tests the web server from a workstation and can access the website. The customers continue to report issues. Which of the following is the MOST likely reason for this?（）

• A、The server's firewall is misconfigured.
• B、The server's timeout feature is set incorrectly.
• C、The web server was not installed properly.
• D、The company firewall is misconfigured.

第3题：

An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot. Which of the following is the FIRST thing the administrator should check?（）

• A、Default gateway
• B、The ports on the switch
• C、Port security on the server's switch port
• D、Ethernet cable

第4题：

Your network consists of a single Active Directory domain. The network contains two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 （SP2）.You log on to Server1 by using the Administrator account for the domain. You open Event Viewer and attempt to connect to Server2 but receive the following error message.You verify that you can connect to Server2 by using Windows Explorer and that Windows Firewall is disabled on Server2. You open the Services snap-in on Server2 as shown in the exhibit.You need to ensure that you can connect to Server2 remotely by using Event Viewer.  What should you do on Server2？（）

• A、Add the Administrator account to the HelpServicesGroup.
• B、Set the Startup Type for the Remote Registry service to Automatic and then start the service.
• C、Set the Startup Type for the Secondary Logon service to Disabled and then stop the service.
• D、Set the Startup Type for the Special Administration Console Helper service to Automatic and then start the service.

第5题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional.You install Windows Server Update Services （WSUS） on a network server named Server1. When you attempt to synchronize Server1 with the Windows Update servers， you receive an error message. You open Internet Explorer and verify that you can communicate with an external Web site by using the proxy server. You need to ensure that Server1 can communicate with the Windows Update servers.  What should you do on Server1？（）

• A、Restart the IIS administration tool.
• B、Configure the Internet Explorer settings to bypass the proxy server.
• C、In the WSUS options， configure authentication to the proxy server.
• D、Install the ISA Firewall Client.

第6题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3). You enable and configure Terminal Server on a server named Server1. A firewall separates Server1 from the internal network. Internal users report that they cannot connect to Server1 by using Remote Desktop Connection. You need to ensure that the users can connect to Server1 by using Remote Desktop Connection. Which port should you open on the firewall? （）

• A、389
• B、3268
• C、3389
• D、5900

第7题：

You are the administrator of an Active Directory domain. All servers run Windows Server 2003. All client computers run Windows XP Professional and are members of the domain.The domain contains a single DNS server named Server1. Root hints are enabled on Server1. Internet access for the company is provided by a Network Address Translation （NAT） server named Server2. Server2 is connected to the Internet by means of a permanent connection to the company’s ISP.Users report that they can no longer connect to http：//www.adatum.com. Users can connect to internal resources and to other Internet Web sites. You can successfully access http：//www.adatum.com from a computer outside of the corporate network.You need to ensure that the users can access http：//www.adatum.com. You must also ensure that users retain their ability to access internal resources.   Which two actions should you perform？（）

• A、Disable Routing and Remote Access on Server2.
• B、Create a root zone on Server1.
• C、On all affected users’ computers， run the ipconfig /flushdns command.
• D、Configure all affected users’ computers to use the ISP’s DNS server.
• E、Use the DNS console on Server1 to clear the DNS cache.

第8题：

You are the network administrator for your company. Your network consists of a single Active Directory domain. All network servers run Windows Server 2003, and all client computers run Windows 2000 Professional. You install Windows Server 2003 with default settings on a new computer named Server1. You install and share several printers on Server1. You instruct all users to connect to these printers by using the address http://Server1/Printers. However, users report that they cannot connect to this address. You need to ensure that all users can connect to the printers by using HTTP. Which two actions should you perform?（） (Each correct answer presents part of the solution. Choose two.)

• A、Publish all shared printers that are installed on Server1.
• B、Create a virtual directory named Printers on Server1.
• C、Install IIS with default settings on Server1.
• D、Reshare all printers on Server1.
• E、Install the Internet Printing component of IIS.
• F、Type Net Start W3SVC at a command prompt.

第9题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003.The network contains a Web server named Server1 that runs IIS 6.0 and hosts a secure Web site. The Web site is accessible from the intranet， as well as from the Internet. All users must authenticate when they connect to Server1. All users on the Internet must use a secure protocol to connect to the Web site. Users on the intranet do not need to use a secure protocol.You need verify that all users are using a secure protocol to connect to Server1 from the Internet.   What are two possible ways to achieve this goal？（）

• A、Monitor the events in the application log on Server1.
• B、Monitor the events in the security log on Server1.
• C、Monitor the Web server connections on Server1 by using a performance log.
• D、Monitor network traffic to Server1 by using Network Monitor.
• E、Monitor the IIS logs on Server1.

第10题：

第11题：

第12题：

第13题：

A network administrator wants to ensure that only the server can connect to port Fa0/1 on a Catalyst switch. The server is plugged into the switch Fa0/1 port and the network administrator is about to bring the server onlinE.What can the administrator do to ensure that only the MAC address of the server is allowed by switch port Fa0/1? （）

• A、Configure port Fa0/1 to accept connections only from the static IP address of the server.
• B、Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.
• C、Configure the MAC address of the server as a static entry associated with port Fa0/1.
• D、Bind the IP address of the server to its MAC address on the switch to prevent other hosts from spoofing the server IP address.
• E、Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of the server.
• F、Configure an access list on the switch to deny server traffic from entering any port other than Fa0/1.

第14题：

An administrator replaces the network card in a web server. After replacing the network card some users can access the server but others cannot.  Which of the following is the FIRST thing the administrator should check？（）

• A、 Default gateway
• B、 The ports on the switch
• C、 Port security on the servers switch port
• D、 Ethernet cable

第15题：

our network consists of a single Active Directory domain. The network contains two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 (SP2).  You log on to Server1 by using the Administrator account for the domain. You open Event Viewer and attempt to connect to Server2 but receive the following error message.  You verify that you can connect to Server2 by using Windows Explorer and that Windows Firewall is disabled on Server2.You open the Services snap-in on Server2 as shown in the exhibit. (Click the Exhibit button.)，You need to ensure that you can connect to Server2 remotely by using Event Viewer. What should you do on Server2?（）

• A、 Add the Administrator account to the HelpServicesGroup. 
• B、 Set the Startup Type for the Remote Registry service to Automatic and then start the service. 
• C、 Set the Startup Type for the Secondary Logon service to Disabled and then stop the service. 
• D、 Set the Startup Type for the Special Administration Console Helper service to Automatic and then start the service.

第16题：

You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The network contains a Web server that runs IIS 6.0 and hosts a secure intranet site. All users are required to connect to the intranet site by authenticating and using HTTPS. However， because an automated Web application must connect to the Web site by using HTTP， you cannot configure the intranet site to require HTTPS.  You need to collect information about which users are connecting to the Web site by using HTTPS.   What should you do？（）

• A、Check the application log on the Web server.
• B、Use Network Monitor to capture network traffic on the Web server.
• C、Review the log files created by IIS on the Web server.
• D、Configure a performance log to capture all Web service counters. Review the performance log data.

第17题：

You are the desktop administrator for one of your company's branch offices. The network in the branch office consists of a single network segment, which contains a domain controller, a DHCP server, 10 Windows 2000 Server computers, and 50 Windows 2000 Professional computers. All servers and client computers are members of the company's Active Directory domain. You purchase 50 new client computers for the branch office. Each new client computer contains a built-in PXE-compliant network adapter. You install and configure RIS on one of the Windows 2000 Server computers that is on the network in the branch office. You create a Windows XP Professional RIS image on the Windows 2000 Server computer. You connect the new client computers to the network in the office, and you turn on each computer. Each computer displays a message stating that it cannot contact a PXE boot server. You verify that the RIS server is connected to the network. You need to ensure that the new client computers can connect to the RIS server and can begin installing Windows XP Professional. What should you do?（）

• A、Ask a domain administrator to authorize the RIS server. 
• B、Grant the Everyone group Allow - Read NTFS permission on the RIS image.
• C、Install RIS on the domain controller. Copy the RIS image to the domain controller.
• D、Add a reservation for the RIS server to the DHCP server. 

第18题：

You are the network administrator for The network consists of a single Active Directory domain. The domain contains 20 Windows Server 2003 computers and 400 Windows XP Professional computers. Software Update Services (SUS) is installed on a server named Testking2. The network security administrator wants you to ensure that the administrative password is not compromised when an administrator connects to Testking2's SUSAdmin Web site remotely by using HTTP. You want only SSL to be used to connect to the SUSAdmin Web site. The network security administrator creates a digital certificate and enables communication for SSL on port 443 of Testking2. However, administrators are still able to connect to the SUSAdmin Web site by using HTTP. You need to ensure that communication to the SUSAdmin Web site is always secure. What should you do?（）

• A、Disable port 80 on the SUSAdmin Web site.
• B、Require 128-Bit SSL on all directories related to the SUSAdmin Web site.
• C、Change the default Web site to require 128-Bit SSL.
• D、Enable IPSec on Testking2 with the Request Security IPsec template.

第19题：

You are the network administrator for your company. All servers run Windows Server 2003.  You configure a server named Server2 as a Network Address Translation （NAT） server. Server2 has a single network adapter and a modem. Server2 connects to the Internet through a demand-dial connection. Users report that when they attempt to connect to Internet Web sites， they intermittently receive the following error message： "Page not found." After waiting for several minutes， they can connect to the Web sites. These errors occur throughout the day.  You need to configure Server2 to allow users to always connect to Internet Web sites.   What should you do？（）

• A、Set the demand-dial connection to Persistent.
• B、Set the dial-out hours on the demand-dial connection to any day and any time.
• C、Set a demand-dial filter. Configure the filter for Only allow the following traffic. Specify a new filter for outbound port 80.
• D、Configure the demand-dial interface as the private interface.

第20题：

Your network contains a server named Server1 that has Windows Server 2008 R2.An administrator runs the following command on Server1: netsh.exe advfirewall reset You discover that you can no longer access Server1 on port 3389.You need to ensure that you can access Server1 on port 3389.Which firewall rule should you enable？（）

• A、File and Printer Sharing (Echo Request ICMPv4-In)
• B、File and Printer Sharing (SMB-In)
• C、Remote Desktop (TCP-In)
• D、Remote Service Management (RPC)

第21题：

Recently traffic to the company web server has more than doubled， resulting in slower response times from the server.  An administrator has decided to add a second， identical 10/100/1000 NIC to the server.  The server is presently connected to a 10/100/1000 switch， with four open ports on the switch.  Which of the following is the BEST solution to speed up web traffic？（）

• A、Free up more ports on the switch
• B、Enable server load balancing
• C、Move the second network adapter to a new subnet
• D、Enable network adapter teaming

第22题：

第23题：