HOME NEW Certification
HOME OLD Certification
Certification HP
Certification Microsoft
HP Learning eBooks

 
 
CERTIFICATION - Questions and Answers at - TTr
Answers are somewhere on the web, just look carefully !!!
1 2 3 4 5
 

70-227 MCP Installing, Configuring, and Administering Microsoft ISA Server 2000 Enterprise Edition

14.)You are the administrator of your company network, which consists of one Microsoft Windows 2000 domain and one site and a ISA server computer named DeviISA is dedicated to your company's software developers, who use only Windows 2000 Professional computers.
A group named DeveloperW orkstations contains all the computer accounts for the software developers. Another group named DeveloperUsers contains all the user accounts for the software developers. Both groups are contained in the developers OU. You have full administrative control of the developers OU. The DeveloperUsers group has been added to the administrator local group on each client computer. You must deploy the firewall client software to all computers within the developers OU. Your solution must involve the least possible administrative effort.
What should you do?

A. Create a startup script for all accounts in DeveloperWorkstations. In this script, include the following statement: \ \devisa \mspcint\setup.exe
B. Create a logon script for all accounts in DeveloperUsers. In this script, include the following statement:
\ \devisa \mspcint\setup.exe
-C. Create a new group policy for DeveloperWorkstations. The Group Policy will assign the MS_FWC.MSI package to each computer in DeveloperWorkstations.
D. Create a new group policy object for DeveloperUsers. The group policy will publish the MS_FWC.MSI package to each user in DeveloperUsers.

 

15.)You are the administrator of an ISA server array. The network consists of one Microsoft Windows 2000 forest with three domains. The DNS zone for the three domains are hosted on the DNS servers.
On all client computers, the Firewall Client software is installed and Microsoft Internet Explorer is configured to use the members of the ISA Server array as proxy servers. You configure all client computers to use the DNS addresses of the internal DNS servers.
When you use network Monitor to verify your configuration, you discover that the DNS names for the internal network are being resolved by the ISA Server array.
You need to ensure that all DNS name requests for the internal network are sent to the internal DNS servers. This condition includes DNS names by Internet explorer and by the firewall client software. Which two actions should you take? Each correct answer presents part of the solution. (Choose two)

-A. Configure Internet Explorer on the client computers with a list of addresses that should not use a
proxy server include the three domain names.
B. Edit the msplat.txt file on the client computers to include the three domain names.
C. Configure outgoing web requests to resolve web requests within the array before routing
D. Create a new routing rule that applies to all computers in the three domains. Forwarded web requests to the internal DNS servers
-E. Configure the local domain table to include the three domain names.

16.)You are the administrator of your company network, which includes a main office and a bran ch office. The bran ch office connects to the Internet through a Microsoft Proxy server 2.0 computer named Prx2. Prx2 is chained to another Proxy server 2.0 computer named Prx1, which is located in the main office. You up grade Prx1 to ISA server. Now, users in both offices report that they cannot browse the Internet. You need to enable users in both offices to browse the Internet. Your solution must involve the least possible administrative effort. What should you do?
A. Configure your internal DNS server with a host record that points to a WSPAD.DAT file.
B. Configure your DH CP server to inform client computers of the location of a WP AD.DAT file.
-C. Configure PrxI to listen for outbound web requests on TCP Port 80.
D. Configure PrxI to provide an automatic configuration script to Web browsers on your network

17.)You are the domain administrator of your company network, which consists of one Microsoft Windows 2000 domain and four sites. Each site has a separate Tl connection to the Internet. Each site includes one ISA server computer that is connected to the Internet. All four ISA server computers are Windows 2000 member servers. The ISA enterprise initialization tool has not yet run. You need to ensure that policy rules for Internet access are the same for all four sites. Which three actions should you take? Each correct answer presents part of the solution. (Choose three)
-A. Run the ISA enterprise initialization tool.
B. Promote the ISA Server computers to domain controllers in the domain.
-C. Promote each stand-alone ISA Server computer to a separate array.
D. Install the ISA Server computers in one new array.
E. Configure the array properties to publish automatic discovery information.
-F. Apply an Internet access enterprise policy to all ISA Server computers.
G. On one of the ISA Server computers, apply an array access policy that contains the Internet access rules.

18.)You are employed by an aerospace manufacturer that develops sensitive projects for the national government. You are designing the Internet security solution for your company.
Absolutely no traffic originating from the Internet can be allowed into the internal network. However, your company has several partners and mobile users who need to access your e-mail server, your web server, and your FTP server.
You want to accomplish the following goals:
-No traffic originating from the Internet of the perimeter network must be able to enter the internal network
-No traffic originating from the internet must be able to directly enter the perimeter network
-Partners and mobile users must be able to access the company e-mail server and web server, regardless of their operating system platform.
-The internal network must be protected even if a security breach occurs at the perimeter network
-An administrator must be notified and the affected service must be shut down if an intrusion is attempted
Your design calls for the following actions:
-Deploy ISA Server computers in firewall mode in a back-to-back perimeter network configuration, and deploy the e-mail server, the web server, and he FTP server on the perimeter network,
-Create publishing rules on the external ISA Server firewall to publish the web server, the FTP server, and the e-mail server
-Enable lP routing on the external ISA server firewall
-Disable packet filtering on the internal ISA Server computer.
Which result or results do these actions produce? (Choose all that apply.)

A. No traffic originating from the Internet of the perimeter network must be able to enter the internal network
-B. No traffic originating from the internet must be able to directly enter the perimeter network
-C. Partners and mobile users must be able to access the company e-mail server and web server, regardless of their operating system platform.
D. The internal network must be protected even if a security breach occurs at the perimeter network
E. An administrator must be notified and the affected service must be shut down if an intrusion is attempted.

19.)You are the administrator for your company network, which contains a single Microsoft Windows 2000 domain. You add all the client computers in your finance department to an Organizational Unit named Finance.
You install and con figu re an ISA Server computer on the network for Internet access. You configure this computer to allow PPTP packets. You also configure all client computers on the network as SecureNAT clients. Users can now access external web sites.
A VPN server named VPN-serverl is located at the main office of one of your business partners. Users in the finance department need to access VPN-serverl, but they cannot establish a VPN tun nel to it.
You need to con figure only the client computers in the finance department to connect to VPN-serverl. What should you do?

A. Deploy and assign MS_FWC.msi to the Finance OU.
B. Deploy and publish the setup file for the firewall client software to the finance OU.
C. Configure each client computer in the finance department so that the address of the internal network adapter of your ISA Server computer is its default gateway.
-D. Configure routing and remote access on VPN -server 1. Enable TCP ports 1723 and 47 on this computer.

20.)You administer an ISA server computer that makes your company's public web site available to Internet users. Users on your internal network also use this server to access the Internet. The relevant portion of your network configuration is shown in the exhibit.
You want to use Microsoft Internet explorer on the ISA Server computer to access Internet sites. You also want to benefit from the web proxy cache on this server. What should you do?

A. Configure Internet explorer to use web.contoso.com as the address of the proxy server.
-B. Configure Internet explorer to use 10.65.1.1 as the address of the proxy server.
C. On the ISA server computer, create an lP packet filter that allows the use ofremote TCP port 80.
D. On the ISA server computer, create a routing rule that retrieves requests directly from the destination and cache s the response.

21.)You install an ISA server computer named ISA1 on your company named. You plan to use ISA1 to provide access to your two public web sites, www.treyresearch.com and www.parnellaerospace.com. Both sites are hosted on a computer named Web1 on your network. Each site is assigned a separate lP address on Webl. An internal DNS server resolves site names internally.
You configure ISA1 to publish Webl. However, when you try to connect to www.parnellaerospace.com from the Internet, www.treyresearch.comis displayed instead.
You must be able to connect to both Web sites from the Internet. What should you do?

A. On your extemal DNS server, create an A record for www.parnellaerospace.com that points to the extemal lP address of ISA 1. Create a Web publishing rule that redirects requests to the lP address of www.parnellaerospace.com
B. On Web1, install the Firewall Client software. Remove the configuration for the default gateway on Web1. Create a web publishing rule on ISA1 that specifies All Internal Destinations as the destination.
-C. Create one destinations set for the fully-qualified domain name ofwww.parnellaerospace.com and another for the fully-qualified domain name ofwww.treyresearch.com. Create one web publishing rule named www.parnellaerospace.com and another named www.treyreaserach.com. Each rule redirects requests to the appropriate lP address of web 1.
D. Create one destinations set for the fully-qualified domain name ofwww.parnellaerospace.com and www.treyresearch.com.CreateawebpublishingrulenamedPublish1withalldefaultoptions.This rule redirects requests to Web 1.

22.)You are the administrator of your company network, which includes an ISA server computer named ISA1 and an internal web server named Webl. You use ISA1 to publish Web1 on the Internet. Because Web1 hosts confidential information, you install an X.509 certificate on ISA1 to encrypt HTTP session traffic. You also enable the SSL listener.
When you test the secure channel from the Internet, you receive a 500 Internal server error message indicating that the network logon has failed.
You need to connect to Web1 by using an encrypted, secure channel between the Internet and ISAl. What should you do?

A. On ISA!, enable client certificate authentication for the secure channel.
B. On ISA!, enable client certificate authentication for incoming Web requests
C. In the properties of the web publishing rule for Web l , enable HTTP requests to be redirected as SSL requests.
-D. In the properties of the web publishing rule for Web l , enable SSL requests to be redirected as HTTP requests.

23.)You are the administrator of your company network. You install ISA server on ISA-MainI and on ISA-Branch, selecting all default settings. You can now create VPN connection within the branch office. You run the Local ISA VPN wizard and the remote ISA VPN Wizard on both computers.
You need to con figure ISA-Branch so that only VPN-client1 can access the finance server. What should you do?

A. Remove the lP addresses for the main office from the local address table. Enable the PPTP client and server packet filters on ISA-Main1 and ISA-Branch.
B. Remove the lP address of the finance server from the local address table. Add a new PPTP client packet filter that uses port 1723.
-C. Edit the PPTP client and server packet filters. Include only the lP address ofVPN-client1 on both packet filters.
D. Edit the local address table on ISA-Main! and execute extemal lP addresses. Change the lP address of the internal network adapter to a valid extemal lP address.

24.)You are the administrator of your company network. You implement ISA server to control access to the Internet. Users in various departments require access to Internet sites, as follows:
User Access
Administrators, Managers Unrestricted access
Sales Department, Marketing Department Access limited to certain customer sites
All other users No access
Your network consists of a single Microsoft Windows 2000 domain. Each department has its own organizational unit. Except for administrators and managers, all user accounts are members of a group named company Users, which is located in the users container. All members of company Users also have membership in groups located in the appropriate departmentalOU.
You create the site and content rules:
Site and Content rules
Adm & Manager rule
Sales &Mktg
Users-No Access
Users in the sales and marketing departments now report that they cannot access any Internet sales. Administrators and managers report no problems. How should you correct this problem?

A. Reorder the site and content rules so that the Users-No Access rule is listed first.
B. Reorder the site and content rules so that the Sales &Mktg rule is listed first.
-C. Remove the User-No access site and content rule.
D. Remove the Sales &Mktg site and content rule.

25.)You are configuring a computer named ISAl. You will use these computers as the ISA server computer for your company's intranet. You set up ISA1 so that it is connected to three different physical networks.
You also plan to add a web server and an FTP server to the perimeter network (also known as DMZ). Users on the Internet should be able to access the servers in the DMZ by using FTP and HTTP. Client computers on the company intranet should be able to connect to file shares on the servers in the DMZ. You need to con figure ISA1 to support this functionality. Which two actions should you take? Each correct answer presents part of the solution. (Choose two)

A. On ISAl, enable routing and remote access and enable the computer as a router.
-B. In the properties page for the lP packet filters ofISAl, enable lP routing and packet filtering.
C. In the local address table ofISAl, include the address for the network adapter that is connected to the DMZ.
D. In the local address table ofISAl, exclude the address for the network adapter that is connected to the company intranet.
-E. In the local address table ofISAl, exclude the address range for the DMZ.

26.)You are the administrator of your company network, which consists of a single Microsoft Windows 2000 domain with Windows 2000 Professional computers and UNIX workstations. You are planning to deploy ISA Server on the network to provide Internet access for users.
You need to ensure that all users have restricted Internet access. Whenever possible, you also want to take advantage of authentication for Internet requests. What should you do?

A. Configure all Windows 2000 Professional computers and UNIX workstations as Web Proxy clients.
B. Configure all Windows 2000 Professional computers and UNIX workstations as SecureNAT clients.
-C. Configure all Windows 2000 Professional computers as Firewall clients. Configure all UNIX workstations as SecureNAT and Web Proxy clients.
D. Configure all Windows 2000 Professional computers as SecureNAT clients. Configure all UNIX workstations as Web Proxy clients.

 

This is just a sample, if you realy want to pass the test by TestKing tests.
 
 
 
 

HP Certification, Microsoft Certification, Questions and Answers, Qestions & Answers, Braindumps, Test King, IT Professionals, learning experience, Exam, APS, MSDN, Free, Servicing HP Dsktop,Wrkstations, and Ntbook, HP2-037 HP Certified Professional - HP LaserJet Foundations, HP2-038 HP Designjet Foundations, HP2-061 HP ProLiant Server Maintenance, HP2-896 Servicing HP Desktops, Workstations and Notebooks, HP2 035 061 060 APC Accredited Presales Consultant, AIS Accredited Integration Specialist, APP Accredited Presales Professional, HP2 035 061 060 APC Accredited Presales Consultant, ASE Accredited Systems Engineer, CSA Certified Systems Administrator, CSD, CSE, MASE Master Accredited Systems Engineer, MCSE Microsoft Certified System Engineer, MCP Microsoft Certified Professional, Microsoft Business Solutions, Microsoft 70-228 70-229 70-270 70-271 70-272 70-282 70-284 70-285 70-290 70-291 70-292 70-293 70-294 70-296 70-297 70-298 70-299 70-350 70-431 70-536 74-132, exam, Q&A