发信人: songfongling(rrdn)
整理人: reynolds(2002-07-25 15:18:39), 站内信件
|
[ Q 12 ] When configuring an OSPF router, you must specify the network type on which it will be used to ensure that the correct message format is used. What are the three different types of networks you can have with OSPF?
A. Broadcast
B. Multicast
C. Point-to-Point
D. Non-Broadcast Multiple Access (NBMA)
ANSWER:
A, C, D: The three correct types of networks you can have with OSPF are Broadcast (examples being Ethernet and Token Ring), Point-to-Point (examples being T-Carrier links) and Non-Broadcast Multiple Access (examples being Frame Relay and ATM). Despite the word broadcast in two of these, OSPF never sends broadcasts, only multicasts. The use of the word broadcast is to describe the capability of the network media, rather than the actual packet format being used.
B is incorrect. There is no such network type in OSPF, despite all packets being sent as multicasts rather than broadcasts.
[ Q 13 ] One of your network clients has sent a name registration request to a Windows 2000 server designated as it's primary WINS server. This server is also the domain controller. Another client, on a different subnet, with the same name is already registered with the WINS server. What will happen immediately after the WINS server receives the request from this new client?
A. The WINS server will update the IP address entry in favor of the new client.
B. The new client will get a "Duplicate name on the Network" message.
C. The client will be redirected to the secondary WINS server.
D. A challenge will be sent by the WINS Server to the existing entry.
ANSWER:
D: When a WINS Client attempts to register a name that is already contained in the WINS database, the WINS Server will send a challenge to the IP address of the entry is already has for that NetBIOS name. If the computer answers the challenge, the WINS Server will assume that the NetBIOS name is already taken, and will return to the computer attempting to register the name a Negative NetBIOS Registration Response.
A is incorrect because the WINS database is not updated in favor of the new client until the existing computer fails to respond the challenge offered by the WINS Server. B is incorrect because the new client will get the error message only after the existing client has responded to the WINS Server challenge. C is an invalid choice because the client will not be directed to the secondary WINS server. Secondary WINS Servers are contacted only if the client cannot communicate with the Primary WINS Server.
[ Q 14 ] You have configured client PCs to dynamically update their resource records with a DNS service running on a Windows 2000 server. When you use the DNS management console you find that resource records are not being added. What is the most likely explanation?
A. The zone is a standard zone. Dynamic updates are only allowed with Active-Directory integrated zones.
B. The use of dynamic updates for the zone has been disabled on the DNS server.
C. The client computers are not members of the DnsUpdateProxy Group.
D. The DNS Server does not support dynamic updates.
ANSWER:
B: The use of dynamic updates can be disabled on a per zone basis on a DNS server. By default, dynamic updates are not enabled, so you must be sure to manually enable Dynamic Updates for all standard zone that you create.
A is incorrect because standard zones allow dynamic updates. C is incorrect because the DnsUpdateProxy Group is used with DHCP to provide extra security for dynamic updates. D is incorrect because the DNS service is running on a Windows 2000 server and the Windows 2000 DNS service does support dynamic updates.
[ Q 15 ] You are the network administrator for a network with 500 users. There are several file servers on the network, and they must serve both Windows 2000 clients and Windows 95 clients. You would like to configure the file servers so that a secure connection will be established with the Windows 2000 clients, but the Windows 95 computers will still be able to connect, although their sessions will be unsecured. Which of the following predefined IPSec policies would you enable on the file server to accomplish this?
A. Client policy
B. Server policy
C. Secure Client policy
D. Secure Server policy
ANSWER:
B: The Server policy, also called the Request Security policy, is used when you wish to request, but not require, IPSec security for all connections. This allows the server to establish secure sessions with those clients that support IPSec (Windows 2000), but will still allow a connection (unsecured) with systems that are non-IPSec aware, such as Windows 9x and NT.
A is incorrect because the Client (Respond Only) policy is used to establish secure connections only when the other machine requests them. C is incorrect because "Secure Client Policy" is not one of the three predefined policies. D is incorrect because the Secure Server (Require Security) policy will not allow a connection from the Windows 95 clients because they are not IPSec aware.
[ Q 16 ] Your CIO informs you that multiple departments cannot access the company intranet Web server, and the problem needs to be solved quickly. You ping the IP address of this Web server and sure enough, it isn't responding. What's one of the quickest ways of narrowing down where the problem is?
A. You ping another server on the network.
B. You ping the router that's attached to the same segment as the Web server.
C.You use Tracert against the another server on the same segment as the web server.
D. You use PathPing against the Web server's IP address
ANSWER:
C: Answer C is correct because you accomplish two things when you ping another server on the destination subnet. First, if the other server responds, you know that the problem is most likely due to some error on the web server itself. Second, if the server does not respond, you can assess at which router the communication failed.
A is incorrect because if the second server fails to respond, you still don't have information regarding which router might have failed in the path from your network to the destination network. B might be a good test if it came back positive, because it confirms that there isn't a routing problem from you to the last router. However, it tells you very little if the ping is unsuccessful, except that the problem is unlikely to be with the Web server itself (unless that has a separate problem!). D isn't a bad idea in principle to determine where the problem lies, except in practice, it isn't quick! In comparison with Tracert, this command takes a long time to complete; particularly if you've got someone impatiently standing behind you! Pathping is more useful to assess whether router congestion, versus segment congestion, is the root of a connectivity issue.
[ Q 17 ] You have implemented a DHCP relay agent on a Windows 2000 member server on one of your subnets. A DHCP server is installed on another subnet. Which of the following must you configure on the relay agent (Select all that apply)?
A. The IP address of a DHCP server
B. The IP address of the default gateway for the subnet
C. The IP addresses of all other DHCP relay agents
D. The IP address of a DNS server
ANSWER:
A, B: The DHCP relay agent listens for DHCP broadcasts by clients. Upon receiving such a packet the relay agent will send a packet addressed directly to a DHCP server with the client's requests. To do this, the relay agent needs the IP address of the DHCP server. The IP address of the default gateway is needed because otherwise the server would not be able to send packets to remote subnets.
C is incorrect because a DHCP relay agent only needs to know the IP address of the DHCP server. Although there may be several DHCP relay agents on a network, they do not need to know each other's IP addresses. D is incorrect because DNS is not part of the DHCP relay process and therefore not relevant to the DHCP relay agent.
[ Q 18 ] You've just configured ICS and now need to reconfigure your client workstations. Previously, your Windows 2000 Professional client workstations were set up for direct Internet access. In IE5 under Tools | Internet Options | Connections, you select "Never dial a connection" and then click LAN SETTINGS. Which of the following options should you select next?
A. Automatically detect settings
B. Use automatic configuration script
C. Use Internet sharing
D. None.
ANSWER:
D: The three options listed under LAN Settings are "Automatically detect settings," "Use automatic configuration," and "Use a proxy server." None of these should be selected to use ICS.
A is incorrect if you want to use either ICS or NAT-this setting is to automatically search for proxy servers. B is also incorrect-this again is used with proxy servers and not ICS or NAT. C is incorrect because this option doesn't exist in IE.
[ Q 19 ] Current Situation: You have two subnets each with 500 PCs and 5 servers. The router connecting the subnets is RFC1542 compliant (supporting BOOTP Forwarding).
Required Result: All PCs should receive an IP address automatically
Optional Desired Results: IP addresses should continue to be available in the event that any one server fails; the servers should be configured with fixed IP addresses.
Proposed Solution: Install two DHCP servers, one on each subnet. Configure two scopes on each DHCP server with the first scope containing addresses for the DHCP server's local subnet and the second scope containing addresses for the subnet remote to the DHCP Server. Ensure that none of the scopes overlap. Configure each server's IP address manually under TCP/IP properties and create exclusion ranges in each scope for the range of IP addresses used for servers. Configure client PCs to obtain an address automatically.
A. The proposed solution produces the required result and produces both of the optional results.
B. The proposed solution produces the required result and produces only one of the optional results.
C. The proposed solution produces the required result and produces none of the optional results.
D. The proposed solution doesn't produce the required result.
ANSWER:
A: By installing DHCP servers and configuring the clients to obtain addresses automatically, clients will obtain an IP address from the DHCP servers automatically, thus meeting the required result. By having two DHCP servers, a measure of fault-tolerance is provided. The recommended way to allocate IP addresses in this situation is for the local DHCP server to have 75% of the available IP addresses, and for the DHCP server remote to the subnet to have the other 25%. By having more than one server, ensuring that none of the scopes overlap, that the server IP addresses are set manually and that the server addresses are excluded from all DHCP scopes the optional desired results are met.
B, C and D are incorrect because the proposed solution produces the required result and both of the optional results.
[ Q 20 ] Assuming that your Internet connection is already working on your server, what's the minimum steps you must perform with the Routing and Remote Access Service snap-in to get NAT working on your Windows 2000 server? (Select all that apply.)
A. Ensure routing is supported and add the NAT routing protocol.
B. Add at least one internal interface to the NAT protocol.
C. Add at least one external (Internet) interface to the NAT protocol.
D. Enable the DHCP allocator.
ANSWER:
A, B, C: You must add the NAT protocol, and then add at least one internal interface and one external interface to the NAT protocol-they are not automatically added as you might expect.
D is incorrect. By default in NAT, the DHCP allocator is enabled, which means that DHCP-enabled clients can immediately benefit from the NAT service. However, you may prefer to disable the DHCP allocator if you want to use a standard DHCP server; this will also allow you to assign to clients alternative DNS and WINS servers (if name resolution has also been disabled in NAT).
Your PC is a member of the dev.west.xyz.com domain. The following screen shows the DNS tab under the Advanced TCP/IP settings.
Which domain suffixes will be added to resolution requests for unqualified names?
A. dev.west.xyz.com only
B. dev.west.xyz.com and west.xyz.com
C. dev.west.xyz.com, west.xyz.com and xyz.com
D. west.xyz.com and xyz.com only
ANSWER:
C: The "Append primary and connection specific DNS suffixes" selection means that DNS names resolution for unqualified names (i.e. those that just have a host name) will have the primary suffix of the computer appended. Since this computer is a member of the dev.west.xyz.com domain, then this is the primary suffix. The "Append parent suffixes of the Primary DNS suffix" means that the higher level (parent) suffixes of the primary DNS suffix up to the second-level domain will also be used. In this example, the parent suffixes are west.xyz.com and xyz.com. For example, DNS queries for a computer called marketing will look for marketing.dev.west.xyz.com (primary suffix), marketing.west.xyz.com (parent suffix), and marketing.xyz.com (parent suffix) but not marketing.com (top-level domain).This process of appending parent suffixes to the host name resolution request is also known as "devolution".
A is incorrect because it is not the only domain suffix to be used. B and D are incorrect because they do not list all the domain suffixes that are used in resolving the host name to an IP address.
[ Q 22 ] Current Situation: Your users at a remote office are complaining that DNS queries take too long to resolve. The company's DNS servers are located at the main office. The remote office is connected to the main office using a low speed WAN link. Tests show that the WAN link is heavily used.
Required Result: Improve host name resolution performance.
Optional Desired Results: Minimize traffic over the WAN, and Ensure that DNS queries can still be resolved in the event of any one DNS server failing.
Proposed Solution: Install a DNS Server at the remote office but do not configure any zones, configure the DNS server at the remote office to forward requests to the DNS server at the main office, configure each client in the remote office to use the new DNS server as the preferred DNS server and one of the DNS servers at the main office as the alternate DNS server.
Which of the following results will the proposed solution produce?
A. The proposed solution produces the required result and produces both of the optional results.
B. The proposed solution produces the required result and produces only one of the optional results.
C. The proposed solution produces the required result and produces none of the optional results.
D. The proposed solution doesn't produce the required result.
ANSWER:
A: A DNS Server that has no zones installed will act as a caching-only server. This means that it will forward queries to the DNS server at the main office and cache the results for future use, meeting the required result. Over time this can reduce WAN traffic as a local cache (at the remote site) of frequently queried names is built up. Additionally, because there are no zones on the DNS server at the remote site there is also no zone replication traffic. This minimizes WAN traffic, meeting the first optional desired results. Configuring the clients to use the local DNS server as the preferred server means that this server will always be queried first, again minimizing WAN traffic. Should this server not be available then the alternate DNS server will be queried (over the WAN) providing continuity of name resolution service, meeting the second optional desired result.
B, C and D are incorrect because the proposed solution produces the required result and both of the optional results.
|
|