- Domain 3: Network Implementation
- What You Will Need
- Lab 1: Active Directory Structure and Permissions
- Lab 2: Services and nbtstat
- Lab 3: Wiring, Part II
- Lab 4: VPN and Authentication Re-visited
- Lab 5: Firewalls, Proxies, and Ports
- Lab 6: Anti-Virus Software
- Lab 7: Fault Tolerance
- Lab 8: Disaster Recovery
- Domain 3 Practice Questions
- Answers and Explanations
Answers and Explanations
Objective 3.1
Answer a is correct. Samba allows Microsoft clients to connect to Linux systems. SMB and AFP are something that you could possibly load on a Macintosh system. Printer Services for UNIX allows UNIX systems to access printers connected to a Windows 2000 Server.
Answer d is correct. Active Directory Users and Computers is used to add accounts, groups, and organizational units. Routing and Remote Access (RRAS) has nothing to do with accounts; instead, it allows you to transform your server into a VPN server, network router, and so on. User Manager for Domains and Server Manager are the Windows NT 4.0 Server applications for adding users and computers respectively.
Answer c is correct. The Everyone group has the full control permission by default. Encrypted and hidden are considered attributes of a file. Read-only can be both a permission and an attribute, but the Everyone group has much more than that by default.
Answer a is correct. GSNW (Gateway Services for NetWare) would be the best answer. If you have many clients, it would be very time consuming to load CSNW or the Novell Client 4.91 on every one. Instead, the clients could log on to the Microsoft server, and that machine would act as the gateway for all the clients out to the Novell resources.
Answer b is correct. FPNW (File and Print services for NetWare) is what you would use to connect Novell clients to Microsoft resources. GSNW and CSNW are for connecting Microsoft clients to NetWare resources, and File and Print Sharing is a built in service for Microsoft operating systems.
Objective 3.2
Answers a and c are correct. Messenger is an important service but not considered one of the main services, and Redirector is what Novell calls the service that allows computers to access remote resources.
Answer d is correct. netstat shows connections or sessions to other machines, ping verifies connections between two computers, and arp resolves between IP and MAC addresses.
Answer c is correct. Computer Management has, among other things, the Services and Applications Applet, which allows you to view the services that are running and work on various other apps. RRAS is for turning your server into a network router or a VPN device. Active Directory Users and Computers is for working within the structure of the network and configuring objects and organizational units. Device Manager (which is within Computer Management, by the way) is for viewing, troubleshooting, and configuring your hardware devices.
Answer d is correct. –A is for use with IP addresses, and -a is for use with host names. –r lists names resolved by broadcast. –R purges and reloads the remote cache name table.
Answer a is correct. <20> identifies the Server service. <00> is for the Workstation service, <03> is for the Messenger service, and <1f> deals with domains.
Objective 3.3
Answer a is correct. The 110 IDC connector is the correct one for punching down. 66 connectors will be found primarily on 66 telephone blocks and are for POTS. USB is the universal serial bus connection, which is for peripheral devices; and screw terminals are normally found on NIDs (network interface devices) for telephone. They are also found on older RJ-11 jacks.
Answer c is correct. A continuity tester will test the connection between an RJ-45 jack and the patch panel. A patch tester will only test a patch cable, where both ends are present in the same area. A TDR is a time domain reflectometer, which normally finds the break in a cable if you are troubleshooting. It may have built-in continuity-testing functionality, but it is still not the best answer. A wire stripper is used for removing the PVC (plastic) jacket from the cable to expose the wires.
Answer a is correct. 568B is the most common wiring standard today. 568A is the older version. 568c and 619 are not actual data communications wiring standards.
Answer c is correct. You would use a punch down tool to connect wires to a patch panel.
Answer a is correct. Often, you will find miswiring in the form of reversed wires and pairs.
Objective 3.4
Answer c is correct. L2TP has the capability to be more secure than PPTP but it needs IPSec in this regard to encrypt the data. IPSec alone would not be enough as it does not tunnel to create a VPN.
Answer b is correct. Normally you would open 1723 (PPTP) to allow incoming remote access connections. Keep in mind that this creates a minor security issue because that port is now visible on your system. 3389 is for RDP (Remote Desktop Protocol), 80 is for HTTP, and 23 is for Telnet. By the way, L2TP uses 1701 if you decide to go that route.
Answer d is correct. All other URLs are incorrect. Although Verisign is a huge player in the security field, the question was asking about a server on your LAN.
Answer c is correct. As the name implies, L2TP (Layer 2 Tunneling Protocol) is on the data link layer.
Answer a is correct. You need to create an MMC, and navigate through the Default Domain Policy down to the IP Security Policies. Then you need to assign the policy that you wish to use.
Objectives 3.5–3.9
Answer b is correct. SMTP stands for Simple Mail Transport Protocol and is known as Send Mail To People. (See the word association?) It uses port 25 to transmit mail to an SMTP server. NNTP is the Network News Transfer Protocol and uses port 119, and SNMP is the Simple Network Management Protocol and uses port 161. Finally, SMB is the Server Message Block protocol that allows Windows computers to share data.
Answer d is correct. L2TP is the Layer 2 Tunneling Protocol and uses port 1701. 1723 is used by its cousin, PPTP, and the other two ports are not commonly used.
Answers a and b are correct. A router and an IP proxy will both have multiple connections, thus making them multi-homed machines. A domain controller and a WINS server need only one network connection because they only need to connect to the LAN.
Answer c is correct. Port forwarding allows your VPN requests on port 1723 or 1701 to be forwarded to the VPN server (RRAS device).
Answer b is correct. Port-based VLANs are by far the most common. They are easy to set up, they are logical, and simple patching can move computers wherever you would like them to go while retaining their VLAN membership.
Objectives 3.10–3.12
Answer b is correct. RAID 1 Mirroring can use only two disks—no more and no less.
Answer d is correct. Anti-virus software will protect you against viruses. Just make sure that the software engine and the definitions are updated!
Answer c is correct. True clustering will spread resource usage across multiple computers.
Answer d is correct. ntbackup allows you to back up any data on your system as well as the system state set of data that Windows 2000 has compiled for you.
Answer d is correct. RAID 5 is striping with parity. This stripes the data and the parity across a minimum of three disks and a maximum of 32. RAID 0 is striping only and is not fault tolerant. RAID 1 is mirroring and while it is fault tolerant, it does not use parity. Disk duplexing is used in RAID 1 configurations and provides a secondary controller.