Exam: Microsoft 70-292
Title: Managing and Maintaining a Microsoft Windows Server 2003 Environment for a W2K
Version : Demo
1. You are the network administrator for your company. All servers run Windows Server 2003. All client computers run Windows XP Professional.
Another system administrator recently installed Software Update Services (SUS) on a server on the network. You need to troubleshoot a problem that involves SUS.
You need to view the SUS approval log to verify that the latest updates are available to client computers.
What should you do?
A. Open the most recent IIS log file on the SUS server. View the data in the log file.
B. Open the Hotfixes.txt file on the SUS server. View the data in the Hotfixes.txt file.
C. Run the wmic qfe > Approval.txt command on the SUS server. View the data in Approval.txt file.
D. Open the file named History-Approve.xml on the SUS server. View the data in the log file.
Answer: D

2. You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003.
The sales department recently hired 10 new employees. User accounts for these employees were created in Active Directory. The manager of the sales department sent you a list of the new users and asked you to add the user accounts to an existing global group named SalesDept.
You need to add the users to the SalesDept global group.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Use the dsadd user command to add the user accounts to the SalesDept global group.
B. Use the dsmod group command to add the user accounts to the SalesDept global group.
C. In Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Properties menu command.
D. In Active Directory Users and Computers, select all 10 user accounts. Right-click the selected users, and then select the Add to a group menu command.
Answer: D AND B

3. You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All user accounts are members of the Domain Users group.
You manage a server that is a member of the domain. Some administration tasks must be performed while you are logged on to the server. A new written security policy states that only specified users must be able to access the server by using Terminal Services. The written security policy also states that only administrators on the local server must be able to log on locally to the server.
The settings for the server are shown in the following table.
Policy Policy Setting
Access this computer from the network Administrators, Backup Operators, Everyone, Power Users, Users
Allow log on locally Administrators
Allow log on through Terminal Services Remote Desktop Users
Deny log on locally Domain Users
Perform volume maintenance tasks Administrators
You are a member of the Domain Admins global group. You attempt to perform maintenance tasks on the server, but you receive an error message stating that the local policy of the computer is preventing you from logging on locally.
You need to ensure that you can perform the maintenance tasks that are required for the server. You also need to meet the requirements of the written security policy.
What should you do?
A. Remove the Everyone group from the Access this computer from the network policy. Add the Domain Admins group to the Allow log on locally policy.
B. Add the Administrators group to the Allow log on through Terminal Services policy.
C. Add the Domain Admins group to the Allow log on through Terminal Services policy.
D. Remove the Domain Users group from the Deny log on locally policy.
Answer: D

4. You are the administrator of an Active Directory domain. The network consists of a single Active Directory forest that contains three domains. The functional level of the forest is Windows 2000. The NetBIOS names of the domains are Domain1, Domain2, and Domain3. The functional level of all three domains is Windows 2000 mixed. You manage resources in Domain1.
A new file server is added to Domain1. Users in all three domains need access to resources on the file server.
You need to create a group that will be used to grant access to the file server in Domain1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Create a security group.
B. Create a distribution group.
C. Configure the group to be a global group.
D. Configure the group to be a universal group.
E. Configure the group to be a domain local group.
Answer: E AND A

5. You are the network administrator for your company. The network consists of a single Active Directory domain. All domain controllers run Windows Server 2003.
You enabled the Audit account logon events policy and the Audit logon events policy on all domain controllers. You enabled both policies to audit for both success and failure attempts. In addition, you enabled Audit logon events for all other computers in the domain for both success and failure attempts.
You suspect that an unauthorized user attempted to discover the password for the domain administrator account by using a computer located in a public area in the company’s main office.
You need to find out if your network has been compromised.
What should you do?
A. Examine the security log on the public computer.
B. Examine the security log on each domain controller.
C. Examine the system log on the public computer.
D. Examine the system log on the primary domain controller (PDC) emulator.
Answer: B
The related exam:
70-446
70-502 CSharp
70-299