MCSE 2003 Security Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure : 70-293 Exam

Exam Number/Code: 70-293
Exam Name: MCSE 2003 Security Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
VUE Code: 70-293
Questions Type: Multiple choice,
Question Numbers of Real-exam: 43
Exam Language(s): English

“MCSE 2003 Security Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure”, also known as 70-293 exam, is a Microsoft certification.
Preparing for the 70-293 exam? Searching 70-293 Test Questions, 70-293 Practice Exam, 70-293 Dumps?

With the complete collection of questions and answers, Pass4sure has assembled to take you through 129 Q & A + 4 Real labs to your 70-293 Exam preparation. In the 70-293 exam resources, you will cover every field and category in MCSE 2003 Security helping to ready you for your successful Microsoft Certification.

The Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 credential is intended for IT professionals who work in the typically complex computing environment of medium to large companies. An MCSE candidate should have at least one year of experience implementing and administering a network operating system in environments that have the following characteristics:

•	250 to 5,000 or more users
•	Three or more physical locations
•	Three or more domain controllers
•	Network services and resources such as messaging, database, file and print, proxy server, firewall, Internet, intranet, remote access, and client computer management
•	Connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet

In addition, an MCSE candidate should have at least one year of experience in the following areas:

•	Implementing and administering a desktop operating system
•	Designing a network infrastructure

Exam news
Exam 70-293 became available in August 2003.

Audience profile
The Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 credential is intended for IT professionals who work in the typically complex computing environment of medium-sized to large companies. An MCSE candidate should have at least one year of experience implementing and administering a network operating system in environments that have the following characteristics:

• 250 to 5,000 or more users

• Three or more physical locations

• Three or more domain controllers

• Network services and resources such as messaging, database, file and print, proxy server, firewall, Internet, intranet, remote access, and client computer management

• Connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet

In addition, an MCSE candidate should have at least one year of experience in the following areas:

• Implementing and administering a desktop operating system

• Designing a network infrastructure

Credit toward certification
When you pass the Planning and Maintaining a Windows Server 2003 Network Infrastructure exam, you achieve Microsoft Certified Professional (MCP) status. You also earn credit toward the following certifications:

• Core credit toward Microsoft Certified Systems Engineer (MCSE) on Windows Server 2003 certification

• Elective credit toward Microsoft Certified Database Administrator (MCDBA) on Microsoft SQL Server 2000 certification

Preparation tools and resources
To help you prepare for this exam, Microsoft Learning recommends that you have hands-on experience with the product and that you use the following training resources. These training resources do not necessarily cover all of the topics listed in the “Skills measured” section.

Classroom training Microsoft E-Learning Microsoft Press books Practice tests
Course 2278: Planning and Maintaining a Windows Server 2003 Network Infrastructure

Course 2830: Designing Security for Microsoft Networks
There is no Microsoft E-Learning training currently available.
MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

MCSE Self-Paced Training Kit: Microsoft Windows Server 2003 Core Requirements, Exams 70-290, 70-291, 70-293, 70-294
MeasureUp
(Measureup.com)

Self Test Software
(Selftestsoftware.com)

Microsoft online resources
• Learning Plan: Get started with a step-by-step study guide that is based on recommended resources for this exam.

• Microsoft Learning Community: Join newsgroups and visit community forums to connect with peers for suggestions on training resources and advice on your certification path and studies.

• TechNet: Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical resources, newsgroups, and chats.

• MSDN: Designed for developers, the Microsoft Developer Network (MSDN) features code samples, technical articles, downloads, newsgroups, and chats.

Skills measured
This certification exam measures your ability to plan and maintain a Windows Server 2003 network infrastructure. Before taking the exam, you should be proficient in the job skills listed in the following table. The table lists Official Microsoft Learning Products that may help you reach competency in the skills being tested in the exam.

KEY: = The course provides a general introductory overview of this task. You will need to supplement the course with additional work. = The course includes some material to prepare you for this task. You will need to supplement the course with additional work. = The course includes material to prepare you for this task.
Skills measured by Exam 70-293 Course 2278 Course 2830
Planning and Implementing Server Roles and Server Security
Configure security for servers that are assigned specific roles.

Plan a secure baseline installation.

• Plan a strategy to enforce system default security settings on new systems.

• Identify client operating system default security settings.

• Identify all server operating system default security settings.

Plan security for servers that are assigned specific roles. Roles might include domain controllers, Web servers, database servers, and mail servers.

• Deploy the security configuration for servers that are assigned specific roles.

• Create custom security templates based on server roles.

Evaluate and select the operating system to install on computers in an enterprise.

• Identify the minimum configuration to satisfy security requirements.

Planning, Implementing, and Maintaining a Network Infrastructure
Plan a TCP/IP network infrastructure strategy.

• Analyze IP addressing requirements.

• Plan an IP routing solution.

• Create an IP subnet scheme.

Plan and modify a network topology.

• Plan the physical placement of network resources.

• Identify network protocols to be used.

Plan an Internet connectivity strategy.

Plan network traffic monitoring. Tools might include Network Monitor and System Monitor.

Troubleshoot connectivity to the Internet.

• Diagnose and resolve issues related to Network Address Translation (NAT).

• Diagnose and resolve issues related to name resolution cache information.

• Diagnose and resolve issues related to client configuration.

Troubleshoot TCP/IP addressing.

• Diagnose and resolve issues related to client computer configuration.

• Diagnose and resolve issues related to DHCP server address assignment.

Plan a host name resolution strategy.

• Plan a DNS namespace design.

• Plan zone replication requirements.

• Plan a forwarding configuration.

• Plan for DNS security.

• Examine the interoperability of DNS with third-party DNS solutions.

Plan a NetBIOS name resolution strategy.

• Plan a WINS replication strategy.

• Plan NetBIOS name resolution by using the Lmhosts file.

Troubleshoot host name resolution.

• Diagnose and resolve issues related to DNS services.

• Diagnose and resolve issues related to client computer configuration.

Planning, Implementing, and Maintaining Routing and Remote Access
Plan a routing strategy.

• Identify routing protocols to use in a specified environment.

• Plan routing for IP multicast traffic.

Plan security for remote access users.

• Plan remote access policies.

• Analyze protocol security requirements.

• Plan authentication methods for remote access clients.

Implement secure access between private networks.

• Create and implement an IPSec policy.

Troubleshoot TCP/IP routing. Tools might include the route, tracert, ping, pathping, and netsh commands and Network Monitor.

Planning, Implementing, and Maintaining Server Availability
Plan services for high availability.

• Plan a high-availability solution that uses clustering services.

• Plan a high-availability solution that uses Network Load Balancing.

Identify system bottlenecks, including memory, processor, disk, and network related bottlenecks.

• Identify system bottlenecks by using System Monitor.

Implement a cluster server.

• Recover from cluster node failure.

Manage Network Load Balancing. Tools might include the Network Load Balancing Monitor Microsoft Management Console (MMC) snap-in and the WLBS cluster control utility.

Plan a backup and recovery strategy.

Free PassGuide Practice Engine Demo Download Pass4sure offers free demos for each certification exam, including all IT vendors. You can check out the testing engine software, or pdf file question quality and usability of our practice exams before you decide to buy it. We are the only one site that offers demos for almost all IT certification exams.If you want to try p4s exam practice engine demo. http://demo.passguide.com/download

• Identify appropriate backup types. Methods include full, incremental, and differential.

• Plan a backup strategy that uses volume shadow copy.

• Plan system recovery that uses Automated System Recovery (ASR).

Planning and Maintaining Network Security
Configure network protocol security.

• Configure protocol security in a heterogeneous client computer environment.

• Configure protocol security by using IPSec policies.

Configure security for data transmission.

• Configure IPSec policy settings.

Plan for network protocol security.

• Specify the required ports and protocols for specified services.

• Plan an IPSec policy for secure network communications.

Plan secure network administration methods.

• Create a plan to offer Remote Assistance to client computers.

• Plan for remote administration by using Terminal Services.

Plan security for wireless networks.

Plan security for data transmission.

• Secure data transmission between client computers to meet security requirements.

• Secure data transmission by using IPSec.

Troubleshoot security for data transmission. Tools might include the IP Security Monitor MMC snap-in and the Resultant Set of Policy (RSoP) MMC snap-in.

Planning, Implementing, and Maintaining Security Infrastructure.
Configure Active Directory directory service for certificate publication.

Plan a public key infrastructure (PKI) that uses Certificate Services.

• Identify the appropriate type of certificate authority to support certificate issuance requirements.

• Plan the enrollment and distribution of certificates.

• Plan for the use of smart cards for authentication.

Plan a framework for planning and implementing security.

• Plan for security monitoring.

• Plan a change and configuration management framework for security.

QUESTION 1
You work as the network administrator at Certkiller .com. The Certkiller .com
network consists of a single Active Directory forest. The functional level of the forest
is set at Windows Server 2003.
The Certkiller .com network contains a file server named Certkiller -SR07 that hosts a shared folder in a child domain in Certkiller .com’s forest.
Certkiller .com has a sister company that has its own Active Directory forest.
You need to ensure that users, who belong to a child domain in the sister company’s Active Directory forest, are provided with access to the shared folder in the child domain in Certkiller .com’s Active Directory forest. You also need to ensure that
these users are unable to access any other resources in Certkiller .com’s forest. What should you do?

A. You have to create an external trust, and configure it with the selective authentication option.
B. You have to create a forest trust, and configure it with the domain-wide authentication option.
C. You have to create an external trust, and configure it with the domain-wide authentication option.
D. You have to create a forest trust, and configure it with the selective authentication option.
Answer: A Explanation:
An external trust is always nontransitive, and can be either one-way or two-way. This type of trust is used to create a relationship between a Windows Server 2003 domain and one running Windows NT 4.0. It can also be used to connect two domains that are in different forests, and don’t have a forest trust connecting them.
In this scenario, you have to create outgoing external trust from the domain where the file server is located to the sister company’s domain where the users require
access to a resource in Certkiller .com’s forest. This will allow users from the sister company’s domain to authenticate directly to Certkiller .com’s resource domain. Selective authentication allows users from a trusted domain to authenticate only to those resources to which they are explicitly allowed to authenticate.
Incorrect Answers:
B, D: A forest trust is appropriate when users from multiple domains in one forest require access to resources in multiple domains in another forest.
C: Configuring Domain-wide authentication would provide users from trusted domains the same level of access to local resources that local users have.

QUESTION 2
You work as the network administrator at Certkiller .com. The Certkiller .com network consists of a single Active Directory domain named Certkiller .com. All servers on the Certkiller .com network run Windows Server 2003 and all client

computers run Windows XP Professional.
A new Certkiller .com security policy requires that all user passwords expire every 45 days. You configure a password policy that meets this requirement in a new Group Policy object (GPO) linked to the Certkiller .com domain. Users are now prompted to change their passwords on a regular basis.
While performing a maintenance procedure on a domain controller three months later, you restart the domain controller in Directory Services Restore Mode
(DSRM) and discover that the old administrative password still works.
You need to ensure that DSRM password is changed on this domain controller. What should you do?

A. You have to configure the password policy in the Default Domain Controllers Policy
GPO in normal mode.
B. You should reset the password for the local Administrator account in normal mode using
Computer Management.
C. You have to configure the password policy in the Default Domain Policy GPO in normal mode.
D. You should reset the DSRM password in normal mode using the Ntdsutil utility. Answer: D
Explanation: DSRM is a special mode in which a domain controller is started as a stand alone server, and the Active Directory service is not activated. DSRM is used
to troubleshoot or perform maintenance on the Active Directory database. During Active Directory installation, an administrator can stet a password that a user must provide in order to log on to the computer in DSRM. To reset this password, you
can use the Ntdsutil utility when the domain controller is operating in normal mode. The DSRM password cannot be reset when a computer is started in DSRM.
Incorrect Answers:
A, C: Password policies that are configured in GPOs cannot be used to specify passwords and do not affect DSRM passwords on domain controllers.
B: No local user accounts exist on domain controllers, so the Local Users and Groups node will not appear in the Computer Management console on a domain controller.

QUESTION 3
You work as the network administrator at Certkiller .com. The Certkiller .com network consists of a single Active Directory domain named Certkiller .com. The Certkiller .com network contains a Windows Server 2003 computer named
Certkiller -SR03 that hosts Certkiller .com’s public Web site and runs IIS 6.0. After
Certkiller .com decides to implement a new ASP.NET-based application on the public Web site, you install the application on Certkiller -SR03.
When you open Internet Explorer on your client computer, named
Certkiller -WS007, and enter the URL for the new application, you are presented with an error message stating that the required page cannot be found.
You need to ensure that the new ASP.NET-based application works properly. What should you do?

A. You need to enable support for Active Server Pages.
B. You should assign the proper permissions to the Authenticated Users group for the new application.
C. You must install a server certificate from your corporate certification authority. D. You need to enable only the required Web service extensions.

Answer: D

Explanation: Internet Information Services (IIS) in Windows Server 2003 can, by default, serve only static HTML content. Support for Active Server Pages (ASP), ASP.NET, Background Intelligent Transfer Service (BITS), Internet Data
Connector (IDC), Internet Printing, Server Side Includes (SSI) and Web
Distributed Authoring and Versioning (WebDAV) are disabled by default. HTTP error 404 “Page not found” is returned if a page that contains dynamic content is requested. To configure IIS to serve dynamic content, you have to enable support for the appropriate Web service extensions in IIS Manager. In this case, the ASP.NET Web service extensions are required.
Incorrect Answers:
A: Since ASP and ASP.NET are different, you do not need to enable support for ASP
unless another Web application requires it.
B: It is unlikely that the Authenticated Users group needs to be assigned any
permissions in order to enable access to the new application because public Web sites typically allow anonymous access.
C: The scenario does not state that the new application requires a certificate for SSL encryption or for another purpose, and even if it did, a certificate issued by your corporate CA would not be trusted by the general public.

QUESTION 4
You work as the network administrator at Certkiller .com. The Certkiller .com network consists of a single Active Directory domain named Certkiller .com. All servers on the Certkiller .com network run Windows Server 2003 and all client computers run Windows XP Professional.
The Certkiller .com network contains a domain controller named Certkiller -DC01. When you access the Security Configuration and Analysis (SCA) MMC snap-in to analyze Certkiller -DC01’s security settings, you are able to view the information shown in the following excerpt from the Security Configuration and Analysis (SCA) database log file.
Exhibit

pass4sure 70-293
Questions and Answers : 129 Q & A + 4 labs Expected Date: October 22nd , 2008 Price: $129.99 $89.99 Pre-Buy price: $62.99 Save $27

Free download:pass4sure Mcse 2003 70-293 v2.93
Free download:testking Mcse 2003 70-293 v2.93

PassGuide provides high-quality test materials, for example, Cisco CCNA CCNP CCIE, Comptia A + NETWORK + Security +, Juniper jncia, jncis, Vmware VCP-410,certification practice exams and so on.We are committed to give full refund to candidates if they fail the exam with use of our products.And we are confident to make such a guarantee. Buy Best Practice Exam,high-quality ,100% Guarantee ,Pls contact me,Mail:Sales@passguide.com

P4S Free Downloads

Type	Exam Braindumps	New Questions & Answers	Latest Updated	Available link
	All Pass4sure's Exam Pack	858	1 days ago	Download Free Testing Engines

PassGuide Braindumps-Free Test king Help You Quick Pass Any it Certifications Exams

Click links: www.testking.la/braindumps/free/down/crack/all/testking