Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
CWNP exams CWNP
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
GIAC exams GIAC
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
ISEB exams ISEB
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Microsoft 70-350 Exam - Cheat-Test.com

Free 70-350 Sample Questions:

1. You are a network administrator for your company. You plan to implement ISA Server 2004 as a SecureNAT firewall for client computers on the network. The implementation will consist of a Windows Server 2003 Network Load Balancing cluster.
External client computers that connect to resources published by ISA Server must be load balanced across the Network Load Balancing cluster when they connect by using DNS.
You need to plan the external DNS implementation before you deploy ISA Server 2004. What should you do?
A. Create three service locator (SRV) resource records.
Configure each record to use the _HTTP service and to reference the IP address of one of the internal interfaces of the Network Load Balancing cluster nodes.
B. Create three host (A) resource records.
Configure each record with the IP address of one of the external interfaces of the Network Load Balancing cluster nodes.
C. Create one host (A) resource record.
Configure the record with the virtual IP address that is assigned to the external interface of the Network Load Balancing cluster.
D. Create one host (A) resource record.
Configure the record with the virtual IP address that is assigned to the internal interface of the Network Load Balancing cluster.
Answer: C

2. You are a network administrator for your company. The company has a main office and three branch offices.
You are planning to deploy ISA Server 2004 in the branch offices to provide users with access to the Internet. The ISA Server computers will be configured as stand-alone servers. The Firewall Client installation share will be placed on an existing file server in each branch office.
You install Windows Server 2003 on the computers that will run ISA Server 2004. You need to configure additional security for the ISA Server computers.
What are three possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose three.)
A. Grant the Allow log on locally right to only the Administrators group.
B. Disable the external network adapter.
C. Enable the Secure Server (Require Security) IPSec policy.
D. Disable the Server service.
E. Remove all users from the Access this computer from the network right.
Answer: A, D, E

3. You are the network administrator for your company. The company has a main office, two branch offices, and one research office. An ISA Server array is configured for each of these three offices. All arrays are members of the same ISA Server 2004 enterprise.
A Configuration Storage server is located in the main office. Replica Configuration Storage servers are located in each branch office. Administrators at the main office administer the enterprise settings and the main office array. The administrators at each branch office administer the arrays at their respective branch offices.
You need to install a new ISA Server array in the research office. You need to ensure that only research office administrators can manage access rules that affect client computers in the research office.
What should you do?
A. Configure a replica Configuration Storage server. Assign the research office administrators the ISA Server Array Administrator role.
B. Configure a new array in the existing enterprise. Assign the research office administrators the ISA Server Array Administrator role.
C. Configure a new array in the existing enterprise. Assign the research office administrators the ISA Server Enterprise Administrator role.
D. Configure a new Configuration Storage server in the research office. Configure it as a new enterprise. Assign the research office administrators the ISA Server Enterprise Administrator role.
Answer: D

4. You are a network administrator for your company. The network is configured as shown in the exhibit. (Click the Exhibit button.)
You are upgrading the Routing and Remote Access servers to ISA Server 2004. You need to configure the Internal network.
You need to create access rules that are specific for each subnet.
Which three IP address ranges should you use? (Each correct answer presents part of the solution. Choose three.)
A. 10.0.25.1 – 10.0.25.255
B. 172.16.1.0 – 172.16.1.255
C. 172.16.2.0 – 172.16.2.255
D. 172.16.10.0 – 172.16.10.255
E. 192.168.1.0 – 192.168.255.255
Answer: E, F, G

5. You are the network administrator for your company. The network contains an ISA Server 2004 computer named ISA1. ISA1 is connected to the Internet.
All client computers run Windows XP Professional. All client computers are configured as SecureNAT clients and require access to the Internet.
Client computers in the marketing department are located in an organizational unit (OU) named Marketing_Computers.
An external partner company hosts a custom marketing application named Webapp. Webapp uses SSL and TCP port 3333.
You create a security group named Marketing for the marketing department. You add the users in the marketing department to the Marketing group. You create an access rule to allow TCP port 3333 for only the users in the marketing department.
Members of the Marketing group report that they cannot connect to Webapp.
You need to ensure that only users in the marketing department can connect to Webapp. What should you do?
A. Enable the Firewall Client installation configuration group on ISA1. Add the marketing client computers to the list of trusted computers.
B. Use Group Policy to assign the MS_FWC.msi file to the client computers in the Marketing group.
C. Enable Web Proxy client support on the Local Host network. Enable SSL listening on port 8443.
D. Configure the Internal network on ISA1 to require authentication for all users. Enable SSL certificate authentication on the Internal network.
Answer: B

6. You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains an ISA Server 2004 computer named ISA1. Client computers on the network consist of Windows 98 computers, Windows XP Professional computers, UNIX workstations, and Macintosh portable computers.
You configure ISA1 by using the Edge Firewall network template. You manually configure ISA1 with access rules to allow HTTP and HTTPS access to the Internet. You configure ISA1 to require all users to authenticate.
You need to provide Internet access for all client computers on the network while preventing unauthorized non-company users from accessing the Internet through ISA1. You also want to reduce the amount of administrative effort needed when you configure the client computers.
What should you do?
A. Configure all client computers as Web Proxy clients. Configure Basic authentication on the Internal network.
B. Configure all client computers as Web Proxy clients. Configure Basic authentication on the Local Host network.
C. Configure all client computers as SecureNAT clients. Configure Basic authentication on the Internal network.
D. Configure the Windows-based computers as Firewall clients. Configure the non-Windows-based computers as Web Proxy clients. Configure Basic authentication on the Local Host network.
Answer: A

7. You are the network administrator for your company. The network consists of a single Active Directory domain. All client computers run either Windows 2000 Professional or Windows XP Professional. All client computers are members of the domain. Users on the network use an IP-based client/server application on a server named Server1 to record company data.
To increase network security, you install ISA Server 2004 on a computer named ISA1. ISA1 connects to the Internet. You configure automatic discovery on the network. You configure client computers as SecureNAT clients. You verify that client computers can use the application on Server1.
You then distribute the Firewall Client software to all client computers by using Group Policy. Users now report that they cannot use the application on Server1.
You need to configure client computers on the network to allow the application on Server1 to function properly. Your solution must not affect other applications.
What should you do?
A. Configure a Wspcfg.ini file.
B. Configure an Application.ini file.
C. Configure the Management.ini file.
D. Configure the Common.ini file.
Answer: B

8. You are the network administrator for Contoso, Ltd. The network consists of a single Active Directory domain named contoso.com. The network contains an ISA Server 2000 computer named ISA1.
All client computers have the ISA Server 2000 Firewall Client software installed. Client computers are configured to use an internal DNS server. Two Windows Server 2003 computers named App1 and App2 run a Web-based application that is used to process company data.
You configure ISA1 with protocol rules to allow HTTP, HTTPS, RDP, POP3, and SMTP access. The list of domain names available on the Internal network on ISA1 contains the following
entries:
•*.south.contoso.com
•*.north.contoso.com
•*.east.contoso.com
•*.west.contoso.com
You perform an in-place upgrade of ISA1 by using the ISA Server 2004 Migration Tool. When you use Network Monitor on ISA1, you discover that client requests for App1 and App2 are being passed through ISA1.
You need to provide a solution that will allow clients to directly access company data on App1 and App2.
What should you do?
A. Create and configure HTTP, HTTPS, RDP, POP3, and SMTP access rules on ISA1.
B. Configure an Application.ini file on the client computers.
C. Redeploy the ISA Server 2004 Firewall Client software by distributing it to the client computers by using Group Policy.
D. Add app1.contoso.com and app2.contoso.com to the list of domain names available on the Internal network on ISA1.
Answer: D

9. You are the network administrator for your company. The network contains two ISA Server 2004 computers named ISA1 and ISA2.
The company has a main office and one branch office. The main office connects to the branch office over a dedicated 56-Kbps frame relay WAN link. A client computer named Client2 in the branch office connects to the main office through ISA2.
Two computers in each office are configured as shown in the following table.

Name
Internal IP address
Default gateway
Client1
10.10.10.123/24
10.10.10.1
Client2
172.16.100.114/24
172.16.100.1
ISA1
192.168.100.1/24
?
ISA2
172.16.1.1/24
?

Users of Client1 and Client2 report that they cannot connect to the Internet. Client2 can connect
to the main office network.
You want to maintain a high level of security on the external network adapter on ISA1 and on ISA2.
You need to verify connectivity to ISA1 from either Client1 or Client2. What should you do?
A. Configure Client1 with the default gateway IP address of the internal network adapter of ISA1. Issue the ping command to 192.168.100.1 from Client1.
B. Configure Client2 with the default gateway IP address of the internal network adapter of ISA2.
Issue the tracert command to 172.16.1.1 from Client2.
C. Edit the Diagnostic Services ICMP configuration group on ISA1 by adding the main office network as a destination network.
Issue the pathping command to 192.168.100.1 from Client1.
D. Edit the Remote Management ICMP (PING) configuration group on ISA1 by adding Client1 to the Remote Management Computers computer set.
Issue the ping command to 192.168.100.1 from Client1.
Answer: D

10. You are the network administrator for your company. The network contains a single ISA Server 2004 computer named ISA1. All Internet access for the local network occurs through ISA1.
The network contains a Web server named Server1. Server1 is configured as a SecureNAT client.
A Web application runs on Server1 that communicates with an external Web site named www.contoso.com.
You configure ISA1 with two access rules for outbound HTTP access. The rules are named HTTP Access 1 and HTTP Access 2.
HTTP Access 1 is configured to use the All Authenticated Users user set as a condition. HTTP Access 2 is configured to use the All Users user set as a condition, and it restricts outbound HTTP traffic to the IP address of Server1.
You verify that users can access external Web sites. However, you discover that the Web application cannot access www.contoso.com.
You need to allow the Web application to use anonymous credentials when it communicates with www.contoso.com. You also need to require authentication on ISA1 for all users when they access
all external Web sites.
What should you do?
A. On Server1, configure Web Proxy clients to bypass the proxy server for the IP address of the server that hosts www.contoso.com.
B. On ISA1, add the fully qualified domain name (FQDN) www.contoso.com to the list of domain names available on the Internal network.
C. On ISA1, disable the Web Proxy filter for the HTTP protocol.
D. Modify the order of the access rules so that HTTP Access 2 is processed before HTTP Access 1.
Answer: D

11. You are a network administrator for your company. The network contains an ISA Server 2004 computer named ISA1. ISA1 is configured to allow users in the sales department access to resources on the Internet.
Users in the marketing department also want access to resources on the Internet. You add a new network and computers for the marketing department. You install the Firewall Client and
configure the Web Proxy client on all computers in the new network.
The company’s network is configured as shown in the exhibit. (Click the Exhibit button.)
Users in the marketing department report that they cannot access resources on the Internet. You verify that users in the sales department and the internal servers can still access resources on the Internet.
You need to ensure that users in the marketing department can access resources on the Internet. What should you do?
A. Configure the marketing computers to use 192.168.0.1 as the default gateway.
B. On ISA1, add a static route for the 192.168.2.1 network.
C. On ISA1, add a network object for the marketing department.
D. Configure the DNS settings of the marketing computers to use a DNS server that can resolve Internet names.
Answer: B

12. You are the network administrator for Contoso, Ltd. The network contains an ISA Server 2004 computer named ISA1, which controls access between three segments on the network. The network is configured as shown in the exhibit. (Click the Exhibit button.)
A network address translation (NAT) relationship exists from the Internal network to the perimeter network. A Windows Server 2003 computer named DNS1 functions as a DNS server.
Web Proxy clients can access Web sites on the Internet. However, when SecureNAT clients try to access hosts on the Internet, they receive the following error message: “Cannot find server or DNS error.”
You need to ensure that SecureNAT clients can perform DNS name resolution correctly for hosts on the Internet. You also need to ensure that DNS name resolution is optimized for Active Directory.
First, from a SecureNAT client, you run the nslookup command and set the default server to
172.16.0.11. From the Nslookup console, you are able to query name server (NS) resource records on the Internet.
What should you do next?
A. On ISA1, replace the DNS server publishing rule with an equivalent access rule.
B. On ISA1, change the NAT relationship between the perimeter network and the Internal C. network to a route relationship.
C. On AD1, delete the .(root) zone and then disable recursion.
D. On DNS1, remove the forwarding configuration and add a .(root) zone.
Answer: C


© 2014 Cheat-Test.com, All Rights Reserved