Microsoft 70-291 actual exam test

Posted on February 27th, 2009

Foley is planning the phased deployment of a new service pack for Windows XP Professional across the A. Datum Corporation organization. A. Datum Corporation has 700 users whose accounts are all contained within the default Users container of Active Directory directory service.  70-291 70-293  70-620  000-078 The 700 computer accounts of the systems that these users use are located in the default Computers container. The users are divided into four domain global security groups. The Engineers group has 400 members, the Sales group has 150 members, the Secretarial group has 100 members, and the Management group has 50 members. Employees at A. Datum Corporation use their own workstations. 70-272  70-444  70-284 70-298In consultation with management, Foley has decided to split the deployment of the service pack into four phases. These phases are as follows:

Phase One: 200 members of the Engineers group

Phase Two: The rest of the Engineers group

Phase Three: Sales group and Secretarial group

Phase Four: Management group

Which of the following plans would allow Foley to carry out this phased deployment plan with the minimum of administrative effort?

Create two new global security groups: ENG-PH1 and ENG-PH2. Create a GPO that assigns the service pack in the Computer Configuration\Software Settings\Software Installation node. For Phase One, apply this GPO to the ENG-PH1 group. For Phase Two, apply this GPO to the ENG-PH2 group. For Phase Three, apply this GPO to the Sales and Secretarial groups. For Phase Four, apply this GPO to the Managers group.

Create two new global security groups: ENG-PH1 and ENG-PH2. Create a GPO that assigns the service pack in the User Configuration\Software Settings\Software Installation node. For Phase One, apply this GPO to the ENG-PH1 group. For Phase Two, apply this GPO to the ENG-PH2 group. For Phase Three, apply this GPO to the Sales and Secretarial groups. For Phase Four, apply this GPO to the Managers group.  HP0-A01  70-643  70-270 

Create four new global security groups: Phase1, Phase2, Phase3, and Phase4. Add the computer accounts for the systems that the first 200 groups of engineers use to the Phase1 group. Add the computer accounts for the rest of the engineers’ systems to the Phase2 group. Add the computer accounts for the systems that the sales and secretarial groups use to the Phase3 group. Add the computer accounts for the systems that the managers use to the Phase4 group. Create a GPO that assigns the service pack in the User Configuration\Software Settings\Software Installation node. Assign this GPO to the default Users container, but in the Group Policy properties make sure that the Authenticated Users group does not have the Read and Apply Group Policy Allow check boxes checked. For each phase, add a security group and assign the Read and Apply Group Policy (allow) permission.  70-294   70-445  70-290  70-431

Create four new global security groups; Phase1, Phase2, Phase3, and Phase4. Add the computer accounts for the systems that the first 200 groups of engineers use to the Phase1 group. Add the computer accounts for the rest of the engineers’ systems to the Phase2 group. Add the computer accounts for the systems that the sales and secretarial groups use to the Phase3 group. Add the computer accounts for the systems that the managers use to the Phase4 group. Create a GPO that assigns the service pack in the Computer Configuration\Software Settings\Software Installation node. Assign this GPO to the default Users container, but in the Group Policy properties make sure that the Authenticated Users group does not have the Read and Apply Group Policy Allow check boxes checked. For each phase, add a security group and assign the Read and Apply Group Policy (allow) permission.

Create four new organizational units called Phase1, Phase2, Phase3, and Phase4. Move the computer accounts for the systems that the first 200 engineers use to the Phase1 OU. Move the rest of the engineers’ computer accounts to the Phase2 OU. Move all the computer accounts for the systems that the Sales and Secretarial group use to the Phase3 OU. Move all of the computer accounts for the systems that the managers use to the Phase4 OU. Create a new GPO named XPSP_DEPLOY. Configure the GPO so that it assigns the Windows XP service pack in the Computer Configuration\Software Settings\Software Installation node. For phase one, assign the XPSP_DEPLOY GPO to the Phase1 OU. For phase two of the deployment, assign the XPSP_DEPLOY GPO to the Phase2 OU. For phase three, assign the XPSP_DEPLOY GPO to the Phase3 OU. To finalize the deployment, assign the XPSP_DEPLOY GPO to the Phase4 OU.
Correct Answers: E

Filed under Uncategorized | No Comments »

Cisco 642-481 APE for Validating Knowledge

Posted on February 26th, 2009

The type of security that a computer running Windows Server 2003 642-524 requires is highly dependent on the role that the server performs. Each type of server has a different set of security requirements specific to its role. The requirements for a domain controller are significantly different from those of an Internet Authentication Server.70-630  Similarly, the security requirements of a computer running Microsoft Exchange Server 2003 are very different from those of a server running Internet Information Services. Objective 1.1 in the 70-299 exam involves planning security templates based on the role a server has. The server roles that can be tested in the exam include Exchange Server 2003, 70-652 domain controllers, Internet Authentication Service, and Internet Information Services servers. You may be asked in the exam to differentiate which type of template is appropriate for a particular server, so knowing the security needs of each of these systems is a vital step in your exam preparation. These security needs are highly dependent on the services provided.000-061

Security templates are text files that store policy settings from the Security node in an Active Directory Group Policy. These text files can be imported and applied to GPOs, altering the settings in the GPO to conform to a particular security standard. 642-691 Because they are text files, security templates are often far easier to manipulate than GPOs.

Security templates can be edited in two ways. The first is by using the Security Template snap-in of the Microsoft Management Console. HP0-J23 This method is the simplest way to edit the templates because it displays them in a form that is similar to that of the Group Policy Editor. Because security templates are stored in text file format, you can also edit security templates by using a text editor such as Notepad. 642-481 This method is far more complicated and requires detailed knowledge of the security template syntax. Unless there is a compelling reason to do so, use the Security Template snap-in, because editing by using Notepad might lead to inadvertent errors in a template which, when applied, could make a system insecure.

After a security template is created, 70-640 it must be deployed before it can have any influence on the security configuration of a system. Security templates are generally deployed by importing them into a Group Policy object. Once they have been imported into a Group Policy object, that Group Policy object can then be applied to sites, domains, and organizational units. n10-003 Security templates can also be deployed by importing them into local Group Policy objects on standalone systems that are not a part of the domain. This can be done by editing the local Group Policy object (gpedit.msc) or by importing the template using the secedit command. 350-030

The principles involved in deploying a security template across a domain are similar to the principles involved in deploying Group Policy objects. In general, 000-210 deployment should be as specific as possible. Grouping target systems into organizational units or sites is far preferable to deploying GPOs with security templates applied at the domain level. This way only the systems that are the targets of these policies will have to process them, and systems for which the policies are not relevant will not be delayed. 350-018 The more Group Policy settings that are applied within a domain to all machines, the longer those machines take during startup and logon to process all of the policies to reach a final configuration.

Filed under Uncategorized | No Comments »

Pass4sure 000-061 IBM NEDC Technical Leader

Posted on February 24th, 2009

In your Windows Server 2003 350-030 functional level domain CONTOSO.COM, you have a domain global group named SUPERUSERS. A security template has been configured that specifies the membership of the SUPERUSERS group as Rooslan, Oksana, Kasia, Shan, and Mick. This security template also assigns the SUPERUSERS group a large number of administrative rights. 350-018 This security template has been imported into a GPO that is applied at the domain level and has been running perfectly for the past week. Today you get a call from your junior administrator who believes that he might have accidentally added the user accounts of Orin and Laherty to the SUPERUSERS group through the Active Directory Users and Computers console on the domain controller. You log on to the domain controller to check, and indeed these accounts have been added to the SUPERUSERS group. 642-481 Which of the following steps should you take to most easily return the membership of the SUPERUSERS group to the original five users listed in the restricted groups policy as quickly as possible?

1. From the command prompt on the domain controller, issue the GPUPDATE/FORCE command.

2. Delete Orin, Laherty, and Mick’s user accounts from the membership of the SUPERUSERS group.

3. Remove the GPO that is applied to the domain. Import the new security template into the Default Domain Policy GPO. MB6-817

4. Import the new security template back into the GPO that is applied to the domain.

5. From the command prompt on the domain controller, issue the SECEDIT/REFRESHPOLICY command.

   Correct Answers: A

   1. Correct When the membership of a restricted group is altered manually by someone adding new members to the group, those members will remain until a policy update is forced. You can accomplish this instantly by running 000-061 a GPUPDATE /FORCE from the command prompt. After this is done, the group membership will be returned to its proper state.

   2. Incorrect This will not solve the problem. Mick’s user account is also supposed to be a part of the SUPERUSERS group.

   3. Incorrect This step is not necessary; on the next Group Policy update the membership of the group will be returned to its proper state.  642-691

   4. Incorrect This will not change anything; the GPO already has the correct security settings. The membership of the group will be returned properly when the next Group Policy update occurs.

   5. Incorrect Although this technique would have worked with Windows 2000, in Windows Server 2003 SECEDIT /REFRESHPOLICY has been replaced by the GPUPDATE command.

Filed under Uncategorized | No Comments »

Pass4sure Microsoft 70-630 practice testing

Posted on February 23rd, 2009

You have received a security template from your organization’s security administrator. It defines a password policy and an account lockout policy for all users in the domain. n10-003 The password policy enforces a maximum password age of 21 days and a minimum password age of 7 days, and the password complexity requirements are enforced. The account lockout duration is set to 60 minutes, and the account lockout threshold is set to 5 invalid logon attempts. 70-630 Which of the following methods describes the best way to deploy this security template? 350-030

1. Edit the Default Domain Controller Policy and import the new security template.

2. Create a new GPO. Import the new security template. Apply the GPO to the Users container in Active Directory Users and Computers.

3. Create a new GPO. Import the new security template. Apply the GPO to the EVERYONE group in Active Directory Users and Computers. HP0-J23

4. Create a new GPO. Import the new security template. Apply the GPO to the Computers container in Active Directory Users and Computers.

   Correct Answers: A

   1. Correct Account lockout and password policies must 642-524 be applied at the domain level. This is best done by importing the security template into the Default Domain GPO. Importing this template into the Default Domain Controller policy will have no influence on the password and account lockout policies for users in the domain.70-652

   2. Incorrect Group Policy objects cannot be applied to the Users container in Active Directory Users and Computers. Account lockout and password policies must be applied at the domain level. This is best done by importing the security template into the Default Domain 350-018 GPO.

   3. Incorrect Group Policy objects cannot be applied to security groups.

   4. Incorrect Group Policy objects cannot be applied to the Computers container in Active Directory Users and Computers. Account lockout and password  70-630 policies must be applied at the domain level. This is best done by importing the security template into the Default Domain GPO. n10-003

Filed under Uncategorized | No Comments »

000-210 IBM Storage Networking Solutions Version 4

Posted on February 21st, 2009

n10-003 Rooslan is planning on installing a new Windows Server 2003 system that will run Microsoft SQL Server 2000. At the time he is performing the installation, Windows Server 2003 has one service pack released and six relevant hotfixes. 70-652  SQL Server 2000 is up to Service Pack 3 and has five relevant hotfixes. Of the options listed, which represents the best way for Rooslan to install the server software, the service packs, and the hotfixes? HP0-J23

1. Rooslan should install in the following order: Windows Server 2003; Windows Server 2003 Service Pack 1; all six relevant Windows Server 2003 hotfixes; the five relevant SQL Server 2000 hotfixes; SQL Server 2000. 70-640

2. Rooslan should install in the following order: Windows Server 2003; SQL Server 2000; Windows Server 2003 Service Pack 1; SQL Server 2000 Service Pack 1; SQL Sever 2000 Service Pack 2; SQL Server 2000 Service Pack 3; the five SQL Server 2000 hotfixes; the six Windows Server 2003 hotfixes. 642-524

3. Rooslan should install in the following order: Windows Server 2003; SQL Server 2000; Windows Server 2003 Service Pack 1; SQL Server 2000 Service Pack 1; SQL Sever 2000 Service Pack 2; SQL Server 2000 Service Pack 3; five SQL Server 2000 hotfixes; six Windows Server 2003 hotfixes.350-018

4. Rooslan should install in the following order: Windows Server 2003; Windows Server 2003 Service Pack 1; the six Windows Server 2003 hotfixes; SQL Server 2000; SQL Server 2000 Service Pack 3. 70-630

5. Rooslan should install in the following order: Windows Server 2003; Windows Server 2003 Service Pack 1; the six Windows Server 2003 hotfixes; SQL Server 2000; SQL Server 2000 Service Pack 3; the five SQL Server 2000 hotfixes.  n10-003

   Correct Answers: E

   1. Incorrect SQL Server hotfixes should be installed after SQL Server 2000 is installed.

   2. Incorrect If he installs SQL Server Service Pack 3, there is no need to install Service Pack 1 or Service Pack 2 because Service Pack 3 is cumulative and contains all of the fixes from the first two service packs. MB6-817 Also, in this answer he does not install all of the necessary hotfixes for Windows Server 2003.

   3. Incorrect Although this will bring the system up to date, it is not necessary to install SQL Server 2000 Service Pack 1 and Service Pack 2 because Service Pack 3 is cumulative and contains all of the fixes from the first two service packs.000-210

   4. Incorrect This will not install the five relevant SQL Server 2000 hotfixes.

   5. Correct This installs all relevant service packs and hotfixes in a logical way, without the redundancy of installing prior service packs.MB6-817 Before you install software it is wise to check if there is any special install order. Generally with Microsoft this is not a problem, though with some other vendors problems can arise if you do not follow a specific checklist (installing the application before applying the Windows service pack, 70-652 and then patching the application).

Filed under Uncategorized | No Comments »

Pass4sure 640-553 Exam Questions, Your Best Cisco 640-553 Practice Engine

Posted on February 20th, 2009

Cisco 640-553 Certification Exam is an indispensable testing in the IINS Implementing Cisco IOS Network Security.
Pass4sure 640-553 has a comprehensive and systematic practice exam designed by our professional IT team. It helps you to master the knowledge more easily. By using it, we promise you will pass the exam. Otherwise, we have the guarantee policy to protect your interests.
If you are unconfident about our Pass4sure 640-553, you have the right to test it. We have free demo online and free demo download. It’s up to you to choose any one of the two ways to test our product’s quality.
The Pass4sure 640-553 is built up by a team consisted of professional IT experts. It covers all points of the latest exam and the examination points in recent years. So we are sure that it covers all the knowledge points and at least 95% of the exam questions.
Because of its authoritative sources, Pass4sure 640-553 have been approved to be the key material to IT professional career. Only authoritative experts and famous authors have the access to its composition to make sure that its quality and value.
Considering the need of our customers, we offer 7×24 services. We are responsible for all the questions and needs about the Pass4sure 640-553 and we are willing to solve problems related to the technical questions for you. Customers’ satisfaction is what we are pursuing for.
The free demo of Pass4sure 640-553 enables you to make sure the quality and content of our product. It’s up to you to have free demo online or downloaded. Anyway, you can see the epitome of the product you are going to buy, which will make you set your heart at rest.
If you cannot pass the Cisco 640-553 Certification exam at your first try, we will give you 100% REFUND on our Pass4sure 640-553. If you give up the right to get 100% REFUND, you can enjoy two other coordinate exams completely freely provided by Pass4sure. It up to you! In any case, you will get most here.

Relate Exams:
[ 640-816 ] – Interconnecting Cisco Networking Devices Part 2
[ 640-553 ] – IINS Implementing Cisco IOS Network Security
[ 640-801 ] – CCNA
[ 640-802 ] – Cisco Certified Network Associate

Related 640-553 Exam Resources:
[ pass4sure 640-553 exam ] – Pass4sure offers free demo for 640-553 exam questions
[ examdemo 640-553 exam ] – How to get Cisco 640-553 Ceritification
[ pass4sure.biz 640-553 ] – pass4sure Exam Braindump Downloads !
[ realexams 640-553 ] – Real Exam : Cisco 640-553 Exam Prep Questions
[ passforsure.co.uk 640-553 exam ] – Secret to Pass Cisco 640-553 Exam – Pass4sure UK
[ cert4exam 640-553 exam ] – 640-553 Exams Training Materials

Tags: Certification Exam
Filed under Uncategorized | No Comments »

Pass4sure offers free demo for sy0-101 exam questions, latest Security Solutions for Systems Engineers questions and answers the same as CompTIA sy0-101 exam.

Posted on February 20th, 2009

Tags: pass4sure Exam
Filed under Uncategorized | No Comments »

Pass4sure 000-061 IBM certification guides

Posted on February 18th, 2009

The skills that you need to successfully master the Managing and Implementing Disaster Recovery objective domain on Exam 70-299: Implementing and Administering Security in a Microsoft Windows Server 2003 Network include:   000-061  MB6-817  70-640   n10-003   70-652

Prepare to use security templates.

Practice 1: Create an OU structure for the member servers in your organization. Name the parent OU Member Servers. Under Member Servers, create child OUs for File and Print, Web, and Infrastructure servers. Move each specific category of member server into its appropriate OU container. Edit the properties of the OU and add a new GPO. Edit the GPO. Select the Security Settings node under Computer Configuration\Windows Settings. Right-click and note the import command. This is used to import security templates into a Group Policy object.

Practice 2: Create a custom MMC for editing security templates by following these steps: on the Start menu, click Run and then type MMC. On the File menu, 000-210 click Add/Remove Snap-in. Select ADD and select the Security Templates snap-in. Save this console to the desktop as SecurityConsole.msc. You will use this security console in later exercises.

Edit and apply security templates.

Practice 1: Use the security console that you created in a previous exercise to create a new security template that sets the maximum application log size to 16,384 kilobytes and sets the retention method for the application log to “Do not overwrite events (clear log manually).”

Practice 2: Create a new universal group named test-restrict in the domain. Create four new user accounts named alpha, beta, gamma, and delta. 642-481 Create a new security template. Configure the restricted groups option and restrict the membership of the test-restrict group to accounts alpha, beta, and gamma. Save the template. Create a new GPO and apply it to the domain. Import the newly created security template into the new GPO. Run GPUPDATE /FORCE from the command line. HP0-J23 Use the NET GROUP TEST-RESTRICT command from the command line to note the membership of the group. Use Active Directory Users and Computers to add the delta user account to the test-restrict group. From the command line, use the NET GROUP TEST- RESTRICT command again to check group membership. Note the group membership. Now force a policy update by typing GPUPDATE /FORCE from the command line. Perform a final check of the group’s membership by running a NET GROUP TEST-RESTRICT.  MB6-817   642-691  70-652

Filed under Uncategorized | No Comments »

n10-003 CompTIA Network+ Certification Exam

Posted on February 17th, 2009

Neither of these two solutions is perfect. Separating the roles onto physically separate computers requires additional server hardware and systems administration effort.  70-640   n10-003  000-210  HP0-J23   350-030

Using IP filters to create rules that apply different filter actions based on the source IP address does not accommodate the possibility that users can access the file server from an external IP address or attempt to communicate with the mail server from an internal IP address. You could theoretically create IP filters based on the port numbers used by file sharing and messaging protocols, but client computers would only be able to connect to the server as either a file server or a mail server—not as both.

When designing IPSec policies for your organization, follow one guideline before all others: keep it simple. Although you might want to provide different levels of security for different computers, use as few policies as possible to minimize the complexity of your system. A simpler system is less likely to produce problems and is also easier to troubleshoot if it does. You can further simplify the process of deploying IPSec by using the built-in policies: Client, Request Security, and Require Security. These policies have been configured to provide the maximum level of compatibility possible without significantly sacrificing security.  642-524  70-630  MB6-817  350-018

There is a significant limitation to using IPSec to protect communications within a domain: you should not use IPSec and Kerberos authentication between domain members and domain controllers. Establishing an IPSec connection requires sending a request to a domain controller, but if that request requires an IPSec connection to be established, you will never be able to complete the Internet Key Exchange (IKE) negotiation. In addition, no other authenticated connections can be made using other protocols, and no other IPSec policy settings can be applied to that domain member through Group Policy. For these reasons, Microsoft does not support using IPSec for communications between domain members and domain controllers.

There are additional limitations when using IPSec to protect traffic to a cluster. Many clustering and load-balancing services use the same IP address for all nodes in a cluster, which creates incompatibilities with IPSec. Windows Server 2003 IPSec has proprietary extensions that allow it to work with the Windows Server 2003 Network Load Balancing service and Windows Cluster Service. However, support for these extensions does not exist in the current Microsoft Windows 2000 and Windows XP IPSec client implementations, so you will experience some loss of connectivity when you add or remove Windows 2000 cluster nodes.  000-061  642-481  70-652  642-691

Filed under Uncategorized | No Comments »

Pass4sure 70-536 MS.NET Framework 2.0-Application

Posted on February 16th, 2009

Transmission Control Protocol/Internet Protocol (TCP/IP), the protocol suite used by most private networks and the Internet, was not designed for security. In fact, it is extraordinarily vulnerable. 70-649  VCP-310   1z0-264 

Communications are passed between as many as dozens of different network devices, and in the case of the public Internet, the sender of the message has no control over who owns the network equipment that carries the messages. There is ample opportunity for an attacker to eavesdrop on your private communications.

TCP/IP communications are also easy to impersonate and manipulate. When a computer receives a TPC/IP message, the computer has no way of determining whether the IP address in the message is genuine, or whether the message was modified in transit. This makes TCP/IP vulnerable to such attacks as the man-in- the-middle attack, which an attacker can use to compromise private data and user credentials.  642-812   640-863  70-270

Internet Protocol security (IPSec) is a newer protocol suite that works with TCP/ IP to verify the integrity of communications, authenticate computers, and encrypt traffic. When implemented, IPSec dramatically reduces the risk of several common attacks. Microsoft Windows Server 2003, in addition to other recent versions of Microsoft Windows, includes IPSec capabilities. However, understanding, planning, and configuring an IPSec infrastructure is a complex task. This chapter will teach you the fundamentals of IPSec, provide you with information for planning an IPSec deployment, and familiarize you with the tools used to configure IPSec.

Now consider the same scenario with IPSec enabled. In this case, when the server receives the POP3 request from the e-mail client, it will send a message back to the client requesting an IPSec connection. The client will agree, and IPSec will negotiate encryption and integrity protocols. Then IPSec on the client computer will intercept the e-mail client’s network traffic, store it within encrypted IPSec packets, and send the data to the server using TCP/IP. IPSec on the server will receive the packets, decrypt the contents, and pass the e-mail client’s original communication to the e-mail server software.

In this IPSec-enabled scenario, neither the e-mail client nor the e-mail server software is aware that the communications were protected by IPSec. Similarly, routers and firewalls between the client and server cannot modify the communications or extract the user’s credentials. In fact, the routers and firewalls cannot even determine that the user is downloading e-mail, because the POP3 protocol is completely hidden within the IPSec packets.   642-845   70-536  642-825

Filed under Uncategorized | No Comments »