70-293 Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure Certification Boot Camp

Microsoft ™

70-293 Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Note 1: 70-293 Exhibit and all related diagrams are not shown in demo questions.
Note 2: 70-293 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.

Demo Question 19.

You work as the network administrator at EliteCertify.com. The EliteCertify.com network consists of a single Active Directory domain named EliteCertify.com. All servers on the EliteCertify.com network run Windows Server 2003 and all client computers runs Windows XP Professional. The EliteCertify.com written security policy does not allow unsecure data communication between client computers and server computers. IPSec is used to secure all data transmissions between client computers and servers. While monitoring network traffic, you notice that no secure data communications are occurring between client computers and a few file server computers. You suspect that the recently configured and applied IPSec policies have configuration errors, which resulted in the EliteCertify.com written security policy not being enforced. You must immediately ensure that the requirements stipulated in the EliteCertify.com written security policy are enforced. You want to reconfigure any IPSec policy that is incorrectly configured. You want to apply any reconfigured IPSec policies immediately to the misconfigured server computers. What should you do?

A. Use the netsh command to configure the IPSec policy as Dynamic.
B. Use the netsh command to configure the IPSec policy as Static.
C. In the Default Domain Policy GPO, assign the IPSec policy.
D. Change the startup type of the IPSec service to Manual.

Display Answer

Purchase Full Version:

70-293 Printable PDF Prep Guide $49.95 BUY NOW!

70-293 Test Simulation Engine $69.95 BUY NOW!

70-293 PDF & Test Simulation Engine $99.95 BUY NOW!

Answer: A

Explanation: In Windows Server 2003, the netsh command-line utility replaces the previously used Ipsecpol.exe command-line utility. You can use the netsh command-line utility to view information on IPSec policies, configure startup security for computers, configure default traffic exemptions, enable IPSec driver event logging, and troubleshoot IPSec configuration. The current (active) IPSec policy configuration is affected by the netsh ipsec dynamic mode commands, which means that the IPSec dynamic mode commands directly change security policy settings in the security policy database. Incorrect answers: B. The netsh ipsec static mode commands are used to perform the same management tasks as is available in the IP Security Policy Management snap-in. You can create IPSec policies, edit existing IPSec policies, and assign IPSec policies. However, the active IPSec policy configuration remains unchanged, which means that your changes are not immediately updated in the security policy database. C. If you apply the IPSec policy in the Default Domain GPO, then the security policy settings will be applied to all computers that belong to the EliteCertify.com domain. The question states that you want to apply any reconfigured IPSec policies immediately to the misconfigured server computers. D. If you change the startup type of the IPSec service to Manual, you would have to manually start the IPSec service whenever you restart a member server that has IPSec policies applied.

<< >>
Previous 10 11 12 13 14 15 16 17 18 19 20 Next 10

Based on the latest 70-293 exam objectives!
Designed like actual 70-293 exam questions!
100% Verified Realistic 70-293 Exam Questions and Answers!
Exhibits, Drag&Drop and Simulation 70-293 Questions Included!
Constantly Updated Guide to Reflect the Current 70-293 Exams!
Detailed Explanations for Most Guide Practice Exams!