70-293 Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure Testking Exam

Microsoft ™

70-293 Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Note 1: 70-293 Exhibit and all related diagrams are not shown in demo questions.
Note 2: 70-293 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.

Demo Question 6.

You work as the network administrator at EliteCertify.com. The EliteCertify.com network consists of a single Active Directory domain named EliteCertify.com. All domain controllers and servers on the EliteCertify.com network run Windows Server 2003. All client computers run Windows XP Professional. All domain controllers have the DNS service enabled. On the EliteCertify.com network, DNS is configured using a single Active Directory-intergraded zone. There are no secondary DNS zones. The updated EliteCertify.com written security policy includes new requirements that must be implemented to secure all domain controllers. You are responsible for ensuring that these requirements are enforced. You plan to configure an IPSec security policy to secure all domain controllers. To enforce the requirements of the updated EliteCertify.com written security policy, you only include ports in the Permit filter action that are used for Active Directory authentication and replication. You assign the new IPSec security policy for all domain controllers. Users immediately complain that they cannot access any domain controllers. You investigate the issue and discover that no users are able to connect to any domain controllers. You must still enforce the requirements of the updated EliteCertify.com written security policy. What should you do?

A. Include TCP port 53 in the filter with the Permit filter action.
B. Include TCP port 80 in the filter with the Permit filter action.
C. Include UDP port 53 in the filter with the Permit filter action.
D. Include UDP port 137 in the filter with the Permit filter action.

Display Answer

Purchase Full Version:

70-293 Printable PDF Prep Guide $49.95 BUY NOW!

70-293 Test Simulation Engine $69.95 BUY NOW!

70-293 PDF & Test Simulation Engine $99.95 BUY NOW!

Answer: C

Explanation: The issue that you have stems from the domain controllers being unable to respond to DNS name resolution requests from your client computers. DNS name resolution requests are sent to domain controllers through UDP port 53. You must allow traffic to pass through to your domain controllers on UDP port 53 to resolve the existing issue. Incorrect answers: A. While TCP port 53 is used by DNS, DNS uses this port to perform zone transfers. This port is not necessary because the question states that there is a single Active Directory-intergraded zone. B. TCP port 80 does not need to be included in the filter with the Permit filter action because the port is used by clients attempting to connect to a Remote Desktop Web Connection server. D. UDP port 137 is used by the Windows Internet Name Service (WINS). Nothing is mentioned about WINS running on any of your servers.

<< >>
1 2 3 4 5 6 7 8 9 10 Next 10

Based on the latest 70-293 exam objectives!
Designed like actual 70-293 exam questions!
100% Verified Realistic 70-293 Exam Questions and Answers!
Exhibits, Drag&Drop and Simulation 70-293 Questions Included!
Constantly Updated Guide to Reflect the Current 70-293 Exams!
Detailed Explanations for Most Guide Practice Exams!