You are the DNS administrator for TXGlobal, which is headquartered in Dallas and has branch offices in Austin, Houston, San Antonio and El Paso. The headquarters location hosts the parent domain, txglobal.com. Each branch office has

been delegated a child domain. Austin hosts austin.txglobal.com, Houston hosts houston.txglobal.com, San Antonio hosts sanantonio.txglobal.com, and El Paso hosts elpaso.txglobal.com.

The primary DNS server in Dallas is named TXDNS. The primary DNS servers in the branch offices are named AUSDNS, HOUDNS, SADNS and EPDNS. The secondary DNS servers in the branch offices are named AUSDNS-2, HOUDNS2, SADNS-2, and EPDNS-2.

To increase fault tolerance, you want to add another secondary DNS server in each location. The new DNS servers will be named AUSDNS-3, HOUDNS-3, SADNS-3, and EPDNS-3. You want TXDNS to be aware that the new servers are

authoritative for their respective zones.

Which server or servers should host one or more stub zones?

A. AUSDNS, HOUDNS, SADNS and EPDNS

B. AUSDNS-3, HOUDNS-3, SADNS-3 and EPDNS-3

C. all of the DNS servers within the child domains

D. TXDNS

You are your company's network administrator. The network consists of a single subnet. All servers run Windows Server. The network is connected to the Internet through a private WAN link. A computer named Server1 provides Internet

access for the network. Server1 is equipped with two NICs, and Internet Connection Sharing (ICS) is enabled on the NIC that is connected to the Internet.

Your company employs several telecommuters who work from their homes. The remote employees require some files that contain information about the company's business operations. Those files are updated on a daily basis. To provide the

remote employees with those files, you set up an FTP site on a computer named FTPSrv.

You must ensure that the users on the corporate network can access Internet Web sites and that the remote employees can download the necessary files from FTPSrv. The corporate network must be protected against possible Internet-

based attacks. Access to the corporate network from the Internet must be restricted to only the FTP site on FTPSrv.

What should you do?

A. On FTPSrv, enable Internet Connection Firewall, and specify that FTP traffic be allowed to pass to FTPSrv.

B. On Server1, enable Internet Connection Firewall, and specify that FTP traffic be allowed to pass to FTPSrv.

C. Configure Server1 to use IPSec for all communications on the NIC that is connected to the Internet.

D. On Server1, enable Internet Connection Firewall, and configure it to allow only HTTP and FTP traffic to pass to the corporate network.

You work as the network administrator at ABC.com. The ABC.com network consists of a single Active Directory domain named ABC.com. The servers at the ABC.com network run Windows Server and the workstations, Windows XP

Professional.

The ABC.com network has a DNS server named ABC-SR03 that does name resolution for host on the Internet. ABC.com users complain that they do not get the correct site when trying to access Web site known to them.

What actions must you take to stop this from happening without disrupting production?

A. You should restart the DNS Server service.

B. You should select the Secure cache against pollution setting.

C. You should run the ipconfig/flushdns on ABC-SR03.

D. You should run the ipconfig/registerdns on ABC-SR03.

You work as the network administrator at ABC.com. The ABC.com network has a domain named ABC.com. The servers at the ABC.com network run Windows Server and the workstations, Windows XP Professional.

The ABC.com network has two servers, named ABC-SR30 and ABC-SR31, which contain file with sensitive company information. You create a new OU named SenSrv and move ABC-SR30 and ABC-SR31 to the new OU. You then create a

new GPO that and configure it to encrypt all network connections. You then link the GPO to the SenSrv OU.

How would you check to see if encrypted connections to ABC-SR30 and ABC-SR31 are taking place?

A. By opening the Resultant Set of Policy console.

B. By running the Microsoft Baseline Security Analyzer (MBSA).

C. By applying the hisecdc.inf predefined security template.

D. By opening the IP Security Monitor console.

You are working as an administrator for ABC.com. The network consists of a single Active Directory domain named ABC.com. All server run Windows Server and all client computer run Windows XP Professional.

The ABC.com departments are organized into organizational units (OUs). The Administration OU is named ABC_ADMIN, and the Sales OU is named PABC_SALES. All file servers for all departments are located in their respective OUs. The ABC_SALES OU is a child OU of the ABC_ADMIN OU. A new ABC.com written security policy states that servers in the ABC_ADMIN OU should be highly secure. All communications with ABC-ADMIN servers should be encrypted. The security policy also states that auditing should be enabled for

file and folder deletion on Sales servers. Communications with the Sales servers should not be encrypted. How should you configure Group Policy for the ABC_Admin and ABC_Sales OU? (Choose three.)

A. Configure a GPO to apply the Hisecws.inf security template. Link this GPO to the ABC_ADMIN OU.

B. Configure a GPO to enable the Audit object access audit policy on computer objects. Link this GPO to the ABC_SALES OU.

C. Configure a GPO to apply the Hisecws.inf security template. Link this GPO to the ABC_Sales OU.

D. Configure a GPO to enable the Audit object access audit policy on computer objects. Link this GPO to the ABC_ADMIN OU.

E. Block group policy inheritance on the ABC_ADMIN OU.

F. Block group policy inheritance on the ABC_SALES OU.