Question No. 16
Engineering users want to be able to continue their own resources after the Windows 2000 implementation. What should you do enable this goal?
A. Create a domain for the engineering department.
Create an engineering Organizational Unit (OU).
Grant the engineering department complete administrative control of its OU.
Move computer and user objects into the domain.
B. Create a domain for the engineering department.
Locate this domain on the same level as the North American domain.
Grant the engineering department complete administrative control of its domain.
Move computer and user objects into the domain.
C. Create a separate Organizational Unit (OU) for the engineering department.
Locate this OU in the North American domain.
Grant the engineering department complete administrative control of its OU.
Move computer and user objects into the OU.
D. Create a separate forest for the engineering department.
Grant the engineering department complete administrative control of this forest.
Move computer and user objects into the forest.
Question No. 17
Which General Business Consultants business need or needs should you implement by using
Group Policy objects (GPO??s)? Choose all that apply?
A. Automatically assigning IP addresses to wireless devices.
B. Updating the software on kiosks.
C. Configuring user logon requests to avoid using WAN line.
D. Configuring the desktop settings for the resort employees.
Question No. 18
You are designing A. Datum Corporation??s organizational Unit (OU) hierarchy. Which business factors should have the most influence on you design? (Select all that apply)
A. 24-hour global collaboration
C. Regional security differences
D. Number of users per facility
E. WAN topology
F. Internet presence
G. Growth plans
Question No. 19
You want to implement Windows 2000 to minimize the impact of replication on WAN traffic for Fabrikam, Inc. What should you do?
A. Use IP site links for replication. Optimize the replication schedule.
B. Define policies and procedures so that only global groups are included in universal groups.
C. Use SMTP site links for replication. Optimize the site link schedule.
D. Define Group Policy Objects (GPOs) only at the domain and organizational unit levels
E. Reduce the number of attributes replicated by the global catalog.
Question No. 20
You need to create a site design for the complete project. Which technical requirement or requirements must you include? (Choose all that apply)
A. Each content provider must create sites for Atlanta, Boston, and Seattle.
B. The content providers must create sites for each content developer.
C. Each service provider must create a site for each remote transmission location.
D. The membership user objects and cable-device computer objects must be in different sites.
E. Each service provider must create a single site for the data center and urban area.
Question No. 21
Which site or sites should you include in your design? (Choose all that apply)
A. Three for New York.
B. One for Atlanta.
C. One for Los Angeles.
D. One site that contains Los Angeles, Chicago, and Atlanta.
E. One for New York.
F. One for all of Consolidated Messenger.
G. One for Chicago.
H. One for each partner.
I. One for each domain.
J. One for each department.
K. One at the perimeter network.
Question No. 22
You discover that some users are able to watch videos beyond the time allocated. What should you do?
A. Ensure that the maximum tolerance for computer clock synchronization is five minutes.
B. Set the maximum lifetime for the user ticket on the kerberos policy to one day.
C. Ser the computer group policy refresh rate to five minutes
D. Enable the user group policy loopback processing mode.
E. Set the maximum lifetime for the service ticket on the kerberos policy to one day.
Question No. 23
Adventure Works is a company that manufactures and sells outdoor adventures products throughout the United States. The company??s headquarters are located in Seattle. Adventure Works has facilities around the world. The company employs approximately 28,000 employees worldwide. Adventure Works also has a division that provides adventure tours. This division is marketed as Certifyme.com, Ltd., and has offices located around the world.
Adventure Works is composed of the following divisions:
_Certifyme.com, Ltd., tour services--700 employees
_Internet consumer services (ICS)--500 employees
The corporate division includes the following departments:
_Customer service (CSV)
The retail division consists of 117 stores located in cities throughout the United States. The manufacturing plan is located in Mexico City. The tour services offices are located in 158 shopping malls in the United States, Europe, and Australia.
All corporate division departments except the customer service department are located in Seattle. The customer service call center is located in Denver. The ICS division and high-level managers from all divisions are located in Seattle. The tour services division has logistics and management staff located in Seattle, London, and Sydney.
The ICS division maintains an e-commerce Web site where consumers can purchase Adventure Works products.
The existing WAN infrastructure is shown in the exhibit.
Adventure Works has four WAN consolidation points in the following locations:
_Seattle data center
_Atlanta data center
_London regional office
_Sydney regional office
Seattle and Atlanta are connected by two 1.544-Mbps lines. The London and Sydney regional offices are connected to Seattle by 128-Kbps lines.
All stores are connected to one of the United States data centers by 56-Kbps lines that run at an average utilization rate of 80 percent. Seventy-two of the retail stores are connected to the Seattle data center. The remaining stores are connected to the Atlanta data center. The client computers in the tour services offices in the United States, Europe, and Australia connects to VPN servers located in their respective regional offices of Seattle, London, and Sydney. The customer service call center is connected to the Seattle data center by a router-to-router VPN. The Denver call center has a 1,024-Kbps line to the Internet and a firewall to provide protection. The firewall is configured to block all ports other than those necessary for a VPN tunnel. The manufacturing plan in Mexico City is connected to the Seattle data center by a 1,024-Kbps line. A few of the larger stores have ISDN backup that is configured on their routers to enable them to connect to the Mexico City manufacturing plant.
The Seattle data center and the London and Sydney regional offices have connections to the Internet.
IT Department Organization
Adventure Works has one chief information officer (CIO). The CIO and the IT staff are located in Seattle. The administration of all users in the company is centralized in Seattle. The CIO has dedicated a separate group of these administrators to each business division. Each of these groups reports to one of three IT managers who report to the CIO. These managers are the corporate IT manager, the retail IT manager, and the manufacturing IT manager.
Computer resources are administered by separate groups of IT administrators. Each of these IT administrators is responsible for a Windows NT 4.0 resource domain. All IT resource administrators report to their corresponding IT managers. All other IT administrators report to the corporate IT manager.
Windows NT 4.0 Domain Model
There is a single account domain named Adventure. This domain has a PDC located in Seattle and
several BDCs located in every location except the tour services offices in shopping malls. Currently, there is an Adventure account domain controller in the cash office of each retail store. Windows NT 4.0 resource domains have been created to support the resources for specific groups. The following resource domains contain the client computers and servers for specified groups:
_NT_Sea (Seattle site)
_NT_CS (customer service division)
_NT_Acct (accounting department)
_NT_Aus (tour services for Australia)
_NT_Euro (tour services for Europe)
_NT_US (tour services for the United States)
_NT_Manu (manufacturing division)
_NT_Store (retail store division)
All resource domains have a one-way trust with the Adventure account domain.
Adventure Works has two publicly registered domain names: adventure-works.com and Certifyme.com. A UNIX DNS server located in a second subnet (also known as DMZ) in Seattle maintains the primary zone file for both adventure-works.com and Certifyme.com. This DNS server is the only DNS server in the enterprise that is allowed to access through the firewall to the Internet. The adventure-works.com zone contains several host records that are needed for the Web services provided by the ICS division. Another UNIX DNS server located on the corporate intranet in Seattle holds a private root of adventureworks.
loc that contains host records for internal resources. This DNS server has private root hints that point to the external UNIX DNS server.
Each location supporting tour services had a dedicated client computer and two or three employees. These employees use the shared client computer and Terminal Services to connect to their respective regional offices.
These regional offices contain resources that must be available to all tour services division employees. In addition, the ICS division accesses data from these resources to find out the latest schedules and available activities. The ICS division then publishes this information on the company Web site.
Chief Executive Officer (CEO) Interview
We will be selling the Certifyme.com, Ltd., tour services division sometime next year. I want to deploy Active Directory in this division before we sell it. I also want to ensure that this divestiture will happen as smoothly as possible for the new company.
We have seen an extremely high turnover rate among employees who work in our stores.
For the most part, the existing structure of the IT organization is working well. The IT managers seem to work well together and communicates on a regular basis. I want to continue to manage all users centrally from Seattle with separate IT groups dedicated to administering each business division. The management of resources will be done by the existing model. The IT administrators dedicated to administering resources should have the ability to manage only their resources and the Active Directory groups required to control access to their resources.
I will also be creating an administration team named Global Admin that will be responsible for auditing and overseeing Active Directory administration of all uses and computers worldwide. Employees in this group will be the only people in the enterprise who have enterprise or domain administrator rights.
These employees will report directly to me.
Although minimizing cost is important to me, it is even more important to ensure that we provide our end users with a stable and secure infrastructure.
Many of the groups in the corporate division work with sensitive information, but the information in the accounting department is very sensitive, and I want to ensure that it is not compromised. Every forest in your environment will have an empty root domain, and all root domain controllers will be located in the Seattle data center.
We have recently rebuilt our data centers in the United States. These data centers require access through biometric devices to gain access to the physical facilities. The manufacturing plant located in Mexico City has had several incidents in which machines were stolen. Approximately three mounts ago, one of our expensive server class machines that we used as a BDC disappeared. I have been notified that I will be getting the budget for new secure facilities for the plan. However, this budget will not be available for another one or two years.
_All divisions use resources located in Seattle.
_The retail stores and ICS must have access to an inventory system located in the Mexico City manufacturing plant.
_The retail stores need to be able to log on to the domain even if the WAN connection is unavailable.
After we have completed the enterprise deployment of Active Directory, we will be deploying Microsoft Exchange 2000.
I want to ensure that no mater which division an employee is in, that employee will be able to log on to the domain by using that employee??s primary client computer and a UPN of username@adventureworks. com.
My staff has already begun the forest design for our enterprise. At this time, I have two recommendations from my staff. (Forest design recommendations are shown in the exhibit.
One of the individuals who recommended the single global forest pointed out that a single forest would make it easier to deploy Exchange 2000 and reduce hardware and administrative costs. I hope that you will not be able to independently evaluate our requirements and recommend your own Active Directory design that is most appropriate for your environment. I will also want to ensure that your design adheres to published best practices for Active Directory design.
We had an immediate requirement for Active Directory to support the executives in Seattle. We have already created a forest named adm-corp.adventure-works-com with a child domain of corp.admcorp. adventure-works.com. The executives have already been migrated to this new domain, and I do not want to migrate them again.
Question No. 24
How many domain controllers should Contoso, Ltd., deploy?
Question No. 25
Which technical factor or factors influenced the company's forest design decision? (Choose all that apply)
A. Network Address Translation (NAT) devices are separating domain controllers
B. None: the decision was not influenced by technical factors
C. Bandwidth is not sufficient to support a single forest
D. Firewalls are separating the domain controllers
E. The company wants to eliminate trusts between domains
F. DNS service cannot resolve name throughout the forest
Question No. 26
Which business or technical factor has the most influence on the number of internal domains that you include in your design?
A. Separation of IT management between east and west
B. Need for the creation of an empty forest root domain
C. Possibility that the e-commerce division might be sold
D. General lack of trust of the central IT group
E. Lack of physical security of domain controllers
Question No. 27
Enchanted Lakes Corporation is a large, international Advertising agency. The company headquarters are located in New York City. The company has offices throughout the world. The offices are organized into the following four regions:
North America - 10,000 employees
_ New York - Regional & Corporate Headquarters (4000)
_ Los Angeles (2000)
_ Chicago (1500)
_ Detroit (1500)
_ Houston (1000)
South America - 6000 Employees
_ Sao Paulo - Regional Headquarters (3000)
_ Rio de Janeiro (1500)
_ Buenos Aires (1500)
Europe - 8000 Employees
_ London - Regional Headquarters (4000)
_ Paris (1000)
_ Nice (1000)
_ Frankfurt (1000)
_ Munich (1000)
Asia & Australia - 4000 Employees
_ Hong Kong - Regional Headquarters (1500)
_ Seoul (750)
_ Tokyo (750)
_ Beijing (500)
_ Sydney (500)
Each regional headquarters includes the following departments ? Marketing
_ Print Design
_ Radio Design
_ TV Design
Members of the sales department travel frequently to customer locations and use portable computers. When they need to access their resources, they can use a dial-up connection to the nearest regional office.
The design groups share large amounts of data over the WAN. The design groups from each region access data from other regions.
The New York office is connected to each of the regional headquarters by 1.544 Mbps lines. Additional connections between offices are as follows:
_ All North America locations are connected to New York by 1.544 Mbps lines. ? All Europe locations are connected to London by 256 Kbps lines. ? All Asia & Australia locations are connected to Hong Kong by 256 Kbps lines. ? All South America locations are connected to Sao Paulo by 56 Kbps lines. Enchanted Lakes Corporation conducts video conferencing among all of the regional offices. The 1.544 Mbps lines are used for these conferences.
In North America the company runs streaming video over the WAN. North America uses a master domain model. New York is the master domain. Each of the North America locations is a resource domain.
Each region has its own domain. There are two-way trusts between each of these domains and the North America master domain. However the New York headquarters is not involved in domain administration for the regions that are outside North America. All the regions run BIND version 4 for DNS.
All the locations use Windows NT workstation 4.0 on the client computers. Many employees use dial-up connections from portable computers that run Windows 98. TCP/IP is the only protocol used on the WAN.
Enchanted Lakes Corporation has international, national and local customers. Each region functions as a separate entity within the company. Information exchange occurs between the regions, but administration of the resources is performed within each region. The technical support group at each regional headquarters is responsible for accounts in its region. Every office has off-site support personnel for all hardware and software support. North America users are prevented from installing software or making any changes to their desktops. However, desktop standards in the regions outside North America are not so stringent.
Chief Executive Officer (CEO) interview
We want to implement video and audio streaming for presentations and international video conferencing. We want to make use of the new features provided in Windows 2000 to better compete with our competitors. We will be able to tighten security and provide flexibility through schema modifications and group policies that we are not able to take advantage of with our existing services. I want to make sure that schema changes are monitored and approved by a committee. I want all sales personnel from every region to have the same access point for all shared information.
The WAN is heavily used. Video streaming and information sharing need to be optimized to minimize bandwidth usage. Traveling users need to be able to access their files from any location. Each design group needs access to its data even if the data is in a different region. For example, the print design groups in each region need to have access to all print design information from all regions. The North America upgrade will occur in two phases. During phase one, an empty root domain will be upgraded to Windows 2000. After he Asia and Australia, Europe, and South America domains are added to the forest, phase two will occur. During phase two, all resource domains in North America will be eliminated. To facilitate the migration of the resource domains, the final group structure must be in place before phase two.
DFS redundancy must be implemented wherever possible. To increase the efficiency of sales personnel, Offline Files will be used frequently.
All locations will be located in the same forest. The New York Headquarters will provide most forest wide support including maintaining the DNS structure on its current platform. Each regional Headquarters will provide most domain-wide support, but each location in North America will administer its own resources. The regional Headquarters sites must have backup global catalog servers to provide for redundancy and to reduce WAN traffic in the event that a domain controller fails. Offices outside North America will be required to use the standard applications, such as Microsoft Office. However, these offices can use any additional applications they choose. Technical support is currently performed at the New York Headquarters. However, the company has technical support personnel at each location. Therefore, the company wants technical support to be performed by the personnel at each location.
Each regional Headquarters will administer resources, DFS shares, and dial-up services to each location in its region. Technical support staff at each location will perform backups of local data and maintain local file and folder structures. Technical support staff will also be granted permission to reset passwords for all users in their location.
Access to the Schema Admin group must be strictly controlled. Each region will have representation on the oversight committee that monitors and approves all schema changes. The New York technical support staff wants to lock down the desktops for employees at the New York Headquarters. However, the technical support staff at the other locations can create their own desktop policies.
North America upgrade
Phase 1: Create empty domain
Upgrade all domains to Windows 2000
Add Asia, Australia, Europe & South America to forest
Final group structure must be in place before beginning Phase 2 Phase 2: Eliminate all resource domains in North America
DFS redundancy must be implemented
Offline files will be used frequently by sales
All locations will be in the same forest
Each location has its own tech support staff
New York: Has most Forest wide support
Maintains DNS structure
Each Regional HQ: Administers resources, DFS shares, dial-up services for each location in its region Most domain wide support
Must have Backup Global catalog
Each Regional Admin Creates & maintains sites for their own domain North America Locations Administer their own resources
Each local Tech support Tech support to be performed at each location Will perform backups of local data
Maintains File & Folder structure
Reason for using empty root domain?
Which administrators can do the following:
Modify & Create Group Policy Corporate
Create Domains Corporate
Modify DNS structure Corporate
Perform Domain backups Corporate
Create / Delete user objects Regional
Reset Passwords Local
Modify file & folder structure Local
Perform local backups Local
Create sites Regional
Question No. 28
Where should you place the PDC emulator role holder for eu.tailspintoys.com?
A. Detroit IT center
D. Detroit headquarters
Question No. 29
What are the technical ramifications of the company's forest design decision? (Choose all that apply)
A. Authentication between the military and aerospace division will no longer be provided by Kerberos
B. There will be no native global catalog of objects between the military and aerospace divisions
C. The military and aerospace divisions will not be able to share resources
D. A user will not be able to log on to that user??s client computer by using an e-mail style user principal name (UPN)
E. There will be no automatic transitive trusts between the military and aerospace divisions
Question No. 30
Which two tasks are necessary to support your site architecture? (Each correct answer presents part of the solution. Choose two)
A. Decrease interval times
B. Disable site bridging.
C. Configure bridgehead servers.
D. Create SMTP link between all sites.
E. Disable the KCC generation of inter-site replication topology.
F. Create IP links between all sites.
G. Increase interval times.
H. Create connection objects.
I. Configure schedules for each link.
J. Configure costs for each link.
Microsoft 70-219 Certification Sample Questions and Answers: http://www.braindumpsall.net/70-219-dumps/
P.S. New 70-219 dumps PDF: http://www.4easydumps.com/70-219-dumps-download.html