[Downloadable] 70-294 Microsoft test 1-17 (Mar 2016)

100% Correct of 70-294 testing engine materials and dumps for Microsoft certification for customers, Real Success Guaranteed with Updated 70-294 pdf dumps vce Materials. 100% PASS Today!

2016 Mar 70-294 Study Guide Questions:

Q1. You have a single Active Directory service domain. You have three Actives Directory sites. 

Site replication is scheduled to occur during business hours only. 

You plan to make a schema change after business hours. 

You need to ensure that replication occurs for all sites during the schema change. 

What should you do? 

A. Set the Ignore schedules setting for the IP transport. 

B. Clear the Ignore schedules setting for the IP transport. 

C. Enable the KCC for all site objects. 

D. Disable the KCC for all site objects. 

Answer: A 


Q2. You have a single Active Directory directory service forest with three domains. 

You are monitoring Active Directory replication. 

You need to obtain the replication status of all domain controllers. 

What should you do ? 

A. Run the repadmin /showutdvec command. 

B. Run the repadmin /showobjmeta command. 

C. Run the repadmin /replsummary command. 

D. Run the repadmin /showsig command. 

Answer: C 


Q3. You have a single Active Directory service domain. All domain controllers run Windows Server 2003. The sales department uses Windows Vista client computers. The finance department uses Windows XP client computers. All client computers are in the Clients organizational unit (OU). A software restriction policy is linked to the Clients OU. You are planning a new certificate autoenrollment Group Policy object (GPO) named AutoEnroll for the sales department client computers. You need to ensure that the AutoEnroll GPO applies to only the Windows Vista client computers. What should you do? 

A. Link the AutoEnroll GPO to the domain. Create a WMI filter. Link the AutoEnroll GPO to the WMI filter. 

B. Link the AutoEnroll GPO to the domain. Create a WMI filter. Link the Default Domain GPO to the WMI filter. 

C. Link the AutoEnroll GPO to the Clients OU. Create a WMI filter. Link the software restriction GPO to the WMI filter. 

D. Move the Windows XP client computers into a new OU. Link the AutoEnroll GPO to the domain. 

Answer: A 


Q4. You have two Active Directory directory service forests named contoso.com and fabrikam.com. All users log on to the contoso.com domain. All servers run Windows Server 2003 and are members of the fabrikam.com domain. 

You create a one-way forest trust in which fabrikam.com is trusting contoso.com. Forest-wide authentication is enabled. You need to provide only selected users with access to a server in the fabrikam.com domain. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Grant the users the Allowed to Authenticate permission on the computer object representing the server. 

B. Grant the users the Modify permission on the computer object representing the server. 

C. Change the one-way forest trust to a two-way forest trust. 

D. Change the properties of the forest trust from Forest-wide authentication to Selective authentication. 

Answer: AD 


Q5. You are the network administrator for your company. The network consists of a single Active Directory domain. The domain contains an organizational unit (OU) named TerminalServers. You create two Group Policy objects (GPOs) named CompanySettings and SecuritySettings and link them to the domain. You then create another GPO named TS_Settings and link it to the TerminalServers OU. Users report that when they run Internet Explorer on a terminal server, they cannot access approved Web sites. Users did not encounter any problems with running Internet Explorer on the terminal servers before the GPOs were created and linked. You need to find out which GPO is the cause of the problem. What should you do? 

A. Log on to a terminal server and run the secedit /analyze command. 

B. Log on to a domain controller and run Resultant Set of Policy (RSoP) in planning mode 

against the client computers. 

C. Log on to a domain controller and run Resultant Set of Policy (RSoP) in logging mode against a terminal server. 

D. Log on to a domain controller and run the query termserver command. 

Answer: C 


70-294 practice test

Latest 70-294 rapidshare:

Q6. HOTSPOT  

You are the network administrator for your company. The company consists of two subsidiaries named Contoso, Ltd., and Fabrikam, Inc. The network consists of two Active Directory domains with two sites. The sites are named Site1 and Site2. The domains are named contoso.com and fabrikam.com. The network includes one Active Directory application partition named AppPartition1. This application partition is replicated to domain controllers in Site1 and Site2. The network contains six domain controllers. The domain controller locations and the roles of the domain controllers are identified in the work area below. You need to configure preferred bridgehead servers in each site. You need to configure the minimum number of domain controllers as preferred bridgehead servers such that no bridgehead servers will be automatically selected. Which domain controller or domain controllers should you configure as preferred bridgehead servers? To answer, select the appropriate domain controller or domain controllers in the work area. 


Answer: 


Q7. CORRECT TEXT 

You have two OU’s one for user accounts and one for Servers and two GPO’s one for users OU and one for Servers OU. Users GPO install desktop utilities for all user accounts. Servers GPO secure the servers. You must ensure that desktop utilities are not installed on servers when users log on to the servers. 

Answer: 


Q8. You are the network administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. 

All user accounts for the sales department users are located in an organizational unit (OU) named Sales. The client computers are located in the default Computers container. 

All users in the sales department require that a sales application be installed on their client computers. You create a new Group Policy object (GPO). You create a software installation package and use the GPO to assign the package to computers. 

You link the GPO to the Sales OU. Users in the sales department report that the application is not installed on any client computers. You need to install the application on all client computers in the sales department. 

You need to ensure that the application is installed only on the client computers used by users in the sales department. What should you do? 

A. Enable loopback processing for the GPO. 

B. Modify the GPO to specify that Windows Installer packages will be installed by using elevated permissions. 

C. Link the GPO to the Computers container. 

D. Modify the GPO so that the application is assigned to user accounts. 

Answer: D 


Q9. You have a Windows Server 2003 Active Directory directory service forest with two domains named contoso.com and corp.contoso.com, and two sites named Site1 and Site2. Site1 has two domain controllers for the contoso.com domain. 

Site2 has two domain controllers for the corp.contoso.com domain. Replication traffic is creating network congestion. Your environment contains a large number of universal security groups. You examine the universal groups and find that they contain global security groups and individual user accounts from both domains. The universal group memberships change frequently. 

You need to reduce the Active Directory replication traffic. You must maintain the ability to assign groups from one domain access to resources in the other domain. What should you do? 

A. Remove the global groups from the universal groups. 

B. Move the individual user accounts from the universal groups to the appropriate global groups. 

C. Convert the global groups to universal groups. 

D. Convert the universal groups to global groups. 

Answer: B 


Q10. You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. One of the domain controllers is configured as an enterprise root certification authority (CA). All client computers run Windows XP Professional. Your company uses IPSec to secure communications between computers in your company and computers at other companies. These IPSec connections require computer certificates. Your IPSec policies require every computer to be able to make an IPSec connection when connecting to other computers. You need to configure the network so that all computers can make IPSec connections. What should you do? 

A. In the computer settings section of the Default Domain Policy Group Policy object (GPO), configure the domain members to always digitally encrypt or sign secure channel data. 

B. Obtain a new computer certificate from a public CA. Import a copy of this certificate into the Trusted Root Certification Authorities section of the Default Domain Policy Group Policy object (GPO). 

C. Create a new automatic certificate request in the computer settings section of the Default Domain Policy Group Policy object (GPO). 

D. Issue a new computer certificate from your enterprise CA. Place a copy of this certificate on an intranet Web page. Instruct users to install this certificate in their trusted certificate store the first time they need to make an IPSec connection. 

Answer: B 


70-294 free practice questions

Real 70-294 brain dumps:

Q11. CORRECT TEXT 

You are the network administrator for your company. The network consists of a single Active Directory domain. 

For security reasons you need to configure password policies of the domain users to meet the following requirements. 

You must accomplish this task by using the Group Policy Object Editor console. Your operation must not affect other settings. 

Answer: 


Q12. CORRECT TEXT 

A company hires an admin just to manage the GPO objects. So he is responsible only for assigning GPO's to the marketing group. How do you achieve the task? 

Answer: 


Q13. You are a network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. The functional level of the domain is Windows Server 2003. The organizational unit (OU) structure is shown in the exhibit. (Click the Exhibit button.) 


Your company uses an X.500 directory service enabled product to support a sales and marketing application. The application is used only by users in the sales department and the marketing department. The application uses InetOrgPerson objects as user accounts. InetOrgPerson objects have been created in Active Directory for all Sales and Marketing users. These users are instructed to log on by using their InetOrgPerson object as their user account. 

Microsoft Identity Integration Server is configured to copy changes to InetOrgPerson objects from Active Directory to the X.500 directory service enabled product. All InetOrgPerson objects for marketing employees are located in the Marketing OU. All InetOrgPerson objects for sales employees are located in the Sales OU. 

Mikhail is another administrator in your company. Mikhail is responsible for managing the objects for users who require access to the x.500 directory service enabled product. 

You need to configure Active Directory to allow Mikhail to perform his responsibilities. 

Which action or actions should you take? (Choose all that apply.) 

A. On the domain, grant Mikhail the permission to manage user objects. 

B. On the domain, grant Mikhail the permission to manage InetOrgPerson objects. 

C. On the Sales OU, block the inheritance of permissions. 

D. On the Marketing OU, block the inheritance of permissions. 

E. On the Dev OU, block the inheritance of permissions 

Answer: BE 


Q14. You are the network administrator for Fabrikam, Inc. Your network consists of a single Active Directory forest that contains one domain named fabrikam.com. The functional level of the forest is Windows Server 2003. 

Fabrikam, Inc., acquires a company named Contoso, Ltd. The Contoso, Ltd., network consists of a single Active Directory forest that contains a root domain named contoso.com and a child domain named usa.contoso.com. The functional level of the forest is Windows 2000. The functional level of the usa.contoso.com domain is Windows 2000 native. 

A business decision by the company requires the usa.contoso.com domain to be removed. You need to move all user accounts from the usa.contoso.com domain to the fabrikam.com domain by using the Active Directory Migration Tool. You need to accomplish this task without changing the logon rights and permissions for all other users. You need to ensure that users in usa.contoso.com can log on to fabrikam.com by using their current user names and passwords. What should you do? 

A. Create a one-way Windows Server 2003 external trust relationship in which the fabrikam.com domain trusts the contoso.com domain. 

B. Create a temporary two-way external trust relationship between the fabrikam.com domain and the usa.contoso.com domain. 

C. Create a two-way Windows Server 2003 external trust relationship between the fabrikam.com domain and the contoso.com domain. 

D. Create a temporary one-way external trust relationship in which the usa.contoso.com domain trusts the fabrikam.com domain. 

Answer: B 


Q15. You are a network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All client computers are Windows XP Professional computers that are members of the domain. The company wants to install a new application on only the computers where it is required. However, once installed on a particular computer, the application can be used by any user logged on to that computer. The application is installed by using a Windows Installer package. You copy the .msi file to a shared folder on a file server. The shared folder is configured so that members of the Domain Admins group have the Allow - Full Control permission, and no other permissions are granted. The company wants to automate installation as much as possible. Users must not be able install unauthorized copies of the application. You need to ensure the application will be deployed in accordance with your company's requirements. You create a security group and assign this group the Allow - Read permission for the shared folder that contains the .msi file. Which two additional courses of action should you take? (Each correct answer presents part of the solution. Choose two.) 

A. Make all authorized computers members of the security group. 

B. Create a Group Policy object (GPO) that assigns the application to users. Link the GPO to the domain. Set permissions on the GPO so that it applies only to the security group you created. 

C. Create a Group Policy object (GPO) that publishes the application to users. Link the GPO to the domain. Set permissions on the GPO so that it applies only to the security group you created. 

D. Make all users of the application members of the security group. 

E. Create a Group Policy object (GPO) that assigns the application to computers. Link the GPO to the domain. Set permissions on the GPO so that it applies only to the security group you created. 

Answer: BD 


Q16. You are the network administrator for your company. The network consists of a single Active Directory forest that contains one domain. The functional level of the forest is Windows 2000, and the functional level of the domain is Windows 2000 mixed. The domain contains four domain controllers named DC1, DC2, DC3, and DC4. There are two sites in the forest. DC1 and DC2 are in one site. DC3 and DC4 are in the other site. DC1 fails. You need to wait until the following week to restore DC1. While connected to DC3, you perform a bulk import of user accounts and receive an error message stating that a number of the user accounts could not be created. You need to ensure that the user accounts can be created. What should you do? 

A. Seize the PDC emulator role to DC3. 

B. Create a replication object to connect DC3 to DC2. 

C. Seize the relative ID (RID) master role to DC3. 

D. Raise the functional level of the domain and the functional level of the forest to Windows Server 2003. 

Answer: C 


Q17. You are the network administrator for a company that has three offices. The offices are in Boston, Chicago, and New York. All three offices are connected by leased lines as shown in the exhibit. (Click the Exhibit button.) 

Your company is deploying a Windows Server 2003 forest. You create a single Active Directory domain. You configure each office as a single site. You configure three domain controllers in NYSite. You create a domain controller in each of the other sites. You create site links based on the network topology. Each leased line is represented by a site link. Each site link connects only two sites. The cost and the schedule for all site links is the same. The sites and site links are named as shown in the following table. 

Users report that network requests between BosSite and ChiSite are taking much longer than they used to take. You discover that replication traffic is using an unacceptably large percentage of the bandwidth between BosSite and ChiSite. 

You need to reduce replication traffic over the Chi Boston site link. 

What should you do? 


A. Create a site link bridge that includes the NY Boston and NYChi site links. 

B. Increase the replication interval for the NYBoston site link. 

C. Increase the cost for the ChiBoston site link. 

D. Create an SMTP-based connection object from a domain controller in NYSite to a domain controller in BosSite. 

Answer: C 



see more 70-294 - MCSE Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 AD Infrastructure

Microsoft 70-294 Certification Sample Questions and Answers: http://www.braindumpsall.net/70-294-dumps/

P.S. New 70-294 dumps PDF: http://www.4easydumps.com/70-294-dumps-download.html