70-299 Exam

Quality and Value for the 70-299 Exam

Test4pass Practice Exams for Microsoft 70-299 are written to the highest standards of technical accuracy, using only certified subject matter experts and published authors for development.

100% Guarantee to Pass Your 70-299 Exam

If you prepare for the exam using our Test4pass testing engine, we guarantee your success in the first attempt. If you do not pass the MCSE 2003 Security 70-299 exam (ProCurve Secure WAN) on your first attempt we will give you a FULL REFUND of your purchasing fee AND send you another same value product for free.

Microsoft 70-299 Downloadable, Printable Exams (in PDF format)

Our Exam 70-299 Preparation Material provides you everything you will need to take your 70-299 Exam. The 70-299 Exam details are researched and produced by Professional Certification Experts who are constantly using industry experience to produce precise, and logical. You may get questions from different web sites or books, but logic is the key. Our Product will help you not only pass in the first try, but also save your valuable time.

70-299 Downloadable, Interactive Testing engines

We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our Exam Preparation Material provides you everything you will need to take a certification examination. Like actual certification exams, our Practice Tests are in multiple-choice (MCQs) Our Microsoft 70-299 Exam will provide you with free 70-299 dumps questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and Value for the 70-299 Exam:100% Guarantee to Pass Your MCSE 2003 Security exam and get your MCSE 2003 Security Certification.

Hot KeyWords On 70-299 test

We collect some hot keywords about this exam:
Test4pass , Pass 4 Sure , Test in Side ,Pass Guide ,Test King 70-299 exam | 70-299 pdf exam | 70-299 braindumps | 70-299 study guides | 70-299 trainning materials | 70-299 simulations | 70-299 testing engine | 70-299 vce | 70-299 torrent | 70-299 dumps | free download 70-299 | 70-299 practice exam | 70-299 preparation files | 70-299 questions | 70-299 answers.

How to pass your 70-299 exam

You can search on Search Engine and Find Best IT Certification site: Test4pass.com - Find the Method to succeed 70-299 test,The safer.easier way to get MCSE 2003 Security Certification MCSE 2003 Certification MCSE Certification MCSA 2003 Certification .

��
��
Exam : Microsoft 70-299
Title : Implementing Security in a MS Win Server2003 Network


1. You work as a security administrator for Microsoft. The basic network and some policies are as the following:
You want to do some work at home, using company??s resources. Currently, you need to make sure that users can successfully establish a VPN connection to Server_Three. How can you do that?
A. Provides certificate-based authentication for computers by using IP Security (IPSec) for network communications.
B. Provides both client and server authentication abilities to a computer account.
C. Allows the holder to act as a registration authority (RA) for Simple Certificate Enrollment Protocol (SCEP) requests.
D. You could add Server_Three computer account to the RAS and IAS Servers security group.
E. Used by a router when requested through SCEP from a certification authority that holds a Certificate Enrollment Protocol (CEP) Encryption certificate.
Answer: D

2. You work as a security administrator for Microsoft. The basic network and some configurations are as the following:
Today, you discover that unauthorized users intercepted data in sales documents while the documents were transmitted over the WLAN. You need to protect sales documents from being intercepted by unauthorized users. What should you do?
A. Use the CMAK wizard to create an executable file that a user can use to automatically create a remote access connection with customized security settings.
B. A new VPN server will be available. And then, configure a Connection Manager Administration Kit (CMAK) profile that connects sales users to the VPN server.
C. choose to automatically use the current credentials.
D. provide credentials each time a connection is made.
Answer: B

3. Which of the following passwords is an example of a strong password?
A. tyia
B. imsitrjs5itr
C. passwordpassword
D. l%@3tty7&
Answer: D

4. You work as a security administrator for Microsoft. The basic network and some configurations are as the following:
The employees of Microsoft must have access only to files that they are assigned access to based on their membership in a group. SSL on Server_One is to protect confidential data while it is in transit. You make sure that each employee an Authenticated Session certificate and store a copy of that certificate with their user account in the Active Directory. You need to ensure that Server_One authenticates users based on possession of their certificate. How can you do that?
A. Configure a Web server to serve content to the public Internet while minimizing the risk that the system will provide attackers with an entry point to the internal network.
B. Configure the mapping client certificate.
C. configure fireware to allow all outbound connections from the internal network but to block all incoming traffic.
D. Using reversible encryption is not recommended.
Answer: B

5. Which of the following authentication methods should be chosen for a Web site on a public Internet with minimal security requirements, where administrators have no control over which browser a client uses?
A. Basic Authentication
B. Digest Authentication For Windows Domain Servers
C. Integrated Windows Authentication
D. NET Passport Authentication
Answer: A

6. You work as a security administrator for Microsoft. The basic network structure is as following:
In order to replicate data, you configure a new Windows Server 2003 computer named Server_Two in the theTwo.com forest. The database administrator configures the database on Server_One to replicate to Server_Two every night. Management reports that a competitor acquired confidential customer data. You determine that the competitor intercepted customer data as it replicated from Server_One to Server_Two. You decide to use IPSec to protect customer data as it replicates. You need to configure an IPSec policy to protect customer data as it replicates. What should you do?
A. Using transport mode to protect host-to-host communications
B. Using IPSec to allow remote users to connect to an organization's private network across the Internet.
C. Encapsulating Security Payload with certificate-based authentication in tunnel mode would be available.
D. Establishing an IPSec connection to the IPSec gateway that provides access to the internal network.
Answer: C

7. You work as a security administrator for Microsoft. The basic network and some configurations are as the following:
You decide to implement IPSec to encrypt the payroll application data during transmission. You configure a custom IPSec policy named Payroll App on Server_One using the rules shown in the exhibit. You configure an IPSec default Client policy on the client computers in both Active Directory domains. During testing, you notice that client computers in the theOne.com Active Directory domain use IPSec when communicating with Server_One. However, client computers in the theTwo.com Active Directory domain cannot communicate with Server_One. You need to enable all client computers to use IPSec when communicating with Server_One. How would you do that?
A. Manually importing the templates into Local Group Policy on individual computers.
B. The custom Payroll App policy could be modified by adding the certificate authentication type to the existing rules on Server_One.
C. Importing the templates into Group Policy objects linked to Active Directory directory service.
D. Deploy security templates in environments that do not use Active Directory.
Answer: B

8. Which of the following passwords will not be stored in an LMHash?
A. tyia
B. imsitrjs5itr
C. passwordpassword
D. l%@3tty7&
Answer: C

9. Which of the following scenarios requires delegated authentication?
A. A public Web site from which all content should be anonymously accessed.
B. An internal Web site from which all content should be anonymously accessed.
C. An internal Web site containing simple Hypertext Markup Language (HTML) documents that only managers should be able to access.
D. An internal Web site that accesses a back-end server containing data that only specific users should be able to access.
Answer: D

10. You work as a security administrator for Microsoft. The basic network and some policies are as the following:
Now, the Lan Security IPSec policy applies to network traffic on both network adapters in Server_One. You have to configure Server_One in order to communicate on the test network without IPSec security. Server_One must still use the Lan Security policy when it communicates on the company network. What would you do to configure Server_One?
A. Exchange public keys and then separately generate the Main Mode master key keying material.
B. Configure ICF to permit ISAKMP for UDP port 500.
C. Configure IPSec to use certificates for authentication.
D. You could use the netsh IPSec to assign a constant IPSec policy, which permits all traffic on the network adapter on the test network.
E. you could configure local IPSec policy. After that, you can use the IP Security Policy Management Export Policies and Import Policies menu commands to back up and restore IPSec policy.
Answer: D

11. Enabling account lockout accomplishes which of the following goals?
A. Makes it impossible to steal a user??s password.
B. Reduces the likelihood that a malicious attacker will use brute force techniques to discover a user??s password.
C. Eliminates the need for strong passwords.
D. Reduces Help desk costs.
Answer: B

12. Which of the following authentication methods should be chosen for a high-security, internal Web site in an Active Directory environment where single sign-on is a requirement?
A. Basic Authentication
B. Digest Authentication For Windows Domain Servers
C. Integrated Windows Authentication
D. NET Passport Authentication
Answer: C

13. You work as a security administrator for Microsoft. The basic network and some configurations are as the following:
You are willing to configure the network in order to encrypt the traffic of Telnet, SNMP, and Kerberos by IPSec. However, you do not plan to encrypt other network protocols. How would you do that? Choose two that apply.
A. Used to store keys that are configured for private key archival.
B. create your own templates to meet the needs of your organization.
C. define the permissions for each certificate template to ensure that only authorized users, computers, or group members can obtain certificates based on a certificate template.
D. Add a new rule to the Server Traffic policy to encrypt Kerberos traffic.
E. Allows a security principal to find the certificate template in Active Directory when enrolling for certificates.
F. Configure the rules in the Server Traffic policy to use an authentication method other than Kerberos.
Answer: DF

14. Which of the following are valid reasons to enable LM authentication? (Choose all that apply.)
A. Users will access network resources using computers running Windows 95.
B. Users will access network resources using computers running Windows 98.
C. Users will access network resources using computers running Windows NT.
D. Users will access network resources using computers running Windows Me.
Answer: AB