Coho Vineyard is an importer and distributor of fine wines from around the world.
Physical Locations
The company’s main office is located in Los Angeles. The company has two branch offices in the following locations:
- Paris
- Sydney
Planned Changes
To reduce costs and streamline business processes, the company wants to implement a Windows Server 2003 Active Directory environment.
Business Processes
Coho Vineyard consists of the following departments:
- Accounting
- Distribution
- Human resources (HR)
- Information technology (IT)
- Marketing
- Purchasing
- Sales
A Windows NT Server 4.0 computer named Server1 in the Los Angeles office hosts a mission-critical application. This application is accessed by users from all departments and offices in the company. The application vendor currently does not support running other than Windows NT Server 4.0. this application on any operating system.
Directory Services
The company has three Windows NT 4.0 domains configured in a single master domain model as shown in the Existing Domain Model exhibit.
All user accounts are maintained in the cohovineyard domain. Client computer accounts are managedlocally in each regional domain.IT responsibilities for the company are shown in the following table.
The existing network infrastructure is shown in the Existing Network Infrastructure exhibit.
Currently, all offices connect to the Internet directly through Windows 2000 Server computers that perform network address translation (NAT). These servers also provide a PPTP tunnel between all offices.
The existing server hardware is shown in the following table.
Client Computers and Users
The current user population for each office and department is shown in the following table.
The current operating systems installed on the client computers are shown in the following table.
Problem Statements
The following business problems must be considered:
- Because of security limitations of Windows NT Server 4.0, all IT staff has been added to the Administrators group of the cohovineyard domain. IT staff should be allowed administrative rights only to their specific areas of responsibility.
- Lack of control over IT procedures and processes have made the current environment costly to maintain.
The current IT infrastructure at Coho Vineyard is negatively affecting business operations. IT operations need to be streamlined to accommodate the anticipated growth.
Chief Information Officer
The current IT environment needs to be reorganized. Corporate standards need to be implemented. Users currently install unauthorized and unlicensed software. These installations need to be implemented. Administrative roles have been clearly defined, but now need to be enforced.
The IT budget for the next year has already been allocated. No new server hardware is to be purchased for the existing offices. New server hardware has been budgeted for the new offices.
After the deployment of Active Directory is complete, e-mail services will be implemented by using Microsoft Exchange Server 2003. The Exchange Server 2003 infrastructure will be maintained by the internal IT staff.
Also we want to provide all users VPN access to the network.
Network Administrator
There is a need to provide standardized settings for all users and computers. The current IT
administration practices need to be reevaluated, and new practices that are more effective need to be enforced.
Office Worker
The current environment is difficult to use. Information is scattered on the network, making it difficult to find. There does not seem to be any clear definition as to who is responsible for responding to network and computer problems. Because of this confusion, most users manage their own computers.
Also, we want to be able to connect to the network when working remotely.
Business Drivers
The following business requirements must be considered:
- The current namespace used for the externally hosted e-mail infrastructure is cohovineyard.com. This namespace will be used when e-mail services are implemented internally.
- The new environment must provide fault tolerance in the event of a single domain controller failure.
- The ISP provides extremely reliable service for each location. No plans are being made to provide for redundant links. The current level of network outages caused by WAN link failures is considered to be acceptable.
- To improve network support, Windows Server 2003 will become the corporate standard for all server computers wherever possible. Client computers will be standardized over the next two years to run Windows XP Professional.
The following organizational requirements must be considered:
- Branch offices in Lisbon and Barcelona will be implemented in the next year. The Lisbon branch office is expected to have 65 users and client computers. The Barcelona branch office will have no more than 10 users and client computers.
- Because of the small size of the Barcelona branch office, it will have no IT staff and no servers. The Lisbon IT staff will manage users and computers for both the Lisbon and Barcelona branch offices.
- Two servers have been purchased for the Lisbon branch office. One will be designated as a domain controller. The other server will be a VPN server and will also provide NAT services.
The following security requirements must be considered:
- Regional network administrators must have only limited control over the Active Directory service. They will be responsible for managing user and computer accounts for their regions. They will also manage local servers.
- The network administrator in the Los Angeles office will manage all domain controllers, configure sites, and perform other high-level administrative tasks.
- Users will have limited access to their computers. They will be allowed to modify only certain desktop settings, and they will not be allowed to install unauthorized applications.
- Some users currently have blank passwords. Password security standards must be implemented.
- Security auditing must be implemented to track all unauthorized logon attempts to the domain. Auditing must not be enabled on any client computers.
The following Active Directory requirements must be considered:
- Centralized control over Active Directory must be maintained by the network administrator in the Los Angeles office. Limited access to Active Directory will be given to the help desk staff and the regional network administrators.
- Although bandwidth is not currently an issue, incremental increase in bandwidth usage is anticipated. To accommodate this projected growth, all designs should minimize WAN traffic.
- Departments within Coho Vineyard have their own unique needs, which include, but are not limited to, specialized departmental applications.
The following infrastructure requirements must be considered:
- Remote access security and restrictions for all offices must be implemented and managed centrally by the network administrator in the Los Angeles office. Only one set of remote access policies must exist for the company.
- A domain-naming strategy must be identified that reduces administrative complexity and is intuitive to the users.
- One domain controller in each of the current offices will have the DNS service installed. DNS name resolution traffic must be minimized over all WAN links.
Coho Vineyard (13 Questions)
QUESTION NO: 1
As part of your design, you are evaluating whether to upgrade all domains to Windows Server 2003.Based on current configurations, which server or servers prevent you from achieving this goal? (Chooseall that apply)
A. DC2
B. DC3
C. DC4
D. DC5
E. DC6
F. Server1
B. DC3
C. DC4
D. DC5
E. DC6
F. Server1
QUESTION NO: 2
You are designing the Windows Server 2003 Active Directory forest structure to meet the business and technical requirements. Which forest structure should you use?
A. One Active Directory forest with one domain.
B. One Active Directory forest with three domains.
C. One Active Directory forest with four domains.
D. Two Active Directory forests with one domain in each forest.
E. Three Active Directory forests with one domain in each forest.
QUESTION NO: 3
You are designing the top-level organizational unit (OU) structure to meet the business and technical requirements. Your design must accommodate the anticipated growth of the company.
Which top-level OU structure should you use?
A.Paris OU, Sydney OU, Los Angeles OU, Lisbon-Barcelona OU
B.IT Administration OU, All CohoVineyard Departments OU, All CohoVineyard Offices OU
C.Sales OU, Purchasing OU, Marketing OU, Accounting OU, Distribution OU, Human Resources OU
D.CohoVineyard Users OU, CohoVineyard Computers OU, CohoVineyard Servers OU, CohoVineyard Applications OU
QUESTION NO: 4
You are designing a plan for applying the security policy settings to meet the business and technical requirements. Where should you implement the auditing password policy settings?
To answer, drag the appropriate policy setting or settings to the correct location or locations in the work area.
QUESTION NO: 5
As part of your design, you are evaluating whether a second-level organizational unit (OU) structure is required.Which factor necessitates the need for a second-level OU structure?
A. Audit policy settings
B. Software deployment needs
C. Client operating systems in use
D. Delegation of administrative authority
QUESTION NO: 6
You are designing a DNS name resolution strategy to meet the business and technical requirements. Which action or actions should you perform? (Choose all that apply)
A.Create an Active Directory-integrated zone named cohovineyard.com on a domain controller in Los Angeles.
B. Create an Active Directory-integrated zone named paris.cohovineyard.com on a domain controller in Paris.
C. Create an Active Directory-integrated zone named sydney.cohovineyard.com on a domain controller in Sydney.
D. On a domain controller in Los Angeles, delegate paris.cohovineyard.com to a domain controller in Paris.
E. On a domain controller in Los Angeles, delegate sydney.cohovineyard.com to a domain controller in Sydney.
B. Software deployment needs
C. Client operating systems in use
D. Delegation of administrative authority
QUESTION NO: 6
You are designing a DNS name resolution strategy to meet the business and technical requirements. Which action or actions should you perform? (Choose all that apply)
A.Create an Active Directory-integrated zone named cohovineyard.com on a domain controller in Los Angeles.
B. Create an Active Directory-integrated zone named paris.cohovineyard.com on a domain controller in Paris.
C. Create an Active Directory-integrated zone named sydney.cohovineyard.com on a domain controller in Sydney.
D. On a domain controller in Los Angeles, delegate paris.cohovineyard.com to a domain controller in Paris.
E. On a domain controller in Los Angeles, delegate sydney.cohovineyard.com to a domain controller in Sydney.
QUESTION NO: 7
You are designing a plan for maintaining the WINS infrastructure on the new Windows Server 2003 Active Directory environment.Which factor or factors necessitate the need to maintain the WINS infrastructure? (Choose all that apply)
A. Client operating systems in use.
B. Server operating systems in use.
C. VPN client access by using PPTP.
D. Installation of Active Directory client software.
QUESTION NO: 8
You are designing a DNS implementation strategy for the Paris office.Which two actions should you perform? (Each correct answer presents part of the solution. Choose two)
A. Create an Active Directory-integrated zone named cohovineyard.com.
B. Create an Active Directory-integrated zone named paris.cohovineyard.com.
C. Create a standard primary zone named paris.cohovineyard.com.
D. Configure all computers in Paris to use DC3 as their DNS server.
E. Configure all computers in Paris to use DC6 as their DNS server.
QUESTION NO: 9
You are designing a strategy for implementing Internet Authentication Service (IAS) to meet the business and technical requirements.What should you do?
A. Install IAS on VPN1, VPN2, and VPN3.
B. Install IAS, on VPN1.Configure VPN2 and VPN3 as RADIUS clients.
C. Install IAS on VPN1. Configure VPN1, VPN2, and VPN3 as RADIUS clients.
D. Install IAS on DC1. Configure VPN2 and VPN3 as RADIUS clients.Create all remote access policies on VPN1.
E. Install IAS on DC2. Configure VPN2 and VPN3 as RADIUS clients. Configure remote access logging on VPN1.
QUESTION NO: 10
You are designing a DNS infrastructure to meet the Internet name resolution requirements.
What should you do?
A. Create a standard primary zone named “.” on all DNS servers.
B. Create an Active Directory-integrated zone named “.” on a DNS server on Los Angeles.
C. Configure all DNS servers to use forwarders. Specify the IP address of the DNS server at the local ISP.
D. Enable default root hints on all DNS servers.
E. Disable recursion on all DNS servers.
QUESTION NO: 11
You are designing the placement of the PDC emulator role to meet the business and technical
requirements. In which location should you place the PDC emulator role? (Choose all that apply)
A. Los Angeles
B. Paris
C. Sydney
D. Lisbon
E. Barcelona
QUESTION NO: 12
You are designing the IP addressing scheme for the new Barcelona office. Which network address or addresses are valid for your design? (Choose all that apply)
A. 10.10.10.0/28
B. 10.10.255.0/24
C. 131.15.0.0/24
D. 151.10.10.0/24
E. 192.168.11.0/25
QUESTION NO: 13
You are designing the migration strategy to meet the business and technical requirements. You need to identify the actions that you should perform to achieve this goal. What should you do?
Move the appropriate actions from the list of actions to the answer area, and arrange them in the
appropriate order.
B. Paris
C. Sydney
D. Lisbon
E. Barcelona
QUESTION NO: 12
You are designing the IP addressing scheme for the new Barcelona office. Which network address or addresses are valid for your design? (Choose all that apply)
A. 10.10.10.0/28
B. 10.10.255.0/24
C. 131.15.0.0/24
D. 151.10.10.0/24
E. 192.168.11.0/25
QUESTION NO: 13
You are designing the migration strategy to meet the business and technical requirements. You need to identify the actions that you should perform to achieve this goal. What should you do?
Move the appropriate actions from the list of actions to the answer area, and arrange them in the
appropriate order.
发电邮给我
在线交流msn: xz.li@live.cn
访问量统计:
没有评论:
发表评论