This objective examines how to configure and manage a Windows XP Professionaldesktop, including configuring local and remote user profiles and multiple languages.Additionally, this objec
Trang 1to be able to enforce specific policies for the appearance and functionality of desktopelements because of security or supportability requirements
This objective examines how to configure and manage a Windows XP Professionaldesktop, including configuring local and remote user profiles and multiple languages.Additionally, this objective requires you to understand how to distribute, install, andremove Windows Installer packages
Tested Skills and Suggested Practices
The skills that you need to successfully master the Installing Windows XP Professional
Objective Domain on the Installing, Configuring, and Administering Microsoft
Win-dows XP Professional exam include the following:
Important For the following task, you should complete at least Practices 1 through 8 If you want hands-on experience with every aspect of the exam and you have the extra lab resources needed, complete Practices 9 and 10 as well.
■ Configure and manage user profiles and desktop settings
❑ Practice 1: Right-click the taskbar to open the Taskbar And Start Menu erties dialog box Customize the behavior and appearance of the taskbar andStart menu using the various options available on the Taskbar and Start Menutabs
Prop-❑ Practice 2: Right-click the Start menu and select Explore Right-click the Startmenu and select Explore All Users Compare the locations displayed in eachExplorer window, and examine the subfolders and files contained withineach location
Trang 2❑ Practice 3: Using the Display program from the Appearance And Themesgroup in Control Panel, select a different Theme for the desktop on theTheme tab.
❑ Practice 4: Select the Appearance tab in the Display Program located in theAppearance And Themes group in Control Panel and switch to WindowsClassic from the drop-down list below Windows and buttons Select differentoptions from the drop-down list below Color Scheme Click the Effects buttonand see how different choices affect the behavior of the user interface ele-ments Click the Advanced button and experiment with specifying customcolors for specific user interface elements
❑ Practice 5: Create a blank Microsoft Management Console (MMC) and add theGroup Policy snap-in and view the Local Computer Policy Examine the con-figuration choices available under the Administrative Templates folder of theUser Configuration node Experiment with some of the settings availableunder these folders: Start Menu And Taskbar, Desktop, and ControlPanel\Display
❑ Practice 6: Launch Control Panel, click Performance And Maintenance, andthen click System Click the Advanced tab, and then click the Settings button
in the User Profiles section of the dialog box The User Profiles dialog boxappears; use it to copy and delete a user profile
❑ Practice 7: Create a new local user account and log on to the computer using
that account Type set at a command prompt to see a list of the configured
environment variables Make note of the value for the USERPROFILE variable.Log off the computer and log back on with an account that has local admin-istrator privileges Open the User Profiles dialog box, as discussed in Practice
1, and delete the user profile for this new local user Log off the computer and
back on with the new local user Type set at the command prompt to see
how the USERPROFILE variable has changed Repeat these steps at least twomore times with this user account
❑ Practice 8: Launch Control Panel, click Performance And Maintenance, selectSystem, click the Advanced tab, and then click the Environment Variablesbutton to open the Environment Variables dialog box Note which variablesappear under the User Variables section and which appear under the Sys-tems Variables section Determine what happens when you create a newvariable under each section and log on using different user accounts Iden-tify which environment variables are present regardless of which useraccount is logged on
❑ Practice 9: Configure a roaming user profile on a workgroup computer, andthen configure a fully functional roaming user profile using an Active Direc-tory domain controller Copy a local user profile to a network location and
Trang 325 - 3configure a domain account to use that roaming user profile; then log on tothe network using that account.
❑ Practice 10: Using two Active Directory domain accounts, configure each type
of mandatory user profile (Ntuser.man and profile_folder.man) Log on to a
computer running Windows XP Professional with each of these accounts, andthen disconnect the computer from the network Attempt to log on again witheach account and identify which mandatory user profile allows you to log onwith the cached copy of the profile
■ Configure support for multiple languages or multiple locations
❑ Practice 1: Create a table showing which of the three versions of Windows XPProfessional support the following features: ability to read and edit docu-ments in multiple languages, language and regional support for 24 localizedlanguage versions, localized language user interface, ability to transact busi-ness primarily in English but to have access to additional languages, ability totransact business primarily in one or more languages besides English, and sin-gle worldwide rollouts for hot fixes and service packs
❑ Practice 2: Install an additional Language Group on a computer running theInternational English version of Windows XP Professional Visit two or moreWeb sites written in languages supported by the newly installed LanguageGroup and copy the text into a text editor Print a page from each Web site toverify that printing in the newly installed languages is possible Enable theLanguage Bar and use it to quickly shift the keyboard from one language toanother
❑ Practice 3: Install the Windows XP Professional Multilingual User InterfacePack (MUI Pack), and use the Regional and Language Options application inControl Panel to select a non-English language Open and use several of theapplications included with Windows XP Professional (such as WordPad, Sol-itaire, and Calculator) to verify that the menus, dialog boxes, and other userinterface elements appear in the language you selected
❑ Practice 4: Select a different region, such as English (United Kingdom) or ian (Italy), on the Regional Options tab of the Regional and LanguageOptions dialog box Open the Date and Time Properties program in ControlPanel to see how the appearance of the calendar and clock changes whenyou specify a new region
Ital-Important For the following task, you should complete at least Practices 1 and 2 If you want hands-on experience with every aspect of the exam and you have the extra lab
resources needed to do Practice 3, complete Practice 3 as well.
Tested Skills and Suggested Practices
Trang 4■ Manage applications by using Windows Installer packages.
❑ Practice 1: Perform a Windows Installer–based routine (that is, from an msifile) by downloading the Windows Server 2003 Administration Tools Packfrom Microsoft.com and extracting the Adminpack.msi file from the execut-able file Then, use the Add Or Remove Programs program in Control Panel
to remove the newly installed tools
❑ Practice 2: Repeat Practice 1, but perform all tasks from the command line byusing the Msiexec.exe tool
❑ Practice 3: On an Active Directory domain controller, use the Group Policysnap-in to assign and publish software applications to users Be sure youunderstand which choice forces installation and which makes the installationoptionally available Use Group Policy to assign software to a client com-puter, and then reboot that computer and log on to it to verify that the soft-ware was installed automatically
Further Reading
This section lists supplemental readings by objective We recommend that you studythese sources thoroughly before taking exam 70-270
Objective 5.1 Open Help And Support from the Start menu; with the Help Index and
the Help Search, look for the term User Profile Scroll down to and view the
arti-cles about configuring user profiles such as “Assign a logon script to a profile,”
“Assign a mandatory user profile,” “Creating a roaming or mandatory profile,” and
“Understanding User Profiles.” Be sure to select additional articles from theRelated Topics link available at the bottom of each of the articles you review
Microsoft Corporation Microsoft Windows XP Professional Resource Kit
Documen-tation Redmond, WA: Microsoft Press, 2001 Read Chapter 5, “Managing
Desk-tops.” This chapter examines options for configuring Windows XP desktops inworkgroup and Active Directory domain environments; information relating to
user profiles appears throughout the chapter (available online at http://
www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/prda_ dcm_vdxa.asp).
Microsoft Corporation “User Data and Settings Management.” 2002 This white paper
is available at http://www.microsoft.com/technet/prodtechnol/windowsserver2003/
technologies/management/user01.mspx (If the white paper has moved, search for
the title at http://www.microsoft.com.) Review this paper for a detailed look at
managing user data and settings in Active Directory using IntelliMirror and GroupPolicy
Trang 525 - 5
Objective 5.2 Microsoft Corporation Microsoft Windows XP Professional Resource
Kit Documentation Redmond, WA: Microsoft Press, 2001 Read Chapter 3,
“Multi-lingual Solutions for Global Business.” This chapter examines the levels of supportfor multiple languages and locations available in the different versions of Win-
dows XP Professional (available online at http://www.microsoft.com/resources/
documentation/Windows/XP/all/reskit/en-us/prff_mul_wtws.asp).
Objective 5.3 Microsoft Corporation Microsoft Windows XP Professional Resource
Kit Documentation Redmond, WA: Microsoft Press, 2001 Read Chapter 5,
“Man-aging Desktops.” This chapter introduces desktop-management features in dows XP Professional when running in workgroups or as part of Active Directorydomains using IntelliMirror, Group Policy, and the Windows Installer Service
Win-(available online at http://www.microsoft.com/resources/documentation/Windows/
XP/all/reskit/en-us/prda_dcm_vdxa.asp).
Microsoft Corporation “Group Policy Software Installation Overview.” This is part
of the Windows Server 2003 Help and Support Center documentation, and is
avail-able at http://www.microsoft.com/resources/documentation/windowsserv/2003/
standard/proddocs/en-us/ADE.asp This topic describes how to use Active
Direc-tory GPOs to distribute software to computers and users that are members of adomain
Further Reading
Trang 6Objective 5.1
Configure and Manage User
Profiles and Desktop Settings
Home users change desktop settings as a matter of convenience, and might never thinkabout user profiles To a business, however, desktop settings and user profiles are keytools for protecting the security of client systems Businesses restrict desktop settings toenforce consistency between computers and reduce the occurrence of problems On anetwork, a business might use roaming profiles to enable a user to use a different com-puter but keep the same documents and settings available
In some environments, businesses use mandatory profiles to prevent users from ing permanent changes to their profiles Mandatory profiles are important in environ-ments in which users change frequently, such as classroom environments andbusinesses that make use of temporary staff To succeed at this objective, you mustunderstand how to configure desktop settings on a local computer, create a roamingprofile by moving a user’s profile to a shared network folder, and configure mandatoryprofiles Additionally, you should have a solid understanding of how domain adminis-trators can use Active Directory Group Policy settings to control the desktop environ-ment of domain member computers
Trang 7mak-25 - 7
Objective 5.1 Questions
1. You are the administrator of a LAN consisting of Windows XP Professional computersand Windows 2003 Servers running Active Directory All the systems belong to thesame Active Directory domain Some users periodically access more than one com-puter You want to be sure that users retain their desktop settings, no matter whichcomputer they use to log on to the network, and you want them to access their docu-ments from a network file server What do you do? Choose two correct answers
A Have a domain administrator configure Group Policy settings to redirect personal
folders to the file server
B Configure the ClipBook service to redirect the personal folders to a network
server
C Configure each of the user accounts for roaming user profiles.
D Use the Accessibility Options program in Control Panel to specify the network
location for user profiles
E Use Windows Explorer to specify the network location for user profiles.
2. Your manager has asked you to find ways to lower support costs for maintaining top computers at your company You want to restrict which configuration changesusers can make to their computers You also want to prevent users from modifying cer-tain services local to their computers You believe it will be easier to manage theserestrictions if you can hide the administrative tools from the users so that they nevereven see them or their icons Which of the following do you do? Choose the correctanswer
desk-A Use the Add Or Remove Programs application in Control Panel to uninstall the
programs you want to prevent users from accessing
B Manually set permissions on the appropriate cpl and msc files from the file
sys-tems so that only administrators and the special local account called System haveaccess to them on each computer you want to lock down
C Have a domain administrator configure a Group Policy Object (GPO) that hides
the desired Control Panel programs and MMC snap-ins Link the GPO to the nizational units (OUs) containing the user accounts you need to restrict Set per-missions on the GPO so that it applies only to the users you want to lock down
orga-D Delete the appropriate cpl and msc files from the file systems of each computer
you want to lock down
3. You own a computer with a 300 MHz Pentium II microprocessor, 128 MB of RAM, and
a 4 MB video adapter running Windows 2000 Professional All the hardware
compo-Objective 5.1 Configure and Manage User Profiles and Desktop Settings
Trang 8nents appear in Windows Catalog You upgrade the computer to Windows XP sional without any problems, but you notice that performance feels significantly slowerthan it used to Short of upgrading the computer hardware, what can you do toimprove the responsiveness of Windows XP Professional on your computer? Choosethree correct answers.
Profes-A Launch the Windows XP Professional installation routine again, but this time
refor-mat the hard disk drive during the setup process and perform a clean installation
of the operating system
B Reduce the size of the paging file to 2 MB.
C Lower the screen resolution and reduce the color depth using the Display program
in Control Panel
D Remove the paging file completely.
E Run the Disk Defragmenter tool to reduce fragmentation on all the installed hard
disks
F Use the Performance Options dialog box to set the display options to Adjust For
Best Performance
G Use Task Manager to set the priority for the Explorer.exe process to Real Time.
4. John and Mary share the same computer running Windows XP Professional You log
on to their computer with an account that has administrative access and install a suite
of internally developed applications used to access data on some of your firm’s frame computers You confirm that the applications were correctly installed by openingand testing each from their shortcuts on the Start menu Later, they both report thatthey cannot find the icons for any of the programs Which of the following is the quick-est way to ensure that both John and Mary can easily access the suite of applicationsyou just installed? Choose the correct answer
main-A Copy the program group for the suite of applications from your user profile to the
Default User profile
B Copy the program group for the suite of applications from your user profile to
John and Mary’s user profiles
C Have John log on to the computer and install the suite of applications, and then
have him log off Have Mary perform the same installation while logged on withher user account
D Copy the program group for the suite of applications from your user profile to the
All Users profile
5. You have been told to increase security for your organization’s network by designing
a more tightly controlled approach to managing user desktop settings and data Thegoals for your project are to do the following:
Trang 9organi-■ Allow users to manage their own desktop settings.
You propose to do the following:
■ Configure each user’s account to employ a roaming user profile using the ActiveDirectory Users And Computers snap-in
■ Make user profiles mandatory by appending man to the root folder of each of theuser profiles on the network
■ Use Group Policy to redirect the My Documents to a distributed file system (DFS)share located on several file servers that are secured and backed up according toyour organization’s policies
■ Implement Offline Folders so that users can work with their documents evenwhen not connected to the network
Which of the following goals does your proposed solution accomplish? Choose threecorrect answers
A Store user desktop settings in roaming profiles that will be available to users
regardless of which computer they log on to
B Prevent users from logging on with cached profiles when the network is
unavailable
C Minimize the amount of time required for mobile users to log on to their
comput-ers when away from the office
D Ensure that all confidential user data is protected, even if a mobile user’s laptop
computer is stolen
E Ensure that all critical user data is backed up regularly according to your
organi-zation’s backup policy
F Allow users to manage their own desktop settings.
Objective 5.1 Configure and Manage User Profiles and Desktop Settings
Trang 10Objective 5.1 Answers
1. Correct Answers: A and C
A Correct: Normally, a roaming user profile includes My Documents, My Pictures,
and other personal folders When you use Group Policy to redirect these folders,users work on the data contained in them as if the folders were still on their work-stations Another benefit of this approach is that when a user logs off the network,these folders are not synchronized with the roaming user profile Because userdata can become quite large, this approach might save users considerable timewhen logging on and off of their computers You can further enhance this solution
by configuring Offline Files for these folders, allowing mobile users to ently synchronize the network-based folders with a locally cached copy of thefiles When users are working from their computer while disconnected from thenetwork, they can continue to work with the locally cached copies of their files.Changes are automatically resynchronized with the network copies the next timethey connect their system to the network
transpar-B Incorrect: The ClipBook service is for sharing documents copied to the
Clip-board with other users via the network The ClipBook service does not play a role
in managing user profiles or folder redirection
C Correct: When a user’s account is set up to use a roaming user profile, that user’s
profile is stored on the network When the user logs on to a computer, the userprofile is cached to the local system Any changes to the profile are written to thecached copy When the user logs off the network, the changes in the cached copyare written back to the network copy When a user logs on to a computer that hasbeen disconnected from the network, the locally cached copy of the user profile
is loaded transparently unless mandatory roaming profiles have been employed
D Incorrect: The Accessibility Options program is for configuring keyboard,
mouse, sound, and display settings to help people with mobility, vision, or ing disabilities The Accessibility Options program does not play a role in manag-ing user profiles or folder redirection
hear-E Incorrect: Windows Explorer is not used to manage user profiles or folder
redi-rection
2. Correct Answers: C
A Incorrect: Although the Add Or Remove Programs application can be used to
remove some Windows components (such as the Indexing Service), it cannot beused to uninstall or reconfigure Control Panel programs or MMC snap-ins
B Incorrect: Although this approach might accomplish the desired results, it is
time-consuming, and doing it manually on many computers might result in errors
Trang 1125 - 11
on some systems Using GPOs as described in answer C is a much more efficientand reliable approach
C Correct: GPOs are an extremely effective way to lock down the desktops of
users They are very flexible, allowing you to implement whatever degree of trol that is appropriate for your particular environment
con-D Incorrect: This is a bad solution because the Windows File Protection feature in
Windows XP Professional might automatically restore some or all the files that youmanually remove Any files that are not automatically restored are unavailable toall users who log on to those computers, including the system administrators whomight need access to those files to do their jobs
3. Correct Answers: C, E, and F
A Incorrect: This is a drastic approach that requires reinstalling all your
applica-tions and restoring your data from backup Also, it is unlikely that you wouldnotice a significant improvement in performance
B Incorrect: This step would probably result in even slower performance of
Win-dows XP Professional
C Correct: Depending on the video card and how low you adjust these settings, the
increase in performance might be subtle or dramatic Dropping the resolutionfrom 1280 × 1024 to 640 × 480 reduces the number of pixels by more than 75 per-cent Cutting the color depth from 32 bits per pixel to 8 bits per pixel lowers thenumber of colors per pixel by 75 percent Either of these steps reduces the work-load on the video adapter by three-quarters, but it also decreases the quality of thedisplay for the operating system and all applications
D Incorrect: This procedure would probably result in even slower performance.
E Correct: Depending on the level of file fragmentation, the increase in
perfor-mance might be imperceptible, moderate, or quite significant It is a good idea toregularly defragment each hard disk on all your Windows XP systems DiskDefragmenter can be launched from the Start menu by selecting All Programs,then Accessories, and then System Tools You can also schedule the Defrag.execommand-line tool to run automatically by using Scheduled Tasks
F Correct: Slower systems such as the one described in this scenario often
demon-strate much quicker responsiveness when the simpler graphical elements areselected for the user interface The Performance Options dialog box is on theAdvanced tab of the System program in Control Panel You can enable or disableall the enhanced graphical user interface options together or specify settings forindividual elements
G Incorrect: When tuning performance on busy systems running Windows XP
Pro-fessional, it is possible to improve overall system efficiency considerably by
spec-Objective 5.1 Configure and Manage User Profiles and Desktop Settings
Trang 12ifying appropriate priority levels for individual processes Be sure to have athorough understanding of how the processes for the operating system, services,and applications interact and what effect each change will have before attemptingthis type of system tuning on production systems It is extremely unusual to setany process to Real Time priority because that configuration might cause the pro-cess to consume 100 percent of the CPU’s processing time, making it difficult oreven impossible to do anything else on the computer.
4. Correct Answers: D
A Incorrect: Although copying the program group to the Default User profile
ensures that any newly created profiles on the computer get a copy, existing userprofiles do not
B Incorrect: These procedures ensure that both John and Mary have access to the
new program group, but there is a quicker way to accomplish this
C Incorrect: It is possible that neither John nor Mary will be able to complete the
installation if they do not have administrative privileges on the computer Even ifthese procedures do work, it is an unnecessarily time-consuming solution
D Correct: This is the quickest way to resolve the problem Program groups present
in the All Users profiles are accessible to everyone who logs on to the computer.This type of issue is common with older applications and with internally devel-oped programs that have not met all the requirements for the Certified for Win-dows logo program Certified programs are required to recognize user profiles and
to give the installer the option of making the program group accessible to all users
or only the user logged on during the installation
5. Correct Answers: A, B, and E
A Correct: By implementing roaming user profiles, your solution ensures that each
user’s profile will be available from any computer on the network
B Correct: By using the method of appending man to the end of all users’
Roam-ing User Profile folder, they cannot log on to computers usRoam-ing locally cached ies of their roaming profiles
cop-C Incorrect: Appending man to the end of each user’s Roaming User Profile folder
forces Windows XP Professional to download the entire user profile every time auser logs on Although you are redirecting the My Documents to a location sepa-rate from each user’s profile, the profiles can still grow large, leading to long logontimes for remote users It is important to note that this goal conflicts with the sec-ond goal—sometimes it is not possible to achieve all desired goals
D Incorrect: Nothing in your proposed solution addresses this goal Implementing
Encrypting File System (EFS) in combination with the Offline Files feature wouldallow you to better protect the data of the mobile users
Trang 1325 - 13
E Correct: By redirecting the My Documents folder to a DFS share that is located
on file servers that are backed up regularly, you have ensured that critical userdata is backed up periodically
F Incorrect: If you implement mandatory profiles, users can no longer manage
their desktop settings Any changes users make to their desktops will be discardedwhen they log off
Objective 5.1 Configure and Manage User Profiles and Desktop Settings
Trang 14■ International English Version This version includes the Multilingual Editing
and Viewing feature, which allows the user to view, edit, and print information inmore than 60 languages This version is appropriate for occasional electronic com-munications in non-English languages
■ Localized Language Versions This is a localized version that provides the same
type of support as the English version, but all built-in menus, dialog boxes, Helpfiles, wizards, and file systems appear in a non-English language Implement thisversion when support for a few non-English languages is needed throughout theentire organization
■ Multilingual User Interface Pack (MUI Pack) Provides the same features as the
other versions, but enables you to switch from one language to another on the fly.The MUI Pack is the best choice when support for numerous languages is neededacross the organization
The most important element of mastering this objective is to understand how to figure and deploy the MUI Pack
Trang 15A Create a standard base desktop using the Windows XP Professional Multilingual
User Interface (MUI) Pack Be sure to install all the Input Languages used out your organization so that users can easily exchange documents in any lan-guage with one another
through-B Create a standard base desktop using the English version of Windows XP
Profes-sional Be sure to install all the Input Languages used throughout your tion so that users can easily exchange documents in any language with oneanother Recommend to your manager that all users be signed up for extensiveEnglish language courses as soon as possible
organiza-C Create a standard base desktop using the English version of Windows XP
Profes-sional Recommend to your manager that all users be signed up for extensiveEnglish language courses as soon as possible Require users to create all their doc-uments in English
D Create standard base desktops using the English version and the appropriate
Translated versions of Windows XP Professional Be sure to install all the InputLanguages used throughout your organization so that users can easily exchangedocuments in any language with one another
2. Your company has offices spread across the United States and Canada Although allemployees speak and write English fluently, your company occasionally does businesswith organizations in the Canadian province of Quebec Some of these organizations
do the majority of their business in French What must you do at the Windows XP fessional computers of employees who will be working with these organizations?Choose the correct answer
Pro-A Open WordPad and select the French (Canada) input locale.
B Install the French Translated version of Windows XP Professional.
C Install the French version of WordPad by downloading it from the Windows
Update Web site
D Use the Regional And Languages Options program by launching Control Panel
and then choosing Date, Time, Language, And Regional Options to enable supportfor French (Canada) as an input language If prompted, provide the location of theWindows XP Professional installation media and restart the computer
Objective 5.2 Configure Support for Multiple Languages or Multiple Locations
Trang 163. You are a consultant who was asked by a worldwide commercial property ment firm to plan an upgrade program to deploy the MUI Pack throughout its organi-zation The firm has many offices around the globe, most of which have not beentightly managed by their information technology group A thorough audit of the hard-ware and software reveals that the firm is running a variety of previous Windows ver-sions on a multitude of hardware platforms You determine that many systems willhave to be replaced because that will be less expensive than trying to upgrade thehardware to the point where it could reliably run Windows XP Professional Which ofthe following versions of Windows can be upgraded directly to the MUI Pack? Choosefour correct answers.
Trang 1725 - 17
Objective 5.2 Answers
1. Correct Answers: A
A Correct: This is the easiest approach to this challenge because the information
technology group within your organization has a single standard desktop to tain and support
main-B Incorrect: Although this approach might be easier on your organization’s
infor-mation technology group, it does not fulfill the needs of your users Forcing theusers to learn a second language is expensive and time-consuming, and mightcause resentment in some
C Incorrect: This solution is inappropriate for the same reasons noted in answer B.
D Incorrect: Although this solution meets the multilingual requirements of the
users, it will result in at least six versions of Windows XP Professional beingdeployed in your organization That will cause an unnecessary challenge for yourorganization’s information technology group
2. Correct Answers: D
A Incorrect: Although you can view and edit documents in WordPad using any
installed Input Language, you cannot switch languages from within that program
B Incorrect: This is an inefficient and expensive solution for supporting the
view-ing, editview-ing, and printing of documents in multiple languages
C Incorrect: There is no French version of WordPad available for download from
the Windows Update Web site
D Correct: All versions of Windows XP Professional support viewing, editing, and
printing documents in multiple languages as long as the proper language group isinstalled The Western Europe and United States Language Group is installed bydefault in the English version of Windows XP Professional It includes support forseveral languages such as French and English Other language groups must beinstalled to support additional input languages, such as Greek You must restartthe computer after installing additional language groups
3. Correct Answers: B, C, F, and G
A Incorrect: Because it is not possible to upgrade Windows 2000 Server to
Win-dows XP Professional, it is also not possible to upgrade this version of the ing system to Windows XP Professional MUI Pack
operat-B Correct: Upgrade from Windows Me to Windows XP Professional, and then
apply the MUI Pack files You can simplify the process by creating an unattendedanswer file–based upgrade installation of Windows XP Professional Then add
Objective 5.2 Configure Support for Multiple Languages or Multiple Locations
Trang 18MUISETUP to the [GUIRunOnce] section of the answer file Details of the
proce-dure are available on the Windows XP MUI Pack installation media
C Correct: Like Windows Me, upgrade Windows NT Workstation 4.0 to Windows
XP Professional English Version and then apply the MUI Pack files
D Incorrect: It is not possible to upgrade Windows NT Server 4.0 to Windows XP
Professional; therefore, it is not possible to upgrade this version of the operatingsystem to Windows XP Professional MUI Pack
E Incorrect: It is not possible to upgrade Windows NT Workstation 3.51 to
Win-dows XP Professional; therefore, it is not possible to upgrade this version of theoperating system to Windows XP Professional MUI Pack
F Correct: Like Windows Me, upgrade Windows 2000 Professional to Windows XP
Professional English version and then apply the MUI Pack files
G Correct: Like Windows Me, upgrade Windows 98 to Windows XP Professional
English version, and then apply the MUI Pack files
Trang 19exam-to simplify the deployment of the application In particular, Windows Installer ages make it extremely easy to distribute an application by using Active Directory soft-ware distribution Although you do not need to know exactly how to configuresoftware distribution by using Active Directory Group Policy objects, you must under-stand it conceptually and be able to troubleshoot the problems that can arise
pack-To succeed at this objective, you must understand the purpose of Windows Installerpackages You should have hands-on experience installing, configuring, and removingWindows Installer packages using both graphical tools and the Msiexec.exe command-line tool If you have an Active Directory domain controller at your disposal, havinghands-on experience distributing Windows Installer packages using Active Directorysoftware distribution will give you a deeper understanding of the capabilities
Objective 5.3 Manage Applications by Using Windows Installer Packages
Trang 20Objective 5.3 Questions
1. You are a desktop administrator for a sports equipment manufacturing company terday, the engineers responsible for software distribution deployed Office 2003 to allcomputers in your domain All users have local user profiles The following day youdiscover that Office has not been deployed to most of the Windows XP Professionalcomputers that you manage Which Group Policy setting do the domain administratorsneed to modify to ensure that the application is distributed the next time users log in?Choose the correct answer
Yes-A Enable the Always Wait For The Network At Computer Startup And Logon policy.
B Enable the Maximum Wait Time For Group Policy Scripts setting and set it to zero
seconds
C Enable the Wait For Remote User Profile setting.
D Enable Turn Off Background Refresh Of Group Policy.
2. You identify the source of a persistent problem with one of your user’s computers: anapplication, installed by using a Windows Installer package, that is consuming a largeamount of disk space You are not sure where the user found the Windows Installerpackage to perform the original installation, however What is the easiest way to unin-stall the application? Choose the correct answer
A msiexec /uninstall ProductCode
B Right-click the original msi file and select Remove.
C Double-click the original msi file When prompted, click Remove
D Open Add Or Remove Programs Click the application, and then click Remove.
3. You are a part-time desktop administrator for a small organization that consists of fiveusers who work from home in different parts of the world Each user has a Windows
XP Professional computer that is not connected to an Active Directory domain In fact,the organization has no servers You have been working closely with one of your soft-ware vendors to resolve a bug in an application that the users depend on After severalweeks of support calls, the vendor posted a msi file to its Web site for you to install on
each of your computers The location of the msi file is http://www.contoso.com/
patch.msi Users will need to install the update themselves
Each user has a local administrator account to use for the installation You want to sendthem a command that they can run to automatically install the patch Which commandwould work? Choose the correct answer
Trang 2125 - 21
A msiexec /x “http://www.contoso.com/patch.msi”
B msiexec /update “http://www.contoso.com/patch.msi”
C msiexec /i “http://www.contoso.com/patch.msi”
D msiexec /url “http://www.contoso.com/patch.msi”
4. Which version of Windows Installer is included with Service Pack 2 for Windows XP?Choose the correct answer
Trang 22Objective 5.3 Answers
1. Correct Answers: A
A Correct: By default, Windows XP does not wait for the network to be fully
ini-tialized at startup and logon Existing users are logged on using cached tials, which results in shorter logon times Windows XP applies Group Policy inthe background after the network becomes available As a result, software instal-lations usually take two or three logons Enabling this setting causes Windows XP
creden-to wait for the network before logon so that Group Policy can be immediatelyapplied
B Incorrect: Setting this policy to zero forces clients to wait indefinitely while
Group Policy scripts run It will not ensure that the application is installed at thenext login, however
C Incorrect: This setting directs the system to wait for the remote copy of the
roaming user profile to load, no matter how long it takes Waiting for the remoteprofile is appropriate when users move between computers frequently, and thelocal copy of their profile is not always current However, the users in this scenariohave local user profiles, so enabling this setting will have no effect
D Incorrect: This setting prevents Group Policy from being updated while the
computer is in use If you enable this setting, the system waits until the user logsoff the system before updating Group Policy settings instead of refreshing set-tings on a regular basis This setting would have no effect on how software is dis-tributed
2. Correct Answers: D
A Incorrect: You can use the Msiexec tool to uninstall applications However, it is
easier to use Add Or Remove Programs
B Incorrect: While you can uninstall a Windows Installer package by right-clicking
the original msi file and clicking Uninstall, the menu item is not named Remove.Additionally, this is typically not as easy as opening Add Or Remove Programs anduninstalling the package
C Incorrect: This will work However, because you do not know where the
origi-nal msi file is located, it would be more time-consuming than using Add OrRemove Programs
D Correct: Windows Installer applications always add themselves to the Add Or
Remove Programs list Therefore, you should use Add Or Remove Programs touninstall them
Trang 2325 - 23
3. Correct Answers: C
A Incorrect: The /x parameter actually uninstalls a package, rather than
install-ing it
B Incorrect: The /update parameter requires a Windows Installer update file,
which would have a MSP file extension The developer has provided you with a.msi file, which should be installed with the /i parameter
C Correct: Use the /i parameter to install Windows Installer packages You can
specify a URL for the location of the file
D Incorrect: Msiexec does not support the /url parameter.
Trang 25and Troubleshooting
Network Protocols and Services
Microsoft Windows XP makes it easy to stay connected while minimizing your sure to attacks Naturally, you can connect to traditional wired networks You can alsoconnect to wireless networks at your home or office, or at wireless hotspots If you areaway from the office, you can connect to any Internet connection and use Windows XP
expo-to create a virtual private network (VPN) connection expo-to access resources on your nal network If an Internet connection is not available, but you can access a telephoneline, you can use dial-up networking to connect to your office network
inter-It is risky to connect to any network, especially the Internet Windows XP helps protectyou from network attacks by using Internet Connection Firewall (ICF) and, when Ser-vice Pack 2 is installed, Windows Firewall Both ICF and Windows Firewall are capable
of providing similar levels of protection by blocking all incoming connections that havenot specifically been allowed Windows Firewall is enabled by default, however, and iseasier to configure In Active Directory environments, domain administrators can con-figure Windows Firewall by using Group Policy settings
For troubleshooting problems with remote computers and helping users across a work, Windows XP provides Remote Desktop and Remote Assistance, both of whichdisplay a remote computer’s desktop on your own computer Additionally, Windows
net-XP can act as either a Web server or a Web client, thanks to Internet Information vices (IIS) and Microsoft Internet Explorer
Ser-To complete this objective, you must understand how to install, configure, and shoot all these technologies
trouble-Tested Skills and Suggested Practices
The skills you need to successfully master the Implementing, Managing, and
Trouble-shooting Network Protocols and Services objective domain on the Installing, Configuring,
and Administering Microsoft Windows XP Professional exam include the following:
■ Configure and troubleshoot the TCP/IP protocol
❑ Practice 1: Install TCP/IP and configure the computer to use Automatic vate IP Addressing (APIPA)
Trang 26Pri-❑ Practice 2: Connect a Windows XP computer to a network with a DynamicHost Configuration Protocol (DHCP) server Verify that the Windows XP Pro-fessional computer obtains its TCP/IP configuration from the DHCP server.Then use Ipconfig.exe to examine, release, and renew DHCP leases on theWindows XP Professional computer.
❑ Practice 3: Familiarize yourself with the other tools available for shooting network connections such as Arp.exe, Hostname.exe, Ipconfig.exe,Ping.exe, Pathping.exe, Tracert.exe, Netstat.exe, and Route.exe
trouble-❑ Practice 4: Configure a static TCP/IP address for a client computer that mally relies on DHCP-assigned Internet Protocol (IP) addresses
nor-❑ Practice 5: Use the Nslookup.exe utility to identify the IP addresses for http://
www.microsoft.com.
❑ Practice 6: Edit the HOSTS file in the %windir%\system32\drivers\etc
direc-tory so that the domain name http://www.microsoft.com resolves to the IP address 127.0.0.1 Save the HOSTS file, and use the command ping
www.microsoft.com to verify that this domain name resolves to the IP address
127.0.0.1 Edit the HOSTS file again, remove the new entry, and save the file
■ Connect to computers by using dial-up networking
❑ Practice 1: Create a dial-up connection to an Internet service provider (ISP).After this connection is working properly, configure Internet ConnectionSharing (ICS) to allow multiple computers to access the Internet across a sin-gle link
❑ Practice 2: If you have a VPN server available, establish a VPN tunnel figure this connection with ICS to allow multiple computers to use the VPNsimultaneously
Con-■ Connect to resources by using Internet Explorer
❑ Practice 1: Configure offline Web pages to store several Web sites offline.Open the Synchronize dialog box, and adjust the properties to automaticallydownload these sites at a specific time After this time has passed, disconnectfrom the network and attempt to access one of the offline Web sites
❑ Practice 2: Press Ctrl+H to open the history toolbar Notice that all sites visited
in the last several weeks are available for recall
❑ Practice 3: Use the Internet Options dialog box to clear your temporary net files and history This helps to protect your privacy if other people haveaccess to your computer
Inter-❑ Practice 4: Using the Security tab of the Internet Options dialog box, comparethe security settings for the Internet and Trusted Sites zones Consider howthey differ, and how that improves the security of your computer
Trang 27Con-to its original setting.
■ Configure, manage, and implement Internet Information Services (IIS)
❑ Practice 1: If IIS was not installed with Windows XP, install it from Add/Remove Windows Components in Control Panel Familiarize yourself with thedifferent IIS components available for installation
❑ Practice 2: Edit the application configuration to remove unused script pings Although this does not change the site’s existing functionality, it doesdramatically reduce the risk of security vulnerabilities
map-❑ Practice 3: Add a virtual directory, and disable anonymous access to the tual directory Access the virtual directory using Internet Explorer and noticethat you are prompted for authentication Provide your user name and pass-word, and verify that you have access
vir-❑ Practice 4: Modify NTFS file permissions for Web content within the IIS homedirectory Notice how removing Read file permissions for the
IUSR_computername account affects your ability to anonymously access files.
❑ Practice 5: Install an IIS security hot fixes if any are available
Important For the following task, you should complete at least Practice 1 If you want hands-on experience with every aspect of the exam and you have multiple networked Win- dows XP computers, complete Practices 2 and 3 as well.
■ Configure, manage, and troubleshoot Remote Desktop and Remote Assistance
❑ Practice 1: Use the Remote tab of the System Properties dialog box to allowboth Remote Desktop and Remote Assistance incoming connections
❑ Practice 2: Open the Remote Desktop Connection tool, and use the ence tab to optimize the performance for local area network (LAN) speeds.Connect to a remote computer by using Remote Desktop Then disconnect,and optimize the performance of the connection for modem speeds Recon-nect, and notice how the experience is different
Experi-❑ Practice 3: Have another Windows XP user send you a Remote Assistance tation, and then connect to the remote computer by using Remote Assistance
invi-Tested Skills and Suggested Practices
Trang 28■ Configure, manage, and troubleshoot an ICF.
❑ Practice 1: First, disable Remote Desktop and Remote Assistance Then installService Pack 2, and open the Security Center Notice whether Windows Fire-wall is enabled or not View the Windows Firewall properties, and notice theprograms and services listed on the Exceptions tab
❑ Practice 2: Enable Remote Desktop Then view the Windows Firewall ties, and notice that Remote Desktop has been added to the Exceptions tab
proper-❑ Practice 3: Manually add Windows Messenger to the list of Windows Firewallexceptions
❑ Practice 4: Enable ICF or Windows Firewall with all default settings so that all
incoming traffic is automatically filtered Attempt to ping this system from a
remote system, and notice the results Attempt to map a connection to ashared folder, and notice the results Disable ICF or Windows Firewall andrepeat these steps
Further Reading
This section lists supplemental readings by objective We recommend that you studythese sources thoroughly before taking exam 70-270
Objective 6.1 Microsoft Corporation Microsoft Windows XP Professional Resource
Kit Documentation Redmond, WA: Microsoft Press, 2001 Read Chapter 18,
“Con-necting Clients to Windows Networks.” This chapter covers the fundamentals ofinstalling and configuring network protocols and services in Windows XP Profes-sional Read Chapter 19, “Configuring TCP/IP,” for a detailed look at all the con-figuration options available in the Windows XP Professional implementation ofTCP/IP Read Chapter 20, “Configuring IP Addressing and Name Resolution.” Thischapter provides detailed information about configuring IP addresses and names
and how to identify and resolve problems (available online at http://
www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/ prork_overview.asp).
Microsoft Corporation “How to Troubleshoot TCP/IP Connectivity with WindowsXP.” 2004 This Knowledge Base article provides important network troubleshoot-
ing information This article is available at http://support.microsoft.com/kb/314067 (If the article has moved, search for the title at http://www.microsoft.com.)
Objective 6.2 Microsoft Corporation Microsoft Windows XP Professional Resource Kit
Documentation Redmond, WA: Microsoft Press, 2001 Read Chapter 21, “Connecting
Remote Offices,” for background information about VPNs and Internet Connection
Sharing (available online at http://www.microsoft.com/resources/documentation/
Windows/XP/all/reskit/en-us/prcg_cnd_cgza.asp).
Trang 2926 - 5Microsoft Corporation “The Cable Guy - August 2001: Layer Two Tunneling Pro-tocol in Windows 2000.” 2001 Although this article was written for Windows 2000,
it applies to Windows XP Professional as well This article is available at http://
www.microsoft.com/technet/community/columns/cableguy/cg0801.mspx (If the
article has moved, search for the title at http://www.microsoft.com.)
Objective 6.3 Microsoft Corporation Internet Explorer Administration Kit 2004.
Read the Appendix, “Windows XP Service Pack 2 Enhancements to InternetExplorer 6.” This appendix covers the very significant changes to Internet Explorer
that Service Pack 2 adds (available online at http://www.microsoft.com/windows/
ieak/techinfo/deploy/60/en/appendix.mspx).
Launch Internet Explorer, select the Help menu, and then select Contents AndIndex Read through all the available topics, paying particular attention to theproxy settings, favorites, and history features
Objective 6.4 Microsoft Corporation Microsoft Windows XP Professional Resource
Kit Documentation Redmond, WA: Microsoft Press, 2001 Read “Internet Printing”
in Chapter 11, “Enabling Printing and Faxing,” for general information about howIIS facilitates sharing printers Read “Broadcasting Digital Media Presentations overYour Intranet” in Chapter 10, “Managing Digital Media,” for details about how IIS
p r o v i d e s f o r s t r e a m i n g d i g i t a l m e d i a ( a v a i l a b l e o n l i n e a t h t t p : / /
www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/ prork_overview.asp).
Microsoft Corporation “Securing Internet Information Services 5.0 and 5.1.” 2004
This white paper is available at http://www.microsoft.com/smallbusiness/gtm/
securityguidance/articles/sec_iis_5_0_5_1.mspx (If the white paper has moved,
search for the title at http://www.microsoft.com.)
Objective 6.5 Microsoft Corporation Microsoft Windows XP Professional Resource Kit
Documentation Redmond, WA: Microsoft Press, 2001 Read Chapter 8, “Configuring
Remote Desktop,” for detailed information about Remote Desktop Also readAppendix D, “Tools for Troubleshooting,” for information about remote assistance
(available online at http://www.microsoft.com/resources/documentation/Windows
/XP/all/reskit/en-us/prork_overview.asp).
Objective 6.6 Microsoft Corporation Microsoft Windows XP Professional Resource
Kit Documentation Redmond, WA: Microsoft Press, 2001 Read “Internet
Connec-tion Firewalls” in Chapter 21, “Connecting Remote Offices” (available online at
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/ prcg_cnd_cgza.asp).
Further Reading
Trang 30Microsoft Corporation “Troubleshooting Windows Firewall in Microsoft Windows XP
Service Pack 2.” 2004 This white paper is available at http://www.microsoft.com/
downloads/details.aspx?FamilyID=a7628646-131d-4617-bf68-f0532d8db131 (If
the white paper has moved, search for the title at http://www.microsoft.com.) Tony Northrup “Firewalls.” 2002 This white paper is available at http://
www.microsoft.com/technet/security/topics/network/firewall.mspx (If the white
paper has moved, search for the title at http://www.microsoft.com.)
Trang 31If a computer cannot communicate with another computer on the network, you mustverify that the network adapter is installed and operational in Device Manager Next,verify that it is physically connected to the network Then run protocol-specific utilitiesdesigned to test network connections Some of the tools for testing TCP/IP connectivityincluded with Windows XP Professional are Arp.exe, Hostname.exe, Ping.exe, Path-ping.exe, Tracert.exe, Netstat.exe, Route.exe, and Ipconfig.exe.
To successfully answer questions in this objective, you must know how to install, figure, manage, and troubleshoot network adapters You also need to know how toinstall, configure, manage, and troubleshoot TCP/IP connections
con-Objective 6.1 Configure and Troubleshoot the TCP/IP Protocol
Trang 32Objective 6.1 Questions
1. Which of the following is the correct order Windows XP Professional uses for resolving
a DNS host name? Choose the correct answer
A (1) Check the local computer’s host name for a match (2) Check the NetBIOS
name cache (3) Send a WINS query if configured (4) Send a broadcast query for
a matching NetBIOS name (5) Check the LMHOSTS file for a match (6) Check theHOSTS file for a match (7) Send a DNS query
B (1) Check the local computer’s host name for a match (2) Send a DNS query (3)
Check the HOSTS file for a match (4) Check the NetBIOS name cache (5) Send
a WINS query if configured (6) Send a broadcast query for a matching NetBIOSname (7) Check the LMHOSTS file for a match
C (1) Check the local computer’s host name for a match (2) Check the HOSTS file
for a match (3) Send a DNS query (4) Check the NetBIOS name cache (5) Send
a WINS query if configured (6) Send a broadcast query for a matching NetBIOSname (7) Check the LMHOSTS file for a match
D (1) Check the local computer’s host name for a match (2) Check the HOSTS file
for a match (3) Send a DNS query (4) Check the NetBIOS name cache (5) Checkthe LMHOSTS file for a match (6) Send a WINS query if configured (7) Send abroadcast query for a matching NetBIOS name
2. Your computer is able to connect to some network resources with no problem, but youfeel that performance is abnormally slow when connecting to some specific serverslocated in remote offices You suspect that there might be a routing issue on your net-work Which tools included with Windows XP Professional are best for examiningthese types of problems? Choose two correct answers
Trang 3326 - 9Why are you unable to browse the Web from your laptop computer? Choose the bestanswer.
A Your computer was unable to get an IP address from the DHCP server; therefore,
it used APIPA to assign an address to itself
B The network adapter is malfunctioning.
C The network cable is disconnected from either your computer’s network adapter
or the network port
D TCP/IP is not installed on your laptop computer.
4. Which of the following problems is resolved by clearing the ARP cache by typing the
command netsh interface ip delete arpcache? Choose the best answer.
A Clients cannot reach a server on the local subnet that has recently had the IP
address changed
B Clients cannot reach a server on the local subnet that has recently had the network
card replaced
C Clients cannot reach a server that has recently had the DNS entry changed.
D Clients cannot reach a server that has moved to a different network segment.
5. You are a systems administrator at your organization’s corporate headquarters Yourcompany is in the process of establishing a small remote office in another country Thelocal systems administrator calls you for assistance because his Windows XP desktopcomputer cannot connect to the company’s wide area network (WAN) You gatherinformation about the IP configuration of his network and draw the following diagrambased on the information the systems administrator provides
G26us01
What setting does the administrator need to change? Choose the best answer
A Change the computer’s subnet mask to 255.0.0.0.
B Change the computer’s default gateway to 10.1.4.1.
C Change the computer’s IP address to 10.1.3.2.
D Set both of the router’s IP addresses to 10.1.3.1.
IP address: 10.1.4.1 Subnet mask: 255.255.255.0
WAN
Subnet mask: 255.255.255.0 Default gateway: 10.1.3.1
IP address: 10.1.3.1 Subnet mask: 255.255.255.0
Objective 6.1 Configure and Troubleshoot the TCP/IP Protocol
Trang 34Objective 6.1 Answers
1. Correct Answers: C
A Incorrect: Windows XP Professional always attempts to resolve names using the
HOSTS file and DNS first NetBIOS name resolution methods such as WINS andthe LMHOSTS file are used only as a last resort
B Incorrect: Windows XP Professional checks the HOSTS file for host name
reso-lution before sending a DNS query However, the LMHOSTS file is not checkeduntil after a WINS resolution request is attempted
C Correct: Windows XP Professional first checks the specified host name against
the local machine name It then begins the DNS name resolution process, firstchecking the HOSTS file and then sending a DNS query Finally, the NetBIOSname resolution process is used, which is as follows: check the NetBIOS namecache, send a WINS query, send a broadcast query, and scan the LMHOSTS file
D Incorrect: A DNS query and the HOSTS file are very similar to a WINS query and
the LMHOSTS file Windows XP standard DNS name resolution scans the HOSTSfile before sending a DNS query However, by default, NetBIOS name resolution
scans the LMHOSTS file after sending a WINS query.
2. Correct Answers: A and C
A Correct: PathPing is a command-line tool for tracing routes through TCP/IP
net-works It combines features of both Ping.exe and Tracert.exe and provides tional information that neither offers It is an excellent tool for troubleshootingrouting problems
addi-B Incorrect: You use the Arp tool to view, edit, and clear the Address Resolution
Protocol (ARP) cache on the local computer Arp is used to map IP addresses tomedia access control (MAC) addresses of specific network adapters on the samenetwork segment It does not provide any information about routing IP traffic toother network segments and therefore is not an appropriate tool for this scenario
C Correct: Tracert is a command-line, route-tracing tool that repeatedly sends
Inter-net Control Message Protocol (ICMP) Echo Request messages with increasinglylarger time-to-live values to map out the route from the local computer to the onespecified in the command It is an ideal tool for diagnosing routing problems
D Incorrect: Ping is a command-line tool for verifying IP connectivity The Ping
tool can be used to verify that your computer can communicate with another host
on the network, but it does not provide information about the route taken acrossthe network and therefore is not an appropriate tool to use in this scenario
E Incorrect: Ipconfig is a command-line tool for reviewing the current IP
address-ing configuration for the local computer It is not used for troubleshootaddress-ing lems on the network
Trang 35prob-26 - 11
3. Correct Answers: A
A Correct: APIPA uses IP addresses from the range 169.254.0.1 through
169.254.255.254 and a subnet mask of 255.255.0.0, and your computer’s addressfalls within that range Your next step is to determine why your computer wasunable to get an address from the DHCP server—likely reasons for that probleminclude the server being offline or the physical segment that your computer is con-nected to being unable to send DHCP messages to the DHCP server
B Incorrect: If the network adapter was not working, you would see an error
mes-sage when you ran Ipconfig.exe or no information would be displayed regardingyour IP address
C Incorrect: If the cable was not connected properly, you would see an error
mes-sage when you run Ipconfig.exe stating that the media is disconnected
D Incorrect: If TCP/IP were not installed correctly, you would not have had any IP
address assigned
4. Correct Answers: B
A Incorrect: When Arp looks up an IP address’ associated MAC address, this
rela-tionship is stored in the ARP cache for future reference If a server’s IP addresschanges, Arp issues a new request for the MAC address Therefore, clearing theARP cache does not resolve this problem
B Correct: Every network card includes a unique MAC address Therefore, when a
network card is replaced on a system, that system’s MAC address also changes Ifclients attempt to reconnect to a system that has recently had the network cardreplaced, they may address network communications to the cached MAC address
of the failed network card The server does not respond to these communicationsbecause it is listening for requests addressed to the MAC address of the new net-work card Clearing the ARP cache of the clients on the same subnet resolves thisproblem
C Incorrect: Changing a server’s DNS host name causes new communications
addressed to the previous host name to fail However, DNS resolution does notdirectly involve Arp As a result, clearing the ARP cache does not resolve theproblem
D Incorrect: If a system moves between network segments, the IP address must
also change In this scenario, the ARP cache might still contain the IP address toMAC address mapping of the system’s previous IP address However, the new IPaddress of the server does not yet reside in the ARP cache Therefore, clearing theARP cache does not resolve the problem
Objective 6.1 Configure and Troubleshoot the TCP/IP Protocol
Trang 365. Correct Answers: C
A Incorrect: In this scenario, the computer and both of the router’s network
inter-faces have been configured with class A addresses However, class A addressescan have a subnet mask of 255.255.255.0 In fact, a subnet mask of 255.0.0.0would be extremely unusual
B Incorrect: The computer’s default gateway should be set to the IP address of the
router’s local network adapter In other words, the default gateway must be set tothe IP address that the router has been assigned on the local network In this case,the default gateway is correct
C Correct: The problem is that the computer’s IP address and the router’s local IP
address are on different logical subnets The computer has been configured with
an IP address of 10.1.2.2, but the default gateway is 10.1.3.1 Because the defaultgateway is on a different logical subnet, the computer cannot send packets to it—even though it is on the same physical network segment Assigning the computer
an IP address of 10.1.3.2 places it on the same logical subnet as the router’s10.1.3.1 address, allowing it to send packets to the router
D Incorrect: Each network interface must have a unique IP address Therefore, you
cannot configure two network adapters to have the same IP address
Trang 37ICS provides a convenient way for small business and home users to connect multiplesystems to the Internet using a single connection ICS combines three software ser-vices: DHCP, Network Address Translation (NAT), and DNS proxy DHCP is used toassign private IP addresses to other computers on the local area network (LAN) NATtranslates the private IP addresses used by the internal computers into the public IPaddress assigned by the ISP DNS proxy enables systems residing on the LAN to resolvedomain names to public IP addresses.
To successfully answer questions in this objective, you must know how to create
dial-up and VPN connections Additionally, you should understand how to configure anduse ICS
Objective 6.2 Connect to Computers by Using Dial-Up Networking
Trang 38Objective 6.2 Questions
1. Which of the following accurately describes Layer Two Tunneling Protocol (L2TP) neling? Choose three correct answers
tun-A Supports Internet Protocol security (IPSec) authentication
B Supports header compression
C Automatically provides privacy using Point-to-Point Protocol (PPP) encryption
D Supported by Microsoft Windows NT 4.0
E Requires authentication of both the computer and the user
2. Which of the following remote access authentication protocols does not support ing encrypted password information? Choose the correct answer
Inter-A A LAN with 100 computers and a routed T3 connection to the Internet All the
computers have IP addresses assigned by the ISP
B A home network with four computers connected to the Internet with a cable
modem Each of the four computers has been assigned a public IP address by theISP
C A home network with four computers connected to the Internet with a single
ana-log dial-up connection All the computers currently use DHCP and do not havepublic IP addresses
D A small office network with 300 computers and a single digital subscriber line
(DSL) connection All the computers currently use DHCP and do not have public
IP addresses
Trang 3926 - 15
Objective 6.2 Answers
1. Correct Answers: A, B, and E
A Correct: L2TP tunneling supports IPSec authentication Point-to-Point Tunneling
Protocol (PPTP) tunneling does not support this type of authentication
B Correct: L2TP supports header compression, which reduces the number of bytes
consumed by the header to four PPTP does not perform header compression, and
as a result, IP headers consume six bytes
C Incorrect: Only PPTP automatically provides PPP encryption L2TP can provide
IPSec encryption
D Incorrect: PPTP was the only method of tunneling included with Windows NT
4.0 Windows 2000 and later versions of Windows include both PPTP and L2TPcapabilities
E Correct: PPTP connections require only user-level authentication L2TP/IPSec
connections can require the same user-level authentication and, in addition, puter-level authentication through a computer certificate
com-2. Correct Answers: A
A Correct: Password Authentication Protocol (PAP) does not support encryption.
As a result, PAP is more vulnerable to attack than other protocols and must beused only when the remote access client does not support any other method ofauthentication
B Incorrect: The Shiva Password Authentication Protocol (SPAP) does support
encryption However, SPAP is not as secure as Challenge Handshake tion Protocol (CHAP) or Microsoft Challenge Handshake Authentication Protocol(MS-CHAP) because it sends the password across the remote access link usingreversible encryption Use SPAP only when it is the sole method of authenticationthat the client supports
Authentica-C Incorrect: The CHAP transmits authentication information using encrypted,
one-way MD5 hashes Using a one-one-way hash is more secure than using reversibleencryption because the user can be authenticated without actually sending thepassword to the server
D Incorrect: The MS-CHAP provides encrypted authentication in a very similar
manner to CHAP However, MS-CHAP can also use Microsoft Point-to-PointEncryption (MPPE) to encrypt data to the client or the server
E Incorrect: The Microsoft Challenge Handshake Authentication Protocol version 2
(MS-CHAP v2) provides all the features of MS-CHAP, plus authentication of boththe client and server using one-way encryption Therefore, MS-CHAP v2 providesthe highest level of security available to users of Windows XP Professional
Objective 6.2 Connect to Computers by Using Dial-Up Networking
Trang 403. Correct Answers: C
A Incorrect: The only aspect of this scenario that is not compatible with ICS is the
public IP addressing ICS can function only when the client computers on the LANreceive dynamically assigned IP addresses from the ICS computer In this scenario,each of the 100 systems can reach the Internet directly, without requiring the assis-tance of ICS
B Incorrect: ICS is intended for use with small home networks and cable modems.
However, in this scenario, the ISP is providing a block of four public IP addresses.Each system has its own IP address, so ICS is not needed for the systems to pro-vide access
C Correct: ICS is the ideal method for providing all four systems in this scenario
with Internet access The computer that is connected to the dial-up connectionmust have ICS enabled As soon as ICS is enabled, that system’s LAN connection
is assigned the private IP address 192.168.0.1 DHCP services are automatically tiated to assign the other systems IP addresses in the range 192.168.0.2 through192.168.0.254 The next time the client computers reboot, they retrieve a DHCP-assigned IP address from the ICS system When the ICS system connects to theInternet, it performs NAT services to provide all systems on the network withInternet access
ini-D Incorrect: This scenario is perfect for ICS, except for one major detail: ICS can
assign IP addresses to only 253 computers ICS is intended to be used on smallnetworks and is not designed to provide Internet access for larger quantities ofcomputers A more robust NAT/DHCP solution is required