NT Server v4.0 in the Enterprise - 70-68

 

Passed this exam on Friday 30/1/98 - thank god. Done all 4 core

exams!!!! Required: 784 Pass: 823. I didn't find time an issue,

but because some of the questions were so long it was quite difficult

to hold everything in, by the time you had finished the question you

had forgotton what the objective's were.

 

Out of all the MCNE/MCSE tests I have done, this exam rates in my top

3 of hardest exams (in my numble opinion). D&I,216 - Fundamentals of

Internetworking and 70-68.

 

Following is the braindump of the questions I had the most trouble

with, then followed by a few study notes.

 

Before I go, can I suggest that anybody doing this exam should read a

braindump in this section by "Sven", it is the best braindump I have

seen for 70-68 and he is to be congratulated. I have copied some of

his questions and add additional information to them.

 

Question 1.

-----------

The following scenario was presented and you were asked two questions

based on the scenario. The difference was in the proposed solution;

 

You have the following domain configuration in your company:

SALES ---> CORP <-- RESEARCH

 

(1 PDC, 2 BDC's (1 PDC, 3 BDC's (1 PDC, 1 BDC,

1 member server 2 member servers 200 NT Workst.)

300 NT Workst.) 500 NT Workst.)

 

Required results:

-----------------

- A group called AllBackup must be created in the CORP

domain.

- Members of the AllBackup group must be able to backup all

domain controllers in all domains.

 

Optional results:

-----------------

- Members of the Allbackup group must be able to backup all

member servers in all domains.

- Members of the Allbackup group must be able to backup all

NT Workstations in all domains.

 

Proposed solution: - version 1

------------------------------

- Make a global group CORP\AllBackup. Make the local groups

CORP\CBackup, RESEARCH\RBackup and SALES\SBackup.

- Assign the following special users rights to the local

groups: Backup Files and Restore Files. Put the global

group CORP\AllBackup in each local group.

 

Proposed solution: - version 2

------------------------------

- Make a global group CORP\AllBackup. Make the local groups

CORP\CBackup, RESEARCH\RBackup and SALES\SBackup.

- Make the newly created local groups a member of the Backup

Operators group. Put the global group CORP\AllBackup in

each local group.

 

What does the proposed solution produce?

a. The required result and the optional results. (*) for 1 & 2

b. The required result and one of the optional results.

c. The required result only.

d. Does not produce the required result or the optional

results.

 

Question 2

----------

You are the system manager of a company with 3 departments:

Management, Marketing and Accounting.

 

The departments print all to the same pool of 2 identical printers.

Accounting uses often heavy calculation software which pauses and

slows down the print process. Your job is to optimize the printing

process. The amount of printerload for each department is shown in

the following table:

 

Department av. pages printer per day

 

Management 1-250

 

Marketing 250-500

 

Accounting 500+

 

 

Required Results

----------------

- Print jobs from the Management department must always be

printed first.

- Print jobs from the Accounting departments may only print

at one print device.

 

Optional Results

----------------

- Print jobs from the Management and Marketing department

must be processes before any large printjob from the

Accounting department. Prevent the calculations of the

accounting department of slowing down the print process.

 

Proposed solution

-----------------

- You are setting up the printer configuration as shown in

the table below:

 

Management Marketing Accounting

 

Spooling method spool after spool after spool after

first first last

page is printed page is printed page is printed

 

Priority +15 +10 +1

 

Rights Everyone: Everyone: Everyone:

removed removed removed

Management: Marketing: Accounting:

Print Print Print

 

Print device pool pool one port

 

What does the proposed solution produce?

a. The required result and the optional results. (*)

b. The required result and one of the optional results.

c. The required result only.

d. Does not produce the required result or the optional

results.

 

Question 3

----------

You have a PDC which does run WINS and it's only function is account

validation for 5000 clients. How can you optimize the performance of

this domain controller using the server program in control panel:

 

a. Minimize memory

b. Balance

c. Optimize for file sharing

d. Optimize for network applications (*)

 

Question 4

----------

You have a Windows NT server with six scsi disks. On one

disk is the system partition, the other five are in a stripset with

parity. 1 disk fails, you replaced the disk. What must be done next

in the disk administrator?

 

a. Choose extend volume set in the partition menu

b. Choose regenerate in the fault tolerance menu (*)

c. Choose make stripe set with parity and restore from backup

d. Do nothing, the disk wil be regenerated when NT boots

 

Question 5

----------

You have a Windows NT server with six scsi disks. On one disk is the

system partition, the other five are in a stripset with parity. 2

disks failed, you replaced the disks. What must be done next in the

disk administrator?

 

a. Choose extend volume set in the partition menu

b. Choose regenerate in the fault tolerance menu

c. Choose make stripe set with parity and restore from backup (*)

d. Do nothing, the disk wil be regenerated when NT boots

 

Question 6

----------

Like before the following scenario was presented and you were asked

two questions based on the scenario. The difference was in the

proposed solution;

 

You have the jobs to make new custom fault tolerance standard for

your company. The company now uses disk duplexing as the current

standard.

 

Required results

----------------

Data integrity must be maintained when 1 disks fails.

 

Optional results

----------------

The fault tolerance methode must not use additional processor time.

The read access time must be improved.

 

Proposed Solution 1

-------------------

Introduce a stripeset with parity as the new company standard

What does the proposed solution produce?

 

Proposed Solution 2

-------------------

Introduce a stripeset as the new company standard

What does the proposed solution produce?

 

a. The required result and the optional results.

b. The required result and one of the optional results. (*)

c. The required result only.

d. Does not produce the required result or the optional

results.

 

Question 7

----------

Another 2 questions based on a scenario. A comment first by me "We

all know that when an NT workstation talks to a RAS Server they

automatically negotiate on MS-Chap, but do they/or dont they

automatically agree on data encyrption, there are conflicting

opinions out there. For the sake of these questions I assumed that

by the question saying they were using MS authentication that they

were using Data Encyrption as well (as they would select it), but

when they used clear text authentication in the 2nd proposed option,

does data encryption automatically get turned on, I honestly don't

know but I said it did. Got 66% in the connectivity section so maybe

it doesn't.

 

Your company uses the single domain model. Brokers with NT

workstation 4.0 notebooks need to have access to the domain from

remote locations. Your job is to implement the highest level of

security on the domain.

 

Required results: Brokers need access to the domain. Only the

brokers may log in and no other users.

 

Optional results: Passwords are transmitted encrypted over the

line. All data must be transmitted

encrypted.

 

Proposed solution 1: Use a password length with a minimum of 8

characters. Let the system remember the last

10 used passwords. Force the brokers to

change their password every month. Install a

RAS server and configure it with the RAS

manager so that only the brokers have

permission to log in. Use the Microsoft

authentication method.

 

Proposed solution 2: Use a password length with a minimum of 8

characters. Let the system remember the last

10 used passwords. Force the brokers to

change their password every month. Install a

RAS server and configure it with the RAS

manager so that only the brokers have

permission to log in. Use any authentication

method. Use a hardware security host between

the RAS modem and the RAS server.

 

What does the proposed solution produce?

a. The required result and the optional results. (* for both) ?

b. The required result and one of the optional results.

c. The required result only.

d. Does not produce the required result or the optional results.

 

Question 8

----------

Here I assumed that this was the average/login across all the servers

and not just to PDC so I said to add more BDC's. Maybe if the bad

performance had just been on the PDC you could through more RAM at

it, but I didnt get that feeling from the question.

 

You have a single domain with 1 PDC and 10 BDC's. Users are reporting

slow logon on the PDC. You check with the performance monitor the

server process and see that the average logon/sec is 5 or higher.

 

what should you do to increase logon performance?

 

a. add more memory to the PDC

b. increase the replication pulse maximum register value

c. decrease the replicationgovernor register value

d. add more BDC's

 

Question 9

----------

You two domains, WEST and CORP. WEST trust CORP. Somebody logs in

from a workstation in the WEST domain onto the CORP domain

 

Which resources can be accessed?

a. all resources which are given rights to the corp\Domain users

group (*) but I am not sure!!!

b. all resources which are given rights to the corp\Domain guests

group

c. all resources which are given rights to the west\Domain users

group

d. all resources which are given rights to the west\Domain guests

group

 

Question 10

-----------

A question about the following network, and how to optimize its

performance. There is a good detailed example of this question in

the "sven" braindump in the 70-68 section on this site.

 

Caracas 56K Chicago 56K Paris

 

-------- | | | -----------

 

____________| | |_____

 

/ | \

 

T1 / T1 | \T1

 

Seattle Dallas New York

 

Question 11

-----------

You are printing checks for your company, the printer jam right in

the middle of the print job, how can you re-print the checks after

clear the paper jam?

 

1) choose "resume" from the printer menu

2) choose "restart" from the printer menu

3) choose "resume" from the document menu

4) choose "restart" from the document menu (*)

 

Additional information . . . study notes . .

 

Couple of Netware Migration Questions - 1 about what needs to be in

place before a migration can take place, lot of strange answers like

Netbeui, FAT partition and TCP/IP, NTFS is the obvious answer.

Another question about the problem of duplicate user names when

migrating to NT from Netware - answer: use mappings file.

 

A question about file auditing where you are presented with the audit

screen in user manager. The question says something about making a

fellow worker an member of the account operators group so they can

perform account administrator but you want to keep an eye on her and

the directory services(trying to confuse you, they just mean SAM), so

you enable auditing for which category (User and Group Management)

and you have to pick the category with a cross-bar.

 

A question about installing a new server to be a BDC in a domain that

you currently dont have a connection to. You get a number of choices

about installing it into a different domain and moving it, or

installing as a member server and promoting it to a BDC when you get

on site, none of which will do you any good. If you cant connect to

the PDC, and you want a BDC then you cant do the install.

 

A question about a user (Mary I think) being promoted and she needed

access to payroll information on a server in another domain, that

trusted her domain. The solution was to create a new local with read

permissions and make her global group a member of it.

 

A question about creating trusts between 3 different domains, gives

you a list of who needs to access what and the offered solutions.

Not very difficult.

 

I didn't get any questions about the network monitor

 

You wish to configure your server so that it does not provide its

name to the other browser servers. How?

- Set the registry setting MaintainServerList = no (*)

 

Users are complaining that 1 of the servers is responding slowly -

you suspect partition. Monitor Logical Disk objects

 

Machine acting as a database server = Then Optimized for File Sharing

 

Machine acting as a Client/Server machine or DC = Then optimized for

Network throughout

 

Conditions to be met to enable file level auditing;

- Logged in or = Administrator

- UMD, Policies, Audit Menu , file & object audit

- Partition must be NTFS

 

A couple of questions on Memory Dump. Just where to configure it,

easy!

 

Create a capacity-planning baseline of internal resource for NT -

Responce Probe

 

Subnet A have DHCP Server. A & B have 1 NT Router. DHCP Relay Agent

must be added for B computers to get IP assigned addresses from A

 

For monitoring multiple processor system (SMP) use the System object

and the %TotalProcessorTime counter.

 

Creation of multiple home directories, use %username

 

If you fail to connect to a network printer via DLC it may be because

somebody has a "continious connection" to the printer.

 

A user at an NT workstaion needs to access resources in the sales

domain. NT Workstaion is not part of any domain. What 2 things

could be done;

- enable the guest account in the sales domain

- create duplicate users in the sales Domain for the NT Workstaion

users.

 

10 Companies need a www server on your IIS server, what do you do. -

assign each server an IP address on the NIC, create www folders for

each.

 

Fault Tolerance information

---------------------------

HDD Performance - Disk Striping will provide fastest read/writeas

it can read more than 1 disk at a time.

 

Disk striping with partiy is slower, as it has to

writer parity but still improves overall disk

access.

 

Disk Mirroring is slower than Stripe Sets because

it has to write the same data to 2 drives.

 

Volume set is slowest as it can only read/write

from/to 1 drive at a time

 

To successfully merge new group policy files you created on your

workstaion with existing policy files in the ntconfig.pol file of the

PDC. Copy the group policies from your workstaion and paste them

into the system policy file on the PDC.

 

In order to enable IP Routing you must install a 2nd NIC and in the

machine and connect it to the other segment. - Computers with 2 NICs

are multihomed. TCP/IP Properties, Routing, Enable IP Forwarding. -

Once enabled, an NT machine can only detect networks and routes that

which is is directly connected to. In order to tell NT about other

routes you have to use the Route Add command. This really sucks so

install RIP for IP and it will sit there and talk to other RIP

Rotuers and get all the information for you. Note: Rip Routers and

Static Routers will not be able to share any information with each

other, must manually add the routes in this case.

 

NTOSKRNL is missing, - check the location of where boot.nin is

pointing or if the file is corrupt use ERD.