- By Patrick Regan
- May 26, 2009
This chapter is from the book
Answers to Exam Prep Questions
- Answer A is correct. You need to install the Routing and Remote Access role and you then need to enable IPV4 LAN routing. Answer B is incorrect because the netsh command is not used to enable routing; instead, it could be used to configure a network interface. Answer C is incorrect because NAT would not enable routing and you do not use the netsh command to enable NAT. Answer D is incorrect because NPS does not enable routing. NPS is used as a RADIUS server and for implementing RAS policies.
- Answer B is correct. The correct syntax when adding new static routes using the route command is route add mask metric. Answers A, C, and D are incorrect because they do not use the proper syntax.
- Answer D is correct. You use the /p parameter to add a persistent route to the routing table. The route is not removed from the routing table when the router is restarted. Therefore, answers A, B, and C are incorrect.
- Answer D is correct. You need create an outbound rule using the Windows Firewall with Advanced Security snap-in to block port 21. Answers A and B are incorrect because you should be using the Windows Firewall with Advanced Security snap-in with Windows Server 2008 computers for the fine control that it offers over standard Windows Firewall. In addition, an exception would be used to allow traffic, and if you block all incoming connections, other protocols would also be blocked and no traffic would be able to go through the server. Answer C is incorrect because you want an outbound rule, not an inbound rule because the traffic from this server to the other servers would be outbound.
- Answer D is correct. You could quickly open the Windows Firewall, and enable Block All Connections to disable all incoming connections. The Domain profile is applied when a computer is connected to a network in which the computer’s domain account resides. Answer A is incorrect because the Server service stops file and print sharing. The Net Logon service prevents logins but not necessarily all connections. Answer C is incorrect because disabling a firewall allows all traffic to flow.
- Answer D is correct. To have changes propagated throughout the network when changes occur and to reduce the administrative overhead associated with updating the routing tables, a routing protocol is required. Because OSPF cannot be used with nonpersistent connections and OSPF is not available in Windows Server 2008, RIPv2 must be used. Therefore, answers A and C are incorrect. Answer B is incorrect because ICMP is not a routing protocol.
- Answer B is correct. You should use the context menu of the Routing Interface Protocol (RIP) node to add at least one interface to RIP. When you add a routing protocol, the protocol is not configured by default to use an interface, so you must identify one or more interfaces, such as a LAN connection, that the protocol can use. Answer A is incorrect because the scenario does not indicate that there is a DHCP sever on the network. Answer C is incorrect because the routing tables are built automatically. Answer D is incorrect because there is no need to remove all static routes from the routing table.
- Answer A is correct. The correct answer is enable split-horizon processing. You must select this option to ensure that any routes learned from a network are not sent as RIP announcements on the network. With this option enabled, a router cannot advertise a route on the same connection from which it was learned. Answers B, C, and D do not help eliminate routing loops.
- Answer B is correct. You must change the user account name on each router to match that of the name assigned to the demand-dial interface name on the answering routing. For a two-way demand-dial connection to work, the user account names used for authentication must be identical to the name assigned to the demand-dial interface. The name of the demand-dial interface on the branch office router must be changed to SRV02. The name of the demand-dial interface on the head office routing must be changed to SRV01. Answer D is incorrect because the user accounts used for remote authentication between the demand-dial routers do not need to be identical. Answers A and C are incorrect because the demand-dial interface name on the calling router must be identical to the user account name on the calling router.
- Answer A is correct. You need to forward the port 20 and 21 to FS1. Ports 20 and 21 are the ports used by FTP. Answer B is incorrect because port 80 and 443 are used by web servers. Answer C is incorrect because port 25 is used for SMTP. Answer D is incorrect because port 3389 is used by Remote Desktop Protocol.
- Answer B is correct. By default, the firewall is started and Teredo is blocked. Answer A is incorrect because you already have NAT. Answer C is incorrect because there are already routes between the sites. Answer D is incorrect because there is no such thing as a Teredo emulator.