Free MCSE Braindumps, the best braindumps site for certification exams like 070-290, 070-270 and more!

Alecnet
QUESTION 1
You are the administrator of Alecnet'ss network, which consists of a single Windows 2000 domain.
The relevant portion of its configuration is shown in the exhibit.
The main office contains 2,000 client computers. Branch1 contains 350 client computers. Branch2
contains 600 client computers. Each office has its own domain controller. The domain controllers are
named DC-main, DC-B1, and DC-B2.
Your DMZ network includes two Web servers that run Windows 2000 Server and Internet Information
Services (IIS). Each web server contains a copy of a Web application used by internal users. Each Web
server also hosts the company Web site, which is available to external users through the Internet.
Company policies require that internal network information must never be accessible to external users.
You install the DNS Server service on the domain controllers in each office and on a stand-alone
Windows 2000 Server computer in the DMZ network.
Now you need to ensure that all company users can access the Web application, and that external users
can access the company Web site. You also need to ensure that all access is evenly distributed across the
two Web servers. Your solution must reduce name resolution traffic, and zone transfer traffic across the
WAN links, and it must provide redundancy if any DNS server fails.
What should you do?
To answer, drag the appropriate DNS zone type and configuration option to each DNS server. You might
need to use some zone types and configuration options more than once.

Answer:
Explanation:
The proposed solution meets the following requirements:
* all company users can access the Web site.
We have set up DC-Main, DC-B1 & DC-B2 correctly.
* all access is evenly distributed across the Web servers.
We have enabled Round Robin on all DNS servers.
* reduce the name resolution and zone traffic across the WAN links.
This is assured since we are use Active Directory Integrated zones on the domain controllers.
* provides redundancy if any DNS server fails.
This is met on the domain controllers, but not on DNS-ext. If DNS-ext fails then there is no redundancy for the
external users' access to the company Web site.
This suggests that we should use a secondary zone on DNS-ext. DNS-ext cannot, however, be allowed to access
any internal resources so this is out of the question.

QUESTION 2
You are the network administrator for Alecnet.s T he network consists of a Windows 2000
domain named Alecnet.sc om.
Alecnetism plements the northwindtraders.com DNS zone as a standard primary DNS zone. This zone
is stored on a UNIX BIND DNS Server named Server
A. A Windows 2000 Server computer named ServerB
is configured as a DNS Server and hosts a secondary DNS zone for the northwindtraders.com zone.
You need to monitor zone transfers from ServerA to ServerB to ensure that ServerA implements
incremental zone transfers. How should you configure ServerB?
A. Use the DNS console to test both simple and recursive DNS queries. Define the test to run at regular
intervals. Use the DNS console to examine the results.
B. Use the performance logs and Alerts Console to monitor the activity of the DNS: IXFR, Response Received
Counter.
C. Run the dnscmd Server A command and view the results in a text file.
D. Run the net statistics server command and view the result in a text file.
Answer: B
Explanation: IXFR is short for incremental zone transfer. AXFR is short for full zone transfer. We can
monitor incremental zone transfers by monitoring the DNS: IXFR, Response Received Counter.
QUESTION 3
You are the network administrator for Alecnet.sc o m. You plan to create a fully routed network.
You configure three Windows 2000 Server computers as routers, as shown in the following diagram.
You install RIP on all three routers, accepting all default settings. To ensure that RIP traffic is received
only by the RIP routers, you configure the RIP properties on all three routers to use neighbors instead of
broadcast or multicast routing.
You now discover that hosts on Router1 subnets can communicate only with hosts on other Router1
subnets. To correct this problem, you need to reconfigure the RIP properties on the 192.168.1.2 interface
on Router2.
What should you do?
To answer, drag the correct IP address or addresses to the appropriate locations in the dialog box. Use the
minimum number of necessary IP addresses.

Answer:
Explanation: We must manually configure the neighbors of the 192.168.1.2 interface on Router2. We
must add the appropriate interface of Router1 and Router3. These are 192.168.1.1 and 192.168.2.2

respectively.
Incorrect answers:
192.168.1.2: 192.168.1.2 is the interface itself. It should not be added as a route.
192.168.2.1: 192.168.2.1 is another interface on Router2 and should not be added.
QUESTION 4
You are the administrator of Alecnet'ss network. The relevant portion of its configuration is shown
in the exhibit.
Web1, Web2, and Web3 are Windows 2000 Server computers running a Web application named
FinanceApp. All three servers contain identical content. The client computers are configured to use
DNS1 for name resolution. DNS1 is configured with a single standard primary zone. DNS1 is also
configured to distribute name resolution requests for the FinanceApp equally across Web1, Web2, and
Web3.
Users report that access to FinanceApp is very slow. On investigation, you discover that the W3SVC log
files on Web1 and Web2 are empty. The W3SVC log files on Web3 are very large.
You need to improve response time to FinanceApp. What should you do?
A. Configure DNS1 to allow dynamic updates.
B. Ensure that round robin is enabled on DNS1.
C. Disable the LocalNetPriority setting on DNS1.
D. Promote DNS1 to domain controller and convert the DNS zone to an Active Directory integrated zone.
Answer: C
Explanation: By default, the Microsoft DNS server gives priority to the "closest" A record to the client's
IP address when there are multiple A records for a name. This is designed so that the client application
will attempt to connect to the closest (and fastest) IP available. This overrides Round-robin and the DNS
server returns Host resources that are local to the requestor instead of using round robin. However
round robin can be enabled by disabling the LocalNetPriority setting on the DNS server.
In our scenario the clients will only use the web server located on their own subnet, Web3, unless we disable

the LocalNetPriority setting.
Note 1: The simplest load-balancing method uses DNS round-robin. When round-robin is enabled the DNS
server rotates and reorders a list of multiple host (A) resource records if a queried host name is for a computer
configured with multiple IP addresses.
Note 2: Enable DNS round robin resolution in an environment that uses LocalNetPriority
1. Start the registry editor (regedit.exe)
2. Move to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters
3. From the Edit menu select New - DWORD Value
4. Enter a name of LocalNetPriority and press Enter
5. Double click the new value and set to 0 to disable LocalNetPriority and re-enable round robin. Click OK
6. Close the registry editor
7. Stop and restart the DNS service
Reference:
Microsoft DNS Server Registry Parameters, Part 2 of 3 (Q198409)
Incorrect Answers:
A: Dynamic updates concerns DNS updates from DHCP clients. The Web servers are not DHCP clients.
Allowing dynamic updates would not solve the problem at hand.
B: The scenario text states that DNS1 is already configured to distribute name resolution requests for the
FinanceApp equally across Web1, Web2, and Web3. By default Round-Robin is enabled. Enabling
Round-Robin is therefore not the solution to this problem.
D: Round-robin doesn't require Active Directory integrated zones. Converting the DNS zone to an Active
Directory integrated zone will not address the current problem.
QUESTION 5
You are the administrator of Alecnet'ss network, which consists of a single Windows 2000 domain
with three sites. Each site has its own domain controller and its own DNS server, as shown in the exhibit.
Each branch office includes 100 users. All client computers run either Windows NT Workstation 4.0 or
Windows 98. The DNS server in Los Angeles hosts an Active Directory integrated zone. The DNS servers
in San Diego and San Franciscohost secondary zones that use the Active Directory integrated zone as the
master zone.

Users in San Franciscoreport that access to resources in Los Angeles is frequently very slow. Users in San
Diego do not report any problems. When you examine the utilization rates on the WAN links between the
offices, you obtain the information shown in the following table.
You need to minimize the utilization rates on the WAN link between Los Angeles and San Francisco.
What should you do?
A. Disable automatic notification of zone database changes on the DNS server in Los Angeles
B. Upgrade all client computers to Windows 2000 Professional.
C. Increase the refresh interval in the SOA (start of authority) record on the DNS server in Los Angeles.
D. Upgrade the DNS server in San Francisco to Windows 2000 Server.
E. Upgrade the backup domain controller in San Francisco to a Windows 2000 domain controller.
Answer: D
Explanation: The access of resources in Los Angeles is slow for the users in San Francisco and the
network utilization on the Los Angeles/San Francisco WAN link must be reduced. Judging by the
network utilization table the most likely cause of this is DNS zone transfers. The NT 4.0 DNS server at
San Francisco does not support incremental zone updates, as the Windows 2000 server in San Diego does.
We should therefore upgrade the DNS server at San Francisco to a Windows 2000 DNS server.
Incorrect Answers:
A: Zone changes must be transferred to all DNS servers in order for the DNS servers to have accurate host
name records. Disabling the notification of zone database changes at Los Angeles would minimize zone transfer
traffic but the resource records at the DNS server at San Diego and San Francisco would not be up to date.
B: Upgrading the clients would not reduce WAN utilization. Instead we must upgrade the DNS server.
C: Decreasing the refresh interval would reduce the number of zone transfers, but at the same time DNS zones
at San Diego and San Francisco would be less accurate. This is not the best solution.
E: It is not necessary to upgrade the domain controller at San Francisco to a Windows 2000 domain controller.
We should instead upgrade the DNS server.
QUESTION 6
You are the network administrator for Trey Research. Your network consists of a single Windows 2000
domain. All servers run Windows 2000 Server and all client computers run Windows 2000 Professional.
The network contains three domain controllers, which run the services shown in the following table.
Domain controller Network services
DC1 DNS, global catalog
DC2 WINS

DC3 DHCP, Certificate Services
DC1 hosts an Active Directory integrated zone, which is configured to require secure dynamic updates.
All servers have static IP addresses and all client computers are DHCP clients. All computers are
configured to register their addresses with DNS.
Users report slow response times when they query the directory. Several users report that they cannot
query the directory at all. When you view the event logs on DC1, you find the following event messages.
Event ID: 4011
The DNS server was unable to add or write and update of domain name _ldap
in zone treyresearch.com to the Active Directory. Check that the active
Directory is functioning properly and add or update this domain name using
the DNS console. The event data contains the error.
The DNS server was unable to add or write and update of domain name _gc in
zone treyresearch.com to the Active Directory. Check that the active
Directory is functioning properly and add or update this domain name using
the DNS console. The event data contains the error.
The DNS server was unable to add or write and update of domain name gc in
zone treyresearch.com to the Active Directory. Check that the active
Directory is functioning properly and add or update this domain name using
the DNS console. The event data contains the error.
You also discover the following error message, which was logged by the Netlogon service.
Event ID: 5781
Dynamic registration or deregistration of one or more DNS records failed
because no DNS servers are available.
You verify that the DNS Server service is running on DC1. When you examine the DNS zone database,
you discover that SRV (service) records for DC1 are not being registered. However, SRV records for
DC2 and DC3 are being registered.
How should you correct this problem?
A. Install the DNS Server service and create an Active Directory integrated zone on DC2.
B. Configure the primary DNS server address of DC1 with its own IP address.
C. Reconfigure the treyresearch.com zone on DC1 so that it does not require secure dynamic updates.
D. Configure DC2 as a global catalog server and remove the global catalog from DC1.
Answer: D
Explanation: The cause of this problem is that the DNS server hosts an Active Directory integrated zone
on a Domain controller which at the same time is running the Global catalog service. The best solution of
this problem is to move the global catalog service from the DNS server DC1 to the WINS server DC2.
Reference: DNS Server Generates Event 4011 (Q252695)
Incorrect Answers:
A: It would, if possible at all, require a lot administrative effort to move the DNS service from DC1 to DC2.
B: This is a problem with the Global catalog service, not a DNS configuration problem.
C: This is a problem with the Global catalog service, not a DNS configuration problem.
QUESTION 7
You are the network administrator for Tailspin Toys. The network includes three UNIX-based Web

servers named WWW1, WWW2, and WWW3. These servers host all Web pages for
www.tailspintoys.com. For load balancing purposes, each server contains exactly the same content. The
relevant portion of your network configuration is shown in the exhibit.
Client computers on your network are configured to use TstDNS1 for DNS name resolution. Internet
users use TstXDNS to resolve names in the tailspintoys.com domain. TstDNS1 is not currently configured
to use a forwarder.
Internal users report that access to www.tailspintoys.com is sometimes very slow. The DNS zone file on
TstDNS1 currently contains an A (host) record for www.tailspintoys.com that points to 172.30.24.2.
You need to configure TstDNS1 to improve internal access to www.tailspintoys.com. What should you
do?
To answer, click the Select and Place button, and then drag the correct DNS record types, host names,
and DNS server options to the appropriate location. You might need to use some record types, host
names, and server options more than once.

Answer:

Explanation:
We enable load balancing by configuring the DNS server to enable round robin. Then we create three A (Host)
records for each of the web servers using the same host name. When the DNS server resolves the host name
WWW it will rotate through the three IP addresses 172.30.24.2, 172.30.24.3, and 172.30.24.4. This ensures
proper load balancing.
Incorrect answers:
The DNS server option "recursive queries" is a configuration that enables forwarding on the DNS server. It
doesn't apply in this scenario.
The DNS server option dynamic updates is a configuration that enables DHCP clients and DHCP servers to
register the clients in DNS. This setting will not influence the load balancing of the Web servers.
We should not use CNAME (Alias) records, SRV records or PTR records. The Web servers are accessed
through A (Host) records.
Round robin load balancing requires that all servers that are to be load balanced have the same host name in the
DNS zone. Only the IP address differs.
QUESTION 8
You have three Windows 2000 domain controllers in a single domain. Your primary DNS server is
installed on a domain controller named dc1.sycom.com. You have two secondary DNS servers installed
on member servers named srv1.sycom.com and srv2.sycom.com. You want to increase fault tolerance for
your DNS infrastructure. You also want to optimize and simplify replication and zone transfer
management on your network. What should you do? (Choose all that apply)
A. Remove the DNS service from the member servers
B. Install DNS on at least 2 more domain controllers.
C. Convert the zone to an Active Directory integrated zone.
D. Promote one of the secondary DNS servers to a primary server and have it host a new zone.
E. Configure secure updates for your zone transfers
Answer: A, B, C
Explanation: By installing DNS on 2 more domain controllers, copying the DNS zone from the member
servers to the domain controllers, removing the DNS service from the member servers, and converting
the zone to an Active Directory zone we have accomplished a migration from a primary DNS zone to an
Active Directory zone. The benefits of this are increased fault tolerance as both DNS server would have a
replica of the DNS zone; simplified replication as the zone replication is integrated in the Active
Directory replication and does not have to be configured or managed; optimized replication as Active
Directory replication is performed on a per-property basis and only relevant changes are propagated
therefore less data to be used and submitted in updates for directory-stored zones; and secure zone
transfers as Active Directory replication uses secure channels, which provide encryption.
Incorrect Answers:
D: If we use two primary DNS servers for two separate zones, they would not be able to communicate, and
there would be no cross-domain name resolution and therefore no fault tolerance.
E: Zone transfers cannot be configured for secure updates. Only updates of zone records, not zone transfers,
can be configured for secure updates. We cannot have secure zone transfers if we are not using Active
Directory integrated zones.

QUESTION 9
The network consists of a single Windows 2000 domain and a single subnet. The network uses the
addressing configuration shown in the following table.
Web1, Web2, and Web3 are Windows 2000 Server computers running Internet Information Services
(IIS). These three servers host a Web application named CommodApp, which is used by the sales and
marketing departments. All three servers contain identical content.
All client computers are configured to use C-DC1 for DNS name resolution and C-DC2 for NetBIOS
name resolution. C-DC1 is configured with an Active Directory integrated zone. C-DC1 is also configured
with three A (host) records named WebApp. These A records point to the IP addresses of Web1, Web2,
and Web3.
Users in the marketing department report that access to CommodApp is extremely slow. Users in the
sales and management department report no problems.
You need to improve response time to CommodApp for the marketing department. What should you do?
A. Install the DNS Server service on C-DC2 and create an Active Directory integrated zone.
B. Enable round robin DNS on C-DC1.
C. Disable the LocalNetPriority setting on C.DC1.
D. Configure Web1, Web2, and Web3 as WINS clients.
E. Configure WINS and WINS-R records on C-DC1.
Answer: C

Explanation: By default the LocalNet Priority configuration is set. It makes the DNS server prefer
providing local IP addresses compared to remote IP addresses. In effect, the LocalNetPriority settings
makes the DNS Server C-DC1 provide only IP address of the local Webserver Web3 (192.168.2.20) to the
clients in the Marketing department located on network 192.168.2.0. Web3 becomes overload. We must
disable the LocalNetPriority to enable load balancing.
Incorrect Answers:
A: This would provide DNS fault tolerance, but it would not improve performance.
B: Round Robin is enabled by default. Round Robin seems to work since the users in the Sales department
report no problem.
D: WINS is not a part of the problem or the solution in this scenario.
E: This is performance problem, or more specifically a load balancing problem. WINS is not a part of the
problem.
QUESTION 10
You are the network administrator for Alecnet.sc o m. The relevant portion of your
network configuration is shown in the exhibit.
The network consists of four Windows 2000 domains, as shown in the following table.
DNS1 hosts standard primary zones for the domains in Los Angeles and Seattle. DNS2 hosts standard
primary zones for the domains in Chicago and Atlanta. Both DNS1 and DNS2 are members of their local
Windows 2000 domains. Each location has its own domain controller. The domain controllers are named
L-DC1, S-DC1, C-DC1 and A-DC1.
Users in Seattle and Atlanta report that access to some network resources is extremely slow in these
locations, name resolution requests sometimes take longer than one minute to process. Company

management expects to add more than 150 new users to each of these locations during the next few
months. You are concerned that the existing DNS servers will not be adequate to handle the new users.
You need to improve response times for name resolution requests in Seattle and Atlanta. You must also
ensure that your DNS servers do not have a single point of failure. Your solution must take into
consideration the expected growth in Seattle and Atlanta.
What should you do?
A. Install one new DNS server in Seattle and another one in Atlanta.
Configure each DNS server with a standard primary zone.
B. Install one caching-only DNS server Seattle and another one in Atlanta.
Configure both DNS servers to forward name resolution requests to DNS1 and DNS2.
C. Install the DNS Server service on the domain controllers in each domain.
Create a single Active Directory integrated zone for the entire forest on the DNS server in Los Angeles.
Remove the DNS Server service from DNS1 and DNS2.
D. Install the DNS Server service on the domain controllers in each domain.
Create an Active Directory integrated zone for each domain on its local domain controller.
Create secondary zones on each DNS server for each of the remote domains.
Remove the DNS Server service from DNS1 and DNS2.
Answer: D
Explanation: In order to improve name resolution performance we install and configure DNS server at
each physical location. By creating an Active Directory integrated DNS zone for each domain at the local
domain controller local name resolution would not have to cross the WAN links.
A further improvement and a solution to the single point of failure problem, is solved by creating secondary
zones on each DNS server for each remote domain.
Finally we remove the DNS Server service from the old DNS servers DNS1 and DNS2.
Incorrect Answers:
A: We must remove the single point of failure. This is not achieved with this proposed solution.
B: We must remove the single point of failure. This is not achieved with this proposed solution
Caching-only servers are used on slow WAN links, not on T1 WAN links.
C: There are several domains so we cannot create a single Active Directory integrated zone.
QUESTION 11
You are the administrator of a Windows 2000 domain. The domain has six Windows 2000 Server
computers, 400 Windows 2000 Professional computers and 250 Windows NT Workstation 4.0 computers.
Three of the Windows 2000 Server computers are the DHCP servers. The other three servers are DNS
servers. The TCP/IP configuration of all the Windows 2000 Professional computers and Windows NT
Workstation 4.0 computers is provided by DHCP servers. For fault tolerance all three DHCP servers are
configured so that they have scopes for all the computers in the network.
You configure the DHCP servers to always register and update client computers information on the
configured DNS servers.
To increase security, you configure the DNS zones on all DNS servers to only allow secure updates.
After you perform this configuration of the DNS zones, you discover that the client computer information
in the DNS zones is no longer updated correctly when IP address changes occur for Windows 2000
Professional computers and Windows NT 4.0 Workstation computers.

You want IP address changes for client computer to appear correctly in DNS zones that only allow secure
updates.
What should you do?
A. Add the computer accounts of the three DHCP servers to the DnsUpdateProxy global security group.
B. Configure the three DNS servers to use a time to live (TTL) interval on resource record that is shorter than
the lease time used by the DHCP servers.
C. Configure the three DHCP servers to enable updates for DNS client computers that do not support dynamic
update.
D. On the Windows 2000 Professional computers and Windows NT Workstation 4.0 computers, configure the
DHCP client computers to not release the DHCP lease at shutdown.
Answer: A
Explanation: If a DHCP server performs a secure dynamic update on a name, the DHCP server becomes
the owner of that name, and only that DHCP server can update the name. This problem occurs when you
use multiple Windows 2000 DHCP servers on your network and also configure your zones to allow secure
dynamic updates only.
The solution to this problem is to use Active Directory Users and Computers to add your DHCP server
computers to the built-in DnsUpdateProxyGroup. This will permit all of your DHCP servers the secure rights to
perform proxy updates for any of your DHCP clients.
Incorrect Answers:
B: Decreasing the TTL time at the four DNS servers would make increase replication between the DNS servers,
but it would allow the DHCP servers to perform secure updates.
C: The DHCP servers are not able to perform secure updates.
D: This is a security problem, not a DHCP client configuration problem.
QUESTION 12
You are the administrator of Windows 2000 network. You have three Windows 2000 domain controllers
in a single domain. Your primary DNS server is installed on a domain controller named dc1.contoso.com.
You have two secondary DNS server installed on member servers named srv1.contoso.com and
srv2.contoso.com.
You want to increase fault tolerance for your DNS infrastructure. You also want to optimize and simplify
the management of replication and zone transfers on your network.
How should you accomplish these goals?
A. Promote the member servers that are hosting the DNS server to domain controllers.
B. Add srv1.contoso.com and srv2.contoso.com to the notify list on the primary DNS server.
C. Remove the DNS server service from the member servers. Install the DNS server service on the domain
controller. Convert the zone hosted by dc1.contoso.com to an Active Directory Integrated zone.
D. Set the Time to Live (TTL) value in the SOA (start of authority) record on the primary DNS server to a low
value.
Answer: C
Explanation: By removing the secondary DNS servers, installing DNS on a Domain controller, and

converting the zone to Active Directory-integrated zone we would increase fault tolerance, since every
DNS server has a full updateable replica of the DNS zone, optimize zone replication since incremental
zone transfers instead of full zone transfers could be performed, simplify replication management:
replication is integrated in the Active Directory replication process and does not have to be configured.
Incorrect Answers:
A: Only promoting the member servers to domain controllers would not increase fault tolerance, optimize zone
replication or simply replication management since the zones still would be secondary zones.
B: Adding srv1.contoso.com and srv2.contoso.com to the notify list will make the records on the secondary
servers more up to date, but it would not increase fault tolerance, optimize zone replication or simply
replication management since the zones still would be secondary zones.
D: By setting the TTL value on the SOA record on the primary server to a low value would keep DNS records
more current at the secondary servers, but would not increase fault tolerance, optimize zone replication or
simply replication management since the zones still would be secondary zones.
QUESTION 13
You are the administrator of Alecnet'ss network. Your network is configured as shown in the exhibit.
Alecnet.sc om has an intranet web application named appz that utilizes resources on Internet
Information Services (IIS).
For performance reasons, Alecnet.sc om mirrors the content of appz on three web servers: IIS1, IIS2
and IIS3. You want to configure your network to allow access to the other web servers in the event of
failures. You want to configure DNS by using the fewest possible resources.
What should you do?
A. Configure one DNS server so that it has one DNS zone.
Enable Round Robin.
Create an A (host) record for appz for each web server's IP address.
B. Configure one DNS server so that it has one DNS zone.
Disable Round Robin.

Create an A (host) record for appz for each web server's IP address.
C. Configure three DNS servers so that each has one DNS zone.
Enable Round Robin.
Add an A (host) record for appz for each web server on each DNS server.
D. Configure three DNS servers so that it has one DNS zone.
Disable Round Robin.
Add an A (host) record for appz for each web server on each DNS server.
Answer: A
Explanation: Round robin is an approach for performing load balancing. It is used to share and
distribute the network resource load. With round robin, the host name contained in a query, for which
multiple RRs exist, are rotated each time the query is answered. Round Robin also provides redundancy.
In this scenario three host (A) records for appz (pointing to IIS1, IIS2 and IIS3 respectively) must be
created. These three host (A) records must be added to the same DNS zone to provide load balancing and
redundancy.
Incorrect Answers:
B: To ensure load balancing and to improve performance Round robin must be enabled, not disabled.
C: With three host (A) records in different zones the name resolution would not be able to rotate between IIS1,
IIS2 and IIS3; we would not have any load balancing or redundancy.
D: To ensure load balancing and to improve performance Round robin must be enabled, not disabled.
QUESTION 14
You are the network administrator for a new branch office of Alecnet.s T he office network is
connected to the Internet by a T1 line.
Alecnet'ss Internet service provider (ISP) gives you a single public IP address and provides
firewall services to protect the office network.
The office network includes five windows 2000 Professional client computers and a Windows 2000 Server
computer named EPlanetLabs
A. All client computers are configured to use DHCP to obtain their IP
configuration settings.
AlecnetAs is configured as a DHCP server and contains two network adapters. You connect one
network adapter to the ISP connection, and you connect the other network adapter to the office network.
You
want to configure AlecnetAs so that client computers can access the Internet.
Which two courses of action should you take? (Each correct answer presents part of the solution. Choose
two)
A. Remove the DHCP Server service.
B. Install the DNS Server service.
C. Run the route command to add a route to the internal network.
D. Assign the public IP address to the internal network adapater.
Install and configure Routing and Remote Access.
Answer: B, D.
Explanation: A DNS server is required so that the clients can resolve internet URLs to IP addresses. The

Routing and Remote Access service should be configured to route traffic destined for the internet, and to
use NAT to map internal IP addresses to the external IP address.
Note: Alternative D is most likely incorrectly worded. It should be external, not internal, network adapter.
Incorrect Answers:
A: It is not necessary to remove the DHCP service.
C: A route needs to be added to the 'external' network (internet), not the 'internal' network. Part of configuring
NAT is to add a route to the internet.

QUESTION 15
You are the network administrator for Alecnet .s T he network consists of a Windows 2000 domain
named Alecnet .sc om. All servers are running windows 2000 server. Alecnet 1s , Alecnet 2s ,
Alecnet 3s are configured as DNS servers and host the Active Directory integrated zone. These servers are
located at the company's main office.
You install a new DNS Server named Alecnet 4s at a branch office. You do not wantAlecnet 4s to
be a domain controller. You configure Alecnet 4s as a standard secondary server. You configure
Alecnet 1s , Alecnet 2s & Alecnet 3s as a master server. After you configure the zone you try to
expand it in the DNS Management console on Alecnet 4s and receive the following error message;
"Zone not loaded by DNS server".
You need to be able to load the zone on Alecnet 4s . What should you do?
A. In the DNS Management console on Alecnet 4s , Select the allow zone transfer check
box. B. In the DNS Management console on Alecnet 1s , Select the allow zone transfer
check box. C. Convert the zone on Alecnet 4s to a standard primary zone.
D. In the DNS Management Console on Alecnet 4s , right-click the zone and then left-click transfer
from master.
Answer: D
Explanation: We need to get a copy of the zone from a master DNS server. We can initiate a manual
transfer of the zone by right-clicking on the zone on the secondary server and selecting transfer from
master.
Incorrect Answers:
A: This option is not required. It would only be required if this were a primary server and we wanted to allow
zone transfers to other servers.
B: This option will already be selected as this is one of multiple primary (AD integrated) DNS servers.
C: This wouldn't work. The only way we can have multiple servers hosting the same primary zone is if the zone
is Active Directory integrated.
QUESTION 16
You are the network administrator for a new branch office of Alecnet .s T he office network is
connected to the Internet by a T1 line.
Alecnet 'ss Internet service provider (ISP) gives you a single public IP address and provides
firewall services to protect the office network.
The office network includes five windows 2000 Professional client computers and a Windows 2000 Server
computer named Alecnets
A. All client computers are configured to use DHCP to obtain their IP

configuration settings.
Alecnet As is configured as a DHCP server and contains two network adapters. You connect one
network adapter to the ISP connection, and you connect the other network adapter to the office network.
You
want to configure Alecnet As so that client computers can access the Internet.
Which two courses of action should you take? (Each correct answer presents part of the solution. Choose
two)
A. Remove the DHCP Server service.
B. Install the DNS Server service.
C. Run the route command to add a route to the internal network.
D. Assign the public IP address to the internal network adapater.
Install and configure Routing and Remote Access.
Answer: B, D.
Explanation: A DNS server is required so that the clients can resolve internet URLs to IP addresses. The
Routing and Remote Access service should be configured to route traffic destined for the internet, and to
use NAT to map internal IP addresses to the external IP address.
Note: Alternative D is most likely incorrectly worded. It should be external, not internal, network adapter.
Incorrect Answers:
A: It is not necessary to remove the DHCP service.
C: A route needs to be added to the 'external' network (internet), not the 'internal' network. Part of configuring
NAT is to add a route to the internet.
QUESTION 17
You are the administrator of Alecnet 'ss network. To allow fault tolerance for your external DNS
Server, your Internet Service Provider (ISP) hosts a DNS Server on its UNIX Server. The UNIX Server is
used as the secondary DNS server for your primary external DNS Server.
Users inform you that they are not able to connect to the URL of the company's Web Server. You
investigate and discover that this inability to connect occurs during times when your primary external
DNS Server is unavailable.
What should you do to resolve this problem?

To answer, click the appropriate check box in the Advanced tab of the Properties dialog box.
Answer:
Explanation: In the Server options list, select the 'Bind Secondaries' check box.
Bind secondaries determines whether to use fast transfer format when transferring a zone to DNS servers
running legacy Berkeley Internet Name Domain (BIND) implementations. By default, all Windows-based DNS
servers use a fast zone transfer format, which uses compression and can include multiple records per TCP
message during a connected transfer. This format is also compatible with more recent BIND-based DNS servers
that run versions 4.9.4 and later. In this scenario the ISP's DNS server does not appear to support this, and Bind
secondaries needs to be enabled.
QUESTION 18
You are the administrator of the blueskyairlines.com domain. You maintain a local DNS server to
provide name resolution within your Internet domain. Your DNS server runs on Windows 2000 server.
You have five web servers, which contain company and flight information in addition to the online flight
reservation system.
For load-balancing purposes, each web server is configured to maintain exactly the same contents as all
the other web servers. All the web servers respond to the host name www.blueskyairlines.com. Customer
feedback indicates that web server response times are unacceptably slow. You monitor your web servers
and discover that only one of the five servers is servicing customer requests, while the others are sitting
idle.
You want to ensure load balancing and improve response time for customer web request. What could you
do in the DNS management console? (Choose two)

A. Enable round robin in the DNS server's properties.
B. Disable round robin in the DNS server's properties.
C. Enable forwarders and configure them to point to each web server.
D. Verify that A (host) records have been created for each web server.
E. Verify that CNAME (canonical name) records have been created for each web server.
Answer: A, D
Explanation: Round robin is an approach for performing load balancing. It's used to share and
distribute the network resource load. With round robin, the host name contained in a query, for which
multiple RRs exist, are rotated each time the query is answered.
In this scenario five host (A) records for www.blueskyairlines.com (pointing to the different web servers) must
be created.
Incorrect Answers:
B: To ensure load balancing and to improve performance Round robin must be enabled, not disabled.
C: Forwarders is used to forward DNS name queries to other DNS servers. It can not be used to load balance
the web servers.
E: CNAME records define aliases for resources. It can not be used to increase performance of the Web servers.
Instead host (A) records with identical names but different IP addresses must be created for the Web servers.