CompTIA
Exam Vouchers
Save money on CompTIA exams
| Question of the day
Sign up to receive
interactive practice questions
for MCSE, CompTIA
Cisco and other exams
| TestKing
Get MCSE, MCSD, CCNA, CCNP,A+, N+ and many more | * ExamSheets *
Guide for Success!
Actual Questions & Answers
MCSE, MCSD, A+ ,CCNA, CCNP
Oracle 8i, Oracle 9i Online practice tests
Certification sites Online university Online college Online education Distance learning Software forum Server administration forum Programming resources
|
|  |
| Author |
Thu 70-217 Question of the Day
|
wbafrank
Moderator
M
Registered: Nov 2001
Location:
Country: Great Britain (UK)
State:
Certifications: MCP, MCSA, MCSE, MCSD, MCDBA, A+, CCNA, i-Net+, M CIW SD, CIW P, CIW Associate
Working on: CCNP (2/4)
Total Posts: 3787
|
|
 Thu 70-217 Question of the Day
 And today's poser is ....
Q38. You are on the IT security team for your company and the network is a native Windows 2000 network in a single site design, divided into three domain. During a recent team meeting, many new principles were discussed. One area of the discussion was the procedure to use when dealing with new employees. The following criteria were agreed upon to be implemented:
1. The Day-shift employees work from 7 am through 4pm, and the night shift employees work from 4 pm through 1 am, and their user accounts must only allow access at these times.
2. The Management team requires 24 hour access to the network.
3. The shift workers must be allowed to logon only from their computers.
4. Use only TCP/IP as the network protocol.
5. The Security Domain Administrator shall maintain control over the passwords of all temporary employees.
6. Disable general network browsing.
In order to meet these requirements you carried out the following actions:
1. Created 3 OUs, Management, Day and Night.
2. Created a policy to control hours of logon for the 3 OUs.
3. Assigned temporary passwords for the temporary employees.
4. Disabled NetBIOS over TCP/IP.
Now it seems that there is a new problem on the network. What problem was created due to this new implementation?
A. By creating 3 OUs instead of 3 groups, you have lost the control over the logon hours.
B. Having the Security Domain Administrator controlling the temporary passwords is a security risk, since the employees might share that information.
C. By disabling NetBIOS over TCP/IP you have removed the option of controlling the computer used to logon to the network.
D. By disabling NetBIOS over TCP/IP you have removed the option of full network browsing.
E. Having the Day shift end at the same minute the Night shift begins causes a one minute crossover that will corrupt the security policies.
Good Luck .... see you tomorrow for the answer!!
__________________
One Exam leads to another! Where will it ever end?
Report this post to a moderator
|
|
 03-21-02 12:59 PM
|
|
jeff_j_black
that's what "THEY" said..
Registered: Jan 2002
Location:
Country: United States
State:
Certifications:
Working on:
Total Posts: 2723
|
|
|
|
03-21-02 02:02 PM
|
|
ScoobySnacks
Junior Member
M
Registered: Jun 2001
Location: the hole below london
Country: United Kingdom
State:
Certifications: MCP
Working on: MCSE, CCNA
Total Posts: 11
|
|
i agree jeff this is a though one!
but the only logical answer seems to be 'C'
but then again im probably wrong! >.<
Mike
__________________
Don't worry its a Microsoft product 
Report this post to a moderator
|
|
|
03-21-02 05:06 PM
|
|
KScheler
Senior Member
Registered: Oct 2001
Location: Abbott,TX
Country: United States
State:
Certifications: Network+, A+, MCSE NT4, MCSE 2000, MCSA 2000
Working on: MCSA/MCSE 2003
Total Posts: 734
|
|
|
|
03-22-02 12:10 AM
|
|
unreal
Senior Member
M
Registered: Dec 2001
Location:
Country: Singapore
State:
Certifications: MCSE 2000
Working on: CCNA
Total Posts: 375
|
|
|
My pick are:
B. Having the Security Domain Administrator controlling the temporary passwords is a security risk, since the employees might share that information.
D. By disabling NetBIOS over TCP/IP you have removed the option of full network browsing.
E. Having the Day shift end at the same minute the Night shift begins causes a one minute crossover that will corrupt the security policies.
__________________
" When asked if he felt discouraged by the 1,073 failures he had before inventing the electric light bulb, "I did not fail 1,073 times; I found 1,073 ways not to do it."
Thomas Edison.
Report this post to a moderator
|
|
|
03-22-02 02:08 AM
|
|
merav21
Senior Member
Registered: May 2000
Location: Morris County, NJ
Country: United States
State:
Certifications: A+, Network +, MCSA, MCSE, MCP NT 4
Working on: CCSA, CNA
Total Posts: 118
|
|
 my answer
I think the answer is definitely C.
I would not choose A because if you had made three groups, it would not make a difference because policy cannot be applied to groups, only OU's(in the case), Domains, Sites, or the local computer.
I don't agree with B, because it is common practice for administrators to control the passwords for temporary employees..yes, it may be a security risk, but there is a security risk even when employees control their own passwords.
D would not make sense because one of the goals was to disable general network browsing.
E I'll admit I really don't know about, I would not think that it would corrupt the security policies...
But C is the best answer, since one of the goals was to only allow the shift workers to log on to their own workstation, and if you disable netbios over tcp/ip, it will not work.
Report this post to a moderator
|
|
|
03-22-02 05:51 AM
|
|
robertmillar
Senior Member
Registered: Dec 2001
Location: Delbrück
Country: Germany
State:
Certifications: MCSE, MCSA, MCP (210, 215, 216, 217, 218, 219, 220), CLAIT, IBT2
Working on: LINUX +, CCNA
Total Posts: 319
|
|
|
|
03-22-02 03:34 PM
|
|
wbafrank
Moderator
M
Registered: Nov 2001
Location:
Country: Great Britain (UK)
State:
Certifications: MCP, MCSA, MCSE, MCSD, MCDBA, A+, CCNA, i-Net+, M CIW SD, CIW P, CIW Associate
Working on: CCNP (2/4)
Total Posts: 3787
|
|
|
Re: Thu 70-217 Question of the Day
quote:
Originally posted by wbafrank
And today's poser is ....
Q38. You are on the IT security team for your company and the network is a native Windows 2000 network in a single site design, divided into three domain. During a recent team meeting, many new principles were discussed. One area of the discussion was the procedure to use when dealing with new employees. The following criteria were agreed upon to be implemented:
1. The Day-shift employees work from 7 am through 4pm, and the night shift employees work from 4 pm through 1 am, and their user accounts must only allow access at these times.
2. The Management team requires 24 hour access to the network.
3. The shift workers must be allowed to logon only from their computers.
4. Use only TCP/IP as the network protocol.
5. The Security Domain Administrator shall maintain control over the passwords of all temporary employees.
6. Disable general network browsing.
In order to meet these requirements you carried out the following actions:
1. Created 3 OUs, Management, Day and Night.
2. Created a policy to control hours of logon for the 3 OUs.
3. Assigned temporary passwords for the temporary employees.
4. Disabled NetBIOS over TCP/IP.
Now it seems that there is a new problem on the network. What problem was created due to this new implementation?
A. By creating 3 OUs instead of 3 groups, you have lost the control over the logon hours.
B. Having the Security Domain Administrator controlling the temporary passwords is a security risk, since the employees might share that information.
C. By disabling NetBIOS over TCP/IP you have removed the option of controlling the computer used to logon to the network.
D. By disabling NetBIOS over TCP/IP you have removed the option of full network browsing.
E. Having the Day shift end at the same minute the Night shift begins causes a one minute crossover that will corrupt the security policies.
Good Luck .... see you tomorrow for the answer!!
And the answer is ....
Correct Answers: C
In this question, there have been several criteria that need to be followed. These criteria are not uncommon, however there is a conflicting issue with these requirements. The two criteria that are in conflict are the ability to control the computers that users logon from, and to disable network browsing. By disabling NetBIOS over TCP/IP you will have successfully removed the option of network browsing. This will keep users from random network usage. On the other hand, you are trying to control the individual computers that users can logon from. This is controlled using the NetBIOS name of the computers. When NetBIOS over TCP/IP was removed, and TCP/IP is the only protocol used in the network there is no longer any criteria that can be used to control the computer used during logon.
__________________
One Exam leads to another! Where will it ever end?
Report this post to a moderator
|
|
|
03-22-02 04:41 PM
|
|
|
Click here for list of 70-217
study guides and order yours now!
MCSE exam notes
70-217 exam details
Forum Rules:
Who Can Read The Forum? Any registered user or guest.
Who Can Post New Topics? Any registered user.
Who Can Post Replies? Any registered user.
Changes: Messages can be edited by their author.
Posts: HTML code is OFF. Smilies are ON. vB code is ON. [IMG] code is ON. |
|
ExamNotes forum archive
|
