3COM certification 3COM
Adobe certification Adobe
Apple certification Apple
Avaya certification Avaya
BEA certification BEA Systems
Business Objects certification Business Objects
Check Point certification CheckPoint
Cisco certification Cisco
Citrix certification Citrix
CIW certification CIW
COGNOS certification COGNOS
CompTIA certification CompTIA
CWNP certification CWNP
EC-Council certification EC-Council
EMC certification EMC
Exam Express certification Exam Express
Exin certification Exin
F5 Networks certification F5 Networks
H3C certification H3C
HDI certification HDI
HP certification HP
Hitachi certification Hitachi
IBM certification IBM
Isaca certification Isaca
ISC certification ISC
ISEB certification ISEB
Juniper certification Juniper Networks
Lotus certification Lotus
LPI certification LPI
Microsoft certification Microsoft
Mile2 certification Mile2
Network Appliance certification Network Appliance
Nortel certification Nortel
Novell certification Novell
Oracle certification Oracle
PMI certification PMI
RedHat certification RedHat
RSA certification RSA Security
SAIR certification SAIR
SAS certification SAS Institute
SNIA certification SNIA
Sun certification Sun
Sybase certification Sybase
Symantec certification Symantec
Teradata certification Teradata
Tibco certification Tibco
Veritas certification Veritas
VMware certification VMware
All Exams

Microsoft 70-227 Exam - CertifySky.com

Free 70-227 Sample Questions:

1. You are the administrator for your company network, which contains a single Microsoft Windows 2000 domain. You add all the client computers in your finance department to an organizational unit (OU) named Finance.
You install and configure an ISA Server computer on the network for Internet access. You configure this computer to allow PPTP packets. You also configure all client computers on the network as SecureNAT clients. Users can now access external Web sites.
A VPN server named VPN-server1 is located at the main office of one of your business partners. Users in the finance department need to access VPN-server1, but they cannot establish a VPN tunnel to it.
You need to configure only the client computers in the finance department to connect to VPN-server1. What should you do?
A: Deploy and assign MS_FWC.msi to the Finance OU.
B: Deploy and publish the setup file for the Firewall Client software to the Finance OU.
C: Configure each client computer in the finance department so that the address of the internal network adapter of your ISA Server computer is its default gateway.
D: Configure Routing and Remote Access on VPN-server1. Enable TCP ports 1723 and 47 on this computer.
Answer: A

2. You are hired to administer a Microsoft Windows 2000 network. This network was already configured before you began your job. The relevant portion of the current configuration is shown in the exhibit. (Click the Exhibit button.)
The current configuration includes an ISA Server computer named ISA1 and a Windows 2000 Server computer named RRAS1. Both ISA1 and RRAS1 provide VPN access to internal resources. ISA1 also provides firewall and caching services, and it is the Web server for your company's Internet site.
You now need to reconfigure WWW2, which is your internal Web server. WWW2 should be available to all employees, even if they are working from home. It requires a high level of security.
Your solution must provide public access to ISA1 and employee-only access to WWW2. It must also ensure the highest possible level of security.
What should you do?

A: Change the TCP port used by the Web server component on ISA1. Create a Web publishing rule to use the new port. Decommission RRAS1. Configure ISA1 to act as a VPN server and to allow remote users to connect by using PPTP.
B: Ensure that the Web server component on ISA1 uses the default TCP port. Create a Web publishing rule to use the default TCP port. Configure RRAS1 to act as a VPN server and to allow remote users to connect by using PPTP.
C: Change the TCP port used by the Web server component on ISA1. Create a Web publishing rule to use the new port. Install a digital certificate on WWW2 to encrypt HTTP session traffic. Configure ISA1 to redirect HTTPS requests to WWW2.
D: Ensure that the Web server component on ISA1 uses the default TCP port. Create a Web publishing rule to use the default TCP port. Configure WWW2 to use integrated Windows authentication. Configure ISA1 to redirect HTTP requests to WWW2.
Answer: A

3. You are the network administrator for your company. The company uses three Microsoft Windows 2000 Advanced Server computers that run ISA Server to publish the company Web site. The three ISA Server computers form a single array. The Web site is hosted on another Windows 2000 Advanced Server computer behind the ISA Server computers. While you are analyzing the use of the cache on the three ISA Server computers, you notice that many objects from the Web site are cached on all three ISA Server computers. You want to improve the efficiency of the combined cache space of the three ISA Server computers. You want to cache each object on only one of the ISA Server computers. What should you do?
A: On each ISA Server computer, create packet filters to allow packet transmission to the other ISA Server computers.
B: Configure the array to resolve incoming Web requests within the array before routing.
C: Configure an enterprise policy for the array. Grant the array members full control permissions on the enterprise policy.
D: Configure each ISA Server computer to use the IP address of another ISA Server computer for intra-array communication.
E: Implement Network Load Balancing (NLB) on the external network cards of the three ISA Server computers.
Answer: B

4. You administer an array of ISA Server computers. This array makes your company's public Web site available to Internet users. The relevant portion of your network configuration is shown in the exhibit. (Click the Exhibit button.)
The ISA Server array has one Web publishing rule for incoming Web requests. Each array member is configured to use a cache of 5 GB. The Web servers use Network Load Balancing (NLB).
When you monitor network traffic between the ISA Server array and the Web servers, you notice that the same Web objects are cached by more than one of the array members.
You need to reconfigure your network so that the array behaves as one logical cache of 15 GB. What should you do?

A: Configure NLB on the external network adapter of the three array members.
B: Configure a single IP address for intra-array communication on each array member.
C: Configure a cache load factor of 100 for each array member.
D: Configure a routing rule on each array member to forward inbound requests to the other array members.
E: Configure the array to resolve inbound Web requests within the array before routing.
Answer: E

5. You are the administrator of your company network, which consists of a main office and three branch offices. Each branch office has a dedicated T1 connection to the main office. The main office has a T1 connection to the Internet. In addition, each branch office has a dedicated 128-Kbps DSL line for Internet connectivity.
Company policy allows users limited access to Web-based resources. The company wants to ensure that the local caching server at each office will serve all Web requests before routing any requests to the Internet. The company also wants to ensure that all requests that are forwarded to the Internet go through the main office.
You install ISA Server arrays at each branch office and create the routing rules shown here:
8.You are the network administrator for your company. You are using ISA Server to secure Internet access for your users. They must be able to access any external Web site, but they must not be able to use other Internet applications. You create appropriate client address sets and destination sets to allow all internal client computers to access any external Web site. You also create a site and content rule to allow all these computers to access all destinations during work hours only.
Users now report that they receive a 502 Proxy Error message when they try to access external Web sites, and they are denied access.
You need to enable users to access external Web sites. What should you do?
A: Create a new destination set to include the addresses of all allowed Web sites.
B: Create a new protocol definition to include HTTP and HTTPS access.
C: Create a new site and content rule to allow all requests for Web-based content.
D: Create a new protocol rule to allow HTTP and HTTPS traffic.
Answer: D

6. You are the network administrator of a branch office for your company. The branch office and the main office are connected by a dedicated fractional T1 line. The main office includes an array of ISA Server computers. You use group policies and DHCP to administer the configuration of all client computers, which run Microsoft Windows 2000 Professional.
You need to install ISA Server at the branch office to improve the performance of FTP and HTTP requests from your client computers. Your configuration must take advantage of the cache on the ISA Server array in the main office.
What should you do?
A: Install ISA Server in integrated mode. Use DHCP to configure the client computers at the branch office with the internal IP address of your ISA Server computer as the default gateway.
B: Install ISA Server in cache mode. Use DHCP to configure the client computers at the branch office with the internal IP address of your ISA Server computer as the default gateway.
C: Install ISA Server in integrated mode. Use DHCP to provide the location of the WPAD.DAT file to the client computers at the branch office.
D: Install ISA Server in cache mode. Use DHCP to provide the location of the WPAD.DAT file to the client computers at the branch office.
Answer: D

7. You are the administrator of your company network, which consists of a single Microsoft Windows 2000 domain. The network is connected to the Internet by a dedicated T1 line. You install ISA Server to control user access to the Internet and to secure the network from the Internet.
You want to accomplish the following goals:
All users in the domain must be able to send and receive e-mail on the mail server of your ISP. External users must be able to perform a directory query of your Active Directory.
Administrative users must have unrestricted access to the Internet.
Non-administrative users must be able to access only approved external Web sites, and only during work hours.
Non-administrative users must be able to access only approved FTP sites, and only during work hours.
You take the following actions:
Create site and content rules, as summarized in this table:

Rule Name
Action
Applies to
Schedule
Destination Set
Admins
Allow
Domain Admins
Always
All Destinations
Users-FTP
Allow
Domain Users
Always
Approved FTP Sites
Users-Web
Allow
Domain Users
Work Hours
Approved Web Sites

Create protocol rules, as summarized in this table:

Rule Name
Allowed Protocols
Applies to
Administrators
All IP traffic
Domain Admins
Users
Selected Protocols:
FTP(Client)
HTTP(Client)
LDAP
DNS Query(Client)
Domain Users

Which result or results do these actions produce? (Choose all that apply.)
A:All users in the domain can send and receive e-mail on the mail server of your ISP.
B:External users can perform a directory query of your Active Directory.
C:Administrative users have unrestricted access to the Internet.
D:Non-administrative users can access only approved external Web sites, and only during work hours.
E:Non-administrative users can access only approved FTP sites, and only during work hours.
Answer: C, D