MCSA/MCSE
Self-Paced Training Kit, 2nd
Edition
Microsoft Windows 2000 Professional
Exam 70-210 (BLUE Book Cover)
Chapter 14 [309]: Securing Resources
with NTFS Permissions
NTFS folder permission
Read
Write
List Folder Contents
Read & Execute
Modify
Full Control
NTFS file permissions
Read
Write
Read & Execute
Modify
Full Control
Access control list (
Access control entry (ACE)
Effective permissions: the sum of the
NTFS permissions that you assign to the individual user account and to all of
the groups to which the user belongs.
Deny permission: overrides all instances where that permission is allowed.
Permission inheritance:
336 Avoid permission problems
Cache: Copies of files stored in a reserved portion
of disk space.
Manual Caching For Documents
Automatic Caching for
Documents
Automatic Caching for
Programs
Offline Files Mover (Cachemov.exe): used to change the location of the cache
In a workgroup, no
centralized database of user accounts exists,
Therefore, you must create the same user account with the same password on each
computer in the workgroup.
Chapter 16 [374]:
Auditing Resources and Events
Auditing allows you to track
both user activities and Win 2k activities called events.
Security log: maintains a record of valid and invalid logon
attemps and events related to creating, opening, or
deleting files or other objects.
Audit Plicy: defines the
types of security events that Win 2k records in the security log on each
computer.
Auditable Events:
Track
trends of system use
Event Viewer: Application log, Security log, System log
Filtering and finding events
Windows 2000 Pro Audit Policy:
Administrative Tools à Local Security Policy à Local Security Settings à Local Policies à Audit Policy à Select type of event to audit à Action menu à Security à Check success or Failure check box
Chapter 17: Group Policy and Local Security Policy
[398]
Password policy:
Password history – 1 to 24
Max password age – default 42 days; range 0 to 999
Reversible encryption – (CHAP) Challenge Handshak0e Authentication Protocol
Account lockout policy thru either Group Policy snap-in or the Local
Security Settings window
Acc lockout duration – 0 to 99999 minutes = 69.4 days
Reset acc lockout counter after – 1 to 99999 minutes
Security Options
Chapter 19: Backing Up and Restoring Data
Chapter 18: Managing Data Storage
Compression
Disk quotas [419]
Disk thresholds
Quota limits
Copying and moving compressed files and folders:
Compression:
Bitmaps will often compress
to less than 50 percent
Do not store compressed
files, in a compressed folder
Compress static data rather
than dynamic
Causes performance
degradation when you copy or move
Microsoft Encrypting File System (
Cipher Command: [429]
Utility that provides the
ability to encrypt and decrypt files and folders from a command prompt.
cipher
[/e | /d] [/s:folder_name] [/a] p/i]
[/f] [/q] [/h] [/k] [file_name […]]
If the owner’s private key is
unavailable, a person designated as the recovery
agent can open the file using his or her own private key, which Is applied to the
Disk defrag 434
Default Recovery Agent is administrator of the local computer unless the
computer is a member of a domain, domain administrator.
Ntbackup
command
Windows Backup: type ntbackup to
open utility
Normal backup: all selected files and folders are backed
up. Doesn’t rely on markers; any
existing marks are cleared and each file is marked as having been backed up.
Copy backup: all selected files and folders are backed
up. Neither looks for nor clears
markers; use a copy backup between a normal and incremental backup to create an
archival snapshot of network data.
Incremental backup: only selected files and folders
that have a marker are backed up, and then the backup clears markers; if you did two
incremental backups in a row on a file
and nothing changed in the file, the file would not be backed up the second
time.
Differential backup: only selected files and folders
that have a marker are backed up, but the backup doesn’t clear markers. If you did tow differential backups in a row
on a file and nothing changed in the file, the entire file would be backed up
each time.
Daily: All selected files and folders that have
changed during the day are backed up. Doesn’t clear the markers; if you want to back up all files and
folders that change during the day, use a daily backup.
Combining backup types:
Normal and differential backups: Monday – normal backup; Tue through Fri - differ
backups
Normal and incremental backups: Monday –
normal backup; Tue thru Fri, incremental backups
Normal, differential, and copy backups: Same as first , except that on Wed,
perorm copy backup
Scheduling Backup Jobs [450]
Restoring Data [457]
Chapter 20: Monitoring Access to Network
Resources
[473]
Monitoring open files
(computer management
Disconnect users from open
files
Sharing a folder on a remote
computer with
Monitoring user sessions
Send administrative messages
to Users
Chapter 21: Configuring Remote Access [486]
Win NT v4 includes support for several authentication
protocols used to verify the credentials of users connecting to the network.
Win 2000 also includes:
EAP: An extension to the
Allows for
an arbitrary auth mechanism to validate.
·
Generic token
cards
·
MD5-CHAP
·
Transport Level
Security (
RADIUS –
Remote Authentication Dial-in User Service
Win 2k can act as a RADIUS
client, a server, or both.
A RADIUS client, typically an
Windows 2000 Internet
Authentication Services (IAS) performs authentication
Internet Protocol Security:
IPSec is a set of security protocols and cryptographic
protection services for ensuring secure private communications over IP
networks.
Clients negotiate a security
association (SA) that acts as a private key to encrypt the data flow.
L2TP:
Similar to PPTP in that its primary purpose is to create an encrypted tunnel
through an untrusted network. But also provides tunneling but not
encryption. Provides a
secure tunnel by cooperating with other encryption technologies such as IPSec.
Key differences between PPTP and L2TP:
Remote Access Service (
Allowing inbound dial-up
connections
Make a new connection
Dial0up to a private network
option
Authentication Protocols (NT4):
New Authentication Protocols(Windows
2000):
Extensible Authentication Protocol (EAP): An extension
to the Point-to-point protocol (PPP) that works with dial-up, PPTP, and L2TP
clients. Allows for
arbitrary authentication mechanism to validate a dial-in connection. Support authentication by using the
following:
Remote Authentication Dial-in User Service (RADIUS): Provides
authentication and accounting services for distributed dial-up networking. Windows 2000 can act as a RADIUS client, a
RADIUS server, or both.
RFC 2138/2139
RADIUS Client: Typically an ISP dial-up server; a remote
access server receiving authentication requests and forwarding requests to a
RADIUS server. Configure RADIUS clients
on the Securities tab in the remote access server’s Properties dialog box.
RADIUS Server: Validates the RADIUS client request. Windows 2000 Internet Authentication Services
(IAS) performs authentication.
2000 Internet Authentication Services (IAS): Stores RADIUS accounting information from RADIUS
clients in log files.
Internet Protocol Security (IPSec): Set of
security protocols and cryptographic protection services for ensuring secure
private communications over IP networks.
Aggressive protection against private network and Internet attacks while
retaining ease of use. Clients negotiate
a security association (SA) that acts as a private key to encrypt the data
flow.
Layer Two Tunneling Protocol (L2TP): Provides
tunneling but not encryption; secure tunnel by cooperating with other
encryption technologies such as IPSec; creates secure
VPN connection; requires only that the tunnel media provide packet-oriented,
point-to-poing connectivity; can use UDP, Frame Relay
PVCs, x.25 VCs, or ATM VCs to operate over an IP
network; uses PPP encryption; requires IPSec for
encryption; supports header compression; supports tunnel authentication
PPTP: Requires an IP-based transit network; does
not support header compression;
Bandwidth Allocation Protocol (BAP) Bandwidth
Allocation Control Protocol (BACP):
: Enhance multilinked devices by dynamically
adding or dropping links on demand; useful for carrier charges based on
bandwidth use; both use PPP control
protocols and work together to provide bandwidth on demand;
Allow Incoming Connections
Allow/deny Incoming Virtual
Private Connection page
Select network components you
want to enable for incoming connections
Outbound Connections:
Chapter 22: Windows 2000 Boot Process
Windows 200 Boot process, five stages:
|
Files used when windows boots [502] |
|
||
|
File |
Location |
Boot Stage |
|
|
Ntldr |
System partition root (C:\) |
Preboot and boot |
|
|
Boot.ini |
System partition root |
Boot |
|
|
Bootsect.dos |
System partition root |
Boot (optional) |
|
|
Ntdetect.com |
System partition root |
Boot |
|
|
Ntbootdd.sys |
System partition root |
Boot (optional) |
|
|
Ntoskrnl.exe |
Systemroot\System 32 |
Kernel load |
|
|
Hal.dll |
Systemroot\System 32 |
Kernel load |
|
|
System |
Systemroot\System 32\Config |
Kernel initialization |
|
|
Device drivers (*.sys) |
Systemroot\System 32\Drivers |
Kernel initialization |
|
Pre-boot Sequence:
Boot Sequence:
4 Phases of Boot Sequence:
Initial Boot Loader Phase: Ntldr switches the microprocessor from real mode to 32-bit
flat memory mode, which Ntldr requires to carry out
any additional functions. Next, Ntldr starts the appropriate minifile
system drivers. The minifile
system drivers are built inot Ntldr
so that Ntldr can find and load Windows 2000 from
partitions formatted with either FAT or NTFS.
Operating System Selection: Ntldr reads the Boot.ini file. Default parameter in Boot.ini will
automatically start an OS.
Hardware Detection: Ntdetect.com and Ntoskrnl.exe
perform hardware detection. Ntdetect.com
executes after you select Win 2k on the Please Select and OS Screen.
Configuration Selection: The Hardware
Profile/Configuration Recovery Menu – list of the HW profiles that are set up
on the computer.
NTdetect.com
collects a list of currently installed hw components
and returns this list to Ntldr for later inclusion in
the registry under the HKEY_LOCAL_MACHINE\HARDWARE key.
Ntdetect.com detects the
following components:
Kernel load: Ntoskrnl.exe loads and initializes device
drivers and loads services.
Kernel initialization: Ntldr passes control to the kernel; system displays a
graphical screen with a status bar indicating load status. Four tasks are accomplished:
|
Error control values and Resulting Action |
|
|
|
0x0 (Ignore) |
Boot sequence ignores the
error and proceeds without displaying an error message |
|
|
0x1 ( |
Boot sequence displays an
error message but ignored the error and proceeds |
|
|
0x2 (Severe) |
Boot sequence fails and
then restarts using the LastKnownGood control set;
if already using this, then ignores the error and proceeds |
|
|
0x3 (Critical) |
Boot sequence fails and
then restarts using the LastKnownGood control set;
if this set is causing the critical error, the boot sequence stops and
displays an error message |
|
|
|
|
|
Logon
Windows 2000 control sets
The Last Know Good Process: [509]
Advanced Boot Options [512]
Boot.ini file:
in the active partition; ntldr uses info in this file
to display the Please Select the OS to Start menu.
ARC Paths Advanced RISC [reduces instruction set
computing] Computing: paths pointing to the computer’s boot partition.
Multi(0)disk(0)rdisk(1)partition(2)
Boot.ini Switches [517]: to provide
additional functionality.
/base video
/fastdetect=[comx|comx,y,z]
/maxmem:n
/noguiboot
/sos
Safe Mode: Press F8 during the OS selectin
phase.
Install recovery console:
<cd_drive>:\i386\winnt32
/cmdcons
Recovery console: [520]
Chdir (cd)
Chkdsk
Cls
Copy
Delete
Dir
Disable
Enable
Exit
Fdisk
Fixboot
listsvc
Fixmbr
Format
Help
Logon
Map mkdir
(md)
More
Rmdir (rd)
Rename (ren)
Type
I386> winnt32 /cmdcons
Chapter 23 Deploying Windows 2000:
To install the installation deployment tools: [528]
Setup Manager Options:
Use Setup Manager to create an “Unattended Setup
Script” [531]
o
Provide Defaults
o
Fully Automated
o
Hide Pages
o
Read Only
o
BUI Attended
·
Computer Names Page
o
Series of names,
o
Name of text file
to import,
o
Automatically
Generate Computer Names Based On OrganizationName
·
Select Use The
Following Administrator Password
·
Display Settings
·
Custom Settings
·
Number of Network
Adapters page
·
Internet Protocol
·
Workgroup or
domain
·
Yes, Edit The
Additional Settings
·
Browser and Shell
Settings page
·
Distribution
Folder page
·
·
OEM Branding
·
C:\Deploy\Unattend.txt
·
Copy file from cd
User interaction Level Page:
[ 553] Hardware Compatibility Report:
Run: winnt32/checkupgradeonly
Run: chkupgrd.exe utility
Software Compatibility:
I386\Winntpug
Disk Duplication to Deploy Win 2k [537]
Unique Security ID (
Sysdiff.exe utility: Often used in conjunction with
Setup Manager to install Windows using different files. Use is same with Windows NT.
System Preparation tool adds a system service to the master image that will
create a unique local domain
Switches for Sysprep.exe
/quiet Runs with no user interaction
/pnp Forces
Setup to detect Plug and Play devices on the destination computers
/reboot restarts the source computer
/nosidgen
doesn’t regenerate SIDs on the destination computers
To use System Preparation Tool (prepare a master image
for disk duplication):
Sysprep.inf:
Provides answers to the Mini-Setup wizard on the destination computers and
specify customized drivers; a Sysprep folder is
created at the root of the drive image and places Sysprep.inf
in this folder.
Setup Manager Wizard to create a Sysprep.inf
file. Sysprep.inf
provides answers to the Mini-Setup wizard on the destination computers. Also use the file to specify customized
drivers. The Wizard creates a Sysprep folder at the root of the drive image and places Sysprep.inf in this folder.
Use a master disk image to install Windows 2000 Pro: [540]
[543]
Remote Installation: Process of connecting to a server running Remote Installation
Services (RIS) – RIS Server, and then starting an automated installation of Win
2k Pro on a local computer.
Note: to be able to install Remote Installation
Services and to create a boot floppy for network interface cards that are not
equipped with a Pre-Boot Execution
Environment (PXE) boot ROM, or for systems with BIOSs
that don’t support starting from the PXE boot ROM, you must have a computer using
one of the Win 200 Server family of products.
Remote Installation Services Setup Wizard:
Install Remote Installation Services on a Windows 2000
Server:
Add/Remove Programs à Add/Remove Windows Components à Remote Installation Services à Reboot
Respond To
Client Computers Requesting Service check box [547]
Client computers that support
remote installation must have one of the following configurations:
Remote installation boot disk: simulates the PXE boot process
Rbfg.exe: Remote
Boot Disk Generator found in RemoteInstall\admin\i386 folder on the Remote
Installation Server.
E:\RemoteInstall\Admin\i386\rbfg
RIS provides:
[601]
Objectives
El torito specification: BIOS that
supports booting to CD-ROM
Makeboot.exe or MAKEBT32.EXE: located in the
\Bootdisk folder on Win 2k cd-rom. Makes win 2k setup disks.
-Before your computer can
join a domain, you must create a computer object in a container of the Win 2k
domain.
-FAT32 doesn’t support local
permissions at the folder and file levels.
Unattended installation/automated installation:
And
by default a Uniqueness Database File (UDB) to support a multicomputer
automated stup,
And
a CMDLINES.TXT file for running commands during setup
Common distribution methods:
Sysprep switches:
DEPLOY.CAB: Used to extract the deployment tools from the
Support Tools on Win 2k CD-ROM. This
file contains Setup Manager, a deployment help file, a sample answer file, and
other tools.
WINSYS32.CAB: Located in \i386 folder and contains two
files, MWWAVE.SYS and MWWDM.SYS. Files used to support
SETUPCL.EXE: Support SysPrep
functions. Generates a new
SETUPMGR.EXE: Used to start up the Setup Manager.
-The disk controller device
drivers in the master and destination computer must be identical in order to
use the SystPrep to automate installation.
RBFG.EXE utility: Used to generate a remote
installation boot floppy disk.
CHKUPGRD.EXE: The Win 2k Readiness Analyzer self-extracting utility.
MDCOMPAT.EXE: Win 95 utility for troubleshooting problems
running Win 3.1-based programs in Win 95.
UPDMGR.EXE: Connects to Windows Update online.
Distribution point/distribution folder: Contains the
OS source files.
Slipstreaming: Avoids the admin overhead of service pack
reapplication. Allows
you to apply a service pack update to the source files in the Win 2k Pro
distribution point.
Update –s: distribution_folder
UPDATE.EXE: Updates service packs.
SETUPCL.EXE: Supports the fn’s of
SysPrep.
Generates a new
**Troubleshooting failed installations:
Setup Loader phase: Files are copied from the
source to the local disk. Starts the
installation process and loads a SCSI disk controller support driver. Minimal version of the Win 2000 kernel and
additional hardware drivers are loaded.
Lastly, the boot sector is modified to continue Windows 2000
installation.
Text-Mode Setup phase: White text on
a blue background. Installation and
configuration of hw driver detection continues. Partitions created and formatted; converted
if necessary.
GUI-Mode Setup: Additional devices are detected, installed,
and configured; optional components are installed; additional installation
files are copied; and dynamic-link library (DLL) files are registered.
Log files created during setup:
Device-specific/component-specific logs:
Discretionary access control list (DACL)
Access Control List (ACEs)
CACLS.EXE Utility: Used to configure local
permissions.
ROBOCOPY.EXE: A Resource Kit utility that is used to
preserve permissions when copying NTFS files.
Effective permissions: Actual rights
a user is granted to a resource, whether they are inherited or explicityly assigned.
Compression: Supports a cluster size up to 4KB. Can not be used
concurrently with
To simplify administration,
group files into separate folders for applications, shared data, and individual
user data.
Centralizing
home folders and public folders on a volume that is separate from application
and the OS.
Microsoft Windows Scripting
Host (WSH): Alternate way of creating
shares.
Alias/Web Share: Controlled through security settings in IIS.
[601]
Objectives
El torito specification: BIOS that
supports booting to CD-ROM
Makeboot.exe or MAKEBT32.EXE: located in the
\Bootdisk folder on Win 2k cd-rom. Makes win 2k setup disks.
-Before your computer can
join a domain, you must create a computer object in a container of the Win 2k
domain.
-FAT32 doesn’t support local
permissions at the folder and file levels.
Unattended installation/automated installation:
And
by default a Uniqueness Database File (UDB) to support a multicomputer
automated stup,
And
a CMDLINES.TXT file for running commands during setup
Common distribution methods:
Sysprep switches:
DEPLOY.CAB: Used to extract the deployment tools from the
Support Tools on Win 2k CD-ROM. This
file contains Setup Manager, a deployment help file, a sample answer file, and
other tools.
WINSYS32.CAB: Located in \i386 folder and contains two
files, MWWAVE.SYS and MWWDM.SYS. Files used to support
SETUPCL.EXE: Support SysPrep
functions. Generates a new
SETUPMGR.EXE: Used to start up the Setup Manager.
-The disk controller device
drivers in the master and destination computer must be identical in order to
use the SystPrep to automate installation.
RBFG.EXE utility: Used to generate a remote
installation boot floppy disk.
CHKUPGRD.EXE: The Win 2k Readiness Analyzer self-extracting utility.
MDCOMPAT.EXE: Win 95 utility for troubleshooting problems
running Win 3.1-based programs in Win 95.
UPDMGR.EXE: Connects to Windows Update online.
Distribution point/distribution folder: Contains the
OS source files.
Slipstreaming: Avoids the admin overhead of service pack
reapplication. Allows
you to apply a service pack update to the source files in the Win 2k Pro
distribution point.
Update –s: distribution_folder
UPDATE.EXE: Updates service packs.
SETUPCL.EXE: Supports the fn’s of
SysPrep.
Generates a new
**Troubleshooting failed installations:
Setup Loader phase: Files are copied from the
source to the local disk. Starts the
installation process and loads a SCSI disk controller support driver. Minimal version of the Win 2000 kernel and
additional hardware drivers are loaded.
Lastly, the boot sector is modified to continue Windows 2000
installation.
Text-Mode Setup phase: White text on
a blue background. Installation and
configuration of hw driver detection continues. Partitions created and formatted; converted
if necessary.
GUI-Mode Setup: Additional devices are detected, installed,
and configured; optional components are installed; additional installation
files are copied; and dynamic-link library (DLL) files are registered.
Log files created during setup:
Device-specific/component-specific logs:
Discretionary access control list (DACL)
Access Control List (ACEs)
CACLS.EXE Utility: Used to configure local
permissions.
ROBOCOPY.EXE: A Resource Kit utility that is used to
preserve permissions when copying NTFS files.
Effective permissions: Actual rights
a user is granted to a resource, whether they are inherited or explicityly assigned.
Compression: Supports a cluster size up to 4KB. Can not be used
concurrently with
To simplify administration,
group files into separate folders for applications, shared data, and individual
user data.
Centralizing
home folders and public folders on a volume that is separate from application
and the OS.
Microsoft Windows Scripting Host (WSH): Alternate way
of creating shares.
Alias/Web Share: Controlled through security
settings in IIS.
-------------------------------------------------------------------------------------------------------
Questions answers from back
[700]
Which interface should you
use to upgrade drivers?
·
Device Manager
NOT: Add/Remove HW Wizard
NOT: Environment variables
NOT: The Component Services console
You suspect that an outdated
driver is causing intermittent problems while running an application. You want to display a list of all drivers
running. What should you do?
NOT: Device Manager
NOT: Add/Remove HW Wizard
NOT:
CIPHER.EXE command-line utility
What conditions might require
manual installation of drivers?
By default, members of which
group can manually install a driver on a computer running Windows 2000
Professional?
NOT: Backup Operators
NOT: Power Users
NOT: Users
How can you configure Windows
2000 Professional to distribute processing tasks across two processors?
NOT: reinstall win 2k pro
Win 2k pro does not support
multi procs
No action is necessary because
Win 2k will automatically begin using both processors
Which multiprocessor
configuration does Windows 2000 Professional support?
APIPA Automatic Private IP
Addressing
Client Services for NetWare
(CSNW)
[714]
You administer a LAN
supporting a Novell NetWare server and various clinets. You are planning to deploy some new computes
running Windows 2000 Professional. Which
conditions require you to manually assign a Unique Internal network Number to
the network adapter when using NWLink?
NOT: an application is using the DLC protocol
NOT: GSNW is installed, and multiple frame types
are used on single adapter
NOT: GSNW is installed, and NWLink
is bound to multiple adapters in the computer
NWLink uses a nonzero eight-digit hexadecimal internal
network number for routing purposes.
This network number is internal because NWLink
uses It inside the computer. The internal network number must be confused
with the network number
(also known as the external network number) that is used to
uniquely identify an IPX/SPX network segment.
If the client computer is acting as an application server by running a
SAP application such as MS SQL Server, the internal network number unieuqly identifies the computer to the network so that
other clients can access the application.
CSNW is the client redirector
used by Windows 2000 Professional to communicate over NWLink
with network-accessible NetWare resources.
A frame type defines how network packets are formatted before being sent
over the network. Each frame type
supported on a single adapter requires a unique internal network number to
avoid internal collisions with packets using a different frame type.
NWLink is MS implementation of the IPX/SPX protocol. Each network adapter in the computer running
this protocol requires a unique internal network number so that packets created
by the computer are internally routed to the appropriate adapter.
[723]
Windows File Protection WFP):
Protects against the replacement of critical system files and redusces file version matches.
Driver Verifier Manager (VERIFIER.EXE): Utility conatins both a command-line and windows interface.
Verifier /?
(Starts the Driver Verifier Manager Windows Interface)
File Signature Verification (SIGVERIF.EXE): Utility for manual signature
verification. Provides:
Catalogs: stored in a folder below %systemroot%\System32\Catroot
The primary catalog for
Windows 2000 system files is NT5.CAT
Signature checking facility: verifies that
a driver is signed before it is installed
You configure an unattended
setup of Win 2k Pro; you need to install unsigned drivers ; you run the
unattended setup routine on a test computer, a prompt is displayed warning of
impending unsigned driver installation.
How can you disable the prompt?
NOT: Add the following entry to the [Data] section
of UNATTEND.TXT; DriverSIgningPolicy=Ignore
NOT: Add the following entry to the [SetupParams] secton of
UNATTEND.TXT; Driver SigningPolicy=ignore
NOT: Add the following entry to the [GuiUnattended] section of UNATTEND.TXT: DriverSigningPolicy=Ignore
[726]
EFSINFO.EXE: Troubleshooting tool used to view info about
encrypted files, including info about the IFS user account and the recovery
agent accounts. [part
of Win 2000 Server and Win 2000 Pro Resource Kits]
MCAST.EXE: Tool used to diagnose and resolve problems
with audio and video multi-casting.
[part of Win 2000 Server and Win 2000 Pro Resource
Kits]
SFC: A command-line utility that scans protected
system files and replaces any protected files that were overwritten after the
installation of Windows 2000 Pro. Checks the catalogs to
determine correct file versions.
A Windows Update procedure automatically updates the catalog so that SFC
doesn’t overwrite files that are properly updated.
SIGVERIF.EXE: GUI-based utility that provides feedback on
signed and unsigned files. A list of
unsigned drivers appears. A log file
named SIGVERIF.TXT is created in the %systemroot%
folder. Contains
detailed list of all signed and unsigned drivers. Can be configured with
other options.
You want to ensure that unsigned drivers are not
installed on your computer running Windows 2000 Pro. What should you do?
NOT: No action is
required
NOT: Change the FSV setting to Ignore (Level 0)
NOT: Change the FSV setting to Warn
(Level 1)
[729]
AT command-line utility
The task will appear in the
Scheduled Tasks window but is managed from the AT command-line utility. You can schedule, reschedule, disable, or
remove a task.
Summary
results of task operation are contained in the Task log and is stored in %systemroot% named SCHEDLGU.TXT.
Windows Backup (NTBACKUP.EXE): Uses the Task
Scheduler service when backups are scheduled.
Use the View Log option in Task Schedular to
verify that the backup started.
Win 2k Pro computer w/ an internal Seagate STT8000
tape backup device
You successfully performed a full system backup using
the tape device
You use Task Scheduler to create a scheduled job to
run Windows Backup; the backup operation fails
What is the most likely cause of this failure?
NOT: The backup tape has failed.
NOT: The
correct device driver for the tape drive is not loaded.
NOT: Windows 200 does not support the tape device.
Which two methods can you use to create a scheduled
task in Win 2k Pro?
NOT: Open Control Panel and double-click the
Administrative Tools folder.
NOT: On the Start menu, point to Programs, point
to Administrative Tools, and click Scheduled Tasks.
[735]
Enabling and configuring
Offline Files initiates an update of the %systemroot%\Csc hidden database cache folder with
offline file configuration information.
The Client Side Cache (CSC) is the database for the cache.
Use the Offline Files Cache
Mover utility (CACHEMOV.EXE) to move
the CSC database to a partition on a fixed disk with more space.
Files are made available off
line through either automatic file caching or manual file caching.
Automatic file caching copies
any files selected or opened on the clinet computer
to the cache.
Selecting a file without
opening it stores it in the cache.
Automatic file caching is configured from the server at the share level
so that any files or folder below the share are configured for automatic file
caching.
(FIFO): First in First Out: Method used when the cache approaches the
maximum configured cache size, files are deleted on a
first in, first out basis.
Certain files cannot be
cached, such as .pst and .mdb. You modify this exclusion list through the
Files Not Cached Group Policy setting.
Files are synchronized
between the online and offline cache either manually or automatically based on
one of the following events: logon,
logoff, idle time, or a fixed schedule.
Manual synchronization: click Synchronize on the Tols
menu in Windows Explorer.
[737]
Every day, you store your
data on a computer running Win 2k Server.
You want to use the Offline Files feature on your laptop computer
running Windows 2000 Pro while you are away from the
office. Which computer or computers must
you configure?
NOT: None
NOT: The server
NOT: Your laptop
Users on the network need to
edit offline documents in one folder on your computer running @in 2k Pro. You want opened files to be automatically
downloaded and made available when working off line. After you have configured the server for
automatic download, users will enable and configure Offline Files on the
Offline Files tab in the Folder Options dialog box. How should you configure the share to support
automatic download?
Users on the network need to
edit offline documents in one folder on your computer running Windows 2000
Pro. If users edit both the cached
offline copy of a file and the network version of a file, what two choices
exist when you want to save all changes without renaming one version of the
file?
NOT: Use the Indexing Service to merge the changes
NOT: Use the Synchronization Merge Wizard to merge
the changes
If both a cached copy and a
network copy of a file are changed, during synchronization, a Resolve File
Conflicts dialog box opens. This dialog
box contains three radio buttons:
1.
allows you to
save both files with different names
2.
allows you to
overwrite the network version with the cached version of the file
3.
overwrites the
cached version with the network version of the file
The default setting for the
Offline Files Wizard is to automatically synchronize files on logon and logoff.
Idle Settings dialog
box: Prevent Synchronization When My
Computer Is Running On Battery Power check box.
SYSMON.OCX: System Monitor ActiveX control
PERFMON.MSC: The Performance console collects data from
instances, unique copies of performance objects. Performance objects are symbolic
representations of HW resources, apps, protocols, and services. TO tie the conept
of objects to instances, consider the following example.
Perfmon/wmi: instructs the console to query the WMI
repository instead of the registry to obtain system resource data. The repository is to WMI as the registry is
to the OS.
Data is collected for later
viewing by configuring the Counter logs and Trace logs in the Performance Logs
and Alerts snap-in. Data is sampled
using Counter logs and traced using, Trace logs. Choose the fixed interval to sample at.
Counter logs: Can be configured to output binary (.blg), comma-delimited (.csv), or
tab-delimited (.tsv) file data.
Trace logs: Generate binary (.etl)
files. System Monitor cannot read these
files. A utility such as TRACEDMP.EXE must be used to extract
data from Trace logs for viewing in other applications.
TRACEDMP.EXE
is a utility contained in the Windows 2000 Server and Professional Resource
Kits. This utility reads the .etl file and creates a SUMMARY.TXT file and a DUMPFILE.CSV
file for review.
OLE Custom eXtension (OCX)
Diskperf/yv: logical disk counters are enabled this way.
[746]
Change page file settings:
In the System Properties
dialog box, click the Advanced tab and then click the
Performance Options
Processor\% Processor Time is a useful indicator of an overused processor if the
value sustains a high value, perhaps 80%
or greater. This, combined with a System\Processor Queue Length greater
than 2, suggests that the processor
is a bottleneck.
[747]
You want to improve the
performance of the NTFS fixed disks on your computer. Which options might you consider to improve
NTFS performance?
NOT: Disable creation of long names (creation is
automatic and cannot be disabled)
*Disable creation of short names:
For compatibility with MS-DOS or Win 3.x apps that are unaware of LFNs, FAT, FAT32, and NTFS generate short filenames in 8.3 format when a file is created. Generating short filenames contributes to
file system overhead. TO disable the
generation of 8.3 filenames on NTFS partitions, change the value of the
NtfsDisable8dot3NameCreation registry entry from 0 to 1. This entry is located in the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystemkey. Files that already have both long and short filenames
are unaffected by this change.
NTFS uses the MFT as a file index. File properties including location iformation and entire files, if the files are small, are
stored in the MFT. The MFT stores at
least one entry for every file on a n NTFS partition. MFT is a file itself and is susceptible to
fragmentation.
To increase contiguous space
allocation for larger partitions that will contain many files, add the NtfsMftZoneReservation value name with a REG_DWORD data
type and a value of 2,3, or 4 to the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FIleSystem
key. The larger the value of this
registry entry, the more space that is allocated to the MFT.
Last access update: (date and time-stamping process
which slows down computer);
disable the last access update on NTFS partitions, add the NtfsDisableLastAccessUpdate value name with a REG_DWORD
data type and a value of 1 to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
key.
[756]
Emergency Repair Disk (ERD)
F8 during startup = opens the
Advanced Options menu
Safe Mode: used to resolve device driver, system
service, or autostarting application failures.
Boot Logging: NTBTLOG.TXT
Recovery Console
To install: winnt32/cmdcons (7MB install)
*The CMdcons
folder is marked with the System, Hidden, and Read Only
attributes (SHR). An option to styart the Recovery Console is added to BOOT.INI. Point to the BOOTSECT.DAT file contained in
the Cmdcons folder.
Set allowallpaths
= true ; to enable full access to all HDs and folders
Set allowsremovablemedia
= true ; to allow copying files to removable media,
such as disks
*if the %systemroot%\Repair\Regback folder is current, use the
Recovery Console to recover the registry.
*Using the Recovery Console
is a better way to restore a damaghed registry than
running an Emergency Repair. This is
because the registry files in the %systemroot%\Repair
folder are from the original installation of Win 200 Pro, so any changes to the
system after the original installation are lost when you run an Emergency Repair.
Raoming user profile:
A profile configured to move between computers.
Mandatory user profile: Can convert a roaming user profile to a
mandatory user profile if you do not want it to be customized by users. This is ideal for sharing among multiple
users who use the same desktop settings.
To change a local user
profile into a domain-based roaming user profile, copy the local user profile
to a network location. Then, from the
properties of a domain user account, click the Profile tab and set the Profile
Path text box to the network location containing the copied pofile.
Localization: Includes supporting one or multiple languages
in the Windows interace, configuring local settings
appropriate to a user, and configureing
Win 2k Pro to operate in multiple locations.
Network Group Policy and the
MS Windows Installer Service make custom application delivery possible.
Active Desktop: Used to personalize Windows 2000 Professional
desktops, which will allow you to configure a screen saver, and redirect My
Documents folder to the network.
Set command
: to see a list of configured environment variables.
NTUSER.MAN and profile_folder.MAN
Windows installer package (.msi)
Renaming NTUSER.DAT to
NTUSER.MAN will convert the profile
[783]
Unattend upgrade with Japanese and Korean languages installed:
D:\i386\winnt32\ /s:d:\i386 /unattend:c:\unattend.txt /copysource:lang\jpn
/copysource:lang\kor
[784]
CACHEMOV.EXE : Cahce Move utility allows
for the relocation of the Offline Files cache to a different volume.
GPRESULT.EXE : Group Policy Results tool. Displays information relevant to
troubleshooting the application of Group Policy, such as which group policies
were applied to the computer at logon, where the roaming and local user profiles
are contained, and security group membership for the currently logged on user.
MUISETUP.EXE : MultiLanguage Version Setup
utility; installs language setting files onto versions of Win 2k supporting a MultiLanguiage version upgrade.
SECEDIT.EXE : Command-line utility creates and applies security templates and
analyzes system security. Typically used
on a network where security must be analyzed, applied automatically, or
both. Useful for deploying a consistent
security policy to all computer on a network.
Veritas Software, WinInstall
LE : .msi packaging
console found on the Win 2000 Server and Professional installation CD-ROM.
\Valueadd\3rdparty\Mgmt\Winstle
folder
Package:
Self-contained database that is a Windows Installer (.msi)
file. An .msi
file can be assigned or published to a user or assigned to a computer.
Feature: Part of an application; ie MS Excel
for Windows is part of the MS office suite.
Component: Part of a feature; EXCEL.EXE is a component
of MS Excel for Windows. A collection of
files, registry keys, and other resources that are all installed or uninstalled
together.
Keypath: A resource within a component, such as a
program file or registry value. If a keypath is missing, a repair is performed
automatically. Therefore, if a user
deletes an application that is assigned, it will be automatically reinstalled
at logon.
Cabinet files (.cab): Compressed
application product files and stored in the same folder with the .msi or in subfolders below the package.
Transform (.mst) files: Customized
Installer Packages.
Setup settings (.ini) files.
[791]
POLEDIT.EXE: System Policy Editor; include with Win 2k
Server, primarily for Windows NT 4, Windows 95, and Windows 98-style policy
configuration.
-----------------------------------------------------------
ExamCram.com Questions:
Windows 2000 Professiona
Your
company has sent you from
A) Control
Panel, Date/Time applet
B) Control Panel, Regional Settings applet
C) Double-click on the time
D) Right-click on the Desktop
Answer:
A) Control Panel, Date/Time
applet
C) Double-click on the time
Explanation
Answers a and c are correct. You can change the time
zone two ways. First, go to the Control Panel and open the Date/Time applet.
Then select the time zone tab. Also, you can simply double-click on the time
found in the System Tray (the lower right corner