my blog

Q: 1 Which step is required to obtain the license file when implementing Citrix Presentation Server 4.5 after installing the Citrix License Server?

A. Download the license file from MyCitrix.com and upload it to the License Management Console through
the License Files node.
B. Download the license file from MyCitrix.com and upload it to the License Management Console through
the File Locations node.
C. Download the license code from MyCitrix.com and enter it in the License Management Console through
the License Files node.
D. Download the license code from MyCitrix.com and enter it in the License Management Console through
the File Locations node.

Answer: A

Q: 2 Scenario: An administrator is installing Presentation 1Y0-259
Server 4.5. The company requires the use of the Program Neighborhood Agent as the pass-through client and that users should be explicitly prompted for authentication to Citrix Presentation Server. Which two steps must the administrator take during the installation to meet the company’s requirements? (Choose two.)

A. Select “no” for pass-through authentication for the pass-through client.
B. Select “yes” for pass-through authentication for the pass-through client.
C. Replace the default Client with the Program Neighborhood Agent as the pass-through client.
D. Specify the URLs of the web server running the Program Neighborhood Agent Services Site.

Answer: A, D

Q: 3 Scenario: A company has a Citrix Presentation Server 4.0 on Windows Server 2003 implementation and will upgrade to Citrix Presentation Server 4.5. The administrator must migrate the current farm while preserving the current custom configuration settings. Which type of installation should the administrator follow?

A. The automatic upgrade path, choosing custom settings in the autorun installations
B. The automatic upgrade path, accepting the default settings in the autorun installations
C. The phased migration path, joining a server running Citrix Presentation Server 4.5 on Windows Server 2003 to the current farm and acquiring the configuration settings
D. The phased migration path, installing Citrix Presentation Server 4.5 on a server running on Windows Server 2003 independent of the current farm and manually configuring the custom settings

Answer: B

Q: 4 Scenario: When planning a Presentation Server deployment on multiple servers, an organization wants to ensure that there is no Presentation Server as a single point of failure. Which three database options eliminate the single point of failure? (Choose three.)

A. Oracle
B. IBM DB2
C. Microsoft Access
D. Microsoft SQL Server
E. Microsoft SQL Express

Answer: A, B, D

Q: 5 Which two Health Monitoring and Recovery tests are enabled by default? (Choose two.)

A. Citrix IMA Service
B. Citrix XML Service
C. Citrix SMA Service
D. Citrix XTE Server Service

Answer: A, B

Q: 6 Scenario: An administrator enables CPU Optimization for the entire farm. After installing a CPU-intensive Computer Aided Drawing and Design (CADD) application, several power users ask how additional CPU may be allocated specifically to them. Which statement is correct?

A. CPU allocation is defined by network bandwidth.
B. CPU allocation can be configured in the registry.
C. The administrator cannot configure CPU allocation.
D. The administrator can configure CPU allocation in the farm properties.

Answer: B

Q: 7 Scenario: An administrator installs a new database application that uses a .ZTC extension for its data files on servers running Presentation Server. The .ZTC extension does not show as a file type association option when attempting to publish the application. Why is .ZTC not listed as a file type association when publishing applications?

A. The servers that host the application have not been rebooted.
B. The file type association function is not supported for that extension.
C. The administrator has not run the “Update from registry…” option from the console.
D. The administrator is attempting to publish the application to a server that does not have the application installed.

Answer: C

Q: 8 Scenario: During the course of one day, the administrator of a large server farm comprised of a single zone notices that the IMA Work Item Queue Ready Count metric on the data collector for the zone has repeatedly been just above zero. The data collector supports 50 servers and hosts 10 productivity applications. There is no backup data collector configured for the zone. There is one server that only has one proprietary application suite published. This proprietary application suite is only used by the Finance department but is mission critical for that department. Which two actions would best address the needs of the environment described in this scenario? (Choose two.)

A. Restart the IMA service on the data collector.
B. Increase the preference of one of the 50 servers to Preferred status.
C. Increase the preference of the server hosting the proprietary application suite to Most Preferred status.
D. Add the registry key entry MaxHostAddressCacheEntries to the data collector for the zone and set it to 50.
E. Dedicate the existing data collector by removing the productivity applications from the server and setting it to Most Preferred status.

Answer: B, E

Q: 9 Which benefit is the result of enabling Memory Optimization?

A. Memory is allocated to each user proportionately.
B. Each server can more efficiently initiate applications.
C. Memory is dynamically reallocated based on specific user need.
D. The administrator controls the maximum amount of memory per user.

Answer: B

Q: 10 A new IT policy requires the use of configuration logging. What is the first step the Citrix Administrator must take to set up configuration logging?

A. Create a configuration logging database
B. Configure a configuration logging database
C. Configure the configuration logging settings
D. Create report specification for configuration logging reports

Answer: A

Q: 11 Scenario: Administrators currently have the Health Monitoring and Recovery test relating to logons enabled to alert them in the event of a failure. Server “CPS14″ has alerted them many times today, and they are aware of the problem but do not have time to remedy this issue until tomorrow. Which configuration change should the administrative staff make?

A. Set the server properties to reboot the server if the Logon test fails.
B. Set the server farm properties to reboot the server if the Logon test fails.
C. Set the server properties to remove the server from load balancing if the test fails.
D. Set the server farm properties to remove the server from load balancing if the test fails.

Answer: C

Q: 12 Scenario: A published application requires an explicit IP address for each of its 200 concurrent clients for licensing purposes. The administrator decided to achieve this by using
Virtual IP addresses. What should be added to maintain the licensing requirements?

A. The process to the “Virtual Loopback Processes”
B. A new IP address to the Virtual IP Address Configuration
C. The process executable to the Virtual IP Process monitored list
D. A set of IP addresses from a different subnet than the Virtual IP addresses

Answer: C

Q: 13 Scenario: An administrator plans on deploying a CPU-intensive application and has determined that CPU Utilization Management should be implemented. Based on testing, the administrator expects to maximize each server at 40 users with the assumption that only this application is being deployed. What will be the approximate CPU slice that would be allocated to each user?

A. 2%
B. 3%
C. 4%
D. 5%

Answer: A

Q: 14 Scenario: An administrator notices that there are occasional issues 1Y0-259 dumps
with traffic traversing TCP port 2512, in the farm running Citrix Presentation Server. Which Health
Monitoring and Recovery test should the administrator configure?

A. Citrix IMA Service
B. Citrix XTE Service
C. Citrix XML Service
D. Terminal Services

Answer: A

Q: 15 Which two steps are required when using Active Directory to deploy client packages to Windows 2000 Professional clients? (Choose two.)

A. Assign the package to a user or group of users.
B. Assign the package to a computer or to a group of computers.
C. Go to a command line on the client device and type GPUPDATE /FORCE.
D. Restart the client machine to allow the Active Directory Group Policy to automatically install the client.

Answer: B, D

Q: 16 Scenario: Users in the Human Resources department experience long wait times when loading graphics in published Internet Explorer and Microsoft Outlook. Which SpeedScreen solution should be configured to lower the resolution of these graphics and optimize the user experience?

A. SpeedScreen Image Acceleration
B. SpeedScreen Progressive Display
C. SpeedScreen Browser Acceleration
D. SpeedScreen Multimedia Acceleration

Answer: C

Q: 17 Scenario: An environment consists of all expert-level computer users. Therefore, the administrator feels comfortable allowing users to access resources through an interface from their desktops, which they can use to configure options. Navigating through the interface should be easy, as users will be expected to not only be able to do this but also understand the implications of any changes they make. Which client is most appropriate for this environment?

A. Client for Web
B. Access Gateway
C. Program Neighborhood
D. Program Neighborhood Agent

Answer: C

Q: 18 Scenario: Currently, an administrator does not want to publish resources using the Web Interface. However, the administrator plans to implement Web Interface at a later time and may grant access to published resources through the Web Interface at that time. Based on future plans, which client should be deployed now?

A. Web Client
B. Secure Access Client
C. Program Neighborhood Client
D. Program Neighborhood Agent Client

Answer: C

Q: 19 Which three steps are required to deploy clients using Microsoft Active Directory? (Choose three.)

A. Create a network share.
B. Configure a policy in Presentation Server for Client deployment.
C. Add users to an Organizational Unit designated for Presentation Server environment.
D. Create a new package in the Software Installation object for an Active Directory group policy object.
E. Browse to the installation files on the network share and assign them to the Organizational Unit which includes the client devices.

Answer: A, D, E

Q: 20 Scenario: An administrator wants to create and deploy a client package that includes the Web Client using the Client Packager.
The administrator wants:
To be able to make modifications to the file
The client name to be different from the computer name
Users to specify a username and password to log on to a session
Clients to be deployed from a web page using Web Interface

Based on these requirements, which two steps must be completed when creating and deploying the client package? (Choose two.)

A. Create a network share.
B. Select the manage client deployment task.
C. Accept the default value for the client name option.
D. Enable users to choose how their applications are launched.
E. Select UNCOMPRESSED in the “Create a Windows Installer” option.
F. Select use of Kerberos Authentication in combination with Security Support Provider Interface.

Answer: B, E

Q: 21 Scenario: Users in the Accounting department experience delays when attempting to launch Microsoft Excel. As a result, users tend to open multiple copies of the application, as they click multiple times on the application icon before the application finally launches. Which
SpeedScreen solution should the administrator configure to optimize the user experience and how?

A. SpeedScreen Latency Reduction, disabling Mouse Click Feedback
B. SpeedScreen Browser Acceleration, adding Microsoft Excel to the list of applications in the policy
C. SpeedScreen Browser Acceleration, customizing its settings at the farm level for accounting users
D. SpeedScreen Latency Reduction, testing all aspects of Microsoft Excel in a non-production environment

Answer: D

Q: 22 Scenario: Users experience poor picture quality of animations played in published web applications. They also notice that when they have several sessions open at the same time, certain sessions tend to become affected by another session’s activity. Which SpeedScreen solution can be configured to optimize the user experience in this scenario?

A. SpeedScreen Flash Acceleration
B. SpeedScreen Image Acceleration
C. SpeedScreen Progressive Display
D. SpeedScreen Multimedia Acceleration

Answer: A

Q: 23 Scenario: An administrator at a company is trying to determine which Presentation Server client to use. The administrator wants users to access published resources through the corporate intranet. The administrator also wants a client that does not require user configurations.
The most recent versions of Microsoft Internet Explorer and Netscape Navigator are installed on the client devices in the environment.
Which client is best suited for this environment?

A. Web Client
B. Secure Access Client
C. Program Neighborhood Client
D. Program Neighborhood Agent Client

Answer: A

Q: 24 Which step is required to deploy clients to users using the Web Interface?

A. Enable client installation in the Access Management Console.
B. Prepare the Web Interface server to contain the required client files.
C. Create a new organizational unit (OU) and Group Policy Objects link.
D. Browse to a network share containing the ICA32PKG.MSI file and set the deployment method in the Windows Installer package.

Answer: B

Q: 25 Scenario: An administrator is setting up an environment for Presentation Server so that connection limits in the server farm only allow each user to launch a maximum of two sessions while simultaneously allowing users in the Technical Support Department the ability to launch five sessions each.
How can the administrator accomplish both goals?

A. Set the connection limits for all users and the Technical Support Department users in the properties of the server farm.
B. Create a policy, set the Overall Session rule to five sessions and assign it to the Technical Support Department users.
C. Configure all applications used by the Technical Support Department to run on one server and change the connection limit to five in the properties of that server.
D. Create a policy to limit the total concurrent sessions to five and assign it to the Technical Support Department users. Change the connection limit to two in the properties of the server farm.

Answer: D

Q: 26 An administrator needs to create a printing policy for client printers so that print jobs are sent directly to a network print server. Which policy rule must the administrator configure?

A. Print job routing
B. Network print routing
C. Client printer mapping
D. Client printer redirection

Answer: A

Q: 27 Scenario: A company has a farm consisting of servers running Presentation Server in three geographical data centers: Hong Kong, London and New York. New York users require a web-based cataloging application that contains a large number of JPEG photos of the various hardware items that are sold only in the Americas.
Unlike users in the other regions, most employees in the Americas are remote sales and service people, and there are no minimum connection requirements. Some users access the environment through wireless WANs and dial-up connections. The administrator decides that graphical detail is not a priority as long as the screen display appears quickly even when a slow connection is detected for the New York data center. The administrator also decides to optimize the SpeedScreen Browser Acceleration capability for the ten servers in the New York zone.
Which three SpeedScreen Browser Acceleration options should be selected within the server properties of each of these ten servers? (Choose three.)

A. Determine when to compress
B. Enable SpeedScreen Browser Acceleration
C. Use farm settings for SpeedScreen Browser Acceleration
D. Compress JPEG images to improve bandwidth and set the compression level to low
E. Compress JPEG images to improve bandwidth and set the compression level to high

Answer: A, B, E

Q: 28 Scenario: A company has one remote office. Users in the remote office access published applications on servers running Presentation Server over a WAN connection and often are troubled with latency and bandwidth issues. The administrator has created a policy to address the latency and bandwidth issues and wants to apply the policy to 1Y0-259 study guide
client IP addresses that correlate to the ranges assigned to client devices in the remote office. Which three steps are required to apply the policy? (Choose three.)

A. Apply the policy at client log in.
B. Select the Client IP address filter.
C. Apply the filter to all client IP addresses.
D. Specify start and end ranges for IP addresses.
E. Apply the filter to a select range of client IP addresses and allow access.

Answer: B, D, E

Q: 29 Scenario: An enterprise organization has an environment which consists of three regional sites separated into three zones - Miami, London, and San Francisco. The administrator would like to ensure that users in Miami connect to servers in Miami before being redirected to the servers in the other zones. What must the administrator do to configure the Zone Preference and
Failover policy to ensure this behavior?

A. Set the Miami zone as backup group 1.
B. Set the Miami zone as the primary zone.
C. Add users in the Miami zone as backup users in the London and San Francisco zones.
D. Add users in the Miami zone as primary users in the London and San Francisco zones.

Answer: B

Q: 30 Scenario: A company recently implemented Citrix Presentation Server. The company plans to use the shadowing feature to improve their help desk activities. Specifically, the company wants the help desk personnel to be able to shadow all users in the company’s domain and manipulate their work stations remotely. For security and privacy reasons, the company wants to ensure that users must accept shadowing before help desk personnel can shadow them. During the Presentation Server installation, the administrator allowed shadowing but did not configure any settings for remote control or shadow acceptance. The administrator has just created a policy titled “Shadowing.” Which two steps are required to accomplish this task? (Choose two.)

A. Enable permissions for all users and set status to allow.
B. Enable permissions for all help desk users and set status to allow.
C. Enable shadowing in a policy and prohibit being shadowed without notification.
D. Enable shadowing in a policy and prohibit remote input when being shadowed.

Answer: B, C

1.You are a network consultant for a company that has 175 employees. The network contains a server that runs Microsoft Windows NT Server 4.0. The company plans to open a branch office that will be connected to the main office through an ISDN connection.
The company has the following requirements:
•Add the branch office to the existing network.
•Ensure network security when users connect to the branch 70-282
office over the Internet.
•Enable a session to be mutually authenticated and encrypted between the main office and the branch office.
•Centralize management of user and computer privileges.
•Allow users in the branch office to authenticate to the domain even if the ISDN
connection is unavailable.
You need to submit a network upgrade proposal that will meet the company’s requirements.
Which two actions should you recommend? (Each correct answer presents part of the solution. Choose two.)
A. Install a backup domain controller (BDC) at the branch office.
B. Install a domain controller and a global catalog server that runs Microsoft Windows
Server 2003 at the branch office.
C. Migrate the Windows NT Server 4.0 domain to Microsoft Windows Server 2003.
D. Purchase and install Microsoft Internet Security and Acceleration (ISA) Server
2004 on a new server computer. Configure all authentication requests from the branch office to connect to this server.
E. Upgrade the Windows NT Server 4.0 domain to Microsoft Windows Small Business Server
2003 Premium Edition.
Answer: B,C

2. You are a network consultant for a company. The network contains 10 servers that run both Microsoft Windows NT Server 4.0 and Microsoft Exchange Server 5.5. There are 400 client computers that run Microsoft Windows 2000 Professional.
The company has the following requirements:
•Ensure the ability to add additional servers to the messaging environment.
•Ensure that users can retrieve e-mail messages from remote locations.
•Ensure that mailbox limits do not exceed 200 MB for each user. The company wants to achieve these goals while minimizing costs. You need to submit a proposal that meets these requirements.
Which two recommendations should your proposal include? (Each correct answer presents part of the solution. Choose two.)
A. Migrate all servers to Microsoft Windows Server 2003 Standard Edition.
B. Purchase hardware to set up a server cluster. Implement an active/active cluster
by using Microsoft Exchange Server 2003.
C. Purchase hardware to set up a server cluster. Implement an active/passive cluster
by using Microsoft Exchange Server 2003.
D. Migrate all servers to Microsoft Windows Server 2003 Enterprise Edition.
E. Migrate all Exchange 5.5 servers to Microsoft Exchange Server 2003 Standard
Edition.
F. Migrate all Exchange 5.5 servers to Microsoft Exchange Server 2003 Enterprise
Edition.
Answer: A,E

3.You are a network consultant for a construction company. The network contains a server that runs Microsoft Windows Server 2003 Standard Edition.
The company’s branch office at a remote location uses a high-latency satellite connection that is frequently unavailable. There are 15 users at the branch office. These users remotely access a line-of-business (LOB) application.
Users at the branch office report that:
•It takes a long time to log on to the network.
•The LOB application takes a long time to process requests and requests often time out.
•The LOB application stops running when the connection terminates. You need to identify the causes of these problems.
Which two causes should you identify? (Each correct answer presents part of the solution. Choose two.)
A. The bandwidth of the satellite connection is inadequate to support user requests.
B. Authentication occurs at the main office rather than at the branch office.
C. The LOB application runs on the server at the main office.
D. Disk throughput on the server at the main office is inadequate to support user requests.
Answer: B,C

4.You are a network consultant for a company. The company president uses a broadband connection to connect to the Internet from his office.
The network contains 10 client computers that run Microsoft Windows 95 in a peer-to-peer network. One of these client computers functions as the file server. Employees share data by using floppy disks, and they do not have access to the Internet.
You need to modify the network environment to meet the following requirements:
•Employees can share data without using floppy disks.
•Employees can access the Internet through a single connection.
•Centralized user administration.
•Dedicated e-mail server.
•Ability to encrypt files on client computers.
You need to identify solutions that meet these requirements while 70-282 dumps
minimizing costs. Which three solutions should you recommend? (Each correct answer presents part of the solution. Choose three.)
A. Use the existing broadband connection.
B. Purchase a leased broadband connection to the Internet.
C. Upgrade all client computers to Windows XP Professional.
D. Upgrade all client computers to the latest Windows 95 Service Pack.
E. Install a server that runs Windows Small Business Server 2003 Standard Edition.
F. Install a server that runs Windows Small Business Server 2003 Premium Edition.
Answer: A,C,E

5.You are the network administrator for your company. The company’s main office has 30 users. There are three branch offices with five users each. All offices connect to the Internet through a broadband connection.
You purchase a new server to store company data in a central location and to host internal e-mail accounts of users. You must ensure that all users can access the new server in the main office through the Internet. You must also ensure that users can access e-mail messages that are hosted on the new server.
You need to choose and install an operating system that will meet these requirements. You need to achieve this goal while minimizing costs.
What should you do?
A. Install Microsoft Windows Server 2003 Standard Edition on the new server.
B. Install Microsoft Windows Server 2003 Standard Edition with Internet Information
Services (IIS) on the new server. Install Microsoft Exchange Server 2003 on the server
to enable messaging.
C. Install Microsoft Windows Server 2003 Standard Edition and then install Windows
SharePoint Services on the new server. Instruct all users to use the SharePoint site
on the new server.
D. Install Microsoft Windows Small Business Server 2003 Standard Edition on the new server. Instruct all users to use the SharePoint site.
Answer: D

6. You are the network administrator for your company. The network contains a server named Server1 that runs Microsoft Windows Small Business Server 2003 Standard Edition.
You install a database application on the server. The response time of the server to numerous concurrent requests becomes unacceptably slow. You decide to host the application on another server named Server2.
You need to choose and install an operating system on Server2. You want to achieve this goal while minimizing costs.
Which operating system should you choose?
A. Microsoft Windows Small Business Server 2003 Premium Edition
B. Microsoft Windows Small Business Server 2003 Standard Edition
C. Microsoft Windows Server 2003 Standard Edition
D. Microsoft Windows Server 2003 Enterprise Edition
Answer: C

7. You are the network administrator for your company. The network contains a server that runs Microsoft Windows Server 2003 Standard Edition and Microsoft Exchange Server 2003.
The company recently hired several interns and is concerned about accessibility to personal information in the Global Address List (GAL).
You need to restrict interns from accessing information about permanent employees of the company in the GAL.? However, interns should be able to access information about other interns.
What should you do?
A. Configure recipient filtering in the GAL to restrict the view for interns.
B. Remove the Read permission for interns from the GAL. Assign access only to custom address lists that do not include permanent employees.
C. Configure an alternate GAL for interns that does not include permanent employees.
D. Specify a higher priority level for mailboxes of permanent employees than that for mailboxes of interns.
Answer: C

8. You are a network consultant for a company. The network contains a server that runs Microsoft Windows Small Business Server 2003 Standard Edition.
You want to enable users to configure VPN clients. You configure Routing and Remote
Access on the server to enable VPN connections.
You need to enable users to establish their own VPN connection. You need to achieve this by using the minimum amount of administrative effort.
What should you do?
A. Run the Remote Access wizard on the server. Instruct users to connect to the Remote Web Workplace.
B. Create a remote connection disk. Run the disk on the server and push the settings to client computers that need to connect to the VPN. Update the disk with the VPN configuration as needed.
C. Create a script file that has the required settings for client computers. Run this script on the server and push the settings to client computers that require a VPN connection.
D. Create a script file that has the required settings for client computers. Run this script on client computers that require a VPN connection.
Answer: A

9. You are a network consultant for a company. The network contains a server that runs Microsoft Windows Small Business Server 2003 Standard Edition. The company uses a Microsoft Access database.
Users report that the response time of the database is slow. You also discover that data is not saved correctly to the database.
You need to recommend a database solution that decreases query response time and ensures that data is saved correctly.
What are two possible solutions to achieve these goals? (Each correct answer presents a complete solution. Choose two.)
A. Upgrade the server to Microsoft Windows Server 2003.
B. Purchase and install Microsoft SQL Server 2005 on a new server computer. Migrate the Access database to the SQL Server computer.
C. Upgrade the server to Windows Small Business Server 2003 Premium Edition. Migrate the Access database to the SQL Server component of Windows Small Business Server 2003 Premium Edition.
D. Increase the value of the MaxBufferSize variable in the Msaccess.ini file to allocate more memory to the Access database.
Answer: B,C

10.You are the network administrator for your company. The network contains a server that runs Microsoft Windows Small Business Server 2003 Standard Edition.
The company frequently purchases software to be installed on client computers.
You need to identify a solution that will push software to client computers with the minimum amount of administrative effort.
What should you do?
A. Create an unattended installation source on a shared folder on the network. Install software on client computers by using a logon script.
B. Share the drive on the server that contains the new 70-282 study guide

software. Create an unattended setup file on a CD-ROM. Instruct users to run the CD-ROM on their computers.
C. Publish the software to users through a Group Policy object (GPO).
D. Assign the software to users through a Group Policy object (GPO).
Answer: D

Case 1, Lucerne Publishing
Overview
Lucerne Publishing is an industry leader in publishing technology textbooks, e­books, and magazines. Physical Locations
The company has three offices, as shown in the Physical Locations and Connectivity exhibit.

The company’s main office is in New York, and it has branch offices in 70-298

Denver and Dallas. The company’s employees and departments are distributed as shown in the following table
Office location

Number of employees

Number of employees
New York

400

Editorial and information technology (IT)
Denver

95

Development
Dallas

80

Production

Business Processes
The IT staff in the New York office uses client computers to remotely administer all Lucerne Publishing servers and domain controllers. Employees use their company client computers to access archived published books and archived accounting information through an internal Web site that runs IIS 6.0. Directory Services
The company’s network consists of a single Active Directory domain named lucernepublishing.com. All servers run Windows Server 2003, Enterprise Edition. Administration of Active Directory is centralized in New York. Denver and Dallas user and computer accounts are located in their respective child OUs, as shown in the Organizational Unit Hierarchy exhibit.

The NYAdmins, ProductionAdmins, EditorialAdmins, and DevelopmentAdmins global user groups have full control of their respective organizational units (OUs). These global groups are located in their respective OUs.
Network Infrastructure
All client computers run Windows XP Professional.
The domain contains a public key infrastructure (PKI). The company uses an internal subordinate enterprise certification authority (CA) to issue certificates to users and computers. Each branch office has a wireless network that supports desktop and portable client computers. The wireless network
infrastructure in each branch office contains an Internet Authentication Service (IAS) server and wireless access points that support IEEE 802.1x, RADIUS, and Wired Equivalent Privacy (WEP).
Problem Statements
The following business problems must be considered: Members of the EditorialAdmins group and unauthorized users as members to this group. Members of this group must be restricted to only authorized users.
Editors connect to a shared folder named Edits on a member server named Server5. When they attempt
to encrypt data located in Edits, they receive an error message stating that they cannot encrypt data. Editors need to encrypt data remotely on Server5.
Some users in the Dallas office changed the location of their My Documents folders to shared folders on servers that do not back up their My Documents data. As a result, data was lost. The Dallas My Documents folders need to be moved to a server that backs up user data. Users in the Dallas office must
be prevented from changing the location of their My Documents folder in the future. Chief Information Officer Security is Lucerne Publishing’s primary concern. We must improve security on client computers, servers, and domain controllers by implementing a secure password policy. For legal reasons, we need a logon message that tells users that access to servers in the development department is restricted to only authorized users.
System Administrator
Each department needs different security patches. We need to test security patches prior to deploying
them. After they are tested, the patches need to be deployed automatically to servers in each department.
As we deploy the patches, we need to limit the network bandwidth used to obtain security patches. Chief Security Officer
We need to automatically track when administrators modify user rights on a server or on a domain controller and when they modify local security account manager objects on servers.
We must implement the most secure method for authenticating Denver and Dallas users that access the wireless networks.
We need to protect data as it is sent between the wireless client computers and the wireless access points. Client computers need to automatically obtain wireless network access security settings.
Written Security Policy
The Lucerne Publishing written security policy includes the following requirements.
Passwords must contain at least seven characters and must not contain all or part of the user’s account name. Passwords must contain uppercase and lowercase letters and numbers. The minimum password age must be 10 days, and the maximum password age must be 45 days.
Access to data on servers in the production department must be logged.
A standard set of security settings must be deployed to all servers in the development, editorial, and production departments. These settings must be configured and managed from a central location.
Servers in the domain must be routinely examined for missing security patches and service packs and to ascertain if any unnecessary services are running.
Services on domain controllers must be controlled from a central location. Which services start automatically and which administrators have permission to stop and start services must be centrally managed.
The IIS server must be routinely examined for missing IIS Security patches.
Users of the Web site and the files they download must be tracked. This data must be stored in a Microsoft SQL Server database.
Vendors and consultants who use Windows 95 or Windows 98 client 70-298 dumps
computers must have the Active Directory Client Extensions software installed to be able to authenticate to domain controllers on the company’s network.
Questions
1. You need to design a certificate distribution method that meets the requirements of the chief security officer.
Your solution must require the minimum amount of user effort. What should you do?
To answer, move the appropriate actions from the list of actions to the answer area, and arrange them in the appropriate order.

Answer:

2. You need to design a method to configure the servers in the development department to meet the requirements of the chief information officer. What should you do?
A. Use error reporting on all servers in the development department to report errors for a custom application.
B. Configure all servers in the development department so that they do not require the
CTRL+ALT+DELETE keys be pressed in order to log on interactively to the server.
C. Create a Group Policy object (GPO) and link it to the development department’s Servers OU.
Configure the GPO with an interactive logon policy to display a message for users who attempt to log on.
D. Configure the screen saver on all servers in the development department to require a password.
Answer: C

3. You need to design a method to log changes that are made to servers and domain controllers. You also need to track when administrators modify local security account manager objects on servers. What should you do?
A. Enable failure audit for privilege use and object access on all servers and domain controllers.
B. Enable success audit for policy change and account management on all servers and domain controllers.
C. Enable success audit for process tracking and logon events on all servers and domain controllers.
D. Enable failure audit for system events and directory service access on all servers and domain controllers.
Answer: B

4. You need to design a strategy to ensure that all servers are in compliance with the business requirements for maintaining security patches. What should you do?
A. Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the domain.
B. Log on to each server and run Security Configuration and Analysis to analyze the security settings by using a custom security template.
C. Create a logon script to run the secedit command to analyze all servers in the domain.
D. Run the Microsoft Baseline Security Analyzer (MBSA) on a server to scan for Windows vulnerabilities on all servers in the domain.
Answer: D

5. You need to design a method to monitor the security configuration of the IIS server to meet the requirements in the written security policy. What should you do?
A. Log on to a domain controller and run the Resultant Set of Policy wizard in planning mode on the IIS server computer account.
B. Run the Microsoft Baseline Security Analyzer (MBSA) on the IIS server and scan for vulnerabilities in Windows and IIS checks.
C. Run Security Configuration and Analysis to analyze the IIS server’s security settings by using a custom security template.
D. On the IIS server, run the gpresult command from a command prompt and analyze the output.
Answer: B

6. You need to design a monitoring strategy to meet business requirements for data on servers in the production department. What should you do?
A. Use Microsoft Baseline Security and Analyzer (MBSA) to scan for Windows vulnerabilities on all servers in the production department.
B. Run Security and Configuration Analysis to analyze the security settings of all servers in the production
department.
C. Enable auditing for data on each server in the production department. Run System Monitor on all servers in the production department to create a counter log that tracks activity for the Objects performance object.
D. Create a Group Policy object (GPO) that enables auditing for object access and link it to the product department’s Servers OU. Enable auditing for data on each server in the production department.
Answer: D

7. You need to design a method to implement account policies that meets the requirements in the written security policy. What should you do?
A. Create a Group Policy object (GPO) and link it to the New York OU, to the Denver OU, and to the Dallas OU. Configure the GPO with the required account policy settings.
B. On all computers in the domain, configure the Local Security Policy with the required account policy settings.
C. Configure the Default Domain Policy Group Policy object (GPO) with the required account policy settings.
D. Configure the Default Domain Controllers Policy Group Policy object (GPO) with the required account policy settings.
Answer: C

8. You need to design a method to protect traffic on the wireless networks. Your solution must meet the requirements of the chief security officer. What should you do?
A. Configure the wireless access points in Denver and in Dallas to filter unauthorized Media Access Control (MAC) addresses.
B. Configure the wireless network connection properties for all computers in Denver and in Dallas to use the same network name that the wireless access points use.
C. Create a Group Policy object (GPO) and link it to the Denver OU and to the Dallas OU. Create a wireless network policy and configure it to use Windows to configure wireless network settings for the Denver and the Dallas networks.
D. Create a Group Policy object (GPO) and link it to the Denver OU and to the Dallas OU. Create a wireless network policy and enable data encryption and dynamic key assignment for the Denver and the Dallas networks.
Answer: D

9. You need to design a strategy to log access to the company Web site. What should you do?
A. Enable logging on the company Web site and select the NCSA Common Log File Format. Store the log files on a SQL Server computer.
B. Use System Monitor to create a counter log that captures network traffic to the Web server by using the
Web Service object. Store the log files on a SQL Server computer.
C. Run Network Monitor on the Web server. Create a capture filter for the SNA protocol and save the results to a capture file. Store the capture file on a SQL Server computer.
D. Enable logging on the company Web site and select ODBC Logging. Configure the ODBC logging options by using a nonadministrative SQL account.
Answer: D

10. You need to design a method to deploy security configuration settings to servers. What should you do?
A. Run the Resultant Set of Policy wizard with a Windows Management Instrumentation (WMI) filter on each department’s Server OU.
B. Log on to each server and use local policy to configure and manage the security settings.
C. Create a custom security template. Log on to a domain controller and 70-298 study guide
run the secedit command to import the security template.
D. Create a custom security template. Create a Group Policy object (GPO) and import the security template. Link the GPO to each department’s Server OU.
Answer: D

11. You need to design a group membership strategy for the EditorialAdmins group. What should you do?
A. Move the EditorialAdmins group to the Servers OU in the editorial department.
B. Move the members of the EditorialAdmins group to the Editorial OU.
C. Move the members of the EditorialAdmins group to the New York OU.
D. Move the EditorialAdmins group to the New York OU.
Answer: D

12. You need to design a method to enable remote encryption on Server5. What should you do?
A. Configure the editors’ user account properties to enable Store password using reversible encryption.
B. Configure the editors’ user account properties to enable Use DES encryption types for this account.
C. Configure the Local Security Policy on Server5 to enable the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing security policy.
D. Configure the Server5 computer account properties to enable Trust computer for delegation. Answer: D

Q: 1
SIMULATION Simulation Exhibit:

XXYYinc.com users access resources using a variety of client devices, some clinic-owned and some personal. A number of applications in the current
environment are not running correctly on certain types of client devices, causing a steady increase in support calls to the Help Desk. The Clinic CIO wants to limit the client devices that can be used to access 1Y0-456
resources. Because only client devices that can support all of the currently installed applications are members of the
XXyyinc AC domain, limiting access to only domain-member devices should solve the problem.
You are requested to create a scan named ” XXyyinc AC Domain” that does the following:
* Ensures only client devices which are members of the XXyyinc AC domain can be used to access resources.
* Runs for the AllUsers logon point.
* Runs against all client devices regardless of the operating system being used on the client device.
Answer and Explanation:
1. Create Endpoint Analysis / Machine Identification Scans / Citrix Scans forDomain Membership

2. Apply to Logon Point

Q: 2
SIMULATION Simulation Exhibit:

XXyyinc Gmbh. Currently uses LDAP for both authentication and authorization through their Citrix Access Gateway Advanced Edition 4.2 deployment. They have just purchased RSA Tokens for external users in order to improve access security.
As part of this upgrade in security, the IT team has decided to use Active Directory for primary authentication and authorization.
You are required to perform the following tasks:
1. Enable all users to use Active Directory for authentication and authorization.
2. External users will be required to use RSA Tokens for secondary authentication.
Answer and Explanation:
1. Edit Logon Point

Q: 3
SIMULATION Simulation Exhibit:

XXYYinc.com is using Access Gateway Advanced Edition to control access to the file shares, network resources and email in the XXYYinc.com corporate office XXYYinc.com wants to be able to improve communication among managers and clerks by providing them access to important corporate information using an internal web site. Because managers and clerks will be using computers which are unsecured to access the information, an additional layer of authentication is
required. The users of the site should be able to browse to the URL 1Y0-456 dumps
for the site from external locations whenever needed.
You are required to perform the following tasks:
1. The name of the web site must be XXyyinc News
2. The web site must be listed on the navigation page of the managers and clerks
3. The web site uses cookies and requires NTLM authentication
4. The actual URL of the site should b visible to the users
5. The default policy created during the creating of this resource must be edited to allow only managers and clerks to access the web site.
Answer and Explanation:
Create Web Resources / Select Bypass Web Proxy URL rewriting

Q: 4
SIMULATION Simulation Exhibit:

XXYYinc.com is using Access Gateway Advanced Edition 4.2 to control access to the resources stored on servers at the office. Attorneys and their associates want to be able to securely access their legal briefs and the Legal Reference Library on the servers at the office so they can make updates to the briefs as necessary from both inside and outside the office.
You are required to perform the following tasks:
* A single file share resource named “PM Legal Resources” must be used to make both file shares available through Access Gateway Advanced Edition.
* Both the \\PM\LegalBriefs and \\PM\LegalRefLibrary file shares must be accessible.
* The file shares must be listed on the navigation page for the Attorneys and the
Associates user groups, but not on the navigation page for the Clerks user group.
* The file shares must be available only when accessed through the existing Legal logon point.
Answer and Explanation:
Use Access Suite / Resources / Create File Shares and create default Policy

Edit the Policy / Apply to Legal Logon Point / Select Users (Associates usergroups and Attorneys)

Q: 5
You work as a network Administrator at XXYYinc.com. You have recently installed Access Gateway Advanced Edition. You have configured several login points in the Access Suite Console for internal and external access into the environment. Now you want to use the logon points to access specific Presentation Server farms.
What can you edit to specify the Presentation Server farms?

A. The farm properties.
B. The Gateway 1Y0-456 study guide
Appliance node
C. The logon points
D. The Access Gateway node
E. The server properties

Answer: C
Explanation:

Q: 1
Which of the following statements is CORRECT?
1. The only phase of the Service Management Lifecycle where value can be measured is Service Operation
2. All of the phases of the lifecycle are concerned with the value of IT services

A. 1 only
B. 2 only
C. Both of the above
D. Neither of the above

Answer: B

Q: 2
Which of the following statements is CORRECT for every process?
1. It delivers its primary results to a customer or stakeholder
2. It defines activities that are executed by a single function

A. Both of the above
B. 1 only
C. Neither of the above
D. 2 only

Answer: B

Q: 3
Which of the following is NOT one of EX0-101
the five individual aspects of Service Design?

A. The design of the Service Portfolio, including the Service Catalogue
B. The design of new or changed services
C. The design of Market Spaces
D. The design of the technology architecture and management systems

Answer: C

Q: 4
Which of the following is NOT the responsibility of the Service Catalogue Manager?

A. Ensuring that information in the Service Catalogue is accurate
B. Ensuring that information within the Service Pipeline is accurate
C. Ensuring that information in the Service Catalogue is consistent with information in the Service Portfolio
D. Ensuring that all operational services are recorded in the Service Catalogue

Answer: B

Q: 5
Which of the following statements is CORRECT?

A. The Configuration Management System (CMS) is part of the Known Error Data Base (KEDB)
B. The Service Knowledge Management System (SKMS) is part of the CMS
C. The KEDB and the CMS form part of the larger SKMS
D. The CMS is part of the Configuration Management Data Base (CMDB)

Answer: C

Q: 6
Which of the following questions does Service Strategy help answer with its guidance?
1. How do we prioritize investments across a portfolio?
2. What services to offer and to whom?
3. What are the Patterns of Business Activity (PBA)?

A. 1 only
B. 2 only
C. 3 only
D. All of the above

Answer: D

Q: 7
Which of the following is NOT a characteristic of a process?

A. It is measurable
B. Delivers specific results
C. Responds to specific events
D. A method of structuring an organization

Answer: D

Q: 8
Which of the following statements about processes is INCORRECT?

A. A process may define policies, standards and guidelines
B. The definition of Process Control is “The activity of planning and regulating a process, with the objective of achieving Best Practice”
C. The objective of any IT process should be expressed in terms of business benefits and goals
D. The output from a process has to conform to operational norms derived from business objectives

Answer: B

Q: 9
What is a RACI model used for?

A. Performance analysis
B. Recording Configuration Items
C. Monitoring services
D. Defining roles and responsibilities

Answer: D

Q: 10
The group that authorizes changes that must be installed faster than the normal process is called the?

A. CAB Emergency Committee (CAB/EC)
B. Emergency CAB (ECAB)
C. Urgent Change Board (UCB)
D. Urgent Change Authority (UCA)

Answer: B

Q: 11
Contracts relating to an outsourced Data Centre would be managed by?

A. Technical Management
B. Service Desk
C. IT Operations Control
D. Facilities Management

Answer: D

Q: 12
Which Service Design process makes the most use of EX0-101 dumps
data supplied by Demand Management?

A. Service Catalogue Management
B. Service Level Management
C. IT Service Continuity Management
D. Capacity Management

Answer: D

Q: 13
Which of the following CANNOT be stored and managed by a tool?

A. Knowledge
B. Information
C. Wisdom
D. Data

Answer: C

Q: 14
The BEST description of the purpose of Service Operation is?

A. To decide how IT will engage with suppliers during the Service Management Lifecycle
B. To proactively prevent all outages to IT Services
C. To design and build processes that will meet business needs
D. To deliver and support IT Services at agreed levels to business users and customers

Answer: D

Q: 15
In which core publication can you find detailed descriptions of Service Level Management, Availability Management, Supplier Management and IT Service Continuity Management?

A. Service Strategy
B. Service Design
C. Service Transition
D. Service Operation

Answer: B

Q: 16
Which of the following sentences BEST describes a Standard Change?

A. A change to the service provider’s established policies and guidelines
B. A change that correctly follows the required change process
C. A pre-authorized change that has an accepted and established procedure
D. A change that is made as the result of an audit

Answer: C

Q: 17
Which process is responsible for discussing reports with customers showing whether services have met their targets?

A. Continual Service Improvement
B. Business Relationship Management
C. Service Level Management
D. Availability Management

Answer: C

Q: 18
What are the three Service Provider business models?

A. Internal Service provider, Outsourced 3rd party and Off-shore party
B. Internal Service Operations provider, External Service Operations provider, Shared Service Unit
C. Internal Service provider, External Service provider, Outsourced 3rd Party
D. Internal Service provider, External Service provider, Shared Service Provider

Answer: D

Q: 19 Which is the correct combination of Service Management terms across theLifecycle?

A. 1B, 2C, 3D, 4A
B. 1C, 2D, 3A, 4B
C. 1C, 2B, 3A, 4D
D. 1A, 2B, 3C, 4D

Answer: C

Q: 20
Application Management plays a role in all applications. One of the key decisions to which they contribute is?

A. Where the vendor of an application is located
B. Whether to buy an application or build it
C. Who the vendor of the storage devices will be
D. Should application development be outsourced

Answer: B

Q: 21
How many times should each stage of the Plan, Do, Check, Act (PDCA) cycle be visited?

A. There should be a single Plan and Do, then Check and Act should be carried out multiple times to implement Continual Improvement
B. Each stage should be carried out once in the order Plan-Do-Check-Act
C. The entire cycle should be repeated multiple times to implement Continual Improvement
D. There should be a single Plan, then the Do-Check-Act cycle should be repeated multiple times to implement Continual Improvement

Answer: C

Q: 22 Which is the first step in the 7 Step Improvement Process?

A. Prepare for action
B. Define what you should measure
C. Where are we now?
D. Identify gaps in Service Level Agreement (SLA) achievement

Answer: B

Q: 23 Which of the following is NOT a valid objective of Request Fulfilment?

A. To provide information to users about what services are available and how to request them
B. To update the Service Catalogue with services that may be requested through the Service Desk
C. To provide a channel for users to request and receive standard services
D. To source and deliver the components of standard services that have been requested

Answer: B

Q: 24 What is the definition of an Alert?

A. An audit report that indicates areas where IT is not performing according to agreed procedures
B. A type of Incident
C. An error message to the user of an application
D. A warning that a threshold has been reached or that something has changed

Answer: D

Q: 25 In many organisations the role of Incident Manager is assigned to the Service Desk. It is important that the Incident Manager is given the authority to:

A. Only manage Incidents effectively through the 1st line
B. Manage Incidents effectively through 1st, 2nd and 3rd line
C. Only manage Incidents effectively through 1st and 2nd line
D. Only manage Incidents effectively at the 3rd line

Answer: B

Q: 26 Which of the following is NOT part of the Service Design phase of the Service Lifecycle?

A. Produce and maintain all necessary Service Transition packages
B. Produce quality, secure and resilient designs for new or improved services, technology architecture, processes or measurement systems that meet all the agreed current and future IT requirements of the organisation
C. Take the overall Service Strategies and ensure they are reflected in the Service Design process and the service designs that are produced
D. Measuring the effectiveness and efficiency of Service Design and the supporting processes

Answer: A

Q: 27 Which process is responsible for frequently occurring changes where risk and cost are low?

A. Access management
B. Incident Management
C. Release and Deployment Management
D. Request fulfilment

Answer: D

Q: 28 Staff in an IT department are experts in EX0-101 study guide

managing specific technology, but none of them know what services are offered to the business. What imbalance does this represent?

A. Extreme focus on responsiveness
B. Extreme focus on cost
C. Vendor focused
D. Extreme internal focus

Answer: D

Q: 29 Which of these statements about Service Desk staff is CORRECT?

A. The Service Desk should try to have a high level of staff turnover as the training requirements are low and this helps to minimise salaries
B. Service Desk staff should be discouraged from applying for other roles as it is more cost effective to keep them in the role where they have been trained
C. The Service Desk can often be used as a stepping stone for staff to move into other more technical or supervisory roles
D. Service Desk staff should be recruited from people who have high levels of technical skill to minimise the cost of training them

Answer: C

Q: 30 Effective release and deployment management enables the service provider to add value to the business by?

A. Delivering change, faster and at optimum cost and minimized risk
B. Ensuring that all assets are accounted for
C. Verifying the accuracy of all items in the configuration management database
D. Ensures that the fastest servers are purchased

Answer: A

1 All of the following are basic components of a security policy EXCEPT the
A. definition of the issue and statement of relevant terms.
B. statement of roles and responsibilities
C. statement of applicability and compliance requirements.
D. statement of performance of characteristics and requirements.
Answer: D
Explanation:
Policies are considered the first and highest level of documentation, from which the lower level elements of standards, procedures, and guidelines flow. This order, however, does not mean that policies are more important than the lower elements. These higher-level policies, which are the more general policies and statements, should be created first in the process for strategic reasons, and then the more tactical elements can follow. -Ronald Krutz The CISSP PREP Guide (gold edition) pg 13

2 A security policy would include all of the following EXCEPT
A. Background
B. Scope statement
C. Audit requirements
D. Enforcement
Answer: B

3 Which one of the following is an important characteristic of an information security policy?
A. Identifies major functional areas of information.
B. Quantifies the effect of the loss of the information.
C. Requires the identification of information owners.
D. Lists applications that support the business function.
Answer: A
Explanation:
Information security policies area high-level plans that CISSP

describe the goals of the procedures. Policies are not guidelines or standards, nor are they procedures or controls. Policies describe security in general terms, not specifics. They provide the blueprints for an overall security program just as a specification defines your next product - Roberta Bragg CISSP Certification Training Guide (que) pg 206

4 Ensuring the integrity of business information is the PRIMARY concern of
A. Encryption Security
B. Procedural Security
C. Logical Security
D. On-line Security
Answer: B
Explanation:
Procedures are looked at as the lowest level in the policy chain because they are closest to the computers and provide detailed steps for configuration and installation issues. They provide the steps to actually implement the statements in the policies, standards, and guidelines…Security procedures, standards, measures, practices, and policies cover a number of different subject areas. - Shon Harris All-in-one CISSP Certification Guide pg 44-45

5 Which of the following would be the first step in establishing an information security program?
A. Adoption of a corporate information security policy statement
B. Development and implementation of an information security standards manual
C. Development of a security awareness-training program
D. Purchase of security access control software
Answer: A

6 Which of the following department managers would be best suited to oversee the development of an information security policy?
A. Information Systems
B. Human Resources
C. Business operations
D. Security administration
Answer: C

7 What is the function of a corporate information security policy?
A. Issue corporate standard to be used when addressing specific security problems.
B. Issue guidelines in selecting equipment, configuration, design, and secure operations.
C. Define the specific assets to be protected and identify the specific tasks which must be completed to secure them.
D. Define the main security objectives which must be achieved and the security framework to meet business objectives.
Answer: D
Explanation:
Information security policies are high-level plans that describe the goals of the procedures or controls. Policies describe security in general, not specifics. They provide the blueprint fro an overall security program just as a specification defines your next product. - Roberta Bragg CISSP Certification Training Guide (que) pg 587

8 Why must senior management endorse a security policy?
A. So that they will accept ownership for security within the organization.
B. So that employees will follow the policy directives.
C. So that external bodies will recognize the organizations commitment to security.
D. So that they can be held legally accountable.
Answer: A
Explanation:
This really does not a reference as it should be known. Upper management is legally accountable (up to 290 million fine). External organizations answer is not really to pertinent (however it stated that other organizations will respect a BCP and disaster recover plan). Employees need to be bound to the policy regardless of who signs it but it gives validity. Ownership is the correct answer in this statement. However, here is a reference. “Fundamentally important to any security program’s success us the senior management’s high-level statement of commitment to the information security policy process and a senior management’s understanding of how important security controls and protections are to the enterprise’s continuity. Senior management must be aware of the importance of security implementation to preserve the organization’s viability (and for their own ‘due care’ protection) and must publicly support that process throughout the enterprise.” -Ronald Krutz The CISSP PREP Guide (gold edition) pg 13

9 In which one of the following documents is the assignment of individual roles and responsibilities MOST appropriately defined?
A. Security policy
B. Enforcement guidelines
C. Acceptable use policy
D. Program manual
Answer: C
Explanation:
An acceptable use policy is a document that the employee signs in which the expectations, roles and responsibilities are outlined. Issue -specific policies address specific security issues that management feels need more detailed explanation and attention to make sure a comprehensive structure is built and all employees understand how they are to comply to these security issues. - Shon Harris All-in-one CISSP Certification Guide pg 62

10 Which of the following defines the intent of a system security policy?
A. A definition of the particular settings that have been determined to provide optimum security.
B. A brief, high-level statement defining what is and is not permitted during the operation of the system.
C. A definition of those items that must be excluded on the system.
D. A listing of tools and applications that will be used to protect the system.
Answer: A
Explanation:
“A system-specific policy presents the management’s decisions that are closer to the actual computers, networks, applications, and data. This type of policy can provide an approved software list, which contains a list of applications that can be installed on individual workstations. This policy can describe how databases are to be protected, how computers are to be locked down, and how firewall, intrusion diction systems, and scanners are to be employed.” Pg 93 Shon Harris CISSP All-In-One Certification Exam Guide

11 When developing an information security policy, what is the FIRST step that should be taken?
A. Obtain copies of mandatory regulations.
B. Gain management approval.
C. Seek acceptance from other departments.
D. Ensure policy is compliant with current working practices.
Answer: B

12 Which one of the following should NOT be contained within a computer CISSP dumps
policy?
A. Definition of management expectations.
B. Responsibilities of individuals and groups for protected information.
C. Statement of senior executive support.
D. Definition of legal and regulatory controls.
Answer: B

13 Which one of the following is NOT a fundamental component of a Regulatory Security Policy?
A. What is to be done.
B. When it is to be done.
C. Who is to do it.
D. Why is it to be done
Answer: C
Explanation:
Regulatory Security policies are mandated to the organization but it up to them to implement it. “Regulatory - This policy is written to ensure that the organization is following standards set by a specific industry and is regulated by law. The policy type is detailed in nature and specific to a type of industry. This is used in financial institutions, health care facilities, and public utilities.” - Shon Harris All-in-one CISSP Certification Guide pg 93-94

14 Which one of the following statements describes management controls that are instituted to implement a security policy?
A. They prevent users from accessing any control function.
B. They eliminate the need for most auditing functions.
C. They may be administrative, procedural, or technical.
D. They are generally inexpensive to implement.
Answer: C
Explanation:
Administrative, physical, and technical controls should be utilized to achieve the management’s directives. - Shon Harris All-in-one CISSP Certification Guide pg 60

15 Which must bear the primary responsibility for determining the level of protection needed for information systems resources?
A. IS security specialists
B. Senior Management
C. Seniors security analysts
D. system auditors
Answer: B

16 Which of the following choices is NOT part of a security policy?
A. definition of overall steps of information security and the importance of security
B. statement of management intend, supporting the goals and principles of information security
C. definition of general and specific responsibilities for information security management
D. description of specific technologies used in the field of information security
Answer: D

17 In an organization, an Information Technology security function should:
A. Be a function within the information systems functions of an organization
B. Report directly to a specialized business unit such as legal, corporate security or insurance
C. Be lead by a Chief Security Officer and report directly to the CEO
D. Be independent but report to the Information Systems function
Answer: C

18 Which of the following embodies all the detailed actions that personnel are required to follow?
A. Standards
B. Guidelines
C. Procedures
D. Baselines
Answer: C

19 A significant action has a state that enables actions on an ADP system to be traced to individuals who may then be held responsible. The action does NOT include:
A. Violations of security policy.
B. Attempted violations of security policy.
C. Non-violations of security policy.
D. Attempted violations of allowed actions.
Answer: C
Explanation:
Significant action: The quality or state that enables actions on an ADP system to be traced to individuals who may then be held responsible. These actions include violations and attempted violations of the security policy, as well as allowed actions.

20 Network Security is a
A. Product
B. protocols
C. ever evolving process
D. quick-fix solution
Answer: C

21 Security is a process that is:
A. Continuous
B. Indicative
C. Examined
D. Abnormal
Answer: A
Explanation:
Security is a continuous process; as such you must closely monitor your systems on a regular basis. Log files are usually a good way to find an indication of abnormal activities. However some care must be exercise as to what will be logged and how the logs are protected. Having corrupted logs is about as good as not having logs at all.

22 What are the three fundamental principles of security?
A. Accountability, confidentiality, and integrity
B. Confidentiality, integrity, and availability
C. Integrity, availability, and accountability
D. Availability, accountability, and confidentiality
Answer: B

23 Which of the following prevents, detects, and corrects errors so that the integrity, availability, and confidentiality of transactions over networks may be maintained?
A. Communications security management and techniques
B. Networks security management and techniques
C. Clients security management and techniques
D. Servers security management and techniques
Answer: A

24 Making sure that the data is accessible when and where it is needed is which of the following?
A. Confidentiality
B. integrity
C. acceptability
D. availability
Answer: D

25 Which of the following describes elements that create reliability and stability in networks and systems and which assures that connectivity is accessible when needed?
A. Availability
B. Acceptability
C. Confidentiality
D. Integrity
Answer: A

26 Most computer attacks result in violation of which of the following security properties?
A. Availability
B. Confidentiality
C. Integrity and control
D. All of the choices.
Answer: D
Explanation:
Most computer attacks only corrupt a system’s security in very specific ways. For example, certain attacks may enable a hacker to read specific files but don’t allow alteration of any system components. Another attack may allow a hacker to shut down certain system components but doesn’t allow access to any files. Despite the varied capabilities of computer attacks, they usually result in violation of only four different security properties: availability, confidentiality, integrity, and control.

27 Which of the following are objectives of an information systems security program?
A. Threats, vulnerabilities, and risks
B. Security, information value, and threats
C. Integrity, confidentiality, and availability.
D. Authenticity, vulnerabilities, and costs.
Answer: C
Explanation:
There are several small and large objectives of a security program, but CISSP study guide
the main three principles in all programs are confidentiality, integrity, and availability. These are referred to as the CIA triad. - Shon Harris All-in-one CISSP Certification Guide pg 62

28 An area of the Telecommunications and Network Security domain that directly affects the Information Systems Security tenet of Availability can be defined as:
A. Netware availability
B. Network availability
C. Network acceptability
D. Network accountability
Answer: B

29 The Structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, and authentication, and confidentiality for transmissions over private and public communications networks and media includes:
A. The Telecommunications and Network Security domain
B. The Telecommunications and Netware Security domain
C. The Technical communications and Network Security domain
D. The Telnet and Security domain
Answer: A
Explanation:
The Telecommunications, Network, and Internet Security Domain encompasses the structures, transmission methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media.” Pg 515 Hansche: Official (ISC)2 Guide to the CISSP Exam

30 Which one of the following is the MOST crucial link in the computer security chain?
A. Access controls
B. People
C. Management
D. Awareness programs
Answer: C

1.Refer to the exhibit. Why was this message received?

A.No VTY password has been set.
B.No enable password has been set.
C.No console password has been set.
D.No enable secret password has been set.
E.The login command has not been set on CON 0.
F.The login command has not been set on the VTY ports.
Answer: A

2.A network administrator needs to create 29 subnetworks while maximizing the number of host addresses available on each subnet. How many bits must be borrowed from the host field of the network address to provide the required number of subnets with the most hosts per subnet?
A.2
B.3
C.4
D.5
E.6
F.7
Answer: D

3.Refer to the exhibit. If host A sends an IP packet to host B, what will the OSI Layer 3 source address be in the packet when it reaches host B?

A.10.168.10.99
B.10.168.11.88
C.10.168.11.65
D.A1:A1:A1:A1:A1:A1
E.B2:B2:B2:B2:B2:B2
F.C3:C3:C3:C3:C3:C3
Answer: A

4.What is the difference between the Cisco router IOS commands show cdp neighbor detail and show cdp entry?
A.The show cdp neighbor detail command shows all neighbor information, while show cdp entry displays only one line of output for each neighbor.
B.The show cdp entry command shows neighbor information for specific neighbors only, while show cdp neighbor detail lists each neighbor with detailed output on each.
C.The show cdp entry command shows neighbor information for all neighbors with one line of output for each, while show cdp neighbor detail lists each neighbor with detailed output on each.
D.The show cdp neighbor detail command shows neighbor information for a single neighbor only, while show cdp entry displays detailed output on each neighbor known.
Answer: B

5.Refer to the exhibit. A person is trying to send a file from a host on Network A of the JAX Company to a server on Network Z of the XYZ Company. The file transfer fails. The host on Network A can communicate with other hosts on Network A. Which command, issued from router RTA, would be the most useful for troubleshooting this problem?

A.show flash:
B.show history
C.show version
D.show interfaces
E.show controllers serial
Answer: D

6.If NVRAM lacks boot system commands, where does the router look for the Cisco IOS by default?
A.ROM
B.RAM
C.Flash
D.bootstrap
E.startup­config
Answer: C

7.Which Layer 4 protocol is used for a 640-821
Telnet connection?
A.IP
B.TCP
C.UDP
D.ICMP
E.DNS
Answer: B

8.What is the subnet address of 172.16.159.159/22?
A.172.16.0.0
B.172.16.128.0
C.172.16.156.0
D.172.16.159.0
E.172.16.159.128
F.172.16.192.0
Answer: C

9.What is the purpose of flow control?
A.to ensure data is retransmitted if an acknowledgment is not received
B.to reassemble segments in the correct order at the destination device
C.to provide a means for the receiver to govern the amount of data sent by the sender
D.to regulate the size of each segment
Answer: C

10.During the boot sequence, a 2600 series router needs to locate and load an operating system. What is the default order the router uses to find an operating system?
A.Flash, TFTP server, ROM
B.Flash, TFTP server, RAM
C.Flash, NVRAM, TFTP server
D.ROM, TFTP server, Flash
E.Flash, ROM, TFTP server
Answer: A

11.What is the subnet address for the IP address 172.19.20.23/28?
A.172.19.20.0
B.172.19.20.15
C.172.19.20.16
D.172.19.20.20
E.172.19.20.32
Answer: C

12.Which two statements describe the IP address 640-821 dumps
10.16.3.65/23? (Choose two.)
A.The subnet address is 10.16.3.0 255.255.254.0.
B.The lowest host address in the subnet is 10.16.2.1 255.255.254.0.
C.The last valid host address in the subnet is 10.16.2.254 255.255.254.0
D.The broadcast address of the subnet is 10.16.3.255 255.255.254.0. E.The network is not subnetted.
Answer: B, D

13.An administrator issues the show ip interface s0/0 command and the output displays the line Serial0/0 is up, line protocol is upWhat does “line protocol is up” specifically indicate about the interface?
A.Keepalives are being received on the interface.
B.The cable is attached properly.
C.CDP has discovered the connected device.
D.A carrier detect signal has been received from the connected device.
E.IP is correctly configured on the interface.
Answer: A

14.The Hub and Spoke routers are directly connected through their serial interfaces for purposes of testing. Based on the output shown in the exhibit, what must be done to make the serial line operational?

A.Start the clock on the Hub router.
B.Change the IP address on the Spoke router.
C.Configure the serial 0/0 interface on the Spoke router with a clockrate.
D.Replace the broken cable between the two devices.
E.Use the no shutdown command on the Hub router.
Answer: C

15.Which command will reinitialize the router and totally replace the running configuration with the current startup configuration?
A.router# reload
B.router# copy tftp startup­config
C.router# copy startup­config running­config
D.router# copy running­config flash
E.router# setup F.router# restart
Answer: A

16.Refer to the graphic. What is the purpose of the two numbers shown following the exec­timeout command?

A.If no commands have been typed in 55 seconds, the console connection will be closed.
B.If no router activity has been detected in one hour and 55 minutes, the console will be locked out.
C.If no commands have been typed in one minute and 55 seconds, the console connection will be closed.
D.If connected to the router by Telnet, input must be detected within one hour and 55 seconds or the connection will be closed.
E.If connected to the router by Telnet, input must be detected within one minute and 55 seconds or the connection will be closed.
Answer: C

17.How will a Cisco 2600 series router respond if the conditions listed below exist during the boot process? 1) The IOS image in flash is missing. 2) No network connectivity is available. 3) The router fallback IOS image is corrupt.
A.The router will enter setup mode.
B.The router will enter ROM monitor mode.
C.The router will enter global configuration mode.
D.The boot will hang until an IOS is available.
E.The router will enter the prompted setup dialog.
Answer: B

18.A router receives a packet on interface 172.16.45.66/26. The source IP of the packet is
172.16.45.126/26 and the destination is 172.16.46.191/26. How will the router handle the packet?
A.The destination is a host on another subnet, so the router will not forward the packet.
B.The destination is a host on the same subnet, so the router will forward the packet.
C.The destination is a broadcast address, so the router will not forward the packet.
D.The destination is a network address, so the router will forward the packet.
Answer: C

19.Host A needs to communicate with the email server shown in the graphic. What address will be placed in the destination address field of the frame when it leaves Host A?

A.the MAC address of Host A
B.the MAC address of Switch 1
C.the MAC address of E0 of the router
D.the MAC address of E1 of the router
E.the MAC address of Switch 2
F.the MAC address of the email server
Answer: C

20.What is the default configuration register setting on most Cisco routers?
A.0×2210
B.0×2104
C.0×2102
D.0×2012
E.0×2142
Answer: C

21.Which statements are true regarding ICMP packets? (Choose two.)
A.They acknowledge receipt of TCP segments.
B.They guarantee datagram delivery.
C.They can provide hosts with information about network problems.
D.They are encapsulated within IP datagrams.
E.They are encapsulated within UDP datagrams.
Answer: C, D

22.Which statements accurately describe CDP? (Choose three.)
A.CDP is an IEEE standard protocol.
B.CDP is a Cisco proprietary protocol.
C.CDP is a datalink layer protocol.
D.CDP is a network layer protocol.
E.CDP can discover directly connected neighboring Cisco devices.
F.CDP can discover Cisco devices that are not directly connected.
Answer: B, C, E

23.Which types of cables are required to interconnect the devices shown in the graphic? (Choose three.)

A.V.35 cable
B.crossover cable
C.USB cable
D.RJ­11 cable
E.rollover cable
F.straight­through cable
Answer: B, E, F

24.Why is the show processes command used on a router before a debug command is entered?
A.to verify the IOS version that is running
B.to verify the amount of space in flash memory
C.to view the number of timers that are currently in use
D.to verify that the CPU utilization is low enough to handle the effects of a debug command
E.to check if the load meter file has enough space left to store the output of the debug command
Answer: D

25.Which of the following commands displays the configurable 640-821 study guide
parameters and statistics of all interfaces on a router?
A.show running­config
B.show startup­config
C.show interfaces
D.show processes
E.show versions
Answer: C

1. What does Apple recommend you do before replacing or installing any internal parts in an Xserve?
A. Remove all drive modules from the Xserve.
B. Remove the Xserve from its rack.
C. Press the System Identifier button.
D. Unlock all drive module bays.
Answer: B

2. What is the main function of Server 9L0-007
Monitor?
A. It provides detailed status of Xserve hardware functionality.
B. it executes a full suite of diagnostics on all internal Xserve hardware.
C. It monitors the Mac OS X Server operating system and reports on any unauthorized users.
D. It provides the video driver software to support connection of an Apple Cinema display to an Xserve running Mac OS X Server.
Answer: A

3. The LED on a MacBook MagSafe power adapter doesn’t illuminate at all when it’s plugged into the MacBook and you know the adapter is connected to a known good power source. What is most likely the cause of this symptom?
A. The MacBook has a faulty main battery.
B. The MagSafe adapter needs to be reset first.
C. The MacBook requires an SMC firmware update.
D. A MagSafe adapter connector pin is stuck down.
Answer: D

4. A MacBook Pro powers on with no image on the built-in display. You connect an external display and restart the MacBook Pro, yet you still see no image on either display. Which of the following is most likely the cause of this symptom?
A. Dead battery
B. Not enough RAM
C. Faulty optical drive
D. RAM not completely seated
Answer: D

5. To ensure proper fan and temperature control in the Power Mac G5, you must run the thermal calibration routine found on the ______ disc whenever you replace a processor or logic board with a new processor or logic board.
A. Apple Service Diagnostic
B. Apple Hardware Test
C. Fan Control Installer
D. Mac OS X Installer
Answer: A

6. You are troubleshooting an eMac that has no 9L0-007 dumps
image on its built-in display. You have already checked user controls and reset PRAM, but the issue persists. When you connect an external display to the eMac’s VGA output port and restart the eMac, you see a proper image on the external display. Which of the following service modules would most likely be the cause of these symptoms?
A. Display Analog Assembly
B. Power Supply Assembly
C. Logic Board
D. Hard drive
Answer: A

7. A customer’s iBook G4 forgets the time and date when the main battery is completely drained and there is no AC adapter connected for several hours. Is this behavior normal?
A. Yes
B. No
Answer: A

8. Which of the following PowerBook G4 models does NOT support hot-swapping the main battery?
A. PowerBook G4 (12-inch)
B. PowerBook G4 (15-inch)
C. PowerBook G4 (17-inch)
Answer: A

9. On a MacBook Pro, Safe Sleep ensures that _____.
A. any open IP ports from services are closed before putting the machine to sleep
B. the machine is locked with a configured password after a specified amount of time
C. data stored in main memory will not be lost should the system shut down due to power loss while the machine is asleep
D. the user is prompted to save documents in any open applications before machine is put to sleep using the Sleep command from the Apple menu
Answer: C

10. What is the function of the SMC in an Intel Mac?
A. The SMC controls all aspects of power flow.
B. The SMC controls the speed of the hard drive.
C. The SMC manages the amount of virtual 9L0-007 study guide

memory used.
D. The SMC manages all communication with attached peripherals.
Answer: A

1. A domain controller named DC12 runs critical services. Restructuring of the organizational unit hierarchy for the domain has been completed and unnecessary objects have been deleted. You need to perform an offline defragmentation of the Active Directory database on DC12. You also need to ensure that the critical services remain online. What should you do?
A. Start the domain controller in the Directory Services restore mode. Run the Defrag utility.
B. Start the domain controller in the Directory Services restore mode. Run the Ntdsutil utility.
C. Stop the Domain Controller service in the Services (local) Microsoft Management Console (MMC). Run the Defrag utility.
D. Stop the Domain Controller service in the Services (local) Microsoft Management Console (MMC). Run the Ntdsutil utility.
Answer: D

2. Your company has a domain controller server that runs Windows Server 2008. The server is routinely backed up over the network from a dedicated backup server that runs Microsoft Windows Server 2003. Your manager asks you to prepare the domain controller for disaster recovery independent of the routine backup procedures. You attempt to back up the system state data for the domain controller, but you are unable to launch the Backup utility. You need to back up system state data from the Windows Server 2008 domain controller server. What should you do?
A. Add your user account to the local Backup Operators group.
B. Use the Server Manager feature to install the Windows Server Backup feature.
C. Use the Server Manager feature to install the Removable Storage Manager feature.
D. Deactivate the backup job that is configured to back up the 70-649

Windows Server 2008 domain controller server on the Windows Server 2003 backup server.
Answer: B

3. Your company has an Active Directory forest that has six domains. The company has 15 sites. The company requires a new distributed application that uses a custom application directory partition named ResData for data replication. The application is installed on one member server in five sites. You need to configure the five member servers to receive the ResData application directory partition for data replication. What should you do?
A. Run the Dcpromo utility on the five member servers.
B. Run the Regsvr32 command on the five member servers.
C. Run the Wbadmin command on the five member servers.
D. Run the RacAgent utility on the five member servers.
Answer: A

4. Your company has an Active Directory forest. The company requires a new distributed application that uses a custom application directory partition named ResData. You need to implement the ResData application directory partition for data replication. Which are the two utilities that you can run to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Dnscmd
B. Ntdsutil
C. Wbadmin
D. RacAgent
E. Regsvr32
Answer: A,B

5. Your company has an Active Directory forest as shown in the following table.
There are 10 domain controllers in each domain. You use the Remote Desktop utility from your workstation in the ma.corp.contoso.com domain.
You are modifying the folder permissions on a file server named FS1 in the ca.corp.contoso.com domain.
When you use the Microsoft Windows Explorer utility to access the Security tab of the folders, you discover that some entries start with S-1-5-21 and no account name is listed.
You need to ensure that the Security tab of the folders display the account names.
What should you do?
A. Configure the FS1 server as a Global Catalog server.
B. Modify the schema to enable replication of the friendlynames attribute to the Global Catalog.
C. Move the RID Master role in the ma.corp.contoso.com domain to a domain controller that does not hold the Global Catalog.
D. Move the Infrastructure Master role in the ma.corp.contoso.com domain to a domain controller that does not contain the Global Catalog.
Answer: D

6. Your company has three Active Directory domains in a single forest. You install a new Active DirectoryCenabled application. The application extends the Active Directory schema with new user attributes. You discover a significant increase in the Active Directory replication traffic to the Global Catalogs after the new application is installed. You need to prevent the new attributes from being replicated to the Global Catalogs. What should you do?
A. Uninstall the application.
B. Delete the new attributes from the Active Directory schema.
C. Change replication interval to 9990 for the DEFAULTIPSITELINK object.
D. Modify the properties in the Active Directory schema for the new attributes.
Answer: D

7. Your company has a branch office that is configured as a separate Active Directory site. The site has an Active Directory domain controller. The Active Directory site requires a local Global Catalog server to support a new application. You need to configure the domain controller in the branch office as a Global Catalog server. Which tool should 70-649 dumps
you use?
A. The Dcpromo.exe utility
B. The Computer Management console
C. The Active Directory Domains and Trusts console
D. The Active Directory Sites and Services console
E. The Server Manager console
Answer: D

8. Your company, Contoso, Ltd., has an Active Directory forest that has 12 domains. The company has 24 offices. One of the branch offices has 40 users. The users are members of a universal group that grants them access to resources in all the 24 offices. The branch office has a domain controller named Contoso17. The branch office is connected to the corporate network by a 128-Kbps WAN connection. The WAN connection is available only during business hours. Users report that they are unable to log on to the network after business hours. You need to enable user logons at any time of the day. What should you do?
A. Configure Contoso17 as a bridgehead server for the branch office site.
B. Enable universal group membership caching for the branch office site.
C. Decrease the replication interval on the site link that connects the branch office to the corporate network.
D. Increase the replication interval on the site link that connects the branch office to the corporate network.
E. Deploy a read-only domain controller (RODC) at the branch office site.
Answer: B

9. Your company has a main office and five branch offices. The Active Directory forest of the company is configured as a single domain that has four sites. The domain has a server with Active Directory Certificate Services (AD CS) installed and configured as an Enterprise Root Certificate Authority (CA). The Enterprise Root CA certificate is installed on all computers in the domain. You install a new application on all computers. The company security policy requires that the application must use only Lightweight Directory Access Protocol over Secure Sockets Layer (LDAPS). You discover that the application is unable to connect to a global catalog server in a remote site. You need to test the LDAPS connection between the client computer and the global catalog server in the remote site. What should you do?
A. Run the Ldp.exe tool.
B. Run the Repadmin.exe tool.
C. Run the Certification Authority console.
D. Run the Active Directory Sites and Services console.
Answer: A

10. You have a Windows server core installation of Windows Server 2008. The installation was completed by using the default settings. You plan to make the server accessible to the domain users. You 70-649 study guide
need to change the server name. You also need to join the server to the domain. Which tool should you run?
A. Netsh.exe
B. Netdom.exe
C. Ocsetup.exe
D. Oclist.exe
Answer: B

1. Which statements are true? (Choose all that apply.)
A. The data dictionary is created and maintained by the database administrator.
B. The data dictionary views can consist of joins of dictionary base tables and user-defined tables.
C. The usernames of all the users including the database 1Z0-047
administrators are stored in the data dictionary.
D. The USER_CONS_COLUMNS view should be queried to find the names of the columns to which a constraint applies.
E. Both USER_OBJECTS and CAT views provide the same information about all the objects that are owned by the user.
F. Views with the same name but different prefixes, such as DBA, ALL and USER, use the same base tables from the data dictionary
Answer: C, D, F

2. View the Exhibit and examine the structure of the MARKS_DETAILS and MARKStables.

Which is the best method to load data from the MARKS_DETAILStable to the MARKStable?
A. Pivoting INSERT
B. Unconditional INSERT
C. Conditional ALL INSERT
D. Conditional FIRST INSERT
Answer: A

3. Which three statements are true regarding single-row functions? (Choose three.)
A. They can accept only one argument.
B. They can be nested up to only two levels.
C. They can return multiple values of more than one data type.
D. They can be used in SELECT, WHERE, and ORDER BY clauses.
E. They can modify the data type of the argument that is referenced.
F. They can accept a column name, expression, variable name, or a user-supplied constant as arguments.
Answer: D, E, F

4. Which two statements are true regarding operators 1Z0-047 dumps
used with subqueries? (Choose two.)
A. The NOT IN operator is equivalent to IS NULL.
B. The <ANY operator means less than the maximum.
C. =ANY and =ALL operators have the same functionality.
D. The IN operator cannot be used in single-row subqueries.
E. The NOT operator can be used with IN, ANY and ALL operators.
Answer: B, E

5. Which two statements are true regarding views? (Choose two.)
A. A simple view in which column aliases have been used cannot be updated.
B. A subquery used in a complex view definition cannot contain group functions or joins.
C. Rows cannot be deleted through a view if the view definition contains the DISTINCT keyword.
D. Rows added through a view are deleted from the table automatically when the view is dropped.
E. The OR REPLACE option is used to change the definition of an existing view without dropping and re-creating it.
F. The WITH CHECK OPTION constraint can be used in a view definition to restrict the columns displayed through the view.
Answer: C, E

6. Which two statements are true about sequences created in a single instance database? (Choose two.)
A. The numbers generated by a sequence can be used only for one table.
B. DELETE would remove a sequence from the database.
C. CURRVAL is used to refer to the last sequence number that has been generated.
D. When the MAXVALUE limit for a sequence is reached, you can increase the MAXVALUE limit by using the ALTER SEQUENCE statement.
E. When a database instance shuts down abnormally, the sequence numbers that have been cached but not used would be available once again when the database instance is restarted.
Answer: C, D

7. Which statements are correct regarding indexes? (Choose all that apply.)
A. When a table is dropped, the corresponding indexes are automatically dropped.
B. For each DML operation performed, the corresponding indexes are automatically updated.
C. Indexes should be created on columns that are frequently referenced as part of an expression.
D. A non-deferrable PRIMARY KEY or UNIQUE KEY constraint in a table automatically creates a unique index.
Answer: A, B, D

8. The ORDERS table belongs to the user OE. OE has granted the SELECT privilege on the ORDERS table to the user HR.
Which statement would create a synonym ORD so that HR can execute the following query successfully? SELECT * FROM ord;
A. CREATE SYNONYM ord FOR orders; This command is issued by OE.
B. CREATE PUBLIC SYNONYM ord FOR orders; This command is issued by OE.
C. CREATE SYNONYM ord FOR oe.orders; This command is issued by the database administrator.
D. CREATE PUBLIC SYNONYM ord FOR oe.orders; This command is issued by the database administrator.
Answer: D

9. Which statement is true regarding synonyms?
A. Synonyms can be created for tables but not views.
B. Synonyms are used to reference only those tables that are owned by another user.
C. A public synonym and a private synonym can exist with the same name for the same table.
D. The DROP SYNONYM statement removes the synonym, and the status of the table on which the synonym has been created becomes invalid.
Answer: C

10. ORD is a private synonym for the OE. ORDERS table. The user OE issues the following command:
DROP SYNONYM ord;
Which statement is true regarding the above SQL statement?
A. Only the synonym would be dropped.
B. The synonym would be dropped and the corresponding table 1Z0-047 study guide
would become invalid.
C. The synonym would be dropped and the packages referring to the synonym would be dropped.
D. The synonym would be dropped and any PUBLIC synonym with the same name becomes invalid.
Answer: A