70-350 考试题库
Implementing Microsoft Internet Security and Acceleration (ISA) Server 2004
科目编号 : 70-350
考题名称 : Implementing Microsoft Internet Security and Acceleration (ISA) Server 2004
题库数目 : 50 Q&As
更新时间 : 2010-1-18
Exam : Microsoft 70-350
Title : Implementing Microsoft Internet Security and Acceleration (ISA) Server 2004
1. In your organization client computers on the internal network are divided among several subnets by using routers.
You install an ISA Server 2004 computer named ISA1. ISA1 policies have been configured to allow users to access Web sites on the Internet. You configure TCP/IP on ISA1 as shown in the exhibit. (Click the Exhibit button.)
Users report that they cannot access Web sites on the Internet.
You need to ensure that users can access Web sites on the Internet.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Configure the internal default gateway to match the external default gateway.
B. Configure a static route to each subnet.
C. Add the IP address of the internal default gateway to the Remote Management Computers computer set.
D. Configure the internal network adapter with a blank default gateway.
E. Create a network set for each subnet.
Answer: DB
2. Your network contains a single ISA Server 2004 computer named ISA1. ISA1 is not yet configured to allow inbound VPN access.
You deploy a new application named App1. The server component of App1 is installed on an internal server named Server1. The client component of App1 is installed on employee and partner computers. Employees and partners will establish VPN connections when they use App1 from outside the corporate network.
You identify the following requirements regarding VPN connections to the corporate network.
·Employees must be allowed access to only Server1, three file servers, and an internal Web server named Web1.
·Employees must have installed all current software updates and antivirus software before connecting to any internal resources.
·Partners must be allowed access to only Server1.
·You must not install any software other than the App1 client on any partner computers.
You need to plan the VPN configuration for the company.
What should you do?
A. Configure ISA1 to accept incoming VPN connections from partners and employees.
Enable Quarantine Control on ISA1.
Configure Quarantine Control to disconnect users after a short period of time.
use access rules to allow access to only the permitted resources.
B. Configure ISA1 to accept incoming VPN connections from partners and employees.
Enable Quarantine Control on ISA1.
Exempt partners from Quarantine Control.
use access rules to allow access to only the permitted resources.
C. Configure ISA1 to accept incoming VPN connections from partners and employees.
Enable Quarantine Control on ISA1.
Enable RADIUS authentication and user namespace mapping.
Configure a Windows Server 2003 Routing and Remote Access server as a RADIUS server.
Create a single remote access policy.
D. Add a second ISA Server 2004 computer named ISA2.
Configure ISA1 to accept VPN connections from employees. Do not enable Quarantine Control on ISA1.
Configure ISA2 to accept VPN connections from partners. Enable Quarantine Control on ISA2.
On each server, use access rules to allow access to only the permitted resources.
Answer: B
3. You are a network administrator for Litware, Inc. The network contains an ISA Server 2004 computer named ISA ISA1 is configured to allow outbound Internet access. A listener named DefaultHTTP is also configured to listen for requests on port 80 on the external interface.
The Internal network contains two Web sites named HR and Sales, which are used by employees. The HR Web site is stored on a Web server named Web1.litwareinc.com. The Sales Web site is stored on a Web server named Sales1.litwareinc.com. Employees access the Litware, Inc., Web site by using the URL http://www.litwareinc.com.
You must allow employees to access both the HR Web site and the Sales Web site from the Internet. You must ensure that employees can access the HR Web site by using the URL http://www.litwareinc.com/hr. You must also ensure that employees can access the Sales Web site by using the URL http://www.litwareinc.com/sales.
What should you do?
A. Configure one of the Web servers to listen for HTTP requests on port 8080.
Create two server publishing rules. Create one of the rules to respond to requests on port 8080, and configure this rule to forward requests to one internal Web server. Create the other rule to use the DefaultHTTP listener, and configure this rule to forward to the other internal Web server.
B. Create one Web publishing rule by using the path /Sales/* and redirect to Web1.litwareinc.com. Create one Web publishing rule by using the path /HR/* and redirect to Sales1.litwareinc.com Configure each rule to use the DefaultHTTP listener.
C. Create two server publishing rules. Configure each rule to forward to a different internal Web server. Configure each internal Web server to listen for HTTP requests on an unused port.
D. Create one Web publishing rule by using the path /HR/* and redirect to Web1.litwareinc.com. Create one Web publishing rule by using the path /Sales/* and redirect to Sales1.litwareinc.com Configure each rule to use the DefaultHTTP listener.
Answer: D
4. You are a network administrator for your company. You are installing ISA Server 2004 on two computers named ISA1 and ISA2. The network is configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that the implementation plan meets the following requirements:
·All devices that pass outbound traffic must perform network address translation (NAT).
·All Internet-accessible internal resources must be published.
·All traffic between two network interfaces on an ISA Server computer must be subject to inspection.
Which interface or interfaces should be configured as an internal interface? (Choose all that apply.)
A. Adapter A
B. Adapter B
C. Adapter C
D. Adapter D
Answer: (B AND D) AND ONLY (B, D)
5. Your company has a main office, two branch offices, and one research office. An ISA Server array is configured for the main, and the two branch offices. All arrays are members of the same ISA Server 2004 enterprise.
A Configuration Storage server is located in the main office. Replica Configuration Storage servers are located in each branch office. Administrators at the main office administer the enterprise settings and the main office array. The administrators at each branch office administer the arrays at their respective branch offices.
You need to install a new ISA Server array in the research office. You need to ensure that only research office administrators can manage access rules for the array.
What should you do?
A. Configure a replica Configuration Storage server. Assign the research office administrators the ISA Server Array Administrator role.
B. Configure a new array in the existing enterprise. Assign the research office administrators the ISA Server Array Administrator role.
C. Configure a new array in the existing enterprise. Assign the research office administrators the ISA Server Enterprise Administrator role.
D. Configure a new Configuration Storage server in the research office. Configure it as a new enterprise. Assign the research office administrators the ISA Server Enterprise Administrator role.
Answer: D