Certidea 70-351 exam questions and answers

Microsoft
70-351
TS: MS Internet Security & Acceleration Serv 2006,
Configuring
The
h fo
f l
o l
l o
l w
o in
i g
n s
g are
r so
s m
o e ti
t p
i s
p mad
a e
d fo
f r
o yo
y u
o ,
u we re
r co
c m
o men
e d
n
yo
y u
o
to
t
re
r ad
a th
t e
h m ca
c re
r fu
f l
u l
l y
l
si
s n
i c
n e
c
th
t e
h y ca
c n he
h lp
l yo
y u
o le
l a
e rn
r be
b tt
t e
t r.
r
Do
D '
o s and
n Don
o '
n t
' s
Do’s: Study our products rather than just remember the questions and answers. Certidea
materials are strictly selected by our experts according to the official standards. After studying
them you can enhance your ability.
Don’ts: Do not go through our products just once. You should make sure you can have
enough time to master our materials in case you have missed something. We guarant ee that
you can pass your exam after fully studying our products.
Pro
r m
o pt
p Up
U d
p a
d te
t
You can rest assured that every Certidea product is of the latest version. We are constantly
updating our products to make sure our quality. You can enjoy a 120-day free update after the
purchase and you should check your member zone at Certidea an update 3-4 days bef ore the
scheduled exam date.
Deve
v l
e o
l p
o m
p ent
n
If you have some complaints or suggestions, please let us know. No matter what is the
problem, we are eager to hear from our customers to develop ourselves. You can contact us
at feedback@Certidea.com and should include the following s: exam number, version, page
number, question number, and your login ID. We will solve your problems as soon as possible.
Certidea--Lead Your Way to Certif icates
----------------------------------------------------------------------------------------------------------------------
Sales and Support Manager
Sales Team: sales@Certidea .com
Support Team: support@Certidea .com
---------------------------------------------------------------------------------------------------------------------
Co
C p
o y
p r
y i
r g
i h
g t
h
A unique serial number associated with your particular name and contact information is
contained in each PDF file for security purposes. So if we find you have distributed a
particular PDF file, Cert idea reserves the right to take legal action against you according to
the International Copyright Laws.
Lead your way to certificates!

---

Question: 1
Your network contains an ISA Server 2006 computer named ISA1. ISA1 provides Internet
access for all users on the companys network. All computers on the network are configured
as
SecureNA T clients. You create an access rule on ISA1 that allows all users access to all
protocols on the External network. You view the Firewall log and the Web Proxy filter log on
ISA1 and notice that the URLs of Web sites visited by company users are not displayed. You
need to ensure that the URLs of Web sites visited by company users are displayed in the
ISA1 log files.
What should you do?
A. Conf igure all network computers as Web Proxy clients.
B. Conf igure all network computers as Firewall clients.
C. Conf igure ISA1 to require authentication for Web requests.
D. Conf igure ISA1 to require authentication for all protocols.
Answer: D
Question: 2
Your company has a main office and is adding a branch office. You are connecting the main
office and branch office networks. You install ISA Server 2006 on a computer at each office,
and you create a site-to-site VPN connection between the ISA Server computers. You create
remote site networks on the ISA Server computers at both offices. You choose the L2TP over
IPSec VPN protocol. You want to use a preshared key for the IPSec authentication. You open
the Routing and Remote Access console and enter the preshared key in the Properties dialog
box for the Routing and Remote Access server. The site-to-site L2TP over IPSec connection is
successful.
You then restart the ISA Server computers and discover that the site-to-site connection fails.
You need to ensure that the L2TP over IPSec site-to-site VPN connections continue to
function properly after the ISA Server computers are restarted. What should you do?
A. Re-enter the preshared keys on the ISA Server computers at both offices. Change the
preshared keys so that they include mixed-case letters, numbers, and symbols.
B. Remove all certificates for the ISA Server computers at both offices.
C. On the ISA Server computers at both offices, remove the preshared key from the Routing
and Remote Access console, and enter the key on the Authentication tab of the Virtual Privat e
Networks (VPN) Properties dialog box.
D. Install user certificates on the ISA Server computers in both offices and enable EAP user
authentication for the demand-dial accounts.
Answer: C
Question: 3
Your network contains an ISA Server 2006 computer named ISA1, which functions as a
Lead your way to certificates!

---

remote access VPN server for the network. ISA1 is a member of a workgroup. ISA1 is
configured to accept only EAP authentication for VPN clients. All VPN clients have been
assigned user certificates from the corporate enterprise certification authority (CA). Users
report that they cannot connect to the network. They state that they receive the following error
message: Error 691:
Access was denied because the username and/or password was invalid for the domain. You
need to ensure that VPN users can connect to the network. What should you do?
A. Join ISA1 to the corporate network domain.
B. Place the CA certificate into the VPN clients Trusted Root Certif ication Authorities computer
certificate store.
C. Enable remote access permissions for the VPN user accounts in Active Directory.
D. Conf igure ISA1 to use RADIUS authentication.
Answer: A
Question: 4
Your network contains an ISA Server 2006 array. The array contains six members. You enable
Cache Array Routing Protocol (CARP) so that outbound Web requests are resolved within the
array. Soon after you enable CARP on the array, Web users on the corporate network report
that Internet access is slower than normal. You use Network Monitor to check network traffic
patterns on each of the ISA Server 2006 array members. You discover that there is very high
network utilization on the intra-array network. You need to reduce the amount of intra-array
traffic.
What should you do?
A. Enable Network Load Balancing on the intra-array network.
B. Conf igure the client computers as SecureNA T clients.
C. Use automatic discovery to configure the client computers as Web Proxy clients.
D. Enable CARP on the intra-array network.
Answer: C
Question: 5
You work as an IT prof essional in an international corporation named Wiikigo. In the company,
your job is to configure Microsoft Internet Security and Acceleration Server
2006. And you are experienced in performing and managing networks and operational
systems. In addition, you are skilled at deploying ISA Server 2006, configuring firewall settings,
and optimizing performance of the ISA Server 2006 cache. Two ISA Server 2006 Enterprise
Edition computers are included by your network and the two computers are respectively
named ISA01 and ISA02. ISA01 and ISA02 are members of an ISA Server 2006 array. The
array is set to have outgoing Web requests cached. The array is set so as to have the cached
Web content distributed between ISA01 and ISA02. The traffic on the intra-array network
should be cut to the least. Which action should be performed to achieve the goal?
Lead your way to certificates!

---

A. To achieve the goal, Network Load Balancing should be set on the Internal network.
B. To achieve the goal, Cache Array Routing Protocol (CARP) should be enabled on the Local
Host network.
C. To achieve the goal, the client computers should be enabled to download the automatic
configuration script.
D. To achieve the goal, a content download job should be set on the array.
Answer: C
Question: 6
You work as an IT prof essional in an international corporation named Wiikigo. In the company,
your job is to configure Microsoft Internet Security and Acceleration Server
2006. And you are experienced in performing and managing networks and operational
systems. In addition, you are skilled at deploying ISA Server 2006, configuring firewall settings,
and optimizing performance of the ISA Server 2006 cache. There is a main office and a
branch office in your company. A single ISA enterprise is contained by the network. Two ISA
Server 2006 Enterprise Edition arrays are included by the ISA enterprise, and the two arrays
are respectively named Array01 and Array02. A support technician should be enabled to have
log information monitored for Array01. The least amount of permissions will be offered to finish
the task. From the following four ISA roles, which one should be assigned to the support
technician?
A. To finish the task, ISA Server Array Monitoring Auditor for Array01 should be assigned.
B. To finish the task, ISA Server Array Auditor for Array01 should be assigned.
C. To finish the task, ISA Server Enterprise Auditor should be assigned.
D. To finish the task, ISA Server Enterprise Monitoring Auditor should be assigned.
Answer: B
Question: 7
You work as an IT prof essional in an international corporation named Wiikigo. In the company,
your job is to configure Microsoft Internet Security and Acceleration Server
2006. And you are experienced in performing and managing networks and operational
systems. In addition, you are skilled at deploying ISA Server 2006, configuring firewall settings,
and optimizing performance of the ISA Server 2006 cache. A server is included by your
network, and ISA Server 2006 is run by the server. Microsoft Exchange Server 2007 is utilized
by your company for e-mail. Users utilize Microsoft Office Outlook 2007 to access their e-mail.
Users should be allowed to access their e-mail remotely. The number of ports that are opened
should be minimized by your solution. Which action should be performed?
A. From the Mail Server Publishing Rule Wizard, the Outlook (RPC) service should be
selected.
B. From the Exchange Publishing Rule Wizard, the Outlook Web Access service should be
Lead your way to certificates!

---

selected.
C. From the Exchange Publishing Rule Wizard, the Outlook Anywhere (RPC/HTTP(s)) service
should be selected.
D. From the Exchange Publishing Rule Wizard, the ActiveSync service should be selected.
Answer: C
Question: 8
You work as an IT prof essional in an international corporation named Wiikigo. In the company,
your job is to configure Microsoft Internet Security and Acceleration Server
2006. And you are experienced in performing and managing networks and operational
systems. In addition, you are skilled at deploying ISA Server 2006, configuring firewall settings,
and optimizing performance of the ISA Server 2006 cache. An ISA Server 2006 computer
named ISA01 is included by your network. A new secure Web site is deployed by the company.
An application named App01 is hosted by the Web site. The client IP source address in the
App01 logs App01 should be recorded for every request. ISA01 should be set to have the new
Web site published. First, an SSL Web publishing rule is created by you. Now, the rule should
be configured so as to satisfy the requirements. Which action should be performed?
A. The rule should be set to forward the original host header to the published Web server.
B. The rule should be set to forward the requests so that they appear to come from ISA01.
C. The rule should be set to forward the requests so that they appear to come from the original
client.
D. The rules link translation should be set to replace absolute links in all Web pages.
Answer: C
Question: 9
Your network contains one ISA Server that provides Web proxy and cache capabilities.
You need to create a report that shows which clients have the highest number of dropped
packets.
Which content should you include in your report?
A. Security
B. Summary
C. Traf fic and Utilization
D. Web Usage
Answer: A
Question: 10
You have a computer named ISA1 that runs ISA Server 2006 Standard Edition. You have
reports that contain information about Web usage and Security content.
You need to give a support technician the ability to create alerts definitions. You must achieve
Lead your way to certificates!

---

this goal while providing the minimum permissions possible.
Which rights should you assign to the support technician?
A. ISA Server Auditor
B. ISA Server Full Administrator
C. ISA Server Monitoring Auditor
D. Windows Power User on ISA1
Answer: B
Lead your way to certificates!

---