Free Pass4sure Microsoft MCAD 70-551(CSharp) 2. 95 Download

UPGRADE:MCAD Skills to MCPD Dvlpr by Using the MS.NET Frmwk : 70-551(CSharp) Exam

Exam Number/Code: 70-551(CSharp)
Exam Name: UPGRADE:MCAD Skills to MCPD Dvlpr by Using the MS.NET Frmwk

“UPGRADE:MCAD Skills to MCPD Dvlpr by Using the MS.NET Frmwk”, also known as 70-551(CSharp) exam, is a Microsoft certification. With the complete collection of questions and answers Q&as with Expert Explanations, Pass4sure has assembled to take you through 88 Q&As to your 70-551(CSharp) Exam preparation. In the 70-551(CSharp) exam resources, you will cover every field and category in MCAD.NET helping to ready you for your successful Microsoft Certification.

QUESTION 1:
You are the network administrator for PassGuide . The network consists of a Windows
2000 Active Directory domain. The domain contains 50 Windows NT Workstation 4.0
computers and 50 Windows 2000 Professional computers. Some Windows 2000
Professional computers run Internet Services (IIS) and host a Web site for the employees
who use the computers.
You replace all Windows NT Workstation computers with new Windows 2000
Professional computers. You want to ensure that all client communication between all
Windows 2000 computers is digitally signed. However, you want all client computers to
be able to access the Web site on each Windows 2000 Professional computer.
You create a custom security template. You need to configure and apply the template to
the appropriate client computers.
What two actions should you take? (Each correct answer presents part of the solution.
Choose two)
A. Apply the template to all Windows 2000 Professional computers.
B. Apply the template only to Windows 2000 Professional computers not running IIS.
C. Configure the template to enable the Digitally Sign Client Communication (always)
policy.
D. Configure the template to enable the Digitally Sign Server Communication (always)
policy.
E. Configure the template to enable the Digitally Sign Client Communication (when
possible)policy.
F. Configure the template to enable the Digitally Sign Server Communication (when
possible)policy.
Answer: A, C
Explanation:
We want to implement the highest possible security !! therefor we apply the template to
ALL clients pc’s and we implement the Digitally Sign Client Communication (always)
policy.
QUESTION 7:
You are the network administrator for PassGuide . The network consists of a Windows
2000 Active Directory domain. The domain contains 50 Windows NT Workstation 4.0
computers and 50 Windows 2000 Professional computers. You replace all Windows NT
Workstation computers with Windows 2000 Professional computers.
You create an organizational unit (OU) named Workstations. You move all the Windows
2000 Professional computers into the Workstations OU. You create a Group Policy
object (GPO) named Software_settings and link it to the Workstation OU.

Actualtests.com – The Power of Knowing
You configure the Software_settings GPO to distribute an application that is not certified
for Windows 2000. Users report that they cannot save preferred settings in the
application, which uses the systemroot directory. However, this application functioned
correctly when it was installed on Windows NT Workstation computers.
You want to ensure that users can save the preferred settings of the application.
What should you do?
A. Edit the Software_settings GPO and import the Defltwk.inf security template.
B. Edit the Software_settings GPO and import the Compatws.inf security template.
C. Edit the Software_settings GPO and enable the Disable legacy run list policy.
D. Edit the Software_settings GPO and disable the Set Windows File Protection scanning
policy.
Answer: B
Explanation:
By lowering the security levels on specific files, folders, and registry keys that are
commonly accessed by applications, the compatible templates allow most applications to
run successfully.
Incorrect Answers
A: Windows 2000 includes Security Configuration templates that contain the default
settings for NTFS permissions, registry permissions, default user rights, and so on.
Defltwk.inf is used on Windows 2000 Professional computers. By applying this security
template to computers it ensure that they would receive the same security settings as the
cleanly installed computers. However, the computers in this scenario are already cleanly
installed, so there would be no change of security permission.
C: Enabling the Disable legacy run list would prevent listed legacy program from
running.
D: The Set Windows File Protection scanning policy determines when Windows File Protection
scans protected files. This policy directs Windows File Protection to enumerate and scan
all system files for changes.
QUESTION 2:
You are the network administrator for PassGuide . The network contains 3,000 Windows
NT Workstation 4.0 computers. All the computers run a custom software application that
requires customized security settings. Each computer contains the correct security
settings to run the application.
You upgrade one of the computers to Windows 2000 Professional by running Setup from
a network distribution shared folder. The upgrade completes successfully, but the custom
application will not run. You discover that the upgrade process overwrote the computer’s
customized security settings.
You need to ensure that future upgrades to Windows 2000 Professional will not overwrite
the customized security settings.
What should you do?

Actualtests.com – The Power of Knowing
A. Apply the Compatws.inf security template to each computer after it is upgraded to
Windows 2000 Professional.
B. Configure a post-installation batch file that applies the Dwup.inf security template by
running the secedit command.
C. Modify the Dwup.inf security template in the Windows 2000 Professional distribution
shared folder to include the customized security settings.
D. Customize the security settings on the upgraded Windows 2000 Professional
computer.
Use the Security Configuration and Analysis console to export the security settings to a
security template named Upgrade.inf.
Place the template in the Windows 2000 Professional distribution shared folder.
E. Modify the default Hisecws.inf security template to include the customized security
settings.
Save the modified template in the Windows 2000 Professional distribution shared folder.
Answer: C
Explanation:
Windows 2000 uses the following security templates to apply security settings during the
upgrade process:
1. Dwup.inf (for Windows 2000 Professional upgrades)
2. Dsup.inf (for Windows 2000 Server upgrades)
To prevent the upgrade process from modifying custom security settings, you can modify
these text-based templates to ignore the specific folders, files, or registry keys that
contain custom security settings. The modified Dwup.inf is saved in the Distribution
folder and will be applied to all future upgrades.
Note: The Windows 2000 upgrade process applies Windows 2000 default security
settings to registry keys and file system objects. This process overwrites any custom
permissions that you previously defined. If the Windows 2000 default security settings
are in conflict with custom permissions, programs that rely on the custom permissions
may not work properly.
Reference:
HOW TO: Prevent Windows 2000 Upgrade from Modifying Custom Security, Microsoft
Knowledge Base Article – Q260242
Incorrect Answers
A: The Compatws.inf security template only makes Windows 2000 Professional
computer compatible with the Windows NT 4.0 default security settings. However, in
this scenario we must ensure that customized security settings are preserved.
B: We must customize the Dwup.inf security template.
D: The Upgrade.inf security template would not be applied to the upgraded computers.
E: The modified Hisecws.inf security template would not be applied to the upgraded
computers.
QUESTION 3:
You are the network administrator for PassGuide . The network consists of a Windows

Actualtests.com – The Power of Knowing
2000 Active Directory domain. The network contains two Windows 2000 Server
computers configured as domain controllers and 1,500 Windows 2000 Professional client
computers.
Your manager wants you to ensure that your domain Account Polices are no less secure
than the Account Polices of the Securedc.inf template. You run the Security
Configuration and Analysis console on a network domain controller, and you use the
Securedc.inf template to analyze the computer.
You review the Account Lockout Policy portion of the analysis. The relevant portion of
the analysis is shown in the following table.
Policy Database setting Computer setting
Account lockout
duration 30 minutes 0
Account lockout
threshold
5 invalid logon
attempts
3 invalid logon
attempts
Reset account
lockout counter after 30 minutes 20 minutes
Your manager does not want to weaken the existing security. You must increase the
security of the Account Lockout Policy in all areas in which it is less restrictive than the
Securedc.inf template.
What should you do?
A. Import the Securedc.inf template into the Domain Security Policy.
B. Import the Securedc.inf template into the Domain Controller Security Policy.
C. Create a new security template with an Account lockout duration of 0 minutes, and
Account lockout threshold of 3 invalid logon attempts, and a Reset account lockout
counter after policy of 30 minutes.
Import the new template into the Domain Security Policy.
D. Create a new security template with an Account lockout duration of 30, an Account
lockout threshold of 3 invalid logon attempts, and a Reset account lockout counter policy
of 30 minutes.
Import the new template into the Domain Controller Security Policy.
Answer: C
Explanation:
The Account lockout duration policy determines the number of minutes a locked out
account remains locked out before automatically becoming unlocked. The range is 1 to
99999 minutes. You can specify that the account will be locked out until an administrator
explicitly unlocks it by setting the value to 0.
The Account lockout threshold determines the number of failed logon attempts that will
cause a user account to be locked out. A locked out account cannot be used until it is
reset by an administrator or the account lockout duration has expired. You can set values

Actualtests.com – The Power of Knowing
between 1 and 999 failed logon attempts, or you can specify that the account will never
be locked out by setting the value to 0.
By default, this setting is disabled in the Default Domain Group Policy object (GPO) and
in the local security policy of workstations and servers.
The Reset account lockout counter after policy determines the number of minutes that
must elapse after a failed logon attempt before the bad logon attempt counter is reset to 0
bad logons. The range is 1 to 99999 minutes.
By default, this policy is not defined, since it only has meaning when an Account lockout
threshold is specified
When we merge two security templates, by importing the 2nd template, the 2nd imported
template takes precedence when there is contention. As we want maximum security we
need to create a custom security template which only strengthens security on all policies.
Note: You can merge several different templates into one composite template, which can
then can be used for analysis or configuration of a system, by importing each template
into a working database. The database merges the various templates to create one
composite template, resolving conflicts in order of import; the last one imported takes
precedence when there is contention.
The Best solution is this
Policy Setting
Account lockout duration 0 minutes
Account lockout threshold 3 invalid logon attempts
Reset account lockout counter
after 30 minutes
Incorrect Answers
A, B: The Securedc.inf security template would take precedence when there is
contention. It would allow 5 invalid login attempts, which would lower security.
D: We want an Account lockout duration of 0 (admin will unlock), not 30 minutes.