You work as the network administrator at certifyme.com. The certifyme.com
network consists of a single Active Directory forest.350-001 The functional level of the forest
is set at Windows Server 2003.
The certifyme.com network contains a file server named certifyme-SR07 that
hosts a shared folder in a child domain in certifyme.com's forest.
certifyme.com has a sister company that has its own Active Directory forest.
You need to ensure that users, who belong to a child domain in the sister company's
Active Directory forest, are provided with access to the shared folder in the child
domain in certifyme.com's Active Directory forest. You also need to ensure that
these users are unable to access any other resources in certifyme.com's forest.
What should you do?
A. You have to create an external trust, and configure it with the selective authentication
option.
B. You have to create a forest trust, and configure it with the domain-wide authentication
option.
C. You have to create an external trust, and configure it with the domain-wide
authentication option.
D. You have to create a forest trust, and configure it with the selective authentication
option.
Answer: A
Explanation:
Leading the way in IT testing and certification tools, www.certifyme.com
- 6 -
An external trust is always nontransitive, and can be either one-way or two-way.
This type of trust is used to create a relationship between a Windows Server 2003
domain and one running Windows NT 4.0. It can also be used to connect two
domains that are in different forests, and don't have a forest trust connecting them.
In this scenario, you have to create outgoing external trust from the domain where
the file server is located to the sister company's domain where the users require
access to a resource in certifyme.com's forest.640-802 This will allow users from the sister
company's domain to authenticate directly to certifyme.com's resource domain.
Selective authentication allows users from a trusted domain to authenticate only to
those resources to which they are explicitly allowed to authenticate.
Incorrect Answers:
B, D: A forest trust is appropriate when users from multiple domains in one forest require VCP-310
access to resources in multiple domains in another forest.
C: Configuring Domain-wide authentication would provide users from trusted domains
the same level of access to local resources that local users have.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment