APPENDIX

D
Answers to Instant Assessment Questions,
Review Activities, and Hands-on Labs

Chapter 1: Overview of
W i n d o w s N T W o r k s ta t i o n
and Windows NT Server

Answers to Instant Assessment

1. Windows NT Workstation
2. Windows NT Server
3. Workgroup
4. Domain
5. Kernel mode
6. A virtual memory model
7. See Figure D-1 (on the following page) for answers.



MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1029
 Resources

Logon NTVDM
process

OS/2 Win32 POSIX

application application application
Security
subsystem

OS/2 Win32 POSIX

subsystem subsystem subsystem

User mode
Kernel mode

Executive Services
System Services

I/O Window Virtual Security Object Process Local

Manager Manager Memory Reference Manager Manager Procedure
Manager Monitor Call
Cache Facility
manager
File
System
Drivers
Network Graphic
Drivers Device
Drivers
Hardware Microkernel
Device
Drivers Hardware Abstraction Layer (HAL)

Hardware
FIGURE D-1 Answers to Windows NT 4.0 modular architecture review activity

C h a p t e r 2 : I n s ta l l i n g W i n d o w s N T
W o r k s ta t i o n a n d W i n d o w s N T S e r v e r

Answers to Instant Assessment

1. 486/33 processor with 12MB of RAM and 117MB of free hard disk space
2. 486/33 processor with 16MB of RAM and 124MB of free hard disk space

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1030
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

3. The NTHQ is the NT Hardware Qualifier utility. It is used to examine and

identify a computer’s hardware configuration.
4. Windows NT 4.0 will automatically configure itself to dual boot between
Windows NT 4.0 and the previously installed operating system.
5. The system partition
6. The boot partition
7. FAT and NTFS
8. Windows NT
9. Winnt.exe

Answers to Review Activity

Installing Windows NT troubleshooting practice exercise

Problem 1 Some possible causes of this problem are hardware conflicts (or
incompatibilities), a corrupt boot sector, or a boot sector virus.
Possible courses of action you could take to resolve this problem include
using the NTHQ to examine your hardware configuration, checking for two pieces
of hardware with the same settings (same I/O Port, interrupt, and so on) and
reconfiguring hardware if conflicts are found, and repairing the boot sector by
using Fdisk/mbr from MS-DOS or by using a virus detection utility.

Problem 2 Probably the most common cause of this problem is that the domain
name or the Administrator’s user account name or password has been typed incor-
rectly, or typed in the wrong case. Remember that all passwords in Windows NT
are case-sensitive. Is the Caps Lock key on? Other possible causes of this problem
are incorrect network hardware or software settings, a bad cable or connection, or
a PDC that is inaccessible.
Possible courses of action you could take to resolve this problem include:
retyping the domain name, Administrator’s user account name or password (mak-
ing sure to use the proper case and making sure the Caps Lock key is turned off);
and ensuring that all network hardware and software settings are correct. You
might also check the network cable and connections, and verify that the PDC is up
and accessible on the network.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1031
 Resources

Chapter 3: Configuring Disks

Answers to Instant Assessment

1. The FAT (File Allocation Table) file system, the Windows NT file system
(NTFS), and the Compact Disc Filing System (CDFS)
2. The FAT file system
3. Converting a FAT partition to NTFS
4. From the active primary partition on the first hard disk in the computer
5. On the active primary partition on the first hard disk in the computer
6. You can have up to four primary partitions on one disk, only one extended
partition, and a maximum total of four partitions on a disk.
7. Disk Administrator
8. Disk mirroring
9. A fault tolerance boot disk is used to boot a computer after one hard disk
in a mirrored set fails.
10. The boot loader section and the operating systems section
11. Stripe sets
12. Stripe sets and volume sets
13. Striping with parity, because it is faster and cheaper than disk mirroring,
and provides a modest level of data safety
14. Disk mirroring
15. Rdisk.exe
16. Break the mirror
17. False
18. True
19. False
20. True
21. True
22. False

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1032
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

23. False
24. True
25. True
26. False
27. False

Answers to Review Activities

File system planning exercise

Problem 1 The FAT file system is probably the best choice for this scenario,
because it enables NT to access files on partitions smaller than 500MB faster than
it could by using NTFS.

Problem 2 You must use the FAT file system in this situation in order to accom-
modate both NT and MS-DOS.

Problem 3 NTFS is probably the best choice for this scenario. NTFS usually
provides faster access to files stored on a large partition that contains a large num-
ber of files than the FAT file system provides.

Problem 4 NTFS is the obvious choice for this scenario because it is the only
file system supported by Windows NT 4.0 that provides the required file and folder
security and also supports file compression.

Disk partitioning and fault tolerance planning exercise

Problem 1 Disk mirroring is the best answer because it provides the most fault
tolerance of the four disk partitioning schemes.

Problem 2 A stripe set is the best answer because it provides the fastest access
speed to files.

Problem 3 A stripe set with parity is the best choice, because it provides mod-
erate fault tolerance and a moderate price tag.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1033
 Resources

Chapter 4: Using Control Panel

Answers to Instant Assessment

1. Select Start ➾ Settings ➾ Control Panel, or Select Control Panel in
Windows NT Explorer, or Open the My Computer dialog box, then double-
click Control Panel.
2. The Accessibility Options application is used to configure the keyboard,
sound, and mouse options on a computer to accommodate users that are
physically challenged, including persons who have difficulty striking
multiple keys simultaneously on a keyboard, persons with hearing
disabilities, or persons who have difficulty holding or clicking a mouse.
3. Display
4. You must change the domain name of all other domain controllers
member servers, and Windows NT Workstation computers in that domain
to match the new domain name that you have assigned.
5. NWLink IPX/SPX Compatible Transport
6. AppleTalk Protocol
7. TCP/IP Protocol
8. The protocol and service used most often should be at the top of their
respective lists.
9. Here are the four steps to configure the Directory Replicator service:
; Create and configure a user account for the Directory Replicator
service by using User Manager for Domains. This account must be a
member of the Backup Operators group and the Replicator group.
This user account must also be granted the “Log on as a service” user
right, and must be configured so that its password never expires.
; Configure the startup type of the Directory Replicator service as
Automatic (by using the Services application). Configure the Directory
Replicator service to log on using the user account created in Step 1.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1034
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

; Configure replication by using the Server application. Remember that

the PDC should be configured to replicate to itself.
; Stop and restart the Directory Replicator service by using the
Services application.

10. At least as large as the amount of RAM in your computer

11. System
12. Make sure that all steps in a configuration process have been completed,
verify that all configuration options are set correctly, and ensure that
hardware devices do not have conflicting interrupt, I/O port address, or
DMA addresses.
13. True

Answers to Review Activity

Control Panel application matching exercise
The correct answers are:

1. B
2. F
3. J
4. I
5. N
6. N
7. N
8. V
9. U
10. X
11. X
12. X

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1035
 Resources

Chapter 5: Server-Based Deployment

Answers to Instant Assessment

1. Server-based deployment involves automating the installation and setup of
Windows NT and/or other operating systems (Windows 95 and Windows for
Workgroups) and applications on multiple computers on a network.
2. To save time
3. First, original equipment manufacturers (OEMs) use server-based
deployment to install and configure large numbers of computers at the
factory. Second, organizations that install a new network or add several
new computers to their existing network use server-based deployment to
efficiently perform these tasks.
4. The Clients folder
5. You must create a subfolder in the Clients folder named Winnt. Then you
must create a subfolder in the Clients\Winnt folder named Netsetup.
6. You must create a subfolder in the Clients folder named Winnt.srv.
Then you must create a subfolder in the Clients\Winnt.srv folder
named Netsetup.
7. An installation disk set
8. A network installation startup disk
9. An answer file is a text file that contains stylized responses to the queries
posed by the Windows NT Setup program during installation.
10. By using Windows NT Setup Manager (Setupmgr.exe)
11. The /U switch
12. Setup Manager is located on the Windows NT Server
(or Windows NT Workstation) compact disc. You can find it in the
\Support\Deptools\i386 folder (on Intel-based computers).

13. Replace
14. You need a different answer file for each hardware configuration, so you
need as many answer files as you have different hardware configurations.
15. The $OEM$ subfolder

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1036
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

16. The answer file

17. When run with the /snap switch, Sysdiff.exe takes a snapshot of a
typical target computer’s current configuration after Windows NT is
installed but before any applications are installed.
When run with the /diff switch after the desired application is installed,
Sysdiff.exe creates a difference file that contains all of the application
files and registry changes.
When run with the /apply switch from the Cmdlines.txt file,
Sysdiff.exe applies the difference file during an unattended Windows
NT installation.

Chapter 6: Managing Printing

Answers to Instant Assessment

1. A printer is the software interface between Windows NT and the device that
produces the printed output.
2. A print (or printing) device is the physical hardware device that produces
the printed output.
3. The spooler
4. Create, connect to
5. Print monitors
6. The TCP/IP print monitor
7. NWLink IPX/SPX Compatible Transport, plus: Client Service for NetWare
(on a Windows NT Workstation computer) or Gateway Service for NetWare
(on a Windows NT Server computer)
8. Hpmon
9. A job-based connection enables all computers on the network to access an
HP JetDirect adapter for printing, because the connection to the HP
JetDirect adapter is dropped after each print job.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1037
 Resources

10. A continuous connection does not permit any other computer on the
network to access an HP JetDirect adapter for printing, because the
Hpmon print monitor monopolizes the HP JetDirect adapter when a
continuous connection is used.
11. Hpmon
12. You can specify that a different folder on another partition (that has more
free space) be used as your spool folder.
13. No Access
14. No Access, Print, Manage Documents, Full Control
15. You must select the Success and/or Failure check boxes for File and Object
Access.
16. By creating a printer
By taking ownership of a printer
17. A printer pool
18. The purpose of sharing a printer is to enable users of other computers on
the network to connect to and send print jobs to that printer.
19. The advantage is that the network administrator is spared the
time-consuming task of manually installing printer drivers on every
computer on the network.
20. True
21. True
22. True

Answers to Review Activity

Windows NT printing troubleshooting exercise

Problem 1 To reprint the entire print job:

1. Immediately double-click the printer in the Printers folder.

2. When the printer’s dialog box appears, select Document ➾ Pause.
3. Make sure that the correct paper is in the paper tray.
4. Select Document ➾ Restart to reprint the entire print job.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1038
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Problem 2 The most likely cause of this problem is that the success and failure
options for auditing file and object access have not been configured in User
Manager for Domains or User Manager. Auditing of printers requires that auditing
of file and object access be configured.
To solve the problem, configure these options in User Manager for Domains
or User Manager. Print events should begin to appear in the security log in Event
Viewer.

Problem 3 The most likely cause of this problem is that the partition that con-
tains the printer’s spool folder doesn’t have enough free space.
To solve the problem, you can delete some files from this partition, or move
the spool folder to a different partition that has more free space.

Chapter 7: Managing User and

Group Accounts

Answers to Instant Assessment

1. Administrator and Guest
2. User Manager (on a Windows NT Workstation computer) or User Manager
for Domains (on a Windows NT Server computer)
3. Use the first seven letters of the user’s first name, plus the first letter of the
user’s last name.
Use the first letter of the user’s first name, plus the first seven letters of the
user’s last name.
4. You can delete user-created groups, but you can’t delete built-in or special
groups.
5. Groups, Profile, Hours, Logon To, Account, and Dialin
6. %USERNAME%

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1039
 Resources

7. Create a user account to be used as a template.

8. The primary purpose of local groups is to control access to resources.
The primary purpose of global groups is to organize users that perform
similar tasks or have similar network access requirements.
9. Local groups can be created on any Windows NT computer.
A global group can only be created on a domain controller.
10. First, create a local group and assign the local group permission to the
shared folder. Then, make individual user accounts and/or global groups
members of the local group that you created. The result is that all
members of the local group will have permission to the shared folder.
11. The built-in local groups on domain controllers are: Administrators,
Backup Operators, Guests, Replicator, Users, Account Operators, Printer
Operators, and Server Operators.
The built-in global groups on domain controllers are: Domain Admins,
Domain Users, and Domain Guests.
12. The built-in local groups on non-domain controllers are: Administrators,
Backup Operators, Guests, Replicator, Users, and Power Users.
13. The five special groups are: Everyone, Interactive, Network, System, and
Creator Owner.
14. It’s important to limit the permissions assigned to the Everyone group,
especially if your computer is connected to the Internet, because everyone
includes all users accessing your computer by using authorized user
accounts, as well as unauthorized users who accidentally or intentionally
breach your system security — this even includes individuals who access
your computer via the Internet.
15. No groups can be renamed.
16. False

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1040
 Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

C h a p t e r 8 : M a n a g i n g A c c o u n t P o l i c y,
User Rights, and Auditing

Answers to Instant Assessment

1. The Password Restrictions section, and the Account lockout section
2. Select Start ➾ Programs ➾ Administrative Tools (Common) ➾ User Manager
(or User Manager for Domains).
Then, in the User Manager dialog box, select Policies ➾ Account.
3. Expires in 42 Days
4. The Minimum Password Age configuration determines the minimum
number of days a user must keep the same password.
5. The possible settings are from one to fourteen characters.
The author’s recommended setting is a minimum of eight characters.
6. The Password Uniqueness configuration specifies how many different
passwords a user must use before an old password can be reused.
7. The Account lockout section of the Account Policy dialog box specifies how
Windows NT treats user accounts after several successive unsuccessful
logon attempts have occurred.
8. The Administrators local group
9. User rights allow users to perform certain tasks; whereas permissions allow
users to access objects, such as files, folders, and printers.
10. Auditing produces a log of specified events and activities that occur on a
Windows NT computer.
11. Event Viewer
12. You must also configure file, folder, or printer auditing (which is set in
Windows NT Explorer or in a printer’s Properties dialog box.)
13. Logon and Logoff; File and Object Access; Use of User Rights, User and
Group Management; Security Policy Changes; Restart, Shutdown, and
System; and Process Tracking
14. False
15. True

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1041
 Resources

Chapter 9: Managing User

Profiles and System Policy

Answers to Instant Assessment

1. In Windows NT, a user profile is a collection of settings and options that
specify a user’s desktop environment and all other user-definable settings
for a user’s work environment.
2. A user profile is normally stored in a subfolder of the <winntroot>\
Profiles folder.
3. The subfolders contained in a user profile folder include: Application
Data, Desktop, Favorites, NetHood, Personal, PrintHood, Recent,
SendTo, Start Menu, and Templates. The files contained in a user
profile folder include Ntuser.dat and ntuser.dat.LOG.
4. The System application in Control Panel
5. Windows NT Explorer
6. Create a domain-wide Default User profile folder on the Netlogon
share on the PDC.
7. A roaming user profile is a user profile that is stored on a server, and is
available to a user regardless of which Windows NT computer on the
network the user logs onto. Roaming profiles enable users to retain their
own customized desktop and work environment settings even though they
may use different Windows NT computers.
8. A logon script is a batch file or executable file that runs during a user’s
logon process.
9. A mandatory user profile is a user profile that, when assigned to a user,
cannot be changed by the user.
10. When “problem users” require a significant amount of administrator time
When an administrator has a large number of users with similar job tasks
to administer
11. The Ntuser.dat file must be renamed as Ntuser.man.
12. The System application in Control Panel

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1042
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

13. The Windows NT system policy file is an Administrator-created collection

of user, group, and computer policies that restrict the user’s ability to
perform certain tasks on any Windows NT computer that the user logs
on to. System policy can also be used to enforce certain mandatory
display settings.
14. System Policy Editor
15. In the Netlogon share on each domain controller
16. Individual user policies and the Default User policy
17. The last group policy applied (which is the group policy of the group that
has the highest priority)
18. SusanH’s individual user policy
19. Individual computer policies and the Default Computer policy
20. The Default Computer policy
21. False

Chapter 10: Managing Windows NT

Directory Services

Answers to Instant Assessment

1. Windows NT Directory Services is a Microsoft catchall phrase that refers to
the architecture, features, functionality, and benefits of Windows NT
domains and trust relationships.
2. The primary benefits of Windows NT Directory Services are:
A single user account logon and password are used to gain access to all
shared resources on the network; and,
User and group accounts, as well as shared network resources, can be
managed from a central location.
3. The trusting domain is the domain that contains the shared resources, and
the trusted domain is the domain that contains the user accounts.
4. A one-way trust

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1043
 Resources

5. A two-way trust
6. User Manager for Domains
7. Trust relationships are non-transitive — which means that they apply only
to the domains they are established between.
8. In the logon process, a user enters a user name, password, and domain
name in the Logon Information dialog box. The local NetLogon Service
determines whether the user account is located in the local computer’s
Security Accounts Manager (SAM) database. If the user account is found to
be valid by the local SAM, the NetLogon Service retrieves the user
account’s security identifier (SID), and the SIDs for each group that the
user is a member of. The NetLogon Service combines the user and group
SIDs to create an access token, and then completes the logon process for
the user.
9. Pass-through authentication
10. During the logon process, a user enters a user name, password, and
domain name in the Logon Information dialog box. The local NetLogon
Service determines whether the user account is located in the local
computer’s Security Accounts Manager (SAM) database. When a user
account can’t be validated on the local computer (as is the case in this
situation, where a user account from the domain is used), the NetLogon
Service on the local computer forwards (passes-through) the logon request
to the NetLogon Service on a Windows NT Server domain controller for
validation. The domain controller validates the user account and passes the
appropriate SIDs back to the local NetLogon Service to complete the logon
process.
11. Synchronization
12. Factors to consider when planning a Directory Services architecture
include: the number and location of users; the number, types and location
of computers and shared resources; whether centralized or decentralized
network management is desired; and the needs of various departments
within the organization.
13. Multiple master domain model
14. Single master domain model
15. Single domain model

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1044
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

16. Complete trust domain model

17. Probably the single domain model
18. Probably the multiple master domain model (neither the single domain
model nor the single master domain model will accommodate more than
40,000 user accounts)
19. Groups are commonly used in the following way in a multiple domain
environment:
; First, user accounts are placed into a global group in the trusted
domain;
; Next, this global group, which can cross trust relationships to other
domains, is made a member of a local group in the trusting domain;
; Finally, the local group in the trusting domain is assigned
permissions to a shared resource, so that all of its members can
access the shared resource.
20. True

Answers to Review Activity

Planning network administration in a multiple
master domain environment exercise
Note: The two new global groups can have any names you want to assign.
New global group in PHOENIXMASTERA domain: PhoenixAdminA
New global group in PHOENIXMASTERB domain: PhoenixAdminB

Built-in local group in each domain in which you will place the two new
global groups:
Administrators — (This allows members of the PhoenixAdminA and
PhoenixAdminB global groups to fully administer users, groups, and shared
resources on the domain controllers in all six domains.)

Built-in local group on every member server in all six domains in which you
will place the two new global groups:
Administrators — (This allows members of the PhoenixAdminA and
PhoenixAdminB global groups to fully administer users, groups, and shared
resources on the member servers in all six domains.)

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1045
 Resources

Built-in local group on every Windows NT Workstation computer in all six

domains in which you will place the two new global groups:
Administrators — (This allows members of the PhoenixAdminA and
PhoenixAdminB global groups to fully administer users, groups, and shared
resources on the Windows NT Workstation computers in all six domains.)

Answers to Lab
Lab 10.16: Planning a Directory Services architecture
Note: The answers to these exercises are suggested solutions only. There are often
many ways to design a Directory Services architecture for a given situation. What
is important is that you understand the Directory Services architecture models
and trust relationships.

Exercise 1

1. Given the scenario, the most appropriate Directory Services architecture is

the single master domain model. Using a single master domain model
enables the MIS department in New York City to manage all user accounts
for all locations, and also enables the local network managers total control
over local network resources. Network managers at one location will not be
able to manage resources from other locations.
A single domain model could be used. However, the drawback to using the
single domain model in this situation is that network managers at each
location would be able to manage resources from all other locations, as well.
2. To create the single master domain model for this situation, I would create
five domains named NYC, PARIS, LONDON, SEATTLE, and MEXICO_CITY.
NYC would be the master domain, and would contain all user accounts for
all locations.
I would then create the following one-way trust relationships:
SEATTLE trusts NYC
MEXICO_CITY trusts NYC
LONDON trusts NYC
PARIS trusts NYC
Figure A-2 is a diagram that depicts the trust relationships recommended
for this single master domain model:

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1046
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

NYC

SEATTLE MEXICO_CITY LONDON PARIS

FIGURE D-2 Recommended trust relationships for Worldwide

Promotions, Inc.

Exercise 2

1. Given the scenario, the most appropriate Directory Services architecture is

the multiple master domain model. This model is the only practical model
that will accommodate 46,000 users. Using a multiple master domain
model enables the Data Processing and Computer Services department in
Toronto to manage all user accounts for all locations, and also enables the
local network managers total control over local network resources.
A complete trust domain model could be used. However, the drawback to
using the complete trust domain model in this situation is that the
number of trust relationships needed is excessive and cumbersome.
2. To create the multiple master domain model for this situation, I would
create ten domains named TORONTO, LA, TOKYO, RIO, MIAMI, BOMBAY,
JOHANNESBURG, SYDNEY, HK, and BANGKOK.
TORONTO, LA, and TOKYO will be the master domains. The TORONTO
domain will contain user accounts for TORONTO, BOMBAY, and
JOHANNESBURG. The LA domain will contain user accounts for LA,
SYDNEY, RIO, and MIAMI. The TOKYO domain will contain user accounts
for TOKYO, BANGKOK, and HK.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1047
 Resources

Because Import International, Ltd. will be using the multiple master

domain model, user accounts contained in the TORONTO, LA, and TOKYO
domains (for example, user accounts for all users in the company) can all
be maintained by personnel in the TORONTO office.
I would then create the following trust relationships:
Two-way trusts between:
TOKYO <--> LA
TOKYO <--> TORONTO
TORONTO <--> LA
One-way trusts:
BANGKOK trusts TOKYO, LA, and TORONTO
HK trusts TOKYO, LA, and TORONTO
SYDNEY trusts TOKYO, LA, and TORONTO
MIAMI trusts TOKYO, LA, and TORONTO
RIO trusts TOKYO, LA, and TORONTO
JOHANNESBURG trusts TOKYO, LA, and TORONTO
BOMBAY trusts TOKYO, LA, and TORONTO

Figure D-3 is a diagram that depicts the trust relationships recommended

for this multiple master domain model:

LA

TOKYO TORONTO

BANGKOK HK SYDNEY MIAMI RIO JOHAN- BOMBAY

NESBURG

FIGURE D-3 Recommended trust relationships for Import International, Ltd.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1048
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Chapter 11: Optimizing Windows NT

Server Directory Services

Answers to Instant Assessment

1. 40MB (40,000KB)
2. Each user account requires 1,024 bytes (1KB).
Each computer account requires 512 bytes (.5KB).
Each local group account requires 512 bytes (.5KB) for the group, plus
36 bytes for each member of the group.
Each global group account requires 512 bytes (.5KB) for the group, plus
12 bytes for each member of the group.
3. Size of Directory Services database, in KB, = Number of user accounts +
(.5 × number of computer accounts) + (3 × total number of groups)
4. Number of user accounts 21,000
.5 × number of computer accounts 12,000
3 × total number of groups 1,200
Total size of Directory Services database: 34,200KB
5. 20MB (20,000KB)
6. 40MB (40,000KB)
7. 1 PDC and 1 BDC
8. 2,000
9. The key point in optimizing BDC placement is the location of users that
require logon validation, especially when you want to eliminate logon
traffic across a WAN link.
10. 64KB
11. Approximately 2,000
12. The change log is stored in the Windows NT Registry in:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
\Netlogon\Parameters\ChangeLogSize
13. Registry Editor

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1049
 Resources

14. The ReplicationGovernor is stored in the Windows NT Registry in:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
\Netlogon\Parameters\ReplicationGovernor
15. Stop and restart the NetLogon service
16. 100
17. The ReplicationGovernor controls the size of the synchronization buffer
and how frequently the BDC requests Directory Services database updates
from the PDC.
18. The ReplicationGovernor is configured individually on each BDC, not on
the PDC.

Answers to Lab
Lab 11.17: Optimizing WAN link performance
by the appropriate placement of BDCs

CORRECT NUMBER OF BDCS, BY LOCATION

LOCATION # OF BDCS

Denver 3
Las Vegas 2
Salt Lake City 2
Albuquerque 1

Remember, the goal of this lab is to optimize the WAN for efficient local user
logon and authentication. To do this, you must eliminate logon and authentica-
tion traffic from the WAN links. The numbers of BDCs in the answer are based on
the fact that each BDC can accommodate up to 2,000 users.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1050
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Chapter 12: Sharing and

Securing File Systems

Answers to Instant Assessment

1. Read-only
2. Compress
3. The purpose of sharing folders is to make it possible for users to access
network resources.
4. No Access, Read, Change, and Full Control
5. No Access
6. Full Control
7. No Access
8. The Windows NT administrative shares are the hidden shares that Windows
NT automatically creates every time you start NT on a computer. Only
members of the Administrators group have permission to access these
shares. The administrative shares are: C$, D$, E$, and so on (one share for
the root of each hard disk partition on the computer), and Admin$ (which
corresponds to the folder that NT is installed in).
9. Any share can be configured as a hidden share by appending a $ to the
share name.
10. NTFS permissions provide a greater level of security than share
permissions because:
NTFS permissions can be assigned to individual files and folders, and
NTFS permissions apply to local users as well as to users who connect to a
shared folder over-the-network.
11. The NTFS permissions are: Read (R), Write (W), Execute (E), Delete (D),
Change Permissions (P), and Take Ownership (O).
12. The standard NTFS directory (folder) permissions are: No Access (None)
(None), List (RX) (Not Specified), Read (RX) (RX), Add (WX) (Not
Specified), Add and Read (RWX) (RX), Change (RWXD) (RWXD), and Full
Control (All) (All).

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1051
 Resources

13. The standard NTFS file permissions are No Access (None), Read (RX),
Change (RWXD), and Full Control (All).
14. File permissions
15. The new file inherits the NTFS permissions of the folder that contains the
new file.
16. Destination
17. The file retains its original NTFS permissions.
18. The most restrictive permission
19. The user who created it (except that when a member of the Administrators
group creates a file or folder, the Administrators group, not the user, is the
owner of the file or folder)
20. A user might want to take ownership of a file or folder if the user wanted to
assign or change permissions on the file or folder, but wasn’t the owner of
the file or folder and didn’t have the Change Permissions NTFS permission
(or the Full Control permission, which includes the Change Permissions
NTFS permission) to the file or folder.
21. First, the audit policy is configured in User Manager or User Manager for
Domains. Then, auditing is configured for each file and folder individually
by using Windows NT Explorer.
22. You must select success and/or failure auditing of File and Object access in
order to audit files and folders.
23. Event Viewer
24. Most resource access problems are caused by incorrectly configured and/or
conflicting permissions.
25. False
26. True
27. False
28. True
29. False

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1052
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Answers to Labs
Lab 12.18: Sharing and securing resources
Suggested answer:

Resource Share Name Share Permissions NTFS Permissions

Applied Applied
User/Group Permission User/Group Permission

C:\Apps\Word Word Domain Read N/A N/A

Users

C:\Apps\Excel Excel Domain Read N/A N/A

Users

C:\Apps\Access Access Domain Read N/A N/A

Users

D:\Data\ ManagersData Domain Full Managers Change

Managers Users Control
Admin- Full
istrators Control

D:\Data\ AccountingData Domain Full Accounting Change

Accounting Users Control
Admin- Full
istrators Control

D:\Data\Sales SalesData Domain Full Sales Change

Users Control
Admin- Full
istrators Control

D:\Data\ AllUsersData Domain Full Domain Change

All Users Users Control Users
Admin- Full
istrators Control

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1053
Resources

Lab 12.20: Troubleshooting resource

access and permission problems
The following are the causes and suggested solutions to resolve the given problems.

Problem 1 The cause of the problem is that the Everyone group is assigned the
Read permission for the AccountingData share. When share permissions com-
bine with NTFS permissions, the most restrictive permission applies. Even though
NancyY is a member of the Accounting group and the Accounting group has the
NTFS Change permission, NancyY’s effective permission is limited to the Read
permission because of the share permission.
To resolve the problem, assign the Everyone group the Full Control share
permission for the AccountingData share. Access to this share will then be con-
trolled by NTFS permissions.

Problem 2 The cause of the problem is that JohnS is a member of the Sales group,
which has been assigned the No Access NTFS permission for the
D:\Data\Managers folder. Even though JohnS is appropriately a member of the
Managers group, which has been assigned the NTFS Change permission for the
D:\Data\Managers folder, when the NTFS No Access permission is assigned to any
group the user is a member of, the user’s effective permission is always No Access.
To resolve the problem, remove the Sales group from the Name list box in
the Directory Permissions dialog box.

Chapter 13: Accessing Resources

on the Network

Answers to Instant Assessment

1. The Computer Browser service
2. A browse list
3. Domain master browser, master browser, backup browser, potential
browser, and non-browser
4. The PDC

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1054
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

5. One
6. Computers can be non-browsers either because they are configured to not
function as a browser, or because their network software does not provide
them with the capability to maintain a browse list.
7. How a browse list is built and maintained:
; When a master browser first comes online, its browse list is empty. To
build its browse list initially, the master browser sends a broadcast to
all computers on the subnet requesting that all network servers
announce their presence. (Remember for the purpose of discussing
browsing in this chapter, network servers include all computers that
either have shared resources, or are capable of sharing their
resources.)
; All available network servers respond to this request by announcing
their presence, within thirty seconds. The master browser
incorporates this information into its initial browse list. The master
browser then distributes this browse list to the domain master
browser and to the backup browsers.
; After initial creation of the browse list, when a Windows computer
that functions as a network server is first booted, it broadcasts its
presence to the network. The master browser receives this
announcement and places the information in its browse list.
; During normal operations, a Windows computer that functions as a
network server continues to announce its presence to the network
every twelve minutes. If the master browser does not receive a
broadcast from a network server after three consecutive twelve-
minute time periods, it removes the computer from its browse list.
; (This is how the master browser maintains its browse list — it
assumes that all network servers in its initial browse list are available
until it fails to receive a broadcast announcement from a computer
for three consecutive twelve-minute periods, at which time it updates
its browse list by removing this computer from its list. Therefore, it is
possible for a network server to remain on the browse list for some
time after it is no longer available to network users.)
; During normal operations, backup browsers request an updated
browse list from the master browser every twelve minutes. If the

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1055
 Resources

master browser does not respond to an update request from the

backup browser, the backup browser initiates the master browser
election process (covered in more detail in the next section of this
chapter).
; During normal operations, the master browser sends an updated
browse list to the domain master browser every twelve minutes. The
domain master browser, in response, sends an updated domain
browse list to the master browser. Additionally, every fifteen minutes,
the master browser announces its presence to master browsers of
other workgroups and domains located on the same subnet.
8. When a user browses the network:
; When a user of a Windows NT computer attempts to access browse
information by double-clicking Network Neighborhood or by
selecting Tools ➾ Map Network Drive in Windows NT Explorer, the
user’s computer contacts the master browser and retrieves a list of
available backup browsers.
; (This step occurs only the first time a user accesses browse
information — the Computer Browser service on the local computer
then retains the list of available backup browsers until the computer
is rebooted or until the backup browsers on the list are no longer
available.)
; The user’s computer then contacts a backup browser to request a list
of available network servers. The backup browser processes this
request and returns a list of available network servers in the
requesting computer’s workgroup or domain, plus a list of available
workgroups and domains. The user’s computer then displays this
information to the user.
; If the user selects an available network server, the user’s computer
contacts the selected server and requests a list of shared network
resources. The selected server then sends a list of shared resources to
the requesting computer, which is then displayed for the user.
; If the user selects an available workgroup or domain, the user’s
computer contacts the master browser in the selected workgroup or
domain and requests a browse list. The master browser sends a list of

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1056
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

backup browsers for the workgroup or domain to the requesting

computer. Then the user’s computer contacts a backup browser in the
selected workgroup or domain for a list of available network servers,
which is then returned by the backup browser to the requesting
computer and displayed for the user. The user then selects an
available network server, and the user’s computer contacts the
selected server and requests a list of shared network resources. The
selected server then sends a list of shared resources to the requesting
computer, which is displayed for the user.
; The user selects the specific shared resource he or she wants to
access from the list that is displayed.
9. Because the master browser does not remove a network server from its
browse list until after it has failed to receive a broadcast announcement
from the network server for three consecutive twelve-minute periods, it is
possible for a network server to remain on the browse list for some time
after it is no longer available to network users. This could result in a
situation where a user sees a resource on a browse list that is no longer
available.
10. The master browser
11. The computer’s election criteria value
12. The MaintainServerList entry, which is located in \HKEY_LOCAL_MACHINE\
SYSTEM\CurrentControlSet\Services\Browser\Parameters
13. The IsDomainMaster entry, which is located in \HKEY_LOCAL_MACHINE\
SYSTEM\CurrentControlSet\Services\Browser\Parameters
14. NetBIOS broadcasts
15. LMHOSTS files or a WINS server
16. \\Server_name\Share_name\Subfolder_name\File_name
17. Server_name.Domain_name.Root_domain_name
18. You can replace the Server_name in a UNC with an FQDN (if your
network uses TCP/IP and DNS servers).
19. True

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1057
 Resources

Chapter 14: Using Windows NT

Server Tools

Answers to Instant Assessment

1. The primary purpose of Windows NT Server tools is to enable a user at a
client computer to manage an NT Server computer remotely on the
network.
2. The Windows NT Server tools that can be installed on a Windows 95 client
computer are: User Manager for Domains, Server Manager, Event Viewer,
and security extensions for Windows Explorer to manage file and printer
security on a remote Windows NT Server.
3. The Windows NT Server tools that can be installed on a Windows NT
Workstation computer are: User Manager for Domains, Server Manager,
System Policy Editor, Remote Access Admin, DHCP Administrator, WINS
Manager, and Remoteboot Manager.
4. The minimum RAM required to install and run NT Server tools on a
Windows 95 computer is 8MB.
The minimum RAM required to install and run NT Server tools on a
Windows NT Workstation computer is 12MB.
5. Server Manager
6. Server Manager
7. User Manager for Domains
8. Server Manager
9. Windows Explorer — use the added Security tabs on the file, folder, and
printer Properties dialog boxes

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1058
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Chapter 15: Backing Up and

R e s t o r i n g D a ta

Answers to Instant Assessment

1. Windows NT Backup
2. The archive attribute is a marker that the operating system automatically
assigns to all files and folders when they are first installed or created.
Depending on the backup type, backup programs remove the archive
attribute from a file or folder to indicate that the file or folder has been
backed up. If a file or folder is modified after it has been backed up, the
operating system reassigns the archive attribute to it.
3. There are five standard types of backups:
Normal (full): backs up all selected files and folders, and removes the
archive attribute from the backed up files and folders.
Differential: backs up all selected files and folders that have changed
since the last normal backup, and does not remove the archive
attribute from files or folders. A differential backup is a cumulative
backup, and because of this fact, takes more time to perform than an
incremental backup, but less time to perform than a normal backup.
Incremental: backs up all selected files and folders that have changed
since the last normal or incremental backup, and removes the archive
attribute from the backed up files and folders. An incremental backup
is not cumulative, and because of this fact, takes less time to perform
than a differential backup.
Copy: backs up all selected files and folders, and does not remove the
archive attribute. This backup type can be used without interrupting
the normal backup schedule.
Daily: backs up all selected files and folders that have changed during
the day the tape backup is made, and does not remove the archive
attribute.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1059
 Resources

4. When selecting a tape drive device, you should consider both of the
following:
Be sure to select a tape drive that is on the Hardware Compatibility
List, and,
If possible, select a tape drive that has the capacity to back up your
entire server on a single tape.
5. Perform a trial restore
6. A
7. B
8. Selecting the verify option approximately doubles the time it takes to
perform a backup.
9. The Schedule service
10. Store a current normal (full) backup off-site — preferably at a location that
is secure and that has a controlled-climate environment.

Chapter 16: Networking Using TCP/I P

Answers to Instant Assessment

1. Transmission Control Protocol/Internet Protocol
2. TCP/IP
3. An IP address is a 32-bit binary number, broken into four 8-bit octets, that
uniquely identifies a computer or other network device on a network that
uses TCP/IP. An IP address is normally represented in a dotted decimal
format, with each octet being represented by a whole number between zero
and 255. An IP address contains two important identifiers: a network ID
and a host ID.
4. If subnet masks are incorrectly configured, network communications
problems due to routing errors may occur. For example, TCP/IP may
incorrectly determine that a computer on the local subnet is located on a
remote subnet, and attempt to route a packet to the remote subnet. In this

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1060
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

instance, the computer on the local subnet would never receive the packet
intended for it.
5. If a computer’s default gateway address does not specify a router on the
local subnet, then that computer will not be able to communicate with
computers or other network devices located on other network segments.
6. You can assign an IP address to a Windows NT computer in one of two
ways: by configuring a computer to obtain an IP address from a DHCP
server, or by manually specifying a computer’s IP address configuration.
7. IP routing is a function of the Internet Protocol (IP) that uses IP address
information to send data packets from a source computer on one network
segment across one or more routers to a destination computer on another
network segment.
8. Static and dynamic
9. RIP for Internet Protocol
10. The DHCP Relay Agent is a Windows NT Server service that forwards client
DHCP configuration requests to a DHCP server on another network
segment. The DHCP Relay Agent enables computers on one subnet to
receive IP addresses from a DHCP server that is located on a different
subnet.
11. Windows Internet Name Service (WINS) is a Windows NT Server service
that provides NetBIOS name resolution services to client computers.
12. Microsoft DNS Server provides host name resolution services to client
computers.
13. Steps you can take to increase security include:
When configuring password authentication, you can clear the check
box next to Basic (Clear Text) and select the check box next to
Windows NT Challenge/Response to prevent user names and
passwords from being transmitted in an unencrypted format over the
Internet.
You can control access by IP address.
You can ensure that directory browsing is not selected.
You can require that users supply user names and passwords by not
enabling anonymous users to access the WWW service.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1061
 Resources

14. You must assign and configure an additional IP address to the network
adapter in your computer.
15. Internet Information Server and Peer Web Services
16. A router, a DSU/CSU, a network adapter, and a fractional T1 leased line
17. An ISDN adapter card with either an internal or external network
terminating unit (NT1) and an ISDN line
18. A virtual server is a pseudo WWW server that has its own unique domain
name and IP address. To the Internet user accessing the virtual server, a
virtual server appears to be a separate server; but in reality, a virtual server
is not a separate server, but more like an extra shared folder on an Internet
Information Server. A single Internet Information Server can be configured
to accommodate multiple virtual servers.
19. IP address, subnet mask, and default gateway
20. ping.exe
21. ping.exe
22. Ipconfig.exe
23. True
24. False
25. True
26. True
27. False
28. True
29. False

Answers to Lab
Lab 16.28: Identifying and resolving TCP/IP connectivity problems

Situation 1 The problem in this situation is that Client_2 has an incorrect

default gateway. (It is incorrect because it specifies Server_1’s IP address.) If left in
its current configuration, users of Client_2 won’t be able to access the Internet.
To resolve the problem, Client_2’s default gateway should be changed to
match the router’s IP address: 172.31.151.1

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1062
 Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Situation 2 The problem in this situation is that Client_A has the same IP
address as Client_C. Duplicate IP addresses are not permitted.
To resolve the problem, either Client_A’s or Client_C’s IP address should be
changed so that it is a unique IP address.

C h a p t e r 17 : C o e x i s t e n c e
With NetWare

Answers to Instant Assessment

1. NWLink IPX/SPX Compatible Transport
2. Frame types (also called frame formats) are accepted, standardized
structures for transmitting data packets over a network.
3. Frame type mismatching
4. A network number is a 32-bit binary number that uniquely identifies an
NWLink IPX/SPX Compatible Transport network segment for routing
purposes. Network numbers are commonly presented in an 8-digit
hexadecimal format.
5. Network numbers and internal network numbers
6. RIP for NWLink IPX/SPX Compatible Transport
7. It converts Server Message Blocks (SMBs) into NetWare Core Protocol
(NCP) requests that are recognized by the NetWare server.
8. The SAP Agent is a Windows NT service that advertises a Windows NT
computer’s services (such as SQL Server and SNA Server) to NetWare
client computers.
9. Client Service for NetWare (CSNW)
10. The correct answer consists of any two of the following common
configuration errors that cause NetWare connectivity problems:
; the NTGATEWAY group does not have the necessary permissions to
access the resource
; the gateway is not enabled

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1063
 Resources

; frame type mismatch and/or network number mismatch

; the gateway user account is not a member of the NTGATEWAY group
11. Directory Services Manager for NetWare (DSMN)
12. Add Form Feed, Notify When Printed, and Print Banner
13. Gateway Service for NetWare (GSNW)
14. File and Print Services for NetWare (FPNW)
15. NTGATEWAY
16. \\server_name\share_name
17. \\tree_name\volume_name.organizational_unit.
organization_name\folder_name
18. True
19. True
20. False
21. True

Chapter 18: Migrating to

Windows NT from NetWare

Answers to Instant Assessment

1. The migration process involves several steps:
; Starting and configuring the Migration Tool for NetWare
; Selecting the source NetWare server and destination Windows NT
Server computer
; Configuring how user and group accounts will be migrated
; Configuring how files and folders will be migrated
; Performing a trial migration to test your configurations
; Performing an actual migration

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1064
 Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

; Configuring NetWare client computers to access the Windows NT

Server computer
2. NWLink IPX/SPX Compatible Transport and Gateway Service for NetWare
3. The user who performs the migration must have Administrator privileges
on the Windows NT Server computer, and must also have Supervisor
privileges on the NetWare server(s).
4. An NTFS partition
5. User and group accounts and their properties, and files and folders and
their permissions
6. User account passwords, print servers and print queues and their
configurations, workgroup managers and user account managers,
application defined bindery objects, and login scripts
7. A mapping file
8. Perform a trial migration
9. Migration Tool for NetWare
10. A Microsoft redirector (Microsoft client software) must be installed on each
NetWare client computer to enable it to access resources on the Windows
NT Server computer.

C h a p t e r 1 9 : I n s ta l l i n g a n d
Configuring Remote Access
Service (RAS)

Answers to Instant Assessment

1. RAS, or the RAS server
2. Dial-Up Networking
3. 256
4. 250

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1065
 Resources

5. Standard analog telephone line and modem, ISDN, X.25, and Point to Point
Tunneling Protocol (PPTP)
6. Serial Line Internet Protocol (SLIP), Point-to-Point Protocol (PPP), Point-
to-Point Multilink Protocol, and Point-to-Point Tunneling Protocol (PPTP)
7. SLIP
8. PPP
9. Point-to-Point Multilink Protocol is an extension of PPP. Point-to-Point
Multilink Protocol combines the bandwidth from multiple physical
connections into a single logical connection. This means that multiple
modem, ISDN, or X.25 connections can be bundled together to form a
single logical connection with a much higher bandwidth than a single
connection can support.
10. Point-to-Point Tunneling Protocol (PPTP) permits a virtual private
encrypted connection between two computers over an existing TCP/IP
network connection. The existing TCP/IP network connection can be over a
local area network or over a dial-up networking TCP/IP connection
(including the Internet).
All standard transport protocols are supported within the Point-to-Point
Tunneling Protocol connection, including NWLink IPX/SPX Compatible
Transport, NetBEUI, and TCP/IP.
A primary reason for choosing to use PPTP is that it supports the RAS
encryption feature over standard, unencrypted TCP/IP networks, such as
the Internet.
11. RAS supports the following transport protocols: NetBEUI, TCP/IP, and
NWLink IPX/SPX Compatible Transport.
12. The RAS NetBIOS gateway is a function of the RAS server. The RAS
NetBIOS gateway enables client computers that use NetBEUI to access
shared resources on other servers located on the RAS server’s local
network. These other servers can use TCP/IP, NWLink IPX/SPX Compatible
Transport, or NetBEUI. In a nutshell, the RAS NetBIOS gateway performs
protocol translation for the remote NetBEUI client computer so that it can
access shared resources on the RAS server’s local network.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1066
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

13. The NetBIOS name resolution methods supported by RAS include: NetBIOS
broadcasts, WINS servers, DNS servers, LMHOSTS files, and HOSTS files.
14. Remote users must be assigned the dialin permission before they can
establish a dial-up connection with a RAS server.
15. Phonebook entries
16. Any three of the following:
; Type of dial-up server used by the ISP (SLIP or PPP connection
protocol)
; Whether the ISP’s dial-up server supports software compression
; Whether you will specify an IP address when you connect to the ISP,
or the ISP’s dial-up server will assign you an IP address
; Whether the ISP will provide the IP address of a DNS server during
the connection process
; Whether the ISP’s dial-up server uses IP header compression (IP
header compression is also referred to as Van Jacobson header
compression or VJ header compression)
; Type of modem you will be connecting to at the ISP and
recommended settings that you should use for your modem
; The phone number you should use to connect to the ISP
17. RAS call back security is configured by using Remote Access Admin. (It can
also be configured by using User Manager or User Manager for Domains.)
Call back security is configured on an individual user basis. The Preset To
configuration option offers the highest level of call back security.

Answers to Review Activity

Troubleshooting common RAS problems

Problem 1 First, determine the type of modem to which the user is attempting
to connect; then reconfigure the user’s modem settings to the most compatible
option, or as recommended by the manager of the dial-up server the user is
attempting to connect to.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1067
 Resources

If the user is using an unsupported modem (i.e., one that is not on the
Hardware Compatibility List), verify that the settings in the user’s Modem.inf file
are appropriate for the modem.
Determine whether the user’s computer is configured for RAS software com-
pression — if it is, ensure that the modem is configured to not compress data.
If the user is still unable to connect, configure the modem to record a log file
of all attempted connections.

Problem 2 Because SLIP servers normally require clear text passwords, try
changing the authentication and encryption policy configuration on the Dial-Up
Networking client computer. Select the radio button next to “Accept any authenti-
cation including clear text” on the Security tab of the Edit Phonebook Entry dia-
log box (instead of the current configuration of “Accept only Microsoft-encrypted
authentication”).

Chapter 20: Macintosh Connectivity

Answers to Instant Assessment

1. Services for Macintosh allows:
; Macintosh client computers to connect to Macintosh-accessible
volumes on a Windows NT Server computer
; Macintosh client computers to access shared printers on a Windows
NT Server computer
; A Windows NT Server computer to connect to network-connected
print devices that support the AppleTalk protocol
; A Windows NT Server computer to function as an AppleTalk router
2. LocalTalk, Ethernet, Token Ring, and FDDI
3. ARCNET
4. AppleTalk
5. An NTFS volume

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1068
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

6. You can use either Server Manager or File Manager to create a Macintosh-
accessible volume.
7. In clear text
8. A User Authentication Module (UAM)
9. As an Apple LaserWriter
10. To connect a Windows NT Server computer (that has Services for
Macintosh installed on it) to an AppleTalk print device, create a printer that
specifies the AppleTalk print device as its print destination.
11. False

Chapter 21: Running Applications

on Windows NT

Answers to Instant Assessment

1. The NT Virtual DOS Machine (NTVDM)
2. In preemptive multitasking, the operating system allocates processor time
between applications. Because Windows NT, not the application, allocates
processor time between multiple applications, one application can be
preempted by the operating system, and another application allowed to
run. When multiple applications are alternately paused and then allocated
processor time, they appear to run simultaneously to the user.
3. A thread is the smallest unit of processing that can be scheduled by the
Windows NT Schedule service.
4. Autoexec.nt and Config.nt
5. By default, when multiple Win16 applications run at the same time on a
Windows NT computer, they all run in a single Win16 NTVDM.
6. You can configure the rogue Win16 application to run in its own separate
memory space.
7. The Start/separate command is one method you can use to run a
Win16 application in its own separate memory space.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1069
 Resources

8. The Win32 environment

9. This means that an application must be recompiled for each hardware
platform to be run on that platform.
10. At least 1 NTFS partition
11. 8
12. start/min/high notepad.exe
13. The System application in Control Panel
14. The four ways you can access Windows NT Task Manager are:
; By pressing Ctrl + Shift + Esc
; By pressing Ctrl + Alt + Delete, and then clicking the Task Manager
command button in the Windows NT Security dialog box.
; By right-clicking a blank space on the taskbar (on the Windows NT
desktop), and then selecting Task Manager from the menu that
appears.
; By selecting Start ➾ Run, and then typing taskmgr in the Run dialog
box.
15. OS/2 environment applications supported consist of 16-bit character-based
applications designed for OS/2 version 1. x. OS/2 2. x, 3. x, and Presentation
Manager applications are not supported by Windows NT.
16. True
17. True
18. False
19. False

Answers to Review Activity

Troubleshooting common application problems

Problem 1 Use Task Manager to end the application.

I recommend that you access Task Manager by using Ctrl + Alt + Delete in
this type of situation, because sometimes all other forms of input are unsuccessful
when an application has crashed.

Problem 2 Recompile the application to run on an Intel platform.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1070
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Chapter 22: Using Performance

Monitor

Answers to Instant Assessment

1. The Stop Log command button in the Log Options dialog box
2. Performance Monitor is used to:
; identify performance problems and/or bottlenecks,
; determine current usage of system resources,
; track performance trends over time,
; predict future usage of system resources (capacity planning), and
; determine how system configuration changes affect system
performance.
3. Objects
4. A counter
5. There is more than one instance of a Performance Monitor object when
there is more than one of that particular object (such as a physical disk or
a processor) in the system.
6. Memory — Pages/sec
7. Processor — % Processor Time
8. Network Segment — % Network utilization
9. Server — Bytes Total/sec
10. The SNMP Service
11. The Network Monitor Agent
12. diskperf-y
13. Chart, Alert, Report, and Log
14. Last, Average, Min, Max, and Graph Time
15. A threshold value that will cause Performance Monitor to generate an alert
if the specified counter exceeds or drops below this value (depending on
whether the Over or Under radio button is selected)
16. The Start Log command button in the Log Options dialog box

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1071
 Resources

17. The most recent measurement for each selected counter

18. Performance Monitor Log view is used to save statistics gathered by
Performance Monitor to a log file. The Performance Monitor log file can be
viewed at a later time in a Chart, Alert, or Report view.
19. True
20. False
21. False

Chapter 23: Using Network Monitor

Answers to Instant Assessment

1. Network Monitor
2. Promiscuous refers to a network adapter’s ability to receive packets that
are not addressed to that network adapter. A non-promiscuous network
adapter can only receive packets that are addressed to that network adapter.
A promiscuous network adapter can receive any packets transmitted on the
local network segment.
3. The Network Monitor Tools and Network Monitor Agent
4. You must remove the Network Monitor Agent.
5. Network Monitor requires a network adapter that uses an NDIS 4.0 driver.
6. Select Start ➾ Programs ➾ Administrative Tools (Common) ➾ Network
Monitor.
7. The Graph pane, the Total Stats pane, the Session Stats pane, and the
Station Stats pane
8. “Local capture only”
9. A capture
10. All packets addressed to or sent by the Windows NT Server computer that
is running Network Monitor
11. Configure a capture filter.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1072
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

12. You can configure a capture filter so that:

; Only packets that use certain protocols are (or are not) captured,
; Only packets to or from specified computers or network devices are
(or are not) captured,
; Only packets that contain specific byte patterns are captured,
; Or any combination of the above.
13. After a capture is performed
14. The Capture Window dialog box (the Network Monitor main dialog box)
and the Capture Summary dialog box
15. One way to determine the current utilization of a network segment is to
start a capture in Network Monitor, and then watch the % Network
Utilization bar graph in the Graph pane during the entire capture period.
This graph displays only the most recent second’s worth of network
activity, so you must view it during the entire capture period to get a feel
for overall network utilization. A high number on the graph (any number
consistently over 60%) may indicate that there are too many computers or
too much network traffic on the segment being analyzed.
Another way to determine the overall utilization of a network segment during
the entire capture period is to view the Network Statistics section in the Total
Stats pane after the capture is completed. You can derive a great deal of
information from the statistics displayed. For example, you can determine the
average number of bytes transmitted per second by dividing the number of
bytes shown by the number of seconds shown in the Time Elapsed statistic at
the top of the Total Stats pane. If the average number of bytes per second is
greater than fifty percent of the segment’s total capacity (an Ethernet 10BaseT
segment, for example, has a maximum capacity of 10 Mbps or 1,250,000 bytes
per second), this may indicate that there are too many computers or too
much network traffic on the segment being analyzed.
16. To sort a column, right-click the column header (for example, Frames
Sent). Select Sort Column from the menu that appears.
17. Configure a display filter that specifies that only packets that use IPX be
displayed.
18. False
19. True

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1073
 Resources

C h a p t e r 2 4 : C a pa c i t y P l a n n i n g

Answers to Instant Assessment

1. Capacity planning is the process of determining current usage of server
and/or network resources, as well as tracking utilization over time, to
predict future usage and the additional hardware that will be required to
meet the projected levels of utilization. Capacity planning can be
performed on a single computer, such as a network server; or it can be
performed on an entire network.
2. Establishing a baseline, gathering data over time, and using this data to
predict future utilization and future hardware requirements
3. You should consider gathering data at various times to obtain an overall
picture of utilization. For example, consider collecting data during
business hours, when network usage is at its peak and production is heavy.
Also consider collecting data during nonbusiness hours when network
utilization levels should be lower. You might also consider gathering data
over several days in a week, or perhaps over several days in a month to take
into account normal cyclical business highs and lows. Taking several
samples over a limited period of time normally provides the most accurate
initial picture of your server and/or network environment.
4. Comma-separated value files and tab-separated value files
5. You can run Performance Monitor individually on each server to be
monitored; or, you can run Performance Monitor on a single, centralized
Windows NT computer and simultaneously monitor several servers on the
network.
6. Network Monitor
7. Capacity planning overall network performance, and capacity planning for
a specific type of network traffic
8. Memory, processor, disk, and network
9. Memory Pages/sec
10. Processor % Processor Time

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1074
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

11. PhysicalDisk Avg. Disk Queue Length, PhysicalDisk % Disk Time, and
LogicalDisk % Free Space
12. Network Segment % Network utilization
13. True
14. True

Chapter 25: Performance Optimization

Answers to Instant Assessment

1. Performance optimization is the process of modifying server and/or
network hardware and software configurations with the intent of speeding
up server and/or network response.
2. A bottleneck is the component in the system that is slowing system
performance. The bottleneck in a networking environment is the part of
the system that is performing at peak capacity while other components in
the system are not working at peak capacity. In other words, if it weren’t
for the limiting component, the rest of the system could go faster.
3. Performance Monitor and Network Monitor
4. Memory, processor, disk, and network
5. Adding RAM
6. A beneficial by-product of adding RAM is that processor and disk
performance may be improved, as well, because paging is reduced and the
disk cache size is increased when RAM is added.
7. The System application in Control Panel
8. Any three of the following:
; Defragment the hard disk(s) in your computer
; Upgrade to a faster disk controller and/or a faster hard disk(s)
; Configure a stripe set with parity across three or more disks
; Configure a stripe set across two or more disks

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1075
 Resources

9. Any three of the following:

; Replace the existing processor with a faster processor
; Replace the existing motherboard and processor with a faster
motherboard and processor
; Upgrade from a single-processor system to a multi-processor system
; Add a processor to a multi-processor system
10. The four ways to optimize a Windows NT Server computer are:
; Configuring load balancing across multiple servers
; Disabling unused services, protocols, and drivers
; Scheduling large, server-intensive tasks during nonpeak hours
; Optimizing the Server service
11. Either move the BDC to the other side of the WAN link, so it is physically
close to the client computers that it services; or, add an additional BDC on
the other side of the WAN link.

Answers to Labs
Lab 25.37: Finding and resolving bottlenecks

Problem 1 The statistics in this problem seem to indicate that the processor,
memory and disk all need upgrading. However, if you upgrade RAM to 64MB, the
amount of paging would be significantly reduced. Reducing paging would also
decrease the % Processor Time and % Disk Time statistics to reasonable levels.
This server should probably have all of the possible upgrades presented, but
adding memory (RAM) is the best choice if only one upgrade can be performed.

Problem 2 The statistics in this problem seem to indicate that the disk is the
biggest bottleneck to optimum system performance. If only one of the possible
upgrades can be performed, upgrading to a hardware-based RAID 5 disk subsystem
should yield the most significant increase in disk performance for this server.

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1076
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

Lab 25.38: Optimizing Windows NT performance

Problem 1 Add a BDC for the LONDON domain at the Paris location, and add a
BDC for the LONDON domain at the Munich location.
Additionally, move one of the WINS servers from London to Paris, and move
a second WINS server from London to Munich.
This places the servers that perform logon authentication and NetBIOS name
resolution physically close to the users that access them, thereby improving server
response time and minimizing traffic across the WAN links.

Problem 2 Optimize the Server service to Maximize Throughput for Network

Applications.

Chapter 26: The Troubleshooting

Process

Answers to Instant Assessment

1. Troubleshooting is a methodical approach to solving a problem. The
approach is often the result of a person’s knowledge, experience, and
intuition.
2. The five basic steps suggested for troubleshooting are:
; Gather information
; Define the problem
; List probable causes
; Identify possible solutions and attempt to fix the problem
; Resolve and document the problem
3. Microsoft TechNet
4. Microsoft Technical Support Web site, at:
http://www.microsoft.com/support/

5. Microsoft Download Service

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1077
 Resources

C h a p t e r 2 7 : A d va n c e d
Troubleshooting Topics

Answers to Instant Assessment

1. The nine major steps in the Windows NT boot sequence are:
; Power On Self Test (POST)
; Initial Startup
; Selecting an operating system
; Detecting hardware
; Selecting hardware profile (or Last Known Good Configuration) and
loading the kernel
; Kernel initialization
; Initializing device drivers
; Initializing services
; Logon process
2. The most likely cause of this problem is a corrupt file. Power outages can
easily corrupt files on the hard disk.
To resolve the situation, perform the Emergency Repair process, selecting
the Inspect boot sector and Verify Windows NT system files options during
the process.
3. The most likely cause of this problem is the configuration changes made
during the last logon session.
To resolve the situation, reboot the computer, and select the Last Known
Good Configuration during the boot sequence.
If this does not repair the problem, perform the Emergency Repair process,
selecting the Inspect Registry files option during the process.
4. The Emergency Repair process involves using the Windows NT Setup Boot
Disk set, the Windows NT compact disc, and the Emergency Repair disk
created during (or after) the installation process to repair a damaged or
corrupt Windows NT installation.
5. Event Viewer (specifically, the system log in Event Viewer)

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1078
Appendix D: Answers to Instant Assessment Questions, Review Activities, and Hands-on Labs 

6. View the Event Detail for the last stop error in the list (the event that
happened first chronologically during the boot process) first. Resolving this
error will often take care of most or all of the other stop errors listed.
7. Service dependencies show which services and drivers must be running
before the service in question can start. Group dependencies show which
groups of services or drivers must be running before the service in
question can start. Once you have determined what the service and group
dependencies for a particular service or driver are, you can then verify that
all of these services and drivers (that are required to be running before a
particular service or driver can start) are, in fact, running.
8. The Services tab
9. Windows NT Registry Editor (regedt32.exe) and
Windows 95 Registry Editor (regedit.exe)
10. HKEY_LOCAL_MACHINE
11. Back it up
12. /s
13. The Windows 95 Registry Editor (regedit.exe) is a better tool for
searching the Windows NT Registry because this editor can search the
Registry by key, by value, or by data contained in the value. As a Registry
search tool, this editor is more effective than the Windows NT Registry
Editor, which can only search the Registry by key. You can manually wade
your way through the various folders and subfolders in the Windows NT
Registry Editor, and you can edit any Registry value, it’s just more
cumbersome to use as a search tool than the Windows 95 Registry Editor.
14. The Windows NT Registry Editor (regedt32.exe)
15. Windows NT displays a blue screen when it encounters a STOP error that it
cannot recover from.
16. There are three primary sections in a blue screen: the STOP error
(including error code or BugCheck code) and description, a list of loaded
drivers, and a stack dump (including the operating system’s build number).
17. The System application
18. Dr. Watson for Windows NT

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1079
 Resources

MCSE Windows NT® 4.0 • 3087-9 1/7 • appD.F • reprint • 6/22/98• Deirdre • 1080