Possible Bad Question

TheMSsForum.com: The Microsoft Software Forum

I'm taking a practice test for the 70-218 using the CramMaster software.

Question:

Jennifer is an employee of a company called XYZ Dimensions Inc. located in
Chicago. Jennifer is currently using a stand-alone Windows 2000 Professional
workstation, named JennyW2KP, to use a locally installed graphics editing
application. As the administrator, you are going to add JennyW2KP to the
Windows 2000 Domain, named XYZDimensions.edu, which currently consists of
one Windows 2000 Server Domain Controller and four Windows 2000 Professional
workstations.

Before adding JennyW2KP to the XYZDimensions.edu Domain, you use the Local
Group Policy MMC snap-in on JennyW2KP and configure the account lockout
policy to lock out Jennifer's local user account after three bad logon
attempts. Afterwards, you configure the Default Domain Controllers Policy to
lockout Jennifer's Domain Account after two bad logon attempts.

What will be Jennifer's result if she attempts to logon to the Windows 2000
Network using her Domain Logon account and providing an invalid password
both times? Select the correct answer.

A Jennifer will be locked out of the Windows 2000 Network for a
configured amount of time designated by the administrator.

B Jennifer will be allowed three more logon attempts to the Windows
2000 Network because the Local Group Policy and Default Domain Controllers
Policy cumulatively allow her five bad logon attempts.

C Jennifer will be allowed one more logon attempt to the Windows 2000
Professional machine because the Local Group Policy allows her three bad
logon attempts.

D Jennifer will be allowed one more logon to the Windows 2000 Network
because the Local Group Policy overrides the Group Policy.


Correct answer:

B Jennifer will be allowed three more logon attempts to the Windows
2000 Network because the Local Group Policy and Default Domain Controllers
Policy cumulatively allow her five bad logon attempts.


Explanation:

Jennifer is using a Domain User account, which is impacted by the settings
the administrator configured in the Default Domain Controllers Policy.


My question is, since she is not logging on to a domain controller, I
thought she wouldn't be affected by the default doamin controllers policy,
therefore, her account should be locked out.

Am I way off base here or is this a bad question?

--
I may not be fully certified, but I am fully certifiable.
Top

Re: Possible Bad Question by Stew

Stew
Fri Apr 02 13:14:56 CST 2004

Once a computer is added to a domain policies are applied in this order LSDO
(Local, Site, Domain, OU)... Since the local policy dictates 3 logon
attempts, and the Domain policy dictates 5 then "5" is the result becuase
the setting is overridden in the order of application... In addition, it
doesn't matter if she logs in locally or to an actual domain account...
System ("computer") Policy settings are applied at startup regardless if she
actually logs into her domain account or not... As I stated... Computer
settings in a policy are applied at startup... User settings are applied at
account login...

"TechGeekPro" <%username%@yahoo.com> wrote in message
news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> I'm taking a practice test for the 70-218 using the CramMaster software.
>
> Question:
>
> Jennifer is an employee of a company called XYZ Dimensions Inc. located in
> Chicago. Jennifer is currently using a stand-alone Windows 2000
Professional
> workstation, named JennyW2KP, to use a locally installed graphics editing
> application. As the administrator, you are going to add JennyW2KP to the
> Windows 2000 Domain, named XYZDimensions.edu, which currently consists of
> one Windows 2000 Server Domain Controller and four Windows 2000
Professional
> workstations.
>
> Before adding JennyW2KP to the XYZDimensions.edu Domain, you use the Local
> Group Policy MMC snap-in on JennyW2KP and configure the account lockout
> policy to lock out Jennifer's local user account after three bad logon
> attempts. Afterwards, you configure the Default Domain Controllers Policy
to
> lockout Jennifer's Domain Account after two bad logon attempts.
>
> What will be Jennifer's result if she attempts to logon to the Windows
2000
> Network using her Domain Logon account and providing an invalid password
> both times? Select the correct answer.
>
> A Jennifer will be locked out of the Windows 2000 Network for a
> configured amount of time designated by the administrator.
>
> B Jennifer will be allowed three more logon attempts to the Windows
> 2000 Network because the Local Group Policy and Default Domain Controllers
> Policy cumulatively allow her five bad logon attempts.
>
> C Jennifer will be allowed one more logon attempt to the Windows
2000
> Professional machine because the Local Group Policy allows her three bad
> logon attempts.
>
> D Jennifer will be allowed one more logon to the Windows 2000
Network
> because the Local Group Policy overrides the Group Policy.
>
>
> Correct answer:
>
> B Jennifer will be allowed three more logon attempts to the Windows
> 2000 Network because the Local Group Policy and Default Domain Controllers
> Policy cumulatively allow her five bad logon attempts.
>
>
> Explanation:
>
> Jennifer is using a Domain User account, which is impacted by the settings
> the administrator configured in the Default Domain Controllers Policy.
>
>
> My question is, since she is not logging on to a domain controller, I
> thought she wouldn't be affected by the default doamin controllers policy,
> therefore, her account should be locked out.
>
> Am I way off base here or is this a bad question?
>
> --
> I may not be fully certified, but I am fully certifiable.
>
>
>


Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 13:24:02 CST 2004

"Since the local policy dictates 3 logon attempts, and the Domain policy
dictates 5 then "5" is the result..."

Ah, but the question didn't state "Domain Policy" but "Domain Controllers
Policy" which from what I understand only affects the computers in the
built-in Domain Controllers OU. She is logging into the Domain but not into
a Domain Controller.

--
I may not be fully certified, but I am fully certifiable.

"Stew Basterash" <stewartbash@hotmail.com> wrote in message
news:e3DRPbOGEHA.2600@TK2MSFTNGP12.phx.gbl...
> Once a computer is added to a domain policies are applied in this order
LSDO
> (Local, Site, Domain, OU)... Since the local policy dictates 3 logon
> attempts, and the Domain policy dictates 5 then "5" is the result becuase
> the setting is overridden in the order of application... In addition, it
> doesn't matter if she logs in locally or to an actual domain account...
> System ("computer") Policy settings are applied at startup regardless if
she
> actually logs into her domain account or not... As I stated... Computer
> settings in a policy are applied at startup... User settings are applied
at
> account login...
>
> "TechGeekPro" <%username%@yahoo.com> wrote in message
> news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> > I'm taking a practice test for the 70-218 using the CramMaster software.
> >
> > Question:
> >
> > Jennifer is an employee of a company called XYZ Dimensions Inc. located
in
> > Chicago. Jennifer is currently using a stand-alone Windows 2000
> Professional
> > workstation, named JennyW2KP, to use a locally installed graphics
editing
> > application. As the administrator, you are going to add JennyW2KP to the
> > Windows 2000 Domain, named XYZDimensions.edu, which currently consists
of
> > one Windows 2000 Server Domain Controller and four Windows 2000
> Professional
> > workstations.
> >
> > Before adding JennyW2KP to the XYZDimensions.edu Domain, you use the
Local
> > Group Policy MMC snap-in on JennyW2KP and configure the account lockout

> > policy to lock out Jennifer's local user account after three bad logon
> > attempts. Afterwards, you configure the Default Domain Controllers
Policy
> to
> > lockout Jennifer's Domain Account after two bad logon attempts.
> >
> > What will be Jennifer's result if she attempts to logon to the Windows
> 2000
> > Network using her Domain Logon account and providing an invalid password
> > both times? Select the correct answer.
> >
> > A Jennifer will be locked out of the Windows 2000 Network for a
> > configured amount of time designated by the administrator.
> >
> > B Jennifer will be allowed three more logon attempts to the
Windows
> > 2000 Network because the Local Group Policy and Default Domain
Controllers
> > Policy cumulatively allow her five bad logon attempts.
> >
> > C Jennifer will be allowed one more logon attempt to the Windows
> 2000
> > Professional machine because the Local Group Policy allows her three bad
> > logon attempts.
> >
> > D Jennifer will be allowed one more logon to the Windows 2000
> Network
> > because the Local Group Policy overrides the Group Policy.
> >
> >
> > Correct answer:
> >
> > B Jennifer will be allowed three more logon attempts to the
Windows
> > 2000 Network because the Local Group Policy and Default Domain
Controllers
> > Policy cumulatively allow her five bad logon attempts.
> >
> >
> > Explanation:
> >
> > Jennifer is using a Domain User account, which is impacted by the
settings
> > the administrator configured in the Default Domain Controllers Policy.
> >
> >
> > My question is, since she is not logging on to a domain controller, I
> > thought she wouldn't be affected by the default doamin controllers
policy,
> > therefore, her account should be locked out.
> >
> > Am I way off base here or is this a bad question?
> >
> > --
> > I may not be fully certified, but I am fully certifiable.
> >
> >
> >
>
>


Top

Re: Possible Bad Question by Neil

Neil
Fri Apr 02 14:09:29 CST 2004

"TechGeekPro" <%username%@yahoo.com> wrote in
news:#kxUQgOGEHA.3764@TK2MSFTNGP12.phx.gbl:

> "Since the local policy dictates 3 logon attempts, and the Domain
> policy dictates 5 then "5" is the result..."
>
> Ah, but the question didn't state "Domain Policy" but "Domain
> Controllers Policy" which from what I understand only affects the
> computers in the built-in Domain Controllers OU. She is logging into
> the Domain but not into a Domain Controller.
>
> --
> I may not be fully certified, but I am fully certifiable.
>
> "Stew Basterash" <stewartbash@hotmail.com> wrote in message
> news:e3DRPbOGEHA.2600@TK2MSFTNGP12.phx.gbl...
>> Once a computer is added to a domain policies are applied in this
>> order
> LSDO
>> (Local, Site, Domain, OU)... Since the local policy dictates 3 logon
>> attempts, and the Domain policy dictates 5 then "5" is the result
>> becuase the setting is overridden in the order of application... In
>> addition, it doesn't matter if she logs in locally or to an actual
>> domain account... System ("computer") Policy settings are applied at
>> startup regardless if
> she
>> actually logs into her domain account or not... As I stated...
>> Computer settings in a policy are applied at startup... User settings
>> are applied
> at
>> account login...
>>
>> "TechGeekPro" <%username%@yahoo.com> wrote in message
>> news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
>> > I'm taking a practice test for the 70-218 using the CramMaster
>> > software.
>> >
>> > Question:
>> >
>> > Jennifer is an employee of a company called XYZ Dimensions Inc.
>> > located
> in
>> > Chicago. Jennifer is currently using a stand-alone Windows 2000
>> Professional
>> > workstation, named JennyW2KP, to use a locally installed graphics
> editing
>> > application. As the administrator, you are going to add JennyW2KP
>> > to the Windows 2000 Domain, named XYZDimensions.edu, which
>> > currently consists
> of
>> > one Windows 2000 Server Domain Controller and four Windows 2000
>> Professional
>> > workstations.
>> >
>> > Before adding JennyW2KP to the XYZDimensions.edu Domain, you use
>> > the
> Local
>> > Group Policy MMC snap-in on JennyW2KP and configure the account
>> > lockout
>
>> > policy to lock out Jennifer's local user account after three bad
>> > logon attempts. Afterwards, you configure the Default Domain
>> > Controllers
> Policy
>> to
>> > lockout Jennifer's Domain Account after two bad logon attempts.
>> >
>> > What will be Jennifer's result if she attempts to logon to the
>> > Windows
>> 2000
>> > Network using her Domain Logon account and providing an invalid
>> > password both times? Select the correct answer.
>> >
>> > A Jennifer will be locked out of the Windows 2000 Network for
>> > a
>> > configured amount of time designated by the administrator.
>> >
>> > B Jennifer will be allowed three more logon attempts to the
> Windows
>> > 2000 Network because the Local Group Policy and Default Domain
> Controllers
>> > Policy cumulatively allow her five bad logon attempts.
>> >
>> > C Jennifer will be allowed one more logon attempt to the
>> > Windows
>> 2000
>> > Professional machine because the Local Group Policy allows her
>> > three bad logon attempts.
>> >
>> > D Jennifer will be allowed one more logon to the Windows 2000
>> Network
>> > because the Local Group Policy overrides the Group Policy.
>> >
>> >
>> > Correct answer:
>> >
>> > B Jennifer will be allowed three more logon attempts to the
> Windows
>> > 2000 Network because the Local Group Policy and Default Domain
> Controllers
>> > Policy cumulatively allow her five bad logon attempts.
>> >
>> >
>> > Explanation:
>> >
>> > Jennifer is using a Domain User account, which is impacted by the
> settings
>> > the administrator configured in the Default Domain Controllers
>> > Policy.
>> >
>> >
>> > My question is, since she is not logging on to a domain controller,
>> > I thought she wouldn't be affected by the default doamin
>> > controllers
> policy,
>> > therefore, her account should be locked out.
>> >
>> > Am I way off base here or is this a bad question?
>> >
>> > --
>> > I may not be fully certified, but I am fully certifiable.
>> >
>> >
>> >
>>
>>
>
>

kb article 259576

--
Neil
"you'd do what, to who, for how many biscuits?"
Top

Re: Possible Bad Question by Stew

Stew
Fri Apr 02 14:21:31 CST 2004

CRAP!

I missed that one again... I hate those... Be careful reading those
questions!!!


"TechGeekPro" <%username%@yahoo.com> wrote in message
news:%23kxUQgOGEHA.3764@TK2MSFTNGP12.phx.gbl...
> "Since the local policy dictates 3 logon attempts, and the Domain policy
> dictates 5 then "5" is the result..."
>
> Ah, but the question didn't state "Domain Policy" but "Domain Controllers
> Policy" which from what I understand only affects the computers in the
> built-in Domain Controllers OU. She is logging into the Domain but not
into
> a Domain Controller.
>
> --
> I may not be fully certified, but I am fully certifiable.
>
> "Stew Basterash" <stewartbash@hotmail.com> wrote in message
> news:e3DRPbOGEHA.2600@TK2MSFTNGP12.phx.gbl...
> > Once a computer is added to a domain policies are applied in this order
> LSDO
> > (Local, Site, Domain, OU)... Since the local policy dictates 3 logon
> > attempts, and the Domain policy dictates 5 then "5" is the result
becuase
> > the setting is overridden in the order of application... In addition, it
> > doesn't matter if she logs in locally or to an actual domain account...
> > System ("computer") Policy settings are applied at startup regardless if
> she
> > actually logs into her domain account or not... As I stated... Computer
> > settings in a policy are applied at startup... User settings are applied
> at
> > account login...
> >
> > "TechGeekPro" <%username%@yahoo.com> wrote in message
> > news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> > > I'm taking a practice test for the 70-218 using the CramMaster
software.
> > >
> > > Question:
> > >
> > > Jennifer is an employee of a company called XYZ Dimensions Inc.
located
> in
> > > Chicago. Jennifer is currently using a stand-alone Windows 2000
> > Professional
> > > workstation, named JennyW2KP, to use a locally installed graphics
> editing
> > > application. As the administrator, you are going to add JennyW2KP to
the
> > > Windows 2000 Domain, named XYZDimensions.edu, which currently consists
> of
> > > one Windows 2000 Server Domain Controller and four Windows 2000
> > Professional
> > > workstations.
> > >
> > > Before adding JennyW2KP to the XYZDimensions.edu Domain, you use the
> Local
> > > Group Policy MMC snap-in on JennyW2KP and configure the account
lockout
>
> > > policy to lock out Jennifer's local user account after three bad logon
> > > attempts. Afterwards, you configure the Default Domain Controllers
> Policy
> > to
> > > lockout Jennifer's Domain Account after two bad logon attempts.
> > >
> > > What will be Jennifer's result if she attempts to logon to the Windows
> > 2000
> > > Network using her Domain Logon account and providing an invalid
password
> > > both times? Select the correct answer.
> > >
> > > A Jennifer will be locked out of the Windows 2000 Network for a
> > > configured amount of time designated by the administrator.
> > >
> > > B Jennifer will be allowed three more logon attempts to the
> Windows
> > > 2000 Network because the Local Group Policy and Default Domain
> Controllers
> > > Policy cumulatively allow her five bad logon attempts.
> > >
> > > C Jennifer will be allowed one more logon attempt to the Windows
> > 2000
> > > Professional machine because the Local Group Policy allows her three
bad
> > > logon attempts.
> > >
> > > D Jennifer will be allowed one more logon to the Windows 2000
> > Network
> > > because the Local Group Policy overrides the Group Policy.
> > >
> > >
> > > Correct answer:
> > >
> > > B Jennifer will be allowed three more logon attempts to the
> Windows
> > > 2000 Network because the Local Group Policy and Default Domain
> Controllers
> > > Policy cumulatively allow her five bad logon attempts.
> > >
> > >
> > > Explanation:
> > >
> > > Jennifer is using a Domain User account, which is impacted by the
> settings
> > > the administrator configured in the Default Domain Controllers Policy.
> > >
> > >
> > > My question is, since she is not logging on to a domain controller, I
> > > thought she wouldn't be affected by the default doamin controllers
> policy,
> > > therefore, her account should be locked out.
> > >
> > > Am I way off base here or is this a bad question?
> > >
> > > --
> > > I may not be fully certified, but I am fully certifiable.
> > >
> > >
> > >
> >
> >
>
>


Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 14:30:24 CST 2004

--
I may not be fully certified, but I am fully certifiable.

"Neil" <neilmcse@nospamforyou.com> wrote in message
news:Xns94BF9A2FDD27Fneilmcsehotmailcom@207.46.248.16...
> "TechGeekPro" <%username%@yahoo.com> wrote in
> news:#kxUQgOGEHA.3764@TK2MSFTNGP12.phx.gbl:
>
> > "Since the local policy dictates 3 logon attempts, and the Domain
> > policy dictates 5 then "5" is the result..."
> >
> > Ah, but the question didn't state "Domain Policy" but "Domain
> > Controllers Policy" which from what I understand only affects the
> > computers in the built-in Domain Controllers OU. She is logging into
> > the Domain but not into a Domain Controller.
> >
> > --
> > I may not be fully certified, but I am fully certifiable.
> >
> > "Stew Basterash" <stewartbash@hotmail.com> wrote in message
> > news:e3DRPbOGEHA.2600@TK2MSFTNGP12.phx.gbl...
> >> Once a computer is added to a domain policies are applied in this
> >> order
> > LSDO
> >> (Local, Site, Domain, OU)... Since the local policy dictates 3 logon
> >> attempts, and the Domain policy dictates 5 then "5" is the result
> >> becuase the setting is overridden in the order of application... In
> >> addition, it doesn't matter if she logs in locally or to an actual
> >> domain account... System ("computer") Policy settings are applied at
> >> startup regardless if
> > she
> >> actually logs into her domain account or not... As I stated...
> >> Computer settings in a policy are applied at startup... User settings
> >> are applied
> > at
> >> account login...
> >>
> >> "TechGeekPro" <%username%@yahoo.com> wrote in message
> >> news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> >> > I'm taking a practice test for the 70-218 using the CramMaster
> >> > software.
> >> >
> >> > Question:
> >> >
> >> > Jennifer is an employee of a company called XYZ Dimensions Inc.
> >> > located
> > in
> >> > Chicago. Jennifer is currently using a stand-alone Windows 2000
> >> Professional
> >> > workstation, named JennyW2KP, to use a locally installed graphics
> > editing
> >> > application. As the administrator, you are going to add JennyW2KP
> >> > to the Windows 2000 Domain, named XYZDimensions.edu, which
> >> > currently consists
> > of
> >> > one Windows 2000 Server Domain Controller and four Windows 2000
> >> Professional
> >> > workstations.
> >> >
> >> > Before adding JennyW2KP to the XYZDimensions.edu Domain, you use
> >> > the
> > Local
> >> > Group Policy MMC snap-in on JennyW2KP and configure the account
> >> > lockout
> >
> >> > policy to lock out Jennifer's local user account after three bad
> >> > logon attempts. Afterwards, you configure the Default Domain
> >> > Controllers
> > Policy
> >> to
> >> > lockout Jennifer's Domain Account after two bad logon attempts.
> >> >
> >> > What will be Jennifer's result if she attempts to logon to the
> >> > Windows
> >> 2000
> >> > Network using her Domain Logon account and providing an invalid
> >> > password both times? Select the correct answer.
> >> >
> >> > A Jennifer will be locked out of the Windows 2000 Network for
> >> > a
> >> > configured amount of time designated by the administrator.
> >> >
> >> > B Jennifer will be allowed three more logon attempts to the
> > Windows
> >> > 2000 Network because the Local Group Policy and Default Domain
> > Controllers
> >> > Policy cumulatively allow her five bad logon attempts.
> >> >
> >> > C Jennifer will be allowed one more logon attempt to the
> >> > Windows
> >> 2000
> >> > Professional machine because the Local Group Policy allows her
> >> > three bad logon attempts.
> >> >
> >> > D Jennifer will be allowed one more logon to the Windows 2000
> >> Network
> >> > because the Local Group Policy overrides the Group Policy.
> >> >
> >> >
> >> > Correct answer:
> >> >
> >> > B Jennifer will be allowed three more logon attempts to the
> > Windows
> >> > 2000 Network because the Local Group Policy and Default Domain
> > Controllers
> >> > Policy cumulatively allow her five bad logon attempts.
> >> >
> >> >
> >> > Explanation:
> >> >
> >> > Jennifer is using a Domain User account, which is impacted by the
> > settings
> >> > the administrator configured in the Default Domain Controllers
> >> > Policy.
> >> >
> >> >
> >> > My question is, since she is not logging on to a domain controller,
> >> > I thought she wouldn't be affected by the default doamin
> >> > controllers
> > policy,
> >> > therefore, her account should be locked out.
> >> >
> >> > Am I way off base here or is this a bad question?
> >> >
> >> > --
> >> > I may not be fully certified, but I am fully certifiable.
> >> >
> >> >
> >> >
> >>
> >>
> >
> >
>
> kb article 259576
>
> --
> Neil
> "you'd do what, to who, for how many biscuits?"

What? No link? Tsk,tsk. http://tinyurl.com/2l4mg


Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 14:33:09 CST 2004

So I was right?

--
I may not be fully certified, but I am fully certifiable.

"Stew Basterash" <stewartbash@hotmail.com> wrote in message
news:eEiKcAPGEHA.1368@TK2MSFTNGP11.phx.gbl...
> CRAP!
>
> I missed that one again... I hate those... Be careful reading those
> questions!!!
>
>
> "TechGeekPro" <%username%@yahoo.com> wrote in message
> news:%23kxUQgOGEHA.3764@TK2MSFTNGP12.phx.gbl...
> > "Since the local policy dictates 3 logon attempts, and the Domain policy
> > dictates 5 then "5" is the result..."
> >
> > Ah, but the question didn't state "Domain Policy" but "Domain
Controllers
> > Policy" which from what I understand only affects the computers in the
> > built-in Domain Controllers OU. She is logging into the Domain but not
> into
> > a Domain Controller.
> >
> > --
> > I may not be fully certified, but I am fully certifiable.
> >
> > "Stew Basterash" <stewartbash@hotmail.com> wrote in message
> > news:e3DRPbOGEHA.2600@TK2MSFTNGP12.phx.gbl...
> > > Once a computer is added to a domain policies are applied in this
order
> > LSDO
> > > (Local, Site, Domain, OU)... Since the local policy dictates 3 logon
> > > attempts, and the Domain policy dictates 5 then "5" is the result
> becuase
> > > the setting is overridden in the order of application... In addition,
it
> > > doesn't matter if she logs in locally or to an actual domain
account...
> > > System ("computer") Policy settings are applied at startup regardless
if
> > she
> > > actually logs into her domain account or not... As I stated...
Computer
> > > settings in a policy are applied at startup... User settings are
applied
> > at
> > > account login...
> > >
> > > "TechGeekPro" <%username%@yahoo.com> wrote in message
> > > news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> > > > I'm taking a practice test for the 70-218 using the CramMaster
> software.
> > > >
> > > > Question:
> > > >
> > > > Jennifer is an employee of a company called XYZ Dimensions Inc.
> located
> > in
> > > > Chicago. Jennifer is currently using a stand-alone Windows 2000
> > > Professional
> > > > workstation, named JennyW2KP, to use a locally installed graphics
> > editing
> > > > application. As the administrator, you are going to add JennyW2KP to
> the
> > > > Windows 2000 Domain, named XYZDimensions.edu, which currently
consists
> > of
> > > > one Windows 2000 Server Domain Controller and four Windows 2000
> > > Professional
> > > > workstations.
> > > >
> > > > Before adding JennyW2KP to the XYZDimensions.edu Domain, you use the
> > Local
> > > > Group Policy MMC snap-in on JennyW2KP and configure the account
> lockout
> >
> > > > policy to lock out Jennifer's local user account after three bad
logon
> > > > attempts. Afterwards, you configure the Default Domain Controllers
> > Policy
> > > to
> > > > lockout Jennifer's Domain Account after two bad logon attempts.
> > > >
> > > > What will be Jennifer's result if she attempts to logon to the
Windows
> > > 2000
> > > > Network using her Domain Logon account and providing an invalid
> password
> > > > both times? Select the correct answer.
> > > >
> > > > A Jennifer will be locked out of the Windows 2000 Network for
a
> > > > configured amount of time designated by the administrator.
> > > >
> > > > B Jennifer will be allowed three more logon attempts to the
> > Windows
> > > > 2000 Network because the Local Group Policy and Default Domain
> > Controllers
> > > > Policy cumulatively allow her five bad logon attempts.
> > > >
> > > > C Jennifer will be allowed one more logon attempt to the
Windows
> > > 2000
> > > > Professional machine because the Local Group Policy allows her three
> bad
> > > > logon attempts.
> > > >
> > > > D Jennifer will be allowed one more logon to the Windows 2000
> > > Network
> > > > because the Local Group Policy overrides the Group Policy.
> > > >
> > > >
> > > > Correct answer:
> > > >
> > > > B Jennifer will be allowed three more logon attempts to the
> > Windows
> > > > 2000 Network because the Local Group Policy and Default Domain
> > Controllers
> > > > Policy cumulatively allow her five bad logon attempts.
> > > >
> > > >
> > > > Explanation:
> > > >
> > > > Jennifer is using a Domain User account, which is impacted by the
> > settings
> > > > the administrator configured in the Default Domain Controllers
Policy.
> > > >
> > > >
> > > > My question is, since she is not logging on to a domain controller,
I
> > > > thought she wouldn't be affected by the default doamin controllers
> > policy,
> > > > therefore, her account should be locked out.
> > > >
> > > > Am I way off base here or is this a bad question?
> > > >
> > > > --
> > > > I may not be fully certified, but I am fully certifiable.
> > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>


Top

Re: Possible Bad Question by Neil

Neil
Fri Apr 02 14:36:45 CST 2004

"TechGeekPro" <%username%@yahoo.com> wrote in news:#mFrWFPGEHA.3188
@TK2MSFTNGP10.phx.gbl:

> What? No link? Tsk,tsk. http://tinyurl.com/2l4mg
>

takes to long...

--
Neil
"you'd do what, to who, for how many biscuits?"
Top

Possible Bad Question by Andy

Andy
Fri Apr 02 14:37:03 CST 2004

TechGeekPro wibbled

>I'm taking a practice test for the 70-218 using the
CramMaster software.
>

<major snippage>
>

>My question is, since she is not logging on to a domain
controller, I
>thought she wouldn't be affected by the default doamin
controllers policy,
>therefore, her account should be locked out.
>
>Am I way off base here or is this a bad question?
>

Are you studying for the Microsoft Certified Systems
Engineer qualification, or the Microsoft Certified Book
Reader certification?

Do you have access to a small test network that you could
test the scenario on? Why not? You can't find 2 old PCs
and a bit of cat5 crossover?

YKIMS
Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 14:46:14 CST 2004

Ok, maybe my brain is fried from all of this reading and practice testing
but, I read that article several times. I'm still not sure what that has to
do with the question. Was I wrong?

P.S. Use the TinyURL toolbar button! It's easy.

--
I may not be fully certified, but I am fully certifiable.

"Neil" <neilmcse@nospamforyou.com> wrote in message
news:Xns94BF9ED1FDBD7neilmcsehotmailcom@207.46.248.16...
> "TechGeekPro" <%username%@yahoo.com> wrote in news:#mFrWFPGEHA.3188
> @TK2MSFTNGP10.phx.gbl:
>
> > What? No link? Tsk,tsk. http://tinyurl.com/2l4mg
> >
>
> takes to long...
>
> --
> Neil
> "you'd do what, to who, for how many biscuits?"


Top

Re: Possible Bad Question by Neil

Neil
Fri Apr 02 14:50:17 CST 2004

"TechGeekPro" <%username%@yahoo.com> wrote in news:#mFrWFPGEHA.3188
@TK2MSFTNGP10.phx.gbl:

<remarkable amount of snipage>

So have you worked it out yet? The question is flawed because they gave you
the DDC GPO settings not DD GPO settings. If they had given you DD
settings, these would be applied when you log onto the domain (regardless
of OU or Local setting). The local settings are only in effect when logging
on to the local computer. way you go....

Neil
"you'd do what, to who, for how many biscuits?"
Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 14:54:02 CST 2004

Inline reply:

--
I may not be fully certified, but I am fully certifiable.

"Andy Foster" <anonymous@discussions.microsoft.com> wrote in message
news:1306a01c418f2$41bf39e0$a001280a@phx.gbl...
> TechGeekPro wibbled

Wibbled?

>
> >I'm taking a practice test for the 70-218 using the
> CramMaster software.
> >
>
> <major snippage>
> >
>
> >My question is, since she is not logging on to a domain
> controller, I
> >thought she wouldn't be affected by the default doamin
> controllers policy,
> >therefore, her account should be locked out.
> >
> >Am I way off base here or is this a bad question?
> >
>
> Are you studying for the Microsoft Certified Systems
> Engineer qualification, or the Microsoft Certified Book
> Reader certification?

Was that a jab? Obviously I'm studying for the MCSA/MCSE. Did you not read
when you studyed for your MCSE? Or do you have one?

> Do you have access to a small test network that you could
> test the scenario on? Why not? You can't find 2 old PCs
> and a bit of cat5 crossover?
>
> YKIMS

Actually I have several PC's and a router so I suppose I could test it. The
thing is, I've ran into several wrong answers on the CramMasters software
and I was sure it too was wrong. So I thought I would post it here to start
conversation that was actually on topic.


Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 15:03:23 CST 2004

Ok, that's what I thought. Now, just to throw in a monkey wrench, the
question states that the Local Policy locks her out after 3 attempts and the
Default Domain Controllers policy locks her out after 2 attempts. Their
answer states that the two policies "cumulatively allow her five bad logon
attempts". Even if it were the DD GPO and not the DDC GPO, wouldn't the
Domain policy OVERRIDE the Local policy?

--
I may not be fully certified, but I am fully certifiable.

"Neil" <neilmcse@nospamforyou.com> wrote in message
news:Xns94BFA11D59452neilmcsehotmailcom@207.46.248.16...
> "TechGeekPro" <%username%@yahoo.com> wrote in news:#mFrWFPGEHA.3188
> @TK2MSFTNGP10.phx.gbl:
>
> <remarkable amount of snipage>
>
> So have you worked it out yet? The question is flawed because they gave
you
> the DDC GPO settings not DD GPO settings. If they had given you DD
> settings, these would be applied when you log onto the domain (regardless
> of OU or Local setting). The local settings are only in effect when
logging
> on to the local computer. way you go....
>
> Neil
> "you'd do what, to who, for how many biscuits?"


Top

Re: Possible Bad Question by Neil

Neil
Fri Apr 02 15:18:30 CST 2004

"TechGeekPro" <%username%@yahoo.com> wrote in
news:OT5OwXPGEHA.3940@tk2msftngp13.phx.gbl:

> Ok, that's what I thought. Now, just to throw in a monkey wrench, the
> question states that the Local Policy locks her out after 3 attempts
> and the Default Domain Controllers policy locks her out after 2
> attempts. Their answer states that the two policies "cumulatively
> allow her five bad logon attempts". Even if it were the DD GPO and not
> the DDC GPO, wouldn't the Domain policy OVERRIDE the Local policy?
>
> --
> I may not be fully certified, but I am fully certifiable.
>
> "Neil" <neilmcse@nospamforyou.com> wrote in message
> news:Xns94BFA11D59452neilmcsehotmailcom@207.46.248.16...
>> "TechGeekPro" <%username%@yahoo.com> wrote in news:#mFrWFPGEHA.3188
>> @TK2MSFTNGP10.phx.gbl:
>>
>> <remarkable amount of snipage>
>>
>> So have you worked it out yet? The question is flawed because they
>> gave
> you
>> the DDC GPO settings not DD GPO settings. If they had given you DD
>> settings, these would be applied when you log onto the domain
>> (regardless of OU or Local setting). The local settings are only in
>> effect when
> logging
>> on to the local computer. way you go....
>>
>> Neil
>> "you'd do what, to who, for how many biscuits?"
>
>
>

ya, that was just stupid. DD GPO in play when logging on to Domain, Local
settings when logging on locally. Conflicting policies otherwise are
Local overwritten by site overwriten by Domain overwritten by OU...

Password policies are unique

--
Neil
"you'd do what, to who, for how many biscuits?"
Top

Re: Possible Bad Question by Andy

Andy
Fri Apr 02 16:12:10 CST 2004

TechGeekPro wrote

>Inline reply:

Ditto

>
>--
>I may not be fully certified, but I am fully certifiable.
>

The sig generally goes at the bottom of the post, not the
top.

>"Andy Foster" <anonymous@discussions.microsoft.com> wrote
in message
>news:1306a01c418f2$41bf39e0$a001280a@phx.gbl...
>> TechGeekPro wibbled
>
>Wibbled?

The meaning of the word, or whether it was
appropriate/justified?

>
>>
>> >I'm taking a practice test for the 70-218 using the
>> CramMaster software.
>> >
>>
>> <major snippage>
>> >
>>
>> >My question is, since she is not logging on to a domain
>> controller, I
>> >thought she wouldn't be affected by the default doamin
>> controllers policy,
>> >therefore, her account should be locked out.
>> >
>> >Am I way off base here or is this a bad question?
>> >
>>
>> Are you studying for the Microsoft Certified Systems
>> Engineer qualification, or the Microsoft Certified Book
>> Reader certification?
>
>Was that a jab? Obviously I'm studying for the MCSA/MCSE.
>Did you not read
>when you studyed for your MCSE? Or do you have one?
>

Yup, well spotted. It was a jab.
Of course I read when I studied for my MCSA/MCSEs,
wouldn't have stood a chance of passing most of the exams
without it, but when I was unsure of something, I tried it
out.

>> Do you have access to a small test network that you
could
>> test the scenario on? Why not? You can't find 2 old PCs
>> and a bit of cat5 crossover?
>>
>> YKIMS
>
>Actually I have several PC's and a router so I suppose I
>could test it.

Better idea (IMHO) than relying on the advice of some of
the experts here (who obviously failed the book-reading
course)

>The
>thing is, I've ran into several wrong answers on the
>CramMasters software
>and I was sure it too was wrong. So I thought I would
>post it here to start
>conversation that was actually on topic.
>

On topic? In this newsgroup? Nah, it'll never catch on.


Top

Re: Possible Bad Question by TechGeekPro

TechGeekPro
Fri Apr 02 16:28:47 CST 2004

More inline replies:
--
I may not be fully certified, but I am fully certifiable.

"Andy Foster" <anonymous@discussions.microsoft.com> wrote in message
news:17e3001c418ff$8b538450$a101280a@phx.gbl...
> TechGeekPro wrote
>
> >Inline reply:
>
> Ditto
>
> >
> >--
> >I may not be fully certified, but I am fully certifiable.
> >
>
> The sig generally goes at the bottom of the post, not the
> top.

Outlook puts the sig at the top. I didn't feel like moving it.

>
> >"Andy Foster" <anonymous@discussions.microsoft.com> wrote
> in message
> >news:1306a01c418f2$41bf39e0$a001280a@phx.gbl...
> >> TechGeekPro wibbled
> >
> >Wibbled?
>
> The meaning of the word, or whether it was
> appropriate/justified?
>

Huh?

> >
> >>
> >> >I'm taking a practice test for the 70-218 using the
> >> CramMaster software.
> >> >
> >>
> >> <major snippage>
> >> >
> >>
> >> >My question is, since she is not logging on to a domain
> >> controller, I
> >> >thought she wouldn't be affected by the default doamin
> >> controllers policy,
> >> >therefore, her account should be locked out.
> >> >
> >> >Am I way off base here or is this a bad question?
> >> >
> >>
> >> Are you studying for the Microsoft Certified Systems
> >> Engineer qualification, or the Microsoft Certified Book
> >> Reader certification?
> >
> >Was that a jab? Obviously I'm studying for the MCSA/MCSE.
> >Did you not read
> >when you studyed for your MCSE? Or do you have one?
> >
>
> Yup, well spotted. It was a jab.
> Of course I read when I studied for my MCSA/MCSEs,
> wouldn't have stood a chance of passing most of the exams
> without it, but when I was unsure of something, I tried it
> out.
>

I usually try it out too except in this case I was pretty sure it was just a
bad question and I didn't want to waste my time. (However, I have no problem
wasting my time in this newsgroup)

> >> Do you have access to a small test network that you
> could
> >> test the scenario on? Why not? You can't find 2 old PCs
> >> and a bit of cat5 crossover?
> >>
> >> YKIMS
> >
> >Actually I have several PC's and a router so I suppose I
> >could test it.
>
> Better idea (IMHO) than relying on the advice of some of
> the experts here (who obviously failed the book-reading
> course)
>
> >The
> >thing is, I've ran into several wrong answers on the
> >CramMasters software
> >and I was sure it too was wrong. So I thought I would
> >post it here to start
> >conversation that was actually on topic.
> >
>
> On topic? In this newsgroup? Nah, it'll never catch on.
>
>

Well, can't blame me for trying. :)


Top

Possible Bad Question by georgewood

georgewood
Tue Apr 20 00:04:43 CDT 2004

ALL password policies are set at the domain level. It will override local
policies. ( A. ) looks like the best answer there.

"TechGeekPro" <%username%@yahoo.com> wrote in message
news:%23f9pCOOGEHA.1012@TK2MSFTNGP11.phx.gbl...
> I'm taking a practice test for the 70-218 using the CramMaster software.
>
> Question:
>
> Jennifer is an employee of a company called XYZ Dimensions Inc. located in
> Chicago. Jennifer is currently using a stand-alone Windows 2000
Professional
> workstation, named JennyW2KP, to use a locally installed graphics editing
> application. As the administrator, you are going to add JennyW2KP to the
> Windows 2000 Domain, named XYZDimensions.edu, which currently consists of
> one Windows 2000 Server Domain Controller and four Windows 2000
Professional
> workstations.
>
> Before adding JennyW2KP to the XYZDimensions.edu Domain, you use the Local
> Group Policy MMC snap-in on JennyW2KP and configure the account lockout
> policy to lock out Jennifer's local user account after three bad logon
> attempts. Afterwards, you configure the Default Domain Controllers Policy
to
> lockout Jennifer's Domain Account after two bad logon attempts.
>
> What will be Jennifer's result if she attempts to logon to the Windows
2000
> Network using her Domain Logon account and providing an invalid password
> both times? Select the correct answer.
>
> A Jennifer will be locked out of the Windows 2000 Network for a
> configured amount of time designated by the administrator.
>
> B Jennifer will be allowed three more logon attempts to the Windows
> 2000 Network because the Local Group Policy and Default Domain Controllers
> Policy cumulatively allow her five bad logon attempts.
>
> C Jennifer will be allowed one more logon attempt to the Windows
2000
> Professional machine because the Local Group Policy allows her three bad
> logon attempts.
>
> D Jennifer will be allowed one more logon to the Windows 2000
Network
> because the Local Group Policy overrides the Group Policy.
>
>
> Correct answer:
>
> B Jennifer will be allowed three more logon attempts to the Windows
> 2000 Network because the Local Group Policy and Default Domain Controllers
> Policy cumulatively allow her five bad logon attempts.
>
>
> Explanation:
>
> Jennifer is using a Domain User account, which is impacted by the settings
> the administrator configured in the Default Domain Controllers Policy.
>
>
> My question is, since she is not logging on to a domain controller, I
> thought she wouldn't be affected by the default doamin controllers policy,
> therefore, her account should be locked out.
>
> Am I way off base here or is this a bad question?
>
> --
> I may not be fully certified, but I am fully certifiable.
>
>
>


Top