What are the new 70-640 exam questions? And Where to download the latest 70-640 exam dumps? Now, PassLeader have been publised the new version of 70-640 braindumps with new added 70-640 exam questions. PassLeader offer the latest 70-640 PDF and VCE dumps with New Version VCE Player for free download, and PassLeader’s new 651q 70-640 practice tests ensure your exam 100 percent pass. Visit www.passleader.com to get the 100 percent pass ensure 651q 70-640 exam questions!
keywords: 70-640 exam,651q 70-640 exam dumps,651q 70-640 exam questions,70-640 pdf dumps,70-640 practice test,70-640 vce dumps,70-640 study guide,70-640 braindumps,TS: Windows Server 2008 Active Directory, Configuring Exam
ABC.com has a main office and a branch office. ABC.com’s network consists of a single Active Directory forest. Some of the servers in the network run Windows Server 2008 and the rest run Windows server 2003. You are the administrator at ABC.com. You have installed Active Directory Domain Services (AD DS) on a computer that runs Windows Server 2008. The branch office is located in a physically insecure place. It has no IT personnel onsite and there are no administrators over there. You need to setup a Read-Only Domain Controller (RODC) on the Server Core installation computer in the branch office. What should you do to setup RODC on the computer in branch office?
A. Execute an attended installation of AD DS
B. Execute an unattended installation of AD DS
C. Execute RODC through AD DS
D. Execute AD DS by using deploying the image of AD DS
E. none of the above
You had installed an Active Directory Federation Services (AD FS) role on a Windows server 2008 in your organization. Now you need to test the connectivity of clients in the network to ensure that they can successfully reach the new Federation server and Federation server is operational. What should you do? (Select all that apply)
A. Go to Services tab, and check if Active Directory Federation Services is running.
B. In the event viewer, Applications, Event ID column look for event ID 674.
C. Open a browser window, and then type the Federation Service URL for the new federation server.
D. None of the above.
ABC.com has purchased laptop computers that will be used to connect to a wireless network. You create a laptop organizational unit and create a Group Policy Object (GPO) and configure user profiles by utilizing the names of approved wireless networks. You link the GPO to the laptop organizational unit. The new laptop users complain to you that they cannot connect to a wireless network. What should you do to enforce the group policy wireless settings to the laptop computers?
A. Execute gpupdate/target:computer command at the command prompt on laptop computers.
B. Execute Add a network command and leave the SSID (service set identifier) blank.
C. Execute gpupdate/boot command at the command prompt on laptops computers.
D. Connect each laptop computer to a wired network and log off the laptop computer and then login again.
E. None of the above.
The Company has a Windows 2008 domain controller server. This server is routinely backed up over the network from a dedicated backup server that is running Windows 2003 OS. You need to prepare the domain controller for disaster recovery apart from the routine backup procedures. You are unable to launch the backup utility while attempting to back up the system state data for the data controller. You need to backup system state data from the Windows Server 2008 domain controller server. What should you do?
A. Add your user account to the local Backup Operators group.
B. Install the Windows Server backup feature using the Server Manager feature.
C. Install the Removable Storage Manager feature using the Server Manager feature.
D. Deactivating the backup job that is configured to backup Windows 2008 server domain controller on the Windows 2003 server.
E. None of the above.
You are an administrator at ABC.com. Company has a RODC (read-only domain controller) server at a remote location. The remote location doesn’t have proper physical security. You need to activate nonadministrative accounts passwords on that RODC server. Which of the following action should be considered to populate the RODC server with non-administrative accounts passwords?
A. Delete all administrative accounts from the RODC’s group.
B. Configure the permission to Deny on Receive for administrative accounts on the security tab for Group Policy Object (GPO).
C. Configure the administrative accounts to be added in the Domain RODC Password Replication Denied group.
D. Add a new GPO and enable Account Lockout settings. Link it to the remote RODC server and on the security tab on GPO, check the Read Allow and the Apply group policy permissions for the administrators.
E. None of the above.
ABC.com has a network that is comprise of a single Active Directory Domain. As an administrator at ABC.com, you install Active Directory Lightweight Directory Services (AD LDS) on a server that runs Windows Server 2008. To enable Secure Sockets Layer (SSL) based connections to the AD LDS server, you install certificates from a trusted Certification Authority (CA) on the AD LDS server and client computers. Which tool should you use to test the certificate with AD LDS?
B. Active Directory Domain services
F. None of the above
ABC.com boasts a main office and 20 branch offices. Configured as a separate site, each branch office has a Read-Only Domain Controller (RODC) server installed. Users in remote offices complain that they are unable to log on to their accounts. What should you do to make sure that the cached credentials for user accounts are only stored in their local branch office RODC server?
A. Open the RODC computer account security tab and set Allow on the Receive as permission only for the users that are unable to log on to their accounts.
B. Add a password replication policy to the main Domain RODC and add user accounts in the security group.
C. Configure a unique security group for each branch office and add user accounts to the respective security group. Add the security groups to the password replication allowed group on the main RODC server.
D. Configure and add a separate password replication policy on each RODC computer account.
The corporate network of Company consists of a Windows Server 2008 single Active Directory domain. The domain has two servers named Company 1 and Company 2. To ensure central monitoring of events you decided to collect all the events on one server, to collect events from Company, and transfer them to Company 1. You configure the required event subscriptions. You selected the Normal option for the Event delivery optimization setting by using the HTTP protocol. However, you discovered that none of the subscriptions work. Which of the following actions would you perform to configure the event collection and event forwarding on the two servers? (Select three. Each answer is a part of the complete solution).
A. Run window execute the winrm quickconfig command on Company 2.
B. Run window execute the wecutil qc command on Company 2.
C. Add the Company 1 account to the Administrators group on Company 2.
D. Run window execute the winrm quickconfig command on Company 1.
E. Add the Company 2 account to the Administrators group on Company 1.
F. Run window execute the wecutil qc command on Company 1.
Your company has a main office and 40 branch offices. Each branch office is configured as a separate Active Directory site that has a dedicated read-only domain controller (RODC). An RODC server is stolen from one of the branch offices. You need to identify the user accounts that were cached on the stolen RODC server. Which utility should you use?
C. Active Directory Sites and Services
D. Active Directory Users and Computers
ABC.com has a software evaluation lab. There is a server in the evaluation lab named as CKT. CKT runs Windows Server 2008 and Microsoft Virtual Server 2005 R2. CKT has 200 virtual servers running on an isolated virtual segment to evaluate software. To connect to the internet, it uses physical network interface card. ABC.com requires every server in the company to access Internet. ABC.com security policy dictates that the IP address space used by software evaluation lab must not be used by other networks. Similarly, it states the IP address space used by other networks should not be used by the evaluation lab network. As an administrator you find you that the applications tested in the software evaluation lab need to access normal network to connect to the vendors update servers on the internet. You need to configure all virtual servers on the CKT server to access the internet. You also need to comply with company’s security policy. Which two actions should you perform to achieve this task? (Choose two answers. Each answer is a part of the complete solution)
A. Trigger the Virtual DHCP server for the external virtual network and run ipconfig/renew command on each virtual server.
B. On CKT’s physical network interface, activate the Internet Connection Sharing (ICS).
C. Use ABC.com intranet IP addresses on all virtual servers on CKT.
D. Add and install a Microsoft Loopback Adapter network interface on CKT. Use a new network interface and create a new virtual network.
E. None of the above.
You are an administrator at ABC.com. Company has a network of 5 member servers acting as file servers. It has an Active Directory domain. You have installed a software application on the servers. As soon as the application is installed, one of the member servers shuts down itself. To trace and rectify the problem, you create a Group Policy Object (GPO). You need to change the domain security settings to trace the shutdowns and identify the cause of it. What should you do to perform this task?
A. Link the GPO to the domain and enable System Events option
B. Link the GPO to the domain and enable Audit Object Access option
C. Link the GPO to the Domain Controllers and enable Audit Object Access option
D. Link the GPO to the Domain Controllers and enable Audit Process tracking option
E. Perform all of the above actions
ABC.com has a network that consists of a single Active Directory domain. A technician has accidently deleted an Organizational unit (OU) on the domain controller. As an administrator of ABC.com, you are in process of restoring the OU. You need to execute a non-authoritative restore before an authoritative restore of the OU. Which backup should you use to perform non- authoritative restore of Active Directory Domain Services (AD DS) without disturbing other data stored on domain controller?
A. Critical volume backup
B. Backup of all the volumes
C. Backup of the volume that hosts Operating system
D. Backup of AD DS folders
E. all of the above
ABC.com has a network that consists of a single Active Directory domain.Windows Server 2008 is installed on all domain controllers in the network. You are instructed to capture all replication errors from all domain controllers to a central location. What should you do to achieve this task?
A. Initiate the Active Directory Diagnostics data collector set
B. Set event log subscriptions and configure it
C. Initiate the System Performance data collector set
D. Create a new capture in the Network Monitor
Company has a single domain network with Windows 2000, Windows 2003, and Windows 2008 servers. Client computers running Windows XP and Windows Vista. All domain controllers are running Windows server 2008.
You need to deploy Active Directory Rights Management System (AD RMS) to secure all documents, spreadsheets and to provide user authentication. What do you need to configure, in order to complete the deployment of AD RMS?
A. Upgrade all client computers to Windows Vista. Install AD RMS on domain controller Company _DC1
B. Ensure that all Windows XP computers have the latest service pack and install the RMS client on all systems. Install AD RMS on domain controller Company _DC1
C. Upgrade all client computers to Windows Vista. Install AD RMS on Company _SRV5
D. Ensure that all Windows XP computers have the latest service pack and install the RMS client on all systems. Install AD RMS on domain controller Company _SRV5
E. None of the above
You are formulating the backup strategy for Active Directory Lightweight Directory Services (AD LDS) to ensure that data and log files are backed up regularly. This will also ensure the continued availability of data to applications and users in the event of a system failure. Because you have limited media resources, you decided to backup only specific ADLDS instance instead of taking backup of the entire volume. What should you do to accomplish this task?
A. Use Windows Server backup utility and enable checkbox to take only backup of database and log files of AD LDS
B. Use Dsdbutil.exe tool to create installation media that corresponds only to the ADLDS instance
C. Move AD LDS database and log files on a separate volume and use windows server backup utility
D. None of the above
You had installed Windows Server 2008 on a computer and configured it as a file server, named FileSrv1. The FileSrv1 computer contains four hard disks, which are configured as basic disks. For fault tolerance and performance you want to configure Redundant Array of Independent Disks (RAID) 0 +1 on FileSrv1. Which utility you will use to convert basic disks to dynamic disks on FileSrv1?
E. None of the above
ABC.com has a domain controller that runs Windows Server 2008. The ABC.com network boasts 40 Windows Vista client machines. As an administrator at ABC.com, you want to deploy Active Directory Certificate service (AD CS) to authorize the network users by issuing digital certificates. What should you do to manage certificate settings on all machines in a domain from one main location?
A. Configure Enterprise CA certificate settings
B. Configure Enterprise trust certificate settings
C. Configure Advance CA certificate settings
D. Configure Group Policy certificate settings
E. All of the above
A domain controller named DC12 runs critical services. Restructuring of the organizational unit hierarchy for the domain has been completed and unnecessary objects have been deleted. You need to perform an offline defragmentation of the Active Directory database on DC12. You also need to ensure that the critical services remain online. What should you do?
A. Start the domain controller in the Directory Services restore mode. Run the Defrag utility.
B. Start the domain controller in the Directory Services restore mode. Run the Ntdsutil utility.
C. Stop the Domain Controller service in the Services (local) Microsoft Management Console (MMC). Run the Defrag utility.
D. Stop the Domain Controller service in the Services (local) Microsoft Management Console (MMC). Run the Ntdsutil utility.
Your company has a server that runs Windows Server 2008 R2. The server runs an instance of Active Directory Lightweight Directory Services (AD LDS). You need to replicate the AD LDS instance on a test computer that is located on the network. What should you do?
A. Run the repadmin /kcc <servername> command on the test computer.
B. Create a naming context by running the Dsmgmt command on the test computer.
C. Create a new directory partition by running the Dsmgmt command on the test computer.
D. Create and install a replica by running the AD LDS Setup wizard on the test computer.
Your network contains an Active Directory domain. The relevant servers in the domain are configured as shown in the following table.
You need to ensure that all device certificate requests use the MD5 hash algorithm. What should you do?
A. On Server2, run the Certutil tool.
B. On Server1, update the CEP Encryption certificate template.
C. On Server1, update the Exchange Enrollment Agent (Offline Request) template.
D. On Server3, set the value of the HKLM\Software\Microsoft\Cryptography\MSCEP\HashAlgorithm\HashAlgorithm registry key.