Le meilleur matériel de formation examen Microsoft 70-291

Pass4Test peut offrir la facilité aux candidats qui préparent le test Microsoft 70-291. Nombreux de candidats choisissent le Pass4Test à préparer le test et réussir finalement à la première fois. Les experts de Pass4Test sont expérimentés et spécialistes. Ils profitent leurs expériences riches et connaissances professionnelles à rechercher la Q&A Microsoft 70-291 selon le résumé de test réel Microsoft 70-291. Vous pouvez réussir le test à la première fois sans aucune doute.

Le succès n'est pas loin de vous si vous choisissez Pass4Test. Vous allez obtenir le Certificat de Microsoft 70-291 très tôt. Pass4Test peut vous permettre à réussir 100% le test Microsoft 70-291, de plus, un an de service en ligne après vendre est aussi gratuit pour vous.

Il y a nombreux façons à vous aider à réussir le test Microsoft 70-291. Le bon choix est l'assurance du succès. Pass4Test peut vous offrir le bon outil de formation, lequel est une documentation de qualité. La Q&A de test Microsoft 70-291 est recherchée par les experts selon le résumé du test réel. Donc l'outil de formation est de qualité et aussi autorisé, votre succès du test Microsoft 70-291 peut bien assuré. Nous allons mettre le jour successivement juste pour répondre les demandes de tous candidats.

Choisissez le Pass4Test, choisissez le succès. Le produit offert par Pass4Test vous permet à réussir le test Microsoft 70-291. C'est necessaire de prendre un test simulation avant participer le test réel. C'est une façon bien effective. Choisir Pass4Test vous permet à réussir 100% le test.

Pass4Test peut vous fournir un raccourci à passer le test Microsoft 70-291: moins de temps et efforts dépensés. Vous trouverez les bonnes documentations de se former dans le site Pass4Test qui peut vous aider efficacement à réussir le test Microsoft 70-291. Si vous voyez les documentations dans les autres sites, c'est pas difficile à trouver qu''elles sont venues de Pass4Test, parce que lesquelles dans Pass4Test sont le plus complété et la mise à jour plus vite.

Code d'Examen: 70-291
Nom d'Examen: Microsoft (Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure)
Questions et réponses: 260 Q&As

Tant que vous avez besion de participer l'examen, nous pouvons toujours mettre à jour de matériaux à propos de test Certification Microsoft 70-291. Le guide d'étude de Pass4Test comprend les excercices de Microsoft 70-291 et la Q&A qui peut vous permetrre à réussir 100% le test Microsoft 70-291. Vous pouvez faire une meilleure préparation pour le test. D'ailleurs, la mise à jour pendant un an après vendre est gratuite pour vous.

Pass4Test vous offre un choix meilleur pour faire votre préparation de test Microsoft 70-291 plus éfficace. Si vous voulez réussir le test plus tôt, il ne faut que ajouter la Q&A de Microsoft 70-291 à votre cahier. Pass4Test serait votre guide pendant la préparation et vous permet à réussir le test Microsoft 70-291 sans aucun doute. Vous pouvez obtenir le Certificat comme vous voulez.

70-291 Démo gratuit à télécharger: http://www.pass4test.fr/70-291.html

NO.1 131.107.12.0/24
Answer
:
2.You are the network administrator for your company.All servers run Windows Server 2003. All servers
are configured with static IP addresses.All client computers run Windows XP Professional.All client
computers are configured as DHCP clients.
The company has a main office and one branch office.The offices are separated by a router.A DHCP
server is deployed in each office.
One of the DHCP servers shuts down unexpectedly.It takes four hours to repair the server.During that
time, several mobile users connect their portable computers to the network and report that they cannot
connect to shared resources on the network.
After the server is repaired, you create a new scope on each DHCP server that includes IP addresses for
the other office.You activate the scopes.
You test the new DHCP configuration by shutting down the DHCP server in the main office.You find out
that the client computers in the main office are not receiving IP addresses from the DHCP server in the
branch office. You need to ensure that when the DHCP server in one office fails, the client computers will
receive a correct IP
address configuration from the DHCP server in the other office.
What are two possible ways to achieve this goal? (Each correct answer presents a complete
solution.Choose two.)
A.Configure the router between the offices to forward BOOTP broadcasts.
B.Configure the DHCP server in each office with a DHCP scope that includes the same IP addresses as
the DHCP server in the other office.Activate the scope.
C.Configure the DHCP server in each office with an additional network adapter.Connect each new
network adapter to the local network.Assign an IP address from the other office's network to each new
network adapter.
D.Install and configure a DHCP relay agent in each office.
Answer: DA

certification Microsoft   70-291   70-291
3.You are the network administrator for your company.The network consists of a single Active Directory
domain.All servers run Windows Server 2003.
The network contains a Web server named Server1 that runs IIS 6.0 and hosts a secure Web site.The
Web site is accessible from the intranet, as well as from the Internet.All users must authenticate when
they connect to Server1.
All users on the Internet must use a secure protocol to connect to the Web site.Users on the intranet do
not need to use a secure protocol.
You need verify that all users are using a secure protocol to connect to Server1 from the Internet.
What are two possible ways to achieve this goal? (Each correct answer presents a complete
solution.Choose two.)
A.Monitor the events in the application log on Server1.
B.Monitor the events in the security log on Server1.
C.Monitor the Web server connections on Server1 by using a performance log.
D.Monitor network traffic to Server1 by using Network Monitor.
E.Monitor the IIS logs on Server1.
Answer: ED

Microsoft examen   70-291   70-291 examen   70-291
4.You are the administrator of an Active Directory domain.All servers run Windows Server 2003. All client
computers run Windows XP Professional.All computers are members of the domain.
The Secure Server (Require Security) IPSec policy is assigned to a file server named Server6. The policy
is configured as shown in the exhibit.(Click the Exhibit button.)
Users report that they cannot access shared folders on Server6. Users were able to access shared
folders on
Server6 prior to the implementation of the IPSec policy.
You need to ensure that all client computers in the domain can access the shared folders on Server6. You
must ensure that all communications between client computers and Server6 be encrypted.
What should you do?
A.On Server6, enable the All ICMP Traffic IP Security rule in the properties of the Secure Server (Require
Security) IPSec policy.
B.On Server6, enable the <Dynamic> IP Security rule in the properties of the Secure Server (Require
Security)
IPSec policy.
C.On all client computers, assign the Client (Respond Only) IPSec policy.
D.On all client computers, install an IPSec communication certificate in the local machine store.
Answer: C

certification Microsoft   70-291   certification 70-291
5.You are a network administrator for your company.The network consists of a single Active Directory
domain.All servers run Windows Server 2003.
The company has a main office and one branch office.The perimeter networks for each office are
configured as shown in the exhibit.(Click the Exhibit button.)
You configure an L2TP/IPSec VPN tunnel between Server1 and Server2. You also configure and assign
an IPSec
policy named RASIPSec that requires secure communications.
You need to ensure that no unsecured traffic from the Internet reaches the internal network through this
VPN.You
also need to ensure that access to the VPN servers from their respective internal networks is not
disrupted. What should you do?
A.Configure input and output L2TP/IPSec packet filters on the internal interfaces of Server1 and Server2.
B.Configure input and output L2TP/IPSec packet filters on the external interfaces of Server1 and Server2.
C.In the properties of RASIPSec, edit the All IP Traffic IP Filter list to include the IP addresses for only
Server1 and Server2.
D.In the properties of RASIPSec, edit the All ICMP Traffic IP Filter list to include the IP addresses for only
Server1 and Server2.
Answer: B

Microsoft   70-291 examen   70-291 examen   70-291
6.You are the administrator of an Active Directory domain.The network contains a Windows Server 2003
domain controller named Server1.
Users report that they experience intermittent delays when they log on to Server1. Administrators report
that replication attempts between Server1 and other domain controllers are occasionally delayed.
You need to verify the cause of the intermittent connection delays to Server1. You also need to find out
whether the problem is related to a hardware deficiency on Server1. You need to track these delays over
a period of one day.
What should you do first?
A.Run the netdiag /verbose command to perform a network diagnostic test on Server1.
B.Run the replmon command to view the Active Directory replication status on Server1.
C.Use Network Monitor to view the network traffic packet contents between Server1 and all other
computers.
D.Create a System Monitor counter to track the queue lengths on the network adapter on Server1.
Answer: D

certification Microsoft   70-291   certification 70-291   70-291 examen   70-291

NO.2 131.107.11.0/24

NO.3 Drag and Drop
You are a network administrator for the Graphic Design Institute.The network contains five Windows
Server 2003 computers that also function as DNS servers.The servers are configured as shown in the
work area.
The Lagos and Nairobi branches of the school each have five Windows XP Professional client
computers.The
Tangier branch has 5,000 Windows XP Professional client computers, and the Cape Town branch has
2,500
Windows XP Professional client computers.
Server1 is located in the school's main office in Cairo.Server1 is the authoritative server for a zone named
TestInside.com.No changes are planned for the name server (NS) resource records for TestInside.com.
The DNS servers in the Nairobi and Lagos branches are multiuse servers that are configured with the
minimum hardware necessary to run Windows Server 2003. The DNS servers in the Cape Town and
Tangier branches are configured as dedicated servers with hardware that is sufficient to sustain multiple
DNS zones.
You need to ensure that the following requirements are met:
Each client computer can resolve names on the network as quickly as possible by using a fully qualified
domain name (FQDN).
Prevent zone replication traffic from occurring on the slow network connections.
Minimize hard disk utilization on the DNS servers in the Lagos and Nairobi branches as much as possible.
Ensure that DNS queries in Tangier and Cape Town are resolved locally.
How should you configure the remote DNS servers?
To answer, drag the appropriate server configuration to the correct server or servers in the work area.
Answer:

NO.4 You are the network administrator for your company.The network consists of a single Active Directory
domain.
The domain contains an organizational unit (OU) named Webservers.The Webservers OU contains the
computer accounts of 12 Windows Server 2003 computers that function as intranet Web servers.A Group
Policy object (GPO) named WebserversPolicy is linked to the Webservers OU.The GPO is used to
configure various settings on
the computers in the OU.A global group named WebserverAdmins is a member of the Administrators local
group on each intranet Web server.
You plan to install a security scanning application on each intranet Web server.The documentation for the
application states that it uses a service account, which must be able to modify the
HKEY_LOCAL_MACHINE\SYSTEM key in the registry of every computer on which the application is
installed.
You create the service account in the domain.The company's written security policy states that service
accounts must be assigned only the minimum rights and permissions that they require to function.
You need to configure the intranet Web servers so that they comply with the installation requirements of
the security scanning application.You also need to comply with the company's security policy.You want to
achieve this goal by using the minimum amount of administrative effort.
What should you do?
A.Add the service account to the WebserverAdmins global group.
B.Configure the required permissions as registry security settings in the WebserversPolicy GPO.
C.Run the regedit.exe command to add the required permissions to the registry of each intranet Web
server.
D.Run the explorer.exe command to modify NTFS permissions on the
Systemroot\System32\Config\System
file.Assign the service account the Allow - Change permission.
E.Configure file system security settings in the WebserversPolicy GPO to modify NTFS permissions on
the
Systemroot\System32\Config\System file.Assign the service account the Allow - Change permission.
Answer: D

certification Microsoft   70-291   70-291   70-291

NO.5 Active Screen
You are the network administrator for your company.The network consists of a single Active Directory
domain.The relevant portion of the network is shown in the exhibit.(Click the Exhibit button.)
You need to configure a server named Server1 to use a valid static IP configuration.You need to enable
Server1 to
communicate with all hosts on the network and on the Internet.You want Server1 to query the DNS server
on the local subnet for name resolution.You also want to configure redundancy for name resolution.
What should you do?
To answer, configure the correct options in the dialog box.Drag the appropriate IP address or addresses
and the appropriate subnet mask or masks to the appropriate location or locations in the dialog box.
Answer:

NO.6 Drag drop
You are the network administrator for a Web hosting company.All servers run Windows Server 2003. All
client computers run Windows XP Professional.
Your company is assigned the following IP address ranges by the ISP:
>131.107.10.0 through 131.107.10.255
>131.107.11.0 through 131.107.11.255
The company's data center contains 400 Windows Server 2003 computers and consists of two subnets
named subnet A and subnet B.Subnet A contains 200 servers and uses the 131.107.10.0 network
address.Subnet B also contains 200 servers and uses the 131.107.11.0 network address.All server IP
addresses are assigned by DHCP.All computers in the data center have valid Internet-accessible IP
addresses.
As a result of a corporate acquisition, 200 additional servers will be added to your company's data center
within one month.The new servers will be placed on the network segment that maps to subnet A.The
existing router does not have the capacity for an additional subnet, and the budget does not allow the
purchase of a new router.You will
need to add the additional servers to the existing subnet A.The ISP assigns you the additional IP address
range 131.107.12.0 through 131.107.12.255.
You need to change the IP addressing scheme to accommodate all required servers in subnet A and
subnet B.You are authorized to make any necessary changes.
The diagram in the work area shows the network configuration and the planned number of servers for
each subnet.
Which IP address should be assigned to each subnet?
To answer, drag the appropriate IP address or addresses to the correct locations in the work area.
IP address IP Addresses
1> 131.107.10.0/23

NO.7 131.107.11.0/23

NO.8 You are the network administrator for your company.The network consists of a single subnet.A
Windows
Server 2003 computer named Server1 functions as a DHCP server.
Server1 leases IP addresses in the 10.1.1.0/24 range to desktop client computers.There are 12 client
reservations for other servers and network printers.You have configured several detailed scope and
server options. If Server1 fails, you want to have a contingency plan that will allow you to use a domain
controller named DC2 as a DHCP server as quickly as possible.You install DHCP on DC2 without any
configuration and stop the DHCP
Server service.
You want to list the tasks that are required to back up Server1 and the tasks that are required to restore
the backup to DC2. A backup age of 24 hours or less is acceptable.
If Server1 fails, which set of tasks is required to enable DC2 to replace Server1 as the DHCP server?
A.On Server1: Schedule the Backup utility to back up the System State data to tape every 24 hours.
On DC2: Perform a non-authoritative System State restore.Using the Services console, start the DHCP
Server
service.Authorize DHCP.Reconcile the database.
B.On Server1: Use the Backup utility to schedule a tape backup of the DHCP database every 24 hours.
On DC2: Restore the tape backup of the DHCP database to a folder.Using the DHCP console, restore the
backup from the same folder.From the command prompt, type net start dhcpserver.Authorize DHCP.
C.On Server1: Schedule the Backup utility to back up the System State data to tape every 24 hours.
On DC2: Perform an authoritative System State restore.Manually re-create the server and scope options
that were on Server1. From a command prompt, type net start dhcpserver.Authorize DHCP.
D.On Server1: Use the DHCP console to perform a DHCP backup every 24 hours.Copy the backup on a
network share that is accessible by DC2.
On DC2: Copy the backup to a local folder.Using the DHCP console, restore the backup from the local
folder.From a command line, type net start dhcp.Authorize DHCP.Re-create the 12 client reservations.
Answer: B

certification Microsoft   70-291   70-291 examen   70-291   70-291 examen

NO.9 You are the administrator of a Windows Server 2003 computer named Server1. Server1 is a domain
member server that has the DNS service installed.
Server1 is configured with two network interfaces named NIC1 and NIC2. Routing is not enabled between
the two network interfaces.NIC1 and NIC2 are configured as shown in the following table.
Resources on the preproduction network segment use the same fully qualified domain names (FQDNs)
as resources in the production network.The TCP/IP properties on client computers in the preproduction
environment are controlled by individual testers.
You need to ensure that the users in the preproduction environment cannot resolve FQDNs from the
production network.You want to accomplish this goal by using the DNS console on Server1.
What should you do?
A.Configure the interfaces properties on Server1 to listen on 192.168.2.10 only.
B.Configure the forwarders on Server1 to refer requests to 192.168.3.2.
C.Configure Server1 to disable recursion.
D.Configure Server1 to disable round robin.
Answer: A

Microsoft   70-291   certification 70-291   70-291   70-291 examen   certification 70-291

NO.10 You are the network administrator for your company.The network consists of a single Active Directory
domain.The domain contains 35 Windows Server 2003 computers; 3,000 Windows XP Professional
computers; and 2,000 Windows 2000 Professional computers.
Windows Server Update Services (WSUS) is installed on a server named Server1. The necessary Group
Policy object (GPO) is configured.
You need to confirm whether all computers in the domain have received all approved updates from
Server1.
What should you do on Server1?
A.Install and configure Urlscan.exe.
B.At the command prompt, type gpresult /scope COMPUTER.
C.Open the WSUS console.Run the Status of Computers report.
D.Open the WSUS console.Run the Synchronization Results report.
Answer: C

Microsoft examen   70-291   70-291   70-291 examen

NO.11 Drag and Drop
You are the network administrator for Contoso, Ltd.The network consists of a single Active Directory
forest.The
forest contains two domains named contoso.com and corp.contoso.com.The functional level of the forest
and the two domains is Windows Server 2003.
The corp.contoso.com zone is configured as an Active Directory-integrated zone.The corp.contoso.com
zone is also configured to replicate to all domain controllers in the domain.
The servers are configured as shown in the following table.
You plan to remove Server1 from the network.You need to install DNS to host the corp.contoso.com
zone.Your solution must be fault-tolerant.
On which server or servers should you install DNS?
To answer, drag the DNS service to the correct server or servers in the work area.
Answer:

NO.12 You are the administrator of a Windows Server 2003 computer named Server1. Server1 has a
third-party application installed on it.The third-party application runs as a service that is named Service1.
Service1 fails periodically.
You need to configure the recovery options for Service1 to meet the following requirements:
If Service1 runs successfully for a day or more, you need to ensure that only the service is immediately
restarted upon failure.
If, after this failure, Service1 does not run successfully for another day, you must ensure the entire server
is immediately restarted.
Which three actions should you perform? (Each correct answer presents part of the solution.Choose
three.)
A.Configure the Reset fail count after value for Service1 to 1 day.
B.Configure the Restart service after value for Service1 to 1,440 minutes.
C.Configure the response to the first failure to be to restart Service1.
D.Configure the response to the first failure to be to restart Server1.
E.Configure the response to the second failure to be to restart Service1.
F.Configure the response to the second failure to be to restart Server1.
Answer: FCA

Microsoft   70-291   70-291 examen   70-291

NO.13 You are a network administrator for Alpine Ski House.The network consists of a single Active Directory
domain named alpineskihouse.com.
Your company acquires a company named Adventure Works.The Adventure Works network consists of a
single
Active Directory domain named adventure-works.com.
A server named Server32 is a network-management application server in the adventure-works.com
domain.Server32 accesses all of the desktop client computers to perform automated software upgrades
and hardware inventory.The network-management software on Server32 references desktop computers
by unqualified
host names, which are resolved to clientname.adventure-works.com by using a DNS server.
You join Server32 to your domain to become server32.alpineskihouse.com.The Server32 IP address is
10.10.10.90.
You are gradually migrating all adventure-works.com desktop client computers to your domain to become
clientname.alpineskihouse.com.You do not have access to the adventure-works.com DNS server.When
Server32 attempts to apply an update to the client computers, the network-management software returns
many alerts that say that desktop computers cannot be found.
You want to allow the network-management software on Server32 to resolve unqualified client computer
host
ames in adventure-works.com or alpineskihouse.com, and you want to use the minimum amount of
administrative effort.
What should you do?
A.On the DNS server for alpineskihouse.com, add a zone for adventure-works.com.Create a host (A)
record for server32.adventure-works.com that points to 10.10.10.90.
B.On Server32, in System Properties, type adventure-works.com in the Primary DNS suffix of this
computer field in the DNS Suffix and Netbios Computer Name setting.
C.On Server32, configure a Hosts file that contains the name and IP address of every network computer.
D.On Server32, in Advanced TCP/IP Settings, add adventure-works.com and alpineskihouse.com to the
Append these DNS suffixes (in order) setting.
Answer: D

Microsoft examen   70-291 examen   70-291 examen   certification 70-291   70-291 examen   70-291

NO.14 You are the network administrator for your company.The network consists of a single Active Directory
domain.All servers run Windows Server 2003. All client computers run Windows XP Professional.
You install Windows Server Update Services (WSUS) on a network server named Server1. When you
attempt to synchronize Server1 with the Windows Update servers, you receive an error message.You
open Internet Explorer and verify that you can communicate with an external Web site by using the proxy
server.
You need to ensure that Server1 can communicate with the Windows Update servers.
What should you do on Server1?
A.Restart the IIS administration tool.
B.Configure the Internet Explorer settings to bypass the proxy server.
C.In the WSUS options, configure authentication to the proxy server.
D.Install the ISA Firewall Client.
Answer: C

Microsoft   70-291   70-291   70-291

NO.15 You are the network administrator for your company.The network consists of a single Active Directory
domain.The functional level of the domain is Windows Server 2003. All client computers in the domain run
Windows XP Professional.
An application named Inventory.exe is installed on all computers in the domain to remotely gather
software inventory information.The application runs as a service in the security context of the Local
System.The startup type of the service is set to Automatic.
In the Default Domain Policy Group Policy object (GPO), the security administrator has configured a
software restriction policy that is applied to all computers in the domain.The policy contains a hash rule for
the
Inventory.exe application, and the hash rule is configured with a security level of Unrestricted.
The client computers on the network are attacked by a worm that is distributed by e-mail messages
received over the Internet.The worm detects the presence of Inventory.exe on a computer, then starts a
new instance of the application in the security context of the logged-on user.The worm exploits a bug in
the application to cause the
computer to fail.
You need to ensure that Inventory.exe cannot be started by the worm, while still allowing the application to
run as a service.
What should you do?
A.In the computer settings section of the Default Domain Policy GPO, configure a software restriction
policy that contains a zone rule for the Internet zone.Configure the zone rule with a security level of
Disallowed.
B.In the user settings section of the Default Domain Policy GPO, configure a software restriction policy
that contains a zone rule for the Internet zone.Configure the zone rule with a security level of Disallowed.
C.In the user settings section of the Default Domain Policy GPO, configure a software restriction policy
that
contains a hash rule for the Inventory.exe application.Configure the hash rule with a security level of
Disallowed.
D.In the computer settings section of the Default Domain Policy GPO, modify the existing software
restriction policy hash rule for the Inventory.exe application so that the hash rule has a security level of
Disallowed.
Answer: D

certification Microsoft   70-291 examen   70-291   70-291

NO.16 131.107.12.0/23

NO.17 131.107.10.0/24

NO.18 You are the network administrator for your company.The network contains a Windows Server 2003
computer named Server1.
Three administrators are members of the Administrators local group on Server1. Twelve other
administrators are members of the Domain Admins group.The Domain Admins group is also a member of
the Administrators local group on Server1.
Someone makes an unauthorized change to the HKEY_LOCAL_MACHINE\SYSTEM key in the registry
on
Server1, which causes the computer to fail.You fix the problem.
You need to log all attempts to access the HKEY_LOCAL_MACHINE\SYSTEM key in the registry on
Server1.
You decide to enable auditing in the local security policy on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution.Choose two.)
A.Enable auditing in the local security policy on Server1. Select the Audit object access (success and
failure) option in the audit policy.
B.Enable auditing in the local security policy on Server1. Select the Audit privilege use (success and
failure) option in the audit policy.
C.Enable auditing in the local security policy on Server1. Select the Audit system events (success and
failure) option in the audit policy.
D.Configure the SACL on the HKEY_LOCAL_MACHINE\SYSTEM key in the registry.Specify auditing of
the Full Control permission for Everyone.
E.Configure the SACL on the HKEY_LOCAL_MACHINE\SYSTEM key in the registry.Specify auditing of
the Set Value permission for Everyone.
Answer: D A

certification Microsoft   certification 70-291   certification 70-291   70-291

NO.19 You are the network administrator for your company.The network consists of a single Active Directory
domain.All servers run Windows Server 2003. All client computers run Windows XP Professional.
You need to implement a new software update infrastructure.You discover that security patches, critical
updates, and service packs have never been installed on any client computer on the network.
You install Windows Server Update Services (WSUS) on a Windows Server 2003 computer named
Server5. You synchronize and approve all of the current security patches, critical updates, and service
packs.
You need to ensure that all client computers receive all Microsoft security patches, critical updates, and
service packs.
Which two actions should you perform? (Each correct answer presents part of the solution.Choose two.)
A.Open the WSUS console.Select the option to automatically approve WSUS updates.
B.Install the Automatic Updates client on all client computers.
C.Modify the Microsoft Update settings of the Default Domain Controller organizational unit (OU) Group
Policy object (GPO) to point client computers to http ://server5.
D.Modify the Microsoft Update settings of the Default Domain Policy Group Policy object (GPO) to point
client computers to http: //server5.
E.Open the WSUS console.Create a target group and assign all client computers to the group.
Answer: B D

Microsoft examen   70-291   70-291   70-291   70-291

NO.20 You are a network administrator for A.Datum Corporation.The network consists of a single Active
Directory domain named adatum.net.
Users regularly browse the internal network and the Internet from their client computers.All Web and
e-mail hosting for a separate DNS domain named adatum.com is outsourced to an ISP.All name
resolution requests for adatum.com are resolved by the ISP.You have no administrative control over the
DNS servers at the ISP.You
cannot list the contents of adatum.com by using the nslookup command on the DNS servers at the ISP.
A Windows Server 2003 computer named Server1 is configured with a primary zone for adatum.net.All
root hints have been removed from Server1. All client computers refer to this DNS server for name
resolution.
You need to configure DNS resolution to ensure that all client computers can locate and access resources
in adatum.net, adatum.com, and the Internet.
What should you do?
A.Configure a secondary zone for adatum.com on Server1.
B.Configure a primary zone for adatum.com on Server1.
C.Configure conditional forwarding for adatum.com with the IP address of the DNS server at the ISP.
D.Configure simple forwarding with the default settings with the IP address of the DNS server at the ISP.
Answer: D

Microsoft   70-291 examen   70-291

Les experts de Pass4Test ont fait sortir un nouveau guide d'étude de Certification Microsoft 70-291, avec ce guide d'étude, réussir ce test a devenu une chose pas difficile. Pass4Test vous permet à réussir 100% le test Microsoft 70-291 à la première fois. Les questions et réponses vont apparaître dans le test réel. Pass4Test peut vous donner une Q&A plus complète une fois que vous choisissez nous. D'ailleurs, la mise à jour gratuite pendant un an est aussi disponible pour vous.

Microsoft 70-293, de formation et d'essai

Généralement, les experts n'arrêtent pas de rechercher les Q&As plus proches que test Certification. Les documentations offertes par les experts de Pass4Test peuvent vous aider à passer le test Certification. Les réponses de nos Q&As ont une précision 100%. C'est facile à obtenir le Certificat de Microsoft après d'utiliser la Q&A de Pass4Test. Vous aurez une space plus grande dans l'industrie IT.

Le produit de Pass4Test peut assurer les candidats à réussir le test Microsoft 70-293 à la première fois, mais aussi offrir la mise à jour gratuite pendant un an, les clients peuvent recevoir les ressources plus nouvelles. Pass4Test n'est pas seulement un site, mais aussi un bon centre de service.

Code d'Examen: 70-293
Nom d'Examen: Microsoft (Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure)
Questions et réponses: 290 Q&As

Pass4Test a de formations plus nouvelles pour le test Microsoft 70-293. Les experts dans l'industrie IT de Pass4Test profitant leurs expériences et connaissances professionnelles à lancer les Q&As plus chaudes pour faciliter la préparation du test Microsoft 70-293 à tous les candidats qui nous choisissent. L'importance de Certification Microsoft 70-293 est de plus en plus claire, c'est aussi pourquoi il y a de plus en plus de gens qui ont envie de participer ce test. Parmi tous ces candidats, pas mal de gens ont réussi grâce à Pass4Test. Ces feedbacks peuvent bien prouver nos produits essentiels pour votre réussite de test Certification.

Pass4Test est un site d'offrir la bonne Q&A Microsoft 70-293. Le produit offert par Pass4Test peut vous aider à réussir ce test très difficile. Si vous ajoutez le produit au panier, vous allez économiser le temps et l'effort. Le produiti Pass4Test est bien réputé dans l'Idustrie IT.

Pass4Test a capacité d'économiser vos temps et de vous faire plus confiant à réussir le test. Vous pouvez télécharger le démo Microsoft 70-293 gratuit à connaître mieux la bonne fiabilité de Pass4Test. Nous nous font toujours confiant sur nos produits, et vous aussi dans un temps proche. La réussite de test Microsoft 70-293 n'est pas loin de vous une fois que vous choisissez le produit de Pass4Test. C'est un choix élégant pour vous faciliter à réussir le test Microsoft 70-293.

Le test Microsoft 70-293 peut bien examnier les connaissances et techniques professionnelles. Pass4Test est votre raccourci amené au succès de test Microsoft 70-293. Chez Pass4Test, vous n'avez pas besoin de dépenser trop de temps et d'argent juste pour préparer le test Microsoft 70-293. Travaillez avec l'outil formation de Pass4Test visé au test, il ne vous demande que 20 heures à préparer.

Pass4Test peut non seulement vous aider à réussir votre rêve, mais encore vous offre le service gratuit pendand un an après vendre en ligne. Q&A offerte par l'équipe de Pass4Test vous assure à passer 100% le test de Certification Microsoft 70-293.

70-293 Démo gratuit à télécharger: http://www.pass4test.fr/70-293.html

NO.1 You are the network administrator for your company. The network consists of a single Active Directory
domain. The functional level of the domain is Windows Server 2003. The domain contains an
organizational unit (OU) named Servers that contains all of the company's Windows Server 2003
resource servers. The domain also contains an OU named Workstations that contains all of the
company's Windows XP Professional client computers. You configure a baseline security template for
resource servers named Server.inf and a baseline security template for client computers named
Workstation.inf. The Server.inf template contains hundreds of settings, including file and registry
permission settings that have inheritance propagation enabled. The Workstation.inf template contains 20
security settings, none of which contain file or registry permissions settings. The resource servers operate
at near capacity during business hours. You need to apply the baseline security templates so that the
settings will be periodically enforced. You need to accomplish this task by using the minimum amount of
administrative effort and while minimizing the performance impact on the resource servers. What should
you do.?
A. Create a Group Policy object (GPO) and link it to the domain. Import both the Server.inf and the
Workstation.inf templates into the GPO.
B. Import both the Server.inf and the Workstation.inf templates into the Default Domain Policy Group
Policy object (GPO).
C. On each resource server, create a weekly scheduled task to apply the Server.inf settings during
off-peak hours by using the secedit command. Create a Group Policy object (GPO) and link it to the
Workstations OU. Import the Workstation.inf template into the GPO.
D. On each resource server, create a weekly scheduled task to apply the Server.inf settings during
off-peak hours by using the secedit command. Import the Workstation.inf template into the Default
Domain Policy Group Policy object (GPO).
Answer: C

certification Microsoft   70-293   certification 70-293   certification 70-293

NO.2 You are a network administrator for your company. The network consists of a single Active Directory
domain named treyresearch.com. All servers run Windows Server 2003. All client computers run
Windows XP Professional.
The company has two DNS servers named Server1 and Server2. Server1 hosts the primary DNS zone for
treyresearch.com. Server2 provides name resolution for the external Internet name of the company on the
Internet and is configured with root hints.
Client computers are configured to use Server1 as their only DNS server.
Users report that they cannot access Web sites on the Internet.
You need to ensure that the client computers can access Internet-based sites. You must accomplish this
task by using Server1's DNS console with the least amount of administrative effort. Your operation must
not affect other settings on Server1.
Answer.CP1 AND CP2
DNS console -> Server -> Properties -> Forwarders, 'All other DNS domains' to IP address for Server2.

NO.3 You are the network administrator for your company. All servers run Windows Server 2003. You
configure a baseline security template named Baseline.inf. Several operations groups are responsible for
creating templates containing settings that satisfy operational requirements. You receive the templates
shown in the following table.
The operations groups agree that in the case of conflicting settings, the priority order listed in the following
table establishes the resultant setting.
You need to create one or more Group Policy objects (GPOs) to implement the security settings. You want
to minimize the amount of administrative effort required when changes are requested by the various
operations groups. What should you do?
A. Create a GPO and import the following templates in the following order. Baseline.inf, Sec.inf. Create a
GPO for each server role and import only the specific template for that role into each respective GPO.
B. Create a GPO and import the following templates in the following order. Sec.inf, Baseline.inf. Create a
GPO for each server role and import only the specific template for that role into each respective GPO.
C. Create a GPO for each server role and import the following templates in the following order.
Baseline.inf, specific server role template, Sec.inf.
D.Create a GPO and import the following templates in the following order. Sec.inf, Db.inf, File.inf,
Baseline.inf.
Answer: A

Microsoft   70-293   70-293 examen

NO.4 You are the network administrator for your company. The network consists of a single Active Directory
domain. The network contains 10 domain controllers and 50 servers in application server roles. All
servers run Windows Server 2003. The application servers are configured with custom security settings
that are specific to their roles as application servers. Application servers are required to audit account
logon events, object access events, and system events. Application servers are required to have
passwords that meet complexity requirements, to enforce password history, and to enforce password
aging. Application servers must also be protected against man-in-the-middle attacks during authentication.
You need to deploy and refresh the custom security settings on a routine basis. You also need to be able
to verify the custom security settings during audits. What should you do?
A. Create a custom security template and apply it by using Group Policy.
B. Create a custom IPSec policy and assign it by using Group Policy.
C. Create and apply a custom Administrative Template.
D. Create a custom application server image and deploy it by using RIS.
Answer: A

Microsoft examen   70-293   70-293

NO.5 You are a network administrator for your company. All servers run Windows Server 2003. All client
computers run Windows XP Professional.
All client computers receive their TCP/IP configuration information from the DHCP server named Server1.
You discover that client computers get a new IP address every time they are restarted.
You need to ensure that client computers receive the same IP address as often as possible regardless of
a system restart. You must accomplish this task by using the DHCP console. Your operation must not
affect other settings.
Answer.(CP1 OR CP2) AND CP3
We need to change the lease time to "Unlimited".
Step #1.
Open the DHCP console by clicking Start > Administrative Tools > DHCP.
Step #2.
Expand the tree.
Step #3.
Right click on Scope1 and select Properties.
Step #4.
Select Unlimited then click Apply and OK.
Step #5.
Close the DHCP console.

NO.6 You are a network administrator for your company. The company has a main office and one branch
office. The network consists of a single Active Directory domain. All servers run Windows Server 2003.
The company needs to connect the main office network and the branch office network by using Routing
and Remote Access servers at each office. The networks will be connected by a VPN connection over the
Internet.
The company's written security policy includes the following requirements for VPN connections over the
Internet:
All data must be encrypted with end-to-end encryption.
VPN connection authentication must be at the computer level.
Credential information must not be transmitted over the Internet as part of the authentication process.
You need to configure security for VPN connection between the main office and the branch office. You
need to comply with the written security policy.
What should you do?
A.Use a PPTP connection with EAP-TLS authentication.
B.Use a PPTP connection with MS-CHAP v2 authentication.
C.Use an L2TP connection with EAP-TLS authentication.
D.Use an L2TP connection with MS-CHAP v2 authentication.
Answer:C

Microsoft examen   70-293   70-293 examen   70-293   70-293   70-293

NO.7 You are the network administrator for your company. The network consists of a single Active Directory
domain. The network contains two Windows Server 2003 domain controllers, two Windows 2000 Server
domain controllers, and two Windows NT Server 4.0 domain controllers.
All file servers for the finance department are located in an organizational unit (OU) named Finance
Servers. All file servers for the payroll department are located in an OU named Payroll Servers. The
Payroll Servers OU is a child OU of the Finance Servers OU.
The company's written security policy for the finance department states that departmental servers must
have security settings that are enhanced from the default settings. The written security policy for the
payroll department states that departmental servers must have enhanced security settings from the
default settings, and auditing must be enabled for file or folder deletion.
You need to plan the security policy settings for the finance and payroll departments.
What should you do?
A.Create a Group Policy object (GPO) to apply the Compatws.inf security template to computer objects,
and link it to the Finance Servers OU.
Create a second GPO to enable the Audit object access audit policy on computer objects, and link it to the
Payroll Servers OU.
B.Create a Group Policy object (GPO) to apply the Securews.inf security template to computer objects,
and link it to the Finance Servers OU.
Create a second GPO to enable the Audit object access audit policy on computer objects, and link it to the
Payroll Servers OU.
C.Create a Group Policy object (GPO) to apply the Compatws.inf security template to computer objects,
and link it to the Finance Servers OU.
Create a second GPO to apply the Hisecws.inf security template to computer objects, and link it to the
Payroll Servers OU.
D.Create a Group Policy object (GPO) to apply the Securews.inf security template to computer objects,
and link it to the Finance Servers and to the Payroll Servers OUs.
Create a second GPO to enable the Audit object access audit policy on computer objects, and link it to the
Payroll Servers OU.
Answer:B

Microsoft   70-293   certification 70-293

NO.8 You are the network administrator for your company. The network contains an application server
running Windows Server 2003.
Users report that the application server intermittently responds slowly. When the application server is
responding slowly, requests that normally take 1 second to complete take more than 30 seconds to
complete. You suspect that the slow server response is because of high broadcast traffic on the network.
You need to plan how to monitor the application server and to have a message generated when
broadcast traffic is high. You also want to minimize the creation of false alarms when nonbroadcast traffic
is high.
What should you do?
A.Use the Alerts option in the Performance Logs and Alerts snap-in to configure an alert to trigger when
the Datagrams/sec counter in the UDPv4 object is high.
B.Use System Monitor and configure it to monitor the Segments/sec counter in the TCPv4 object.
C.Use System Monitor and configure it to monitor the Datagrams/sec counter in the UDPv4 object.
D.Use the Alerts option in the Performance Logs and Alerts snap-in to configure an alert to trigger when
the Datagrams/sec counter in the TCPv4 object is high.
Answer:A

Microsoft examen   70-293 examen   70-293   certification 70-293   70-293   70-293 examen

NO.9 You are the network administrator for your company. The network contains Windows Server 2003
computers and Windows XP Professional computers.
The company deploys two DNS servers. Both DNS servers run Windows Server 2003. One DNS server is
inside of the corporate firewall, and the other DNS server is outside of the firewall. The external DNS
server provides name resolution for the external Internet name of the company on the Internet, and it is
configured with root hints. The internal DNS server hosts the DNS zones related to the internal network
configuration, and it is not configured with root hints.
You want to limit the exposure of the client computers to DNS-related attacks from the Internet, without
limiting their access to Internet-based sites.
Which two actions should you take? (Each correct answer presents part of the solution. Choose two.)
A.Configure the client computers to use only the internal DNS server.
B.Configure the client computers to use both DNS servers. List the internal DNS server first.
C.Configure the firewall to allow only network traffic on the DNS ports.
D.On the internal DNS server, disable recursion.
E.On the internal DNS server, configure the external DNS server as forwarder.
F.On the internal DNS server, add the external DNS server as the only root hint.
Answer:A , E

certification Microsoft   70-293   70-293 examen   certification 70-293   certification 70-293

NO.10 You are a network administrator for your company. The network consists of a single Active Directory
domain. All servers run Windows Server 2003.
All file servers for the Sales department are located in an organizational unit (OU) named SaleServers. All
file servers for the Accounting department are located in an OU named AccountServers.
You create a Group Policy Object (GPO) named SaleServersPolicy and link it to the SaleServers OU. You
create a GPO named AccountServersPolicy and link it to the AccountServers OU.
You need to ensure that only the AccountServersPolicy settings are applied to the AccountServers OU.
You must accomplish this task by using the Active Directory Users and Computers console. Your
operation must not affect other settings.
Answer.CP1 AND CP2
Step #1.
Open Active Directory Users and Computers by clicking Start > Administrative Tools > Active Directory
Users and Computers.
Step #2.
Expand the tree to show the Organizations Units (OUs). Right click on the AccountServers OU and select
Properties.
Step #3.
Go to the Group Policy tab.
Step #4.
Tick the Block Policy Inheritance checkbox then click Apply and OK.
Step #5.
Close Active Directory Users and Computers.

NO.11 You are the network administrator for Tailspin Toys. The company has a main office and two branch
offices. The network in the main office contains 10 servers and 100 client computers. Each branch office
contains 5 servers and 50 client computers. Each branch office is connected to the main office by a direct
T1 line. The network design requires that company IP addresses must be assigned from a single classful
private IP address range. The network is assigned a class C private IP address range to allocate IP
addresses for servers and client computers. Tailspin Toys acquires a company named Wingtip Toys. The
acquisition will increase the number of servers to 20 and the number of client computers to 200 in the
main office. The acquisition is expected to increase the number of servers to 20 and the number of client
computers to 200 in the branch offices. The acquisition will also add 10 more branch offices. After the
acquisition, all branch offices will be the same size. Each branch office will be connected to the main
office by a direct T1 line. The new company will follow the Tailspin Toys network design requirements. You
need to plan the IP addressing for the new company. You need to comply with the network design
requirement. What should you do?
A. Assign the main office and each branch office a new class A private IP address range.
B. Assign the main office and each branch office a new class B private IP address range.
C. Assign the main office and each branch office a subnet from a new class B private IP address range.
D.Assign the main office and each branch office a subnet from the current class C private IP address
range.
Answer: C

Microsoft   70-293 examen   70-293   certification 70-293

NO.12 You are the network administrator for your company. The network consists of a single Active Directory
domain. All servers run Windows Server 2003.
The network contains servers that have Terminal Server enabled. The terminal servers host legacy
applications that currently require users to be members of the Power Users group.
A new requirement in the company's written security policy states that the Power Users group must be
empty on all resource servers.
You need to maintain the ability to run the legacy applications on the terminal servers when the new
security requirement is implemented.
What should you do?
A. Add the Domain Users global group to the Remote Desktop Users built-in group in the domain.
B. Add the Domain Users global group to the Remote Desktop Users local group on each terminal server.
C. Modify the Compatws.inf security template settings to allow members of the local Users group to run
the applications. Import the security template into the Default Domain Controllers Policy Group Policy
object (GPO).
D. Modify the Compatws.inf security template settings to allow members of the local Users group to run
the applications. Apply the modified template to each terminal server.
Answer: D

Microsoft examen   certification 70-293   70-293   70-293 examen   70-293   70-293

NO.13 You are a network administrator for your company. All domain controllers run Windows Server 2003.
The network contains 50 Windows 98 client computers, 300 Windows 2000 Professional computers, and
150 Windows XP Professional computers. According to the network design specification, the Kerberos
version 5 authentication protocol must be used for all client computers on the internal network. You need
to ensure that Kerberos version 5 authentication is used for all client computers on the internal network.
What should you do?
A. On each domain controller, disable Server Message Block (SMB) signing and encryption of the secure
channel traffic.
B. Replace all Windows 98 computers with new Windows XP Professional computers.
C. Install the Active Directory Client Extensions software on the Windows 98 computers.
D. Upgrade all Windows 98 computers to Windows NT Workstation 4.0.
Answer: B

Microsoft examen   certification 70-293   70-293   70-293

NO.14 You are the systems engineer for Contoso, Ltd. The internal network consists of a Windows NT 4.0
domain. The company maintains a separate network that contains publicly accessible Web and mail
servers. These Web and mail servers are members of a DNS domain named contoso.com. The
contoso.com zone is hosted by a UNIX-based DNS server running BIND 4.8.1.
Contoso, Ltd., is planning to migrate to a Windows Server 2003 Active Directory domain-based network.
The migration plan states that all client computers will be upgraded to Windows XP Professional and that
all servers will be replaced with new computers running Windows Server 2003.
The migration plan specifies the following requirements for DNS in the new environment:
Active Directory data must not be accessible from the Internet.
The DNS namespace must be contiguous to minimize confusion for users and administrators.
Users must be able to connect to resources in the contoso.com domain.
Users must be able to connect to resources located on the Internet.
The existing UNIX-based DNS server will continue to host the contoso.com domain.
The existing UNIX-based DNS server cannot be upgraded or replaced.
You plan to install a Windows Server 2003 DNS server on the internal network.
You need to configure this Windows-based DNS server to meet the requirements specified in the
migration plan.
What should you do?
A.Create a primary zone named ad.contoso.com on your Windows-based DNS server. Create a
delegation record for the new zone on the UNIX-based DNS server. Configure forwarders on your
Windows-based DNS server.
B.Create a primary zone named ad.contoso.com on the UNIX-based DNS server. Create a secondary
zone on your Windows-based DNS server for the ad.contoso.com domain.
C.Create a primary zone named contoso-ad.com on your Windows-based DNS server. Create a
secondary zone on the UNIX-based DNS server for the contoso-ad.com domain.
D.Create a primary zone named contoso-ad.com on the UNIX-based DNS server. Create a stub zone on
the Windows-based DNS server for the contoso-ad.com domain. Configure conditional forwarders on
your Windows-based DNS server for the contoso-ad.com and contoso.com domains.
Answer:A

Microsoft examen   70-293   70-293   70-293 examen

NO.15 You are the network administrator for your company. The network consists of a single Active Directory
domain. All servers run Windows Server 2003.
When the network was designed, the design team set design specifications. After the network was
implemented, the deployment team set baseline specifications. The specifications for broadcast traffic
are:
The design specification requires that broadcast traffic must be 5 percent or less of total network traffic.
The baseline specification showed that the broadcast traffic is always 1 percent or less of total network
traffic during normal operation.
You need to monitor the network traffic and find out if the level of broadcast traffic is within design and
baseline specifications. You decide to use Network Monitor. After monitoring for 1 hour, you observe the
results shown in the exhibit. (Click the Exhibit button.)
You need to report the results of your observations to management.
Which two actions should you take? (Each correct answer presents part of the solution. Choose two.)
A.Report that broadcast traffic is outside of the baseline specification.
B.Report that broadcast traffic is outside of the design specification.
C.Report that broadcast traffic is within the design specification.
D.Report that broadcast traffic is within the baseline specification.
Answer:A,B

Microsoft   70-293 examen   certification 70-293   70-293 examen   70-293 examen   70-293 examen

NO.16 You are a network administrator for your company. The network contains a Windows Server 2003
computer named Server1 and ten Windows XP Professional client computers.
You configure Server1 with a LAN connection named Local Area Connection and an Internet connection
named Internet Connection. All of the client computers are connected to the LAN.
The users report that they cannot connect to the Internet. You discover that the IP configuration on the
client computers is correct.
You need to provide the ten client computers with Internet access. You must accomplish these tasks by
using the Server1's Network Connections console with the least amount of administrative effort. Your
operations must not affect other settings on Server1.
Answer.CP1 AND CP2
We need to enable Internet Connection Sharing (ICS) on the adapter named Internet Connection.
Step #1.
Open the Network Connections console by clicking Start > Control Panel > Network Connections.
Step #2.
Right click on Internet Connection and select Properties.
Step #3.
Click the Advanced tab.
Step #4.
Tick the checkbox to enable Internet Connection Sharing then click OK.
Step #5.
Click Yes.

NO.17 You are a network administrator for your company. The network consists of a single Active Directory
forest that contains three domains. The functional level of the forest and of all three domains is Window
Server 2003. The company has a main office and 30 branch offices. Each branch office is connected to
the main office by a 56-Kbps WAN connection.
You configure the main office and each branch office as a separate Active Directory site. You deploy a
Windows Server 2003 domain controller at the main office and at each branch office. Each domain
controller is configured as a DNS server.
You can log on to the network from client computers in the branch offices at any time. However, users in
the branch offices report that they cannot log on to the network during peak hours.
You need to allow users to log on to the network from branch office computers. You do not want to affect
the performance of the branch office domain controllers. You need to minimize Active Directory replication
traffic across the WAN connections.
What should you do?
A.Use Active Directory Sites and Services to enable universal group membership caching for each branch
office site.
B.Use the DNS console to configure the branch office DNS servers to forward requests to a DNS server in
the main office.
C.Use Active Directory Sites and Services to configure each branch office domain controller as a global
catalog server.
D.Use the DNS console to configure the branch office DNS servers to use an Active Directory-integrated
zone.
Answer:A

Microsoft   70-293   certification 70-293   70-293

NO.18 You are a network administrator for a consulting company. You need to create a wireless network that
will be used by consultants from your company at a customer location. The wireless network will consist of
nine portable computers, three servers, and four wireless digital cameras. All computers and cameras can
use either static or dynamic IP addressing. The cameras do not support data encryption. Both the portable
computers and the servers must be able to initiate communication over the Internet to VPN servers in
your company's main data center. Only the wireless access point is connected to the customer's
corporate network.You need to plan the wireless IP network so that it minimizes the risk of unauthorized
use of the wireless network and prevents unsolicited communication from the Internet to the hosts on the
network.What should you do?To answer, drag the appropriate configuration settings to the Wireless
Network Configuration.
Answer:

NO.19 You are the administrator for your company. The company has a new server which runs Windows
Server 2003 named Server1.
Server1 has two network connections. Internet connection is used to connect to the Internet and Local
Area Network connection is used to connect to the company network.
You need to ensure that company users can access the Internet through Server1. You also need to
prevent external, unauthorized users from accessing Server1 through the Internet. You must accomplish
this task by using the Routing and Remote Access Server Setup Wizard dialog box. Your operation must
not affect other settings on Server1.
Answer.CP1 AND CP2 AND CP3 AND CP4
Step #1.
Open the Routing and Remote Access console by clicking Start > Administrative Tools > Routing and
Remote Access.
Step #2.
Right click on Server1 and select Configure and Enable Routing and Remote Access.
Step #3.
The Routing and Remote Access Setup Wizard will open. Click Next.
Step #4.
Select Network address translation (NAT) and click Next.
Step #5.
Select "Internet Connection" as the public interface. Ensure that the "Enable security on the selected
interface...." checkbox is ticked. Then click Next.
Step #6.
Click Finish to close the wizard.
Step #7.
Close the Routing and Remote Access console.

NO.20 You are the network administrator for your company. The network consists of a single Active Directory
domain. The company's written security policy requires that computers in a file server role must have a
minimum file size for event log settings. In the past, logged events were lost because the size of the event
log files was too small. You want to ensure that the event log files are large enough to hold history. You
also want the security event log to be cleared manually to ensure that no security information is lost. The
application log must clear events as needed. You create a security template named Fileserver.inf to meet
the requirements. You need to test each file server and take the appropriate corrective action if needed.
You audit a file server by using Fileserver.inf and receive the results shown in the exhibit. (Click the
Exhibit button.) You want to make only the changes that are required to meet the requirements. Which two
actions should you take? (Each correct answer presents part of the solution. Choose two.)
A. Correct the Maximum application log size setting on the file server.
B. Correct the Maximum security log size setting on the file server.
C. Correct the Maximum system log size setting on the file server.
D. Correct the Retention method for application log setting on the file server.
E. Correct the Retention method for security log setting on the file server.
F. Correct the Retention method for system log setting for the file server.
Answer: B E

Microsoft   certification 70-293   70-293

La Q&A lancée par Pass4Test est bien poupulaire. Pass4Test peut non seulement vous permettre à appendre les connaissances professionnelles, et aussi les expériences importantes résumées par les spécialistes dans l'Industrie IT. Pass4Test est un bon fournisseur qui peut répondre une grande demande des candidats. Avec l'aide de Pass4Test, vous aurez la confiance pour réussir le test. Vous n'aurez pas aucune raison à refuser le Pass4Test.

Certification Microsoft de téléchargement gratuit pratique d'examen MB6-825, questions et réponses

Selon les feedbacks les professionnels bien réputés dans l'Industrie IT, Pass4Test est un bon catalyseur de leurs succès. L'outil de formation offert par Pass4Test leur aide d'économiser le temps et l'argent, le plus important est qu'ils aient passé le test Microsoft MB6-825 avec succès. Pass4Test est un fournissur fiable. Vous allez réaliser votre rêve avec l'aide de Pass4Test.

Pass4Test est un site de vous ramener au succès. Pass4Test peut vous aider à promouvoir les connaissances essentielles pour le test Microsoft MB6-825 et passer le test à la première fois.

Le suucès n'est pas loin de vous une fois que vous choisissez le produit de Q&A Microsoft MB6-825 de Pass4Test.

Code d'Examen: MB6-825
Nom d'Examen: Microsoft (AX 2009 Enterprise Portal Development)
Questions et réponses: 54 Q&As

Pass4Test vous permet à réussir le test Certification sans beaucoup d'argents et de temps dépensés. La Q&A Microsoft MB6-825 est recherchée par Pass4Test selon les résumés de test réel auparavant, laquelle est bien liée avec le test réel.

Pass4Test est un site à offrir les Q&As de tout les tests Certification IT. Chez Pass4Test, vous pouvez trouvez de meilleurs matériaux. Nos guides d'étude vous permettent de réussir le test Certification Microsoft MB6-825 sans aucune doute, sinon nous allons rendre votre argent d'acheter la Q&A et la mettre à jour tout de suite, en fait, c'est une situation très rare. Bien que il existe plusieurs façons à améliorer votre concurrence de carrière, Pass4Test est lequel plus efficace : Moins d'argent et moins de temps dépensés, plus sûr à passer le test Certification. De plus, un an de service après vendre est gratuit pour vous.

MB6-825 Démo gratuit à télécharger: http://www.pass4test.fr/MB6-825.html

NO.1 Microsoft Dynamics AX 2009 and the Enterprise Portal framework include Role Centers. What are Role
Centers?
A.Customizable home pages that display reports and other key business information.
B.Configuration pages where users are assigned specific job functions.
C.Configuration pages where user permissions are configured based on job role.
D.Special Web pages where user job assignments can be posted.
Answer: a

certification Microsoft   MB6-825 examen   MB6-825

NO.2 The Microsoft Dynamics AX 2009 Enterprise Portal is designed for the following users
Choose the 3 that apply.
A.Users external to the organization, such as customers and trading partners.
B.Those users who only require occasional access to Microsoft Dynamics AX 2009 data.
C.An employee who is traveling and needs to access their own Microsoft Dynamics AX 2009 data.
D.An employee who is an office worker and does not travel as part of their job.
Answer: abc

Microsoft examen   MB6-825   MB6-825 examen   MB6-825   certification MB6-825   MB6-825

NO.3 Microsoft Dynamics AX 2009 Enterprise Portal uses several common Microsoft software components.
Which of the following is not used by Enterprise Portal?
A.IIS
B.Windows SharePoint Services
C.Microsoft SQL Server
D.Internet Security and Acceleration Server
Answer: d

Microsoft   MB6-825   MB6-825   MB6-825   certification MB6-825

NO.4 Microsoft Dynamics AX 2009 and the Enterprise Portal Framework include customizable home pages
called Role Centers. Role Centers display specific data, reports, alerts, and other tasks associated with:
A.A user's job role profile.
B.A user's work location.
C.A user's preferred language option.
D.A user's work schedule.
Answer: a

certification Microsoft   MB6-825 examen   MB6-825   MB6-825

NO.5 In the overall architecture of Enterprise Portal, a software component is required to make the
connection between the Enterprise Portal Web site and the Microsoft Dynamics AX 2009 application.
What software component is used to make this connection?
A.AOT
B.IIS
C..NET Business Connector
D.Microsoft Active Directory
Answer: c

certification Microsoft   certification MB6-825   MB6-825 examen   MB6-825

On peut voir que beaucoup de candidats ratent le test Microsoft MB6-825 quand même avec l'effort et beaucoup de temps dépensés. Cest une bonne preuve que le test Microsoft MB6-825 est difficile à réussir. Pass4Test offre le guide d'étude bien fiable. Sauf le test Microsoft MB6-825, Pass4Test peut offrir les Q&As des autres test Certification IT.

Microsoft meilleur examen 70-647, questions et réponses

Participer au test Microsoft 70-647 est un bon choix, parce que dans l'Industire IT, beaucoup de gens tirent un point de vue que le Certificat Microsoft 70-647 symbole bien la professionnalité d'un travailleur dans cette industrie.

La Q&A Microsoft 70-647 est étudiée par les experts de Pass4Test qui font tous effort en profitant leurs connaissances professionnelles. La Q&A de Pass4Test est ciblée aux candidats de test IT Certification. Vous voyez peut-être les Q&As similaires dansn les autres site web, mais il n'y a que Pass4Test d'avoir le guide d'étude plus complet. C'est le meilleur choix à s'assurer le succès de test Certification Microsoft 70-647.

Pass4Test vous offre un choix meilleur pour faire votre préparation de test Microsoft 70-647 plus éfficace. Si vous voulez réussir le test plus tôt, il ne faut que ajouter la Q&A de Microsoft 70-647 à votre cahier. Pass4Test serait votre guide pendant la préparation et vous permet à réussir le test Microsoft 70-647 sans aucun doute. Vous pouvez obtenir le Certificat comme vous voulez.

Est-que vous s'inquiétez encore à passer le test Certification 70-647 qui demande beaucoup d'efforts? Est-que vous travaillez nuit et jour juste pour préparer le test de Microsoft 70-647? Si vous voulez réussir le test Microsoft 70-647 plus facilement? N'hésitez plus à nous choisir. Pass4Test vous aidera à réaliser votre rêve.

Code d'Examen: 70-647
Nom d'Examen: Microsoft (Windows Server 2008,Enterprise Administrator)
Questions et réponses: 496 Q&As

Aujoud'hui, c'est une société de l'informatique. Beaucoup d'organisations peut provider l'outil de se former pour le test Certification Microsoft 70-647. Mais on doit admettre que ces site n'ont pas la capacité à offrir une bonne Q&A, elles sont généralement très vagues et sans les points. C'est loin d'attirer les attentions des candidats.

Le Certificat Microsoft 70-647 est un passport rêvé par beaucoup de professionnels IT. Le test Microsoft 70-647 est une bonne examination pour les connaissances et techniques professionnelles. Il demande beaucoup de travaux et efforts pour passer le test Microsoft 70-647. Pass4Test est le site qui peut vous aider à économiser le temps et l'effort pour réussir le test Microsoft 70-647 avec plus de possibilités. Si vous êtes intéressé par Pass4Test, vous pouvez télécharger la partie gratuite de Q&A Microsoft 70-647 pour prendre un essai.

70-647 Démo gratuit à télécharger: http://www.pass4test.fr/70-647.html

NO.1 Your company named Contoso, Ltd. and another company named Fabrikam, Inc. establish a
partnership. The Contoso network consists of one Active Directory forest named contoso.com. The
Fabrikam network consists of one Active Directory forest named fabnkam.com. Users from contoso.com
plan to share files with users from fabrikam.com.
You need to prepare the environment so that users from contoso.com can protect confidential files from
being copied or forwarded to unauthorized users.
What should you do?
A. Create a one-way forest trust from Contoso. Set the NTFS permissions to read-only for all confidential
files.
B. Create a one-way forest trust from Fabrikam. Set the NTFS permissions to read-only for al confidential
files.
C. Deploy Active Directory Federation Services (AD FS). Deploy Active Directory Rights Management
Services (AD RMS).
D. Deploy Active Directory Federation Services (AD FS). Publish the files by using Microsoft SharePoint
Foundation 2010.
Answer: C

Microsoft examen   70-647   certification 70-647   70-647   70-647   70-647

NO.2 Your company has three offices. Each office is configured as an Active Directory site. The network
consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2. The
company has five departments. You use a domain-level Group Policy object (GPO) to install Microsoft
Office on all client computers.
You need to deploy a GPO strategy to meet the following requirements:
¡¤ Install a custom application i
one of the departments.
¡¤ Restrict access to removable storage device
for all users.
¡¤ Implement separate Windows Internet Explorer proxy settings fo
each physical location.
What should you do.?
A. Create a new group for each department. Create a new GPO for each site. Create a new GPO for the
domain and use the GPO to install the custom application.
B. Create a new organizational unit (OU) for each department. Create a new GPO for each site and a new
GPO for the domain. Create a GPO for one department OU and use the GPO to install the application.
C. Create a new organizational unit (OU) for each department. Create a single GPO for all the sites and a
new GPO for the domain. Create a single GPO for each department OU and use the GPO to install the
custom application.
D. Create a new child domain for each department. Create a new GPO for each site and a new GPO for
each new child domain. Create a single GPO for all the new child domains and use the GPO to install the
custom application.
Answer: B

Microsoft   70-647   certification 70-647

NO.3 Your network consists of one Active Directory forest. The functional level of the forest is Windows
Server2003.You upgrade all domain controllers from Windows Server 2003 SP2 to Windows Server 2008
R2. You planto deploy the first read-only domain controller (RODC) in the forest.
You need to prepare the network for the installation of the RODC.
What should you do?
A. Run adprep /rodcprep on any computer in the forest.
B. Run adprep /forestprep on the schema operations master server.
C. Raise the forest functional level to Windows Server 2008 R2.
D. Raise the domain functional level to Windows Server 2008 R2.
Answer: A

Microsoft examen   70-647 examen   certification 70-647   70-647   certification 70-647

NO.4 Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008
R2 and are configured as global catalog servers. Therelevant portion of the network is configured as
shown in the exhibit. (Click the Exhibit button.)
The Bridge all site links option is enabled. You are designing a failover strategy for domain controller
availability.
You need to ensure that client computers in Site H only authenticate to DC1 or DC2 if DC8 fails.
What should you do?
A. Change the B-H site link cost to 50.
B. Remove the global catalog server attribute from DC3, DC4, DCS, DC6, DC7, and DC8.
C. Disable the Bridge all site links option. In Site B, install a new writable domain controller that runs
Windows Server 2008 R2.
D. Prevent DC3, DC4, DC5, DC6, DC7, and DC8 from registering generic (non-site-specific) domain
controller locator DNS records.
Answer: D

Microsoft examen   certification 70-647   70-647   70-647   70-647 examen

NO.5 Your network consists of one Active Directory domain. The functional level of the domain is Windows
Server 2008 R2. Your company has 10 departments. Each department has a department manager and a
department administrator. Some department administrators are responsible for multiple departments. You
have an organizational unit (OU) named All Users that contains all user accounts.
You need to recommend a solution to simplify the management of all users in the domain.
The solution must meet the following requirements:
Department managers must only be able to reset passwords for users in their respective departments.
Department administrators must only be able to modify user accounts in their respective departments.
Only the respective department administrators and managers must be able to manage the accounts of
users who are transferred to their departments from other departments.
What should you recommend?
A. Create an Ou for each department.
Delegate password control for each new Ou to the respective department manager.
Delegate administration of each new OU to the respective department administrator.
B.Create an OU for each department.
When the same administrator is responsible for multiple departments, create only one OU for those
departments.
Delegate password control for each new OU to the respective department manager.
Delegate administration of each new OU to the respective department administrator.
C.Create an OU for each department.
When the same administrator is responsible for multiple departments, create a new OU and nest the OUs
of those departments into the new OU.
Delegate password control for each new OU to the respective to the respective department manager.
Delegate administration of each new OU to the respective department administrator.
D.Create a global security group for each department.
Add all the users, department managers, and administrators from each department to the global security
group.
Delegate password control to the department managers of the AllUsers OU.
Delegate administration to the department administrators of the AllUsers OU.
Answer: A

Microsoft examen   70-647   certification 70-647

NO.6 Your network contains two servers named Server1 and Server2. Server1 is a reverse proxy. Server2
runs Windows Server 2008 R2 and has the Web server (IIS) server role installed. Server2 hosts a secure
Web site. You want users to connect to Server2 by using the https://www.contoso.com URL.
You need to prepare the environment for the deployment of server certificates to meet the foflowmg
requirements:
Users connecting from the local network must only connect directly to Server2.Users must be able to
access the Web site on Server2 when they connect from the Internet or the internal network.
What should you do?
A. Install a server certificate for the name www.contoso.com on Server1 and Server2.
B. Install a server certificate for the name server.contoso.com on Server1 and Server2.
C. Install a server certificate for the name server.contoso.com on Server1. Install a server certificate for
the name www.contoso.com on Server2.
D. Install a server certificate for the name www.contoso.com on Server1. Install a server certificate for the
name server2.coritoso.com on Server2.
Answer: A

certification Microsoft   70-647   certification 70-647   70-647 examen

NO.7 Your company has a main office and 10 branch offices. The network consists of one Active Directory
domain. All domain controllers run Windows Server 2008 R2and are located in the main office. Each
branch office contains one member server. Branch office administrators in each branch office are
assigned the necessary rights to administrators only their member servers. You deploy one read-only
domain controller (RODC) in each branch office.
You need to recommend a security solution for the branch office Windows Server 2008 R2 domain
controllers.
The solution must meet the following requirements: Branch office administrators must be granted rights
on their local domain controller only.¡¤ Branch office administrators must be able to administer the domain
controller in their branch office. This includes changing device drivers and running Windows updates.
What should you recommend?
A. Add each branch office administrator to the Administrators group of the domain.
B. Add each branch office administrator to the local Administrators group of their respective domain
controller.
C. Grant each branch office administrator Full Control permission on their domain controller computer
object in Active Directory.
D. Move each branch office domain controller computer object to a new organizational unit (OU).Grant
each local administrator Full Control permission on the new OU.
Answer: B

Microsoft   certification 70-647   70-647   70-647   70-647

NO.8 Your network contains servers that run Windows Server 2008 R2 and client computers that run
Windows 7.You deploy a public key infrastructure by using Certificate Services servers that run Windows
Server 2008 R2.
You need to plan the implementation of smart card authentication on the network.
The solution must meet the following requirements:
Help desk users must only be able to enroll user certificates.
Managers must be able to enroll smartcards for other employees.
Managers must be able to use their client computers to manage certificates.
What should you include in your plan?
A. Enable Web enrollment.
B. Configure Restricted Enrollment Agents.
C. Upgrade all certificates to V3 templates.
D. Configure Restricted Certificate Managers.
Answer: B

certification Microsoft   certification 70-647   70-647

NO.9 Your network consists of one Active Directory domain. All servers run Windows Server 2008 R2.
You need to implement a storage management policy for. failover clustering that uses storage area
network (SAN)-based storage.
The solution must support the following requirements:
Maintain disk space usage information
Quota tracking by folder or by volume
Email notifications when users exceed their quota limits.
What should you do?
A. Use the File Server Resource Manager (FSRM).
B. Create and deploy NTFS file system disk quotas.
C. Install and configure the Storage Manager for SANs.
D. Use the Performance Monitor.
Answer: A

Microsoft   70-647 examen   70-647

NO.10 Your network consists of one Active Directory domain that contains servers that n.ai Windows Server
2008 R2.The relevant servers are configured as shown in the following table.
The relevant portion of the network is shown in the exhibit. (Click the Exhibit button.)
Server3 hosts a secure Web site. You want remote users to access the secure Web site by using a
Secure Socket Layer (SSL) connection throu the Internet. A server certificate issued by Server2 is
installed on Server3.
You need to recommend a solution that will enable the distribution of certificates to the remote users.
The solution must meet the following requirements:
the certification authority must be automatically trusted.
Remote users connecting to Server3 must use client certificates issued by Server4.
A minimum amount of TCP/IP ports must be opened on the firewall that connects the perimeter network
and the internal network
Which certification authority should you recommend installing on Server4?
A. enterprise root
B. enterprise subordinate
C. standalone root
D. standalone subordinate
Answer: D

Microsoft examen   certification 70-647   70-647

NO.11 Your network consists of one Active Directory domain. All domain controllers run either Windows
Server 2008 R2 or Windows Server 2003 SP2. A custom application stores passwords in Active Directory.
You plan to deploy read-only domain controllers (RODCs) on the network.
You need to prevent custom application passwords from being replicated to the ROOCs.
What should you do?
A. Upgrade the schema master to Windows Server 2008 R2. Configure a fine-gained password policy.
B. Upgrade the infrastructure master to Windows Server 2008 R2. Mark the custom application password
attribute as confidential.
C. Upgrade all domain controllers to Windows Server 2008 R2. Add the custom application password
attribute to the RODC filtered attribute set and mark the attribute as confidential.
D. Upgrade all domain controllers to Windows Server 2008 R2. Set the functional level of the forest and
the domain to Windows Server 2008 R2. Configure a fine-grained password policy
Answer: C

Microsoft   70-647 examen   70-647

NO.12 Your company has one main office and four branch offices. Each branch office has a read-only domain
controller (RODC).The network consists of one Active Directory domain. All domain controllers run
Windows Server 2008 R2.Some branch office users work in a department named Sales. Sales
department users must be able to logon to all computers in their respective branch offices, even if a wide
area network (WAN) link fails.
The company security policy has the following requirements:
z User account passwords must be replicated to the minimum number of locations.
¡¤ A minimum number of passwords must be replicated to the branch office domain controller
You need to configure a password replication policy that supports the company security policy.
What should you do?
A. Install a writable domain controller in all branch offices. Create one global group that contains all Sales
department users. Create a fine-grained password policy and apply the policy to the group.
B. Install a writable domain controller in all branch offices, Create one global group that contains the
computers of all Sales department users. Add the group to the Allowed RODC Password Replication
Group in the domain.
C.Create one global group for each branch office that contain the Sales department users and computers
in the corresponding branch office. Add all groups to Windows Authorization Access Group in the domain.
D.Create one global group for each branch office that contains the Sales department users and
computers in the corresponding branch office. Add each group to the Password Replication Policy in the
corresponding branch office.
Answer: D

Microsoft   70-647 examen   70-647   70-647

NO.13 Your company has three offices. Each office contains servers that run Windows Server 2008 R2.The
servers are configured as file servers. Users regularly travel between offices and require access to
corporate data stored on file servers in theirhome offices.
You need to plan a data access policy for the users. The solution must ensure that users can access
corporate data from a local server when they are traveling.
What should you include in your plan?
A. On all servers, install and configure Distributed File System (DFS).
B. On all servers install and configure the File Server Resource Manager (FSRM) and the File Replication
Service (FRS).
C. On one server, install and configure the File Server Resource Manager (FSRM). On the other two
servers, install and configure the File Replication Service (FRS).
D. On one server, install and configure Distributed File System (DFS). On the other two servers, install
and configure the Background Intelligent Transfer Service (BITS).
Answer: A

Microsoft   70-647 examen   70-647 examen   certification 70-647

NO.14 Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008
R2.
You need to deploy Active Directory Certificate Services on the network to support the following
requirements:
¡¤Maintain availability if a single server fails
z Delegate the enrollment of certificates for separate groups of users,
¡¤Restrict the types of certificates that can be issued by a certificate manager
What should you do?
A. Deploy two servers that run Windows Server 2008 R2 Enterprise. Configure a failover cluster.
Configure an enterprise certification authority (CA).
B. Deploy two servers that run Windows Server 2008 R2 Enterprise. Configure a failover cluster.
Configure a standalone root certification authority (CA).
C. Deploy two servers that run Windows Server 2008 R2 Enterprise. Configure an enterprise root
certification authority (CA) and a standalone subordinate CA.
D. Deploy two servers that run Windows Server 2008 R2 Standard. Configure a standalone root
certification authority (CA) and an enterprise subordinate CA.
Answer: A

Microsoft   70-647 examen   certification 70-647   certification 70-647

NO.15 Your company has a main office and nine branch offices. Each office is configured as a separate TCP/IP
subnet. You plan to deploy Active Directory domain controllers in all offices. You install the first domain
controller for the forest in the main office.
You need to prepare the environment for the deployment of domain controllers in all offices. The solution
must ensure that users always authenticate to a domain controller in their local office, unless it is
unavailable.
What should you do?
A. Create 10 subnet objects and one site object. Link all subnet objects to the site. Install domain
controllers in all offices.
B. Create a subnet object and a site object for each office. Link each subnet object to its respective site.
Install domain controllers in all offices.
C. Install domain controllers in all offices. Create 10 subnet objects and one site object. Link all subnet
objects to the site.
D. Install domain controllers in all offices. Create a subnet object and a site object for each office. Link
each subnet object to its respective Site.
Answer: B

Microsoft   70-647 examen   70-647 examen   70-647   70-647   certification 70-647

NO.16 Your network consists of one Active Directory domain that contains only domain controllers that run
Windows Server 2008 R2. All domain controllers run DNS and DHCP services. All DNS zones are
standard primary zones.
You need to plan a solution that allows administrators to perform routine maintenance on domain
controllers.
The solution must meet the following requirements:
Minimize server downtime.
Maximize the availability of DNS and DHCP services.
What should you do?
A.Instruct server administrators to run ntdsutil.
B.Instruct server administrators to stop the NTDS service.
C.Instruct server administrators to stop the Netlogon service.
D.Instruct server administrators to restart the servers in Directory Services Restore Mode (DSRM).
Answer: B

Microsoft   70-647   70-647   70-647 examen

NO.17 Your network consists of one Active Directory domain. The functional level of the domain is Windows
Server2008 R2.Your company has three departments named Sales, Marketing, and Engineering. All
users in the domainare in an organizational unit (OU) named All Users. You have three custom
applications. You deploy all custom applications by using a Group Policy object(GPO) named
AppInstall.The Sales department purchases a new application that is only licensed for use by the Sales
department.
You need to recommend a solution to simplify the distribution of the new application.
The solution must meet the following requirements:
The application must only be distributed to licensed users.
The amount of administrative effort required to manage the users must remain unaffected.
The three custom applications must be distributed to all existing and new users on the network.
What should you recommend?
A. Create a new child domain for each department and link the AppInstall GPO to each child domain.
Create a new GPO. Link the new GPO to the Sales domain.
B. Create a new child OU for each department. Link the AppInstall GPO to the Marketing OU and the
Engineering OU. Create a new GPO. Link the new GPO to the Sales OU.
C. Create a new group for each department and filter the AppInstall GPO to each group. Create a new
GPO. Link the new GPO to the domain. Filter the new GPO to the Sales group.
D. Create a new group for each department. Filter the AppInstall GPO to the Marketing group and the
Engineering group. Create a new GPO. Link the new GPO to the domain. Filter the new GPO to the Sales
group.
Answer: C

Microsoft   70-647 examen   70-647   70-647

NO.18 Your network consists of one Active Directory domain. All servers run Windows Server 2008 R2. You
plan to publish a Web site on two Web servers.
You need to recommend a solution for the deployment of the two Web servers.
The solution must provide the following requirements:
Session-state information for all users
Access to the Web site if a single server fails
Scalability to as many as seven Web servers
Support for multiple dedicated IP addresses for each Web server
what should you recommend?
A. Install failover clustering on each Web server.
B. Install Network Load Balancing on each Web server.
C. Assign multiple binding5 in Internet Information Services (IIS).
D. Create managed handler mappings in Internet Information Services (IIS).
Answer: B

Microsoft   70-647 examen   70-647

NO.19 Your network consists of one Active Directory forest named contoso.com. The relevant portion of the
network is configured as shown in the exhibit. (Click the Exhibit button.)
Users in the sales.apac.intl.contoso.com domain frequently access resources on the
products.corp.contoso.com domain. Users report slow access times when they access resources on the
products.corp. contoso.com domain.
You need to minimize access times when users access resources on the products. corp.contoso.com
domain.
What should you do?
A. Create a realm trust.
B. Create a shortcut trust.
C. Create a new DNS application partition. Add the contoso.com zone to the application partition.
D. Enable Universal Group Membership Caching for all Active Directory sites.
Answer: B

Microsoft   70-647   70-647   70-647   70-647 examen

NO.20 You network consist of one Active Directory domain and three Network Information Services (NIS)
domains. All domain controllers run Windows Server 2008 R2. All NIS domain servers run UNIX-based
operating systems.
You need to plan the integration of the Active Directory domain and the NIS domains.
The solution must meet the following requirements:
¡¤Minimize the Costs required o implement the solution. Minimize the number of additional Windows
servers required.
¡¤Provide centralized administration of Active Directory domain objects and NIS domain objects
What should you include in your plan?
A. Add the Server for Network Information Services role server.
B. Install the subsystem for UNIX-based applications.
C. Install Active Directory Federation Services (AD FS).
D. Implement a Microsoft Forefront Identity Manager 2010 server.
Answer: A

Microsoft   certification 70-647   70-647

Nous sommes clairs que ce soit necessaire d'avoir quelques certificats IT dans cette industrie de plus en plus intense. Le Certificat IT est une bonne examination des connaissances démandées. Dans l'Industrie IT, le test Microsoft 70-647 est une bonne examination. Mais c'est difficile à passer le test Microsoft 70-647. Pour améliorer le travail dans le future, c'est intélligent de prendre une bonne formation en coûtant un peu d'argent. Vous allez passer le test 100% en utilisant le Pass4Test. Votre argent sera tout rendu si votre test est raté.