最新的Microsoft Windows Server 2008 Active Directory. Configuring - 70-640免費考試真題
問題1
Your network contains an Active Directory forest named contoso.com.
You need to identify whether a fine-grained password policy is applied to a specific group.
Which tool should you use?
Your network contains an Active Directory forest named contoso.com.
You need to identify whether a fine-grained password policy is applied to a specific group.
Which tool should you use?
正確答案: C
問題2
Your network contains an Active Directory forest. The functional level of the forest is Windows Server 2008 R2.
Your company's corporate security policy states that the password for each user account must be changed at least every 45 days.
You have a user account named Service 1. Servicel is used by a network application named Application1.
Every 45 days, Applicationl fails.
After resetting the password for Servicel, Applicationl runs properly.
You need to resolve the issue that causes Applicationl to fail. The solution must adhere to the corporate security policy.
What should you do?
Your network contains an Active Directory forest. The functional level of the forest is Windows Server 2008 R2.
Your company's corporate security policy states that the password for each user account must be changed at least every 45 days.
You have a user account named Service 1. Servicel is used by a network application named Application1.
Every 45 days, Applicationl fails.
After resetting the password for Servicel, Applicationl runs properly.
You need to resolve the issue that causes Applicationl to fail. The solution must adhere to the corporate security policy.
What should you do?
正確答案: A
問題3
Your network contains an Active Directory domain. All domain controllers run Windows Server 2008 R2.
You need to compact the Active Directory database.
What should you do?
Your network contains an Active Directory domain. All domain controllers run Windows Server 2008 R2.
You need to compact the Active Directory database.
What should you do?
正確答案: D
說明:(僅 PDFExamDumps 成員可見)
問題4
Your company has an Active Directory domain. All servers run Windows Server 2008 R2.
Your company uses an Enterprise Root certificate authority (CA).
You need to ensure that revoked certificate information is highly available.
What should you do?
Your company has an Active Directory domain. All servers run Windows Server 2008 R2.
Your company uses an Enterprise Root certificate authority (CA).
You need to ensure that revoked certificate information is highly available.
What should you do?
正確答案: B
說明:(僅 PDFExamDumps 成員可見)
問題5
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. DC1 has the DNS Server server role installed and hosts the zone for contoso.com.
All host (A) records are registered in DNS by using dynamic updates.
You deploy a new server named dns.contoso.com.
You install the DNS Server server role on dns.contoso.com.
The Name Servers list is shown in the Name Server exhibit. (Click the Exhibit button.)
The Zone Transfers settings are shown in the Zone Transfers exhibit. (Click the Exhibit button.)
On dns.contoso.com, you create a secondary zone for contoso.com and you specify DC1 as the master server.
You discover that the zone fails to transfer to dns.contoso.com.
You open DNS Manager as shown in the DNS Manager exhibit. (Click the Exhibit button.)
You need to ensure that dns.contoso.com can transfer the contoso.com zone.
What should you do?
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. DC1 has the DNS Server server role installed and hosts the zone for contoso.com.
All host (A) records are registered in DNS by using dynamic updates.
You deploy a new server named dns.contoso.com.
You install the DNS Server server role on dns.contoso.com.
The Name Servers list is shown in the Name Server exhibit. (Click the Exhibit button.)
The Zone Transfers settings are shown in the Zone Transfers exhibit. (Click the Exhibit button.)
On dns.contoso.com, you create a secondary zone for contoso.com and you specify DC1 as the master server.
You discover that the zone fails to transfer to dns.contoso.com.
You open DNS Manager as shown in the DNS Manager exhibit. (Click the Exhibit button.)
You need to ensure that dns.contoso.com can transfer the contoso.com zone.
What should you do?
正確答案: B
問題6
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 is configured as an Active Directory Federation Services (AD FS) 2.0 standalone server.
You plan to add a new token-signing certificate to Server1.
You import the certificate to the server as shown in the exhibit. (Click the Exhibit button.)
When you run the Add Token-Signing Certificate wizard, you discover that the new certificate is unavailable.
You need to ensure that you can use the new certificate for AD FS.
What should you do?
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 is configured as an Active Directory Federation Services (AD FS) 2.0 standalone server.
You plan to add a new token-signing certificate to Server1.
You import the certificate to the server as shown in the exhibit. (Click the Exhibit button.)
When you run the Add Token-Signing Certificate wizard, you discover that the new certificate is unavailable.
You need to ensure that you can use the new certificate for AD FS.
What should you do?
正確答案: C
說明:(僅 PDFExamDumps 成員可見)
問題7
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Server 2008 Standard.
You need to install an enterprise subordinate certification authority (CA) that supports private key archival.
You must achieve this goal by using the minimum amount of administrative effort.
What should you do first?
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Server 2008 Standard.
You need to install an enterprise subordinate certification authority (CA) that supports private key archival.
You must achieve this goal by using the minimum amount of administrative effort.
What should you do first?
正確答案: B
說明:(僅 PDFExamDumps 成員可見)
問題8
Your network contains an Active Directory domain. The domain contains a group named Group1.
The minimum password length for the domain is set to six characters.
You need to ensure that the passwords for all users in Group1 are at least 10 characters long. All other users must be able to use passwords that are six characters long.
What should you do first?
Your network contains an Active Directory domain. The domain contains a group named Group1.
The minimum password length for the domain is set to six characters.
You need to ensure that the passwords for all users in Group1 are at least 10 characters long. All other users must be able to use passwords that are six characters long.
What should you do first?
正確答案: C
說明:(僅 PDFExamDumps 成員可見)
問題9
Your network contains an Active Directory domain. All DNS servers are domain controllers.
You view the properties of the DNS zone as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that DNS records can only be updated by the computer that registered the record.
What should you do first?
Your network contains an Active Directory domain. All DNS servers are domain controllers.
You view the properties of the DNS zone as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that DNS records can only be updated by the computer that registered the record.
What should you do first?
正確答案: C
問題10
You are the systems administrator for a medium-sized Active Directory domain.
Currently, the environment supports many different domain controllers, some of which are running Windows NT 4 and others that are running Windows 2003 and Server 2008 R2.
When you are running domain controllers in this type of environment, which of the following types of groups can you not use? (Choose Two)
You are the systems administrator for a medium-sized Active Directory domain.
Currently, the environment supports many different domain controllers, some of which are running Windows NT 4 and others that are running Windows 2003 and Server 2008 R2.
When you are running domain controllers in this type of environment, which of the following types of groups can you not use? (Choose Two)
正確答案: A,D
說明:(僅 PDFExamDumps 成員可見)
問題11
You have Active Directory Certificate Services (AD CS) deployed.
You create a custom certificate template.
You need to ensure that all of the users in the domain automatically enroll for a certificate based on the custom certificate template.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
You have Active Directory Certificate Services (AD CS) deployed.
You create a custom certificate template.
You need to ensure that all of the users in the domain automatically enroll for a certificate based on the custom certificate template.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
正確答案: A,B
說明:(僅 PDFExamDumps 成員可見)
問題12
Your network contains a server that runs Windows Server 2008 R2. The server is configured as an enterprise root certification authority (CA).
You have a Web site that uses x.509 certificates for authentication. The Web site is configured to use a manyto-one mapping.
You revoke a certificate issued to an external partner. You need to prevent the external partner from accessing the Web site.
What should you do?
Your network contains a server that runs Windows Server 2008 R2. The server is configured as an enterprise root certification authority (CA).
You have a Web site that uses x.509 certificates for authentication. The Web site is configured to use a manyto-one mapping.
You revoke a certificate issued to an external partner. You need to prevent the external partner from accessing the Web site.
What should you do?
正確答案: A
說明:(僅 PDFExamDumps 成員可見)
問題13
Your company has a main office and a branch office.
The network contains an Active Directory domain.
The main office contains a writable domain controller named DC1. The branch office contains a read- only domain controller (RODC) named DC2.
You discover that the password of an administrator named Admin1 is cached on DC2.
You need to prevent Admin1's password from being cached on DC2.
What should you do?
Your company has a main office and a branch office.
The network contains an Active Directory domain.
The main office contains a writable domain controller named DC1. The branch office contains a read- only domain controller (RODC) named DC2.
You discover that the password of an administrator named Admin1 is cached on DC2.
You need to prevent Admin1's password from being cached on DC2.
What should you do?
正確答案: D
說明:(僅 PDFExamDumps 成員可見)
問題14
A corporate network includes an Active Directory-integrated zone. AIl DNS servers that host the zone are domain controllers.
You add multiple DNS records to the zone.
You need to ensure that the new records are available on all DNS servers as soon as possible.
Which tool should you use?
A corporate network includes an Active Directory-integrated zone. AIl DNS servers that host the zone are domain controllers.
You add multiple DNS records to the zone.
You need to ensure that the new records are available on all DNS servers as soon as possible.
Which tool should you use?
正確答案: C
說明:(僅 PDFExamDumps 成員可見)
問題15
Your network contains an Active Directory domain. The domain contains 3,000 client computers. All of the client computers run Windows 7.
Users log on to their client computers by using standard user accounts.
You plan to deploy a new application named App1.
The vendor of App1 provides a Setup.exe file to install App1. Setup.exe requires administrative rights to run.
You need to deploy App1 to all client computers. The solution must meet the following requirements:
- App1 must automatically detect and replace corrupt application files.
- App1 must be available from the Start menu on each client computer.
What should you do first?
Your network contains an Active Directory domain. The domain contains 3,000 client computers. All of the client computers run Windows 7.
Users log on to their client computers by using standard user accounts.
You plan to deploy a new application named App1.
The vendor of App1 provides a Setup.exe file to install App1. Setup.exe requires administrative rights to run.
You need to deploy App1 to all client computers. The solution must meet the following requirements:
- App1 must automatically detect and replace corrupt application files.
- App1 must be available from the Start menu on each client computer.
What should you do first?
正確答案: C
說明:(僅 PDFExamDumps 成員可見)