[Pass Ensure VCE Dumps] 100 Percent Pass 70-646 By Learning PassLeader Free 70-646 Study Guide (71-90)
Valid Tips For 100% Pass Exam 70-646: PassLeader now is providing the best 283q 70-646 VCE dumps and PDF dumps for your 70-646 certification exam. We offer the latest 283q 70-646 exam questions to ensure that you can 100 percent pass 70-646 exam, and what’s more, we will offer you the new updated 70-646 exam dumps for one year free and free new version VCE Player. Welcome to visit our site — passleader.com and get the valid 283q 70-646 braindumps to pass exam as soon as possible.
keywords: 70-646 exam,283q 70-646 exam dumps,283q 70-646 exam questions,70-646 pdf dumps,70-646 vce dumps,70-646 practice test,70-646 study guide,Pro: Windows Server 2008, Server Administrator Exam
QUESTION 71
Your network consists of a single Active Directory domain. The network includes a branch office named Branch1. Branch1 contains a Readonly Domain Controller (RODC) named Server1. A global group named Branch1admins contains the user accounts for administrators. Administrators manage the client computers and servers in Branch1. You need to recommend a solution for delegating control of Server1. Your solution must meet the following requirements:
– Allow the members of the Branch1admins group to administer Server1 including, change device drivers and install operating system updates by using Windows Update.
– Provide the Branch1admins group rights on Server1 only.
– Prevent Branch1admins group from modifying Active Directory objects.
What should you recommend?
A. Add the Branch1admins global group to the Server Operators builtin local group.
B. Add the members of the Branch1admins global group to the Administrators builtin local group of Server1.
C. Grant Full Control permission on the Server1 computer object in the domain to the Branch1admins group
D. Move the Server1 computer object to a new organizational unit (OU) named Branch1servers. Grant Full Control permission on the Branch1servers OU to the Branch1admins group.
QUESTION 72
Your network consists of a single Active Directory forest. The forest functional level is Windows Server 2008 R2. The forest contains two domains named contoso.com and na.contoso.com. Contoso.com contains a user named User1. Na.contoso.com contains an organizational unit (OU) named Security. You need to give User1 administrative rights so that he can manage Group Policies for the Security OU. You want to achieve this goal while meeting the following requirements:
– User1 must be able to create and configure Group Policies in na.contoso.com.
– User1 must be able to link Group Policies to the Security OU.
– User1 must be granted the least administrative rights necessary to achieve the goal.
What should you do?
A. Add User1 to the Administrators group for na.contoso.com.
B. Add User1 to the Group Policy Creator Owners group in contoso.com. Modify the permissions on the Security OU.
C. Run the Delegation of Control Wizard on the Security OU. In the Group Policy Management Console, modify the permissions of the Group Policy Objects container in the na.contoso.com domain.
D. Run the Delegation of Control Wizard on na.contoso.com. In the Group Policy Management Console, modify the permissions of the Group Policy Objects container in the contoso.com domain.
Answer: C
QUESTION 73
Your network contains several branch offices. All servers run Windows Server 2008 R2. Each branch office contains a domain controller and a file server. The DHCP Server server role is installed on the branch office domain controllers. Each office has a branch office administrator. You need to delegate the administration of DHCP to meet the following requirements:
– Allow branch office administrators to manage DHCP scopes for their own office
– Prevent the branch office administrators from managing DHCP scopes in other offices
– Minimize administrative effort
What should you do?
A. In the Active Directory domain, add the branch office administrators to the Server Operators builtin local group.
B. In the Active Directory domain, add the branch office administrators to the Network Configuration Operators builtin local group.
C. In each branch office, migrate the DHCP Server server role to the file server. On each file server, add the branch office administrator to the DHCP Administrators local group.
D. In each branch office, migrate the DHCP Server server role to the file server. In the Active Directory domain, add the branch office administrators to the DHCP Administrators domain local group.
Answer: C
QUESTION 74
Your company has a single Active Directory domain. You have 30 database servers that run Windows Server 2008 R2. The computer accounts for the database servers are stored in an organizational unit (OU) named Data. The user accounts for the database administrators are stored in an OU named Admin. The database administrators are members of a global group named D_Admins. You must allow the database administrators to perform administrative tasks on the database servers. You must prevent the database administrators from performing administrative tasks on other servers. What should you do?
A. Deploy a Group Policy to the Data OU.
B. Deploy a Group Policy to the Admin OU.
C. Add D_Admins to the Domain Admins global group.
D. Add D_Admins to the Server Operators built-in local group.
Answer: A
QUESTION 75
Your network consists of a single Active Directory forest that contains a root domain and two child domains. All servers run Windows Server 2008 R2. A corporate policy has the following requirements:
– All local guest accounts must be renamed and disabled.
– All local administrator accounts must be renamed.
– You need to recommend a solution that meets the requirements of the corporate policy.
What should you recommend?
A. Implement a Group Policy object (GPO) for each domain.
B. Implement a Group Policy object (GPO) for the root domain.
C. Deploy Network Policy and Access Services (NPAS) on all domain controllers in each domain
D. Deploy Active Directory Rights Management Services (AD RMS) on the root domain controllers.
Answer: A
QUESTION 76
You need to design a Windows Server Update Services (WSUS) infrastructure that meets the following requirements:
– The updates must be distributed from a central location.
– All computers must continue to receive updates in the event that a server fails.
What should you include in your design?
A. Configure two WSUS servers in a Microsoft SQL Server 2008 failover cluster. Configure each WSUS server to use a local database.
B. Configure a single WSUS server to use multiple downstream servers. Configure each WSUS server to use a RAID 1 mirror and a local database.
C. Configure a single WSUS server to use multiple downstream servers. Configure each WSUS server to use a RAID 5 array and a local database.
D. Configure a Microsoft SQL Server 2008 failover cluster. Configure two WSUS servers in a Network Load Balancing cluster. Configure WSUS to use the remote SQL Server 2008 database instance.
Answer: D
QUESTION 77
Your network consists of a single Active Directory forest. The sales department in your company has 600 Windows Server 2008 R2 servers. You need to recommend a solution to monitor the performance of the 600 servers. Your solution must meet the following requirements:
– Generate alerts when the average processor usage is higher than 90 percent for 20 minutes.
– Automatically adjust the processor monitoring threshold to allow for temporary changes in the workload.
What should you recommend?
A. Install Windows System Resource Manager (WSRM) on each server.
B. Deploy Microsoft System Center Operations Manager (OpsMgr).
C. Deploy Microsoft System Center Configuration Manager (SysMgr).
D. Configure Reliability and Performance Monitor on each server
Answer: B
QUESTION 78
Your network consists of a single Active Directory domain. All servers run Windows Server 2008 R2. A server named Server1 has the Remote Desktop Services server role installed. You notice that several users consume more than 30 percent of the CPU resources throughout the day. You need to prevent users from consuming more than 15 percent of the CPU resources. Administrators must not be limited by the amount of CPU resources that they can consume. What should you do?
A. Implement Windows System Resource Manager (WSRM), and configure user policies.
B. Implement Windows System Resource Manager (WSRM), and configure session policies.
C. Configure Performance Monitor, and create a userdefined Data Collector Set.
D. Configure Performance Monitor, and create an Event Trace Session Data Collector Set.
Answer: A
QUESTION 79
Your network contains a standalone root certification authority (CA). You have a server named Server1 that runs Windows Server 2008 R2. You issue a server certificate to Server1. You deploy Secure Socket Tunneling Protocol (SSTP) on Server1. You need to recommend a solution that allows external partner computers to access internal network resources by using SSTP. What should you recommend?
A. Enable Network Access Protection (NAP) on the network.
B. Deploy the Root CA certificate to the external computers.
C. Implement the Remote Desktop Connection Broker role service.
D. Configure the firewall to allow inbound traffic on TCP Port 1723.
Answer: B
QUESTION 80
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. You need to plan an auditing strategy that meets the following requirements:
– Audits all changes to Active Directory Domain Services (AD DS)
– Stores all auditing data in a central location
What should you include in your plan?
A. Configure an audit policy for the domain. Configure Event Forwarding.
B. Configure an audit policy for the domain controllers. Configure Data Collector Sets.
C. Implement Windows Server Resource Manager (WSRM) in managing mode.
D. Implement Windows Server Resource Manager (WSRM) in accounting mode.
Answer: A
http://www.passleader.com/70-646.html
QUESTION 81
Your network contains a single Active Directory domain. All domain controllers run Windows Server 2008 R2. There are 1,000 client computers that run Windows 7 and that are connected to managed switches. You need to recommend a strategy for network access that meets the following requirements:
– Users are unable to bypass network access restrictions.
– Only client computers that have uptodate service packs installed can access the network.
– Only client computers that have uptodate antimalware software installed can access the network.
What should you recommend?
A. Implement Network Access Protection (NAP) that uses DHCP enforcement.
B. Implement Network Access Protection (NAP) that uses 802.1x enforcement.
C. Implement a Network Policy Server (NPS), and enable IPsec on the domain controllers.
D. Implement a Network Policy Server (NPS), and enable Remote Authentication DialIn User Service (RADIUS) authentication on the managed switches.
Answer: B
QUESTION 82
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. The network contains 100 servers and 5,000 client computers. The client computers run either Windows XP Service Pack 1 or Windows 7. You need to plan a VPN solution that meets the following requirements:
– Stores VPN passwords as encrypted text
– Supports Suite B cryptographic algorithms
– Supports automatic enrollment of certificates
– Supports client computers that are configured as members of a workgroup
What should you include in your plan?
A. Upgrade the client computers to Windows XP Service Pack 3. Implement a standalone certification authority (CA). Implement an IPsec VPN that uses certificate based authentication.
B. Upgrade the client computers to Windows XP Service Pack 3. Implement an enterprise certification authority (CA) that is based on Windows Server?2008 R2. Implement an IPsec VPN that uses Kerberos authentication.
C. Upgrade the client computers to Windows 7. Implement an enterprise certification authority (CA) that is based on Windows Server 2008 R2. Implement an IPsec VPN that uses preshared keys.
D. Upgrade the client computers to Windows 7. Implement an enterprise certification authority (CA) that is based on Windows Server 2008 R2. Implement an IPsec VPN that uses certificate based authentication.
Answer: D
QUESTION 83
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. All servers run Windows Server 2008 R2. All client computers run Windows 7. You need to generate a monthly report on the status of software updates for the client computers. Your solution must meet the following requirements:
– Display all of the operating system updates that installed successfully
– Display all of the Microsoft application updates that installed successfully
– Display all of the operating system updates that failed to install
– Display all of the Microsoft application updates that failed to install
– Minimize administrative effort
– Minimize costs
What should you do?
A. Install Microsoft System Center Essentials (Essentials) 2007. Deploy management agents on all client computers.
B. Install Microsoft System Center Configuration Manager (SysMgr) 2007. Deploy management agents on all client computers.
C. Install Windows Server Update Services (WSUS) 3.0 SP2. Configure Windows Update by using a Group Policy object (GPO).
D. Deploy Microsoft Baseline Security Analyzer (MBSA) 2.1 on the client computers. Run MBSA on each client computer, and save the report to a shared folder on the network.
Answer: C
QUESTION 84
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. Your company and an external partner plan to collaborate on a project. The external partner has an Active Directory domain that contains Windows Server 2008 R2 domain controllers. You need to design a collaboration solution that meets the following requirements:
– Allows users to prevent sensitive documents from being forwarded to untrusted recipients or from being printed.
– Allows users in the external partner organization to access the protected content to which they have been granted rights.
– Sends all interorganizational traffic over port 443.
– Minimizes the administrative effort required to manage the external users.
What should you include in your design?
A. Establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has Microsoft SharePoint Foundation 2010 installed.
B. Establish a federated trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that runs Microsoft SharePoint 2010 and that has the Active Directory Rights Management Services (AD RMS) role installed.
C. Establish an external forest trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has the Active Directory Certificate Services server role installed. Implement Encrypting File System (EFS).
D. Establish an external forest trust between your company and the external partner. Deploy a Windows Server 2008 R2 server that has the Active Directory Rights Management Service (AD RMS) role installed and Microsoft SharePoint Foundation 2010 installed.
Answer: B
QUESTION 85
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. There are five Windows Server 2003 SP2 servers that have the Terminal Server component installed. A firewall server runs Microsoft Internet Security and Acceleration (ISA) Server 2006. You need to create a remote access strategy for the Remote Desktop Services servers that meets the following requirements:
– Restricts access to specific users
– Minimizes the number of open ports on the firewall
– Encrypts all remote connections to the Remote Desktop Services servers
What should you do?
A. Implement SSL bridging on the ISA Server. Require authentication on all inbound connections to the ISA Server.
B. Implement port forwarding on the ISA Server. Require authentication on all inbound connections to the ISA Server.
C. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop resource authorization policy (RD RAP).
D. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop connection authorization policy (RD CAP).
Answer: D
QUESTION 86
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. There are five Windows Server 2003 SP2 servers that have the Terminal Server component installed. A firewall server runs Microsoft Internet Security and Acceleration (ISA) Server 2006. You plan to give remote users access to the Remote Desktop Services servers. You need to create a remote access strategy for the Remote Desktop Services servers that meets the following requirements:
– Restricts access to specific Remote Desktop Services servers
– Encrypts all connections to the Remote Desktop Services servers
– Minimizes the number of open ports on the firewall server
What should you do?
A. Implement SSL bridging on the ISA Server. Require authentication on all inbound connections to the ISA Server.
B. Implement port forwarding on the ISA Server. Require authentication on all inbound connections to the ISA Server.
C. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop resource authorization policy (RD RAP).
D. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop connection authorization policy (RD CAP).
Answer: C
QUESTION 87
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. There are five servers that run Windows Server 2003 SP2. The Windows Server 2003 SP2 servers have the Terminal Server component installed. A firewall server runs Microsoft Internet Security and Acceleration (ISA) Server 2006. All client computers run Windows 7. You plan to give remote users access to the Remote Desktop Services servers. You need to create a remote access strategy for the Remote Desktop Services servers that meets the following requirements:
– Minimizes the number of open ports on the firewall server
– Encrypts all remote connections to the Remote Desktop Services servers
– Prevents network access to client computers that have Windows Firewall disabled
What should you do?
A. Implement port forwarding on the ISA Server. Implement Network Access Quarantine Control on the ISA Server.
B. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and implement Network Access Protection (NAP).
C. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop connection authorization policy (RD CAP).
D. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop resource authorization policy (RD RAP).
Answer: B
QUESTION 88
Your network consists of a single Active Directory domain. Your network contains 10 servers and 500 client computers. All domain controllers run Windows Server 2008 R2. A Windows Server 2008 R2 server has Remote Desktop Services installed. All client computers run Windows XP Service Pack 3. You plan to deploy a new line of business application. The application requires desktop themes to be enabled. You need to recommend a deployment strategy that meets the following requirements:
– Only authorized users must be allowed to access the application.
– Authorized users must be able to access the application from any client computer.
– Your strategy must minimize changes to the client computers.
– Your strategy must minimize software costs.
What should you recommend?
A. Migrate all client computers to Windows 7. Deploy the application to all client computers by using a Group Policy object (GPO).
B. Migrate all client computers to Windows 7. Deploy the application to the authorized users by using a Group Policy object (GPO).
C. Deploy the Remote Desktop Connection (RDC) 7.0 software to the client computers. Install the application on the Remote Desktop Services server. Implement Remote Desktop Connection Broker (RD Connection Broker).
D. Deploy the Remote Desktop Connection (RDC) 7.0 software to the client computers. Enable the Desktop Experience feature on the Remote Desktop Services server. Install the application on the Remote Desktop Services server.
Answer: D
QUESTION 89
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. All client computers run Windows 7. All user accounts are stored in an organizational unit (OU) named Staff. All client computer accounts are stored in an OU named Clients. You plan to deploy a new application. You need to ensure that the application deployment meets the following requirements:
– Users must access the application from an icon on the Start menu.
– The application must be available to remote users when they are offline.
What should you do?
A. Publish the application to users in the Staff OU.
B. Publish the application to users in the Clients OU.
C. Assign the application to computers in the Staff OU.
D. Assign the application to computers in the Clients OU.
Answer: D
QUESTION 90
Your network contains an Active Directory domain. The domain contains a Remote Desktop Services server that runs Windows Server 2008 R2. All client computers run Windows 7. You need to deploy a new line of business application. The deployment must meet the following requirements:
– Users must have access to the application from the company portal.
– Users must always have access to the latest version of the application.
– You must minimize the number of applications installed on the client computers.
What should you do?
A. Publish the application to the users by using a Group Policy object (GPO).
B. Publish the application as a RemoteApp. Enable Remote Desktop Web Access (RD Web Access).
C. Assign the application to the client computers by using a Group Policy object (GPO).
D. Deploy the application by using Microsoft System Center Configuration Manager (SCCM) 2007 R2.
Answer: B