QUESTION 1
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the following Remote Desktop Services (RDS) role services installed: Remote Desktop Session Host (RD Session Host)Remote Desktop Web Access (RD Web Access) You publish 10 RemoteApp programs on Server1 by using RD Web Access. You need to ensure that when users log on to the RD Web Access page, they see only the RemoteApp programs assigned to them. What should you modify from RemoteApp Manager?
A. the properties of each RemoteApp program
B. the RD Gateway Settings
C. the RDP Settings
D. the RD Session Host Server Settings
Answer: A
QUESTION 2
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Remote Desktop Gateway (RD Gateway) role service installed. You add the Domain Users group to a connection authorization policy named TS_CAP_01. You need to ensure that only client computers that have Windows Firewall enabled can connect to Remote Desktop resources through the RD Gateway. What should you do?
A. From Remote Desktop Gateway Manager, modify the properties of the TS_RAP_01 resource authorization policy.
B. From Remote Desktop Gateway Manager, modify the properties of the TS_CAP_01 connection authorization policy.
C. From the Network Policy Server console, modify the properties of the TS_CAP_01 network policy.
D. From the Network Policy Server console, modify the properties of the TS GATEWAY AUTHORIZATION POLICY connection request policy.
Answer: C
QUESTION 3
Your network contains two standalone servers named Server1 and Server2. Server1 has Microsoft SQL Server 2008 Reporting Services installed. Server2 has the SMTP Server feature installed. You configure the Reporting Services on Server1 to send reports by using Server2. You need to ensure that Server2 sends the reports. What should you do on Server2?
A. Configure a smart host.
B. Configure TLS encryption.
C. Modify the Relay restrictions settings.
D. Modify the Connection control settings.
Answer: C
QUESTION 4
You manage a member server that runs Windows Server 2008 R2. The server has the Web Server (IIS) server role installed. The Web server hosts a Web site named Intranet1. Only internal Active Directory user accounts have access to the Web site. The authentication settings for Intranet1 are configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that users authenticate to the Web site by using only the Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAPv2) encrypted Active Directory credentials. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Add the Digest Authentication role service and the URL Authorization role service to the server.
B. Add the Windows Authentication role service to IIS. Configure the Windows Authentication setting to Enabled in the Intranet1 properties.
C. Configure the Basic Authentication setting to Disabled in the Intranet1 properties.
D. Configure the Default domain field for the Basic Authentication settings on Intranet1 by adding the name of the Active Directory domain.
E. Configure the Basic Authentication setting to Disabled and the Anonymous Authentication setting to Enabled in the Intranet1 properties.
Answer: BC
QUESTION 5
Your network contains a Web server that runs Windows Server 2008 R2. Remote management is configured for Internet Information Services (IIS). From IIS Manager Permissions, you add a user to a Web site. You need to prevent the user from using Internet Information Services (IIS) Manager to modify the authorization rules of the Web site. Which settings should you configure?
A. Authorization Rules
B. Feature Delegation
C. IIS Manager Permissions
D. IIS Manager Users
Answer: B
QUESTION 6
Your network contains a Web server named Server1 that runs Windows Server 2008 R2. You modify the configuration of Server1. You need to restore the previous Web server configuration. What should you run?
A. appcmd.exe
B. iisback.vbs
C. iisext.vbs
D. iisreset.exe
Answer: A
QUESTION 7
Your network contains a Web server named Web1 that runs Windows Server 2008 R2. Web1 has a wildcard certificate installed. Web1 has two Web sites as shown.
You discover that when you go to the URL https://site1.contoso.com in Internet Explorer, you connect to Site2. You need to ensure that when users go to https://site1.contso.com in Internet Explorer, they connect to Site1. The solution must ensure that all connections to Site1 are secure. Which two settings should you modify? (Each correct answer presents part of the solution. Choose two.)
A. the bindings for Site1
B. the bindings for Site2
C. the HTTP Redirect settings for Site1
D. the HTTP Redirect settings for Site2
Answer: AB
QUESTION 8
Your network contains a server that runs Windows Server 2008 R2. The server has the Web Server (IIS) role installed. The server has a Web application that uses HTTP. All authentication methods are enabled for the Web application. You need to prevent passwords from being sent over the network in clear text. Which two authentication methods should you disable? (Each correct answer presents part of the solution. Choose two.)
A. Anonymous
B. Basic
C. Digest
D. Forms
E. Windows Integrated
Answer: BD
QUESTION 9
Your company hosts a Web site on a server that runs Windows Server 2008 R2. The server has the Web Server (IIS) server role installed. SSL is configured on the Web site for virtual directories that require encryption. You are implementing a new Web application on the Web site. The new application has its own logon page named userlogin.aspx. You enable Forms Authentication in the Web site properties. You need to configure the Web site to use userlogin.aspx to authenticate user accounts. What should you do?
A. Configure the Forms Authentication Settings to Require SSL.
B. Configure the Name property of the Cookie Settings to the userlogin.aspx filename.
C. Configure the Login URL property for the Forms Authentication Settings to the userlogin.aspx filename.
D. Configure the Default Document setting to add the userlogin.aspx filename in the Web site properties.
Answer: C
QUESTION 10
Your network contains an FTP server named Server1. Server1 has an FTP site named FTP1. You need to hide all of the files in FTP1 that have an .exe file extension. The solution must ensure that users can list other files in FTP1. What should you modify?
A. the FTP authorization rules
B. the FTP directory browsing
C. the FTP request filtering
D. the NTFS permissions
Answer: C
QUESTION 11
Your network contains an Active Directory domain. The domain contains two sites named Site1 and Site2. Site1 contains four domain controllers. Site2 contains a read-only domain controller (RODC). You add a user named User1 to the Allowed RODC Password Replication Group. The WAN link between Site1 and Site2 fails. User1 restarts his computer and reports that he is unable to log on to the domain. The WAN link is restored and User1 reports that he is able to log on to the domain. You need to prevent the problem from reoccurring if the WAN link fails. What should you do?
A. Create a Password Settings object (PSO) and link the PSO to User1’s user account.
B. Create a Password Settings object (PSO) and link the PSO to the Domain Users group.
C. Add the computer account of the RODC to the Allowed RODC Password Replication Group.
D. Add the computer account of User1’s computer to the Allowed RODC Password Replication Group.
Answer: D
QUESTION 12
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. The Active Directory Federation Services (AD FS) role is installed on Server1. Contoso.com is defined as an account store. A partner company has a Web-based application that uses AD FS authentication. The partner company plans to provide users from contoso.com access to the Web application. You need to configure AD FS on contoso.com to allow contoso.com users to be authenticated by the partner company. What should you create on Server1?
A. a new application
B. a resource partner
C. an account partner
D. an organization claim
Answer: B
QUESTION 13
Your network contains two Active Directory forests named contoso.com and adatum.com. Active Directory Rights Management Services (AD RMS) is deployed in contoso.com. An AD RMS trusted user domain (TUD) exists between contoso.com and adatum.com. From the AD RMS logs, you discover that some clients that have IP addresses in the adatum.com forest are authenticating as users from contoso.com. You need to prevent users from impersonating contoso.com users. What should you do?
A. Configure trusted e-mail domains.
B. Enable lockbox exclusion in AD RMS.
C. Create a forest trust between adatum.com and contoso.com.
D. Add a certificate from a third-party trusted certification authority (CA).
Answer: A
QUESTION 14
Your company has a main office and a branch office. The network contains an Active Directory domain. The main office contains a writable domain controller named DC1. The branch office contains a read-only domain controller (RODC) named DC2. You discover that the password of an administrator named Admin1 is cached on DC2. You need to prevent Admin1s password from being cached on DC2. What should you do?
A. Modify the NTDS Site Settings.
B. Modify the properties of the domain.
C. Create a Password Setting object (PSO).
D. Modify the properties of DC2s computer account.
Answer: D
QUESTION 15
Your network contains a server named Server1 that runs Windows Server 2008 R2. On Server1, you create an Active Directory Lightweight Directory Services (AD LDS) instance named Instance1. You connect to Instance1 by using ADSI Edit. You run the Create Object wizard and you discover that there is no User object class. You need to ensure that you can create user objects in Instance1. What should you do?
A. Run the AD LDS Setup Wizard.
B. Modify the schema of Instance1.
C. Modify the properties of the Instance1 service.
D. Install the Remote Server Administration Tools (RSAT).
Answer: B
QUESTION 16
Your company has a main office and a branch office. The branch office contains a read-only domain controller named RODC1. You need to ensure that a user named Admin1 can install updates on RODC1. The solution must prevent Admin1 from logging on to other domain controllers. What should you do?
A. Run ntdsutil.exe and use the Roles option.
B. Run dsmgmt.exe and use the Local Roles option.
C. From Active Directory Sites and Services, modify the NTDS Site Settings.
D. From Active Directory Users and Computers, add the user to the Server Operators group.
Answer: B
QUESTION 17
Your company has a main office and 40 branch offices. Each branch office is configured as a separate Active Directory site that has a dedicated read-only domain controller (RODC). An RODC server is stolen from one of the branch offices. You need to identify the user accounts that were cached on the stolen RODC server. Which utility should you use?
A. Dsmod.exe
B. Ntdsutil.exe
C. Active Directory Sites and Services
D. Active Directory Users and Computers
Answer: D
QUESTION 18
Active Directory Rights Management Services (AD RMS) is deployed on your network. Users who have Windows Mobile 6 devices report that they cannot access documents that are protected by AD RMS. You need to ensure that all users can access AD RMS protected content by using Windows Mobile 6 devices. What should you do?
A. Modify the security of the ServerCertification.asmx file.
B. Modify the security of the MobileDeviceCertification.asmx file.
C. Enable anonymous authentication for the _wmcs virtual directory.
D. Enable anonymous authentication for the certification virtual directory.
Answer: B
QUESTION 19
Your company has an Active Directory Rights Management Services (AD RMS) server. Users have Windows Vista computers. An Active Directory domain is configured at the Windows Server 2003 functional level. You need to configure AD RMS so that users are able to protect their documents. What should you do?
A. Install the AD RMS client 2.0 on each client computer.
B. Add the RMS service account to the local administrators group on the AD RMS server.
C. Establish an e-mail account in Active Directory Domain Services (AD DS) for each RMS user.
D. Upgrade the Active Directory domain to the functional level of Windows Server 2008.
Answer: C
QUESTION 20
Your company has a server that runs Windows Server 2008 R2. The server runs an instance of Active Directory Lightweight Directory Services (AD LDS). You need to replicate the AD LDS instance on a test computer that is located on the network. What should you do?
A. Run the repadmin /kcc <servername> command on the test computer.
B. Create a naming context by running the Dsmgmt command on the test computer.
C. Create a new directory partition by running the Dsmgmt command on the test computer.
D. Create and install a replica by running the AD LDS Setup wizard on the test computer.
Answer: B
The Same As Real 70-649 Test Questions Offered By Passleader Help You Pass Exam Easily
http://www.passleader.com/70-649.html