TS: Windows Server 2008 Network Infrastructure, Configuring
Question No: 261 – (Topic 3)
Your company has a single Active Directory domain. The company has a main office and a branch office. Both the offices have domain controllers that run Active Directory-integrated DNS zones.
All client computers are configured to use the local domain controllers for DNS resolution. The domain controllers at the branch office location are configured as Read-Only Domain Controllers (RODC).
You change the IP address of an existing server named SRV2 in the main office. You need the branch office DNS servers to reflect the change immediately.
What should you do?
Run the dnscmd /ZoneUpdateFromDs command on the branch office servers.
Run the dnscmd /ZoneUpdateFromDs command on a domain controller in the main office.
Change the domain controllers at the branch offices from RODCs to standard domain controllers.
Decrease the Minimum (default) TTL option to 15 minutes on the Start of Authority (SOA) record for the zone.
Answer: A Explanation:
dnscmd /zoneupdatefromds – Updates an Active Directory-integrated zone with data from Active Directory Domain Services (AD DS).
Question No: 262 – (Topic 3)
Your company has a main office and two branch offices. Domain controllers in the main office host an Active Directory-integrated zone.
The DNS servers in the branch offices host a secondary zone for the domain and use the main office DNS servers as the DNS Master servers for the zone.
Each branch office has an application server.
Users access the application server by using its fully qualified domain name.
You need to ensure that users in the branch offices can access their local application server even if the WAN links are down for three days.
What should you do?
Increase the Expires After setting to 4 days on the Start of Authority (SOA) record for the zone.
Increase the Refresh Interval setting to 4 days on the Start of Authority (SOA) record for the zone.
Configure the Zone Aging / Scavenging Properties dialog box to enable Scavenge stale resource records, and set the Refresh setting to 4 days.
Configure the Zone Aging / Scavenging Properties dialog box to enable Scavenge stale resource records, and set the No-refresh interval setting to 4 days.
Question No: 263 – (Topic 3)
You have an application server that runs Windows Server 2008 R2. You need to configure Windows Firewall to allow communications on the server as shown in the following table.
What is the minimum number of firewall rules you should create?
Question No: 264 – (Topic 3)
Your network contains a server that runs Windows Server 2008 R2.
On the server, you run ipconfig as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that the server can access remote TCP/IPv6 hosts. What should you do?
Disable Internet Protocol Version 4 (TCP/IPv4).
Add a default gateway.
Modify the subnet mask.
Configure an IPv6 address.
Question No: 265 – (Topic 3)
Your network is configured as shown in the exhibit. (Click the Exhibit button.)
The network contains a server named TMG1. TMG1 runs Microsoft Forefront Threat Management Gateway (TMG) 2010 and has a default gateway of 22.214.171.124.
You need to ensure that TMG1 can connect to the Internet and to the client computers in all of the internal subnets.
What should you do on TMG1?
A. Run route -p add 192.168.1.0 netmask 255.255.255.0 192.168.2.1.
B. Change the default gateway to 192.168.1.1.
C. Run route -p add 192.168.2.0 netmask 255.255.255.0 192.168.1.1.
D. Change the default gateway to 192.168.2.1.
Answer: A Explanation:
For example, to add a static route to the 10.0.0.0 network that uses a subnet mask of 255.0.0.0, a gateway of 192.168.0.1, you type the following at a command prompt:
Route add 10.0.0.0 mask 255.0.0.0 192.168.0.1
Question No: 266 – (Topic 3)
You have a DHCP server that runs Windows Server 2008 R2. You restore the DHCP database by using a recent backup.
You need to prevent DHCP clients from receiving IP addresses that are currently in use on
What should you do?
Add the DHCP server option 15.
Add the DHCP server option 44.
Set the Conflict Detection value to 0.
Set the Conflict Detection value to 2.
Answer: D Explanation:
http://technet.microsoft.com/en-us/library/cc737924(v=ws.10).aspx To enable address conflict detection
In the console tree, click the applicable DHCP server. Where?
DHCP/applicable DHCP server
On the Action menu, click Properties. Click the Advanced tab.
For Conflict detection attempts, type a number greater than 0 (zero) and less than six, and then click OK.
The number you type determines how many times the DHCP server tests an IP address before leasing it to a client.
Each additional conflict detection attempt delays the DHCP server response by a second while waiting for the ping request to time out. This increases the load on the server. A value of no greater than two (2) for ping attempts is recommended.
Question No: 267 – (Topic 3)
Your network contains an Active Directory forest named contoso.com. The forest contains a server named Server1 that runs Windows Server 2008 R2 Service Pack 1 (SP1) Standard. The forest contains a server named Server2 that runs Windows Server 2008 R2 SP1 Enterprise. Server1 and Server2 have the Print and Document Services server role installed.
You need to migrate the print queues, printer settings, printer ports, and language monitors from Server1 to Server2.
Which tool should you use?
Active Directory Users and Computers
Active Directory Sites and Services
Devices and Printers
Answer: A Explanation:
To migrate print servers by using a command prompt
To open a Command Prompt window, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
CD %WINDIR%\System32\Spool\Tools Printbrm -s \\lt;sourcecomputernamegt; -b -f
Question No: 268 – (Topic 3)
You deploy a Windows Server 2008 R2 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows 7.
The firewall is configured to allow only secured Web communications. You need to enable remote users to connect as securely as possible.
You must achieve this goal without opening any additional ports on the firewall. What should you do?
Create an IPsec tunnel.
Create an SSTP VPN connection.
Create a PPTP VPN connection.
Create an L2TP VPN connection.
Answer: B Explanation:
Secure Socket Tunneling Protocol (SSTP) is a tunneling protocol that uses the HTTPS protocol over TCP port 443 to pass traffic through firewalls and Web proxies that might block PPTP and L2TP/IPsec traffic. SSTP provides a mechanism to encapsulate PPP traffic over the Secure Sockets Layer (SSL) channel of the HTTPS protocol. The use of PPP allows support for strong authentication methods, such as EAP-TLS. SSL provides transport-level security with enhanced key negotiation, encryption, and integrity checking. Although it is closely related to SSL, a direct comparison can not be made between SSL and SSTP as SSTP is only a tunneling protocol unlike SSL. Many reasons exist for choosing SSL and not IPSec as the basis for SSTP. IPSec is directed at supporting site- to- site VPN connectivity and thus SSL was a better base for SSTP development, as it supports roaming.
Question No: 269 – (Topic 3)
Your company runs Windows Server Update Services (WSUS) on a server named Server1. Server1 runs Windows Server 2008 R2. Server1 is located on the company intranet.
You configure the WSUS Web site to use SSL.
You need to configure a Group Policy object (GPO) to specify the intranet update locations. Which URLs should you use?
Question No: 270 – (Topic 3)
You perform a security audit on a server named Server1. You install the Microsoft Network
Monitor 3.0 application on Server1.
You find that only some of the captured frames display host mnemonic names in the Source column and the Destination column. All other frames display IP addresses.
You need to display mnemonic host names instead of IP addresses for all the frames. What should you do?
Create a new display filter and apply the filter to the capture.
Create a new capture filter and apply the filter to the capture.
Populate the Aliases table and apply the aliases to the capture.
Configure the Network Monitor application to enable the Enable Conversations option. Recapture the data to a new file.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|