[Free] 2018(July) Dumps4cert Microsoft 70-646 Dumps with VCE and PDF Download 101-110

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 July Microsoft Official New Released 70-646
100% Free Download! 100% Pass Guaranteed!

Pro: Windows Server 2008, Server Administrator

Question No: 101 – (Topic 1)

Your company has a main office and a branch office. You plan to deploy a Readonly Domain Controller (RODC) in the branch office.

You need to plan a strategy to manage the RODC. Your plan must meet the following requirements:

->Allow branch office support technicians to maintain drivers and disks on the RODC

->Prevent branch office support technicians from managing domain user accounts

What should you include in your plan?

  1. Configure the RODC for Administrator Role Separation.

  2. Configure the RODC to replicate the password for the branch office support technicians.

  3. Set NTFS permissions on the Active Directory database to Read amp; Execute for the branch office support technicians.

  4. Set NTFS permissions on the Active Directory database to Deny Full Control for the branch office support technicians.

Answer: A Explanation:

http://technet.microsoft.com/en-us/library/cc753170(WS.10).aspx

Dumps4Cert 2018 PDF and VCE

Question No: 102 – (Topic 1)

You are planning to deploy new servers that will run Windows Server 2008 R2. Each server will have 32 GB of RAM.

The servers must support installation of the following role services:

->Routing and Remote Access

->Remote Desktop Services Gateway

You need to deploy the minimum edition of Windows Server 2008 R2 that meets the requirements.

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)

  1. Windows Server 2008 R2 Standard

  2. Windows Server 2008 R2 Enterprise

  3. Windows Server 2008 R2 Web

  4. Windows Server 2008 R2 Datacenter

Answer: A Explanation:

http://www.microsoft.com/en-us/server-cloud/windows-server/2008-r2-standard.aspx

R2 Standard provides these services and is the minimum edition they are available on. 32 GB RAM is also supported if its a 64 bit version http://technet.microsoft.com/en- us/windowsserver/

bb414778.aspx

Question No: 103 – (Topic 1)

You are designing a recovery solution for file servers that run Windows Server 2008 R2. File servers have the operating system and settings on volume C and shared data on other volumes.

The recovery solution must meet the following requirements:

->Create restorable point-in-time copies of files stored in shared folders on the file servers.

->Provide users the ability to compare versions of an open file.

You need to design a recovery solution that meets the requirements.

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)

  1. Enable the windows Server Backup feature and schedule a backup of the shared folders on the file servers.

  2. Enable Shadow Copies on all file server volumes.

  3. Enable the Windows Server Backup feature and schedule a backup of the file server system state data.

  4. Enable Shadow Copies on only file server volumes that contain shared folders.

Answer: D Explanation:

Windows Server 2008 Volume Shadow Copy is a mechanism whereby the contents of shared folders can be automatically backed up at pre-determined intervals to a shadow volume. Once implemented, shadow copy will backup the previous 64 versions of each file in the shadowed volume and provide users with the ability to restore files from any of the previous 64 versions without administrator intervention, enabling users to independently restore deleted, damaged or overwritten files. In addition to restoring individual files to a previous version, shadow copy also provides the ability to restore an entire volume.

The requirement is to enable this on shared folders only so answer D meets this

requirement best.

Question No: 104 – (Topic 1)

Your network consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008 R2. All servers run Windows Server 2008 R2. A corporate security policy requires complex passwords for user accounts that have administrator privileges.

You need to design a strategy that meets the following requirements:

->Ensures that administrators use complex passwords

->Minimizes the number of servers required to support the solution

What should you include in your design?

  1. Implement Network Access Protection (NAP).

  2. Implement Active Directory Rights Management Services (AD RMS).

  3. Create a new Password Settings Object (PSO) for administrator accounts.

  4. Create a new child domain in the forest. Move all nonadministrator accounts to the new domain. Configure a complex password policy in the root domain.

Answer: C Explanation:

http://technet.microsoft.com/en-us/library/cc770842(WS.10).aspx http://technet.microsoft.com/en-us/library/cc754461(WS.10).aspx

Dumps4Cert 2018 PDF and VCE

Dumps4Cert 2018 PDF and VCE

Question No: 105 – (Topic 1)

A network includes servers that run Windows Server 2008 R2 with the Network Policy Server (NPS) server role installed. You are planning to deploy a remote network administration solution.

The remote administration solution must meet the following requirements:

->Include fault tolerance.

->Define the users who have remote access and the resources they can remotely access.

You need to design a remote administration solution that meets the requirements.

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)

  1. Deploy and configure multiple servers with the Remote Desktop Gateway server role. Create a central Remote Desktop Connection Authorization Policy (RD CAP) and a Resource Authorization Policy (RD RAP).

  2. Deploy and configure multiple servers with the Remote Desktop Gateway server role. Create a local Remote Desktop Connection Authorization Policy (RD CAP) and a Resource Authorization Policy (RD RAP).

  3. Deploy and configure one server with the Remote Desktop Web Access server role. Create a central Remote Desktop Connection Authorization Policy (RD CAP) and a Resource Authorization Policy (RD RAP).

  4. Deploy and configure one server with the Remote Desktop Web Access server role. Create a local Remote Desktop Connection Authorization Policy (RD CAP) and a Resource Authorization Policy (RD RAP).

Answer: A Explanation:

You can also configure RD Gateway to use Remote Desktop connection authorization policies (RD CAPs) that are stored on another server that runs the Network Policy Server (NPS) service. By doing this, you are using the server running NPS, formerly known as a Remote Authentication Dial-In User Service (RADIUS) server, to centralize the storage, management, and validation of RD CAPs. If you have already deployed a server running NPS for remote access scenarios such as VPN and dial-up networking, using the existing server running NPS for RD Gateway scenarios as well can enhance your deployment.

RAP

Remote Desktop resource authorization policies (RD RAPs) allow you to specify the internal network resources (computers) that remote users can connect to through an RD Gateway server.

Remote users connecting to the network through an RD Gateway server are granted access to computers on the internal network if they meet the conditions specified in at least one RD CAP and one RD RAP.

CAP

Remote Desktop connection authorization policies (RD CAPs) allow you to specify who can connect to an RD Gateway server

Question No: 106 – (Topic 1)

A company has Remote Desktop Services (RDS) servers that run Windows Server 2008 R2 and client computers that run Windows 7.

You are designing a non-production remote desktop infrastructure that you will use for evaluation purposes for 180 days. The remote desktop infrastructure must meet the following requirements:

->Maximize the security of remote desktop connections.

->Minimize changes to the company#39;s firewall configuration.

->Provide external users with a secure connection from the Windows 7 Remote Desktop client to the RDS environment.

You need to design a temporary remote desktop infrastructure that meets the requirements.

Which services should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)

  1. Remote Desktop Gateway, Remote Desktop Licensing, and Remote Desktop Session Host

  2. Remote Desktop Licensing, Remote Desktop Session Host, and Remote Desktop Web Access

  3. Only Remote Desktop Gateway and Remote Desktop Session Host

  4. Only Remote Desktop Session Host and Remote Desktop Web Access

Answer: C Explanation:

Its true that the evaluation period for RD is only 120 days and your requirements are 180 days. Maybe the question is inaccurate and it actually states 120 days?

But if you read http://technet.microsoft.com/en-us/library/cc738962(WS.10).aspx it says To allow ample time for you to deploy a Terminal Server license server, Terminal Server provides a licensing grace period, during which no license server is required. During this grace period, a terminal server can accept connections from unlicensed clients without contacting a license server. The grace period begins the first time the terminal server accepts a client connection. It ends after you deploy a license server and that license server issues its first permanent client access license (CAL), or after 120 days, whichever comes first.

In order for a license server to issue permanent CALs, you must activate the license server and then purchase and install the appropriate number of permanent CALs. If a license server is not activated, it issues temporary licenses. These temporary licenses allow clients to connect to the terminal server for 90 days.

So is that the solution?

If you feel licensing is required then A is your answer, if you don#39;t then C is your answer. Remote Desktop Gateway (RD Gateway), formerly Terminal Services Gateway (TS Gateway), is a role service in the Remote Desktop Services server role included with Windows Server庐 2008 R2 that enables authorized remote users to connect to resources on an internal corporate or private network, from any Internetconnected device that can run the Remote Desktop Connection (RDC) client. The network resources can be Remote Desktop Session Host (RD Session Host) servers, RD Session Host servers running

RemoteApp programs, or computers and virtual desktops with Remote Desktop enabled. RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to establish a secure, encrypted connection between remote users on the Internet and internal network resources

Why use Remote Desktop Gateway?

RD Gateway provides many benefits, including:

RD Gateway enables remote users to connect to internal network resources over the Internet, by using an encrypted connection, without needing to configure virtual private network (VPN) connections.

RD Gateway provides a comprehensive security configuration model that enables you to control access to specific internal network resources. RD Gateway provides a point-to-point RDP connection, rather than allowing remote users access to all internal network resources.

RD Gateway enables most remote users to connect to internal network resources that are hosted behind firewalls in private networks and across network address translators (NATs). With RD Gateway, you do not need to perform additional configuration for the RD Gateway server or clients for this scenario.

Prior to this release of Windows Server, security measures prevented remote users from connecting to internal network resources across firewalls and NATs. This is because port 3389, the port used for RDP connections, is typically blocked for network security purposes. RD Gateway transmits RDP traffic to port 443 instead, by using an HTTP Secure Sockets Layer/Transport Layer Security (SSL/TLS) tunnel. Because most corporations open port 443 to enable Internet connectivity, RD Gateway takes advantage of this network design to provide remote access connectivity across multiple firewalls.

The Remote Desktop Gateway Manager enables you to configure authorization policies to define conditions that must be met for remote users to connect to internal network resources. For example, you can specify:

Who can connect to internal network resources (in other words, the user groups who can connect).

What network resources (computer groups) users can connect to.

Whether client computers must be members of Active Directory security groups. Whether device redirection is allowed.

Whether clients need to use smart card authentication or password authentication, or whether they can use either method.

You can configure RD Gateway servers and Remote Desktop Services clients to use Network Access Protection (NAP) to further enhance security. NAP is a health policy creation, enforcement, and remediation technology that is included in Windows Server庐 2008 R2, Windows Server庐 2008, Windows庐 7, Windows Vista庐, and Windows庐 XP Service Pack 3. With NAP, system administrators can enforce health requirements, which can include software requirements, security update requirements, required computer

configurations, and other settings. .

A Remote Desktop Session Host (RD Session Host) server is the server that hosts Windows-based programs or the full Windows desktop for Remote Desktop Services clients. Users can connect to an RD Session Host server to run programs, to save files, and to use network resources on that server. Users can access an RD Session Host server by using Remote Desktop Connection or by using RemoteApp.

Remote Desktop Licensing

http://technet.microsoft.com/en-us/library/hh553157(v=ws.10) Operating System Grace Period

Windows Server 2008 R2 120 days

Windows Server 2008 120 days

Windows Server 2003 R2 / Windows Server 2003 120 days Windows 2000 Server 90 days

There has been some debate about licensing and some suggest you needed a license server. however take a look here: http://support.microsoft.com/kb/948472

Evaluating Windows Server 2008 software does not require product activation. Any edition of Windows Server 2008 may be installed without activation, and it may be evaluated for 60 days. Additionally, the 60-day evaluation period may be reset (re-armed) three times. This action extends the original 60-day evaluation period by up to 180 days for a total possible evaluation time of 240 days.

Question No: 107 DRAG DROP – (Topic 1)

A company currently has a Remote Desktop Services (RDS) farm consisting of three Remote Desktop Session Hosts (RD Session Hosts) and one Remote Desktop Session Broker (RD Session Broker). The RD Session Hosts are configured to use Windows Network Load Balancing.

The RDS servers run slowly every Monday morning between 9:00 A.M. and 11:00 A.M.

You establish that your third-party backup solution is running on the RDS servers at these times and is causing the poor performance. Company policy mandates that the backup must occur at this time.

You have the following requirements:

->Implement Windows System Resource Manager (WSRM) on each of the RDS servers to minimize the system resources utilized by the backup Application.

->Ensure that WSRM runs only when required.

You need to configure WSRM.

Which actions should you perform in sequence?

To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. (Use only actions that Apply.)

Dumps4Cert 2018 PDF and VCE

Answer:

Dumps4Cert 2018 PDF and VCE

Explanation:

Dumps4Cert 2018 PDF and VCE

Process Matching Criteria

The WSRM process-matching criteria performance object, installed with Windows System Resource Manager (WSRM), consists of counters that monitor the CPU usage and memory usage of the processes matched by the process-matching criteria. The criteria are included in the managing resource-allocation policy. Each object will have as many instances as the number of process-matching criteria within the current active policy.

Resource Allocation Policy

Allocate processor and memory resources to processes that are specified by the process matching criteria that you create.

Also see

http://www.techrepublic.com/article/use-windows-system-resource-manager-to-control-a- serverspowers/5178054

Topic 2, Humongous Insurance Scenario:

COMPANY OVERVIEW

Humongous Insurance has a main office and 20 branch offices. The main office is located in New York. The branch offices are located throughout North America. The main office has 8,000 users. Each branch office has 2 to 250 users.

PLANNED CHANGES

Humongous Insurance plans to implement Windows BitLocker Drive Encryption (BitLocker) on all servers.

EXISTING ENVIRONMENT

The network contains servers that run either Windows Server 2003, Windows Server 2008, or Windows Server 2008 R2. All client computers run either Windows 7 Enterprise or Windows Vista Enterprise.

Business Goals

Humongous Insurance wants to minimize costs whenever possible.

Existing Active Directory/Directory Services

The network contains a single Active Directory forest named humongousinsurance.com. The forest contains two child domains named north.humongousinsurance.com and south.humongousinsurance.com. The functional level of the forest is Windows Server 2008 R2.

Existing Network Infrastructure

Each child domain contains a Web server that has Internet Information Services (IIS) installed. The forest root domain contains three Web servers that have IIS installed. The Web servers in the forest root domain are configured in a Network Load Balancing (NLB) cluster.

Currently, all of the Web servers use a single domain user account as a service account.

Windows Server Update Services (WSUS) is used for company-wide patch management. The WSUS servers do not store updates locally.

The network contains Remote Desktop servers that run Windows Server 2008 R2. Users in the sales department access a line-of-business Application by using Remote Desktop.

Managers in the sales department use the Application to generate reports. Generating the reports is CPU intensive.

The sales managers report that when many users are connected to the servers, the reports take a long time to process.

Humongous Insurance has the following standard server builds:

->Class 1 – Dual x64 CPUs, 4-GB RAM, Windows Web Server 2008 R2

->Class 2 – Dual x64 CPUs, 4-GB RAM, Windows Server 2008 R2 Standard

->Class 3 – Quad x64 CPUs, 8-GB RAM, Windows Server 2008 R2 Standard

->Class 4 – Quad x64 CPUs, 8-GB RAM, Windows Server 2008 R2 Enterprise

Current Administration Model

Humongous Insurance currently uses the following technologies to manage the network:

->Microsoft Desktop Optimization Pack

->Microsoft Forefront EndPoint Protection

->Microsoft System Center Operations Manager

->Microsoft System Center Configuration Manager

TECHNICAL REQUIREMENTS

Humongous Insurance must meet the following technical requirements:

->A certificate must be required to recover BitLocker-protected drives.

->Newly implemented technologies must minimize the impact on LAN traffic.

->Newly implemented technologies must minimize the storage requirements.

->The management of disk volumes and shared folders must be performed remotely whenever possible.

->Newly implemented technologies must minimize the amount of bandwidth used on Internet connections.

->All patches and updates must be tested in a non-production environment before

they are App1ied to production servers.

->Multiple versions of a Group Policy object (GPO) must be maintained in a central archive to facilitate a rol required.

The management of passwords and service principal names (SPNs) for all service accounts must be automated whenever possible.

Question No: 108 – (Topic 2)

You need to recommend a data management solution that meets the company#39;s technical requirements. What should you include in the recommendation?

  1. DFS Management

  2. File Server Resource Manager (FSRM)

  3. Share and Storage Management

  4. Storage Explorer

Answer: C Explanation:

http://technet.microsoft.com/en-us/library/cc753175.aspx

Share and Storage Management provides a centralized location for you to manage two important server resources:

Folders and volumes that are shared on the network Volumes in disks and storage subsystems

Shared resources management

You can share the content of folders and volumes on your server over the network using the Provision a Shared Folder Wizard, which is available in Share and Storage Management. This wizard guides you through the necessary steps to share a folder or volume and assign all applicable properties to it. With the wizard, you can:

Specify the folder or volume that you want to share or create a new folder to share. Specify the network sharing protocol used to access the shared resource.

Change the local NTFS permissions for the folder or volume you will be sharing.

Specify the share access permissions, user limits, and offline access to files in the shared resource.

Publish the shared resource to a Distributed File System (DFS) namespace.

If Services for Network File System (NFS) has been installed, specify NFS-based access permissions for the shared resource.

If File Server Resource Manager is installed on your server, apply storage quotas to the new shared resource, and create file screens to limit the type of files that can be stored in it.

Using Share and Storage Management, you can also monitor and modify important aspects of your new and existing shared resources. You can:

Stop the sharing of a folder or volume.

Change the local NTFS permissions for a folder or volume.

Change the share access permissions, offline availability, and other properties of a shared resource.

See which users are currently accessing a folder or a file and disconnect a user if necessary.

If Services for Network File System (NFS) has been installed, change the NFS-based access permissions for a shared resource.

For more information about using Share and Storage Management to manage shared resources, see Provisioning Shared Resources.

Storage management With Share and Storage Management, you can provision storage on disks that are available on your server, or on storage subsystems that support Virtual Disk Service (VDS). The Provision Storage Wizard guides you through the process of creating a volume on an existing disk, or on a storage subsystem attached to your server. If the volume is going to be created on a storage subsystem, the wizard will also guide you through the process of creating a logical unit number (LUN) to host that volume. You also have the option of only creating the LUN, and using Disk Management to create the volume later.

Share and Storage Management also helps you monitor and manage the volumes that you have created, as well as any other volumes that are available on your server. Using Share and Storage Management you can:

Extend the size of a volume. Format a volume.

Delete a volume.

Change volume properties like compression, security, offline availability and indexing. Access disk tools for error checking, defragmentation, and backup.

Question No: 109 – (Topic 2)

You need to recommend a BitLocker recovery method that meets the company#39;s technical requirements.

Which recovery method should you recommend?

  1. a data recovery agent

  2. a recovery key

  3. a recovery password printed and stored in a secure location

  4. a recovery password stored in Active Directory

Answer: A Explanation:

http://technet.microsoft.com/en-us/library/dd875560(WS.10).aspx

Data recovery agents are accounts that are able to decrypt BitLocker-protected drives by using their smart card certificates and public keys. Recovery of a BitLocker-protected drive can be accomplished by a data recovery agent that has been configured with the proper certificate. Before a data recovery agent can be configured for a drive, you must add the data recovery agent to Public Key Policies\BitLocker Drive Encryption in either the Group Policy Management Console (GPMC) or the Local Group Policy Editor. You must also enable and configure the Provide the unique identifiers for your organization policy setting to associate a unique identifier to a new drive that is enabled with BitLocker. An identification field is a string that is used to uniquely identify a business unit or organization. Identification fields are required for management of data recovery agents on BitLocker- protected drives. BitLocker will only manage and update data recovery agents when an identification field is present on a drive and is identical to the value configured on the computer.

Question No: 110 – (Topic 2)

You need to recommend a solution to decrease the amount of time it takes for the sales managers to generate reports. What should you include in the recommendation?

  1. Desktop Optimization Pack

  2. File Server Resource Manager (FSRM)

  3. Remote Desktop Connection Broker (RD Connection Broker)

  4. Windows System Resource Manager (WSRM)

Answer: D Explanation: Dedulas:

http://technet.microsoft.com/en-us/library/cc754150

You can use Windows System Resource Manager to allocate processor and memory

resources to applications, users, Remote Desktop Services sessions, and Internet Information Services (IIS) application pools So based upon the information given in the exhibits: the reports are CPU INTENSIVE amp; when there are a lot of users connected the report take longer to process. you need to reduce the time it takes for reports to be generated a bottle neck on the CPU would increase the time it takes to generate reports so the required solution would need to allocate additional CPU resources to the sales managers or else limit the CPU resources used by the regular users.

If we look at http://technet.microsoft.com/en-us/library/cc753280

Windows System Resource Manager manages processor resources by adjusting the priority of processes. This guarantees a minimum percentage of available CPU bandwidth to process groups that are defined by process matching criteria. Resource management is not enforced unless the total CPU usage is greater than 70 percent….The simplest method of allocating processor resources is to assign a percent CPU target to each group of processes that are defined by a process matching criterion. This target is the percent of available CPU bandwidth that is guaranteed as a minimum to the process group.

So with that in mind I#39;d me inclined to say the answer is WSRM. because FSRM in a nutshell has nothing what so ever to do with CPU resources its only about disk management, applying disk quotas, blocking certain file types etc

100% Dumps4cert Free Download!
Download Free Demo:70-646 Demo PDF
100% Dumps4cert Pass Guaranteed!
70-646 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.