70-642 Exam
10 tips on 70-642 pdf
Act now and download your Microsoft 70-642 test today! Do not waste time for the worthless Microsoft 70-642 tutorials. Download Up to the minute Microsoft TS: Windows Server 2008 Network Infrastructure, Configuring exam with real questions and answers and begin to learn Microsoft 70-642 with a classic professional.
2021 Sep pdf for 70-642:
Q11. - (Topic 4)
Your network contains a DNS server that hosts a zone for contoso.com. Dynamic updates are enabled on the zone.
The network contains a Web server named webl.contoso.com. Webl.contoso.com uses the
10.10.10.10 IP address.
Webl.contoso.com hosts three websites. The websites are configured as shown in the following table.
You change the IP address of the Web server to 10.10.10.11.
After the change, users report that they fail to access the Sales website and the Finance website. The users can access the Intranet website.
You change the IP address of webl.contoso.com to 10.10.10.10.
The users report that they can access all three websites.
You need to ensure that when you change the IP address of webl.contoso.com, the users can access all three websites.
What should you do?
A. Change the host (A) records of sales.contoso.com and finance.contoso.com to canonical name (CNAME) records.
B. Restart the DNS Client service on webl.contoso.com after you change the IP address.
C. Change the host (A) records of sales.contoso.com and finance.contoso.com to service location (SRV) records.
D. Restart the Netlogon service on webl.contoso.com after you change the IP address.
Answer: A
Q12. - (Topic 3)
You perform a security audit of a server named DC1. You install the Microsoft Network Monitor 3.0 application on DC1.
You plan to capture all the LDAP traffic that comes to and goes from the server between
20:00 and 07:00 the next day and save it to the E:\data.cap file.
You create a scheduled task. You add a new Start a program action to the task.
You need to add the application name and the application arguments to the new action.
What should you do?
A. Add nmcap.exe as the application name. Add the /networks * /capture LDAP /file e:\data.cap /stopwhen /timeafter 11hours line as arguments.
B. Add netmon.exe as the application name. Add the /networks */capture LDAP /file e:\data.cap /stopwhen /timeafter 11hours line as arguments.
C. Add nmcap.exe as the application name. Add the /networks * /capture !LDAP /file e:\data.cap / stopwhen /timeafter 11hours line as arguments.
D. Add nmconfig.exe as the application name. Add the /networks * /capture &LDAP /file e:\data.cap / stopwhen/timeafter 11hours line as arguments.
Answer: A
Q13. - (Topic 2)
Your network contains a server named Server1 that runs Windows Server 2008 R2.
You need to ensure that an administrator is notified by e-mail if the Event Viewer logs any error.
What should you do from the Event Viewer console?
A. Create a custom view, and then click the Filter Current Custom View action.
B. Create a custom view, and then click the Attach Task to This Custom View action.
C. From the System log, click the Filter Current Log action.
D. From the System log, select an Error event, and then click the Attach Task to This Event action.
Answer: B
Q14. - (Topic 2)
Your network contains a server that runs Windows Server 2008 R2. Windows BitLocker Drive Encryption (BitLocker) is enabled for all drives.
You need to perform a bare metal recovery of the server.
What should you do first?
A. From the BIOS, disable the Trusted Platform Module.
B. From the BIOS, disable the processor's No Execute feature.
C. Start the computer in Safe Mode.
D. Start the computer from the Windows Server 2008 R2 installation media.
Answer: D
Q15. - (Topic 1)
Your company has 10 servers that run Windows Server 2008 R2. The servers have Remote Desktop Protocol (RDP) enabled for server administration. RDP is configured to use default security settings.
All administrators' computers run Windows 7.
You need to ensure the RDP connections are as secure as possible.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Set the security layer for each server to the RDP Security Layer.
B. Configure the firewall on each server to block port 3389.
C. Acquire user certificates from the internal certification authority.
D. Configure each server to allow connections only to Remote Desktop client computers that use Network Level Authentication.
Answer: C,D
Improved cbt nuggets 70-642 free download:
Q16. - (Topic 4)
You need to ensure that only the members of the Power Users group and the members of the Administrators group can view the events in the System log.
Which tools should you use?
A. Local Users and Groups
B. Limit-EventLog
C. Secedit
D. Local Group Policy Editor
Answer: D
Explanation:
* The Local Group Policy Editor is a Microsoft Management Console (MMC) snap-in that provides a single user interface through which all the settings of Local Group Policy objects can be managed. *Security Policy Settings: Event Log: The Event Log service records events on the system by writing to one of three default logs that you can read in Event Viewer: the security, application, and system logs. The security log records audit events. You use the settings under Event Log to specify attributes of the security, application, and system logs, such as maximum log size, access rights for each log, and retention settings and methods.
Incorrect:
Not B: Limit-EventLog sets the event log properties that limit the size of the event log and the age of its entries.
Not C: Configures and analyzes system security by comparing your current configuration to at least one template.
Q17. - (Topic 3)
Your company has an Active Directory domain that has two domain controllers named DC1 and DC2.
You prepare both servers to support event subscriptions. On DC1, you create a new default subscription for DC2.
You need to review system events for DC2.
Which event log should you select?
A. system log on DC1
B. application log on DC2
C. Forwarded Events log on DC1
D. Forwarded Events log on DC2
Answer: C
Q18. - (Topic 3)
Your company has a server named Server1 that runs Windows Server 2008 R2. The Windows Server Backup feature is installed on Server1.
Server1 fails. You install a new server named Server2 that runs Windows Server 2008 R2.
You need to restore the company's Windows SharePoint Services (WSS) site to Server2.
What should you do?
A. Use Wbadmin to restore the system state from backup.
B. Run Wbadmin with the Get Versions option. Install WSS.
C. Run Wbadmin with the Start Recovery option. Install WSS.
D. Use Wbadmin to restore the application and the sites from backup.
Answer: D
Q19. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2008 R2.
DC1 hosts a primary zone for contoso.com. DC2 hosts a secondary zone for contosto.com.
You need to ensure that DNS zone data is encrypted when the data replicates across the network. DC2 must provide authoritative responses to client computers.
What should you do?
A. Configure the contoso.com zone to use DNSSEC.
B. Create a new delegation in the contoso.com zone.
C. Modify the zone transfer settings of the contoso.com zone.
D. Convert the contoso.com zone to an Active Directory-integrated zone.
Answer: D
Q20. - (Topic 1)
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 is configured as a DNS server.
You need to ensure that Server1 only resolves queries issued from client computers in the same subnet as Server1.
The solution must ensure that Server1 can resolve Internet host names.
What should you do on Server1?
A. Configure Windows Firewall.
B. Create a conditional forwarder.
C. Modify the routing table.
D. Create a trust anchor.
Answer: A