MCP (Microsoft Certied Professional)
MCSA(Microsoft Cetified Systems Adminietrator)
MCSE(Microsoft Cetified Systems Engineer)
MCAD(Microsoft Cetified Application Developer)
MCP+SB(Microsoft Certied Professional+Site Building)
MCSD(Microsoft Cetified Solution Developer)
MCSE+I(Microsoft Cetified Systems Engineer+Internet)
IT인증시험을 쉽게 취득하는 지름길은 Pass4Test에 있습니다. Pass4Test의 Microsoft 70-647 (Windows Server 2008,Enterprise Administrator)덤프로 시험준비를 시작하면 성공에 가까워집니다. Microso ft 70-647 (Windows Server 2008,Enterprise Administrator)덤프는 최신 시험문제 출제방향에 대비하여제작된 예상문제와 기출문제의 모음자료입니다.Microsoft 70-647 (Windows Server 2008,Enterprise Administrator)덤프는 시험을 통과한 IT업계종사자분들이 검증해주신 세련된 공부자료입니다. Pass4 Test의 Microsoft 70-647 (Windows Server 2008,Enterprise Administrator)덤프를 공부하여 자격증을땁시다. Microsoft 70-647 (Windows Server 2008,Enterprise Administrator)시험을 한방에 편하게 통과하여 자격증을 취득하려면 시험전 공부가이드가 필수입니다. Pass4Test에서 연구제작한 Micros oft 70-647 (Windows Server 2008,Enterprise Administrator)덤프는 Microsoft 70-647 (Windows Server 2008,Enterprise Administrator)시험을 패스하는데 가장 좋은 시험준비 공부자료입니다.Pass4 Test덤프공부자료는 엘리트한 IT전문자들이 자신의 노하우와 경험으로 최선을 다해 연구제작한 결과물입니다.IT인증자격증을 취득하려는 분들의 곁은 Pass4Test가 지켜드립니다.
NO.1 Your company named Contoso, Ltd. and another company named Fabrikam, Inc. establish a
partnership. The Contoso network consists of one Active Directory forest named contoso.com. The
Fabrikam network consists of one Active Directory forest named fabnkam.com. Users from contoso.com
plan to share files with users from fabrikam.com.
You need to prepare the environment so that users from contoso.com can protect confidential files from
being copied or forwarded to unauthorized users.
What should you do?
A. Create a one-way forest trust from Contoso. Set the NTFS permissions to read-only for all confidential
files.
B. Create a one-way forest trust from Fabrikam. Set the NTFS permissions to read-only for al confidential
files.
C. Deploy Active Directory Federation Services (AD FS). Deploy Active Directory Rights Management
Services (AD RMS).
D. Deploy Active Directory Federation Services (AD FS). Publish the files by using Microsoft SharePoint
Foundation 2010.
Answer: C
NO.2 Your network consists of one Active Directory domain. All servers run Windows Server 2008 R2.
You need to implement a storage management policy for. failover clustering that uses storage area
network (SAN)-based storage.
The solution must support the following requirements:
Maintain disk space usage information
Quota tracking by folder or by volume
Email notifications when users exceed their quota limits.
What should you do?
A. Use the File Server Resource Manager (FSRM).
B. Create and deploy NTFS file system disk quotas.
C. Install and configure the Storage Manager for SANs.
D. Use the Performance Monitor.
Answer: A
NO.3 Your company has three offices. Each office is configured as an Active Directory site. The network
consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2. The
company has five departments. You use a domain-level Group Policy object (GPO) to install Microsoft
Office on all client computers.
You need to deploy a GPO strategy to meet the following requirements:
¡¤ Install a custom application i
one of the departments.
¡¤ Restrict access to removable storage device
for all users.
¡¤ Implement separate Windows Internet Explorer proxy settings fo
each physical location.
What should you do.?
A. Create a new group for each department. Create a new GPO for each site. Create a new GPO for the
domain and use the GPO to install the custom application.
B. Create a new organizational unit (OU) for each department. Create a new GPO for each site and a new
GPO for the domain. Create a GPO for one department OU and use the GPO to install the application.
C. Create a new organizational unit (OU) for each department. Create a single GPO for all the sites and a
new GPO for the domain. Create a single GPO for each department OU and use the GPO to install the
custom application.
D. Create a new child domain for each department. Create a new GPO for each site and a new GPO for
each new child domain. Create a single GPO for all the new child domains and use the GPO to install the
custom application.
Answer: B
NO.4 Your network consists of one Active Directory forest named contoso.com. The relevant portion of the
network is configured as shown in the exhibit. (Click the Exhibit button.)
Users in the sales.apac.intl.contoso.com domain frequently access resources on the
products.corp.contoso.com domain. Users report slow access times when they access resources on the
products.corp. contoso.com domain.
You need to minimize access times when users access resources on the products. corp.contoso.com
domain.
What should you do?
A. Create a realm trust.
B. Create a shortcut trust.
C. Create a new DNS application partition. Add the contoso.com zone to the application partition.
D. Enable Universal Group Membership Caching for all Active Directory sites.
Answer: B
NO.5 Your network consists of one Active Directory domain. All servers run Windows Server 2008 R2. You
plan to publish a Web site on two Web servers.
You need to recommend a solution for the deployment of the two Web servers.
The solution must provide the following requirements:
Session-state information for all users
Access to the Web site if a single server fails
Scalability to as many as seven Web servers
Support for multiple dedicated IP addresses for each Web server
what should you recommend?
A. Install failover clustering on each Web server.
B. Install Network Load Balancing on each Web server.
C. Assign multiple binding5 in Internet Information Services (IIS).
D. Create managed handler mappings in Internet Information Services (IIS).
Answer: B
NO.6 Your company has a main office and nine branch offices. Each office is configured as a separate TCP/IP
subnet. You plan to deploy Active Directory domain controllers in all offices. You install the first domain
controller for the forest in the main office.
You need to prepare the environment for the deployment of domain controllers in all offices. The solution
must ensure that users always authenticate to a domain controller in their local office, unless it is
unavailable.
What should you do?
A. Create 10 subnet objects and one site object. Link all subnet objects to the site. Install domain
controllers in all offices.
B. Create a subnet object and a site object for each office. Link each subnet object to its respective site.
Install domain controllers in all offices.
C. Install domain controllers in all offices. Create 10 subnet objects and one site object. Link all subnet
objects to the site.
D. Install domain controllers in all offices. Create a subnet object and a site object for each office. Link
each subnet object to its respective Site.
Answer: B
NO.7 Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008
R2.
You need to deploy Active Directory Certificate Services on the network to support the following
requirements:
¡¤Maintain availability if a single server fails
z Delegate the enrollment of certificates for separate groups of users,
¡¤Restrict the types of certificates that can be issued by a certificate manager
What should you do?
A. Deploy two servers that run Windows Server 2008 R2 Enterprise. Configure a failover cluster.
Configure an enterprise certification authority (CA).
B. Deploy two servers that run Windows Server 2008 R2 Enterprise. Configure a failover cluster.
Configure a standalone root certification authority (CA).
C. Deploy two servers that run Windows Server 2008 R2 Enterprise. Configure an enterprise root
certification authority (CA) and a standalone subordinate CA.
D. Deploy two servers that run Windows Server 2008 R2 Standard. Configure a standalone root
certification authority (CA) and an enterprise subordinate CA.
Answer: A
NO.8 Your network consists of one Active Directory domain. All domain controllers run either Windows
Server 2008 R2 or Windows Server 2003 SP2. A custom application stores passwords in Active Directory.
You plan to deploy read-only domain controllers (RODCs) on the network.
You need to prevent custom application passwords from being replicated to the ROOCs.
What should you do?
A. Upgrade the schema master to Windows Server 2008 R2. Configure a fine-gained password policy.
B. Upgrade the infrastructure master to Windows Server 2008 R2. Mark the custom application password
attribute as confidential.
C. Upgrade all domain controllers to Windows Server 2008 R2. Add the custom application password
attribute to the RODC filtered attribute set and mark the attribute as confidential.
D. Upgrade all domain controllers to Windows Server 2008 R2. Set the functional level of the forest and
the domain to Windows Server 2008 R2. Configure a fine-grained password policy
Answer: C
NO.9 Your network consists of one Active Directory domain that contains servers that n.ai Windows Server
2008 R2.The relevant servers are configured as shown in the following table.
The relevant portion of the network is shown in the exhibit. (Click the Exhibit button.)
Server3 hosts a secure Web site. You want remote users to access the secure Web site by using a
Secure Socket Layer (SSL) connection throu the Internet. A server certificate issued by Server2 is
installed on Server3.
You need to recommend a solution that will enable the distribution of certificates to the remote users.
The solution must meet the following requirements:
the certification authority must be automatically trusted.
Remote users connecting to Server3 must use client certificates issued by Server4.
A minimum amount of TCP/IP ports must be opened on the firewall that connects the perimeter network
and the internal network
Which certification authority should you recommend installing on Server4?
A. enterprise root
B. enterprise subordinate
C. standalone root
D. standalone subordinate
Answer: D
NO.10 Your company has one main office and four branch offices. Each branch office has a read-only domain
controller (RODC).The network consists of one Active Directory domain. All domain controllers run
Windows Server 2008 R2.Some branch office users work in a department named Sales. Sales
department users must be able to logon to all computers in their respective branch offices, even if a wide
area network (WAN) link fails.
The company security policy has the following requirements:
z User account passwords must be replicated to the minimum number of locations.
¡¤ A minimum number of passwords must be replicated to the branch office domain controller
You need to configure a password replication policy that supports the company security policy.
What should you do?
A. Install a writable domain controller in all branch offices. Create one global group that contains all Sales
department users. Create a fine-grained password policy and apply the policy to the group.
B. Install a writable domain controller in all branch offices, Create one global group that contains the
computers of all Sales department users. Add the group to the Allowed RODC Password Replication
Group in the domain.
C.Create one global group for each branch office that contain the Sales department users and computers
in the corresponding branch office. Add all groups to Windows Authorization Access Group in the domain.
D.Create one global group for each branch office that contains the Sales department users and
computers in the corresponding branch office. Add each group to the Password Replication Policy in the
corresponding branch office.
Answer: D
NO.11 Your network consists of one Active Directory domain. The functional level of the domain is Windows
Server2008 R2.Your company has three departments named Sales, Marketing, and Engineering. All
users in the domainare in an organizational unit (OU) named All Users. You have three custom
applications. You deploy all custom applications by using a Group Policy object(GPO) named
AppInstall.The Sales department purchases a new application that is only licensed for use by the Sales
department.
You need to recommend a solution to simplify the distribution of the new application.
The solution must meet the following requirements:
The application must only be distributed to licensed users.
The amount of administrative effort required to manage the users must remain unaffected.
The three custom applications must be distributed to all existing and new users on the network.
What should you recommend?
A. Create a new child domain for each department and link the AppInstall GPO to each child domain.
Create a new GPO. Link the new GPO to the Sales domain.
B. Create a new child OU for each department. Link the AppInstall GPO to the Marketing OU and the
Engineering OU. Create a new GPO. Link the new GPO to the Sales OU.
C. Create a new group for each department and filter the AppInstall GPO to each group. Create a new
GPO. Link the new GPO to the domain. Filter the new GPO to the Sales group.
D. Create a new group for each department. Filter the AppInstall GPO to the Marketing group and the
Engineering group. Create a new GPO. Link the new GPO to the domain. Filter the new GPO to the Sales
group.
Answer: C
NO.12 Your network consists of one Active Directory domain that contains only domain controllers that run
Windows Server 2008 R2. All domain controllers run DNS and DHCP services. All DNS zones are
standard primary zones.
You need to plan a solution that allows administrators to perform routine maintenance on domain
controllers.
The solution must meet the following requirements:
Minimize server downtime.
Maximize the availability of DNS and DHCP services.
What should you do?
A.Instruct server administrators to run ntdsutil.
B.Instruct server administrators to stop the NTDS service.
C.Instruct server administrators to stop the Netlogon service.
D.Instruct server administrators to restart the servers in Directory Services Restore Mode (DSRM).
Answer: B
NO.13 Your network contains servers that run Windows Server 2008 R2 and client computers that run
Windows 7.You deploy a public key infrastructure by using Certificate Services servers that run Windows
Server 2008 R2.
You need to plan the implementation of smart card authentication on the network.
The solution must meet the following requirements:
Help desk users must only be able to enroll user certificates.
Managers must be able to enroll smartcards for other employees.
Managers must be able to use their client computers to manage certificates.
What should you include in your plan?
A. Enable Web enrollment.
B. Configure Restricted Enrollment Agents.
C. Upgrade all certificates to V3 templates.
D. Configure Restricted Certificate Managers.
Answer: B
NO.14 Your company has three offices. Each office contains servers that run Windows Server 2008 R2.The
servers are configured as file servers. Users regularly travel between offices and require access to
corporate data stored on file servers in theirhome offices.
You need to plan a data access policy for the users. The solution must ensure that users can access
corporate data from a local server when they are traveling.
What should you include in your plan?
A. On all servers, install and configure Distributed File System (DFS).
B. On all servers install and configure the File Server Resource Manager (FSRM) and the File Replication
Service (FRS).
C. On one server, install and configure the File Server Resource Manager (FSRM). On the other two
servers, install and configure the File Replication Service (FRS).
D. On one server, install and configure Distributed File System (DFS). On the other two servers, install
and configure the Background Intelligent Transfer Service (BITS).
Answer: A
NO.15 Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008
R2 and are configured as global catalog servers. Therelevant portion of the network is configured as
shown in the exhibit. (Click the Exhibit button.)
The Bridge all site links option is enabled. You are designing a failover strategy for domain controller
availability.
You need to ensure that client computers in Site H only authenticate to DC1 or DC2 if DC8 fails.
What should you do?
A. Change the B-H site link cost to 50.
B. Remove the global catalog server attribute from DC3, DC4, DCS, DC6, DC7, and DC8.
C. Disable the Bridge all site links option. In Site B, install a new writable domain controller that runs
Windows Server 2008 R2.
D. Prevent DC3, DC4, DC5, DC6, DC7, and DC8 from registering generic (non-site-specific) domain
controller locator DNS records.
Answer: D
NO.16 You network consist of one Active Directory domain and three Network Information Services (NIS)
domains. All domain controllers run Windows Server 2008 R2. All NIS domain servers run UNIX-based
operating systems.
You need to plan the integration of the Active Directory domain and the NIS domains.
The solution must meet the following requirements:
¡¤Minimize the Costs required o implement the solution. Minimize the number of additional Windows
servers required.
¡¤Provide centralized administration of Active Directory domain objects and NIS domain objects
What should you include in your plan?
A. Add the Server for Network Information Services role server.
B. Install the subsystem for UNIX-based applications.
C. Install Active Directory Federation Services (AD FS).
D. Implement a Microsoft Forefront Identity Manager 2010 server.
Answer: A
NO.17 Your company has a main office and 10 branch offices. The network consists of one Active Directory
domain. All domain controllers run Windows Server 2008 R2and are located in the main office. Each
branch office contains one member server. Branch office administrators in each branch office are
assigned the necessary rights to administrators only their member servers. You deploy one read-only
domain controller (RODC) in each branch office.
You need to recommend a security solution for the branch office Windows Server 2008 R2 domain
controllers.
The solution must meet the following requirements: Branch office administrators must be granted rights
on their local domain controller only.¡¤ Branch office administrators must be able to administer the domain
controller in their branch office. This includes changing device drivers and running Windows updates.
What should you recommend?
A. Add each branch office administrator to the Administrators group of the domain.
B. Add each branch office administrator to the local Administrators group of their respective domain
controller.
C. Grant each branch office administrator Full Control permission on their domain controller computer
object in Active Directory.
D. Move each branch office domain controller computer object to a new organizational unit (OU).Grant
each local administrator Full Control permission on the new OU.
Answer: B
NO.18 Your network contains two servers named Server1 and Server2. Server1 is a reverse proxy. Server2
runs Windows Server 2008 R2 and has the Web server (IIS) server role installed. Server2 hosts a secure
Web site. You want users to connect to Server2 by using the https://www.contoso.com URL.
You need to prepare the environment for the deployment of server certificates to meet the foflowmg
requirements:
Users connecting from the local network must only connect directly to Server2.Users must be able to
access the Web site on Server2 when they connect from the Internet or the internal network.
What should you do?
A. Install a server certificate for the name www.contoso.com on Server1 and Server2.
B. Install a server certificate for the name server.contoso.com on Server1 and Server2.
C. Install a server certificate for the name server.contoso.com on Server1. Install a server certificate for
the name www.contoso.com on Server2.
D. Install a server certificate for the name www.contoso.com on Server1. Install a server certificate for the
name server2.coritoso.com on Server2.
Answer: A
NO.19 Your network consists of one Active Directory forest. The functional level of the forest is Windows
Server2003.You upgrade all domain controllers from Windows Server 2003 SP2 to Windows Server 2008
R2. You planto deploy the first read-only domain controller (RODC) in the forest.
You need to prepare the network for the installation of the RODC.
What should you do?
A. Run adprep /rodcprep on any computer in the forest.
B. Run adprep /forestprep on the schema operations master server.
C. Raise the forest functional level to Windows Server 2008 R2.
D. Raise the domain functional level to Windows Server 2008 R2.
Answer: A
NO.20 Your network consists of one Active Directory domain. The functional level of the domain is Windows
Server 2008 R2. Your company has 10 departments. Each department has a department manager and a
department administrator. Some department administrators are responsible for multiple departments. You
have an organizational unit (OU) named All Users that contains all user accounts.
You need to recommend a solution to simplify the management of all users in the domain.
The solution must meet the following requirements:
Department managers must only be able to reset passwords for users in their respective departments.
Department administrators must only be able to modify user accounts in their respective departments.
Only the respective department administrators and managers must be able to manage the accounts of
users who are transferred to their departments from other departments.
What should you recommend?
A. Create an Ou for each department.
Delegate password control for each new Ou to the respective department manager.
Delegate administration of each new OU to the respective department administrator.
B.Create an OU for each department.
When the same administrator is responsible for multiple departments, create only one OU for those
departments.
Delegate password control for each new OU to the respective department manager.
Delegate administration of each new OU to the respective department administrator.
C.Create an OU for each department.
When the same administrator is responsible for multiple departments, create a new OU and nest the OUs
of those departments into the new OU.
Delegate password control for each new OU to the respective to the respective department manager.
Delegate administration of each new OU to the respective department administrator.
D.Create a global security group for each department.
Add all the users, department managers, and administrators from each department to the global security
group.
Delegate password control to the department managers of the AllUsers OU.
Delegate administration to the department administrators of the AllUsers OU.
Answer: A
Microsoft 70-647 (Windows Server 2008,Enterprise Administrator)덤프공부
Posted 2013/5/14 8:32:03 | Category: 미분류 | Tag: