[May 2016] exam 70-642 windows server 2008 network infrastructure configuring

Actual of 70-642 free question materials and braindumps for Microsoft certification for customers, Real Success Guaranteed with Updated 70-642 pdf dumps vce Materials. 100% PASS TS: Windows Server 2008 Network Infrastructure, Configuring exam Today!

2016 May 70-642 Study Guide Questions:

Q231. - (Topic 4) 

You install Microsoft Network Monitor 3.4 on a server. 

You start Network Monitor and you capture data overnight. 

The next morning, you discover that the server responds very slowly. 

You open Task Manager as shown in the exhibit. (Click the Exhibit button.) 

You need to reduce the amount of system resources consumed on the server when Network Monitor captures network data. 

What should you do? 

A. Use Netmon and enable pmode for the network adapter. 

B. Use Netmon with conversations enabled. 

C. Use Nmcap and enable pmode for the network adapter. 

D. Use Nmcap with conversations disabled. 

Answer: D 


Q232. - (Topic 4) 

Your network contains an Active Directory forest named contoso.com. The forest contains a server named Server1 that runs Windows Server 2008 R2 Service Pack 1 (SP1) Standard. The forest contains a server named Server2 that runs Windows Server 2008 R2 SP1 Enterprise. Server1 and Server2 have the Print and Document Services server role installed. 

You need to migrate the print queues, printer settings, printer ports, and language monitors from Server1 to Server2. 

Which tool should you use? 

A. Printmig 

B. Active Directory Sites and Services 

C. Printbrm 

D. Devices and Printers 

Answer: C 

Explanation: PrintBRM was introduced in Windows Vista and Windows Server 2008 as the replacement for the PrintMig utility. PrintBRM allows you to backup, restore and migrate print queues, printer setttings, printer ports and language monitors. 


Q233. - (Topic 3) 

Your company has a main office and 15 branch offices. The company has a single Active 

Directory domain. All servers run Windows Server 2008 R2. 

You need to ensure that the VPN connections between the main office and the branch offices meet the following requirements: 

All data must be encrypted by using end-to-end encryption. 

The VPN connection must use computer-level authentication. 

User names and passwords cannot be used for authentication. 

What should you do? 

A. Configure an IPsec connection to use tunnel mode and preshared key authentication. 

B. Configure a PPTP connection to use version 2 of the MS-CHAP v2 authentication. 

C. Configure a L2TP/IPsec connection to use the EAP-TLS authentication. 

D. Configure a L2TP/IPsec connection to use version 2 of the MS-CHAP v2 authentication. 

Answer: C 

Explanation: 

EAP-Transport Layer Security (EAP-TLS), defined in RFC 5216, is an IETF open standard, and is well supported among wireless vendors. The security of the TLS protocol is strong, provided the user understands potential warnings about false credentials. It uses PKI to secure communication to a RADIUS authentication server or another type of authentication server. So even though EAP-TLS provides excellent security, the overhead of client-side certificates may be its Achilles' heel. EAP-TLS is the original, standard wireless LAN EAP authentication protocol. Although it is rarely deployed, it is still considered one of the most secure EAP standards available and is universally supported by all manufacturers of wireless LAN hardware and software. The requirement for a client-side certificate, however unpopular it may be, is what gives EAP-TLS its authentication strength and illustrates the classic convenience vs. security trade-off. A compromised password is not enough to break into EAP-TLS enabled systems because the intruder still needs to have the client-side private key. The highest security available is when client-side keys are housed in smart cards.[4] This is because there is no way to steal a certificate's corresponding private key from a smart card without stealing the card itself. It is significantly more likely that the physical theft of a smart card would be noticed (and the smart card immediately revoked) than a (typical) password theft would be noticed. Up until April 2005, EAP-TLS was the only EAP type vendors needed to certify for a WPA or WPA2 logo.[5] There are client and server implementations of EAP-TLS in 3Com, Apple, Avaya, Brocade Communications, Cisco, Enterasys Networks, Foundry, HP, Juniper, and Microsoft, and open source operating systems. EAP-TLS is natively supported in Mac OS X 10.3 and above, Windows 2000 SP4, Windows XP and above, Windows Mobile 2003 and above, and Windows CE 4.2 


70-642  free question

Up to the minute 70-642 exam:

Q234. - (Topic 1) 

Your network contains an Active Directory domain named contoso.com. 

The domain contains a server named Server6 that runs a third-party POP3 server. Server6 only supports encrypted POP3 connections. 

You need to configure the Windows Firewall on Server6 to allow client computers access to the POP3 server. 

Which port or ports should you allow through Windows Firewall? 

A. UDP 993 

B. TCP 587 and UDP 587 

C. UDP 995 

D. TCP 53 and UDP 53 

E. UDP 546 and UDP 547 

F. TCP 636 

G. TCP 995 

H. TCP 546 and TCP 547 

I. UDP 1433 

J. UDP 67 and UDP 68 

K. TCP 1433 

L. TCP 993 

M. TCP 67 and TCP 68 

Answer: G 

Explanation: 

http://technet.microsoft.com/en-us/library/cc959833.aspx 


Q235. - (Topic 1) 

Your company has a main office and two branch offices. Domain controllers in the main office host an Active Directory-integrated zone. 

The DNS servers in the branch offices host a secondary zone for the domain and use the main office DNS servers as their DNS Master servers for the zone. 

The company adds a new branch office. You add a member server named Branch3 and install the DNS Server server role on the server. You configure a secondary zone for the domain. The zone transfer fails. 

You need to configure DNS to provide zone data to the DNS server in the new branch office. 

What should you do? 

A. Run dnscmd by using the ZoneResetMasters option. 

B. Run dnscmd by using the ZoneResetSecondaries option. 

C. Add the new DNS server to the Zone Transfers tab on one of the DNS servers in the main office. 

D. Add the new DNS server to the DNSUpdateProxy Global security group in Active Directory Users and Computers. 

Answer: C 


Q236. - (Topic 2) 

Your network contains a Windows Server Update Services (WSUS) Server infrastructure that has three servers named WSUS1, WSUS2, and WSUS3. 

WSUS2 is a downstream replica server of WSUS1. WSUS3 is a downstream replica server of WSUS2. 

You need to ensure that the Update Services console on WSUS2 only displays computers that receive updates from WSUS2. 

What should you configure on WSUS2? 

A. downstream servers 

B. Personalization 

C. reporting rollup 

D. synchronizations 

Answer: B 


2passeasy.com

Actual 70-642 exam:

Q237. - (Topic 1) 

Your network contains an Active Directory domain named contoso.com. The domain contains two DNS servers named DC1 and Server1. DC1 is a domain controller. Server1 is member server. 

On Server1, you create a primary zone named fabrikam.com. 

You need to create a copy of the fabrikam.com zone on DC1. 

What should you do? (Each correct answer presents part of the solution. Choose two.) 

A. Create a new secondary zone on DC1. 

B. Run the New Delegation Wizard on DC1. 

C. Create a new Active Directory-integrated stub zone on DC1. 

D. Run the New Delegation Wizard on Server1. 

E. Modify the Name Servers list for the fabrikam.com zone. 

F. Modify the start of authority (SOA) record of the fabrikam.com zone. 

Answer: A,E 

Explanation: http://technet.microsoft.com/en-us/library/dd197427(v=ws.10).aspx 

A DNS database can be partitioned into multiple zones. A zone is a portion of the DNS database that contains the resource records with the owner names that belong to the contiguous portion of the DNS namespace. Zone files are maintained on DNS servers. A single DNS server can be configured to host zero, one, or multiple zones. 

The new zone fabrikam.com is a totally new domain and zone and is thus in no way related to contoso.com. 

This is allowed as DNS servers are capable of hosting multiple, unrelated zones. 


Q238. - (Topic 3) 

Your network contains two Active Directory sites named Site1 and Site2. Site1 contains a domain controller named DC1 and a file server named Server1. Site2 contains a file server named Server2. 

You have a Distributed File System (DFS) namespace named \\contoso.com\root\ that has a namespace server named DC1. 

On Server1 and Server2, you create a shared folder named Marketing. 

You need to configure DFS to meet the following requirements: 

Ensure that clients connect to the Marketing share in their local site. 

Ensure that the files in Marketing are replicated between Server1 and Server2. 

Ensure that clients can connect to Marketing by using the URL 

contoso.com\root\marketing. 

What should you do? (Each correct answer presents part of the solution. Choose three) 

A. Install the DFS Replication role service on Server1 and Server2 

B. Configure the properties of the contoso.com namespace. 

C. Install the DFS Replication role service on DC1. 

D. Add a folder to the namespace and specify the folder targets. 

E. Run the New Replication Group wizard. 

Answer: A,D,E 


Q239. - (Topic 3) 

Your network contains a server named Server1 that runs a Server Core installation of Windows Server 2008 R2. Server1 is configured as a DNS server. 

You need to ensure that Server1 only resolves name queries from IPv6 clients. 

What should you do? 

A. Run netsh.exe and specify the dnsclient parameter. 

B. Run dnscmd.exe and specify the /config parameter. 

C. Run dnscmd.exe and specify the /resetlistenaddresses parameter. 

D. Run netsh.exe and specify the interface parameter. 

Answer: B 

Explanation: 

To configure your DNS server to listen over IPv6, do the following: 

-Install Windows Support Tools. 

For more information, see Install Windows Support Tools 

-Open Command Prompt. 

-Type the following command: 

dnscmd /config /EnableIPv6 1 

-Restart the DNS Server service. 

http://technet.microsoft.com/en-us/library/cc783049(WS.10).aspx 


Q240. - (Topic 2) 

Your network contains a server named Server1 that runs Windows Server 2008 R2. 

You need to configure scheduled backups on Server1 to meet the following requirements: 

. Maintain 60 days of backups. 

. Minimize the performance impact on Server1 while a backup is running. 

What should you do? 

A. From Windows PowerShell, run the New-WBPolicy cmdlet. 

B. From Windows PowerShell, run the Set-WBVssBackupOptions cmdlet. 

C. From the Backup Schedule Wizard, click the Backup to a volume option. 

D. From the Backup Schedule Wizard, click the Backup to hard disk that is dedicated for backups (recommended) option. 

Answer: D 



see more http://www.2passeasy.com/exam/70-642/