Microsoft 70-640 - Windows Server 2008 Active Directory, Configuring Exam
Page: 1 / 127
Total 631 questions
Question #1 (Topic: Topic 1)
Your network consists of an Active Directory forest that contains two domains. All servers
run Windows Server 2008 R2. All domain controllers are configured as DNS Servers.
You have a standard primary zone for dev.contoso.com that is stored on a member server.
You need to ensure that all domain controllers can resolve names from the
dev.contoso.com zone.
What should you do?
run Windows Server 2008 R2. All domain controllers are configured as DNS Servers.
You have a standard primary zone for dev.contoso.com that is stored on a member server.
You need to ensure that all domain controllers can resolve names from the
dev.contoso.com zone.
What should you do?
A. On the member server, create a stub zone.
B. On the member server, create a NS record for each domain controller.
C. On one domain controller, create a conditional forwarder. Configure the conditional forwarder to replicate to all DNS servers in the forest.
D. On one domain controller, create a conditional forwarder. Configure the conditional forwarder to replicate to all DNS servers in the domain.
Answer: C
Question #2 (Topic: Topic 1)
Your company has an Active Directory forest. The company has servers that run Windows
Server 2008 R2 and client computers that run Windows 7. The domain uses a set of GPO
administrative templates that have been approved to support regulatory compliance
requirements.
Your partner company has an Active Directory forest that contains a single domain. The
company has servers that run Windows Server 2008 R2 and client computers that run
Windows 7.
You need to configure your partner company's domain to use the approved set of
administrative templates.
What should you do?
Server 2008 R2 and client computers that run Windows 7. The domain uses a set of GPO
administrative templates that have been approved to support regulatory compliance
requirements.
Your partner company has an Active Directory forest that contains a single domain. The
company has servers that run Windows Server 2008 R2 and client computers that run
Windows 7.
You need to configure your partner company's domain to use the approved set of
administrative templates.
What should you do?
A. Use the Group Policy Management Console (GPMC) utility to back up the GPO to a file. In each site, import the GPO to the default domain policy.
B. Copy the ADMX files from your company's PDC emulator to the PolicyDefinitions folder on the partner company's PDC emulator.
C. Copy the ADML files from your company's PDC emulator to the PolicyDefinitions folder on the partner company's PDC emulator.
D. Download the conf.adm, system.adm, wuau.adm, and inetres.adm files from the Microsoft Updates Web site. Copy the ADM files to the PolicyDefinitions folder on thr partner company's emulator.
Answer: B
Question #3 (Topic: Topic 1)
Your company has file servers located in an organizational unit named Payroll. The file
servers contain payroll files located in a folder named Payroll.
You create a GPO.
You need to track which employees access the Payroll files on the file servers.
What should you do?
servers contain payroll files located in a folder named Payroll.
You create a GPO.
You need to track which employees access the Payroll files on the file servers.
What should you do?
A. Enable the Audit process tracking option. Link the GPO to the Domain Controllers organizational unit. On the file servers, configure Auditing for the Authenticated Users group in the Payroll folder.
B. Enable the Audit object access option. Link the GPO to the Payroll organizational unit. On the file servers, configure Auditing for the Everyone group in the Payroll folder.
C. Enable the Audit process tracking option. Link the GPO to the Payroll organizational unit. On the file servers, configure Auditing for the Everyone group in the Payroll folder.
D. Enable the Audit object access option. Link the GPO to the domain. On the domain controllers, configure Auditing for the Authenticated Users group in the Payroll folder.
Answer: B
Question #4 (Topic: Topic 1)
You need to remove the Active Directory Domain Services role from a domain controller
named DC1.
What should you do?
named DC1.
What should you do?
A. Run the netdom remove DC1 command.
B. Run the Dcpromo utility. Remove the Active Directory Domain Services role.
C. Run the nltest /remove_server: DC1 command.
D. Reset the Domain Controller computer account by using the Active Directory Users and Computers utility.
Answer: B
Question #5 (Topic: Topic 1)
You have an Active Directory domain that runs Windows Server 2008 R2.
You need to implement a certification authority (CA) server that meets the following
requirements:
Allows the certification authority to automatically issue certificates
Integrates with Active Directory Domain Services
What should you do?
You need to implement a certification authority (CA) server that meets the following
requirements:
Allows the certification authority to automatically issue certificates
Integrates with Active Directory Domain Services
What should you do?
A. Install and configure the Active Directory Certificate Services server role as a Standalone Root CA.
B. Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA.
C. Purchase a certificate from a third-party certification authority, Install and configure the Active Directory Certificate Services server role as a Standalone Subordinate CA.
D. Purchase a certificate from a third-party certification authority, Import the certificate into the computer store of the schema master.
Answer: B
