Download Free Microsoft 70-640 Tests Questions and Answers From Braindump2go – 100% Success On Microsoft 70-640 (271-280)

2015 Free Download of Latest Microsoft 70-640 Practce Exam Questions from Braindump2go will help you have a 100% success of 70-640 real exam! All questions are the latest checked and released! Answers are 100% correct guaranteed! In order to increase your confidence, 100% Full Money Back Guarantee is promised by Braindump2go! Instant Download Now!

Vendor: Microsoft
Exam Code: 70-640
Exam Name: TS: Windows Server 2008 Active Directory, Configuring

Keywords: 70-640 Exam Dumps,70-640 Practice Tests,70-640 Practice Exams,70-640 Exam Questions,70-640 Dumps,70-640 Dumps PDF,Microsoft 70-640 Exam Dumps,70-640 Questions and Answers,TS: Windows Server 2008 Active Directory, Configuring

QUESTION 271
Your network contains an Active Directory domain.
You create and mount an Active Directory snapshot.
You run dsamain.exe as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can browse the contents of the Active Directory snapshot.
What should you?

A.    Stop Active Directory Domain Services (AD DS), and then rerun dsamain.exe.
B.    Change the value of the dbpath parameter, and then rerun dsamain.exe.
C.    Change the value of the ldapport parameter, and then rerun dsamain.exe.
D.    Restart the Volume Shadow Copy Service (VSS), and then rerun dsamain.exe.

Answer: B

QUESTION 272
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 and a domain controller named DC1.
On Server1, you configure a collector-initiated subscription for the Application log of DC1.
The subscription is configured to collect all events.
After several days, you discover that Server1 failed to collect any events from DC1, although there are more than 100 new events in the Application log of DC1.
You need to ensure that Server1 collects events from DC1.
What should you do?

A.    On Server1, run wecutil quick-config.
B.    On Server1, run winrm quickconfig.
C.    On DC1, run wecutil quick-config.
D.    On DC1, run winrm quickconfig.

Answer: D
Explanation:
Since the subscription has been created, wecutil quick-config has already run on Server1.
Only thing left is to configure DC1 to forward the events, using winrm quickconfig.

QUESTION 273
A network contains an Active Directory Domain Services (AD DS) domain.
Active Directory is configured as shown in the following table.
The functional level of the domain is Windows Server 2008 R2.
The functional level of the forest is Windows Server 2003.
Active Directory replication between the Seattle site and the Chicago site occurs from 8:00 P.M. to 1:00 A.M. every day.
At 7:00 A.M. an administrator deletes a user account while he is logged on to DC001.
You need to restore the deleted user account.
You must achieve this goal by using the minimum administrative effort.
What should you do?
 

A.    On DC006, stop AD DS, perform an authoritative restore, and then start AD DS.
B.    On DC001, run the Restore-ADObject cmdlet.
C.    On DC006, run the Restore-ADObject cmdlet.
D.    On DC001, stop AD DS, restore the system state, and then start AD DS.

Answer: A

QUESTION 274
Your network contains an Active Directory domain.
The domain is configured as shown in the exhibit.
You have a Group Policy Object (GPO) linked to the domain.
You need to ensure that the settings in the GPO are not processed by user accounts or computer accounts in the Finance organizational unit (OU).
You must achieve this goal by using the minimum amount of administrative effort.
What should you do?
 

A.    Modify the Group Policy permissions.
B.    Configure WMI filtering.
C.    Enable block inheritance.
D.    Enable loopback processing in replace mode.
E.    Configure the link order.
F.    Configure Group Policy Preferences.
G.    Link the GPO to the Human Resources OU.
H.    Configure Restricted Groups.
I.    Enable loopback processing in merge mode.
J.    Link the GPO to the Finance OU.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc731076.aspx

QUESTION 275
Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named Sales and an OU named Engineering.
You have two Group Policy Objects (GPOs) named GPO1 and GPO2.
GPO1 and GPO2 are linked to the Sales OU and contain multiple settings.
You discover that GPO2 has a setting that conflicts with a setting in GPO1.
When the policies are applied, the setting in GPO2 takes effect.
You need to ensure that the settings in GPO1 supersede the settings in GPO2.
The solution must ensure that all non-conflicting settings in both GPOs are applied.
What should you do?

A.    Configure Restricted Groups.
B.    Configure the link order.
C.    Link the GPO to the Sales OU.
D.    Link the GPO to the Engineer OU.
E.    Enable loopback processing in merge mode.
F.    Modify the Group Policy permissions.
G.    Configure WMI filtering.
H.    Configure Group Policy Permissions.
I.    Enable loopback processing in replace mode.
J.    Enable block inheritance.

Answer: B

QUESTION 276
All vendors belong to a global group named vendors.
You place three file servers in a new organizational unit (OU) named ConfidentialFileServers.
The three file servers contain confidential data located in shared folders.
You need to record any failed attempts made by the vendors to access the confidential data.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Create a new Group Policy Object (GPO) and link it to the CONFIDENTIALFILESERVERS
OU. Configure the Audit object access failure audit policy setting.
B.    Create a new Group Policy Object (GPO) and link it to the CONFIDENTIALFILESERVERS
OU. Configure the Audit privilege use Failure audit policy setting.
C.    On each shared folder on the three file servers, add the Vendors global group to the Auditing
tab. Configure Failed Full control setting in the AuditingEntry dialog box.
D.    On each shared folder on the three file servers, add the three servers to the Auditing tab.
Configure Failed Full control setting in the AuditingEntry dialog box.
E.    Create a new Group Policy Object (GPO) and link it to the CONFIDENTIALFILESERVERS
OU. Configure the Deny access to this computer from the network user rights setting for the
Vendors global group.

Answer: AC

QUESTION 277
A corporate network includes a single Active Directory Domain Services (AD DS) domain.
The HR department has a dedicated organizational unit (OU) named HR.
The HR OU has two sub-OUs: HR Users and HR Computers.
User accounts for the HR department reside in the HR Users OU.
Computer accounts for the HR department reside in the HR Computers OU.
All HR department employees belong to a security group named HR Employees.
All HR department computers belong to a security group named HR PCs.
Company policy requires that passwords are a minimum of 6 characters.
You need to ensure that, the next time HR department employees change their passwords, the passwords are required to have at least 8 characters.
The password length requirement should not change for employees of any other department.
What should you do?

A.    Modify the password policy in the GPO that is applied to the domain.
B.    Create a new GPO, with the necessary password policy, and link it to the HR Users OU.
C.    Create a fine-grained password policy and apply it to the HR Users OU.
D.    Modify the password policy in the GPO that is applied to the domain controllers OU.

Answer: C

QUESTION 278
A corporate network includes a single Active Directory Domain Services (AD DS) domain.
All regular user accounts reside in an organisational unit (OU) named Employees.
All administrator accounts reside in an OU named Admins.
You need to ensure that any time an administrator modifies an employee’s name in AD DS, the change is audited.
What should you do first?

A.    Create a Group Policy Object with the Audit directory service access setting enabled and
link it to the Employees OU.
B.    Modify the searchFlags property for the Name attribute in the Schema.
C.    Create a Group Policy Object with the Audit directory service access setting enabled and
link it to the Admins OU.
D.    Use the Auditpol.exe command-line tool to enable the directoryservicechanges auditing
subcategory.

Answer: D
Explanation:
http://technet.microsoft.com/en-us/library/cc731607.aspx

QUESTION 279
Your network contains an Active Directory forest named contoso.com.
You need to provide a user named User1 with the ability to create and manage subnet objects. The solution must minimize the number of permissions assigned to User1.
What should you do?

A.    From Active Directory Users and Computers, run the Delegation of Control wizard.
B.    From Active Directory Administrative Centre, add User1 to the Schema Admins group.
C.    From Active Directory Sites and Services, run the Delegation of Control wizard.
D.    From Active Directory Administrative Centre, add User1 to the Network Configuration
Operators group.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc736770.aspx

QUESTION 280
A corporate network contains a Windows Server 2008 R2 Active Directory forest.
You need to add a User Principle Name (UPN) suffix to the forest.
What tool should you use?

A.    Dsmgmt.
B.    Active Directory Domains and Trusts console.
C.    Active Directory Users and Computers console.
D.    Active Directory Sites and Services console.

Answer: B
Explanation:
http://www.kassapoglou.com/windows-server-2008-lesson-23-video-creating-a-user/


All 651 Microsoft 70-640 Exam Dumps Questions are the New Checked and Updated! In recent years, the 70-640 certification has become a global standard for many successful IT companies. Looking to become a certified Microsoft professional? Download Braindump2go 2015 Latest Released 70-640 Exam Dumps Full Version and Pass 70-640 100%!

 

http://www.braindump2go.com/70-640.html