You are the systems administrator for a medium-sized Active Directory domain. Currently, the environment supports many different domain controllers, some of which are running Windows NT 4 and others that are running Windows 2003 and Server 2008 R2. When you are running domain controllers in this type of environment, which of the following types of groups can you not use?
A. Universal security groups
B. Global groups
C. Domain local groups
D. Computer groups
You are the network administrator for an organization that has all Windows Server 2008 R2 domain controllers.
You need to capture all replication errors that occur between all domain controllers.
What should you do?
A. Use System Performance data collector sets.
B. Use ntdsutil.
C. Configure event log subscriptions.
D. Use the ADSI Edit tool.
You are one of two network administrators for your organization. Your IT partner does most of the work in Active Directory.
While working in Active Directory, your partner accidently deleted a user from the Sales OU. You recover the user from tape backup but you want to help prevent this from happening again inthe future.
What can you do?
A. Enable the Active Directory Recycle Bin.
B. Use ADSI Edit to restore the user.
C. Take away all rights from the other administrator.
D. Use the Directory Services Restore Mode Lockout command.
What is the maximum number of domains that a Windows Server 2008 R2 computer, configured as a domain controller, may participate in at one time?
D. Any number of domains
You are the systems administrator of a large organization that has recently implemented Windows Server 2008 R2. You have a few remote sites that do not have very tight security.
You have decided to implement read-only domain controllers (RODC). What forest functional levels does the network need for you to do the install? (Choose Three)
A. Windows 2000 Mixed
B. Windows 2008 R2
C. Windows 2003
D. Windows 2008
Your network contains an Active Directory domain. The domain contains 20 domain controllers. You need to identify which domain controllers are global catalog servers. Which tool should you use?
ABC.com has a network that consists of a single Active Directory domain.Windows Server 2008 is installed on all domain controllers in the network. You are instructed to capture all replication errors from all domain controllers to a central location. What should you do to achieve this task?
A. Initiate the Active Directory Diagnostics data collector set
B. Set event log subscriptions and configure it
C. Initiate the System Performance data collector set
D. Create a new capture in the Network Monitor
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and east.contoso.com. The contoso.com domain contains a domain controller named DC1. The east.contoso.com domain contains a domain controller named DC2. DC1 and DC2 have the DNS Server server role installed. You need to create a DNS zone that is available on DC1 and DC2. The solution must ensure that zone transfers are encrypted. What should you do?
A. Create a primary zone on DC1 and store the zone in DC=Contoso, DC=com naming context. Create a secondary zone on DC2 and select DC1 as the master.
B. Create a primary zone on DC1 and store the zone in a zone file. Configure Encrypting File System (EFS) encryption. Create a secondary zone on DC2 and select DC1 as the master.
C. Create a primary zone on DC1 and store the zone in a zone file. Configure IPSec on DC1 and DC2. Create a secondary zone on DC2 and select DC1 as the master.
D. Create a primary zone on DC1 and store the zone in a zone file. Configure DNSSEC for the zone. Create a secondary zone on DC2 and select DC1 as the master.
You are hired as a consultant by ABC Corporation to implement a Windows Server 2008 R2 computer onto their Windows Server 2003 domain. All of the client machines are Windows 7. You install Windows Server 2008 R2 onto a new computer and join that computer to the Windows 2003 domain. You want to upgrade the Windows Server 2008 R2 to a domain controller. What should you do first
A. On the new server, run adprep /domainprep.
B. On the new server, run adprep /forestprep.
C. On a Windows Server 2003 domain controller, run adprep /domainprep.
D. On a Windows Server 2003 domain controller, run adprep /forestprep.
You are the network administrator for your organization. Your company uses a Windows Server 2008 R2 Enterprise Root CA. The company has issued a new policy that prevents port 443 and port 80 from being opened on domain controllers and on issuing CAs.
Your users need to request certificates from a web interface.
You have already installed the AD CS role.
What do you need to do next?
A. Configure the Certificate Authority Web Enrollment Service on a member server.
B. Configure the Certificate Authority Web Enrollment Service on a domain server.
C. Configure AD FS on member server to allow secure web-based access.
D. Configure AD FS on domain controller to allow secure web-based access.
Latest Microsoft 70-640 Study Materials with Discount PDF & VCE Files