[Latest Version] Free CertBus Microsoft 70-646 PDF Download with 100% Pass Guarantee
This is a note. Please give me your attention if you are preparing for your Microsoft 70-646 exam. It is really a tough task to pass MCSA 70-646 exam. However, CertBus will help you on that with the most comprehensive PDF and VCEs of the latest MCSA 70-646 exam questions, covering each and every aspect of MCSA 70-646 Windows Server 2008, Server Administrator exam curriculum.
We CertBus has our own expert team. They selected and published the latest 70-646 preparation materials from Microsoft Official Exam-Center: http://www.certgod.com/70-646.html
QUESTION NO:19
Your network consists of a single Active Directory domain. The functional level of the domain is
Windows Server 2008 R2. The domain contains 200 Windows Server 2008 R2 servers.
You need to plan a monitoring solution that meets the following requirements:
-Sends a notification by email to the administrator if an Application error occurs on any of the
servers
-Uses the minimum amount of administrative effort
What should you include in your plan?
A. On one server, create event subscriptions for each server. On the server, attach tasks to the
Application error events.
B. On one server, create an Event Trace Sessions Data Collector Set. On all servers, create a
System Performance Data Collector Set.
C. On all servers, create event subscriptions for one server. On all servers, attach a task for the
Application error events.
D. On all servers, create a System Performance Data Collector Set. On one server, configure the
report settings for the new Data Collector set.
Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/cc749183.aspx
http://technet.microsoft.com/en-us/library/cc748890.aspx
http://technet.microsoft.com/en-us/library/cc722010.aspx
Event Subscriptions
Applies To: Windows 7, Windows Server 2008 R2, Windows Vista
Event Viewer enables you to view events on a single remote computer. However, troubleshooting
an issue might require you to examine a set of events stored in multiple logs on multiple
computers.
Windows Vista includes the ability to collect copies of events from multiple remote computers and
store them locally. To specify which events to collect, you create an event subscription. Among
other details, the subscription specifies exactly which events will be collected and in which log they
will be stored locally. Once a subscription is active and events are being collected, you can view
and manipulate these forwarded events as you would any other locally stored events.
Using the event collecting feature requires that you configure both the forwarding and the
collecting computers. The functionality depends on the Windows Remote Management (WinRM)
service and the Windows Event Collector (Wecsvc) service. Both of these services must be
running on computers participating in the forwarding and collecting process. To learn about the
steps required to configure event collecting and forwarding computers, see Configure Computers
to Forward and Collect Events.
Additional Considerations
. You can subscribe to receive events from an existing subscription on a remote computer.
Configure Computers to Forward and Collect Events
Applies To: Windows 7, Windows Server 2008 R2, Windows Vista
Before you can create a subscription to collect events on a computer, you must configure both the
collecting computer collected (collector) and each computer from which events will be collected
(source). Updated information about event subscriptions may be available online at Event
Subscriptions.
To configure computers in a domain to forward and collect events
1. Log on to all collector and source computers. It is a best practice to use a domain account with
administrative privileges.
2. On each source computer, type the following at an elevated command prompt:
QUESTION NO:13
Your network contains two DHCP servers. The DHCP servers are named DHCP1 and DHCP2.
The internal network contains 1,000 DHCP client computers that are located on a single subnet. A
router separates the internal network from the Internet. The router has a single IP address on the
internal interface.
DHCP1 has the following scope information:
-Starting IP address: 172.16.0.1
-Ending IP address: 172.16.7.255
-Subnet mask: 255.255.240.0
You need to provide a fault tolerant DHCP infrastructure that supports the client computers on the
internal network. In the event that a DHCP server fails, all client computers must be able to obtain
a valid IP address.
How should you configure DHCP2?
A. Create a scope for the subnet 172.16.0.0/20. Configure the scope to use a starting IP address
of 172.16.8.1 and an ending IP address of 172.16.15.254.
B. Create a scope for the subnet 172.16.0.0/21. Configure the scope to use a starting IP address
of 172.16.0.1 and an ending IP address of 172.16.15.254.
C. Create a scope for the subnet 172.16.8.0/21. Configure the scope to use a starting IP address
of 172.16.8.1 and an ending IP address of 172.16.10.254.
D. Create a scope for the subnet 172.17.0.0/16. Configure the scope to use a starting IP address
of 172.17.0.1 and an ending IP address of 172.17.255.254.
Answer: A
Explanation:
Create a scope for the subnet 172.16.0.0/20.
Configure the scope to use a starting IP address of 172.16.8.1 and an ending IP address of
172.16.15.254.
Subnet 255.255.240.0 is a /20 subnet in CIDR notation, this allows for 4096 client IPs, ranging
from 172.16.0.1 all the way to 172.16.15.254 as DHCP1 only used half of the available IPs then
you should configure DHCP2 to use the other half.
http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing as an aside you could consider the
80/20 design rule for balancing scope distribution of addresses where multiple DHCP servers are
deployed to service the same scope.
Using more than one DHCP server on the same subnet provides increased fault tolerance for
servicing DHCP clients located on it. With two DHCP servers, if one server is unavailable, the
other server can take its place and continue to lease new addresses or renew existing clients.
A common practice when balancing a single network and scope range of addresses between two
DHCP servers is to have 80 percent of the addresses distributed by one DHCP server and the
remaining 20 percent provided by a second.
QUESTION NO:2
Your network consists of a single Active Directory domain. Your main office has an Internet
connection.
Your company plans to open a branch office. The branch office will connect to the main office by
using a WAN link. The WAN link will have limited bandwidth. The branch office will not have
access to the Internet. The branch office will contain 30 Windows Server 2008 R2 servers.
You need to plan the deployment of the servers in the branch office.
The deployment must meet the following requirements:
-Installations must be automated.
-Computers must be automatically activated.
-Network traffic between the offices must be minimized.
What should you include in your plan?
A. In the branch office, implement Key Management Service (KMS), a DHCP server, and
Windows Deployment Services (WDS).
B. Use Multiple Activation Key (MAK) Independent Activation on the servers. In the main office,
implement a DHCP server and Windows Deployment Services (WDS).
C. In the main office, implement Windows Deployment Services (WDS). In the branch office,
implement a DHCP server and implement the Key Management Service (KMS).
D. Use Multiple Activation Key (MAK) Independent Activation on the servers. In the main office,
implement a DHCP server. In the branch office, implement Windows Deployment Services (WDS).
Answer: A
Explanation:
The key here is that bandwidth from the branch to the main office is limited and there is no direct
link to MS.
WDS and Product Activation
Although product activation does not need to occur during the actual installation process,
administrators considering using WDS to automate deployment should also consider using volume
activation to automate activation. Volume activation provides a simple centralized method that
systems administrators can use for the activation of large numbers of deployed servers. Volume
activation allows for two types of keys and three methods of activation. The key types are the
Multiple Activation Key (MAK) and the Key Management Services (KMS) key.
Multiple Activation Keys allow activation of a specific number of computers. Each successful
activation depletes the activation pool. For example, a MAK key that has 100 activations allows for
the activation of 100 computers. The Multiple Activation Key can use the MAK Proxy Activation
and the MAK Independent Activation activation methods. MAK Proxy Activation uses a centralized
activation request on behalf of multiple products using a single connection to Microsoft
QUESTION NO:9
Your company has a main office and two branch offices. The main office is located in London. The
branch offices are located in New York and Paris.
Your network consists of an Active Directory forest that contains three domains named
contoso.com, paris.contoso.com, and newyork.contoso.com. All domain controllers run Windows
Server 2008 R2 and have the DNS Server server role installed.
The domain controllers for contoso.com are located in the London office. The domain controllers
for paris.contoso.com are located in the Paris office. The domain controllers for
newyork.contoso.com are located in the New York office.
A domain controller in the contoso.com domain has a standard primary DNS zone for
contoso.com. A domain controller in the paris.contoso.com domain has a standard primary DNS
zone for paris.contoso.com. A domain controller in the newyork.contoso.com domain has a
standard primary DNS zone for newyork.contoso.com.
You need to plan a name resolution strategy for the Paris office that meets the following
requirements:
-If a WAN link fails, clients must be able to resolve hostnames for contoso.com.
-If a WAN link fails, clients must be able to resolve hostnames for newyork.contoso.com.
-The DNS servers in Paris must be updated when new authoritative DNS servers are added to
newyork.contoso.com.
What should you include in your plan?
A. Configure conditional forwarding for contoso.com. Configure conditional forwarding for
newyork.contoso.com.
B. Create a standard secondary zone for contoso.com. Create a standard secondary zone for
newyork.contoso.com.
C. Convert the standard zone into an Active Directoryintegrated zone. Add all DNS servers in the
forest to the root hints list.
D. Create an Active Directoryintegrated stub zone for contoso.com. Create an Active
Directoryintegrated stub zone for newyork.contoso.com.
Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/cc771640.aspx
http://technet.microsoft.com/en-us/library/cc771898.aspx
Understanding Zone Delegation
Applies To: Windows Server 2008, Windows Server 2008 R2
Domain Name System (DNS) provides the option of dividing up the namespace into one or more
zones, which can then be stored, distributed, and replicated to other DNS servers. When you are
deciding whether to divide your DNS namespace to make additional zones, consider the following
reasons to use additional zones:
. You want to delegate management of part of your DNS namespace to another location or
department in your organization.
. You want to divide one large zone into smaller zones to distribute traffic loads among multiple
servers, improve DNS name resolution performance, or create a more-fault-tolerant DNS
environment.
. You want to extend the namespace by adding numerous subdomains at once, for example, to
accommodate the opening of a new branch or site.
Secondary zone
When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary
source for information about this zone. The zone at this server must be obtained from another
remote DNS server computer that also hosts the zone. This DNS server must have network
access to the remote DNS server that supplies this server with updated information about the
zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another
server, it cannot be stored in AD DS.
QUESTION NO:18
Your network consists of a single Active Directory domain. The network contains five Windows
Server 2008 R2 servers that host Web Applications. You need to plan a remote management
strategy to manage the Web servers.
Your plan must meet the following requirements:
-Allow Web developers to configure features on the Web sites
-Prevent Web developers from having full administrative rights on the Web servers
What should you include in your plan?
A. Configure request filtering on each Web server.
B. Configure authorization rules for Web developers on each Web server.
C. Configure the security settings in Internet Explorer for all Web developers by using a Group
Policy.
D. Add the Web developers to the Account Operators group in the domain.
Answer: B
Explanation:
http://mscerts.programming4.us/windows_server/windows server 2008 contro
lling access to web services (part 5) %
20managing url authorization rules.aspx
Managing URL Authorization Rules
Authorization is a method by which systems administrators can determine which resources and
content are available to specific users Authorization relies on authentication to validate the identity
of a user. Once the identity has been proven, authorization rules determine which actions a user
or computer can perform IIS provides methods of securing different types of content using URL-
based authorization. Because Web content is generally requested using a URL that includes a full
path to the content being requested, you can configure authorization settings easily, using IIS
Manager
Creating URL Authorization Rules
To enable URL authorization, the UrlAuthorizationModule must be enabled Authorization rules can
be configured at the level of the Web server for specific Web sites, for specific Web applications,
and for specific files (based on a complete URL path). URL authorization rules use inheritance so
that lower-level objects inherit authorization settings from their parent objects (unless they are
specifically overridden).
To configure authorization settings, select the appropriate object in the left pane of IIS Manager,
and then select Authorization Rules in Features View. Figure 6 shows an example of multiple rules
configured for a Web site.
Figure 6. Viewing authorization rules for a Web site
There are two types of rules: Allow and Deny. You can create new rules by using the Add Allow
Rule and Add Deny Rule commands in the Actions pane The available options for both types of
rules are the same.
(See Figure 7) When creating a new rule, the main setting is to determine to which users the rule
applies. The options are:
. All Users
. All Anonymous Users
. Specific Roles Or User Groups
. Specific Users
When you choose to specify users or groups to which the rule applies, you can type the
appropriate names in a command-separated list. The specific users and groups are defined using
NET role providers. This is a standard feature that is available to ASP NET Web developers.
Developers can create their own roles and user accounts and can define permissions within their
applications. Generally, information about users and roles is stored in a relational database or
relies on a directory service such as Active Directory.
In addition to user and role selections, you can further configure an authorization rule based on
specific HTTP verbs. For example, if you want to apply a rule only for POST commands (which are
typically used to send information from a Web browser to a Web server), add only the POST verb
to the rule
Managing Rule Inheritance
As mentioned earlier in this section, authorization rules are inherited automatically by lower-level
objects This is useful when your Web site and Web content is organized hierarchically based on
intended users or groups The Entry Type column shows whether a rule has been inherited from a
higher level or whether it has been defined locally IIS Manager automatically will prevent you from
creating duplicate rules. You can remove rules at any level, including both Inherited and Local
entry types
QUESTION NO:12
Your network is configured as shown in the following diagram.
You deploy an enterprise certification authority (CA) on the internal network. You also deploy a
Microsoft Online Responder on the internal network. You need to recommend a secure method for
Internet users to verify the validity of individual certificates.
The solution must minimize network bandwidth.
What should you recommend?
A. Deploy a subordinate CA on the perimeter network.
B. Install a standalone CA and the Network Device Enrollment Service (NDES) on a server on the
perimeter network.
C. Install a Network Policy Server (NPS) on a server on the perimeter network. Redirect
authentication requests to a server on the internal network.
D. Install Microsoft Internet Information Services (IIS) on a server on the perimeter network.
Configure IIS to redirect requests to the Online Responder on the internal network.
Answer: D
Explanation:
http://www.ipsure.com/blog/2010/installation-and-configuration-of-active-directory-certificateservices-
onwindows-server-2008-r2-1/
http://msdn.microsoft.com/en-us/library/cc732956.aspx
QUESTION NO:15
Your network consists of a single Active Directory domain. The network contains two Windows
Server 2008 R2 computers named Server1 and Server2. The company has two identical print
devices. You plan to deploy print services.
You need to plan a print services infrastructure to meet the following requirements:
-Manage the print queue from a central location.
-Make the print services available, even if one of the print devices fails.
What should you include in your plan?
A. Install and share a printer on Server1. Enable printer pooling.
B. Install the Remote Desktop Services server role on both servers. Configure Remote Desktop
Connection Broker (RD Connection Broker).
C. Install and share a printer on Server1. Install and share a printer on Server2. Use Print
Management to install the printers on the client computers.
D. Add Server1 and Server2 to a Network Load Balancing cluster. Install a printer on each node of
the cluster.
Answer: A
Explanation:
http://www.techrepublic.com/blog/datacenter/configure-printer-pooling-in-windows-server2008/
964
Managing printers can be the bane of a Windows administrator. One feature that may assist you
with this task is the Windows printer pooling feature. Windows Server 2008 offers functionality that
permits a collection of multiple like-configured printers to distribute the print workload.
Printer pooling makes one share that clients print to, and the jobs are sent to the first available
printer. Configuring print pooling is rather straightforward in the Windows printer configuration
applet of the Control Panel. Figure A shows two like-modeled printers being pooled.
To use pooling, the printer models need to be the same so that the driver configuration is
transparent to the end device; this can also help control costs of toner and other supplies. But plan
accordingly
QUESTION NO:14
Your company has a main office and three branch offices. The network consists of a single Active
Directory domain. Each office contains an Active Directory domain controller.
You need to create a DNS infrastructure for the network that meets the following requirements:
-The DNS infrastructure must allow the client computers in each office to register DNS names
within their respective offices.
-The client computers must be able to resolve names for hosts in all offices.
What should you do?
A. Create an Active Directory-integrated zone at the main office site.
B. Create a standard primary zone at the main office site and at each branch office site.
C. Create a standard primary zone at the main office site. Create a secondary zone at each
branch office site.
D. Create a standard primary zone at the main office site. Create an Active Directory-integrated
stub zone at each branch office site.
Answer: A
Explanation:
http://searchwindowsserver.techtarget.com/tip/DNS-Primer-Tips-for-understanding-ActiveDirectory-
integratedzone-design-and-configuration
http://technet.microsoft.com/en-us/library/cc772101.aspx
In an ADI primary zone, rather than keeping the old zone file on a disk, the DNS records are
stored in the AD, and Active Directory replication is used rather than the old problematic zone
transfer. If all DNS servers were to die or become inaccessible, you could simply install DNS on
any domain controller (DC) in the domain. The records would be automatically populated and your
DNS server would be up without the messy import/export tasks of standard DNS zone files.
Windows 2000 and 2003 allow you to put a standard secondary zone (read only) on a member
server and use one of the ADI primary servers as the master.
When you decide which replication scope to choose, consider that the broader the replication
scope, the greater the network traffic caused by replication. For example, if you decide to have AD
DS-integrated DNS zone data replicated to all DNS servers in the forest, this will produce greater
network traffic than replicating the DNS zone data to all DNS servers in a single AD DS domain in
that forest.
AD DS-integrated DNS zone data that is stored in an application directory partition is not
replicated to the global catalog for the forest. The domain controller that contains the global
catalog can also host application directory partitions, but it will not replicate this data to its global
catalog.
AD DS-integrated DNS zone data that is stored in a domain partition is replicated to all domain
controllers in its AD DS domain, and a portion of this data is stored in the global catalog. This
setting is used to support Windows 2000.
If an application directory partition’s replication scope replicates across AD DS sites, replication
will occur with the same intersite replication schedule as is used for domain partition data.
By default, the Net Logon service registers domain controller locator (Locator) DNS resource
records for the application directory partitions that are hosted on a domain controller in the same
manner as it registers domain controller locator (Locator) DNS resource records for the domain
partition that is hosted on a domain controller.
QUESTION NO:4
Your company purchases 15 new 64bit servers as follows:
-Five of the servers have a single processor.
-Five of the servers have a single dual core processor.
-Five of the servers have two quad core processors.
You plan to deploy Windows Server 2008 R2 on the new servers by using Windows Deployment
Services (WDS). You need to recommend a WDS install image strategy that meets the following
requirements:
-Minimizes the number of install images
-Supports the deployment of Windows Server 2008 R2
What should you recommend?
A. one install image file that contains three install images
B. one install image file that contains a single install image
C. two install image files that each contain a single install image
D. three install image files that each contain a single install image
Answer: B
Explanation:
You only need one image per processor type
Windows Deployment Services Images
Windows Deployment Services uses two different types of images: install images and boot
images. Install images are the operating system images that will be deployed to Windows Server
2008 or Windows Vista client computers. A default installation image is located in the Sources
directory of the Windows Vista and Windows Server 2008 installation DVDs. If you are using WDS
to deploy Windows Server 2008 to computers with different processor architectures, you will need
to add separate installation images for each architecture to the WDS server. Architecture-specific
images can be found on the architecture-specific installation media. For example, the Itanium
image is located on the Itanium installation media and the x64 default installation image is located
on the x64 installation media. Although you can create custom images, you only need to have one
image per processor architecture. For example, deploying Windows Server 2008 Enterprise
Edition x64 to a computer with 1 x64 processor and to a computer with 8 x64 processors in SMP
configuration only requires access to the default x64 installation image. Practice exercise 2 at the
end of this lesson covers the specifics ol adding a default installation image to a WDS server.
QUESTION NO:6
Your network consists of a single Active Directory site that includes two network segments. The
network segments connect by using a router that is RFC 1542 compliant.
You plan to use Windows Deployment Services (WDS) to deploy Windows Server 2008 R2
servers. All new servers support PreBoot Execution Environment (PXE).
You need to design a deployment strategy to meet the following requirements:
-Support Windows Server?2008 R2
-Deploy the servers by using WDS in both network segments
-Minimize the number of servers used to support WDS
What should you include in your design?
A. Deploy one server. Install WDS and DHCP on the server. Configure the IP Helper tables on the
router between the network segments.
B. Deploy two servers. Install WDS and DHCP on both servers. Place one server on each of the
network segments. Configure both servers to support DHCP option 60.
C. Deploy two servers. Install WDS and DHCP on both servers. Place one server on each of the
network segments. Configure both servers to support DHCP option 252.
D. Deploy two servers. Install WDS and DHCP on one server. Install DHCP on the other server.
Place one server on each of the network segments. Configure both servers to support DHCP
option 60.
Answer: A
Explanation:
http://support.microsoft.com/kb/926172
IP Helper table updates
The PXE network boot method uses DHCP packets for communication. The DHCP packets serve
a dual purpose. They are intended to help the client in obtaining an IP address lease from a DHCP
server and to locate a valid network boot server. If the booting client, the DHCP server, and the
network boot server are all located on the same network segment, usually no additional
configuration is necessary. The DHCP broadcasts from the client reach both the DHCP server and
the network boot server.
However, if either the DHCP server or the network boot server are on a different network segment
than the client, or if they are on the same network segment but the network is controlled by a
switch or a router, you may have to update the routing tables for the networking equipment in
order to make sure that DHCP traffic is directed correctly.
Such a process is known as performing IP Helper table updates. When you perform this process,
you must configure the networking equipment so that all DHCP broadcasts from the client
computer are directed to both a valid DHCP server and to a valid network boot server.
Note: It is inefficient to rebroadcast the DHCP packets onto other network segments. It is best to
only forward the DHCP packets to the recipients that are listed in the IP Helper table.
After the client computer has obtained an IP address, it contacts the network boot server directly in
order to obtain the name and the path of the network boot file to download. Again, this process is
handled by using DHCP packets.
Note: We recommend that you update the IP Helper tables in order to resolve scenarios in which
the client computers and the network boot server are not located on the same network segment.
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the 70-646 exam successfully with our Microsoft materials. CertBus Windows Server 2008, Server Administrator exam PDF and VCE are the latest and most accurate. We have the best Microsoft in our team to make sure CertBus Windows Server 2008, Server Administrator exam questions and answers are the most valid. CertBus exam Windows Server 2008, Server Administrator exam dumps will help you to be the Microsoft specialist, clear your 70-646 exam and get the final success.
70-646 Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mYlZ0VmhMc2JaTlE/view?usp=sharing
70-646 Microsoft exam dumps (100% Pass Guaranteed) from CertBus: http://www.certgod.com/70-646.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certgod.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.