Latest MCSA 70-642 Real Exam Download 91-100

Ensurepass

 

QUESTION 91

Your network contains two Active Directory sites named Site1 and Site2. Site1 contains a server named Server1. Server1 runs a custom application named App1. Users in Site2 report that they cannot access App1 on Server1. Users in Site1 can access App1. Server1 has a Windows Firewall with Advanced Security rule named Rule1. You discover that Rule1 blocks the connection to App1. You verify that Server1 has no connection security rules. You need to ensure that the Site2 users can connect to Server1. What should you modify in Rule1?

 

A.      the authorized computers list

B.      the authorized users list

C.      the edge traversal settings

D.      the scope

 

Correct Answer: D

 

 

QUESTION 92

Your network contains an Active Directory domain. The domain contains a member server named Server1. Server1 has a single network connection. You need to log every attempt to connect to Server1 on a restricted port. What should you do?

 

A.      Change the settings of the private firewall profile.

B.      Change the settings of the domain firewall profile.

C.      Modify the properties of the inbound firewall rules.

D.      Modify the properties of the outbound firewall rules.

 

Correct Answer: C

 

 

QUESTION 93

Your network contains a server named Server1 that has Windows Server 2008 R2. An administrator runs the following command on Server1:

 

netsh.exe advfirewall reset

 

You discover that you can no longer access Server1 on port 3389. You need to ensure that you can access Server1 on port 3389. Which firewall rule should you enable?

 

A.      File and Printer Sharing (Echo Request – ICMPv4-In)

B.      File and Printer Sharing (SMB-In)

C.      Remote Desktop (TCP-In)

D.      Remote Service Management (RPC)

Correct Answer: C

 

 

QUESTION 94

Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 has several custom inbound rules and connection security rules. You need to duplicate the Windows Firewall rules from Server1 to Server2. What should you do on Server1?

 

A.      At the Command Prompt, run netsh.exe firewall dump.

B.      At the Command Prompt, run netsh.exe firewall show > firewall.txt.

C.      From the Windows Firewall with Advanced Security console, click Export policy.

D.      From the Windows Firewall with Advanced Security console, click the Connection Security Rules node, and then click Export List.

 

Correct Answer: C

 

 

QUESTION 95

Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 hosts a custom application named App1. App1 is accessible on TCP port 5000. You need to encrypt App1 data on the network. What should you do?

 

A.      From the Local Security Policy console, configure the Security Options.

B.      From the Local Security Policy console, configure the Application Control Policies.

C.      From the Windows Firewall with Advanced Security console, create an inbound rule.

D.      From the Windows Firewall with Advanced Security console, create a connection security rule.

 

Correct Answer: D

 

 

QUESTION 96

Your network contains an Active Directory domain. All client computers run Windows XP Service Pack 3 (SP3). The domain contains a member server named Server1 that runs Windows Server 2008 R2. On Server1, you create a connection security rule that requires authentication for inbound and outbound connections. You configure the connection security rule to use Kerberos authentication. You need to ensure that the client computers can connect to Server1. The solution must ensure that all connections to Server1 are encrypted. What should you do?

 

A.      From the Windows Firewall with Advanced Security console, create an inbound rule on Server1.

B.      From the Windows Firewall with Advanced Security console, create an outbound rule on Server1.

C.      From a Group Policy object (GPO), enable the Client (Respond Only) IPSec policy on all client computers.

D.      From a Group Policy object (GPO), configure the Network Security: LDAP client signing requirements policy setting for all client computers.

 

Correct Answer: C

 

 

QUESTION 97

Your network contains an Active Directory domain. The domain contains two servers named Server1 and Server2. All servers run Windows Server 2008 R2 and have Windows Firewall turned on. You need to ensure that you can use Event Viewer on Server2 to access the Application log on Server1. What should you do?

 

A.      On Server2, create a new event subscription.

B.      On Server2, modify the outbound firewall rules.

C.      On Server1, modify the inbound firewall rules.

D.      On Server1, modify the settings on the Application log.

 

Correct Answer: C

 

 

QUESTION 98

Your network contains a DNS server that runs Windows Server 2008 R2. You open the Forwarders settings of the DNS server and discover that the option to add forwarders is disabled. You need to add forwarders to the DNS server. What should you do first?

 

A.      Enable BIND secondaries

B.      Delete the “.” (root) zone.

C.      Create a GlobalNames zone.

D.      Delete all conditional forwarders.

 

Correct Answer: B

 

 

QUESTION 99

Your network contains a DNS server named DNS1 that runs Windows Server 2008 R2. You need to ensure that DNS1 only responds to DNS queries from computers that are located in the same subnet. What should you configure?

 

A.      Interfaces from DNS Manager

B.      Security from DNS Manager

C.      Trust Anchors

D.      Windows Firewall

 

Correct Answer: A

 

 

QUESTION 100

Your network contains a DNS server named DC1 that runs Windows Server 2008 R2. The network uses a network ID of 10.1.1.0/24. You open the DNS console on Server1 as shown in the exhibit.

 

clip_image002

 

You need to ensure that all client computers can resolve the IPv4 addresses of computers on the network to fully qualified domain names (FQDNs). What should you do?

 

A.      Delete the “.” (root) zone.

B.      Create a zone named 10.1.in-addr.arpa.

C.      Create a zone named 1.1.10.in-addr.arpa.

D.      Convert the 10.1.1.in-addr.arpa zone to a standard primary zone.

 

Correct Answer: C

 

Download Latest 70-642 Real Free Tests , help you to pass exam 100%.