New Updated Microsoft MCITP 70-649 Real Exam Questions and Answers Download 1-10

Ensurepass

QUESTION 1

Your network contains a server named Server1 that runs Windows Server 2008 R2. You have a user named User1. You need to ensure that User1 can view the events in the Security event log. The solution must minimize the number of rights assigned to User1. What should you do?

 

  1. In the Local Security Policy console, modify the Security Options.

  2. In Event viewer, configure the properties of the Security log.

  3. In Event viewer, filter the Security log.

  4. In the Registry Editor, add a Security Descriptor Definition Language (SDDL) value.

 

Correct Answer: D

 

 

QUESTION 2

Your network contains a server named Server1.contoso.com. Server1 is located on the internal network. You have a client computer named Computer1 that runs Windows 7. Computer1 is located on a public network that is connected to the Internet. Computer1 is enabled for DirectAccess. You need to verify whether Computer1 can resolve Server1 by using DirectAccess. Which command should you run on Computer1?

 

  1. netsh.exe dnsclient show state

  2. nslookup.exe Server1.contoso.com

  3. ping.exe Server1.contoso.com

  4. nbtstat.exe -a Server1.contoso.com

 

Correct Answer: C

 

 

QUESTION 3

Your network contains an Active Directory domain named contoso.com. An administrator named Admin1 plans to install the Routing and Remote Access service (RRAS) role service on a server named Server1. Admin1’s user account is not a member of the Domain Admins group. You need to ensure that Server1 can authenticate users from Active Directory by using Windows authentication. What should you do?

 

  1. Install the Active Directory Lightweight Directory Services (AD LDS) role on Server1.

  2. Add the computer account for Server1 to the Windows Authorization Access Group.

  3. Install the Network Policy Server (NPS) role service on a domain controller.

  4. Add the computer account for Server1 to the RAS and IAS Servers group.

 

Correct Answer: D

 

 

 

QUESTION 4

Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Network Policy Server (NPS) role service installed. You need to ensure that the NPS log files on Server1 contain information about the duration of client connections. What should you do?

 

  1. Enable the Accounting requests setting.

  2. Configure the IAS (Legacy) log file format.

  3. Configure the DTS Compliant log file format.

  4. Enable the Authentication requests setting.

 

Correct Answer: C

 

 

QUESTION 5

Your network contains an Active Directory domain named contoso.com. Contoso.com contains two servers named Server1 and Server2 that run Windows Server 2008 R2. DirectAccess is deployed on Server2. You need to configure Server1 as a network location server (NLS). Which Web Server (IIS) role service should you install on Server1?

 

  1. IIS Client Certificate Mapping Authentication

  2. URL Authorization

  3. IP and Domain Restrictions

  4. Request Filtering

 

Correct Answer: C

 

 

QUESTION 6

Your company has a main office and 15 branch offices. The company has a single Active Directory domain. All servers run Windows Server 2008 R2. You need to ensure that the VPN connections between the main office and the branch offices meet the following requirements:

 

  • All data must be encrypted by using end-to-end encryption.

  • The VPN connection must use computer-level authentication.

  • User names and passwords cannot be used for authentication.

 

What should you do?

 

  1. Configure a PPTP connection to use version 2 of the MS-CHAP v2 authentication.

  2. Configure an IPsec connection to use tunnel mode and pre-shared key authentication.

  3. Configure a L2TP/IPsec connection to use the EAP-TLS authentication.

  4. Configure a L2TP/IPsec connection to use version 2 of the MS-CHAP v2 authentication.

 

Correct Answer: C

QUESTION 7

Your network has Network Access Protection (NAP) policies deployed. You need to identify the health agent compliance status of a client computer. Which command should you run?

 

  1. netsh nap client show config

  2. net statistics workstation

  3. netsh nap client show state

  4. net config workstation

 

Correct Answer: C

 

 

QUESTION 8

Your network contains an Active Directory forest. The forest contains a member server named Server1 that runs Windows Server 2008 R2. You configure Server1 as a VPN server. You need to ensure that only client computers that have up-to-date virus definitions can establish VPN connections to Server1. Which server role, role service, or feature should you install?

 

  1. windows System Resource Manager (WSRM)

  2. Routing and Remote Access service (RRAS)

  3. Connection Manager Administration Kit (CMAK)

  4. File Server Resource Manager (FSRM)

  5. Windows Server Update Services (WSUS)

  6. Windows Internal Database

  7. Services for Network File System (NFS)

  8. Simple TCP/IP Services

  9. Network Policy Server (NPS)

  10. Health Registration Authority (HRA)

  11. Group Policy Management

  12. Wireless LAN Service

  13. Network Load Balancing (NLB)

 

Correct Answer: I

 

 

QUESTION 9

Your network contains an Active Directory domain. You deploy Network Access Protection (NAP). You need to verify whether VPN clients have Windows Firewall enabled. What should you configure?

 

  1. system health validators (SHVs)

  2. connection request policies

  3. the Windows Authentication provider

  4. health policies

  5. the Windows Accounting provider

  6. Group Policy preferences

  7. IKEv2 client connections

  8. the RADIUS Authentication provider

  9. remediation server groups

  10. the RADIUS Accounting provider

 

Correct Answer: A

 

 

QUESTION 10

Your network contains an Active Directory domain. Your company provides VPN access for multiple organizations. You need to configure Network Policy Server (NPS) to forward authentication requests to the appropriate organization. What should you configure on the NPS server?

 

  1. Group Policy preferences

  2. health policies

  3. remediation server groups

  4. IKEv2 client connections

  5. the RADIUS Accounting provider

  6. system health validators (SHVs)

  7. the Windows Authentication provider

  8. connection request policies

  9. the Windows Accounting provider

  10. the RADIUS Authentication provider

 

Correct Answer: H

 

Instant Access to Download Latest Complete Collection of Microsoft MCITP 70-649 Real Exam

Try Microsoft MCITP 70-649 Free Demo