New Updated Microsoft MCITP 70-649 Real Exam Questions and Answers Download 231-240

Ensurepass

QUESTION 231

Your network contains three servers named Server1, Server2, and Server3 that have the Network Policy Server (NPS) role service installed. On Server1, you configure a Remote RADIUS Server Group that contains Server2 and Server3. On Server2 and Server3, you configure Server1 as a RADIUS client. You configure Server2 and Server3 to authenticate remote users. You need to configure Server1 to forward RADIUS authentication requests to Server2 and Server3. What should you create on Server1?

 

  1. a connection request policy

  2. a health policy

  3. a network policy

  4. a remediation server group

 

Correct Answer: A

 

 

QUESTION 232

Your network contains an Active Directory domain named Contoso.com. Contoso.com contains an enterprise certification authority (CA) named CA1. You enable Secure Socket Tunneling Protocol (SSTP) on a server named Server1. A user named User1 attempts to establish an SSTP connection to Server1 and receives the following error message: “Error 0x80092013: The revocation function was unable to check revocation because the revocation server was offline.” You verify that all certificates services are online. You need to ensure that User1 can connect to Server1 by using SSTP. What should you do first?

 

  1. Configure User1 for certificate auto enrollment.

  2. Configure a pre-shared key for IPsec on User1’s computer.

  3. Add a certificate to Server1 that contains Server1.contoso.com as a Subject Alternative Name (SAN).

  4. Publish the certificate revocation list distribution point (CDP) to a location that is accessible from the Internet.

 

Correct Answer: D

 

 

QUESTION 233

Your network contains an Active Directory domain named adatum.com. You publish a RemoteApp named WebApp5. The Remote Desktop Connection (.rdp) file for WebAppS is unsigned. When a user named Users runs WebApp5 from the Remote Desktop Web Access (RD Web Access) website, User5 is prompted for credentials. You need to prevent users from being prompted for credentials when they run WebApp5. What should you do?

 

  1. Enable Forms-based authentication for the Remote Desktop Web Access website.

  2. Enable the Assign a default domain for logon Group Policy setting.

  3. Add a Managed Module for the RDWeb virtual directory.

  4. Enable the Allow Delegating Default Credentials Group Policy setting.

 

Correct Answer: D

 

 

QUESTION 234

You deploy Network Access Protection (NAP) on your network. An administrator configures a network policy as shown in the exhibit.

 

70-649-demo-24

 

You discover that noncompliant client computers cannot access the remediation network. You need to configure the network policy to ensure that noncompliant client computers can access the remediation network. What should you do?

 

  1. In the Type of network access server list, click HCAP Server.

  2. In the Type of network access server list, click Health Registration Authority.

  3. In Access Permission, select the Ignore user account dial-in properties check box.

  4. In Access Permission, select the Grant access. Grant access if the connection request matches this policy option button.

 

Correct Answer: D

 

 

QUESTION 235

Your company has an Active Directory domain. A server named Server1 runs Windows Server 2008 R2. The Remote Desktop Services server role and the RD Web Access role service are installed on Server1. You install the RD Gateway role service on Server1. You create the Remote Desktop connection authorization policy. Users report that they cannot connect to Server1. You need to ensure that users can connect to Server1. What should you do?

 

  1. Create a Remote Desktop Group Policy object (GPO). Enable the Allow log on through Remote Desktop Services setting on the GPO. Link the GPO to the domain.

  2. Configure the Remote Desktop Resource Authorization Policy (RD RAP) on Server1.

  3. Create a Remote Desktop Group Policy object (GPO). Enable the Set path for Remote Desktop Services Roaming User Profile setting on the GPO. Create an organization unit (OU) named RDSUsers. Link the GPO to the RDSUsers OU.

  4. Configure Network Access Protection (NAP) onServer1.

 

Correct Answer: B

 

 

QUESTION 236

Your network contains an Active Directory domain named fabrikam.com. The domain contains a Web server named Web1 that runs Windows Server 2008 R2. You create a new site named Site1. You need to prevent Web1 from accepting HTTP URLs that are longer than 1,024 bytes. Which feature should you configure?

 

  1. Authorization Rules

  2. Connection Strings

  3. HTTP Response Headers

  4. Request Filtering

 

Correct Answer: D

 

 

QUESTION 237

Your network contains an Active Directory domain. The network has DirectAccess deployed. You deploy the DirectAccess Connectivity Assistant (DCA) to all client computers. You need to ensure that users can view their DirectAccess status by using the DCA. Which two group policy settings should you configure? (Each correct answer presents part of the solution. Choose two.)

 

  1. PortalName

  2. Corporate Portal Site

  3. CorporateResources

  4. Dynamic Tunnel Endpoints (DTEs)

 

Correct Answer: CD

 

 

QUESTION 238

Your network contains a server named Server1 that runs Windows Server 2008 R2 Service Pack (SP1). All users have laptops that run Windows 7. The users frequently work from network locations that only allow outbound communication to the Internet by using HTTP and HTTPS. You plan to configure Server1 as a VPN server. You need to identify which VPN protocol you should use to ensure that all of the users can establish VPN connections to Server1. Which VPN protocol should you identify?

 

  1. SSTP

  2. PPTP

  3. IKEv2

  4. L2TP

 

Correct Answer: A

 

 

QUESTION 239

Your network consists of an Active Directory forest that contains one domain. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers. You have an Active Directory- integrated zone. You have two Active Directory sites. Each site contains five domain controllers. You add a new NS record to the zone. You need to ensure that all domain controllers immediately receive the new NS record. What should you do?

 

  1. From the DNS Manager console, reload the zone.

  2. From the Services snap-in, restart the DNS Server service.

  3. From the command prompt, run repadmin /syncall.

  4. From the DNS Manager console, increase the version number of the SOA record.

 

Correct Answer: C

 

 

QUESTION 240

You have a domain controller named DC1 that runs Windows Server 2008 R2. DC1 is configured as a DNS server for contoso.com. You install the DNS Server role on a member server named Server1 and then you create a standard secondary zone for contoso.com. You configure DC1 as the master server for the zone. You need to ensure that Server1 receives zone updates from DC1. What should you do?

 

  1. On Server1, add a conditional forwarder.

  2. On DC1, modify the permissions of contoso.com zone.

  3. On DC1, modify the zone transfer settings for the contoso.com zone.

  4. Add the Server1 computer account to the DNSUpdateProxy group.

 

Correct Answer: C

 

Instant Access to Download Latest Complete Collection of Microsoft MCITP 70-649 Real Exam

Try Microsoft MCITP 70-649 Free Demo