Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Microsoft Official New Released 70-646
100% Free Download! 100% Pass Guaranteed!

Pro: Windows Server 2008, Server Administrator

Question No: 1 – (Topic 1)

Your network contains a single Active Directory site.

You plan to deploy 1,000 new computers that will run Windows 7 Enterprise. The new computers have Preboot Execution Environment (PXE) network adapters.

You need to plan the deployment of the new computers to meet the following requirements:

路Support 50 simultaneous installations of Windows 7

路Minimize the impact of network operations during the deployment of the new computers

路Minimize the amount of time required to install Windows 7 on the new computers What should you include in your plan?

  1. Deploy the Windows Deployment Services (WDS) server role. Configure the IP Helper tables on all routers.

  2. Deploy the Windows Deployment Services (WDS) server role. Configure each WDS server by using native mode.

  3. Deploy the Windows Deployment Services (WDS) server role and the Transport Server feature. Configure the Transport Server to use a custom network profile.

  4. Deploy the Windows Deployment Services (WDS) server role and the Transport Server feature. Configure the Transport Server to use a static multicast address range.

Answer: D Explanation:

http://technet.microsoft.com/en-us/library/cc726564(WS.10).aspx http://technet.microsoft.com/en-us/library/cc725964(WS.10).aspx

WDS Multicast Server

Updated: November 21, 2007 Applies To: Windows Server 2008

The multicast server deploys an image to a large number of client computers concurrently without overburdening the network. When you create a multicast transmission for an image, the data is sent over the network only once, which can drastically reduce the network bandwidth that is used.

Using Transport Server

Updated: May 8, 2008

Applies To: Windows Server 2008

This topic only applies to Windows Server 2008. If you have Windows Server 2008 R2, see Configuring Transport Server.

You have two options when installing the Windows Deployment Services role in Windows Server 2008. You can install both the Deployment Server and Transport Server role services (which is the default) or you can install only the Transport Server role service. The second configuration is for advanced scenarios, such as environments without Active Directory Domain Services (AD DS), Domain Name System (DNS), or Dynamic Host Configuration Protocol (DHCP). You can configure Transport Server to enable you to boot from the network using Pre-Boot Execution Environment (PXE) and Trivial File Transfer Protocol (TFTP), a multicast server, or both. Note that Transport Server does not contain or support the Windows Deployment Services image store.

Configure how to obtain IP addresses. If multiple servers are using multicast functionality on a network (Transport Server, Deployment Server, or another solution), it is important that each server is configured so that the multicast IP addresses do not collide. Otherwise, you may encounter excessive traffic when you enable multicasting. Note that each Windows Deployment Services server will have the same default range. To work around this issue, specify static ranges that do not overlap to ensure that each server is using a unique IP address, or configure each of the servers to obtain multicast addresses from a Multicast Address Dynamic Client Allocation Protocol (MADCAP) server.

The server architectures are illustrated in the following diagram. The blue parts are installed with Transport Server and the Deployment Server. The grey parts are installed with the Deployment Server only. The yellow parts are not installed with either, but can be written using guidelines in the Windows SDK.

Ensurepass 2018 PDF and VCE

Question No: 2 – (Topic 1)

You need to recommend a security strategy for WebApp2 that meets the company#39;s Application requirements. What should you include in the recommendation?

  1. Basic authentication and connection security rules

  2. Basic authentication and SSL

  3. Digest authentication and connection security rules

  4. Digest authentication and SSL

Answer: B

Question No: 3 – (Topic 1)

You plan to deploy a distributed database Application that runs on multiple Windows Server 2008 R2 servers.

You need to design a storage strategy that meets the following requirements:

路Allocates storage to servers as required

路Uses the existing network infrastructure

路Uses standard Windows management tools

路Ensures that data is available if a single disk fails What should you include in your design?

  1. An iSCSI disk storage subsystem that supports Microsoft Multipath I/O. Configure the storage subsystem as a RAID?0 array.

  2. An iSCSI disk storage subsystem that supports Virtual Disk Service (VDS). Configure the storage subsystem as a RAID?5 array.

  3. A Fibre Channel (FC) disk storage subsystem that supports Microsoft Multipath I/O. Configure the storage subsystem as a RAID?0 array.

  4. A Fibre Channel (FC) disk storage subsystem that supports the Virtual Disk Service (VDS). Configure the storage subsystem as a RAID?5 array.

Answer: B Explanation:

MCITP Self-Paced Training Kit Exam 70-646 Windows Server Administration:

Virtual Disk Service (VDS)

Virtual Disk Service (VDS) provides a standard set of application programming interfaces (APIs) that provide a single interface through which disks can be managed. VDS provides a complete solution for managing storage hardware and disks and enables you to create volumes on those disks. This means that you can use a single tool to manage devices in a mixed storage environment rather than tools provided by different hardware vendors.

Before you can manage a LUN using Storage Manager For SANs, you must install its VDS hardware provider. This will usually be provided by the hardware vendor. Prior to purchasing a storage device to be used on your organization’s SAN, you should verify that a compatible VDS hardware provider exists.

VDS defines a software and a hardware provider interface. Each of these providers implements a different portion of the VDS API. The software provider is a program that runs on the host and is supported by a kernelmode driver. Software providers operate on volumes, disks, and partitions. The hardware provider manages the actual storage subsystem. Hardware providers are usually disk array or adapter cards that enable the creation of logical disks for each LUN type. The LUN type that can be configured will depend on the options allowed by the VDS hardware provider. For example, some VDS hardware providers will allow the RAID-5 (Striped with Parity) LUN type to be implemented, while others might be limited to providing the Mirrored or Spanned LUN types.

MORE INFO More on VDS

For more information on the functionality of VDS, consult the following TechNet article:http://technet2.microsoft.com/windowsserver/en/library/dc77e7c7-ae44-4483-878b- 6bc3819e64dc1033.mspx?mfr=true

Storage Manager For SANs

You can use the Storage Manager For SANs console to create LUNs on Fibre Channel and iSCSI storage arrays. You install Storage Manager For SANs as a Windows Server 2008 feature. To use Storage Manager

For SANs to manage LUNs, the following criteria must be met:

The storage subsystems that you are going to manage must support VDS.

The VDS hardware provider for each subsystem must already be installed on the Windows Server 2008 computer. When you open Storage Manager For SANs from the Administrative Tools menu, you are presented with three main nodes, which have the following functionality:

LUN ManagementThis node lists all of the LUNs created with Storage Manager For SANs.

From this node you can create new LUNs, extend the size of existing LUNs, assign and unassign LUNs, and delete LUNs. You can also use this node to configure the Fibre Channel and iSCSI connections that servers use to access LUNs.

SubsystemsThis node lists all of the storage subsystems currently discovered within the SAN environment. You can rename subsystems using this node.

DrivesThis node lists all of the drives in the storage subsystems discovered in the SAN. You can identify drives that you are working with by making the drive light blink from this node.

You can use any LUN type that is supported by the storage subsystem that you are deploying. The different

LUN types are:

SimpleA simple LUN uses either an entire physical drive or a portion of that drive. The failure of a disk in a simple LUN means that all data stored on the LUN is lost.

SpannedA spanned LUN is a simple LUN that spans multiple physical drives. The failure of any one disk in a spanned LUN means that all data stored on the LUN is lost.

StripedData is written across multiple physical disks. This type of LUN, also known as RAID-0 has improved

I/O performance because data can be read and written to multiple disks simultaneously, but like a spanned LUN, all data will be lost in the event that one disk in the array fails. MirroredThis LUN type, also known as RAID-1, is fault tolerant. Identical copies of the LUN are created on two physical drives. All read and write operations occur concurrently on both drives. If one disk fails, the LUN continues to be available on the unaffected disk.

Striped with ParityThis LUN type, also known as RAID-5, offers fault tolerance and improved read performance, although write performance is hampered by parity calculation. This type requires a minimum of three disks and the equivalent of one disk’s worth of storage is lost to the storage of parity information across the disk set. This LUN type will retain data if one disk is lost, but all data will be lost if two disks in the array fail at the same time. In the event that one disk fails, it should be replaced as quickly as possible.

Question No: 4 – (Topic 1)

Your company has a main office and a branch office. Your network contains a single Active Directory domain.

The functional level of the domain is Windows Server 2008 R2. An Active Directory site exists for each office.

All servers run Windows Server 2008 R2. You plan to deploy file servers in each office. You need to design a file sharing strategy to meet the following requirements:

->Users in both offices must be able to access the same files.

->Users in both offices must use the same Universal Naming Convention (UNC) path to access files.

->The design must reduce the amount of bandwidth used to access files.

->Users must be able to access files even if a server fails.

What should you include in your design?

  1. A standalone DFS namespace that uses replication.

  2. A domainbased DFS namespace that uses replication.

  3. A multisite failover cluster that contains a server located in the main office and another server located in the branch office.

  4. A Network Load Balancing cluster that contains a server located in the main office and another server located in the branch office.

Answer: B Explanation:

MCITP Self-Paced Training Kit Exam 70-646 Windows Server Administration:

Domain-Based Namespaces

You can create domain-based namespaces on one or more member servers or DCs in the same domain.

Metadata for a domain-based namespaces is stored by AD DS. Each server must contain an NTFS volume to host the namespace. Multiple namespace servers increase the availability of the namespace and ensure failover protection. A domain-based namespace cannot be a clustered resource in a failover cluster. However, you can locate the namespace on a server that is also a node in a failover cluster provided that you configure the namespace to use only local resources on that server. A domain-based namespace in Windows Server

2008 mode supports access-based enumeration. Windows Server 2008 mode is discussed later in this lesson.

You choose a domain-based namespace if you want to use multiple namespace servers to ensure the availability of the namespace, or if you want to make the name of the namespace server invisible to users.

When users do not need to know the UNC path to a namespace folder it is easier to

replace the namespace server or migrate the namespace to another server.

If, for example, a stand-alone namespace called \\Glasgow\Books needed to be transferred to a server called Brisbane, it would become \\Brisbane\Books. However, if it were a domain-based namespace (assuming Brisbane and Glasgow are both in the Contoso.internal domain), it would be \\Contoso.internal\Books no matter which server hosted it, and it could be transferred from one server to the other without this transfer being apparent to the user, who would continue to use \\Contoso.internal\Books to access it.

Ensurepass 2018 PDF and VCE

Question No: 5 – (Topic 1)

Your company has a main office and three branch offices. The network consists of a single Active Directory domain. Each office contains an Active Directory domain controller.

You need to create a DNS infrastructure for the network that meets the following requirements:

->The DNS infrastructure must allow the client computers in each office to register DNS names within their respective offices.

->The client computers must be able to resolve names for hosts in all offices.

What should you do?

  1. Create an Active Directory-integrated zone at the main office site.

  2. Create a standard primary zone at the main office site and at each branch office site.

  3. Create a standard primary zone at the main office site. Create a secondary zone at each branch office site.

  4. Create a standard primary zone at the main office site. Create an Active Directory- integrated stub zone at each branch office site.

Answer: A Explanation:

http://searchwindowsserver.techtarget.com/tip/DNS-Primer-Tips-for-understanding-Active-

Directory-integratedzone-design-and-configuration http://technet.microsoft.com/en-us/library/cc772101.aspx

In an ADI primary zone, rather than keeping the old zone file on a disk, the DNS records are stored in the AD, and Active Directory replication is used rather than the old problematic zone transfer. If all DNS servers were to die or become inaccessible, you could simply install DNS on any domain controller (DC) in the domain. The records would be automatically populated and your DNS server would be up without the messy import/export tasks of standard DNS zone files.

Windows 2000 and 2003 allow you to put a standard secondary zone (read only) on a member server and use one of the ADI primary servers as the master.

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

When you decide which replication scope to choose, consider that the broader the replication scope, the greater the network traffic caused by replication. For example, if you decide to have AD DS-integrated DNS zone data replicated to all DNS servers in the forest, this will produce greater network traffic than replicating the DNS zone data to all DNS servers in a single AD DS domain in that forest.

AD DS-integrated DNS zone data that is stored in an application directory partition is not replicated to the global catalog for the forest. The domain controller that contains the global catalog can also host application directory partitions, but it will not replicate this data to its global catalog.

AD DS-integrated DNS zone data that is stored in a domain partition is replicated to all domain controllers in its AD DS domain, and a portion of this data is stored in the global catalog. This setting is used to support Windows 2000.

If an application directory partition#39;s replication scope replicates across AD DS sites, replication will occur with the same intersite replication schedule as is used for domain partition data.

By default, the Net Logon service registers domain controller locator (Locator) DNS resource records for the application directory partitions that are hosted on a domain controller in the same manner as it registers domain controller locator (Locator) DNS resource records for the domain partition that is hosted on a domain controller.

Question No: 6 – (Topic 1)

You are designing a server infrastructure to support a new stateful Application. The server infrastructure must meet the following requirements:

->Use two servers, each with two NIC cards and 32 GB of RAM.

->Provide access to the Application in the event of the failure of a single server.

->Provide the ability to scale up the Application.

->Minimize the attack surface of each server.

->Minimize server disk space requirements.

You need to design a server infrastructure that meets the requirements.

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)

  1. Perform a Server Core installation of Windows Server 2008 R2 Standard Edition. Configure both servers in a failover cluster.

  2. Perform a Server Core installation of Windows Server 2008 R2. Configure both servers in a Windows Network Load Balancing array.

  3. Install Windows Server 2008 R2 on both servers. Use DNS Round Robin to balance the load between the servers.

  4. Install Windows Server 2008 R2 on both servers. Configure both servers in a Windows Network Load Balancing array.

Answer: A Explanation:

Failover clusters are designed for applications that have long-running in-memory state, or that have large, frequently updated data states. These are called stateful applications, and they include database applications and messaging applications. Typical uses for failover clusters include file servers, print servers, database servers, and messaging servers.

Not B (stateful application in this scenario):

Network Load Balancing is intended for applications that do not have long-running in- memory state. These are called stateless applications. A stateless application treats each client request as an independent operation, and therefore it can load-balance each request independently. Stateless applications often have read-only data or data that changes infrequently. Front-end Web servers, virtual private networks (VPNs), File Transfer Protocol (FTP) servers, and firewall and proxy servers typically use Network Load Balancing.

Network Load Balancing clusters can also support other TCP- or UDP-based services and applications.

Note:

  • Windows Server 2008 provides two clustering technologies: failover clusters and Network Load Balancing (NLB). Failover clusters primarily provide high availability; Network Load Balancing provides scalability and at the same time helps increase availability of Web- based services.

  • Server Core provides you with a minimal installation of Windows Server 2008 that supports installing only certain server roles. Server Core includes Network Load Balancing and Failover Clustering.

Reference: Failover Cluster Overview

Question No: 7 – (Topic 1)

You are planning to deploy new servers that will run Windows Server 2008 R2. Each server will have 32 GB of RAM.

The servers must support installation of the following role services:

->Routing and Remote Access

->Remote Desktop Services Gateway

->Minimize CPU and RAM usage

You need to deploy the minimum edition of Windows Server 2008 R2 that meets the requirements.

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)

  1. A Server Core installation of Windows Server 2008 R2 Datacenter.

  2. A Full Installation of Windows Server 2008 R2 Enterprise.

  3. A Full Installation of Windows Server 2008 R2 Standard.

  4. A Server Core installation Windows Server 2008 R2 Web.

Answer: C

Question No: 8 – (Topic 1)

Your network consists of a single Active Directory domain. The domain contains a server that runs Windows Server 2008 R2 and that has the Remote Desktop Services server role installed.

The server has six custom Applications installed. The custom Applications are configured as RemoteApps.

You notice that when a user runs one of the Applications, other users report that the server seems slow and that some Applications become unresponsive.

You need to ensure that active user sessions receive equal access to system resources. What should you do?

  1. Implement Remote Desktop Web Access.

  2. Implement Remote Desktop Connection Broker.

  3. Configure Performance Monitor.

  4. Implement Windows System Resource Manager.

Answer: D Explanation:

http://technet.microsoft.com/en-us/library/cc771218(WS.10).aspx http://technet.microsoft.com/en-us/library/cc732553(WS.10).aspx Terminal Services and Windows System Resource Manager

Windows庐 System Resource Manager (WSRM) on Windows Server庐 2008 allows you to control how CPU and memory resources are allocated to applications, services, and processes on the computer. Managing resources in this way improves system performance and reduces the chance that applications, services, or processes will take CPU or memory resources away from one another and slow down the performance of the computer.

Managing resources also creates a more consistent and predictable experience for users of applications and services running on the computer.

You can use WSRM to manage multiple applications on a single computer or users on a computer on which

Terminal Services is installed. Resource-Allocation Policies

WSRM uses resource-allocation policies to determine how computer resources, such as CPU and memory, are allocated to processes running on the computer. There are two resource-allocation policies that are specifically designed for computers running Terminal Services. The two Terminal Services-specific resource-allocation policies are:

Equal_Per_User Equal_Per_Session

Ensurepass 2018 PDF and VCE

Question No: 9 – (Topic 1)

Your company has a single Active Directory domain. You have 30 database servers that run Windows Server 2008 R2.

The computer accounts for the database servers are stored in an organizational unit (OU) named Data. The user accounts for the database administrators are stored in an OU named Admin. The database administrators are members of a global group named D_Admins.

You must allow the database administrators to perform administrative tasks on the database servers. You must prevent the database administrators from performing administrative tasks on other servers.

What should you do?

  1. Deploy a Group Policy to the Data OU.

  2. Deploy a Group Policy to the Admin OU.

  3. Add D_Admins to the Domain Admins global group.

  4. Add D_Admins to the Server Operators built-in local group.

Answer: A Explanation:

http://technet.microsoft.com/en-us/library/cc754948(WS.10).aspx Group Policy Planning and Deployment Guide

You can use Windows Server 2008 Group Policy to manage configurations for groups of computers and users, including options for registry-based policy settings, security settings, software deployment, scripts, folder redirection, and preferences. Group Policy preferences, new in Windows Server 2008, are more than 20 Group Policy extensions that expand the range of configurable policy settings within a Group Policy object (GPO). In contrast to Group Policy settings, preferences are not enforced. Users can change preferences after initial deployment. For information about Group Policy Preferences, see Group Policy Preferences Overview.

Using Group Policy, you can significantly reduce an organization’s total cost of ownership. Various factors, such as the large number of policy settings available, the interaction between multiple policies, and inheritance options, can make Group Policy design complex. By carefully planning, designing, testing, and deploying a solution based on your organization’s business requirements, you can provide the standardized functionality, security, and management control that your organization needs.

Overview of Group Policy

Group Policy enables Active Directory-based change and configuration management of user and computer settings on computers running Windows Server 2008, Windows Vista, Windows Server 2003, and Windows XP. In addition to using Group Policy to define configurations for groups of users and computers, you can also use Group Policy to help manage server computers, by configuring many server-specific operational and security settings.

By using a structure in which OUs contain homogeneous objects, such as either user or computer objects but not both, you can easily disable those sections of a GPO that do not apply to a particular type of object. This approach to OU design, illustrated in Figure 1, reduces complexity and improves the speed at which Group Policy is applied. Keep in mind that GPOs linked to the higher layers of the OU structure are inherited by default, which reduces the need to duplicate GPOs or to link a GPO to multiple containers.

When designing your Active Directory structure, the most important considerations are ease of administration and delegation.

Ensurepass 2018 PDF and VCE

Question No: 10 – (Topic 1)

Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. There are five Windows Server 2003 SP2 servers that have the Terminal Server component installed. A firewall server runs Microsoft Internet Security and Acceleration (ISA) Server 2006.

You plan to give remote users access to the Remote Desktop Services servers.

You need to create a remote access strategy for the Remote Desktop Services servers that meets the following requirements:

路Restricts access to specific Remote Desktop Services servers

路Encrypts all connections to the Remote Desktop Services servers

路Minimizes the number of open ports on the firewall server What should you do?

  1. Implement SSL bridging on the ISA Server. Require authentication on all inbound

    connections to the ISA Server.

  2. Implement port forwarding on the ISA Server. Require authentication on all inbound connections to the ISA Server.

  3. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop resource authorization policy (RD RAP).

  4. Upgrade a Windows Server 2003 SP2 server to Windows Server 2008 R2. On the Windows Server 2008 R2 server, implement the Remote Desktop Gateway (RD Gateway) role service, and configure a Remote Desktop connection authorization policy (RD CAP).

Answer: C Explanation:

MCITP Self-Paced Training Kit Exam 70-646 Windows Server Administration:

Terminal Services Gateway TS Gateway allows Internet clients secure, encrypted access to Terminal Servers behind your organization’s firewall without having to deploy a Virtual Private Network (VPN) solution. This means that you can have users interacting with their corporate desktop or applications from the comfort of their homes without the problems that occur when VPNs are configured to run over multiple Network Address Translation (NAT) gateways and the firewalls of multiple vendors.

TS Gateway works using RDP over Secure Hypertext Transfer Protocol (HTTPS), which is the same protocol used by Microsoft Office Outlook 2007 to access corporate Exchange Server 2007 Client Access Servers over the Internet. TS Gateway Servers can be configured with connection authorization policies and resource authorization policies as a way of differentiating access to Terminal Servers and network resources.

Connection authorization policies allow access based on a set of conditions specified by the administrator; resource authorization policies grant access to specific Terminal Server resources based on user account properties.

Resource Authorization Policies

Terminal Services resource authorization policies (TS-RAPs) are used to determine the specific resources on an organization’s network that an incoming TS Gateway client can connect to. When you create a TS-RAP you specify a group of computers that you want to grant access to and the group of users that you will allow this access to. For example, you could create a group of computers called AccountsComputers that will be accessible to members of the Accountants user group. To be granted access to internal resources, a remote user must meet the conditions of at least one TS-CAP and at least one TS-RAP.

100% Ensurepass Free Download!
Download Free Demo:70-646 Demo PDF
100% Ensurepass Free Guaranteed!
70-646 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.