Microsoft Official Exam Center New Released 70-642 Practice Exam Questions Free Download from Braindump2go (261-270)
The 70-642 Exam Practice Questions and Answers are ideal for the aspring candiates to grab exceptional grades in Microsoft 70-642 Exam! The 70-642 Questions and Answers are developed using the latest updated course content and all the answers are verified to ensure phenoment preparation for the actual 70-642 Exam!
Vendor: Microsoft
Exam Code: 70-642
Exam Name: TS: Windows Server 2008 Network Infrastructure, Configuring
Keywords: 70-642 Exam Dumps,70-642 Practice Tests,70-642 Practice Exams,70-642 Exam Questions,70-642 Dumps,70-642 PDF,70-642 VCE,70-642 Study Guide
QUESTION 261
Your network contains an Active Directory forest.
The functional level of the forest is Windows Server 2008 R2.
You plan to deploy DirectAccess.
You need to configure the DNS servers on your network to support DirectAccess.
What should you do?
A. Modify the GlobalQueryBlockList registry key and restart the DNS Server service.
B. Modify the EnableGlobalNamesSupport registry key and restart the DNS Server service.
C. Create a trust anchor that uses a certificate issued by an internal certification authority (CA).
D. Create a trust anchor that uses a certificate issued by a publicly trusted certification
authority (CA).
Answer: A
Explanation:
To remove ISATAP from the DNS global query block list
1. Click Start, click All Programs, click Accessories, rightclick Command Prompt, and then click Run as administrator.
2. In the Command Prompt window, type dnscmd /config / globalqueryblocklist wpad, and then press ENTER.
3. Close the Command Prompt window.
OR
To remove ISATAP from the DNS global query block list on a DNS server
1- Click Start, type regedit.exe, and then press ENTER.
2- In the console tree, open
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS \Parameters.
3- In the contents pane, double-click the GlobalQueryBlockList value.
4- In the Edit Multi-String dialog box, remove the name ISATAP from the list, and then click OK.
5- Start a command prompt as an administrator.
6- In the Command Prompt window, run the following commands:
– net stop dns
– net start dns
http://technet.microsoft.com/en-us/library/ee649158(v=ws.10).aspx
QUESTION 262
Your network contains a server named Server1.contoso.com.
Server1 is located on the internal network.
You have a client computer named Computer1 that runs Windows 7.
Computer1 is located on a public network that is connected to the Internet.
Computer1 is enabled for DirectAccess.
You need to verify whether Computer1 can resolve Server1 by using DirectAccess.
Which command should you run on Computer1?
A. nbtstat.exe -a server1.contoso.com
B. netsh.exe dnsclient show state
C. nslookup.exe server1.contoso.com
D. ping.exe server1.contoso.com
Answer: D
QUESTION 263
Your network contains a server named Server1 that runs Windows Server 2008 R2.
You plan to deploy DirectAccess on Server1.
You need to configure Windows Firewall on Server1 to support DirectAccess connections.
What should you allow from Windows Firewall on Server1?
A. ICMPv6 Echo Requests
B. ICMPv6 Redirect
C. IGMP
D. IPv6-Route
Answer: A
QUESTION 264
Your network contains a computer named Computer1 that runs Windows 7.
You need to verify if Computer1 has active DirectAccess connections to the network.
What should you do?
A. From Network Connections, right-click the active network connection, and then click Status.
B. From Network Connections, select the active network connection, and then click Diagnose
this connection.
C. From Windows Firewall with Advanced Security, click Monitoring, and then click Connection
Security Rules.
D. From Windows Firewall with Advanced Security, click Monitoring, click Security Associations,
and then click Main Mode.
Answer: D
QUESTION 265
Your network contains a Network Policy Server (NPS) named NPS1.
You deploy a new NPS named NPS2.
You need to ensure that NPS2 sends all authentication requests to NPS1.
What should you modify on NPS2?
A. health policies
B. network policies
C. RADIUS clients
D. remote RADIUS server groups
Answer: D
Explanation:
NPS is RADIUS (Remote Authentication….).
We need to configure NPS2 to use NPS1 for authentication.
QUESTION 266
Your network contains a Network Policy Server (NPS) named Server1.
NPS1 provides authentication for all of the VPN servers on the network.
You need to track the usage information of all VPN connections.
Which RADIUS attribute should you log?
A. Acct-Session-Id
B. Acct-Status-Type
C. Class
D. NAS-Identifier
Answer: C
QUESTION 267
Your network contains a Network Policy Server (NPS) named Server1.
Server1 is configured to use SQL logging.
You add a second NPS server named Server2.
You need to ensure that Server2 has the same RADIUS authentication and logging settings as Server1.
You export the NPS settings from Server1, and then import the settings to Server2.
What should you do next on Server2?
A. Create a new ODBC data source.
B. Run netsh.exe nps reset config.
C. Manually configure the SQL logging settings.
D. Restart the Network Policy Server (NPS) role service.
Answer: C
QUESTION 268
Your network contains an Active Directory forest.
The forest contains two domains named contoso.com and eu.contoso.com.
You install a Network Policy Server (NPS) named Server1 in the contoso.com domain.
You need to ensure that Server1 can read the dial-in properties of the user accounts in the eu.contoso.com domain.
What should you do?
A. In the contoso.com domain, add Server1 to the RAS and IAS Servers group.
B. In the contoso.com domain, add Server1 to the Windows Authorization Access group.
C. In the eu.contoso.com domain, add Server1 to the RAS and IAS Servers group.
D. In the eu.contoso.com domain, add Server1 to the Windows Authorization Access group.
Answer: C
Explanation:
C is correct, Servers in this group can access remote access properties of users
QUESTION 269
Your network contains a Network Policy Server (NPS) named Server1.
You need to configure a network policy for a VLAN.
Which RADIUS attributes should you add?
A. Login-LAT-Service
Login-LAT-Node
Login-LAT-Group
NAS-Identifier
B. Tunnel-Assignment-ID
Tunnel-Preference
Tunnel-Client-Auth-ID
NAS-Port-Id
C. Tunnel-Client-Endpt
Tunnel-Server-Endpt
NAS-Port-Type
Tunnel-Password
D. Tunnel-Medium-Type
Tunnel-Pvt-Group-ID
Tunnel-Type
Tunnel-Tag
Answer: D
Explanation:
http://technet.microsoft.com/en-us/library/cc754422(v=ws.10).aspx
QUESTION 270
Your network contains two Active Directory forests named contoso.com and fabrikam.com.
You have a standalone Network Policy Server (NPS) named NPS1.
You have a VPN server named VPN1. VPN1 is configured as a RADIUS client to NPS1.
You need to ensure that users from both forests can establish VPN connections by using their own domain accounts.
What should you do?
A. On NPS1, configure remediation server groups.
B. On NPS1, configure connection request policies.
C. On VPN1, modify the DNS suffix search order.
D. On VPN1, modify the IKEv2 Client connection controls.
Answer: B
Explanation:
Connection request policies are sets of conditions and settings that allow network administrators to designate which Remote Authentication Dial-In User Service (RADIUS) servers perform the authentication and authorization of connection requests that the server running Network Policy Server (NPS) receives from RADIUS clients. Connection request policies can be configured to designate which RADIUS servers are used for RADIUS accounting.
http://technet.microsoft.com/en-us/library/cc753603.aspx
Braindump2go Offers 100% money back guarantee on all products! Our products remain valid for a lifetime! Recently we update our 70-642 Exam Questions since the Microsoft Official Exam Center adds some new questions in 70-642 Exam Dumps. Braindump2go checks all Exam Dumps every day and guarantee all the exam questions are the latest and correct!