15 tips on How to 70-647 Test Like a Badass [91 to 105]

Refined of 70-647 latest exam materials and class for Microsoft certification for IT professionals, Real Success Guaranteed with Updated 70-647 pdf dumps vce Materials. 100% PASS Pro: Windows Server 2008,Enterprise Administrator exam Today!

2016 Apr 70-647 Study Guide Questions:

Q91. Your network consists of one Active Directory forest named contoso.com. The functional level of the contoso.com forest is Windows Server 2008. 

The network contains seven servers that run Internet Information Services (IIS) 7.0 and host Web services. 

Remote users from a partner company access the Web services through HTTPS. The partner company has a separate Active Directory forest named fabrikam.com. The functional level of the fabrikam.com forest is Windows Server 2003. 

You need to recommend an authentication solution for the fabrikam.com users. The solution must meet the following requirements: 

All communications between both forests must use only HTTPS. 

Remote users must only authenticate once to access all Web services. 

Users from fabrikam.com must access the Web services by using user accounts in the fabrikam.com forest. 

What should you recommend? 

A. Implement Client Certificate Mapping Authentication on the IIS servers. 

B. Implement Microsoft Identity Lifecycle Manager (ILM) 2007 on the contoso.com forest. 

C. Implement a forest trust between the contoso.com and the fabrikam.com forests. Configure the forest trust to use Selective Authentication. 

D. Implement Active Directory Federation Services (AD FS) in the contoso.com forest. Create a federation trust between the contoso.com forest and the fabrikam.com forest. 

Answer: D 


Q92. You are evaluating renaming the cpandll.com forest. 

You need to recommend changes to the current network infrastructure to ensure that you can rename the forest. 

What should you recommend? 

A. Migrate Exchange Server 2003 to Exchange Server 2010 

B. Upgrade all of the domain controllers to Windows Server 2008 R2 

C. Publish the CRLs to a web server and reissue all of the certificates 

D. Move all user accounts, group accounts, and computer accounts to the forest root domain and remove all of the child domains 

Answer: C 


Q93. A corporate network includes one Active Directory forest named contoso.com. 

The relevant portion of the network is configured as shown in the exhibit. (Click the Exhibit button.) 


Users in the sales.apac.intl.contoso.com domain frequently access resources on the products.corp.contoso.com domain. 

Users report slow access times when they access resources on the products.corp.contoso.com domain. 

You need to minimize access times when users access resources on the products.corp.contoso.com domain. 

What should you do? 

A. Add products.corp.contoso.com as a DNS suffix for all users in the sales.apac.intl.contoso.com domain. 

B. Create one-way non-transitive trust from the sales.apac.intl.contoso.com domain to the products.corp.contoso.com domain. 

C. Enable Universal Group Membership Caching for all Active Directory sites. 

D. Create a two-way shortcut trust. 

Answer: D 


Q94. Your network consists of one Windows Server 2008 domain. The network contains portable computers. You configure a server that runs Windows Server 2008 as a Routing and Remote Access Service (RRAS) server. Users connect remotely to the network through a virtual private network (VPN) connection to the RRAS server from both company-issued portable computers and non-company-issued computers. The relevant portion of the network is shown in the following diagram. 


You need to prepare the environment to secure remote access to the network. The solution must meet the following requirements: 

. Only computers that have Windows Firewall enabled can connect remotely. . Only computers that have the most up-to-date antivirus definitions can connect remotely. . Only computers that run Windows Vista and have the most up-to-date updates can connect remotely. 

What should you do? 

A. Implement Authorization Manager. 

B. Implement Network Access Protection (NAP) on the perimeter network. 

C. Install a Microsoft Internet Security and Acceleration Server (ISA) 2006 on the network. 

D. Create a domain Group Policy object (GPO). Enable Windows Firewall and publish updated antivirus definitions in the GPO. 

Answer: B 


Q95. You need to recommend a strategy to improve the PKI. The strategy must meet the company's technical requirements. What should you include in the recommendation? 

A. A Standalone subordinate CA 

B. The Certificate Enrollment Web Service role Service 

C. The Online Responder service 

D. Version 3 Certificate Templates 

Answer: C 


70-647 rapidshare

Update 70-647 pdf exam:

Q96. You work as an IT professional in an international company which is named Contoso. Your major job is to translate business goals into technology decisions and plan mid-range to long-term strategies. And you are experienced in network infrastructure, security policy and business continuity. In your company, you are responsible for infrastructure design and global configuration changes. 

A server which runs Windows Server 2008 is installed by you. And it is installed as the first domain controller in an Active Directory forest. Since you are the technical support, you are required to install another server as a read-only domain controller (RODC). 

To achieve the goal, which action should be performed first? 

A. To achieve the goal, adprep /rodcprep should be run. 

B. To achieve the goal, adprep /domainprep /gpprep should be run. 

C. To achieve the goal, the functional level of the forest should be raised to Windows Server 2003. 

D. To achieve the goal, the functional level of the domain should be raised to Windows Server 2008. Answer: C 


Q97. You need to recommend a NAP enforcement method for cohovineyard.com that meets the company's security requirements. 

Which NAP enforcement method should you recommend? 

A. IPSec 

B. 802.1X 

C. VPN 

D. DHCP 

Answer: B 


Q98. You need to recommend a technology that meets the company's security requirements. 

What should you recommend? 

A. Microsoft Forefront Endpoint Protection 2010 

B. Active Directory Federation Services (AD FS) 

C. Active Directory Management Gateway Service 

D. Microsoft Forefront Identity Manager (FIM) 2010 

Answer: D 


Q99. Your network consists of one Active Directory domain. 

All domain controllers run Windows Server 2008 R2 and are configured as global catalog servers. The relevant portion of the network is configured as shown in the exhibit. (Click the Exhibit button.) 


The Bridge all site links option is enabled. 

You are designing a failover strategy for domain controller availability. 

You need to ensure that client computers in SiteH only authenticate to DC1 or DC2 if DC8 fails. 

What should you do? 

A. Change the B-H site link cost to 50. 

B. Remove the global catalog server attribute from DC3, DC4, DC5, DC6, DC7, and DC8. 

C. Disable the Bridge all site links option. In SiteB, install a new writable domain controller that runs Windows Server 2008 R2. 

D. Prevent DC3, DC4, DC5, DC6, DC7, and DC8 from registering generic (non-site-specific) domain controller locator DNS records. 

Answer: D 


Q100. A company has a main office and several branch offices with a 4 Mbps point-to-point connection between all offices. The corporate network contains an Active Directory Domain Services (AD DS) domain. All file servers in the domain run Windows Server 2008 R2. File servers contain a large amount of data that undergoes frequent changes. 

You need to recommend a solution for replicating file server volumes between branch offices. 

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.) 

A. Configure Distributed File System Replication (DFS-R) with a bandwidth limit 

B. Configure Distributed File System (DFS) and replicate data to each branch office 

C. Configure File Server Resource Manager (FSRM). 

D. Configure Distributed File System (DFS) Namespaces on each file server. 

Answer: A 


70-647 practice test

Refined 70-647 testing engine:

Q101. You need to recommend RDS solution that supports the company's planned changes. Which role service should you include in the recommendation? 

A. Active Directory Federation Services (AD FS) 

B. Authentication Mechanism Assurance 

C. Selective authentication 

D. SID filtering 

Answer: B 


Q102. A corporate network contains an Active Directory Domain Services (AD DS) domain with 160 domain controllers that run Windows Server 2008 R2. All client computers run Windows 7. The company has 75 geographically disparate branch offices. Each branch office is represented by an Active Directory site. The Employee organizational unit (OU) includes all employee user accounts. Many employees work from multiple branch offices. Site resource access is managed by using Group Policy Objects (GPOs) and scripts. 

Each site has a network share on which users store information specific to the activities at that site. 

You need to ensure that users at each site can access the appropriate network share through a single mapped drive. 

What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.) 

A. Create a GPO for each site. Configure the GPOs to run a logon script that maps the drive to the site-specific file share. Create a Windows Management Instrumentation (WMI) filter that targets Windows Server 2008 R2. Link the GPOs to the Employee OU. 

B. Create an OU for each site under the Employee OU. Place the user accounts for each site in the correct OU. Create a GPO for each site. Configure the new GPOs to run a logon script that maps the drive to the site-specific file share. Link the new GPOs to the site-specific OUs. 

C. Create a single GPO for drive mapping. In the GPO, create Drive Map preference items to map the drive to the site-specific file share. Configure the targeting of the Drive Map preference item to match the specific site. Link the new GPO to the Employee OU. 

D. Create a logon script for each site. Set each logon script to map the drive to the site-specific file share. Configure the user logon script option in Active Directory to run the appropriate logon script. 

Answer: C 


Q103. Your network consists of one Active Directory forest that contains two domains named domain1 and domain2. 

The functional level of the forest is Windows Server 2003. 

All domain controllers run Windows Server 2003. The relevant portion of the network is configured as shown in the exhibit. (Click the Exhibit button.) 


All domain controllers for domain1 are in the hub sites. All domain controllers for domain2 are in the spoke sites. 

The Bridge all site links option is disabled. 

You plan to deploy a read-only domain controller (RODC) in SiteH for domain2. 

You need to prepare the environment for the installation of the RODC. 

What should you do? 

A. Upgrade DC7 to Windows Server 2008. 

B. Upgrade DC2 to Windows Server 2008. 

C. Lower site link costs between the satellite sites (SiteF, SiteG, and SiteH) and SiteB to 80. 

D. Enable the Bridge all site links option. Create a BH-AB site link bridge that includes the B-H and A-B site links. 

Answer: A 


Q104. You need to recommend changes to the environment to resolve the logon issues that were reported by the users from the China domain. 

What should you include in the recommendation? 

A. Modify the automatic site coverage settings. 

B. Deploy domain controllers from the China domain to the India site. 

C. In the India site, enable universal group membership caching. 

D. In the India site, configure another domain controller as a global catalog server. 

Answer: B 


Q105. Your company has a main office and 10 branch offices. The network consists of one Active Directory domain. 

All domain controllers run Windows Server 2008 R2 and are located in the main office. You plan to deploy one Windows Server 2008 R2 domain controller in each branch office. You are concerned that the branch offices will fail to provide adequate security for the new domain controllers. 

You need to recommend a security solution to meet the following requirements: 

. Prevent any unauthorized user from accessing user passwords when the server is running. . Prevent any unauthorized user from accessing user passwords either locally or over the network on each branch office domain controller. 

Which configuration should you recommend for each branch office domain controller? 

A. Enable an IPsec policy. 

B. Enable Windows Firewall. 

C. Enable the read-only domain controller (RODC) option. 

D. Enable Windows BitLocker Drive Encryption (BitLocker). 

Answer: C 



see more 70-647 - Pro: Windows Server 2008,Enterprise Administrator

Microsoft 70-647 Certification Sample Questions and Answers: http://www.braindumpsall.net/70-647-dumps/

P.S. New 70-647 dumps PDF: http://www.4easydumps.com/70-647-dumps-download.html