100% Valid Dumps For 70-642 Exam Pass: PassLeader have been updated the 448q 70-642 exam dumps and added the new exam questions, in the latest version of 70-642 PDF dumps or VCE dumps, you will get all the new changed 448q 70-642 exam questions, which will help you 100% passing 70-642 exam, and you will get the free version of VCE Player together with your 70-642 VCE dumps. Welcome to visit our website — passleader.com and get your 70-642 exam passed easily!
keywords: 70-642 exam,448q 70-642 exam dumps,448q 70-642 exam questions,70-642 pdf dumps,70-642 vce dumps,70-642 braindumps,70-642 practice tests,70-642 study guide,TS: Windows Server 2008 Network Infrastructure, Configuring Exam
QUESTION 241
Your network contains a DNS server named DNS1 that runs Windows Server 2008 R2. You need to ensure that DNS1 only responds to DNS queries from computers that are located in the same subnet. What should you configure?
A. Interfaces from DNS Manager
B. Security from DNS Manager
C. Trust Anchors
D. Windows Firewall
QUESTION 242
Your network contains a DNS server named DC1 that runs Windows Server 2008 R2. The network uses a network ID of 10.1.1.0/24. You open the DNS console on Server1 as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that all client computers can resolve the IPv4 addresses of computers on the network to fully qualified domain names (FQDNs). What should you do?
A. Delete the “.” (root) zone.
B. Create a zone named 10.1.in-addr.arpa.
C. Create a zone named 1.1.10.in-addr.arpa.
D. Convert the 10.1.1.in-addr.arpa zone to a standard primary zone.
Answer: C
QUESTION 243
Your network contains a DNS server named Server1 that runs Windows Server 2008 R2. Root hints for Server1 are configured as shown in the exhibit. (Click the Exhibit button.)
You need to add root hints to Server1. What should you do first?
A. Disable recursion.
B. Delete the “.” (root) zone.
C. Restart the DNS Server service.
D. Remove all conditional forwarders.
Answer: B
QUESTION 244
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2008 R2. DC1 hosts a primary zone for contoso.com. DC2 hosts a secondary zone for contosto.com. You need to ensure that DNS zone data is encrypted when the data replicates across the network. DC2 must provide authoritative responses to client computers. What should you do?
A. Configure the contoso.com zone to use DNSSEC.
B. Create a new delegation in the contoso.com zone.
C. Modify the zone transfer settings of the contoso.com zone.
D. Convert the contoso.com zone to an Active Directory-integrated zone.
Answer: D
QUESTION 245
Your network contains a DNS server named DNS1 that runs Windows Server 2008 R2. DNS1 hosts a zone named contoso.com. Dynamic updates are enabled on the zone. The network contains a server named Web1.contoso.com. All computers on the network are configured to use DNS1 as their DNS server. You need to ensure that users can connect to Web1.contoso.com by using the name portal.contoso.com. The solution must ensure that the users can connect by using portal.contoso.com if the IP address of Web1.contoso.com changes. Which type of resource record should you create?
A. Alias (CNAME)
B. Host (A)
C. Host Information (HINFO)
D. Pointer (PTR)
Answer: A
QUESTION 246
Your network contains a DNS server named Server1 that runs Windows Server 2008 R2. You need to ensure that client computers can resolve IPv6 addresses to fully qualified domain names (FQDNs). Which type of resource record should you create?
A. Alias (CNAME)
B. Host (A)
C. Host (AAAA)
D. Pointer (PTR)
Answer: D
Explanation:
ALIAS (CNAME) – maps to a host a or aaaa record
HOST A or AAAA – Name to address mapping record
PTR Records – Address to name mapping record
QUESTION 247
Your company has a main office and a branch office. The network contains two DNS servers named DNS1 and DNS2. DNS1 is located in the main office. DNS1 hosts a primary standard zone named contoso.com. The contoso.com zone is configured to use DNSSEC. DNS2 is located in the branch office. DNS2 is a caching-only DNS server. You need to ensure that client computers in the branch office can receive authoritative responses to queries for contoso.com if a WAN link fails. DNSSEC security must be maintained. What should you configure on DNS2 for contoso.com?
A. a conditional forwarder
B. a secondary zone
C. a zone delegation
D. an Active Directory-integrated stub zone
Answer: B
QUESTION 248
Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2. The servers for the sites are configured as shown in the following table.
Server1 hosts a standard primary zone for contoso.com. Server2 hosts a secondary zone for contoso.com. You need to ensure that all DNS replication traffic between Server1 and Server2 is encrypted. What should you do?
A. On Server1, configure DNSSEC for the contoso.com zone.
B. On Server1, convert the contoso.com zone to an Active Directory-integrated zone.
C. On each server, create connection security rules.
D. On each server, enable Encrypting File System (EFS) encryption for the contoso.com.dns file.
Answer: B
QUESTION 249
Your network contains a single Active Directory domain named contoso.com. The domain contains a DNS server named Server1 that hosts the contoso.com zone. The network is connected to the network of a partner company. The partner company’s network contains a DNS server that hosts a zone named nwtraders.com. You need to ensure that computers in contoso.com can resolve the names of computers in nwtraders.com. The solution must not require any changes to the zone configuration of nwtraders.com. What should you configure on Server1?
A. a conditional forwarder
B. a GlobalNames zone
C. a secondary zone
D. a zone delegation
Answer: A
QUESTION 250
Your network contains an Active Directory forest. The forest contains three domain trees. Each domain tree contains multiple domains. You have an Active Directory-integrated DNS zone. You install a Web server named Web1. All of the users in the company will use Web1. You need to ensure that the users can access Web1 by using the URL http://web1. You want to achieve this goal by using the minimum amount of administrative effort. What should you do?
A. Configure a GlobalNames zone and add a Host (A) resource record for Web1.
B. Create an Alias (CNAME) resource record for Web1 in the forest root domain zone.
C. Create a reverse lookup zone and add an Alias (CNAME) resource record for Web1.
D. Create a Host Information (HINFO) resource record for Web1 in the forest root domain zone.
Answer: A
http://www.passleader.com/70-642.html
QUESTION 251
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and nwtraders.com. You have a DNS server named DNS1. DNS1 hosts Active Directory-integrated zones for contoso.com and nwtraders.com. You discover that client computers in contoso.com cannot use single-label names to access servers in nwtraders.com. You need to ensure that contoso.com computers can access nwtraders.com servers by using singlelabel names. What should you modify?
A. the DNS suffix search order on DNS1
B. the DNS suffix search order on the client computers
C. the root hints servers on DNS1
D. the security settings of the nwtraders.com zone
Answer: B
Explanation:
Create an Alias (CNAME) resource record for Web1 in the forest root domain zone.
Because the root zone is already AD-integrated.
In GLOBALNAMES zone you only add alias (cname) records not host (A) records.
QUESTION 252
Your network contains a DNS server named DNS1 that runs Windows Server 2008 R2. DNS1 is configured as the DNS server for contoso.com. All client computers are configured to use DNS1 for name resolution. From a client computer, you run the Ping tool as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that users can use the Ping tool to resolve the IP addresses of internal servers to fully qualified domain names (FQDNs). What should you do?
A. Create a GlobalNames zone.
B. Create a reverse lookup zone.
C. Create a forward lookup zone.
D. Enable zone transfers on the contoso.com zone.
Answer: B
QUESTION 253
Your network contains two Web servers named Web1 and Web2. Web1 hosts the company’s corporate Web site. Web2 is a test server that contains a copy of the Web site. Users connect to Web1 by using the URL http://www.contoso.com. A Web developer named User1 plans to test updates to the Web site on Web2. You need to ensure that User1 connects to Web2 by using the URL http://www.contoso.com. The solution must ensure that all other computers connect to Web1. What should you do?
A. From User1’s computer, create a record in the Hosts file.
B. From User1’s computer, create a record in the Lmhosts file.
C. From a DNS server, create a new Host (A) resource record.
D. From a DNS server, create a new Alias (CNAME) resource record.
Answer: A
QUESTION 254
Your network contains a DHCP server named DHCP1. You have a DHCP reservation for a computer named Computer1. You add a DNS server option to the reservation. You need to ensure that Computer1 immediately receives the new option. What should you do?
A. Run ipconfig.exe /renew.
B. Run ipconfig.exe /registerdns.
C. On DHCP1, recreate the reservation.
D. On DHCP1, delete the active lease for the reservation.
Answer: A
QUESTION 255
Your network contains a Routing and Remote Access server named RRAS1 and a DHCP server named DHCP1. RRAS1 and DHCP1 are located in different subnets. RRAS1 is configured to support VPN connections from the Internet. DHCP1 has a scope that provides IP addresses for the VPN connections. You need to ensure that VPN clients that connect to RRAS1 can receive IP addresses from DHCP1. What should you do?
A. On DHCP1, configure a DHCP Relay Agent.
B. On DHCP1, install the Routing role service.
C. On RRAS1, configure a DHCP Relay Agent.
D. On RRAS1, install the Routing role service.
Answer: C
QUESTION 256
Your network has Network Access Protection (NAP) deployed. The network contains two servers named Server1 and Server2. Server1 is a Network Policy Server (NPS). Server2 has a third-party antivirus solution installed. Server1 is configured to use a custom system health validator provided by the antivirus vendor. The system health validator uses Server2 to identify the version of the current antivirus definition. You need to ensure that NAP clients are considered noncompliant if Server1 cannot connect to Server2. Which error code resolution setting should you configure?
A. SHA not responding to NAP client
B. SHA unable to contact required services
C. SHV not responding
D. SHV unable to contact required services
Answer: D
Explanation:
SHA is client related, SHV is server related. Link here:
http://technet.microsoft.com/en-us/library/dd759167.aspx
QUESTION 257
Your network contains a server named Server1. Server1 has DirectAccess deployed. A group named Group1 is enabled for DirectAccess. Users report that when they log on to their computers, the computers are not configured to use DirectAccess. You need to ensure that the users’ computers are configured to use DirectAccess. What should you do first?
A. On each client computer, add Group1 to the Distributed COM Users group.
B. On each client computer, add Group1 to the Network Configuration Operators group.
C. From Active Directory Users and Computers, add the users’ user accounts to Group1.
D. From Active Directory Users and Computers, add the users’ computer accounts to Group1.
Answer: D
QUESTION 258
Your network contains an Active Directory domain named contoso.com. The network has DirectAccess deployed. You deploy a new server named Server1 that hosts a management application. You need to ensure that Server1 can initiate connections to DirectAccess client computers. Which settings should you modify from the DirectAccess Setup console?
A. Application Servers
B. DirectAccess Server
C. Infrastructure Servers
D. Remote Clients
Answer: C
Explanation:
Read the guide here :
http://blog.concurrency.com/infrastructure/uag-directaccess-infrastructure-servers-wizard/
QUESTION 259
Your network contains a client computer named Computer1 that runs Windows 7. Computer1 is configured to use DirectAccess. You need to identify the URL of the network location server that Computer1 is configured to use. What should you do?
A. From a command prompt, run ipconfig.exe /displaydns.
B. From a command prompt, run netsh.exe namespace show policy.
C. From Control Panel, run the network adapter troubleshooter.
D. From the Network Connection Status window, view the Network Connection Details.
Answer: B
Explanation:
This command shows the rules in the NRPT on a DirectAccess client. The netsh namespace show policy shows the NRPT rules as configured with Group Policy. There should be NRPT rules for the intranet namespace and an exemption rule for the fully qualified domain name (FQDN) of the network location server.
http://technet.microsoft.com/en-us/library/ee624067(v=ws.10).aspx
QUESTION 260
Your network contains an Active Directory domain. The network has DirectAccess deployed. You deploy the DirectAccess Connectivity Assistant (DCA) to all client computers. You need to ensure that users can view their DirectAccess status by using the DCA. Which two group policy settings should you configure? (Each correct answer presents part of the solution. Choose two.)
A. Dynamic Tunnel Endpoints (DTEs)
B. Corporate Portal Site
C. Corporate Resources
D. PortalName
Answer: AC
Explanation:
You must configure the DTE and CorporateResources settings to have DCA functionality.
http://technet.microsoft.com/en-us/library/gg502552.aspx