Microsoft 70-648 Real Exam Questions
Exam 70-648 is an upgrade exam that is a composite of two stand-alone exams: 70-640 and 70-642. Exam 70-648 validates skills related to the core technology features and functionality of Windows Server 2008 R2, from the existing knowledge base of a Microsoft Certified Systems Administrator (MCSA) on Windows Server 2003.
1: Your network consists of a single Active Directory domain. The domain contains a server named Server1 that runs Windows Server 2008. All client computers run Windows Vista. All computers are members of the Active Directory domain. You assign the Secure Server (Require Security) IPsec policy to Server1 by using a GPO. Users report that they fail to connect to Server1. You need to ensure that users can connect to Server1. All connections to Server1 must be encrypted. What should you do?
A.Restart the IPsec Policy Agent service on Server1.
B.Assign the Client (Respond Only) IPsec policy to Server1.
C.Assign the Server (Request Security) IPsec policy to Server1.
D.Assign the Client (Respond Only) IPsec policy to all client computers.
Correct Answers: D
2: Your company is designing its network. The network will use an IPv6 prefix of 2001:DB8:BBCC:0000::/53. You need to identify an IPv6 addressing scheme that will support 2000 subnets. Which network mask should you use?
A./61
B./62
C./63
D./64
Correct Answers: D
3: Your company has recently deployed a server that runs Windows Server 2008. The server has the IP information shown below:
IP address: 192.168.46.186
Subnet mask: 255.255.255.192
Default gateway: 192.168.46.1
Users on remote subnets report that they are unable to connect to the server.
You need to ensure all users are able to connect to the server.
What should you do?
A.Change the IP address to 192.168.46.129.
B.Change the IP address to 192.168.46.200.
C.Change the subnet mask to a 24-bit mask.
D.Change the subnet mask to a 27-bit mask.
Correct Answers: C
4: Your network uses IPv4. You install a server that runs Windows Server 2008 at a branch office. The server is configured with two network interfaces. You need to configure routing on the server at the branch office. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A.Install the Routing and Remote Access role.
B.Run the netsh ras ip set access ALL command.
C.Run the netsh interface ipv4 enable command.
D.Enable the IPv4 Router Routing and Remote Access option.
Correct Answers: A D
5: Your company has four DNS servers that run Windows Server 2008. Each server has a static IP address. You need to prevent DHCP from assigning the addresses of the DNS servers to DHCP clients. What should you do?
A.Create a new scope for the DNS servers.
B.Create a reservation for the DHCP server.
C.Configure the 005 Name Servers scope option.
D.Configure an exclusion that contains the IP addresses of the four DNS servers.
Correct Answers: D
6: Your company has a single Active Directory domain. All servers run Windows Server 2008.
The company network has 10 servers that perform as Web servers. All confidential files are located on a server named FSS1.
The company security policy states that all confidential data must be transmitted in the most secure manner. When you monitor the network, you notice that the confidential files that are stored on the FSS1 server are being transmitted over the network without encryption.
You need to ensure that encryption is always used when the confidential files on the FSS1 server are transmitted over the network.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A.Deactivate all LM and NTLM authentication methods on the FSS1 server.
B.Use IIS to publish the confidential files, activate SSL on the IIS server, and then open the files as a Web folder.
C.Use IPSec encryption between the FSS1 server and the computers of the users who need to access the confidential files.
D.Use the Server Message Block (SMB) signing between the FSS1 server and the computers of the users who want to access the confidential files.
E.Activate offline files for the confidential files that are stored on the FSS1 server. In the Folder Advanced Properties dialog box, select the Encrypt contents to secure data option.
Correct Answers: B C
7: Your company has a single Active Directory domain. The domain runs at the functional level of Windows Server 2003. You install the DHCP service on a server named DHCP1. You attempt to start the DHCP service, but it does not start. You need to ensure that the DHCP service starts. What should you do?
A.Restart DHCP1.
B.Configure a scope on DHCP1.
C.Activate the scope on DHCP1.
D.Authorize DHCP1 in the Active Directory domain.
Correct Answers: D
8: You have a DHCP server that runs Windows Server 2008. The DHCP server has two network connections named LAN1 and LAN2. You need to prevent the DHCP server from responding to DHCP client requests on LAN2. The server must continue to respond to non-DHCP client requests on LAN2. What should you do?
A.From the DHCP snap-in, modify the bindings to associate only LAN1 with the DHCP service.
B.From the DHCP snap-in, create a new multicast scope.
C.From the properties of the LAN1 network connection, set the metric value to 1.
D.From the properties of the LAN2 network connection, set the metric value to 1.
Correct Answers: A
9: You have a DHCP server that runs Windows Server 2008. You need to reduce the size of the DHCP database. What should you do?
A.From the DHCP snap-in, reconcile the database.
B.From the folder that contains the DHCP database, run jetpack.exe dhcp.mdb temp.mdb.
C.From the properties of the dhcp.mdb file, enable the File is ready for archiving attribute.
D.From the properties of the dhcp.mdb file, enable the Compress contents to save disk space attribute.
Correct Answers: B
10: Your company has deployed Network Access Protection (NAP). You configure secure wireless access to the network by using 802.1x authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP. What should you do?
A.Configure all access points as RADIUS clients to the Remediation Servers.
B.Configure all access points as RADIUS clients to the Network Policy Server (NPS).
C.Create a Network Policy that defines Remote Access Server as a network connection method.
D.Create a Network Policy that specifies EAP-TLS as the only available authentication method.
Correct Answers: B
Download | Password: ciscobibles.com