Mar 2016 updated: Pass4sure Microsoft 70-648 free exam questions 76-90

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 70-648 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/70-648-dumps.html


70-648 Product Description:
Exam Number/Code: 70-648 vce
Exam name: TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: Microsoft 70-648 TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008

70-648 examcollection

Exam Code: 70-648 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008
Certification Provider: Microsoft
Free Today! Guaranteed Training- Pass 70-648 Exam.

2016 Mar 70-648 Study Guide Questions:

Q76. Your network contains an enterprise certification authority (CA) that runs Windows Server 2008 R2 Enterprise. 

You need to approve a pending certificate request. 

Which snap-in should you use? 

A. Authorization Manager 

B. Group Policy Management 

C. Certificates 

D. Certification Authority 

E. Enterprise PKI 

F. TPM Management 

G. Active Directory Users and Computers 

H. Security Templates 

I. Certificate Templates 

Answer: E


Q77. Your company has an Active Directory domain. The main office has a DNS server named DNS1 that is configured with Active Directory-integrated DNS. The branch office has a DNS server named DNS2 that contains a secondary copy of the zone from DNS1. The two offices are connected with an unreliable WAN link. 

You add a new server to the main office. Five minutes after adding the server, a user from the branch office reports that he is unable to connect to the new server. 

You need to ensure that the user is able to connect to the new server. 

What should you do? 

A. Clear the cache on DNS2. 

B. Reload the zone on DNS1. 

C. Refresh the zone on DNS2. 

D. Export the zone from DNS1 and import the zone to DNS2. 

Answer: C


Q78. Your network contains two Active Directory sites named Site1 and Site2. Site1 contains a server named Server1. Server1 runs a custom application named App1. 

Users in Site2 report that they cannot access App1 on Server1. Users in Site1 can access App1. 

Server1 has a Windows Firewall with Advanced Security rule named Rule1. 

You discover that Rule1 blocks the connection to App1. 

You verify that Server1 has no connection security rules. 

You need to ensure that the Site2 users can connect to Server1. 

What should you modify in Rule1? 

A. the authorized computers list 

B. the authorized users list 

C. the edge traversal settings 

D. the scope 

Answer: D


Q79. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the Active Directory Federation Services (AD FS) role installed. 

You have an application named App1 that is configured to use Server1 for AD FS authentication. 

You deploy a new server named Server2. Server2 is configured as an AD FS 2.0 server. 

You need to ensure that App1 can use Server2 for authentication. 

What should you do on Server2? 

A. Add an attribute store. 

B. Create a relying party trust. 

C. Create a claims provider trust. 

D. Create a relaying provider trust. 

Answer: B


Q80. Your company has an IPv6 network that has 25 segments. You deploy a server on the IPv6 network. 

You need to ensure that the server can communicate with all segments on the IPv6 network. 

What should you do? 

A. Configure the IPv6 address as fd00::2b0:d0ff:fee9:4143/8. 

B. Configure the IPv6 address as fe80::2b0:d0ff:fee9:4143/64. 

C. Configure the IPv6 address as ff80::2b0:d0ff:fee9:4143/64. 

D. Configure the IPv6 address as 0000::2b0:d0ff:fee9:4143/64. 

Answer: A


70-648 dumps

Avant-garde 70-648 sample question:

Q81. Your company has a main office and a branch office. The branch office contains a read-only domain controller named RODC1. 

You need to ensure that a user named Admin1 can install updates on RODC1. The solution must prevent Admin1 from logging on to other domain controllers. 

What should you do? 

A. Run ntdsutil.exe and use the Roles option. 

B. Run dsmgmt.exe and use the Local Roles option. 

C. From Active Directory Sites and Services, modify the NTDS Site Settings. 

D. From Active Directory Users and Computers, add the user to the Server Operators group. 

Answer: B


Q82. Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the IIS role installed. 

You need to review the contents of the IIS-Configuration Analytic event log on Server1. You configure Event Viewer to show the Analytic log. 

What should you do next. 

A. Attach a task to the log. 

B. Create a custom view to the log. 

C. Modify the Subscriptions list for the log. 

D. Modify the General properties of the log. 

Answer: D


Q83. Your company has an Active Directory domain and an organizational unit. The organizational unit is named Web. You configure and test new security settings for Internet Information Service (IIS) servers on a server named IISServerA. 

You need to deploy the new security settings only on the IIS servers that are members of the Web organizational unit. 

What should you do? 

A. Run secedit /configure /db iis.inf from the command prompt on IISServerA, and then run secedit /configure /db webou.inf from the command prompt. 

B. Export the settings on IISServerA to create a security template. Import the security template into a GPO and link the GPO to the Web organizational unit. 

C. Export the settings on IISServerA to create a security template. Run secedit /configure /db webou.inf from the command prompt. 

D. Import the hisecws.inf file template into a GPO and link the GPO to the Web organizational unit. 

Answer: B


Q84. Your network consists of a single Active Directory domain. The functional level of the forest is Windows Server 2008 R2. 

You need to create multiple password policies for users in your domain. 

What should you do? 

A. From the Active Directory Schema snap-in, create multiple class schema objects. 

B. From the ADSI Edit snap-in, create multiple Password Setting objects. 

C. From the Security Configuration Wizard, create multiple security policies. 

D. From the Group Policy Management snap-in, create multiple Group Policy objects. 

Answer: B


Q85. Your network contains an Active Directory domain. The domain contains a member server named Server1. 

Server1 has a single network connection. 

You need to log every attempt to connect to Server1 on a restricted port. 

What should you do? 

A. Change the settings of the private firewall profile. 

B. Change the settings of the domain firewall profile. 

C. Modify the properties of the inbound firewall rules. 

D. Modify the properties of the outbound firewall rules. 

Answer: C


70-648 courses

Free 70-648 exam price:

Q86. Your company has a domain controller that runs Windows Server 2008 R2 and the DNS role. The DNS domain is named contoso.com. 

You need to ensure that inquiries about contoso.com are sent to dnsadmin@contoso.com. 

What should you do? 

A. Create a Signature (SIG) record for the domain controller. 

B. Modify the Name Server (NS) record for the domain controller. 

C. Modify the Service Location (SRV) record for the domain controller. 

D. Modify the Start of Authority (SOA) record on the domain controller. 

Answer: D


Q87. You need to capture the HTTP traffic to and from a server every day between 09:00 and 

10:00. 

What should you do? 

A. Create a scheduled task that runs the Netsh tool. 

B. Create a scheduled task that runs the Nmcap tool. 

C. From Network Monitor, configure the General options. 

D. From Network Monitor, configure the Capture options. 

Answer: B


Q88. Your company has computers in multiple locations that use IPv4 and IPv6. Each location is protected by a firewall that performs symmetric NAT. 

You need to allow peer-to-peer communication between all locations. 

What should you do? 

A. Configure dynamic NAT on the firewall. 

B. Configure the firewall to allow the use of Teredo. 

C. Configure a link local IPv6 address for the internal interface of the firewall. 

D. Configure a global IPv6 address for the external interface of the firewall. 

Answer: B


Q89. Your network contains a DNS server named Server1 that runs Windows Server 2008 R2. 

You need to ensure that client computers can resolve IPv6 addresses to fully qualified domain names (FQDNs). 

Which type of resource record should you create? 

A. Alias (CNAME) 

B. Host (A) 

C. Host (AAAA) 

D. Pointer (PTR) 

Answer: D


Q90. Your network contains a server that runs Windows Server 2008 R2. The server has the Network Policy and Access Services server role installed. 

You need to allow only members of a global group named Group1 VPN access to the network. 

What should you do? 

A. Add Group1 to the RAS and IAS Servers group. 

B. Add Group1 to the Network Configuration Operators group. 

C. Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 1. 

D. Create a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 3. 

Answer: C



see more 70-648 dumps