Testpassport 70-643 Exam Features

1. Your company has a single Active Directory domain. You have a server named WDS1 that runs Windows Server 2008. You install the Windows Deployment Services (WDS) role on WDS1.
You capture an image of a reference computer. You deploy the image to 30 client computers. The client computers have the same name.
You need to ensure that each client computer receives a unique security identifier.
What should you do?
A. Create an image group by using the WDS snap-in. Redeploy the image to the client computers.
B. Run the imagex /append "computername" command at the command prompt on the WDS1 server. Redeploy the image to the client computers.
C. Run the wdsutil /answerclients:all command at the command prompt on the WDS1 server. Redeploy the image to the client computers.
D. Run the wdsutil /set-server /prestageusingMAC:yes command at the command prompt on the WDS1 server. Redeploy the image to the client computers.
Answer: D

2. Your company has four regional offices. You install the Windows Deployment Services (WDS) role on the network.
Your company creates three images for each office. There are a total of 12 images for the company. The images will be used as standard images for workstations. You deploy the images by using WDS.
You need to ensure that each administrator can view only the images for his or her regional office.
What should you do?
A. Create a global group for each regional office and place the computers in the appropriate global group.
B. Create an organizational unit (OU) for each regional office and place the computers in the appropriate OU.
C. Place all images into a single image group on the WDS server. Grant each administrator permissions to the image group.
D. Place each regional office into a separate image group on the WDS server. Grant each administrator permissions to his or her regional offices image group.
Answer: D

3. You install the Windows Deployment Services (WDS) role on a server that runs Windows Server 2008.
You plan to install Windows Vista on a computer that does not support Preboot Execution Environment (PXE). You have a Windows Vista image that is stored on the WDS server.
You need to start the computer and install the image that is stored on the WDS server.
What should you create?
A. a capture image
B. a CD-ROM that contains PXE drivers
C. a discover image
D. an install image
Answer: C

4. Your company has an Active Directory domain. You have a server named KMS1 that runs Windows Server 2008. You install and configure Key Management Service (KMS) on KMS1.
You plan to deploy Windows Server 2008 on 10 new servers. You install the first two servers. The servers fail to activate by using KMS1.
You need to activate the new servers by using the KMS server.
What should you do?
A. Complete the installation of the remaining eight servers.
B. Configure Windows Management Instrumentation (WMI) exceptions in Windows Firewall on the new servers.
C. Install Volume Activation Management Tool (VAMT) on the KMS server and configure Multiple Activation Key (MAK) Proxy Activation.
D. Install Volume Activation Management Tool (VAMT) on the KMS server and configure Multiple Activation Key (MAK) Independent Activation.
Answer: A

5. Your company has a single Active Directory domain named contoso.com. All servers in the domain run Windows Server 2008.
The DNS service is installed on two domain controllers named DC1 and DC2. Both DNS servers host Active DirectoryCintegrated zones that are configured to allow the most secure updates only.
DC1 has Key Management Service (KMS) installed and activated.
You discover that the service locator records from the contoso.com zone hosted on DC1 and DC2 are missing.
You need to force registration of the KMS service locator records in the contoso.com zone.
What should you do?
A. Configure the contoso.com zone to accept non-secure updates.
B. On DC1 at the command prompt, run the slmgr.vbs Crearm script.
C. On DC1 at the command prompt, run the net stop sppsvc command, and then run the net start sppsvc command.
D. On DC2 at the command prompt, run the net stop netlogon command, and then run the net start netlogon command.
Answer: C

6. Your company has a server named VS1 that runs Windows Server 2008 and Microsoft Hyper-V.
You want to create eight virtual servers that run Windows Server 2008 and configure the virtual servers as an Active Directory forest for testing purposes.
You discover that VS1 has only 30 GB of free hard disk space.
You need to install the eight new virtual servers on VS1.
What should you do? (To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
Actions                                               Answer Area
A. Install Windows Server 2008.
B. Activate undo disks on all virtual servers.
C. Create a virtual server that has a 10-GB fixed-size virtual hard disk.
D. Create eight virtual servers that have a differencing virtual hard disk attached.
E. Create eight virtual servers that have a dynamically expanded virtual hard disk attached.
Answer: C BEFORE A AND A BEFORE D AND ONLY C, A, D

7. Your company has a server named VS1 that runs Windows Server 2008 and Microsoft Hyper-V. The VS1 server hosts 10 virtual servers.
A virtual server named VS-DB has one 64-GB fixed-size virtual hard disk (VHD). The VHD file name is disk1.vhd.
You discover that VS-DB utilizes only 5 GB of the VHD.
You turn off the VS-DB virtual server and want to regain the unused disk space on the VS1 physical server.
You need to configure VS-DB to make the disk1.vhd file as small as possible.
What should you do? (To answer, move the appropriate tasks from the list of tasks to the answer area and arrange them in the correct order.)
Tasks                                                          Answer Area
A. Compact the disk2.vhd file.
B. Delete the disk1.vhd file. Rename disk2.vhd to disk1.vhd.
C. Convert the disk2.vhd file to a new fixed-size VHD file named disk1.vhd.
D. Convert the disk1.vhd file to a new dynamically expanding VHD file named disk2.vhd.
E. Create a new differencing VHD file named disk2.vhd that has disk1.vhd as a parent disk.
Answer: D BEFORE A AND A BEFORE B AND ONLY D, A, B

8. Your company has a server named VS1 that runs Windows Server 2008 and Microsoft Hyper-V. VS1 hosts 10 virtual machines.
You need to configure VS1 to shut down each virtual machine before the server shuts down.
What should you do?
A. Create a shutdown script on each virtual machine.
B. Install Integration Services on each virtual machine.
C. Enable the Turn off the virtual machine option in the Automatic stop action properties on each virtual machine.
D. Enable the Shut down the guest operating system option in the Automatic stop action properties on each virtual machine.
Answer: D

9. Your company has a server named Server1 that runs Windows Server 2008 and Microsoft Hyper-V. Server1 hosts three virtual machines.
Company policy states that the virtual machines must not connect to the company network.
You need to configure all of the virtual machines to connect to each other. You must meet the company policy.
Which two actions should you perform? (Each answer presents part of the solution. Choose two.)
A. Select the Not connected option for each virtual machine.
B. Enable the Enable virtual LAN identification option for each virtual machine.
C. Set the Connection to Host for the network interface card.
D. Set the Connection to None for the network interface card.
Answer: B AND C

10. You have two servers that run Windows Server 2008 named Server1 and Server2. Both servers have the Windows Server virtualization role service installed.
You need to remotely manage the virtualization settings of Server2 from Server1.
What should you do?
A. From the command prompt, run vmconnect.exe server2.
B. From the command prompt, run vmconnect.exe server1 server2.
C. Open the Virtualization Management Console. From the left-hand pane, right-click Server1, point to New and then click Virtual machine.
D. Open the Virtualization Management Console. From the left-hand pane, right-click Virtualization Services and then click Connect to Server.
Answer: D

11. You have a server that runs Windows Server 2008. The server has the Windows Server virtualization role service installed.
You create a new virtual machine and perform an installation of Windows Server 2008 on the virtual machine. You configure the virtual machine to use the physical network card of the host server.
You notice that you are unable to access network resources from the virtual machine.
You need to ensure that the virtual host can connect to the physical network.
What should you do?
A. On the host server, install the MS Loopback adapter.
B. On the host server, enable the Multipath I/O feature.
C. On the virtual machine, install the MS Loopback adapter.
D. On the virtual machine, install Windows Server virtualization Guest Integration Components.
Answer: D

12. You have a server that runs Windows Server 2008. The server has the Windows Server virtualization role service installed and has one virtual machine. The virtual machine runs Windows Server 2008.
You plan to install a new application on the virtual machine.
You need to ensure that you can restore the virtual machine to its original state in the event the application installation fails.
What should you do?
A. Log on to the virtual host and enable the Remote Differential Compression Features.
B. Log on to the virtual host and enable the Windows Recovery Disk feature.
C. From Virtualization Management Console, create a snapshot.
D. From Virtualization Management Console, save the state of the virtual machine.
Answer: C

13. You have a server that runs Windows Server 2008. The server has the Windows Server virtualization role service installed.
You need to merge a differencing disk and a parent disk.
What should you do?
A. Edit the parent disk.
B. Inspect the parent disk.
C. Edit the differencing disk.
D. Inspect the differencing disk.
Answer: C

14. You have a server that runs Windows Server 2008 and has the Windows Server Virtualization (WSv) server role installed.?
You create a new virtual machine.
You need to configure the virtual machine to meet the following requirements:
Allow network communications between the virtual machine and the host system.
Prevent communications with other network servers.
What should you do first?
A. Install the Microsoft Loopback Adapter.
B. Create a new Virtual Network Switch.
C. Enable Internet Connection Sharing (ICS).
D. Set the Connection to None for the network interface card.
Answer: B

15. You have a server that runs Windows Server 2008 Enterprise Edition. The server has the Failover Clustering feature installed. The server has three nodes named NODE1, NODE2, and NODE3.
The Microsoft Distributed Transaction Coordinator (MSDTC) resource is installed on the cluster. The cluster has a dedicated cluster group named Group1 that includes the MSDTC resource.
You discover that Group1 is unable to failover to NODE3 from NODE1 or NODE2. The failover from NODE1 to NODE2 functions without errors.
You need to configure Group1 to support the failover between all cluster nodes.
What should you do?
A. Remove the MSDTC resource from Group1.
B. Select NODE3 as a preferred owner for Group1.
C. Remove NODE3 as a possible owner from all cluster resources in Group1.
D. Configure NODE3 as a possible owner for all cluster resources in Group1.
Answer: D

16. Your company named Contoso, Ltd. Has a two-node Network Load Balancing cluster. The cluster is intended to provide high availability and load balancing for only the intranet Web site. The name of the cluster is web.contoso.com.
You discover that Contoso users can see the Network Load Balancing cluster in the network neighborhood and can connect to various services by using the web.contoso.com name. The web.contoso.com Network Load Balancing cluster is configured with only one port rule.
You need to configure the web.contoso.com Network Load Balancing cluster to accept only HTTP traffic.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Log on to one of the cluster nodes and run the wlbs disable all command.
B. Open the Network Load Balancing Clusters console and delete the default port rules.
C. Open the Network Load Balancing Clusters console and create a new Allow rule for TCP port 80.
D. Open the Network Load Balancing Clusters console and change the default port rule to a disabled port range rule.
Answer: B AND C

17. Your company named Contoso, Ltd. Has a Network Load Balancing cluster named nlb.contoso.com. The cluster hosts are named WEB1 and WEB2. The cluster is configured with a single port rule that evenly distributes HTTP traffic between both hosts.
You need to configure WEB2 to handle all HTTPS traffic for nlb.contoso.com. You must retain the even distribution of HTTP traffic between WEB1 and WEB2.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. In the properties for WEB2, change the Handling priority option for the TCP 443 port rule to the value of 1.
B. In the properties for WEB1, change the Handling priority option for the TCP 443 port rule to the value of 0.
C. In the properties for the cluster, create a new port rule for port TCP 443 that has the Filtering mode option set to Single host.
D. In the properties for the cluster, create a new port rule for port TCP 443 that has the Filtering mode option set to Multiple host and the Affinity option set to the value of Single.
Answer: A AND C

18. Your company has a single Active Directory domain. All the servers run Windows Server 2008. You have a server named FS1 that has the File Services role installed.
The company requires that the data disk drives provide redundancy.
The disks are configured as shown in the following exhibit.

You need to configure the hard disk drives to support RAID 1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Convert Disk 1 and Disk 2 to Dynamic.
B. Create a Striped Volume across Disk 1 and Disk 2.
C. Create a New Mirrored Volume by using Disk 1 and Disk 2.
D. Create a New Spanned Volume by using Disk 1 and Disk 2.
Answer: A AND C

19. You have two servers named FC1 and FC2 that run Windows Server 2008 Enterprise Edition. Both servers have the Failover Clustering feature installed. You configure the servers as a two-node cluster.
The cluster runs an application named APP1. Business hours for your company are 09:00 to 17:00. APP1 must be available during these hours. You configure FC1 as the preferred owner for APP1.
You need to prevent failback of the cluster during business hours.
What should you do?
A. Set the Period option to 8 hours in the Failover properties.
B. Set the Allow failback option to allow failback between 17 and 9 hours in the Failover properties.
C. Enable the Prevent failback option in the Failover properties.
D. Enable the If resource fails, attempt restart on current node policy for all APP1 resources. Set the Maximum restarts for specified period to 0.
Answer: B

20. Your company has a single Active Directory domain. All the servers run Windows Server 2008. You have a server named FS1 that has the File Services role installed.
The disks are configured as shown in the following exhibit.

You need to create a new drive volume to support data striping with parity.
What should you do?
A. Add another disk. Create a New RAID-5 Volume.
B. Create a new Striped Volume by using Disk 1 and Disk 2.
C. Create a New Mirrored Volume by using Disk 1 and Disk 2.
D. Create a New Spanned Volume by using Disk 1 and Disk 2.
Answer: A

21. Your company has a single Active Directory domain. All servers run Windows Server 2008.
You install an iSCSI storage area network (SAN) for a group of file servers.
Corporate security policy requires that all data communication to and from the iSCSI SAN must be as secure as possible.
You need to implement the highest security available for communications to and from the iSCSI SAN.
What should you do?
A. Create a Group Policy object (GPO) to enable the System objects: Strengthen default permission of internal systems objects setting.
B. Create a Group Policy object (GPO) to enable the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing setting.
C. Implement Ipsec security in the iSCSI Initiator Properties. Set up inbound and outbound rules by using Windows Firewall.
D. Implement mutual Microsoft Challenge Handshake Authentication Protocol (MS-CHAPv2) authentication in the iSCSI Initiator Properties. Set up inbound and outbound rules by using Windows Firewall.
Answer: C

22. A server named Server2 runs Windows Server 2008. The Terminal Services server role is installed on Server2.
You plan to deploy a new Terminal Services application on Server2. The application vendor confirms that the application can be deployed in a Terminal Services environment. The application does not use Microsoft Windows Installer packages for installation. The application makes changes to the current user registry during installation.
You need to install the application to support multiple user sessions.
What should you do?
A. Run the mstsc /v:Server2 /console command from the client computer to log on to Server2. Install the application.
B. Run the change user /execute command on Server2. Install the application and run the change user /install command on Server2.
C. Run the change user /install command on Server2. Install the application and run the change user /execute command on Server2.
D. Run the change logon /disable command on Server2. Install the application and run the change logon /enable command on Server2.
Answer: C

23. A server runs Windows Server 2008. The Terminal Services role is installed on the server.
You deploy a new application on the server. The application creates files that have an extension of .xyz.
You need to ensure that users can launch the remote application from their computers by double-clicking a file that has the .xyz extension.
What should you do?
A. Configure the Remote Desktop Connection Client on the users' computers to point to the server.
B. Configure the application as a published application by using a Remote Desktop Program file.
C. Configure the application as a published application by using a Windows Installer package file.
D. Configure the application as a published application by using a Terminal Server Web Access Web site.
Answer: C

24. Your company has an Active Directory domain. You have a server that runs Windows Server 2008. The Terminal Services role is installed on the server.
The company security policy does not allow users to copy and paste information to a local computer during a Terminal Services session.
You deploy the remote application named APP1.
You need to configure Terminal Services to meet the security requirement.
What should you do?
A. Enable the Use temporary folders per session option.
B. Change the Security Encryption Level to FIPS Compliant.
C. Deselect the Clipboard option in the RDP Settings for the published application.
D. Disable the Drive option in the RDP-Tcp Client Setting properties for the server.
Answer: C

25. Your company has an Active Directory domain. The company has a server named Server1 that has the Terminal Services role and the Terminal Services Web Access role installed. All client computers run Windows XP Service Pack 2 (SP2).
You deploy and publish an application named TimeReport on Server1. The Terminal Services Web Access role uses Active Directory Domain Services (AD DS) and Network Level Authentication is enabled.
You need to ensure that the users can launch TimeReport on Server1 from the Terminal Services Web Access Web page.
What should you do?
A. Disable publishing to AD DS for the TimeReport remote application.
B. Install the Remote Desktop Client 6.1 application on the client computers that run Windows XP SP2.
C. Publish TimeReport on Server1 as a Microsoft Windows Installer package. Distribute the Windows Installer package to the users.
D. Install the Terminal Services Gateway (TS Gateway) role on Server1. Reconfigure the TimeReport remote application publishing to reflect the change in the infrastructure.
Answer: B

26. You have a Terminal Server that runs Windows Server 2008.
You create a Windows Installer package for Microsoft Office Word 2007 by using Terminal Services RemoteApp (TS RemoteApp). You install the package on a client computer.
You double-click on a Word document and receive the following error. Windows cannot open this file.
You need to ensure that you can open the Word document by double-clicking on the file.
What should you do?
A. Recreate the Windows Installer package.
B. Modify the file association on the client computer.
C. Modify the file association on the TS RemoteApp server.
D. Install the Windows Installer package by using msiexec.exe.
Answer: C

27. You have a server that runs the Terminal Services Gateway (TS Gateway) role service. Users need to connect remotely through the gateway to desktop computers located in their offices.
You create a security group named Remote1 for the users who need to connect to computers in their offices.
You need to enable the users to connect to the TS Gateway.
What should you do?
A. Add the Remote1 security group to the local remote desktop users group on the TS Gateway server.
B. Create a client authorization policy. Add the Remote1 security group and enable Device redirection.
C. Create a resource authorization policy. Add the Remote1 security group and enable Users to connect to any resource.
D. Create a Group Policy object and enable the Set TS Gateway authentication method properties to Ask for credentials, use Basic protocol. Apply the policy to the TS Gateway server.
Answer: B

28. Your company has an Active Directory domain. The company has a server named Server1 that has the Terminal Services role and the Terminal Services Web Access role installed. The company has a server named Server2 that runs ISA Server 2006.
The company deploys the Terminal Services Gateway (TS Gateway) role on a new server named Server3. The company wants to use ISA as the SSL endpoint for Terminal Server connections.
You need to configure the TS Gateway role on Server3 to use ISA 2006 on Server2.
What should you do?
A. Configure the TS Gateway to use SSL HTTPS-HTTP bridging.
B. Configure the Terminal Services Connection Authorization Policy Store on Server3 to use Server2 as the Central Network Policy Server.
C. Export the SSL certificate from Server2 and install the SSL certificate on Server3. Configure the TS Gateway to use the SSL certificate from Server2.
D. Export a self-signed SSL certificate from Server3 and install the SSL certificate on Server2. Configure the ISA service on Server2 to use the SSL certificate from Server3.
Answer: A

29. Your company has an Active Directory domain. A server named Server1 runs Windows Server 2008. The Terminal Services role and the Terminal Services Web Access role service are installed on Server1.
You install the Terminal Services Gateway role service on Server1. You create the Terminal Services connection authorization policy. Users report that they cannot connect to Server1.
You need to ensure that users can connect to Server1.
What should you do?
A. Configure Network Access Protection (NAP) on Server1.
B. Configure the Terminal Services Resource Authorization Policy (RAP) on Server1.
C. Create a Terminal Services Group Policy object (GPO). Enable the Allow users to connect remotely using Terminal Services setting on the GPO. Link the GPO to the domain.
D. Create a Terminal Services Group Policy object (GPO). Enable the Set path for TS Roaming Profiles setting on the GPO. Create an organization unit (OU) named TSUsers. Link the GPO to the TSUsers OU.
Answer: B

30. Your company has an Active Directory domain. A server named Server2 runs Windows Server 2008. All client computers run Windows Vista.
You install the Terminal Services role, Terminal Services Web Access role service, and Terminal Services Gateway role service on Server2.
You need to ensure that all client computers have compliant firewall, antivirus software, and antispyware.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Configure Network Access Protection (NAP) on a server in the domain.
B. Add the Terminal Services servers to the Windows Authorization Access domain local security group.
C. Add the Terminal Services client computers to the Windows Authorization Access domain local security group.
D. Enable the Request clients to send a statement of health option in the Terminal Services client access policy.
Answer: A AND D