Microsoft 70-640 Actual Free Exam Questions & Community Discussion
Your network contains an Active Directory forest. The forest contains one domain named contoso.com.
You attempt to run adprep /forestprep and the operation fails.
You discover that the first domain controller deployed to the forest failed.
You need to run adprep /forestprep successfully.
What should you do?
You attempt to run adprep /forestprep and the operation fails.
You discover that the first domain controller deployed to the forest failed.
You need to run adprep /forestprep successfully.
What should you do?
Correct Answer: I
Vote an answer
Your network contains an Active Directory domain named contoso.com.
The domain has a branch site that contains a read-only domain controller (RODC) named
RODC1.
A user named User1 is a member of the Allowed RODC Password Replication Group. User1 frequently logs on to a computer in the branchsite.
You remove User1 from the Allowed RODC Password Replication Group.
You need to ensure that the password of User1 is no longer cached on RODC1.
What should you do?
The domain has a branch site that contains a read-only domain controller (RODC) named
RODC1.
A user named User1 is a member of the Allowed RODC Password Replication Group. User1 frequently logs on to a computer in the branchsite.
You remove User1 from the Allowed RODC Password Replication Group.
You need to ensure that the password of User1 is no longer cached on RODC1.
What should you do?
Correct Answer: C
Vote an answer
Your company has two Active Directory forests named contoso.com and fabrikam.com. Both forests run only domain controllers that run Windows Server 2008. The domain functional level of contoso.com is Windows Server 2008. The domain functional level of fabrikam.com is Windows Server 2003 Native mode.
You configure an external trust between contoso.com and fabrikam.com.
You need to enable the Kerberos AES encryption option.
What should you do?
You configure an external trust between contoso.com and fabrikam.com.
You need to enable the Kerberos AES encryption option.
What should you do?
Correct Answer: D
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory forest named contoso.com. The forest contains two domains. All domain controllers are configured as global catalog servers.
The forest root domain contains five domain controllers. The domain controllers are configured as shown in the following table.
You plan to create a custom attribute in Active Directory that will replicate to all of the global catalog servers.
You need to identify which domain controller must be online to perform the planned action.
Which domain controller should you identify?
The forest root domain contains five domain controllers. The domain controllers are configured as shown in the following table.
You plan to create a custom attribute in Active Directory that will replicate to all of the global catalog servers.
You need to identify which domain controller must be online to perform the planned action.
Which domain controller should you identify?
Correct Answer: D
Vote an answer
HOTSPOT
Your network contains an Active Directory domain named contoso.com.
You need to view which password setting object is applied to a user.
Which filter option in Attribute Editor should you enable? To answer, select the appropriate
filter option in the answer area.
Your network contains an Active Directory domain named contoso.com.
You need to view which password setting object is applied to a user.
Which filter option in Attribute Editor should you enable? To answer, select the appropriate
filter option in the answer area.
Correct Answer:
Your network contains an Active Directory domain. The domain contains 20 domain controllers.
You need to identify which domain controllers are global catalog servers.
Which tool should you use?
You need to identify which domain controllers are global catalog servers.
Which tool should you use?
Correct Answer: B
Vote an answer
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. DC1 hosts a standard primary zone for contoso.com.
You discover that non-domain member computers register records in the contoso.com zone.
You need to prevent the non-domain member computers from registering records in the contoso.com zone.
All domain member computers must be allowed to register records in the contoso.com zone.
What should you do first?
You discover that non-domain member computers register records in the contoso.com zone.
You need to prevent the non-domain member computers from registering records in the contoso.com zone.
All domain member computers must be allowed to register records in the contoso.com zone.
What should you do first?
Correct Answer: D
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
HOTSPOT
Your network contains two Active Directory forests named contoso.com and fabrikam.com. A two-way forest trust exists between the forests. Selective authentication is enabled on the trust. Fabrikam.com contains a server named Server1.
You assign Contoso\Domain Users the Manage documents permission and the Print
permission to a shared printer on Server1.
You discover that users from contoso.com cannot access the shared printer on Server1.
You need to ensure that the contoso.com users can access the shared printer on Server1.
Which permission should you assign to Contoso\Domain Users.
To answer, select the appropriate permission in the answer area.
Your network contains two Active Directory forests named contoso.com and fabrikam.com. A two-way forest trust exists between the forests. Selective authentication is enabled on the trust. Fabrikam.com contains a server named Server1.
You assign Contoso\Domain Users the Manage documents permission and the Print
permission to a shared printer on Server1.
You discover that users from contoso.com cannot access the shared printer on Server1.
You need to ensure that the contoso.com users can access the shared printer on Server1.
Which permission should you assign to Contoso\Domain Users.
To answer, select the appropriate permission in the answer area.
Correct Answer:
A corporate network includes a single Active Directory Domain Services (AD DS) domain.
The HR department has a dedicated organizational unit (OU) named HR. The HR OU has two sub-OUs: HR Users and HR Computers. User accounts for the HR department reside in the HR Users OU. Computer accounts for the HR department reside in the HR Computers OU. All HR department employees belong to a security group named HR Employees. All HR department computers belong to a security group named HR PCs.
Company policy requires that passwords are a minimum of 6 characters.
You need to ensure that, the next time HR department employees change their passwords, the passwords are required to have at least 8 characters. The password length requirement should not change for employees of any other department.
What should you do?
The HR department has a dedicated organizational unit (OU) named HR. The HR OU has two sub-OUs: HR Users and HR Computers. User accounts for the HR department reside in the HR Users OU. Computer accounts for the HR department reside in the HR Computers OU. All HR department employees belong to a security group named HR Employees. All HR department computers belong to a security group named HR PCs.
Company policy requires that passwords are a minimum of 6 characters.
You need to ensure that, the next time HR department employees change their passwords, the passwords are required to have at least 8 characters. The password length requirement should not change for employees of any other department.
What should you do?
Correct Answer: B
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.
You add a logoff script to an existing Group Policy object (GPO).
You need to verify that each domain controller successfully replicates the updated group policy.
Which two objects should you verify on each domain controller? (Each correct answer presents part of the solution. Choose two.)
You add a logoff script to an existing Group Policy object (GPO).
You need to verify that each domain controller successfully replicates the updated group policy.
Which two objects should you verify on each domain controller? (Each correct answer presents part of the solution. Choose two.)
Correct Answer: C,D
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
A company has an Active Directory forest. You plan to install an offline Enterprise root certification authority (CA) on a server named CA1. CA1 is a member of the PerimeterNetwork workgroup and is attached to a hardware security module for private key storage.
You attempt to add the Active Directory Certificate Services (AD CS) server role to CA1. The Enterprise CA option is not available.
You need to install the AD CS server role as an Enterprise CA on CA1.
What should you do first?
You attempt to add the Active Directory Certificate Services (AD CS) server role to CA1. The Enterprise CA option is not available.
You need to install the AD CS server role as an Enterprise CA on CA1.
What should you do first?
Correct Answer: C
Vote an answer
Explanation: Only visible for EduDump members. You can sign-up / login (it's free).
0
0
0
10