Get Prepared with fully updated Microsoft 70-642 Real Exam Questions and Accurate Answers for 70-642 Exam Dumps. Braindump2go IT experts review the 70-642 newly added qustions and suggest Correct Microsoft 70-642 Exam Questions Answers in Real Time. 100% Pass easily!
Vendor: Microsoft
Exam Code: 70-642
Exam Name: TS: Windows Server 2008 Network Infrastructure, Configuring
Keywords: 70-642 Exam Dumps,70-642 Practice Tests,70-642 Practice Exams,70-642 Exam Questions,70-642 Dumps,70-642 PDF,70-642 VCE,70-642 Study Guide
QUESTION 211
Your network contains two offices named Office1 and Office2.
The offices connect to each other by using a demand-dial connection.
You add a new subnet in Office2.
You need to ensure that a demand-dial connection starts when users attempt to connect to resources in the new Office2 subnet.
What should you do from the Remote Routing and Access console?
A. From the remote access server in Office2, right-click the demand-dial interface and click
Connect.
B. From the remote access server in Office1, right-click the demand-dial interface and click
Connect.
C. From the remote access server in Office1, right-click the demand-dial interface and click
Update Routes.
D. From the remote access server in Office2, right-click the demand-dial interface and click
Update Routes.
Answer: C
QUESTION 212
Your network contains a server named Server1 that has the Routing role service installed. Server1 has two network connections.
One network connection connects to the internal network.
The other network connection connects to the Internet.
All network connections connected to the internal network use private IP addresses.
You install a Web server named Web1.
Web1 hosts a secured Web site that only allows connections over TCP port 8281.
Web1 is connected to the internal network.
You need to ensure that the secure Web site can be accessed from the Internet.
What should you do from the Routing and Remote Access console?
A. Configure Routing Information Protocol (RIP), and then activate authentication on the RIP
interface.
B. Configure Routing Information Protocol (RIP), and then configure the incoming packet
protocol settings on the RIP interface.
C. Configure Network Address Translation (NAT), and then add a new service to the NAT
interface.
D. Configure Network Address Translation (NAT), and then enable the Secure Web Server
(HTTPS) service on the NAT interface.
Answer: C
Explanation:
This is a trick question.
The requirement here is to allow port 8281. Https is running on port 443.
So the answer is “C”.
QUESTION 213
Your network contains the servers configured as shown in the following table.
Your company is assigned the public IP addresses from 131.107.0.1 to 131.107.0.31.
You need to ensure that Web1 is accessible from the Internet by using https://131.107.0.2.
What should you do from the Routing and Remote Access console?
A. From the Static Routes node, configure a static route.
B. From the server properties, configure SSL Certificate Binding.
C. From the NAT interface, add an address pool and a reservation.
D. From the NAT interface, configure the Secure Web Server (HTTPS) service.
Answer: C
QUESTION 214
Your network contains a server named Server1 that runs Windows Server 2008 R2.
The network contains multiple subnets.
An administrator reports that Server1 fails to communicate with computers on remote subnets. You run route.exe print on Server1 as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that Server1 can communicate with all computers on the network.
What should you do?
A. Disable IPv6.
B. Change the subnet mask.
C. Add a default gateway address.
D. Change the default metric to 100.
Answer: C
QUESTION 215
Your network contains multiple servers that run Windows Server 2008 R2.
The servers have the Routing and Remote Access Services (RRAS) role service installed.
The servers are configured to support Routing Information Protocol (RIP).
You need to prevent the server from receiving routes for the 10.0.0.0 network.
What should you do from the Routing and Remote Access console?
A. From the RIP properties page, modify the General settings.
B. From the RIP properties page, modify the Security settings.
C. From the RIP interface properties page, modify the Security settings.
D. From the RIP interface properties page, modify the Neighbors settings.
Answer: C
QUESTION 216
Your network contains a server named Server1 that runs Windows Server 2008 R2.
Server1 has the Remote Access Service role service installed.
Server1 is configured as a VPN server.
You need to ensure that you can configure Server1 as a Network Address Translation (NAT) server.
What should you do first on Server1?
A. Enable IPv4 routing.
B. Enable IPv6 routing.
C. Add a new routing protocol.
D. Add the Routing role service.
Answer: D
QUESTION 217
Your network contains two servers named Server1 and Server2.
Server1 and Server2 run the Server Core installation of Windows Server 2008 R2.
You need to duplicate the Windows Firewall configurations from Server1 to Server2.
What should you use?
A. the Get-Item and the Set-Item cmdlets
B. the Get-Service and the Set-Service cmdlets
C. the Netsh tool
D. the Sconfig tool
Answer: C
Explanation:
Netsh advfirewal export/import
QUESTION 218
Your network contains two Active Directory sites named Site1 and Site2.
Site1 contains a server named Server1.
Server1 runs a custom application named App1.
Users in Site2 report that they cannot access App1 on Server1.
Users in Site1 can access App1.
Server1 has a Windows Firewall with Advanced Security rule named Rule1.
You discover that Rule1 blocks the connection to App1.
You verify that Server1 has no connection security rules.
You need to ensure that the Site2 users can connect to Server1.
What should you modify in Rule1?
A. the authorized computers list
B. the authorized users list
C. the edge traversal settings
D. the scope
Answer: D
QUESTION 219
Your network contains an Active Directory domain.
The domain contains a member server named Server1.
Server1 has a single network connection.
You need to log every attempt to connect to Server1 on a restricted port.
What should you do?
A. Change the settings of the private firewall profile.
B. Change the settings of the domain firewall profile.
C. Modify the properties of the inbound firewall rules.
D. Modify the properties of the outbound firewall rules.
Answer: B
Explanation:
As per the URL,
http://technet.microsoft.com/enus/library/cc947815(v=ws.10).aspx#bkmk_ToenableWindowsFirewallandconfigurethedefaultbehavior
The attached questions answer should be Option B, not option C , as logging cannot be set at inbound or outbound level. Only @ Profile level, since the member server is part of the domain.
1. Open the Group Policy Management Console to Windows Firewall with Advanced Security.
2. In the details pane, in the Overview section, click Windows Firewall Properties.
3. For each network location type (Domain, Private, Public), perform the following steps.
a. Click the tab that corresponds to the network location type.
b. Under Logging, click Customize.
c. The default path for the log is %windir%\system32\logfiles\firewall\pfirewall.log.
If you want to change this, clear the Not configured check box and type the path to the new location, or click Browse to select a file location.
Important
The location you specify must have permissions assigned that permit the Windows Firewall service to write to the log file.
d. The default maximum file size for the log is 4,096 kilobytes (KB). If you want to change this, clear the Not configured check box, and type in the new size in KB, or use the up and down arrows to select a size. The file will not grow beyond this size; when the limit is reached, old log entries are deleted to make room for the newly created ones.
e. No logging occurs until you set one of following two options:
To create a log entry when Windows Firewall drops an incoming network packet, change Log dropped packets to Yes.
To create a log entry when Windows Firewall allows an inbound connection, change Log successful connections to Yes.
f. Click OK twice.
QUESTION 220
Your network contains a server named Server1 that has Windows Server 2008 R2.
An administrator runs the following command on Server1:
netsh.exe advfirewall reset
You discover that you can no longer access Server1 on port 3389.
You need to ensure that you can access Server1 on port 3389.
Which firewall rule should you enable?
A. File and Printer Sharing (Echo Request – ICMPv4-In)
B. File and Printer Sharing (SMB-In)
C. Remote Desktop (TCP-In)
D. Remote Service Management (RPC)
Answer: C
Braindump2go Offers 100% money back guarantee on all products! Our products remain valid for a lifetime! Recently we update our 70-642 Exam Questions since the Microsoft Official Exam Center adds some new questions in 70-642 Exam Dumps. Braindump2go checks all Exam Dumps every day and guarantee all the exam questions are the latest and correct!