Académique Documents
Professionnel Documents
Culture Documents
(70-640)
Questions & Answers With Explanations Number of Questions Included: 213 Version: 2.78
QUESTION: 2 Unisoftnet.com has an Active Directory Domain Controller. All domain controllers are configured as DNS servers and have Windows Server 2008 installed. Only one Active-Directory integrated DNS zone is configured on the domain. You need to make sure that outdated DNS records are removed from the DNS zone automatically. What should you do to achieve this task? A. Modify the TTL of the SOA record by accessing the zone properties B. Disable updates from the zone properties C. Execute netsh/Reset DNS command from the Command prompt D. Enable Scavenging by accessing the zone properties
4 UNiSOFT Education Center 70-640 Unisoftnet.com has a main office and a branch office. All servers in both offices run Windows Server 2008. The offices are connected through a MAN link. Unisoftnet.com has an Active Directory domain that hosts a single domain called maks.Unisoftnet.com. There is a domain controller in the maks.Unisoftnet.com domain called UEC1. It is located in the main office. You have configured UEC1 as a DNS server for the maks.Unisoftnet.com DNS zone. It is configured as a standard primary zone. You are instructed to install a new domain controller called UEC2 in the branch office. After installing the domain controller, you install DNS on UEC2. You want to ensure that the DNS service on UEC2 can update records and resolve DNS queries in the event of a MAN link failure. What should you do to achieve this objective? A. Configure the DNS on UEC1 to forward requests to UEC2 B. Add a secondary zone named maks.Unisoftnet.com on UEC2 C. Convert maks.Unisoftnet.com on UEC1 to an Active Directory-integrated zone D. Configure a new stub zone on UEC1 and set the forwarding option to UEC2 Answer:C Explanation: To make sure that the DNS service on UEC2 can update records and resolve DNS queries in the event of a MAN link failure, you should convert maks.Unisoftnet.com on UEC1 to an Active Directory-integrated zone. Active Directory-integrated DNS offers two pluses over traditional zones. For one, the fault tolerance built into Active Directory eliminates the need for primary and secondary nameservers. Effectively, all nameservers using Active Directory-integrated zones are primary nameservers. This has a huge advantage for the use of dynamic DNS as well: namely, the wide availability of nameservers that can accept registrations. Recall that domain controllers and workstations register their locations and availability to the DNS zone using dynamic DNS. In a traditional DNS setup, only one type of nameserver can accept these registrations-the primary server, because it has the only read/write copy of a zone. By creating an Active Directory-integrated zone, all Windows Server 2008 nameservers that store their zone data in Active Directory can accept a dynamic registration, and the change will be propagated using Active Directory multimaster replication. Reference: http://safari.adobepress.com/9780596514112/active_directory-integrated_zones
QUESTION: 5 Unisoftnet.com has a DNS server with 10 Active Directory Integrated Zones. For auditing purposes, you need to provide copies of the zone files of the DNS server to the security audit group. What should you do to achieve this task?
UNiSOFT Education Center 70-640 A. Execute ntdsutil > Partition Management > Display commands B. execute ipconfig/registerdns command C. execute the dnscmd/ZoneExport command D. Execute dnscmd/Zoneoutput command
Answer:C QUESTION: 6 Unisoftnet.com has a domain controller named UEC11 that runs Windows Server 2008. It is configured as a DNS server for Unisoftnet.com. You install the DNS server role on a member server named S1 and after this, you create a standard secondary zone for Unisoftnet.com. You configure UEC11 as the master server for the zone. What should you do to make sure that S1 receives zone updates from UEC11? A. On Server1, add a conditional forwarder. B. On DC1, modify the zone transfer settings for the testking.com zone. C. Add the Server1 computer account to the DNSUpdateProxy group. D. On DC1, modify the permissions of testking.com zone. Answer:B QUESTION: 7 Unisoftnet.com has a network consisting of an Active Directory forest named ebd.com. All servers run Windows Server 2008. All domain controllers are configured as DNS servers. The ebd.com DNS zone is stored in the ForestDnsZones Active directory partition. A member server contains a standard primary DNS zone for eb.ebd.com. You need to make sure that all domain controllers can resolve names for eb.ebd.com. What should you do to achieve this task? A. Create a delegation in the ebd.com zone B. Change the properties of SOA record in the eb.ebd.com zone C. Add NS record in the ebd.com zone D. Create a secondary zone on a Global catalog server Answer:A
QUESTION: 8 Unisoftnet.com has five Windows Server 2008 servers all are operating as domain controllers. Your DNS servers are all currently running as primary DNS zones. A DNS strategy which allows all DNS servers to hold the same database will need to be set up and your company necessitates that you use secure DNS dynamic updates for every client.
QUESTION: 11 Unisoftnet.com has a main office and single branch office in another state. Unisoftnet.com consists of a single Active-Directory domain forest. Unisoftnet.com has two domain controllers named UEC1 and UEC2. Both of the domain controllers run Windows Server 2008. The branch office has a Readonly domain controller (RODC) named UEC3. All domain controllers have DNS server role installed and they are configured as Active-Directory-integrated zones. All DNS zones are configured to allow secure updates only. You want to enable dynamic DNS updates on UEC3. What should you do to achieve this task? A. On DC1, create an active partition and configure the partition to store Active Directory-integrated zones B. Uninstall the Active Directory Domain services on UEC3 and reinstall it as a writeable domain controller C. Reconfigure RODC on UEC3 to allow dynamic updates D. Execute dnscmd/ZoneResetType command on UEC3 Answer:B Explanation: To enable the dynamic DNS updates on UEC3, you should uninstall the Active Directory Domain services on UEC3 and reinstall it as a writeable domain controller. A writeable domain controller performs originating updates and outbound replication. Reference: http://msdn.microsoft.com/en-us/library/cc207937.aspx
QUESTION: 12 Unisoftnet.com has a large network that consists of an Active Directory Forest containing a single domain. Windows Server 2008 is installed on all domain controllers. They are configured as DNS servers. Unisoftnet.com has an active directory-integrated zone with two Active Directory sites. Each site contains five domain controllers. You added a new NS record to the zone. You have to make sure that all domain controllers immediately receive the new NS record.
UNiSOFT Education Center 70-640 What should you do to achieve this task?
A. Execute repadmin/syncall from the command prompt B. Reload the zone from the DNS Manager console C. Create an SOA record from the DNS Manager console D. Shutdown and then, restart the DNS server service from services snap-in Answer:A QUESTION: 13 Unisoftnet.com has an Active Directory domain named comm.Unisoftnet.com. The domain contains two domain controllers named UEC1 and UEC2. Both servers have the DNS server role installed. You install a new DNS server named ns.Unisoftnet.com on the perimeter network. You configure UEC1 to forward all unresolved name requests to ns.Unisoftnet.com but you discover that the DNS forward option is unavailable on UEC2. You need to configure DNS forwarding on UEC2 server to forward unresolved name requests to ns.Unisoftnet.com server. Which of the following two actions should you perform to achieve this task? A. Clean the DNS cache on UEC2 B. Configure conditional forwarding on UEC2 C. Delete the Root zone on UEC2 D. Add zone forwarding on UEC2 Answer:B, C QUESTION: 14 Unisoftnet.com has a domain controller that runs Windows Server 2008. It is configured as a DNS server. You need to record all inbound DNS queries to the server. What should you configure in the DNS Manager Console? A. To log errors and warnings, configure event logging B. Disable automatic logs for recursive queries C. Enable automatic testing for recursive queries D. Enable debug logging Answer:D QUESTION: 15 Unisoftnet.com has two Active Directory forests named Unisoftnet.com and Unisoftnet.com. The company network has three DNS servers named UECA, UECB, and UECC. The DNS servers are configured as shown in the Exhibit.
All computers that belong to the Unisoftnet.com domain have UECC configured as the preferred DNS server. All other computers use UECA as the preferred DNS server. Users from the Unisoftnet.com domain are unable to connect to the servers that belong to the Unisoftnet.com domain. You need to ensure users in the Unisoftnet.com domain are able to resolve all Unisoftnet.com queries. What should you do to achieve this task? A. Create a copy of the _msdcs.Unisoftnet.com zone on the UECC server. B. Configure conditional forwarding on UECA and UECB to forward Unisoftnet.com queries to UECC. C. Configure conditional forwarding on UECC to forward Unisoftnet.com queries to UECA. D. Create a copy of the Unisoftnet.com zone on the UECA server and the UECB server. Answer:C QUESTION: 16 A DNS client sends off a recursive inquiry to its local DNS server looking for the IP address of www.bigbrother.gov. The DNS server cannot find any local zones matching the requested domain name; therefore it forwards a request to a root name server. What should the root name server reply with? A. The IP address of the name server for the bigbrother.gov domain B. The DNS name of the .gov top-level domain C. The IP address of www.bigbrother.gov D. The IP address of the name server for the .gov top-level domain Answer:D Explanation: The root name server has control over the root domain and has to reply with the IP address of a name server for the .gov top-level domain. Upon receiving the IP address of the top-level domain the system should inquire for the bigbrother address.
10
11
12 UNiSOFT Education Center 70-640 Windows Server 2008 boasts a new fine-grained Password policy which permits an organization to have different Password as well as account lockout policies for diverse sets of users in the same domain.
QUESTION: 22 You are a systems administrator at Unisoftnet.com. You prevent users from starting or stopping a particular service on domain controllers. Which of the following tools can you use? A. Active Directory Users And Computers tool B. Domain Controller Security Policy C. Domain Security Policy D. Local System Policy Answer:B Explanation: The settings made in the Domain Controller Security Policy tool are only relevant to domain controllers. QUESTION: 23 Unisoftnet.com has a main office and ten branch offices. Unisoftnet.com has an Active Directory forest that hosts a single domain. Each office has one domain controller and each is configured as an Active Directory site. All sites are connected with the DEFAULTIPSITELINK object. You need to decrease the replication latency between the domain controllers. What should you do to achieve this task? A. Decrease the cost between the connection objects B. Decrease the connection replication interval for all connection objects C. Decrease the replication interval for the DEFAULTIPSITELINK object D. Increase the replication interval for the DEFAULTIPSITELINK object Answer:C
QUESTION: 24 The Unisoftnet.com network consists of a single Active Directory domain. Ten domain controllers are present in the domain. All domain controllers run Windows Server 2008 and are configured as DNS servers. You are instructed to create a new Active Directory-integrated zone. You need to make sure that the new zone is only replicated to four of your domain controllers. What should you do first?
13
UEC A
_msdes.Unisoftnet.com Unisoftnet.com
UEC B
-(root) _msdcs.Unisoftnet.com Unisoftnet.com
Domain users are unable to connect to Internet websites while using UECB as their preferred DNS server. You need to enable Internet name resolution for all client computers. What should you do to achieve this task? A. Delete the .(root) zone from UECB. Configure conditional forwarding on UECB. B. Update the Cache.dns file on UECB. Configure conditional forwarding on UECA. C. Create a copy of the .(root) zone on UECA. D. Update the list of root hints servers on UECB. Answer:A QUESTION: 26 Unisoftnet.com has an Active Directory forest. All domain controllers run Windows Server 2008 and are configured as DNS servers. You have an Active Directory-integrated zone for Unisoftnet.com. You have a Unix-based DNS server. You need to configure your Windows Server 2008 environment to allow zone transfers of the Unisoftnet.com zone to the Unix-based DNS server. What should you do in the DNS Manager console? A. Create a secondary zone. B. Enable BIND secondaries. C. Disable recursion.
14
QUESTION: 27 Unisoftnet.com has multiple remote locations linked to your main office via slow satellite links. You would like to install DNS into these offices for clients to be able to easily locate authoritative DNS servers in the main location. What of the following types of DNS servers should be installed in the remote locations? A. Primary DNS zones B. Secondary DNS zones C. Active Directory Integrated zones D. Stub zones Answer:D Explanation: Stub zones are extremely effective for use in slow WAN connections. These zones only store three types of resource records that being: NS records, glue host (A) records, and SOA records. These three records can be utilized to locate authoritative DNS servers.
QUESTION: 28 Unisoftnet.com has two master servers operating in your environment, a primary master and a secondary master. These DNS servers are responsible for the zone example.com. Whilst the secondary master has the domain transferred, which part of the DNS zone does it use to establish whether or not the zone data has changed? A. The TTL, or time to live B. The NS record C. The serial number D. The database record tombstone Answer:C Explanation: The serial number is utilized by secondary servers to establish whether or not the zone data has changed. This value is routinely updated with Windows Server 2008 DNS server by default. The zone's TTL is used to verify what time to query for an update of the zone file from the master server except if a Notify message has been sent by the master server in the interim.
15