Microsoft exam 70-460 has been retired by Microsoft on 31st Jan 2017.
Thursday, 16 February 2017
Wednesday, 15 February 2017
70-460 Questions Answers
Question: 23
You have a domain controller that runs Windows Server 2008 R2 and is configured as a DNS server. You need to record all inbound DNS queries to the server. What should you configure in the DNS Manager console?
A. Enable debug logging.
B. Enable automatic testing for simple queries.
C. Configure event logging to log errors and warnings.
D. Enable automatic testing for recursive queries.
Answer: A
Explanation:
Event-monitoring utilities:
The Windows Server 2008 family includes two options for monitoring DNS servers:
Default logging of DNS server event messages to the DNS server log. DNS server event messages are separated and kept in their own system event log, the DNS server log, which you can view using DNS Manager or Event Viewer.
The DNS server log contains events that are logged by the DNS Server service. For example, when the DNS server starts or stops, a corresponding event message is written to this log. Most additional critical DNS Server service events are also logged here, for example, when the server starts but cannot locate initializing data and zones or boot information stored in the registry or (in some cases) Active Directory Domain Services (AD DS).
You can use Event Viewer to view and monitor client-related DNS events. These events appear in the System log, and they are written by the DNS Client service at any computers running Windows (all versions).
Optional debug options for trace logging to a text file on the DNS server computer. You can also use DNS Manager to selectively enable additional debug logging options for temporary trace logging to a text-based file of DNS server activity. The file that is created and used for this feature, Dns.log, is stored in the % systemroot%\System32\Dns folder. Using server debug logging options
The following DNS debug logging options are available:
Direction of packets: Send Packets sent by the DNS server are logged in the DNS server log file. Receive Packets received by the DNS server are logged in the log file.
You have a domain controller that runs Windows Server 2008 R2 and is configured as a DNS server. You need to record all inbound DNS queries to the server. What should you configure in the DNS Manager console?
A. Enable debug logging.
B. Enable automatic testing for simple queries.
C. Configure event logging to log errors and warnings.
D. Enable automatic testing for recursive queries.
Answer: A
Explanation:
Event-monitoring utilities:
The Windows Server 2008 family includes two options for monitoring DNS servers:
Default logging of DNS server event messages to the DNS server log. DNS server event messages are separated and kept in their own system event log, the DNS server log, which you can view using DNS Manager or Event Viewer.
The DNS server log contains events that are logged by the DNS Server service. For example, when the DNS server starts or stops, a corresponding event message is written to this log. Most additional critical DNS Server service events are also logged here, for example, when the server starts but cannot locate initializing data and zones or boot information stored in the registry or (in some cases) Active Directory Domain Services (AD DS).
You can use Event Viewer to view and monitor client-related DNS events. These events appear in the System log, and they are written by the DNS Client service at any computers running Windows (all versions).
Optional debug options for trace logging to a text file on the DNS server computer. You can also use DNS Manager to selectively enable additional debug logging options for temporary trace logging to a text-based file of DNS server activity. The file that is created and used for this feature, Dns.log, is stored in the % systemroot%\System32\Dns folder. Using server debug logging options
The following DNS debug logging options are available:
Direction of packets: Send Packets sent by the DNS server are logged in the DNS server log file. Receive Packets received by the DNS server are logged in the log file.
Thursday, 26 January 2017
70-460 Questions Answers
Question: 22
You need to configure security for the SSRS instance on SSRS01 to connect to SSAS and minimize downtime. What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
A. Register a service principal name for the Report Server service.
B. Register a service principal name for the Analysis Services service.
C. Configure SSRS01 to use the Negotiate authentication type.
D. Configure SSRS01 to use the Custom authentication type.
E. Restart the US service.
Answer: C,D,E
You need to configure security for the SSRS instance on SSRS01 to connect to SSAS and minimize downtime. What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
A. Register a service principal name for the Report Server service.
B. Register a service principal name for the Analysis Services service.
C. Configure SSRS01 to use the Negotiate authentication type.
D. Configure SSRS01 to use the Custom authentication type.
E. Restart the US service.
Answer: C,D,E
Wednesday, 4 January 2017
70-460 Questions Answers
Question: 21
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do?
A. Import the enterprise root CA certificate.
B. Configure the Certificate Revocation List Distribution Point extension.
C. Configure the Authority Information Access (AIA) extension.
D. Add the Server2 computer account to the CertPublishers group.
Answer: C
Explanation:
Configure a CA to Support OCSP Responders. To function properly, an Online Responder must have a valid Online Certificate Status Protocol (OCSP) Response Signing certificate. This OCSP Response Signing certificate is also needed if you are using a non-Microsoft OCSP responder.
Configuring a certification authority (CA) to support OCSP responder services includes the following steps:
1. Configure certificate templates and issuance properties for OCSP Response Signing certificates.
2. Configure enrollment permissions for any computers that will be hosting Online Responders.
3. If this is a Windows Server 2003–based CA, enable the OCSP extension in issued certificates.
4. Add the location of the Online Responder or OCSP responder to the authority information access extension on the CA.
5. Enable the OCSP Response Signing certificate template for the CA.
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do?
A. Import the enterprise root CA certificate.
B. Configure the Certificate Revocation List Distribution Point extension.
C. Configure the Authority Information Access (AIA) extension.
D. Add the Server2 computer account to the CertPublishers group.
Answer: C
Explanation:
Configure a CA to Support OCSP Responders. To function properly, an Online Responder must have a valid Online Certificate Status Protocol (OCSP) Response Signing certificate. This OCSP Response Signing certificate is also needed if you are using a non-Microsoft OCSP responder.
Configuring a certification authority (CA) to support OCSP responder services includes the following steps:
1. Configure certificate templates and issuance properties for OCSP Response Signing certificates.
2. Configure enrollment permissions for any computers that will be hosting Online Responders.
3. If this is a Windows Server 2003–based CA, enable the OCSP extension in issued certificates.
4. Add the location of the Online Responder or OCSP responder to the authority information access extension on the CA.
5. Enable the OCSP Response Signing certificate template for the CA.
Monday, 19 December 2016
70-460 Questions Answers
Question: 20
Your company has a main office and a branch office. You deploy a read-only domain controller (RODC) that runs Microsoft Windows Server 2008 to the branch office. You need to ensure that users at the branch office are able to log on to the domain by using the RODC. What should you do?
A. Add another RODC to the branch office.
B. Configure a new bridgehead server in the main office.
C. Decrease the replication interval for all connection objects by using the Active Directory Sites and Services console.
D. Configure the Password Replication Policy on the RODC.
Answer: D
Your company has a main office and a branch office. You deploy a read-only domain controller (RODC) that runs Microsoft Windows Server 2008 to the branch office. You need to ensure that users at the branch office are able to log on to the domain by using the RODC. What should you do?
A. Add another RODC to the branch office.
B. Configure a new bridgehead server in the main office.
C. Decrease the replication interval for all connection objects by using the Active Directory Sites and Services console.
D. Configure the Password Replication Policy on the RODC.
Answer: D
Friday, 19 August 2016
70-460 Questions Answers
Question: 19
Your company has a server that runs an instance of Active Directory Lightweight Directory Service (AD LDS).You need to create new organizational units in the AD LDS application directory partition.What should you do?
A. Use the dsmod OU <OrganizationalUnitDN> command to create the organizational units.
B. Use the Active Directory Users and Computers snap-in to create the organizational units on the AD LDS application directory partition.
C. Use the dsadd OU <OrganizationalUnitDN> command to create the organizational units.
D. Use the ADSI Edit snap-in to create the organizational units on the AD LDS application directory partition.
Answer : D
Your company has a server that runs an instance of Active Directory Lightweight Directory Service (AD LDS).You need to create new organizational units in the AD LDS application directory partition.What should you do?
A. Use the dsmod OU <OrganizationalUnitDN> command to create the organizational units.
B. Use the Active Directory Users and Computers snap-in to create the organizational units on the AD LDS application directory partition.
C. Use the dsadd OU <OrganizationalUnitDN> command to create the organizational units.
D. Use the ADSI Edit snap-in to create the organizational units on the AD LDS application directory partition.
Answer : D
Thursday, 28 July 2016
70-460 Questions Answers
QUESTION NO : 18
Your company has an Active Directory forest. The company has branch offices in three locations. Each location has an organizational unit. You need to ensure that the branch office administrators are able to create and apply GPOs only to their respective organizational units. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Run the Delegation of Control wizard and delegate the right to link GPOs for their branch organizational units to the branch office administrators.
B. Add the user accounts of the branch office administrators to the Group Policy Creator Owners Group.
C. Modify the Managed By tab in each organizational unit to add the branch office administrators to their respective organizational units.
D. Run the Delegation of Control wizard and delegate the right to link GPOs for the domain to the branch office administrators.
Answer: A,B
Your company has an Active Directory forest. The company has branch offices in three locations. Each location has an organizational unit. You need to ensure that the branch office administrators are able to create and apply GPOs only to their respective organizational units. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Run the Delegation of Control wizard and delegate the right to link GPOs for their branch organizational units to the branch office administrators.
B. Add the user accounts of the branch office administrators to the Group Policy Creator Owners Group.
C. Modify the Managed By tab in each organizational unit to add the branch office administrators to their respective organizational units.
D. Run the Delegation of Control wizard and delegate the right to link GPOs for the domain to the branch office administrators.
Answer: A,B
Subscribe to:
Comments (Atom)