QUESTION 31
Your company has deployed Network Access Protection (NAP) enforcement for VPNs. You need to ensure that the health of all clients can be monitored and reported. What should you do?
A. Create a Group Policy object (GPO) that enables Security Center and link the policy to the domain.
B. Create a Group Policy object (GPO) that enables Security Center and link the policy to the Domain
Controllers organizational unit (OU).
C. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to
Enabled. Link the policy to the domain.
D. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to
Enabled. Link the policy to the Domain Controllers organizational unit (OU).
Answer: A
QUESTION 32
Your company has a network that has 100 servers. A server named Server1 is configured as a file server. Server1 is connected to a SAN and has 15 logical drives. You want to automatically run a data archiving script if the free space on any of the logical drives is below 30 percent. You need to automate the script execution. You create a new Data Collector Set. What should you do next?
A. Add the Event trace data collector.
B. Add the Performance counter alert.
C. Add the Performance counter data collector.
D. Add the System configuration information data collector.
Answer: B
QUESTION 33
Your network contains a server named Server1 that runs Windows Server 2008 R2. You have a user named User1. You need to ensure that User1 can schedule Data Collector Sets (DCSs) on Server1. The solution must minimize the number of rights assigned to User1. What should you do?
A. Add User1 to the Performance Log Users group.
B. Add User1 to the Performance Monitor Users group.
C. Assign the Profile single process user right to User1.
D. Assign the Bypass traverse checking user right to User1.
Answer: A
QUESTION 34
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Routing and Remote Access service (RRAS) role service installed. You need to view all inbound VPN packets. The solution must minimize the amount of data collected. What should you do?
A. From RRAS, create an inbound packet filter.
B. From Network Monitor, create a capture filter.
C. From the Registry Editor, configure file tracing for RRAS.
D. At the command prompt, run netsh.exe ras set tracing rasauth enabled.
Answer: B
QUESTION 35
You perform a security audit of a server named CRM1. You want to build a list of all DNS requests that are initiated by the server. You install the Microsoft Network Monitor 3.0 application on CRM1. You capture all local traffic on CRM1 for 24 hours. You save the capture file as data.cap. You find that the size of the file is more than 1 GB. You need to create a file named DNSdata.cap from the existing capture file that contains only DNS-related data. What should you do?
A. Apply the display filter !DNS and save the displayed frames as a DNSdata.cap file.
B. Apply the capture filter DNS and save the displayed frames as a DNSdata.cap file.
C. Add a new alias named DNS to the aliases table and save the file as DNSdata.cap.
D. Run the nmcap.exe /inputcapture data.cap /capture DNS /file DNSdata.cap command.
Answer: D
QUESTION 36
You need to capture the HTTP traffic to and from a server every day between 09:00 and 10:00. What should you do?
A. Create a scheduled task that runs the Netsh tool.
B. Create a scheduled task that runs the Nmcap tool.
C. From Network Monitor, configure the General options.
D. From Network Monitor, configure the Capture options.
Answer: B
QUESTION 37
Your company has deployed Network Access Protection (NAP). You configure secure wireless access to the network by using 802.1X authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP. What should you do?
A. Configure all access points as RADIUS clients to the Remediation Servers.
B. Configure all access points as RADIUS clients to the Network Policy Server (NPS).
C. Create a Network Policy that defines Remote Access Server as a network connection method.
D. Create a Network Policy that specifies EAP-TLS as the only available authentication method.
Answer: B
QUESTION 38
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and eu.contoso.com. You install a Network Policy Server (NPS) named Server1 in the contoso.com domain. You need to ensure that Server1 can read the dial-in properties of the user accounts in the eu.contoso.com domain. What should you do?
A. In the contoso.com domain, add Server1 to the RAS and IAS Servers group.
B. In the contoso.com domain, add Server1 to the Windows Authorization Access group.
C. In the eu.contoso.com domain, add Server1 to the RAS and IAS Servers group.
D. In the eu.contoso.com domain, add Server1 to the Windows Authorization Access group.
Answer: C
QUESTION 39
Your network contains a Network Policy Server (NPS) named NPS1. You deploy a new NPS named NPS2. You need to ensure that NPS2 sends all authentication requests to NPS1. What should you modify on NPS2?
A. health policies
B. network policies
C. RADIUS clients
D. remote RADIUS server groups
Answer: D
QUESTION 40
You deploy a Windows Server 2008 R2 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows 7. The firewall is configured to allow only secured Web communications. You need to enable remote users to connect as securely as possible. You must achieve this goal without opening any additional ports on the firewall. What should you do?
A. Create an IPsec tunnel.
B. Create an SSTP VPN connection.
C. Create a PPTP VPN connection.
D. Create an L2TP VPN connection.
Answer: B
OFFER Microsoft 70-649 PDF and VCE Free Download