QUESTION 91
You perform a security audit of a server named CRM1. You want to build a list of all DNS requests that are initiated by the server. You install the Microsoft Network Monitor 3.0 application on CRM1. You capture all local traffic on CRM1 for 24 hours. You save the capture file as data.cap. You find that the size of the file is more than 1 GB. You need to create a file named DNSdata.cap from the existing capture file that contains only DNS-related data. What should you do?
A. Apply the display filter !DNS and save the displayed frames as a DNSdata.cap file.
B. Apply the capture filter DNS and save the displayed frames as a DNSdata.cap file.
C. Add a new alias named DNS to the aliases table and save the file as DNSdata.cap.
D. Run the nmcap.exe /inputcapture data.cap /capture DNS /file DNSdata.cap command.
Answer: D
QUESTION 92
Your network contains 100 servers that run Windows Server 2008 R2. A server named Server1 is deployed on the network. Server1 will be used to collect events from the Security event logs of the other servers on the network. You need to define the Custom Event Delivery Optimization settings on Server1. Which tool should you use?
A. Event Viewer
B. Task Scheduler
C. Wecutil
D. Wevtutil
Answer: C
QUESTION 93
Your network contains a server named Server1 that runs Windows Server 2008 R2. You need to ensure that an administrator is notified by e-mail if the Event Viewer logs any error. What should you do from the Event Viewer console?
A. Create a custom view, and then click the Filter Current Custom View action.
B. Create a custom view, and then click the Attach Task to This Custom View action.
C. From the System log, click the Filter Current Log action.
D. From the System log, select an Error event, and then click the Attach Task to This Event action.
Answer: B
QUESTION 94
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 has the Routing and Remote Access service (RRAS) role service installed. You need to view all inbound VPN packets. The solution must minimize the amount of data collected. What should you do?
A. From RRAS, create an inbound packet filter.
B. From Network Monitor, create a capture filter.
C. From the Registry Editor, configure file tracing for RRAS.
D. At the command prompt, run netsh.exe ras set tracing rasauth enabled.
Answer: B
QUESTION 95
Your network contains a server named Server1 that runs Windows Server 2008 R2. You have a user named User1. You need to ensure that User1 can schedule Data Collector Sets (DCSs) on Server1. The solution must minimize the number of rights assigned to User1. What should you do?
A. Add User1 to the Performance Log Users group.
B. Add User1 to the Performance Monitor Users group.
C. Assign the Profile single process user right to User1.
D. Assign the Bypass traverse checking user right to User1.
Answer: A
QUESTION 96
Your network contains two Windows Server Update Services (WSUS) servers named Server1 and Server2. Server1 is a member of a domain named contoso.com. Server2 is a standalone server. Server2 is configured as an autonomous downstream server. You need to ensure that all updates approved on Server1 are automatically approved on Server2. Which options should you modify?
A. Automatic Approvals
B. Products and Classifications
C. Synchronization Schedule
D. Update Source and Proxy Server
Answer: D
QUESTION 97
Your network contains a Windows Server Update Services (WSUS) server named Server1. You need to configure all WSUS client computers to download approved updates directly from the Microsoft Update servers. The solution must ensure that all WSUS client computers report successful installation of updates to Server1. What should you do?
A. From Active Directory, deploy a Group Policy object (GPO).
B. From Server1, modify the Update Source and Proxy options.
C. From Server1, modify the Update Files and Languages options.
D. From the WSUS client computers, modify the local computer policy.
Answer: C
QUESTION 98
You need to capture the HTTP traffic to and from a server every day between 09:00 and 10:00. What should you do?
A. Create a scheduled task that runs the Netsh tool.
B. Create a scheduled task that runs the Nmcap tool.
C. From Network Monitor, configure the General options.
D. From Network Monitor, configure the Capture options.
Answer: B
QUESTION 99
Your network contains 200 servers that run Windows Server 2008 R2. You need to archive the Security log for each server on a daily basis. Which tool should you use?
A. Netsh
B. Secedit
C. Wecutil
D. Wevtutil
Answer: D
QUESTION 100
Your network contains a server named Server1 that runs Windows Server 2008 R2. You need to identify which processes perform the most disk writes and disk reads per second. Which tool should you use?
A. Disk Management
B. Reliability Monitor
C. Resource Monitor
D. Storage Explorer
Answer: C
OFFER Microsoft 70-649 PDF and VCE Free Download