Microsoft 70-646 ExamPro: Windows Server 2008 - Server Administrator

Total Question: 262 Last Updated: Aug 19,2019
  • Updated 70-646 Dumps
  • Based on Real 70-646 Exams Scenarios
  • Free 70-646 pdf Demo Available
  • Check out our 70-646 Dumps in a new PDF format
  • Instant 70-646 download
  • Guarantee 70-646 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial
Home > 70-646

Latest Microsoft 70-646 braindumps (Topic 5)

26. Your network consists of a single Active Directory domain. The domain contains a

serverthat runs Windows Server 2008 R2 and that has the Remote Desktop Services server role installed.

The server has six custom Applications installed. The custom Applications are configured

as RemoteApps.

You notice that when a user runs one of the Applications, other users report that the server

seems slow and that some Applications become unresponsive.

You need to ensure that active user sessions receive equal access to system resources.

What should you do?

A. Implement Remote Desktop Web Access.

B. Implement Remote Desktop Connection Broker.

C. Configure Performance Monitor.

D. Implement Windows System Resource Manager.

Answer: D

Explanation:

http://technet.microsoft.com/en-us/library/cc771218%28WS.10%29.aspx

http://technet.microsoft.com/en-us/library/cc732553%28WS.10%29.aspx

Terminal Services and Windows System Resource Manager

Windows® System Resource Manager (WSRM) on Windows Server® 2008 allows you to

control how CPU and memory resources are allocated to applications, services, and

processes on thecomputer. Managing resources in this way improves system performance

and reduces the chance that applications, services, or processes will take CPU or memory

resources away from one another and slow down the performance of the computer.

Managing resourcesalso creates a more consistent and predictable experience for users of

applications and services running on the computer.

You can use WSRM to manage multiple applications on a single computer or users on a

computer on which

Terminal Services is installed.

Resource-Allocation Policies

WSRM uses resource-allocation policies to determine how computer resources, such as

CPU and memory, are allocated to processes running on the computer. There are two

resource-allocation policies that are specifically designedfor computers running Terminal

Services.The two Terminal Services-specific resource-allocation policies are:

Equal_Per_User

Equal_Per_Session

 

27. A company wants to prevent employees who accessthe company's Remote Desktop

Session Hosts (RD Session Hosts) from introducing malware onto the corporate network.

You have the following requirements:

Ensure that only client computers that have an up-to-date antivirus program

installed can connect to the RD Session Hosts.

Display a notification when a client computer that does not meet the antivirus

requirements attempts to connect to an RD Session Host. Provide information

about how to resolve the connection problem.

Ensure that client computers can access only the RD Session Hosts.

You need to recommend a Remote Desktop Services (RDS) management strategy that

meets the requirements.

What should you recommend? (More than one answer choice may achieve the goal. Select

the BEST answer.)

A. Deploy a Remote Desktop Gateway in a perimeter network. Install and configure a

Network Policy and Access Services server. Configure the System Health Validator.

Enable the Remote Desktop Gateway Network Access Protection Enforcement Client.

Configure Remote Desktop Connection Authorization Policies and Remote Desktop

Resource Authorization Polices.

B. Deploy the Routing and Remote Access Service in a perimeter network to support VPN

connections. Install and configure a Network Policy and Access Services server.

EnabletheNetwork Access Protection VPN Enforcement Client. Configure the System

Health Validator. Configure static routes on the VPN server to allow access only to the RD

Session Hosts.

C. Deploy a Remote Desktop Gateway in a perimeter network. Configure Remote Desktop

Connection Authorization Policies and Remote Desktop Resource Authorization Polices.

Configure a logon message.

D. Deploy the Routing and Remote Access Service in a perimeter network to support VPN

connections. Configure Connection Request Policies to specify which computers can

connect to the corporate network. Configure static routes on the VPN server to allow

access only to the RD Session Hosts.

Answer: A

Explanation:

NAP with SHVs configured will ensure that the AV is installed and up to date. if they ar not

you can direct them to a quarantine/remediation server to update

http://www.techrepublic.com/article/solutionbase-configuring-network-access-protection-forwindows-

server-2008/178022

RD RAP

Remote Desktop resource authorization policies(RD RAPs) allow you to specify the internal

network resources (computers) that remote users can connect to through an RD Gateway

server.

http://technet.microsoft.com/en-us/library/cc730630

RD CAP

Remote Desktop connection authorization policies (RD CAPs)allow you to specify who can

connect to an RD

Gateway server

http://technet.microsoft.com/en-us/library/cc731544

 

28. DRAG DROP

A company currently has a Remote Desktop Services (RDS) farm consisting of three

Remote Desktop Session Hosts (RD Session Hosts) and one Remote Desktop Session

Broker (RD Session Broker). The RD Session Hosts are configured to use Windows

Network Load Balancing.

The RDS servers run slowlyevery Monday morning between 9:00 A.M. and 11:00 A.M.

You establish that your third-party backup solution is running on the RDS servers at these

times and is causing the poor performance. Company policy mandates that the backup

must occur at this time.

You have the following requirements:

Implement Windows System Resource Manager (WSRM) on each of the RDS

servers to minimize the system resources utilized by the backup Application.

Ensure that WSRM runs only when required.

You need to configure WSRM.

Which actions should you perform in sequence?

To answer, move the appropriate actions from the list of actions to the answer area

andarrange them in the correct order. (Use only actions that Apply.)

blob.png

Answer:

blob.png

 

29. A company has Remote Desktop Services (RDS) servers that run Windows Server 2008

R2 and client computers that run Windows 7.

You are designing a non-production remote desktop infrastructure that you will use for evaluation purposes for 180 days. The remote desktop infrastructure must meet the

following requirements:

Maximize the security of remote desktop connections.

Minimize changes to the company's firewall configuration.

Provide external users with a secure connection from the Windows 7 Remote

Desktop client to the RDS environment.

You need to design a temporary remote desktop infrastructure that meets the

requirements.

Which services should you recommend? (More than one answer choice may achieve the

goal. Select the BEST answer.)

A. Remote Desktop Gateway, Remote Desktop Licensing, and Remote Desktop Session

Host

B. Remote Desktop Licensing, Remote Desktop Session Host, and Remote Desktop Web

Access

C. Only Remote Desktop Gateway and Remote Desktop Session Host

D. Only Remote Desktop Session Host and Remote Desktop Web Access

Answer: C

Explanation:

Its true that the evaluation period for RD is only 120 days and your requirements are 180

days. Maybe the question is inaccurate and it actually states 120 days?

But if you read http://technet.microsoft.com/en-us/library/cc738962%28WS.10%29.aspx it

says To allow ample time for you to deploy a Terminal Server license server,

TerminalServer provides a licensing grace period, during which no license server is

required. During this grace period, a terminal server can accept connections from

unlicensed clients without contacting a license server. The grace period begins the first

time theterminal server accepts a client connection. It ends after you deploy a license

server and that license server issues its first permanent client access license (CAL), or

after 120 days, whichever comes first.

In order for a license server to issue permanent CALs, you must activate the license server

and then purchase and install the appropriate number of permanent CALs. If a license

server is not activated, it issues temporary licenses. These temporary licenses allow clients

to connect to the terminal server for 90 days.

So is that the solution?

If you feel licensing is required then A is your answer, if you don't then C is your answer.

Remote Desktop Gateway (RD Gateway), formerly Terminal Services Gateway (TS

Gateway), is a role service in the Remote Desktop Services server role included with Windows Server® 2008 R2 that enables authorized remote users to connect to resources

on an internal corporate or private network, from any Internetconnected device that can run

the Remote Desktop Connection (RDC) client. The network resources can be Remote

Desktop Session Host (RD Session Host) servers, RD Session Host servers running

RemoteApp programs, or computers and virtual desktops with Remote Desktop enabled.

RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to establish a secure,

encrypted connection between remote users on the Internet and internal network resources

Why use Remote Desktop Gateway?

RD Gateway provides many benefits, including:

RD Gateway enables remote users to connect to internal network resources over the

Internet, by using an encrypted connection, without needing to configure virtual private

network (VPN) connections.

RD Gateway provides a comprehensive security configuration model that enables you to

control access to specific internal network resources. RD Gateway provides a point-to-point

RDP connection, rather than allowing remote users access to all internal network

resources.

RD Gateway enables most remote users to connect to internal network resources that are

hosted behindfirewalls in private networks and across network address translators (NATs).

With RD Gateway, you do not need to perform additional configuration for the RD Gateway

server or clients for this scenario.

Prior to this release of Windows Server, security measures prevented remote users from

connecting to internal network resources across firewalls and NATs. This is because port

3389, the port used for RDP connections, is typically blocked for network security

purposes.RD Gateway transmits RDP traffic to port443 instead, by using an HTTP Secure

Sockets Layer/Transport Layer Security (SSL/TLS) tunnel. Because most corporations

open port 443 to enable Internet connectivity, RD Gateway takes advantage of this network

design to provide remote access connectivity across multiple firewalls.

The Remote Desktop Gateway Manager enables you to configure authorization policies to

define conditions that must be met for remote users to connect to internal network

resources. For example, you can specify:

Who can connect to internal network resources (in other words, the user groups who can

connect).

What network resources (computer groups) users can connect to.

Whether client computers must be members of Active Directory security groups.

Whether device redirection is allowed.

Whether clients need to use smart card authentication or password authentication, or

whether they can use either method.

You can configure RD Gateway servers and Remote Desktop Services clients to use

Network Access Protection (NAP) to further enhance security. NAP is a health policy creation, enforcement, and remediation technology that is included in Windows Server®

2008 R2, Windows Server® 2008, Windows® 7, Windows Vista®, and Windows® XP

Service Pack 3. With NAP, system administrators can enforce health requirements, which

can include software requirements, security update requirements, required computer

configurations, and other settings. .

A Remote Desktop Session Host (RD Session Host) server is the server that hosts

Windows-based programs or the full Windows desktop for Remote Desktop Services

clients. Users can connect to an RD Session Host server to run programs, to save files,

and to use network resources on that server. Users can access an RD Session Host server

by using Remote Desktop Connectionor by using RemoteApp.

Remote Desktop Licensing

http://technet.microsoft.com/en-us/library/hh553157%28v=ws.10%29

Operating SystemGrace Period

Windows Server 2008R2 120 days

Windows Server 2008120 days

Windows Server 2003 R2 / Windows Server 2003120 days

Windows 2000 Server90 days

There has been some debate about licensing and some suggest you needed a license

server. however take a look here: http://support.microsoft.com/kb/948472

Evaluating Windows Server 2008 software does not require productactivation. Any edition

of Windows Server 2008 may be installed without activation, and it may be evaluated for 60

days. Additionally, the 60-day evaluation period may be reset (re-armed) three times. This

action extends the original 60-day evaluation period by up to 180 days for a total possible

evaluation time of 240 days.

 

30. Your company has two branch offices that connect by using a WAN link. Each office

contains a server that runs Windows Server 2008R2 and that functions as a file server.

Users in each office store data on the local file server. Users have access to data from the

other office.

You need to plan a data access solution that meets the following requirements:

Folders that are stored onthe file servers must be available to users in both offices.

Network bandwidth usage between offices must be minimized.

Users must be able to access all files in the event that a WAN link fails.

What should you include in your plan?

A. On both servers, implement DFS Replication.

B. On both servers, install and configure File Server Resource Manager (FSRM) and

FileReplication Service (FRS).

C. On one server, install and configure File Server Resource Manager (FSRM). On the

other server, install and configure File Replication Service (FRS).

D. On one server, install and configure Distributed File System (DFS). On the other server,

install and configure the Background Intelligent Transfer Service (BITS).

Answer: A

Explanation:

MCITP Self-Paced TrainingKit Exam 70-646 Windows Server Administration:

DFS Replication provides a multimaster replication engine that lets you synchronize folders

on multiple servers across local or WAN connections. It uses the Remote Differential

Compression (RDC) protocol to update only those files that have changed since the last

replication. You can use DFS Replication in conjunction with DFS Namespaces or by itself.

File Replication Service (FRS) The File Replication Service (FRS) enables you to

synchronize folders with file servers that use FRS. Where possible you should use the DFS

Replication (DFSR) service. You should install FRS only if your Windows Server 2008

server needs to synchronize folders with servers that use FRS with the Windows Server

2003 or Windows 2000 Server implementations of DFS.

The main tool for implementing shared folder replication in a Windows Server 2008 network

is DFS Replication.

Using DFS Namespace to Plan and Implement a Shared Folder Structure and Enhance

Data Availability

When you add the DFSManagement role service to the Windows Server 2008 File

Services Server role, the DFS Management console is available from the Administrative

Tools menu or from within Server Manager. This console provides the DFS Namespaces

and DFS Replication tools as shown in Figure 6-31 DFS Namespaces lets you group

shared folders that are located on different servers into one or more logically structured

namespaces. Each namespace appears to users as a single shared folder with a series of

subfolders.

This structure increases availability. You can use the efficient, multiple-master replication

engine provided by DFSR to replicate a DFS Namespace within a site and across WAN

links. A user connecting to files within the shared folder structures contained in the DFS

Namespace will automatically connect to shared folders in the same AD DS site (when

available) rather than across a WAN. You can have several DFS Namespace servers in a

site and spread over several sites, so if one server goes down, a user can still access files

within the shared folder structure.

Because DFSR is multimaster, a change to a file in the DFS Namespace on any DFS Namespace server is quickly and efficiently replicated to all other DFS Namespace servers

that hold that namespace. Note that DFSR replaces the File Replication Service (FRS) as

the replication engine for DFS Namespaces, as well as for replicating the AD DS SYSVOL

folder in domains that use the Windows Server 2008 domain functional level. You can

install FRS Replication as part of the Windows Server 2003 File Services role service, but

you should use it only if you need to synchronize with servers that use FRS with the

Windows Server 2003 or Windows 2000 Server implementations of DFS.

Get More Information : 70-646 exam