Pro: Windows Server 2008, Server Administrator
Question No: 61 – (Topic 1)
Your network consists of a single Active Directory domain. All servers run Windows Server 2008 R2. You plan to publish a Web site on two Web servers.
You need to deploy an availability solution for your Web servers that meets the following requirements:
->Supports the addition of more Web servers without interrupting client connections
->Ensures that the Web site is accessible even if a single server fails
What should you do?
Configure a failover cluster.
Configure a Web garden on each Web server.
Create a Network Load Balancing cluster.
Create two Application pools on each Web server.
Answer: C Explanation:
Windows Web Server 2008
Windows Web Server 2008 is designed to function specifically as a Web applications server. Other roles, such as Windows Deployment Server and Active Directory Domain Services, are not supported on Windows Web Server 2008. You deploy this server role either on a screened subnet to support a Web site viewable to external hosts or as an intranet server. As appropriate given its stripped-down role, Windows Web Server 2008 does not support the high-powered hardware configurations that other editions of Windows Server 2008 do.
Windows Web Server 2008 has the following properties:
The 32-bit version (x86) supports a maximum of 4 GB of RAM and 4 processors in SMP configuration.
The 64-bit version (x64) supports a maximum of 32 GB of RAM and 4 processors in SMP configuration.
Supports Network Load Balancing clusters.
You should plan to deploy Windows Web Server 2008 in the Server Core configuration, which minimizes its attack surface, something that is very important on a server that interacts with hosts external to your network environment. You should only plan to deploy the full version of Windows Web Server 2008 if your organization’s Web applications rely on features such as ASP.NET, because the .NET Framework is not included in a Server Core installation.
Configuring Windows Network Load Balancing
While DNS Round Robin is a simple way of distributing requests, Windows Server 2008 NLB is a much more robust form of providing high availability to applications. Using NLB, an administrator can configure multiple servers to operate as a single cluster and control the usage of the cluster in near real-time.
NLB operates differently than DNS Round Robin in that NLB uses a virtual network adapter on each host. This virtual network adapter gets a single IP and media access control (MAC) address, which is shared among the hosts participating in the load-balancing cluster. Clients requesting services from an NLB cluster have their requests sent to the IP address of the virtual adapter, at which point it can be handled by any of the servers in the cluster.
NLB automatically reconfigures as nodes are added and removed from the cluster. An administrator can add and remove nodes through the NLB Manager interface or the command line. For example, an administrator might remove each node in turn to perform maintenance on the nodes individually and cause no disruption in service to the end user. Servers within NLB clusters are in constant communication with each other, determining which servers are available with a process known as heartbeats and convergence. The heartbeat consists of a server participating in an NLB cluster that sends out a message each second to its NLB-participating counterparts.
When five (by default) consecutive heartbeats are missed, convergence begins. Convergence is the process by which the remaining hosts determine the state of the cluster.
During convergence, the remaining hosts listen for heartbeats from the other servers to determine the host with the highest priority, which is then selected as the default host for the NLB cluster. Generally, two scenarios can trigger convergence. The first is the missed heartbeat scenario mentioned earlier; the second is removal or addition of a server to the cluster by an administrator. The heartbeat is reduced by one half during convergence. A
less common reason for convergence is a change in the host configuration, such as a host priority.
Question No: 62 – (Topic 1)
Your network consists of a single Active Directory domain. The network contains a file server that runs Windows Server 2008 R2. All servers use internal storage only. You plan to deploy a client/server Application.
You need to deploy the Application so that it is available if a single server fails. You must achieve this goal while minimizing costs.
What should you do?
Deploy a failover cluster that uses No Majority: Disk Only.
Deploy a failover cluster that uses Node and File Share Disk Majority.
Deploy Distributed File System (DFS) and configure replication.
Answer: C Explanation:
Understanding Cluster Quorum Models
Quorums are used to determine the number of failures that can be tolerated within a cluster before the cluster itself has to stop running. This is done to protect data integrity and prevent problems that could occur because of failed or failing communication between nodes.
Quorums describe the configuration of the cluster and contain information about the cluster components such as network adapters, storage, and the servers themselves. The quorum exists as a database in the registry and is maintained on the witness disk or witness share. The witness disk or share keeps a copy of this configuration data so that servers can join the cluster at any time, obtaining a copy of this data to become part of the cluster.
One server manages the quorum resource data at any given time, but all participating servers also have a copy.
You can use the following four quorum models with Windows Server 2008 Failover Clusters:
Node Majority Microsoft recommends using this quorum model in Failover Cluster deployments that contain an odd number of cluster nodes. A cluster that uses the Node Majority quorum model is called a Node Majority cluster and remains up and running if the
number of available nodes exceeds the number of failed nodes-that is, half plus one of its nodes is available. For example, for a seven-node cluster to remain online, four nodes must be available. If four nodes fail in a seven-node Node Majority cluster, the entire cluster shuts down. You should use Node Majority clusters in geographically or network- dispersed cluster nodes. To operate successfully this model requires an extremely reliable network, high-quality hardware, and a third-party mechanism to replicate back-end data.
Node and Disk Majority Microsoft recommends using this quorum model in clusters that contain even numbers of cluster nodes. Provided that the witness disk remains available, a Node and Disk Majority cluster remains up and running when one-half or more of its nodes are available. A six-node cluster will not shut down if three or more nodes plus its witness disk are available. In this model, the cluster quorum is stored on a cluster disk that is accessible to all cluster nodes through a shared storage device using Serial Attached SCSI (SAS), Fibre Channel, or iSCSI connections. The model consists of two or more server nodes connected to a shared storage device and a single copy of the quorum data is maintained on the witness disk. You should use the Node and Disk Majority quorum model in Failover Clusters with shared storage, all connected on the same network and with an even number of nodes. In the case of a witness disk failure, a majority of the nodes need to remain up and running. For example, a six-node cluster will run if (at a minimum) three nodes and the witness disk are available. If the witness disk is offline, the same six-node cluster requires that four nodes are available.
Exam Tip If the 70-646 examination asks which quorum model is the closest to the traditional single-quorum device cluster configuration model, the answer is the Node and Disk Majority quorum model.
Node and File Share Majority This configuration is similar to the Node and Disk Majority model, but the quorum is stored on a network share rather than on a witness disk. A Node and File Share Majority cluster can be deployed in a similar fashion to a Node Majority cluster, but as long as the witness file share is available the cluster can tolerate the failure of half its nodes. You should use the Node and File Share Majority quorum model in clusters with an even number of nodes that do not utilize shared storage.
No Majority: Disk Only Microsoft recommends that you do not use this model in a production environment because the disk containing the quorum is a single point of failure. No Majority: Disk Only clusters are best suited for testing the deployment of built-in or custom services and applications on a Windows Server 2008 Failover Cluster. In this model, provided that the disk containing the quorum remains available, the cluster can sustain the failover of all nodes except one.
MORE INFO Quorum models webcast
Four quorum models are available with Windows Server 2008. For more information on the models, view the TechNet webcast at http://msevents.microsoft.com/CUI/WebCastEventDetails .aspx?
Question No: 63 – (Topic 1)
You need to recommend changes to Web1 to ensure that server backups can be performed remotely from Backup1.
Which two changes should you include in the recommendation? (Each correct answer presents part of the solution. Choose two.)
Install Windows PowerShell.
Install Windows Server Backup.
Modify the Windows Firewall settings.
Enable the IIS Management Service feature.
Question No: 64 – (Topic 1)
A company has a single Active Directory Domain Services (AD DS) domain and a single Remote Desktop Session Host (RD Session Host). The RD Session Host is approaching full memory capacity. All servers run Windows Server 2008 R2.
You are designing a Remote Desktop Services (RDS) infrastructure. The infrastructure must meet the following requirements:
->Allow infrastructure capacity to increase.
->Minimize the number of physical servers.
->Do not require administrative action on the client computers if the infrastructure capacity increases.
You need to design an RDS infrastructure that meets the requirements.
What should you recommend? (More than one answer choice may achieve the goal. Select the BEST answer.)
Migrate the RD Session Host to a virtual machine (VM) running in Microsoft Hyper-V. Add memory to the VM as demand increases.
Add RD Session Hosts as demand increases, and use Group Policy to direct users to
the correct server.
Install and configure Windows Server Resource Manager (WSRM) on the RD Session Host to control user resource allocation.
Implement an RD Session Host server farm and add servers as required.
Answer: A Explanation:
Virtualization meets the requirements easily enough, as capacity needs grow the VMs can be migrated to more powerful physical servers, again virtualization reduces the number of physical servers and finally as the actual RD Session Host wont change regardless of the location of that VM it will meet the third requirement Ans D does not meet the 3rd requirement
Ans C wont resolve the problem of running out of memory only that addition of RAM will resolve that issue
Ans B again does not meet the 3rd requirement
Question No: 65 – (Topic 1)
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2.
You need to plan an auditing strategy that meets the following requirements:
->Audits all changes to Active Directory Domain Services (AD DS)
->Stores all auditing data in a central location
What should you include in your plan?
Configure an audit policy for the domain. Configure Event Forwarding.
Configure an audit policy for the domain controllers. Configure Data Collector Sets.
Implement Windows Server Resource Manager (WSRM) in managing mode.
Implement Windows Server Resource Manager (WSRM) in accounting mode.
Answer: A Explanation:
MCITP Self-Paced Training Kit Exam 70-646 Windows Server Administration:
The configuration of a subscription filter is more like the configuration of a custom view in that you are able to specify multiple event log sources, rather than just a single Event Log source. In addition, the subscription will be saved whereas you need to re-create a filter
each time you use one. By default, all collected Event Log data will be written to the Forwarded Event Event Log. You can forward data to other logs by configuring the properties of the subscription. Even though you use a filter to retrieve only specific events from source computers and place them in the destination log, you can still create and apply a custom view to data that is located in the destination log. You could create a custom view for each source computer, which would allow you to quickly limit events to that computer rather than viewing data from all source computers at the same time.
You configure collector initiated subscriptions through the application of Group Policy. To do this you must configure the collector computer in the same manner as you did in the previous steps. When configuring the subscription type, select Source Computer Initiated rather than Collector Initiated. To set up the source computers, apply a GPO where you have configured the Computer Configuration\Policies\AdministrativeTemplates\Windows Components\Event Forwarding node and configure the Server Address, Refresh Interval, And Issuer Certificate policy with the details of the collector computer, as shown in Figure 7-10.
Auditing enhancements You can use the new Directory Service Changes audit policy subcategory when auditing Windows Server 2008 AD DS. This lets you log old and new values when changes are made to AD DS objects and their attributes. You can also use this new feature when auditing Active Directory Lightweight Directory Services (AD LDS).
Planning AD DS Auditing
In Windows Server 2008, the global audit policy Audit Directory Service Access is enabled by default. This policy controls whether auditing for directory service events is enabled or disabled. If you configure this policy setting by modifying the Default Domain Controllers Policy, you can specify whether to audit successes, audit failures, or not audit at all. You can control what operations to audit by modifying the System Access Control List (SACL) on an object. You can set a SACL on an AD DS object on the Security tab in that object’s Properties dialog box.
As an administrator one of your tasks is to configure audit policy. Enabling success or failure auditing is a straightforward procedure. Deciding which objects to audit; whether to audit success, failure or both; and whether to record new and old values if changes are made is much more difficult. Auditing everything is never an option-too much information is as bad as too little. You need to be selective. In Windows 2000 Server and Windows Server 2003, you could specify only whether DS access was audited. Windows Server 2008 gives you more granular control. You can audit the following:
DS changes (old and new values) DS replication
Question No: 66 – (Topic 1)
Your network consists of a single Active Directory domain. All domain controllers run Windows Server 2008 R2. All servers run Windows Server 2008 R2. All client computers run Windows 7.
You need to generate a monthly report on the status of software updates for the client computers.
Your solution must meet the following requirements:
->Display all of the operating system updates that installed successfully
->Display all of the Microsoft Application updates that installed successfully
->Display all of the operating system updates that failed to install
->Display all of the Microsoft Application updates that failed to install
->Minimize administrative effort
What should you do?
Install Microsoft System Center Essentials (Essentials) 2007. Deploy management agents on all client computers.
Install Microsoft System Center Configuration Manager (SysMgr) 2007. Deploy management agents on all client computers.
Install Windows Server Update Services (WSUS) 3.0 SP2. Configure Windows Update by using a Group Policy object (GPO).
Deploy Microsoft Baseline Security Analyzer (MBSA) 2.1 on the client computers. Run MBSA on each client computer, and save the report to a shared folder on the network.
Answer: C Explanation:
http://technet.microsoft.com/en-us/library/dd939886(WS.10).aspx What’s new in this release?
Integration with Windows Server庐 2008 R2
Support for the BranchCache庐 feature in Windows Server 2008 R2
Support for Windows庐 7 client computers New features
Automatic approval rules include the ability to specify the approval deadline date and time for all computers or for specific computer groups.
Improved handling of language selection for downstream servers includes a new warning dialog that appears when you decide to download updates only for specified languages.
New Update and Computer Status reports let you filter updates that are approved for installation. You can run these reports from the WSUS administration console or use the application programming interface (API) to incorporate this functionality into your own reports.
Windows Update Agent improvements
Client computer scan time is faster than previous versions.
Computers that are managed by WSUS servers can now run “scoped” scans against those servers, instead of performing a full scan. This results in faster scans for applications that use Microsoft Update APIs such as Windows Defender.
User experience improvements help users organize updates and provide greater clarity on update value and behavior.
Imaged computers are more clearly displayed in the WSUS administration console. For more information, see article 903262 in the Microsoft Knowledge Base.
Prevents APIs that are called by non-local system callers in a non-interactive session from failing.
Prevents error code 0x80070057 when you try to install 80 or more updates at the same time from the Windows Update Web page or from the Microsoft Update Web page.
Improves scan times for Windows Update
Improves the speed at which signature updates are delivered
Enables support for Windows Installer reinstallation functionality
Improves error messaging
Question No: 67 – (Topic 1)
Your network consists of a single Active Directory domain. The domain contains a file server named Server1 that runs Windows Server 2008 R2. The file server contains a shared folder named UserDocs. Each user has a subfolder in UserDocs that they use to store personal data.
You need to design a data management solution that meets the following requirements:
->Limits the storage space that is available to each user in UserDocs
->Sends a notification to the administrator if a users attempts to save multimedia files in UserDocs
->Minimizes administrative effort
What should you include in your design?
Configure NTFS quotas on UserDocs. Configure a task in Event Viewer to send an
Configure NTFS quotas on UserDocs. Schedule a script to monitor the contents of UserDocs and send an email notification if a multimedia file is found.
Install the File Server Resource Manager (FSRM) role service on Server1. Configure event subscriptions.
Install the File Server Resource Manager (FSRM) role service on Server1. Configure hard quotas and file screening.
Answer: D Explanation:
MCITP Self-Paced Training Kit Exam 70-646 Windows Server Administration: Creating Quotas
If the FSRM File Services server role is installed, you can use FSRM to create quotas. The Create Quota dialog box is shown in Figure 6-13. Note that you will be unable to access this box if you have not installed the appropriate server role, which you will do in the practice session later in this lesson.
The Create Quota dialog box
You specify a path to the volume or folder for which you want to create the quota and then specify whether you want to create a quota only on that path or whether a template-based quota will be automatically generated and applied to existing and new subfolders on the path of the parent volume or folder. To specify the latter action, select Auto Apply Template And Create Quotas On Existing And New Subfolders. Typically you would select Derive Properties From This Quota Template (Recommended) and select a template. You can, if you want, define custom quota properties, but this is not recommended. You can select templates that specify the quota size that is allocated to each user and whether the quota is hard or soft. A hard quota cannot be exceeded. A user can exceed a soft quota, but typically exceeding the quota limit generates a report in addition to sending an e-mail notification and logging the event. Soft quotas are used for monitoring. Quota templates include the following:
100 MB Limit This is a hard quota. It e-mails the user and specified administrators if the100 percent quota limit has been reached and writes an event to the event log.
200 MB Limit Reports to User This is a hard quota. It generates a report, sends e-mails, and writes an event to the event log if the 100 percent quota limit has been reached.
200 MB Limit with 50 MB Extension Technically this is a hard quota because it performs an action when the user attempts to exceed the limit, rather than merely monitoring the exceeded limit. The action is to run a program that applies the 250 MB Extended Limit template and effectively gives the user an additional 50 MB.
E-mails are sent and the event is logged when the limit is extended.
250 MB Extended Limit The 250 MB limit cannot be exceeded. E-mails are sent and the event is logged when the limit is reached.
Monitor 200 GB Volume Usage This is a soft quota that can be applied only to volumes. It is used for monitoring.
Monitor 50 MB Share Usage This is a soft quota that can be applied only to shares. It is used for monitoring.
Managing File Screens
You can use FSRM to create and manage file screens that control the types of files that users can save, and generate notifications when users attempt to save unauthorized files. You can also define file screening templates that you can apply to new volumes or folders and use across your organization.
FSRM also enables you to create file screening exceptions that extend the flexibility of the file screening rules.
You could, for example, ensure that users do not store music files in personal folders, but you could allow storage of specific types of media files, such as training files that comply
with company policy. You could also create an exception that allows members of the senior management group to save any type of file they want to (provided they comply with legal restrictions).
You can also configure your screening process to notify you by e-mail when an executable file is stored on a shared folder. This notification can include information about the user who stored the file and the file’s exact location.
Exam Tip File screens are not specifically included on the objectives for the 70-646 examination. You should know what they are, what they do, and that you can manage them from FSRM. You probably will not come across detailed questions about file screen configuration.
Question No: 68 – (Topic 1)
Your company purchases 15 new 64bit servers as follows:
->Five of the servers have a single processor.
->Five of the servers have a single dual core processor.
->Five of the servers have two quad core processors.
You plan to deploy Windows Server 2008 R2 on the new servers by using Windows Deployment Services (WDS). You need to recommend a WDS install image strategy that meets the following requirements:
->Minimizes the number of install images
->Supports the deployment of Windows Server 2008 R2
What should you recommend?
one install image file that contains three install images
one install image file that contains a single install image
two install image files that each contain a single install image
three install image files that each contain a single install image
Answer: B Explanation:
You only need one image per processor type Windows Deployment Services Images
Windows Deployment Services uses two different types of images: install images and boot images. Install images are the operating system images that will be deployed to Windows Server 2008 or Windows Vista client computers. A default installation image is located in the \Sources directory of the Windows Vista and Windows Server 2008 installation DVDs. If
you are using WDS to deploy Windows Server 2008 to computers with different processor architectures, you will need to add separate installation images for each architecture to the WDS server. Architecture-specific images can be found on the architecture-specific installation media. For example, the Itanium image is located on the Itanium installation media and the x64 default installation image is located on the x64 installation media.
Although you can create custom images, you only need to have one image per processor architecture. For example, deploying Windows Server 2008 Enterprise Edition x64 to a computer with 1 x64 processor and to a computer with 8 x64 processors in SMP configuration only requires access to the default x64 installation image. Practice exercise 2 at the end of this lesson covers the specifics ol adding a default installation image to a WDS server.
Question No: 69 – (Topic 1)
Your network consists of a single Active Directory domain. Users access and share documents by using a DFS namespace.
You need to recommend a solution to manage user access to documents. The solution must meet the following requirements:
->Allow for document versioning
->Allow for online collaboration
What should you recommend?
File Server Resource Manager (FSRM)
Volume Shadow Copy Service (VSS)
Microsoft SharePoint Foundation 2010
Windows System Resource Manager (WSRM)
Answer: C Explanation:
sharepoint allows collaboration and versioning http://www.plusconsulting.com/WhitePapers/SharePoint 2010 Business Value% 20WhitePaper.pdf
Question No: 70 DRAG DROP – (Topic 1)
A company has a print server that runs Windows Server 2003 R2 Enterprise (x86). The print server is configured with 2S0 print queues.
You are planning to migrate the print server to a new server that runs Windows Server 2008 R2 Enterprise. The destination server has the Print and Document Services role installed.
You need to ensure that printer queues migrate successfully.
Which actions should you perform in sequence?
To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order, (use only actions that Apply.)
http://technet.microsoft.com/en-us/library/cc722360.aspx Migrating print servers
Using the Windows interface Using a command prompt
To migrate print servers by using Print Management Open Print Management.
In left pane, click Print Servers, right-click the print server that contains the printer queues that you want to export, and then click Export printers to a file. This starts the Printer Migration Wizard.
On the Select the file location page, specify the location to save the printer settings, and then click Next to save the printers.
Right-click the destination computer on which you want to import the printers, and then click Import printers from a file. This launches the Printer Migration Wizard.
On the Select the file location page, specify the location of the printer settings file, and then click Next.
On the Select import options page, specify the following import options:
Import mode. Specifies what to do if a specific print queue already exists on the destination computer.
List in the directory. Specifies whether to publish the imported print queues in the Active Directory Domain Services.
Convert LPR Ports to Standard Port Monitors. Specifies whether to convert Line Printer Remote (LPR) printer ports in the printer settings file to the faster Standard Port Monitor when importing printers.
Click Next to import the printers.
To migrate print servers by using a command prompt
To open a Command Prompt window, click Start, click All Programs, click Accessories, right-click Command
Prompt, and then click Run as administrator. Type:
CD %WINDIR%\System32\Spool\Tools Printbrm -s \\lt;sourcecomputernamegt; -b -f
Type: Printbrm -s \\lt;destinationcomputernamegt; -r -f lt;filenamegt;.printerExport
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|