MCITP

Exam 70-688 Supporting Windows 8.1

Published: January 18, 2013
Languages: English, Chinese (Simplified), French, German, Japanese, Portuguese (Brazil)
Audiences: IT professionals
Technology: Windows 8.1
Credit toward certification: MCP, MCSA, MCSE

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

As of January 2014, this exam includes content covering Windows 8.1.

Support operating system and application installation (30–35%)
Support operating system installation
Support Windows To Go; manage boot settings, including native virtual hard disk (VHD) and multiboot; manage desktop images; customize a Windows installation by using Windows Preinstallation Environment (PE)
Support desktop apps
Desktop app compatibility using Application Compatibility Toolkit (ACT), including shims and compatibility database; desktop application co-existence using Hyper-V, RemoteApp, and App-V; installation and configuration of User Experience Virtualization (UE-V); deploy desktop apps by using Windows Intune
Support Windows Store and cloud apps
Install and manage software by using Office 365 and Windows Store apps; sideload apps by using Windows Intune; sideload apps into online and offline images; deep link apps by using Windows Intune; integrate Microsoft account, including personalization settings and Trusted PC

Preparation resources
Deployment considerations for Windows To Go
ACT deployment options
Windows upgrade and migration considerations

Support resource access (30–35%)
Support network connectivity
IPv4 and IPv6, including transition technologies; names resolution, including Peer Name Resolution Protocol (PNRP) and Domain Name System Security Extensions (DNSSECs); wireless networks and connections; network security, including Windows Firewall and IP security
Support remote access
Virtual private network (VPN), including Connection Manager Administration Kit (CMAK); Remote Desktop Protocol (RDP), including Remote Desktop Services Gateway access; DirectAccess; remote administration; Network Access Protection (NAP)
Support authentication and authorization
Multi-factor authentication, including certificates, virtual smart cards, picture passwords, and biometrics; workgroup versus domain, homegroup, computer and user authentication, including secure channel, account policies, credential caching, and Credential Manager; local account versus Microsoft account; Workplace Join
Support data storage
Distributed File System (DFS) client, including caching settings; storage spaces, including capacity and fault tolerance; optimizing data access by using BranchCache; OneDrive
Support data security
Permissions, including share, NTFS, and Dynamic Access Control (DAC); Encrypting File System (EFS), including Data Recovery Agent; access to removable media; BitLocker and BitLocker To Go, including Data Recovery Agent and Microsoft BitLocker Administration and Monitoring (MBAM)

Preparation resources
Windows authentication overview
Choosing a BranchCache design

Support Windows clients and devices (35–40%)
Support operating system and hardware
Resolve hardware and device issues, including STOP errors and Reliability Monitor; optimize performance by using Windows Performance Toolkit (WPT), including Xperf.exe, Xbootmgr.exe, XperfView.exe, and Windows Performance Recorder (WPR); monitor performance by using Data Collector Sets, Task Manager, and Resource Monitor; monitor and manage printers, including NFC Tap-to-Pair and printer sharing; remediate startup issues by using the Diagnostics and Recovery Toolkit (DaRT)
Support mobile devices
Support mobile device policies, including security policies, remote access, and remote wipe; support mobile access and data synchronization, including Work Folders and Sync Center; support broadband connectivity, including broadband tethering and metered networks; support Mobile Device Management by using Windows Intune, including Windows RT, Windows Phone 8, iOS, and Android
Support client compliance
Manage updates by using Windows Update and Windows Intune, including non-Microsoft updates; manage client security by using Windows Defender, Windows Intune Endpoint Protection, or Microsoft System Center 2012 Endpoint Protection; manage Internet Explorer 11 security; support Group Policy application, including Resultant Set of Policy (RSoP), policy processing, and Group Policy caching
Manage clients by using Windows Intune
Manage user and computer groups; configure monitoring and alerts; manage policies; manage remote computers

Preparation resources
Microsoft Virtual Academy: Endpoint protection in System Center 2012 SP1
Repair and recovery


QUESTION 1
You administer Windows 8.1 Pro tablets that are members of an Active Directory domain. Your company policy allows users to download and install only certain few Windows Store apps.
You have created a new AppLocker Packaged Apps policy to help enforce the company policy.
You need to test the new AppLocker Packaged Apps policy before you implement it for the entire company.
What should you do?

A. Open PowerShell and run the Get-AppLockerPoIicy -Effective cmdlet to retrieve the AppLocker effective policy.
B. Open Group Policy Management console and run the Group Policy Modeling Wizard.
C. Open Group Policy Management console and run the Group Policy Results Wizard.
D. Open Group Policy Management console and enforce the new AppLocker policy in Audit Only mode.

Answer: D


QUESTION 2
You have client computers that run Windows 8 Pro.
You need to recommend a solution to roll back the Windows Defender engine and the malware signature files on the computers. The solution must minimize administrative effort.
What should you include in the recommendation?

A. File History
B. the Program and Features Control Panel item
C. Windows 7 File Recovery
D. System Restore points

Answer: D


QUESTION 3
You administer Windows 8.1 Enterprise laptops. All of the computers are members of an Active Directory domain.
When traveling, users access the corporate network by using a virtual private network (VPN).
You need to implement two-factor authentication.
Which of the following should you use?

A. EAP-TLS
B. MS-CHAP v2
C. 802.1X
D. RADIUS
E. PPTP
F. L2TP/IPSEC
G. IPSEC/IKEv2
H. SSTP

Answer: D


QUESTION 4
You support desktop computers that run Windows 8 Pro and are used as guest terminals in a reception area. They are connected to the Internet and are configured with automatic logon by using a local user account.
You discover new applications on the Start screen of the computers.
You need to restrict access to Windows Store for local user accounts on the computers.
What should you do?

A. From Local Computer Policy, navigate to App Package Deployment and disable All Trusted Apps to Install.
B. From Local Computer Policy, select Store and enable Turn off the Store application.
C. From Local Computer Policy, select Store and disable Turn off Automatic Downloads for
Updates.
D. From Local Computer Policy, select Store and disable Allow Store to install apps on Windows To Go workspaces.

Answer: B


QUESTION 5
You manage client computers that run Windows 8 and are part of a workgroup.
These computers are configured to use Microsoft Update. Updates are downloaded every day at 10:00 and installed automatically.
Users report that their computers sometimes reboot without any interaction.
You need to prevent unplanned automatic reboots of the computers.
What should you do?

A. Enable the Reschedule Automatic Updates scheduled installations policy setting.
B. Disable the Re-prompt for restart with scheduled installations policy setting.
C. Enable the Automatic Updates detection frequency policy setting.
D. Enable the No auto-restart with logged on users for scheduled automatic updates installations policy setting.

Answer: D

 

Click here to view complete Q&A of 70-688 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-688 Training at certkingdom.com

Exam 70-686 Windows 7, Enterprise Desktop Administrator

Published: November 20, 2009
Languages: English
Audiences: IT professionals
Technology: Windows 7
Credit toward certification: MCP, Specialist, MCITP

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Planning and managing a client life cycle strategy (16%)
Plan and manage client licensing and activation

Applications and operating systems; activation method; KMS vs. MAK; prerequisites; choosing a SKU; licensing infrastructure; licensing compliance audits; inventory audits; virtualization licensing considerations; making recommendations for licensing strategy and compliance

Plan and manage software updates

Application updates and operating system updates; evaluating and approving software updates; enterprise applications; designing an update strategy; choosing an update tool; planning and deploying a service pack; schedule considerations; network considerations; test updates; auditing for security compliance

Plan and manage a physical hardware and virtualization strategy

Analyzing existing hardware environment; determining which systems meet minimum requirements; tradeoffs of physical vs. VDI environment; network load considerations; disk space; direct connection vs. brokered connection; determining a VHD strategy; choosing 32 bit vs. 64 bit

Preparation resources
Licensing and volume activation
Application management and preparing for a Windows 7 deployment
Microsoft desktop virtualization strategy and product offerings

Designing a standard image (17%)

Design an image creation strategy

Identifying operating system and enterprise applications that will be included with the standard image; thick, thin, or hybrid; role-based or geographic-based images vs. single core image; image localization

Design a custom image

Identifying applications to be installed; identifying features and components to be enabled or disabled; testing the customized image

Define an image update strategy

Performance optimization; security considerations; efficiency; offline servicing vs. online or post-image updates; re-creating; recapturing

Preparation resources
Choosing an image strategy and building Windows 7 system images
Phase 3: Preparing and customizing your Windows image
Phase 5: Managing and servicing your Windows image

Designing client configurations (17%)
Design standard system settings

Choosing methods, including logon scripts, startup scripts, and Group Policy; designing profiles; designing error reporting; designing audit policy

Define client security standards

Application control policies; encryption; stopping unnecessary services; designing firewall rules; defining anti-malware settings; changes to Kerberos and NTLM; configuring user rights; defining UAC policy; designing a security template for system lockdown; defining account policies; designing security standards for removable storage

Define Windows Internet Explorer settings

Defining security zones; cache location; branding; in-private mode; restricting or allowing plug-ins; add-ons; privacy policy; browser protected mode

Preparation resources
Local Group Policy editor
Windows Firewall with Advanced Security design guide
Change Internet Explorer security settings

Designing a Windows 7 client deployment (15%)

Analyze the environment and choose appropriate deployment methods

Building the infrastructure; advantages of lite-touch vs. zero-touch vs. local install; capacity and scale considerations; determining required changes to the infrastructure

Design a lite-touch deployment strategy

Unicast vs. multicast; auto-cast vs. scheduled-cast; staggered deployment; scheduling considerations; network load considerations; choosing a client boot method for deployment; unattended answer files; restricting who can receive images; choosing a delivery mechanism

Design a zero-touch deployment strategy

Designing and configuring task sequencing; unattended answer files; scheduling considerations; staggered deployment; network load considerations; restricting who can receive images

Design a user state migration strategy

Determining which user data and settings to preserve; local vs. remote storage considerations; determining mitigation plan for non-migrated applications; securing migrated data; testing designed strategy; wipe-and-load migration vs. side-by-side migration

Preparation resources
Choose the right Microsoft deployment tool
Lite-Touch, High-Volume Deployment
Zero-Touch, High-Volume Deployment

Designing application packages for deployment (17%)
Design a delivery or deployment strategy

Auditing for prerequisites and minimum requirements; choosing a deployment method such as virtualized, Remote Desktop Services, Group Policy, or software distribution; server-based or client-based install; scheduling considerations; staggered deployment; network considerations; package creation standards

Manage application compatibility

Testing incompatibility; choosing a method for resolving incompatibility, such as upgrading, Remote Desktop Services, shim, or VDI; auditing incompatible software

Preparation resources
Choosing a deployment strategy
Application compatibility
Application compatibility for Windows 7: Unlocking the power of Application Shims

Identifying and resolving deployment and client configuration issues (19%)

Identify and resolve Internet Explorer issues

Security zones; Web applications; advanced settings; Group Policy restrictions; certificates

Identify and resolve Group Policy issues

Delegation; inheritance; policies are not effective; blocking; permissions; loopback processing; user vs. computer settings; filtering; performance

Identify and resolve networking issues

Wireless; remote access; VPN; certificates; performance; IP communication; Windows Firewall

Identify and resolve authentication and authorization issues

User rights; distinguishing between client-based and server-based issues; time synchronization (Kerberos)

Preparation resources
Troubleshooting
Windows Firewall with Advanced Security troubleshooting guide: Diagnostics and tools
Windows 7: Troubleshooting and support


QUESTION 1
You are planning to upgrade Internet Explorer. You have the following requirements:
* Create a report that identifies which computers are successfully upgraded.
* Do not install additional software on the client computers.
You need to design a deployment method that meets the requirements. What should you do?

A. Use Windows Server Update Services (WSUS).
B. Use Internet Explorer Administration Kit (IEAK) and Group Policy.
C. Use Microsoft System Center Configuration Manager.
D. Use Microsoft System Center Essentials.

Answer: A


QUESTION 2
Your company has a single Active Directory Domain Services (AD DS) domain with Windows Server
2008 R2 member servers and 1,000 Windows 7 client computers. You are designing the
deployment of a custom application. You have the following requirements:
* The application must be available to only users who need it.
* Minimize network traffic during deployment.
You need to design a deployment strategy that meets the requirements. Which deployment
method should you use?

A. Microsoft Application Virtualization (App-V)
B. Microsoft System Center Configuration Manager 2007
C. RemoteApp and Desktop Connections
D. software installation in Group Policy

Answer: C


QUESTION 3
Your network consists of an Active Directory Domain Services (AD DS) forest with 1,000 client
computers that run Windows XP. Nine hundred of the computers are on the local area network.
One hundred computers are portable computers that connect to the main office only once every
few months. You are planning to deploy Windows 7. You need to generate a report of the software
that is installed on all client computers. You need this information as soon as possible. What should
you use?

A. Microsoft System Center Data Protection Manager
B. Microsoft Desktop Optimization Pack
C. Microsoft System Center Essentials
D. Microsoft System Center Operations Manager

Answer: B


QUESTION 4
Your network has client computers that run Windows Vista. You are planning to deploy Windows
7. You need to detect and analyze the compatibility of an application that requires elevated
privileges. What should you do?

A. Use the Standard User Analyzer (SUA) Wizard.
B. Run a virtual version of the Setup Analysis Tool (SAT).
C. Use the Standard User Analyzer (SUA) tool.
D. Run a stand-alone version of the Setup Analysis Tool (SAT).

Answer: C


QUESTION 5
Your company’s network has client computers that run Windows 7. Multiple users share the
computers in the shipping department. These computers reside in the Shipping Computers
organizational unit (OU). The company wants to deploy a new application. The application is not
packaged. You have the following requirements:
* Deploy the application to all computers in the shipping department.
* Perform the deployment from a central location.
You need to plan the software deployment process to meet the requirements. Which two actions
should you include in the process? (Each correct answer presents part of the solution. Choose two.)

A. Using Microsoft System Center Configuration Manager, create a collection that contains the
shipping department computers, and assign the package to the collection.
B. Create a package by using Microsoft System Center Configuration Manager.
C. Create a Group Policy object (GPO) and add a software installation policy under the Computer
Configuration container.
D. In the Group Policy Management Console, link the software installation policy to the Shipping
Computers OU.
E. Using Microsoft System Center Configuration Manager, create a collection that contains the
shipping department users, and assign the package to the collection.

Answer: A,B

Click here to view complete Q&A of 70-686 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-686 Training at certkingdom.com

Exam 70-640 Windows Server 2008 Active Directory, Configuring

Published: March 6, 2008
Languages: English, German, Japanese
Audiences: IT professionals
Technology: Windows Server 2008
Credit toward certification: MCP, MCTS, MCITP, MCSA

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Configuring Domain Name System (DNS) for Active Directory (18%)
Configure zones
Dynamic DNS (DDNS), Non-dynamic DNS (NDDNS), and Secure Dynamic DNS (SDDNS); Time to Live (TTL); GlobalNames; Primary, Secondary, Active Directory Integrated, Stub; SOA; zone scavenging; forward lookup; reverse lookup
Configure DNS server settings
Forwarding; root hints; configure zone delegation; round robin; disable recursion; debug logging; server scavenging
Configure zone transfers and replication
Configure replication scope (forestDNSzone; domainDNSzone); incremental zone transfers; DNS Notify; secure zone transfers; configure name servers; application directory partitions

Preparation resources
Configuring zone properties
Configure a DNS server for use with Active Directory Domain Services
Modify zone transfer settings

Configuring the Active Directory infrastructure (17%)
Configure a forest or a domain
Remove a domain; perform an unattended installation; Active Directory Migration Tool (ADMT); change forest and domain functional levels; interoperability with previous versions of Active Directory; multiple user principal name (UPN) suffixes; forestprep; domainprep
Configure trusts
Forest trust; selective authentication vs. forest-wide authentication; transitive trust; external trust; shortcut trust; SID filtering
Configure sites
Create Active Directory subnets; configure site links; configure site link costing; configure sites infrastructure
Configure Active Directory replication
DFSR; one-way replication; Bridgehead server; replication scheduling; configure replication protocols; force intersite replication
Configure the global catalog
Universal Group Membership Caching (UGMC); partial attribute set; promote to global catalog
Configure operations masters
Seize and transfer; backup operations master; operations master placement; Schema Master; extending the schema; time service

Preparation resources
Deploying a Windows Server 2008 forest root domain
Securing domain and forest trusts
Active Directory replication tools and settings

Configuring Active Directory roles and services (14%)
Configure Active Directory Lightweight Directory Service (AD LDS)
Migration to AD LDS; configure data within AD LDS; configure an authentication server; Server Core installation
Configure Active Directory Rights Management Service (AD RMS)
Certificate request and installation; self-enrollments; delegation; create RMS templates; RMS administrative roles; RM add-on for IE
Configure the read-only domain controller (RODC)
Replication; Administrator role separation; read-only DNS; BitLocker; credential caching; password replication; syskey; read-only SYSVOL; staged install
Configure Active Directory Federation Services (AD FSv2)
Install AD FS server role; exchange certificate with AD FS agents; configure trust policies; configure user and group claim mapping; import and export trust policies

Preparation resources
AD LDS getting started step-by-step guide
Read-only domain controllers step-by-step guide
AD FS step-by-step guide

Creating and maintaining Active Directory objects (18%)
Automate creation of Active Directory accounts
Bulk import; configure the UPN; create computer, user, and group accounts (scripts, import, migration); template accounts; contacts; distribution lists; offline domain join
Maintain Active Directory accounts
Manage computer accounts; configure group membership; account resets; delegation; AGDLP/AGGUDLP; deny domain local group; local vs. domain; Protected Admin; disabling accounts vs. deleting accounts; deprovisioning; contacts; creating organizational units (OUs); delegation of control; protecting AD objects from deletion; managed service accounts
Create and apply Group Policy objects (GPOs)
Enforce, OU hierarchy, block inheritance, and enabling user objects; group policy processing priority; WMI; group policy filtering; group policy loopback; Group Policy Preferences (GPP)
Configure GPO templates
User rights; ADMX Central Store; administrative templates; security templates; restricted groups; security options; starter GPOs; shell access policies
Deploy and manage software by using GPOs
Publishing to users; assigning software to users; assigning to computers; software removal; software restriction policies; AppLocker
Configure account policies
Domain password policy; account lockout policy; fine-grain password policies
Configure audit policy by using GPOs
Audit logon events; audit account logon events; audit policy change; audit access privilege use; audit directory service access; audit object access; advanced audit policies; global object access auditing; “Reason for Access” reporting

Preparation resources
Active Directory how to…
Group policy planning and deployment guide
Account policies

Maintaining the Active Directory environment (18%)
Configure backup and recovery
Using Windows Server Backup; back up files and system state data to media; backup and restore by using removable media; perform an authoritative or non-authoritative restores; linked value replication; Directory Services Recovery Mode (DSRM); backup and restore GPOs; configure AD recycle bin
Perform offline maintenance
Offline defragmentation and compaction; Restartable Active Directory; Active Directory database mounting tool
Monitor Active Directory
Event viewer subscriptions; data collector sets; real-time monitoring; analyzing logs; WMI queries; PowerShell

Preparation resources
Windows Server backup step-by-step guide for Windows Server 2008
Compact the directory database file (offline defragmentation)
Restartable AD DS step-by-step guide

Configuring Active Directory Certificate Services (15%)

Install Active Directory Certificate Services
Certificate authority (CA) types, including standalone, enterprise, root, and subordinate; role services; prepare for multiple-forest deployments
Configure CA server settings
Key archival; certificate database backup and restore; assigning administration roles; high-volume CAs; auditing
Manage certificate templates
Certificate template types; securing template permissions; managing different certificate template versions; key recovery agent
Manage enrollments
Network device enrollment service (NDES); auto enrollment; Web enrollment; extranet enrollment; smart card enrollment; authentication mechanism assurance; creating enrollment agents; deploying multiple-forest certificates; x.509 certificate mapping
Manage certificate revocations
Configure Online Responders; Certificate Revocation List (CRL); CRL Distribution Point (CDP); Authority Information Access (AIA)

Preparation resources
Active Directory certificate services step-by-step guide
Setting up a certification authority
Administering certificate templates


QUESTION 1
Your company has a main office and three branch offices. Each office is configured as a separate Active Directory site that has its own domain controller.
You disable an account that has administrative rights.
You need to immediately replicate the disabled account information to all sites.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

A. From the Active Directory Sites and Services console, configure all domain controllers
as global catalog servers.
B. From the Active Directory Sites and Services console, select the existing connection objects and force replication.
C. Use Repadmin.exe to force replication between the site connection objects.
D. Use Dsmod.exe to configure all domain controllers as global catalog servers.

Answer: B,C

Explanation:
http://technet.microsoft.com/en-us/library/cc835086%28v=ws.10%29.aspx
Repadmin /syncall Synchronizes a specified domain controller with all of its replication partners. http://ivan.dretvic.com/2012/01/how-to-force-replication-of-domain-controllers/
How to force replication of Domain Controllers From time to time its necessary to kick off AD replication to speed up a task you may be doing, or just a good too to check the status of replication between DC’s.
Below is a command to replicate from a specified DC to all other DC’s.
Repadmin /syncall DC_name /Aped By running a repadmin /syncall with the /A(ll partitions) P(ush) e(nterprise, cross sites) d(istinguished names) parameters, you have duplicated exactly what Replmon used to do in Windows 2003, except that you did it in one step, not many.And with the benefit of seeing immediate results on how the operations are proceeding.
If I am running it on the DC itself, I don’t even have to specify the server name. http://technet.microsoft.com/en-us/library/cc776188%28v=ws.10%29.aspx Force replication over a connection
To force replication over a connection
1. Open Active Directory Sites and Services.
C:\Documents and Settings\usernwz1\Desktop\1.PNG


QUESTION 2
Your company has a branch office that is configured as a separate Active Directory site and has an Active Directory domain controller.
The Active Directory site requires a local Global Catalog server to support a new application.
You need to configure the domain controller as a Global Catalog server.
Which tool should you use?

A. The Server Manager console
B. The Active Directory Sites and Services console
C. The Dcpromo.exe utility
D. The Computer Management console
E. The Active Directory Domains and Trusts console

Answer: B

Explanation:

Answer: The Active Directory Sites and Services console http://technet.microsoft.com/en-us/library/cc781329%28v=ws.10%29.aspx Configure a domain controller as a global catalog server
To configure a domain controller as a global catalog server 1. Open Active Directory Sites and Services.
Further information: http://technet.microsoft.com/en-us/library/cc728188%28v=ws.10%29.aspx What Is the Global Catalog?
The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory Domain Services (AD DS) forest. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through multimaster replication. Searches that are directed to the global catalog are faster because they do not involve referrals to different domain controllers.
In addition to configuration and schema directory partition replicas, every domain controller in a forest stores a full, writable replica of a single domain directory partition. Therefore, a domain controller can locate only the objects in its domain. Locating an object in a different domain would require the user or application to provide the domain of the requested object. The global catalog provides the ability to locate objects from any domain without having to know the domain name. A global catalog server is a domain controller that, in addition to its
full, writable domain directory partition replica, also stores a partial, read-only replica of all other domain directory partitions in the forest. The additional domain directory partitions are partial because only a limited set of attributes is included for each object. By including only the attributes that are most used for searching, every object in every domain in even the largest forest can be represented in the database of a single global catalog server.
Note: A global catalog server can also store a full, writable replica of an application directory partition, but objects in application directory partitions are not replicated to the global catalog as partial, read-only directory partitions.
The global catalog is built and updated automatically by the AD DS replication system. The attributes that are replicated to the global catalog are identified in the schema as the partial attribute set (PAS) and are defined by default by Microsoft. However, to optimize searching, you can edit the schema by adding or removing attributes that are stored in the global catalog.
In Windows 2000 Server environments, any change to the PAS results in full synchronization (update of all attributes) of the global catalog. Later versions of Windows Server reduce the impact of updating the global catalog by replicating only the attributes that change.
In a single-domain forest, a global catalog server stores a full, writable replica of the domain and does not store any partial replica. A global catalog server in a single-domain forest functions in the same manner as a nonglobal-catalog server except for the processing of forest-wide searches.


QUESTION 3
Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline root CA and an online issuing CA.
The Enterprise certification authority is running Windows Server 2008 R2.
You need to ensure users are able to enroll new certificates.
What should you do?

A. Renew the Certificate Revocation List (CRL) on the root CA. Copy the CRL to the CertEnroll folder on the issuing CA.
B. Renew the Certificate Revocation List (CRL) on the issuing CA, Copy the CRL to the SysternCertificates folder in the users’ profile.
C. Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.
D. Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.

Answer: A

Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/2900.offline-root-certification-authority-ca.aspx
Offline Root Certification Authority (CA)
A root certification authority (CA) is the top of a public key infrastructure (PKI) and generates a self-signed certificate. This means that the root CA is validating itself (self-validating). This root CA could then have subordinate CAs that effectively trust it. The subordinate CAs receive a certificate signed by the root CA, so the subordinate CAs can issue certificates that are validated by the root C
A. This establishes a CA hierarchy and trust path.
CA Compromise
If a root CA is in some way compromised (broken into, hacked, stolen, or accessed by an unauthorized or malicious person), then all of the certificates that were issued by that CA are also compromised. Since certificates are used for data protection, identification, and authorization, the compromise of a CA could compromise the security of an entire organizational network. For that reason, many organizations that run internal PKIs install their root CA offline. That is, the CA is never connected to the company network, which makes the root CA an offline root C
A. Make sure that you keep all CAs in secure areas with limited access.
To ensure the reliability of your CA infrastructure, specify that any root and non-issuing intermediate CAs must be offline. A non-issuing CA is one that is not expected to provide certificates to client computers, network devices, and so on. This minimizes the risk of the CA private keys becoming compromised, which would in turn compromise all the certificates that were issued by the CA.
How Do Offline CAs issue certificates?
Offline root CAs can issue certificates to removable media devices (e.g. floppy disk, USB drive, CD/DVD) and then physically transported to the subordinate CAs that need the certificate in order to perform their tasks. If the subordinate CA is a non-issuing intermediate that is offline, then it will also be used to generate a certificate and that certificate will be placed on removable media. Each CA receives its authorization to issue certificates from the CA directly above it in the CA hierarchy. However, you can have multiple CAs at the same level of the CA hierarchy. Issuing CAs are typically online and used to issue certificates to client computers, network
devices, mobile devices, and so on. Do not join offline CAs to an Active Directory Domain Services domain Since offline CAs should not be connected to a network, it does not make sense to join them to an Active Directory Domain Services (AD DS) domain, even with the
Offline Domain Join [This link is external to TechNet Wiki. It will open in a new window.] option introduced with Windows 7 and Windows Server 2008 R2.
Furthermore, installing an offline CA on a server that is a member of a domain can cause problems with a secure channel when you bring the CA back online after a long offline period. This is because the computer account password changes every 30 days. You can get around this by problem and better protect your CA by making it a member of a workgroup, instead of a domain. Since Enterprise CAs need to be joined to an AD DS domain, do not attempt to install an offline CA as a Windows Server Enterprise C
A. http://technet.microsoft.com/en-us/library/cc740209%28v=ws.10%29.aspx
Renewing a certification authority
A certification authority may need to be renewed for either of the following reasons: Change in the policy of certificates issued by the CA
Expiration of the CA’s issuing certificate


QUESTION 4
You have a Windows Server 2008 R2 Enterprise Root certification authority (CA).
You need to grant members of the Account Operators group the ability to only manage Basic EFS certificates.
You grant the Account Operators group the Issue and Manage Certificates permission on the CA.
Which three tasks should you perform next? (Each correct answer presents part of the solution.
Choose three.)

A. Enable the Restrict Enrollment Agents option on the CA.
B. Enable the Restrict Certificate Managers option on the CA.
C. Add the Basic EFS certificate template for the Account Operators group.
D. Grant the Account Operators group the Manage CA permission on the CA.
E. Remove all unnecessary certificate templates that are assigned to the Account Operators group.

Answer: B,C,E


QUESTION 5
Your company has an Active Directory domain.
You log on to the domain controller. The Active Directory Schema snap-in is not available in the Microsoft Management Console (MMC).
You need to access the Active Directory Schema snap-in.
What should you do?

A. Add the Active Directory Lightweight Directory Services (AD LDS) role to the domain controller by using Server Manager.
B. Log off and log on again by using an account that is a member of the Schema Administrators group.
C. Use the Ntdsutil.exe command to connect to the Schema Master operations master and open the schema for writing.
D. Register Schmmgmt.dll.

Answer: D

Explanation:
http://technet.microsoft.com/en-us/library/cc732110.aspx Install the Active Directory Schema Snap-In
You can use this procedure to first register the dynamic-link library (DLL) that is required for the Active Directory Schema snap-in. You can then add the snap-in to Microsoft Management Console (MMC).
To install the Active Directory Schema snap-in
1. To open an elevated command prompt, click Start, type command prompt and then right-click Command
Prompt when it appears in the Start menu. Next, click Run as administrator and then click OK.
To open an elevated command prompt in Windows Server 2012, click Start, type cmd, right click cmd and then click Run as administrator.
2. Type the following command, and then press ENTER:
regsvr32 schmmgmt.dll
3. Click Start, click Run, type mmc and then click OK.
4. On the File menu, click Add/Remove Snap-in.
5. Under Available snap-ins, click Active Directory Schema, click Add and then click OK.
6. To save this console, on the File menu, click Save.
7. In the Save As dialog box, do one of the following:
* To place the snap-in in the Administrative Tools folder, in File name, type a name for the snap-in, and then click Save.
* To save the snap-in to a location other than the Administrative Tools folder, in Save in
navigate to a location for the snap-in. In File name, type a name for the snap-in, and then
click Save


QUESTION 6
You have an Active Directory domain that runs Windows Server 2008 R2.
You need to implement a certification authority (CA) server that meets the following requirements:
Allows the certification authority to automatically issue certificates
Integrates with Active Directory Domain Services
What should you do?

A. Install and configure the Active Directory Certificate Services server role as a Standalone Root CA.
B. Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA.
C. Purchase a certificate from a third-party certification authority, Install and configure the Active Directory
Certificate Services server role as a Standalone Subordinate CA.
D. Purchase a certificate from a third-party certification authority, Import the certificate into the computer store of the schema master.

Answer: B

Click here to view complete Q&A of 70-640 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-640 Training at certkingdom.com

 

Microsoft Exam 70-576: Get PRO at Designing and Developing Microsoft SharePoint Applications

Exam Code : 70-576
Exam Title : PRO: Designing and Developing Microsoft SharePoint 2010 Applications

Microsoft Exam 70-576: Get PRO at Designing and Developing Microsoft SharePoint Applications
Microsoft certification 70-576 exam is all about designing and developing SharePoint application. It was designed in English language on July 12, 2010. It targeted towards Developers and made using the technology of Microsoft SharePoint Server.OLYMPUS DIGITAL CAMERA

Candidate Profile
The Microsoft 70-576 holder will be responsible for designing custom code projects for SharePoint Servers. This will include selecting technology from a number of ways to build code of SharePoint. Also ensuing that the development team’s environment is configures, creating the best strategy for code deployment, structuring, configuration and versioning. The candidate is also suppose to lead a team of SharePoint developers, has a minimum of 2 years of experience of SharePoint development and 3 years of ASP.NET development experience.

Skills Being Measured
This exam will determine your skills and knowledge in the below mentioned key area. The percentage in front of each key area is the weight that particular major topic. However, the topics are not limited to this list and can be changed.

Creating an Application Design (19%)
Evaluating application data access
Identifying artifacts from application requirements
Selection of deployment model
Selecting the appropriate execution method

Designing UX (17%)
Determining the presentation page type
Determining SharePoint visual components
Planning branding strategy
Designing application customization strategy
Designing navigation strategy

Managing Application Development (18%)
Designing for localization and globalization
Developing a security approach
Defineing application configuration approach

Optimizing SharePoint Application Design (15%)
Optimizing page performance
Optimizing data access
Designing for logging and exception handling
Identifying and Resolving deployment issues
Analyzing memory utilization

Designing SharePoint Composite Applications (13%)
Designing external application integration
Determining data capturing approach
Designing SharePoint information architecture

Designing SharePoint Solutions and Features (18%)
For acquiring best result you need to avail all the training offers provided by Microsoft. From classroom training to e-learning they have it all. They provide teaching material and press books. You can join their chat rooms, newsgroups and forums and talk to Microsoft team. You can join Microsoft Learning Community, this is a community where you can connect to forums and ask your peers for suggestions about training resources and take their advice on this course. It is highly recommended by Microsoft that you purchase the learning material for best results.

 


 

MCTS Training, MCITP Trainnig

Best Microsoft MCITP Training , Microsoft 70-575 Training at certkingdom.com

Microsoft Certifications 2014 can you a JOB

With the new technologies coming in the market every other day, life has become advanced these days. In this modern era, you have to be on your toes all the time especially if your career in related to the field of IT: one has to stay updated with all the latest programs and their features in order to stay ahead of his peers. For instance, there was a time when Gramophone was the invention of the century but then it was replaced with mobile phones. Similarly, the invention of television and radio created quite a heap in the early 20th century but later on, the thunder was stolen by computers in the late 20th century.

In this day and age, computers and internet have become the center of attention. Consequently, IT has become the most popular field. IT experts are quite in demand these days; but with the emergence of new programs every other day, they have to keep up with the latest technology in order to stay ahead in the race. One way of staying ahead is the certification courses. These courses ensure that the candidate has attained all the latest knowledge and is ready to roll in the world of technology.

This article will discuss some of the most popular certification courses offered by Microsoft.

Microsoft Technology Associate

This is a certification course designed for the starters: people who want to start their line of business in the field of technology. Accordingly, it tests the fundamentals of IT and validates that the candidates have a basic understanding of the essentials. This course has been divided into three tracks and the candidates can choose any one of the tracks, depending on their preference. The tracks are: IT infrastructure, Database Design and Developer.

Microsoft MCSA- Windows Server 2008
This exam is designed for the IT personnel and it validates their skills in Server Networking management. IT professionals and System Administrators are suggested to take MCSA- Windows Server 2008 exam especially if they are looking forward to earning their MCSE certification.

Microsoft MCSA- Windows Server 2012
This certification exam is an advanced level exam which validates that the candidates have sufficient knowledge of Windows Server 2012 for its proper installation, configuration and working. MCSA- Windows Server 2012 certified can easily get the position of Network Administrator, Computer Systems Administrator or Computer Network Analyst.

Microsoft MCSE- Server Infrastructure
This certification course is designed for IT experts and it will get you the title of ‘Solutions Expert’. It tests individual’s skills in effectively and efficiently running a modern data center with some experience in virtualization storage and networking, identity management and systems management.

Microsoft MCSE- Desktop Infrastructure
This course validates that the individuals can manage desktops and devices, while maintaining their security and integrity, from anywhere around the globe. It also tests individuals’ expertise in application and desktop virtualization together with remote desktop services. With this certification in hand, you can easily qualify for a job of Data and Application Manager or Desktop and Device Support Manager.

Microsoft MCSE- Messaging
This certification is an expert level certification and it validates that the applicant has relevant skills in order to increase user productivity and flexibility. It also validates that the person has sufficient knowledge as to how to improve data security and reduce data loss. After passing this certification exam, candidates can easily qualify for the position of Network and Computer System Administrator.

Microsoft  MCSE- Communication
This certification validates candidates’ expertise in using Lync Server to create an effective communication path that can be accessed from all around the globe. This certification is also an expert level certification and you can easily qualify for the position of Network and Computer System Administrator with it.

Microsoft  MCSE- SharePoint

This Microsoft Certified Solutions Expert certification course verifies that the candidates have the necessary expertise to share, synchronize and organize the data across the organization. SharePoint 2013 is the updated version of Microsoft Office, and passing this certification can get you a job of Systems or Network Analyst.

Microsoft MCSD- SharePoint Application

This Microsoft Certified Solutions Developer certification course is another of expert level certification courses which validates individuals’ expertise in web programming. It also requires the individuals to design and develop applications with Microsoft SharePoint. With this certification, you can easily secure the position of Software Developer or Web Developer.

Microsoft Private Cloud

MCSE- Private Cloud certification course tests candidates’ expertise to manage Private Cloud computer technologies. It also verifies that the candidate can implement these technologies in a way to optimize service delivery. You can easily get the position of Server Administrator and Network Manager with this certification on your resume.

Microsoft System Center Configuration Manager
Microsoft System Center Certification focuses on the skills to manage computer and clients. The candidates should be able to configure, administer and deploy System Center 2012 in order to pass this exam. You can earn the title of Microsoft Certified Technology Specialist through this certification.

Microsoft Server Virtualization
This certification verifies that the candidate is familiar with Server Virtualization, both on Windows Server and System Center. This course expands individual’s expertise and skills in order for him to meet the rapidly modernizing technological business needs, and it can get him the title of Microsoft Specialist in no time.

Microsoft Office Certifications
Microsoft offers many certifications that verify candidates’ skills in handling and using Microsoft Office Applications. These certifications start from beginners level and go up to the master level. Microsoft Office Specialist is a beginner level certification whereas Microsoft Office Specialist Expert is an advanced level certification. Last but not the least; Microsoft Office Specialist Master is a master level certification.

Microsoft MCSA- Office 365
This course focuses on individual’s skills in handling Office 365 together with productivity tools and cloud-based collaboration. This certification can easily get you the position of Cloud Application Administrator or SaaS Administrator.

Microsoft Dynamics

This Microsoft Certified Technology Specialist certification confirms an individual’s expertise in Microsoft dynamics: a specific module can be chosen for this certification. However, this certification will be withdrawn from the market, at the end of this year, and replaced with the new ones.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

70-647 PRO: Windows Server 2008,Enterprise Administrator


QUESTION 1
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com. All servers in the ABC.com network run Windows Server 2008.
The ABC.com network has a file server named ABC-SR07 that hosts a shared folder named
ABCDocs. Several Microsoft Word documents are stored in the ABCDocs share. You want to
enable document version history on these documents. You also want the documents in the
ABCDocs share to be accessed through a Web page.
Which of the following roles or services would you install on ABC-SR07 to achieve the desired
results cost effectively?

A. FTP Server role.
B. Application Server role.
C. Microsoft Windows SharePoint Services (WSS) 3.0.
D. File and Print Services role.
E. Microsoft Office SharePoint Server (MOSS) 2007.
F. SMTP Server role.

Answer: C

Explanation:
To achieve the desired results without requiring any additional cost, you need to use Microsoft
Windows SharePoint Services (WSS) 3.0.
Reference: Microsoft Windows SharePoint Services 3.0 and the Mobile Workplace
http://download.microsoft.com/download/b/b/6/bb6672dd-252c-4a21-89de-
78cfc8e0b69e/WSS%20Mobile%20Workplace.doc


QUESTION 2
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com with a single site named Site
A. All servers in the ABC.com network run Windows Server
2008.
You reorganize the Active Directory infrastructure to include a second site named SiteB with its
own domain controller.
How would you configured the firewall to allow replication between SiteA and SiteB?

A. Enable IPSec traffic to pass through the firewall.
B. Enable RPC traffic to pass through the firewall.
C. Enable SMTP traffic to pass through the firewall.
D. Enable NNTP traffic to pass through the firewall.
E. Enable FTP traffic to pass through the firewall.

Answer: B

Explanation:
You should permit RPC traffic through the firewall to enable the domain controllers to replicate
between the two sites because the Active Directory relies on remote procedure call (RPC) for
replication between domain controllers. You can open the firewall wide to permit RPC’s native
dynamic behavior.
Reference: Active Directory Replication over Firewalls
http://technet.microsoft.com/en-us/library/bb727063.aspx


QUESTION 3
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com. All servers in the ABC.com network run Windows Server 2008.
ABC.com runs a critical application that accesses data that is stored in a Microsoft SQL Server
2005 database server named ABC-DB02. Which of the following options would you choose to
ensure that the database is always available?

A. Two Windows Server 2008 servers running MS SQL Server 2005 Standard Edition in a
Network Load Balancing (NLB) cluster.
B. Two Windows Server 2008 servers running MS SQL Server 2005 Enterprise Edition in a
Network Load Balancing (NLB) cluster
C. Two Windows Server 2008 servers running MS SQL Server 2005 Standard Edition in a failover
cluster.
D. Two Windows Server 2008 servers running MS SQL Server 2005 Enterprise Edition in a
failover cluster.

Answer: D

Explanation:
To ensure the high availability of the data store, you need to use a Windows Server 2008 failover
cluster with shared storage.
Failover clustering can help you build redundancy into your network and eliminate single points of
failure.
Administrators have better control and can achieve better performance with storage than was
possible in previous releases. Failover clusters now support GUID partition table (GPT) disks that
can have capacities of larger than 2 terabytes, for increased disk size and robustness.
Administrators can now modify resource dependencies while resources are online, which means
they can make an additional disk available without interrupting access to the application that will
use it. And administrators can run tools in Maintenance Mode to check, fix, back up, or restore
disks more easily and with less disruption to the cluster
You should not use Network Load Balancing (NLB) because it only allows you to distribute TCP/IP
requests to multiple systems in order to optimize resource utilization, decrease computing time,
and ensure system availability.
Reference: High Availability
http://www.microsoft.com/windowsserver2008/en/us/high-availability.aspx


QUESTION 4
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com. All servers in the ABC.com network run Windows Server 2008. ABC.com has its
headquarters in Chicago and sub-divisions in Boston, Atlanta, Miami and Dallas. All domain
controllers are currently installed in the Chicago.
You need to have new domain controllers installed in the Boston, Atlanta, Miami and Dallas subdivisions.
ABC.com issues a security policy for the new domain controllers that states the
following:
•Unauthorized user must not be able to access the Active Directory database.
•Unauthorized user must not be able to boot a domain controller from an alternate boot disk.
Which of the following options would you choose to implement the security policy?

A. Modify the permissions of the ntds.dat file.
B. Configure a read-only domain controller (RODC) in the Boston, Atlanta, Miami and Dallas.
C. Disable replication of the Sysvol folder on the new domain controllers.
D. Configure Windows BitLocker Drive Encryption (BitLocker) on the new domain controllers.
E. Disable the Global Catalog role on the new domain controllers.
F. Configure EFS encryption on the new domain controllers.

Answer: D

Explanation:
To configure domain controller at each branch office to ensure that no unauthorized user should
be allowed to copy the Active Directory database from a branch office domain controller by starting
the server from an alternate startup disk, you need to use Windows BitLocker Drive Encryption
(BitLocker)
BitLocker allows you to encrypt all data stored on the Windows operating system volume and use
the security of using a Trusted Platform Module (TPM) that helps protect user data and to ensure
that a computer running Windows Vista or Server 2008 have not been tampered with while the
system was offline.
In addition, BitLocker offers the option to lock the normal startup process until the user supplies a
personal identification number (PIN) or inserts a removable USB device, such as a flash drive, that
contains a startup key. This process will ensure that users can only access all files on the servers
if they have the PIN. You cannot use an alternate startup disk to boot the server.
Reference: BitLocker Drive Encryption Technical Overview
http://technet2.microsoft.com/windowsserver2008/en/library/a2ba17e6-153b-4269-bc46-
6866df4b253c1033.mspx?mfr=true


QUESTION 5
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com that runs at the domain functional level of Windows Server 2008.
Which of the following options can be used for tracking any modification to Active Directory
Objections?

A. Configure a Group Policy to run the Security Configuration Wizard on all computers in the ABC
network.
B. Configure the Default Domain Controllers Group Policy to audit Directory Services.
C. Configure the Default Domain Group Policy to audit Directory Services.
D. Enable auditing of the ntds.dat file in the Default Domain Group Policy.
E. Enable auditing of the ntds.dat file in the Default Domain Group Policy.

Answer: B

Explanation:
To implement an audit and compliance policy and ensure that all changes made to Active
Directory objects are recorded, you need to configure a Directory Services Auditing policy in the
Default Domain Controller Policy
In Windows Server 2008, you can enable Audit Directory Service Access policy to log events in
the Security event log whenever certain operations are performed on objects stored in Active
Directory.
Enabling the global audit policy, Audit directory service access, enables all directory service policy
subcategories. You can set this global audit policy in the Default Domain Controllers Group Policy
(under Security Settings\Local Policies\Audit Policy).
Reference: Windows Server 2008 Auditing AD DS Changes Step-by-Step Guide
http://technet2.microsoft.com/windowsserver2008/en/library/a9c25483-89e2-4202-881cea8e02b4b2a51033.
mspx?mfr=true


MCTS Training, MCITP Trainnig

Best Microsoft MCITP Enterprise Administrator Certification,
MCITP 70-647 Training at certkingdom.com

70-236 Microsoft Exchange Server 2012

Contents
Preface xvii
Foreword xxi
1 Introduction 1
1.1 A decade and counting of Exchange deployments 1
1.1.1 The way we were 2
1.1.2 The protocol wars 2
1.1.3 Ever increasing mobility 4
1.1.4 Third-party products and management 6
1.1.5 Some interesting projects 6
1.1.6 The not so good points 7
1.1.7 Exchange’s connection with the Active Directory 10
1.1.8 Reviewing predictions made in 1996 11
1.2 Microsoft’s themes for Exchange 2007 12
1.2.1 The happy prospect of a migration 18
1.3 Preparing for Exchange 2007 20
1.4 Installing Exchange 2007 22
1.4.1 Modifying and removing servers 27
1.4.2 Validating the installation 27
1.4.3 Third-party software 28
1.5 Server roles 28
1.5.1 Services 32
1.6 Licensing 36
1.6.1 Version numbers 40
1.6.2 32-bit Exchange 2007? 41
1.7 Support 42
1.8 Challenges for Exchange 2007 42
1.9 Into the future 45
vi Contents
2 Exchange, Windows, and the Active Directory 47
2.1 Active Directory and Exchange 47
2.1.1 Domain Designs 48
2.2 Active Directory replication 50
2.2.1 Replication basics 51
2.2.2 When Active Directory replication happens 53
2.2.3 Active Directory naming contexts 55
2.2.4 Transforming Domain controllers into
Global Catalogs 58
2.2.5 USNs and replication 60
2.2.6 Urgent replication 64
2.2.7 Intrasite and Intersite replication 65
2.2.8 High-watermark vector and up-to-date vector tables 68
2.2.9 Changes in Active Directory replication in Windows 2003 70
2.3 Exchange’s Active Directory Topology service 71
2.3.1 DSAccess (or ADAccess) 72
2.3.2 How many Global Catalog servers do I need? 75
2.3.3 Where are my Global Catalogs? 76
2.4 Recovering deleted Active Directory accounts 78
2.5 Exchange and the Active Directory schema 80
2.5.1 Updating the schema with an installation 80
2.5.2 Changing the schema 82
2.5.3 Active Directory custom attributes for Exchange 85
2.5.4 Updating the schema to allow Ambiguous
Name Resolution 86
2.5.5 Exchange-specific permissions 87
2.5.6 Exchange property sets 88
2.6 Longhorn and Exchange 2007 90
2.7 The very important LegacyExchangeDN attribute 91
2.8 Brain surgery for the Active Directory: ADSIEDIT 93
2.8.1 LDP and LDIFDE 96
2.8.2 Active Directory for Exchange 98
3 The Basics of Managing Exchange 2007 99
3.1 Exchange Management Console 100
3.1.1 The importance of filters 104
3.1.2 Managing mixed organizations 109
3.1.3 Running EMC remotely or on a workstation 112
3.1.4 No more AD Users and Computers 113
3.1.5 Changing columns 115
Contents vii
Contents
3.1.6 Visual effects 116
3.2 Why some options have disappeared from EMC 118
3.2.1 Coping with change 122
3.3 Changes in the Exchange delegation model 124
3.4 Customized Recipient Management 128
3.4.1 Adieu RUS 130
3.4.2 Recipient types 132
3.5 Moving users 133
3.5.1 Moving mailboxes 134
3.5.2 Logging mailbox moves 138
3.6 Using distribution groups 140
3.6.1 Forming groups 142
3.6.2 Group changes in Exchange 2007 145
3.6.3 Expanding distribution lists 147
3.6.4 How many objects can I have in a group? 148
3.6.5 Managing group membership 149
3.6.6 Protected groups (and users) 152
3.7 Using groups for permissions 154
3.7.1 Managing distribution groups from Outlook 154
3.8 Dynamic distribution groups 156
3.8.1 Changing filters and conditions for dynamic
distribution groups 157
3.8.2 A note on OPATH 159
3.8.3 A new UI for dynamic groups 160
3.8.4 Creating New dynamic groups 162
3.8.5 Using dynamic Distribution groups 167
3.9 Mailbox quotas 168
3.9.1 Setting mailbox quotas 170
3.10 Email address policies 173
3.10.1 Mailbox moves and email address policies 178
3.10.2 Queries that drive email address policies 178
3.11 Address lists 183
3.11.1 Upgrading Address Lists to Exchange 2007 format 187
3.12 User naming conventions 188
3.13 Server naming conventions 192
3.14 Moving from the basics 194
4 The Exchange Management Shell 195
4.1 EMS: Exchange’s management shell 197
4.1.1 Working with PowerShell commands 199
4.1.2 Exchange shell commands 204
viii Contents
4.1.3 Command editing 208
4.1.4 Getting at more information about something 210
4.1.5 Using common and user-defined variables 214
4.1.6 Identities 217
4.1.7 Working in a multi-domain forest 219
4.1.8 Profiles 221
4.1.9 PowerShell in batch 223
4.1.10 Execution policies 224
4.1.11 Sending email from the shell 226
4.2 Learning from EMC 229
4.3 Using EMS to work with mailboxes 232
4.3.1 Creating a new mailbox with a template 232
4.3.2 Setting and retrieving mailbox properties 234
4.3.3 Other ways of interacting with mailboxes 244
4.3.4 Get-Recipient 245
4.3.5 Moving mailboxes 245
4.3.6 Accessing another user’s mailbox 249
4.3.7 Different commands and different properties 251
4.3.8 Contacts 252
4.4 Working with distribution groups 253
4.4.1 Working with dynamic distribution groups 257
4.4.2 Advanced group properties 262
4.5 Delegation through the shell 265
4.6 Creating efficient filters 267
4.7 Bulk updates 270
4.7.1 Creating sets of mailboxes 273
4.8 Reporting mailbox data 275
4.8.1 Special properties 282
4.9 Using the shell for other management tasks 284
4.10 Command validation 287
4.11 Working with remote servers 290
4.12 Working with non-Exchange 2007 servers 291
4.13 Testing Exchange 2007 292
4.13.1 Client connections 294
4.13.2 Mail Flow 295
4.13.3 Miscellaneous test commands 297
4.14 PowerShell for Exchange administrators 297
5 The Store 301
5.1 Introducing the Store 301
5.2 Differences in the Exchange 2007 Store 306
Contents ix
Contents
5.2.1 Are 64 bits that important? 307
5.2.2 Trading memory for I/O 312
5.2.3 The decrease in storage costs 317
5.3 No more streaming database 318
5.4 Tables and items 320
5.5 Storage groups 323
5.5.1 Creating a new storage group and database 327
5.5.2 Working with storage groups and databases 329
5.6 Transaction logs 331
5.6.1 Circular logging 335
5.6.2 Creating new transaction logs 337
5.6.3 Reserved logs 338
5.6.4 Transactions, buffers, and commitment 339
5.6.5 Transaction log I/O 341
5.6.6 Protecting transaction logs 341
5.6.7 Transaction log checksum 342
5.6.8 Maximum database size 343
5.7 Database portability 345
5.7.1 Zero database pages 349
5.8 MAPI connections and logons 349
5.9 The Deleted Items cache 350
5.9.1 Cleaning the Deleted Items cache 356
5.9.2 Recovering items and mailboxes 357
5.10 Background maintenance 360
5.10.1 Background tasks 364
5.10.2 Tracking background maintenance 367
5.11 Fixing failed databases 368
5.12 Exchange 2007 content indexing 375
5.12.1 Using content indexing 380
5.13 Public folders 383
5.13.1 Public folders and Exchange 2007 384
5.13.2 Changes in public folders administration since
Exchange 2003 386
5.13.3 Calming replication storms 388
5.13.4 Managing public folders with Exchange 2007 392
5.13.5 Permissions on top-level folders 405
5.13.6 Referrals 405
5.13.7 Migrating public folder content 406
5.14 Removing database size limits 408
5.15 Backups 408
5.15.1 NTBackup 410
x Contents
5.15.2 Other commercial backup products 410
5.15.3 Creating a backup strategy 413
5.15.4 Backups and storage groups 415
5.15.5 Checkpoint file 421
5.15.6 The future of streaming backups 426
5.16 Moving from the Store 427
6 Exchange Transport and Routing 429
6.1 The evolution of routing 429
6.2 Change through experience 430
6.2.1 Hidden administrative and routing groups 433
6.3 Exchange 2007 transport architecture 435
6.3.1 The critical role of hub transport servers 438
6.3.2 Receive connectors 440
6.3.3 Send connectors 447
6.3.4 Linking Exchange 2003 and Exchange 2007 453
6.3.5 Multiple routes into Exchange 2003 458
6.3.6 Decommissioning Exchange 2003 routing groups 458
6.3.7 Handling Exchange 2003 link state updates
during migration 458
6.3.8 Foreign connectors 459
6.3.9 Authorization 460
6.3.10 Accepted domains 460
6.3.11 Transport storage 461
6.4 Routing ABC 464
6.4.1 Resolving multiple paths 467
6.4.2 Most specific connector 467
6.4.3 Connector cost 469
6.4.4 Closest proximity 469
6.4.5 The role of hub routing sites 470
6.4.6 Site link costs versus routing costs 471
6.4.7 Instructing mailbox servers 472
6.4.8 Bypassing some connections 472
6.4.9 Protocol logging 473
6.4.10 X.400 support 474
6.4.11 Bifurcation 475
6.4.12 Header firewalls 476
6.5 Transport configuration 476
6.5.1 Transport configuration file 481
6.5.2 Routing logs 483
6.6 Queues 485
Contents xi
Contents
6.6.1 The Queue Viewer 488
6.6.2 The Unreachable queue 491
6.6.3 Poison messages 493
6.7 Back Pressure 494
6.8 Delivery Status Notifications 496
6.8.1 Customizing DSNs 501
6.8.2 Postmaster addresses 504
6.9 Transport agents 505
6.10 Transport summary 506
6.11 Edge servers 506
6.11.1 Edge or hub? 508
6.11.2 Basic Edge 510
6.11.3 Edge Synchronization 511
6.11.4 Basic Edge security 518
6.11.5 Fighting spam and email viruses 518
6.11.6 Defense in depth 522
6.11.7 Microsoft’s approach to mail hygiene 523
6.11.8 Forefront for Exchange 528
6.11.9 Mail Hygiene Agents 533
6.11.10 Agent logs 535
6.11.11 Connection filtering 536
6.11.12 Sender filtering 538
6.11.13 Address Rewrite agent 539
6.11.14 Sender ID agent 541
6.11.15 Content filtering 547
6.11.16 Content Filter updates 550
6.11.17 Per-user SCL processing 553
6.11.18 Safelist Aggregation 554
6.11.19 Sender reputation 557
6.11.20 Recipient filtering 559
6.11.21 Blocking file attachments 560
6.11.22 Attachment filtering 562
6.11.23 Edge transport rules 563
6.11.24 Available Edge 565
6.12 Client-side spam suppression 567
6.12.1 Outlook’s Junk Mail Filter 568
6.12.2 Postmarks 573
6.12.3 Restricting OOF and other notifications 574
6.13 Routing onwards 580
xii Contents
7 Clients 581
7.1 Outlook 583
7.1.1 Outlook web services 585
7.1.2 Understanding Outlook’s relationship with Exchange 591
7.1.3 Deploying cached Exchange mode 596
7.1.4 Address caching 599
7.1.5 MAPI compression and buffers 600
7.1.6 Conflict resolution 602
7.1.7 Preventing MAPI clients from connecting 603
7.1.8 Outlook 2007 and Exchange 5.5 607
7.2 Offline and personal Stores 608
7.2.1 Personal folders 609
7.2.2 Mail delivery to personal folders 611
7.2.3 Configuring PSTs 615
7.2.4 PST archiving 617
7.3 Offline folder files 619
7.3.1 OST synchronization 621
7.3.2 When things go wrong with your OST 623
7.4 Out of Office changes 624
7.4.1 The big question: Is Outlook 2007 worth the upgrade? 625
7.5 The Offline Address Book (OAB) 626
7.5.1 Downloading the OAB 627
7.5.2 OAB files on the PC 628
7.5.3 The evolving OAB format 630
7.5.4 OAB and cached Exchange mode 632
7.5.5 OAB generation and distribution 634
7.5.6 Creating a customized OAB 640
7.5.7 Allocating OABs to users 642
7.6 Outlook Anywhere 645
7.7 Outlook Web Access 650
7.7.1 New features in Outlook Web Access 2007 652
7.7.2 Outlook Web Access Light 658
7.7.3 International versions 662
7.7.4 Accessing legacy data 664
7.7.5 Managing Outlook Web Access 666
7.7.6 Authentication 667
7.7.7 Segmentation 671
7.7.8 Notifications 675
7.7.9 Controlling attachments 677
7.7.10 Themes 680
7.7.11 Client settings 684
Contents xiii
Contents
7.8 Internet client access protocols 684
7.8.1 IMAP4 685
7.8.2 The Exchange 2007 IMAP server 689
7.9 Mobile clients 694
7.9.1 Selecting mobile devices 696
7.9.2 Server-based ActiveSync 698
7.10 Windows Mobile 6.0 and Exchange 2007 702
7.10.1 ActiveSync policies 706
7.10.2 Managing mobile devices through EMC 711
7.10.3 Moving mailboxes to Exchange 2007 and ActiveSync 713
7.10.4 Estimating network traffic for mobile devices 715
7.10.5 Analyzing ActiveSync logs 717
7.10.6 Wiping mobile devices 719
7.10.7 Debugging synchronization 721
7.11 Comparing Windows Mobile and BlackBerry 723
7.11.1 Processing the mail 725
7.11.2 Other messaging options for Windows Mobile 730
7.11.3 Power management 731
7.11.4 Input flexibility 732
7.12 Unified Communications 735
7.13 Unified Messaging 737
7.13.1 Client Access to voicemail 741
7.13.2 Dealing with voicemail 745
7.13.3 Voice synthesis 747
7.13.4 Pure voicemail 748
7.13.5 The magic of SIP 749
7.13.6 Speech Grammars 752
7.13.7 Phonetic names 754
7.13.8 Cross-forest UM 756
7.14 Special mailboxes 756
7.15 Clients and users 759
8 Managing Users 761
8.1 Room and equipment mailboxes 762
8.1.1 Managing properties of room and equipment mailboxes 765
8.1.2 Converting old mailboxes to rooms 770
8.2 Helping users to use email better 771
8.2.1 Eliminating bad habits 771
8.2.2 Disclaimers 779
8.2.3 Out-of-Office Notifications 781
8.2.4 The last few bad email habits 781
xiv Contents
8.3 Customizing display templates 782
8.4 Exchange 2007 and compliance 787
8.4.1 The growing need for compliance 789
8.4.2 Transport rules 792
8.4.3 Using a rule to add disclaimer text to outgoing messages 794
8.4.4 Capturing selected messages 795
8.4.5 Becoming more complicated 797
8.4.6 Creating an ethical firewall 800
8.4.7 Transport rule storage 803
8.4.8 Rules and the shell 804
8.4.9 Journal rules 808
8.5 Messaging Record Management 815
8.5.1 Managing default folders 818
8.5.2 Managing custom folders 824
8.5.3 Allocating managed folders with policies 826
8.5.4 Applying policies to users 827
8.5.5 The Managed Folder Assistant 829
8.5.6 Logging Managed Folder activity 831
8.5.7 Using Managed Folders 833
8.5.8 Harvesting information from managed folders 835
8.6 Message classifications 837
8.6.1 Adding intelligence to classification through rules 844
8.7 Copying user mailboxes 848
8.7.1 Auditing 853
8.8 Free and busy 853
8.8.1 Looking at free and busy data 855
8.8.2 Free and busy in Exchange 2007 861
8.8.3 Changes in Outlook 2007 863
8.8.4 Cross-forest free and busy 866
9 Hardware and Performance 867
9.1 Moving toward 64-bit Exchange 867
9.2 Buying servers for Exchange 2007 870
9.3 The storage question 876
9.4 RPC pop-ups 881
9.5 Clusters and Exchange 882
9.6 Continuous replication and Exchange 2007 888
9.6.1 Concepts 889
9.7 Deploying Local Continuous Replication (LCR) 892
9.7.1 How LCR works 897
9.7.2 LCR operations 900
Contents xv
Contents
9.7.3 LCR restrictions 903
9.7.4 LCR database transition 904
9.8 Deploying Cluster Continuous Replication (CCR) 906
9.8.1 Comparing CCR and traditional clusters 910
9.8.2 CCR in practice 912
9.8.3 CCR failovers 915
9.8.4 Lost Log Resilience 919
9.8.5 The transport dumpster 921
9.8.6 Standby Continuous Replication 924
9.9 Continuous Log Replication: Good or bad? 924
9.10 Virtual Exchange 925
10 More useful things to Know about Exchange 929
10.1 Automated analysis 929
10.1.1 SSCP 932
10.1.2 Microsoft’s Release to Web (RTW) strategy 933
10.2 The Exchange Toolbox 935
10.2.1 Updates 936
10.2.2 Database Recovery Management 937
10.2.3 Database Troubleshooter 942
10.2.4 Mail Flow Troubleshooter 943
10.3 Messaging tracking logs 945
10.3.1 Generating message tracking logs 947
10.3.2 Log sizes and ages 950
10.3.3 Keeping track of message subjects 951
10.3.4 Accessing message tracking logs 951
10.3.5 Using the Troubleshooting Assistant to track messages 952
10.3.6 Tracking messages with EMS 956
10.3.7 Message delivery latency 959
10.4 Management frameworks 959
10.5 Utilities 963
10.5.1 Performance testing 963
10.5.2 The MFCMAPI utility 965
10.5.3 MDBVU32 968
10.5.4 ExMon—Exchange User Monitor 968
10.5.5 PFDavAdmin 971
10.5.6 LogParser 973
10.5.7 Outlook Spy 978
10.6 Bits and pieces 978
10.6.1 Where the Exchange team hangs out 978
10.6.2 Online Forums 979
xvi Contents
10.7 Conferences 979
10.7.1 Magazines 980
10.7.2 How Exchange uses registry keys 980
10.8 Good reference books 981
A Appendix 983
A.1 Message Tracking Log Format 983
A.2 Events noted in Message Tracking Logs 985
B Important Exchange PowerShell commands 987
B.1 Recipient management commands 987
B.2 Exchange server administrative Commands 990
B.3 Databases and Storage Groups 993
B.4 Address Lists and Email Policies 995
B.5 Queues and Messages 995
B.6 Edge Synchronization 996
B.7 Routing 997
B.8 ActiveSync 998
B.9 Public folders 999
B.10 Transport and journal rules 1000
B.11 IMAP and POP 1001
B.12 Active Directory commands 1002
B.13 Testing Exchange 2007 1003
B.14 Basic PowerShell 1004
B.15 PowerShell control commands 1005

Preface

By their very nature, every book that seeks to describe how technology works face challenges during its creation. Dealing with beta software and attempting to resolve the difference between how the software works and how the developers say it will work in the final version is a problem faced by any author, which is one reason why it is often best to wait to finalize text after you have a chance to work with released software. Looking back at this project, in some ways, this has been the hardest book of the seven that I have written about Exchange. I think that there are four reasons why this might be so. First, Exchange 2007 marks the boundary for substantial architectural change within the product, so it is similar to the degree of change that we experienced when we moved from Exchange 5.5 to Exchange 2000. Second, the nature of software is that it becomes more complex over time as the developers add new features and this is certainly true of Exchange 2007. The new features have to be considered, probed, and documented, all of which takes time. Third, the Exchange development team has done an excellent job since 2004 to document all aspects of Exchange in a more comprehensive manner than ever before.

The Exchange 2007 help file, TechNet, MSDN, and the excellent Exchange team blog at http://msexchangeteam.com/ default.aspx are interesting and productive hoards of information for authors to mine. Unfortunately, there is often too much material (a good complaint to have) and the material needs to be interpreted and analyzed in the light of your own experience with Exchange. Engineers write great blogs, but the scourge of cognitive dissonance often means that they omit some detail that makes all the difference to a newcomer in understanding why a component works the way that it does. Last but not least, you should not underestimate the degree of cultural change that Microsoft has incorporated into Exchange 2007 in the transition from a predominantly GUI-centric approach to server management to the use of the PowerShell scripting language as the basis of many management operations. The need to understand and appreciate the change has to occur before you can adequately document and describe the benefits and this increases the effort required to write the book. I must admit that it took me time to realize the full benefit of interacting with Exchange through the shell, but now I am at the point where I wonder why Microsoft never provided such a powerful interface in the past! The degree of change that exists in Exchange 2007 means that it is diffi- cult to cover everything in one book. I have therefore elected to cover the parts of Exchange that I think are of most interest to the majority of administrators and have left other components for you to discover through the material that Microsoft publishes or perhaps another book, written by me or someone else. Please accept my apology if I have not covered something that you think is important and treat this as a challenge and opportunity for you to write about the topic yourself. There are many magazines, blogs, and other ways of spreading information about Exchange. From time to time, I wander back down the path to consider some aspect of Exchange 2003. While this book is firmly focused on Exchange 2007, the vast majority of companies that will deploy Exchange 2007 will do so by migrating from Exchange 2003 and will therefore run both products alongside each other for some period. For large organizations, the period might extend to a year or more as it is unlikely that few will complete their migration to a pure Exchange 2007 environment quickly. With this in mind, it is fair and reasonable to document how things work with Exchange 2003, especially when these servers operate with Exchange 2007. So what is in the book? To set the context, Chapter 1 starts with an overview of the development of Exchange from 4.0 to 2007 and then describes the themes that Microsoft employed to focus the development priorities for Exchange 2007 and some of the changes that occur in this release. All successful deployments of Exchange since Exchange 2000 operate on a solid Active Directory foundation, so Chapter 2 reviews some of the critical intersection points between Exchange and the Active Directory including replication, the schema, and Global Catalogs. Chapter 3 goes into the basics of managing Exchange 2007 through the Exchange Management Console. Chapter 4 takes the management topic further by exploring the ins and outs of the new Exchange Management Shell, perhaps the most fundamental change to the product that Microsoft has made in Exchange 2007. Chapter 5 goes to the heart of Exchange and reviews how the Store works including topics such as databases, storage groups, and transaction logs to content indexing and backups. Chapter 6 looks at how the new transport system routes messages and includes topics such as the Edge server and anti-spam protection. Chapter 7 explains how clients from Outlook to Outlook Web Access to mobile devices allow users to work with their mailboxes. Chapter 8 then moves on to consider some elements of user management, including the important topic of compliance and records management. Chapter 9 addresses one of the more


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

70-483 Q&A / Study Guide / Videos / Testing Engine


QUESTION 1
You work as a senior developer at Certkingdom.com. The Certkingdom.com network consists of a single domain named Certkingdom.com.
You are running a training exercise for junior developers. You are currently discussing the use of
the Queue <T> collection type.
Which of the following is TRUE with regards to the Queue <T>collection type?

A. It represents a first in, first out (FIFO) collection of objects.
B. It represents a last in, first out (LIFO) collection of objects.
C. It represents a collection of key/value pairs that are sorted by key based on the associated
IComparer<T> implementation.
D. It represents a list of objects that can be accessed by index.

Answer: A

Explanation:


QUESTION 2
You work as a developer at Certkingdom.com. The Certkingdom.com network consists of a single domain named Certkingdom.com.
You have written the following code segment:
int[] filteredEmployeeIds = employeeIds.Distinct().Where(value => value !=
employeeIdToRemove).OrderByDescending(x => x).ToArray();
Which of the following describes reasons for writing this code? (Choose two.)

A. To sort the array in order from the highest value to the lowest value.
B. To sort the array in order from the lowest value to the highest value.
C. To remove duplicate integers from the employeeIds array.
D. To remove all integers from the employeeIds array.

Answer: A,C

Explanation:


QUESTION 3
You work as a senior developer at Certkingdom.com. The Certkingdom.com network consists of a single domain
named Certkingdom.com.
You are running a training exercise for junior developers. You are currently discussing the use of a
method that moves the SqlDataReader on to the subsequent record.
Which of the following is the SqlDataReader method that allows for this?

A. The Read method.
B. The Next method.
C. The Result method.
D. The NextResult method.

Answer: A

Explanation:


QUESTION 4
You work as a developer at Certkingdom.com. The Certkingdom.com network consists of a single domain named Certkingdom.com.
You have received instructions to create a custom collection for Certkingdom.com. Objects in the
collection must be processed via a foreach loop.
Which of the following is TRUE with regards to the required code?

A. The code should implement the ICollection interface.
B. The code should implement the IComparer interface.
C. The code should implement the IEnumerable interface.
D. The code should implement the IEnumerator interface.

Answer: C

Explanation:


QUESTION 5
You work as a senior developer at Certkingdom.com. The Certkingdom.com network consists of a single domain named Certkingdom.com.
You are running a training exercise for junior developers. You are currently discussing the use of LINQ queries.
Which of the following is NOT considered a distinct action of a LINQ query?

A. Creating the query.
B. Obtaining the data source.
C. Creating the data source.
D. Executing the query.

Answer: C

Explanation:


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

70-417 Q&A / Study Guide / Testing Engine / Videos


QUESTION 1
You work as a Network Administrator at Certkingdom.com. The network contains a single Active Directory
Domain Services (AD DS) domain named Certkingdom.com. The network includes servers that run
Windows Server 2008 R2 Service Pack 1 (SP1) and Windows Server 2012.
All servers in the network have Windows Remote Management (WinRM) enabled.
You use a Windows 7 Enterprise client computer named Certkingdom-Admin1.
You are currently logged in to Certkingdom-Admin1. From your client computer, you want to obtain the IP
address of a Windows Server 2012 member server named Certkingdom-File1.
Which command or commands should you use?

A. Telnet Certkingdom-File1 ipconfig.
B. NSLookup > Server Certkingdom-File1 > ipconfig
C. WinRM –r:Certkingdom-File1 ipconfig
D. WinRS –r:Certkingdom-File1 ipconfig

Answer: D

Explanation:


QUESTION 2
Your role of Network Administrator at Certkingdom.com includes the management of the Active Directory
Domain Services (AD DS) domain named Certkingdom.com. The network includes servers that run
Windows Server 2008 R2 Service Pack 1 (SP1) and Windows Server 2012.
A server named Certkingdom-Win12Admin runs Windows Server 2012. You use Certkingdom-Win12Admin to
administer the Windows Server 2012 servers in the domain.
A newly installed domain member server named Certkingdom-SRV06 runs a Server Core Installation of
Windows Server 2012.
You need to configure Certkingdom-SRV06 to enable you to use the Server Manager console on CertkingdomWin12Admin
to manage Certkingdom-Win12Admin.
How should you configure Certkingdom-SRV06?

A. You should install the Remote Server Administration Tools on Certkingdom-SRV06.
B. You should install the Server Manager console on Certkingdom-SRV06.
C. You should enable Windows Remote Management (WinRM) on Certkingdom-SRV06.
D. You should use the Enable-NetFirewallRule cmdlet to configure the firewall on Certkingdom-SRV06.

Answer: D

Explanation:


QUESTION 3
Your role of Network Administrator at Certkingdom.com includes the management of the Active Directory
Domain Services (AD DS) domain named Certkingdom.com. The network includes servers that run
Windows Server 2008 R2 Service Pack 1 (SP1) and Windows Server 2012.
A server named Certkingdom-Win12Admin runs Windows Server 2012. You use Certkingdom-Win12Admin to
administer the Windows Server 2012 servers in the domain.
You want to use Server Manager on Certkingdom-Win12Admin to manage the Window Server 2008 R2
SP1 servers in the domain.
What should you do?

A. You should run the Configure-SMRemoting.exe –Enable cmdlet on the Windows Server 2008 R2 SP1 servers.
B. You should add the computer account for Certkingdom-Win12Admin to the RAS and IAS Servers group in Active Directory.
C. You should install the Microsoft .NET Framework 4.0 and Windows Management Framework 3.0 on the Windows Server 2008 R2 SP1 servers.
D. You should install the Remote Server Administration Tools on Certkingdom-Win12Admin.

Answer: C

Explanation:


QUESTION 4
Your role of Network Administrator at Certkingdom.com includes the management of the Active Directory
Domain Services (AD DS) domain named Certkingdom.com. The network includes servers that run
Windows Server 2008 R2 Service Pack 1 (SP1) and Windows Server 2012.
A server named Certkingdom-File1 runs the File and Storage Services server role. Certkingdom-File1 hosts
shared folders on the D: drive. Users access the shared folders from their Windows 7 client
computers.
A user attempts to recover a previous version of a file in a shared folder on Certkingdom-File1 but
discovers that there is no previous versions option.
How can you ensure that users can recover files using the Previous Versions function?

A. By modifying the Share Properties of each shared folder.
B. By enabling Shadow Copies on the D: drive of Certkingdom-File1.
C. By adding a condition to the shared folders on Certkingdom-File1.
D. By modifying the settings of the Recycle Bin on Certkingdom-File1.

Answer: B

Explanation:


QUESTION 5
You work for a company named Certkingdom.com. Your role of Network Administrator includes the
management of the company’s physical and virtual infrastructure.
The network includes servers running Windows Server 2008 R2 Service Pack 1 (SP1) and
Windows Server 2012.
Virtual machines (VMs) are hosted on Windows Server 2012 servers running the Hyper-V role.
You install a new Windows Server 2012 Hyper-V host server named Certkingdom-HVHost12. CertkingdomHVHost12
has four Fiber Channel host bus adapters (HBAs) and connects to two Fiber Channel
SANs using two HBAs per SAN.
You plan to create VMs on Certkingdom-HVHost12 that will need to access one of the SANs.
How should you configure Certkingdom-HVHost12?

A. By creating a Virtual Switch in Hyper-V.
B. By installing an additional host bus adapter (HBA).
C. By creating a virtual Fiber Channel SAN in Hyper-V.
D. By creating a virtual iSCSI SAN in Hyper-V.

Answer: C

Explanation:


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

MCTS Certification Training At No. 1 Online Training Site Certkingdom.com

MCITP for Exchange Server Certification

 

The Microsoft Certified IT Professional (MCITP) certification helps validate that an individual has the comprehensive set of skills necessary to perform a particular job role, such as database administrator or enterprise messaging administrator. MCITP certifications build on the technical proficiency measured in the Microsoft Certified Technology Specialist (MCTS) certifications. Therefore, you will earn one or more MCTS certifications on your way to earning an MCITP certification

On This Page

 

MCITP: MCTS Certification Training

MCITP: MCITP Certification Training

 

 

 

 

Cisco CCNA Training, Cisco CCNA Certification

Best Microsoft Free MCTS Certification Training,Microsoft Free MCITP Certification Training at MCTS-MCITP.com

 

 

 

 

 

Enterprise Messaging Administrator 2010

 

When you earn the MCITP: Enterprise Messaging Administrator certification, you demonstrate your professional expertise in using Microsoft Exchange Server 2010 to excel in a specific job role.

 

This certification helps validate the knowledge and skills that are associated with performing as the lead engineer for messaging solutions within an enterprise organization, as well as the ability to design and deploy messaging solutions with Exchange Server 2010.

 

To achieve the MCITP: Enterprise Messaging Administrator certification, you must successfully complete exams by the best training of certkingdom.com

 

Required exams

 

Exam 70-662

TS: Microsoft Exchange Server 2010, Configuring

 

Exam 70-663

Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010

 

 

Enterprise Messaging Administrator 2007

 

When you earn the MCITP: Enterprise Messaging Administrator certification, you demonstrate your professional expertise in using Microsoft Exchange Server 2007 to excel in a specific job role.

 

This certification helps validate the knowledge and skills that are associated with performing as the lead engineer for messaging solutions within an enterprise organization, as well as the ability to design and deploy messaging solutions with Exchange Server 2007.

 

To achieve the MCITP: Enterprise Messaging Administrator certification, you must successfully complete three exams: one Microsoft Certified Technology Specialist (TS) on Microsoft Exchange Server 2007 prerequisite exam and two Professional Series (PRO) exams.

 

Required exams

 

Exam 70-236

TS: Exchange Server 2007, Configuring

 

Exam 70-237

PRO: Designing Messaging Solutions with Microsoft Exchange Server 2007

 

Exam 70-238

PRO: Deploying Messaging Solutions with Microsoft Exchange Server 2007

Go to Top