Free Pass4sure Download: Leading the way in studying IT certifications

TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008 : 70-648 Exam

Exam Number/Code: 70-648
Exam Name: TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008

“TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008″, also known as 70-648 exam, is a Microsoft certification. With the complete collection of questions and answers Q&as with Expert Explanations, Pass4sure has assembled to take you through 120 Q&As to your 70-648 Exam preparation. In the 70-648 exam resources, you will cover every field and category in TS helping to ready you for your successful Microsoft Certification.

Question: 1
Your company has an IPv6 network. The IPv6 network has 25 segments. You deploy a server on the IPv6 network. You need to ensure that the server can communicate with systems on all
segments of the IPv6 network. What should you do?

A. Configure the IPv6 address as fd00::2b0:d0ff:fee9:4143/8. B. Configure the IPv6 address as fe80::2b0:d0ff:fee9:4143/64. C. Configure the IPv6 address as ff80::2b0:d0ff:fee9:4143/64. D. Configure the IPv6 address as 0000::2b0:d0ff:fee9:4143/64.
Answer: A Question: 2
Your company has a single Active Directory domain. All servers run Windows Server 2008. Your company uses an Enterprise Certificate Authority. Company security policy requires that revoked
certificate information be made available. You need to ensure that revoked certificate information
is highly available. What should you do?

A. Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load
Balancing.
B. Publish an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.
C. Publish the trusted certificate authorities list to the domain by using a group policy object.
D. Create a new group policy object that allows users to trust peer certificates. Link the group policy object (GPO) to the domain.
Answer: A Question: 3
Your corporate network has a member server named RAS1 that runs Windows Server 2008.
RAS1 provides Routing and Remote Access Service. The company’s remote access policy
allows members of the Domain Users group to dial in to RAS1. The company issues smart cards
to all employees to increase remote access security. You need to configure RAS1 and your
remote access policy to support the use of the smart cards for dial-up connections. What should you do?

A. Install the Network Policy Server (NPS) on the RAS1 server.
B. Create a remote access policy that requires users to authenticate by using Shiva Password
Authentication Protocol (SPAP).
C. Create a remote access policy that requires users to authenticate by using Extensible
Authentication ProtocolCTransport Layer Security (EAP-TLS).
D. Create a remote access policy that requires users to authenticate by using version 2 of the
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP v2).
Answer: C Question: 4
You deploy a Windows Server 2008 server that has routing and remote access installed. You configure the server that runs Windows Server 2008 to function as the corporate Virtual Private
Network (VPN) server. All the portable computers in your company run Microsoft Windows

2000 Professional, Microsoft Windows XP or Windows Vista. The remote users in the company use this server for domain connectivity into the company network. Confidential research data will
be transmitted from the portable computers of the remote users to the VPN server. The company security policy requires public key infrastructure (PKI) based user and computer authentication for

the transmission of confidential data. You need to ensure that the VPN connection meets the
security policy requirements. What should you do?

A. Create certificate-based authentication with an L2TP/IPsec policy.
B. Create a custom IPSec policy by using the Kerberos version 5 authentication protocol.
C. Create a policy by using a Pre-shared authentication for most secure data transmission.
D. Run the secedit /refreshpolicy machine_policy command at the command line of the server.
Answer: A Question: 5
Your company is deploying notebook computers that will be used to connect to the wireless network. You create a group policy and configure profiles by using the names of approved
wireless networks. You link the group policy object (GPO) to the Notebook organizational unit.
The new notebook computer users report that they cannot connect to the wireless network. You need to ensure that the group policy wireless settings are applied to the notebook computers. What should you do?

A. Run the gpupdate /boot command on the notebook computers.
B. Run the gpupdate /target:computer command on the notebook computers.
C. Connect the notebook computers to the wired network. Log off the notebook computers, and then log on again.
D. Run the Add a network that is in range of this computer wizard on the notebook computers and leave the service set identifier (SSID) blank.
Answer: C Question: 6
Your company plans to open a new branch office as a part of its Active Directory infrastructure.
Users from the engineering department have to dial in to the company network when they work at the new branch office. You create a template account for new users in the engineering
department. You need to ensure that all new user accounts in the engineering department hold the appropriate dial-in rights. What should you do?

A. Add the group membership information to the template account, and then create a connection request policy that includes the new group.
B. Add the group membership information to the template account, and then create a group policy that grants the new group local logon permissions
C. Modify the schema for the account by changing the Logon Hours to 6:00-18:00 hours Monday
through Friday.
D. Modify the schema for the group membership attribute by selecting the Index this attribute in the Active Directory check box.
Answer: A Question: 7
Your company has a single Active Directory domain. All servers run the Windows Server 2008
operating system. The company network has 10 servers that perform as Web servers. All confidential files are located on a server named FSS1. The company security policy states
that all confidential data must be transmitted in the most secure manner. You activate Encrypting File System (EFS) on the confidential files. You also add EFS certificates to the Data Decryption Field (DDF) of the confidential files for the users who want to access them. When you monitor the
network, you notice that the confidential files that are stored on the FSS1 server are being
transmitted over the network without encryption. You need to ensure that encryption is always used when the confidential files on the FSS1 server are transmitted over the network. What are

two possible ways to achieve this goal? (Each correct answer presents a complete solution.
Choose two.)

A. Deactivate all LM and NTLM authentication methods on the FSS1 server.
B. Use IIS to publish the confidential files, activate SSL on the IIS server, and then open the files as a Web folder.
C. Use IPSec encryption between the FSS1 server and the computers of the users who want to access the confidential files.
D. Use the Server Message Block (SMB) signing between the FSS1 server and the computers of the users who want to access the confidential files.
E. Activate offline files for the confidential files that are stored on the FSS1 server. In the Folder
Advanced Properties dialog box, select the Encrypt contents to secure data option.
Answer: B, C Question: 8
Network Access Protection is configured for the corporate network. The company policy requires confidentiality of data when the data is in transit between the client computers and the servers.
Users connect their personal portable computers to the corporate network and access the network resources. You need to prevent computers that do not comply with the company policy
requirements from accessing network resources. What should you do?

A. Create an IPSec Enforcement Network policy. B. Create an 802.1X Enforcement Network policy.
C. Create a Wired Network (IEEE 802.3) Group policy.
D. Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.
Answer: A Question: 9
You company has Network Access Protection and Active Directory Certificate Services (AD CS)
deployed on the network. You set up new portable computers to connect to the company’s wireless network. The portable computers will use PEAP-MS-CHAP V2 for authentication.
You need to ensure that the portable computers can join the domain when users restart their portable computers. What should you do?

A. Run the netsh wlan export profile command on each portable computer. B. Configure each portable computer with a Bootstrap Wireless profile.
C. Configure a group policy with the Use Windows WLAN Auto Config service for clients policy setting enabled.
D. Configure a group policy with the Use Windows Wired Auto Config service for clients policy
setting disabled.
Answer: B Question: 10
Your company uses Routing and Remote Access Service (RRAS) for remote user access. The remote users’ computers are not domain members. You discover that the remote users’ computers are the source of a virus on internal member servers. You need to protect the
corporate network against viruses that are transmitted from remote users. What should you do?

A. Deploy file-level antivirus software on the RRAS server and configure automatic updates for the antivirus software.
B. Configure a network health policy to require that an antivirus application is running and that the antivirus application is up to date.

C. Configure a network health policy to require that an anti-spyware application is running and
that the anti-spyware application is up to date.
D. Create an organizational unit for remote users. Deploy antivirus software to the organizational unit by using a group policy object (GPO).
Answer: B Question: 11
Your company has a main office and 15 branch offices. The company has a single Active
Directory domain. All servers run Windows Server 2008.
The main office network and the branch office networks are connected by using Routing and
Remote Access Servers (RRASs) at each office.
The networks will be connected by virtual private network (VPN) connections over the Internet. The companys security policy has the following requirements for VPN connections:
All data must be encrypted by using end-to-end encryption. The VPN connection must use computer-level authentication.
Usernames and passwords cannot be used for authentication.
You need to ensure that the VPN connections between the main office and the branch offices meet the requirements.
What should you do?

A. Configure an IPSec connection to use tunnel mode and preshared key authentication.
B. Configure a Point-to-Point Tunneling Protocol (PPTP) connection to use version 2 of the
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP v2) authentication.
C. Configure a Layer Two Tunneling Protocol/Internet Protocol Security (L2TP/IPSec) connection
to use the Extensible Authentication ProtocolCTransport Layer Security (EAP-TLS)
authentication.
D. Configure a Layer Two Tunneling Protocol/Internet Protocol Security (L2TP/IPSec) connection
to use version 2 of the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP v2)
authentication.
Answer: C Question: 12
Your company has a single Active Directory domain. The company runs an ISA 2006 server as a firewall. You set up access for users to connect through a virtual private network (VPN) service by
using Point-to-Point Tunneling Protocol (PPTP). When the users try to connect to the VPN server, the following error message is displayed: “Error 721: The remote computer is not responding.”
You need to ensure that the users can successfully establish a VPN connection. What should you
do?

A. Open up port 1423 on the firewall. B. Open up port 1723 on the firewall. C. Open up port 3389 on the firewall. D. Open up port 6000 on the firewall.
Answer: B Question: 13
Your company has Network Access Protection (NAP) configured for the corporate network with the default settings. You deploy an application to client computers that run Windows Vista. The application connects to a remote database server. The application fails on the client computers.
You discover that the anti-spyware software on the client computers is incompatible with the new
application. You disable the anti-spyware software on the client computers. The application

Pass4sure 70-648 2.93
Questions and Answers : 120 Q&As
Expected Date: October 23rd , 2008
Price: $135.99 $99.99

Free Down: Pass4sure Microsoft 70-648 2.93
Free Down: PassGuide microsoft 70-648 2.93

Download Latest Passforsure P4S Rapidshare links

1. Free Pass4sure Microsoft MB3-127 2.83 Download
2. Free Pass4sure Microsoft TS 70-504(CSharp) 2. 83 Download
3. Free Pass4sure Microsoft MCDP 70-549(CSharp) 2. 83 Download
4. Free Pass4sure Microsoft MCSA 70-218 2.83 Download
5. Free Pass4sure Microsoft MCAD 70-552(VB) 2. 93 Download
6. Free Pass4sure Microsoft MCDP 70-547(VB) 2. 93 Download
7. Free Pass4sure Microsoft MB5-181 2.83 Download
8. Free Pass4sure Microsoft TS 70-639 2.73 Download
9. Free Pass4sure Microsoft TS 70-543(CSharp) 2. 83 Download
10. Free Pass4sure Microsoft MCSE 070-214 2.73 Download
11. Free Pass4sure Microsoft TS 70-503(VB) 2. 93 Download
12. Free Pass4sure Microsoft TS 70-541(CSharp) 2. 95 Download
13. Free pass4sure Microsoft MCSE 70-299 2.93 Download
14. Free Pass4sure Microsoft TS 70-656 2.73 Download
15. Free Pass4sure Microsoft TS 70-643 2.93 Download