are updated and are verified by experts. Once you have completely prepared with our you will be ready for the real 70-640 exam without a problem. We have . PASSED First attempt! Here What I Did.

Free 70-640 Demo Online For Microsoft Certifitcation:

NEW QUESTION 1
Your network contains an Active Directory domain. The domain contains 3,000 client computers. All of the client computers run Windows 7.
Users log on to their client computers by using standard user accounts.
You plan to deploy a new application named App1.
The vendor of App1 provides a Setup.exe file to install App1. Setup.exe requires administrative rights to run.
You need to deploy App1 to all client computers. The solution must meet the following requirements:
. App1 must automatically detect and replace corrupt application files.
. App1 must be available from the Start menu on each client computer.
What should you do first?

  • A. Create a logon script that calls Setup.exe for App1.
  • B. Create a .zap fil
  • C. Create a startup script that calls Setup.exe for App1.
  • D. Repackage App1 as a Windows Installer packag

Answer: D

Explanation:
http://technet.microsoft.com/en-us/library/cc739578.aspx
Windows Installer features Diagnoses and repairs corrupted applications--An application can query Windows Installer to determine whether an installed application has missing or corrupted files. If any are detected, Windows Installer repairs the application by recopying only those files found to be missing or corrupted.

NEW QUESTION 2
Your network contains an Active Directory domain named contoso.com. You have a management computer named Computer1 that runs Windows 7.
You need to forward the logon events of all the domain controllers in contoso.com to Computer1.
All new domain controllers must be dynamically added to the subscription.
What should you do?

  • A. From Computer1, configure source-initiated event subscription
  • B. From a Group Policy object (GPO) linked to the Domain Controllers organizational unit (OU), configure the Event Forwarding nod
  • C. From Computer1, configure collector-initiated event subscription
  • D. From a Group Policy object (GPO) linked to the Domain Controllers organizational unit (OU), configure the Event Forwarding nod
  • E. From Computer1, configure source-initiated event subscription
  • F. Install a server authentication certificate on Computer1. Implement autoenrollment for the Domain Controllers organizational unit (OU).
  • G. From Computer1, configure collector-initiated event subscription
  • H. Install a server authentication certificate on Computer1. Implement autoenrollment for the Domain Controllers organizational unit (OU).

Answer: A

Explanation:
http://msdn.microsoft.com/en-us/library/windows/desktop/bb870973(v=vs.85).aspx
Setting up a Source Initiated Subscription
Source-initiated subscriptions allow you to define a subscription on an event collector computer without defining the event source computers, and then multiple remote event source computers can be set up (using a group policy setting) to forward events to the event collector computer. This differs from a collector initiated subscription because in the collector initiated subscription model, the event collector must define all the event sources in the event subscription.

NEW QUESTION 3
You are the network administrator for an organization that has all Windows Server 2008 R2 domain controllers.
You need to capture all replication errors that occur between all domain controllers.
What should you do?

  • A. Use System Performance data collector set
  • B. Use ntdsuti
  • C. Configure event log subscription
  • D. Use the ADSI Edit too

Answer: C

Explanation:
http://technet.microsoft.com/en-us/library/cc748890.aspx Configure Computers to Forward and Collect Events Before you can create a subscription to collect events on a computer, you must configure both the collecting computer (collector) and each computer from which events will be collected (source).
http://technet.microsoft.com/en-us/library/cc749183.aspx Event Subscriptions Event Viewer enables you to view events on a single remote computer. However, troubleshooting an issue might require you to examine a set of events stored in multiple logs on multiple computers. Windows Vista includes the ability to collect copies of events from multiple remote computers and store them locally. To specify which events to collect, you create an event subscription. Among other details, the subscription specifies exactly which events will be collected and in which log they will be stored locally. Once a subscription is active and events are being collected, you can view and manipulate these forwarded events as you would any other locally stored events. Using the event collecting feature requires that you configure both the forwarding and the collecting computers. The functionality depends on the Windows Remote Management (WinRM) service and the Windows Event Collector (Wecsvc) service. Both of these services must be running on computers participating in the forwarding and collecting process. http://technet.microsoft.com/en-us/library/cc961808.aspx

NEW QUESTION 4
Your network contains an Active Directory forest named contoso.com.
You plan to add a new domain named nwtraders.com to the forest.
All DNS servers are domain controllers.
You need to ensure that the computers in nwtraders.com can update their Host (A) records on any of the DNS servers in the forest.
What should you do?

  • A. Add the computer accounts of all the domain controllers to the DnsAdmins grou
  • B. Add the computer accounts of all the domain controllers to the DnsUpdateProxy grou
  • C. Create a standard primary zone on a domain controller in the forest root domai
  • D. Create an Active Directory-integrated zone on a domain controller in the forest root domai

Answer: D

NEW QUESTION 5
Your network contains an Active Directory forest. The forest schema contains a custom attribute for user objects.
You need to generate a file that contains the last logon time and the custom attribute values for each user in the forest.
What should you use?

  • A. the Get-ADUser cmdlet
  • B. the Export-CSV cmdlet
  • C. the Net User command
  • D. the Dsquery User tool

Answer: A

Explanation:
http://technet.microsoft.com/en-us/library/cc771865.aspx
Adds or modifies user accounts, or displays user account information.
DSQUERY
Explanation 1:
http://technet.microsoft.com/en-us/library/cc754232.aspx
Parameters {<StartNode> | forestroot | domainroot}
Specifies the node in the console tree where the search starts. You can specify the forest root (forestroot), domain root (domainroot), or distinguished name of a node as the start node <StartNode>. If you specify forestroot, AD DS searches by using the global catalog.
-attr {<AttributeList> | *} Specifies that the semicolon separated LDAP display names included in <AttributeList> for each entry in the result set. If you specify the value of this parameter as a wildcard character (*), this parameter displays all attributes that are present on the object in the result set. In addition, if you specify a *, this parameter uses the default output format (a list), regardless of whether you specify the -l parameter. The default <AttributeList> is a distinguished name.
Explanation 2:
http://social.technet.microsoft.com/Forums/eu/winserverDS/thread/dda5fcd6-1a10-4d47-9379-02ca38aaa5b
Give an example of how to find a user with certain attributes using Dsquery. Note that it uses domainroot as the startnode, instead of forestroot what we need.
Explanation 3:
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/c6fc3826-78e1-48fd-ab6f-690378e0f787/
List all last login times for all users, regardless of whether they are disabled.
dsquery * -filter "(&(objectCategory=user)(objectClass=user))" -limit 0 -attr givenName sn sAMAccountName
lastLogon>>c:\last_logon_for_all.txt

NEW QUESTION 6
Company has an Active Directory forest with six domains. The company has 5 sites. The company requires a new distributed application that uses a custom application directory partition named ResData for data replication.
The application is installed on one member server in five sites.
You need to configure the five member servers to receive the ResData application directory partition for data replication.
What should you do?

  • A. Run the Dcpromo utility on the five member server
  • B. Run the Regsvr32 command on the five member servers
  • C. Run the Webadmin command on the five member servers
  • D. Run the RacAgent utility on the five member servers

Answer: A

Explanation:
http://technet.microsoft.com/en-us/library/cc732887%28v=ws.10%29.aspx
Dcpromo Syntax dcpromo [/answer[:<filename>] | /unattend[:<filename>] | /unattend | /adv]
/uninstallBinaries [/CreateDCAccount | /UseExistingAccount:Attach] /? /?[:{Promotion |
CreateDCAccount | UseExistingAccount |Demotion}]dcpromo Promotion operation
parameters:
ApplicationPartitionsToReplicate:""
Specifies the application directory partitions that dcpromo will replicate. Use the following
format: "partition1" "partition2" "partitionN"
Use * to replicate all application directory partitions.

NEW QUESTION 7
Your network contains 10 domain controllers that run Windows Server 2008 R2. The network contains a member server that is configured to collect all of the events that occur on the domain controllers.
You need to ensure that administrators are notified when a specific event occurs on any of the domain controllers. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do?

  • A. From Event Viewer on the member server, create a subscriptio
  • B. From Event Viewer on each domain controller, create a subscriptio
  • C. From Event Viewer on the member server, run the Create Basic Task Wizar
  • D. From Event Viewer on each domain controller, run the Create Basic Task Wizar

Answer: C

Explanation:
http://technet.microsoft.com/en-us/library/cc748900.aspx
To Run a Task in Response to a Given Event
1. Start Event Viewer.
2. In the console tree, navigate to the log that contains the event you want to associate with a task.
3. Right-click the event and select Attach Task to This Event.
4. Perform each step presented by the Create Basic Task Wizard. In the Action step in the wizard you can decide to send an e-mail.

NEW QUESTION 8
Your network contains an Active Directory domain named contoso.com.
The domain contains an enterprise certification authority (CA).
You plan to delegate certificate enrollment for Smartcard Logon certificates to a user named User1. User1 is the member of a group named CONTOSO\DelegatedAdmins.
You need to recommend a solution to provide User1 with the ability to enroll for Smartcard Logon certificates on behalf of other domain users.
What should you include in the recommendation?

  • A. Duplicate the Smartcard Logon certificate templat
  • B. Modify the Extensions settings and the Request Handling settings of the new templat
  • C. Modify the Issuance Requirements settings and the Security settings of the Smartcard Logon certificate templat
  • D. Modify the Extensions settings and the Request Handling settings of the Smartcard Logon certificate templat
  • E. Duplicate the Smartcard Logon certificate templat
  • F. Modify the Issuance Requirements settings and the Security settings of the new templat

Answer: D

NEW QUESTION 9
The corporate network of Company consists of a Windows Server 2008 single Active Directory domain. The domain has two servers named Company 1 and Company 2.
To ensure central monitoring of events you decided to collect all the events on one server, to collect events from Company, and transfer them to Company 1.
You configure the required event subscriptions.
You selected the Normal option for the Event delivery optimization setting by using the HTTP protocol.
However, you discovered that none of the subscriptions work.
Which of the following actions would you perform to configure the event collection and event forwarding on the two servers? (Select three. Each answer is a part of the complete solution).

  • A. Run window execute the winrm quickconfig command on Company 2.
  • B. Run window execute the wecutil qc command on Company 2.
  • C. Add the Company 1 account to the Administrators group on Company 2.
  • D. Run window execute the winrm quickconfig command on Company 1.
  • E. Add the Company 2 account to the Administrators group on Company 1.
  • F. Run window execute the wecutil qc command on Company 1.

Answer: ACF

Explanation:
http://technet.microsoft.com/en-us/library/cc748890.aspx
Configure Computers to Forward and Collect Events
Before you can create a subscription to collect events on a computer, you must configure
both the collecting computer (collector) and each computer from which events will be
collected (source).
To configure computers in a domain to forward and collect events
1. Log on to all collector and source computers. It is a best practice to use a domain account with administrative privileges.
2. On each source computer, type the following at an elevated command prompt: winrm quickconfig
Note
If you intend to specify an event delivery optimization of Minimize Bandwidth or Minimize Latency, then you must also run the above command on the collector computer.
3. On the collector computer, type the following at an elevated command prompt: wecutil qc
4. Add the computer account of the collector computer to the local Administrators group on each of the source computers.
5. The computers are now configured to forward and collect events. Follow the steps in Create a New
Subscription to specify the events you want to have forwarded to the collector.

NEW QUESTION 10
DRAG DROP
Your company has a main office and a branch office. All servers are located in the main office. The network contains an Active Directory forest named adatum.com. The forest contains a domain controller named MainDC that runs Windows Server 2008 R2 Enterprise and a member server named FileServer that runs Windows Server 2008 R2 Standard.
You have a kiosk computer named Public_Computer that runs Windows 7. Public_Computer is not connected to the network.
You need to join Public_Computer to the adatum.com domain.
What should you do?
To answer, move the appropriate actions from the Possible Actions list to the Necessary Actions area and arrange them in the correct order.
70-640 dumps exhibit

    Answer:

    Explanation: 70-640 dumps exhibit

    NEW QUESTION 11
    Your company has an Active Directory domain named ad.contoso.com. The domain has two domain controllers named DC1 and DC2. Both domain controllers have the DNS server role installed.
    You install a new DNS server named DNS1.contoso.com on the perimeter network. You configure DC1 to forward all unresolved name requests to DNS1.contoso.com.
    You discover that the DNS forwarding option is unavailable on DC2.
    You need to configure DNS forwarding on the DC2 server to point to the DNS1.contoso.com server.
    Which two actions should you perform? (Each correct answer presents part of the solution.
    Choose two.)

    • A. Clear the DNS cache on DC2.
    • B. Configure conditional forwarding on DC2.
    • C. Configure the Listen On address on DC2.
    • D. Delete the Root zone on DC2.

    Answer: BD

    Explanation:
    Answer: Delete the Root zone on DC2. Configure conditional forwarding on DC2.
    http://technet.microsoft.com/en-us/library/cc754941.aspx Configure a DNS Server to Use Forwarders A forwarder is a Domain Name System (DNS) server on a network that is used to forward DNS queries for external DNS names to DNS servers outside that network. You can also configure your server to forward queries according to specific domain names using conditional forwarders. http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/0ca38ece-d76e-42f0-85d5-a342f9e169f5/ Deleting .root dns zone in 2008 DNS
    Q: We have 2 domain controllers and .root zone is created in the DNS. Due to which the external name resolution is not possible. I had tried to add conditional forwarders but i get an error saying that conditional forwarders cannot be created on root DNS servers. A 1: If you have a "root" zone created in your DNS, and you no longer want that configuration, you can just simply delete that zone. There is no reason to have a root "." zone hosted unless you want to make sure that the DNS server is authoritative for all queries and not allow the DNS server to go elsewhere for name resolution.
    If you delete this zone, the DNS server will be able to use its root hints, or fowarders to resolve queries for zones its not authoritative for. A 2: That was from the old 2000 days where DCPROMO would create it if it detected no internet access while promoting the first DC. Jut remove it, and the Forwarders option reappear.
    Further information: http://support.microsoft.com/kb/298148
    How To Remove the Root Zone (Dot Zone)
    http://technet.microsoft.com/en-us/library/cc731879%28v=ws.10%29.aspx
    Reviewing DNS Concepts Delegation For a DNS server to answer queries about any name, it must have a direct or indirect path to every zone in the namespace. These paths are created by means of delegation. A delegation is a record in a parent zone that lists a name server that is authoritative for the zone in the next level of the hierarchy. Delegations make it possible for servers in one zone to refer clients to servers in other zones. The following illustration shows one example of delegation.
    70-640 dumps exhibit
    C:\Documents and Settings\usernwz1\Desktop\1.PNG
    The DNS root server hosts the root zone represented as a dot ( . ). The root zone contains a delegation to a zone in the next level of the hierarchy, the com zone. The delegation in the root zone tells the DNS root server that, to find the com zone, it must contact the Com server. Likewise, the delegation in the com zone tells the Com server that, to find the contoso.com zone, it must contact the Contoso server. Note: A delegation uses two types of records. The name server (NS) resource record provides the name of an authoritative server. Host (A) and host (AAAA) resource records provide IP version 4 (IPv4) and IP version 6 (IPv6) addresses of an authoritative server. This system of zones and delegations creates a hierarchical tree that represents the DNS namespace. Each zone represents a layer in the hierarchy, and each delegation represents a branch of the tree. By using the hierarchy of zones and delegations, a DNS root server can find any name in the DNS namespace. The root zone includes delegations that lead directly or indirectly to all other zones in the hierarchy. Any server that can query the DNS root server can use the information in the delegations to find any name in the namespace.

    NEW QUESTION 12
    A corporate network includes an Active Directory-integrated zone. All DNS servers that host the zone are domain controllers.
    You add multiple DNS records to the zone.
    You need to ensure that the new records are available on all DNS servers as soon as possible.
    Which tool should you use?

    • A. Repadmin
    • B. Active Directory Domains and Trusts console
    • C. Ldp
    • D. Ntdsutil

    Answer: A

    Explanation:
    http://technet.microsoft.com/en-us/library/cc811569.aspx
    Forcing Replication
    Sometimes it becomes necessary to forcefully replicate objects and entire partitions
    between domain controllers that may or may not have replication agreements.
    Force a replication event with all partners
    The repadmin /syncall command synchronizes a specified domain controller with all
    replication partners.
    Syntax
    repadmin /syncall <DC> [<NamingContext>] [<Flags>]
    Parameters <DC> Specifies the host name of the domain controller to synchronize with all
    replication partners.
    <NamingContext>
    Specifies the distinguished name of the directory partition.
    <Flags>
    Performs specific actions during the replication.

    NEW QUESTION 13
    Your network contains an Active Directory domain named adatum.com. All servers run Windows Server 2008 R2.
    The network contains an enterprise certification authority (CA).
    You need to ensure that all of the members of a group named Managers can view the event log entries for Certificate Services.
    Which snap-in should you use?

    • A. Active Directory Administrative Center
    • B. Authorization Manager
    • C. Certificate Templates
    • D. Certificates
    • E. Certification Authority
    • F. Enterprise PKI
    • G. Group Policy Management
    • H. Security Configuration Wizard
    • I. Share and Storage Management

    Answer: G

    Explanation: We can make the Group1 group a member of theEvent Log Readers Group
    , giving them read access to all event logs, thus including the Certificate Services events.
    We can do that by usingGroup Policy Management.
    Explanation 1:
    It's a bit hard to find some good, clear Explanation for this. There's nothing wrong with doing it
    yourself, so here's what I did in VMWare, using a domain controller and a member server.
    Click along if you want!
    In VMWare I have setup a domain controller, DC01 and a member server MEM01, both
    belonging to the contoso.com domain. I have placed MEM01 in an OU named Events. I
    have created a global security group, named TESTGROUP, and I want to make it a member of the built-in Event Log Readers group on MEM01.
    Start the Group Policy Management console on DC01.
    Right-click the Events OU and choose "Create a GPO in this domain, and Link it
    here..."
    I named the GPO "EventLog_TESTGROUP"
    Right-click the "EventLog_TESTGROUP" GPO and choose "Edit..."
    Go to Computer Configuration \ Policies\ Windows Settings \ Security Settings and
    select "Restricted Groups"
    Right-click "Restricted Groups" and choose "Add Group..."
    Now there are two ways to do this. We can select TESTGROUP and make it a
    member of the Event Log Readers group, or we can select the Event Log Readers
    group and add TESTGROUP as a member. Let's do the second one. Click the
    Browse button and go find the Event Log Readers group. Click OK.
    Click the Browse button next to "Members of this group", search for the
    TESTGROUP group and add it.
    Click OK.
    10. On MEM01 open a command prompt and rungpupdate /force.
    Check the Event Log Readers group properties and see that the TESTGROUP
    group is now a member.
    Explanation 2: http://blogs.technet.com/b/janelewis/archive/2010/04/30/giving-non-administrators-permission-to-read-event-logs-windows-2003-and-windows-2008.aspx
    Giving Non Administrators permission to read Event Logs Windows 2003 and Windows 2008
    So if you want to give Non-Administrator users access remotely to Event logs if the Servers or Domain Controllers they are accessing are Windows 2003 follow the steps below.
    (...)
    Windows 2008 is much easier as long as you are giving the users and groups in question read access to all event logs. If that is the case just add them to the Built inEvent Log Readers group.

    NEW QUESTION 14
    Your network contains two Active Directory forests. One forest contains two domains named contoso.com and na.contoso.com. The other forest contains a domain named nwtraders.com. A forest trust is configured between the two forests.
    You have a user named User1 in the na.contoso.com domain. User1 reports that he fails to log on to a computer in the nwtraders.com domain by using the user name NA\User1.
    Other users from na.contoso.com report that they can log on to the computers in the nwtraders.com domain.
    You need to ensure that User1 can log on to the computer in the nwtraders.com domain.
    What should you do?

    • A. Enable selective authentication over the forest trus
    • B. Create an external one-way trust from na.contoso.com to nwtraders.co
    • C. Instruct User1 to log on to the computer by using his user principal name (UPN).
    • D. Instruct User1 to log on to the computer by using the user name nwtraders\User1.

    Answer: C

    Explanation:
    http://apttech.wordpress.com/2012/02/29/what-is-upn-and-why-to-use-it/
    What is UPN and why to use it?
    UPN or User Principal Name is a logon method of authentication when you enter the
    credentials as username@domainname.com instead of Windows authentication method:
    domainname\username to be used as login.
    So UPN is BASICALLY a suffix that is added after a username which can be used in place
    of “Samaccount” name to authenticate a user. So lets say your company is called ABC,
    then instead of ABC\Username you can use username@ABC.com at the authentication
    popup. The additional UPN suffix can help users to simplify the logon information in long domain names with an easier name. Example: instead of username@this.is.my.long.domain.name.in.atlanta.com”, change it to “username@atlanta”, if you create an UPN suffix called Atlanta. http://blogs.technet.com/b/mir/archive/2011/06/12/accessing-resources-across-forest-and-achieve-single-signon-part1.aspx Accessing Resources across forest and achieve Single Sign ON (Part1) http://technet.microsoft.com/en-us/library/cc772808%28v=ws.10%29.aspx Accessing resources across forests
    When a forest trust is first established, each forest collects all of the trusted namespaces in its partner forest and stores the information in a TDO. Trusted namespaces include domain tree names, user principal name (UPN) suffixes, service principal name (SPN) suffixes, and security ID (SID) namespaces used in the other forest. TDO objects are replicated to the global catalog.

    NEW QUESTION 15
    Your network contains an Active Directory domain.
    The password policy for the domain is configured as shown in the Current Policy exhibit, (Click the Exhibit button.)
    70-640 dumps exhibit
    You change the password policy for the domain as shown in the New Policy exhibit. (Click the Exhibit button.)
    70-640 dumps exhibit
    You need to provide users with examples of a valid password.
    Which password examples should you provide to the users? (Each correct answer presents a complete solution. Choose three.)

    • A. 123456!@#$%^
    • B. !@#$1234ABCD
    • C. passwordl234
    • D. 1-2-3-4-5-a-b-c-e
    • E. %%PASS1234%%
    • F. 111111aaaaaaa

    Answer: BDE

    Explanation:
    http://technet.microsoft.com/en-us/library/cc786468.aspx
    Passwords must meet complexity requirements
    This security setting determines whether passwords must meet complexity requirements. Complexity requirements are enforced when passwords are changed or created.
    If this policy is enabled, passwords must meet the following minimum requirements when they are changed or created:
    1. Passwords must not contain the user's entire samAccountName (Account Name) value or entire displayName (Full Name) value.
    2. Passwords must contain characters from three of the following five categories:
    Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
    Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
    Base 10 digits (0 through 9)
    Nonalphanumeric characters:~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase.
    This includes Unicode characters from Asian languages.

    NEW QUESTION 16
    Add the location of the Online Responder or OCSP responder to the authority information access extension on the CA.

      Answer:

      NEW QUESTION 17
      You need to compact an Active Directory database on a domain controller that runs Windows Server 2008 R2.
      What should you do?

      • A. Run defrag.exe /a /
      • B. Run defrag.exe /c /
      • C. From Ntdsutil, use the Files optio
      • D. From Ntdsutil, use the Metadata cleanup optio

      Answer: C

      Explanation:
      Explanation 1:
      http://technet.microsoft.com/en-us/library/cc794920.aspx
      Compact the Directory Database File (Offline Defragmentation)
      You can use this procedure to compact the Active Directory database offline. Offline
      defragmentation returns free disk space in the Active Directory database to the file system.
      As part of the offline defragmentation procedure, check directory database integrity.
      Performing offline defragmentation creates a new, compacted version of the database file in a different location.
      Explanation 2: Mastering Windows Server 2008 R2 (Sybex, 2010) page 805 Performing Offline Defragmentation of Ntds.dit These steps assume that you will be compacting the Ntds.dit file to a local folder. If you plan to defragment and compact the database to a remote shared folder, map a drive letter to that shared folder before you begin these steps, and use that drive letter in the path where appropriate.
      1. Open an elevated command prompt. Click Start, and then right-click Command Prompt. Click Run as Administrator.
      2. Type ntdsutil, and then press Enter.
      3. Type Activate instance NTDS, and press Enter.
      4. At the resulting ntdsutil prompt, type Files (case sensitive), and then press Enter.
      5. At the file maintenance prompt, type compact to followed by the path to the destination folder for the defragmentation, and then press Enter.

      NEW QUESTION 18
      Your network contains an Active Directory forest. The functional level of the forest is Windows Server 2008 R2.
      Your company's corporate security policy states that the password for each user account must be changed at least every 45 days.
      You have a user account named Service1. Service1 is used by a network application named Application1.
      Every 45 days, Application1 fails.
      After resetting the password for Service1, Application1 runs properly. You need to resolve the issue that causes Application1 to fail. The solution must adhere to the corporate security policy.
      What should you do?

      • A. Run the cmdle
      • B. Run the Set-ADServiceAccount cmdle
      • C. Create a new password polic
      • D. Create a new Password Settings object (PSO).

      Answer: B

      Explanation:
      http://technet.microsoft.com/en-us/library/ee617252.aspx Set-ADServiceAccount Syntax Set-ADServiceAccount [-Identity] <ADServiceAccount> [-AccountExpirationDate <System.Nullable[System.DateTime]>] [-AccountNotDelegated <System.Nullable[bool]>] [-Add <hashtable>] [-Certificates<string[]>] [-Clear <string[]>] [-Description <string>] [-DisplayName <string>] [-Enabled <System.Nullable[bool]>] [-HomePage <string>] [-Remove <hashtable>] [-Replace <hashtable>] [-SamAccountName <string>] [-ServicePrincipalNames <hashtable>] [-TrustedForDelegation <System.Nullable[bool]>] [-AuthType{<Negotiate> | <Basic>}] [-Credential <PSCredential>] [-Partition <string>] [-PassThru <switch>] [-Server<string>] [-Confirm] [-WhatIf] [<CommonParameters>]Detailed Description The Set-ADServiceAccount cmdlet modifies the properties of an Active Directory service account. You can modify commonly used property values by using the cmdlet parameters. Property values that are not associated with cmdlet parameters can be modified by using the Add, Replace, Clear and Remove parameters. The Identity parameter specifies the Active Directory service account to modify. You can identify a service account by its distinguished name (DN), GUID, security identifier (SID), or Security Accounts Manager (SAM) account name. You can also set the Identity parameter to an object variable such as $<localServiceAccountObject>, or you can pass an object through the pipeline to the Identity parameter. For example, you can use the Get-ADServiceAccount cmdlet to retrieve a service account object and then pass the object through the pipeline to the Set-ADServiceAccount cmdlet. The Instance parameter provides a way to update a service account object by applying the changes made to a copy of the object. When you set the Instance parameter to a copy of an Active Directory service account object that has been modified, the Set-ADServiceAccount cmdlet makes the same changes to the original service account object. To get a copy of the object to modify, use the Get-ADServiceAccount object. When you specify the Instance parameter you should not pass the Identity parameter. For more
      information about the Instance parameter, see the Instance parameter description.

      NEW QUESTION 19
      DRAG DROP
      A server named DC1 has the Active Directory Domain Services (AD DS) role and the Active DirectoryLightweight Directory Services (AD LDS) role installed.
      An AD LDS instance named LDS1 stores its data on the C: drive.
      You need to relocate the LDS1 instance to the D: drive.
      Which three actions should you perform in sequence?(To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
      70-640 dumps exhibit

        Answer:

        Explanation: 70-640 dumps exhibit

        P.S. 2passeasy now are offering 100% pass ensure 70-640 dumps! All 70-640 exam questions have been updated with correct answers: https://www.2passeasy.com/dumps/70-640/ (631 New Questions)