70-643:Windows Server 2008 Applications Infrastructure,Configuring 16-20

Ensurepass

16. Your company has an Active Directory domain. The company runs Terminal Services. Standard users
who connect to the Terminal Server are in the TSUsers organizational unit (OU). Administrative users are
in the TSAdmins OU. No other users connect to the Terminal Server. You need to ensure that only
members of the TSAdmins OU can run the Remote Desktop Protocol files. What should you do?
A.Create a Group Policy object (GPO) that configures the Allow .rdp files from unknown publishers policy
setting in the Remote Desktop Client Connection template to Disabled. Apply the GPO to the TSUsers
OU.
B.Create a Group Policy object (GPO) that configures the Allow .rdp files from valid publishers and users
default .rdp settings policy setting in the Remote Desktop Client Connection template to Disabled. Apply
the GPO to the TSUsers OU.
C.Create a Group Policy object (GPO) that configures the Allow .rdp files from valid publishers and users
default .rdp settings policy setting in the Remote Desktop Client Connection template to Enabled. Apply
The safer , easier way to help you pass any IT exams.
7 / 8
the GPO to the TSAdmins OU.
D.Create a Group Policy object (GPO) that configures the Specify SHA1 thumbprints of certificates
representing trusted .rdp publishers policy setting in the Remote Desktop Client Connection template to
Enabled. Apply the GPO to the TSAdmins OU.
Answer B

17. You have four Terminal Servers that run Windows Server 2008. The Terminal Servers are named
Server1, Server2, Server3, and Server4. You install the Terminal Server Session Broker role service on
Server1. You need to configure load balancing for the four Terminal Servers. You must ensure that
Server2 is the preferred server for Terminal Services sessions. Which tool should you use?
A.Group Policy Management
B.Terminal Services Configuration
C.Terminal Services Manager
D.TS Gateway Manager
Answer B

18. Your company has an Active Directory domain. The company has a server named Server1 that has
the Terminal Services server role and the TS Web Access role service installed. The company has a
server named Server2 that runs ISA Server 2006. The company deploys the Terminal Services Gateway
(TS Gateway) role on a new server named Server3. The company wants to use ISA as the SSL endpoint
for Terminal Server connections. You need to configure the TS Gateway role on Server3 to use ISA 2006
on Server2. What should you do?
A.Configure the TS Gateway to use SSL HTTPS-HTTP bridging.
B.Configure the Terminal Services Connection Authorization Policy Store on Server3 to use Server2 as
the Central Network Policy Server.
C.Export the SSL certificate from Server2 and install the SSL certificate on Server3. Configure the TS
Gateway to use the SSL certificate from Server2.
D.Export a self-signed SSL certificate from Server3 and install the SSL certificate on Server2. Configure
the ISA service on Server2 to use the SSL certificate from Server3.
Answer A

19. You have a server that runs Windows Server 2008. The server has the Web Server (IIS) server role
installed. The server contains a Web site that is configured to use only Windows Authentication. You
have a security group named Group1 that contains several user accounts. You need to prevent the
members of Group1 from accessing a Web site. You must not prevent other users from accessing the
Web site. Which Web site feature should you configure?
A.Authentication
B.Authorization Rules
C.IIS Manager Permissions
D.SSL Settings
Answer B

20. You install the Web Server (IIS) server role on two servers named Server1 and Server2. The servers
run Windows Server 2008. Your company has a Web site named www.contoso.com hosted on Server1.
The safer , easier way to help you pass any IT exams.
8 / 8
The Web site is due for maintenance. The Web content must be available during maintenance. You create
a mirror Web site located on Server2. You need to configure the www.contoso.com site to redirect
requests to Server2. What should you do first?
A.Run the appcmd set config /section.httpRedirect /enabled.true command.
B.Run the appcmd set config /section.httpRedirect /enabled.false command.
C.Run the appcmd set site /site.name.contoso /-bindings.[protocol=’http’,www.contoso.com] command.
D.Run the appcmd set site /site.name.contoso /+bindings.[protocol=’http’,www1.contoso.com] command.
Answer A
Ensurepass offers the Latest 2013 70-643 Exam PDF to pass the exams.