TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008 : 70-648 Exam
Product DescriptionExam Number/Code: 70-648
Exam Name: TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008

“TS:Upgrading MCSA on Wndws Serv 2003 to Wndws Serv 2008″, also known as 70-648 exam, is a Microsoft certification. With the complete collection of questions and answers, Pass4sure has assembled to take you through 120 Q&As to your 70-648 Exam preparation. In the 70-648 exam resources, you will cover every field and category in TS helping to ready you for your successful Microsoft Certification.

Exam news
This Microsoft Technical Specialist (TS) exam, Exam 70-648: TS: Upgrading Your MCSA on Windows Server 2003 to Windows Server 2008, Technology Specialist, became available in October 2007. This exam fulfills the Microsoft Certified Technology Specialist (MCTS) on Windows Server 2008 requirements of Exam 70-640 and Exam 70-642.

Exam topics covered
Exam 70-648 is an upgrade exam that is a composite of two stand-alone exams: 70-640 and 70-642. Exam 70-648 validates skills related to the core technology features and functionality of Windows Server 2008, from the existing knowledge base of a Microsoft Certified Systems Administrator (MCSA) on Windows Server 2003. The key topics for each source exam, plus the percentage of material per topic for each exam, are noted in the following lists. See the “Skills measured” section of this page to learn about the testing objectives of Exam 70-648.

Exam 70-640: TS: Windows Server 2008 Active Directory, Configuring

• Configuring Additional Active Directory Server Roles (11 percent)

• Maintaining the Active Directory Environment (15 percent)

• Configuring Active Directory Certificate Services (14 percent)

Exam 70-642: TS: Windows Server 2008 Network Infrastructure, Configuring

• Configuring IP Addressing and Services (24 percent)

• Configuring Network Access (22 percent)

• Monitoring and Managing a Network Infrastructure (14 percent)

Audience profile
Exam 70-648 is intended for IT professionals who currently hold an MCSA on Windows Server 2003 certification and work in the complex computing environment of mid-sized to large companies. The MCSA on Windows Server 2003 certification is a prerequisite for this exam. Without it, your transcript will show that you passed the exam but will not show credit for the resulting certifications.

You should have at least one year of experience implementing and administering a network operating system in an environment that has the following characteristics:

• 250 to 5,000 or more users

• Three or more physical locations

• Three or more domain controllers

• Network services and resources such as messaging, a database, file and print, a proxy server, a firewall, the Internet, an intranet, remote access, and client computer management

• Connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet

Credit toward certification
When you pass Exam 70-648, you complete the requirements for the following certifications:

• Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory Configuration
• Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure Configuration

The MCTS certifications you earn by passing Exam 70-648 count as credit toward the following Professional Series certifications:

• MCITP: Server Administrator
• MCITP: Enterprise Administrator

Preparation tools and resources
To help you prepare for this exam, Microsoft Learning recommends that you have hands-on experience with the product and that you use the following training resources. These training resources do not necessarily cover all of the topics listed in the “Skills measured” section.

Classroom training Microsoft E-Learning Microsoft Press books Practice tests
Course 6416: Updating your Network Infrastructure and Active Directory Technology Skills to Windows Server 2008 (five days)
Collection 5934: Introducing Windows Server 2008

Collection 6041: Upgrading Your Windows Server 2003 MCSE Technical Skills to Windows Server 2008
Introducing Windows Server 2008 (ISBN: 0-7356-2421-6)

MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server 2008, Active Directory (available April 30, 2008)

MCTS Self-Paced Training Kit (Exam 70-642): Configuring Windows Server 2008, Network Infrastructure (available May 2008)
Save 20 percent with MeasureUp
(Measureup.com)

Self Test Software
(Selftestsoftware.com)

Microsoft online resources
• Learning Plan: Get started by creating a step-by-step study guide that is based on recommended resources for this exam.

• Windows Server 2008 – Learning Portal: Find special offers and information on training and certification.

• Product information: Visit the Windows Server 2008 Web site for detailed product information.

• Microsoft Learning Community: Join newsgroups and visit community forums to connect with your peers for suggestions on training resources and advice on your certification path and studies.

• TechNet: Designed for IT professionals, this site includes how-to instructions, best practices, downloads, technical resources, newsgroups, and chats.

• MSDN: Designed for developers, the Microsoft Developer Network (MSDN) features code samples, technical articles, downloads, newsgroups, and chats.

Skills measured
This certification exam measures your ability to accomplish the following technical tasks by using Windows Server 2008. Before taking the exam, you should be proficient in the job skills listed in the following table. The table lists Official Microsoft Learning Products that may help you reach competency in the skills being tested in the exam.

Skills measured by Exam 70-648
Configuring Additional Active Directory Server Roles
Configure Active Directory Lightweight Directory Service (AD LDS).

Configure Active Directory Rights Management Service (AD RMS).

Configure the read-only domain controller (RODC).

Configure Active Directory Federation Services (ADFS).

Maintaining the Active Directory Environment
Configure backup and recovery.

Perform offline maintenance.

Monitor Active Directory.

Configuring Active Directory Certificate Services
Install Active Directory Certificate Services.

Configure CA server settings.

Manage certificate templates.

Manage enrollments.

Manage certificate revocations.

Configuring IP Addressing and Services
Configure IPv4 and IPv6 addressing.

Configure DHCP

Configure routing

Configure IPSec

Configuring Network Access
Configure remote access

Configure Network Access Protection (NAP)

Configure network authentication

Configure wireless access

Configure firewall settings

Monitoring and Managing a Network Infrastructure
Configure Windows Software Update Services (WSUS) server settings

Capture performance data

Monitor event logs

Gather network data

Question: 1
Your company has an IPv6 network. The IPv6 network has 25 segments. You deploy a server on the IPv6 network. You need to ensure that the server can communicate with systems on all
segments of the IPv6 network. What should you do?

A. Configure the IPv6 address as fd00::2b0:d0ff:fee9:4143/8. B. Configure the IPv6 address as fe80::2b0:d0ff:fee9:4143/64. C. Configure the IPv6 address as ff80::2b0:d0ff:fee9:4143/64. D. Configure the IPv6 address as 0000::2b0:d0ff:fee9:4143/64.
Answer: A Question: 2
Your company has a single Active Directory domain. All servers run Windows Server 2008. Your company uses an Enterprise Certificate Authority. Company security policy requires that revoked
certificate information be made available. You need to ensure that revoked certificate information
is highly available. What should you do?

A. Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load
Balancing.
B. Publish an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.
C. Publish the trusted certificate authorities list to the domain by using a group policy object.
D. Create a new group policy object that allows users to trust peer certificates. Link the group policy object (GPO) to the domain.
Answer: A Question: 3
Your corporate network has a member server named RAS1 that runs Windows Server 2008.
RAS1 provides Routing and Remote Access Service. The company’s remote access policy
allows members of the Domain Users group to dial in to RAS1. The company issues smart cards
to all employees to increase remote access security. You need to configure RAS1 and your
remote access policy to support the use of the smart cards for dial-up connections. What should you do?

A. Install the Network Policy Server (NPS) on the RAS1 server.
B. Create a remote access policy that requires users to authenticate by using Shiva Password
Authentication Protocol (SPAP).
C. Create a remote access policy that requires users to authenticate by using Extensible
Authentication ProtocolCTransport Layer Security (EAP-TLS).
D. Create a remote access policy that requires users to authenticate by using version 2 of the
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP v2).
Answer: C Question: 4
You deploy a Windows Server 2008 server that has routing and remote access installed. You configure the server that runs Windows Server 2008 to function as the corporate Virtual Private
Network (VPN) server. All the portable computers in your company run Microsoft Windows

2000 Professional, Microsoft Windows XP or Windows Vista. The remote users in the company use this server for domain connectivity into the company network. Confidential research data will
be transmitted from the portable computers of the remote users to the VPN server. The company security policy requires public key infrastructure (PKI) based user and computer authentication for

TK

Exam Name: TS: Upgrading MCSA on Windows Server 2003 to Windows Server 2008
Exam Type: Microsoft
Exam Code: 70-648 Total Questions: 55

Free PassGuide Practice Engine Demo Download Pass4sure offers free demos for each certification exam, including all IT vendors. You can check out the testing engine software, or pdf file question quality and usability of our practice exams before you decide to buy it. We are the only one site that offers demos for almost all IT certification exams.If you want to try p4s exam practice engine demo. http://demo.passguide.com/download

the transmission of confidential data. You need to ensure that the VPN connection meets the
security policy requirements. What should you do?

A. Create certificate-based authentication with an L2TP/IPsec policy.
B. Create a custom IPSec policy by using the Kerberos version 5 authentication protocol.
C. Create a policy by using a Pre-shared authentication for most secure data transmission.
D. Run the secedit /refreshpolicy machine_policy command at the command line of the server.
Answer: A Question: 5
Your company is deploying notebook computers that will be used to connect to the wireless network. You create a group policy and configure profiles by using the names of approved
wireless networks. You link the group policy object (GPO) to the Notebook organizational unit.
The new notebook computer users report that they cannot connect to the wireless network. You need to ensure that the group policy wireless settings are applied to the notebook computers. What should you do?

A. Run the gpupdate /boot command on the notebook computers.
B. Run the gpupdate /target:computer command on the notebook computers.
C. Connect the notebook computers to the wired network. Log off the notebook computers, and then log on again.
D. Run the Add a network that is in range of this computer wizard on the notebook computers and leave the service set identifier (SSID) blank.
Answer: C Question: 6
Your company plans to open a new branch office as a part of its Active Directory infrastructure.
Users from the engineering department have to dial in to the company network when they work at the new branch office. You create a template account for new users in the engineering
department. You need to ensure that all new user accounts in the engineering department hold the appropriate dial-in rights. What should you do?

A. Add the group membership information to the template account, and then create a connection request policy that includes the new group.
B. Add the group membership information to the template account, and then create a group policy that grants the new group local logon permissions
C. Modify the schema for the account by changing the Logon Hours to 6:00-18:00 hours Monday
through Friday.
D. Modify the schema for the group membership attribute by selecting the Index this attribute in the Active Directory check box.
Answer: A Question: 7
Your company has a single Active Directory domain. All servers run the Windows Server 2008
operating system. The company network has 10 servers that perform as Web servers. All confidential files are located on a server named FSS1. The company security policy states
that all confidential data must be transmitted in the most secure manner. You activate Encrypting File System (EFS) on the confidential files. You also add EFS certificates to the Data Decryption Field (DDF) of the confidential files for the users who want to access them. When you monitor the
network, you notice that the confidential files that are stored on the FSS1 server are being
transmitted over the network without encryption. You need to ensure that encryption is always used when the confidential files on the FSS1 server are transmitted over the network. What are

TK

Exam Name: TS: Upgrading MCSA on Windows Server 2003 to Windows Server 2008
Exam Type: Microsoft
Exam Code: 70-648 Total Questions: 55

two possible ways to achieve this goal? (Each correct answer presents a complete solution.
Choose two.)

A. Deactivate all LM and NTLM authentication methods on the FSS1 server.
B. Use IIS to publish the confidential files, activate SSL on the IIS server, and then open the files as a Web folder.
C. Use IPSec encryption between the FSS1 server and the computers of the users who want to access the confidential files.
D. Use the Server Message Block (SMB) signing between the FSS1 server and the computers of the users who want to access the confidential files.
E. Activate offline files for the confidential files that are stored on the FSS1 server. In the Folder
Advanced Properties dialog box, select the Encrypt contents to secure data option.
Answer: B, C Question: 8
Network Access Protection is configured for the corporate network. The company policy requires confidentiality of data when the data is in transit between the client computers and the servers.
Users connect their personal portable computers to the corporate network and access the network resources. You need to prevent computers that do not comply with the company policy
requirements from accessing network resources. What should you do?

A. Create an IPSec Enforcement Network policy. B. Create an 802.1X Enforcement Network policy.
C. Create a Wired Network (IEEE 802.3) Group policy.
D. Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.
Answer: A Question: 9
You company has Network Access Protection and Active Directory Certificate Services (AD CS)
deployed on the network. You set up new portable computers to connect to the company’s wireless network. The portable computers will use PEAP-MS-CHAP V2 for authentication.
You need to ensure that the portable computers can join the domain when users restart their portable computers. What should you do?

A. Run the netsh wlan export profile command on each portable computer. B. Configure each portable computer with a Bootstrap Wireless profile.
C. Configure a group policy with the Use Windows WLAN Auto Config service for clients policy setting enabled.
D. Configure a group policy with the Use Windows Wired Auto Config service for clients policy
setting disabled.
Answer: B Question: 10
Your company uses Routing and Remote Access Service (RRAS) for remote user access. The remote users’ computers are not domain members. You discover that the remote users’ computers are the source of a virus on internal member servers. You need to protect the
corporate network against viruses that are transmitted from remote users. What should you do?

A. Deploy file-level antivirus software on the RRAS server and configure automatic updates for the antivirus software.
B. Configure a network health policy to require that an antivirus application is running and that the antivirus application is up to date.

TK

Exam Name: TS: Upgrading MCSA on Windows Server 2003 to Windows Server 2008
Exam Type: Microsoft
Exam Code: 70-648 Total Questions: 55

C. Configure a network health policy to require that an anti-spyware application is running and
that the anti-spyware application is up to date.
D. Create an organizational unit for remote users. Deploy antivirus software to the organizational unit by using a group policy object (GPO).
Answer: B Question: 11
Your company has a main office and 15 branch offices. The company has a single Active
Directory domain. All servers run Windows Server 2008.
The main office network and the branch office networks are connected by using Routing and
Remote Access Servers (RRASs) at each office.
The networks will be connected by virtual private network (VPN) connections over the Internet. The companys security policy has the following requirements for VPN connections:
All data must be encrypted by using end-to-end encryption. The VPN connection must use computer-level authentication.
Usernames and passwords cannot be used for authentication.
You need to ensure that the VPN connections between the main office and the branch offices meet the requirements.
What should you do?

A. Configure an IPSec connection to use tunnel mode and preshared key authentication.
B. Configure a Point-to-Point Tunneling Protocol (PPTP) connection to use version 2 of the
Microsoft Challenge Handshake Authentication Protocol (MS-CHAP v2) authentication.
C. Configure a Layer Two Tunneling Protocol/Internet Protocol Security (L2TP/IPSec) connection
to use the Extensible Authentication ProtocolCTransport Layer Security (EAP-TLS)
authentication.
D. Configure a Layer Two Tunneling Protocol/Internet Protocol Security (L2TP/IPSec) connection
to use version 2 of the Microsoft Challenge Handshake Authentication Protocol (MS-CHAP v2)
authentication.
Answer: C Question: 12
Your company has a single Active Directory domain. The company runs an ISA 2006 server as a firewall. You set up access for users to connect through a virtual private network (VPN) service by
using Point-to-Point Tunneling Protocol (PPTP). When the users try to connect to the VPN server, the following error message is displayed: “Error 721: The remote computer is not responding.”
You need to ensure that the users can successfully establish a VPN connection. What should you
do?

A. Open up port 1423 on the firewall. B. Open up port 1723 on the firewall. C. Open up port 3389 on the firewall. D. Open up port 6000 on the firewall.
Answer: B Question: 13
Your company has Network Access Protection (NAP) configured for the corporate network with the default settings. You deploy an application to client computers that run Windows Vista. The application connects to a remote database server. The application fails on the client computers.
You discover that the anti-spyware software on the client computers is incompatible with the new
application. You disable the anti-spyware software on the client computers. The application

pass4sure 70-648

Questions and Answers : 120 Q&As Expected Date: October 23rd , 2008 Price: $135.99 $99.99 Pre-Buy price: $69.99 Save $30

Free download:pass4sure microsoft ts 70-648 v2.93
Free download:testking microsoft ts 70-648 v2.93

PassGuide provides high-quality test materials, for example, Cisco CCNA CCNP CCIE, Comptia A + NETWORK + Security +, Juniper jncia, jncis, Vmware VCP-410,certification practice exams and so on.We are committed to give full refund to candidates if they fail the exam with use of our products.And we are confident to make such a guarantee. Buy Best Practice Exam,high-quality ,100% Guarantee ,Pls contact me,Mail:Sales@passguide.com

P4S Free Downloads

Type	Exam Braindumps	New Questions & Answers	Latest Updated	Available link
	All Pass4sure's Exam Pack	858	1 days ago	Download Free Testing Engines

PassGuide Braindumps-Free Test king Help You Quick Pass Any it Certifications Exams

Click links: www.testking.la/braindumps/free/down/crack/all/testking