Skip to content

MCTS KEY

MCTS Training, MCTS Certification exams Training at MCTSKYEY.com

Archive

Category: MCITP

Published: November 20, 2009
Languages: English
Audiences: IT professionals
Technology: Windows 7
Credit toward certification: MCP, Specialist, MCITP

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Planning and managing a client life cycle strategy (16%)
Plan and manage client licensing and activation

Applications and operating systems; activation method; KMS vs. MAK; prerequisites; choosing a SKU; licensing infrastructure; licensing compliance audits; inventory audits; virtualization licensing considerations; making recommendations for licensing strategy and compliance

Plan and manage software updates

Application updates and operating system updates; evaluating and approving software updates; enterprise applications; designing an update strategy; choosing an update tool; planning and deploying a service pack; schedule considerations; network considerations; test updates; auditing for security compliance

Plan and manage a physical hardware and virtualization strategy

Analyzing existing hardware environment; determining which systems meet minimum requirements; tradeoffs of physical vs. VDI environment; network load considerations; disk space; direct connection vs. brokered connection; determining a VHD strategy; choosing 32 bit vs. 64 bit

Preparation resources
Licensing and volume activation
Application management and preparing for a Windows 7 deployment
Microsoft desktop virtualization strategy and product offerings

Designing a standard image (17%)

Design an image creation strategy

Identifying operating system and enterprise applications that will be included with the standard image; thick, thin, or hybrid; role-based or geographic-based images vs. single core image; image localization

Design a custom image

Identifying applications to be installed; identifying features and components to be enabled or disabled; testing the customized image

Define an image update strategy

Performance optimization; security considerations; efficiency; offline servicing vs. online or post-image updates; re-creating; recapturing

Preparation resources
Choosing an image strategy and building Windows 7 system images
Phase 3: Preparing and customizing your Windows image
Phase 5: Managing and servicing your Windows image

Designing client configurations (17%)
Design standard system settings

Choosing methods, including logon scripts, startup scripts, and Group Policy; designing profiles; designing error reporting; designing audit policy

Define client security standards

Application control policies; encryption; stopping unnecessary services; designing firewall rules; defining anti-malware settings; changes to Kerberos and NTLM; configuring user rights; defining UAC policy; designing a security template for system lockdown; defining account policies; designing security standards for removable storage

Define Windows Internet Explorer settings

Defining security zones; cache location; branding; in-private mode; restricting or allowing plug-ins; add-ons; privacy policy; browser protected mode

Preparation resources
Local Group Policy editor
Windows Firewall with Advanced Security design guide
Change Internet Explorer security settings

Designing a Windows 7 client deployment (15%)

Analyze the environment and choose appropriate deployment methods

Building the infrastructure; advantages of lite-touch vs. zero-touch vs. local install; capacity and scale considerations; determining required changes to the infrastructure

Design a lite-touch deployment strategy

Unicast vs. multicast; auto-cast vs. scheduled-cast; staggered deployment; scheduling considerations; network load considerations; choosing a client boot method for deployment; unattended answer files; restricting who can receive images; choosing a delivery mechanism

Design a zero-touch deployment strategy

Designing and configuring task sequencing; unattended answer files; scheduling considerations; staggered deployment; network load considerations; restricting who can receive images

Design a user state migration strategy

Determining which user data and settings to preserve; local vs. remote storage considerations; determining mitigation plan for non-migrated applications; securing migrated data; testing designed strategy; wipe-and-load migration vs. side-by-side migration

Preparation resources
Choose the right Microsoft deployment tool
Lite-Touch, High-Volume Deployment
Zero-Touch, High-Volume Deployment

Designing application packages for deployment (17%)
Design a delivery or deployment strategy

Auditing for prerequisites and minimum requirements; choosing a deployment method such as virtualized, Remote Desktop Services, Group Policy, or software distribution; server-based or client-based install; scheduling considerations; staggered deployment; network considerations; package creation standards

Manage application compatibility

Testing incompatibility; choosing a method for resolving incompatibility, such as upgrading, Remote Desktop Services, shim, or VDI; auditing incompatible software

Preparation resources
Choosing a deployment strategy
Application compatibility
Application compatibility for Windows 7: Unlocking the power of Application Shims

Identifying and resolving deployment and client configuration issues (19%)

Identify and resolve Internet Explorer issues

Security zones; Web applications; advanced settings; Group Policy restrictions; certificates

Identify and resolve Group Policy issues

Delegation; inheritance; policies are not effective; blocking; permissions; loopback processing; user vs. computer settings; filtering; performance

Identify and resolve networking issues

Wireless; remote access; VPN; certificates; performance; IP communication; Windows Firewall

Identify and resolve authentication and authorization issues

User rights; distinguishing between client-based and server-based issues; time synchronization (Kerberos)

Preparation resources
Troubleshooting
Windows Firewall with Advanced Security troubleshooting guide: Diagnostics and tools
Windows 7: Troubleshooting and support


QUESTION 1
You are planning to upgrade Internet Explorer. You have the following requirements:
* Create a report that identifies which computers are successfully upgraded.
* Do not install additional software on the client computers.
You need to design a deployment method that meets the requirements. What should you do?

A. Use Windows Server Update Services (WSUS).
B. Use Internet Explorer Administration Kit (IEAK) and Group Policy.
C. Use Microsoft System Center Configuration Manager.
D. Use Microsoft System Center Essentials.

Answer: A


QUESTION 2
Your company has a single Active Directory Domain Services (AD DS) domain with Windows Server
2008 R2 member servers and 1,000 Windows 7 client computers. You are designing the
deployment of a custom application. You have the following requirements:
* The application must be available to only users who need it.
* Minimize network traffic during deployment.
You need to design a deployment strategy that meets the requirements. Which deployment
method should you use?

A. Microsoft Application Virtualization (App-V)
B. Microsoft System Center Configuration Manager 2007
C. RemoteApp and Desktop Connections
D. software installation in Group Policy

Answer: C


QUESTION 3
Your network consists of an Active Directory Domain Services (AD DS) forest with 1,000 client
computers that run Windows XP. Nine hundred of the computers are on the local area network.
One hundred computers are portable computers that connect to the main office only once every
few months. You are planning to deploy Windows 7. You need to generate a report of the software
that is installed on all client computers. You need this information as soon as possible. What should
you use?

A. Microsoft System Center Data Protection Manager
B. Microsoft Desktop Optimization Pack
C. Microsoft System Center Essentials
D. Microsoft System Center Operations Manager

Answer: B


QUESTION 4
Your network has client computers that run Windows Vista. You are planning to deploy Windows
7. You need to detect and analyze the compatibility of an application that requires elevated
privileges. What should you do?

A. Use the Standard User Analyzer (SUA) Wizard.
B. Run a virtual version of the Setup Analysis Tool (SAT).
C. Use the Standard User Analyzer (SUA) tool.
D. Run a stand-alone version of the Setup Analysis Tool (SAT).

Answer: C


QUESTION 5
Your company’s network has client computers that run Windows 7. Multiple users share the
computers in the shipping department. These computers reside in the Shipping Computers
organizational unit (OU). The company wants to deploy a new application. The application is not
packaged. You have the following requirements:
* Deploy the application to all computers in the shipping department.
* Perform the deployment from a central location.
You need to plan the software deployment process to meet the requirements. Which two actions
should you include in the process? (Each correct answer presents part of the solution. Choose two.)

A. Using Microsoft System Center Configuration Manager, create a collection that contains the
shipping department computers, and assign the package to the collection.
B. Create a package by using Microsoft System Center Configuration Manager.
C. Create a Group Policy object (GPO) and add a software installation policy under the Computer
Configuration container.
D. In the Group Policy Management Console, link the software installation policy to the Shipping
Computers OU.
E. Using Microsoft System Center Configuration Manager, create a collection that contains the
shipping department users, and assign the package to the collection.

Answer: A,B

Click here to view complete Q&A of 70-686 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-686 Training at certkingdom.com

Published: March 6, 2008
Languages: English, German, Japanese
Audiences: IT professionals
Technology: Windows Server 2008
Credit toward certification: MCP, MCTS, MCITP, MCSA

Skills measured
This exam measures your ability to accomplish the technical tasks listed below. The percentages indicate the relative weight of each major topic area on the exam. The higher the percentage, the more questions you are likely to see on that content area on the exam. View video tutorials about the variety of question types on Microsoft exams.

Please note that the questions may test on, but will not be limited to, the topics described in the bulleted text.

Do you have feedback about the relevance of the skills measured on this exam? Please send Microsoft your comments. All feedback will be reviewed and incorporated as appropriate while still maintaining the validity and reliability of the certification process. Note that Microsoft will not respond directly to your feedback. We appreciate your input in ensuring the quality of the Microsoft Certification program.

If you have concerns about specific questions on this exam, please submit an exam challenge.

If you have other questions or feedback about Microsoft Certification exams or about the certification program, registration, or promotions, please contact your Regional Service Center.

Configuring Domain Name System (DNS) for Active Directory (18%)
Configure zones
Dynamic DNS (DDNS), Non-dynamic DNS (NDDNS), and Secure Dynamic DNS (SDDNS); Time to Live (TTL); GlobalNames; Primary, Secondary, Active Directory Integrated, Stub; SOA; zone scavenging; forward lookup; reverse lookup
Configure DNS server settings
Forwarding; root hints; configure zone delegation; round robin; disable recursion; debug logging; server scavenging
Configure zone transfers and replication
Configure replication scope (forestDNSzone; domainDNSzone); incremental zone transfers; DNS Notify; secure zone transfers; configure name servers; application directory partitions

Preparation resources
Configuring zone properties
Configure a DNS server for use with Active Directory Domain Services
Modify zone transfer settings

Configuring the Active Directory infrastructure (17%)
Configure a forest or a domain
Remove a domain; perform an unattended installation; Active Directory Migration Tool (ADMT); change forest and domain functional levels; interoperability with previous versions of Active Directory; multiple user principal name (UPN) suffixes; forestprep; domainprep
Configure trusts
Forest trust; selective authentication vs. forest-wide authentication; transitive trust; external trust; shortcut trust; SID filtering
Configure sites
Create Active Directory subnets; configure site links; configure site link costing; configure sites infrastructure
Configure Active Directory replication
DFSR; one-way replication; Bridgehead server; replication scheduling; configure replication protocols; force intersite replication
Configure the global catalog
Universal Group Membership Caching (UGMC); partial attribute set; promote to global catalog
Configure operations masters
Seize and transfer; backup operations master; operations master placement; Schema Master; extending the schema; time service

Preparation resources
Deploying a Windows Server 2008 forest root domain
Securing domain and forest trusts
Active Directory replication tools and settings

Configuring Active Directory roles and services (14%)
Configure Active Directory Lightweight Directory Service (AD LDS)
Migration to AD LDS; configure data within AD LDS; configure an authentication server; Server Core installation
Configure Active Directory Rights Management Service (AD RMS)
Certificate request and installation; self-enrollments; delegation; create RMS templates; RMS administrative roles; RM add-on for IE
Configure the read-only domain controller (RODC)
Replication; Administrator role separation; read-only DNS; BitLocker; credential caching; password replication; syskey; read-only SYSVOL; staged install
Configure Active Directory Federation Services (AD FSv2)
Install AD FS server role; exchange certificate with AD FS agents; configure trust policies; configure user and group claim mapping; import and export trust policies

Preparation resources
AD LDS getting started step-by-step guide
Read-only domain controllers step-by-step guide
AD FS step-by-step guide

Creating and maintaining Active Directory objects (18%)
Automate creation of Active Directory accounts
Bulk import; configure the UPN; create computer, user, and group accounts (scripts, import, migration); template accounts; contacts; distribution lists; offline domain join
Maintain Active Directory accounts
Manage computer accounts; configure group membership; account resets; delegation; AGDLP/AGGUDLP; deny domain local group; local vs. domain; Protected Admin; disabling accounts vs. deleting accounts; deprovisioning; contacts; creating organizational units (OUs); delegation of control; protecting AD objects from deletion; managed service accounts
Create and apply Group Policy objects (GPOs)
Enforce, OU hierarchy, block inheritance, and enabling user objects; group policy processing priority; WMI; group policy filtering; group policy loopback; Group Policy Preferences (GPP)
Configure GPO templates
User rights; ADMX Central Store; administrative templates; security templates; restricted groups; security options; starter GPOs; shell access policies
Deploy and manage software by using GPOs
Publishing to users; assigning software to users; assigning to computers; software removal; software restriction policies; AppLocker
Configure account policies
Domain password policy; account lockout policy; fine-grain password policies
Configure audit policy by using GPOs
Audit logon events; audit account logon events; audit policy change; audit access privilege use; audit directory service access; audit object access; advanced audit policies; global object access auditing; “Reason for Access” reporting

Preparation resources
Active Directory how to…
Group policy planning and deployment guide
Account policies

Maintaining the Active Directory environment (18%)
Configure backup and recovery
Using Windows Server Backup; back up files and system state data to media; backup and restore by using removable media; perform an authoritative or non-authoritative restores; linked value replication; Directory Services Recovery Mode (DSRM); backup and restore GPOs; configure AD recycle bin
Perform offline maintenance
Offline defragmentation and compaction; Restartable Active Directory; Active Directory database mounting tool
Monitor Active Directory
Event viewer subscriptions; data collector sets; real-time monitoring; analyzing logs; WMI queries; PowerShell

Preparation resources
Windows Server backup step-by-step guide for Windows Server 2008
Compact the directory database file (offline defragmentation)
Restartable AD DS step-by-step guide

Configuring Active Directory Certificate Services (15%)

Install Active Directory Certificate Services
Certificate authority (CA) types, including standalone, enterprise, root, and subordinate; role services; prepare for multiple-forest deployments
Configure CA server settings
Key archival; certificate database backup and restore; assigning administration roles; high-volume CAs; auditing
Manage certificate templates
Certificate template types; securing template permissions; managing different certificate template versions; key recovery agent
Manage enrollments
Network device enrollment service (NDES); auto enrollment; Web enrollment; extranet enrollment; smart card enrollment; authentication mechanism assurance; creating enrollment agents; deploying multiple-forest certificates; x.509 certificate mapping
Manage certificate revocations
Configure Online Responders; Certificate Revocation List (CRL); CRL Distribution Point (CDP); Authority Information Access (AIA)

Preparation resources
Active Directory certificate services step-by-step guide
Setting up a certification authority
Administering certificate templates


QUESTION 1
Your company has a main office and three branch offices. Each office is configured as a separate Active Directory site that has its own domain controller.
You disable an account that has administrative rights.
You need to immediately replicate the disabled account information to all sites.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

A. From the Active Directory Sites and Services console, configure all domain controllers
as global catalog servers.
B. From the Active Directory Sites and Services console, select the existing connection objects and force replication.
C. Use Repadmin.exe to force replication between the site connection objects.
D. Use Dsmod.exe to configure all domain controllers as global catalog servers.

Answer: B,C

Explanation:
http://technet.microsoft.com/en-us/library/cc835086%28v=ws.10%29.aspx
Repadmin /syncall Synchronizes a specified domain controller with all of its replication partners. http://ivan.dretvic.com/2012/01/how-to-force-replication-of-domain-controllers/
How to force replication of Domain Controllers From time to time its necessary to kick off AD replication to speed up a task you may be doing, or just a good too to check the status of replication between DC’s.
Below is a command to replicate from a specified DC to all other DC’s.
Repadmin /syncall DC_name /Aped By running a repadmin /syncall with the /A(ll partitions) P(ush) e(nterprise, cross sites) d(istinguished names) parameters, you have duplicated exactly what Replmon used to do in Windows 2003, except that you did it in one step, not many.And with the benefit of seeing immediate results on how the operations are proceeding.
If I am running it on the DC itself, I don’t even have to specify the server name. http://technet.microsoft.com/en-us/library/cc776188%28v=ws.10%29.aspx Force replication over a connection
To force replication over a connection
1. Open Active Directory Sites and Services.
C:\Documents and Settings\usernwz1\Desktop\1.PNG


QUESTION 2
Your company has a branch office that is configured as a separate Active Directory site and has an Active Directory domain controller.
The Active Directory site requires a local Global Catalog server to support a new application.
You need to configure the domain controller as a Global Catalog server.
Which tool should you use?

A. The Server Manager console
B. The Active Directory Sites and Services console
C. The Dcpromo.exe utility
D. The Computer Management console
E. The Active Directory Domains and Trusts console

Answer: B

Explanation:

Answer: The Active Directory Sites and Services console http://technet.microsoft.com/en-us/library/cc781329%28v=ws.10%29.aspx Configure a domain controller as a global catalog server
To configure a domain controller as a global catalog server 1. Open Active Directory Sites and Services.
Further information: http://technet.microsoft.com/en-us/library/cc728188%28v=ws.10%29.aspx What Is the Global Catalog?
The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory Domain Services (AD DS) forest. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through multimaster replication. Searches that are directed to the global catalog are faster because they do not involve referrals to different domain controllers.
In addition to configuration and schema directory partition replicas, every domain controller in a forest stores a full, writable replica of a single domain directory partition. Therefore, a domain controller can locate only the objects in its domain. Locating an object in a different domain would require the user or application to provide the domain of the requested object. The global catalog provides the ability to locate objects from any domain without having to know the domain name. A global catalog server is a domain controller that, in addition to its
full, writable domain directory partition replica, also stores a partial, read-only replica of all other domain directory partitions in the forest. The additional domain directory partitions are partial because only a limited set of attributes is included for each object. By including only the attributes that are most used for searching, every object in every domain in even the largest forest can be represented in the database of a single global catalog server.
Note: A global catalog server can also store a full, writable replica of an application directory partition, but objects in application directory partitions are not replicated to the global catalog as partial, read-only directory partitions.
The global catalog is built and updated automatically by the AD DS replication system. The attributes that are replicated to the global catalog are identified in the schema as the partial attribute set (PAS) and are defined by default by Microsoft. However, to optimize searching, you can edit the schema by adding or removing attributes that are stored in the global catalog.
In Windows 2000 Server environments, any change to the PAS results in full synchronization (update of all attributes) of the global catalog. Later versions of Windows Server reduce the impact of updating the global catalog by replicating only the attributes that change.
In a single-domain forest, a global catalog server stores a full, writable replica of the domain and does not store any partial replica. A global catalog server in a single-domain forest functions in the same manner as a nonglobal-catalog server except for the processing of forest-wide searches.


QUESTION 3
Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline root CA and an online issuing CA.
The Enterprise certification authority is running Windows Server 2008 R2.
You need to ensure users are able to enroll new certificates.
What should you do?

A. Renew the Certificate Revocation List (CRL) on the root CA. Copy the CRL to the CertEnroll folder on the issuing CA.
B. Renew the Certificate Revocation List (CRL) on the issuing CA, Copy the CRL to the SysternCertificates folder in the users’ profile.
C. Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.
D. Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.

Answer: A

Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/2900.offline-root-certification-authority-ca.aspx
Offline Root Certification Authority (CA)
A root certification authority (CA) is the top of a public key infrastructure (PKI) and generates a self-signed certificate. This means that the root CA is validating itself (self-validating). This root CA could then have subordinate CAs that effectively trust it. The subordinate CAs receive a certificate signed by the root CA, so the subordinate CAs can issue certificates that are validated by the root C
A. This establishes a CA hierarchy and trust path.
CA Compromise
If a root CA is in some way compromised (broken into, hacked, stolen, or accessed by an unauthorized or malicious person), then all of the certificates that were issued by that CA are also compromised. Since certificates are used for data protection, identification, and authorization, the compromise of a CA could compromise the security of an entire organizational network. For that reason, many organizations that run internal PKIs install their root CA offline. That is, the CA is never connected to the company network, which makes the root CA an offline root C
A. Make sure that you keep all CAs in secure areas with limited access.
To ensure the reliability of your CA infrastructure, specify that any root and non-issuing intermediate CAs must be offline. A non-issuing CA is one that is not expected to provide certificates to client computers, network devices, and so on. This minimizes the risk of the CA private keys becoming compromised, which would in turn compromise all the certificates that were issued by the CA.
How Do Offline CAs issue certificates?
Offline root CAs can issue certificates to removable media devices (e.g. floppy disk, USB drive, CD/DVD) and then physically transported to the subordinate CAs that need the certificate in order to perform their tasks. If the subordinate CA is a non-issuing intermediate that is offline, then it will also be used to generate a certificate and that certificate will be placed on removable media. Each CA receives its authorization to issue certificates from the CA directly above it in the CA hierarchy. However, you can have multiple CAs at the same level of the CA hierarchy. Issuing CAs are typically online and used to issue certificates to client computers, network
devices, mobile devices, and so on. Do not join offline CAs to an Active Directory Domain Services domain Since offline CAs should not be connected to a network, it does not make sense to join them to an Active Directory Domain Services (AD DS) domain, even with the
Offline Domain Join [This link is external to TechNet Wiki. It will open in a new window.] option introduced with Windows 7 and Windows Server 2008 R2.
Furthermore, installing an offline CA on a server that is a member of a domain can cause problems with a secure channel when you bring the CA back online after a long offline period. This is because the computer account password changes every 30 days. You can get around this by problem and better protect your CA by making it a member of a workgroup, instead of a domain. Since Enterprise CAs need to be joined to an AD DS domain, do not attempt to install an offline CA as a Windows Server Enterprise C
A. http://technet.microsoft.com/en-us/library/cc740209%28v=ws.10%29.aspx
Renewing a certification authority
A certification authority may need to be renewed for either of the following reasons: Change in the policy of certificates issued by the CA
Expiration of the CA’s issuing certificate


QUESTION 4
You have a Windows Server 2008 R2 Enterprise Root certification authority (CA).
You need to grant members of the Account Operators group the ability to only manage Basic EFS certificates.
You grant the Account Operators group the Issue and Manage Certificates permission on the CA.
Which three tasks should you perform next? (Each correct answer presents part of the solution.
Choose three.)

A. Enable the Restrict Enrollment Agents option on the CA.
B. Enable the Restrict Certificate Managers option on the CA.
C. Add the Basic EFS certificate template for the Account Operators group.
D. Grant the Account Operators group the Manage CA permission on the CA.
E. Remove all unnecessary certificate templates that are assigned to the Account Operators group.

Answer: B,C,E


QUESTION 5
Your company has an Active Directory domain.
You log on to the domain controller. The Active Directory Schema snap-in is not available in the Microsoft Management Console (MMC).
You need to access the Active Directory Schema snap-in.
What should you do?

A. Add the Active Directory Lightweight Directory Services (AD LDS) role to the domain controller by using Server Manager.
B. Log off and log on again by using an account that is a member of the Schema Administrators group.
C. Use the Ntdsutil.exe command to connect to the Schema Master operations master and open the schema for writing.
D. Register Schmmgmt.dll.

Answer: D

Explanation:
http://technet.microsoft.com/en-us/library/cc732110.aspx Install the Active Directory Schema Snap-In
You can use this procedure to first register the dynamic-link library (DLL) that is required for the Active Directory Schema snap-in. You can then add the snap-in to Microsoft Management Console (MMC).
To install the Active Directory Schema snap-in
1. To open an elevated command prompt, click Start, type command prompt and then right-click Command
Prompt when it appears in the Start menu. Next, click Run as administrator and then click OK.
To open an elevated command prompt in Windows Server 2012, click Start, type cmd, right click cmd and then click Run as administrator.
2. Type the following command, and then press ENTER:
regsvr32 schmmgmt.dll
3. Click Start, click Run, type mmc and then click OK.
4. On the File menu, click Add/Remove Snap-in.
5. Under Available snap-ins, click Active Directory Schema, click Add and then click OK.
6. To save this console, on the File menu, click Save.
7. In the Save As dialog box, do one of the following:
* To place the snap-in in the Administrative Tools folder, in File name, type a name for the snap-in, and then click Save.
* To save the snap-in to a location other than the Administrative Tools folder, in Save in
navigate to a location for the snap-in. In File name, type a name for the snap-in, and then
click Save


QUESTION 6
You have an Active Directory domain that runs Windows Server 2008 R2.
You need to implement a certification authority (CA) server that meets the following requirements:
Allows the certification authority to automatically issue certificates
Integrates with Active Directory Domain Services
What should you do?

A. Install and configure the Active Directory Certificate Services server role as a Standalone Root CA.
B. Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA.
C. Purchase a certificate from a third-party certification authority, Install and configure the Active Directory
Certificate Services server role as a Standalone Subordinate CA.
D. Purchase a certificate from a third-party certification authority, Import the certificate into the computer store of the schema master.

Answer: B

Click here to view complete Q&A of 70-640 exam
Certkingdom Review

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft 70-640 Training at certkingdom.com

 

The big question rises how to become the Microsoft certified , All Microsoft certifications are acquired by simply taking a series of exams. If you can self-study for said exams, and then pass them, then you can acquire the certification for the mere cost of the exam (and maybe whatever self-study materials you purchase).

You’ll also need, at minimum (in addition to the MCTS), the CompTIA A+, Network+ and Security+ certs; as well as the Cisco CCNA cert.

Microsoft Certified Technology Specialist (MCTS) – This is the basic entry point of Microsoft Certifications. You only need to pass a single certification test to be considered an MCTS and there are numerous different courses and certifications that would grant you this after passing one. If you are shooting for some of the higher certifications that will be discussed below, then you’ll get this on your way there.

Microsoft Certified Professional Developer (MCPD) – This certification was Microsoft’s previous “Developer Certification” meaning that this was the highest certification that was offered that consisted strictly of development-related material. Receiving it involved passing four exams within specific areas (based on the focus of your certification). You can find the complete list of courses and paths required for the MCPD here.

Microsoft Certified Solutions Developer (MCSD) – This is Microsoft’s most recent “Developer Certification” which will replace the MCPD Certification (which is being deprecated / retired in July of 2013). The MCSD focuses within three major areas of very recent Microsoft development technologies and would likely be the best to persue if you wanted to focus on current and emerging skills that will be relevant in the coming years. You can find the complete list of courses and paths required for the MCSD here.

The Microsoft Certifications that you listed are basically all of the major ones within the realm of development. I’ll cover each of the major ones and what they are :

Most people, however, take some kind of course. Some colleges — especially career and some community colleges — offer such courses (though usually they’re non-credit). Other providers of such courses are private… some of them Microsoft Certified vendors of one type or another, who offer the courses in such settings as sitting around a conference table in their offices. Still others specialize in Microsoft certification training, and so have nice classrooms set up in their offices.

There are also some online (and other forms of distance learning) courses to help prepare for the exams.

The cost of taking classes to prepare can vary wildly. Some are actually free (or very nearly so), while others can cost hundreds of dollars. It all just depends on the provider.

And here’s a Google search of MCTS training resources (which can be mind-numbing in their sheer numbers and types, so be careful what you choose):

There are some pretty good, yet relatively inexpensive, ways to get vendor certificate training. Be careful not to sign-up for something expensive and involved when something cheaper — like subscribing to an “all the certificates you care to study for one flat rate” web site — would, in addition to purchasing a study guide or two at a bookstore, likely be better.

If you want a career in IT, then you need to have both an accredited degree in same (preferably a bachelors over an associates), and also a variety of IT certifications. The MCTS is but one that you will need.

You should probably also get the Microsoft MCSE and/or MCSA. The ICS CISSP. And the ITIL.

There are others, but if you have those, you’ll be evidencing a broad range of IT expertise that will be useful, generally. Then, in addition, if the particular IT job in which you end-up requires additional specialist certification, then you can get that, too (hopefully at the expense of your employer who requires it of you).

Then, whenever (if ever) you’re interested in a masters in IT, here’s something really cool of which you should be aware…

There’s a big (and fully-accredited, fully-legitimate) university in Australia which has partnered with Microsoft and several other vendors to structure distance learning degrees which include various certifications; and in which degrees, considerable amounts of credit may be earned simply by acquiring said certifications. It’s WAY cool.

One can, for example, get up to half of the credit toward a Masters degree in information technology by simply getting an MCSE (though the exams which make it up must be certain ones which correspond with the university’s courses). I’ve always said that if one were going to get an MCSE, first consult the web site of this university and make sure that one takes the specific MCSE exams that this school requires so that if ever one later decided to enter said school’s masters program, one will have already earned up to half its degree’s credits by simply having the MCSE under his/her belt. Is that cool, or what?

I wouldn’t rely on them over experience (which is far and away the most valuable asset out there) but they are worth pursuing especially if you don’t feel like you have enough experience and need to demonstrate that you have the necessary skills to land a position as a developer.

If you are going to pursue a certification, I would recommend going after the MCSD (Web Applications Track) as it is a very recent certification that focuses on several emerging technologies that will still be very relevant (if not more-so) in the coming years. You’ll pick up the MCTS along the way and then you’ll have both of those under your belt. MCPD would be very difficult to achieve based on the short time constraints (passing four quite difficult tests within just a few months is feasible, but I don’t believe that it is worth it since it will be “retired” soon after).

No job experience at all is necessary for any of the Microsoft Certifications, you can take them at any time as long as you feel confident enough with the materials of the specific exam you should be fine. The tests are quite difficult by most standards and typically cover large amounts of material, but with what it sounds like a good bit of time to study and prepare you should be fine.

Certifications, in addition to degrees, are so important in the IT field, now, that one may almost no longer get a job in that field without both. The certifications, though, are so important that one who has a little IT experience can get a pretty good job even without a degree as long as he has all the right certs. But don’t do that. Definitely get the degree… and not merely an associates. Get the bachelors in IT; and make sure it’s from a “regionally” accredited school.

Then get the certs I mentioned (being mindful, if you think you’ll ever get an IT masters, to take the specific exams that that Strut masters program requires so that you’ll have already earned up to half the credit just from the certs).

If you already have two years of experience in working in the .NET environment, a certification isn’t going to guarantee that you will get employed, a salary increase or any other bonuses for achieving the honor. However, it can help supplement your resume by indicating that you are familiar with specific technologies enough to apply them in real-world applications to solve problems.

If your ready for career change and looking for Microsoft MCTS Training, Microsoft MCITP Training or any other Microsoft Certification preparation get the best online training from Certkingdom.com they offer all Microsoft, Cisco, Comptia certification exams training in just one Unlimited Life Time Access Pack, included self study training kits including, Q&A, Study Guides, Testing Engines, Videos, Audio, Preparation Labs for over 2000+ exams, save your money on boot camps, training institutes, It’s also save your traveling and time. All training materials are “Guaranteed” to pass your exams and get you certified on the fist attempt, due to best training they become no1 site 2012.

MCTS Training, MCITP Trainnig

Best Microsoft MTA Certification, Microsoft MCTS Training at certkingdom.com

Introduction
It’s always a good idea to take stock of your skills, your pay, and your certifications. To that end, following is a review of 15 of the top-paying certifications for 2014. With each certification, you’ll find the average (mean) salary and a brief description.

Based on the 2014 IT Skills and Salary Survey conducted by Global Knowledge and Penton and completed in October 2013, the rankings below are derived from certifications that received the minimum number of responses to be statistically relevant. Certain certifications pay more but are not represented due to their exclusive nature. Examples include Cisco Certified Internetworking Expert (CCIE) and VMware Certified Design Expert (VCDX). This was a nationwide survey, and variations exist based on where you work, years of experience, and company type (government, non profit, etc.).

1. Certified in Risk and Information Systems Control (CRISC) – $118,253
The non-profit group ISACA offers CRISC certification, much in the way that CompTIA manages the A+ and Network+ certifications. Formerly, “ISACA” stood for Information Systems Audit and Control Association, but now they’ve gone acronym only.

The CRISC certification is designed for IT professionals, project managers, and others whose job it is to identify and manage risks through appropriate Information Systems (IS) controls, covering the entire lifecycle, from design to implementation to ongoing maintenance. It measures two primary areas: risk and IS controls. Similar to the IS control lifecycle, the risk area spans the gamut from identification and assessment of the scope and likelihood of a particular risk to monitoring for it and responding to it if/when it occurs.

Since CRISC’s introduction in 2010, more than 17,000 people worldwide have earned this credential, The demand for people with these skills and the relatively small supply of those who have them result in this being the highest salary for any certification on our list this year.

To obtain CRISC certification, you must have at least three years of experience in at least three of the five areas that the certification covers, and you must pass the exam, which is only offered twice a year. This is not a case where you can just take a class and get certified. Achieving CRISC certification requires effort and years of planning.

2. Certified Information Security Manager (CISM) – $114,844

ISACA also created CISM certification. It’s aimed at management more than the IT professional and focuses on security strategy and assessing the systems and policies in place more than it focuses on the person who actually implements those policies using a particular vendor’s platform.

More than 23,000 people have been certified since its introduction in 2002, making it a highly sought after area with a relatively small supply of certified individuals. In addition, the exam is only offered three times a year in one of approximately 240 locations, making taking the exam more of a challenge than many other certification exams. It also requires at least five years of experience in IS, with at least three of those as a security manager. As with CRISC, requirements for CISM certification demand effort and years of planning.

3. Certified Information Systems Auditor (CISA) – $112,040
The third highest-paying certification is also from ISACA; this one is for IS auditors. CISA certification is ISACA’s oldest, dating back to 1978, with more than 106,000 people certified since its inception. CISA certification requires at least five years of experience in IS auditing, control, or security in addition to passing an exam that is only offered three times per year.

The CISA certification is usually obtained by those whose job responsibilities include auditing, monitoring, controlling, and/or assessing IT and/or business systems. It is designed to test the candidate’s ability to manage vulnerabilities, ensure compliance with standards, and propose controls, processes, and updates to a company’s policies to ensure compliance with accepted IT and business standards.

4. Six Sigma Green Belt – $109,165
Six Sigma is a process of analyzing defects (anything outside a customer’s specifications) in a production (manufacturing) process, with a goal of no more than 3.4 defects per million “opportunities” or chances for a defect to occur. The basic idea is to measure defects, analyze why they occurred, and then fix the issue and repeat. There is a process for improving existing processes and a slightly modified version for new processes or major changes. Motorola pioneered the concept in the mid-1980s, and many companies have since followed their examples to improve quality.

This certification is different from the others in this list, as it is not IT specific. Instead, it is primarily focused on manufacturing and producing better quality products.

There is no organization that owns Six Sigma certification per se, so the specific skills and number of levels of mastery vary depending on which organization or certifying company is used. Still, the entry level is typically Green Belt and the progression is to Black Belt and Master Black Belt. Champions are responsible for Six Sigma projects across the entire organization and report to senior management.

5. Project Management Professional (PMP) – $108,525
The PMP certification was created and is administered by the Project Management Institute (PMI®), and it is the most recognized project management certification available. There are more than half a million active PMPs in 193 countries worldwide.

The PMP certification exam tests five areas relating to the lifecycle of a project: initiating, planning, executing, monitoring and controlling, and closing. PMP certification is for running any kind of project, and it is not specialized into sub types, such as manufacturing, construction, or IT.

To become certified, individuals must have 35 hours of PMP-related training along with 7,500 hours of project management experience (if they have less than a bachelor’s degree) or 4,500 hours of project management experience with a bachelor’s or higher. PMP certification is another that requires years of planning and effort.

6. Certified Scrum Master – $107,396
Another project management-related certification, Certified Scrum Master is focused on software (application) development.

Scrum is a rugby term; it’s a means for restarting a game after a minor rules violation or after the ball is no longer in play (for example, when it goes out of bounds). In software development, Scrum is a project management process that is designed to act in a similar manner for software (application development) projects in which a customer often changes his or her mind during the development process.

In traditional project management, the request to change something impacts the entire project and must be renegotiated-a time-consuming and potentially expensive way to get the changes incorporated. There is also a single project manager.

In Scrum, however, there is not a single project manager. Instead, the team works together to reach the stated goal. The team should be co-located so members may interact frequently, and it should include representatives from all necessary disciplines (developers, product owners, experts in various areas required by the application, etc.).

Where PMP tries to identify everything up front and plan for a way to get the project completed, Scrum takes the approach that the requirements will change during the project lifecycle and that unexpected issues will arise. Rather than holding up the process, Scrum takes the approach that the problem the application is trying to solve will never be completely defined and understood, so team members must do the best they can with the time and budget available and by quickly adapting to change.

So where does the Scrum Master fit in? Also known as a servant-leader, the Scrum Master has two main duties: to protect the team from outside influences that would impede the project (the servant) and to chair the meetings and encourage the team to continually improve (the leader).

Certified Scrum Master certification was created and is managed by the Scrum Alliance and requires the individual to attend a class taught by a certified Scrum trainer and to pass the associated exam.

7. Citrix Certified Enterprise Engineer (CCEE) – $104,240
The CCEE certification is a legacy certification from Citrix that proves expertise in XenApp 6, XenDesktop 5, and XenServer 6 via the Citrix Certified Administrator (CCS) exams for each, the Citrix Certified Advanced Administrator (CCAA) for XenApp 6, and an engineering (advanced implementation-type) exam around implementing, securing, managing, monitoring, and troubleshooting a complete virtualization solution using Citrix products.

Those certified in this area are encouraged to upgrade their certification to the App and Desktop track instead, which focuses on just XenDesktop, taking one exam to become a Citrix Certified Professional – Apps and Desktops (CCP-AD). At this point though, the CCEE is available as long as the exams are available for the older versions of the products listed.

8. Citrix Certified Administrator (CCA) for Citrix NetScaler – $103,904
The CCA for NetScaler certification has been discontinued for NetScaler 9, and those with a current certification are encouraged to upgrade to the new Citrix Certified Professional – Networking (CCP-N). In any case, those with this certification have the ability to implement, manage, and optimize NetScaler networking performance and optimization, including the ability to support app and desktop solutions. As the Citrix certification program is being overhauled, refer to http://training.citrix.com/cms/index.php/certification/ to view the certifications available, upgrade paths, etc.

9. Certified Ethical Hacker (CEH) – $103,822
The International Council of E-Commerce Consultants (EC-Council) created and manages CEH certification. It is designed to test the candidate’s abilities to prod for holes, weaknesses, and vulnerabilities in a company’s network defenses using techniques and methods that hackers employ. The difference between a hacker and a CEH is that a hacker wants to cause damage, steal information, etc., while the CEH wants to fix the deficiencies found. Given the many attacks, the great volume of personal data at risk, and the legal liabilities possible, the need for CEHs is quite high, hence the salaries offered.

10. ITIL v3 Foundation – $97,682
IT Infrastructure Library (ITIL®) was created by England’s government in the 1980s to standardize IT management. It is a set of best practices for aligning the services IT provides with the needs of the organization. It is broad based, covering everything from availability and capacity management to change and incident management, in addition to application and IT operations management.

It is known as a library because it is composed of a set of books. Over the last 30 years, it has become the most widely used framework for IT management in the world. ITIL standards are owned by AXELOS, a joint venture company created by the Cabinet Office on behalf of Her Majesty’s Government in the United Kingdom and Capita plc, but they have authorized partners who provide education, training, and certification. The governing body defined the certification tiers, but they leave it to the accredited partners to develop the training and certification around that framework.

The Foundation certification is the entry-level one and provides a broad-based understanding of the IT lifecycle and the concepts and terminology surrounding it. Anyone wishing for higher-level certifications must have this level first, thus people may have higher certifications and still list this certification in the survey, which may skew the salary somewhat.

For information on ITIL in general, please refer to http://www.itil-officialsite.com/. Exams for certification are run by ITIL-certified examination institutes as previously mentioned; for a list of them, please refer to http://www.itil-officialsite.com/ExaminationInstitutes/ExamInstitutes.aspx.

11. Citrix Certified Administrator (CCA) for Citrix XenServer – $97,578
The CCA for XenServer certification is available for version 6 and is listed as a legacy certification, but Citrix has yet to announce an upgrade path to their new certification structure. Those with a CCA for Citrix XenServer have the ability to install, configure, administer, maintain, and troubleshoot a XenServer deployment, including Provisioning Services. As the Citrix certification program is being overhauled, refer to http://training.citrix.com/cms/index.php/certification/ to view the certifications available, upgrade paths, etc.

12. ITIL Expert Certification – $96,194
The ITIL Expert certification builds on ITIL Foundation certification (see number 10 above). It is interesting that ITIL Expert pays less on average than ITIL Foundation certification. Again, I suspect the salary results may be somewhat skewed depending on the certifications actually held and the fact that everyone who is ITIL certified must be at least ITIL Foundation certified.

To become an ITIL Expert, you must pass the ITIL Foundation exam as well as the capstone exam, Managing Across the Lifecycle. Along the way, you will earn intermediate certifications of your choosing in any combination of the Lifecycle and Capability tracks. You must earn at least 22 credits, of which Foundation accounts for two and the Managing Across the Lifecycle exam counts for five. The other exams count for three each (in the Intermediate Lifecycle track) or four each (in the Intermediate Capability track) and can be earned in any order and combination, though the official guide suggests six recommended options. The guide is available at http://www.itil-officialsite.com/Qualifications/ITILQualificationScheme.aspx by clicking on the English – ITIL Qualification Scheme Brochure link.

13. Cisco Certified Design Associate (CCDA) – $95,602
Cisco’s certification levels are Entry, Associate, Professional, Expert, and Architect. Those who obtain this Associate-level certification are typically network design engineers, technicians, or support technicians. They are expected to design basic campus-type networks and be familiar with routing and switching, security, voice and video, wireless connectivity, and IP (both v4 and v6). They often work as part of a team with those who have higher-level Cisco certifications.

To achieve CCDA certification, you must have earned one of the following: Cisco Certified Entry Networking Technician (CCENT), the lowest-level certification and the foundation for a career in networking); Cisco Certified Network Associate Routing and Switching (CCNA R&S); or any Cisco Certified Internetwork Expert (CCIE), the highest level of certification at Cisco.
You must also pass a single exam.

14. Microsoft Certified Systems Engineer (MCSE) – $95,276
This certification ranked number 14 with an average salary of $95,505 for those who didn’t list an associated Windows version and $94,922 for those who listed MCSE on Windows 2003, for the weighted average of $95,276 listed above.

The Microsoft Certified Systems Engineer is an old certification and is no longer attainable. It has been replaced by the Microsoft Certified Solutions Expert (yes, also MCSE). The Engineer certification was valid for Windows NT 3.51 – 2003, and the new Expert certification is for Windows 2012. There is an upgrade path if you are currently an MCSA or MCITP on Windows 2008. There is no direct upgrade path from the old MCSE to the new MCSE.

15. Citrix Certified Administrator (CCA) for Citrix XenDesktop – $95,094
The CCA for XenDesktop certification is available for versions 4 (in Chinese and Japanese only) and 5 (in many languages including English). Those with a current certification are encouraged to upgrade to the new Citrix Certified Associate – Apps and Desktops (CCA-AD). In any case, those with this certification have the ability to install, administer, and troubleshoot a XenDesktop deployment, including Provisioning Services and the Desktop Delivery Controller as well as XenServer and XenApp. As the Citrix certification program is being overhauled, refer to http://training.citrix.com/cms/index.php/certification/ to view the certifications available, upgrade paths, etc.

Rounding Out the Top 25

A few popular certifications just missed the Top 15 cut due to a low total number of responses or an average (mean) pay just outside the threshold. Due to their popularity, I have included them for informational purposes.

Certification Average Pay
CISSP: Certified Information Systems Security Professional $114,287

MCSE: Microsoft Certified Systems Engineer 2003 $94,922

RHCSA: Red Hat Certified System Administrator $94,802

VCP-DCV: VMware Certified Professional – Data Center Virtualization $94,515

JNCIA: Juniper Networks Certified Internet Associate $94,492

MCTS: Windows Server 2008 Applications Infrastructure Configuration $91,948

MCITP: Enterprise Administrator $91,280

CCNP: Cisco Certified Network Professional $90,833

WCNA: Wireshark Certified Network Analyst $88,716

CCNA R&S: Cisco Certified Network Associ te Routing and Switching $81,308


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCSE Training at certkingdom.com


QUESTION 1
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com. All servers in the ABC.com network run Windows Server 2008.
The ABC.com network has a file server named ABC-SR07 that hosts a shared folder named
ABCDocs. Several Microsoft Word documents are stored in the ABCDocs share. You want to
enable document version history on these documents. You also want the documents in the
ABCDocs share to be accessed through a Web page.
Which of the following roles or services would you install on ABC-SR07 to achieve the desired
results cost effectively?

A. FTP Server role.
B. Application Server role.
C. Microsoft Windows SharePoint Services (WSS) 3.0.
D. File and Print Services role.
E. Microsoft Office SharePoint Server (MOSS) 2007.
F. SMTP Server role.

Answer: C

Explanation:
To achieve the desired results without requiring any additional cost, you need to use Microsoft
Windows SharePoint Services (WSS) 3.0.
Reference: Microsoft Windows SharePoint Services 3.0 and the Mobile Workplace
http://download.microsoft.com/download/b/b/6/bb6672dd-252c-4a21-89de-
78cfc8e0b69e/WSS%20Mobile%20Workplace.doc


QUESTION 2
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com with a single site named Site
A. All servers in the ABC.com network run Windows Server
2008.
You reorganize the Active Directory infrastructure to include a second site named SiteB with its
own domain controller.
How would you configured the firewall to allow replication between SiteA and SiteB?

A. Enable IPSec traffic to pass through the firewall.
B. Enable RPC traffic to pass through the firewall.
C. Enable SMTP traffic to pass through the firewall.
D. Enable NNTP traffic to pass through the firewall.
E. Enable FTP traffic to pass through the firewall.

Answer: B

Explanation:
You should permit RPC traffic through the firewall to enable the domain controllers to replicate
between the two sites because the Active Directory relies on remote procedure call (RPC) for
replication between domain controllers. You can open the firewall wide to permit RPC’s native
dynamic behavior.
Reference: Active Directory Replication over Firewalls
http://technet.microsoft.com/en-us/library/bb727063.aspx


QUESTION 3
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com. All servers in the ABC.com network run Windows Server 2008.
ABC.com runs a critical application that accesses data that is stored in a Microsoft SQL Server
2005 database server named ABC-DB02. Which of the following options would you choose to
ensure that the database is always available?

A. Two Windows Server 2008 servers running MS SQL Server 2005 Standard Edition in a
Network Load Balancing (NLB) cluster.
B. Two Windows Server 2008 servers running MS SQL Server 2005 Enterprise Edition in a
Network Load Balancing (NLB) cluster
C. Two Windows Server 2008 servers running MS SQL Server 2005 Standard Edition in a failover
cluster.
D. Two Windows Server 2008 servers running MS SQL Server 2005 Enterprise Edition in a
failover cluster.

Answer: D

Explanation:
To ensure the high availability of the data store, you need to use a Windows Server 2008 failover
cluster with shared storage.
Failover clustering can help you build redundancy into your network and eliminate single points of
failure.
Administrators have better control and can achieve better performance with storage than was
possible in previous releases. Failover clusters now support GUID partition table (GPT) disks that
can have capacities of larger than 2 terabytes, for increased disk size and robustness.
Administrators can now modify resource dependencies while resources are online, which means
they can make an additional disk available without interrupting access to the application that will
use it. And administrators can run tools in Maintenance Mode to check, fix, back up, or restore
disks more easily and with less disruption to the cluster
You should not use Network Load Balancing (NLB) because it only allows you to distribute TCP/IP
requests to multiple systems in order to optimize resource utilization, decrease computing time,
and ensure system availability.
Reference: High Availability
http://www.microsoft.com/windowsserver2008/en/us/high-availability.aspx


QUESTION 4
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com. All servers in the ABC.com network run Windows Server 2008. ABC.com has its
headquarters in Chicago and sub-divisions in Boston, Atlanta, Miami and Dallas. All domain
controllers are currently installed in the Chicago.
You need to have new domain controllers installed in the Boston, Atlanta, Miami and Dallas subdivisions.
ABC.com issues a security policy for the new domain controllers that states the
following:
•Unauthorized user must not be able to access the Active Directory database.
•Unauthorized user must not be able to boot a domain controller from an alternate boot disk.
Which of the following options would you choose to implement the security policy?

A. Modify the permissions of the ntds.dat file.
B. Configure a read-only domain controller (RODC) in the Boston, Atlanta, Miami and Dallas.
C. Disable replication of the Sysvol folder on the new domain controllers.
D. Configure Windows BitLocker Drive Encryption (BitLocker) on the new domain controllers.
E. Disable the Global Catalog role on the new domain controllers.
F. Configure EFS encryption on the new domain controllers.

Answer: D

Explanation:
To configure domain controller at each branch office to ensure that no unauthorized user should
be allowed to copy the Active Directory database from a branch office domain controller by starting
the server from an alternate startup disk, you need to use Windows BitLocker Drive Encryption
(BitLocker)
BitLocker allows you to encrypt all data stored on the Windows operating system volume and use
the security of using a Trusted Platform Module (TPM) that helps protect user data and to ensure
that a computer running Windows Vista or Server 2008 have not been tampered with while the
system was offline.
In addition, BitLocker offers the option to lock the normal startup process until the user supplies a
personal identification number (PIN) or inserts a removable USB device, such as a flash drive, that
contains a startup key. This process will ensure that users can only access all files on the servers
if they have the PIN. You cannot use an alternate startup disk to boot the server.
Reference: BitLocker Drive Encryption Technical Overview
http://technet2.microsoft.com/windowsserver2008/en/library/a2ba17e6-153b-4269-bc46-
6866df4b253c1033.mspx?mfr=true


QUESTION 5
You work as an enterprise administrator at ABC.com. The ABC.com network has a domain named
ABC.com that runs at the domain functional level of Windows Server 2008.
Which of the following options can be used for tracking any modification to Active Directory
Objections?

A. Configure a Group Policy to run the Security Configuration Wizard on all computers in the ABC
network.
B. Configure the Default Domain Controllers Group Policy to audit Directory Services.
C. Configure the Default Domain Group Policy to audit Directory Services.
D. Enable auditing of the ntds.dat file in the Default Domain Group Policy.
E. Enable auditing of the ntds.dat file in the Default Domain Group Policy.

Answer: B

Explanation:
To implement an audit and compliance policy and ensure that all changes made to Active
Directory objects are recorded, you need to configure a Directory Services Auditing policy in the
Default Domain Controller Policy
In Windows Server 2008, you can enable Audit Directory Service Access policy to log events in
the Security event log whenever certain operations are performed on objects stored in Active
Directory.
Enabling the global audit policy, Audit directory service access, enables all directory service policy
subcategories. You can set this global audit policy in the Default Domain Controllers Group Policy
(under Security Settings\Local Policies\Audit Policy).
Reference: Windows Server 2008 Auditing AD DS Changes Step-by-Step Guide
http://technet2.microsoft.com/windowsserver2008/en/library/a9c25483-89e2-4202-881cea8e02b4b2a51033.
mspx?mfr=true


MCTS Training, MCITP Trainnig

Best Microsoft MCITP Enterprise Administrator Certification,
MCITP 70-647 Training at certkingdom.com


QUESTION 1
You work as the Enterprise administrator at Certkingdom.com. The Certkingdom.com network has a domain
named Certkingdom.com. The servers on the Certkingdom.com network run Windows Server 2008 and all client
computers run Windows Vista.
The Certkingdom.com network contains more than 3,000 computers. Certkingdom.com wants to make use of
Windows Server Update Services (WSUS) updates. You thus need to setup the appropriate
storage mechanism so that it provides high availability.
Where should you store the WSUS updates?

A. In a storage subsystem as a RAID 10.
B. In a network load balancing cluster.
C. In a newly created Group Policy.
D. In a Distributed File System (DFS) link that is configured to utilize several replicating targets.

Answer: D

Explanation: You need to keep the updates on a Distributed File System (DFS) link that uses
multiple replicating targets. This will ensure that the updates highly available. The DFS contain the
following capabilities: views of folders and files, that is a virtual organization where those files
physically reside in a network.
Reference: Step 4: Set up a DFS share
http://technet.microsoft.com/en-us/library/cc708533.aspx


QUESTION 2
You work as the Enterprise administrator at Certkingdom.com. The Certkingdom.com network has forest with two
domains named us.Certkingdom.com and uk.Certkingdom.com. The functional level of the forest is set at Windows
Server 2008.
A new Certkingdom.com security policy requires that the local guest accounts and administrator accounts
should be renamed. You have to ensure that the local guest accounts are disabled after it has
been renamed.
How can this be achieved?

A. By using a custom network profile.
B. By using a Group Policy object (GPO) for every domain.
C. By using a folder redirection on all the root domain controllers.
D. By using a ServerManagerCMD tool for the root main.

Answer: B

Explanation: You need to use Group Policy object (GPO) for every domain. With this you can
rename administrator accounts as well as renaming and disabling the local guest accounts.
Windows Server 2003 also permits you to modify the administrator account and guest account
names with a Group Policy.
Reference: HOW TO: Rename the Administrator and Guest Account in Windows Server 2003
http://support.microsoft.com/kb/816109


QUESTION 3
You work as the Enterprise administrator at Certkingdom.com. The Certkingdom.com network consists of a single
Active Directory domain named Certkingdom.com. All servers on the Certkingdom.com network run Windows
Server 2008 and all client computers run Windows Vista.
Certkingdom.com has its headquarters in Chicago where you are located and a branch office in Dallas that
employs a number of helpdesk staff. You have to implement a new server named Certkingdom-SR10 in
the Dallas office. The setup policy of Certkingdom.com states that all helpdesk staff have the necessary
permissions to manage services. The helpdesk staff should also be able to configure server roles
on Certkingdom-SR10. You need to accomplish this ensuring that the helpdesk staff have the least
amount of permissions.
How can this be achieved?

A. You should make the helpdesk staff, members of the global security group.
B. You should make the helpdesk staff, members of the Server Operators group on Certkingdom-SR10.
C. You should make the helpdesk staff, members of the Account Operators group on Certkingdom-SR10.
D. You should make helpdesk staff, members of the Administrators group on Certkingdom-SR10.

Answer: D

Explanation: To add the helpdesk staff to the Administrators local group will give full
administrative access to an individual computer or a single domain. The user must be a member
of the Administrators group to change accounts or stop and start services or install server roles.
Reference: Using Default Group Accounts
http://technet.microsoft.com/en-us/library/bb726982.aspx
Reference: Securing the Local Administrators Group on Every Desktop
http://www.windowsecurity.com/articles/Securing-Local-Administrators-Group-Every-Desktop.html


QUESTION 4
You work as the Enterprise administrator at Certkingdom.com. The Certkingdom.com network has a domain
named Certkingdom.com. The servers on the Certkingdom.com network are configured to run Windows Server
2008 and the client computers run Windows Vista.
Certkingdom.com has its headquarters in Paris and branch offices in London and Stockholm. You are in
the process of devising a file sharing policy to ensure standardization throughout the network.
Your policy needs to ensure that the Certkingdom.com offices are able to access the files using the
universal Naming Convention (UNC) path. In the event of a server failure files should still be
accessible and the minimum bandwidth needs to be utilized.
You need to determine the components that need to be added to your policy?

A. You should add a DFS namespace that is domain-based and uses replication.
B. You should add the Hyper-V feature to your policy.
C. You should use failover clusters with three servers, one for each office.
D. You should add a DFS namespace that is server-based and uses replication.

Answer: A

Explanation: To comply with the CIO’s request, you need to use domain-based DFS namespace
that uses replication. To implement domain-based DFS namespace, the servers need to members
of the Active Directory domain. Furthermore, domain-based DFS enables multiple replications.
Multiple DFS replicas also provide some fault tolerance.


QUESTION 5
You work as the Enterprise administrator at Certkingdom.com. The Certkingdom.com network has a domain
named Certkingdom.com. All servers on the Certkingdom.com network run Windows Server 2008 and all client
computers run Windows Vista.
The Certkingdom.com network contains a Windows Server 2008 failover cluster that in turn hosts a
database application. During routine monitoring you discover that the database application make
use of almost half of processor and memory usage allocated for it. You want to make sure that the
level of performance is maintained on the cluster.
How can this be achieved? (Choose TWO. Each answer forms part of the solution.)

A. By using the Windows System Resource Manager (WSRM)
B. The using event subscriptions.
C. By using the Microsoft System Center Configuration Manager (SCCM)
D. By establishing a resource-allocation policy for process-based management.
E. By establishing Performance Monitor alerts.

Answer: A,D

Explanation: You need to use Windows System Resource Manager (WSRM) and set up a
resource-allocation policy for process-based management. The Windows System Resource
Manager (WSRM) enables the allocation of resources, including processor and memory
resources, among multiple applications based on business priorities. You can set the CPU and
memory allocation policies on applications. Furthermore, Windows System Resource Manager
(WSRM) does not manage address windowing extensions (AWE) memory. It also does not
manage large page memory, locked memory, or OS pool memory.
Reference: Windows System Resource Manager Fast Facts
http://www.microsoft.com/windowsserver2003/techinfo/overview/wsrmfastfacts.mspx


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Many IT experts have differing opinions on which certifications are most valuable to today’s technology professional. One thing most agree on, however, is that vendor-specific certs from Microsoft are among the most desirable accreditations to earn, thanks to the Windows operating systems and their vast market shares.

IT experts who want to display their comprehensive skills can rely on the Microsoft Certified IT Professional (MCITP) certification to show both potential employers and possible clients their extensive knowledge.

Erik Eickel, a Tech Republic writer and IT professional, is confident that the MCITP credential is the up-and-coming Microsoft certification. In fact, Eickel ranked the MCITP certification No. 1 in Tech Republic’s annual “10 Best IT Certifications” report for the past three years in a row.

“By matching the new certification to popular job roles, as has been done to some extent with CompTIA’s Server+ (server administrator), Project+ (project manager), and A+ (desktop support) certifications, Microsoft has created a new certification that’s certain to prove timely, relevant, and valuable,” Eickel wrote in the most recent report.

What makes MCITP certification so valuable?

According to training information from Microsoft, MCITP basically picks up where MCTS (Microsoft Certified Technology Specialist) certification leaves off. Candidates for MCITP certification have at least two years of experience as IT professionals.

Eickel notes that the MCITP certification is unique because it matches skills in popular job roles. The accreditation is available in a number of different specialties which relate to several different IT professional career paths, so it is able to convey precise knowledge in one’s chosen area of expertise.

According to Microsoft, the MCITP certification is available in the following platforms:
Windows Client
Windows Server
Microsoft SQL Server
Microsoft Office Project Server
Microsoft Exchange Server
Microsoft SharePoint Server
Microsoft Lync Server

Certification exams are further broken down by job functions in each platform, including developer, technician and administrator roles. Eickel points out that some areas might be more applicable than others. He specifically highlighted the Enterprise Desktop Administrator, Server Administrator and Enterprise Messaging Administrator paths as being particularly relevant to today’s IT pros because newer Microsoft platforms are rapidly replacing retiring Exchange servers.

Banking on the MCITP certification
Because of its immediate application to so many up-and-coming job functions, earning MCITP certification can pay off for many IT pros. According to 2011 salary information from Global Learning, the mean annual salary for an IT professional with MCITP certification is $77,529. Data shows mean income figure can vary by specialization:

MCITP: Server Administrator – $75,311
MCITP: Enterprise Administrator – $79,824
MCITP: Database Administrator – $84,320
MCITP: Enterprise Messaging Administrator – $91,192

MCITP certification is likely to be a great way for today’s IT pros to display their skills and validate experience through its relevance to job-specific functions.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

MCTS 70-680 Cert Guide with myITcertificationlabs Bundle
 

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 
Start-to-finish MCTS 70-680 preparation from top Microsoft technology consultant, trainer, and author Don Poulton!
Windows 7 installation, upgrades, and deployment
User and application migration
Windows 7 deployment
Physical and virtual hard disk configuration and management
Windows Update
Device and application configuration
Internet Explorer configuration
Networking, including TCP/IP configuration
Firewall settings
Mobile and remote computing
Secure access control for local and shared resources
System performance management and monitoring
Backups, system recovery, and file recovery

Test your knowledge, build your confidence, and succeed!
Packed with visuals to help you learn fast
Dozens of troubleshooting scenarios
Real-world MCTS 70-680 prep advice from experts
Easy-to-use exam preparation task lists

From Don Poulton, professional Microsoft technology consultant, IT training expert, and best-selling exam guide author

CD Includes Complete Sample Exam
Detailed explanations of correct and incorrect answers
Multiple test modes
Random questions and order of answers

MCTS 70-680: Microsoft Windows 7, Configuring is the perfect study guide to help you pass Microsoft’s MCTS 70-680 exam. It provides coverage and practice questions for every exam topic. The book contains an extensive set of preparation tools, such as quizzes, Exam Alerts, and a practice exam, while the CD provides real-time practice and feedback with two complete sample exams.

Covers the critical information you’ll need to know to score higher on your MCTS 70-680 exam!
. Understand how Windows 7 differs from previous versions
. Install, upgrade, and migrate to Windows 7
. Configure basic and advanced Windows networking
. Enforce security with Windows Firewall and Windows Defender
. Administer users, systems, disks, and printers
. Manage and safely share files and folders
. Work with Windows applications and Internet Explorer 8
. Support mobile computers
. Remotely manage Windows systems
. Optimize Windows 7 system performance
. Efficiently back up systems and reliably recover them

CD FEATURES 2 complete sample exams
The test engine gives you an effective tool to assess your readiness for the exam

 

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com
. Detailed explanations of correct and incorrect answers
. Multiple test modes
. Random questions and order of answers
. Coverage of each MCTS 70-680 exam objective

Certkingdom provides all exam questions for 70-294 exam. With the help of Certkingdom, you can learn Microsoft 70-294 exam better.

Microsoft Certification 70-294 exam material has already proved its uniqueness and accuracy through thousands of Certkingdom users who have passed their 70-294 exam quite easily using Certkingdom 70-294 exam material.

Certkingdom have designed the 70-294 exam questions in such a way that a candidate can pass this exam easily in his first attempt. Just go to the Certkingdom and download free 70-294 exam questions. Our highly certified professional staff made the exam preparation guide according to the latest updates.

In addition Microsoft 70-294 Study Guide is unlike the Microsoft 70-294 practice test with though Microsoft 70-294 practice questions, you will be prepared for the questions with a foundational knowledge of the fundamentals of Microsoft technology by using it. Predicting answers to Microsoft Certification 70-294 practice questions with ease by these core principles.

 

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

Guaranteed to outperform Microsoft Certification 70-294 exam sites and the braindumps they provide. Certkingdom Microsoft 70-294 study materials is the best available. Our collection of practice exam questions is most comprehensive and detailed. 70-294 Question and Answers are in PDF format that makes it easy for a student to study on any system. Certkingdom Microsoft 70-294 exam provides you with 100% success guarantee.

Do you need to spend a lot of time and experience to carry out Microsoft 70-294 exam training, but can not guarantee the adoption, Certkingdom provide the most up-to-date information on the entire Microsoft 70-294 certification exam information, Microsoft Certification 70-294 certification training materials and Microsoft 70-294 Certification study guide will help you in the shortest possible time with maximum efficiency to pass the 70-294 exam.

For example, Certkingdom 70-294 study material has been prepared with great care and vigilance, keeping in view the demands of the aspirants for the certification. It is the fruit of long toil of our skilled and experienced IT professionals who have a thorough knowledge of the requirements of the said certification. 70-294 Certkingdom imparts you confidence in stepping towards the exam. 70-294 Certkingdom is also abbreviated as 70-294, and it is the number one choice of IT professionals for exam 70-294.

We update our Microsoft 70-294 Study Guide as soon as the Exam Objectives change. Our Certified Experts and Professionals prepare this Microsoft Certification 70-294 Study Guide for you combining all the knowledge and keeping in view the latest Microsoft 70-294 Exam Objectives. Your success is guaranteed in Microsoft 70-294 Exam using our Study Guide because you always get the latest and most accurate Microsoft 70-294 Study Guide for us.

What is a Certkingdom 70-294 certification? It is a process of gaining knowledge on a complete defined training 70-294 course and passes it in least satisfactory 70-294 score. There are many online web sites that play an important role in providing 70-294 exam resources, Microsoft Certification Certified study materials (like 70-294 exam notes and 70-294 free practice questions etc), just to enhance your 70-294 exam preparation.

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com


QUESTION 1
You work as a Network Administrator at Certkingdom.com. You have been asked to deploy Lync Server
2010 as a VOIP telephony and video conferencing solution for the company.
Company management is concerned about the possible network load imposed by the VoIP and
video conferencing features of Lync Server 2010.
To manage the network bandwidth used by the system, you configure Call Admission Control.
How can you enable the Call Admission Control feature?

A. By running the Set-CsNetworkInterSitePolicy cmdlet.
B. By running the Set-CsNetworkConfiguration cmdlet.
C. By running the Set-CsCpsConfiguration cmdlet.
D. By running the Set-CsVoiceConfiguration cmdlet.

Answer: B

Explanation:


QUESTION 2
You work as a Network Administrator at Certkingdom.com. The company’s communication system is
provided by a Lync Server 2010 infrastructure.
You have configured a bandwidth policy to limit the network bandwidth used by real-time audio
and video sessions.
You want to override the policy for the Managing Director of the company.
What type of policy should you create first to enable you to override the bandwidth policy for the
Managing Director?

A. You should first create a Conferencing Policy.
B. You should first create a Client Version Policy.
C. You should first create a Voice Policy.
D. You should first create an External Access Policy.

Answer: C

Explanation:


QUESTION 3
You work as a Network Administrator at Certkingdom.com. You are configuring a new Lync Server 2010 infrastructure.
You want the company phone number to be displayed in the format +11112222333 when users on
the Public Switched Telephone Network (PSTN) receive calls from users using the Lync Server
system.
Which cmdlet should you run?

A. You should run the Set-CsVoiceConfiguration cmdlet.
B. You should run the Set-CsNetworkInterSitePolicy cmdlet.
C. You should run the Set-CsVoicePolicy cmdlet.
D. You should run the Set-CsLocationPolicy cmdlet.

Answer: C

Explanation:


QUESTION 4
Your work as a Network Administrator at Certkingdom.com includes the management of the Lync Server
2010 infrastructure.
The Lync Server 2010 infrastructure includes a Mediation Server pool that includes three servers
named Certkingdom-Med1, Certkingdom-Med2 and Certkingdom-Med3.
You need to take Certkingdom-Med3 offline for maintenance.
Which two of the following steps should you perform to allow you to take Certkingdom-Med3 offline without
disconnecting any current calls in progress?

A. Navigate to the Lync Server 2010 Topology Builder.
B. Navigate to the Lync Server 2010 Control Panel.
C. Modify the properties of the Mediation Pool.
D. Modify the properties of Certkingdom-Med3.
E. Create a new Mediation Pool.

Answer: B,D

Explanation:


QUESTION 5
You work as a Network Administrator at Certkingdom.com. You are in the process of deploying a Lync
Server 2010 infrastructure for the company.
You have configured dial-in conferencing and verified that it is functioning properly.
You now want to notify users about the availability of the feature. The notification should include
introductory instructions such as the initial PIN and the link to the Dial-in Conferencing Settings
webpage.
What is the easiest way to send the notification with the required information to the users?

A. Open the Lync Management Shell and run the New-CsAnnouncement cmdlet.
B. Open the Lync Management Shell and run the Set-CsPinSendCAWelcomeMail cmdlet.
C. Open the Lync Management Shell and run the New-CsConferenceDirectory cmdlet.
D. Open the Lync Management Shell and run the New-CsConferencingConfiguration cmdlet.

Answer: B

Explanation:


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

Free MCTS Training - Free MCITP Training - CCNA Training - CCIE Labs - CCNA Certification - MCTS Online Training - MCITP Online Training - Comptia a+ videos - Comptia a+ Video Training - MCTS Training Key - MCITP Training Key - Free Training Courses - Free Certification Courses - MCTS Online Training - MCTS Online Certification - Cisco Certification Training - CCIE LABS Preparation - Cisco CCNA Training - Cisco CCNA Certification Key - MCITP Videos Training - Free MCITP Videos Tutorial - Free MCTS Video Training - MCTS Videos Tutorial - Free Comptia Online Training - Free Comptia Online Certification

Microsoft MCTS Certification - Microsoft MCITP Training - Comptia A+ Training - Comptia A+ Certification - Cisco CCNA Training - Cisco CCNA Certification - Cisco CCIE Training - Cisco CCIE Exams - Cisco CCNA Training - Comptia A+ Training - Microsoft MCTS Training - MCTS Certification - MCITP Certification