Your network contains three servers named ADFS1, ADFS2, and ADFS3 that run Windows Server 2008 R2. ADFS1 has the Active Directory Federation Services (AD FS) Federation Service role service installed.

You plan to deploy AD FS 2.0 on ADFS2 and ADFS3.

You need to export the token-signing certificate from ADFS1, and then import the certificate to ADFS2 and ADFS3.

A corporate network includes an Active Directory-integrated zone. All DNS servers that host the zone are domain controllers.

You add multiple DNS records to the zone.

You need to ensure that the new records are available on all DNS servers as soon as possible.

Which tool should you use?

Your network contains an Active Directory forest named contoso.com. The functional level of the forest is Windows Server 2008 R2

The DNS zone for contoso.com is Active Directory-integrated.

You deploy a read-only domain controller (RODC) named R0DC1. You install the DNS Server server role on R0DC1.

You discover that R0DC1 does not have any DNS application directory partitions.

You need to ensure that R0DC1 has a copy of the DNS application directory partition of contoso.com.

What should you do? (Each correct answer presents a complete solution. Choose two.)

You create a standard primary zone for contoso.com.

You need to specify a user named Admin1 as the person responsible for managing the zone.

What should you do? (Each correct answer presents a complete solution. Choose two.)

Your network contains an Active Directory domain. The domain contains two Active Directory sites named Site1 and Site2. Site1 contains two domain controllers named DC1 and DC2. Site2 contains two domain controller named DC3 and DC4,

The functional level of the domain is Windows Server 2008 R2. The functional level of the forest is Windows Server 2003.

Active Directory replication between Site1 and Site2 occurs from 20:00 to 01:00 every day.

At 07:00, an administrator deletes a user account while he is logged on to DC1.

“A Composite Solution With Just One Click” – Certification Guaranteed 266 Microsoft 70-640 Exam
You need to restore the deleted user account. You want to achieve this goal by using the minimum amount of administrative effort.

What should you do?

Your network contains an Active Directory domain named contoso.com.

You have an organizational unit (OU) named Sales and an OU named Engineering.

You need to ensure that when users log on to client computers, they are added automatically to the local Administrators group. The users must be removed from the group when they log off of the client computers.

What should you do?

Your network contains an Active Directory domain named adatum.com. The functional level of the domain is Windows Server 2003. All domain controllers run Windows Server 2008 R2.

You mount an Active Directory snapshot.

You need to ensure that you can connect to the snapshot by using LDAP.

What should you do?

Your network contains an Active Directory forest. The forest contains one domain named contoso.com.

You attempt to create a new child domain and you receive the following error message: “An LDAP read of operational attributes failed.”

You need to ensure that you can add a new child domain to the forest.

What should you do?

You have an enterprise subordinate certification authority (CA).

You have a custom certificate template that has a key length of 1,024 bits. The template is enabled for autoenrollment.

You increase the template key length to 2,048 bits.

You need to ensure that all current certificate holders automatically enroll for a certificate that uses the new template.

Which console should you use?