Your company has an Active Directory domain. A user attempts to log on to a computer that was turned off for twelve weeks. The administrator receives an error message that authentication has failed.
You need to ensure that the user is able to log on to the computer.
What should you do?
A. Run the netsh command with the set and machine options.Your network contains an Active Directory domain. The domain contains two file servers. The file servers are configured as shown in the following table.

You create a Group Policy object (GPO) named GPO1 and you link GPO1 to OU1.
You configure the advanced audit policy as shown in the exhibit. (Click the Exhibit button.)

You discover that the settings are not applied to Server1. The settings are applied to Server2.
You need to ensure that access to the file shares on Server1 is audited.
What should you do?
A. On Server1, run secedit.exe and specify the /configure parameter.Your company has a domain controller that runs Windows Server 2008. The domain controller has the backup features installed.
You need to perform a non-authoritative restore of the doman controller using an existing backup file.
What should you do?
A. Restart the domain controller in Directory Services Restore Mode and use wbadmin to restore critical volumeYour network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering.
You need to create a password policy for the engineering department that is different from your domain password policy.
What should you do?
A. Create a new GPO. Link the GPO to the Engineering OU.ABC.com has a network that consists of a single Active Directory domain. A technician has accidently deleted an Organizational unit (OU) on the domain controller. As an administrator of ABC.com, you are in process of restoring the OU.
You need to execute a non-authoritative restore before an authoritative restore of the OU.
Which backup should you use to perform non- authoritative restore of Active Directory Domain Services (AD DS) without disturbing other data stored on domain controller?
A. Critical volume backupYou have a Windows Server 2008 R2 Enterprise Root CA.
Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA.
You need to allow users to request certificates from a Web interface. You install the Active Directory Certificate Services (AD CS) server role.
What should you do next?
A. Configure the Online Responder Role Service on a member server.Your company has an Active Directory forest that contains a single domain. The domain member server has an Active Directory Federation Services (AD FS) role installed.
You need to configure AD FS to ensure that AD FS tokens contain information from the Active Directory domain.
What should you do?
A. Add and configure a new account partner.Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.
You add a logoff script to an existing Group Policy object (GPO).
You need to verify that each domain controller successfully replicates the updated group policy. Which two objects should you verify on each domain controller? (Each correct answer presents part of the solution. Choose two.)
A. \\servername\SYSVOL\contoso.com\Policies\{GUID}\gpt.iniYour company has an Active Directory domain that has an organizational unit named Sales. The Sales organizational unit contains two global security groups named sales managers and sales executives.
You need to apply desktop restrictions to the sales executives group.
You must not apply these desktop restrictions to the sales managers group.
You create a GPO named DesktopLockdown and link it to the Sales organizational unit.
What should you do next?
A. Configure the Deny Apply Group Policy permission for Authenticated Users on the DesktopLockdown GPO.Your company security policy requires complex passwords.
You have a comma delimited file named import.csv that contains user account information. You need to create user account in the domain by using the import.csv file.
You also need to ensure that the new user accounts are set to use default passwords and are disabled.
What should you do?
A. Modify the userAccountControl attribute to disabled. Run the csvde i k f import.csv command. Run the DSMOD utility to set default passwords for the user accounts.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-640 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.