Q1. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Which Network Access Protection (NAP) enforcement method should you implement?
A. VPN
B. DHCP
C. IPsec
D. 802.1x
Answer: D
Explanation:
The most common method of the list is 802.1x for a variety of reasons. First, the industry has been selling 802.1x network authentication for the last 10 years. 1x gained tremendous popularity as wireless networking became prevalent in the late 90's and early 2000's and has been proven to be a viable solution to identifying assets and users on your network. For customers that have invested in 802.1x capable switches and access points, NAP can very easily be implemented to complement what is already in place. The Network Policy Server (NPS) role Windows Server 2008 has been dramatically improved to make 802.1x policy creation much simpler to do.
Reference: Network Access Protection Using 802.1x VLAN’s or Port ACLs – Which is right for you?
Q2. - (Topic 8)
Your network contains a Hyper-V host named Host1 that runs Windows Server 2012. Host1 contains a virtual machine named DC1. DC1 is a domain controller that runs Windows Server 2012.
You plan to clone DC1.
You need to recommend which steps are required to prepare DC1 to be cloned.
What should you include in the recommendation? (Each correct answer presents part of the solution. Choose all that apply.)
A. Run dcpromo.exe /adv.
B. Create a file named Dccloneconfig.xml.
C. Add DC1 to the Cloneable Domain Controllers group.
D. Run sysprep.exe /oobe.
E. Run New-VirtualDiskClone.
Answer: B,C
Explanation:
B: DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it boots. This includes network settings, DNS, WINS, AD site name, new DC name and more. This file can be generated in a few different ways.
C: There's a new group in town. It's called Cloneable Domain Controllers and you can find it in the Users container. Membership in this group dictates whether a DC can or cannot be cloned. This group has some permissions set on the domain head that should not be removed. Removing these permissions will cause cloning to fail. Also, as a best practice, DCs shouldn't be added to the group until you plan to clone and DCs should be removed from the group once cloning is complete. Cloned DCs will also end up in the Cloneable Domain Controllers group. Make sure to remove those as well.
Q3. DRAG DROP - (Topic 8)
Your network contains an Active Directory forest named contoso.com.
Your company merges with another company that has an Active Directory forest named
litwareinc.com.
Each forest has one domain.
You establish a two-way forest trust between the forests.
The network contains three servers. The servers are configured as shown in the following table.
You confirm that the client computers in each forest can resolve the names of the client computers in both forests.
On dc1.litwareinc.com, you create a zone named GlobalNames.
You need to recommend changes in both forests to ensure that the users in both forests can resolve single-label names by using the GlobalNames zone in litwareinc.com.
Which changes should you recommend?
To answer, drag the appropriate configuration to the correct server in the answer area. Each configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
Q4. - (Topic 8)
A company has a single-forest and single Active Directory Domain Services domain named contoso.com. The company has offices in multiple geographic locations and manages all computing devices from a network operations center located at a main office.
You deploy physical servers and user devices by using a Windows Deployment Services (WDS) server named WDS1, and a server that runs System Center 2012 Virtual Machine Manager SP1 named VMM1.
Every three months you update the standard deployment images and push the update images to all client devices in the organization. You use multicast deployments for the servers and client devices at the remote offices. To automate the deployment process, you create an Auto-Cast multicast transmission and pre-stage client devices.
You need to ensure that client devices continue the deployment process after the first reboot and do not restart the installation.
What should you do?
A. Option A
B. Option B
C. Option C
D. Option D
Answer: C
Q5. - (Topic 3)
You need to recommend a server virtualization strategy that meets the technical requirements and the virtualization requirements.
What should you include in the recommendation?
A. Windows Server Backup
B. The Microsoft Virtual Machine Converter
C. Microsoft System Center 2012 Virtual Machine Manager (VMM)
D. Disk2vhd
Answer: C
Explanation:
* Scenario:
Virtualize the application servers.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current
resource us The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012age of the Hyper-V hosts.
* System Center Virtual Machine Manager 2012: VMM Gets Major Upgrade Expanded hypervisor support, virtual application support and a myriad of other upgrades are coming in the new VMM 2012.
There's no doubt that Microsoft is making System Center Virtual Machine Manager (VMM) a key component of the System Center suite. The scope of the product is being expanded so much that it could be renamed "System Center Virtual Datacenter Manager." The new version of VMM is currently in beta and is scheduled for release in the second half of 2011. VMM can now do bare-metal installations on fresh hardware, create Hyper-V clusters instead of just managing them, and communicate directly with your SAN arrays to provision storage for your virtual machines (VMs). The list of supported hypervisors has also arown—it includes not only Hyper-V and VMware vSphere Hvpervisor, but
Reference: System Center Virtual Machine Manager 2012: VMM Gets Major Upgrade
Q6. HOTSPOT - (Topic 8)
You have a domain controller that hosts an Active Directory-integrated zone.
On the domain controller, you run the following cmdlet:
PS C:\> Get-DnsServerScavenging
NoRefreshInterval:2.00:00:00 RefreshInterval:3.00:00:00 ScavengingInterval:4.00:00:00 ScavengingState:True LastScavengeTime:1/30/2014 9:10:36 AM
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
Q7. - (Topic 4)
You need to recommend a solution for the replication of Active Directory.
What should you recommend modifying?
A. The Active Directory Schema
B. The properties of Site1
C. The RODC1 computer account
D. The properties of Site2
Answer: A
Explanation: The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data. The physical structure of the schema consists of the object definitions. The schema itself is stored in the directory. The schema is stored in its own partition (the schema partition) in the directory. The schema is replicated among all the domain controllers in the forest, and any change that is made to the schema is replicated to every domain controller in the forest. Because the schema dictates how information is stored, and because any changes that are made to the schema affect every domain controller, changes to the schema should be made only when necessary — through a tightly controlled process — after testing has been performed to ensure that there will be no adverse effects on the rest of the forest.
Reference: How the Active Directory Schema Works
Q8. - (Topic 3)
You need to recommend changes to the Active Directory site topology to support on the company's planned changes.
What should you include in the recommendation?
A. A new site
B. A new site link bridge
C. A new site link
D. A new subnet
Answer: D
Explanation:
* Scenario:
The forest contains a child domain for each office. An Active Directory site exists for each
office.
* Sites overview
Sites in AD DS represent the physical structure, or topology, of your network. AD DS uses
network topology information, which is stored in the directory as site, subnet, and site link
objects, to build the most efficient replication topology. The replication topology itself
consists of the set of connection objects that enable inbound replication from a source
domain controller to the destination domain controller that stores the connection object.
The Knowledge
Consistency Checker (KCC) creates these connection objects automatically on each
domain controller.
Reference: Understanding Sites, Subnets, and Site Links
http://technet.microsoft.com/en-us/library/cc754697.aspx
Q9. - (Topic 4)
You need to recommend a solution for the sales reports.
What should you include in the recommendation?
A. BranchCache in distributed cache mode
B. Offline files
C. BranchCache in hosted cache mode
D. Distributed File System (DFS)
Answer: A
Explanation: * Scenario: Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
* BranchCache is designed to reduce WAN link utilization and improve application responsiveness for branch office workers who access content from servers in remote locations. Branch office client computers use a locally maintained cache of data to reduce traffic over a WAN link. The cache can be distributed across client computers (Distributed Cache mode) or can be housed on a server in the branch (Hosted Cache mode).
Reference: BranchCache Overview
Q10. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012.
Your company uses IP Address Management (IPAM) to manage multiple DHCP servers.
A user named User1 is a member of the IPAM Users group and is a member of the local Administrators group on each DHCP server.
When User1 edits a DHCP scope by using IPAM, the user receives the error message shown in the exhibit. (Click the Exhibit button.)
You need to prevent User1 from receiving the error message when editing DHCP scopes by using IPAM.
What should you do?
A. Add User1 to the DHCP Administrators group on each DHCP server.
B. Add User1 to the IPAM Administrators group.
C. Run the Set-IpamServerConfig cmdlet.
D. Run the Invoke-IpamGpoProvisioning cmdlet.
Answer: B
Explanation:
IPAM Administrators: IPAM Administrators have the privileges to view all IPAM data and perform all IPAM tasks.
Reference: Walkthrough: Demonstrate IPAM in Windows Server 2012
http://technet.microsoft.com/en-us/library/hh831622.aspx