Q1. DRAG DROP - (Topic 5)
You need to design the file management solution.
What should you do? To answer, drag the appropriate technology to the correct office. Each technology may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q2. - (Topic 8)
Your company has a main office and a branch office. The main office contains 2,000 users. The branch office contains 800 users. Each office contains three IP subnets.
The company plans to deploy an Active Directory forest.
You need to recommend an Active Directory infrastructure to meet the following requirements:
. Ensure that the users are authenticated by using a domain controller in their respective office.
. Minimize the amount of Active Directory replication traffic between the offices.
Which Active Directory infrastructure should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Two domains and one site
B. Two domains and two sites
C. One domain and two sites
D. One domain and six sites
Answer: B
Explanation:
To minimize the amount of replication traffic, create 2 sites.
To ensure that users are authentication by using a local domain controller, use two
domains.
Reference: Active Directory Replication Traffic
Q3. - (Topic 5)
You need to configure the connection between the new remote branch office and the existing branch offices.
What should you create?
A. SMTP site link
B. Forest trust
C. Certification authority
D. IP subnet
Answer: A
Q4. - (Topic 6)
You need to plan the migration of App1. What should you do?
A. Install App1 on drive C. Move all of the data that supports App1 to drive D.
B. Expand the size of drive C Install App1 and all of the data that supports the app on drive C
C. Install App1 on drive D. Move all of the data that supports App1 to an additional data drive.
D. Install App1 on drive C. Move all of the data that supports App1 to an additional data drive.
Answer: C
Q5. - (Topic 3)
You need to recommend a remote access solution that meets the VPN requirements.
Which role service should you include in the recommendation?
A. Routing
B. Network Policy Server
C. DirectAccess and VPN (RAS)
D. Host Credential Authorization Protocol
Answer: B
Explanation:
Scenario:
A server that runs Windows Server 2012 will perform RADIUS authentication for all of the
VPN connections.
Ensure that NAP with IPSec enforcement can be configured.
Network Policy Server
Network Policy Server (NPS) allows you to create and enforce organization-wide network
access policies for client health, connection request authentication, and connection request
authorization. In addition, you can use NPS as a Remote Authentication Dial-In User
Service
(RADIUS) proxy to forward connection requests to a server running NPS or other RADIUS
servers that you configure in remote RADIUS server groups.
NPS allows you to centrally configure and manage network access authentication,
authorization, are client health policies with the following three features: RADIUS server.
NPS performs centralized authorization, authorization, and accounting for wireless,
authenticating switch, remote access dial-up and virtual private network (VNP)
connections. When you use NPS as a RADIUS server, you configure network access
servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. You
also configure network policies that NPS uses to authorize connection requests, and you
can configure RADIUS accounting so that NPS logs accounting information to log files on
the local hard disk or in a Microsoft SQL Server database.
Reference: Network Policy Server
Q6. - (Topic 1)
You are planning the decommissioning of research.contoso.com.
You need to ensure that an administrator named Admin5 in the research department can manage the user accounts that are migrated to contoso.com. The solution must minimize the number of permissions assigned to Admin5.
What should you do before you migrate the user accounts?
A. Run the New-Object cmdlet, and then run the Add-ADPrincipalGroupMembershipcmdlet.
B. Create a new organizational unit (OU), and then add Admin5 to the Account Operators group.
C. Create a new organizational unit (OU), and then run the Delegation of Control Wizard.
D. Run the New-Object cmdlet, and then run the Add-ADCentralAccessPolicyMembercmdlet.
Answer: C
Explanation:
* Scenario: Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
Reference: Delegation of Control Wizard
http://technet.microsoft.com/en-us/library/dd145344.aspx
Q7. - (Topic 8)
Your company has three offices. The offices are located in Montreal, Toronto, and Vancouver.
The network contains two Active Directory forests named contoso.com and adatum.com. The contoso.com forest contains one domain. The adatum.com forest contains two domains. All of the servers in adatum.com are located in the Toronto office. The servers in contoso.com are located in the Montreal and Vancouver offices. All of the servers in both of the forests run Windows Server 2012 R2.
A two-way, forest trusts exists between the forests.
Each office contains DHCP servers and DNS servers.
You are designing an IP Address Management (IPAM) solution to manage the network.
You need to recommend a solution for the placement of IPAM servers to manage all of the DHCP servers and all of the DNS servers in both of the forests. The solution must minimize the number of IPAM servers deployed.
What should you recommend?
A. One IPAM server in each office
B. One IPAM server in the Montreal office and one IPAM server in the Toronto office
C. One IPAM server in the Toronto office
D. Two IPAM servers in the Toronto office and one IPAM server in the Montreal office
E. Two IPAM servers in the Toronto office, one IPAM server in the Montreal office, and one IPAM server in the Vancouver office
Answer: B
Explanation: * There are three general methods to deploy IPAM servers:
Distributed: An IPAM server deployed at every site in an enterprise.
Centralized: One IPAM server in an enterprise.
Hybrid: A central IPAM server deployed with dedicated IPAM servers at each site.
Reference: IP Address Management (IPAM) Overview
Q8. - (Topic 3)
You need to recommend a migration strategy for the DHCP servers. The strategy must meet the technical requirements.
Which Windows PowerShell cmdlet should you recommend running on the physical DHCP servers?
A. Import-SmigServerSetting
B. Export-SmigServerSetting
C. Receive-SmigServerData
D. Send-SmigServerData
Answer: B
Explanation: * Scenario: / Main office: One physical DHCP server that runs Windows Server 2008 R2 / each branch office: One physical DHCP server that runs Windows Server 2008 R2 / The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.
* Example:
Command Prompt: C:\PS>
Export-SmigServerSetting -Feature "DHCP" -User All -Group -Path "c:\temp\store" -Verbose
This sample command exports the Dynamic Host Configuration Protocol (DHCP) Server and all other Windows features that are required by DHCP Server.
Q9. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation: NAP supports a variety of what we call enforcement methods. In the NAP space, and enforcement method is simply a term that defines the way a machine connects to a network. In NAP, these are DHCP, 802.1x (wired or wireless), VPN, IPsec, or via a Terminal Services Gateway.
Q10. DRAG DROP - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains five servers. The servers are configured as shown in the following table.
You plan to implement Network Access Protection (NAP) with IPSec enforcement on all client computers.
You need to identify on which servers you must perform the configurations for the NAP deployment.
Which servers should you identify? To answer, drag the appropriate servers to the correct actions. Each server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer: