Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable force tunneling.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation: DirectAccess. DirectAccess allows connectivity to organizational network resources without the need for traditional virtual private network (VPN) connections.
DirectAccess allows remote users to securely access internal network file shares, Web sites, and applications without connecting to a virtual private network (VPN). An internal network is also known as a private network or intranet. DirectAccess establishes bi-directional connectivity with an internal network every time a DirectAccess-enabled computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the internal network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.
Q2. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains three Active Directory sites. The Active Directory sites are configured as shown in the following table.
The sites connect to each other by using the site links shown in the following table. You need to design the Active Directory site topology to meet the following requirements:
. Ensure that all replication traffic between Site2 and Site3 replicates through Site1 if a domain controller in Site1 is available. . Ensure that the domain controllers between Site2 and Site3 can replicate if all of the domain controllers in Site1 are unavailable.
What should you do?
A. Delete Link2.
B. Disable site link bridging.
C. Delete Link3.
D. Create one site link bridge.
E. Modify the cost of Link2.
Answer: E
Q3. - (Topic 8)
Your network contains an Active Directory forest. The forest contains two Active Directory domains named contoso.com and child.contoso.com. The forest functional level is Windows Server 2003. The functional level of both domains is Windows Server 2008.
The forest contains three domain controllers. The domain controllers are configured as shown in the following table.
DC1 and DC2 have the DNS Server server role installed and are authoritative for both contoso.com and child.contoso.com.
The child.contoso.com domain contains a server named serverl.child.contoso.com that runs Windows Server 2012.
You plan to deploy server1.child.contoso.com as a read-only domain controller (RODC).
You run the adprep.exe /rodcprep command on DC3 and receive the following error message:
You need to identify what prevents you from successfully running Adprep /rodcprep on DC3.
What should you identify?
A. The domain functional level of child.contoso.com is set to the wrong level.
B. DC3 cannot connect to the infrastructure master on DC2.
C. DC3 cannot connect to the domain naming master on DC1.
D. The forest functional level is set to the wrong level.
Answer: B
Explanation: Adprep could not contact a replica…
This problem occurs when the Adprep /rodcprep command tries to contact the
infrastructure master for each application partition in the forest.
Reference: Error message when you run the "Adprep /rodcprep" command in Windows
Server 2008: "Adprep could not contact a replica for partition
DC=DomainDnsZones,DC=Contoso,DC=com"
Q4. DRAG DROP - (Topic 8)
Your network contains three servers named Server1, Server2, and Server3 that run Windows Server 2012. Server3 is connected to a disk storage array.
You need to ensure that Server1 can store files on the storage array. The solution must ensure that Server1 can access the storage as a local disk.
What should you configure on each server?
To answer, drag the appropriate configuration to the correct location in the answer area. Each configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
Q5. - (Topic 7)
You have an IP Address Management (IPAM) server that runs Windows Server 2012 SP1. You need to integrate the IPAM server with System Center Virtual Machine Manager (SCVMM).
Solution: You create a dedicated user account named IPAM_svc, and add it to the Local Administrators local group on the SO/MM server.
Does this meet the goal?
A. Yes
B. No
Answer: B
Reference: How to integrate IPAM with SCVMM 2012 R2
Q6. - (Topic 2)
You need to recommend a solution for the RODC.
Which attribute should you include in the recommendation?
A. systemFlags
B. searchFlags
C. policy-Replication-Flags
D. flags
Answer: B
Explanation: * Scenario: Deploy a read-only domain controller (RODC) to the London office
* The read-only domain controller (RODC) filtered attribute set (FAS) is a set of attributes of the Active Directory schema that is not replicated to an RODC. If you have data that you do not want to be replicated to an RODC in case it is stolen, you can add these attributes to the RODC FAS. If you add the attributes to the RODC FAS before you deploy the first RODC, the attributes are never replicated to any RODC.
/ To decide which attributes to add to the RODC FAS, review any schema extensions that have been performed in your environment and determine whether they contain credential-like data or not. In other words, you can exclude from consideration any attributes that are part of the base schema, and review all other attributes. Base schema attributes have the.systemFlags.attribute value 16 (0x10) set.
Reference: Customize the RODC Filtered Attribute Set
Q7. DRAG DROP - (Topic 8)
Your network contains an Active Directory forest named corp.contoso.com. All servers run Windows Server 2012.
The network has a perimeter network that contains servers that are accessed from the Internet by using the contoso.com namespace.
The network contains four DNS servers. The servers are configured as shown in the following table.
All of the client computers on the perimeter network use Server1 and Server2 for name resolution.
You plan to add DNS servers to the corp.contoso.com domain.
You need to ensure that the client computers automatically use the additional name servers. The solution must ensure that only computers on the perimeter network can resolve names in the corp.contoso.com domain.
Which DNS configuration should you implement on Server1 and Server2?
To answer, drag the appropriate DNS configuration to the correct location in the answer area. Each DNS configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
Q8. - (Topic 7)
You need to limit the amount of disk space that is used on the client devices.
Which Windows PowerShell cmdlet or cmdlets should you run?
A. Add-BCDataCacheExtcnsion
B. Set-BCDataCacheEntryMaxAge
C. Disable-BC and Enablc-BCLocal
D. Set-BCCache
E. Clear-BCCache
Answer: D
Explanation:
Scenario: File shares
Each branch office connects to the New York data center to retrieve file shares.
BranchCache distributed mode is enabled in each branch office. The cache on each client
computer must be a single file.
Reference: Set-BCCache
Q9. - (Topic 8)
You plan to deploy multiple servers in a test environment by using Windows Deployment Services (WDS).
You need to identify which network services must be available in the test environment to deploy the servers.
Which network services should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
A. Active Directory Domain Services (AD DS)
B. DNS
C. DHCP
D. WINS
E. Active Directory Lightweight Directory Services (AD LDS)
F. Network Policy Server (NPS)
Answer: A,B,C
Explanation: Prerequisites for installing Windows Deployment Services
* (A) Active Directory Domain Services (AD DS).
Windows Deployment Services server must be a member of an Active Directory Domain
Services (AD DS) domain or a domain controller for an AD DS domain.
* (B) DNS. You must have a working Domain Name System (DNS) server on the network
before you can run Windows Deployment Services.
* (C): DHCP. You must have a working Dynamic Host Configuration Protocol (DHCP)
server with an active scope on the network because Windows Deployment Services uses
PXE, which relies on DHCP for IP addressing.
* NTFS volume.
Reference: Windows Deployment Services Overview
http://technet.microsoft.com/en-us/library/hh831764.aspx
Q10. - (Topic 8)
Your company, which is named Contoso, Ltd., has a main office and two branch offices. The main office is located in North America. The branch offices are located in Asia and Europe.
You plan to design an Active Directory forest and domain infrastructure.
You need to recommend an Active Directory design to meet the following requirements:
* The contact information of all the users in the Europe office must not be visible to the users in the other offices.
* The administrators in each office must be able to control the user settings and the computer settings of the users in their respective office.
The solution must use the least amount of administrative effort.
What should you include in the recommendation?
A. One forest that contains three domains
B. Three forests that each contain one domain
C. Two forests that each contain one domain
D. One forest that contains one domain
Answer: D
Explanation: * The most basic of all Active Directory structures is the single domain model; this type of domain structure comes with one major advantage over the other models: simplicity. A single security boundary defines the borders of the domain, and all objects are located within that boundary. The establishment of trust relationships between other domains is not necessary, and implementation of technologies such as Group Policies is made easier by the simple structure.
Q11. - (Topic 8)
This question consists of two statements: One is named Assertion and the other is named Reason. Both of these statements may be may be true; both false; or one may be true, while the other may be false.
To answer this question, you must first evaluate whether each statement is true on its own. If both statements are true, then you must evaluate whether the Reason (the second statement) correctly explains the Assertion (the first statement). You will then select the answer from the list of answer choices that matches your evaluation of the two statements.
You plan to migrate users between two Active Directory Domain Services domains in different forests.
You run the following command from an administrative command prompt:
Assertion:
Users will have uninterrupted access to the resources in the source domain during the migration.
Reason:
The Netdom command configures a two-way trust between the source and target domains to ensure that users can access both environments for the entire length of the migration phase.
Evaluate the Assertion and Reason statements and choose the correct answer option.
A. Both the Assertion and Reason are true, and the Reason is the correct explanation for the Assertion.
B. Both the Assertion and Reason are true, but the Reason is not the correct explanation for the Assertion.
C. The Assertion is true, but The Reason is false.
D. The Assertion is false, but the Reason is true.
E. Both the Assertion and the Reason are false.
Answer: D
Q12. HOTSPOT - (Topic 8)
Your network contains an Active Directory forest named northwindtraders.com.
The client computers in the finance department run either Windows 8.1, Windows 8, or Windows 7. All of the client computers in the marketing department run Windows 8.1.
You need to design a Network Access Protection (NAP) solution for northwindtraders.com that meets the following requirements:
. The client computers in the finance department that run Windows 7 must have a firewall enabled and the antivirus software must be up-to-date.
. The finance computers that run Windows 8.1 or Windows 8 must have automatic updating enabled and the antivirus software must be up-to-date.
. The client computers in the marketing department must have automatic updating enabled and the antivirus software must be up-to-date.
. If a computer fails to meet its requirements, the computers must be provided access to a limited set of resources on the network.
. If a computer meets its requirements, the computer must have full access to the network.
What is the minimum number of objects that you should create to meet the requirements? To answer, select the appropriate number for each object type in the answer area.
Answer:
Q13. HOTSPOT - (Topic 6)
You need to configure Windows Updates.
How should you complete the relevant Windows PowerShell commands? To answer, select the Windows PowerShell segments in the answer area.
Answer:
Q14. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation: NAP supports a variety of what we call enforcement methods. In the NAP space, and enforcement method is simply a term that defines the way a machine connects to a network. In NAP, these are DHCP, 802.1x (wired or wireless), VPN, IPsec, or via a Terminal Services Gateway.
Q15. - (Topic 7)
You need to generate the required report
Which tool should you use?
A. Microsoft Deployment Toolkit (MDT)
B. Microsoft Desktop Optimization Pack (MDOP)
C. Microsoft Assessment and Planning Toolkit (MAP)
D. Application Compatibility Toolkit (ACT)
Answer: C
Explanation:
Scenario: Consolidation reports The company requires a report that describes the impact of consolidation. The report must provide the following information:
.An inventory of the existing physical server environment
.Visual charts that show the reduction of physical servers
Reference: Microsoft Assessment and Planning (MAP) Toolkit for Hyper-V