Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 8)
Your network contains an Active Directory forest named adatum.com. All domain controllers run Windows Server 2008 R2. The functional level of the domain and the forest is Windows Server 2008.
You deploy a new Active Directory forest named contoso.com. All domain controllers run Windows Server 2012 R2. The functional level of the domain and the forest is Windows Server 2012 R2.
You establish a two-way, forest trust between the forests. Both networks contain member servers that run either Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 or Windows Server 2008.
You plan to use the Active Directory Migration Tool 3.2 (ADMT 3.2) to migrate user accounts from adatum.com to contoso.com. SID history will be used in contoso.com and passwords will be migrated by using a Password Export Server (PES).
You need to recommend which changes must be implemented to support the planned migration.
Which two changes should you recommend? Each correct answer presents part of the solution.
A. In the contoso.com forest, deploy a domain controller that runs Windows Server 2008 R2.
B. In the adatum.com forest, upgrade the functional level of the forest and the domain.
C. In the contoso.com forest, downgrade the functional level of the forest and the domain.
D. In the adatum.com forest, deploy a domain controller that runs Windows Server 2012 R2.
Answer: A,C
Q2. - (Topic 8)
Your network contains an Active Directory forest named contoso.com. The forest is managed by using Microsoft System Center 2012.
You plan to create virtual machine templates to deploy servers by using the Virtual Machine
Manager Self-service Portal (VMMSSP).
To the Virtual Machine Manager (VMM) library, you add a VHD that has a generalized image of Windows Server 2012.
You need to identify which VMM components must be associated with the image.
Which components should you identify? (Each correct answer presents part of the solution.
Choose all that apply.)
A. A guest OS profile
B. A hardware profile
C. A capability profile
D. A host profile
Answer: A,B
Explanation:
Profiles
VMM provides the following profiles:
* (A) Guest operating system profile—A guest operating system profile defines operating system configured settings which will be applied to a virtual machine created from the template. It defines common operating system settings such as the type of operating system, the computer name, administrator password, domain name, product key, and time zone, answer file and run once file.
* (B) Hardware profile—A hardware profile defines hardware configuration settings such as
CPU, memory, network adapters, a video adapter, a DVD drive, a floppy drive, COM ports,
and the priority given the virtual machine when allocating resources on a virtual machine
host.
NOTE: VMM also includes host profiles. Host profiles are not used for virtual machine
creation.
They are used during the conversion of a bare-metal computer to a Hyper-V host.
Reference: Creating Profiles and Templates in VMM Overview
Q3. - (Topic 8)
You have a server named Server1 that runs Windows Server 2012. Server1 has the DNS Server server role installed.
You need to recommend changes to the DNS infrastructure to protect the cache from cache poisoning attacks.
What should you configure on Server1?
A. DNS cache locking
B. The global query block list
C. DNS Security Extensions (DNSSEC)
D. DNS devolution
Answer: A
Explanation: Ache locking is a new feature available if your DNS server is running Windows Server 2008 R2. When you enable cache locking, the DNS server will not allow cached records to be overwritten for the duration of the time to live (TTL) value. Cache locking provides for enhanced security against cache poisoning attacks.
Q4. DRAG DROP - (Topic 8)
You manage a server named DA01 that has the DirectAccess feature configured. You deploy a new server named DA02. Both servers run Microsoft Windows Server 2012 R2.
You need to configure a Direct Access load-balanced cluster named WAP01 that contains servers DA01 and DA02.
How should you complete the relevant Windows PowerShell commands? To answer, drag the appropriate Windows PowerShell segment to the correct locations. Each Windows PowerShell segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q5. - (Topic 3)
You need to recommend changes to the Active Directory environment to support the virtualization requirements.
What should you include in the recommendation?
A. Raise the functional level of the domain and the forest.
B. Upgrade the domain controller that has the domain naming master role to Windows Server 2012.
C. Implement Administrator Role Separation.
D. Upgrade the domain controllers that have the PDC emulator master role to Windows Server 2012.
Answer: D
Explanation: From case study:
* Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
Q6. - (Topic 1)
You need to recommend which changes must be implemented to the network before you can deploy the new web application.
What should you include in the recommendation?
A. Change the forest functional level to Windows Server 2008 R2.
B. Upgrade the DNS servers to Windows Server 2012.
C. Change the functional level of both the domains to Windows Server 2008 R2.
D. Upgrade the domain controllers to Windows Server 2012.
Answer: D
Explanation:
Scenario:
The domain controllers run Windows Server 2008 R2.
The company is migrating to Windows Server 2012.
Q7. - (Topic 8)
Your company has a main office and four branch offices. The main office is located in London.
The network contains an Active Directory domain named contoso.com. The network is configured as shown in the exhibit. (Click the Exhibit button.)
Each office contains several servers that run Windows Server 2012.
In each branch office, you plan to deploy an additional 20 servers that will run Windows Server 2012. Some of the servers will have a Server Core installation of Windows Server 2012.
You identify the following requirements for the deployment of the new servers:
Operating system images must be administered centrally.
The operating system images must be deployed by using PXE.
The WAN traffic caused by the deployment of each operating system must be minimized.
You need to recommend a solution for the deployment of the new servers.
What should you recommend?
A. Deploy Windows Deployment Services (WDS) in each office. Replicate the images by
using Distributed File System (DFS) Replication,
B. Deploy Windows Deployment Services (WDS) in the main office only. Replicate the images by using Distributed File System (DFS) Replication.
C. Deploy Windows Deployment Services (WDS) in each office. Copy the images by using BranchCache.
D. Deploy Windows Deployment Services (WDS) in the main office only. Copy the images by using BranchCache.
Answer: A
Explanation: DFS Replication is a replication engine that you can use to replicate images between Windows Deployment Services servers.
Reference: Storing and Replicating Images Using DFS
Q8. - (Topic 8)
Your network contains an Active Directory domain named contoso.com.
The domain contains the organization units (OUs) configured as shown in the following table.
Users and computers at the company change often.
You create a Group Policy object (GPO) named GPO6. GPO6 contains user settings.
You need to ensure that GPO6 applies to users when they log on to the kiosk computers only. The solution must minimize administrative effort.
What should you do?
A. Link GPO6 to OU4 and configure loopback processing in GPO6.
B. Link GPO6 to OU1 and configure WMI filtering on GPO3.
C. Link GPO6 to OU1 and configure loopback processing in GPO6.
D. Link GPO6 to OU1 and configure loopback processing in GPO5.
Answer: A
Explanation: Group Policy applies to the user or computer in a manner that depends on where both the user and the computer objects are located in Active Directory. However, in some cases, users may need policy applied to them based on the location of the computer object alone. You can use the Group Policy loopback feature to apply Group Policy Objects (GPOs) that depend only on which computer the user logs on to.
Q9. - (Topic 8)
Your company is a hosting provider that provides cloud-based services to multiple customers.
Each customer has its own Active Directory forest located in your company's datacenter.
You plan to provide VPN access to each customer. The VPN solution will use RADIUS for authentication services and accounting services.
You need to recommend a solution to forward authentication and accounting messages from the perimeter network to the Active Directory forest of each customer.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. One RADIUS proxy for each customer and Active Directory Federation Services (AD FS)
B. A RADIUS server for each customer and one RADIUS proxy
C. One RADIUS proxy and one Active Directory Lightweight Directory Services (AD LDS) instance for each customer
D. A RADIUS server for each customer and a RADIUS proxy for each customer
Answer: B
Explanation: RADIUS proxy You want to provide RADIUS authentication and authorization for outsourced service providers and minimize intranet firewall configuration. An intranet firewall is between your perimeter network (the network between your intranet and the Internet) and intranet. By placing an NPS server on your perimeter network, the firewall between your perimeter network and intranet must allow traffic to flow between the NPS server and multiple domain controllers. By replacing the NPS server with an NPS proxy, the firewall must allow only RADIUS traffic to flow between the NPS proxy and one or multiple NPS servers within your intranet.
Q10. - (Topic 8)
You have a virtual machine (VM) named VM-APP1 that hosts critical application named APP1. The VM has the following VHDX virtual disks:
Both VHDX virtual disks are located on LUN1 of a Storage Area Network.
Every time you perform Storage Live Migration for VM-APP1, it takes a few hours.
You need to ensure that the storage supports Offloaded Data Transfer (ODX), and that
ODX is enabled.
Which two Windows PowerShell commands should you run? Each correct answer presents
part of the solution.
A. Set-ItemProperty HKLM:\system\currentcontrolset\control\filesystem -Name “FilterSupportedFeaturesMode” –Value 0
B. Set-StorageSubSystem –InputObject (Get-StorageSubSystem) –ThrottleLimit 0
C. Get-ItemProperty HKLM:\system\currentcontrolset\services\<FilterName> -Name “SupportedFeatures”
D. Set-ItemProperty HKLM:\system\currentcontrolset\control\filesystem –Name “FilterSupportedFeatiresMode” –Value1
Answer: A,C
Q11. - (Topic 5)
You need to configure the connection between the new remote branch office and the existing branch offices.
What should you create?
A. SMTP site link
B. Forest trust
C. Certification authority
D. IP subnet
Answer: A
Q12. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains 10 sites. The sites are located in different cities and connect to each other by using low-latency WAN links.
In each site, you plan to implement Microsoft System Center 2012 Configuration Manager and to deploy multiple servers.
You need to recommend which Configuration Manager component must be deployed to each site for the planned deployment.
What should you include in the recommendation?
More than one answer choice may achieve the goal. Select the BEST answer.
A. A management point
B. A software update point
C. A distribution group point
D. A secondary site server that has all of the Configuration Manager roles installed
Answer: C
Explanation:
Distribution point groups provide a logical grouping of distribution points and collections for content distribution. A Distribution point group is not limited to distribution points from a single site, and can contain one or more distribution points from any site in the hierarchy. When you distribute content to a distribution point group, all distribution points that are members of the
distribution point group receive the content.
Reference: Configuring Distribution Point Groups in Configuration Manager
Q13. - (Topic 1)
You need to recommend a solution for DHCP logging. The solution must meet the technical requirement.
What should you include in the recommendation?
A. Event subscriptions
B. IP Address Management (IPAM)
C. DHCP audit logging
D. DHCP filtering
Answer: B
Explanation: * Scenario: A central log of the IP address leases and the users associated to those leases must be created.
* Feature description IPAM in Windows Server 2012 is a new built-in framework for discovering, monitoring, auditing, and managing the IP address space used on a corporate network. IPAM provides for administration and monitoring of servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name Service (DNS). IPAM includes components for:
. Automatic IP address infrastructure discover)': IPAM discovers domain controllers, DHCP servers, and DNS servers in the domains you choose. You can enable or disable management of these servers by IPAM.
. Custom IP address space display, reporting, and management: The display of IP addresses is highly customizable and detailed tracking and utilization data is available. IPv4 and IPv6 address space is organized into IP address blocks, IP address ranges, and individual IP addresses. IP addresses are assigned built-in or user-defined fields that can be used to further organize IP address space into hierarchical, logical groups.
. Audit of server configuration changes and tracking of IP address usage: Operational events are displayed for the IPAM server and managed DHCP servers. IPAM also enables IP address tracking using DHCP lease events and user logon events collected from Network Policy Server (NPS), domain controllers, and DHCP servers. Tracking is available by IP address, client ID, host name, or user name.
. Monitoring and management of DHCP and DNS services: IPAM enables automated service availability monitoring for Microsoft DHCP and DNS servers across the forest. DNS zone health is displayed, and detailed DHCP server and scope management is available using the IPAM console.
Reference: IP Address Management (IPAM) Overview
Q14. HOTSPOT - (Topic 6)
You need to configure Windows Updates.
How should you complete the relevant Windows PowerShell commands? To answer, select the Windows PowerShell segments in the answer area.
Answer:
Q15. - (Topic 8)
A company has a line-of-business application named App1 that runs on an internal IIS server. App1 uses a SQL Server 2008 database that is hosted on the same server. You move the database to a dedicated SQL Server named SQL1.
Users report that they can no longer access the application by using their domain credentials.
You need to ensure that users can access App1.
Solution: You configure Kerberos-constrained delegation and then run the following
command from an administrative command prompt:
setspn-a MSSQLsvc/SQLl:1433 <domain>\<sql_service> Does this meet the goal?
A. Yes
B. No
Answer: A