Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 10)
Your company has a main office and a branch office. Each office contains several hundred computers that run Windows 2012.
You plan to deploy two Windows Server Update Services (WSUS) servers. The WSUS servers will be configured as shown in the following table.
You need to implement the WSUS infrastructure to meet the following requirements:
. All updates must be approved from a server in the main office.
. All client computers must connect to a WSUS server in their local office.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.
A. Deploy a Group Policy object (GPO) that has the update location set to Server1.
B. On Server2, configure WSUS in Replica mode.
C. On Server1, configure WSUS in Replica mode.
D. On Server2, configure WSUS in Autonomous mode.
E. Deploy a Group Policy object (GPO) that has the update location set to Server2.
F. On Server1, configure WSUS in Autonomous mode.
Answer: A,B,E,F
Q2. - (Topic 5)
You need to recommend a solution that meets the technical requirements for DHCP.
What should you include in the recommendation for each office?
A. DHCP failover
B. Network Load Balancing (NLB)
C. DHCP server policies
D. IP Address Management (IPAM)
Answer: A
Q3. - (Topic 10)
Your network contains an Active Directory domain named contoso.com. The network has an Active Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:
. Ensure that the users can encrypt files by using Encrypting File System (EFS).
. Ensure that all of the users reenroll for their certificate every six months.
Solution: You create a copy of the User certificate template, and then you modify the extensions of the copy.
Does this meet the goal?
A. Yes
B. No
Answer: B
Q4. - (Topic 10)
Your network contains an Active Directory domain named contoso.com.
Your company has an enterprise root certification authority (CA) named CA1.
You plan to deploy Active Directory Federation Services (AD FS) to a server named Server1.
The company purchases a Microsoft Office 365 subscription.
You plan to register the company's SMTP domain for Office 365 and to configure single sign-on for all users.
You need to identify which certificate or certificates are required for the planned deployment.
Which certificate or certificates should you identify? (Each correct answer presents a complete solution. Choose all that apply.)
A. a server authentication certificate that is issued by a trusted third-party root CA and that contains the subject name serverl.contoso.com
B. a server authentication certificate that is issued by CA1 and that contains the subject name Server1
C. a server authentication certificate that is issued by a trusted third-party root CA and that contains the subject name Server1
D. a server authentication certificate that is issued by CA1 and that contains the subject name serverl.contoso.com
E. self-signed server authentication certificates for server1.contoso.com
Answer: A
Q5. - (Topic 10)
Your network contains two servers named Server1 and Server2 that run Windows Server 2012. Server1 and Server2 have the Hyper-V server role installed and are part of a host group named Group1 in Microsoft System Center 2012 Virtual Machine Manager (VMM).
Server1 and Server2 have identical hardware, software, and settings.
You configure VMM to migrate virtual machines if the CPU utilization on a host exceeds 65 percent. The current load on the servers is shown following table.
You start a new virtual machine on Server2 named VM8. VM8 has a CPU utilization of 20
percent.
You discover that none of the virtual machines hosted on Server2 are migrated to Server1.
You need to ensure that the virtual machines hosted on Server2 are migrated to Server1.
What should you modify from the Dynamic Optimization configuration?
A. The Host Reserve threshold
B. The Power Optimization threshold
C. The Aggressiveness level
D. The Dynamic Optimization threshold
Answer: C
Q6. - (Topic 3)
You need to recommend a solution that meets the security requirements.
Which schema attribute properties should you recommend modifying?
A. isIndexed
B. searchFlags
C. isCriticalSystemObject
D. schemaFlagsEx
Answer: B
Explanation:
D:\Documents and Settings\useralbo\Desktop\1.jpg
Applies To: Windows Server 2008, Windows Server 2012 This topic includes procedures for adding an attribute to the filtered attribute set (FAS) for a readonly domain controller (RODC) and marking the attribute as confidential data. You can perform these procedures to exclude specific data from replicating to RODCs in the forest. Because the data is not replicated to any RODCs, you can be assured that the data will not be revealed to an attacker who manages to successfully compromise an RODC. In most cases, adding an attribute to the RODC FAS is completed by the developer of the application that added the attribute to the schema.
. Determine and then modify the current searchFlags value of an attribute
. Verify that an attribute is added to the RODC FAS
-Determine and then modify the current searchFlags value of an attribute To add an attribute to an RODC FAS, you must first determine the current searchFlags value of the attribute that you want to add, and then set the following values for searchflags:
. To add the attribute to the RODC FAS, set the 10th bit to 0x200.
. To mark the attribute as confidential, set the 7th bit to 0x080. http://technet.microsoft.com/en-us/library/cc754794(v=ws.10).aspx
Q7. - (Topic 10)
Your network contains a Microsoft System Center 2012 infrastructure.
You use Virtual Machine Manager (VMM) to manage 20 Hyper-V hosts.
You deploy a Windows Server Update Services (WSUS) server.
You need to automate the remediation of non-compliant Hyper-V hosts. The solution must
minimize the amount of time that virtual machines are unavailable.
What should you do first?
A. Configure the Hyper-V hosts to download Windows updates from the WSUS server by using a Group Policy object (GPO).
B. Install the WSUS Administration console on the VMM server, and then add the WSUS server to the fabric.
C. Install the Virtual Machine Manager console on the WSUS server, and then add the WSUS server to the fabric.
D. Configure the Hyper-V hosts to download Windows updates from the VMM server by using a Group Policy object (GPO).
Answer: B
Q8. - (Topic 7)
You plan to implement a solution that meets the certificate requirements of Customer1. You need to identify which role services must be deployed to the hosting environment.
Which two role services should you identify? Each correct answer presents part of the solution.
A. Certification Authority Web Enrollment
B. Online Responder
C. Certificate Enrollment Policy Web Service
D. Certificate Enrollment Web Service
Answer: C,D
Q9. HOTSPOT - (Topic 9)
Your network contains an Active Directory domain named contoso.com.
The domain has a certification authority (CA). You create four certificate templates. The templates are configured as shown in the following table:
You install the Remote Access server role in the domain.
You need to configure DirectAccess to use one-time password (OTP) authentication.
What should you do? To answer, select the appropriate options in the answer area,
Answer:
Q10. - (Topic 10)
Your network contains five servers that run Windows Server 2012 R2.
You install the Hyper-V server role on the servers. You create an external virtual network switch on each server.
You plan to deploy five virtual machines to each Hyper-V server. Each virtual machine will have a virtual network adapter that is connected to the external virtual network switch and that has a VLAN identifier of 1.
Each virtual machine will run Windows Server 2012 R2. All of the virtual machines will run the identical web application.
You plan to install the Network Load Balancing (NLB) feature on each virtual machine and join each virtual machine to an NLB cluster. The cluster will be configured to use unicast only.
You need to ensure that the NLB feature can distribute connections across all of the virtual machines.
Solution: On each Hyper-V server, you create a new private virtual network switch. From the properties of each virtual machine, you add a second virtual network adapter and connect the new virtual network adapters to the new private virtual network switches.
Does this meet the goal?
A. Yes
B. No
Answer: B
Q11. - (Topic 2)
You need to recommend a trust model.
What should you include in the recommendation?
A. A one-way, forest trust that has selective authentication.
B. A one-way, external trust
C. A two-way, external trust
D. A one-way, forest trust that has domain-wide authentication.
Answer: A
Explanation:
From case study:
Users in the Montreal office must only be allowed to access shares that are located on
File01 and File02. The Montreal users must be prevented from accessing any other servers
in the proseware.com forest regardless of the permissions on the resources.
Q12. - (Topic 9)
Your network contains an Active Directory forest. The forest contains a single domain. The forest has five Active Directory sites. Each site is associated to two subnets.
You add a site named Site6 that contains two domain controllers. Site6 is associated to one subnet.
You need to verify whether replication to the domain controllers in Site6 completes successfully.
Which two possible commands can you use to achieve the goal? Each correct answer presents a complete solution.
A. Get-ADReplicationSubnet
B. Get-ADReplicationUpToDatenessVectorTable
C. repadmin /showattr
D. Get-ADReplicationSite1ink
E. repadmin /showrepl
Answer: B,E
Q13. - (Topic 9)
You are designing an Active Directory forest for a company named Contoso, Ltd. Contoso identifies the following administration requirements for the design:
. User account administration and Group Policy administration will be performed by network technicians. The technicians will be added to a group named OUAdmins.
. IT staff who are responsible for backing up servers will have user accounts that are members of the Backup Operators group in the domain.
. All user accounts will be located in an organizational unit (OU) named AllEmployees.
You run the Delegation of Control Wizard and assign the OUAdmins group full control to all of the objects in the AllEmployeesOU.
After delegating the required permissions, you discover that the user accounts of some of the IT staff have inconsistent permissions on the objects in AllEmployees.
You need to recommend a solution to ensure that the members of OUAdmins can manage all of the objects in AllEmployees.
What should you include in the recommendation?
A. Remove the IT staff user accounts from Backup Operators and place them in a new group. Grant the new group the Backup files and directories user right and the Restore files and directories user right. Enforce permission inheritance on all of the objects in the AllEmployeesOU.
B. Create separate administrator user accounts for the technicians. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Delegate permissions to the new useraccounts.
C. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Run the Delegation of Control Wizard.
D. Move the user accounts of the technicians to a separate OU. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Run the Delegation of Control Wizard on the AllEmployeesOU.
Answer: B
Q14. - (Topic 3)
You need to recommend a server virtualization strategy that meets the technical requirements and the virtualization requirements.
What should you include in the recommendation?
A. Windows Server Backup
B. The Microsoft Virtual Machine Converter
C. Microsoft System Center 2012 Virtual Machine Manager (VMM)
D. Disk2vhd
Answer: C
Explanation:
D:\Documents and Settings\useralbo\Desktop\1.jpg
System Center Virtual Machine Manager 2012: VMM... System Center Virtual Machine Manager 2012: VMM Gets Major Upgrade Expanded hypervisor support, virtual application support and a myriad of other upgrades are coming in the new VMM 2012. Paul Schnackenburg There's no doubt that Microsoft is making System Center Virtual Machine Manager (VMM) a key component of the System Center suite. The scope of the product is being expanded so much that it could be renamed "System Center Virtual Datacenter Manager." The new version of VMM is currently in beta and is scheduled for release in the second half of 2011. VMM can now do bare-metal installations on fresh hardware, create Hyper-V clusters instead of just managing them, and communicate directly with your SAN arrays to provision storage for your virtual machines (VMs). The list of supported hypervisors has also arown—it includes not only Hyper-V and VMware vSphere Hvpervisor, but http://technet.microsoft.com/en-gb/magazine/hh300651.aspx
Q15. - (Topic 10)
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
All client computers have a custom application named App1 installed. App1 generates an Event ID 42 every time the application runs out of memory.
Users report that when App1 runs out of memory, their client computer runs slowly until they manually restart App1.
You need to recommend a solution that automatically restarts App1 when the application runs out of memory. The solution must use the least amount of administrative effort.
What should you include in the recommendation?
A. From Configurations Manager, create a desired configuration management baseline.
B. From Windows System Resource Manager, create a resource allocation policy.
C. From Event Viewer, attach a task to the event.
D. From Operations Manager, create an alert.
Answer: D