Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: A
Q2. - (Topic 4)
You need to recommend a solution for the sales reports.
What should you include in the recommendation?
A. BranchCache in distributed cache mode
B. Offline files
C. BranchCache in hosted cache mode
D. Distributed File System (DFS)
Answer: A
Topic 5, Contoso, Ltd (B)
Overview
Contoso, Ltd., is a recruiting and staffing company that has offices throughout North
America.
The company has a main office and six branch offices. The main office is located in Miami.
The branch offices are located in New York. Seattle, Los Angeles, Montreal, Toronto, and
Vancouver.
Existing Environment
Network Infrastructure
The network contains one Active Directory domain named contoso.com.
The main office has the following servers:
One file server that maintains multiples shares
Two domain controllers configured as DNS servers
One Windows Server Update Services (WSUS) server
Two DHCP servers that each have a scope for all of the subnets
Two servers that have Failover Clustering configured and are used as virtualization hosts
One server that has Microsoft SQL Server 2012 installed and maintains a customer relationship management (CRM) database
Each branch office has the following servers:
One domain controller configured as a DNS server
One DHCP server that has a single scope for its respective office
Each office has a single subnet. The network speed of the local area network (LAN) is 1 gigabit per second. All of the offices have a high-speed connection to the Internet. The offices connect to each other by using VPN appliances.
Current Issues
Users report that it can take a long time to download files from network shares in the main office.
A root cause analysis identifies that network traffic peaks when the users experience this issue.
Requirements
Planned Changes
The company plans to implement the following changes:
. Replace all of the domain controllers with new servers that run Windows Server 2012.
. Upgrade the CRM application to use a web-based application that connects to the current CRM database. The web application will store session data in the memory of each web server.
. Initially, deploy two front-end web servers to two virtual machines. Additional virtual web servers will be deployed in the future.
. Monitor the availability of the CRM application and create alerts when the overall availability is less than 99 percent.
. Implement Microsoft System Center 2012 to manage the new environment.
Business Requirements
The company identifies the following business requirements:
. Minimize hardware costs and software costs whenever possible.
. Minimize the amount of network traffic over the VPN whenever possible.
. Ensure that the users in the branch offices can access files currently on the main
office file server if an Internet link fails.
Technical Requirements
The company identifies the following technical requirements:
. Provide a highly available DHCP solution.
. Maintain a central database that contains the security events from all of the servers. The database must be encrypted.
. Ensure that an administrator in the main office can manage the approval of Windows updates and updates to third-party applications for all of the users.
. Ensure that all of the domain controllers have the ReliableTimeSource registry value in HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\W32Time\Parameters set to 1, even if an administrator changes that value manually.
Virtualization Requirements
The company identifies the following virtualization requirements:
. Minimize the number of permissions and privileges assigned to users.
. Ensure that the members of a group named Group2 can add a WSUS server to the fabric.
. Ensure that a diagram view of the virtualization environment can be generated dynamically.
. Minimize the amount of administrative effort required to manage the virtualization environment.
. Prevent the failure of a front-end web server from affecting the availability of the CRM application.
. Ensure that the members of a group named Group1 can create new virtual machines in the Los Angeles office only.
. Only create virtual machine templates by using objects that already exist in the System Center 2012 Virtual Machine Manager (VMM) library.
. On the failover cluster in the main office, apply limited distribution release (LDR) updates to the virtualization hosts without disrupting the virtual machines hosted on the virtualization hosts.
Q3. HOTSPOT - (Topic 10)
You plan to implement a virtualization solution to host 10 virtual machines. All of the virtual
machines will be hosted on servers that run Windows Server 2012.
You need to identify which servers must be deployed for the planned virtualization solution. The solution must meet the following requirements:
.Minimize the number of servers.
.Ensure that live migration can be used between the hosts.
Which servers should you identify?
To answer, select the appropriate servers in the answer area.
Answer:
Q4. - (Topic 10)
Your network contains the following roles and applications:
Microsoft SQL Server 2012
Distributed File System (DFS) Replication
Active Directory Domain Services (AD DS)
Active Directory Rights Management Services (AD RMS)
Active Directory Lightweight Directory Services (AD LDS)
You plan to deploy Active Directory Federation Services (AD FS).
You need to identify which deployed services or applications can be used as attribute stores for the planned AD FS deployment.
What should you identify? (Each correct answer presents a complete solution. Choose all that apply.)
A. DFS
B. AD RMS
C. Microsoft SQL Server 2012
D. AD LDS
E. AD DS
Answer: C,D,E
Q5. - (Topic 10)
Your Active Directory currently contains five virtualized domain controllers that run Windows Server 2012 R2.
The system state of each domain controller is backed up daily. The backups are shipped to a remote location weekly.
Your company recently implemented a disaster recovery site that contains several servers. The servers run Windows Server 2012 R2 and have the Hyper-V server role installed. The disaster recovery site has a high-speed WAN link to the main office.
You need to create an Active Directory recovery plan that meets the following requirements:
. Restores the Active Directory if a catastrophe prevents all access to the main office.
. Minimizes data loss.
What should you include in the plan?
A. Hyper-V replicas
B. Live migration
C. Virtual machine checkpoints
D. System state restores
Answer: A
Q6. - (Topic 10)
Your network contains an Active Directory domain named contoso.com.
You plan to deploy an Active Directory Federation Services (AD FS) farm that will contain eight federation servers.
You need to identify which technology or technologies must be deployed on the network before you install the federation servers.
Which technology or technologies should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
A. Network Load Balancing (NLB)
B. Microsoft Forefront Identity Manager (FIM) 2010
C. The Windows Internal Database feature
D. Microsoft SQL Server 2012
E. The Windows Identity Foundation 3.5 feature
Answer: A,D
Explanation: Best practices for deploying a federation server farm We recommend the following best practices for deploying a federation server in a production environment:
* (A) Use NLB or some other form of clustering to allocate a single IP address for many federation server computers.
* (D) If the AD FS configuration database will be stored in a SQL database, avoid editing the SQL database from multiple federation servers at the same time.
* If you will be deploying multiple federation servers at the same time or you know that you
will be adding more servers to the farm over time, consider creating a server image of an existing federation server in the farm and then installing from that image when you need to create additional federation servers quickly.
* Reserve a static IP address for each federation server in the farm and, depending on your Domain Name System (DNS) configuration, insert an exclusion for each IP address in Dynamic Host Configuration Protocol (DHCP). Microsoft NLB technology requires that each server that participates in the NLB cluster be assigned a static IP address.
Reference: When to Create a Federation Server Farm
Q7. - (Topic 3)
You need to recommend a Group Policy strategy to support the company's planned changes.
What should you include in the recommendation?
A. Link a Group Policy object (GPO) to the AllComputers OU in each domain.
B. Link a Group Policy object (GPO) to litwareinc.com and configure filtering.
C. Link a Group Policy object (GPO) to each domain.
D. Link a Group Policy object (GPO) to the Boston site.
Answer: D
Explanation:
D:\Documents and Settings\useralbo\Desktop\1.jpg
Q8. - (Topic 9)
Your company has a main office and four branch offices. The main office is located in London.
The network contains an Active Directory domain named contoso.com. The network is configured as shown in the exhibit. (Click the Exhibit button.)
Each office contains several servers that run Windows Server 2012.
In each branch office, you plan to deploy an additional 20 servers that will run Windows Server 2012. Some of the servers will have a Server Core installation of Windows Server 2012.
You identify the following requirements for the deployment of the new servers:
Operating system images must be administered centrally.
The operating system images must be deployed by using PXE.
The WAN traffic caused by the deployment of each operating system must be
minimized.
You need to recommend a solution for the deployment of the new servers.
What should you recommend?
Exhibits
A. Deploy Windows Deployment Services (WDS) in each office. Replicate the images by using Distributed File System (DFS) Replication,
B. Deploy Windows Deployment Services (WDS) in the main office only. Replicate the images by using Distributed File System (DFS) Replication.
C. Deploy Windows Deployment Services (WDS) in each office. Copy the images by using BranchCache.
D. Deploy Windows Deployment Services (WDS) in the main office only. Copy the images by using BranchCache.
Answer: A
Q9. HOTSPOT - (Topic 10)
You plan to deploy a certification authority (CA) infrastructure that contains the following servers:
. An offline standalone root CA named CA1
. An enterprise subordinate CA named CA2
On all of the computers, you import the root CA certificate from CA1 to the Trusted Root Certification Authorities Certificates store.
You need to ensure that CA2 can issue certificates for the CA hierarchy.
What should you do? To answer, select the appropriate options in the answer area.
Answer:
Q10. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The forest functional level is Windows Server 2012.
Your company plans to deploy an application that will provide a search interface to users in the company. The application will query the global catalog for the Employee-Number attribute.
You need to recommend a solution to ensure that the application can retrieve the Employee-Number value from the global catalog.
What should you include in the recommendation?
A. the Dsmod command
B. the Ldifde command
C. the Enable-ADOptionalFeaturecmdlet
D. the Csvde command
Answer: B
Explanation: http://technet.microsoft.com/en-us/library/ee617209.aspx - Enable-AdOptionalFeature http://technet.microsoft.com/en-us/library/ee617218.aspx - Get-ADOptionalFeature (as of W2012R2, only OptionalFeature is ActiveDirectory Recycle Bin).
Q11. HOTSPOT - (Topic 10)
Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. The forest contains two servers.
The servers are configured as shown in the following table.
You prepare the forest to support Workplace Join and you enable the Device Registration Service (DRS) on Server1.
You need to ensure that Workplace Join meets the following requirements:
. Application access must be based on device claims. . Users who attempt to join their device to the workplace through Server2 must be prevented from locking out their Active Directory account due to invalid credentials.
Which cmdlet should you run to achieve each requirement? To answer, select the cmdlet for each requirement in the answer area.
Answer:
Q12. - (Topic 2)
You need to recommend a deployment method for Proseware.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A. a WDS Deployment server and Multicast transmissions
B. a WDS Deployment server and Unicast transmissions
C. a WDS Transport server and Multicast transmissions
D. a WDS Transport server and Unicast transmissions
Answer: A
Q13. - (Topic 2)
You need to recommend a trust model.
What should you include in the recommendation?
A. A one-way, forest trust that has selective authentication.
B. A one-way, external trust
C. A two-way, external trust
D. A one-way, forest trust that has domain-wide authentication.
Answer: A
Explanation:
From case study:
Users in the Montreal office must only be allowed to access shares that are located on
File01 and File02. The Montreal users must be prevented from accessing any other servers
in the proseware.com forest regardless of the permissions on the resources.
Q14. - (Topic 9)
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
. The servers that run applications and services that can be moved to Windows
Server 2012 R2
. The servers that have hardware that can run Windows Server 2012 R2
. The servers that are suitable to be converted to virtual machines hosted on Hyper-
V hosts that run Windows Server 2012 R2
Solution: You install Windows Server 2012 R2 on a new server, and then you run Microsoft Deployment Toolkit (MDT) 2012.
Does this meet the goal?
A. Yes
B. No
Answer: B
Q15. - (Topic 10)
Your network contains a Microsoft System Center 2012 infrastructure.
You use Virtual Machine Manager (VMM) to manage 20 Hyper-V hosts.
You deploy a Windows Server Update Services (WSUS) server.
You need to automate the remediation of non-compliant Hyper-V hosts. The solution must
minimize the amount of time that virtual machines are unavailable.
What should you do first?
A. Configure the Hyper-V hosts to download Windows updates from the WSUS server by using a Group Policy object (GPO).
B. Install the WSUS Administration console on the VMM server, and then add the WSUS server to the fabric.
C. Install the Virtual Machine Manager console on the WSUS server, and then add the WSUS server to the fabric.
D. Configure the Hyper-V hosts to download Windows updates from the VMM server by using a Group Policy object (GPO).
Answer: B