Q1. - (Topic 8)
A company has a single-forest and single Active Directory Domain Services (AD DS) domain named Fabrikam.com that runs Windows 2012 Server. The AD DS forest functional level and the domain functional level are both set to Windows 2008 R2. You use IP Address Management (IPAM) as the IP management solution. You have two DHCP Servers named DHCP1 and DHCP2, and one IPAM server named IPAM1.
The company plans to acquire a company named Contoso, Ltd., which has a single-forest and single-domain AD DS named contoso.com. The forest functional level and domain functional level of Contoso.com is set to Windows 2008. All servers at Contoso run Windows Server 2008. The IP management solution at Contoso is based on a single DHCP server named SERVER3.
The total number of users in both companies will be 5000.
You have the following requirements:
. The solution must be able to allocate up to three IP addresses per user.
. All IP address leases must be renewed every two days. You need to ensure that the corresponding servers will have enough capacity to store six years of IP utilization data and eight months of event catalog data.
What should you recommend?
A. Add at least 20 GB of storage to the IPAM server.
B. Migrate Contoso.com to Fabrikam.com.
C. Establish a forest trust between Contoso.com and Fabrikam.com.
D. Upgrade SERVER3 to Windows Server 2012.
Answer: D
Q2. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2008 R2. All domain controllers are installed on physical servers. The network contains several Hyper-V hosts.
The network contains a Microsoft System Center 2012 infrastructure.
You plan to use domain controller cloning to deploy several domain controllers that will run Windows Server 2012.
You need to recommend which changes must be made to the network infrastructure before you can use domain controller cloning.
What should you recommend?
A. Upgrade a global catalog server to Windows Server 2012. Deploy Virtual Machine Manager (VMM).
B. Upgrade a global catalog server to Windows Server 2012. Install the Windows Deployment Services server role on a server that runs Windows Server 2012.
C. Upgrade the domain controller that has the PDC emulator operations master role to Windows Server 2012. Deploy a Hyper-V host that runs Windows Server 2012.
D. Upgrade the domain controller that has the infrastructure master operations master role to Windows Server 2012. Install the Windows Deployment Services server role on a server that runs Windows Server 2012.
Answer: C
Explanation: The clone domain controller uses the security context of the source domain controller (the domain controller whose copy it represents) to contact the Windows Server 2012 Primary Domain Controller (PDC) emulator operations master role holder (also known as flexible single master operations, or FSMO). The PDC emulator must be running Windows Server 2012, but it does not have to be running on a hypervisor.
Reference: Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)
Q3. DRAG DROP - (Topic 8)
You manage an Active Directory Domain Services forest that contains a root domain named contoso.com and a child domain named branch.contoso.com. You have three servers named SRV01, SRV02, and SRV03. All servers run Windows Server 2012 R2. SRV01 and SRV02 are domain controllers for the domain contoso.com. SRV03 is the domain controller for branch.contoso.com. User accounts and resources exist in both domains. All resources in branch.contoso.com are physically located in a remote branch office.
The remote branch office must be configured as Read-Only Domain Controller (RODC). The solution must minimize the impact on users and the number of servers deployed in the branch office.
You need to configure the environment.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q4. - (Topic 8)
Your company has a main office. The main office is located in a building that has 10 floors.
A datacenter on the ground floor contains a Windows Server 2012 failover cluster. The failover cluster contains a DHCP server resource named DHCP1. All client computers receive their IP addresses from DHCP1. All client computers are part of the 131.107.0.0/16 IPv4 subnet.
You plan to implement changes to the network subnets to include a separate subnet for each floor of the office building. The subnets will connect by using routers.
You need to recommend changes to the DHCP infrastructure to ensure that all of the client computers can receive their IP configuration by using DHCP.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Install a remote access server on each floor. Configure a DHCP relay agent on each new DHCP server. Create a scope for each subnet on DHCP1.
B. Install a DHCP server on each floor. Create a scope for the local subnet on each new DHCP server. Enable DHCP Failover on each new DHCP server.
C. Configure each router to forward requests for IP addresses to DHCP1. Create a scope for each subnet on DHCP1.
D. Configure each router to forward requests for IP addresses to DHCP1. Create a scope for the 10.0.0.0/16 subnet on DHCP1.
Answer: C
Explanation:
Excerpt: In TCP/IP networking, routers are used to interconnect hardware and software used on different physical network segments called subnets and forward IP packets between each of the subnets. To support and use DHCP service across multiple subnets, routers connecting each subnet should comply with DHCP/ BOOTP relay agent capabilities described in RFC 1542.
Reference: Support multiple subnets with one DHCP server by configuring DHCP relay agents
http://technet.microsoft.com/en-us/library/cc771390.aspx
Q5. - (Topic 8)
Your company has three offices. The offices are located in New York, Chicago, and Atlanta.
The network contains an Active Directory domain named contoso.com that has three Active Directory sites named Site1, Site2,and Site3. The New York office is located in Site1. The Chicago office is located in Site2. The Atlanta office is located in Site3. There is a local IT staff to manage the servers in each site. The current domain controllers are configured as shown in the following table.
The company plans to open a fourth office in Montreal that will have a corresponding Active Directory site. Because of budget cuts, a local IT staff will not be established for the Montreal site.
The Montreal site has the following requirements:
. Users must be able to authenticate locally.
. Users must not have the ability to log on to the domain controllers.
. Domain account passwords must not be obtained from servers in the Montreal
site. . Network bandwidth between the Montreal site and the other sites must be minimized. . Users in the Montreal office must have access to applications by using Remote Desktop Services (RDS).
You need to recommend a solution for the servers in the Montreal site.
What should you recommend?
A. Only install a domain controller in the Montreal site that has a Server Core installation of Windows Server 2012.
B. Install a read-only domain controller (RODC) in the New York site.
C. Install a read-only domain controller (RODC) in the Montreal site. Install a member server in the New York site to host additional server roles.
D. Install a domain controller in the Montreal site that has a Server Core installation of Windows Server 2012. Install a member server in the Montreal site to host additional server roles,
Answer: C
Q6. - (Topic 8)
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the DHCP Server server role installed. The network contains a Virtual Desktop Infrastructure (VDI).
All virtual machines run Windows 8.
You identify the following requirements for allocating IPv4 addresses to client computers:
All virtual desktops must have static IP addresses.
All laptop computers must receive dynamic IP addresses.
All virtual desktops must be prevented from obtaining dynamic address.
You need to recommend a DHCP solution that meets the requirements for allocating IPv4 addresses.
The solution must use the least amount of administrative effort.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Configure DHCP filtering.
B. Configure DHCP policies.
C. Create two physical subnets. Connect the laptop computers to the subnet that contains Server1.
D. Create two physical subnets. Configure 802.1X authentication for each subnet.
Answer: B
Explanation: The DHCP Server role in Windows Server 2012 introduces a new feature
that allows you to create IPv4 policies that specify custom IP address and option
assignments for DHCP clients based on a set of conditions.
The policy based assignment (PBA) feature allows you to group DHCP clients by specific
attributes based on fields contained in the DHCP client request packet. PBA enables
targeted administration and greater control of the configuration parameters delivered to
network devices with DHCP.
Example: In a subnet which has a mix of wired and mobile computers, you might want to
assign a shorter, 4 hour lease duration to mobile computers and longer, 4 day lease
duration to wired computers.
Incorrect:
not A: DHCP filtering provides security by filtering untrusted DHCP messages. An
untrusted message is a message that is received from outside the network or firewall, and
that can cause traffic attacks within network.
Reference: Introduction to DHCP Policies
Q7. - (Topic 4)
You need to implement a solution for DNS replication.
Which cmdlets should you run?
A. Set-DnsServer and Invoke-DnsServerZoneSign
B. ConvertTo-DnsServerPrimaryZone and Register-DnsServerDirectoryPartition
C. UnRegister-DnsServerDirectoryPartition and Add-DnsServerForwarder
D. Set-DnsServerDnsSecZoneSetting and Invoke-DnsServerZoneSign
Answer: C
Explanation: * UnRegister-DnsServerDirectoryPartition The UnRegister-DnsServerDirectoryPartition cmdlet deregisters a Domain Name System (DNS) server from a specified DNS application directory partition. After you deregister a DNS server from a DNS application directory partition, the DNS server removes itself the from the replication scope of the partition.
* Add-DnsServerForwarder The Add-DnsServerForwarder cmdlet adds one or more forwarders to a DNS server's forwarders list. If you prefer one of the forwarders, put that forwarder first in the series of forwarder IP addresses. After you first use this cmdlet to add forwarders to a DNS server, this cmdlet adds forwarders to the end of the forwarders list.
Q8. - (Topic 1)
You are planning the decommissioning of research.contoso.com.
You need to ensure that an administrator named Admin5 in the research department can manage the user accounts that are migrated to contoso.com. The solution must minimize the number of permissions assigned to Admin5.
What should you do before you migrate the user accounts?
A. Run the New-Object cmdlet, and then run the Add-ADPrincipalGroupMembershipcmdlet.
B. Create a new organizational unit (OU), and then add Admin5 to the Account Operators group.
C. Create a new organizational unit (OU), and then run the Delegation of Control Wizard.
D. Run the New-Object cmdlet, and then run the Add-ADCentralAccessPolicyMembercmdlet.
Answer: C
Explanation:
* Scenario: Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
Reference: Delegation of Control Wizard
http://technet.microsoft.com/en-us/library/dd145344.aspx
Q9. - (Topic 7)
You have an IP Address Management (IPAM) server that runs Windows Server 2012 SP1. You need to integrate the IPAM server with System Center Virtual Machine Manager (SCVMM).
Solution: You create a dedicated user account named IPAM_svc, and add it to the Local Administrators local group on the SO/MM server.
Does this meet the goal?
A. Yes
B. No
Answer: B
Reference: How to integrate IPAM with SCVMM 2012 R2
Q10. - (Topic 8)
You manage a server infrastructure for a software development company. There are 30 physical servers distributed across 4 subnets, and one Microsoft Hyper-V cluster that can run up to 100 virtual machines (VMs). You configure the servers to receive the IP address from a DHCP server named SERVER1 that runs Microsoft Windows Server 2012 R2. You assign a 30-day duration to all DHCP leases.
Developers create VMs in the environment to test new software. They may create VMs several times each week.
Developers report that some new VMs cannot acquire IP address. You observe that the DHCP scope is full and delete non-existent devices manually. All physical servers must keep their current DHCP lease configuration.
You need to ensure that the DHCP lease duration for VMs is 8 hours.
What should you configure?
A. 4 server-level Allow filters
B. 1 server-level DHCP policy
C. 1 scope-level DHCP policy
D. 4 scope-level exclusion ranges
Answer: B