Q1. DRAG DROP - (Topic 8)
You manage an Active Directory Domain Services forest that contains a root domain named contoso.com and a child domain named branch.contoso.com. You have three servers named SRV01, SRV02, and SRV03. All servers run Windows Server 2012 R2. SRV01 and SRV02 are domain controllers for the domain contoso.com. SRV03 is the domain controller for branch.contoso.com. User accounts and resources exist in both domains. All resources in branch.contoso.com are physically located in a remote branch office.
The remote branch office must be configured as Read-Only Domain Controller (RODC). The solution must minimize the impact on users and the number of servers deployed in the branch office.
You need to configure the environment.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q2. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. Client computers run either Windows 7 or Windows 8.
You plan to implement several Group Policy settings that will apply only to laptop computers.
You need to recommend a Group Policy strategy for the planned deployment.
What should you include in the recommendation?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Loopback processing
B. WMI filtering
C. Security filtering
D. Block inheritance
Answer: B
Explanation:
Group Policy WMI Filter – Laptop or Desktop Hardware A method to detect hardware as laptop only is to look for the presence of a battery based on the BatteryStatus property of the Win32_Battery class. By using the Win32_Battery class, we can search to see if there is a battery present. If the battery status is not equal to zero (BatteryStatus <> 0 ) then you know that it is a laptop.
Reference: Group Policy WMI Filter – Laptop or Desktop Hardware
Q3. - (Topic 1)
You need to recommend a fault-tolerant solution for the VPN. The solution must meet the technical requirements.
What should you include in the recommendation?
A. Network adapter teaming
B. Network Load Balancing (NLB)
C. Failover Clustering
D. DirectAccess
Answer: B
Explanation:
* Scenario: Core networking services in each office must be redundant if a server fails.
* The Network Load Balancing (NLB) feature distributes traffic across several servers by using the TCP/IP networking protocol. By combining two or more computers that are running applications into a single virtual cluster, NLB provides reliability and performance for web servers and other mission-critical servers.
Reference: Network Load Balancing Overview
http://technet.microsoft.com/en-us/library/hh831698.aspx
Q4. - (Topic 8)
Your network contains an Active Directory domain named contoso.com.
On several organizational units (OUs), an administrator named Admin1 plans to delegate control of custom tasks. You need to ensure that Admin1 can delegate a custom task named Task1 by using the Delegation of Control Wizard.
What should you do?
A. Add a new class to the Active Directory schema.
B. Configure a custom MMC console.
C. Modify the Delegwiz.inf file.
D. Configure a new authorization store by using Authorization Manager.
Answer: C
Explanation:
To add a task to the Delegation Wizard, you must create a task template by using the
following syntax in the Delegwiz.inf file
;---------------------------------------------------------
[template1]
AppliesToClasses=<comma delimited list of object types to which this
template applies; for example, if "organizationalUnit" is in the list,
this template will be shown when the Delegation Wizard is invoked on
an OU>
Description = "<task description which will appear in the wizard>"
Etc.
Reference: How to customize the task list in the Delegation Wizard http://support.microsoft.com/kb/308404
Q5. - (Topic 3)
You need to recommend a server virtualization strategy that meets the technical requirements and the virtualization requirements.
What should you include in the recommendation?
A. Windows Server Backup
B. The Microsoft Virtual Machine Converter
C. Microsoft System Center 2012 Virtual Machine Manager (VMM)
D. Disk2vhd
Answer: C
Explanation:
* Scenario:
Virtualize the application servers.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current
resource us The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012age of the Hyper-V hosts.
* System Center Virtual Machine Manager 2012: VMM Gets Major Upgrade Expanded hypervisor support, virtual application support and a myriad of other upgrades are coming in the new VMM 2012.
There's no doubt that Microsoft is making System Center Virtual Machine Manager (VMM) a key component of the System Center suite. The scope of the product is being expanded so much that it could be renamed "System Center Virtual Datacenter Manager." The new version of VMM is currently in beta and is scheduled for release in the second half of 2011. VMM can now do bare-metal installations on fresh hardware, create Hyper-V clusters instead of just managing them, and communicate directly with your SAN arrays to provision storage for your virtual machines (VMs). The list of supported hypervisors has also arown—it includes not only Hyper-V and VMware vSphere Hvpervisor, but
Reference: System Center Virtual Machine Manager 2012: VMM Gets Major Upgrade
Q6. - (Topic 8)
A company has offices in multiple geographic locations. The sites have high-latency, low-bandwidth connections. You need to implement a multisite Windows Deployment Services (WDS) topology for deploying standard client device images to all sites.
Solution: At each site, you install a WDS Server. You apply the same configuration settings to each WDS Server. You configure Distributed File Server Replication (DFSR) to synchronize install images.
Does this meet the goal?
A. Yes
B. No
Answer: A
Q7. - (Topic 8)
Your company has a main office.
The network contains an Active Directory domain named contoso.com. The main office contains a server named Server1 that runs Windows Server 2012. Server1 has the Remote Access server role installed and is configured to accept incoming SSTP-based VPN connections.
All client computers run Windows 7.
The company plans to open a temporary office that will contain a server named Server2 that runs
Windows Server 2012 and has the DHCP Server server role installed. The office will also have 50 client computers and an Internet connection.
You need to recommend a solution to provide the users in the temporary office with access to the resources in the main office.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Use the Connection Manager Administration Kit (CMAK) to create a connection package that specifies Server1 as the target for SSTP-based VPN connections. Manually distribute the CMAK package to each client computer in the temporary office.
B. Install the Remote Access server role on Server2. From Routing and Remote Access on Server2, add a SSTP-based VPN port. From DHCP on Server2, configure the default gateway server option.
C. Uses the Connection Manager Administration Kit (CMAK) to create a connection package that specifies Server1 as the target for SSTP-based VPN connections. Use a Group Policy object (GPO) to distribute the CMAK package to each client computer in the temporary office.
D. Install the Remote Access server role on Server2. From Routing and Remote Access on Server2, configure a demand-dial interface. From DHCP on Server2, configure the default gateway server option.
Answer: B
Explanation:
* configure RRAS server role as a VPN server on a Windows server 2008 R2 machine. To do that, you need to first install the RRAS server role.
* in case of IPv4 the remote access client’s VPN configuration is the ONLY configuration that governs whether it has default IPv4 gateway towards VPN server or not
Reference: Remote Access Deployment – Part 2: Configuring RRAS as a VPN server
Q8. - (Topic 2)
You need to recommend a solution for the RODC.
Which attribute should you include in the recommendation?
A. systemFlags
B. searchFlags
C. policy-Replication-Flags
D. flags
Answer: B
Explanation: * Scenario: Deploy a read-only domain controller (RODC) to the London office
* The read-only domain controller (RODC) filtered attribute set (FAS) is a set of attributes of the Active Directory schema that is not replicated to an RODC. If you have data that you do not want to be replicated to an RODC in case it is stolen, you can add these attributes to the RODC FAS. If you add the attributes to the RODC FAS before you deploy the first RODC, the attributes are never replicated to any RODC.
/ To decide which attributes to add to the RODC FAS, review any schema extensions that have been performed in your environment and determine whether they contain credential-like data or not. In other words, you can exclude from consideration any attributes that are part of the base schema, and review all other attributes. Base schema attributes have the.systemFlags.attribute value 16 (0x10) set.
Reference: Customize the RODC Filtered Attribute Set
Q9. - (Topic 8)
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the DHCP Server server role installed. The network contains a Virtual Desktop Infrastructure (VDI).
All virtual machines run Windows 8.
You identify the following requirements for allocating IPv4 addresses to client computers:
All virtual desktops must have static IP addresses.
All laptop computers must receive dynamic IP addresses.
All virtual desktops must be prevented from obtaining dynamic address.
You need to recommend a DHCP solution that meets the requirements for allocating IPv4 addresses.
The solution must use the least amount of administrative effort.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Configure DHCP filtering.
B. Configure DHCP policies.
C. Create two physical subnets. Connect the laptop computers to the subnet that contains Server1.
D. Create two physical subnets. Configure 802.1X authentication for each subnet.
Answer: B
Explanation: The DHCP Server role in Windows Server 2012 introduces a new feature
that allows you to create IPv4 policies that specify custom IP address and option
assignments for DHCP clients based on a set of conditions.
The policy based assignment (PBA) feature allows you to group DHCP clients by specific
attributes based on fields contained in the DHCP client request packet. PBA enables
targeted administration and greater control of the configuration parameters delivered to
network devices with DHCP.
Example: In a subnet which has a mix of wired and mobile computers, you might want to
assign a shorter, 4 hour lease duration to mobile computers and longer, 4 day lease
duration to wired computers.
Incorrect:
not A: DHCP filtering provides security by filtering untrusted DHCP messages. An
untrusted message is a message that is received from outside the network or firewall, and
that can cause traffic attacks within network.
Reference: Introduction to DHCP Policies
Q10. - (Topic 2)
You need to recommend a deployment method for Proseware.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A. A WDS Deployment server and Multicast transmissions
B. A WDS Deployment server and Unicast transmissions
C. A WDS Transport server and Multicast transmissions
D. A WDS Transport server and Unicast transmissions
Answer: A
Explanation: Consider implementing multicasting if your organization:
Has network routers that support multicasting.
Is a large company that requires many concurrent client installations.
Wants to use network bandwidth efficiently. This is because with this feature, images are
sent over the network only once, and you can specify limitations (for example, to only use
10 percent of your bandwidth).
Has enough disk space on client computers for the image to be downloaded.