Q1. - (Topic 4)
You need to recommend a solution for the replication of Active Directory.
What should you recommend modifying?
A. The Active Directory Schema
B. The properties of Site1
C. The RODC1 computer account
D. The properties of Site2
Answer: A
Explanation: The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data. The physical structure of the schema consists of the object definitions. The schema itself is stored in the directory. The schema is stored in its own partition (the schema partition) in the directory. The schema is replicated among all the domain controllers in the forest, and any change that is made to the schema is replicated to every domain controller in the forest. Because the schema dictates how information is stored, and because any changes that are made to the schema affect every domain controller, changes to the schema should be made only when necessary — through a tightly controlled process — after testing has been performed to ensure that there will be no adverse effects on the rest of the forest.
Reference: How the Active Directory Schema Works
Q2. - (Topic 8)
Your network contains an Active Directory domain named contoso.com.
The domain contains the organization units (OUs) configured as shown in the following table.
Users and computers at the company change often.
You create a Group Policy object (GPO) named GPO6. GPO6 contains user settings.
You need to ensure that GPO6 applies to users when they log on to the kiosk computers only. The solution must minimize administrative effort.
What should you do?
A. Link GPO6 to OU4 and configure loopback processing in GPO6.
B. Link GPO6 to OU1 and configure WMI filtering on GPO3.
C. Link GPO6 to OU1 and configure loopback processing in GPO6.
D. Link GPO6 to OU1 and configure loopback processing in GPO5.
Answer: A
Explanation: Group Policy applies to the user or computer in a manner that depends on where both the user and the computer objects are located in Active Directory. However, in some cases, users may need policy applied to them based on the location of the computer object alone. You can use the Group Policy loopback feature to apply Group Policy Objects (GPOs) that depend only on which computer the user logs on to.
Q3. DRAG DROP - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2008 R2.
You plan to replace the domain controllers with new servers that run Windows Server 2012. The new servers will be named DC3 and DC4.
You need to recommend a strategy to replace DC1 and DC2 with DC3 and DC4. The
solution must minimize the amount of disruption to the users.
Which three actions should you recommend?
To answer, move the appropriate three actions from the list of actions to the answer area
and arrange them in the correct order.
Answer:
Q4. - (Topic 8)
A new company registers the domain name of contoso.com. The company has a web presence on the Internet. All Internet resources have names that use a DNS suffix of contoso.com.
A third-party hosts the Internet resources and is responsible for managing the contoso.com DNS zone on the Internet. The zone contains several hundred records.
The company plans to deploy an Active Directory forest.
You need to recommend an Active Directory forest infrastructure to meet the following requirements:
. Ensure that users on the internal network can resolve the names of the company's Internet resources.
. Minimize the amount of administrative effort associated with the addition of new Internet servers.
What should you recommend?
A. A forest that contains a single domain named contoso.local
B. A forest that contains a root domain named contoso.com and another domain named contoso.local
C. A forest that contains a root domain named contoso.com and another domain named ad.contoso.com
D. A forest that contains a single domain named contoso.com
Answer: C
Explanation: Rules for Selecting a Prefix for a Registered DNS Name
Select a prefix that is not likely to become outdated.
Avoid names such as a business line or operating system that might change in the future.
Generic names such as corp or ds are recommended.
Incorrect:
not A, not B: Using single label names or unregistered suffixes, such as .local, is not
recommended.
Q5. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation: Implementing DHCP NAP to Enforce WSUS Updates
Q6. - (Topic 3)
You need to recommend changes to the Active Directory site topology to support on the company's planned changes.
What should you include in the recommendation?
A. A new site
B. A new site link bridge
C. A new site link
D. A new subnet
Answer: D
Explanation:
* Scenario:
The forest contains a child domain for each office. An Active Directory site exists for each
office.
* Sites overview
Sites in AD DS represent the physical structure, or topology, of your network. AD DS uses
network topology information, which is stored in the directory as site, subnet, and site link
objects, to build the most efficient replication topology. The replication topology itself
consists of the set of connection objects that enable inbound replication from a source
domain controller to the destination domain controller that stores the connection object.
The Knowledge
Consistency Checker (KCC) creates these connection objects automatically on each
domain controller.
Reference: Understanding Sites, Subnets, and Site Links
http://technet.microsoft.com/en-us/library/cc754697.aspx
Q7. DRAG DROP - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2008. Server1 is configured as an enterprise certification authority (CA).
You back up all of the data on Server1, and then export the private and public keys of the CA.
You plan to replace Server1 with a new member server that was purchased recently.
You need to identify which actions must be performed on the new server to restore the certificate services of Server1.
Which three actions should you identify?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q8. - (Topic 5)
You need to configure the connection between the new remote branch office and the existing branch offices.
What should you create?
A. SMTP site link
B. Forest trust
C. Certification authority
D. IP subnet
Answer: A
Q9. - (Topic 8)
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
. The servers that run applications and services that can be moved to Windows Server 2012 R2
. The servers that have hardware that can run Windows Server 2012 R2 . The servers that are suitable to be converted to virtual machines hosted on Hyper-
V hosts that run Windows Server 2012 R2
Solution: From an existing server, you run the Microsoft Application Compatibility Toolkit (ACT).
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation: With the ACT, you can: Analyze your portfolio of applications, websites, and computers Evaluate operating system deployments, the impact of operating system updates, and your compatibility with websites Centrally manage compatibility evaluators and configuration settings Rationalize and organize applications, websites, and computers Prioritize application compatibility efforts with filtered reporting Add and manage issues and solutions for your enterprise-computing environment Deploy automated mitigations to known compatibility issues Send and receive compatibility information from the Microsoft Compatibility Exchange
Q10. - (Topic 8)
A company has a line-of-business application named App1 that runs on an internal IIS server. App1 uses a SQL Server 2008 database that is hosted on the same server. You move the database to a dedicated SQL Server named SQL1.
Users report that they can no longer access the application by using their domain credentials.
You need to ensure that users can access App1.
Solution: You configure Kerberos-constrained delegation and then run the following
command from an administrative command prompt:
setspn-a MSSQLsvc/SQLl:1433 <domain>\<sql_service> Does this meet the goal?
A. Yes
B. No
Answer: A