Designing and Implementing a Server Infrastructure
Question No: 111 – (Topic 9)
Your network contains an Active Directory domain named contoso.com.
Your company has 100 users in the sales department. Each sales user has a domain- joined laptop computer that runs either Windows 7 or Windows 8. The sales users rarely travel to the company#39;s offices to connect directly to the corporate network.
You need to recommend a solution to ensure that you can manage the sales users#39; laptop computers when the users are working remotely.
What solution should you include in the recommendation?
Deploy the Remote Access server role on a server on the internal network.
Deploy the Network Policy and Access Services server role on a server on the internal network.
Deploy a Microsoft System Center 2012 Service Manager infrastructure.
Deploy a Microsoft System Center 2012 Operations Manager infrastructure.
Answer: D Explanation: Incorrect:
Not A: The Remote Access server role just give access to the remote computers, but you need to MANAGE their computers.
Question No: 112 – (Topic 9)
Your network contains an Active Directory forest named contoso.com.
You plan to deploy 200 Hyper-V hosts by using Microsoft System Center 2012 Virtual Machine Manager (VMM) Service Pack 1 (SP1).
You add a PXE server to the fabric.
You need to identify which objects must be added to the VMM library for the planned deployment.
What should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
A host profile
A capability profile
A hardware profile
A generalized image
A service template
Explanation: After installing a PXE server, we build a deployment image from which we will deploy new Hyper-V hosts. That image must be a generalized virtual hard disk (VHD) file. After the image has been created we create a host profile.
Reference: System Center Virtual Machine Manager: Virtual machine management simplified
Question No: 113 – (Topic 9)
You have an IP address Management (IPAM) server that runs Windows Server 2012 SP1. You need to integrate the IPAM server with System center Virtual Machine Manager (SCVMM)
Solution: You add the IPAM server in SCVMM and specify the IPAM_svc user account as the RunAs account.
Does this meet the goal?
Question No: 114 – (Topic 9)
You have a server named DNS1 that runs Windows Server 2012. DNS1 has the DNS server role installed.
You need to recommend changes to the DNS I to prevent several names from being registered in DNS.
What should you configure on DNS1?
DNS cache locking
DNS Security Extensions (DNSSEC)
The global query block list.
Question No: 115 – (Topic 9)
You have an IP Address Management (IPAM) server that runs Windows Server 2012 SP1. You need to integrate the IPAM server with System Center Virtual Machine Manager (SCVMM).
Solution: You create a dedicated user account named IPAM_svc, and add it to the IPAM ASM Administrators local group on the IPAM server.
Does this meet the goal?
Question No: 116 DRAG DROP – (Topic 9)
Your company plans to deploy a remote access solution to meet the following requirements:
->Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
->Ensure that client computers that run Windows Vista or earlier can connect
->Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements. Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Box 1: Direct Access Box 2: L2TP VPN Box 3: SSTP VPN
*Direct is supported in Windows 7 and newer so second answer is not correct it should be L2TP VPN.
DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN).
Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows Vista庐 and Windows XP remote access clients, and VPN server support for L2TP is built in to members of the Windows Server庐 2008 and Windows Server 2003 family.
Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers.
Question No: 117 – (Topic 9)
Your company has three offices. The offices are located in New York, Chicago, and Atlanta.
The network contains an Active Directory domain named contoso.com that has three Active Directory sites named Site1, Site2,and Site3. The New York office is located in Site1. The
Chicago office is located in Site2. The Atlanta office is located in Site3. There is a local IT staff to manage the servers in each site. The current domain controllers are configured as shown in the following table.
The company plans to open a fourth office in Montreal that will have a corresponding Active Directory site. Because of budget cuts, a local IT staff will not be established for the Montreal site.
The Montreal site has the following requirements:
->Users must be able to authenticate locally.
->Users must not have the ability to log on to the domain controllers.
->Domain account passwords must not be obtained from servers in the Montreal site.
->Network bandwidth between the Montreal site and the other sites must be minimized.
->Users in the Montreal office must have access to applications by using Remote Desktop Services (RDS).
You need to recommend a solution for the servers in the Montreal site. What should you recommend?
Only install a domain controller in the Montreal site that has a Server Core installation of Windows Server 2012.
Install a read-only domain controller (RODC) in the New York site.
Install a read-only domain controller (RODC) in the Montreal site. Install a member server in the New York site to host additional server roles.
Install a domain controller in the Montreal site that has a Server Core installation of Windows Server 2012. Install a member server in the Montreal site to host additional server roles,
Explanation: A local RODC in the new Montreal site would meet the requirements.
Not A, not D: A domain controller is not required in the Montreal site.
Not B: We should place a new RODC in the new Montreal site, not in the New York site.
Question No: 118 – (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Windows Server 2008 R2 or Windows Server 2012.
All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.
All client computers receive IP addresses by using DHCP.
You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:
->Verify whether the client computers have up-to-date antivirus software.
->Provides a warning to users who have virus definitions that are out-of-date.
->Ensure that client computers that have out-of-date virus definitions can connect to the network.
Which NAP enforcement method should you recommend?
Answer: A Explanation:
NAP enforcement for DHCP
DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS).
Using DHCP enforcement, DHCP servers and NPS can enforce health policy when a
computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective.
Note: The NAP health policy server can use a health requirement server to validate the health state of the NAP client or to determine the current version of software or updates that need to be installed on the NAP client.
Question No: 119 – (Topic 9)
Your network contains two server named DHCP1 and DHCP2 that run Windows Server 2012 and have the DHCP Server server role installed. You need to design a highly available DHCP deployment to meet the following requirements.
. Deploy stateless DHCPv6
. Provide Ipv6 options to clients on multiple subnets.
. Allow for clients to renew existing IPV6 address leases if a single server is unavailable.
. Minimize administrative effort.
What should you include in the design?
Configure both servers to provide identical option configuration.
Add DHCP1 and DHCP2 to a failover cluster. Configure the DHCP for high availability.
From DHCP1, configure DHCP Failover in Hot Standby Mode
From DHCP1, configure DHCP Failover in Load Balance Mode.
Question No: 120 – (Topic 9)
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
->The servers that run applications and services that can be moved to Windows Server 2012 R2
->The servers that have hardware that can run Windows Server 2012 R2
->The servers that are suitable to be converted to virtual machines hosted on Hyper- V hosts that run Windows Server 2012 R2
Solution: From an existing server, you run the Microsoft Application Compatibility Toolkit (ACT).
Does this meet the goal?
Explanation: ACT is not the correct tool in this scenario.
Note: With the ACT, you can:
Analyze your portfolio of applications, websites, and computers
Evaluate operating system deployments, the impact of operating system updates, and your compatibility with websites
Centrally manage compatibility evaluators and configuration settings Rationalize and organize applications, websites, and computers Prioritize application compatibility efforts with filtered reporting
Add and manage issues and solutions for your enterprise-computing environment Deploy automated mitigations to known compatibility issues
Send and receive compatibility information from the Microsoft Compatibility Exchange
Reference: Application Compatibility Toolkit (ACT)
100% Ensurepass Free Download!
–Download Free Demo:70-413 Demo PDF
100% Ensurepass Free Guaranteed!
–Download 2018 EnsurePass 70-413 Full Exam PDF and VCE
EnsurePass ExamCollection Testking Lowest Price Guarantee Yes No No Up-to-Dated Yes No No Real Questions Yes No No Explanation Yes No No PDF VCE Yes No No Free VCE Simulator Yes No No Instant Download Yes No No