Designing and Implementing a Server Infrastructure
Question No: 131 DRAG DROP – (Topic 9)
You manage a server named DA01 that has the DirectAccess feature configured. You deploy a new server named DA02. Both servers run Microsoft Windows Server 2012 R2.
You need to configure a Direct Access load-balanced cluster named WAP01 that contains servers DA01 and DA02.
How should you complete the relevant Windows PowerShell commands? To answer, drag the appropriate Windows PowerShell segment to the correct locations. Each Windows PowerShell segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Box 1: Add-WindowsFeature -Name DirectAccess-VPN, NLB
We set up DA01 for Directaccess-VPN and for Network load balancing. Box 2: NLB
DA02 will be a node in the cluster so it needs NLB Box 3: WAP01
Set up the cluster named WAP01. Box 4: DA02
Box 5: DA01
DA02 is a node in the cluster, while DA01 is the DirectAccess server. We add the DA02 server to the load balanced cluster as node. The Add-
RemoteAccessLoadBalancerNode cmdlet adds a server to the load balanced cluster. The server is added to the cluster to which the server on which the cmdlet is run, or to the server specified in the ComputerName parameter.
The -RemoteAccessServerParameter specifies a remote access server which should be added to the cluster. In this case DA01.
Question No: 132 – (Topic 9)
You have a virtual machine (VM) named VM-APP1 that hosts critical application named APP1. The VM has the following VHDX virtual disks:
Both VHDX virtual disks are located on LUN1 of a Storage Area Network.
Every time you perform Storage Live Migration for VM-APP1, it takes a few hours.
You need to ensure that the storage supports Offloaded Data Transfer (ODX), and that ODX is enabled.
Which two Windows PowerShell commands should you run? Each correct answer presents part of the solution.
Set-ItemProperty HKLM:\system\currentcontrolset\control\filesystem -Name “FilterSupportedFeaturesMode” -Value 0
Set-StorageSubSystem -InputObject (Get-StorageSubSystem) -ThrottleLimit 0
Get-ItemProperty HKLM:\system\currentcontrolset\services\lt;FilterNamegt; -Name “SupportedFeatures”
Set-ItemProperty HKLM:\system\currentcontrolset\control\filesystem -Name “FilterSupportedFeatiresMode” -Value1
Explanation: C: To use ODX, validate all the file system filter drivers on all servers that are hosting the storage support ODX.
To validate the opt-in status of file system filter drivers, use the type the following command for each filter driver:
Get-ItemProperty hklm:\system\currentcontrolset\services\lt;FilterNamegt; -Name quot;SupportedFeaturesquot;
A: To enable ODX support, type the following command:
Set-ItemProperty hklm:\system\currentcontrolset\control\filesystem -Name quot;FilterSupportedFeaturesModequot; -Value 0
Reference: Deploy Windows Offloaded Data Transfers https://technet.microsoft.com/en-us/library/jj200627.aspx
Question No: 133 – (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains three Active Directory sites. The Active Directory sites are configured as shown in the following table.
The sites connect to each other by using the site links shown in the following table.
You need to design the Active Directory site topology to meet the following requirements:
->Ensure that all replication traffic between Site2 and Site3 replicates through Site1 if a domain controller in Site1 is available.
->Ensure that the domain controllers between Site2 and Site3 can replicate if all of
the domain controllers in Site1 are unavailable.
What should you do?
Disable site link bridging.
Create one site link bridge.
Modify the cost of Link2.
Question No: 134 – (Topic 9)
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server server role installed.
You configure Server1 as part of a Network Access Protection (NAP) solution that uses the 802.lx enforcement method,
You add a new switch to the network and you configure the switch to use 802.lx authentication.
You need to ensure that only compliant client computers can access network resources through the new switch.
What should you do on Server1?
Add the IP address of each new switch to a remediation server group.
Add the IP address of each new switch to the list of RADIUS clients.
Add the IP address of each new switch to a connection request policy as an Access Client IPv4 Address.
Add the IP address of each new switch to a remote RADIUS server group.
Explanation: 802.1X and RADIUS-compliant APs (Acess Points), when they are deployed in a RADIUS infrastructure with a RADIUS server such as an NPS server, are called RADIUS clients.
Question No: 135 – (Topic 9)
You have a server named Server1 that runs Windows Server 2012. You have a 3-TB database that will be moved to Server1.
Server1 has the following physical disks:
->Three 2-TB SATA disks that are attached to a single IDE controller
->One 1-TB SATA disk that is attached to a single IDE controller
You need to recommend a solution to ensure that the database can be moved to Server1. The solution must ensure that the database is available if a single disk fails.
What should you include in the recommendation?
Add each disk to a separate storage pool. Create a mirrored virtual disk.
Add two disks to a storage pool. Add the other disk to another storage pool. Create a mirrored virtual disk.
Add all of the disks to a single storage pool, and then create two simple virtual disks.
Add all of the disks to a single storage pool, and then create a parity virtual disk.
Answer: D Explanation:
A parity virtual disk is similar to a hardware Redundant Array of Inexpensive Disks (RAID5). Data, along with parity information, is striped across multiple physical disks. Parity enables Storage Spaces to continue to service read and write requests even when a drive has failed. A minimum of three physical disks is required for a parity virtual disk. Note that a parity disk cannot be used in a failover cluster.
Question No: 136 – (Topic 9)
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the DHCP Server server role installed. The network contains a Virtual Desktop Infrastructure (VDI).
All virtual machines run Windows 8.
You identify the following requirements for allocating IPv4 addresses to client computers: All virtual desktops must have static IP addresses.
All laptop computers must receive dynamic IP addresses.
All virtual desktops must be prevented from obtaining dynamic address.
You need to recommend a DHCP solution that meets the requirements for allocating IPv4 addresses.
The solution must use the least amount of administrative effort. What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
Configure DHCP filtering.
Configure DHCP policies.
Create two physical subnets. Connect the laptop computers to the subnet that contains Server1.
Create two physical subnets. Configure 802.1X authentication for each subnet.
Explanation: The DHCP Server role in Windows Server 2012 introduces a new feature that allows you to create IPv4 policies that specify custom IP address and option assignments for DHCP clients based on a set of conditions.
The policy based assignment (PBA) feature allows you to group DHCP clients by specific attributes based on fields contained in the DHCP client request packet. PBA enables targeted administration and greater control of the configuration parameters delivered to network devices with DHCP.
Example: In a subnet which has a mix of wired and mobile computers, you might want to assign a shorter, 4 hour lease duration to mobile computers and longer, 4 day lease duration to wired computers.
not A: DHCP filtering provides security by filtering untrusted DHCP messages. An untrusted message is a message that is received from outside the network or firewall, and that can cause traffic attacks within network.
Reference: Introduction to DHCP Policies https://technet.microsoft.com/en-us/library/dn425039.aspx
Question No: 137 – (Topic 9)
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
->The servers that run applications and services that can be moved to Windows Server 2012 R2
->The servers that have hardware that can run Windows Server 2012 R2
->The servers that are suitable to be converted to virtual machines hosted on Hyper- V hosts that run Windows Server 2012 R2
Solution: You install Windows Server 2012 R2 on a new server, and then you run the Windows Server Migration Tools. Does this meet the goal?
Question No: 138 – (Topic 9)
You have a System Center 2012 R2 Virtual Machine Manager (VMM) infrastructure that manages five Hyper-V hosts. The Hyper-V hosts are not clustered.
You have a virtual machine template that deploys a base image of Windows Server 2012 R2. No role services or features are enabled in the base image.
You need to deploy a virtual machine named VM1 that is based on the virtual machine template.
VM1 will be deployed as part of a service. VM1 must have the Web Server (IIS) server role installed. The solution must not require modifications to the virtual machine template or the base image.
What are two possible profile types that achieve the goal? Each correct answer presents a complete solution.
Explanation: B: You can only use an application profile when you deploy a virtual machine as part of a service. In this case it would be as part of the IIS service.
C:Guest OS profile
When you define a new Guest OS Profile you specify which Roles and features, such as IIS, which should be included in the profile.
If machines based on this Guest OS Profile are going to need certain .NET framework versions installed, or have IIS installed, I can
Note: In a virtual environment, a guest operating system is the operating system that runs on a virtual machine, in contrast to the host operating system that runs on the physical host computer on which one or more virtual machines are deployed. In Virtual Machine Manager, a guest operating system profile is a collection of operating system settings that can be imported into a virtual machine template to provide a consistent operating system configuration for virtual machines created from that template.
Not A: Capability profiles are for managing the hypervisors.
Reference: How to Create an Application Profile in a Service Deployment https://technet.microsoft.com/en-us/library/hh427291.aspx
Reference: About Guest Operating System Profiles https://technet.microsoft.com/en-us/library/bb740889.aspx
Question No: 139 – (Topic 9)
Your network contains an Active Directory forest. The forest contains a single domain. The forest has five Active Directory sites. Each site is associated to two subnets.
You add a site named Site6 that contains two domain controllers. Site6 is associated to one subnet.
You need to verify whether replication to the domain controllers in Site6 completes successfully.
Which two possible commands can you use to achieve the goal? Each correct answer presents a complete solution.
Explanation: B: The Get-ADReplicationUpToDatenessVectorTable cmdlet displays the highest Update Sequence Number (USN) for the specified domain controller(s). This information shows how up-to-date a replica is with its replication partners. During replication, each object that is replicated has USN and if the object is modified, the USN is incremented. The value of the USN for a given object is local to each domain controller where it has replicated are number is different on each domain controller.
E: The repadmin /showrepl command helps you understand the replication topology and replication failures. It reports status for each source domain controller from which the destination has an inbound connection object. The status report is categorized by directory partition.
Question No: 140 – (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable force tunneling. Does this meet the goal?
Explanation: DirectAccess allows connectivity to organizational network resources without the need for traditional virtual private network (VPN) connections.
DirectAccess allows remote users to securely access internal network file shares, Web sites, and applications without connecting to a virtual private network (VPN). An internal network is also known as a private network or intranet. DirectAccess establishes bi- directional connectivity with an internal network every time a DirectAccess-enabled computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the internal network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.
Reference: DirectAccess Overview https://technet.microsoft.com/en-us/library/dd759144.aspx