[Free] 2018(May) EnsurePass Testinsides Microsoft 70-413 Dumps with VCE and PDF 71-80

Ensurepass.com : Ensure you pass the IT Exams
2018 May Microsoft Official New Released 70-413
100% Free Download! 100% Pass Guaranteed!

Designing and Implementing a Server Infrastructure

Question No: 71 – (Topic 8)

This question consists of two statements: One is named Assertion and the other is named Reason. Both of these statements may be true: both may be false; or one may be true, while the other may be false.

To answer this question, you must first evaluate whether each statement is true on its own. If both statements are true, then you must evaluate whether the Reason (the second statement) correctly explains the Assertion (the first statement). You will then select the answer from the list of answer choices that matches your evaluation of the two statements.

Assertion:

You can run the RENDOM command on the GIA-DC domain controller to rename the domain.

Reason:

The RENDOM command is installed as part of the Active Directory Domain Services role when you promote a server to the domain controller role. The command allows you to rename the domain.

Evaluate the Assertion and Reason statements and choose the correct answer option.

->Both the Assertion and Reason are true. and the Reason is the correct explanation for the Assertion.

->Both the Assertion and Reason are true but the Reason is not the correct explanation for the Assertion.

->The Assertion is true, but the Reason Is false.

->The Assertion is false, but the Reason is true.

A. Both the Assertion and the Reason are false.

Answer: A

Question No: 72 – (Topic 8)

You need to give Great Britain division access to the UKSales application What should you set up?

  1. a border Gateway protocol

  2. a multi-tenant client-to-site VPN gateway

  3. a web application proxy

  4. a multi tenant Remote Access VPN gateway

Answer: C Explanation:

In the section sales department UK states: The sales staff of the new domain for the United Kingdom must comply with any device, including smartphones and laptop, can access a web-based sales application named UKSales for their region. The web-based sales application UKSales is not identical to the sales application is hosted in greenwing.com domain. In the sales application domain greenwing.com is a client-server application. In order to optimize the security of access to the web-based application UKSales, a Webanwendungsproxy (reverse proxy) should be installed and configured.

Topic 9, Mix Questions

Question No: 73 – (Topic 9)

Your company has a main office and 20 branch offices. All of the offices connect to each other by using a WAN link.

The network contains an Active Directory forest named contoso.com. The forest contains a domain for each office. The forest root domain contains all of the server resources.

Each branch office contains two domain controllers for the branch office domain and one domain controller for the contoso.com domain.

Each branch office has a support technician who is responsible for managing the accounts of their respective office only.

You recently updated all of the WAN links to high-speed WAN links.

You need to recommend changes to the Active Directory infrastructure to meet the following requirements:

->Reduce the administrative overhead of moving user accounts between the offices.

->Ensure that the support technician in each office can manage the user accounts of their respective office.

What should you include in the recommendation? More than one answer choice may achieve the goal. Select the BEST answer.

  1. Create a new child domain named corp.contoso.com. Create a shortcut trust between each child domain and corp.contoso.com.

  2. Create shortcut trusts between each child domain. In the main office, add a domain controller to each branch office domain.

  3. Move all of the user accounts of all the branch offices to the forest root domain. Decommission all of the child domains.

  4. Create a new forest root domain named contoso.local. Move all of the user accounts of all the branch offices to the new forest root domain. Decommission all of the child domains.

Answer: C

Explanation: The most basic of all Active Directory structures is the single domain model; this type of domain structure comes with one major advantage over the other models: simplicity. A single security boundary defines the borders of the domain, and all objects are

located within that boundary. The establishment of trust relationships between other domains is not necessary, and implementation of technologies such as Group Policies is made easier by the simple structure.

Question No: 74 – (Topic 9)

Your company plans to hire 100 sales representatives who will work remotely.

Each sales representative will be given a laptop that will run Windows 7. A corporate image of Windows 7 will be applied to each laptop.

While the laptops are connected to the corporate network, they will be joined to the domain. The sales representatives will not be local administrators.

Once the laptops are configured, each laptop will be shipped by courier to a sales representative.

The sales representative will use a VPN connection to connect to the corporate network.

You need to recommend a solution to deploy the VPN settings for the sales representatives. The solution must meet the following requirements:

->Ensure that the VPN settings are the same for every sales representative.

->Ensure that when a user connects to the VPN, an application named App1 starts.

What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

  1. VPN auto triggering

  2. The Add-VpnConnection cmdlet

  3. The Connection Manager Administration Kit (CMAK)

  4. Group Policy preferences

Answer: C

Explanation: We can use CMAK to create a connection that starts the Application App1 when the connectioin is established. The latter is achieved through the configuring CMAK “Post-Connect” custom action.

Note : Connection Manager is a client network connection tool that allows a user to connect to a remote network, such as an Internet service provider (ISP), or a corporate network protected by a virtual private network (VPN) server.

The Connection Manager Administration Kit (CMAK) is a tool that you can use to customize the remote connection experience for users on your network by creating predefined connections to remote servers and networks. To create and customize a connection for your users, you use the CMAK wizard.

Incorrect:

Not B: The Add-VpnConnection cmdlet would be able to establish a connection, but it could not start the App1 application.

Reference: Connection Manager Administration Kit https://technet.microsoft.com/en-us/library/cc752995.aspx

Question No: 75 – (Topic 9)

Your company has two main offices and 10 branch offices. Each office is configured as a separate Active Directory site.

The main offices sites are named Site1 and Site2. Each office connects to Site1 and Site2 by using a WAN link. Each site contains a domain controller that runs Windows Server 2008.

You are redesigning the Active Directory infrastructure.

You plan to implement domain controllers that run Windows Server 2012 and decommission all of the domain controllers that run Windows Server 2008.

You need to recommend a placement plan for the Windows Server 2012 domain controllers to meet the following requirements:

->Ensure that users can log on to the domain if a domain controller or a WAN link fails.

->Minimize the number of domain controllers implemented.

What should you include in the recommendation? (Each correct answer presents part of

the solution. Choose all that apply.)

  1. Read-only domain controllers (RODCs) in the branch office sites

  2. A writable domain controller in Site1

  3. A writable domain controller in Site2

  4. Writable domain controllers in the branch office sites

Answer: B,C

Explanation: Writeable domain controllers in Site1 and Site2 are enough as we should minimize the number of domain controllers.

Incorrect:

Not A, not D Writeable domain controllers are not needed to authenticate users at the branch offices, as each branch office connects to both Site1 and Site2.

Question No: 76 – (Topic 9)

Your network contains an Active Directory forest named contoso.com. The forest contains five domains. You need to ensure that the CountryCode attribute is replicated to the global catalog.

What should you do?

  1. Modify the schema partition.

  2. Create and modify an application partition.

  3. Modify the configuration partition.

  4. Modify the domain partitions.

Answer: A

Explanation: After an attributeSchema object is created, marking an additional attribute to replicate to the Global Catalog causes a full replication (also known as a quot;full syncquot;) of all objects to the Global Catalog.

Reference: How to Modify Attributes That Replicate to the Global Catalog https://support.microsoft.com/en-us/kb/248717

Question No: 77 – (Topic 9)

Your network contains a Hyper-V host named Host1 that runs Windows Server 2012. Host1 contains a virtual machine named DC1. DC1 is a domain controller that runs Windows Server 2012.

You plan to clone DC1.

You need to recommend which steps are required to prepare DC1 to be cloned.

What should you include in the recommendation? (Each correct answer presents part of the solution. Choose all that apply.)

  1. Run dcpromo.exe /adv.

  2. Create a file named Dccloneconfig.xml.

  3. Add DC1 to the Cloneable Domain Controllers group.

  4. Run sysprep.exe /oobe.

  5. Run New-VirtualDiskClone.

Answer: B,C Explanation:

B: DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it boots. This includes network settings, DNS, WINS, AD site name, new DC name and more. This file can be generated in a few different ways.

C: There#39;s a new group in town. It#39;s called Cloneable Domain Controllers and you can find it in the Users container. Membership in this group dictates whether a DC can or cannot be cloned. This group has some permissions set on the domain head that should not be removed. Removing these permissions will cause cloning to fail. Also, as a best practice, DCs shouldn#39;t be added to the group until you plan to clone and DCs should be removed from the group once cloning is complete. Cloned DCs will also end up in the Cloneable Domain Controllers group. Make sure to remove those as well.

Reference: http://blogs.technet.com/b/askpfeplat/archive/2012/10/01/virtual-domain- controller-cloning-in-windows-server-2012.aspx

Question No: 78 HOTSPOT – (Topic 9)

Your network contains an Active Directory forest named contoso.com. The forest contains

one domain. All domain controllers run Windows Server 2012. The functional level of the forest and the domain is Windows Server 2012.

The domain contains three domain controllers. The domain controllers are configured as shown in the following table.

Ensurepass 2018 PDF and VCE

In the forest, you plan to add a new domain controller that runs Windows Server 2012 R2. You need to prepare the environment before you add the new domain controller.

Which domain controllers must be available to run each command? To answer, select the appropriate domain controllers in the answer area.

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

  • adprep /forestprep

    Must be run on the schema operations master for the forest (here DC1). Once for the entire forest

  • adprep /domainprep

    Must be run on the infrastructure operations (DC2) master for the domain.

  • adprep /rodcprep

Can be run from any computer. This command performs operations remotely. For the operations to complete successfully, the domain naming operations master (DC1) for the forest and the infrastructure operations master (DC2) for each application directory partition and each domain partition must be accessible.

Question No: 79 – (Topic 9)

Your network contains an Active Directory domain named contoso.com. The functional level of the domain and the forest is Windows Server 2008 R2.

All domain controllers run Windows Server 2008 R2.

You plan to deploy a new line-of-business application named App1 that uses claims-based authentication.

You need to recommend changes to the network to ensure that Active Directory can provide claims for App1.

What should you include in the recommendation? (Each correct answer presents part of the solution. Choose all that apply.)

  1. From the properties of the computer accounts of the domain controllers, enable Kerberos constrained delegation.

  2. From the Default Domain Controllers Policy, enable the Support for Dynamic Access Control and Kerberos armoring setting.

  3. Deploy Active Directory Lightweight Directory Services (AD LDS).

  4. Raise the domain functional level to Windows Server 2012.

  5. Add domain controllers that run Windows Server 2012.

    Answer: B,E

    Explanation: E: You must perform several steps to enable claims in Server 2012 AD. First, you must upgrade the forest schema to Server 2012. You can do so manually through Adprep, but Microsoft strongly recommends that you add the AD DS role to a new Server 2012 server or upgrade an existing DC to Server 2012.

    B: Once AD can support claims, you must enable them through Group Policy:

    ->From the Start screen on a system with AD admin rights, open Group Policy Management and select the Domain Controllers Organizational Unit (OU) in the domain in which you wish to enable claims.

    ->Right-click the Default Domain Controllers Policy and select Edit.

    ->In the Editor window, drill down to Computer Configuration, Policies, Administrative Templates, System, and KDC (Key Distribution Center).

    ->Open KDC support for claims, compound authentication, and Kerberos armoring.

    ->Select the Enabled radio button. Supported will appear under Claims, compound authentication for Dynamic Access Control and Kerberos armoring options

    Ensurepass 2018 PDF and VCE

    Reference: Enable Claims Support in Windows Server 2012 Active Directory

    http://windowsitpro.com/windows-server-2012/enable-claims-support-windows-server- 2012-active-directory

    Question No: 80 HOTSPOT – (Topic 9)

    Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers.

    An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers.

    To which container should you assign Admin1 permissions? To answer, select the appropriate node in the answer area.

    Ensurepass 2018 PDF and VCE

    Answer:

    Ensurepass 2018 PDF and VCE

    Explanation:

    Ensurepass 2018 PDF and VCE

    Authorization of DHCP server can only be performed by a domain user that has permissions to create objects in the Net services container in Active Directory. See how to delegate permissions to do this in active directory.

    100% Ensurepass Free Download!
    Download Free Demo:70-413 Demo PDF
    100% Ensurepass Free Guaranteed!
    Download 2018 EnsurePass 70-413 Full Exam PDF and VCE

    EnsurePass ExamCollection Testking
    Lowest Price Guarantee Yes No No
    Up-to-Dated Yes No No
    Real Questions Yes No No
    Explanation Yes No No
    PDF VCE Yes No No
    Free VCE Simulator Yes No No
    Instant Download Yes No No

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.