QUESTION 61
You need to ensure that NAP meets the technical requirements.
Which role services should you install?
A. Network Policy Server, Health Registration Authority and Host Credential Authorization Protocol
B. Health Registration Authority, Host Credential Authorization Protocol and Online Responder
C. Certification Authority, Network Policy Server and Health Registration Authority
D. Online Responder, Certification Authority and Network Policy Server Answer:C
Answer: C
QUESTION 62
You need to recommend a change to the Active Directory environment to support the company’s planned changes.
What should you include in the recommendation?
A. Upgrade the domain controllers that have the PDC emulator master role to Windows Server 2012.
B. Raise the functional level of the domain and the forest.
C. Implement Administrator Role Separation.
D. Upgrade the domain controller that has the domain naming master role to Windows Server 2012.
Answer: B
QUESTION 63
You need to recommend changes to the Active Directory environment to support the visualization requirements.
What should you include in the recommendation?
A. Raise the functional level of the domain and the forest.
B. Implement Administrator Role Separation.
C. Upgrade the domain controllers that have the PDC emulator master role to Windows Server 2012.
D. Upgrade the domain controller that has the domain naming master role to Windows Server 2012.
Answer: C
QUESTION 64
Your network contains an Active Directory domain named contoso.com. The domain contains four computers that are configured as shown in the following table.
You plan to use domain controller cloning. You need to identify on which computers you can clone domain controllers that run Windows Server 2012.
Which computers should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
A. Server1
B. Server2
C. Server3
D. Client1
Answer: AD
QUESTION 65
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. You plan to deploy DirectAccess. The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network. You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
What should you include in the recommendation?
A. Set the ISATAP State to state enabled.
B. Enable split tunneling.
C. Set the ISATAP State to state disabled.
D. Enable force tunneling.
Answer: D
QUESTION 66
Your company has two divisions named Division1 and Division2. The network contains an Active Directory domain named contoso.com. The domain contains two child domains named division1.contoso.com and division2.contoso.com. The company sells division1 to another company. You need to prevent administrators in contoso.com and division2.contoso.com from gaining administrative access to the resources in division1.contoso.com.
What should you recommend?
A. Create a new tree in the forest named contoso.secure. Migrate the resources and the accounts in division1.contoso.com to contoso.secure.
B. On the domain controller accounts in division1.contoso.com, deny the Enterprise Admins group the
Allowed to Authenticate permission.
C. Create a new forest and migrate the resources and the accounts in division1.contoso.com to the new forest.
D. In division1.contoso.com, remove the Enterprise Admins group from the Domain Admins group and remove
the Enterprise Admins group from the access control list (ACL) on the division1.contoso.com domain object.
Answer: C
QUESTION 67
Your network contains an Active Directory domain named contoso.com. On several organizational units (OUs), an administrator named Admin1 plans to delegate control of custom tasks. You need to ensure that Admin1 can delegate a custom task named Task1 by using the Delegation of Control Wizard.
What should you do?
A. Add a new class to the Active Directory schema.
B. Configure a custom MMC console.
C. Modify the Delegwiz.inf file.
D. Configure a new authorization store by using Authorization Manager.
Answer: C
QUESTION 68
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008. You plan to implement Windows Server 2012. You need to create a report that includes the following information:
* The servers that run applications and services that can be moved to Windows Server 2012
* The servers that have hardware that can run Windows Server 2012
* The servers that are suitable to be converted to virtual machines hosted on Hyper-V hosts that run Windows Server 2012
What should you do?
A. From an existing server, run the Microsoft Application Compatibility Toolkit (ACT).
B. Install Windows Server 2012 on a new server, and then run the Windows Server Migration Tools.
C. Install Windows Server 2012 on a new server, and then run Microsoft Deployment Toolkit (MDT) 2012.
D. From an existing server, run the Microsoft Assessment and Planning (MAP) Toolkit.
Answer: D
QUESTION 69
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the DHCP Server server role installed. All of the client computers that are in a subnet named Subnet1 receive their IP address configurations from Server1. You plan to add another DHCP server named Server2 to Subnet1. You need to recommend changes to the DHCP infrastructure to ensure that the client computers continue to receive IP addressing information if a single DHCP server fails. What should you do? More than one answer choice may achieve the goal. Select the BEST answer.
A. Create a Network Load Balancing (NLB) cluster.
B. Configure Failover for the scope.
C. Create a DHCP failover cluster.
D. Create a split scope.
Answer: B
QUESTION 70
Your network contains an Active Directory forest named contoso.com. The forest contains one domain.
Your company plans to open a new division named Division1.
A group named Division1Admins will administer users and groups for Division1.
You identify the following requirements for Division1:
– All Division1 users must have a complex password that is 14 characters.
– Division1Admins must be able to manage the user accounts for Division1.
– Division1Admins must be able to create groups, and then delete the groups that they create.
– Division1Admins must be able to reset user passwords and force a password change at the next logon for all Division1 users.
You need to recommend changes to the forest to support the Division1 requirements.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Create a new child domain named divisionl.contoso.com. Move all of the Division1 user accounts to
the new domain. Add the Division1Admin members to the Domain Admins group. Configure the password
policy in a Group Policy object (GPO).
B. In the forest, create a new organizational unit (OU) named Division1 and add Division1Admins to the
Managed By attribute of the new OU. Move the Division1 user objects to the new OU. Create a fine-grained
password policy for the Division1 users.
C. Create a new forest. Migrate all of the Division1 user objects to the new forest and add the Division1Admins
members to the Enterprise Admins group. Configure the password policy in a Group Policy object (GPO).
D. In the forest, create a new organizational unit (OU) named Division1 and delegate permissions for the OU
to the Division1Admins group. Move all of the Division1 user accounts to the new OU. Create a fine-grained
password policy for the Division1 users.
Answer: D
Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html