QUESTION 45
Your company has a main office. The main office is located in a building that has 10 floors. A datacenter on the ground floor contains a Windows Server 2012 failover cluster. The failover cluster contains a DHCP server resource named DHCP1. All client computers receive their IP addresses from DHCP1. All client computers are part of the 131.107.0.0/16 IPv4 subnet. You plan to implement changes to the network subnets to include a separate subnet for each floor of the office building. The subnets will connect by using routers. You need to recommend changes to the DHCP infrastructure to ensure that all of the client computers can receive their IP configuration by using DHCP. What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.
A. Install a remote access server on each floor.
Configure a DHCP relay agent on each new DHCP server.
Create a scope for each subnet on DHCP1.
B. Install a DHCP server on each floor. Create a scope for the local subnet on each new DHCP server.
Enable DHCP Failover on each new DHCP server.
C. Configure each router to forward requests for IP addresses to DHCP1.
Create a scope for each subnet on DHCP1.
D. Configure each router to forward requests for IP addresses to DHCP1.
Create a scope for the 10.0.0.0/16 subnet on DHCP1.
Answer: C
QUESTION 46
You deploy an Active Directory domain named contoso.com to the network. The domain is configured as an Active Directory-integrated zone. All domain controllers run Windows Server 2012 and are DNS servers. You plan to deploy a child domain named operations.contoso.com. You need to recommend changes to the DNS infrastructure to ensure that users in the operations department can access the servers in the contoso.com domain.
What should you include in the recommendation?
A. A zone delegation for _msdcs.contoso.com
B. Changes to the replication scope of contoso.com
C. Changes to the replication scope of _msdcs.contoso.com
D. Changes to the replication scope of operations.contoso.com Answer:B
Answer: B
QUESTION 47
Your network contains an Active Directory domain named contoso.com. The domain contains an IP Address Management (IPAM) server. You plan to delegate the administration of IPAM as shown in the following table.
You need to recommend which IPAM security group must be used for each department. The solution must minimize the number of permissions assigned to each group. What should you recommend? To answer, drag the appropriate group to the correct department in the answer area. Each group may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 48
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest named contoso.com. The forest contains a Microsoft Exchange Server 2010 organization. All of the domain controllers in contoso.com run Windows Server 2012.
The perimeter network contains an Active Directory forest named litware.com.
You deploy Microsoft Forefront Unified Access Gateway (UAG) to litware.com. All of the domain controllers in litware.com run Windows Server 2012.
Some users connect from outside the network to use Outlook Web App.
You need to ensure that external users can authenticate by using client certificates.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Enable Kerberos constrained delegation in litware.com.
B. To the perimeter network, add an Exchange server that has the Client Access server role installed.
C. Enable Kerberos delegation in litware.com.
D. Deploy UAG to contoso.com.
Answer: D
QUESTION 49
Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers. An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers. To which container should you assign Admin1 permissions?
To answer, select the appropriate node in the answer area.
Answer:
QUESTION 50
What method should you use to deploy servers?
A. WDS
B. AIK
C. ADK
D. EDT
Answer: A
QUESTION 51
Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012. Your company uses IP Address Management (IPAM) to manage multiple DHCP servers. A user named User1 is a member of the IPAM Users group and is a member of the local Administrators group on each DHCP server.
When User1 edits a DHCP scope by using IPAM, the user receives the error message shown in the exhibit. (Click the Exhibit button.)
You need to prevent User1 from receiving the error message when editing DHCP scopes by using IPAM. What should you do?
A. Add User1 to the DHCP Administrators group on each DHCP server.
B. Add User1 to the IPAM Administrators group.
C. Run the Set-IpamServerConfig cmdlet.
D. Run the Invoke-IpamGpoProvisioning cmdlet.
Answer: B
QUESTION 52
Your network contains an Active Directory forest named corp.contoso.com. All servers run Windows Server 2012. The network has a perimeter network that contains servers that are accessed from the Internet by using the contoso.com namespace. The network contains four DNS servers. The servers are configured as shown in the following table.
All of the client computers on the perimeter network use Server1 and Server2 for name resolution. You plan to add DNS servers to the corp.contoso.com domain. You need to ensure that the client computers automatically use the additional name servers. The solution must ensure that only computers on the perimeter network can resolve names in the corp.contoso.com domain. Which DNS configuration should you implement on Server1 and Server2?
To answer, drag the appropriate DNS configuration to the correct location in the answer area. Each DNS configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 53
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. You plan to deploy DirectAccess. The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network. You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
What should you include in the recommendation?
A. Set the ISATAP State to state enabled.
B. Enable split tunneling.
C. Set the ISATAP State to state disabled.
D. Enable force tunneling.
Answer: D
QUESTION 54
Your network contains an Active Directory domain. You plan to implement a remote access solution that will contain three servers that run Windows Server 2012. The servers will be configured as shown in the following table.
You need to ensure that all VPN connection requests are authenticated and authorized by either Server2 or Server3. The solution must ensure that the VPN connections can be authenticated if either Server2 or Server3 fails. What should you do?
A. On Server1, configure a RADIUS proxy.
Add Server2 and Server3 to a failover cluster.
B. Add Server2 and Server3 to a Network Load Balancing (NLB) cluster.
On Server1, modify the Authentication settings.
C. On Server1, configure a RADIUS proxy.
On Server2 and Server3, add a RADIUS client.
D. On Server2 and Server3, add a RADIUS client. On Server1, modify the Authentication settings.
Answer: C
QUESTION 45
Your company has a main office. The main office is located in a building that has 10 floors. A datacenter on the ground floor contains a Windows Server 2012 failover cluster. The failover cluster contains a DHCP server resource named DHCP1. All client computers receive their IP addresses from DHCP1. All client computers are part of the 131.107.0.0/16 IPv4 subnet. You plan to implement changes to the network subnets to include a separate subnet for each floor of the office building. The subnets will connect by using routers. You need to recommend changes to the DHCP infrastructure to ensure that all of the client computers can receive their IP configuration by using DHCP. What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.
A. Install a remote access server on each floor.
Configure a DHCP relay agent on each new DHCP server.
Create a scope for each subnet on DHCP1.
B. Install a DHCP server on each floor. Create a scope for the local subnet on each new DHCP server.
Enable DHCP Failover on each new DHCP server.
C. Configure each router to forward requests for IP addresses to DHCP1.
Create a scope for each subnet on DHCP1.
D. Configure each router to forward requests for IP addresses to DHCP1.
Create a scope for the 10.0.0.0/16 subnet on DHCP1.
Answer: C
QUESTION 46
You deploy an Active Directory domain named contoso.com to the network. The domain is configured as an Active Directory-integrated zone. All domain controllers run Windows Server 2012 and are DNS servers. You plan to deploy a child domain named operations.contoso.com. You need to recommend changes to the DNS infrastructure to ensure that users in the operations department can access the servers in the contoso.com domain.
What should you include in the recommendation?
A. A zone delegation for _msdcs.contoso.com
B. Changes to the replication scope of contoso.com
C. Changes to the replication scope of _msdcs.contoso.com
D. Changes to the replication scope of operations.contoso.com Answer:B
Answer: B
QUESTION 47
Your network contains an Active Directory domain named contoso.com. The domain contains an IP Address Management (IPAM) server. You plan to delegate the administration of IPAM as shown in the following table.
You need to recommend which IPAM security group must be used for each department. The solution must minimize the number of permissions assigned to each group. What should you recommend? To answer, drag the appropriate group to the correct department in the answer area. Each group may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 48
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest named contoso.com. The forest contains a Microsoft Exchange Server 2010 organization. All of the domain controllers in contoso.com run Windows Server 2012.
The perimeter network contains an Active Directory forest named litware.com.
You deploy Microsoft Forefront Unified Access Gateway (UAG) to litware.com. All of the domain controllers in litware.com run Windows Server 2012.
Some users connect from outside the network to use Outlook Web App.
You need to ensure that external users can authenticate by using client certificates.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Enable Kerberos constrained delegation in litware.com.
B. To the perimeter network, add an Exchange server that has the Client Access server role installed.
C. Enable Kerberos delegation in litware.com.
D. Deploy UAG to contoso.com.
Answer: D
QUESTION 49
Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers. An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers. To which container should you assign Admin1 permissions?
To answer, select the appropriate node in the answer area.
Answer:
QUESTION 50
What method should you use to deploy servers?
A. WDS
B. AIK
C. ADK
D. EDT
Answer: A
QUESTION 51
Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012. Your company uses IP Address Management (IPAM) to manage multiple DHCP servers. A user named User1 is a member of the IPAM Users group and is a member of the local Administrators group on each DHCP server.
When User1 edits a DHCP scope by using IPAM, the user receives the error message shown in the exhibit. (Click the Exhibit button.)
You need to prevent User1 from receiving the error message when editing DHCP scopes by using IPAM. What should you do?
A. Add User1 to the DHCP Administrators group on each DHCP server.
B. Add User1 to the IPAM Administrators group.
C. Run the Set-IpamServerConfig cmdlet.
D. Run the Invoke-IpamGpoProvisioning cmdlet.
Answer: B
QUESTION 52
Your network contains an Active Directory forest named corp.contoso.com. All servers run Windows Server 2012. The network has a perimeter network that contains servers that are accessed from the Internet by using the contoso.com namespace. The network contains four DNS servers. The servers are configured as shown in the following table.
All of the client computers on the perimeter network use Server1 and Server2 for name resolution. You plan to add DNS servers to the corp.contoso.com domain. You need to ensure that the client computers automatically use the additional name servers. The solution must ensure that only computers on the perimeter network can resolve names in the corp.contoso.com domain. Which DNS configuration should you implement on Server1 and Server2?
To answer, drag the appropriate DNS configuration to the correct location in the answer area. Each DNS configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 53
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. You plan to deploy DirectAccess. The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network. You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
What should you include in the recommendation?
A. Set the ISATAP State to state enabled.
B. Enable split tunneling.
C. Set the ISATAP State to state disabled.
D. Enable force tunneling.
Answer: D
QUESTION 54
Your network contains an Active Directory domain. You plan to implement a remote access solution that will contain three servers that run Windows Server 2012. The servers will be configured as shown in the following table.
You need to ensure that all VPN connection requests are authenticated and authorized by either Server2 or Server3. The solution must ensure that the VPN connections can be authenticated if either Server2 or Server3 fails. What should you do?
A. On Server1, configure a RADIUS proxy.
Add Server2 and Server3 to a failover cluster.
B. Add Server2 and Server3 to a Network Load Balancing (NLB) cluster.
On Server1, modify the Authentication settings.
C. On Server1, configure a RADIUS proxy.
On Server2 and Server3, add a RADIUS client.
D. On Server2 and Server3, add a RADIUS client. On Server1, modify the Authentication settings.
Answer: C
QUESTION 45
Your company has a main office. The main office is located in a building that has 10 floors. A datacenter on the ground floor contains a Windows Server 2012 failover cluster. The failover cluster contains a DHCP server resource named DHCP1. All client computers receive their IP addresses from DHCP1. All client computers are part of the 131.107.0.0/16 IPv4 subnet. You plan to implement changes to the network subnets to include a separate subnet for each floor of the office building. The subnets will connect by using routers. You need to recommend changes to the DHCP infrastructure to ensure that all of the client computers can receive their IP configuration by using DHCP. What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.
A. Install a remote access server on each floor.
Configure a DHCP relay agent on each new DHCP server.
Create a scope for each subnet on DHCP1.
B. Install a DHCP server on each floor. Create a scope for the local subnet on each new DHCP server.
Enable DHCP Failover on each new DHCP server.
C. Configure each router to forward requests for IP addresses to DHCP1.
Create a scope for each subnet on DHCP1.
D. Configure each router to forward requests for IP addresses to DHCP1.
Create a scope for the 10.0.0.0/16 subnet on DHCP1.
Answer: C
QUESTION 46
You deploy an Active Directory domain named contoso.com to the network. The domain is configured as an Active Directory-integrated zone. All domain controllers run Windows Server 2012 and are DNS servers. You plan to deploy a child domain named operations.contoso.com. You need to recommend changes to the DNS infrastructure to ensure that users in the operations department can access the servers in the contoso.com domain.
What should you include in the recommendation?
A. A zone delegation for _msdcs.contoso.com
B. Changes to the replication scope of contoso.com
C. Changes to the replication scope of _msdcs.contoso.com
D. Changes to the replication scope of operations.contoso.com Answer:B
Answer: B
QUESTION 47
Your network contains an Active Directory domain named contoso.com. The domain contains an IP Address Management (IPAM) server. You plan to delegate the administration of IPAM as shown in the following table.
You need to recommend which IPAM security group must be used for each department. The solution must minimize the number of permissions assigned to each group. What should you recommend? To answer, drag the appropriate group to the correct department in the answer area. Each group may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 48
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest named contoso.com. The forest contains a Microsoft Exchange Server 2010 organization. All of the domain controllers in contoso.com run Windows Server 2012.
The perimeter network contains an Active Directory forest named litware.com.
You deploy Microsoft Forefront Unified Access Gateway (UAG) to litware.com. All of the domain controllers in litware.com run Windows Server 2012.
Some users connect from outside the network to use Outlook Web App.
You need to ensure that external users can authenticate by using client certificates.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Enable Kerberos constrained delegation in litware.com.
B. To the perimeter network, add an Exchange server that has the Client Access server role installed.
C. Enable Kerberos delegation in litware.com.
D. Deploy UAG to contoso.com.
Answer: D
QUESTION 49
Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers. An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers. To which container should you assign Admin1 permissions?
To answer, select the appropriate node in the answer area.
Answer:
QUESTION 50
What method should you use to deploy servers?
A. WDS
B. AIK
C. ADK
D. EDT
Answer: A
QUESTION 51
Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012. Your company uses IP Address Management (IPAM) to manage multiple DHCP servers. A user named User1 is a member of the IPAM Users group and is a member of the local Administrators group on each DHCP server.
When User1 edits a DHCP scope by using IPAM, the user receives the error message shown in the exhibit. (Click the Exhibit button.)
You need to prevent User1 from receiving the error message when editing DHCP scopes by using IPAM. What should you do?
A. Add User1 to the DHCP Administrators group on each DHCP server.
B. Add User1 to the IPAM Administrators group.
C. Run the Set-IpamServerConfig cmdlet.
D. Run the Invoke-IpamGpoProvisioning cmdlet.
Answer: B
QUESTION 52
Your network contains an Active Directory forest named corp.contoso.com. All servers run Windows Server 2012. The network has a perimeter network that contains servers that are accessed from the Internet by using the contoso.com namespace. The network contains four DNS servers. The servers are configured as shown in the following table.
All of the client computers on the perimeter network use Server1 and Server2 for name resolution. You plan to add DNS servers to the corp.contoso.com domain. You need to ensure that the client computers automatically use the additional name servers. The solution must ensure that only computers on the perimeter network can resolve names in the corp.contoso.com domain. Which DNS configuration should you implement on Server1 and Server2?
To answer, drag the appropriate DNS configuration to the correct location in the answer area. Each DNS configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 53
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. You plan to deploy DirectAccess. The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network. You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
What should you include in the recommendation?
A. Set the ISATAP State to state enabled.
B. Enable split tunneling.
C. Set the ISATAP State to state disabled.
D. Enable force tunneling.
Answer: D
QUESTION 54
Your network contains an Active Directory domain. You plan to implement a remote access solution that will contain three servers that run Windows Server 2012. The servers will be configured as shown in the following table.
You need to ensure that all VPN connection requests are authenticated and authorized by either Server2 or Server3. The solution must ensure that the VPN connections can be authenticated if either Server2 or Server3 fails. What should you do?
A. On Server1, configure a RADIUS proxy.
Add Server2 and Server3 to a failover cluster.
B. Add Server2 and Server3 to a Network Load Balancing (NLB) cluster.
On Server1, modify the Authentication settings.
C. On Server1, configure a RADIUS proxy.
On Server2 and Server3, add a RADIUS client.
D. On Server2 and Server3, add a RADIUS client. On Server1, modify the Authentication settings.
Answer: C
Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html