70-413

Microsoft 70-413

Designing and Implementing a Server InfrastructureVersion: 15.0

--

-

-

-

Topic 1, Leyburn Investments

Company Background

Leyburn Investments is a global financial services company. The company has 5,100 employeesbased in offices in New York, London, Rome and Madrid.

The New York office is the corporate headquarters. The New York office has 3000 employees.The London, Rome and Madrid offices each have 700 employees.

Existing Environment

Existing Active Directory Environment

The network consists of a single Active Directory forest named LeyburnInv.com. The New Yorkoffice contains the LeyburnInv.com root domain. The London, Rome and Madrid offices havedomains named London.LeyburnInv.com, Rome.LeyburnInv.com and Madrid.LeyburnInv.comrespectively.

All four domains have domain controllers running Windows Server 2008 R2. All domain controllersare configured as DNS Servers. The forest functional level of the LeyburnInv.com forest isWindows Server 2008.

Network Infrastructure

Each of the four offices has a high speed Internet connection. All four offices have VPNconnections to the other offices.

Each office includes the following servers:

Two physical Windows Server 2008 R2 domain controllers. One physical Windows Server 2008 R2 DHCP server. Four physical Windows Server 2008 R2 file servers.

Business Requirements

Planned Changes

The Rome and Madrid offices will be closed. Active Directory user accounts, computer accounts and Group Policy Objects (GPOs) from theRome.LeyburnInv.com domain will be moved to the London.LeyburnInv.com domain and theRome.LeyburnInv.com domain will be decommissioned.

Microsoft 70-413 Exam

"Pass Any Exam. Any Time." - www.actualtests.com 2

--

-

-

-

-

-

-

-

-

-

The Madrid office will be moved to Barcelona. The Madrid.LeyburnInv.com domain will berenamed to Barcelona.LeyburnInv.com. A Windows Server IP Address Management (IPAM) server will be deployed in each office. Ten new Windows Server 2012 Hyper-V host servers will be deployed to the New York, Londonand Barcelona offices. Active Directory Recycle Bin will be enabled in each domain. Start Menu and Desktop folder redirection will be enabled in the Barcelona office.

Technical Requirements

Leyburn Investments has the following technical requirements:

Allow for software installation using disk imaging or virtual machine cloning Reduce the number of physical servers by using virtualization. Upgrade servers to Windows Server 2012. Implement a central solution for managing virtual machines. Deploy virtual domain controllers using virtual machine cloning. Distribute virtual machines between Hyper-V hosts automatically according to server load.

QUESTION NO: 1

You need to enable the deployment of domain controllers using virtual machine cloning.

Which of the following would need to be done first?

A. The domain controller running the Schema Master role needs to be upgraded to WindowsServer 2012. B. The domain controller running the Domain Naming Master role needs to be upgraded toWindows Server 2012. C. All domain controllers running the Infrastructure Master role need to be upgraded to WindowsServer 2012. D. The functional level of the forest needs to be raised to Windows Server 2012. E. All domain controllers running the PDC Emulator role need to be upgraded to Windows Server2012.

Answer: EExplanation:

QUESTION NO: 2

You need to enable Active Directory Recycle Bin in the domains.



Which of the following would need to be done first?

A. The functional level of the forest needs to be raised to Windows Server 2008 R2 or later. B. The domain controller running the Schema Master role needs to be upgraded to WindowsServer 2012. C. All domain controllers need to be upgraded to Windows Server 2012. D. All domain controllers running the Infrastructure Master role need to be upgraded to WindowsServer 2012.

Answer: AExplanation:

QUESTION NO: 3

Which of the following technologies should you implement to meet the technical requirement ofdistributing virtual machines between Hyper-V hosts automatically according to server load?

A. Windows Network Load Balancing. B. Microsoft System Center 2012 Virtual Machine Manager (VMM). C. Microsoft System Center 2012 Data Protection Manager (DPM). D. Microsoft Enterprise Desktop Virtualization (MED-V)

Answer: BExplanation:

QUESTION NO: 4

You have created a Windows Server 2012 virtual machine configured as a domain controller.

You want to clone the virtual domain controller to create another virtual domain controller.

Which two of the following steps should you perform first? (Choose two).

A. Run the Install-ADDSDomainController PowerShell cmdlet. B. Run the New-ADDCCloneConfigFile PowerShell cmdlet. C. Run sysprep.exe /oobe. D. Run dcpromo.exe /adv. E. Place a DCCloneConfig.xml file in the %Systemroot%\NTDS folder. F. Place an Unattend.xml file in the %Systemroot%\SYSVOL folder.



Answer: B,EExplanation:

QUESTION NO: 5

You want to migrate the physical Windows Server 2008 R2 DHCP servers to Windows Server2012 virtual machines.

You plan to use the Windows Server Migration Tools cmdlets in Windows PowerShell to migratethe DHCP servers and minimize the risk of IP Address conflicts during the migration.

Which PowerShell cmdlet should you run first?

A. Import-SmigServerSetting on the virtual machines. B. Export-SmigServerSetting on the virtual machines. C. Get-SmigServerFeature on the virtual machines. D. Import-SmigServerSetting on the Physical servers. E. Export-SmigServerSetting on the Physical servers.


QUESTION NO: 6

You need to plan for renaming the Madrid.LeyburnInv.com to Barcelona.LeyburnInv.com.

Which tool should you use to rename the domain?

A. Active Directory Migration Tool version 3.2 (ADMT v3.2). B. MoveTree.exe. C. Rendom.exe. D. Active Directory Domains and Trusts.

Answer: CExplanation:



QUESTION NO: 7

You need to plan for renaming the Madrid.LeyburnInv.com to Barcelona.LeyburnInv.com.

Which tool should you use to automatically correct any severed Group Policy links and invalidUNC paths in GPOs in the renamed domain?

A. Rendom.exe. B. Gpupdate.exe C. Gpfixup.exe D. Dcgpofix.exe


QUESTION NO: 8

You are planning to migrate objects from the Rome.LeyburnInv.com domain to theLondon.LeyburnInv.com domain before decommissioning the Rome.LeyburnInv.com domain.

Which two of the following tools should you use to migrate the required objects as stated in thePlanned Changes? (Choose two).

A. Active Directory Lightweight Directory Services (AD LDS) B. Active Directory Migration Tool version 3.2 (ADMT v3.2) C. Active Directory Domains and Trusts D. Active Directory Federation Services (AD FS) E. Group Policy Management Console (GPMC)


QUESTION NO: 9

One of the planned changes is to enable Start Menu and Desktop folder redirection in theBarcelona office.

You need to recommend a solution to meet this requirement.



What should you recommend?

A. Modify the Default Domain Controller Policy in the Barcelona.LeyburnInv.com domain. B. Link a new Group Policy Object (GPO) to the LeyBurnInv.com domain. C. Link a new Group Policy Object (GPO) to the Barcelona.LeyBurnInv.com domain. D. Link a new Group Policy Object (GPO) to the each domain.


QUESTION NO: 10

One of the technical requirements states that the company wants to reduce the number of physicalservers by using virtualization. Another technical requirement is to upgrade servers to WindowsServer 2012.

You need to gather the following information about the current servers in the network:

Which physical servers meet the hardware requirements to run Windows Server 2012?

Which physical servers are suitable candidates to be converted to Hyper-V virtual machines?

Which servers run applications that can be moved to Windows Server 2012?

How can you generate a report that includes the required information?

A. By running the Microsoft Assessment and Planning (MAP) Toolkit on an existing server. B. By running the Microsoft Deployment Toolkit (MDT) 2012 on an existing server. C. By running Microsoft Application Compatibility Toolkit (ACT) on an existing server. D. By running the Active Directory Migration Tool version 3.2 (ADMT v3.2) on an existing server.


QUESTION NO: 11

The IP Address Management (IPAM) servers in each office will be used to manage the localDHCP and DNS servers. You need to delegate the administration of the IPAM servers to asecurity group named IPAdmins in each domain.



You create the IPAdmins group and add the appropriate users to the groups. You need to givethe IPAdmins group the relevant permissions to manage the IPAM servers.

What should you do?

A. You should add the IPAdmins group to the IPAM Users group on the IPAM servers. B. You should add the IPAdmins group to the IPAM Administrators group on the IPAM servers. C. You should run the Set-IpamConfiguration PowerShell cmdlet. D. You should run the Invoke-IpamGpoProvisioning PowerShell cmdlet.


Topic 2

2, Weyland Technical Solutions (WTS) Ltd.

Company Background

Weyland Technical Solutions is an IT company who provide hosted or managed services to smallto medium-sized companies in central USA. The company is located in a single site in Weyland,Kansas.

The company currently has 1500 employees.

Existing Environment

Existing Active Directory Environment

The network consists of a single Windows Server 2008 R2 Active Directory Domain Services (ADDS) domain named WTSltd.com. The forest functional level is Windows Server 2008.

The network contains four physical domain controllers. All domain controllers are configured asDNS Servers.

Network Infrastructure

The network is divided into four subnets. All servers are located in a data center located in theWTS site.



--

-

-

-

-

-

-

-

-

-

-

-

-

-

The data center includes the following servers:

Four physical Windows Server 2008 R2 DHCP Servers. Eight physical Windows Server 2008 R2 file servers. Six physical Windows Server 2008 R2 print servers. Four physical Windows Server 2008 R2 domain controllers. One physical Windows Server 2008 R2 HyperV host server.

All client computers run either Windows 7 or Windows 8.

Business Requirements

Planned Changes

Deploy new Windows Server 2012 Hyper-V host servers. Implement a VPN solution for external workers. Implement RADIUS authentication for the VPN connections. Implement Network Access Protection (NAP). Implement Active Directory Recycle Bin

Technical Requirements

Weyland Technical Solutions has the following technical requirements:

Migrate all servers to Windows Server 2012. Virtualize existing physical servers where possible. Deploy virtual domain controllers using virtual machine cloning. DHCP IP address leases must be logged centrally. Centrally manage Network Access Protection (NAP) policies.

QUESTION NO: 12

You are installing two Windows Server 2012 servers to function as VPN servers and one WindowsServer 2012 server to function as a RADIUS server. The RADIUS server will be configured toauthenticate VPN connections.

How should you configure the VPN servers to use the RADIUS server?

A. You should modify the authentication provider on the VPN servers. B. You should install the Active Directory Federation Services role on the VPN servers. C. You should add a RADIUS client on the VPN servers.



D. You should add a RADIUS proxy on the VPN servers.


QUESTION NO: 13

You are configuring the Windows Server 2012 server to function as a RADIUS server.

Which Network Policy and Access Services role service should you install on the server?

A. Host Credential Authorization Protocol B. Health Registration Authority C. Network Policy Server D. Remote Access Service


QUESTION NO: 14

You have created a Windows Server 2012 virtual machine (VM) to function as a print server.

Which of the following utilities should you use to migrate the print queues from a physical printserver to a virtual print server?

A. Active Directory Migration Tool (ADMT) B. The Print Management console. C. IP Address Management (IPAM) D. MoveTree.exe. E. Windows Server Migration Tools.


QUESTION NO: 15

You are considering the use of the Data Deduplication feature of Windows Server 2012 to save



disk storage space used on the file servers.

On which of the following volumes is data deduplication supported? (Choose all that apply).

A. Remote mapped or remote mounted drives. B. Local mounted VHD formatted with NTFS. C. Boot or System Volumes. D. Simple volumes formatted with NTFS. E. Simple volumes formatted with FAT32. F. Cluster Shared Volumes (CSV).

Answer: B,DExplanation:

QUESTION NO: 16

One of the technical requirements states that DHCP IP address leases must be logged centrally.

Which of the following solutions can be used for logging the IP address leases and the name ofthe user the IP address was leased to?

A. DHCP audit logging B. DHCP Scope options C. DHCP Event Log D. IP Address Management (IPAM)

Answer: DExplanation:

QUESTION NO: 17

After implementing Active Directory Recycle Bin, you want to perform a test restoration of a useraccount. You delete an old test user account.

You restore the test user account from the Active Directory Recycle Bin. You want to replicate therestored user account to all domain controllers in the domain while minimizing the Active Directoryreplication traffic.

Which two of the following cmdlets should you run? (Choose two).



A. Get ADDomainController B. Get-ADDomain C. Get-ADReplicationSite D. Set-ADUser E. Sync-ADObject F. Move-ADObject

Answer: A,EExplanation:

QUESTION NO: 18

You are evaluating the deployment of virtual domain controllers using virtual machine cloning.

On which of the following virtual platforms could you clone a virtual Windows Server 2012 domaincontroller? (Choose all that apply).

A. VMware VSphere ESXi 5.0. B. Microsoft Virtual PC on Windows 7. C. Microsoft Hyper-V on Windows 8. D. Microsoft Hyper-V on Windows Server 2008 R2. E. Microsoft Hyper-V on Windows Server 2012.

Answer: C,EExplanation:

Topic 3, Mixed Questions

QUESTION NO: 19

You are configuring a network for a company that has multiple buildings in a campus layout.

The network consists of a Windows Server 2012 Active Directory Domain Services (AD DS)domain. A single datacenter hosts most of the companys servers.

You are deploying client computers to 8 new buildings. Each building will have a separate subnet.



A router in each building will connect each subnet to the datacenter.

You want to manage IP address deployment from a single highly available DHCP server in thedatacenter. Your solution must minimize costs.

How should you configure the infrastructure? (Choose two answers).

A. Install a server in each building that runs the Routing and Remote Access Service. Configure aDHCP Relay Agent on the servers. B. Configure the routers to forward DHCP requests to the datacenter DHCP server. C. Install a server running the DHCP Server role in each building. Configure the DHCP server toforward DHCP requests to the datacenter DHCP server. D. Configure a single DHCP scope. E. Configure a separate DHCP scope for each building.


QUESTION NO: 20

You work as a Network Administrator for Testking.com. The network consists of a single WindowsServer 2012 Active Directory Domain Services (AD DS) domain named Testking.com. All serversin the domain run Windows Server 2012.

All domain controllers are configured as DNS servers and host an Active Directory Integrated zonefor the Testking.com domain. The Testking.com DNS zone is configured to replicate to all domaincontrollers in the domain.

The company has a development department. Company developers create custom software to beused by all company employees.

You need to create a child domain named Dev.Testking.com. The domain will be used bydevelopers to test their software. The Dev.Testking.com will include Windows Server 2012domain controllers, Windows 7 client computers and user accounts.

Developers need to be able to access servers in the Testking.com domain while logged in to theDev.Testking.com domain.

How can you ensure that Dev.Testking.com users can resolve the names of servers in the



Testking.com domain?

A. By configuring a primary zone for the Testking.com domain on a domain controller in theDev.Testking.com domain. B. By modifying the replication scope of the Testking.com domain. C. By modifying the replication scope of the Dev.Testking.com domain. D. By configuring a primary zone for the Dev.Testking.com on a domain controller in theTestking.com domain.


QUESTION NO: 21

You work for a company named Testking.com. Your role of Network Administrator includes themanagement of the companys Windows 2012 Active Directory Domain Services (AD DS) domain.

You are configuring an IP Address Management (IPAM) server in the network. The IPAM serverwill be used to manage the DHCP and DNS servers in the network.

A user named Mia works in the IT department. Mia will help in the administration of the IPAMserver. You need to assign Mia the appropriate permissions on the IPAM server.

Company security policy states that all users must be assigned the minimum permissionsnecessary to perform their required tasks.

Which IPAM security group has the minimum permissions to view all information in serverdiscovery, IP address space, and server management?

A. IPAM Users B. IPAM multi-server management (MSM) administrators C. IPAM address space management (ASM) administrators D. IPAM IP Audit Administrators E. IPAM Administrators




QUESTION NO: 22



A user named Clive works in the IT department. Clive will help in the administration of the IPAMserver. You need to assign Clive the appropriate permissions on the IPAM server.


Which IPAM security group has the minimum permissions to view IP address tracking information?



QUESTION NO: 23



A user named Myles works in the IT department. Myles will help in the administration of the IPAMserver. You need to assign Myles the appropriate permissions on the IPAM server.




Which IPAM security group has the minimum permissions to create an IP Address Block?



QUESTION NO: 24


You plan to configure additional DHCP servers in the network. You need to delegate the ability toauthorize DHCP servers to a non-enterprise administrator.

You open Active Directory Sites and Services and view the Services Node.

How can you assign the necessary permissions to authorize DHCP servers?

A. By delegating control of the Claims Configuration container. B. By delegating control of the NetServices container. C. By delegating control of the Public Key Services container. D. By delegating control of the RRAS container.


QUESTION NO: 25

You work as a Network Administrator at Testking.com. The network consists of a single WindowsServer 2012 Active Directory Domain Services (AD DS) domain named Testking.com. All serverson the network run Windows Server 2012 and all client computers run Windows 7 Professional.

The company has started working on a project involving a partner company named Weyland



Industries. The Weyland Industries network consists of a single Windows Server 2012 ActiveDirectory Domain Services (AD DS) domain named WeylandIndustries.com. A two-way foresttrust relationship exists between the domain networks of Testking.com andWeylandIndustries.com.

Users in both domains can resolve the names of resources in the other domain.

You need to implement single-label names in the Testking.com domain. Users in both domainswill need to resolve single-label names in the Testking.com domain.

You enable GlobalNames support on a domain controller in the Testking.com domain and create aDNS zone named GlobalNames.

Which two of the following actions should you perform? (Choose two)

A. Create a GlobalNames service location record on a domain controller in the Testking.comdomain. B. Create a GlobalNames service location record on a domain controller in theWeylandIndustries.com domain. C. Configure a conditional forwarder in the WeylandIndustries.com domain. D. Enable GlobalNames support in the WeylandIndustries domain. E. Configure a DNS Stub zone in the WeylandIndustries.com domain.


QUESTION NO: 26


You use IP Address Management (IPAM) on a Windows Server 2012 server named TK-IPAM1 tomanage the DHCP and DNS servers in the network.

You add a Technician named John to the local administrators group on a DHCP server named TK-DHCP1. John logs in locally to TK-DHCP1 and successfully modifies a DHCP scope.

John attempts to modify another DHCP scope on TK-DHCP1 by using IPAM. However, hereceives the following error:



One of more IPAM database errors occurred. Run the IPAM configuration task to synchronizethe database with newly applied settings on managed servers.

You verify that John is a member of the IPAM Users group on TK-IPAM1.

How can you enable John to use IPAM to modify DHCP scopes?

A. By running the Export-IpamAddress PowerShell cmdlet on TK-IPAM1. B. By adding John to the IPAM Audit Administrators group on TK-IPAM1 C. By adding John to the DHCP Administrators group on TK-DHCP1. D. By adding John to the IPAM Administrators group on TK-IPAM1.


QUESTION NO: 27


A Windows Server 2012 server named TK-DHCP1 is configured as a DHCP server. TK-DHCP1contains a single DHCP scope and assigns IP configurations to all client computers in the network.

You want to provide redundancy for the DHCP infrastructure so that client computers continue toreceive IP configurations in the event of a DHCP server failure.

You plan to configure a second DHCP server named TK-DHCP2.

You need to decide the best way to configure the DHCP infrastructure. Your solution mustminimize costs and minimize administrative effort.

Which of the following solutions should you implement?

A. You should split the DHCP scope between the two DHCP servers. B. You should configure Network Load Balancing (NLB) between the two servers. C. You should configure DHCP Failover between the two servers. D. You should install a hardware load balancer. E. You should configure DNS Round Robin.

Answer: C



Explanation:

QUESTION NO: 28


Several company Sales users often work away from the office.

You plan to implement DirectAccess to enable the Sales users to access resources within thecorporate network while working away from the office.

You want to ensure that when Sales users are connected using DirectAccess, all traffic is sentover the DirectAccess connection. Traffic destined for the corporate network must go over theDirectAccess connection and traffic destined to the Internet must also go over the DirectAccessconnection.

What should you do?

A. You should configure Split Tunneling. B. You should configure Force Tunneling. C. You should disable Intra-Site Automatic Tunnel Addressing Protocol (ISATAP). D. You should modify the default gateway setting on the client computers.


QUESTION NO: 29


A Windows Server 2012 server named TK-NPS1 runs the Network Policy Server (NPS) role.

You plan to implement a VPN solution to enable external users to connect to resources within thecorporate network.



You install a Windows Server 2012 server named TK-VPN1 and install the Routing and RemoteAccess role on the server.

You need to configure the environment so that VPN connection requests are authenticated on TK-NPS1.

Which two of the following steps should you perform? (Choose two answers).

A. Add a RADIUS client on TK-VPN1. B. Add a RADIUS client on TK-NPS1. C. Add a RADIUS proxy on TK-VPN1. D. Add a RADIUS proxy on TK-NPS1. E. Modify the authentication settings on TK-VPN1. F. Modify the authentication settings on TK-NPS1.


QUESTION NO: 30


All client computers within the network are assigned IP addresses from a DHCP server.

A Windows Server 2012 server named TK-NPS1 runs the Network Policy Server (NPS) role.

You plan to implement a VPN solution to enable external users to connect to resources within thecorporate network. All VPN connections will be assigned an IP address from the DHCP server.

Some external users will connect to the VPN from their home computers that are not members ofthe domain.

You need to configure Network Access Protection (NAP) to ensure that network access isrestricted for internal and external client computers that do not have antivirus software or have out-of-date virus definitions.

What should you do?



A. You should configure NAP Enforcement for 802.1X on TK-NPS1. B. You should configure NAP Enforcement for VPN on TK-NPS1. C. You should configure NAP Enforcement for DHCP on TK-NPS1. D. You should configure NAP Enforcement for Terminal Services on TK-NPS1. E. You should configure NAP Enforcement for IPSec Communications on TK-NPS1.


QUESTION NO: 31


You plan to implement a VPN solution to enable external users to connect to resources within thecorporate network. You install a Windows Server 2012 server running the Routing and RemoteAccess (RRAS) role.

Some external users will connect to the VPN using domain-joined portable computers while otherusers will connect from their home computers that are not members of the domain.

The client computers run a mix of Windows XP, Windows 7 or Windows 8.

You need to implement a solution to configure all client computers with the appropriate settings toconnect to the VPN.

You install the Connection Manager Administration Kit (CMAK).

Which two of the following actions should you perform next? (Choose two).

A. Configure a RemoteApp application package. B. Configure a Connection Profile package. C. Publish the package in a Group Policy Object (GPO). D. Publish the package in an Extranet Web Site. E. Configure a logon script to install the package.




QUESTION NO: 32

You work for a company named Testking.com. Your role of Network Administrator includes themanagement of the companys Windows 2012 Active Directory Domain Services (AD DS) domain. All servers in the network run Windows Server 2012. All client computers run either Windows 7 orWindows 8.

All client computers run Windows Defender. Currently all client computers are configured todownload the latest Windows Defender antivirus definitions every night.

You want to implement a centralized solution for the management of the Windows Defenderupdates. Your solution must reduce the bandwidth used for downloading the updates andminimize costs.

What should you use to manage the Windows Defender antivirus definitions?

A. Microsoft System Center 2012 Operations Manager B. Windows Server Update Services (WSUS) C. Microsoft System Center 2012 Endpoint Protection D. Microsoft System Center 2012 Configuration Manager


QUESTION NO: 33

You work for a company named Testking.com. Your role of Network Administrator includes themanagement of the companys Windows 2012 Active Directory Domain Services (AD DS) domain. All servers in the network run Windows Server 2012. All client computers run either Windows 7 orWindows 8.

You are implementing Network Access Protection (NAP) in the network. You need to create apolicy that allows only client computers that have up-to-date security patches to connect tonetwork servers and the Internet. All non-compliant client computers should only be able toconnect to a server running Window Server Update Services (WSUS) to download the requiredupdates.

You divide the network into three VLANs. You place the WSUS server in one VLAN. You placeall client computers in another VLAN. You then place all network servers into a third VLAN. Only



the third VLAN can connect to the Internet.

You need to restrict client computers access to either the VLAN containing the WSUS server orthe VLAN containing the other network servers according to their security update policycompliance.

You need to configure a Network Access Protection (NAP) enforcement method.

Which NAP enforcement method should you use?

A. You should configure NAP Enforcement for 802.1X. B. You should configure NAP Enforcement for VPN. C. You should configure NAP Enforcement for DHCP. D. You should configure NAP Enforcement for Terminal Services. E. You should configure NAP Enforcement for IPSec Communications.


QUESTION NO: 34

You work for a company named Testking.com. Your role of Network Administrator includes themanagement of the companys Windows 2012 Active Directory Domain Services (AD DS) domain. All servers in the network run Windows Server 2012.

The network includes a Windows Server 2012 server named TK-File1. TK-File1 runs the File andStorage Services server role.

You need to increase the file storage space on TK-File1. You attach four new physical hard disksto TK-File1.

You need to configure the disks to ensure that no data is lost in the event of a single disk failurewhile maximizing the storage space that can be used on the disks.

How should you configure the disks?

A. Create two storage pools each with two physical disks then create a storage space using themirror option. B. Create a single storage pool using all four disks then create a storage space using the mirroroption.



C. Create a single storage pool using all four disks then create a storage space using the parityoption. D. Create four storage pools each with one physical disk then create a storage space using theparity option.


QUESTION NO: 35

You work as a Network Administrator for Testking.com. The network consists of a single WindowsServer 2012 Active Directory Domain Services (AD DS) domain named Testking.com. Thecompany has a main office and four branch offices. All offices are connected to each other byreliable WAN links. All servers in the domain run Windows Server 2012.

The main office contains 5,000 computers. The branch offices each contain 400 computers.

You are planning to deploy Microsoft System Center 2012 Configuration Manager (SCCM) toenable the centralized management of all computers on the network. You plan to install newservers in each office to run SCCM components.

The main office will be configured as the Central Administration Site. You need to deploy theappropriate SCCM component to the branch offices.

Which SCCM component is recommended in this scenario?

A. A primary site server running all SCCM roles. B. A secondary site server running all SCCM roles. C. A management point server. D. A distribution point.


QUESTION NO: 36




You have recently implemented Microsoft System Center 2012 Virtual Machine Manager tomanage Windows Server 2012 Hyper-V host servers.

You are configuring Virtual Machine Manager Self-service Portal (VMMSSP) to enable thedeployment of Windows Server 2012 Virtual Machines (VMs).

You need to create to create a virtual machine template to deploy the Windows Server 2012 VMs.

Which three of the following components must be included in the VM template? (Choose three).

A. A Host Profile. B. A Guest OS Profile. C. A Hardware Profile. D. An Application Profile. E. A VHD.

Answer: B,C,EExplanation:

QUESTION NO: 37

You work for a company named Testking.com. Your role of Network Administrator includes themanagement of the companys Active Directory Domain Services (AD DS) domain.

You have recently upgraded the companys Windows Server 2008 R2 servers to Windows Server2012. You now plan to deploy additional Windows Server 2012 servers.

You plan to use the Windows Assessment and Deployment Kit (Windows ADK) suite of tools andthe Windows Deployment Services (WDS) server role for the management and deployment ofserver images to new servers.

By using Windows ADK and WDS, which of the following will you NOT be able to achieve?

A. You will not be able to add software packages to the server deployment images. B. You will not be able to add drivers to the server deployment images. C. You will not be able to perform Wake On LAN zero touch installations on bare-metal servers. D. You will not be able modify the server deployment images.




QUESTION NO: 38


You are configuring Windows Deployment Services (WDS) to deploy 80 new Windows Server2012 servers.

You plan to deploy 40 servers running the Full Installation of Windows Server 2012 and 40 serversrunning the Server Core installation of Windows Server 2012.

Some servers running the full installation will be configured as Domain Controllers running theActive Directory Domain Services and DNS Server roles.

The remaining servers running the full installation will be configured as file servers running the Fileand Storage Services role.

Some servers running the server core installation will be configured virtual machine host serversrunning the Hyper-V role.

The remaining servers running the server core installation will be configured as web serversrunning the Web Server (IIS) role.

Which of the following describes the minimum number of images you need to create to deploy theservers?

A. Two images in total - one image for the Full Installations and one image for the Server CoreInstallations. B. Two images in total - one image for the Domain Controllers and one image for all otherinstallations. C. Three images in total - one image for the Domain Controllers, one image for the other FullInstallations and one image for the Server Core Installations. D. Four images in total - one image for each server role configuration. E. One image in total for all configurations.




QUESTION NO: 39


A Windows Server 2012 server named TK-Array1 is connected to an external disk storage array. TK-Array1 runs the iSCSI Target Server role service.

You are configuring a new Windows Server 2012 file server named TK-File06. You need toconfigure an area of storage on the storage array to appear as a local disk on TK-File06.

Which two of the following actions should you perform? (Choose two).

A. Configure a Storage Pool on TK-Array1. B. Install the iSCSI Initiator Service on TK-File06. C. Install the iSCSI Target Server role service on TK-File06. D. Create an iSCSI Target on TK-Array1. E. Create an iSCSI Target on TK-File06.


QUESTION NO: 40

You work as a Network Administrator for Testking.com. The network consists of a single WindowsServer 2012 Active Directory Domain Services (AD DS) domain named Testking.com.

The company has a main office in New York and branch offices in Miami, Dallas and Seattle. Thebranch offices all connect to the main office by fast WAN links. An Active Directory Site exists foreach location. All servers in the domain run Windows Server 2012.

Each branch office has a single domain controller. The main office has eight domain controllers.

The domain controller in the Miami office is taken offline to have the hardware upgraded. Youdiscover that users logging in in the Miami office are being authenticated by the Seattle officedomain controller.



You need to ensure that branch office users are authenticated by main office domain controllers inthe event of a branch office domain controller going offline.

What should you do?

A. You should disable site link bridging. B. You should modify the DNS service location (SRV) records for the branch office domaincontrollers. C. You should configure the DC Locator DNS records not registered by the DCs setting for thebranch office domain controllers. D. You should configure the DC Locator DNS records not registered by the DCs setting for themain office domain controllers.


QUESTION NO: 41

You have been hired to deploy an Active Directory forest for a new company.

The company has three offices. Each office has two subnets connected by a router. Each officehas 1000 employees. The three offices connect to each other using slow WAN links.

Your Active Directory design must minimize Active Directory replication traffic over the WAN links. You also need to ensure that users in each office are authenticated by a domain controller in thelocal office.

What should you include in your Active Directory design? (Choose two)

A. One Active Directory domain. B. Three Active Directory domains. C. Six Active Directory domains. D. One Active Directory site. E. Three Active Directory sites. F. Six Active Directory sites.




QUESTION NO: 42

You work as a Network Administrator for Testking.com. The network consists of a single WindowsServer 2003 R2 Active Directory domain named Testking.com. All servers in the domain runWindows Server 2003 R2.

The company has a main office in London. A domain controller named TK-LonDC1 in the Londonoffice runs all the FSMO roles.

A branch office in Madrid is connected to the main office by a reliable WAN link. A server namedTK-MadDC1 is configured as a domain controller in the Madrid office.

The company plans to open a branch office in Barcelona. The Barcelona office connects to theMadrid office by a reliable WAN link.

An Active Directory site exists for each of the three offices.

You plan to install a read-only domain controller (RODC) in the Barcelona office.

What would you need to do before you can deploy an RODC in the Barcelona office?

A. Replace TK-LonDC1 with a Windows Server 2012 domain controller. B. Configure a site link between the Barcelona and London sites. C. Replace TK-MadDC1 with a Windows Server 2012 domain controller. D. Enable site link bridging in the Madrid site.


QUESTION NO: 43


You are configuring a Windows Server 2012 server named TK-Branch1 for a new branch office. The branch office has a WAN connection to the main office. 20 users work in the branch officeand all have Windows 8 client computers.

The branch office has four network print devices. One of the functions of TK-Branch1 will be to



host shared printers for the branch office print devices.

You need to ensure that users in the branch office can still print if TK-Branch1 fails or is takenoffline for maintenance.

What should you configure?

A. Internet Printing. B. Client-Side Rendering (CSR). C. Printer pooling. D. Branch Office Direct Printing.


QUESTION NO: 44

You work as a Network Administrator at Testking.com. The network consists of a single WindowsServer 2012 Active Directory Domain Services (AD DS) domain named Testking.com. Thecompany has a main office and a branch office. The two offices are connected by a slow WANlink.

All servers run Windows Server 2012 and all client computers run Windows 7 Professional. Allservers are located in the main office.

The main office contains a Windows Server 2012 server named TK-File1. TK-File1 runs the FileServices role and hosts shared folders for the main office users and the branch office users.

You experience problems with the WAN link due to the excessive bandwidth being used by branchoffice client computers accessing files on TK-File1.

Which two of the following actions should you perform to minimize the bandwidth used by branchoffice client computers accessing files on TK-File1? (Choose two).

A. Disable File Sharing on TK-File1. B. Configure BranchCache on TK-File1. C. Configure the Distributed File System (DFS) role on TK-File1. D. Enable BranchCache is hosted cache mode on the branch office client computers. E. Enable BranchCache is distributed cache mode on the branch office client computers.




QUESTION NO: 45


You want to delegate control of a custom task on several organizational units (OUs) to a usernamed Mia. However you discover that the custom task that you want to delegate is not listed inthe list of tasks.

How can you add the custom task to the list of available tasks to delegate?

A. By adding Mia to the Schema Admins group in the domain. B. By modifying the Active Directory Schema by adding a new class. C. By adding an Administrative Template to the Central Policy Definitions Store. D. By adding the custom task to the Delegwiz.inf file.


QUESTION NO: 46

You work as a Network Administrator at Testking.com. The network consists of a single ActiveDirectory Domain Services (AD DS) forest. The functional level of the forest is Windows Server2003.

The forest contains several domains. All domain controllers in the forest run Windows Server2008 or Windows Server 2008 R2. The functional level of each domain is Windows Server 2008.

You plan to deploy Windows Server 2012 Read Only Domain Controllers (RODCs) in a domain. You run the adprep.exe /rodcprep command on a domain controller but receive the following errormessage:

Adprep could not contact a replica for partition DC=DomainDnsZones,DC=Testking,DC=com



Adprep failed the operation on partition DC=DomainDnsZones,DC= Testking,DC=com Skipping tonext partition.

Adprep could not contact a replica for partition DC=ForestDnsZones,DC= Testking,DC=com

Adprep encountered an LDAP error. Error code: 0x0. Server extended error code: 0x0, Servererror message: (null).

Adprep failed the operation on partition DC=ForestDnsZones,DC= Testking,DC=com Skipping tonext partition.

Adprep completed with errors. Not all partitions are updated.

What should you do to resolve the error message?

A. You should raise the forest functional level to Windows Server 2008. B. You should upgrade the domain controller hosting the Schema Master FSMO role to WindowsServer 2012. C. You should raise the domain functional level of the domain in which you want to deploy theRODC to Windows Server 2008 R2. D. You should ensure that the domain controller on which you are running the Adprep /rodcprepcommand can connect to the domain controller hosting the Infrastructure Master FSMO role ineach domain.


QUESTION NO: 47

You work as a Network Administrator at Testking.com. The network consists of a single WindowsServer 2012 Active Directory Domain Services (AD DS) domain named Testking.com. Thefunctional level of the Testking.com domain and forest is Windows Server 2012.

You plan to create a second Active Directory forest for development purposes. The developmentforest will contain several domains. The functional level of the development forest is WindowsServer 2003.

You need to configure Active Directory trusts to ensure that the Domain Admins group in theTestking.com domain can manage group policy objects (GPOs) in all the domains in thedevelopment forest. The number of trusts should be minimized.



How should you configure the trusts?

A. You should configure a one-way shortcut trust between every development domain and theTestking.com domain. B. You should configure a one-way external trust between the root domain in the developmentforest and the Testking.com domain. C. You should configure a one-way forest trust where the development forest trusts theTestking.com forest. D. You should configure a one-way forest trust where the Testking.com forest trusts thedevelopment forest. E. You should configure a two-way forest trust.


QUESTION NO: 48


Users in the domain have either portable laptop computers that they can take away from the officeor desktop computers that cannot be removed from the network. All client computers havecomputer accounts located in an organizational unit (OU) named ClientsOU.

You need to enforce stricter security policies on the laptop computers than on the desktopcomputers.

You configure a group policy object (GPO) with the required security settings for the laptops.

How can you ensure that the GPO is applied only to laptop computers?

A. By applying a WMI filter. B. By modifying the permissions of the GPO. C. By configuring loopback processing. D. By modifying the GPO order of precedence.




QUESTION NO: 49


Users in the domain have portable laptop computers that run Windows 7. Client computers havecomputer accounts spread across several organizational units (OUs).

Several group policy objects (GPOs) are applied at the domain level. A GPO namedAllClientsGPO contains settings that should be applied to the client computers.

The company opens a new Research department. All client computers in the Researchdepartment have computer accounts in an OU named ResearchClients.

You configure a GPO named ResearchClientsGPO that has security settings for the clientcomputers in the Research department. You link the GPO to the Research OU.

You need to ensure that only AllClientsGPO and ResearchClientsGPO are applied to the clientcomputers in the Research department. No other GPOs linked at the domain level should apply tothe client computers in the Research department.

Which two of the following actions should you perform? (Choose two).

A. Select the Block Inheritance option on the ResearchClients OU. B. Link ResearchClientsGPO to the domain. C. Disable the domain-level link for AllClientsGPO and link it to the ResearchClients OU. D. Enable the Enforced option on ResearchClientsGPO. E. Enable the Enforced option on AllClientsGPO.

Answer: A,EExplanation:

QUESTION NO: 50

You are deploying an Active Directory network for a company named Testking.com. The companyhas an Internet accessible website named www.testking.com. The Testking.com domain is hostedby the companys ISP. The Testking.com DNS zone contains many records for Internetaccessible resources.



You need to design an Active Directory infrastructure. You need to plan Active Directory forestand domain names with a DNS infrastructure that enables users to resolve the names of Internetresources that use the Testking.com DNS suffix.

Administrative effort associated with the management of DNS records should be minimized.

How should you configure the Active Directory?

A. You should create a single-domain forest named Testking.com. B. You should create a single-domain forest named Testking.local. C. You should create a forest with a root domain named Testking.local and a subdomain namedTestking.com. D. You should create a forest with a root domain named Testking.com and a subdomain namedAD.Testking.com.




Documents

70-413