Free 070-413 Questions for Microsoft Designing and Implementing a Server Infrastructure 070-413 Exam as PDF & Practice Test Engine
You are the administrator for a large company. You plan to implement servers in the environment that do not use local hard drives.
You need to recommend a supported storage solution.
Which technology should you recommend?
You need to recommend a supported storage solution.
Which technology should you recommend?
Correct Answer: C
Vote an answer
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
Correct Answer: A
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
DRAG DROP
You need to configure the replication of user credentials for the Great Britain division.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
You need to configure the replication of user credentials for the Great Britain division.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
Correct Answer:
It should be:
Launch the active directory users and computers applet by using domain admin credentials Add the existing users to the replication list and set access level to deny.
On GLA-DC, configure the LON-DC1 account.
Topic 3, Contoso Ltd Case A
Overview
Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is migrating to Windows Server 2012.
The company has two main offices and two branch offices. The main offices are located in Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other branch office is a research office located in Brussels.
The offices connect to each other by using a WAN link.
Current Environment
Active Directory
The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office.
The forest contains a child domain named research.contoso.com.
The functional level of both the domains is Windows Server 2008.
In each site, there are two domain controllers for the contoso.com domain and two domain controllers for the research.contoso.com domain. The domain controllers run Windows Server
2008 R2.
All of the domain controllers are global catalog servers.
The FSMO roles were not moved since the domains were deployed.
Network Infrastructure
All servers run Windows Server 2008 R2.
Each user has a laptop computer that runs Windows 7.
The company has 10 print servers. Each print server contains several shared printers.
The company has 10 file servers that have the following disk configurations:
*A simple volume named C that is the System and Boot volume and is formatted NTFS
*A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
*A simple volume named D that is formatted FAT32
*A simple volume named E that is formatted NTFS
*A Clustered Shared Volume (CSV)
The Paris office contains a server named PA1. The Amsterdam office contains a server named AM1.
Both servers have the following server roles installed:
*DNS Server
*DHCP Server
*Remote Access
The DNS servers are configured to use the DNS servers of the company's Internet Service Provider (ISP) as forwarders.
Users often work remotely. The users access the internal network by using an SSTP-based VPN connection.
Requirements
Planned Changes
The company plans to implement the following changes:
*Create a child domain named sales.contoso.com. Only the domain controllers in sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012. The client computers in sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
*Implement two servers in the Amsterdam office and two servers in the Paris office to replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have shared storage.
*Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
*Migrate the existing print queues to virtualized instances of Windows Server
2012.
*Migrate the file servers to new servers that run Windows Server 2012.
*Implement RADIUS authentication for VPN connections.
*Deploy Windows Server 2012 to all new servers.
Technical Requirements
The company identifies following technical requirements:
*All changes to Group Policies must be logged.
*Network Access Protection (NAP) policies must be managed centrally.
*Core networking services in each office must be redundant if a server
fails.
*The possibility of IP address conflicts during the DHCP migration must be minimized.
*A central log of the IP address leases and the users associated to those leases must be created.
*All of the client computers must be able to resolve internal names and internet names.
*Administrators in the Paris office need to deploy a series of desktop
restrictions to the entire company by using Group Policy.
*The new sales.contoso.com domain will contain a web application that
will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users' credentials must be passed from the web applications to the SQL Server.
Launch the active directory users and computers applet by using domain admin credentials Add the existing users to the replication list and set access level to deny.
On GLA-DC, configure the LON-DC1 account.
Topic 3, Contoso Ltd Case A
Overview
Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is migrating to Windows Server 2012.
The company has two main offices and two branch offices. The main offices are located in Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other branch office is a research office located in Brussels.
The offices connect to each other by using a WAN link.
Current Environment
Active Directory
The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office.
The forest contains a child domain named research.contoso.com.
The functional level of both the domains is Windows Server 2008.
In each site, there are two domain controllers for the contoso.com domain and two domain controllers for the research.contoso.com domain. The domain controllers run Windows Server
2008 R2.
All of the domain controllers are global catalog servers.
The FSMO roles were not moved since the domains were deployed.
Network Infrastructure
All servers run Windows Server 2008 R2.
Each user has a laptop computer that runs Windows 7.
The company has 10 print servers. Each print server contains several shared printers.
The company has 10 file servers that have the following disk configurations:
*A simple volume named C that is the System and Boot volume and is formatted NTFS
*A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
*A simple volume named D that is formatted FAT32
*A simple volume named E that is formatted NTFS
*A Clustered Shared Volume (CSV)
The Paris office contains a server named PA1. The Amsterdam office contains a server named AM1.
Both servers have the following server roles installed:
*DNS Server
*DHCP Server
*Remote Access
The DNS servers are configured to use the DNS servers of the company's Internet Service Provider (ISP) as forwarders.
Users often work remotely. The users access the internal network by using an SSTP-based VPN connection.
Requirements
Planned Changes
The company plans to implement the following changes:
*Create a child domain named sales.contoso.com. Only the domain controllers in sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012. The client computers in sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
*Implement two servers in the Amsterdam office and two servers in the Paris office to replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have shared storage.
*Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
*Migrate the existing print queues to virtualized instances of Windows Server
2012.
*Migrate the file servers to new servers that run Windows Server 2012.
*Implement RADIUS authentication for VPN connections.
*Deploy Windows Server 2012 to all new servers.
Technical Requirements
The company identifies following technical requirements:
*All changes to Group Policies must be logged.
*Network Access Protection (NAP) policies must be managed centrally.
*Core networking services in each office must be redundant if a server
fails.
*The possibility of IP address conflicts during the DHCP migration must be minimized.
*A central log of the IP address leases and the users associated to those leases must be created.
*All of the client computers must be able to resolve internal names and internet names.
*Administrators in the Paris office need to deploy a series of desktop
restrictions to the entire company by using Group Policy.
*The new sales.contoso.com domain will contain a web application that
will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users' credentials must be passed from the web applications to the SQL Server.
DRAG DROP
Your company plans to deploy a remote access solution to meet the following requirements:
Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
Ensure that client computers that run Windows Vista or earlier can connect remotely.
Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements.
Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Your company plans to deploy a remote access solution to meet the following requirements:
Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
Ensure that client computers that run Windows Vista or earlier can connect remotely.
Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements.
Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Correct Answer:
Box 1: Direct Access
Box 2: L2TP VPN
Box 3: SSTP VPN
Note:
*Direct is supported in Windows 7 and newer so second answer is not correct it should be L2TP VPN.
* DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN).
* Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows Vista and Windows XP remote access clients, and VPN server support for L2TP is built in to members of the Windows Server 2008 and Windows Server 2003 family.
* Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key- negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers.
Box 2: L2TP VPN
Box 3: SSTP VPN
Note:
*Direct is supported in Windows 7 and newer so second answer is not correct it should be L2TP VPN.
* DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN).
* Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows Vista and Windows XP remote access clients, and VPN server support for L2TP is built in to members of the Windows Server 2008 and Windows Server 2003 family.
* Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key- negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers.
You need to recommend a solution that meets the security requirements.
Which schema attribute properties should you recommend modifying?
Which schema attribute properties should you recommend modifying?
Correct Answer: D
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
You have a server named DNS1 that runs Windows Server 2012. DNS1 has the DNS server role installed.
You need to recommend changes to the DNS I to prevent several names from being registered in DNS.
What should you configure on DNS1?
You need to recommend changes to the DNS I to prevent several names from being registered in DNS.
What should you configure on DNS1?
Correct Answer: C
Vote an answer
You are designing an Active Directory forest for a company named Contoso, Ltd. Contoso identifies the following administration requirements for the design:
User account administration and Group Policy administration will be performed by network technicians.
The technicians will be added to a group named OUAdmins.
IT staff who are responsible for backing up servers will have user accounts that are members of the Backup Operators group in the domain.
All user accounts will be located in an organizational unit (OU) named AllEmployees.
You run the Delegation of Control Wizard and assign the OUAdmins group full control to all of the objects in the AllEmployeesOU.
After delegating the required permissions, you discover that the user accounts of some of the IT staff have inconsistent permissions on the objects in AllEmployees.
You need to recommend a solution to ensure that the members of OUAdmins can manage all of the objects in AllEmployees.
What should you include in the recommendation?
User account administration and Group Policy administration will be performed by network technicians.
The technicians will be added to a group named OUAdmins.
IT staff who are responsible for backing up servers will have user accounts that are members of the Backup Operators group in the domain.
All user accounts will be located in an organizational unit (OU) named AllEmployees.
You run the Delegation of Control Wizard and assign the OUAdmins group full control to all of the objects in the AllEmployeesOU.
After delegating the required permissions, you discover that the user accounts of some of the IT staff have inconsistent permissions on the objects in AllEmployees.
You need to recommend a solution to ensure that the members of OUAdmins can manage all of the objects in AllEmployees.
What should you include in the recommendation?
Correct Answer: B
Vote an answer
HOT SPOT
Your company has four offices. The offices are located in Montreal, Seattle, New York, and Miami.
Users access all of the web-based resources by using web proxy servers. The IP addresses of the web proxies at each office are configured as shown in the following table.
The connections to the web proxies are balanced by using round-robin DNS.
The company plans to deploy a new application. The new application has a farm of front-end web servers that connect to a back-end application server. When a session to a web server is established, the web server stores data until the session closes. Once the session closes, the data is sent to the application server.
You need to ensure that the incoming sessions to the web server farm are distributed among the web servers. The solution must ensure that if a web server fails, the users are NOT directed to the failed server.
How should you configure the port rule? To answer, select the appropriate options in the answer area.
Your company has four offices. The offices are located in Montreal, Seattle, New York, and Miami.
Users access all of the web-based resources by using web proxy servers. The IP addresses of the web proxies at each office are configured as shown in the following table.
The connections to the web proxies are balanced by using round-robin DNS.
The company plans to deploy a new application. The new application has a farm of front-end web servers that connect to a back-end application server. When a session to a web server is established, the web server stores data until the session closes. Once the session closes, the data is sent to the application server.
You need to ensure that the incoming sessions to the web server farm are distributed among the web servers. The solution must ensure that if a web server fails, the users are NOT directed to the failed server.
How should you configure the port rule? To answer, select the appropriate options in the answer area.
Correct Answer:
You need to recommend a remote access solution that meets the VPN requirements.
Which role service should you include in the recommendation?
Which role service should you include in the recommendation?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
You are attempting to resolve the DNS cache attack issue.
You need to identify which DNS servers have DNS cache locking disabled.
Which Windows PowerShell cmdlet should you run?
You need to identify which DNS servers have DNS cache locking disabled.
Which Windows PowerShell cmdlet should you run?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
You have a Hyper-V host named Hyper1 that has Windows Server 2012 installed. Hyper1 hosts 20 virtual machines.
Hyper1 has one physical network adapter.
You need to implement a networking solution that evenly distributes the available bandwidth on Hyper1 to all of the virtual machines.
What should you modify?
Hyper1 has one physical network adapter.
You need to implement a networking solution that evenly distributes the available bandwidth on Hyper1 to all of the virtual machines.
What should you modify?
Correct Answer: C
Vote an answer
You create the new site for the Research subnet.
You need to configure the replication infrastructure for the new site. The solution must meet the technical requirements.
What should you do?
You need to configure the replication infrastructure for the new site. The solution must meet the technical requirements.
What should you do?
Correct Answer: B
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server
2008 R2. All domain controllers are installed on physical servers. The network contains several Hyper-V hosts.
The network contains a Microsoft System Center 2012 infrastructure.
You plan to use domain controller cloning to deploy several domain controllers that will run Windows Server 2012.
You need to recommend which changes must be made to the network infrastructure before you can use domain controller cloning.
What should you recommend?
2008 R2. All domain controllers are installed on physical servers. The network contains several Hyper-V hosts.
The network contains a Microsoft System Center 2012 infrastructure.
You plan to use domain controller cloning to deploy several domain controllers that will run Windows Server 2012.
You need to recommend which changes must be made to the network infrastructure before you can use domain controller cloning.
What should you recommend?
Correct Answer: C
Vote an answer
Explanation: Only visible for ExamDiscuss members. You can sign-up / login (it's free).
DRAG DROP
Your network contains servers that run Windows Server 2012. The network contains two servers named Server1 and Server2 that are connected to a SAS storage device. The device only supports two connected computers.
Server1 has the iSCSI Target Server role service installed. Ten application servers use their iSCSI Initiator to connect to virtual disks in the SAS storage device via iSCSI targets on Server1.
Currently, Server2 is used only to run backup software.
You install the iSCSI Target Server role service on Server2.
You need to ensure that the iSCSI targets are available if Server1 fails.
Which five actions should you perform?
To answer, move the five appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Your network contains servers that run Windows Server 2012. The network contains two servers named Server1 and Server2 that are connected to a SAS storage device. The device only supports two connected computers.
Server1 has the iSCSI Target Server role service installed. Ten application servers use their iSCSI Initiator to connect to virtual disks in the SAS storage device via iSCSI targets on Server1.
Currently, Server2 is used only to run backup software.
You install the iSCSI Target Server role service on Server2.
You need to ensure that the iSCSI targets are available if Server1 fails.
Which five actions should you perform?
To answer, move the five appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Correct Answer:
Reference: http://blogs.msdn.com/b/clustering/archive/2012/05/01/10299698.aspx
0
0
0
10