70-413 Exam
The Secret of microsoft 70 413
Best Quality of 70 413 exam free practice test materials and braindump for Microsoft certification for IT examinee, Real Success Guaranteed with Updated 70 413 pdf pdf dumps vce Materials. 100% PASS Designing and Implementing a Server Infrastructure exam Today!
Q31. - (Topic 8)
A company has a single-forest and single Active Directory Domain Services (AD DS) domain named Fabrikam.com that runs Windows 2012 Server. The AD DS forest functional level and the domain functional level are both set to Windows 2008 R2. You use IP Address Management (IPAM) as the IP management solution. You have two DHCP Servers named DHCP1 and DHCP2, and one IPAM server named IPAM1.
The company plans to acquire a company named Contoso, Ltd., which has a single-forest and single-domain AD DS named contoso.com. The forest functional level and domain functional level of Contoso.com is set to Windows 2008. All servers at Contoso run Windows Server 2008. The IP management solution at Contoso is based on a single DHCP server named SERVER3.
The total number of users in both companies will be 5000.
You have the following requirements:
. The solution must be able to allocate up to three IP addresses per user.
. All IP address leases must be renewed every two days. You need to ensure that the corresponding servers will have enough capacity to store six years of IP utilization data and eight months of event catalog data.
What should you recommend?
A. Add at least 20 GB of storage to the IPAM server.
B. Migrate Contoso.com to Fabrikam.com.
C. Establish a forest trust between Contoso.com and Fabrikam.com.
D. Upgrade SERVER3 to Windows Server 2012.
Answer: D
Q32. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The physical
topology of the network is configured as shown in the exhibit.
Each office contains 500 employees.
You plan to deploy several domain controllers to each office.
You need to recommend a site topology for the planned deployment.
What should you include in the recommendation?
More than one answer choice may achieve the goal. Select the BEST answer.
Exhibit
A. Five sites and one site link
B. Three sites and three site links
C. One site
D. Five sites and three site links
Answer: D
Explanation:
Create a site for each LAN, or set of LANs, that are connected by a high speed backbone, and assign the site a name. Connectivity within the site must be reliable and always available. This would mean 5 sites Site links are transitive, so if site A is connected to site B, and site B is connected to site C, then the KCC assumes that domain controllers in site A can communicate with domain controllers in site C. You only need to create a site link between site A and site C if there is in fact a distinct network connection between those two sites. This would mean 3 sitelinks So answer is "Five sites and three site links"
Reference: Defining Sites and Site Links http://technet.microsoft.com/en-us/library/cc960573.aspx
Q33. - (Topic 3)
You need to recommend a remote access solution that meets the VPN requirements.
Which role service should you include in the recommendation?
A. Routing
B. Network Policy Server
C. DirectAccess and VPN (RAS)
D. Host Credential Authorization Protocol
Answer: B
Explanation:
Scenario:
A server that runs Windows Server 2012 will perform RADIUS authentication for all of the
VPN connections.
Ensure that NAP with IPSec enforcement can be configured.
Network Policy Server
Network Policy Server (NPS) allows you to create and enforce organization-wide network
access policies for client health, connection request authentication, and connection request
authorization. In addition, you can use NPS as a Remote Authentication Dial-In User
Service
(RADIUS) proxy to forward connection requests to a server running NPS or other RADIUS
servers that you configure in remote RADIUS server groups.
NPS allows you to centrally configure and manage network access authentication,
authorization, are client health policies with the following three features: RADIUS server.
NPS performs centralized authorization, authorization, and accounting for wireless,
authenticating switch, remote access dial-up and virtual private network (VNP)
connections. When you use NPS as a RADIUS server, you configure network access
servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. You
also configure network policies that NPS uses to authorize connection requests, and you
can configure RADIUS accounting so that NPS logs accounting information to log files on
the local hard disk or in a Microsoft SQL Server database.
Reference: Network Policy Server
Q34. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure. The domain contains two sites named Site1 and Site2. The sites connect to each other by using a 1-Mbps WAN link.
The sites contain four servers. The servers are configured as shown in the following table.
In Site2, you plan to deploy 50 Hyper-V hosts.
You need to recommend a solution to deploy the Hyper-V hosts by using VMM. The solution must minimize the amount of traffic between Site1 and Site2 during deployment.
What should you recommend?
A. On Server4, install VMM. From the Virtual Machine Manager console, add Server1 as a PXE server and add Server4 as a library server.
B. On Server4/ install VMM. From the Virtual Machine Manager console, add Server1 as a PXE server and a library server.
C. On Server4, install WDS. From the Virtual Machine Manager console, add Server4 as a PXE server and a library server.
D. On Server4, install WDS. From the Virtual Machine Manager console, add Server4 as a PXE server and add Server1 as a library server.
Answer: C
Q35. HOTSPOT - (Topic 8)
Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers.
An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers.
To which container should you assign Admin1 permissions? To answer, select the appropriate node in the answer area.
Answer:
Q36. - (Topic 8)
Your company has a main office and 20 branch offices. All of the offices connect to each other by using a WAN link.
The network contains an Active Directory forest named contoso.com. The forest contains a domain for each office. The forest root domain contains all of the server resources.
Each branch office contains two domain controllers for the branch office domain and one domain controller for the contoso.com domain.
Each branch office has a support technician who is responsible for managing the accounts of their respective office only.
You recently updated all of the WAN links to high-speed WAN links.
You need to recommend changes to the Active Directory infrastructure to meet the following requirements:
. Reduce the administrative overhead of moving user accounts between the offices.
. Ensure that the support technician in each office can manage the user accounts of their respective office.
What should you include in the recommendation? More than one answer choice may achieve the goal. Select the BEST answer.
A. Create a new child domain named corp.contoso.com. Create a shortcut trust between each child domain and corp.contoso.com.
B. Create shortcut trusts between each child domain. In the main office, add a domain controller to each branch office domain.
C. Move all of the user accounts of all the branch offices to the forest root domain. Decommission all of the child domains.
D. Create a new forest root domain named contoso.local. Move all of the user accounts of all the branch offices to the new forest root domain. Decommission all of the child domains.
Answer: C
Explanation: The most basic of all Active Directory structures is the single domain model; this type of domain structure comes with one major advantage over the other models: simplicity. A single security boundary defines the borders of the domain, and all objects are located within that boundary. The establishment of trust relationships between other domains is not necessary, and implementation of technologies such as Group Policies is made easier by the simple structure.
Q37. DRAG DROP - (Topic 8)
You manage a server named WAP01 that has the Web Application Proxy feature deployed. You deploy a web application named WebApp1 to a server named WEB01. WAP01 and WEB01 both run Microsoft Windows Server 2012 R2 and are members of the Active Directory Domain Services (AD DS) domain named corp.contoso.com.
You have the following requirements:
. WebApp1 must be available internally at URL https://webappl.corp.contoso.com by using Kerberos authentication.
. WebApp1 must be available externally at URL https://webappl.contoso.net by using Active Directory Federation Services (AD FS) authentication.
You need to configure computer accounts.
How should you complete the relevant Windows PowerShell commands? To answer, drag the appropriate Windows PowerShell segment to the correct location. Each Windows PowerShell segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q38. - (Topic 8)
Your network contains an Active Directory forest named contoso.com.
You plan to add a new domain named child.contoso.com to the forest.
On the DNS servers in child.contoso.com, you plan to create conditional forwarders that
point to the DNS servers in contoso.com.
You need to ensure that the DNS servers in contoso.com can resolve names for the
servers in child.contoso.com.
What should you create on the DNS servers in contoso.com?
A. A zone delegation
B. A conditional forwarder
C. A root hint
D. A trust point
Answer: A
Explanation: Understanding Zone Delegation
Domain Name System (DNS) provides the option of dividing up the namespace into one or
more zones, which can then be stored, distributed, and replicated to other DNS servers.
When you are deciding whether to divide your DNS namespace to make additional zones,
consider the following reasons to use additional zones:
You want to delegate management of part of your DNS namespace to another location or
department in your organization.
You want to divide one large zone into smaller zones to distribute traffic loads among
multiple servers, improve DNS name resolution performance, or create a more-fault-tolerant DNS environment.
You want to extend the namespace by adding numerous subdomains at once, for example,
to accommodate the opening of a new branch or site.
Reference: Understanding Zone Delegation
Q39. - (Topic 8)
Your company has a main office.
The network contains an Active Directory domain named contoso.com. The main office contains a server named Server1 that runs Windows Server 2012. Server1 has the Remote Access server role installed and is configured to accept incoming SSTP-based VPN connections.
All client computers run Windows 7.
The company plans to open a temporary office that will contain a server named Server2 that runs
Windows Server 2012 and has the DHCP Server server role installed. The office will also have 50 client computers and an Internet connection.
You need to recommend a solution to provide the users in the temporary office with access to the resources in the main office.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Use the Connection Manager Administration Kit (CMAK) to create a connection package that specifies Server1 as the target for SSTP-based VPN connections. Manually distribute the CMAK package to each client computer in the temporary office.
B. Install the Remote Access server role on Server2. From Routing and Remote Access on Server2, add a SSTP-based VPN port. From DHCP on Server2, configure the default gateway server option.
C. Uses the Connection Manager Administration Kit (CMAK) to create a connection package that specifies Server1 as the target for SSTP-based VPN connections. Use a Group Policy object (GPO) to distribute the CMAK package to each client computer in the temporary office.
D. Install the Remote Access server role on Server2. From Routing and Remote Access on Server2, configure a demand-dial interface. From DHCP on Server2, configure the default gateway server option.
Answer: B
Explanation:
* configure RRAS server role as a VPN server on a Windows server 2008 R2 machine. To do that, you need to first install the RRAS server role.
* in case of IPv4 the remote access client’s VPN configuration is the ONLY configuration that governs whether it has default IPv4 gateway towards VPN server or not
Reference: Remote Access Deployment – Part 2: Configuring RRAS as a VPN server
Q40. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable force tunneling.
Does this meet the goal?
A. Yes
B. No
Answer: A
Explanation: DirectAccess. DirectAccess allows connectivity to organizational network resources without the need for traditional virtual private network (VPN) connections.
DirectAccess allows remote users to securely access internal network file shares, Web sites, and applications without connecting to a virtual private network (VPN). An internal network is also known as a private network or intranet. DirectAccess establishes bi-directional connectivity with an internal network every time a DirectAccess-enabled computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the internal network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.