getcertified4sure.com

70-413 Exam

Facts about pdf 70-413



Cause all that matters here is passing the Microsoft 70-413 exam. Cause all that you need is a high score of 70-413 Designing and Implementing a Server Infrastructure exam. The only one thing you need to do is downloading Actualtests 70-413 exam study guides now. We will not let you down with our money-back guarantee.

2021 Dec 70-413:

Q71. - (Topic 8) 

Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server server role installed. 

You configure Server1 as part of a Network Access Protection (NAP) solution that uses the 

802.lx enforcement method, 

You add a new switch to the network and you configure the switch to use 802.lx authentication. 

You need to ensure that only compliant client computers can access network resources through the new switch. 

What should you do on Server1? 

A. Add the IP address of each new switch to a remediation server group. 

B. Add the IP address of each new switch to the list of RADIUS clients. 

C. Add the IP address of each new switch to a connection request policy as an Access Client IPv4 Address. 

D. Add the IP address of each new switch to a remote RADIUS server group. 

Answer:

Explanation: 802.1X and RADIUS-compliant APs (Acess Points), when they are deployed in a RADIUS infrastructure with a RADIUS server such as an NPS server, are called RADIUS clients. 


Q72. - (Topic 1) 

You are planning the implementation of two new servers that will be configured as RADIUS servers. 

You need to recommend which configuration must be performed on the VPN servers. The solution must meet the technical requirements. 

What should you do on each VPN server? 

A. Add a RADIUS client. 

B. Install the Health Registration Authority role service. 

C. Enable DirectAccess. 

D. Modify the authentication provider. 

Answer:

Explanation: 

* Implement RADIUS authentication for VPN connections. 

* The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users' credentials must be passed from the web applications to the SQL Server. 


Q73. - (Topic 8) 

Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table. 

All client computers run either Windows 7 or Windows 8. 

The corporate security policy states that all of the client computers must have the latest security updates installed. 

You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3. 

Solution: You implement the DHCP Network Access Protection (NAP) enforcement method. 

Does this meet the goal? 

A. Yes 

B. No 

Answer:

Explanation: Implementing DHCP NAP to Enforce WSUS Updates 


Q74. - (Topic 7) 

You need to implement the Microsoft Azure migration plan. What should you do? 

A. On Microsoft Azure, install and configure System Center 2012 R2 Virtual Machine Manager. 

B. On an on-premises server, install and configure System Center 2012 R2 Service Manager. 

C. On an on-premises server, install and configure System Center 2012 R2 App Controller. 

D. On an on-premises server, install and configure Windows Deployment Services. 

E. On Microsoft Azure, install and configure System Center 2012 R2 Orchestrator. 

Answer:

Explanation: 

* Scenario: Azure migration The company plans to migrate existing services, including System Center management servers, to Azure. To reduce costs, the migration must use the minimum number of Azure VM instances to migrate the services. 

Reference: Understanding App Controller 2012 


Q75. - (Topic 6) 

You need to plan the migration of App1. What should you do? 

A. Install App1 on drive C. Move all of the data that supports App1 to drive D. 

B. Expand the size of drive C Install App1 and all of the data that supports the app on drive C 

C. Install App1 on drive D. Move all of the data that supports App1 to an additional data drive. 

D. Install App1 on drive C. Move all of the data that supports App1 to an additional data drive. 

Answer:


Abreast of the times 70-413:

Q76. DRAG DROP - (Topic 8) 

Your company plans to deploy a remote access solution to meet the following requirements: 

. Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on. 

. Ensure that client computers that run Windows Vista or earlier can connect remotely. 

. Ensure that non-domain-joined computers can connect remotely by using TCP port 443. 

You need to identify which remote access solutions meet the requirements. 

Which solutions should you identify? 

To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content. 

Answer: 


Q77. - (Topic 3) 

You need to ensure that NAP meets the technical requirements. 

Which role services should you install? 

A. Network Policy Server, Health Registration Authority and Host Credential Authorization Protocol 

B. Health Registration Authority, Host Credential Authorization Protocol and Online Responder 

C. Certification Authority, Network Policy Server and Health Registration Authority 

D. Online Responder, Certification Authority and Network Policy Server 

Answer:

Explanation: 

* Scenario: 

Implement Network Access Protection (NAP). 

Ensure that NAP with IPSec enforcement can be configured. 

* Health Registration Authority 

Applies To: Windows Server 2008 R2, Windows Server 2012 

Health Registration Authority (HRA) is a component of a Network Access Protection (NAP) 

infrastructure that plays a central role in NAP Internet Protocol security (IPsec) 

enforcement. 

HRA obtains health certificates on behalf of NAP clients when they are compliant with 

network health requirements. These health certificates authenticate NAP clients for IPsec-protected communications with other NAP clients on an intranet. If a NAP client does not 

have a health certificate, the IPsec peer authentication fails and the NAP client cannot 

initiate communication with other IPsec-protected computers on the network. 

HRA is installed on a computer that is also running Network Policy Server (NPS) and 

Internet 

Information Services (IIS). If they are not already installed, these services will be added when you install HRA. 

Reference: Health Registration Authority 


Q78. - (Topic 8) 

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The forest functional level is Windows Server 2012. 

Your company plans to deploy an application that will provide a search interface to users in the company. The application will query the global catalog for the Employee-Number attribute. 

You need to recommend a solution to ensure that the application can retrieve the Employee-Number value from the global catalog. 

What should you include in the recommendation? 

A. the Dsmod command 

B. the Ldifde command 

C. the Enable-ADOptionalFeaturecmdlet 

D. the Csvde command 

Answer:

Explanation: Ldifde Creates, modifies, and deletes directory objects. You can also use ldifde to extend the schema, export Active Directory user and group information to other applications or services, and populate Active Directory Domain Services (AD DS) with data from other directory services. Ldifde -l <LDAPAttributeList> Sets the list of attributes to return in the results of an export query. If you do not specify this parameter, the search returns all attributes. 

Incorrect: 

Not C: 

Optional feature: A non-default behavior that modifies the Active Directory state model. 


Q79. - (Topic 8) 

You have a server named Server1 that runs Windows Server 2012. Server1 has the DNS Server server role installed. 

You need to recommend changes to the DNS infrastructure to protect the cache from cache poisoning attacks. 

What should you configure on Server1? 

A. DNS cache locking 

B. The global query block list 

C. DNS Security Extensions (DNSSEC) 

D. DNS devolution 

Answer:

Explanation: Ache locking is a new feature available if your DNS server is running Windows Server 2008 R2. When you enable cache locking, the DNS server will not allow cached records to be overwritten for the duration of the time to live (TTL) value. Cache locking provides for enhanced security against cache poisoning attacks. 


Q80. - (Topic 1) 

You need to recommend a solution for DHCP logging. The solution must meet the technical requirement. 

What should you include in the recommendation? 

A. Event subscriptions 

B. IP Address Management (IPAM) 

C. DHCP audit logging 

D. DHCP filtering 

Answer:

Explanation: * Scenario: A central log of the IP address leases and the users associated to those leases must be created. 

* Feature description IPAM in Windows Server 2012 is a new built-in framework for discovering, monitoring, auditing, and managing the IP address space used on a corporate network. IPAM provides for administration and monitoring of servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name Service (DNS). IPAM includes components for: 

. Automatic IP address infrastructure discover)': IPAM discovers domain controllers, DHCP servers, and DNS servers in the domains you choose. You can enable or disable management of these servers by IPAM. 

. Custom IP address space display, reporting, and management: The display of IP addresses is highly customizable and detailed tracking and utilization data is available. IPv4 and IPv6 address space is organized into IP address blocks, IP address ranges, and individual IP addresses. IP addresses are assigned built-in or user-defined fields that can be used to further organize IP address space into hierarchical, logical groups. 

. Audit of server configuration changes and tracking of IP address usage: Operational events are displayed for the IPAM server and managed DHCP servers. IPAM also enables IP address tracking using DHCP lease events and user logon events collected from Network Policy Server (NPS), domain controllers, and DHCP servers. Tracking is available by IP address, client ID, host name, or user name. 

. Monitoring and management of DHCP and DNS services: IPAM enables automated service availability monitoring for Microsoft DHCP and DNS servers across the forest. DNS zone health is displayed, and detailed DHCP server and scope management is available using the IPAM console. 

Reference: IP Address Management (IPAM) Overview 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.