getcertified4sure.com

70-742 Exam

What Does 70-742 test preparation Mean?



Want to know Actualtests 70-742 Exam practice test features? Want to lear more about Microsoft Identity with Windows Server 2021 certification experience? Study Practical Microsoft 70-742 answers to Latest 70-742 questions at Actualtests. Gat a success with an absolute guarantee to pass Microsoft 70-742 (Identity with Windows Server 2021) test on your first attempt.

Q11. You have users that access web applications by using HTTPS. The web applications are located on the servers in your perimeter network. The servers use certificates obtained from an enterprise root certification authority (CA). The certificates are generated by using a custom template named WebApps. The certificate revocation list (CRL) is published to Active Directory.

When users attempt to access the web applications from the Internet, the users report that they receive a revocation warning message in their web browser. The users do not receive the message when they access the web applications from the intranet.

You need to ensure that the warning message is not generated when the users attempt to access the web applications from the Internet.

What should you do?

A. Install the Certificate Enrollment Web Service role service on a server in the perimeter network.

B. Modify the WebApps certificate template, and then issue the certificates used by the web application servers.

C. Install the Web Application Proxy role service on a server in the perimeter network. Create a publishing point for the CA.

D. Modify the CRL distribution point, and then reissue the certificates used by the web application servers.

Answer: C


Q12. Your network contains an Active Directory forest named contoso.com. The forest contains several domains.

An administrator named Admin01 installs Windows Server 2021 on a server named Server1 and then joins Server1 to the contoso.com domain.

Admin01 plans to configure Server1 as an enterprise root certification authority (CA).

You need to ensure that Admin01 can configure Server1 as an enterprise CA. The solution must use the principle of least privilege.

To which group should you add Admin01?

A. Server Operators in the contoso.com domain

B. Cert Publishers on Server1

C. Enterprise Key Admins in the contoso.com domain

D. Enterprise Admins in the contoso.com domain.

Answer: D


Q13. Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2021. The computer account for Server1 is in organizational unit (OU) named OU1.

You create a Group Policy object (GPO) named GPO1 and link GPO1 to OU1.

You need to add a domain user named User1 to the local Administrators group on Server1. Solution: From the Computer Configuration node of GPO1, you configure the Account

Policies settings.

Does this meet the goal?

A. Yes

B. No

Answer: B


Q14. You have users that access web applications by using HTTPS. The web applications are located on the servers in your perimeter network. The servers use certificates obtained from an enterprise root certification authority (CA). The certificates are generated by using a custom template named WebApps. The certificate revocation list (CRL) is published to Active Directory.

When users attempt to access the web applications from the Internet, the users report that they receive a revocation warning message in their web browser. The users do not receive the message when they access the web applications from the intranet.

You need to ensure that the warning message is not generated when the users attempt to access the web applications from the Internet.

What should you do?

A. Install the Certificate Enrollment Web Service role service on a server in the perimeter network.

B. Modify the WebApps certificate template, and then issue the certificates used by the web application servers.

C. Install the Web Application Proxy role service on a server in the perimeter network. Create a publishing point for the CA.

D. Modify the CRL distribution point, and then reissue the certificates used by the web application servers.

Answer: C


Q15. Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.

Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012 R2.

You need to ensure that a domain administrator can recover a deleted Active Directory object quickly.

Which tool should you use?

A. Dsadd quota

B. Dsmod

C. Active Directory Administrative Center

D. Dsacls

E. Dsamain

F. Active Directory Users and Computers

G. Ntdsutil

H. Group Policy Management Console

Answer: C


Q16. Your company recently deployed a new child domain to an Active Directory forest.

You discover that a user modified the Default Domain Policy to configure several Windows components in the child domain.

A company policy states that the Default Domain Policy must be used only to configure domain-wide security settings.

You create a new Group Policy object (GPO) and configure the settings for the Windows components in the new GPO.

You need to restore the Default Domain Policy to the default settings from when the domain was first installed.

What should you do?

A. From Group Policy Management, click Starter GPOs, and then click Manage Backups.

B. From a command prompt, run the dcgpofix.exe command.

C. From Windows PowerShell, run the Copy-GPO cmdlet.

D. Run ntdsutil.exe to perform a metadata cleanup and a semantic database analysis.

Answer: B


Q17. DRAG DROP

You network contains an Active Directory forest. The forest contains an Active Directory Federation Services (AD FS) deployment.

The AD FS deployment contains the following:

You create a Microsoft Office 365 tenant named contoso.onmicrosoft.com. You use Microsoft Azure Active Directory Connect (AD Connect) to synchronize all of the users and the UPNs from the contoso.com forest to Office 365.

You need to configure federation between Office 365 and the on-premises deployment of Active Directory.

Which three commands should you run in sequence from Server1? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.

Answer:


Q18. Your network contains an Active Directory forest named contoso.com. The forest contains three domains named contoso.com, corp.contoso.com, and ext.contoso.com. The forest contains three Active Directory sites named Site1, Site2, and Site3.

You have the three administrators as described in the following table.

You create a Group Policy object (GPO) named GPO1.  Which administrator or administrators can link GPO1 to Site2?

A. Admin1 and Admin2 only

B. Admin1, Admin2, and Admin3

C. Admin3 only

D. Admin1 and Admin3 only

Answer: D

Explanation:

References:

https://technet.microsoft.com/en-us/library/cc732979(v=ws.11).aspx


Q19. You have a server named Server1 that runs Windows Server 2021. You need to configure Server1 as a Web Application Proxy.

Which server role or role service should you install on Server1?

A. Remote Access

B. Active Directory Federation Services

C. Web Server (IIS)

D. DirectAccess and VPN (RAS)

E. Network Policy and Access Services

Answer: A


Q20. Your company recently deployed a new child domain to an Active Directory forest.

You discover that a user modified the Default Domain Policy to configure several Windows components in the child domain.

A company policy states that the Default Domain Policy must be used only to configure domain-wide security settings.

You create a new Group Policy object (GPO) and configure the settings for the Windows components in the new GPO.

You need to restore the Default Domain Policy to the default settings from when the domain was first installed.

What should you do?

A. From Group Policy Management, click Starter GPOs, and then click Manage Backups.

B. From a command prompt, run the dcgpofix.exe command.

C. From Windows PowerShell, run the Copy-GPO cmdlet.

D. Run ntdsutil.exe to perform a metadata cleanup and a semantic database analysis.

Answer: B


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.