70-980 Exam
A Review Of High value 70-980 lab
It is more faster and easier to pass the Microsoft 70-980 exam by using Actual Microsoft Recertification for MCSE: Server Infrastructure questuins and answers. Immediate access to the Refresh 70-980 Exam and find the same core area 70-980 questions with professionally verified answers, then PASS your exam with a high score now.
2021 Sep 70-980 test questions
Q61. - (Topic 10)
Your network contains an Active Directory domain named contoso.com. You deploy Active Directory Certificate Services (AD CS).
Your company, which is named Contoso, Ltd., has a partner company named Fabrikam, Inc. Fabrikam also deploys AD CS.
Contoso and Fabrikam plan to exchange signed and encrypted email messages.
You need to ensure that the client computers in both Contoso and Fabrikam trust each other's email certificates. The solution must prevent other certificates from being trusted and minimize administrative effort.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Implement an online responder in each company.
B. Exchange the root certification authority (CA) certificates of both companies, and then deploy the certificates to the Enterprise Trust store by using Group Policy objects (GPOs).
C. Implement cross-certification in each company.
D. Exchange the root certification authority (CA) certificates of both companies, and then deploy the certificates to the Trusted Root Certification Authorities store by using Group Policy objects (GPOs).
Answer: C
Q62. - (Topic 10)
Your network contains an Active Directory forest named contoso.com.
Your company works with a partner company that has an Active Directory forest named fabrikam.com. Both forests contain domain controllers that run only Windows Server 2012 R2.
The certification authority (CA) infrastructure of both companies is configured as shown in the following table.
You need to recommend a certificate solution that meets the following requirements:
. Server authentication certificates issued from fabrikam.com must be trusted automatically by the computers in contoso.com.
. The computers in contoso.com must not trust automatically any other type of certificates issued from the CA hierarchy in fabrikam.com.
What should you include in the recommendation?
A. Deploy a Group Policy object (GPO) that defines intermediate CAs. Import a certificate that has an application policy object identifier (OID) of CA Encryption Certificate.
B. Deploy a Group Policy object (GPO) that defines an enterprise trust. Import a certificate that has an application policy object identifier (OID) of Microsoft Trust List Signing.
C. Deploy a Group Policy object (GPO) that defines an enterprise trust. Import a certificate that has an application policy object identifier (OID) of CA Encryption Certificate.
D. Deploy a Group Policy object (GPO) that defines intermediate CAs. Import a certificate that has an application policy object identifier (OID) of Microsoft Trust List Signing.
Answer: B
Q63. DRAG DROP - (Topic 7)
You need to implement a Hyper-V Recovery Manager solution in the hosting environment of Northwind Traders.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Topic 8, A.Datum Corporation
Overview
A. Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami.
The branch offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server 2008 R2. The main office has the following servers and client computers:
Two domain controllers configured as DNS servers and DHCP servers
One file server that has multiples shares
One thousand client computers that run Windows 7
Each branch office has the following servers and client computers:
One domain controller configured as a DNS server and a DHCP server
Five hundred to 800 client computers that run Windows XP
Each office has multiple subnets. The network speed of the local area network (LAN) is 1 gigabit per second. The offices connect to each other by using a WAN link. The main office is connected to the Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency. The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold as a service to customers.
Each instance of App1 is comprised of the following three tiers:
A web front end
A middle tier that uses Windows Communication Foundation (WCF)
A Microsoft SQL Server 2008 R2 database on the back end
Each tier will be hosted on one or more virtual machines. Multiple tiers cannot coexist on the same virtual machine.
When customers purchase App1, they can select from one of the following service levels:
Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine becomes unresponsive, the virtual machine must be restarted. Enterprise: Uses multiple instances of each virtual machine required by App1 to provide high-availability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
A web front end
A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office. The virtual machines will use dynamic IP addresses. A copy of the App2 virtual machines will be maintained in the Seattle office.
App2 will be used by users from a partner company named Trey Research. Trey Research has a single Active Directory domain named treyresearch.com. Treyresearch.com contains a server that has the Active Directory Federation Services server role and all of the Active Directory Federation Services (AD FS) role services installed.
Planned Changes
A. Datum plans to implement the following changes:
Replace all of the servers with new servers that run Windows Server 2012.
Implement a private cloud by using Microsoft System Center 2012 to host instances of App1.
In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
In the Miami office, deploy two new Hyper-V hosts to the local network.
In the Seattle office, deploy two new Hyper-V hosts.
In the Miami office, implement a System Center 2012 Configuration Manager primary site that has all of the system roles installed.
Implement a public key infrastructure (PKI).
Notification Requirements
A. Datum identifies the following notification requirements:
Help desk tickets must be created and assigned automatically when an instance of App1 becomes unresponsive. Customers who select the Enterprise service level must receive an email notification each time a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
A. Datum identifies the following technical requirements:
Minimize costs whenever possible.
Minimize the amount of WAN traffic
Minimize the amount of administrative effort whenever possible.
Provide the fastest possible failover for the virtual machines hosting App2.
Ensure that administrators can view a consolidated report about the software updates in all of the offices.
Ensure that administrators in the Miami office can approve updates for the client computers in all of the offices.
Security Requirements
A. Datum identifies the following security requirements:
An offline root certification authority (CA) must be configured.
Client computers must be issued certificates by a server in their local office.
Changes to the CA configuration settings and the CA security settings must be logged.
Client computers must be able to renew certificates automatically over the Internet.
The number of permissions and privileges assigned to users must be minimized whenever possible.
. Users from a group named Group1 must be able to create new instances of App1 in the private cloud.
. Client computers must be issued new certificates when the computers are connected to the local network only.
. The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
. Users from Trey Research must be able to access App2 by using their credentials from treyresearch.com.
Q64. HOTSPOT - (Topic 9)
Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers.
An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers.
To which container should you assign Admin1 permissions? To answer, select the appropriate node in the answer area.
Answer:
Q65. - (Topic 10)
Your network contains an Active Directory domain named contoso.com.
You plan to implement Network Load Balancing (NLB).
You need to identify which network services and applications can be load balanced by using NLB.
Which services and applications should you identify?
A. Microsoft SQL Server 2012 Reporting Services
B. A failover cluster
C. A DHCP server
D. A Microsoft Exchange Server 2010 Mailbox server
E. A file server
F. A Microsoft SharePoint Server 2010 front-end Web server
Answer: A,F
Improve 70-980 exam fees:
Q66. HOTSPOT - (Topic 4)
You are planning the certificates for Northwind Traders.
You need to identify the certificate configurations required for App1.
How should you configure the certificate request? To answer, select the appropriate
options in the answer area.
Answer:
Q67. HOTSPOT - (Topic 9)
You have a domain controller that hosts an Active Directory-integrated zone. On the domain controller, you run the following cmdlet:
PS C:\> Get-DnsServerScavenging NoRefreshlnterval:2.00:00:00
Refreshlnterval:3.00:00:00 Scavenginglnterval:4.00:00:00 ScavengingState:True LastScavengeTime:1/30/2014 9:10:36 AM
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
Q68. HOTSPOT - (Topic 9)
Your network contains an Active Directory forest name fabrikam.com. The forest contains two domains named fabrikam.com and contoso.com. All servers run Windows Server 2012 R2.
The forest contains a DHCP server named Server1 and a DNS server named Server2.
You need to recommend a solution to ensure that any computers that are neither members of contoso.com nor fabrikam.com receive a DNS suffix of guest.fabrikam.com.
What two commands should you run? To answer, select the appropriate options in the answer area.
Answer:
Q69. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. Client computers run either Windows 7 or Windows 8.
You plan to implement several Group Policy settings that will apply only to laptop
computers.
You need to recommend a Group Policy strategy for the planned deployment.
What should you include in the recommendation?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Loopback processing
B. WMI filtering
C. Security filtering
D. Block inheritance
Answer: B
Explanation:
http://www.discoposse.com/index.php/2012/04/05/group-policy-wmi-filter-laptop-or-desktop-hardware/ Another method to detect hardware as laptop only is to look for the presence of a battery based on the BatteryStatus property of the Win32_Battery class. By using the Win32_Battery class, we can search to see if there is a battery present. If the battery status is not equal to zero (BatteryStatus <> 0 ) then you know that it is a laptop.
Q70. - (Topic 10)
Your network contains an Active Directory domain named contoso.com.
You plan to deploy an Active Directory Federation Services (AD FS) farm that will contain eight federation servers.
You need to identify which technology or technologies must be deployed on the network before you install the federation servers.
Which technology or technologies should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
A. Network Load Balancing (NLB)
B. Microsoft Forefront Identity Manager (FIM) 2010
C. The Windows Internal Database feature
D. Microsoft SQL Server 2012
E. The Windows Identity Foundation 3.5 feature
Answer: A,D
Explanation: Best practices for deploying a federation server farm We recommend the following best practices for deploying a federation server in a production environment:
* (A) Use NLB or some other form of clustering to allocate a single IP address for many federation server computers.
* (D) If the AD FS configuration database will be stored in a SQL database, avoid editing the SQL database from multiple federation servers at the same time.
* If you will be deploying multiple federation servers at the same time or you know that you
will be adding more servers to the farm over time, consider creating a server image of an existing federation server in the farm and then installing from that image when you need to create additional federation servers quickly.
* Reserve a static IP address for each federation server in the farm and, depending on your Domain Name System (DNS) configuration, insert an exclusion for each IP address in Dynamic Host Configuration Protocol (DHCP). Microsoft NLB technology requires that each server that participates in the NLB cluster be assigned a static IP address.
Reference: When to Create a Federation Server Farm