70-413 Exam Questions - Online Test
70-413 Premium VCE File
150 Lectures, 20 Hours
Q1. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The Active Directory site topology is configured as shown in the exhibit. (Click the Exhibit button.)
DC1 and DC2 run Windows Server 2003 R2. All FSMO roles are located on DC2.
You plan to deploy a read-only domain controller (RODC) to Site3.
You need to recommend changes to the network to support the planned RODC
implementation.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. To Site1, add an RODC that runs Windows Server 2012.
B. Replace DC2 with a domain controller that runs Windows Server 2012.
C. To Site2, add an RODC that runs Windows Server 2012.
D. Replace DC1 with a domain controller that runs Windows Server 2012.
Answer: D
Explanation: Each RODC requires a writable domain controller running Windows Server
2012 for the same domain from which the RODC can directly replicate.
Typically, this requires that a writable domain controller running Windows Server 2012 be
placed in the nearest site in the topology.
Reference: Active Directory Replication Considerations
Q2. DRAG DROP - (Topic 8)
You manage a Network Policy Server (NPS) infrastructure that contains four servers named NPSPRX01, NPS01, NPS02, and NPS03. All servers run Microsoft Windows Server 2012 R2. NPSPRX01 is configured as an NPS proxy. NPS01, NPS02, and NPS03 are members of a remote RADIUS server group named GR01. GR01 is configured as shown below:
You need to ensure that authentication requests are identified even when a server is unavailable.
If a given server is unavailable, which percentage of authentication requests will another server manage? To answer, drag the appropriate value to the correct scenario. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q3. - (Topic 8)
Your network contains a Hyper-V host named Host1 that runs Windows Server 2012. Host1 contains a virtual machine named DC1. DC1 is a domain controller that runs Windows Server 2012.
You plan to clone DC1.
You need to recommend which steps are required to prepare DC1 to be cloned.
What should you include in the recommendation? (Each correct answer presents part of the solution. Choose all that apply.)
A. Run dcpromo.exe /adv.
B. Create a file named Dccloneconfig.xml.
C. Add DC1 to the Cloneable Domain Controllers group.
D. Run sysprep.exe /oobe.
E. Run New-VirtualDiskClone.
Answer: B,C
Explanation:
B: DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it boots. This includes network settings, DNS, WINS, AD site name, new DC name and more. This file can be generated in a few different ways.
C: There's a new group in town. It's called Cloneable Domain Controllers and you can find it in the Users container. Membership in this group dictates whether a DC can or cannot be cloned. This group has some permissions set on the domain head that should not be removed. Removing these permissions will cause cloning to fail. Also, as a best practice, DCs shouldn't be added to the group until you plan to clone and DCs should be removed from the group once cloning is complete. Cloned DCs will also end up in the Cloneable Domain Controllers group. Make sure to remove those as well.
Q4. - (Topic 1)
You need to recommend which changes must be implemented to the network before you can deploy the new web application.
What should you include in the recommendation?
A. Change the forest functional level to Windows Server 2008 R2.
B. Upgrade the DNS servers to Windows Server 2012.
C. Change the functional level of both the domains to Windows Server 2008 R2.
D. Upgrade the domain controllers to Windows Server 2012.
Answer: D
Explanation:
Scenario:
The domain controllers run Windows Server 2008 R2.
The company is migrating to Windows Server 2012.
Q5. - (Topic 3)
You need to recommend a change to the Active Directory environment to support the company's planned changes.
What should you include in the recommendation?
A. Raise the functional level of the domain and the forest.
B. Implement Administrator Role Separation.
C. Upgrade the domain controllers that have the PDC emulator master role to Windows Server 2012.
D. Upgrade the domain controller that has the domain naming master role to Windows Server 2012.
Answer: A
Explanation:
* Scenario:
The functional level of the domain and the forest is Windows Server 2008.
Implement the Active Directory Recycle Bin.
Q6. HOTSPOT - (Topic 8)
You have a domain controller that hosts an Active Directory-integrated zone.
On the domain controller, you run the following cmdlet:
PS C:\> Get-DnsServerScavenging
NoRefreshInterval:2.00:00:00 RefreshInterval:3.00:00:00 ScavengingInterval:4.00:00:00 ScavengingState:True LastScavengeTime:1/30/2014 9:10:36 AM
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
Q7. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest
security updates installed.
You need to implement a solution to ensure that only the client computers that have all of
the required security updates installed can connect to VLAN 1. The solution must ensure
that all other client computers connect to VLAN 3.
Solution: You implement the VPN enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation: VPN Enforcement need to be setup in connection with NAP (Network Access Protection).
Q8. - (Topic 3)
You need to ensure that NAP meets the technical requirements.
Which role services should you install?
A. Network Policy Server, Health Registration Authority and Host Credential Authorization Protocol
B. Health Registration Authority, Host Credential Authorization Protocol and Online Responder
C. Certification Authority, Network Policy Server and Health Registration Authority
D. Online Responder, Certification Authority and Network Policy Server
Answer: C
Explanation:
* Scenario:
Implement Network Access Protection (NAP).
Ensure that NAP with IPSec enforcement can be configured.
* Health Registration Authority
Applies To: Windows Server 2008 R2, Windows Server 2012
Health Registration Authority (HRA) is a component of a Network Access Protection (NAP)
infrastructure that plays a central role in NAP Internet Protocol security (IPsec)
enforcement.
HRA obtains health certificates on behalf of NAP clients when they are compliant with
network health requirements. These health certificates authenticate NAP clients for IPsec-protected communications with other NAP clients on an intranet. If a NAP client does not
have a health certificate, the IPsec peer authentication fails and the NAP client cannot
initiate communication with other IPsec-protected computers on the network.
HRA is installed on a computer that is also running Network Policy Server (NPS) and
Internet
Information Services (IIS). If they are not already installed, these services will be added when you install HRA.
Reference: Health Registration Authority
Q9. - (Topic 5)
You need to configure the connection between the new remote branch office and the existing branch offices.
What should you create?
A. SMTP site link
B. Forest trust
C. Certification authority
D. IP subnet
Answer: A
Q10. - (Topic 8)
Your network contains an Active Directory domain named contoso.com.
On several organizational units (OUs), an administrator named Admin1 plans to delegate control of custom tasks. You need to ensure that Admin1 can delegate a custom task named Task1 by using the Delegation of Control Wizard.
What should you do?
A. Add a new class to the Active Directory schema.
B. Configure a custom MMC console.
C. Modify the Delegwiz.inf file.
D. Configure a new authorization store by using Authorization Manager.
Answer: C
Explanation:
To add a task to the Delegation Wizard, you must create a task template by using the
following syntax in the Delegwiz.inf file
;---------------------------------------------------------
[template1]
AppliesToClasses=<comma delimited list of object types to which this
template applies; for example, if "organizationalUnit" is in the list,
this template will be shown when the Delegation Wizard is invoked on
an OU>
Description = "<task description which will appear in the wizard>"
Etc.
Reference: How to customize the task list in the Delegation Wizard http://support.microsoft.com/kb/308404
- Actual AZ-102 Study Guides 2021
- [2021-New] Microsoft 70-490 Dumps With Update Exam Questions (31-40)
- [2021-New] Microsoft 70-410 Dumps With Update Exam Questions (3-12)
- [2021-New] Microsoft 70-413 Dumps With Update Exam Questions (101-108)
- [2021-New] Microsoft 70-490 Dumps With Update Exam Questions (41-49)
- [2021-New] Microsoft 98-365 Dumps With Update Exam Questions (51-60)
- Most Up-to-date MB-500 Free Samples For Microsoft Dynamics 365: Finance And Operations Apps Developer Certification
- [2021-New] Microsoft 70-413 Dumps With Update Exam Questions (1-10)
- Precise 70-742 Study Guides 2021
- [2021-New] Microsoft 70-535 Dumps With Update Exam Questions (3-12)