MCSE Designing and Implementing a Server Infrastructure v1.0

Page:    1 / 18   
Exam contains 261 questions

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Litware, Inc., is a manufacturing company. The company has a main office and two branch offices. The main office is located in Seattle. The branch offices are located in Los Angeles and Boston.

Current Environment -

Active Directory -
The network contains an Active Directory forest named litwareinc.com. The forest contains a child domain for each office. The child domains are named boston.litwareinc.com and la.litwareinc.com. An ActiveDirectory site exists for each office.
In each domain, all of the client computer accounts reside in an organizational unit (OU) named AllComputers and all of the user accounts reside in an OU named
AllUsers.
All domain controllers run Windows Server 2008 R2 and are configured as DNS servers.
The functional level of the domain and the forest is Windows Server 2008.

Network Infrastructure -
The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012
Three virtual fileservers that run Windows Server 2008 R2


One physical DHCP server that runs Windows Server 2008 R2
Ten physical application servers that run Windows Server2012
One virtual IP Address Management (IPAM) server that runs Windows Server 2012
One virtual Windows Server Update Services (WSUS) server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
Each branch office has the following servers:
One virtual file server that runs Windows Server 2008 R2
Two physical Hyper-V hosts that run Windows Server 2012
One physical DHCP server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
All of the offices have a high-speed connection to the Internet. The offices connect to each other by using T1 leased lines.
The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.

Requirements -

Planned Changes -
The company plans to implement the following changes:
Implement the Active Directory Recycle Bin.
Implement Network Access Protection (NAP).
Implement Folder Redirection in the Boston office only.
Deploy an application named App1 to all of the users in the Boston office only.
Migrate to IPv6 addressing on all of the servers in the Los Angeles office. Some application servers in the Los Angeles office will have only IPv6 addresses.

Technical Requirements -
The company identifies the following technical requirements:
Minimize the amount of administrative effort whenever possible.
Ensure that NAP with IPSec enforcement can be configured.
Rename boston.litwareinc.com domain tobos.litwareinc.com.
Migrate the DHCP servers from the physical servers to a virtual server that runs Windows Server 2012.
Ensure that the members of the Operators groups in all three domains can manage the IPAM server from their client computer.

VPN Requirements -
You plan to implement a third-party VPN server in each office. The VPN servers will be configured as RADIUS clients. A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.

Visualization Requirements -
The company identifies the following virtualization requirements:
Virtualize the application servers.
Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource usage of the Hyper-V hosts.

Server Deployment Requirements -
The company identifies the following requirements for the deployment of new servers on the network:
Deploy the new servers over the network.
Ensure that all of the server deployments are done by using multicast.

Security Requirements -
A new branch office will open in Chicago. The new branch office will have a single read-only domain controller (RODC). Confidential attributes must not be replicated to the Chicago office.

You need to recommend a server virtualization strategy that meets the technical requirements and the virtualization requirements.
What should you include in the recommendation?

  • A. Windows Server Backup
  • B. The Microsoft Virtual Machine Converter
  • C. Microsoft System Center Virtual Machine Manager (VMM)
  • D. Disk2vhd


Answer : C

Explanation:
Scenario:
Virtualize the application servers.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource useage. The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012 age of the Hyper-V hosts.
System Center Virtual Machine Manager: VMM Gets Major Upgrade
Expanded hypervisor support, virtual application support and a myriad of other upgrades are coming in the new VMM.
There's no doubt that Microsoft is making System Center Virtual Machine Manager (VMM) a key component of the System Center suite. The scope of the product is being expanded so much that it could be renamed "System Center Virtual Datacenter Manager." The new version of
VMM is currently in beta and is scheduled for release in the second half of 2011.
VMM can now do bare-metal installations on fresh hardware, create Hyper-V clusters instead of just managing them, and communicate directly with your SAN arrays to provision storage for your virtual machines (VMs). The list of supported hypervisors has also grownâ€"it includes not only Hyper-V and VMware vSphere
Hvpervisor, but also Citrix XenServer.
References:
http://technet.microsoft.com/en-gb/magazine/hh300651.aspx

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Litware, Inc., is a manufacturing company. The company has a main office and two branch offices. The main office is located in Seattle. The branch offices are located in Los Angeles and Boston.

Current Environment -

Active Directory -
The network contains an Active Directory forest named litwareinc.com. The forest contains a child domain for each office. The child domains are named boston.litwareinc.com and la.litwareinc.com. An ActiveDirectory site exists for each office.
In each domain, all of the client computer accounts reside in an organizational unit (OU) named AllComputers and all of the user accounts reside in an OU named
AllUsers.
All domain controllers run Windows Server 2008 R2 and are configured as DNS servers.
The functional level of the domain and the forest is Windows Server 2008.

Network Infrastructure -
The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012
Three virtual fileservers that run Windows Server 2008 R2


One physical DHCP server that runs Windows Server 2008 R2
Ten physical application servers that run Windows Server2012
One virtual IP Address Management (IPAM) server that runs Windows Server 2012
One virtual Windows Server Update Services (WSUS) server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
Each branch office has the following servers:
One virtual file server that runs Windows Server 2008 R2
Two physical Hyper-V hosts that run Windows Server 2012
One physical DHCP server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
All of the offices have a high-speed connection to the Internet. The offices connect to each other by using T1 leased lines.
The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.

Requirements -

Planned Changes -
The company plans to implement the following changes:
Implement the Active Directory Recycle Bin.
Implement Network Access Protection (NAP).
Implement Folder Redirection in the Boston office only.
Deploy an application named App1 to all of the users in the Boston office only.
Migrate to IPv6 addressing on all of the servers in the Los Angeles office. Some application servers in the Los Angeles office will have only IPv6 addresses.

Technical Requirements -
The company identifies the following technical requirements:
Minimize the amount of administrative effort whenever possible.
Ensure that NAP with IPSec enforcement can be configured.
Rename boston.litwareinc.com domain tobos.litwareinc.com.
Migrate the DHCP servers from the physical servers to a virtual server that runs Windows Server 2012.
Ensure that the members of the Operators groups in all three domains can manage the IPAM server from their client computer.

VPN Requirements -
You plan to implement a third-party VPN server in each office. The VPN servers will be configured as RADIUS clients. A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.

Visualization Requirements -
The company identifies the following virtualization requirements:
Virtualize the application servers.
Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource usage of the Hyper-V hosts.

Server Deployment Requirements -
The company identifies the following requirements for the deployment of new servers on the network:
Deploy the new servers over the network.
Ensure that all of the server deployments are done by using multicast.

Security Requirements -
A new branch office will open in Chicago. The new branch office will have a single read-only domain controller (RODC). Confidential attributes must not be replicated to the Chicago office.

You need to recommend a remote access solution that meets the VPN requirements.
Which role service should you include in the recommendation?

  • A. Routing
  • B. Network Policy Server
  • C. DirectAccess and VPN (RAS)
  • D. Host Credential Authorization Protocol


Answer : B

Explanation:
Scenario:
A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.
Ensure that NAP with IPSec enforcement can be configured.

Network Policy Server -
Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for client health, connection request authentication, and connection request authorization. In addition, you can use NPS as a Remote Authentication Dial-In User Service (RADIUS) proxy to forward connection requests to a server running NPS or other RADIUS servers that you configure in remote RADIUS server groups.
NPS allows you to centrally configure and manage network access authentication, authorization, are client health policies with the following three features:
RADIUS server. NPS performs centralized authorization, authorization, and accounting for wireless, authenticating switch, remote access dial-up and virtual private network (VNP) connections. When you use NPS as a RADIUS server, you configure network access servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. You also configure network policies that NPS uses to authorize connection requests, and you can configure RADIUS accounting so that NPS logs accounting information to log files on the local hard disk or in a Microsoft SQL Server database.

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Litware, Inc., is a manufacturing company. The company has a main office and two branch offices. The main office is located in Seattle. The branch offices are located in Los Angeles and Boston.

Current Environment -

Active Directory -
The network contains an Active Directory forest named litwareinc.com. The forest contains a child domain for each office. The child domains are named boston.litwareinc.com and la.litwareinc.com. An ActiveDirectory site exists for each office.
In each domain, all of the client computer accounts reside in an organizational unit (OU) named AllComputers and all of the user accounts reside in an OU named
AllUsers.
All domain controllers run Windows Server 2008 R2 and are configured as DNS servers.
The functional level of the domain and the forest is Windows Server 2008.

Network Infrastructure -
The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012
Three virtual fileservers that run Windows Server 2008 R2


One physical DHCP server that runs Windows Server 2008 R2
Ten physical application servers that run Windows Server2012
One virtual IP Address Management (IPAM) server that runs Windows Server 2012
One virtual Windows Server Update Services (WSUS) server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
Each branch office has the following servers:
One virtual file server that runs Windows Server 2008 R2
Two physical Hyper-V hosts that run Windows Server 2012
One physical DHCP server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
All of the offices have a high-speed connection to the Internet. The offices connect to each other by using T1 leased lines.
The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.

Requirements -

Planned Changes -
The company plans to implement the following changes:
Implement the Active Directory Recycle Bin.
Implement Network Access Protection (NAP).
Implement Folder Redirection in the Boston office only.
Deploy an application named App1 to all of the users in the Boston office only.
Migrate to IPv6 addressing on all of the servers in the Los Angeles office. Some application servers in the Los Angeles office will have only IPv6 addresses.

Technical Requirements -
The company identifies the following technical requirements:
Minimize the amount of administrative effort whenever possible.
Ensure that NAP with IPSec enforcement can be configured.
Rename boston.litwareinc.com domain tobos.litwareinc.com.
Migrate the DHCP servers from the physical servers to a virtual server that runs Windows Server 2012.
Ensure that the members of the Operators groups in all three domains can manage the IPAM server from their client computer.

VPN Requirements -
You plan to implement a third-party VPN server in each office. The VPN servers will be configured as RADIUS clients. A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.

Visualization Requirements -
The company identifies the following virtualization requirements:
Virtualize the application servers.
Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource usage of the Hyper-V hosts.

Server Deployment Requirements -
The company identifies the following requirements for the deployment of new servers on the network:
Deploy the new servers over the network.
Ensure that all of the server deployments are done by using multicast.

Security Requirements -
A new branch office will open in Chicago. The new branch office will have a single read-only domain controller (RODC). Confidential attributes must not be replicated to the Chicago office.

You need to recommend a Group Policy strategy to support the company's planned changes.
What should you include in the recommendation?

  • A. Link a Group Policy object(GPO) to the AllComputers OU in each domain.
  • B. Link a Group Policy object (GPO) to litwareinc.com and configure filtering.
  • C. Link a Group Policy object (GPO) to each domain.
  • D. Link a Group Policy object (GPO) to the Boston site.


Answer : D

Explanation:
Scenario:
Implement Folder Redirection in the Boston office only.
Deploy an application named Appl to all of the users in the Boston office only.

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview -
Litware, Inc., is a manufacturing company. The company has a main office and two branch offices. The main office is located in Seattle. The branch offices are located in Los Angeles and Boston.

Current Environment -

Active Directory -
The network contains an Active Directory forest named litwareinc.com. The forest contains a child domain for each office. The child domains are named boston.litwareinc.com and la.litwareinc.com. An ActiveDirectory site exists for each office.
In each domain, all of the client computer accounts reside in an organizational unit (OU) named AllComputers and all of the user accounts reside in an OU named
AllUsers.
All domain controllers run Windows Server 2008 R2 and are configured as DNS servers.
The functional level of the domain and the forest is Windows Server 2008.

Network Infrastructure -
The main office has the following servers:
Five physical Hyper-V hosts that run Windows Server 2012
Three virtual fileservers that run Windows Server 2008 R2


One physical DHCP server that runs Windows Server 2008 R2
Ten physical application servers that run Windows Server2012
One virtual IP Address Management (IPAM) server that runs Windows Server 2012
One virtual Windows Server Update Services (WSUS) server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
Each branch office has the following servers:
One virtual file server that runs Windows Server 2008 R2
Two physical Hyper-V hosts that run Windows Server 2012
One physical DHCP server that runs Windows Server 2008 R2
One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
All of the offices have a high-speed connection to the Internet. The offices connect to each other by using T1 leased lines.
The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.

Requirements -

Planned Changes -
The company plans to implement the following changes:
Implement the Active Directory Recycle Bin.
Implement Network Access Protection (NAP).
Implement Folder Redirection in the Boston office only.
Deploy an application named App1 to all of the users in the Boston office only.
Migrate to IPv6 addressing on all of the servers in the Los Angeles office. Some application servers in the Los Angeles office will have only IPv6 addresses.

Technical Requirements -
The company identifies the following technical requirements:
Minimize the amount of administrative effort whenever possible.
Ensure that NAP with IPSec enforcement can be configured.
Rename boston.litwareinc.com domain tobos.litwareinc.com.
Migrate the DHCP servers from the physical servers to a virtual server that runs Windows Server 2012.
Ensure that the members of the Operators groups in all three domains can manage the IPAM server from their client computer.

VPN Requirements -
You plan to implement a third-party VPN server in each office. The VPN servers will be configured as RADIUS clients. A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.

Visualization Requirements -
The company identifies the following virtualization requirements:
Virtualize the application servers.
Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource usage of the Hyper-V hosts.

Server Deployment Requirements -
The company identifies the following requirements for the deployment of new servers on the network:
Deploy the new servers over the network.
Ensure that all of the server deployments are done by using multicast.

Security Requirements -
A new branch office will open in Chicago. The new branch office will have a single read-only domain controller (RODC). Confidential attributes must not be replicated to the Chicago office.

You need to ensure that NAP meets the technical requirements.
Which role services should you install?

  • A. Network Policy Server, Health Registration Authority and Host Credential Authorization Protocol
  • B. Health Registration Authority, Host Credential Authorization Protocol and Online Responder
  • C. Certification Authority, Network Policy Server and Health Registration Authority
  • D. Online Responder, Certification Authority and Network Policy Server


Answer : C

Explanation:
Scenario:
Implement Network Access Protection (NAP).
Ensure that NAP with IPSec enforcement can be configured.

Health Registration Authority -
Applies To: Windows Server 2008 R2, Windows Server 2012
Health Registration Authority (HRA) is a component of a Network Access Protection (NAP) infrastructure that plays a central role in NAP Internet Protocol security
(IPsec) enforcement.
HRA obtains health certificates on behalf of NAP clients when they are compliant with network health requirements. These health certificates authenticate NAP clients for IPsec-protected communications with other NAP clients on an intranet. If a NAP client does not have a health certificate, the IPsec peer authentication fails and the NAP client cannot initiate communication with other IPsec-protected computers on the network.
HRA is installed on a computer that is also running Network Policy Server (NPS) and Internet Information Services (IIS). If they are not already installed, these services will be added when you install HRA.

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You need to recommend an Office 365 integration solution.
What should you include in the recommendation?

  • A. Active Directory directory synchronization
  • B. The Active Directory Migration Tool (ADMT)
  • C. Windows Identity Foundation (WIF) 3.5
  • D. The Sync Framework Toolkit


Answer : A

Explanation:
Scenario: Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You need to recommend a solution for the sales reports.
What should you include in the recommendation?

  • A. BranchCache in distributed cache mode
  • B. Offline files
  • C. BranchCache in hosted cache mode
  • D. Distributed File System (DFS)


Answer : A

Explanation:
Scenario: Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
BranchCache is designed to reduce WAN link utilization and improve application responsiveness for branch office workers who access content from servers in remote locations. Branch office client computers use a locally maintained cache of data to reduce traffic over a WAN link. The cache can be distributed across client computers (Distributed Cache mode) or can be housed on a server in the branch (Hosted Cache mode).

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.



HOTSPOT -
You are evaluating the virtual machine environment.
In the table below, identify which virtual machines currently support ODX and which virtual machines require a configuration change to support ODX. Make only one selection in each row.
Hot Area:



Answer :

Explanation:
VM1 uses IDE and does not support ODX. The other VMs are ok.
ID requirements include:
Must be connected by using one of the following protocols:
-> iSCSI
-> Fibre Channel
-> Fibre Channel over Ethernet
-> Serial Attached SCSI (SAS)
Note: Windows Offloaded Data Transfer (ODX) functionality in Windows maximizes an enterprise’s investment in intelligent storage arrays by enabling the arrays to directly transfer data within or between compatible storage devices, bypassing the host computer.

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You need to recommend a solution for GPO1.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.

  • A. In west.northwindtraders.com, create a copy of GPO1 and link the new GPO to Site2. Apply a WMI filter to the new GPO.
  • B. In west.northwindtraders.com, create a copy of GPO1 and link the new GPO to west.northwindtraders.com. Configure security filtering on the new GPO.
  • C. Link GPO1 to west.northwindtraders.com and configure security filtering on GPO1.
  • D. Link GPO1 to Site2 and apply a WMI filter to GPO1.


Answer : D

Explanation:
Scenario:
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
Apply GPO1 to all of the San Diego users.
GPO1 must not be applied to computers that run Windows 8.1.
WM Filter for Operating Systems. Example:

Windows 8.1 64 bit -
SELECT version FROM Win32_OperatingSystem WHERE Version LIKE "6.3%" and ProductType = "1" AND OSArchitecture = "64-bit"

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You need to recommend a solution for the replication of Active Directory.
What should you recommend modifying?

  • A. The Active Directory Schema
  • B. The properties of Site1
  • C. The RODC1 computer account
  • D. The properties of Site2


Answer : A

Explanation:
Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2
The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data. The physical structure of the schema consists of the object definitions. The schema itself is stored in the directory.
The schema is stored in its own partition (the schema partition) in the directory. The schema is replicated among all the domain controllers in the forest, and any change that is made to the schema is replicated to every domain controller in the forest. Because the schema dictates how information is stored, and because any changes that are made to the schema affect every domain controller, changes to the schema should be made only when necessary â€" through a tightly controlled process â€" after testing has been performed to ensure that there will be no adverse effects on the rest of the forest.

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.



DRAG DROP -
You need to recommend a solution for managing Microsoft Azure.
Which three actions should you recommend performing in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:



Answer :

Explanation:
The Web Platform Installer installs the required version of PowerShell and PowerShell cmdlets.

The Get-AzurePublishSettings -
File cmdlet opens your default browser, signs into your Microsoft Azure account, and automatically downloads a .publishsettings file that contains information and a certificate for your Microsoft Azure subscription. This file is used by the Import-Azure Subscription cmdlet and is an XML file with a ".publishsettings" extension.

The Import-AzurePublishSettings -
File cmdlet imports a .publishsettings file that has been downloaded using the Get-AzurePublishSettingsFile cmdlet. This file contains settings and an encoded certificate that provides management credentials for the Microsoft Azure account.

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You need to implement a solution for DNS replication.
Which cmdlets should you run?

  • A. Set-DnsServer and Invoke-DnsServerZoneSign
  • B. ConvertTo-DnsServerPrimaryZone and Register-DnsServerDirectoryPartition
  • C. UnRegister-DnsServerDirectoryPartition and Add-DnsServerForwarder
  • D. Set-DnsServerDnsSecZoneSetting and Invoke-DnsServerZoneSign


Answer : C

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You are planning the certificates for Northwind Traders.
You need to identify the certificate configurations required for App1.
How should you configure the certificate request? To answer, select the appropriate options in the answer area.
Hot Area:



Answer :

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


You need to recommend a solution for communicating to Microsoft Azure services.
What should you recommend? To answer, select the appropriate options in the answer area.
Hot Area:



Answer :

Overview -
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client computers. The office in San Diego has 100 computers. The computers in the San Diego office are often replaced. The offices connect to each other by using a slow WAN link. Each office connects directly to the Internet.

Existing Environment -

Active Directory Environment -
The network contains an Active Directory forest named northwindtraders.com. The forest contains two domains named northwindtraders.com and west.northwindtraders.com. All servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown in the following table.


DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller (RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1. GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All of the user accounts for the San Diego users are in the west.northwindtraders.com domain.

Network Environment -
Site1 contains the member servers in the northwindtraders.com domain shown in the following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Server5.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently by the users in both offices. The reports are generated automatically once per week by an enterprise resource planning (ERP) system.
A perimeter network in the Montreal office contains two standalone servers. The servers are configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.

Requirements -

Planned Changes -
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will be configured as shown in the following table.

Configure IP routing between Site1 and the network services that Northwind Traders hosts in Microsoft Azure.
Place a domain controller for the northwindtraders.com domain in Microsoft Azure.
Upgrade all of the computers in the Montreal office to Windows 8.1.
Purchase a subscription to Microsoft Office 365.
Configure a web application proxy on Server6.
Configure integration between VMM and IPAM.
Apply GPO1 to all of the San Diego users.
Connect Site1 to Microsoft Azure.

Technical Requirements -
Northwind Traders must meet the following technical requirements:
All virtual machines must use ODX.
Users must be able to access App1 from the Internet.
GPO1 must not be applied to computers that run Windows 8.1.
All DNS zones must replicate only to DC1, DC2, and DC3.
All computers must be able to resolve names by using a local DNS server.
If a WAN link fails, users must be able to access all of the sales reports.
The credentials for accessing Microsoft Azure must be permanently stored.
The on-premises network must be connected to Microsoft Azure by using Server4.
The administrators must be able to manage Microsoft Azure by using Windows PowerShell.
The number of servers and services deployed in the San Diego office must be minimized.
Active Directory queries for the objects in the forest must not generate WAN traffic, whenever possible.

Security Requirements -
Northwind Traders identifies the following security requirements:
Ensure that all DNS zone data is encrypted when it is replicated.
Minimize the number of permissions assigned to users and administrators, whenever possible. Prevent an Active Directory Domain Services (AD DS) attribute named SSNumber from replicating to Site2.
Ensure that users can use their northwindtraders.com user account to access the resources hosted in Office 365.
Prevent administrators from being required to re-enter their credentials when they manage Microsoft Azure from approved management computers.


On Server2, you create a Run As Account named Account1. Account1 is associated to an Active Directory account named VMMIPAM.
You need to implement an IPAM solution.
What should you do? To answer, select the appropriate configuration for each server in the answer area.
Hot Area:



Answer :

Case Study -
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other question on this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study -
To display the first question on this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Background -

Overview -
Alpine Ski House provides vacation travel accommodations. Its main office is in Vancouver. Alpine Ski House also has branch offices in Montreal, Denver, and
New York.
An additional sales office is located in Los Angeles. This office has client devices only.
All servers in each office run Windows Server 2012 R2. All client devices in each office run Windows 8.1.
Alpine Ski House plans to acquire another company named Margie's Travel. Margie’s Travel has an AD DS domain named margiestravel.com.

Denver and New York -
The Denver and New York offices have their own child domain named us.alpineskihouse.com. The domain controllers are displayed in the following table:



Vancouver and Montreal -
Alpine Ski House has an Active Directory Domain Services (AD DS) domain named aplineskihouse.com for the Vancouver and Montreal offices. The forest and domain functional levels are set to Windows Server 2008. The domain controllers in the domain contain Dynamic Host Configuration Protocol (DHCP) servers and
DNS servers. The domain controllers are displayed in the following table:

The Vancouver office also has a certification authority (CA) installed on a server named ALP-CA01.

Business Requirements -

Growth -
An additional branch office is planned in an extremely remote, mountainous location that does not have traditional access to the Internet.
The remote branch office location will use a high-latency, low-bandwidth satellite connection to the Denver and Vancouver offices.
The Los Angeles office will be expanded to include sales and billing staff. The Los Angeles location will not contain IT staff.

File Management -
Currently, each office has a dedicated file share that is hosted on a domain controller. The company plans to implement a new file sharing capability to synchronize data between offices and to maximize performance for locating files that are saved in a different branch office. Sales users in the Los Angeles office must also be able to retrieve file data from each branch office.

Recovery time objective -
The business requires that the data stored in AD DS must be recovered within an hour. This data includes user accounts, computer accounts, groups, and other objects. Any customized attributes must also be recovered. The current backup solution uses a tape drive, which requires a minimum of two hours between notification and recovery.

Office 365 -
Alpine Ski House purchased Office 365 Enterprise E3 licenses for all users in the organization.

Technical Requirements -

Existing environment -
Users in the Montreal office of Alpine Ski House report slow times to log on to their devices. An administrator determines that users in the Montreal location occasionally authenticate to a domain controller with an IP address of 172.16.0.10/24. All authentication requests must first be attempted in the same location as the client device that is being authenticated.

Growth -
The remote branch office must have a single domain controller named REMOTE-DC01.us.aplineskihouse.com.
The replication between domains must either use best-effort or low-cost replication. After the expansion, authentication must occur locally.
Any server placed in the Los Angeles office must not contain cached passwords.

File management -
Where possible, the new file management solution must be centralized. If supported, the data must be stored in a single location in each branch office.

Acquisition -
After acquiring Margie's Travel, all AD DS objects, including user account passwords, must be migrated to the alpineskihouse.com domain. Alpine Ski House plans to use the Active Directory Migration Tool (ADMT) to complete the migration process.
The password complexity requirements for the margiestravel.com domain are unknown. Users should not be forced to change their passwords after migrating their user accounts. Some computer objects will be renamed during the migration.

Office 365 -
Alpine Ski House must use Microsoft Azure to facilitate directory synchronization (DirSync) with Office 365. The DirSync utility must be installed on a virtual machine in Microsoft Azure.

You need to perform the directory synchronization with Office 365.
What should you do first?

  • A. Set the domain functional level to Windows Server 2012.
  • B. Upgrade the Office 365 licenses to Enterprise E4.
  • C. Set the forest functional level to Windows Server 2012.
  • D. Create a site-to-site VPN.
  • E. Install the DirSync utility in the on-premises environment.


Answer : D

Page:    1 / 18   
Exam contains 261 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us