MCSA Networking with Windows Server 2016 v1.0

Page:    1 / 18   
Exam contains 257 questions

Your company has 10 offices. Each office has a local network that contains several Hyper-V hosts that run Windows Server 2016. All of the offices are connected by high speed, low latency WAN links.
You need to ensure that you can use QoS policies for Live Migration traffic between the offices.
Which component should you install?

  • A. the Data Center Bridging feature
  • B. the Routing role service
  • C. the Network Controller server role
  • D. the Multipath I/O feature
  • E. the Canary Network Diagnostics feature


Answer : A

Reference:
https://technet.microsoft.com/en-us/library/jj735302(v=ws.11).aspx

HOTSPOT -
You have a network address translation (NAT) server named NAT1 that has an external IP address of 131.107.50.1 and an internal IP address of 10.0.0.1.
You deploy a new server named Web1 that has an IP address of 10.0.0.211.
A remote server named app.fabrikam.com has an IP address of 131.107.1.232.
You need to make Web1 accessible to app.fabrikam.com through NAT1.
What command should you run from NAT1? To answer, select the appropriate options in the answer area.
Hot Area:




Answer :

Reference:
https://docs.microsoft.com/en-us/powershell/module/netnat/add-netnatstaticmapping?view=win10-ps

Your network contains multiple wireless access points (WAPs) that use WPA2-Personal authentication. The network contains an enterprise root certification authority (CA).
The security administrator at your company plans to implement WPA2-Enterprise authentication on the WAPs.
To support the authentication change, you deploy a server that has Network Policy Server (NPS) installed.
You need to configure NPS to authenticate the wireless clients.
What should you do on the NPS server?

  • A. Add RADIUS clients and configure network policies.
  • B. Create a remote RADIUS server group and configure connection request policies.
  • C. Create a remote RADIUS server group and install a server certificate.
  • D. Add RADIUS clients and configure connection request policies.


Answer : A

Reference:
https://ittrainingday.wordpress.com/2013/12/25/how-to-configure-a-windows-radius-server-for-802-1x-wireless-or-wired-connections/

Your company has 5,000 users who work remotely.
You have 40 VPN servers that host the remote connections for the users.
You plan to deploy a RADIUS solution that contains five RADIUS servers.
You need to ensure that client authentication requests are distributed evenly between the five RADIUS servers.
What should you do?

  • A. Install the Network Load Balancing role service on all of the RADIUS server. Configure all of the RADIUS clients to connect to a virtual IP address.
  • B. Deploy RAS Gateway to a new server. Configure all of the RADIUS clients to connect to RAS Gateway.
  • C. Install the Failover Clustering role service on all of the RADIUS servers. Configure all of the RADIUS clients to connect to the IP address of the cluster.
  • D. Deploy a RADIUS proxy to a new server. Configure all of the RADIUS clients to connect to the RADIUS proxy.


Answer : D

Reference:
https://technet.microsoft.com/en-us/library/dd197433(v=ws.10).aspx

Your network contains an Active Directory forest named contoso.com. The functional level of the forest is Windows Server 2012.
The forest contains five domain controllers and five VPN servers that run Windows Server 2016.
Five hundred users connect to the VPN servers daily.
You need to configure a new server named Server1 as a RADIUS server.
What should you do first?

  • A. On Server1, deploy the Remote Access server role.
  • B. On Server1, deploy the Network Policy and Access Services role.
  • C. On a domain controller, set the forest functional level to Windows Server 2016.
  • D. On each VPN server, run the New-NpsRadiusClient cmdlet.


Answer : B

Reference:
http://www.nyazit.com/configure-network-policy-server-2016/

Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and litwareinc.com.
Your company recently deployed DirectAccess for the members of a group named DA_Computers. All client computers are members of DA_Computers.
You discover that DirectAccess clients can access the resources located in the contoso.com domain only. The clients can access the resources in the litwareinc.com domain by using an L2TP VPN connection to the network.
You need to ensure that the DirectAccess clients can access the resources in the litwareinc.com domain.
What should you do?

  • A. From a Group Policy object (GPO), modify the Name Resolution Policy Table (NRPT).
  • B. From the properties of the servers in litwareinc.com, configure the delegation settings.
  • C. On an external DNS server, create a zone delegation for litwareinc.com.
  • D. Add the servers in litwareinc.com to the RAS and IAS Servers group.


Answer : A

Reference:
https://blogs.technet.microsoft.com/tomshinder/2010/04/01/directaccess-client-location-awareness-nrpt-name-resolution/

You have a server named Server1 that runs Windows Server 2016. Server1 is located on the perimeter network, and only inbound TCP port 443 is allowed to connect Server1 from the Internet.
You install the Remote Access server role on Server1.
You need to configure Server1 to accept VPN connections over port 443.
Which VPN protocol should you use?

  • A. PPTP
  • B. SSTP
  • C. L2TP
  • D. IKEv2


Answer : B

Reference:
https://technet.microsoft.com/en-us/library/dd458955(v=ws.10).aspx

You have an Active Directory domain named Contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2016.
You install the Remote Access server role on Server1. You install the Network Policy and Access Services server role on Server2.
You need to configure Server1 to use Server2 as a RADIUS server.
What should you do?

  • A. From the Connection Manager Administration Kit, create a Connection Manager profile.
  • B. From Routing and Remote Access, configure the authentication provider.
  • C. From Active Directory Users and Computers, modify the Delegation settings of the Server1 computer account.
  • D. From Server Manager, create an Access Policy.


Answer : B

Your company has a main office in London. The company has 1,000 users who are located in many countries.
You plan to deploy a large remote access solution for the company.
The London office has three servers named Server1, Server2, and Server3 that run Windows Server 2016.
You plan to use Server1 as a VPN server, Server2 as a RADIUS proxy, and Server3 as a RADIUS server.
You need to configure Server2 to support the planned deployment.
Which three actions should you perform on Server2? Each correct answer presents part of the solution.

  • A. Create a connection request policy.
  • B. Deploy a Windows container.
  • C. Add a RADIUS client.
  • D. Create a network policy.
  • E. Create a remote RADIUS server group.


Answer : ACE

Reference:
https://ittrainingday.wordpress.com/2014/01/03/how-to-configure-radius-proxy-servers/

You have a server named Host1 that runs Windows Server 2016.
You configure Host1 as a virtualization host and create 20 new virtual machines on Host1.
You need to ensure that all of the virtual machines can connect to the Internet through Host1.
Which three actions should you perform? Each correct answer presents part of the solution.

  • A. On a virtual machine, install the Remote Access server role.
  • B. From the properties of each virtual machine, enable virtual LAN identification.
  • C. From the properties of each virtual machine, connect to the virtual machine switch.
  • D. On Host1, configure the network address translation (NAT) network.
  • E. On Host1, create an internal virtual machine switch and specify an IP address for the switch.


Answer : CDE

Reference:
https://technet.microsoft.com/en-us/library/ee449441(v=ws.10).aspx

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a DHCP server named Server1 that has three network cards. Each network card is configured to use a static IP address. Each network card connects to a different network segment.
Server1 has an IPv4 scope named Scope1.
You need to ensure that Server1 only uses one network card when leasing IP addresses in Scope1.
What should you do?

  • A. From the properties of IPv4, modify the Conflict detection attempts setting.
  • B. From the properties of Scope1, configure Name Protection.
  • C. From the properties of IPv4, configure the bindings.
  • D. From IPv4, create a new filter.
  • E. From the properties of Scope1, create an exclusion range.
  • F. From IPv4, run the DHCP Policy Configuration Wizard.
  • G. From Control Panel, modify the properties of Ethernet.
  • H. From Scope1, create a reservation.


Answer : C

Reference:
https://technet.microsoft.com/en-us/library/cc770650(v=ws.11).aspx

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a DHCP server named Server1 that has three network cards. Each network card is configured to use a static IP address.
You need to prevent all client computers that have physical addresses beginning with 98-5F from leasing an IP address from Server1.
What should you do?

  • A. From the properties of IPv4, modify the Conflict detection attempts setting.
  • B. From the properties of Scope1, configure Name Protection.
  • C. From the properties of IPv4, configure the bindings.
  • D. From IPv4, create a new filter.
  • E. From the properties of Scope1, create an exclusion range.
  • F. From IPv4, run the DHCP Policy Configuration Wizard.
  • G. From Control Panel, modify the properties of Ethernet.
  • H. From Scope1, create a reservation.


Answer : D

Reference:
https://technet.microsoft.com/en-us/library/ee941125(v=ws.10).aspx

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a DHCP server named Server1 that has an IPv4 scope named Scope1.
Users report that when they turn on their client computers, it takes a long time to access the network.
You validate that it takes a long time for the computers to receive an IP address from Server1.
You monitor the network traffic and discover that Server1 issues five ping commands on the network before leasing an IP address.
You need to reduce the amount of time it takes for the computers to receive an IP address.
What should you do?

  • A. From the properties of IPv4, modify the Conflict detection attempts setting.
  • B. From the properties of Scope1, configure Name Protection.
  • C. From the properties of IPv4, configure the bindings.
  • D. From IPv4, create a new filter.
  • E. From the properties of Scope1, create an exclusion range.
  • F. From IPv4, run the DHCP Policy Configuration Wizard.
  • G. From Control Panel, modify the properties of Ethernet.
  • H. From Scope1, create a reservation.


Answer : A

Reference:
https://technet.microsoft.com/en-us/library/ee941125(v=ws.10).aspx

Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.


Your network contains an Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2012.
The network uses an address space of 192.168.0.0/16 and contains multiple subnets.
The network is not connected to the Internet.
The domain contains three servers configured as shown in the following table.

Client computers obtain TCP/IP settings from Server3.
You add a second network adapter to Server2. You connect the new network adapter to the Internet. You install the Routing role service on Server2.
Server1 has four DNS zones configured as shown in the following table.


You need to ensure that when a computer is removed from the network, the associated records are deleted automatically after 15 days.
Which two actions should you perform? Each correct answer presents part of the solution.

  • A. Create a scheduled task that runs the Remove-Computer cmdlet.
  • B. Modify the Zone Aging/Scavenging Properties of the zone.
  • C. Modify the Time to live (TTL) value of the start of authority (SOA) record.
  • D. Set the Scavenging period of Server1.
  • E. Modify the Expires after value of the start of authority (SOA) record.


Answer : BD

Reference:
https://technet.microsoft.com/en-us/library/cc771362(v=ws.10).aspx

Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.


Your network contains an Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2012.
The network uses an address space of 192.168.0.0/16 and contains multiple subnets.
The network is not connected to the Internet.
The domain contains three servers configured as shown in the following table.

Client computers obtain TCP/IP settings from Server3.
You add a second network adapter to Server2. You connect the new network adapter to the Internet. You install the Routing role service on Server2.
Server1 has four DNS zones configured as shown in the following table.


What should you do to enable Server2 as a NAT server?

  • A. From Routing and Remote Access, add an interface.
  • B. From Windows PowerShell, run the New-RoutingGroupConnector cmdlet.
  • C. From Routing and Remote Access, add a routing protocol.
  • D. From Windows PowerShell, run the Install-WindowsFeature cmdlet.


Answer : C

Reference:
https://technet.microsoft.com/en-us/library/dd469812(v=ws.11).aspx

Page:    1 / 18   
Exam contains 257 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy