Recertification for MCSE: Server Infrastructure
Question No: 321 DRAG DROP – (Topic 18)
You manage an Active Directory Domain Services forest that contains a root domain named contoso.com and a child domain named branch.contoso.com. You have three servers named SRV01, SRV02, and SRV03. All servers run Windows Server 2012 R2. SRV01 and SRV02 are domain controllers for the domain contoso.com. SRV03 is the domain controller for branch.contoso.com. User accounts and resources exist in both domains. All resources in branch.contoso.com are physically located in a remote branch office.
The remote branch office must be configured as Read-Only Domain Controller (RODC). The solution must minimize the impact on users and the number of servers deployed in the branch office.
You need to configure the environment.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Box 1: We export all resources from the branch office, and import them into the main domain.
Ldidfe creates, modifies, and deletes directory objects. You can also use ldifde to extend the schema, export Active Directory user and group information to other applications or
services, and populate Active Directory Domain Services (AD DS) with data from other directory services.
Box 2: We decommission the domain controller SRV03 Box 3: And make it a RODC instead.
We should not use an additional server SRV04.
Question No: 322 – (Topic 18)
Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012.
Your company uses IP Address Management (IPAM) to manage multiple DHCP servers. A user named User1 is a member of the IPAM Users group and is a member of the local Administrators group on each DHCP server.
When User1 edits a DHCP scope by using IPAM, the user receives the error message shown in the exhibit. (Click the Exhibit button.)
You need to prevent User1 from receiving the error message when editing DHCP scopes
by using IPAM.
What should you do?
Add User1 to the DHCP Administrators group on each DHCP server.
Add User1 to the IPAM Administrators group.
Run the Set-IpamServerConfig cmdlet.
Run the Invoke-IpamGpoProvisioning cmdlet.
Answer: B Explanation:
IPAM Administrators have the privileges to view all IPAM data and perform all IPAM tasks.
Question No: 323 – (Topic 18)
You have a virtual machine (VM) named VM-APP1 that hosts critical application named APP1. The VM has the following VHDX virtual disks:
Both VHDX virtual disks are located on LUN1 of a Storage Area Network.
Every time you perform Storage Live Migration for VM-APP1, it takes a few hours.
You need to ensure that the storage supports Offloaded Data Transfer (ODX), and that ODX is enabled.
Which two Windows PowerShell commands should you run? Each correct answer presents part of the solution.
Set-ItemProperty HKLM:\system\currentcontrolset\control\filesystem -Name 鈥淔ilterSupportedFeaturesMode鈥?-Value 0
Set-StorageSubSystem -InputObject (Get-StorageSubSystem) -ThrottleLimit 0
Get-ItemProperty HKLM:\system\currentcontrolset\services\lt;FilterNamegt; -Name 鈥淪upportedFeatures鈥?/p>
Set-ItemProperty HKLM:\system\currentcontrolset\control\filesystem -Name 鈥淔ilterSupportedFeatiresMode鈥?-Value1
Explanation: C: To use ODX, validate all the file system filter drivers on all servers that are hosting the storage support ODX.
To validate the opt-in status of file system filter drivers, use the type the following command for each filter driver:
Get-ItemProperty hklm:\system\currentcontrolset\services\lt;FilterNamegt; -Name quot;SupportedFeaturesquot;
A: To enable ODX support, type the following command:
Set-ItemProperty hklm:\system\currentcontrolset\control\filesystem -Name quot;FilterSupportedFeaturesModequot; -Value 0
Reference: Deploy Windows Offloaded Data Transfers https://technet.microsoft.com/en-us/library/jj200627.aspx
Question No: 324 – (Topic 18)
You plan to deploy multiple servers in a test environment by using Windows Deployment Services (WDS).
You need to identify which network services must be available in the test environment to deploy the servers.
Which network services should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
Active Directory Domain Services (AD DS)
Active Directory Lightweight Directory Services (AD LDS)
Network Policy Server (NPS)
Explanation: Prerequisites for installing Windows Deployment Services
(B) DNS. You must have a working Domain Name System (DNS) server on the network before you can run Windows Deployment Services.
(C): DHCP. You must have a working Dynamic Host Configuration Protocol (DHCP) server with an active scope on the network because Windows Deployment Services uses PXE, which relies on DHCP for IP addressing.
NTFS volume. Incorrect:
Not a: AD DS is not required if the WDS server is configured in Standalone mode. There is no mention of any domain in this scenario, so AD DS is not required for testing WDS.
Question No: 325 – (Topic 18)
You plan to simplify the organizational unit (OU) structure for a company. You must consolidate all member servers in the domain to a single OU named MemberServers.
You need to apply Group Policy settings for servers that meet the following criteria:
-> Server operating systems: Windows Server 2012
-> Server hardware platform: 64-bit
-> Server memory: less than 16 6B of RAM
Solution: You create a WMI filter action that includes the following query:
Does this meet the goal?
Explanation: The line Win32_PhysicalMemory gt; 16000000000 means that the server memory must be larger than 16 GB. The VMI-filter should include the line Win32_PhysicalMemory lt; 16000000000.
Note: The other criteria were OK:
Win32_operatingsystem version number 6.2 indicates that it is either Windows 8 or Windows Server 2012.
Win32_operatingsystem ProductType 3 indicates that it is an Server Operating system, but not a domain controller.
OSArchitecture =quot;64-bitquot; is also OK: the server hardware platform should be 64-bit.
Reference: Updated List of OS Version Queries for WMI Filters
Question No: 326 – (Topic 18)
Your network contains an Active Directory forest named contoso.com.
You plan to deploy 200 new physical servers during the next 12 months by using Windows
Deployment Services (WDS). You identify four server builds for the 200 servers as shown in the following table.
You need to recommend the minimum number of images that must be created for the planned deployment.
How many images should you recommend?
Answer: A Explanation:
Only one image is required. You can convert Core mode Windows Server 2012 to a Full (GUI) Windows Server 2012 with powershell through:
Install-WindowsFeature Server-Gui-Mgmt-Infra,Server-Gui-Shell -Restart
Question No: 327 – (Topic 18)
Your company has three offices. The offices are located in New York, Chicago, and Atlanta.
The network contains an Active Directory domain named contoso.com that has three Active Directory sites named Site1, Site2,and Site3. The New York office is located in Site1. The Chicago office is located in Site2. The Atlanta office is located in Site3. There is a local IT staff to manage the servers in each site. The current domain controllers are configured as shown in the following table.
The company plans to open a fourth office in Montreal that will have a corresponding Active Directory site. Because of budget cuts, a local IT staff will not be established for the Montreal site.
The Montreal site has the following requirements:
-> Users must be able to authenticate locally.
-> Users must not have the ability to log on to the domain controllers.
-> Domain account passwords must not be obtained from servers in the Montreal site.
-> Network bandwidth between the Montreal site and the other sites must be minimized.
-> Users in the Montreal office must have access to applications by using Remote Desktop Services (RDS).
You need to recommend a solution for the servers in the Montreal site. What should you recommend?
Only install a domain controller in the Montreal site that has a Server Core installation of Windows Server 2012.
Install a read-only domain controller (RODC) in the New York site.
Install a read-only domain controller (RODC) in the Montreal site. Install a member server in the New York site to host additional server roles.
Install a domain controller in the Montreal site that has a Server Core installation of Windows Server 2012. Install a member server in the Montreal site to host additional server roles,
Explanation: A local RODC in the new Montreal site would meet the requirements.
Not A, not D: A domain controller is not required in the Montreal site.
Not B: We should place a new RODC in the new Montreal site, not in the New York site.
Question No: 328 – (Topic 18)
Your network contains an Active Directory domain named contoso.com. All client computers run either Windows 7 or Windows 8.
Some users work from customer locations, hotels, and remote sites. The remote sites often have firewalls that limit connectivity to the Internet.
You need to recommend a VPN solution for the users. Which protocol should you include in the recommendation?
Explanation: Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity
checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers except for authenticated web proxies.
Question No: 329 – (Topic 18)
Your network contains an Active Directory forest named contoso.com. The forest is managed by using Microsoft System Center 2012.
You plan to create virtual machine templates to deploy servers by using the Virtual Machine
Manager Self-service Portal (VMMSSP).
To the Virtual Machine Manager (VMM) library, you add a VHD that has a generalized image of Windows Server 2012.
You need to identify which VMM components must be associated with the image.
Which components should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
A guest OS profile
A hardware profile
A capability profile
A host profile
Answer: A,B Explanation: Profiles
VMM provides the following profiles:
(A) Guest operating system profile-A guest operating system profile defines operating system configured settings which will be applied to a virtual machine created from the template. It defines common operating system settings such as the type of operating system, the computer name, administrator password, domain name, product key, and time zone, answer file and run once file.
(B) Hardware profile-A hardware profile defines hardware configuration settings such as CPU, memory, network adapters, a video adapter, a DVD drive, a floppy drive, COM ports, and the priority given the virtual machine when allocating resources on a virtual machine host.
Not D: VMM also includes host profiles. Host profiles are not used for virtual machine creation.
They are used during the conversion of a bare-metal computer to a Hyper-V host.
Reference: Creating Profiles and Templates in VMM Overview https://technet.microsoft.com/en-us/library/jj860424.aspx
Question No: 330 DRAG DROP – (Topic 18)
Your company plans to deploy a remote access solution to meet the following requirements:
-> Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
-> Ensure that client computers that run Windows Vista or earlier can connect
-> Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements. Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Box 1: Direct Access Box 2: L2TP VPN Box 3: SSTP VPN
*Direct is supported in Windows 7 and newer so second answer is not correct it should be L2TP VPN.
DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN).
Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows Vista庐 and Windows XP remote access clients, and VPN server support for L2TP is built in to members of the Windows Server庐 2008 and Windows Server 2003 family.
Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers.
|Lowest Price Guarantee||Yes||No||No|
|Free VCE Simulator||Yes||No||No|