Designing and Implementing a Server Infrastructure
Question No: 11 – (Topic 1)
You are evaluating the implementation of data deduplication on the planned Windows Server 2012 file servers.
The planned servers will have the identical disk configurations as the current servers. You need to identify which volumes can be enabled for data deduplication.
Which volumes should you identify? (Each correct answer presents part of the solution. Choose all that apply.)
Answer: C,E Explanation:
A mounted virtual hard disk (VHD) named DATA that is formatted NTFS A simple volume named E that is formatted NTFS
Note: Data Deduplication feature doesn#39;t do everything in this version. It is only available in certain Windows Server 2012 editions and has some limitations. Deduplication was built for NTFS data volumes and it does not support boot or system drives and cannot be used with
Cluster Shared Volumes (CSV). We don#39;t support deduplicating live VMs or running SQL databases. See how to determine which volumes are candidates for deduplication on Technet.
Not A: Volume C is a boot volume. Data deduplication does not work on boot volumes. Not B: Volume B is FAT32 volume. Data deduplication requires NTFS.
Not D: Deduplication cannot be used with CSV.
Question No: 12 – (Topic 1)
You are planning the decommissioning of research.contoso.com.
You need to ensure that an administrator named Admin5 in the research department can manage the user accounts that are migrated to contoso.com. The solution must minimize
the number of permissions assigned to Admin5.
What should you do before you migrate the user accounts?
Run the New-Object cmdlet, and then run the Add- ADPrincipalGroupMembershipcmdlet.
Create a new organizational unit (OU), and then add Admin5 to the Account Operators group.
Create a new organizational unit (OU), and then run the Delegation of Control Wizard.
Run the New-Object cmdlet, and then run the Add- ADCentralAccessPolicyMembercmdlet.
Answer: C Explanation:
Scenario: Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
Question No: 13 – (Topic 1)
You need to recommend which changes must be implemented to the network before you can deploy the new web application.
What should you include in the recommendation?
Change the forest functional level to Windows Server 2008 R2.
Upgrade the DNS servers to Windows Server 2012.
Change the functional level of both the domains to Windows Server 2008 R2.
Upgrade the domain controllers to Windows Server 2012.
Answer: D Explanation:
The web application is in the sales.contoso.com domain, which will have Windows Server 2012 Domain controllers. We should therefore upgrade the other domain controller to Windows Server 2012.
The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users#39; credentials must be passed from the web applications to the SQL Server.
Planned changes include: create a child domain named sales.contoso.com. Only the domain controllers in sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012.
Topic 2, Proseware, Inc Overview
Proseware, Inc. is a pharmaceutical services company that has a sales department, a marketing department, an operations department, and a human resources department.
Proseware has two main offices. One of the offices is located in New York. The other office is located in Chicago. The New York office uses a 172.16.1.0/24 network ID. The Chicago office uses a 192.168.1.0/24 network ID.
The offices connect to each other by using a high-bandwidth, low-latency WAN link. Each office connects directly to the Internet.
The network contains an Active Directory forest named proseware.com. The forest contains two domains named proseware.com and chicago.proseware.com. All of the user accounts and the computer accounts in the New York office reside in the proseware.com domain. All of the user accounts and the computer accounts in the Chicago office reside in the chicago.proseware.com domain. All DNS zones are Active-Directory-integrated.
Each office is configured as an Active Directory site. The network ID for each office is associated to the appropriate site.
Each office contains two domain controllers. The domain controllers were recently upgraded from Windows Server 2008 R2 to Windows Server 2012 R2. The functional level of the domain and the forest is Windows Server 2003.
The company uses Active Directory user attributes to store the personal information of its
employees in custom attributes.
The relevant servers are configured as shown in the following table.
All servers run Windows Server 2012 R2.
DC01 has an IPv4 scope. The starting IP address in the range is 172.16.1.100 and the ending address is 172.16.1.199.
DC03 has an IP4v scope. The starting IP address in the range is 192.168.1.100 and the ending IP address is 192.168.1.199. There are no exclusion ranges configured on DC01 or DC03.
Requirements Planned Changes
Proseware plans to implement the following changes:
->Deploy a read-only domain controller (RODC) to the London office.
->Give users remote access to both offices by using a VPN connection from their laptop or tablet.
->If DC01 fails, ensure that the computers in the New York office can receive IP addresses within 30 minutes.
->In the New York site, deploy two 50-TB, Fibre Channel SAN disk arrays. Offloaded
Data Transfer (ODX) will be used on both storage arrays. The Hyper-V hosts will use the new SANs for virtual machine storage.
->Open three additional offices in Montreal, Atlanta, and London. The offices will
connect to each other by using a high-bandwidth, low-latency WAN link. Each office will connect directly to the Internet.
->For legal reasons, the Montreal site will have its own forest named
->The Montreal and Atlanta offices will have local IT administrators to manage the network infrastructure of their respective office. The London office will not have a local IT staff. Each office will have approximately 50 client computers.
Proseware identifies the following technical requirements:
->Users in the Montreal office must only be allowed to access shares that are located on File01 and File02. The Montreal users must be prevented from accessing any other servers in the proseware.com forest regardless of the permissions on the resources,
->Users in the New York office must be able to reconnect to the remote access VPN servers automatically. Users in the Chicago office must use SSL to connect to the remote access VPN servers.
->Domain controllers that run Windows Server 2012 R2 and Windows Server 2008 R2 must be able to be deployed to the proseware.com domain.
->Administrators in the New York office must be able to restore objects from the Active Directory Recycle Bin.
->The DNS servers must be prevented from overwriting the existing DNS entries that have been stored in cache.
->Each DNS server must be managed by an administrator from the same office as the DNS server.
->The required time to create new fixed virtual hard disks (VHDs) on the SANs must be minimized.
->The remote access servers must be able to restrict outgoing traffic based on IP addresses.
->All certificates must be deployed to all of the client computers by using auto- enrollment.
->All of the DHCP Server server roles must be installed on a domain controller.
->Only one DHCP server in each site must lease IP addresses at any given time.
->DHCP traffic must not cross site boundaries.
->RODCs must not contain personal user information.
Question No: 14 DRAG DROP – (Topic 2)
You need to recommend the VPN protocols for Proseware.
What should you recommend? To answer, drag the appropriate VPN protocols to the correct offices. Each protocol may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content,
Explanation Box 1: IKEv2
An IKEv2 VPN provides resilience to the VPN client when the client moves from one wireless hotspot to another or when it switches from a wireless to a wired connection. This meets the requirement that users in the New York office must be able to reconnect to the remote access VPN servers automatically.
Box 2: SSTP
SSTP is the only of the listed tunneling protocols that uses SSL, and users in the Chicago office must use SSL to connect to the remote access VPN servers.
Question No: 15 – (Topic 2)
You run the Get-DNSServer cmdlet on DC01 and receive the following output:
You need to recommend changes to DC01. Which attribute should you recommend modifying?
Explanation: * Scenario: The DNS servers must be prevented from overwriting the existing DNS entries that have been stored in cache.
Cache locking is configured as a percent value. For example, if the cache locking value is set to 50, then the DNS server will not overwrite a cached entry for half of the duration of the TTL. By default, the cache locking percent value is 100. This means that cached entries will not be overwritten for the entire duration of the TTL. The cache locking value is stored in the CacheLockingPercent registry key. If the registry key is not present, then the DNS
server will use the default cache locking value of 100.
Reference: DNS Cache Locking
Question No: 16 – (Topic 2)
You need to recommend a solution for the remote access servers. What should you include in the recommendation?
Network address translation (NAT)
Explanation: Scenario: The remote access servers must be able to restrict outgoing traffic based on IP addresses.
Packet filtering can be used to restrict outgoing traffic with the help of an output filter.
Note: Packet filtering consists of creating a series of definitions called filters, which define for the router what types of traffic are allowed or disallowed on each interface. Filters can be set for incoming and outgoing traffic.
Input filters define what inbound traffic on that interface the router is allowed to route or process.
Output filters define what traffic the router is allowed to send from that interface. Incorrect:
Not A: NAT is not able to restrict outgoing traffic. NAT supports static filters can be added to the private interface to protect against threats from internal clients.
Reference: Filters and Remote Access Configurations https://technet.microsoft.com/en-us/library/Cc754895(v=WS.10)
Question No: 17 – (Topic 2)
You need to recommend a deployment method for Proseware.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A WDS Deployment server and Multicast transmissions
A WDS Deployment server and Unicast transmissions
A WDS Transport server and Multicast transmissions
A WDS Transport server and Unicast transmissions
Explanation: A WDS deployment server is appropriate in this scenario with three offices that will have 50 new clients each. As the WAN links are fast the computers can be deployed through multicast.
Not B: As the offices are connected through high-bandwidth, low-latency WAN links unicast is not necessary.
Not C, Not D: As each office only will have 50 client computers, a small network, a deployment through a WDS transport server is not required.
Reference: Windows Deployment Services Overview https://technet.microsoft.com/en-us/library/hh831764.aspx
Question No: 18 DRAG DROP – (Topic 2)
You need to recommend changes for the Active Directory infrastructure.
What should you recommend? To answer, drag the appropriate domain and forest functional levels for proseware.com to the correct locations. Each functional level may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
From the scenario we have that Domain controllers that run Windows Server 2012 R2 and Windows Server 2008 R2 must be able to be deployed to the proseware.com domain. We should therefore set both domain functional level and forest functional level to Windows Server 2008 R2.
Box 1: Windows Server 2008 R2
We can set the domain functional level for proseware.com to Windows Server 2008 R2 as only Domain controllers that run Windows Server 2012 R2 and Windows Server 2008 R2 must be able to be deployed to the proseware.com domain.
Box 2: Windows Server 2008 R2
As we cannot set the domain functional level to a value that is lower than the forest functional level we should set the forest function level to Windows Server 2008 R2 as well.
Question No: 19 HOTSPOT – (Topic 2)
You need to recommend a storage configuration for the Hyper-V hosts.
What should you recommend? To answer, select the appropriate options in the answer area.
Scenario: The required time to create new fixed virtual hard disks (VHDs) on the SANs must be minimized
Question No: 20 – (Topic 2)
You need to recommend a solution for the RODC.
Which attribute should you include in the recommendation?
Explanation: You can modify the searchFlags value for a read-only domain controller (RODC) to indicate confidential data on order to exclude specific data from replicating to RODCs in the forest. This meets the requirement as it is stated that RODCs must not contain personal user information.
Reference: Customize the RODC Filtered Attribute Set https://technet.microsoft.com/en-us/library/cc754794(v=ws.10).aspx
100% Ensurepass Free Download!
–Download Free Demo:70-413 Demo PDF
100% Ensurepass Free Guaranteed!
–Download 2018 EnsurePass 70-413 Full Exam PDF and VCE
EnsurePass ExamCollection Testking Lowest Price Guarantee Yes No No Up-to-Dated Yes No No Real Questions Yes No No Explanation Yes No No PDF VCE Yes No No Free VCE Simulator Yes No No Instant Download Yes No No