Proper study guides for Up to the minute Microsoft Recertification for MCSE: Server Infrastructure certified begins with Microsoft 70-980 preparation products which designed to deliver the Vivid 70-980 questions by making you pass the 70-980 test at your first time. Try the free 70-980 demo right now.
2017 Mar 70-980 exam guide
Q41. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
Q42. - (Topic 8)
You need to recommend a solution that meets the security requirements for Group1.
To which System Center 2012 Virtual Machine Manager (VMM) group should you assign Group1?
A. Delegated Administrator
C. Self-Service User
D. Read-Only Administrator
Q43. DRAG DROP - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 resides in the perimeter network and has the Remote Access server role installed.
Some users have laptop computers that run Windows 7 and are joined to the domain. Some users work from home by using their home computers. The home computers run either Windows XP, Windows Vista/ Windows 7, or Windows 8.
You need to configure the computers for remote access.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area
and arrange them in the correct order.
Q44. - (Topic 1)
You are planning the migration of research.contoso.com.
You need to identify which tools must be used to perform the migration.
Which tools should you identify?
A. Active Directory Migration Tool version 3.2 (ADMT v3.2) and Group Policy Management Console (GPMC)
B. Active Directory Federation Services (AD FS) and Microsoft Federation Gateway
C. Active Directory Migration Tool version 3.2 (ADMT v3.2) and Active Directory Federation Services (AD FS)
D. Active Directory Lightweight Directory Services (AD LDS) and Group Policy Management Console (GPMC)
D:\\Documents and Settings\\useralbo\\Desktop\\1.jpg
D:\\Documents and Settings\\useralbo\\Desktop\\1.jpg
Topic 2, Proseware, Inc (A)
Proseware, Inc. is a pharmaceutical services company that has a sales department, a marketing department, an operations department, and a human resources department.
Proseware has two main offices. One of the offices is located in New York. The other office is located in Chicago. The New York office uses a 172.16.1.0/24 network ID. The Chicago office uses a 192.168.1.0/24 network ID.
The offices connect to each other by using a high-bandwidth, low-latency WAN link. Each office connects directly to the Internet.
The network contains an Active Directory forest named proseware.com. The forest contains two domains named proseware.com and chicago.proseware.com. All of the user accounts and the computer accounts in the New York office reside in the proseware.com domain. All of the user accounts and the computer accounts in the Chicago office reside in the chicago.proseware.com domain. All DNS zones are Active-Directory-integrated.
Each office is configured as an Active Directory site. The network ID for each office is associated to the appropriate site.
Each office contains two domain controllers. The domain controllers were recently upgraded from Windows Server 2008 R2 to Windows Server 2012 R2. The functional level of the domain and the forest is Windows Server 2003.
The company uses Active Directory user attributes to store the personal information of its employees in custom attributes.
The relevant servers are configured as shown in the following table.
All servers run Windows Server 2012 R2.
DC01 has an IPv4 scope. The starting IP address in the range is 172.16.1.100 and the ending address is 172.16.1.199.
DC03 has an IP4v scope. The starting IP address in the range is 192.168.1.100 and the ending IP address is 192.168.1.199. There are no exclusion ranges configured on DC01 or DC03.
Proseware plans to implement the following changes: . Deploy a read-only domain controller (RODC) to the London office. . Give users remote access to both offices by using a VPN connection from their
laptop or tablet. . If DC01 fails, ensure that the computers in the New York office can receive IP addresses within 30 minutes.
. In the New York site, deploy two 50-TB, Fibre Channel SAN disk arrays. Offloaded Data Transfer (ODX) will be used on both storage arrays. The Hyper-V hosts will use the new SANs for virtual machine storage.
. Open three additional offices in Montreal, Atlanta, and London. The offices will connect to each other by using a high-bandwidth, low-latency WAN link. Each office will connect directly to the Internet.
. For legal reasons, the Montreal site will have its own forest named
. The Montreal and Atlanta offices will have local IT administrators to manage the network infrastructure of their respective office. The London office will not have a local IT staff. Each office will have approximately 50 client computers.
Proseware identifies the following technical requirements: . Users in the Montreal office must only be allowed to access shares that are located on File01 and File02. The Montreal users must be prevented from accessing any other servers in the proseware.com forest regardless of the permissions on the resources, . Users in the New York office must be able to reconnect to the remote access VPN servers automatically. Users in the Chicago office must use SSL to connect to the remote access VPN servers. . Domain controllers that run Windows Server 2012 R2 and Windows Server 2008 R2 must be able to be deployed to the proseware.com domain. . Administrators in the New York office must be able to restore objects from the Active Directory Recycle Bin. . The DNS servers must be prevented from overwriting the existing DNS entries that have been stored in cache. . Each DNS server must be managed by an administrator from the same office as the DNS server. . The required time to create new fixed virtual hard disks (VHDs) on the SANs must be minimized. . The remote access servers must be able to restrict outgoing traffic based on IP addresses. . All certificates must be deployed to all of the client computers by using auto-enrollment. . All of the DHCP Server server roles must be installed on a domain controller. . Only one DHCP server in each site must lease IP addresses at any given time. . DHCP traffic must not cross site boundaries. . RODCs must not contain personal user information.
Q45. - (Topic 9)
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
. The servers that run applications and services that can be moved to Windows
Server 2012 R2
. The servers that have hardware that can run Windows Server 2012 R2
. The servers that are suitable to be converted to virtual machines hosted on Hyper-
V hosts that run Windows Server 2012 R2
Solution: From an existing server, you run the Microsoft Application Compatibility Toolkit (ACT).
Does this meet the goal?
Updated 70-980 test preparation:
Q46. - (Topic 9)
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
The domain contains two global groups. The groups are configured as shown in the following table.
You need to ensure that the RODC is configured to meet the following requirements: . Cache passwords for all of the members of Branch1Users. . Prevent the caching of passwords for the members of Helpdesk. What should you do?
A. Modify the password replication policy of RODC1.
B. Modify the delegation settings of RODC1.
C. Modify the membership of the Allowed RODC Password Replication group.
D. Modify the membership of the Denied RODC Password Replication group.
E. Modify the delegation settings of DC1 and DC2.
F. Install the BranchCache feature on RODC1.
G. Create a Password Settings object (PSO) for the Helpdesk group.
H. Create a Password Settings object (PSO) for the Branch1Users group.
Q47. - (Topic 10)
Your company has a human resources department a finance department, a sales department and an R&D department.
The company audits the access of documents that contain department-specific sensitive information.
You are planning an administrative model for the departments to meet the following requirements:
. Provide R&D managers with the ability to back up all the files of their department only.
. Provide finance managers with the ability to view the audit logs for the files of their department only.
. Provide human resources managers with the ability to view the audit logs for the files of their department only.
. Provide sales managers with the ability to modify the permissions on all the shared folders of their department only.
You need to identify the minimum amount of file servers required on the network to meet the requirements of each department.
How many file servers should you identify?
Q48. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Windows Server 2008 R2 or Windows Server 2012.
All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.
All client computers receive IP addresses by using DHCP.
You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:
Verify whether the client computers have up-to-date antivirus software.
Provides a warning to users who have virus definitions that are out-of-date.
Ensure that client computers that have out-of-date virus definitions can connect to
Which NAP enforcement method should you recommend?
NAP enforcement for DHCP
DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS).
Using DHCP enforcement, DHCP servers and NPS can enforce health policy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective.
Q49. - (Topic 10)
Your network contains a Microsoft System Center 2012 Virtual Machine Manager (VMM) server named Server1.
You use Server1 to manage 20 Hyper-V hosts.
The network also contains five Citrix XenServer virtualization hosts.
You need to recommend which installation is required to manage the XenServer servers from Server1.
What should you recommend installing?
A. The Citrix XenServer - Microsoft System Center Integration Pack on the Citrix XenServer hosts
B. The Citrix XenServer - Microsoft System Center Integration Pack on Server1
C. Citrix Essentials for Hyper-V on Server1
D. Citrix Essentials for Hyper-V on the Citrix XenServer hosts
Q50. - (Topic 9)
Your company has two divisions named Division1 and Division2.
The network contains an Active Directory domain named contoso.com. The domain
contains two child domains named divisionl.contoso.com and division2.contoso.com.
The company sells Division1 to another company.
You need to prevent administrators in contoso.com and division2.contoso.com from gaining
administrative access to the resources in divisionl.contoso.com. What should you recommend?
A. Create a new tree in the forest named contoso.secure. Migrate the resources and the accounts in divisionl.contoso.com to contoso.secure.
B. On the domain controller accounts in divisionl.contoso.com, deny the Enterprise Admins group the Allowed to Authenticate permission.
C. Create a new forest and migrate the resources and the accounts in divisionl.contoso.com to the new forest.
D. In divisionl.contoso.com, remove the Enterprise Admins group from the Domain Admins group and remove the Enterprise Admins group from the access control list (ACL) on the divisionl.contoso.com domain object.