Q111. - (Topic 9) 

Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest named contoso.com. The forest contains a Microsoft Exchange Server 2010 organization. All of the domain controllers in contoso.com run Windows Server 2012. 

The perimeter network contains an Active Directory forest named litware.com. 

You deploy Microsoft Forefront Unified Access Gateway (UAG) to litware.com. All of the domain controllers in litware.com run Windows Server 2012. 

Some users connect from outside the network to use Outlook Web App. 

You need to ensure that external users can authenticate by using client certificates. What should you do? 

More than one answer choice may achieve the goal. Select the BEST answer. 

A. To the perimeter network, add an Exchange server that has the Client Access server role installed. 

B. Deploy UAG to contoso.com. 

C. Enable Kerberos delegation in litware.com. 

D. Enable Kerberos constrained delegation in litware.com. 

Answer:


Q112. - (Topic 9) 

Your company has a main office and four branch offices. The main office is located in London. 

The network contains an Active Directory domain named contoso.com. Each office contains one domain controller that runs Windows Server 2012. The Active Directory site topology is configured as shown in the exhibit. (Click the Exhibit button.) 

You discover that when a domain controller in a branch office is offline for maintenance, users in that branch office are authenticated by using the domain controllers in any of the sites. 

You need to recommend changes to Active Directory to ensure that when a domain controller in a branch office is offline, the users in that branch office are authenticated by the domain controllers in London. 

What should you include in the recommendation? 

Exhibit 

A. Modify the DC Locator DNS Records settings. 

B. Disable site link bridging. 

C. Modify the site link costs. 

D. Modify the service location (SRV) records in DNS. 

Answer:

Explanation: 

After having read several articles on the subject, I would say the correct answer for this question would be modifying the DC locator DNS record. Though I have never used it in any environment I worked in. But I am not sure. If anyone can clarify this one, mail me at badmuts13(a)gmail.com 


Q113. HOTSPOT - (Topic 7) 

You need to recommend a network configuration for the newly deployed Hyper-V hosts used by Customer1. 

On which network adapter should you recommend performing each configuration? To answer, select the appropriate network adapter for each configuration in the answer area. 

Answer: 


Q114. - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. The domain contains three Active Directory sites. The Active Directory sites are configured as shown in the following table. 

The sites connect to each other by using the site links shown in the following table. 

You need to design the Active Directory site topology to meet the following requirements: 

. Ensure that all replication traffic between Site2 and Site3 replicates through Site1 if a domain controller in Site1 is available. 

. Ensure that the domain controllers between Site2 and Site3 can replicate if all of the domain controllers in Site1 are unavailable. 

What should you do? 

A. Delete Link2. 

B. Disable site link bridging. 

C. Delete Link3. 

D. Create one site link bridge. 

Answer:


Q115. - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. 

You deploy several servers that have the Remote Desktop Session Host role service installed. 

You have two organizational units (OUs). The OUs are configured as shown in the following table. 

GPO1 contains the Folder Redirection settings for all of the users. 

You need to recommend a solution to prevent the sales users' folders from being redirected when the users log on to a Remote Desktop session. 

What should you include in the recommendation? 

A. FromGPO2, set the loopback processing mode. 

B. From GPO1, set the loopback processing mode. 

C. Configure security filtering for GPO1. 

D. Apply a WMI filter to GPO2. 

Answer: A Explanation: 

http://support.microsoft.com/kb/231287 


Q116. HOTSPOT - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. You plan to implement multiple DHCP servers. 

An administrator named Admin1 will authorize the DHCP servers. You need to ensure that Admin1 can authorize the planned DHCP servers. 

To which container should you assign Admin1 permissions? To answer, select the appropriate node in the answer area. 

Answer: 


Q117. - (Topic 1) 

You need to recommend a fault-tolerant solution for the VPN. The solution must meet the technical requirements. 

What should you include in the recommendation? 

A. Network adapter teaming 

B. Network Load Balancing (NLB) 

C. Failover Clustering 

D. DirectAccess 

Answer:

Explanation: 

D:\Documents and Settings\useralbo\Desktop\1.jpg http://technet.microsoft.com/en-us/library/hh831698.aspx 


Q118. - (Topic 1) 

You need to recommend a solution for DHCP logging. The solution must meet the technical requirement. 

What should you include in the recommendation? 

A. Event subscriptions 

B. IP Address Management (IPAM) 

C. DHCP audit logging 

D. DHCP filtering 

Answer:

Explanation: 

D:\Documents and Settings\useralbo\Desktop\1.jpg 

Feature description IPAM in Windows Server 2012 is a new built-in framework for discovering, monitoring, auditing, and managing the IP address space used on a corporate network. IPAM provides for administration and monitoring of servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name Service (DNS). IPAM includes components for: 

. Automatic IP address infrastructure discover)': IPAM discovers domain controllers, DHCP servers, and DNS servers in the domains you choose. You can enable or disable management of these servers by IPAM. 

. Custom IP address space display, reporting, and management: The display of IP addresses is highly customizable and detailed tracking and utilization data is available. IPv4 and IPv6 address space is organized into IP address blocks, IP address ranges, and individual IP addresses. IP addresses are assigned built-in or user-defined fields that can be used to further organize IP address space into hierarchical, logical groups. 

. Audit of server configuration changes and tracking of IP address usage: Operational events are displayed for the IPAM server and managed DHCP servers. IPAM also enables IP address tracking using DHCP lease events and user logon events collected from Network Policy Server (NPS), domain controllers, and DHCP servers. Tracking is available by IP address, client ID, host name, or user name. 

. Monitoring and management of DHCP and DNS services: IPAM enables automated service availability monitoring for Microsoft DHCP and DNS servers across the forest. DNS zone health is displayed, and detailed DHCP server and scope management is available using the IPAM console. http://technet.microsoft.com/en-us/library/hh831353.aspx 


Q119. - (Topic 5) 

You need to recommend a solution for managing updates. The solution must meet the technical requirements. 

What should you include in the recommendation? 

A. A System Center 2012 Configuration Manager management point in the main office and a WSUS downstream server in each office 

B. A System Center 2012 Configuration Manager software update point in the main office and a System Center 2012 Configuration Manager distribution point in each office 

C. A System Center 2012 Configuration Manager management point in the main office and a System Center 2012 Configuration Manager distribution point in each office 

D. A WSUS upstream server in the main office and a WSUS downstream server in each office 

Answer:


Q120. - (Topic 8) 

You need to recommend which Certificate Services role service must be deployed to the perimeter network. The solution must meet the security requirements. 

Which Certificate Services role services should you recommend? 

A. Online Responder and Network Device Enrollment Service 

B. Online Responder and Certificate Enrollment Web Service 

C. Certificate Enrollment Web Service and Certificate Enrollment Policy Web Service 

D. Certificate Enrollment Policy Web Service and Certification Authority Web Enrollment 

Answer: