Pass4sure offers free demo for 70 980 vce exam. "Recertification for MCSE: Server Infrastructure", also known as 70 980 pdf exam, is a Microsoft Certification. This set of posts, Passing the Microsoft 70 980 vce exam, will help you answer those questions. The 70 980 pdf Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft 70 980 dump exams and revised by experts!

Q121. - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Windows Server 2008 R2 or Windows Server 2012. 

All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain. 

All client computers receive IP addresses by using DHCP. 

You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements: 

Verify whether the client computers have up-to-date antivirus software. 

Provides a warning to users who have virus definitions that are out-of-date. 

Ensure that client computers that have out-of-date virus definitions can connect to 

the network. 

Which NAP enforcement method should you recommend? 

A. DHCP 

B. IPSec 

C. VPN 

D. 802.1x 

Answer:

Explanation: 

http://technet.microsoft.com/en-us/library/cc733020(v=ws.10).aspx 

NAP enforcement for DHCP 

DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS). 

Using DHCP enforcement, DHCP servers and NPS can enforce health policy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective. 


Q122. DRAG DROP - (Topic 9) 

Your network contains an Active Directory forest named adatum.com. The forest contains a single domain. All servers run Windows Server 2012 R2. All client computers run Windows 

8.1. 

The DNS zone of adatum.com is Active Directory-integrated. 

You need to implement DNSSEC to meet the following requirements: 

Ensure that the zone is signed. 

Ensure that the zone signing key (ZSK) changes every 30 days. 

Ensure that the key signing key (KSK) changes every 365 days. 

What should you do? To answer, drag the appropriate cmdlets to the correct requirements. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 


Q123. - (Topic 9) 

Your company has three offices. The offices are located in Montreal, Toronto, and Vancouver. 

The network contains two Active Directory forests named contoso.com and adatum.com. The contoso.com forest contains one domain. The adatum.com forest contains two domains. All of the servers in adatum.com are located in the Toronto office. The servers in contoso.com are located in the Montreal and Vancouver offices. All of the servers in both of the forests run Windows Server 2012 R2. 

A two-way, forest trusts exists between the forests. 

Each office contains DHCP servers and DNS servers. 

You are designing an IP Address Management (IPAM) solution to manage the network. 

You need to recommend a solution for the placement of IPAM servers to manage all of the DHCP servers and all of the DNS servers in both of the forests. The solution must minimize the number of IPAM servers deployed. 

What should you recommend? 

A. One IPAM server in each office 

B. One IPAM server in the Montreal office and one IPAM server in the Toronto office 

C. One IPAM server in the Toronto office 

D. Two IPAM servers in the Toronto office and one IPAM server in the Montreal office 

E. Two IPAM servers in the Toronto office, one IPAM server in the Montreal office, and one IPAM server in the Vancouver office 

Answer:


Q124. - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. 

You plan to deploy DirectAccess. 

The network security policy states that when client computers connect to the corporate 

network from the Internet, all of the traffic destined for the Internet must be routed through 

the corporate network. 

You need to recommend a solution for the planned DirectAccess deployment that meets 

the security policy requirement 

Solution: You set the ISATAP State to state disabled. 

Does this meet the goal? 

A. Yes 

B. No 

Answer:


Q125. - (Topic 10) 

Your network contains a Microsoft System Center 2012 Virtual Machine Manager (VMM) server named Server1. 

You use Server1 to manage 20 Hyper-V hosts. 

The network also contains five Citrix XenServer virtualization hosts. 

You need to recommend which installation is required to manage the XenServer servers from Server1. 

What should you recommend installing? 

A. The Citrix XenServer - Microsoft System Center Integration Pack on the Citrix XenServer hosts 

B. The Citrix XenServer - Microsoft System Center Integration Pack on Server1 

C. Citrix Essentials for Hyper-V on Server1 

D. Citrix Essentials for Hyper-V on the Citrix XenServer hosts 

Answer:


Q126. - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. 

On several organizational units (OUs), an administrator named Admin1 plans to delegate control of custom tasks. You need to ensure that Admin1 can delegate a custom task named Task1 by using the Delegation of Control Wizard. 

What should you do? 

A. Add a new class to the Active Directory schema. 

B. Configure a custom MMC console. 

C. Modify the Delegwiz.inf file. 

D. Configure a new authorization store by using Authorization Manager. 

Answer:

Explanation: 

http://support.microsoft.com/kb/308404 


Q127. - (Topic 9) 

Your network contains an Active Directory domain named contoso.com. The domain contains an organizational unit (OU) named OU1. 

You have a Group Policy object (GPO) named GPO1 that is linked to contoso.com. GPO1 contains custom security settings. 

You need to design a Group Policy strategy to meet the following requirements: 

. The security settings in GPO1 must be applied to all client computers. 

. Only GPO1 and other GPOs that are linked to OU1 must be applied to the client computers in OU1. 

What should you include in the design? 

More than one answer choice may achieve the goal. Select the BEST answer. 

A. Enable the Block Inheritance option at the domain level. Enable the Enforced option on GPO1. 

B. Enable the Block Inheritance option on OU1. Link GPO1 to OU1. 

C. Enable the Block Inheritance option on OU1. Enable the Enforced option on all of the GPOs linked to OU1. 

D. Enable the Block Inheritance option on OU1. Enable the Enforced option on GPO1. 

Answer:


Q128. - (Topic 9) 

Your company is a hosting provider that provides cloud-based services to multiple customers. 

Each customer has its own Active Directory forest located in your company's datacenter. 

You plan to provide VPN access to each customer. The VPN solution will use RADIUS for authentication services and accounting services. 

You need to recommend a solution to forward authentication and accounting messages from the perimeter network to the Active Directory forest of each customer. 

What should you recommend? 

More than one answer choice may achieve the goal. Select the BEST answer. 

A. One RADIUS proxy for each customer and Active Directory Federation Services (AD FS) 

B. A RADIUS server for each customer and one RADIUS proxy 

C. One RADIUS proxy and one Active Directory Lightweight Directory Services (AD LDS) instance for each customer 

D. A RADIUS server for each customer and a RADIUS proxy for each customer 

Answer:


Q129. DRAG DROP - (Topic 4) 

You need to recommend a solution for managing Windows Azure. 

Which three actions should you recommend performing in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order. 

Answer: 


Q130. - (Topic 8) 

You need to recommend a solution that meets the security requirements for Group1. 

To which System Center 2012 Virtual Machine Manager (VMM) group should you assign Group1? 

A. Delegated Administrator 

B. Administrators 

C. Self-Service User 

D. Read-Only Administrator 

Answer: