[Free] 2018(Aug) Dumps4cert Microsoft 70-980 Dumps with VCE and PDF Download 331-340

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Aug Microsoft Official New Released 70-980
100% Free Download! 100% Pass Guaranteed!

Recertification for MCSE: Server Infrastructure

Question No: 331 – (Topic 18)

Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.

Dumps4Cert 2018 PDF and VCE

All client computers run either Windows 7 or Windows 8.

The corporate security policy states that all of the client computers must have the latest security updates installed.

You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.

Which Network Access Protection (NAP) enforcement method should you implement?

  1. VPN

  2. DHCP

  3. IPsec

D. 802.1x

Answer: D Explanation:

The most common method of the list is 802.1x for a variety of reasons. First, the industry has been selling 802.1x network authentication for the last 10 years. 1x gained tremendous popularity as wireless networking became prevalent in the late 90#39;s and early 2000#39;s and has been proven to be a viable solution to identifying assets and users on your network.

For customers that have invested in 802.1x capable switches and access points, NAP can very easily be implemented to complement what is already in place. The Network Policy Server (NPS) role

Windows Server 2008 has been dramatically improved to make 802.1x policy creation much simpler to do.

Reference: Network Access Protection Using 802.1x VLAN’s or Port ACLs – Which is right for you?

http://blogs.technet.com/b/wincat/archive/2008/08/19/network-access-protection-using-802- 1x-vlan-s-or-port-acls-which-is-right-for-you.aspx

Question No: 332 DRAG DROP – (Topic 18)

You manage a Network Policy Server (NPS) infrastructure that contains four servers named NPSPRX01, NPS01, NPS02, and NPS03. All servers run Microsoft Windows Server 2012 R2. NPSPRX01 is configured as an NPS proxy. NPS01, NPS02, and NPS03 are members of a remote RADIUS server group named GR01. GR01 is configured as shown below:

Dumps4Cert 2018 PDF and VCE

You need to ensure that authentication requests are identified even when a server is unavailable.

If a given server is unavailable, which percentage of authentication requests will another

server manage? To answer, drag the appropriate value to the correct scenario. Each value may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

Dumps4Cert 2018 PDF and VCE

Answer:

Dumps4Cert 2018 PDF and VCE

Explanation:

Box 1: 95%

Box 2: 5%

Box 3: 0%

Box 4: 0%

Note:

* From the exhibit we have: NPS01: weight 30, priority: 5

NPS02: weight 50, priority: 90

NPS03: weight 20, priority: 5

Box 3: If NPS03 is unavailable it cannot handle any requests.Box 4: NPS04 is not mentioned in this question.

  • Priority. Priority specifies the order of importance of the RADIUS server to the NPS proxy server. Priority level must be assigned a value that is an integer, such as 1, 2, or 3. The lower the number, the higher priority the NPS proxy gives to the RADIUS server. For example, if the RADIUS server is assigned the highest priority of 1, the NPS proxy sends

    connection requests to the RADIUS server first; if servers with priority 1 are not available, NPS then sends connection requests to RADIUS servers with priority 2, and so on. You can assign the same priority to multiple RADIUS servers, and then use the Weight setting to load balance between them.

  • Weight. NPS uses this Weight setting to determine how many connection requests to send to each group member when the group members have the same priority level. Weight setting must be assigned a value between 1 and 100, and the value represents a percentage of 100 percent. For example, if the remote RADIUS server group contains two members that both have a priority level of 1 and a weight rating of 50, the NPS proxy forwards 50 percent of the connection requests to each RADIUS server.

Question No: 333 DRAG DROP – (Topic 18)

Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2008 R2.

You plan to replace the domain controllers with new servers that run Windows Server 2012. The new servers will be named DC3 and DC4.

You need to recommend a strategy to replace DC1 and DC2 with DC3 and DC4. The solution must minimize the amount of disruption to the users.

Which three actions should you recommend?

To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.

Dumps4Cert 2018 PDF and VCE

Answer:

Dumps4Cert 2018 PDF and VCE

Explanation:

Box 1: Install the Active Directory Domain Services role on DC3 and DC4. Box 2: Run the AD Services Config Wizard on DC3 and DC4.

Box 3: dcpromo on DC1 and DC2.

  • Step 1-2:

    AD DS can be installed in Windows Server 2012 by using the Add Roles Wizard in Server Manager, followed by the Active Directory Domain Services Configuration Wizard, which is new beginning in Windows Server 2012.

    *Step 3: dcpromo

    Installs and removes Active Directory Domain Services (AD DS). In this case we want to remove AD DS from DC1 and DC2.

    Question No: 334 – (Topic 18)

    Your network contains an Active Directory forest named contoso.com. The forest contains five domains. You need to ensure that the CountryCode attribute is replicated to the global catalog.

    What should you do?

    1. Modify the schema partition.

    2. Create and modify an application partition.

    3. Modify the configuration partition.

    4. Modify the domain partitions.

    Answer: A

    Explanation: After an attributeSchema object is created, marking an additional attribute to

    replicate to the Global Catalog causes a full replication (also known as a quot;full syncquot;) of all objects to the Global Catalog.

    Reference: How to Modify Attributes That Replicate to the Global Catalog https://support.microsoft.com/en-us/kb/248717

    Question No: 335 – (Topic 18)

    Your company has a main office and a branch office.

    The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.

    Dumps4Cert 2018 PDF and VCE

    The domain contains two global groups. The groups are configured as shown in the following table.

    Dumps4Cert 2018 PDF and VCE

    You need to ensure that the RODC is configured to meet the following requirements:

    -> Cache passwords for all of the members of Branch1Users.

    -> Prevent the caching of passwords for the members of Helpdesk.

    What should you do?

    1. Modify the membership of the Denied RODC Password Replication group.

    2. Install the BranchCache feature on RODC1.

    3. Modify the delegation settings of RODC1.

    4. Create a Password Settings object (PSO) for the Helpdesk group.

    Answer: A

    Explanation: Password Replication Policy Allowed and Denied lists

    Two new built-in groups are introduced in Windows Server 2008 Active Directory domains to support RODC operations. These are the Allowed RODC Password Replication Group and Denied RODC Password Replication Group.

    These groups help implement a default Allowed List and Denied List for the RODC Password Replication Policy. By default, the two groups are respectively added to the msDS-RevealOnDemandGroup and msDS-NeverRevealGroup Active Directory attributes.

    Reference: Password Replication Policy https://technet.microsoft.com/en-us/library/cc730883(v=ws.10).aspx

    Question No: 336 DRAG DROP – (Topic 18)

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 resides in the perimeter network and has the Remote Access server role installed.

    Some users have laptop computers that run Windows 7 and are joined to the domain. Some users work from home by using their home computers. The home computers run either Windows XP, Windows Vista/ Windows 7, or Windows 8.

    You need to configure the computers for remote access. Which three actions should you perform?

    To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

    Dumps4Cert 2018 PDF and VCE

    Answer:

    Dumps4Cert 2018 PDF and VCE

    Explanation:

    Dumps4Cert 2018 PDF and VCE

    Box 1: Installing CMAK

    CMAK is an optional component that is not installed by default. You must install CMAK to create connection profiles that your users can install to access remote networks.

    Box 2: The Connection Manager Administration Kit (CMAK) is a tool that you can use to customize the remote connection experience for users on your network by creating predefined connections to remote servers and networks. To create and customize a

    connection for your users, you use the CMAK wizard. Box 3: Distributing your completed connection profile

    Running the CMAK wizard produces a connection profile that is stored in an executable file. Running that file on a client computer equips that computer with everything needed to establish the network connection that you designed.

    Question No: 337 – (Topic 18)

    Your network contains an Active Directory domain named contoso.com.

    Your company plans to open a branch office. The branch office will have 10 client computers that run Windows 8 and at least one server that runs Windows Server 2012. The server will host

    BranchCache files and manage print queues for the network print devices in the branch office.

    You need to recommend a solution to ensure that the users in the branch office can print if the branch office server fails.

    What should you recommend?

    More than one answer choice may achieve the goal. Select the BEST answer.

    1. Printer pooling

    2. Branch Office Direct Printing

    3. A standby print server

    4. A print server cluster

    5. A secure Web Services on Devices (WSD) printer

    Answer: B Explanation:

    Branch Office Direct Printing can reduce Wide Area Network (WAN) usage by printing directly to a print device instead of a server print queue. This feature can be enabled or disabled on a per printer basis and is transparent to the user.

    This feature requires a print server running Windows Server 2012 and clients running Windows

    1. It is enabled by an administrator using the Print Management Console or Windows

      PowerShell on the server.

      Reference: Branch Office Direct Printing Overview https://technet.microsoft.com/en-us/library/jj134156.aspx

      Question No: 338 DRAG DROP – (Topic 18)

      Your network contains an Active Directoy domain named adatum.com. The domain contains a server named RAS1 that runs Windows Server 2012 and has the Remote Access Server role installed. RAS1 resides I the perimeter network.

      Some remote users have domain-joined computers and some remote users are in a workgroup. Remote users have computers that run either Windows XP or Windows 8.

      You need to configure the client computers for remote access.

      Which three actions should perform? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

      Dumps4Cert 2018 PDF and VCE

      Answer:

      Dumps4Cert 2018 PDF and VCE

      Question No: 339 – (Topic 18)

      You have a server named Server1 that runs Windows Server 2012. Server1 has the DNS Server role installed.

      You need to recommend changes to the DNS infrastructure to protect the cache from cache poisoning attacks.

      What should you configure on Server1?

      1. DNS cache locking

      2. The global query block list

      3. DNS Security Extensions (DNSSEC)

      4. DNS devolution

    Answer: A

    Explanation: Cache locking is a new feature available if your DNS server is running Windows Server 2008 R2. When you enable cache locking, the DNS server will not allow cached records to be overwritten for the duration of the time to live (TTL) value. Cache locking provides for enhanced security against cache poisoning attacks.

    Reference: DNS Cache Locking

    https://technet.microsoft.com/en-us/library/ee683892(v=ws.10).aspx

    Question No: 340 – (Topic 18)

    Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.

    Dumps4Cert 2018 PDF and VCE

    All client computers run either Windows 7 or Windows 8.

    Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.

    Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.

    Does this meet the goal?

    1. Yes

    2. No

    Answer: A

    Explanation: NAP supports a variety of what we call enforcement methods. In the NAP space, and enforcement method is simply a term that defines the way a machine connects to a network. In NAP, these are DHCP, 802.1x (wired or wireless), VPN, IPsec, or via a Terminal Services Gateway.

    100% Dumps4cert Free Download!
    70-980 PDF
    100% Dumps4cert Pass Guaranteed!
    70-980 Dumps

    Dumps4cert ExamCollection Testking
    Lowest Price Guarantee Yes No No
    Up-to-Dated Yes No No
    Real Questions Yes No No
    Explanation Yes No No
    PDF VCE Yes No No
    Free VCE Simulator Yes No No
    Instant Download Yes No No

Leave a Reply

Your email address will not be published. Required fields are marked *