You need to reduce the number of authentication requests client computers send to the new domain controller
Your network consists of one Active Directory domain.
You have a single site. You deploy a new Active Directory-integrated application on a server that runs Windows Server 2008.
The application sends a large number of LDAP queries to the domain controllers.
You plan to install a new domain controller to respond to the LDAP queries.
You need to reduce the number of authentication requests client computers send to the new domain controller.
What should you do?
You need to prepare the environment for the installation of the RODC
Your network consists of one Active Directory forest that contains two domains named domain1 and domain2.
The functional level of the forest is Windows Server 2003.
All domain controllers run Windows Server 2003.
The relevant portion of the network is configured as shown in the exhibit.
All domain controllers for domain1 are in the hub sites.
All domain controllers for domain2 are in the spoke sites.
The Bridge all site links option is disabled.
You plan to deploy a read-only domain controller (RODC) in SiteH for domain2.
You need to prepare the environment for the installation of the RODC.
What should you do?
Exhibit:
You need to deploy a GPO strategy to meet the following requirements:
Your company has three offices. Each office is configured as an Active Directory site.
The network consists of one Active directory domain.
All domain controllers run Windows Server 2008.
The company has five departments.
You use a domain-level Group Policy object (GPO) to install Microsoft Office on all client computers.
You need to deploy a GPO strategy to meet the following requirements:
– Install a custom application in one of the departments.
– Restrict access to removable storage devices for all users.
– Implement separate Windows Internet Explorer proxy settings for each physical location.
– The strategy must maintain all settings applied by the existing GPOs.
What should you do?
Which migration strategy should you recommend?
Your company has two main offices located in two countries and multiple branch offices in each country.
The wide area network (WAN) link between the offices has restricted and limited connectivity.
The network consists of two Active Directory forests.
The functional level of the forests is Windows 2000 Server.
Each forest includes a root domain and four child domains.
All resources for each forest are located only in a single country.
You plan to deploy Active Directory Domain Services (AD DS). The AD DS deployment must support the following requirements:
– Replication traffic between the main offices must be minimized.
– Users in all offices must be able to access resources in all other offices.
– The solution must use the minimum amount of domains.
Which migration strategy should you recommend?
You need to provide the UNIX-based client computers access to the file servers
Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008.
You have file servers that run Windows Server 2008.
Client computers run Windows Vista and UNIX-based operating systems.
All users have both Active Directory user accounts and UNIX realm user accounts.
Both environments follow identical user naming conventions.
You need to provide the UNIX-based client computers access to the file servers.
The solution must meet the following requirements:
– Users must only log on once to access all resources.
– No additional client software must be installed on UNIX-based client computers.
What should you do?
What should you recommend?
Your network consists of one Active Directory domain that contains two servers named Server1 and Server2 that run Windows Server 2008.
Server1 runs Active Directory Certificate Services (AD CS) and is configured as an enterprise root certification authority (CA).
Server1 is only accessible from the internal network.
Server1 issues certificates to both internal and external client computers that run Windows Vista.
Server2 is configured as a Web server. Server2 is located in the perimeter network and is only accessible through HTTP.
The network is configured as shown in the following diagram:
You need to recommend an e-mail security solution for all Windows Vista client computers that meets the following requirements:
– Users must only request status information for individual certificates.
– Users must be notified when they attempt to send a secure e-mail message to a user that has an expired certificate.
What should you recommend?
You need to ensure that subscribers can successfully connect to the Web service on Server2 through HTTPS
Your network consists of one Active Directory domain that contains two servers that run Windows Server 2008 named Server1 and Server2.
Server1 runs Active Directory Certificate Services (AD CS) and is configured as a certification authority (CA).
Server2 runs Internet Information Services (IIS) and hosts a secure Web service.
External users must subscribe in order to access the Web service.
The Web service accepts subscriptions only from client computers that run Windows XP Service Pack 2 or Windows Vista.
The relevant portion of the network is configured as shown in the following diagram:
You need to ensure that subscribers can successfully connect to the Web service on Server2 through HTTPS.
Users must not receive any certificate-related errors.
What should you do on Server2?
You need to implement a security solution for the branch offices to meet the following requirements:
Your company has one main office and eight branch offices. Each branch office has one server and 20 client computers.
The network consists of one Active Directory domain. All main office domain controllers run Windows Server 2008.
All branch office servers are configured as domain controllers and run Windows Server 2003 Service Pack 1 (SP1).
You need to implement a security solution for the branch offices to meet the following requirements:
– The number of user passwords stored on branch office domain controllers must be minimized.
– All files stored on the branch office domain controller must be protected in the event of an offline attack.
What should you do?
What should you include in your plan?
Your company has one main office and five new branch offices.
The branch offices are connected to the main office across slow network links.
The network consists of one Active Directory domain. All domain controllers run Windows Server 2008.
Each office has a local server administrator.
You need to plan for the implementation of Windows Server 2008 domain controllers in each branch office. The solution must minimize the amount of network bandwidth used during the initial replication.
What should you include in your plan?
What should you include in your plan?
You network contains one Active Directory domain.
All domain controllers run Windows Server 2008.
The network has 100 servers and 5,000 client computers. Client computers run either Windows XP Service Pack 2 (SP2) or Windows Vista Service Pack 1 (SP1).
You need to plan the deployment of Certificate Services on the network to support the following requirements:
– Automatic certificate enrollment
– Supported certificates for all client computers
What should you include in your plan?