Your network consists of one Active Directory domain that contains two servers that run Windows Server 2008 named Server1 and Server2.
Server1 runs Active Directory Certificate Services (AD CS) and is configured as a certification authority (CA).
Server2 runs Internet Information Services (IIS) and hosts a secure Web service.
External users must subscribe in order to access the Web service.
The Web service accepts subscriptions only from client computers that run Windows XP Service Pack 2 or Windows Vista.
The relevant portion of the network is configured as shown in the following diagram:
You need to ensure that subscribers can successfully connect to the Web service on Server2 through HTTPS.
Users must not receive any certificate-related errors.
What should you do on Server2?

You network contains one Active Directory domain.
All domain controllers run Windows Server 2008.
The network has 100 servers and 5,000 client computers. Client computers run either Windows XP Service Pack 2 (SP2) or Windows Vista Service Pack 1 (SP1).
You need to plan the deployment of Certificate Services on the network to support the following requirements:
– Automatic certificate enrollment
– Supported certificates for all client computers
What should you include in your plan?

Your network consists of one Active Directory domain and one IP subnet. All servers run Windows Server 2008. All client computers run Windows Vista.
The servers are configured as shown in the following table:
All network switches used for client connections are unmanaged. Some users connect to the local area network (LAN) from client computers that are joined to a workgroup. Some client computers do not have the latest Microsoft updates installed.
You need to recommend a Network Access Protection (NAP) solution to protect the network.
The solution must meet the following requirements:
– Only computers that are joined to the domain must be able to connect to servers in the domain.
– Only computers that have the latest Microsoft updates installed must be able to connect to servers in the domain.
exhibit Which NAP enforcement method should you use?

Your company has two main offices in Denver and Chicago and four branch offices in New York, Miami, Seattle, and San Francisco.
Each office is configured as an Active Directory site. Site links are configured as shown in the exhibit.
The network consists of one Active Directory forest.
All domain controllers run Windows Server 2003.
Each main office has four domain controllers. Each branch office has one domain controller. The Bridge all site links option is disabled.
You need to prepare the environment to install a read-only domain controller (RODC) in each branch office. The solution must be achieved by upgrading the minimum number of domain controllers.
What should you do?
Exhibit:

Your network consists of two Active Directory forests. The Active Directory forests are configured as shown in the following table:
The servers in both forests run Windows Server 2008.
A forest trust exists between the fabrikam.com forest and the contoso.com forest.
Fabrikam.com has a server named server1.fabrikam.com.
Contoso.com has a global group named ContosoSales.
Users in the ContosoSales global group access an application on server1.fabrikam.com.
You discover that users from other groups in the contoso.com domain can log on to servers in the fabrikam.com domain.
You need to implement an authentication solution to meet the following requirements:
– Users in the ContosoSales global group must be able to access server1.fabrikam.com.
– Users in the ContosoSales global group must be denied access to all other servers in the fabrikam.com forest.
– All other users in the contoso.com domain must be able to access only resources in the contoso.com forest.
exhibit What should you do?

Your network consists of two Active Directory forests.
The Active Directory forests are configured as shown in the following table:
You need to prepare the environment to allow users to access resources in all domains from both forests. The solution must require the minimum amount of administrative effort.
exhibit What should you do first?

Your network consists of one Active directory domain.
The functional level of the domain is Windows Server 2008.
The organizational units (OUs) are configured as shown in the exhibit.
The Human Resources OU does not contain user accounts. Help desk technicians respond to all user service requests.
You need to plan the management of all users on the network.
The solution must meet the following requirements:
– Help desk technicians must have only the minimum number of required rights in the domain.
– Help desk technicians must be able to reset all user passwords except IT administrator passwords and manager passwords.
What should you include in your plan?
Exhibit:

Your network consists of one Active Directory domain.
The functional level of the forest is Windows Server 2003.
All domain controllers run Windows Server 2003.
The relevant portion of the network is configured as shown in the exhibit.
The Bridge all site links option is enabled.
You need to ensure that domain controllers in the spoke sites can replicate with domain controllers in only the hub sites. The solution must ensure that domain controllers can replicate if a server fails in one of the hub sites.
What should you do?
Exhibit:

Your network consists of one Active Directory domain. The domain contains servers that run Windows Server 2008.
The relevant servers are configured as shown in the following table:
All client computers run Windows Vista.
Remote users connect to the network from the Internet by using virtual private network (VPN) connections.
You plan to enable remote users to run Terminal Services RemoteApp (TS RemoteApp) applications on Server2.
You need to prepare the environment to provide users access to the applications. The solution must provide a custom Web page that contains shortcuts to authorized applications for each user.
exhibit What should you do?

Your network consists of one Active Directory domain. The domain contains servers that run Windows Server 2008.
The servers are configured as shown in the following table:
Server2 and Server3 are configured as RADIUS clients.
You need to plan a solution to manage all VPN connections to the network.
The solution must meet the following requirements:
– Specify the allowed VPN connection protocols.
– Specify the allowed VPN client authentication mechanisms.
– Specify VPN client access rights based on group membership.
exhibit What should you include in your plan?