Your network contains an Active Directory domain named contoso.com.
The corporate security policy states that when new user accounts, computer accounts, and
contacts are added to an organizational unit (OU) named Secure, the addition must be
audited.
You need to recommend an auditing solution to meet the security policy.
What should you include in the recommendation? (Each answer presents part of the
solution. Choose all that apply.)

You have a System Center 2012 R2 Configuration Manager deployment.
All users have client computers that run Windows 8.1. The users log on to their client
computer as standard users.
An application named App1 is deployed to the client computers by using System Center.
You need to recommend a solution to validate a registry key used by App1. If the registry
key has an incorrect value, the value must be changed. The registry key must be validated
every day. The solution must generate a report on non-compliant computers.
What is the best approach to achieve the goal? More than one answer choice may achieve
the goal. Select the BEST answer.

Your network contains 20 servers that run Windows Server 2012. The servers have the
Hyper-V server role installed.
You plan to deploy a management solution.
You need to recommend which Microsoft System Center 2012 roles must be deployed to
meet the following requirements:
An administrator must be notified when an incident occurs, such as a serious error in the
event log, on a Hyper-V host, or on a virtual machine.
An administrator must be able to assign an incident to a specific administrator for resolution.
An incident that remains unresolved for more than 10 hours must be escalated automatically
to another administrator.
Administrators must be able to generate reports that contain the details of incidents and
escalations.
Which System Center 2012 roles should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.

Your company has a main office and a branch office. Each office contains several hundred
computers that run Windows 2012.
You plan to deploy two Windows Server Update Services (WSUS) servers. The WSUS
servers will be configured as shown in the following table.

You need to implement the WSUS infrastructure to meet the following requirements:
All updates must be approved from a server in the main office.
All client computers must connect to a WSUS server in their local office.
What should you do? (Each correct answer presents part of the solution. Choose all that
apply.

Your company has a human resources department a finance department, a sales
department and an R&D department.
The company audits the access of documents that contain department-specific sensitive
information.
You are planning an administrative model for the departments to meet the following
requirements:
Provide R&D managers with the ability to back up all the files of their department only.
Provide finance managers with the ability to view the audit logs for the files of their
department only.
Provide human resources managers with the ability to view the audit logs for the files of their
department only.
Provide sales managers with the ability to modify the permissions on all the shared folders of
their department only.
You need to identify the minimum amount of file servers required on the network to meet the
requirements of each department.
How many file servers should you identify?

Your network contains an Active Directory domain named contoso.com. The network
contains two servers named Server1 and Server2.
You deploy Active Directory Certificate Services (AD CS). The certification authority (CA) is
configured as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that you can issue certificates based on certificate templates.
What should you do?

Your network contains an Active Directory forest named contoso.com.
Your company works with a partner company that has an Active Directory forest named
fabrikam.com. Both forests contain domain controllers that run only Windows Server 2012
R2.

The certification authority (CA) infrastructure of both companies is configured as shown in
the following table.

You need to recommend a certificate solution that meets the following requirements:
Server authentication certificates issued from fabrikam.com must be trusted automatically by
the computers in contoso.com.
The computers in contoso.com must not trust automatically any other type of certificates
issued from the CA hierarchy in fabrikam.com.
What should you include in the recommendation?

Your network contains an Active Directory domain named contoso.com.
Your company has an enterprise root certification authority (CA) named CA1.
You plan to deploy Active Directory Federation Services (AD FS) to a server named Server1.
The company purchases a Microsoft Office 365 subscription.
You plan to register the company’s SMTP domain for Office 365 and to configure single
sign-on for all users.
You need to identify which certificate or certificates are required for the planned deployment.
Which certificate or certificates should you identify? (Each correct answer presents a
complete solution. Choose all that apply.)

Your network contains five Active Directory forests.
You plan to protect the resources in one of the forests by using Active Directory Rights
Management Services (AD RMS).
Users in all of the forests will access the protected resources.
You need to identify the minimum number of AD RMS clusters required for the planned
deployment.
What should you identify?

Your network contains an Active Directory domain named contoso.com. The network
contains a perimeter network. The perimeter network and the internal network are separated
by a firewall.
On the perimeter network, you deploy a server named Server1 that runs Windows Server
2012.
You deploy Active Directory Certificate Services (AD CS).
Each user is issued a smart card.
Users report that when they work remotely, they are unable to renew their smart card
certificate.
You need to recommend a solution to ensure that the users can renew their smart card
certificate from the Internet.
What should you recommend implementing on Server1?
More than one answer choice may achieve the goal. Select the BEST answer.