Which tool should you use?
You have a failover cluster named Cluster1 that contains four nodes. All of the nodes run Windows
Server 2012 R2.
You need to force every node in Cluster1 to contact immediately the Windows Server Update
Services (WSUS) server on your network for updates.
Which tool should you use?
To answer, complete each statement according to the information presented in the exhibit.
HOTSPOT
Your network contains two Web servers named Server1 and Server2. Both servers run Windows
Server 2012 R2.
Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains
an application named App1 that is accessed by using the name appl.contoso.com.
The NLB cluster has the port rules configured as shown in the exhibit. (Click the Exhibit button.)
To answer, complete each statement according to the information presented in the exhibit. Each
correct selection is worth one point.
What command should you run first?
HOTSPOT
Your network contains an Active Directory domain named contoso.com.
You install the IP Address Management (IPAM) Server feature on a server named Server1 and select
Manual as the provisioning method.
The IPAM database is located on a server named SQL1.
You need to configure IPAM to use Group Policy Based provisioning.
What command should you run first?
To answer, select the appropriate options in the answer area.
Which cmdlet should you run?
Your network contains an Active Directory domain named contoso.com. The domain contains an IP
Address Management (IPAM) server that uses a Windows Internal Database.
You install a Microsoft SQL Server 2012 instance on a new server.
You need to migrate the IPAM database to the SQL Server instance.
Which cmdlet should you run?
Which type of trust policy should you create?
Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights
Management Services server role installed.
Your company works with a partner organization that does not have its own Active Directory Rights
Management Services (AD RMS) implementation.
You need to create a trust policy for the partner organization.
The solution must meet the following requirements:
Grant users in the partner organization access to protected content.
Provide users in the partner organization with the ability to create protected content.
Which type of trust policy should you create?
Which two actions should you perform?
Your network contains an Active Directory domain named contoso.com. The domain contains a
certification authority (CA).
You suspect that a certificate issued to a Web server is compromised.
You need to minimize the likelihood that users will trust the compromised certificate.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose
two.)
You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory Certifica
Your network contains an Active Directory domain named adatum.com. The domain contains a
server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate
Services server role installed and is configured to support key archival and recovery.
You need to ensure that a user named User1 can decrypt private keys archived in the Active
Directory Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the
private keys from the AD CS database.
What should you do?
Which two actions should you perform?
Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2.
Server1 is an enterprise root certification authority (CA) for contoso.com.
You need to ensure that the members of a group named Group1 can request code signing
certificates. The certificates must be issued automatically to the members.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
What should you configure?
Your network contains an Active Directory domain named adatum.com. The domain contains a file
server named FS1 that runs Windows Server 2012 R2 and has the File Server Resource Manager role
service installed. All client computers run Windows 8.
File classification and Access-Denied Assistance are enabled on FS1.
You need to ensure that if users receive an Access Denied message, they can request assistance by
email from the Access Denied dialog box.
What should you configure?
Which attribute should you modify?
HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains two
Active Directory sites named Site1 and Site2.
You discover that when the account of a user in Site1 is locked out, the user can still log on to the
servers in Site2 for up to 15 minutes by using Remote Desktop Services (RDS).
You need to reduce the amount of time it takes to synchronize account lockout information across
the domain.
Which attribute should you modify?
To answer, select the appropriate attribute in the answer area.
