What should you include in the recommendation?
###BeginCaseStudy###
Case Study: 7
Woodgrove Bank
Company Overview
Woodgrove Bank is an international investment banking institution. Woodgrove Bank has a partner
company named Contoso, Ltd.
Physical Location
Woodgrove Bank has a main office and 10 branch office. Each branch office has a WAN link to the
main office.
Existing Environment
Active Directory Environment
The Woodgrove Bank network contains an Active Directory forest named woodgrovebank.com. The
forest contains multiple domains and one Active Directory site. The functional level of the forest is
Windows Server 2003.
Each office has domain controllers for the forest root domain. Each office also contains domain
controllers for at least one other domain.
The Contoso network contains an Active Directory forest. The forest contains one domain named
contoso.com. The functional level of the domain is Windows Server 2003.
Network Infrastructure
The woodgrove Bank network contains the following applications and servers:
• A line-of-business application named App1.
• Servers that run either Windows Server 2003 or Windows Server 2008.
• Domain controllers in the main office run Windows Server 2003.
• An enterprise root certification authority (CA) that runs Windows Server 2003. The
certificate revocation list (CRL) is published to an internal Web site.
All client computers in the contoso.com run a 64-bit version of Windows 7.
Security Model
Users in Woodgrove Bank’s research department are required to use smart card authenticate to log
on to the network.
Requirements
Planned Changes
Woodgrove Bank plans to implement the following changes:
• Provide Contoso users access to App1.
• Deploy a satellite office that will have one domain controller.
• Provide users in both companies access to the resources in either forest by using a single set
of credentials.
• Implement e-mail notification for department managers when new versions of shared
documents are saved to a network location.
Technical Requirements
All users in the planned satellite office must always attempt to authenticate to their local domain
controller first.
Security Requirements
• Woodgrove Bank must meet the following security requirements:
• Server in contoso.com must be able to trust certificates issued by the CA of
woodgrovebank.com.
• App1 must only be available to Contoso users when the users are connected to the
Woodgrove Bank network.
• Users in contoso.com must be able to automatically enroll for certificates from the CA of
Woodgrove Bank.
• Internal auditors must have full administrative rights on all client computers in the finance
department.
• Only client computers that have Microsoft Forefront EndPoint Protection installed must be
able to remotely connect to the Woodgrove Bank network.
###EndCaseStudy###
You are evaluating the deployment of a domain controller in the planned satellite office.
You need to recommend changes to the physical topology of Active Directory that meet the
company’s technical requirements.
What should you include in the recommendation?
Which Diskpart command should you run?
Your network contains a server named Server1 that runs Windows Server 2008 R2 Service Pack 1
(SP1). Server1 contains two dynamic disks named Disk1 and Disk2. Disk1 has a volume that contains
critical dat a. Disk2 does not contain a volume. You need to create a mirror of the volume on Disk1.
Which Diskpart command should you run?
What should you recommend?
###BeginCaseStudy###
Case Study: 7
Woodgrove Bank
Company Overview
Woodgrove Bank is an international investment banking institution. Woodgrove Bank has a partner
company named Contoso, Ltd.
Physical Location
Woodgrove Bank has a main office and 10 branch office. Each branch office has a WAN link to the
main office.
Existing Environment
Active Directory Environment
The Woodgrove Bank network contains an Active Directory forest named woodgrovebank.com. The
forest contains multiple domains and one Active Directory site. The functional level of the forest is
Windows Server 2003.
Each office has domain controllers for the forest root domain. Each office also contains domain
controllers for at least one other domain.
The Contoso network contains an Active Directory forest. The forest contains one domain named
contoso.com. The functional level of the domain is Windows Server 2003.
Network Infrastructure
The woodgrove Bank network contains the following applications and servers:
• A line-of-business application named App1.
• Servers that run either Windows Server 2003 or Windows Server 2008.
• Domain controllers in the main office run Windows Server 2003.
• An enterprise root certification authority (CA) that runs Windows Server 2003. The
certificate revocation list (CRL) is published to an internal Web site.
All client computers in the contoso.com run a 64-bit version of Windows 7.
Security Model
Users in Woodgrove Bank’s research department are required to use smart card authenticate to log
on to the network.
Requirements
Planned Changes
Woodgrove Bank plans to implement the following changes:
• Provide Contoso users access to App1.
• Deploy a satellite office that will have one domain controller.
• Provide users in both companies access to the resources in either forest by using a single set
of credentials.
• Implement e-mail notification for department managers when new versions of shared
documents are saved to a network location.
Technical Requirements
All users in the planned satellite office must always attempt to authenticate to their local domain
controller first.
Security Requirements
• Woodgrove Bank must meet the following security requirements:
• Server in contoso.com must be able to trust certificates issued by the CA of
woodgrovebank.com.
• App1 must only be available to Contoso users when the users are connected to the
Woodgrove Bank network.
• Users in contoso.com must be able to automatically enroll for certificates from the CA of
Woodgrove Bank.
• Internal auditors must have full administrative rights on all client computers in the finance
department.
• Only client computers that have Microsoft Forefront EndPoint Protection installed must be
able to remotely connect to the Woodgrove Bank network.
###EndCaseStudy###
You are evaluating implementing a high-availability solution for smart card authentication.
You need to recommend changes to the network infrastructure to ensure that all research
department users can log on if a single server fails.
What should you recommend?
You need to ensure that you can access files on the Hyper-V server from the VM
A server that runs Windows Server 2008 R2 has the Hyper-V server role installed. You create a new
virtual machine (VM) and perform an installation of Windows Server 2003 on the VM. You need to
ensure that you can access files on the Hyper-V server from the VM. You must also prevent access to
the external network from the VM. What should you do?
Which two actions should you perform?
Your network contains a server named Server2 that runs Windows Server 2008 R2 Service Pack 1
(SP1). Server2 has the Hyper-V server role installed. The disks on Server2 are configured as shown in
the exhibit. (Click the Exhibit button.)
You create a new virtual machine (VM) named VM1. You plan to install Windows Server 2008 R2 SP1
on VM1. You need to configure Disk 2 on Server2 as the system drive of VM1. Which two actions
should you perform? (Each correct answer presents part of the solution. Choose two.)
What should you include in the recommendation?
###BeginCaseStudy###
Case Study: 7
Woodgrove Bank
Company Overview
Woodgrove Bank is an international investment banking institution. Woodgrove Bank has a partner
company named Contoso, Ltd.
Physical Location
Woodgrove Bank has a main office and 10 branch office. Each branch office has a WAN link to the
main office.
Existing Environment
Active Directory Environment
The Woodgrove Bank network contains an Active Directory forest named woodgrovebank.com. The
forest contains multiple domains and one Active Directory site. The functional level of the forest is
Windows Server 2003.
Each office has domain controllers for the forest root domain. Each office also contains domain
controllers for at least one other domain.
The Contoso network contains an Active Directory forest. The forest contains one domain named
contoso.com. The functional level of the domain is Windows Server 2003.
Network Infrastructure
The woodgrove Bank network contains the following applications and servers:
• A line-of-business application named App1.
• Servers that run either Windows Server 2003 or Windows Server 2008.
• Domain controllers in the main office run Windows Server 2003.
• An enterprise root certification authority (CA) that runs Windows Server 2003. The
certificate revocation list (CRL) is published to an internal Web site.
All client computers in the contoso.com run a 64-bit version of Windows 7.
Security Model
Users in Woodgrove Bank’s research department are required to use smart card authenticate to log
on to the network.
Requirements
Planned Changes
Woodgrove Bank plans to implement the following changes:
• Provide Contoso users access to App1.
• Deploy a satellite office that will have one domain controller.
• Provide users in both companies access to the resources in either forest by using a single set
of credentials.
• Implement e-mail notification for department managers when new versions of shared
documents are saved to a network location.
Technical Requirements
All users in the planned satellite office must always attempt to authenticate to their local domain
controller first.
Security Requirements
• Woodgrove Bank must meet the following security requirements:
• Server in contoso.com must be able to trust certificates issued by the CA of
woodgrovebank.com.
• App1 must only be available to Contoso users when the users are connected to the
Woodgrove Bank network.
• Users in contoso.com must be able to automatically enroll for certificates from the CA of
Woodgrove Bank.
• Internal auditors must have full administrative rights on all client computers in the finance
department.
• Only client computers that have Microsoft Forefront EndPoint Protection installed must be
able to remotely connect to the Woodgrove Bank network.
###EndCaseStudy###
You need to recommend a document management solution that supports the company’s planned
changes for the department managers.
What should you include in the recommendation?
You need to prevent users from being prompted for credentials when they run Appl
Your network contains an Active Directory domain named contoso.com. You publish a RemoteApp
named Appl. The Remote Desktop Connection (.rdp) file for App1 is unsigned. When a user named
User1 runs App1 from the Remote Desktop Web Access (RD Web Access) website, User1 is
prompted for credentials. You need to prevent users from being prompted for credentials when they
run Appl. What should you do?
You need to ensure that all of the RD Session Host servers use Per User licensing mode
Your network contains an Active Directory domain named contoso.com. The domain contains five
Remote Desktop Session Host (RD Session Host) servers and one Remote Desktop license server. You
need to ensure that all of the RD Session Host servers use Per User licensing mode. What should you
do? (Each correct answer presents a complete solution. Choose two.)
What should you include in the recommendation?
###BeginCaseStudy###
Case Study: 7
Woodgrove Bank
Company Overview
Woodgrove Bank is an international investment banking institution. Woodgrove Bank has a partner
company named Contoso, Ltd.
Physical Location
Woodgrove Bank has a main office and 10 branch office. Each branch office has a WAN link to the
main office.
Existing Environment
Active Directory Environment
The Woodgrove Bank network contains an Active Directory forest named woodgrovebank.com. The
forest contains multiple domains and one Active Directory site. The functional level of the forest is
Windows Server 2003.
Each office has domain controllers for the forest root domain. Each office also contains domain
controllers for at least one other domain.
The Contoso network contains an Active Directory forest. The forest contains one domain named
contoso.com. The functional level of the domain is Windows Server 2003.
Network Infrastructure
The woodgrove Bank network contains the following applications and servers:
• A line-of-business application named App1.
• Servers that run either Windows Server 2003 or Windows Server 2008.
• Domain controllers in the main office run Windows Server 2003.
• An enterprise root certification authority (CA) that runs Windows Server 2003. The
certificate revocation list (CRL) is published to an internal Web site.
All client computers in the contoso.com run a 64-bit version of Windows 7.
Security Model
Users in Woodgrove Bank’s research department are required to use smart card authenticate to log
on to the network.
Requirements
Planned Changes
Woodgrove Bank plans to implement the following changes:
• Provide Contoso users access to App1.
• Deploy a satellite office that will have one domain controller.
• Provide users in both companies access to the resources in either forest by using a single set
of credentials.
• Implement e-mail notification for department managers when new versions of shared
documents are saved to a network location.
Technical Requirements
All users in the planned satellite office must always attempt to authenticate to their local domain
controller first.
Security Requirements
• Woodgrove Bank must meet the following security requirements:
• Server in contoso.com must be able to trust certificates issued by the CA of
woodgrovebank.com.
• App1 must only be available to Contoso users when the users are connected to the
Woodgrove Bank network.
• Users in contoso.com must be able to automatically enroll for certificates from the CA of
Woodgrove Bank.
• Internal auditors must have full administrative rights on all client computers in the finance
department.
• Only client computers that have Microsoft Forefront EndPoint Protection installed must be
able to remotely connect to the Woodgrove Bank network.
###EndCaseStudy###
You are evaluating implementing a solution for the internal auditors.
You need to recommend a solution to delegate the appropriate rights to the auditors.
What should you include in the recommendation?
You need to ensure that the message does not appear on the desktop
Your network contains an Active Directory domain. The domain contains a Key Management Service
(KMS) host. The network has a perimeter network and an internal network. The network contains
1,000 client computers. All of the client computers receive their IP address from a DHCP server. You
deploy a new server named Server1 by using a corporate image of Windows Server 2008 R2 Service
Pack 1 (SP1). You configure Server1 as a member of a workgroup. You move Server1 to the
perimeter network and you configure Server1 to use an external DNS server. Six months later, when
you log on to Server1, you discover a message on the lower-right corner of the desktop as shown in
the exhibit. (Click the Exhibit button.)
You need to ensure that the message does not appear on the desktop. What should you do?