Which two actions should you perform?
Your network contains an Active Directory forest named contoso.com. The forest contains
two domains named contoso.com and childl.contoso.com. The domains contain three
domain controllers.
The domain controllers are configured as shown in the following table.
You need to ensure that the KDC support for claims, compound authentication, and kerberos
armoring setting is enforced in the child1.contoso.com domain.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
Which two IP addresses should you identify?
###BeginCaseStudy###
Case Study: 1
Fabrikam, Inc
Overview
General Overview
Fabrikam, Inc., is a plastics manufacturer.
Fabrikam has an Exchange Server organization that contains only servers that have
Exchange Server 2013 installed.
Physical Locations
Fabrikam has two main offices. The main offices are located in Tampa and
Charlotte. The company has 8, 000 users in each office.
Existing Environment
Active Directory Environment
Fabrikam has an Active Directory forest that contains one domain named
fabrikam.com.
Each office is configured as an Active Directory site.
The network contains four subnets. The subnets are configured as shown in the
following table.
All of the traffic from Subnet1 is routable to Subnet3. All of the traffic from Subnet2 is
routable to Subnet4.
All client computers are on Subnet1 and Subnet3 only. Subnet 192.168.1.0/24 and
subnet
192.168.10.0/24 are assigned as the MAPI network.
The network contains four domain controllers. The domain controllers are configured
as shown in the following table.
Network Infrastructure
The network contains the following components:
Two 10-gigabits per second WAN links that connect the Tampa office and the
Charlotte office. The links have a latency of less than 15 ms.
One IP-PBX that is located in the Tampa office. The IP-PBX can use only
unencrypted communications.
An Internet connection in the Tampa office and an Internet connection the Charlotte
office.
Exchange Environment
The network contains six servers that have Exchange Server 2013 installed. The
servers are configured as shown in the following table.
The Exchange Server environment has the following configurations:
Two data loss prevention (DLP) policies named DLP_Finance and DLP_PII.
DLP_Finance is based on a template named Financial Data – U.S. DLP_PII is based
on a template named PII (U.S.).
A mailbox database named UM that hosts only Unified Messaging (UM)-enabled
mailboxes and is replicated between the Mailbox servers in the Tampa office only.
A database availability group (DAG) named DAG1 that contains EX2, EX3, EX5, and
EX6. DAG1 is configured to use DHCP to obtain an IP address.
A Send connector named Tampa SMTP that uses SMTP1 as a smart host. The cost
of the Tampa SMTP connector is 10.
Mailbox servers in the Tampa office that provide outbound SMTP services to the
Internet.
A UM dial plan named UM1.
An SMTP relay device named SMTP2 in the Charlotte office.
An SMTP relay device named SMTP1 in the Tampa office.
No client access services are published to the Internet.
Requirements
Exchange Server Issues
The current Exchange Server environment has the following issues:
Due to power failures, the Exchange servers unexpectedly fail, causing databases to
fail over. During the database failovers, the preferred database is not activated,
causing an unexpected distribution of active databases.
An IRM template named No Print or Screenshot is deployed, but the template fails to
prevent users from taking screenshots of email messages.
Technical Requirements
You identify the following technical requirements:
Assign a static IP address to DAG1.
Block all personally identifiable information (PII) data and financial data without
exception.
Prevent the forwarding of email messages sent by users who have a value of Legal
in their Department field.
Ensure that the members of a group named HR1 can search all of the mailboxes for
sensitive email content.
Use Information Rights Management (IRM) to protect all of the voice mails left for the
telephone number of the human resource (HR) department.
Implement an archiving policy that moves all of the email messages from the mailbox
folders to an Archive mailbox after 30 days and permanently deletes all of the email
messages after 365 days.
###EndCaseStudy###
You are evaluating the implementation of the planned static IP addresses for DAG1. You need to
identify the appropriate IP addresses for DAG1.
Which two IP addresses should you identify? (Each correct answer presents part of the solution.
Choose two.)
You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site
Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2. The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
You configure a user named User1 as a delegated administrator of DC10.
You need to ensure that User1 can log on to DC10 if the network link between the Main site
and the Branch site fails.
What should you do?
What should you configure?
HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain
contains two member servers named Server1 and Server2. All servers run Windows Server
2012 R2.
Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers
are configured as nodes in an NLB cluster named Cluster1. Both servers connect to the
same switch.
Cluster1 hosts a secure web Application named WebApp1. WebApp1 saves user state
information in a central database.
You need to ensure that the connections to WebApp1 are distributed evenly between the
nodes. The solution must minimize port flooding.
What should you configure? To answer, configure the appropriate affinity and the
appropriate mode for Cluster1 in the answer area.
You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office…
Your company has offices in Montreal, New York, and Amsterdam.
The network contains an Active Directory forest named contoso.com. An Active Directory
site exists for each office. All of the sites connect to each other by using the
DEFAULTIPSITE1INK site link.
You need to ensure that only between 20:00 and 08:00, the domain controllers in the
Montreal office replicate the Active Directory changes to the domain controllers in the
Amsterdam office.
The solution must ensure that the domain controllers in the Montreal and the New York
offices can replicate the Active Directory changes any time of day.
What should you do?
What should you include in the recommendation?
###BeginCaseStudy###
Case Study: 2
A)
Datum
Overview
General Overview
A)
Datum Corporation is a pet supply company that has stores across North
America.
A)
Datum has an Exchange Server 2007 organization. A. Datum plans to migrate to
Exchange Server 2013.
Physical Locations
A)
Datum has five locations. The locations are configured as shown in the following
table.
Existing Environment
Network Infrastructure
All of the locations connect to the each other by using a WAN link. The New York,
Toronto, and Chicago locations connect directly to the Internet.
All client computers run Windows 7 and Office 2010. All servers run Windows Server
2008.
Active Directory Environment
The network contains an Active Directory domain named adatum.local. Adatum.local
is the corporate domain based in the United States. The network contains a domain
named
Canada.adatum.local. Canada.adatum.local is the domain for the stores in Canada.
Each location is configured as an Active Directory site.
The forest functional level is Windows Server 2008.
The main office and both of the distribution centers each has two domain controllers
for their respective domain. All of the other locations have one domain controller for
their respective domain. All of the domain controllers are global catalog servers.
Exchange Infrastructure
The main office and the distribution centers each have three servers that have
Exchange Server 2007 installed.
The servers have the following configurations:
Two of the servers have cluster continuous replication (CCR) deployed
One of the servers has the Client Access server role and the Hub Transport server
role installed Each store contains a server that has Exchange Server 2007 installed.
Each server has mailboxes for active users and mailboxes for inactive users. Each
server has approximately 50 mailboxes.
Remote users access Outlook Web Access by using a namespace of
mail.adatum.com, which resolves to the Client Access server in the New York office.
Requirements
Planned Changes
The company plans to implement the following changes:
Migrate all of the mailboxes in the main office and the distribution centers to
Exchange Server 2013.
Integrate a new telephone system to the Exchange Server 2013 organization.
Deploy a standalone certification authority (CA) that will be used to issue all of the
certificates for the messaging infrastructure.
Technical Requirements
The company identifies the following technical requirements:
Hardware costs must be minimized whenever possible.
The impact on end users if a site fails must be minimized.
Voice mail traffic between the telephone system and the Exchange Server
environment must be encrypted.
Each user must be able to access the internal resources and their mailbox by using
a single user account.
Compliance Requirements
After a security review, the company identifies the following compliance
requirements for the new Exchange Server environment:
All administrative changes made to the mailboxes must be tracked.
The legal department must be able to search for messages in all of the mailboxes.
Users must be prevented from sending email during an upcoming statutory holiday.
All store managers must be prevented from permanently deleting email messages
from their Inbox.
All email messages must be archived for a minimum of five years to meet regulatory
requirements.
Management occasionally sends the staff internal memos that contain confidential
information, such as sales figures. The memos must be protected so that
unauthorized users cannot read the memos and internal users cannot forward the
memos to external recipients.
The users in the research department must be able to send email to anyone in the
organization, but only the members of a group named Execs must be able to send
email to the research users. All other users must be notified that email sent to the
research users will remain undelivered.
###EndCaseStudy###
You need to recommend a solution for the memos. The solution must meet the compliance
requirements.
What should you include in the recommendation?
Which ports should you identify?
###BeginCaseStudy###
Case Study: 1
Fabrikam, Inc
Overview
General Overview
Fabrikam, Inc., is a plastics manufacturer.
Fabrikam has an Exchange Server organization that contains only servers that have
Exchange Server 2013 installed.
Physical Locations
Fabrikam has two main offices. The main offices are located in Tampa and
Charlotte. The company has 8, 000 users in each office.
Existing Environment
Active Directory Environment
Fabrikam has an Active Directory forest that contains one domain named
fabrikam.com.
Each office is configured as an Active Directory site.
The network contains four subnets. The subnets are configured as shown in the
following table.
All of the traffic from Subnet1 is routable to Subnet3. All of the traffic from Subnet2 is
routable to Subnet4.
All client computers are on Subnet1 and Subnet3 only. Subnet 192.168.1.0/24 and
subnet
192.168.10.0/24 are assigned as the MAPI network.
The network contains four domain controllers. The domain controllers are configured
as shown in the following table.
Network Infrastructure
The network contains the following components:
Two 10-gigabits per second WAN links that connect the Tampa office and the
Charlotte office. The links have a latency of less than 15 ms.
One IP-PBX that is located in the Tampa office. The IP-PBX can use only
unencrypted communications.
An Internet connection in the Tampa office and an Internet connection the Charlotte
office.
Exchange Environment
The network contains six servers that have Exchange Server 2013 installed. The
servers are configured as shown in the following table.
The Exchange Server environment has the following configurations:
Two data loss prevention (DLP) policies named DLP_Finance and DLP_PII.
DLP_Finance is based on a template named Financial Data – U.S. DLP_PII is based
on a template named PII (U.S.).
A mailbox database named UM that hosts only Unified Messaging (UM)-enabled
mailboxes and is replicated between the Mailbox servers in the Tampa office only.
A database availability group (DAG) named DAG1 that contains EX2, EX3, EX5, and
EX6. DAG1 is configured to use DHCP to obtain an IP address.
A Send connector named Tampa SMTP that uses SMTP1 as a smart host. The cost
of the Tampa SMTP connector is 10.
Mailbox servers in the Tampa office that provide outbound SMTP services to the
Internet.
A UM dial plan named UM1.
An SMTP relay device named SMTP2 in the Charlotte office.
An SMTP relay device named SMTP1 in the Tampa office.
No client access services are published to the Internet.
Requirements
Exchange Server Issues
The current Exchange Server environment has the following issues:
Due to power failures, the Exchange servers unexpectedly fail, causing databases to
fail over. During the database failovers, the preferred database is not activated,
causing an unexpected distribution of active databases.
An IRM template named No Print or Screenshot is deployed, but the template fails to
prevent users from taking screenshots of email messages.
Technical Requirements
You identify the following technical requirements:
Assign a static IP address to DAG1.
Block all personally identifiable information (PII) data and financial data without
exception.
Prevent the forwarding of email messages sent by users who have a value of Legal
in their Department field.
Ensure that the members of a group named HR1 can search all of the mailboxes for
sensitive email content.
Use Information Rights Management (IRM) to protect all of the voice mails left for the
telephone number of the human resource (HR) department.
Implement an archiving policy that moves all of the email messages from the mailbox
folders to an Archive mailbox after 30 days and permanently deletes all of the email
messages after 365 days.
###EndCaseStudy###
DRAG DROP
The security department implements a new firewall between the IP-PBX system and the servers in
the Tampa office.
You discover that SIP sessions cannot be established between the IP-PBX and EX1.
You need to identify which ports must be opened between the IP-PBX and the Exchange Server 2013
servers.
Which ports should you identify?
To answer, drag the appropriate port or ports to the correct group of servers in the answer area.
Each port or ports may be used once, more than once, or not at all. Additionally, you may need to
drag the split bar between panes or scroll to view content.
You need to ensure that all new connections to App1 are directed to Server2
Your network contains two Web servers named Server1 and Server2. Both servers run
Windows Server 2012 R2.
Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster
contains an application named App1 that is accessed by using the URL
http://app1.contoso.com.
You plan to perform maintenance on Server1.
You need to ensure that all new connections to App1 are directed to Server2. The solution
must not disconnect the existing connections to Server1.
What should you run?
What should you include in the recommendation?
###BeginCaseStudy###
Case Study: 2
A)
Datum
Overview
General Overview
A)
Datum Corporation is a pet supply company that has stores across North
America.
A)
Datum has an Exchange Server 2007 organization. A. Datum plans to migrate to
Exchange Server 2013.
Physical Locations
A)
Datum has five locations. The locations are configured as shown in the following
table.
Existing Environment
Network Infrastructure
All of the locations connect to the each other by using a WAN link. The New York,
Toronto, and Chicago locations connect directly to the Internet.
All client computers run Windows 7 and Office 2010. All servers run Windows Server
2008.
Active Directory Environment
The network contains an Active Directory domain named adatum.local. Adatum.local
is the corporate domain based in the United States. The network contains a domain
named
Canada.adatum.local. Canada.adatum.local is the domain for the stores in Canada.
Each location is configured as an Active Directory site.
The forest functional level is Windows Server 2008.
The main office and both of the distribution centers each has two domain controllers
for their respective domain. All of the other locations have one domain controller for
their respective domain. All of the domain controllers are global catalog servers.
Exchange Infrastructure
The main office and the distribution centers each have three servers that have
Exchange Server 2007 installed.
The servers have the following configurations:
Two of the servers have cluster continuous replication (CCR) deployed
One of the servers has the Client Access server role and the Hub Transport server
role installed Each store contains a server that has Exchange Server 2007 installed.
Each server has mailboxes for active users and mailboxes for inactive users. Each
server has approximately 50 mailboxes.
Remote users access Outlook Web Access by using a namespace of
mail.adatum.com, which resolves to the Client Access server in the New York office.
Requirements
Planned Changes
The company plans to implement the following changes:
Migrate all of the mailboxes in the main office and the distribution centers to
Exchange Server 2013.
Integrate a new telephone system to the Exchange Server 2013 organization.
Deploy a standalone certification authority (CA) that will be used to issue all of the
certificates for the messaging infrastructure.
Technical Requirements
The company identifies the following technical requirements:
Hardware costs must be minimized whenever possible.
The impact on end users if a site fails must be minimized.
Voice mail traffic between the telephone system and the Exchange Server
environment must be encrypted.
Each user must be able to access the internal resources and their mailbox by using
a single user account.
Compliance Requirements
After a security review, the company identifies the following compliance
requirements for the new Exchange Server environment:
All administrative changes made to the mailboxes must be tracked.
The legal department must be able to search for messages in all of the mailboxes.
Users must be prevented from sending email during an upcoming statutory holiday.
All store managers must be prevented from permanently deleting email messages
from their Inbox.
All email messages must be archived for a minimum of five years to meet regulatory
requirements.
Management occasionally sends the staff internal memos that contain confidential
information, such as sales figures. The memos must be protected so that
unauthorized users cannot read the memos and internal users cannot forward the
memos to external recipients.
The users in the research department must be able to send email to anyone in the
organization, but only the members of a group named Execs must be able to send
email to the research users. All other users must be notified that email sent to the
research users will remain undelivered.
###EndCaseStudy###
You need to recommend a solution to meet the compliance requirement for the legal department.
What should you include in the recommendation?
You need to start all of the virtual machines on HV2
Your network contains two servers named HV1 and HV2. Both servers run Windows Server
2012 R2 and have the Hyper-V server role installed.
HV1 hosts 25 virtual machines. The virtual machine configuration files and the virtual hard
disks are stored in D:\VM.
You shut down all of the virtual machines on HV1.
You copy D:\VM to D:\VM on HV2.
You need to start all of the virtual machines on HV2. You want to achieve this goal by using
the minimum amount of administrative effort.
What should you do?