You need to ensure that the Administrative Templates appear in new GPOs
Your network contains an Active Directory domain named adatum.com.
A network administrator creates a Group Policy central store.
After the central store is created, you discover that when you create new Group Policy objects
(GPOs), the GPOs do not contain any Administrative Templates.
You need to ensure that the Administrative Templates appear in new GPOs.
What should you do?
What should you modify?
HOTSPOT
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access
server role installed.
You need to configure the ports on Server1 to ensure that client computers can establish VPN
connections to Server1 by using TCP port 443.
What should you modify? To answer, select the appropriate object in the answer area.
Which two actions should you perform?
Your network contains an Active Directory domain named contoso.com. The domain contains three
servers. The servers are configured as shown in the following table.
You need to ensure that end-to-end encryption is used between clients and Server2 when the clients
connect to the network by using DirectAccess.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose
two.)
Which type of DNS record should you modify?
You have a DNS server named DNS1 that runs Windows Server 2012 R2.
On DNS1, you create a standard primary DNS zone named adatum.com.
You need to change the frequency that secondary name servers will replicate the zone from DNS1.
Which type of DNS record should you modify?
Which service should you start?
Your network contains an Active Directory domain named contoso.com. The domain contains a
member server named Server 1. Server1 has the IP Address Management (IPAM) Server feature
installed.
A technician performs maintenance on Server1.
After the maintenance is complete, you discover that you cannot connect to the IPAM server on
Server1.
You open the Services console as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can connect to the IPAM server.
Which service should you start?
You need to ensure that users can resolve contoso.com names
You have a server named Server1 that runs Windows Server 2012 R2. Server1 is located in the
perimeter network and has the DNS Server server role installed.
Server1 has a zone named contoso.com.
You apply a security template to Server1.
After you apply the template, users report that they can no longer resolve names from contoso.com.
On Server1, you open DNS Manager as shown in the DNS exhibit. (Click the Exhibit button.)
On Server1, you open Windows Firewall with Advanced Security as shown in the Firewall exhibit.
(Click the Exhibit button.)
You need to ensure that users can resolve contoso.com names.
What should you do?
You need to configure the adatum.com zone to support Name Protection
Your network contains an Active Directory domain named contoso.com. The domain contains a
domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the DNS Server server
role installed.
The network contains client computers that run either Linux, Windows 7, or Windows 8.
You have a zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)
You plan to configure Name Protection on all of the DHCP servers.
You need to configure the adatum.com zone to support Name Protection.
What should you do?
Which type of trust policy should you create?
Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights
Management Services server role installed.
Your company works with a partner organization that does not have its own Active Directory Rights
Management Services (AD RMS) implementation.
You need to create a trust policy for the partner organization.
The solution must meet the following requirements:
Grant users in the partner organization access to protected content
Provide users in the partner organization with the ability to create protected content.
Which type of trust policy should you create?
Which setting should you modify?
HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory
Certificate Services server role installed and configured.
For all users, you are deploying smart cards for logon. You are using an enrollment agent to enroll
the smart card certificates for the users.
You need to configure the Contoso Smartcard Logon certificate template to support the use of the
enrollment agent.
Which setting should you modify? To answer, select the appropriate setting in the answer area.
Which tab should you use to configure the required CDP entry?
HOTSPOT
Your company has a primary data center and a disaster recovery data center.
The network contains an Active Directory domain named contoso.com. The domain contains a
server named that runs Windows Server 2012 R2. Server1 is located in the primary data center.
Server1 has an enterprise root certification authority (CA) for contoso.com.
You deploy another server named Server2 to the disaster recovery data center.
You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point.
You need to configure Server2 as a CRL distribution point (CDP).
Which tab should you use to configure the required CDP entry? To answer, select the appropriate
tab in the answer area.
