Your network contains an Active Directory domain named contoso.com.
The corporate security policy states that when new user accounts, computer accounts, and contacts
are added to an organizational unit (OU) named Secure, the addition must be audited.
You need to recommend an auditing solution to meet the security policy.
What should you include in the recommendation? (Each answer presents part of the solution.
Choose all that apply.)

You have a System Center 2012 R2 Configuration Manager deployment.
All users have client computers that run Windows 8.1. The users log on to their client computer as
standard users.
An application named App1 is deployed to the client computers by using System Center.
You need to recommend a solution to validate a registry key used by App1. If the registry key has an
incorrect value, the value must be changed. The registry key must be validated every day. The
solution must generate a report on non-compliant computers.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal.
Select the BEST answer.

Your network contains 20 servers that run Windows Server 2012. The servers have the Hyper-V
server role installed.
You plan to deploy a management solution.
You need to recommend which Microsoft System Center 2012 roles must be deployed to meet the
following requirements:
An administrator must be notified when an incident occurs, such as a serious error in the event log,
on a Hyper-V host, or on a virtual machine.
An administrator must be able to assign an incident to a specific administrator for resolution.
An incident that remains unresolved for more than 10 hours must be escalated automatically to
another administrator.
Administrators must be able to generate reports that contain the details of incidents and
escalations.
Which System Center 2012 roles should you recommend? More than one answer choice may
achieve the goal. Select the BEST answer.

Your company has a main office and a branch office. Each office contains several hundred computers
that run Windows 2012.
You plan to deploy two Windows Server Update Services (WSUS) servers. The WSUS servers will be
configured as shown in the following table.

You need to implement the WSUS infrastructure to meet the following requirements:
All updates must be approved from a server in the main office.

All client computers must connect to a WSUS server in their local office.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.

Your company has a human resources department a finance department, a sales department and an
R&D department.
The company audits the access of documents that contain department-specific sensitive
information.
You are planning an administrative model for the departments to meet the following requirements:
Provide R&D managers with the ability to back up all the files of their department only.
Provide finance managers with the ability to view the audit logs for the files of their department
only.
Provide human resources managers with the ability to view the audit logs for the files of their
department only.
Provide sales managers with the ability to modify the permissions on all the shared folders of their
department only.
You need to identify the minimum amount of file servers required on the network to meet the
requirements of each department.
How many file servers should you identify?

Your network contains an Active Directory domain named contoso.com. The network contains two
servers named Server1 and Server2.
You deploy Active Directory Certificate Services (AD CS). The certification authority (CA) is configured
as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that you can issue certificates based on certificate templates.
What should you do?

Your network contains an Active Directory forest named contoso.com.
Your company works with a partner company that has an Active Directory forest named
fabrikam.com. Both forests contain domain controllers that run only Windows Server 2012 R2.
The certification authority (CA) infrastructure of both companies is configured as shown in the
following table.

You need to recommend a certificate solution that meets the following requirements:
Server authentication certificates issued from fabrikam.com must be trusted automatically by the
computers in contoso.com.
The computers in contoso.com must not trust automatically any other type of certificates issued
from the CA hierarchy in fabrikam.com.
What should you include in the recommendation?

Your network contains an Active Directory domain named contoso.com.
Your company has an enterprise root certification authority (CA) named CA1.
You plan to deploy Active Directory Federation Services (AD FS) to a server named Server1.
The company purchases a Microsoft Office 365 subscription.
You plan to register the company’s SMTP domain for Office 365 and to configure single sign-on for
all users.
You need to identify which certificate or certificates are required for the planned deployment.
Which certificate or certificates should you identify? (Each correct answer presents a complete
solution. Choose all that apply.)

Your network contains five Active Directory forests.
You plan to protect the resources in one of the forests by using Active Directory Rights Management
Services (AD RMS).
Users in all of the forests will access the protected resources.
You need to identify the minimum number of AD RMS clusters required for the planned deployment.
What should you identify?

Your network contains an Active Directory domain named contoso.com. The network contains a
perimeter network. The perimeter network and the internal network are separated by a firewall.
On the perimeter network, you deploy a server named Server1 that runs Windows Server 2012.
You deploy Active Directory Certificate Services (AD CS).
Each user is issued a smart card.
Users report that when they work remotely, they are unable to renew their smart card certificate.
You need to recommend a solution to ensure that the users can renew their smart card certificate
from the Internet.
What should you recommend implementing on Server1?
More than one answer choice may achieve the goal. Select the BEST answer.