What are two possible ways to achieve this goal?
Your company has an Active Directory domain named contoso.com. FS1 is a member
server in contoso.com.
You add a second network interface card, NIC2, to FS1 and connect NIC2 to a subnet that
contains computers in a DNS domain named fabrikam.com. Fabrikam.com has a DHCP
server and a DNS server.
Users in fabrikam.com are unable to resolve FS1 by using DNS.
You need to ensure that FS1 has an A record in the fabrikam.com DNS zone.
What are two possible ways to achieve this goal? (Each correct answer presents a complete
solution. Choose two.)
Which two actions should you perform?
Your company Datum Corporation, has a single Active Directory domain named
intranet.adatum.com. The domain has two domain controllers that run Windows Server 2008
R2 operating system. The domain controllers also run DNS servers.
The intranet.adatum.com DNS zone is configured as an Active Directory-integrated zone
with the Dynamic updates setting configured to Secure only.
A new corporate security policy requires that the intranet.adatum.com DNS zone must be
updated only by domain controllers or member servers.
You need to configure the intranet.adatum.com zone to meet the new security policy
requirement.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
You need to configure the forest trust to meet the new security policy requirement
Your company has two Active Directory forests as shown in the following table.
The forests are connected by using a two-way forest trust. Each trust direction is configured
with forest-wide authentication. The new security policy of the company prohibits users from
the eng.fabrikam.com domain to access resources in the contoso.com domain.
You need to configure the forest trust to meet the new security policy requirement.
What should you do?
You need to configure AD RMS so that users are able to protect their documents
Your company has an Active Directory Rights Management Services (AD RMS) server.
Users have Windows Vista computers. An Active Directory domain is configured at the
Windows Server 2003 functional level.
You need to configure AD RMS so that users are able to protect their documents.
What should you do?
You need to prevent members of the TempWorkers group from accessing the confidential data on the file servers
Your company has an Active Directory domain. All consultants belong to a global group
named TempWorkers.
The TempWorkers group is not nested in any other groups.
You move the computer objects of three file servers to a new organizational unit named
SecureServers. These file servers contain only confidential data in shared folders.
You need to prevent members of the TempWorkers group from accessing the confidential
data on the file servers.
You must achieve this goal without affecting access to other domain resources.
What should you do?
You need to create a password policy for the engineering department that is different from your domain passwor
Your network consists of a single Active Directory domain. User accounts for engineering
department are located in an OU named Engineering.
You need to create a password policy for the engineering department that is different from
your domain password policy.
What should you do?
You need to configure DNS to allow only secure dynamic updates
Your network contains an Active Directory domain. The domain contains two domain
controllers named DC1 and DC2. DC1 hosts a standard primary DNS zone for the domain.
Dynamic updates are enabled on the zone. DC2 hosts a standard secondary DNS zone for
the domain.
You need to configure DNS to allow only secure dynamic updates.
What should you do first?
You need to prevent the domain controller from registering Host (A) records for the 10.10.10.5 IP address
Your network contains a domain controller that has two network connections named Internal
and Private.
Internal has an IP address of 192.168.0.20. Private has an IP address of 10.10.10.5. You
need to prevent the domain controller from registering Host (A) records for the 10.10.10.5 IP
address.
What should you do?
You need to ensure that the computers in nwtraders.com can update their Host (A) records on any of the DNS ser
Your network contains an Active Directory forest named contoso.com.
You plan to add a new domain named nwtraders.com to the forest.
All DNS servers are domain controllers.
You need to ensure that the computers in nwtraders.com can update their Host (A) records
on any of the DNS servers in the forest.
What should you do?
You need to prevent the non-domain member computers from registering records in the contoso.com zone
Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1. DC1 hosts a standard primary zone for
contoso.com.
You discover that non-domain member computers register records in the contoso.com zone.
You need to prevent the non-domain member computers from registering records in the
contoso.com zone.
All domain member computers must be allowed to register records in the contoso.com zone.
What should you do first?