Your network contains an Active Directory forest. All domain controllers run Windows Server
2008 Standard.
The functional level of the domain is Windows Server 2003.
You have a certification authority (CA).
The relevant servers in the domain are configured as shown below:

You need to ensure that you can install the Active Directory Certificate Services (AD CS)
Certificate Enrollment Web Service on the network.
What should you do?

You have a domain controller that runs the DHCP service.
You need to perform an offline defragmentation of the Active Directory database on the
domain controller.
You must achieve this goal without affecting the availability of the DHCP service.
What should you do?

Your network contains two Active Directory forests named contoso.com and nwtraders.com.
A two-way forest trust exists between contoso.com and nwtraders.com. The forest trust is
configured to use selective authentication.
Contoso.com contains a server named Server1. Server1 contains a shared folder named
Marketing.
Nwtraders.com contains a global group named G_Marketing. The Change share permission
and the Modify NTFS permission for the Marketing folder are assigned to the G_Marketing
group. Members of G_Marketing report that they cannot access the Marketing folder.
You need to ensure that the G_Marketing members can access the folder from the network.
What should you do?

Your network contains an Active Directory forest.
You need to add a new user principal name (UPN) suffix to the forest.
Which tool should you use?

Your network contains an Active Directory domain. The domain contains two sites named
Site1 and Site2. Site 1 contains five domain controllers. Site2 contains one read-only domain
controller (RODC). Site1 and Site2 connect to each other by using a slow WAN link.
You discover that the cached password for a user named User1 is compromised on the
RODC.
On a domain controller in Site1, you change the password for User1.
You need to replicate the new password for User1 to the RODC immediately. The solution
must not replicate other objects to the RODC.

Which tool should you use?

Your network contains an Active Directory domain named contoso.com.
The properties of the contoso.com DNS zone are configured as shown in the exhibit. (Click
the Exhibit button.)

You need to update all service location (SRV) records for a domain controller in the domain.
What should you do?

Your network contains an Active Directory domain.
A user named User1 takes a leave of absence for one year.
You need to restrict access to the User1 user account while User1 is away.
What should you do?

Your network contains an Active Directory domain. The domain contains 1,000 user
accounts.
You have a list that contains the mobile phone number of each user. You need to add the
mobile number of each user to Active Directory.
What should you do?

Your network contains an Active Directory domain named contoso.com. All domain
controllers and member servers run Windows Server 2008. All client computers run
Windows 7.
From a client computer, you create an audit policy by using the Advanced Audit Policy
Configuration settings in the Default Domain Policy Group Policy object (GPO).
You discover that the audit policy is not applied to the member servers. The audit policy is
applied to the client computers.
You need to ensure that the audit policy is applied to all member servers and all client
computers.
What should you do?

Your network contains an Active Directory domain. The domain contains a group named
Group1.
The minimum password length for the domain is set to six characters.
You need to ensure that the passwords for all users in Group1 are at least 10 characters
long. All other users must be able to use passwords that are six characters long.
What should you do first?