How can you enable all Sales users to access the network using DirectAccess?
Your role of Network Administrator at ABC.com includes the management of the Active Directory
Domain Services (AD DS) domain named ABC.com. All servers on the network run Windows
Server 2012.
Several Sales users spend most of their time away from the office.
You implement DirectAccess to enable the Sales users to connect to the network when they are
away from the office. All computers used by the Sales users are joined to the domain.
You create a DirectAccess client group named SalesDirectAccess and add all the computer
accounts for the Sales users computers to the SalesDirectAccess group.
Some Sales users report that they are unable to access the network using DirectAccess. Other
Sales report that they can connect successfully.
You discover that only users using laptop computers can connect using DirectAccess. Sales
users are unable to connect when they use desktop computers.
How can you enable all Sales users to access the network using DirectAccess?
which of the following virtual platforms could you clone a virtual Windows Server 2012 domain controller?
Topic 2
2, Weyland Technical Solutions (WTS) Ltd.
Company Background
Weyland Technical Solutions is an IT company who provide hosted or managed services to small
to medium-sized companies in central USA
The company is located in a single site in Weyland,
Kansas.
The company currently has 1500 employees.
Existing Environment
Existing Active Directory Environment
The network consists of a single Windows Server 2008 R2 Active Directory Domain Services (AD
DS) domain named WTSltd.com. The forest functional level is Windows Server 2008.
The network contains four physical domain controllers. All domain controllers are configured as
DNS Servers.
Network Infrastructure
The network is divided into four subnets. All servers are located in a data center located in the
WTS site.
The data center includes the following servers:
Four physical Windows Server 2008 R2 DHCP Servers.
Eight physical Windows Server 2008 R2 file servers.
Six physical Windows Server 2008 R2 print servers.
Four physical Windows Server 2008 R2 domain controllers.
One physical Windows Server 2008 R2 HyperV host server.
All client computers run either Windows 7 or Windows 8.
Business Requirements
Planned Changes
Deploy new Windows Server 2012 Hyper-V host servers.
Implement a VPN solution for external workers.
Implement RADIUS authentication for the VPN connections.
Implement Network Access Protection (NAP).
Implement Active Directory Recycle Bin
Technical Requirements
Weyland Technical Solutions has the following technical requirements:
Migrate all servers to Windows Server 2012.
Virtualize existing physical servers where possible.
Deploy virtual domain controllers using virtual machine cloning.
DHCP IP address leases must be logged centrally.
Centrally manage Network Access Protection (NAP) policies.
************************************************************
You are evaluating the deployment of virtual domain controllers using virtual machine cloning.
On which of the following virtual platforms could you clone a virtual Windows Server 2012 domain
controller? (Choose all that apply).
How would you accomplish this task?
Topic 2, ABC Industries
Overview
ABC Industries is an International fishing, shipping and distribution company distributing various
ocean delectable to customers around the world. ABC Industries main office is located in Long
Beach, California with branch offices located in Dallas, Boston and Houston.
Existing Environment
ABC Industries network contains a single Active Directory domain named ABC.com. ABC
Industries servers run Microsoft Windows Server 2008 R2. The Long Beach office contains DNS
servers, DHCP servers and File servers. The client computers are all utilizing Microsoft Windows 7
Home Premium.
ABC Industries branch offices contain a single DNS and DHCP server. The branch offices have
several client computers still running the older Microsoft Windows XP Professional operating
system. The branch office networks are configured with multiple subnets. The offices utilize
network connections that transmit and receive information at 1 gigabit per second network speeds
with VPN connections for connecting offices and Internet access.
Current Issues
ABC Industries is aware of the low bandwidth WAN link utilized between Long Beach and Boston
has a very high latency and can only be replaced in the upcoming year.
Application Requirements
ABC Industries plans on developing an application named ABCProducts which will be offered to
customers as a service. The ABCProducts application utilizes a front-end Web server, Windows
Communication Foundation (WCF) and back-end Microsoft SQL Server 2008 R2 database.
ABC Industries plans on utilizing several virtual machines for hosting the tiers of the application
since Multiple-tiers cannot coexist on a single virtual machine. ABC Industries customers would be
able to choose from the Standard service which includes a single interface for each virtual
machine. The Executive service option includes multiple instances of each virtual machine
required by the application for high-availability and fault tolerance.
The Long Beach office File server hosts the virtual hard disk (VHD) files in a file share which is
available if the server suffers a failure. ABC Industries has future plans for an application named
ABCPartners which will utilize a front-end Web server and dedicated back-end SQL Server 2008
R2 database server. The Dallas office will be utilized for their virtual machines configured in a
Hyper-V cluster for hosting the ABCPartners application utilized by a sister company named
KingEngineering. ABC Industries makes a backup of the ABCPartners application virtual machines
to the Dallas office.
The KingEngineering sister company has a single Active Directory domain named ABC.com.
KingEngineering network infrastructure includes a server hosting Active Directory Federation
Services (AD FS) server role and all of the Active Directory Federation Services (AD FS} role
services.
Planned Changes
ABC Industries plans on replacing the Microsoft Windows Server 2008 R2 servers with servers
running Microsoft Windows Sever 2012 and configure a private cloud for utilization using Microsoft
System Center 2012 for the hosting of ABCProducts application. The Long Beach office will
acquire Hyper-V hosts on the perimeter network and local network. The Dallas office will acquire
new Hyper-V hosts whilst the Long Beach office is configured to utilize a Public Key Infrastructure
(PKI). ABC Industries also want Microsoft System Center 2012 Configuration Manager primary
site with all system deployed at the Long Beach office.
Notification Requirements
ABC Industries wants to utilize Help Desk tickets which will be generated automatically in event of
ABCProducts application instances becoming unresponsive whilst ensuring the Executive
customers receive additional e-mail notification for instances of tickets to their ABCProducts
application.
Technical Requirements
ABC Industries wants hardware and software costs minimized wherever possible whilst reducing
the amount of WAN traffic and administrative overhead. ABC Industries additionally wants to
ensure the ABCPartners application has the fastest possible failover for virtual machines whilst
ensuring the administrators are able to view consolidated reports concerning software updates of
all offices. ABC Industries wants only the Long Beach office administrators to approve of updates
for computers in all offices.
Security Requirements
ABC Industries has foreseen the need for an offline root certification authority (CA) which will be
utilized for issuing certificates to client computers via a server in respective offices. ABC Industries
wants to ensure all security events concerning the CA configuration and security settings are
logged whilst allowing client computers to renew certificates over the Internet.
ABC Industries wants members of the group ABC1 to create new instances of ABCProducts
application utilizing the private cloud whilst ensuring new certificates are issued when client
computers are connected to local networks only. ABC Industries wants to have BitLocker Drive
Encryption (BitLocker) utilized by the virtual machines hosting ABCPartners application instances
whilst ensuring sister company KingEngineering network administrators are able to access
ABCPartners application instances utilizing ABC.com network credentials.
************************************************************
You work as the network administrator at ABC.com. ABC.com consists of a single Active Directory
domain named ABC.com. ABC.com domain controllers run Microsoft Windows Server 2012 and
all client computers utilize Microsoft Windows 7. ABC.com has recently configured Hyper-V on a
computer named ABC-DC01 to host a virtual machine named TUsers which network users utilize
to perform daily computing tasks.
During the course of the month you receive instruction from ABC.com to deploy a stand-alone
computer to the network which will be utilized to host a replica of the current Hyper-V configuration
in use on ABC-DC01. ABC.com wants you to ensure members of the KingAdmins group are able
to configure the stand-alone computer for the replica.
How would you accomplish this task?
How can you ensure that external users cannot connect to www.ABC.com using a DirectAccess connection?
Your role of Network Administrator at ABC.com includes the management of the Active Directory
Domain Services (AD DS) domain named ABC.com. All servers on the network run Windows
Server 2012.
The corporate Web site www.ABC.com is hosted on a Windows Server 2012 Web Server hosted
on the corporate network. A public IP address is mapped to the private IP address of the Web
Server to provide Internet access to the corporate Web site.
DirectAccess is enabled on the network using the default configuration to enable external users to
access resources on the corporate network when they are away from the office.
Company security policy states that all connections from outside the office to www.ABC.com must
come through the corporate firewall using the external IP address of the Web site.
How can you ensure that external users cannot connect to www.ABC.com using a DirectAccess
connection?
Which action should be taken?
Topic 2, ABC Industries
Overview
ABC Industries is an International fishing, shipping and distribution company distributing various
ocean delectable to customers around the world. ABC Industries main office is located in Long
Beach, California with branch offices located in Dallas, Boston and Houston.
Existing Environment
ABC Industries network contains a single Active Directory domain named ABC.com. ABC
Industries servers run Microsoft Windows Server 2008 R2. The Long Beach office contains DNS
servers, DHCP servers and File servers. The client computers are all utilizing Microsoft Windows 7
Home Premium.
ABC Industries branch offices contain a single DNS and DHCP server. The branch offices have
several client computers still running the older Microsoft Windows XP Professional operating
system. The branch office networks are configured with multiple subnets. The offices utilize
network connections that transmit and receive information at 1 gigabit per second network speeds
with VPN connections for connecting offices and Internet access.
Current Issues
ABC Industries is aware of the low bandwidth WAN link utilized between Long Beach and Boston
has a very high latency and can only be replaced in the upcoming year.
Application Requirements
ABC Industries plans on developing an application named ABCProducts which will be offered to
customers as a service. The ABCProducts application utilizes a front-end Web server, Windows
Communication Foundation (WCF) and back-end Microsoft SQL Server 2008 R2 database.
ABC Industries plans on utilizing several virtual machines for hosting the tiers of the application
since Multiple-tiers cannot coexist on a single virtual machine. ABC Industries customers would be
able to choose from the Standard service which includes a single interface for each virtual
machine. The Executive service option includes multiple instances of each virtual machine
required by the application for high-availability and fault tolerance.
The Long Beach office File server hosts the virtual hard disk (VHD) files in a file share which is
available if the server suffers a failure. ABC Industries has future plans for an application named
ABCPartners which will utilize a front-end Web server and dedicated back-end SQL Server 2008
R2 database server. The Dallas office will be utilized for their virtual machines configured in a
Hyper-V cluster for hosting the ABCPartners application utilized by a sister company named
KingEngineering. ABC Industries makes a backup of the ABCPartners application virtual machines
to the Dallas office.
The KingEngineering sister company has a single Active Directory domain named ABC.com.
KingEngineering network infrastructure includes a server hosting Active Directory Federation
Services (AD FS) server role and all of the Active Directory Federation Services (AD FS} role
services.
Planned Changes
ABC Industries plans on replacing the Microsoft Windows Server 2008 R2 servers with servers
running Microsoft Windows Sever 2012 and configure a private cloud for utilization using Microsoft
System Center 2012 for the hosting of ABCProducts application. The Long Beach office will
acquire Hyper-V hosts on the perimeter network and local network. The Dallas office will acquire
new Hyper-V hosts whilst the Long Beach office is configured to utilize a Public Key Infrastructure
(PKI). ABC Industries also want Microsoft System Center 2012 Configuration Manager primary
site with all system deployed at the Long Beach office.
Notification Requirements
ABC Industries wants to utilize Help Desk tickets which will be generated automatically in event of
ABCProducts application instances becoming unresponsive whilst ensuring the Executive
customers receive additional e-mail notification for instances of tickets to their ABCProducts
application.
Technical Requirements
ABC Industries wants hardware and software costs minimized wherever possible whilst reducing
the amount of WAN traffic and administrative overhead. ABC Industries additionally wants to
ensure the ABCPartners application has the fastest possible failover for virtual machines whilst
ensuring the administrators are able to view consolidated reports concerning software updates of
all offices. ABC Industries wants only the Long Beach office administrators to approve of updates
for computers in all offices.
Security Requirements
ABC Industries has foreseen the need for an offline root certification authority (CA) which will be
utilized for issuing certificates to client computers via a server in respective offices. ABC Industries
wants to ensure all security events concerning the CA configuration and security settings are
logged whilst allowing client computers to renew certificates over the Internet.
ABC Industries wants members of the group ABC1 to create new instances of ABCProducts
application utilizing the private cloud whilst ensuring new certificates are issued when client
computers are connected to local networks only. ABC Industries wants to have BitLocker Drive
Encryption (BitLocker) utilized by the virtual machines hosting ABCPartners application instances
whilst ensuring sister company KingEngineering network administrators are able to access
ABCPartners application instances utilizing ABC.com network credentials.
************************************************************
You work as the network administrator at ABC.com. ABC.com consists of a single Active Directory
domain named ABC.com. ABC.com domain controllers run Microsoft Windows Server 2012 and
all client computers utilize Microsoft Windows 7. ABC.com has recently deployed a computer
named ABC-DC01 to the domain.
ABC-DC01 is configured with the Active Directory Federation Services (AD FS) and Active
Directory Certificate Services (AD CS). During the course of your maintenance you discover a
large amount of bandwidth is consumed by the Certificate Revocation List (CRL) checking.
ABC.com wants you to recommend a solution which would reduce the amount of network traffic.
Which action should be taken?
How can you ensure that the ManagersGPO applies only to the ABC-Managers group?
Your role of Network Administrator at ABC.com includes the management of the Active Directory
Domain Services (AD DS) domain named ABC.com. The network includes servers that run
Windows Server 2008 R2 Service Pack 1 (SP1) and Windows Server 2012.
The Organizational Unit (OU) structure includes top-level OUs for each office location. Each top-level OU contains OUs for each company department. Each departmental OU contains the user
accounts of the users working in that department in the relevant location.
Many Group Policy Objects (GPOs) are applied at the site level, domain level and OU level.
A group named ABC-Managers contains the user accounts of company managers from each
department.
You configure a Group Policy Object (GPO) named ManagersGPO and link it to the domain. You
need to apply the ManagersGPO to the ABC-Managers group.
How can you ensure that the ManagersGPO applies only to the ABC-Managers group?
How should you configure the infrastructure?
Topic 2
2, Weyland Technical Solutions (WTS) Ltd.
Company Background
Weyland Technical Solutions is an IT company who provide hosted or managed services to small
to medium-sized companies in central USA
The company is located in a single site in Weyland,
Kansas.
The company currently has 1500 employees.
Existing Environment
Existing Active Directory Environment
The network consists of a single Windows Server 2008 R2 Active Directory Domain Services (AD
DS) domain named WTSltd.com. The forest functional level is Windows Server 2008.
The network contains four physical domain controllers. All domain controllers are configured as
DNS Servers.
Network Infrastructure
The network is divided into four subnets. All servers are located in a data center located in the
WTS site.
The data center includes the following servers:
Four physical Windows Server 2008 R2 DHCP Servers.
Eight physical Windows Server 2008 R2 file servers.
Six physical Windows Server 2008 R2 print servers.
Four physical Windows Server 2008 R2 domain controllers.
One physical Windows Server 2008 R2 HyperV host server.
All client computers run either Windows 7 or Windows 8.
Business Requirements
Planned Changes
Deploy new Windows Server 2012 Hyper-V host servers.
Implement a VPN solution for external workers.
Implement RADIUS authentication for the VPN connections.
Implement Network Access Protection (NAP).
Implement Active Directory Recycle Bin
Technical Requirements
Weyland Technical Solutions has the following technical requirements:
Migrate all servers to Windows Server 2012.
Virtualize existing physical servers where possible.
Deploy virtual domain controllers using virtual machine cloning.
DHCP IP address leases must be logged centrally.
Centrally manage Network Access Protection (NAP) policies.
************************************************************
You are configuring a network for a company that has multiple buildings in a campus layout.
The network consists of a Windows Server 2012 Active Directory Domain Services (AD DS)
domain. A single datacenter hosts most of the companys servers.
You are deploying client computers to 8 new buildings. Each building will have a separate subnet.
A router in each building will connect each subnet to the datacenter.
You want to manage IP address deployment from a single highly available DHCP server in the
datacenter. Your solution must minimize costs.
How should you configure the infrastructure? (Choose two answers).
Which action should be taken?
Topic 2, ABC Industries
Overview
ABC Industries is an International fishing, shipping and distribution company distributing various
ocean delectable to customers around the world. ABC Industries main office is located in Long
Beach, California with branch offices located in Dallas, Boston and Houston.
Existing Environment
ABC Industries network contains a single Active Directory domain named ABC.com. ABC
Industries servers run Microsoft Windows Server 2008 R2. The Long Beach office contains DNS
servers, DHCP servers and File servers. The client computers are all utilizing Microsoft Windows 7
Home Premium.
ABC Industries branch offices contain a single DNS and DHCP server. The branch offices have
several client computers still running the older Microsoft Windows XP Professional operating
system. The branch office networks are configured with multiple subnets. The offices utilize
network connections that transmit and receive information at 1 gigabit per second network speeds
with VPN connections for connecting offices and Internet access.
Current Issues
ABC Industries is aware of the low bandwidth WAN link utilized between Long Beach and Boston
has a very high latency and can only be replaced in the upcoming year.
Application Requirements
ABC Industries plans on developing an application named ABCProducts which will be offered to
customers as a service. The ABCProducts application utilizes a front-end Web server, Windows
Communication Foundation (WCF) and back-end Microsoft SQL Server 2008 R2 database.
ABC Industries plans on utilizing several virtual machines for hosting the tiers of the application
since Multiple-tiers cannot coexist on a single virtual machine. ABC Industries customers would be
able to choose from the Standard service which includes a single interface for each virtual
machine. The Executive service option includes multiple instances of each virtual machine
required by the application for high-availability and fault tolerance.
The Long Beach office File server hosts the virtual hard disk (VHD) files in a file share which is
available if the server suffers a failure. ABC Industries has future plans for an application named
ABCPartners which will utilize a front-end Web server and dedicated back-end SQL Server 2008
R2 database server. The Dallas office will be utilized for their virtual machines configured in a
Hyper-V cluster for hosting the ABCPartners application utilized by a sister company named
KingEngineering. ABC Industries makes a backup of the ABCPartners application virtual machines
to the Dallas office.
The KingEngineering sister company has a single Active Directory domain named ABC.com.
KingEngineering network infrastructure includes a server hosting Active Directory Federation
Services (AD FS) server role and all of the Active Directory Federation Services (AD FS} role
services.
Planned Changes
ABC Industries plans on replacing the Microsoft Windows Server 2008 R2 servers with servers
running Microsoft Windows Sever 2012 and configure a private cloud for utilization using Microsoft
System Center 2012 for the hosting of ABCProducts application. The Long Beach office will
acquire Hyper-V hosts on the perimeter network and local network. The Dallas office will acquire
new Hyper-V hosts whilst the Long Beach office is configured to utilize a Public Key Infrastructure
(PKI). ABC Industries also want Microsoft System Center 2012 Configuration Manager primary
site with all system deployed at the Long Beach office.
Notification Requirements
ABC Industries wants to utilize Help Desk tickets which will be generated automatically in event of
ABCProducts application instances becoming unresponsive whilst ensuring the Executive
customers receive additional e-mail notification for instances of tickets to their ABCProducts
application.
Technical Requirements
ABC Industries wants hardware and software costs minimized wherever possible whilst reducing
the amount of WAN traffic and administrative overhead. ABC Industries additionally wants to
ensure the ABCPartners application has the fastest possible failover for virtual machines whilst
ensuring the administrators are able to view consolidated reports concerning software updates of
all offices. ABC Industries wants only the Long Beach office administrators to approve of updates
for computers in all offices.
Security Requirements
ABC Industries has foreseen the need for an offline root certification authority (CA) which will be
utilized for issuing certificates to client computers via a server in respective offices. ABC Industries
wants to ensure all security events concerning the CA configuration and security settings are
logged whilst allowing client computers to renew certificates over the Internet.
ABC Industries wants members of the group ABC1 to create new instances of ABCProducts
application utilizing the private cloud whilst ensuring new certificates are issued when client
computers are connected to local networks only. ABC Industries wants to have BitLocker Drive
Encryption (BitLocker) utilized by the virtual machines hosting ABCPartners application instances
whilst ensuring sister company KingEngineering network administrators are able to access
ABCPartners application instances utilizing ABC.com network credentials.
************************************************************
You work as the network administrator at ABC.com. ABC.com consists of a single Active Directory
domain named ABC.com. ABC.com domain controllers run Microsoft Windows Server 2012 and
all client computers utilize Microsoft Windows 7. ABC.com has recently deployed a computer
named ABC-DC01 to the domain.
ABC-DC01 is configured with the Active Directory Domain Services (AD DS) and Active Directory
Certificate Services (AD CS) roles. ABC.com wants you to implement a solution which is able to
deploy over 16000 certificates for externally accessible web servers which utilize Secure Sockets
Layer (SSL) and 32000 certificates for e-mail with Internet-based clients.
Which action should be taken?
How can you quickly achieve this goal?
Your role of Network Administrator at ABC.com includes the management of the Active Directory
Domain Services (AD DS) domain named ABC.com. The network includes servers that run
Windows Server 2008 R2 Service Pack 1 (SP1) and Windows Server 2012.
The Organizational Unit (OU) structure includes top-level OUs for each office location. Each top-level OU contains OUs for each company department. Each departmental OU contains the user
accounts of the users working in that department in the relevant location.
Many Group Policy Objects (GPOs) are applied at the site level, domain level and OU level.
You create an OU named TestOU inside one of the departmental OUs. You want to ensure that
no GPOs from the site level, domain level, location OU level or department OU level are applied to
objects within TestOU.
How can you quickly achieve this goal?
How would you accomplish this task?
Topic 2, ABC Industries
Overview
ABC Industries is an International fishing, shipping and distribution company distributing various
ocean delectable to customers around the world. ABC Industries main office is located in Long
Beach, California with branch offices located in Dallas, Boston and Houston.
Existing Environment
ABC Industries network contains a single Active Directory domain named ABC.com. ABC
Industries servers run Microsoft Windows Server 2008 R2. The Long Beach office contains DNS
servers, DHCP servers and File servers. The client computers are all utilizing Microsoft Windows 7
Home Premium.
ABC Industries branch offices contain a single DNS and DHCP server. The branch offices have
several client computers still running the older Microsoft Windows XP Professional operating
system. The branch office networks are configured with multiple subnets. The offices utilize
network connections that transmit and receive information at 1 gigabit per second network speeds
with VPN connections for connecting offices and Internet access.
Current Issues
ABC Industries is aware of the low bandwidth WAN link utilized between Long Beach and Boston
has a very high latency and can only be replaced in the upcoming year.
Application Requirements
ABC Industries plans on developing an application named ABCProducts which will be offered to
customers as a service. The ABCProducts application utilizes a front-end Web server, Windows
Communication Foundation (WCF) and back-end Microsoft SQL Server 2008 R2 database.
ABC Industries plans on utilizing several virtual machines for hosting the tiers of the application
since Multiple-tiers cannot coexist on a single virtual machine. ABC Industries customers would be
able to choose from the Standard service which includes a single interface for each virtual
machine. The Executive service option includes multiple instances of each virtual machine
required by the application for high-availability and fault tolerance.
The Long Beach office File server hosts the virtual hard disk (VHD) files in a file share which is
available if the server suffers a failure. ABC Industries has future plans for an application named
ABCPartners which will utilize a front-end Web server and dedicated back-end SQL Server 2008
R2 database server. The Dallas office will be utilized for their virtual machines configured in a
Hyper-V cluster for hosting the ABCPartners application utilized by a sister company named
KingEngineering. ABC Industries makes a backup of the ABCPartners application virtual machines
to the Dallas office.
The KingEngineering sister company has a single Active Directory domain named ABC.com.
KingEngineering network infrastructure includes a server hosting Active Directory Federation
Services (AD FS) server role and all of the Active Directory Federation Services (AD FS} role
services.
Planned Changes
ABC Industries plans on replacing the Microsoft Windows Server 2008 R2 servers with servers
running Microsoft Windows Sever 2012 and configure a private cloud for utilization using Microsoft
System Center 2012 for the hosting of ABCProducts application. The Long Beach office will
acquire Hyper-V hosts on the perimeter network and local network. The Dallas office will acquire
new Hyper-V hosts whilst the Long Beach office is configured to utilize a Public Key Infrastructure
(PKI). ABC Industries also want Microsoft System Center 2012 Configuration Manager primary
site with all system deployed at the Long Beach office.
Notification Requirements
ABC Industries wants to utilize Help Desk tickets which will be generated automatically in event of
ABCProducts application instances becoming unresponsive whilst ensuring the Executive
customers receive additional e-mail notification for instances of tickets to their ABCProducts
application.
Technical Requirements
ABC Industries wants hardware and software costs minimized wherever possible whilst reducing
the amount of WAN traffic and administrative overhead. ABC Industries additionally wants to
ensure the ABCPartners application has the fastest possible failover for virtual machines whilst
ensuring the administrators are able to view consolidated reports concerning software updates of
all offices. ABC Industries wants only the Long Beach office administrators to approve of updates
for computers in all offices.
Security Requirements
ABC Industries has foreseen the need for an offline root certification authority (CA) which will be
utilized for issuing certificates to client computers via a server in respective offices. ABC Industries
wants to ensure all security events concerning the CA configuration and security settings are
logged whilst allowing client computers to renew certificates over the Internet.
ABC Industries wants members of the group ABC1 to create new instances of ABCProducts
application utilizing the private cloud whilst ensuring new certificates are issued when client
computers are connected to local networks only. ABC Industries wants to have BitLocker Drive
Encryption (BitLocker) utilized by the virtual machines hosting ABCPartners application instances
whilst ensuring sister company KingEngineering network administrators are able to access
ABCPartners application instances utilizing ABC.com network credentials.
************************************************************
You work as the network administrator at ABC.com. ABC.com consists of a single Active Directory
domain named ABC.com. ABC.com domain controllers run Microsoft Windows Server 2012 and
all client computers utilize Microsoft Windows 7. ABC.com has recently deployed a computer
named ABC-DC01 to the domain.
ABC-DC01 is configured with the Active Directory Federation Services (AD FS), Active Directory
Certificate Services (AD CS) and Active Directory Rights Management Services (AD RMS). During
the course of the day you receive instruction from ABC.com to ensure members of the TAdmins
group are able to read and modify all Active Directory Rights Management Services (AD RMS)
protected data.
How would you accomplish this task?