Which port or ports should you allow through Windows Firewall?
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server2 that has the DNS Server server role installed.
You need to configure the Windows Firewall on Server2 to allow client computers access to the DNS Server service.
Which port or ports should you allow through Windows Firewall?
You need to ensure that you can add 1,000 new user accounts to the domain
Your network contains an Active Directory forest. The forest contains one domain. The domain
contains two domain controllers named DC1 and DC2 that run Windows Server 2008 R2.
DC1 was installed before DC2.
DC1 fails.
You need to ensure that you can add 1,000 new user accounts to the domain.
What should you do?
Which port or ports should you allow through Windows Firewall?
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server3 that has the DHCP Server server role installed.
You need to configure Windows Firewall on Server3 to allow IPv4 client computers access to the DHCP Server service.
Which port or ports should you allow through Windows Firewall?
You need to ensure that the domain controllers in the branch offices only replicate to the domain controller i
Your company has a main office and four branch offices.
An Active Directory site exists for each office. Each site contains one domain controller. Each branch office site has a site link to the main office site.
You discover that the domain controllers in the branch offices sometimes replicate directly to each other.
You need to ensure that the domain controllers in the branch offices only replicate to the domain controller in the main office.
What should you do?
What should you configure on the NPS server?
Your network contains an Active Directory domain named contoso.com.
A partner organization has an Active Directory domain named fabrikam.com.
Your company plans to provide VPN access for fabrikam.com users.
You need to configure Network Policy Server (NPS) to forward authentication requests to fabrikam.com.
What should you configure on the NPS server?
You need to purge the list of user accounts that were authenticated on a read-only domain controller (RODC)
You need to purge the list of user accounts that were authenticated on a read-only domain controller (RODC). What should you do?
You need to ensure that the client computers in contoso
Your network contains two Active Directory domains named contoso.com and fabrikam.com. Each domain contains several domain controllers. All of the domain controllers are configured as DNS servers for their respective domain.
From a client computer in contoso.com, you discover that you cannot resolve host names in fabrikam.com.
You need to ensure that the client computers in contoso.com can resolve host names in fabrikam.com.
What should you do in contoso.com?
You need to ensure that you can use the new certificate for AD FS
Your network contains a server named Server1 that runs Windows Server 2008 R2. Server1 is configured as an Active Directory Federation Services (AD FS) 2.0 standalone server.
You plan to add a new token-signing certificate to Server1.
You import the certificate to the server as shown in the exhibit. (Click the Exhibit button.)
When you run the Add Token-Signing Certificate wizard, you discover that the new certificate is unavailable. You need to ensure that you can use the new certificate for AD FS. What should you do?
You need to modify the SRV records to ensure that DC2 is contacted for authentication only when DC1 is unavail
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2. The service location (SRV) records for both of the domain controllers have default values.
An SRV record for DC1 is shown in the exhibit. (Click the Exhibit button.)
You need to modify the SRV records to ensure that DC2 is contacted for authentication only when DC1 is unavailable.
What should you do?
You need to ensure that users from the nwtraders
Your network contains two Active Directory forests named contoso.com and nwtraders.com. Active Directory Rights Management Services (AD RMS) is deployed in each forest. You need to ensure that users from the nwtraders.com forest can access AD RMS protected content in the contoso.com forest. What should you do?