Which configurations should you recommend before creating a trust policy?
###BeginCaseStudy###
Topic 4, A.Datum Corporation
Overview
A) Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami. The branch
offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server
2008 R2. The main office has the following servers and client computers:
Two domain controllers configured as DNS servers and DHCP servers
One file server that has multiples shares
One thousand client computers that run Windows 7
Each branch office has the following servers and client computers:
One domain controller configured as a DNS server and a DHCP server
Five hundred to 800 client computers that run Windows XP
Each office has multiple subnets. The network speed of the local area network (LAN) is 1 gigabit per
second. The offices connect to each other by using a WAN link. The main office is connected to the
Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency.
The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold
as a service to customers.
Each instance of App1 is comprised of the following three tiers:
A web front end
A middle tier that uses Windows Communication Foundation (WCF)
A Microsoft SQL Server 2008 R2 database on the back endEach tier will be hosted on one or more virtual machines. Multiple tiers cannot coexist on the same
virtual machine.
When customers purchase App1, they can select from one of the following service levels:
Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine
becomes unresponsive, the virtual machine must be restarted.
Enterprise: Uses multiple instances of each virtual machine required by App1 to provide highavailability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a
server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
A web front end
A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office. The virtual
machines will use dynamic IP addresses. A copy of the App2 virtual machines will be maintained in the
Seattle office.
App2 will be used by users from a partner company named Trey Research. Trey Research has a single
Active Directory domain named treyresearch.com. Treyresearch.com contains a server that has the
Active Directory Federation Services server role and all of the Active Directory Federation Services (AD
FS) role services installed.
Planned Changes
A) Datum plans to implement the following changes:
Replace all of the servers with new servers that run Windows Server 2012.
Implement a private cloud by using Microsoft System Center 2012 to host instances of App1.
In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
In the Miami office, deploy two new Hyper-V hosts to the local network.
In the Seattle office, deploy two new Hyper-V hosts.
In the Miami office, implement a System Center 2012 Configuration Manager primary site that
has all of the system roles installed.
Implement a public key infrastructure (PKI).
Notification Requirements
A) Datum identifies the following notification requirements:
Help desk tickets must be created and assigned automatically when an instance of App1
becomes unresponsive. Customers who select the Enterprise service level must receive an email notification each time
a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
A) Datum identifies the following technical requirements:
Minimize costs whenever possible.
Minimize the amount of WAN traffic
Minimize the amount of administrative effort whenever possible.
Provide the fastest possible failover for the virtual machines hosting App2.
Ensure that administrators can view a consolidated report about the software updates in all of
the offices.
Ensure that administrators in the Miami office can approve updates for the client computers in
all of the offices.
Security Requirements
A) Datum identifies the following security requirements:
An offline root certification authority (CA) must be configured.
Client computers must be issued certificates by a server in their local office.
Changes to the CA configuration settings and the CA security settings must be logged.
Client computers must be able to renew certificates automatically over the Internet.
The number of permissions and privileges assigned to users must be minimized whenever
possible.
Users from a group named Group1 must be able to create new instances of App1 in the private
cloud.
Client computers must be issued new certificates when the computers are connected to the
local network only.
The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
Users from Trey Research must be able to access App2 by using their credentials from
treyresearch.com.
###EndCaseStudy###
In adatum.com, you install and configure a server that has the Active Directory Federation Services
server role and all of the AD FS role services installed.
You need to recommend which AD FS configurations must be performed m adatum.com to meet the
security requirements.
Which configurations should you recommend before creating a trust policy?
What should you recommend?
###BeginCaseStudy###
Topic 4, A.Datum Corporation
Overview
A) Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami. The branch
offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server
2008 R2. The main office has the following servers and client computers:
Two domain controllers configured as DNS servers and DHCP servers
One file server that has multiples shares
One thousand client computers that run Windows 7
Each branch office has the following servers and client computers:
One domain controller configured as a DNS server and a DHCP server
Five hundred to 800 client computers that run Windows XP
Each office has multiple subnets. The network speed of the local area network (LAN) is 1 gigabit per
second. The offices connect to each other by using a WAN link. The main office is connected to the
Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency.
The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold
as a service to customers.
Each instance of App1 is comprised of the following three tiers:
A web front end
A middle tier that uses Windows Communication Foundation (WCF)
A Microsoft SQL Server 2008 R2 database on the back endEach tier will be hosted on one or more virtual machines. Multiple tiers cannot coexist on the same
virtual machine.
When customers purchase App1, they can select from one of the following service levels:
Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine
becomes unresponsive, the virtual machine must be restarted.
Enterprise: Uses multiple instances of each virtual machine required by App1 to provide highavailability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a
server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
A web front end
A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office. The virtual
machines will use dynamic IP addresses. A copy of the App2 virtual machines will be maintained in the
Seattle office.
App2 will be used by users from a partner company named Trey Research. Trey Research has a single
Active Directory domain named treyresearch.com. Treyresearch.com contains a server that has the
Active Directory Federation Services server role and all of the Active Directory Federation Services (AD
FS) role services installed.
Planned Changes
A) Datum plans to implement the following changes:
Replace all of the servers with new servers that run Windows Server 2012.
Implement a private cloud by using Microsoft System Center 2012 to host instances of App1.
In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
In the Miami office, deploy two new Hyper-V hosts to the local network.
In the Seattle office, deploy two new Hyper-V hosts.
In the Miami office, implement a System Center 2012 Configuration Manager primary site that
has all of the system roles installed.
Implement a public key infrastructure (PKI).
Notification Requirements
A) Datum identifies the following notification requirements:
Help desk tickets must be created and assigned automatically when an instance of App1
becomes unresponsive. Customers who select the Enterprise service level must receive an email notification each time
a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
A) Datum identifies the following technical requirements:
Minimize costs whenever possible.
Minimize the amount of WAN traffic
Minimize the amount of administrative effort whenever possible.
Provide the fastest possible failover for the virtual machines hosting App2.
Ensure that administrators can view a consolidated report about the software updates in all of
the offices.
Ensure that administrators in the Miami office can approve updates for the client computers in
all of the offices.
Security Requirements
A) Datum identifies the following security requirements:
An offline root certification authority (CA) must be configured.
Client computers must be issued certificates by a server in their local office.
Changes to the CA configuration settings and the CA security settings must be logged.
Client computers must be able to renew certificates automatically over the Internet.
The number of permissions and privileges assigned to users must be minimized whenever
possible.
Users from a group named Group1 must be able to create new instances of App1 in the private
cloud.
Client computers must be issued new certificates when the computers are connected to the
local network only.
The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
Users from Trey Research must be able to access App2 by using their credentials from
treyresearch.com.
###EndCaseStudy###
You need to recommend which type of clustered file server and which type of file share must be used in
the Hyper-V cluster that hosts App2.
The solution must meet the technical requirements and the security requirements.
What should you recommend?
Which audit policy should you configure?
###BeginCaseStudy###
Topic 4, A.Datum Corporation
Overview
A) Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami. The branch
offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server
2008 R2. The main office has the following servers and client computers:
Two domain controllers configured as DNS servers and DHCP servers
One file server that has multiples shares
One thousand client computers that run Windows 7
Each branch office has the following servers and client computers:
One domain controller configured as a DNS server and a DHCP server
Five hundred to 800 client computers that run Windows XP
Each office has multiple subnets. The network speed of the local area network (LAN) is 1 gigabit per
second. The offices connect to each other by using a WAN link. The main office is connected to the
Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency.
The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold
as a service to customers.
Each instance of App1 is comprised of the following three tiers:
A web front end
A middle tier that uses Windows Communication Foundation (WCF)
A Microsoft SQL Server 2008 R2 database on the back endEach tier will be hosted on one or more virtual machines. Multiple tiers cannot coexist on the same
virtual machine.
When customers purchase App1, they can select from one of the following service levels:
Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine
becomes unresponsive, the virtual machine must be restarted.
Enterprise: Uses multiple instances of each virtual machine required by App1 to provide highavailability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a
server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
A web front end
A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office. The virtual
machines will use dynamic IP addresses. A copy of the App2 virtual machines will be maintained in the
Seattle office.
App2 will be used by users from a partner company named Trey Research. Trey Research has a single
Active Directory domain named treyresearch.com. Treyresearch.com contains a server that has the
Active Directory Federation Services server role and all of the Active Directory Federation Services (AD
FS) role services installed.
Planned Changes
A) Datum plans to implement the following changes:
Replace all of the servers with new servers that run Windows Server 2012.
Implement a private cloud by using Microsoft System Center 2012 to host instances of App1.
In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
In the Miami office, deploy two new Hyper-V hosts to the local network.
In the Seattle office, deploy two new Hyper-V hosts.
In the Miami office, implement a System Center 2012 Configuration Manager primary site that
has all of the system roles installed.
Implement a public key infrastructure (PKI).
Notification Requirements
A) Datum identifies the following notification requirements:
Help desk tickets must be created and assigned automatically when an instance of App1
becomes unresponsive. Customers who select the Enterprise service level must receive an email notification each time
a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
A) Datum identifies the following technical requirements:
Minimize costs whenever possible.
Minimize the amount of WAN traffic
Minimize the amount of administrative effort whenever possible.
Provide the fastest possible failover for the virtual machines hosting App2.
Ensure that administrators can view a consolidated report about the software updates in all of
the offices.
Ensure that administrators in the Miami office can approve updates for the client computers in
all of the offices.
Security Requirements
A) Datum identifies the following security requirements:
An offline root certification authority (CA) must be configured.
Client computers must be issued certificates by a server in their local office.
Changes to the CA configuration settings and the CA security settings must be logged.
Client computers must be able to renew certificates automatically over the Internet.
The number of permissions and privileges assigned to users must be minimized whenever
possible.
Users from a group named Group1 must be able to create new instances of App1 in the private
cloud.
Client computers must be issued new certificates when the computers are connected to the
local network only.
The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
Users from Trey Research must be able to access App2 by using their credentials from
treyresearch.com.
###EndCaseStudy###
You are configuring the Certification Authority role service. From the Certification Authority console, you
enable logging. You need to ensure that configuration changes to the certification authority (CA) are
logged.
Which audit policy should you configure?
What should you recommend?
###BeginCaseStudy###
Topic 4, A.Datum Corporation
Overview
A) Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami. The branch
offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server
2008 R2. The main office has the following servers and client computers:
Two domain controllers configured as DNS servers and DHCP servers
One file server that has multiples shares
One thousand client computers that run Windows 7
Each branch office has the following servers and client computers:
One domain controller configured as a DNS server and a DHCP server
Five hundred to 800 client computers that run Windows XP
Each office has multiple subnets. The network speed of the local area network (LAN) is 1 gigabit per
second. The offices connect to each other by using a WAN link. The main office is connected to the
Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency.
The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold
as a service to customers.
Each instance of App1 is comprised of the following three tiers:
A web front end
A middle tier that uses Windows Communication Foundation (WCF)
A Microsoft SQL Server 2008 R2 database on the back endEach tier will be hosted on one or more virtual machines. Multiple tiers cannot coexist on the same
virtual machine.
When customers purchase App1, they can select from one of the following service levels:
Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine
becomes unresponsive, the virtual machine must be restarted.
Enterprise: Uses multiple instances of each virtual machine required by App1 to provide highavailability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a
server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
A web front end
A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office. The virtual
machines will use dynamic IP addresses. A copy of the App2 virtual machines will be maintained in the
Seattle office.
App2 will be used by users from a partner company named Trey Research. Trey Research has a single
Active Directory domain named treyresearch.com. Treyresearch.com contains a server that has the
Active Directory Federation Services server role and all of the Active Directory Federation Services (AD
FS) role services installed.
Planned Changes
A) Datum plans to implement the following changes:
Replace all of the servers with new servers that run Windows Server 2012.
Implement a private cloud by using Microsoft System Center 2012 to host instances of App1.
In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
In the Miami office, deploy two new Hyper-V hosts to the local network.
In the Seattle office, deploy two new Hyper-V hosts.
In the Miami office, implement a System Center 2012 Configuration Manager primary site that
has all of the system roles installed.
Implement a public key infrastructure (PKI).
Notification Requirements
A) Datum identifies the following notification requirements:
Help desk tickets must be created and assigned automatically when an instance of App1
becomes unresponsive. Customers who select the Enterprise service level must receive an email notification each time
a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
A) Datum identifies the following technical requirements:
Minimize costs whenever possible.
Minimize the amount of WAN traffic
Minimize the amount of administrative effort whenever possible.
Provide the fastest possible failover for the virtual machines hosting App2.
Ensure that administrators can view a consolidated report about the software updates in all of
the offices.
Ensure that administrators in the Miami office can approve updates for the client computers in
all of the offices.
Security Requirements
A) Datum identifies the following security requirements:
An offline root certification authority (CA) must be configured.
Client computers must be issued certificates by a server in their local office.
Changes to the CA configuration settings and the CA security settings must be logged.
Client computers must be able to renew certificates automatically over the Internet.
The number of permissions and privileges assigned to users must be minimized whenever
possible.
Users from a group named Group1 must be able to create new instances of App1 in the private
cloud.
Client computers must be issued new certificates when the computers are connected to the
local network only.
The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
Users from Trey Research must be able to access App2 by using their credentials from
treyresearch.com.
###EndCaseStudy###
You have a service template to deploy Appl. You are evaluating the use of Network Load Balancing (NLB)
for the front-end servers used by Appl.
You need to recommend which component must be added to the service template.
What should you recommend?
You need to recommend a software update solution that meets the technical requirements.What should you recomme
###BeginCaseStudy###
Topic 4, A.Datum Corporation
Overview
A) Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami. The branch
offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server
2008 R2. The main office has the following servers and client computers:
Two domain controllers configured as DNS servers and DHCP servers
One file server that has multiples shares
One thousand client computers that run Windows 7
Each branch office has the following servers and client computers:
One domain controller configured as a DNS server and a DHCP server
Five hundred to 800 client computers that run Windows XP
Each office has multiple subnets. The network speed of the local area network (LAN) is 1 gigabit per
second. The offices connect to each other by using a WAN link. The main office is connected to the
Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency.
The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold
as a service to customers.
Each instance of App1 is comprised of the following three tiers:
A web front end
A middle tier that uses Windows Communication Foundation (WCF)
A Microsoft SQL Server 2008 R2 database on the back endEach tier will be hosted on one or more virtual machines. Multiple tiers cannot coexist on the same
virtual machine.
When customers purchase App1, they can select from one of the following service levels:
Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine
becomes unresponsive, the virtual machine must be restarted.
Enterprise: Uses multiple instances of each virtual machine required by App1 to provide highavailability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a
server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
A web front end
A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office. The virtual
machines will use dynamic IP addresses. A copy of the App2 virtual machines will be maintained in the
Seattle office.
App2 will be used by users from a partner company named Trey Research. Trey Research has a single
Active Directory domain named treyresearch.com. Treyresearch.com contains a server that has the
Active Directory Federation Services server role and all of the Active Directory Federation Services (AD
FS) role services installed.
Planned Changes
A) Datum plans to implement the following changes:
Replace all of the servers with new servers that run Windows Server 2012.
Implement a private cloud by using Microsoft System Center 2012 to host instances of App1.
In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
In the Miami office, deploy two new Hyper-V hosts to the local network.
In the Seattle office, deploy two new Hyper-V hosts.
In the Miami office, implement a System Center 2012 Configuration Manager primary site that
has all of the system roles installed.
Implement a public key infrastructure (PKI).
Notification Requirements
A) Datum identifies the following notification requirements:
Help desk tickets must be created and assigned automatically when an instance of App1
becomes unresponsive. Customers who select the Enterprise service level must receive an email notification each time
a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
A) Datum identifies the following technical requirements:
Minimize costs whenever possible.
Minimize the amount of WAN traffic
Minimize the amount of administrative effort whenever possible.
Provide the fastest possible failover for the virtual machines hosting App2.
Ensure that administrators can view a consolidated report about the software updates in all of
the offices.
Ensure that administrators in the Miami office can approve updates for the client computers in
all of the offices.
Security Requirements
A) Datum identifies the following security requirements:
An offline root certification authority (CA) must be configured.
Client computers must be issued certificates by a server in their local office.
Changes to the CA configuration settings and the CA security settings must be logged.
Client computers must be able to renew certificates automatically over the Internet.
The number of permissions and privileges assigned to users must be minimized whenever
possible.
Users from a group named Group1 must be able to create new instances of App1 in the private
cloud.
Client computers must be issued new certificates when the computers are connected to the
local network only.
The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
Users from Trey Research must be able to access App2 by using their credentials from
treyresearch.com.
###EndCaseStudy###
You need to recommend a software update solution that meets the technical requirements.What should you recommend deploying to each branch office?
Does this meet the goal?
###BeginCaseStudy###
Topic 5, Contoso Ltd Case B
Background
Overview
Contoso, Ltd., is a software development company. The company has a main office in Seattle and branch
offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are all located in the Los
Angeles office. Contoso’s software developers are all located in the New Delhi office.Current Environment
The network for the Seattle office contains:
2 domain controllers with integrated DNS
200 Windows workstations
14-node Hyper-V cluster
1 file server with multiple shares
1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
2 domain controllers with integrated DNS
100 Windows workstations
1 file server with multiple shares
The network for the New Delhi office contains:
2 domain controllers with integrated DNS
300 Windows workstations
10 Hyper-V servers that host 100 development virtual machines (VMs)
50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is connected to the
Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named contoso.com.
Contoso.com has a configured certification authority (CA). Contoso currently leverages System Center
Virtual Machine Manager 2012 R2 to manage its virtual environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR users report
that the application stops responding and must be restarted before they can continue their work.
Fabrikam, Inc.
Contoso has recently acquired Fabrikam, Inc. Fabrikam has a single office that is located in Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
The network for Fabrikam contains:
2 domain controllers with Active Directory-integrated DNS
150 Windows workstations
5 Hyper-V servers
1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business RequirementsConsolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The consolidation of
the two networks must:
Minimize all hardware and software costs.
Minimize WAN traffic.
Enable the users by providing self-service whenever possible.
Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using the Trusted
Platform.
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
Developers must be able to manage their own VM checkpoints.
You must implement a disaster recovery strategy for development virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
Consolidate reporting of all software updates in all offices.
Software updates must be applied to all Windows devices.
Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
Each time HRApp1 shows performance problems, ensure that a ticket is created.
When performance problems are resolved, ensure that the ticket closes automatically.
Security
You have the following security requirements:
Ensure that all documents are protected. Ensure that contoso.com domain users get use licenses for RMS-protected documents from the
domain contoso.com.
Ensure that fabrikam.com domain users get use licenses for RMS-protected documents from
the domain contoso.com.
###EndCaseStudy###
You need to ensure that the developers can manage their own virtual machines.
Solution: You perform the following actions:
In Virtual Machine Manager, you create a new user role named DevUsers that uses the
Application Administrator profile.
You grant Checkpoint permissions to the DevUsers role.
You distribute the Self-Service Portal URL to the developers.
Does this meet the goal?
Does this meet the goal?
###BeginCaseStudy###
Topic 5, Contoso Ltd Case B
Background
Overview
Contoso, Ltd., is a software development company. The company has a main office in Seattle and branch
offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are all located in the Los
Angeles office. Contoso’s software developers are all located in the New Delhi office.Current Environment
The network for the Seattle office contains:
2 domain controllers with integrated DNS
200 Windows workstations
14-node Hyper-V cluster
1 file server with multiple shares
1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
2 domain controllers with integrated DNS
100 Windows workstations
1 file server with multiple shares
The network for the New Delhi office contains:
2 domain controllers with integrated DNS
300 Windows workstations
10 Hyper-V servers that host 100 development virtual machines (VMs)
50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is connected to the
Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named contoso.com.
Contoso.com has a configured certification authority (CA). Contoso currently leverages System Center
Virtual Machine Manager 2012 R2 to manage its virtual environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR users report
that the application stops responding and must be restarted before they can continue their work.
Fabrikam, Inc.
Contoso has recently acquired Fabrikam, Inc. Fabrikam has a single office that is located in Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
The network for Fabrikam contains:
2 domain controllers with Active Directory-integrated DNS
150 Windows workstations
5 Hyper-V servers
1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business RequirementsConsolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The consolidation of
the two networks must:
Minimize all hardware and software costs.
Minimize WAN traffic.
Enable the users by providing self-service whenever possible.
Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using the Trusted
Platform.
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
Developers must be able to manage their own VM checkpoints.
You must implement a disaster recovery strategy for development virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
Consolidate reporting of all software updates in all offices.
Software updates must be applied to all Windows devices.
Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
Each time HRApp1 shows performance problems, ensure that a ticket is created.
When performance problems are resolved, ensure that the ticket closes automatically.
Security
You have the following security requirements:
Ensure that all documents are protected. Ensure that contoso.com domain users get use licenses for RMS-protected documents from the
domain contoso.com.
Ensure that fabrikam.com domain users get use licenses for RMS-protected documents from
the domain contoso.com.
###EndCaseStudy###
You need to ensure that the developers can manage their own virtual machines.
Solution: You perform the following tasks:
In Virtual Machine Manager, you create a new user role named DevUsers that uses the
Application Administrator profile.
You add the virtual machines to the DevUsers role.
You grant Checkpoint permissions to the DevUsers role.
You install and configure App Controller.
You distribute the App Controller console URL to the developers.
Does this meet the goal?
Evaluate the Assertion and Reason statements and choose the correct answer option.
###BeginCaseStudy###
Topic 5, Contoso Ltd Case B
Background
Overview
Contoso, Ltd., is a software development company. The company has a main office in Seattle and branch
offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are all located in the Los
Angeles office. Contoso’s software developers are all located in the New Delhi office.Current Environment
The network for the Seattle office contains:
2 domain controllers with integrated DNS
200 Windows workstations
14-node Hyper-V cluster
1 file server with multiple shares
1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
2 domain controllers with integrated DNS
100 Windows workstations
1 file server with multiple shares
The network for the New Delhi office contains:
2 domain controllers with integrated DNS
300 Windows workstations
10 Hyper-V servers that host 100 development virtual machines (VMs)
50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is connected to the
Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named contoso.com.
Contoso.com has a configured certification authority (CA). Contoso currently leverages System Center
Virtual Machine Manager 2012 R2 to manage its virtual environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR users report
that the application stops responding and must be restarted before they can continue their work.
Fabrikam, Inc.
Contoso has recently acquired Fabrikam, Inc. Fabrikam has a single office that is located in Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
The network for Fabrikam contains:
2 domain controllers with Active Directory-integrated DNS
150 Windows workstations
5 Hyper-V servers
1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business RequirementsConsolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The consolidation of
the two networks must:
Minimize all hardware and software costs.
Minimize WAN traffic.
Enable the users by providing self-service whenever possible.
Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using the Trusted
Platform.
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
Developers must be able to manage their own VM checkpoints.
You must implement a disaster recovery strategy for development virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
Consolidate reporting of all software updates in all offices.
Software updates must be applied to all Windows devices.
Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
Each time HRApp1 shows performance problems, ensure that a ticket is created.
When performance problems are resolved, ensure that the ticket closes automatically.
Security
You have the following security requirements:
Ensure that all documents are protected. Ensure that contoso.com domain users get use licenses for RMS-protected documents from the
domain contoso.com.
Ensure that fabrikam.com domain users get use licenses for RMS-protected documents from
the domain contoso.com.
###EndCaseStudy###
This question consists of two statements: One is named Assertion and the other is named Reason. Both
of these statements may be true; both may be false; or one may be true, while the other may be false.
To answer this question, you must first evaluate whether each statement is true on its own. If both
statements are true, then you must evaluate whether the Reason (the second statement) correctly
explains the Assertion (the first statement). You will then select the answer from the list of answer
choices that matches your evaluation of the two statements.
Assertion:
You must implement Azure site recovery between the New Delhi and Seattle offices to meet the backup
requirements.
Reason:
Azure site recovery allows replication and failover of virtual machines on host servers that are located in
the Virtual Machine Manager cloud.
Evaluate the Assertion and Reason statements and choose the correct answer option.
which order should you perform the actions?
###BeginCaseStudy###
Topic 5, Contoso Ltd Case B
Background
Overview
Contoso, Ltd., is a software development company. The company has a main office in Seattle and branch
offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are all located in the Los
Angeles office. Contoso’s software developers are all located in the New Delhi office.Current Environment
The network for the Seattle office contains:
2 domain controllers with integrated DNS
200 Windows workstations
14-node Hyper-V cluster
1 file server with multiple shares
1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
2 domain controllers with integrated DNS
100 Windows workstations
1 file server with multiple shares
The network for the New Delhi office contains:
2 domain controllers with integrated DNS
300 Windows workstations
10 Hyper-V servers that host 100 development virtual machines (VMs)
50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is connected to the
Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named contoso.com.
Contoso.com has a configured certification authority (CA). Contoso currently leverages System Center
Virtual Machine Manager 2012 R2 to manage its virtual environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR users report
that the application stops responding and must be restarted before they can continue their work.
Fabrikam, Inc.
Contoso has recently acquired Fabrikam, Inc. Fabrikam has a single office that is located in Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
The network for Fabrikam contains:
2 domain controllers with Active Directory-integrated DNS
150 Windows workstations
5 Hyper-V servers
1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business RequirementsConsolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The consolidation of
the two networks must:
Minimize all hardware and software costs.
Minimize WAN traffic.
Enable the users by providing self-service whenever possible.
Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using the Trusted
Platform.
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
Developers must be able to manage their own VM checkpoints.
You must implement a disaster recovery strategy for development virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
Consolidate reporting of all software updates in all offices.
Software updates must be applied to all Windows devices.
Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
Each time HRApp1 shows performance problems, ensure that a ticket is created.
When performance problems are resolved, ensure that the ticket closes automatically.
Security
You have the following security requirements:
Ensure that all documents are protected. Ensure that contoso.com domain users get use licenses for RMS-protected documents from the
domain contoso.com.
Ensure that fabrikam.com domain users get use licenses for RMS-protected documents from
the domain contoso.com.
###EndCaseStudy###
DRAG DROP
You need to implement the network Unlock feature to meet the BitLocker requirements.
In which order should you perform the actions? To answer, move all actions from the list of actions to
the answer area and arrange them in the correct order.
Evaluate the Assertion and Reason statements and choose the correct answer option.
###BeginCaseStudy###
Topic 5, Contoso Ltd Case B
Background
Overview
Contoso, Ltd., is a software development company. The company has a main office in Seattle and branch
offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are all located in the Los
Angeles office. Contoso’s software developers are all located in the New Delhi office.Current Environment
The network for the Seattle office contains:
2 domain controllers with integrated DNS
200 Windows workstations
14-node Hyper-V cluster
1 file server with multiple shares
1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
2 domain controllers with integrated DNS
100 Windows workstations
1 file server with multiple shares
The network for the New Delhi office contains:
2 domain controllers with integrated DNS
300 Windows workstations
10 Hyper-V servers that host 100 development virtual machines (VMs)
50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is connected to the
Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named contoso.com.
Contoso.com has a configured certification authority (CA). Contoso currently leverages System Center
Virtual Machine Manager 2012 R2 to manage its virtual environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR users report
that the application stops responding and must be restarted before they can continue their work.
Fabrikam, Inc.
Contoso has recently acquired Fabrikam, Inc. Fabrikam has a single office that is located in Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
The network for Fabrikam contains:
2 domain controllers with Active Directory-integrated DNS
150 Windows workstations
5 Hyper-V servers
1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business RequirementsConsolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The consolidation of
the two networks must:
Minimize all hardware and software costs.
Minimize WAN traffic.
Enable the users by providing self-service whenever possible.
Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using the Trusted
Platform.
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
Developers must be able to manage their own VM checkpoints.
You must implement a disaster recovery strategy for development virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
Consolidate reporting of all software updates in all offices.
Software updates must be applied to all Windows devices.
Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
Each time HRApp1 shows performance problems, ensure that a ticket is created.
When performance problems are resolved, ensure that the ticket closes automatically.
Security
You have the following security requirements:
Ensure that all documents are protected. Ensure that contoso.com domain users get use licenses for RMS-protected documents from the
domain contoso.com.
Ensure that fabrikam.com domain users get use licenses for RMS-protected documents from
the domain contoso.com.
###EndCaseStudy###
This question consists of two statements: One is named Assertion and the other is named Reason. Both
of these statements may be true; both may be false; or one may be true, while the other may be false.
To answer this question, you must first evaluate whether each statement is true on its own. If both
statements are true, then you must evaluate whether the Reason (the second statement) correctly
explains the Assertion (the first statement). You will then select the answer from the list of answer
choices that matches your evaluation of the two statements.
Assertion:You must implement a Windows Server Gateway in the Seattle office.
Reason:
A Windows Server Gateway will prevent users from saving documents outside of the Seattle location.
Evaluate the Assertion and Reason statements and choose the correct answer option.