Your company has two Active Directory forests as shown in the following table.

The forests are connected by using a two-way foresttrust. Each trust direction is configured with forest-wide
authentication. The new security policy of the company prohibits users from the eng.fabrikam.com domain to
access resources in the contoso.com domain.
You need to configure the forest trust to meet the new security policy requirement.
What should you do?

Your company has an Active Directory Rights Management Services (AD RMS) server. Users have Windows
Vista computers. An Active Directory domain is configured at the Windows Server 2003 functional level.
You need to configure AD RMS so that users are ableto protect their documents.
What should you do?

Your company has an Active Directory domain. All consultants belong to a global group named TempWorkers.
The TempWorkers group is not nested in any other groups.
You move the computer objects of three file serversto a new organizational unit named SecureServers. These
file servers contain only confidential data in shared folders.
You need to prevent members of the TempWorkers group from accessing the confidential data on the file
servers.
You must achieve this goal without affecting accessto other domain resources.
What should you do?

Your network consists of a single Active Directory domain. User accounts for engineering department are
located in an OU named Engineering.
You need to create a password policy for the engineering department that is different from your domain
password policy.
What should you do?

Your network contains an Active Directory domain. The domain contains two domain controllers named DC1
and DC2.
DC1 hosts a standard primary DNS zone for the domain. Dynamic updates are enabled on the zone. DC2 hosts
a standard secondary DNS zone for the domain.
You need to configure DNS to allow only secure dynamic updates.
What should you do first?

Your network contains a domain controller that has two network connections named Internal and Private.
Internal has an IP address of 192.168.0.20. Privatehas an IP address of 10.10.10.5. You need to prevent the
domain controller from registering Host (A) recordsfor the 10.10.10.5 IP address.
What should you do?

Your network contains an Active Directory forest named contoso.com. You plan to add a new domain named
nwtraders.com to the forest. All DNS servers are domain controllers.
You need to ensure that the computers in nwtraders.com can update their Host (A) records on any of theDNS
servers in the forest.
What should you do?

Your network contains an Active Directory domain named contoso.com. The domain contains a domain
controller named DC1. DC1 hosts a standard primary zone for contoso.com.
You discover that non-domain member computers register records in the contoso.com zone.
You need to prevent the non-domain member computersfrom registering records in the contoso.com zone.
All domain member computers must be allowed to register records in the contoso.com zone.
What should you do first?

Your network contains an Active Directory domain named contoso.com.
You create a GlobalNames zone. You add an alias (CNAME) resource record named Server1 to the zone. The
target host of the record is server2. contoso.com.
When you ping Server1, you discover that the name fails to resolve.
You successfully resolve server2.contoso.com.
You need to ensure that you can resolve names by using the GlobalNames zone.
What should you do?

Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The DNS zone for contoso.com is
configured as an Active Directory-integrated zone and is replicated to all domain controllers in the domain.
The main office contains a writable domain controller named DC1. The branch office contains a read- only
domain controller (RODC) named RODC1. All domain controllers run Windows Server 2008 R2 and are
configured as DNS servers.
You uninstall the DNS server role from RODC1.
You need to prevent DNS records from replicating toRODC1.
What should you do?