Your network consists of one Active Directory domain. The functional level of the domain is Windows Server 2008 R2.
Your company has 10 departments. Each department has a department manager and a department administrator. Some department administrators are responsible for multiple departments. You have an organizational unit (OU) named AllUsers that contains all user accounts.

You need to recommend a solution to simplify the management of all users in the domain.

The solution must meet the following requirements:
Department managers must only be able to reset passwords for users in their respective departments.
Department administrators must only be able to modify user accounts in their respective departments.
Only the respective department administrators and managers must be able to manage the accounts of users who are transferred to their departments from other
departments.

What should you recommend?

Your company has a main office and nine branch offices. Each office is configured as a separate TCP/IP subnet.
You plan to deploy Active Directory domain controllers in all offices. You install the first domain controller for the forest in the main office.

You need to prepare the environment for the deployment of domain controllers in all offices. The solution must ensure that users always authenticate to a domain controller in their local office, unless it is unavailable.

What should you do?

Your company has three offices. Each office is configured as an Active Directory site. The network consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2. The company has five departments. You use a domain-level Group Policy object (GPO) to install Microsoft Office on all client computers.

You need to deploy a GPO strategy to meet the following requirements:
Install a custom application in one of the departments.
Restrict access to removable storage devices for all users.
Implement separate Windows Internet Explorer proxy settings for each physical location.

What should you do?

You work as an IT professional in an international company which is named Contoso. Your major job is to translate business goals into technology decisions and plan mid-range to long-term strategies. And you are experienced in network infrastructure, security policy and business continuity. In your company, you are responsible for infrastructure design and global configuration changes.
Your company has one head office named H1 and one branch office named B1. A single wide area network (WAN) link connects the offices.
One Active Directory domain is contained in the network. Servers that run Windows Server 2008 are contained in this domain.
The table below shows the configuration of the relevant servers:
Server name
Installed services
Location
Server1
Active Directory Domain Services (AD DS)
File Services
Distributed File System (DFS)
H1
Server2
Active Directory Domain Services (AD DS)
File Services
Distributed File System (DFS)
B1
An organizational unit (OU) named Main1-computers is created by you. This OU contains all computer accounts in Main1.
An OU named Branch1-computers is created by you. This OU contains all computer accounts in B1.
A Group Policy object (GPO) named GPO1 is linked to the domain.
You plan to use GPO1 to install applications on computers in both offices.
The D:Software folder on Server1 is shared as Server1Software.
The D:Software folder on Server2 is shared as Server2Software.
DFS Replication is configured to replicate the contents of Server1Software to Server2Software.
Now you receive an order from the company CIO.
Since you are the technical support, you are asked to prepare the environment to enable computers in both offices to allow the installation of applications if a WAN link fails.
What action should you perform?

Your network consists of one Active Directory forest that contains two domains named domain1 and domain2.
The functional level of the forest is Windows Server 2003.
All domain controllers run Windows Server 2003.
The relevant portion of the network is configured as shown in the exhibit.
All domain controllers for domain1 are in the hub sites.
All domain controllers for domain2 are in the spoke sites.
The Bridge all site links option is disabled.
You plan to deploy a read-only domain controller (RODC) in SiteH for domain2.
You need to prepare the environment for the installation of the RODC.
What should you do?
Exhibit:

Your network consists of one Active Directory domain that contains two servers named Server1 and Server2 that run Windows Server 2008.
Server1 runs Active Directory Certificate Services (AD CS) and is configured as an enterprise root certification authority (CA).
Server1 is only accessible from the internal network.
Server1 issues certificates to both internal and external client computers that run Windows Vista.
Server2 is configured as a Web server. Server2 is located in the perimeter network and is only accessible through HTTP.
The network is configured as shown in the following diagram:
You need to recommend an e-mail security solution for all Windows Vista client computers that meets the following requirements:
– Users must only request status information for individual certificates.
– Users must be notified when they attempt to send a secure e-mail message to a user that has an expired certificate.
What should you recommend?

Your network consists of one Active Directory domain that contains two servers that run Windows Server 2008 named Server1 and Server2.
Server1 runs Active Directory Certificate Services (AD CS) and is configured as a certification authority (CA).
Server2 runs Internet Information Services (IIS) and hosts a secure Web service.
External users must subscribe in order to access the Web service.
The Web service accepts subscriptions only from client computers that run Windows XP Service Pack 2 or Windows Vista.
The relevant portion of the network is configured as shown in the following diagram:
You need to ensure that subscribers can successfully connect to the Web service on Server2 through HTTPS.
Users must not receive any certificate-related errors.
What should you do on Server2?

You network contains one Active Directory domain.
All domain controllers run Windows Server 2008.
The network has 100 servers and 5,000 client computers. Client computers run either Windows XP Service Pack 2 (SP2) or Windows Vista Service Pack 1 (SP1).
You need to plan the deployment of Certificate Services on the network to support the following requirements:
– Automatic certificate enrollment
– Supported certificates for all client computers
What should you include in your plan?

Your network consists of one Active Directory domain and one IP subnet. All servers run Windows Server 2008. All client computers run Windows Vista.
The servers are configured as shown in the following table:
All network switches used for client connections are unmanaged. Some users connect to the local area network (LAN) from client computers that are joined to a workgroup. Some client computers do not have the latest Microsoft updates installed.
You need to recommend a Network Access Protection (NAP) solution to protect the network.
The solution must meet the following requirements:
– Only computers that are joined to the domain must be able to connect to servers in the domain.
– Only computers that have the latest Microsoft updates installed must be able to connect to servers in the domain.
exhibit Which NAP enforcement method should you use?

Your company has two main offices in Denver and Chicago and four branch offices in New York, Miami, Seattle, and San Francisco.
Each office is configured as an Active Directory site. Site links are configured as shown in the exhibit.
The network consists of one Active Directory forest.
All domain controllers run Windows Server 2003.
Each main office has four domain controllers. Each branch office has one domain controller. The Bridge all site links option is disabled.
You need to prepare the environment to install a read-only domain controller (RODC) in each branch office. The solution must be achieved by upgrading the minimum number of domain controllers.
What should you do?
Exhibit: