What should you include in your plan?
Your network contains servers that run Windows Server 2008 R2 and client computers that run Windows 7.
You deploy a public key infrastructure by using Certificate Services servers that run Windows Server 2008 R2.
You need to plan the implementation of smart card authentication on the network.
The solution must meet the following requirements:
� Help desk users must only be able to enroll user certificates.
� Managers must be able to enroll smartcards for other employees.
� Managers must be able to use their client computers to manage certificates.
What should you include in your plan?
What should you recommend?
Your company has a main office and 10 branch offices.
The network consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2 and are located in the main office.
Each branch office contains one member server. Branch office administrators in each branch office are assigned the necessary rights to administrators only their member servers. You deploy one read-only domain controller (RODC) in each branch office.
You need to recommend a security solution for the branch office Windows Server 2008 R2 domain controllers.
The solution must meet the following requirements:
� Branch office administrators must be granted rights on their local domain controller only.
� Branch office administrators must be able to administer the domain controller in their branch office. This includes changing device drivers and running Windows
updates.
What should you recommend?
What should you include in your plan?
You network consist of one Active Directory domain and three Network Information Services (NIS) domains. All domain controllers run Windows
Server 2008 R2. All NIS domain servers run UNIX-based operating systems.
You need to plan the integration of the Active Directory domain and the NIS domains.
The solution must meet the following requirements:
� Minimize the Costs required to implement the solution.
� Minimize the number of additional Windows servers required.
� Provide centralized administration of Active Directory domain objects and NIS domain objects.
What should you include in your plan?
What should you do?
Your company has one main office and four branch offices. Each branch office has a read-only domain controller (RODC).
The network consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2. Some branch office users work in a department named Sales. Sales department users must be able to log on to all computers in their respective branch offices, even if a wide area network (WAN) link fails.
The company security policy has the following requirements:
� User account passwords must be replicated to the minimum number of locations.
� A minimum number of passwords must be replicated to the branch office domain controllers
You need to configure a password replication policy that supports the company security policy.
What should you do?
What should you do?
Your network contains two servers named Server1 and Server2. Server1 is a reverse proxy. Server2 runs Windows Server 2008 R2 and has the Web server (IIS) server role installed. Server2 hosts a secure Web site. You want users to connect to Server2 by using the https://www.contoso.com URL.
You need to prepare the environment for the deployment of server certificates to meet the foflowmg requirements:
� Users connecting from the local network must only connect directly to Server2.
� Users must be able to access the Web site on Server2 when they connect from the Internet or the internal network.
What should you do?
What should you do?
Your network consists of one Active Directory domain. All domain controllers run either Windows Server 2008 R2 or Windows Server 2003 SP2. A custom application stores passwords in Active Directory. You plan to deploy read-only domain controllers (RODCs) on the network.
You need to prevent custom application passwords from being replicated to the ROOCs.
What should you do?
What should you do?
Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2.
You need to deploy Active Directory Certificate Services on the network to support the following requirements:
� Maintain availability if a single server fails.
� Delegate the enrollment of certificates for separate groups of users,
� Restrict the types of certificates that can be issued by a certificate manager.
What should you do?
What should you do?
Your company named Contoso, Ltd. and another company named Fabrikam, Inc. establish a partnership. The Contoso network consists of one Active Directory forest named contoso.com. The Fabrikam network consists of one Active Directory forest named fabnkam.com.
Users from contoso.com plan to share files with users from fabrikam.com.
You need to prepare the environment so that users from contoso.com can protect confidential files from being copied or forwarded to unauthorized users.
What should you do?
What should you recommend?
Your network consists of one Active Directory domain. The functional level of the domain is Windows Server 2008 R2.
Your company has three departments named Sales, Marketing, and Engineering. All users in the domain are in an organizational unit (OU) named AllUsers.
You have three custom applications. You deploy all custom applications by using a Group Policy object (GPO) named AppInstall.
The Sales department purchases a new application that is only licensed for use by the Sales department.
You need to recommend a solution to simplify the distribution of the new application.
The solution must meet the following requirements:
� The application must only be distributed to licensed users.
� The amount of administrative effort required to manage the users must remain unaffected.
� The three custom applications must be distributed to all existing and new users on the network.
What should you recommend?
What should you do?
Your network consists of one Active Directory forest. The functional level of the forest is Windows Server 2003.
You upgrade all domain controllers from Windows Server 2003 SP2 to Windows Server 2008 R2. You plan to deploy the first read-only domain controller (RODC) in the forest.
You need to prepare the network for the installation of the RODC.
What should you do?