You install a read-only domain controller (RODC) named RODC1. You need to ensure that a user
named User1 can administer RODC1. The solution must minimize the number of permissions
assigned to User1. Which tool should you use?

Your network contains an Active Directory domain. The domain contains a server named Server1.
Server1 runs Windows Server 2008 R2. You need to mount an Active Directory Lightweight Directory
Services (AD LDS) snapshot from Server1. What should you do?

Your network contains an Active Directory domain named contoso.com. The network contains client
computers that run either Windows Vista or Windows 7. Active Directory Rights Management
Services (AD RMS) is deployed on the network. You create a new AD RMS template that is
distributed by using the AD RMS pipeline. The template is updated every month. You need to ensure
that all the computers can use the most up-to-date version of the AD RMS template. You want to
achieve this goal by using the minimum amount of administrative effort. What should you do?

Your network contains a single Active Directory domain. Active Directory Rights Management
Services (AD RMS) is deployed on the network. A user named User1 is a member of only the AD RMS
Enterprise Administrators group. You need to ensure that User1 can change the service connection
point (SCP) for the AD RMS installation. The solution must minimize the administrative rights of
User1. To which group should you add User1?

Your company has a server that runs an instance of Active Directory Lightweight Directory Services
(AD LDS). You need to create new organizational units in the AD LDS application directory partition.
What should you do?

Network Access Protection (NAP) is configured for the corporate network. Users connect to the
corporate network by using portable computers. The company policy requires confidentiality of data
when the data is in transit between the portable computers and the servers. You need to ensure
that users can access network resources only from computers that comply with the company policy.
What should you do?

Your network contains a Routing and Remote Access server named RRAS1 and a DHCP server named
DHCP1. RRAS1 and DHCP1 are located in different subnets. RRAS1 is configured to support VPN
connections from the Internet. DHCP1 has a scope that provides IP addresses for the VPN
connections. You need to ensure that VPN clients that connect to RRAS1 can receive IP addresses
from DHCP1. What should you do?

Your network contains a Routing and Remote Access server named RRAS1 and a DHCP server named
DHCP1. RRAS1 and DHCP1 are located in different subnets. RRAS1 is configured to support VPN
connections from the Internet. DHCP1 has a scope that provides IP addresses for the VPN
connections. You need to ensure that VPN clients that connect to RRAS1 can receive IP addresses
from DHCP1. What should you do?

Your network contains an Active Directory domain. The network has DirectAccess deployed. You
deploy the DirectAccess Connectivity Assistant (DCA) to all client computers. You need to ensure
that users can view their DirectAccess status by using the DCA. Which two group policy settings
should you configure? (Each correct answer presents part of the solution. Choose two.)

Your network contains an Active Directory forest. The forest contains two domains named
contoso.com and eu.contoso.com. You install a Network Policy Server (NPS) named Server1 in the
contoso.com domain. You need to ensure that Server1 can read the dial-in properties of the user
accounts in the eu.contoso.com domain. What should you do?