What should you request a domain administrator to do?
###BeginCaseStudy###
Case Study: 7
Contoso, Ltd
Scenario:
You are an enterprise desktop support technician for Contoso, Ltd.
IP Addressing
Contoso has one office. The IP addressing for Contoso is configured as shown in the
following table.
Active Directory Configuration
You have an Active Directory forest that contains one domain named contoso.com. All
domain controllers run Windows Server 2008 R2. An OU exists for each department in the
company. The MainOffice Users and Computers OU contains the OUs for each department in
the company. The Users OUs contains the user accounts for each department. The Computers
OUs contain the computeraccounts for each department. The Domain Controllers OU
contains the computer accounts for all domain controllers. The Servers OU contains the
computer accounts for all other servers. Custom Group Policy objects (GPOs) are linked to
each departmental OU, the Domain Controllers OU, and the Servers OU.
Server Configuration
The relevant servers are configured as shown in the following table.
A year ago, a Windows Server 2008 R2 VPN server was deployed. Ten sales users
participated in a pilot project to test the new VPN. The pilot project lasted two months. After
the pilot project, the VPN server was put into production. The VPN server allows
L2TP/IPSec-based VPN connections only. The VPN server requires certificate
authentication.
Printer Configuration
Network printers are located in a single room on each floor. Users can search Active
Directory to find printers that are nearby. Print1 is the print server for all printers.
Client Computer Configuration
Most users have desktop computers. Several users in the sales and management departments
have portable computers because they travel frequently. All client computers run Windows 7
Enterprise. The Windows Internet Explorer proxy settings are configured on all client
computers by using a GPO named GPO-IE. GPO-IE is linked to the domain. All users in the
company use a custom application named App1. App1 is manually installed on all client
computers. A new version of App1 is available. Some features in the new version of App1
are incompatible with the previous version of App1.
###EndCaseStudy###
The sales users that were part of the VPN server pilot project report that they can no longer
establish VPN connections to the internal network. You need to ensure that all authorized users can
establish VPN connections to the internal network. What should you request a domain administrator
to do?
Which settings should you request be modified in the APP1Deploy GPO?
###BeginCaseStudy###
Case Study: 8
Fourth Coffee
Scenario:
You are an enterprise desktop support technician for Fourth Coffee. The network contains a
single domain named fourthcoffee.com.
Physical Environment
The company has three offices. The offices are configured as shown in the following table.
The relevant servers are configured as shown in the following table.
The Web1 server is accessible only through the URL http://web1.fourthcoffee.local
Application Configurations
Fourth Coffee deploys an application named App1 to users in the main office by using a
Group Policy object (GPO) named APP1Deploy. App1 requires that a drive named M be
mapped to
\\AppServer1\AppData$. App1 saves information on a local computer if drive M is
unavailable. All client computers have drive M.
Security Policy
The corporate security policy states that domain controllers can only be deployed in secure
data centers. Branch office 2 does not have a secure data center.
Client Configuration
All users connect remotely through VPN1. VPN1 is configured to accept only SSTP-based
VPN connections. All client computers receive IP configurations from DHCP. You recently
purchased 100 desktop computers from a new hardware vendor.
###EndCaseStudy###
The application support team reports that the App1 data of some users is not saved to AppServer1.
The team reports that the users deleted the mapped drive. You need to prevent the users from
deleting the mapped drive. Which settings should you request be modified in the APP1Deploy GPO?
You need to ensure that the users can access the shared folders if the WAN link fails
###BeginCaseStudy###
Case Study: 8
Fourth Coffee
Scenario:
You are an enterprise desktop support technician for Fourth Coffee. The network contains a
single domain named fourthcoffee.com.
Physical Environment
The company has three offices. The offices are configured as shown in the following table.
The relevant servers are configured as shown in the following table.
The Web1 server is accessible only through the URL http://web1.fourthcoffee.local
Application Configurations
Fourth Coffee deploys an application named App1 to users in the main office by using a
Group Policy object (GPO) named APP1Deploy. App1 requires that a drive named M be
mapped to
\\AppServer1\AppData$. App1 saves information on a local computer if drive M is
unavailable. All client computers have drive M.
Security Policy
The corporate security policy states that domain controllers can only be deployed in secure
data centers. Branch office 2 does not have a secure data center.
Client Configuration
All users connect remotely through VPN1. VPN1 is configured to accept only SSTP-based
VPN connections. All client computers receive IP configurations from DHCP. You recently
purchased 100 desktop computers from a new hardware vendor.
###EndCaseStudy###
Users in branch office 2 map drives to shared folders on SRV1. The users report that they cannot
access files in the shared folders when the WAN link between branch office 2 and the main office is
unavailable. When they attempt to access the files, they are prompted to enter their credentials but
are denied access. You need to ensure that the users can access the shared folders if the WAN link
fails. What should you do?
What should you configure?
###BeginCaseStudy###
Case Study: 8
Fourth Coffee
Scenario:
You are an enterprise desktop support technician for Fourth Coffee. The network contains a
single domain named fourthcoffee.com.
Physical Environment
The company has three offices. The offices are configured as shown in the following table.
The relevant servers are configured as shown in the following table.
The Web1 server is accessible only through the URL http://web1.fourthcoffee.local
Application Configurations
Fourth Coffee deploys an application named App1 to users in the main office by using a
Group Policy object (GPO) named APP1Deploy. App1 requires that a drive named M be
mapped to
\\AppServer1\AppData$. App1 saves information on a local computer if drive M is
unavailable. All client computers have drive M.
Security Policy
The corporate security policy states that domain controllers can only be deployed in secure
data centers. Branch office 2 does not have a secure data center.
Client Configuration
All users connect remotely through VPN1. VPN1 is configured to accept only SSTP-based
VPN connections. All client computers receive IP configurations from DHCP. You recently
purchased 100 desktop computers from a new hardware vendor.
###EndCaseStudy###
The help desk reports that the new computers experience intermittent failures that generate stop
errors. You need to collect all the critical errors from the new computers. What should you
configure?
What should you request?
###BeginCaseStudy###
Case Study: 8
Fourth Coffee
Scenario:
You are an enterprise desktop support technician for Fourth Coffee. The network contains a
single domain named fourthcoffee.com.
Physical Environment
The company has three offices. The offices are configured as shown in the following table.
The relevant servers are configured as shown in the following table.
The Web1 server is accessible only through the URL http://web1.fourthcoffee.local
Application Configurations
Fourth Coffee deploys an application named App1 to users in the main office by using a
Group Policy object (GPO) named APP1Deploy. App1 requires that a drive named M be
mapped to
\\AppServer1\AppData$. App1 saves information on a local computer if drive M is
unavailable. All client computers have drive M.
Security Policy
The corporate security policy states that domain controllers can only be deployed in secure
data centers. Branch office 2 does not have a secure data center.
Client Configuration
All users connect remotely through VPN1. VPN1 is configured to accept only SSTP-based
VPN connections. All client computers receive IP configurations from DHCP. You recently
purchased 100 desktop computers from a new hardware vendor.
###EndCaseStudy###
VPN users report that they cannot access shared resources in the branch offices. They can access
shared resources in the main office. Users in the main office report that they can access shared
resources in the branch offices. You need to ensure that the VPN users can access shared resources
in the branch offices. What should you request?
You need to ensure that App1 runs on Windows 7 computers
###BeginCaseStudy###
Case Study: 9
Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two
offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for
each office. The network contains the organizational units (OUs) that are shown in the
following table.
The network contains an enterprise root certification authority (CA). Certificate
autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by
using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1
configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS).
The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to
WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain
name website1.wingtiptoys.com is resolved by using the Hosts file that is located on each
client computer. Users frequently work from home. Home users connect to the internal
network by using SSTP-based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on
computers that run Windows XP. You test App1 by using the Microsoft Application
Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on
Windows 7.
###EndCaseStudy###
You deploy App1 on a test Windows 7 computer and notice that it fails to run. You need to ensure
that App1 runs on Windows 7 computers. What should you do?
You need to ensure that users can connect to website1.wingtiptoys.com from the Internet
###BeginCaseStudy###
Case Study: 9
Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two
offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for
each office. The network contains the organizational units (OUs) that are shown in the
following table.
The network contains an enterprise root certification authority (CA). Certificate
autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by
using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1
configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS).
The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to
WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain
name website1.wingtiptoys.com is resolved by using the Hosts file that is located on each
client computer. Users frequently work from home. Home users connect to the internal
network by using SSTP-based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on
computers that run Windows XP. You test App1 by using the Microsoft Application
Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on
Windows 7.
###EndCaseStudy###
An administrator modifies the external IP address of Web1 and creates a Hosts (A) record for
website1.wingtiptoys.com on the external DNS servers. Your users report that they can no longer
connect to website1.wingtiptoys.com from the Internet. You need to ensure that users can connect
to website1.wingtiptoys.com from the Internet. What should you do?
What should you request?
###BeginCaseStudy###
Case Study: 9
Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two
offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for
each office. The network contains the organizational units (OUs) that are shown in the
following table.
The network contains an enterprise root certification authority (CA). Certificate
autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by
using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1
configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS).
The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to
WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain
name website1.wingtiptoys.com is resolved by using the Hosts file that is located on each
client computer. Users frequently work from home. Home users connect to the internal
network by using SSTP-based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on
computers that run Windows XP. You test App1 by using the Microsoft Application
Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on
Windows 7.
###EndCaseStudy###
A group of users from office 2 travels to office 1 to work on a project. The users from office 2 report
that they are unable to connect to the wireless network in office 1 from their portable computers. A
help desk administrator manually provides the users with access to the wireless network. You need
to ensure that the next time users from office 2 travel to office 1 they can connect to the wireless
network in office 1. What should you request?
What should you recommend?
###BeginCaseStudy###
Case Study: 9
Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two
offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for
each office. The network contains the organizational units (OUs) that are shown in the
following table.
The network contains an enterprise root certification authority (CA). Certificate
autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by
using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1
configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS).
The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to
WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain
name website1.wingtiptoys.com is resolved by using the Hosts file that is located on each
client computer. Users frequently work from home. Home users connect to the internal
network by using SSTP-based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on
computers that run Windows XP. You test App1 by using the Microsoft Application
Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on
Windows 7.
###EndCaseStudy###
The help desk reports that they receive many calls from remote users who cannot access Internet
Web sites while they are connected to the VPN. The help desk instructs the users to manually
configure the VPN connection so that the users can access Internet Web sites while connected to the
VPN. You need to provide a recommendation to reduce the number of calls to the help desk
regarding this issue. What should you recommend?
What should you request?
###BeginCaseStudy###
Case Study: 9
Wingtip Toys
Scenario:
You are an enterprise desktop support technician for Wingtip Toys. Wingtip Toys has two
offices.
Active Directory Configuration
The network contains a single Active Directory domain. An Active Directory site exists for
each office. The network contains the organizational units (OUs) that are shown in the
following table.
The network contains an enterprise root certification authority (CA). Certificate
autoenrollement is enabled for all users.
Network Configuration
Each office has a wireless network. You control access to the wireless network in office 1 by
using Network Access Protection (NAP). A Group Policy object (GPO) named GPO1
configures the NAP settings for the computers in office 1.
Resource Access
The Documents folders of all users are encrypted by using Encrypting File System (EFS).
The Documents folders of all users are backed up daily.
A Web server named Web1 hosts an internal Web site named WebSite1. Users connect to
WebSite1 from the Internet by using the URL http://website1.wingtiptoys.com. The domain
name website1.wingtiptoys.com is resolved by using the Hosts file that is located on each
client computer. Users frequently work from home. Home users connect to the internal
network by using SSTP-based VPN connections.
Line of Business Applications
Your company has a line-of-business application named App1. App1 is installed only on
computers that run Windows XP. You test App1 by using the Microsoft Application
Compatibility Toolkit (ACT). ACT reports that App1 can be made compatible to run on
Windows 7.
###EndCaseStudy###
A user’s computer fails. The help desk provides the user with a new computer. The user’s Documents
folder is restored from the backup. The user reports that he can no longer access his encrypted files.
The help desk recovers the files by using a data recovery agent (DRA). You need to ensure that when
users receive new computers, they can access their encrypted files without administrative
intervention. What should you request?