3 Months Free Subscription of 70-413 Exam Dumps

Author: Jessica Fay

Case Study: 1

Contoso Ltd Case A

Overview

Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is migrating to Windows Server 2012.

The company has two main offices and two branch offices. The main offices are located in Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other branch office is a research office located in Brussels.

The offices connect to each other by using a WAN link.

Current Environment

Active Directory

The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office.

The forest contains a child domain named research.contoso.com.

The functional level of both the domains is Windows Server 2008.

In each site, there are two domain controllers for the contoso.com domain and two domain controllers for the research.contoso.com domain. The domain controllers run Windows Server 2008 R2.

All of the domain controllers are global catalog servers.

The FSMO roles were not moved since the domains were deployed.

Network Infrastructure

All servers run Windows Server 2008 R2.

Each user has a laptop computer that runs Windows 7.

The company has 10 print servers. Each print server contains several shared printers.

The company has 10 file servers that have the following disk configurations:

  • A simple volume named C that is the System and Boot volume and is formatted NTFS
  • A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
  • A simple volume named D that is formatted FAT32
  • A simple volume named E that is formatted NTFS
  • A Clustered Shared Volume (CSV)

The Paris office contains a server named PA1. The Amsterdam office contains a server named AM1.

Both servers have the following server roles installed:

  • DNS Server
  • DHCP Server
  • Remote Access

The DNS servers are configured to use the DNS servers of the company's Internet Service Provider (ISP) as forwarders.

Users often work remotely. The users access the internal network by using an SSTP-based VPN connection.

Requirements

Planned Changes

The company plans to implement the following changes:

  • Create a child domain named sales.contoso.com. Only the domain controllers in sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012. The client computers in sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
  • Implement two servers in the Amsterdam office and two servers in the Paris office to replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have shared storage.
  • Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
  • Migrate the existing print queues to virtualized instances of Windows Server 2012.
  • Migrate the file servers to new servers that run Windows Server 2012.
  • Implement RADIUS authentication for VPN connections.
  • Deploy Windows Server 2012 to all new servers.

Technical Requirements

The company identifies following technical requirements:

  • All changes to Group Policies must be logged.
  • Network Access Protection (NAP) policies must be managed centrally.
  • Core networking services in each office must be redundant if a server fails.
  • The possibility of IP address conflicts during the DHCP migration must be minimized.
  • A central log of the IP address leases and the users associated to those leases must be created.
  • All of the client computers must be able to resolve internal names and internet names.
  • Administrators in the Paris office need to deploy a series of desktop restrictions to the entire company by using Group Policy.
  • The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users' credentials must be passed from the web applications to the SQL Server.

Question: 1

You implement and authorize the new DHCP servers. You import the server configurations and the scope configurations from PA1 and AM1.

You need to ensure that clients can obtain DHCP address assignments after you shut down PA1 and AM1. The solution must meet the technical requirements.

What should you do?

A. Run the Get-DhcpServerv4Lease cmdlet and the Remove-DhcpServerv4Lease cmdlet. Run the Windows Server Migration Tools.

B.Run the Get-DhcpServerv4Lease cmdlet and the Add-DhcpServerv4Lease cmdlet. Activate the scopes.

C.Run the Get-DhcpServerv4FreeIPAddress cmdlet and the Invoke-DhcpServerv4FailoverReplication cmdlet. Run the Windows Server Migration Tools.

D.Run the Get-DhcpServerv4FreeIPAddress cmdlet and the Invoke-DhcpServerv4FailoverReplication cmdlet Activate the scopes.

Answer: B

The Get-DhcpServerv4Lease cmdlet gets one or more lease records from the Dynamic Host Configuration Protocol (DHCP) server service.

The Add-DhcpServerv4Lease cmdlet adds a new IPv4 address lease on the Dynamic Host Configuration Protocol (DHCP) server service. This cmdlet is only supported for DHCP server service running on Windows Server® 2012.

Question: 2

You need to recommend a management solution for the GPOs. The solution must meet the technical requirements. What should you include in the recommendation?

A. Microsoft Baseline Security Analyzer (MBSA)

B.Microsoft Desktop Optimization Pack (MDOP)

C.Microsoft System Center 2012 Operations Manager

D.Microsoft System Center 2012 Data Protection Manager (DPM)

Answer: B

Explanation:

  • Scenario:

/ All changes to Group Policies must be logged.

/ Administrators in the Paris office need to deploy a series of desktop restrictions to the entire company by using Group Policy.

  • Microsoft Desktop Optimization Pack

Windows Vista Enterprise helps global organizations and enterprises with complex IT infrastructures lower IT costs, reduce risk, and stay connected. The Microsoft Desktop

Optimization Pack for Software Assurance further extends this value by reducing application deployment costs, enabling delivery of applications as services, and allowing for better management and control of enterprise desktop environments. Together these technologies deliver a highly cost-effective and flexible Windows desktop management solution.

What is the Microsoft Desktop Optimization Pack?

The Microsoft Desktop Optimization Pack (MDOP) for Software Assurance is an add-on subscription license available to Software Assurance customers. It uses innovative technologies to help reduce the total cost of ownership (TCO) of the Windows desktop by accelerating operating system and application management and enhancing IT responsiveness and end-user uptime. It will enable you to better control the desktop, accelerate and simplify desktop deployments and management, and create a dynamic infrastructure by turning software into centrally managed services.

MDOP facilitates accelerated deployment and manageability of Windows through these innovative technologies— available only to Windows Software Assurance customers.

Reference: Microsoft Desktop Optimization Pack

URL: http://technet.microsoft.com/en-us/library/cc507880.aspx

Question: 3

You are planning the decommissioning of research.contoso.com.

You need to ensure that an administrator named Admin5 in the research department can manage the user accounts that are migrated to contoso.com. The solution must minimize the number of permissions assigned to Admin5.

What should you do before you migrate the user accounts?

A. Run the New-Object cmdlet, and then run the Add-ADPrincipalGroupMembershipcmdlet.

B.Create a new organizational unit (OU), and then add Admin5 to the Account Operators group.

C.Create a new organizational unit (OU), and then run the Delegation of Control Wizard.

D.Run the New-Object cmdlet, and then run the Add-ADCentralAccessPolicyMembercmdlet.

Answer: C

Explanation:

  • Scenario: Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.

Reference: Delegation of Control Wizard

http://technet.microsoft.com/en-us/library/dd145344.aspx

Question: 4

You need to recommend changes to the DNS environment that support the implementation of the sales.contoso.com domain. The solution must ensure that the users in all of the domains can resolve both Internet names and the names of the servers in all of the internal domains.

What should you recommend?

A. On the DNS servers in contoso.com, configure a reverse lookup zone. On the DNS servers in sales.contoso.com, configure a conditional forwarder to contoso.com.

B.On the DNS servers in contoso.com, add a conditional forwarder to the sales.contoso.com zone. On the DNS servers in sales.contoso.com, add a forwarder to the DNS servers of the company's ISP.

C.On the DNS servers in contoso.com, create a zone delegation in the contoso.com zone. On the DNS servers in sales.contoso.com, add a forwarder to the contoso.com DNS servers.

D.On the DNS servers in contoso.com, configure a conditional forwarder to sales.contoso.com. On the DNS servers in sales.contoso.com, configure a reverse zone.

Answer: C

Scenario: The client computers in sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.

Question: 5

You are evaluating the implementation of data deduplication on the planned Windows Server 2012 file servers.

The planned servers will have the identical disk configurations as the current servers.

You need to identify which volumes can be enabled for data deduplication.

Which volumes should you identify? (Each correct answer presents part of the solution. Choose all that apply.)

A. C

B.D

C.E

D. The CSV

E.DATA

Answer: C, E

Explanation:

  • Scenario:

A mounted virtual hard disk (VHD) named DATA that is formatted NTFS

A simple volume named E that is formatted NTFS

  • Note: Data Deduplication feature doesn't do everything in this version. It is only available in certain Windows Server 2012 editions and has some limitations. Deduplication was built for NTFS data volumes and it does not support boot or system drives and cannot be used with

Cluster Shared Volumes (CSV). We don't support deduplicating live VMs or running SQL databases. See how to determine which volumes are candidates for deduplication on Technet.

Incorrect:

Not A: Volume C is a boot volume. Data deduplication does not work on boot volumes.

Not B: Volume B is FAT32 volume. Data deduplication requires NTFS.

Not D: Deduplication cannot be used with CSV.

Question: 6

You are planning the implementation of two new servers that will be configured as RADIUS servers.

You need to recommend which configuration must be performed on the VPN servers. The solution must meet the technical requirements.

What should you do on each VPN server?

A. Add a RADIUS client.

B.Install the Health Registration Authority role service.

C.Enable DirectAccess.

D.Modify the authentication provider.

Answer: D

Explanation:

  • Implement RADIUS authentication for VPN connections.
  • The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users' credentials must be passed from the web applications to the SQL Server.

Question: 7

You need to recommend which changes must be implemented to the network before you can deploy the new web application.

What should you include in the recommendation?

A. Change the forest functional level to Windows Server 2008 R2.

B.Upgrade the DNS servers to Windows Server 2012.

C.Change the functional level of both the domains to Windows Server 2008 R2.

D.Upgrade the domain controllers to Windows Server 2012.

Answer: D

Explanation:

The web application is in the sales.contoso.com domain, which will have Windows Server 2012 Domain controllers. We should therefore upgrade the other domain controller to Windows Server 2012.

Scenario:

  • The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users' credentials must be passed from the web applications to the SQL Server.
  • Planned changes include: create a child domain named sales.contoso.com. Only the domain controllers in sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012.

Question: 8

You need to recommend a fault-tolerant solution for the VPN. The solution must meet the technical requirements.

What should you include in the recommendation?

A. Network adapter teaming

B.Network Load Balancing (NLB)

C.Failover Clustering

D.DirectAccess

Answer: B

Explanation:

  • Scenario: Core networking services in each office must be redundant if a server fails.
  • The Network Load Balancing (NLB) feature distributes traffic across several servers by using the TCP/IP networking protocol. By combining two or more computers that are running applications into a single virtual cluster, NLB provides reliability and performance for web servers and other mission-critical servers.

Reference: Network Load Balancing Overview

http://technet.microsoft.com/en-us/library/hh831698.aspx

Question: 9

You are planning the migration of research.contoso.com.

You need to identify which tools must be used to perform the migration.

Which tools should you identify?

A. Active Directory Migration Tool version 3.2 (ADMT v3.2) and Group Policy Management

Console (GPMC)

B. Active Directory Federation Services (AD FS) and Microsoft Federation Gateway

C. Active Directory Migration Tool version 3.2 (ADMT v3.2) and Active Directory Federation

Services (AD FS)

D. Active Directory Lightweight Directory Services (AD LDS) and Group Policy Management

Console (GPMC)

Answer: A

Explanation:

  • Scenario:

All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.

two domain controllers for the research.contoso.com domain. The domain controllers run Windows Server 2008 R2.

Question: 10

You need to recommend a solution for DHCP logging. The solution must meet the technical requirement.

What should you include in the recommendation?

A. Event subscriptions

B. IP Address Management (IPAM)

C. DHCP audit logging

D. DHCP filtering

Answer: B

  • Scenario: A central log of the IP address leases and the users associated to those leases must be created.
  • Feature description

IPAM in Windows Server 2012 is a new built-in framework for discovering, monitoring, auditing, and managing the IP address space used on a corporate network. IPAM provides for administration and monitoring of servers running Dynamic Host Configuration Protocol (DHCP) and Domain Name Service (DNS). IPAM includes components for:

  • Automatic IP address infrastructure discover)': IPAM discovers domain controllers, DHCP servers, and DNS servers in the domains you choose. You can enable or disable management of these servers by IPAM.
  • Custom IP address space display, reporting, and management: The display of IP addresses is highly customizable and detailed tracking and utilization data is available. IPv4 and IPv6 address space is organized into IP address blocks, IP address ranges, and individual IP addresses. IP addresses are assigned built-in or user-defined fields that can be used to further organize IP address space into hierarchical, logical groups.
  • Audit of server configuration changes and tracking of IP address usage: Operational events are displayed for the IPAM server and managed DHCP servers. IPAM also enables IP address tracking using DHCP lease events and user logon events collected from Network Policy Server (NPS), domain controllers, and DHCP servers. Tracking is available by IP address, client ID, host name, or user name.
  • Monitoring and management of DHCP and DNS services: IPAM enables automated service availability monitoring for Microsoft DHCP and DNS servers across the forest. DNS zone health is displayed, and detailed DHCP server and scope management is available using the IPAM console.

Reference: IP Address Management (IPAM) Overview

Test Information:

Total Questions: 245

Test Number: 70-413

Vendor Name: Microsoft

Cert Name: MCSE

Test Name: Designing and Implementing a Server Infrastructure

Official Site: https://www.certschief.com/

For More Details: https://www.certschief.com/exam/70-413/