Your success in Microsoft 70 413 pdf is our sole target and we develop all our 70 413 exam braindumps in a way that facilitates the attainment of this target. Not only is our 70 413 pdf study material the best you can find, it is also the most detailed and the most updated. microsoft 70 413 Practice Exams for Microsoft Windows Server microsoft 70 413 are written to the highest standards of technical accuracy.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-413 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-413 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-413-exam-dumps.html
Q21. - (Topic 3)
You need to recommend a solution that meets the security requirements.
Which schema attribute properties should you recommend modifying?
A. isIndexed
B. searchFlags
C. isCriticalSystemObject
D. schemaFlagsEx
Answer: B
Explanation:
* Scenario: ). Confidential attributes must not be replicated to the Chicago office.
* Applies To: Windows Server 2008, Windows Server 2012 This topic includes procedures for adding an attribute to the filtered attribute set (FAS) for a readonly domain controller (RODC) and marking the attribute as confidential data. You can perform these procedures to exclude specific data from replicating to RODCs in the forest. Because the data is not replicated to any RODCs, you can be assured that the data will not be revealed to an attacker who manages to successfully compromise an RODC. In most cases, adding an attribute to the RODC FAS is completed by the developer of the application that added the attribute to the schema.
. Determine and then modify the current searchFlags value of an attribute
. Verify that an attribute is added to the RODC FAS -Determine and then modify the current searchFlags value of an attribute To add an attribute to an RODC FAS, you must first determine the current searchFlags value of the attribute that you want to add, and then set the following values for searchflags:
. To add the attribute to the RODC FAS, set the 10th bit to 0x200.
. To mark the attribute as confidential, set the 7th bit to 0x080.
Reference: Adding Attributes to the RODC Filtered Attribute Set
http://technet.microsoft.com/en-us/library/cc754794(v=ws.10).aspx
Q22. - (Topic 8)
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
. The servers that run applications and services that can be moved to Windows
Server 2012 R2
. The servers that have hardware that can run Windows Server 2012 R2
. The servers that are suitable to be converted to virtual machines hosted on Hyper-
V hosts that run Windows Server 2012 R2
Solution: You install Windows Server 2012 R2 on a new server, and then you run Microsoft Deployment Toolkit (MDT) 2012.
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation: Microsoft Deployment Toolkit (MDT) 2013 allows you to automate the deployment of computers in your organization, but it does not include reporting.
Q23. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Windows Server 2008 R2 or Windows Server 2012.
All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.
All client computers receive IP addresses by using DHCP.
You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:
Verify whether the client computers have up-to-date antivirus software.
Provides a warning to users who have virus definitions that are out-of-date.
Ensure that client computers that have out-of-date virus definitions can connect to the network.
Which NAP enforcement method should you recommend?
A. DHCP
B. IPSec
C. VPN
D. 802.1x
Answer: A
Explanation:
NAP enforcement for DHCP DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS). Using DHCP enforcement, DHCP servers and NPS can enforce health policy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective.
Note: The NAP health policy server can use a health requirement server to validate the health state of the NAP client or to determine the current version of software or updates that need to be installed on the NAP client.
Reference: NAP Enforcement for DHCP
http://technet.microsoft.com/en-us/library/cc733020(v=ws.10).aspx
Q24. - (Topic 7)
You need to generate the required report
Which tool should you use?
A. Microsoft Deployment Toolkit (MDT)
B. Microsoft Desktop Optimization Pack (MDOP)
C. Microsoft Assessment and Planning Toolkit (MAP)
D. Application Compatibility Toolkit (ACT)
Answer: C
Explanation:
Scenario: Consolidation reports The company requires a report that describes the impact of consolidation. The report must provide the following information:
.An inventory of the existing physical server environment
.Visual charts that show the reduction of physical servers
Reference: Microsoft Assessment and Planning (MAP) Toolkit for Hyper-V
Q25. DRAG DROP - (Topic 8)
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com.
You plan to decommission the fabrikam.com domain.
You need to perform the following migration tasks:
. Copy user accounts from the fabrikam.com domain to the contoso.com domain.
. Move the client computers from fabrikam.com to contoso.com.
The solution must ensure that all of the user profiles are associated to the migrated user accounts.
Which tool should you use to perform each task?
To answer, drag the appropriate tool to the correct migration task in the answer area. Each tool may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
Q26. - (Topic 3)
You need to implement the technical requirements for the boston.litwareinc.com domain.
Which tools should you use?
A. Gpfixup and Gpupdate
B. Rendom and Gpfixup
C. Gpupdate and Dcgpofix
D. Adprep and Rendom
Answer: B
Explanation:
Minimize the amount of administrative effort whenever possible Rename boston.litwareinc.com domain to bos.litwareinc.com
* Rendom.exe is a command-line tool that is used to rename Active Directory domains.
Reference: Rendom
Q27. - (Topic 8)
A company has a single-forest and single Active Directory Domain Services (AD DS) domain named Fabrikam.com that runs Windows 2012 Server. The AD DS forest functional level and the domain functional level are both set to Windows 2008 R2. You use IP Address Management (IPAM) as the IP management solution. You have two DHCP Servers named DHCP1 and DHCP2, and one IPAM server named IPAM1.
The company plans to acquire a company named Contoso, Ltd., which has a single-forest and single-domain AD DS named contoso.com. The forest functional level and domain functional level of Contoso.com is set to Windows 2008. All servers at Contoso run Windows Server 2008. The IP management solution at Contoso is based on a single DHCP server named SERVER3.
The total number of users in both companies will be 5000.
You have the following requirements:
. The solution must be able to allocate up to three IP addresses per user.
. All IP address leases must be renewed every two days. You need to ensure that the corresponding servers will have enough capacity to store six years of IP utilization data and eight months of event catalog data.
What should you recommend?
A. Add at least 20 GB of storage to the IPAM server.
B. Migrate Contoso.com to Fabrikam.com.
C. Establish a forest trust between Contoso.com and Fabrikam.com.
D. Upgrade SERVER3 to Windows Server 2012.
Answer: D
Q28. DRAG DROP - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 resides in the perimeter network and has the Remote Access server role installed.
Some users have laptop computers that run Windows 7 and are joined to the domain. Some users work from home by using their home computers. The home computers run either Windows XP, Windows Vista/ Windows 7, or Windows 8.
You need to configure the computers for remote access.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q29. - (Topic 8)
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The main office contains domain controllers that run Windows Server 2012. The branch office contains a read-only domain controller (RODC) that runs Windows Server 2012.
You need to recommend a solution to control which Active Directory attributes are replicated to the RODC.
What should you include in the recommendation?
A. The partial attribute set
B. The filtered attribute set
C. Application directory partitions
D. Constrained delegation
Answer: B
Explanation: RODC filtered attribute set
Some applications that use AD DS as a data store might have credential-like data (such as passwords, credentials, or encryption keys) that you do not want to be stored on an RODC in case the RODC is compromised. For these types of applications, you can dynamically configure a set of attributes in the schema for domain objects that will not replicate to an RODC. This set of attributes is called the RODC filtered attribute set. Attributes that are defined in the RODC filtered attribute set are not allowed to replicate to any RODCs in the forest.
Reference: AD DS: Read-Only Domain Controllers
Q30. - (Topic 8)
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
The domain contains two global groups. The groups are configured as shown in the following table.
You need to ensure that the RODC is configured to meet the following requirements:
. Cache passwords for all of the members of Branch1Users.
. Prevent the caching of passwords for the members of Helpdesk.
What should you do?
A. Modify the membership of the Denied RODC Password Replication group.
B. Install the BranchCache feature on RODC1.
C. Modify the delegation settings of RODC1.
D. Create a Password Settings object (PSO) for the Helpdesk group.
Answer: A
Explanation: Password Replication Policy Allowed and Denied lists
Two new built-in groups are introduced in Windows Server 2008 Active Directory domains to support RODC operations. These are the Allowed RODC Password Replication Group and Denied RODC Password Replication Group. These groups help implement a default Allowed List and Denied List for the RODC Password Replication Policy. By default, the two groups are respectively added to the msDS-RevealOnDemandGroup and msDS-NeverRevealGroup Active Directory attributes.
Reference: Password Replication Policy
