♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-980 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-980 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-980-exam-dumps.html
Q81. - (Topic 10)
Your company has an office in New York.
Many users connect to the office from home by using the Internet.
You deploy an Active Directory Certificate Services (AD CS) infrastructure that contains an enterprise certification authority (CA) named CA1. CA1 is only available from hosts on the internal network.
You need to ensure that the certificate revocation list (CRL) is available to all of the users.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
A. Create a scheduled task that copies the CRL files to a Web server.
B. Run the Install-ADCSWebEnrollment cmdlet.
C. Run the Install-EnrollmentPolicyWebService cmdlet.
D. Deploy a Web server that is accessible from the Internet and the internal network.
E. Modify the location of the Authority Information Access (AIA).
F. Modify the location of the CRL distribution point (CDP).
Answer: A,D,F
Explanation:
CRLs will be located on Web servers which are Internet facing.
CRLs will be accessed using the HTTP retrieval protocol.
CRLs will be accessed using an external URL of http://dp1.pki.contoso.com/pki
F: To successfully authenticate an Internet Protocol over Secure Hypertext Transfer Protocol (IP-HTTPS)-based connection, DirectAccess clients must be able to check for certificate revocation of the secure sockets layer (SSL) certificate submitted by the DirectAccess server. To successfully perform intranet detection, DirectAccess clients must be able to check for certificate revocation of the SSL certificate submitted by the network
location server. This procedure describes how to do the following:
Create a Web-based certificate revocation list (CRL) distribution point using Internet
Information Services (IIS)
Configure permissions on the CRL distribution shared folder
Publish the CRL in the CRL distribution shared folder
Reference: Configure a CRL Distribution Point for Certificates
Q82. DRAG DROP - (Topic 2)
You need to recommend the VPN protocols for Proseware.
What should you recommend? To answer, drag the appropriate VPN protocols to the correct offices. Each protocol may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content,
Answer:
Q83. DRAG DROP - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2008 R2. Server1 is a file server.
You deploy a new member server named Server2 that runs Windows Server 2012.
You plan to migrate file shares from Server1 to Server2. File share and NTFS permissions
are assigned only to domain local groups.
You need to identify which actions are required to perform the migration.
Which five actions should you identify?
To answer, move the five appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q84. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable force tunneling. Does this meet the goal?
A. Yes
B. No
Answer: A
Q85. - (Topic 9)
Your company has a main office that contains several servers and several users. The main
office contains a file server named Server1 that runs Windows Server 2012.
The users access a large report file that is created on Server1 each day.
The company plans to open a new branch office. The branch office will contain only client computers.
You need to implement a solution to reduce the amount of bandwidth used by the client computers in the branch office to download the report each day.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Install the BranchCache for network files role service on Server1. Configure the client computers to use BranchCache in hosted cache mode.
B. Configure the offline settings of the shared folder that contains the report.
C. Install the BranchCache for network files role service on Server1. Configure the client computers to use Branchcache in distributed mode.
D. Enable the Background Intelligent Transfer Service (BITS) feature on Server1 and on each client computer in the branch office. Move the report to a web folder.
Answer: C
Explanation:
http://technet.microsoft.com/library/ee649232(WS.10).aspx Distributed cache mode. In this mode, branch office client computers download content from the content servers in the main office and then cache the content for other computers in the same branch office. Distributed cache mode does not require a server computer in the branch office.
Q86. - (Topic 2)
You need to recommend a trust model.
What should you include in the recommendation?
A. A one-way, forest trust that has selective authentication.
B. A one-way, external trust
C. A two-way, external trust
D. A one-way, forest trust that has domain-wide authentication.
Answer: A
Explanation:
From case study:
Users in the Montreal office must only be allowed to access shares that are located on
File01 and File02. The Montreal users must be prevented from accessing any other servers
in the proseware.com forest regardless of the permissions on the resources.
Q87. - (Topic 8)
You are evaluating the deployment of a multi-site Hyper-V failover cluster in the Miami office and the Seattle office to host App2.
You need to identify which changes must be made to support the use of the multi-site cluster.
Which changes should you identify?
A. Configure all of the virtual machines to use dynamic memory. Implement Distributed File System (DFS) Replication and store the virtual machine files in a replicated folder.
B. Implement Distributed File System (DFS) Replication and store the virtual machine files in a replicated folder. Upgrade the WAN link between the Miami and Seattle offices.
C. Purchase a storage solution that replicates the virtual machines. Configure all of the virtual machines to use dynamic memory.
D. Upgrade the WAN link between the Miami and Seattle offices. Purchase a storage solution that replicates the virtual machines.
Answer: C
Q88. - (Topic 9)
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
The domain contains two global groups. The groups are configured as shown in the following table.
You need to ensure that the RODC is configured to meet the following requirements:
. Cache passwords for all of the members of Branch1Users.
. Prevent the caching of passwords for the members of Helpdesk.
What should you do?
A. Modify the membership of the Denied RODC Password Replication group.
B. Install the BranchCache feature on RODC1.
C. Modify the delegation settings of RODC1.
D. Create a Password Settings object (PSO) for the Helpdesk group.
Answer: A
Q89. - (Topic 3)
You need to recommend a solution that meets the security requirements.
Which schema attribute properties should you recommend modifying?
A. isIndexed
B. searchFlags
C. isCriticalSystemObject
D. schemaFlagsEx
Answer: B
Explanation:
D:Documents and SettingsuseralboDesktop1.jpg
Applies To: Windows Server 2008, Windows Server 2012 This topic includes procedures for adding an attribute to the filtered attribute set (FAS) for a readonly domain controller (RODC) and marking the attribute as confidential data. You can perform these procedures to exclude specific data from replicating to RODCs in the forest. Because the data is not replicated to any RODCs, you can be assured that the data will not be revealed to an attacker who manages to successfully compromise an RODC. In most cases, adding an attribute to the RODC FAS is completed by the developer of the application that added the attribute to the schema.
. Determine and then modify the current searchFlags value of an attribute
. Verify that an attribute is added to the RODC FAS
-Determine and then modify the current searchFlags value of an attribute To add an attribute to an RODC FAS, you must first determine the current searchFlags value of the attribute that you want to add, and then set the following values for searchflags:
. To add the attribute to the RODC FAS, set the 10th bit to 0x200.
. To mark the attribute as confidential, set the 7th bit to 0x080. http://technet.microsoft.com/en-us/library/cc754794(v=ws.10).aspx
Q90. - (Topic 3)
You need to recommend an IPAM management solution for the Operators groups. The solution must meet the technical requirements.
What should you include in the recommendation?
A. Run the Invoke-IpamGpoProvisioningcmdlet in all three domains. Add the computers used by the members of the Operators group to the IPAM server.
B. Modify the membership of the IPAM Administrators group and the WinRMRemoteWMIUsers_ group on the IPAM server.
C. Run the Set-IpamConfigurationcmdlet and modify the membership of the WinRMRemoteWMRJsers_ group on the IPAM server.
D. Run the Set-IpamConfigurationcmdlet on the IPAM server. Run the Invoke-IpamGpoProvisioningcmdlet in all three domains.
Answer: B
Explanation:
D:Documents and SettingsuseralboDesktop1.jpg