2015 Microsoft Official New Released 70-413 Practice Exam Questions and Answers Free Sample Dumps Provided By Braindump2go! All Exams One Time Pass 100% Guaranteed!

Vendor: Microsoft
Exam Code: 70-413
Exam Name: Designing and Implementing a Server Infrastructure

1[10]

QUESTION 16
You need to recommend changes to the DNS environment that support the implementation of the sales. contoso.com domain.
The solution must ensure that the users in all of the domains can resolve both Internet names and the names of the servers in all of the internal domains.
What should you recommend?

A.    On the DNS servers in contoso.com, create a zone delegation in the contoso.com zone.
On the DNS servers in sales.contoso.com, add a forwarder to the contoso.com DNS servers.
B.    On the DNS servers in contoso.com, configure a reverse lookup zone.
On the DNS servers in sales.contoso.com, configure a conditional forwarder to contoso.com.
C.    On the DNS servers in contoso.com, configure a conditional forwarder to sales.contoso.com.
On the DNS servers in sales.contoso.com, configure a reverse zone.
D.    On the DNS servers in contoso.com, add a conditional forwarder to the sales.contoso.com
zone.
E.    On the DNS servers in sales.contoso.com, add a forwarder to the DNS servers of the
company’s ISP.

Answer: A
Explanation:

wps2E62.tmp_thumb

QUESTION 17
You are planning the implementation of two new servers that will be configured as RADIUS servers.
You need to recommend which configuration must be performed on the VPN servers.
The solution must meet the technical requirements.
What should you do on each VPN server?

A.    Install the Health Registration Authority role service.
B.    Add a RADIUS client.
C.    Enable DirectAccess.
D.    Modify the authentication provider.

Answer: D
Explanation:

wps4D77.tmp_thumb

QUESTION 18
After the planned upgrade to Windows Server 2012, you restore a user account from the Active Directory Recycle Bin.
You need to replicate the restored user account as quickly as possible.
Which cmdlets should you run?

A.    Get-ADReplicationSite and Set-ADReplicationConnection
B.    Get-ADReplicationAttributeMetadata and Compare-Object
C.    Get-ADReplicationUpToDatenessVectorTable and Set-ADReplicationSite
D.    Get ADDomainController and Sync-ADObject

Answer: D
Explanation:

wps785F.tmp_thumb

The Get-ADDomainController cmdlet gets the domain controllers specified by the parameters.
You can get domain controllers by setting the Identity, Filter or Discover parameters. The Identity parameter specifies the domain controller to get. You can identify a domain controller by its GUID, IPV4Address, global IPV6Address, or DNS host name. You can also identify a domain controller by the name of the server object that represents the domain controller, the Distinguished Name (DN) of the NTDS settings object or the server object, the GUID of the NTDS settings object or the server object under the configuration partition, or the DN of the computer object that represents the domain controller. You can also set the Identity parameter to a domain controller object variable, such as $<localDomainControllerObject>, or pass a domain controller object through the pipeline to the Identity parameter.
To search for and retrieve more than one domain controller, use the Filter parameter. The Filter parameter uses the PowerShell Expression Language to write query strings for Active Directory.
PowerShell Expression Language syntax provides rich type conversion support for value types received by the Filter parameter. For more information about the Filter parameter syntax, see
about_ActiveDirectory_Filter. You cannot use an LDAP query string with this cmdlet. To get a domain controller by using the discover mechanism of DCLocator, use the Discover parameter. You can provide search criteria by setting parameters such as Service, SiteName,
DomainName, NextClosestSite, AvoidSelf, and ForceDiscover.
http://technet.microsoft.com/en-us/library/hh852293.aspx
Detailed Description
The Sync-ADObject cmdlet replicates a single object between any two domain controllers that have partitions in common. The two domain controllers do not need to be direct replication partners. It can also be used to populate passwords in a read-only domain controller (RODC) cache.
http://technet.microsoft.com/en-us/library/hh852296.aspx

QUESTION 19
You implement a new virtualized print server that runs Windows Server 2012.
You need to migrate the print queues.
Which tool should you use?

A.    Windows Server Migration Tools
B.    Active Directory Migration Tool (ADMT)
C.    Print Management
D.    Computer Management

Answer: C
Explanation:

wpsB0BE.tmp_thumb

To manage the migration process, use one of the following:
– The Printer Migration Wizard, which you access through Print Management, a snap-in in
– Microsoft Management Console (MMC).
– The Printbrm.exe command-line tool.
You can perform the migration locally or remotely, and from either a client computer or server.
Important
As a best practice, run the Printer Migration Wizard or Printbrm.exe from a computer running
Windows Server 2012
http://technet.microsoft.com/en-us/library/jj134150.aspx

QUESTION 20
You need to recommend a fault-tolerant solution for the VPN.
The solution must meet the technical requirements.
What should you include in the recommendation?

A.    DirectAccess
B.    Failover Clustering
C.    Network adapter teaming
D.    Network Load Balancing (NLB)

Answer: D
Explanation:

http://technet.microsoft.com/en-us/library/hh831698.aspx

QUESTION 21
You are planning the decommissioning of research.contoso.com.
You need to ensure that an administrator named Admin5 in the research department can manage the user accounts that are migrated to contoso. com.
The solution must minimize the number of permissions assigned to Admin5.
What should you do before you migrate the user accounts?

A.    Run the New-Object cmdlet, and then run the Add-ADCentralAccessPolicyMember cmdlet.
B.    Create a new organizational unit (OU), and then add Admin5 to the Account Operators group.
C.    Run the New-Object cmdlet, and then run the Add-ADPrincipalGroupMembership cmdlet.
D.    Create a new organizational unit (OU), and then run the Delegation of Control Wizard.

Answer: D
Explanation:

wps4CA1.tmp_thumb

http://technet.microsoft.com/en-us/library/dd145344.aspx

QUESTION 22
You implement and authorize the new DHCP servers.
You import the server configurations and the scope configurations from PA1 and AM1.
You need to ensure that clients can obtain DHCP address assignments after you shut down PA1 and AM1.
The solution must meet the technical requirements.
What should you do?

A.    Run the Get-DhcpServerv4Lease cmdlet and the Remove-DhcpServerv4Lease cmdlet.
Run the Windows Server Migration Tools.
B.    Run the Get-DhcpServerv4Lease cmdlet and the Add-DhcpServerv4Lease cmdlet.
Activate the scopes.
C.    Run the Get-DhcpServerv4FreeIPAddress cmdlet and the
Invoke-DhcpServerv4FailoverReplication cmdlet.
Run the Windows Server Migration Tools.
D.    Run the Get-DhcpServerv4FreeIPAddress cmdlet and the
Invoke-DhcpServerv4FailoverReplication cmdlet.
Activate the scopes.

Answer: B

Case Study 3 – Litware, Inc (Question 23 – Question 34)
Overview
Litware, Inc. is a manufacturing company. The company has a main office and two branch offices. The main office is located in Seattle. The branch offices are located in Los Angeles and Boston.
Existing Environment
Active Directory
The network contains an Active Directory forest named litwareinc.com. The forest contains a child domain for each office. The child domains are named boston.litwareinc.com and la.litwareinc.com. An Active Directory site exists for each office. In each domain, all of the client computer accounts reside in an organizational unit (OU) named AllComputers and all of the user accounts reside in an OU named AllUsers. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers. The functional level of the domain and the forest is Windows Server 2008.
Network Infrastructure
The main office has the following servers:
– Five physical Hyper-V hosts that run Windows Server 2012
– Three virtual file servers that run Windows Server 2008 R2
– One physical DHCP server that runs Windows Server 2008 R2
– Ten physical application servers that run Windows Server 2012
– One virtual IP Address Management (IPAM) server that runs Windows Server 2012
– One virtual Windows Server Update Services (WSUS) server that runs Windows Server 2008 R2
– One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
Each branch office has following servers:
– One virtual file server that runs Windows Server 2008 R2
– Two physical Hyper-V hosts that run Windows Server 2012
– One physical DHCP server that runs Windows Server 2008 R2
– One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
All of the offices have a high-speed connection to the Internet.
The offices connect to each other by using T1 leased lines.
The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.
Requirements
Planned Changes
The company plans to implement the following changes:
– Implement the Active Directory Recycle Bin.
– Implement Network Access Protection (NAP).
– Implement Folder Redirection in the Boston office only.
– Deploy an application named App1 to all of the users in the Boston office only.
– Migrate to IPv6 addressing on all of the servers in the Los Angeles office. Some application servers in the Los Angeles office will have only IPv6 addresses.
Technical Requirements
The company identifies the following technical requirements:
– Minimize the amount of administrative effort whenever possible.
– Ensure that NAP with IPSec enforcement can be configured.
– Rename boston.litwareinc.com domain to bos.htwareinc.com.
– Migrate the DHCP servers from the physical servers to a virtual server that runs Windows Server 2012.
– Ensure that the members of the Operators groups in all three domains can manage the IPAM server from their client computer.
VPN Requirements
You plan to implement a third-party VPN server in each office. The VPN servers will be configured as RADIUS clients. A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.
Visualization Requirements
The company identifies the following virtualization requirements:
– Virtualize the application servers.
– Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
– Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource usage of the Hyper-V hosts.
Server Deployment Requirements
The company identifies the following requirements for the deployment of new servers on the network:
– Deploy the new servers over the network.
– Ensure that all of the server deployments are done by using multicast.
Security Requirements
A new branch office will open in Chicago. The new branch office will have a single read-only domain controller (RODC). Confidential attributes must not be replicated to the Chicago office.

QUESTION 23
You need to recommend a server deployment strategy for the main office that meets the server deployment requirements.
What should you recommend installing in the main office?

A.    Windows Deployment Services (WDS)
B.    The Windows Automated Installation Kit (Windows AIK)
C.    The Express Deployment Tool (EDT)
D.    The Windows Assessment and Deployment Kit (Windows ADK)

Answer: A

QUESTION 24
You need to implement the technical requirements for the boston.litwareinc.com domain.
Which tools should you use?

A.    Gpfixup and Gpupdate
B.    Rendom and Gpfixup
C.    Gpupdate and Dcgpofix
D.    Adprep and Rendom

Answer: B
Explanation:

wps7B11.tmp_thumb

http://technet.microsoft.com/en-us/library/cc732097(v=ws.10).aspx

QUESTION 25
You need to recommend a server virtualization strategy that meets the technical requirements and the virtualization requirements.
What should you include in the recommendation?

A.    Windows Server Backup
B.    The Microsoft Virtual Machine Converter
C.    Microsoft System Center 2012 Virtual Machine Manager (VMM)
D.    Disk2vhd

Answer: C
Explanation:

wpsA9C0.tmp_thumb

System Center Virtual Machine Manager 2012: VMM…
System Center Virtual Machine Manager 2012: VMM Gets Major Upgrade
Expanded hypervisor support, virtual application support and a myriad of other upgrades are coming in the new VMM 2012.
Paul Schnackenburg
There’s no doubt that Microsoft is making System Center Virtual Machine Manager (VMM) a key component of the System Center suite. The scope of the product is being expanded so much that it could be renamed “System Center Virtual Datacenter Manager.” The new version of VMM is currently in beta and is scheduled for release in the second half of 2011.
VMM can now do bare-metal installations on fresh hardware, create Hyper-V clusters instead of just managing them, and communicate directly with your SAN arrays to provision storage for your virtual machines (VMs). The list of supported hypervisors has also arown – it includes not only Hyper-V and VMware vSphere Hvpervisor, but
http://technet.microsoft.com/en-gb/magazine/hh300651.aspx

QUESTION 26
You need to recommend a remote access solution that meets the VPN requirements.
Which role service should you include in the recommendation?

A.    Routing
B.    Network Policy Server
C.    DirectAccess and VPN (RAS)
D.    Host Credential Authorization Protocol

Answer: B
Explanation:

wpsC858.tmp_thumb

Updated: March 29, 2012
Applies To: Windows Server 2008 R2, Windows Server 2012
Network Policy Server
Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for client health, connection request authentication, and connection request authorization. In addition, you can use NPS as a Remote Authentication Dial-In User Service (RADIUS) proxy to forward connection requests to a server running NPS or other RADIUS servers that you configure in remote RADIUS server groups.
NPS allows you to centrally configure and manage network access authentication, authorization, are client health policies with the following three features: RADIUS server.
NPS performs centralized authorization, authorization, and accounting for wireless, authenticating switch, remote access dial-up and virtual private network (VNP) connections. When you use NPS as a RADIUS server, you configure network access servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. You also configure network policies that NPS uses to authorize connection requests, and you can configure RADIUS accounting so that NPS logs accounting information to log files on the local hard disk or in a Microsoft SQL Server database. For more information, see RADIUS Server.
http://technet.microsoft.com/en-us/library/cc732912.aspx

QUESTION 27
You need to recommend changes to the Active Directory site topology to support on the company’s planned changes.
What should you include in the recommendation?

A.    A new site link bridge
B.    A new subnet
C.    A new site link
D.    A new site

Answer: B
Explanation:

wpsE7FA.tmp_thumb

Sites overview
Sites in AD DS represent the physical structure, or topology, of your network. AD DS uses network topology information, which is stored in the directory as site, subnet, and site link objects, to build the most efficient replication topology. The replication topology itself consists of the set of connection objects that enable inbound replication from a source domain controller to the destination domain controller that stores the connection object.
The Knowledge Consistency Checker (KCC) creates these connection objects automatically on each domain controller.
http://technet.microsoft.com/en-us/library/cc754697.aspx

QUESTION 28
You need to recommend an IPAM management solution for the Operators groups.
The solution must meet the technical requirements.
What should you include in the recommendation?

A.    Run the Invoke IpamGpoProvisioning cmdlet in all three domains.
Add the computers used by the members of the Operators group to the IPAM server.
B.    Modify the membership of the IPAM Administrators group and the
WinRMRemoteWMIUsers_group on the IPAM server.
C.    Run the Set-IpamConfiguration cmdlet on the IPAM server.
Run the Invoke-IpamGpoProvisioning cmdlet in all three domains.
D.    Run the Set-IpamConfiguration cmdlet and modify the membership of the
WinRMRemoteWMIUsers_group on the IPAM server.

Answer: B
Explanation:

wps50C.tmp_thumb

QUESTION 29
You need to recommend a migration strategy for the DHCP servers.
The strategy must meet the technical requirements.
Which Windows PowerShell cmdlet should you recommend running on the physical DHCP servers?

A.    Receive-SmigServerData
B.    Import-SmigServerSetting
C.    Export-SmigServerSetting
D.    Send-SmigServerData

Answer: C

QUESTION 30
You need to recommend a solution that meets the security requirements.
Which schema attribute properties should you recommend modifying?

A.    isCriticalSystemObject
B.    searchFlags
C.    schemaFlagsEx
D.    isIndexed

Answer: B
Explanation:

wps22BA.tmp_thumb

Applies To: Windows Server 2008, Windows Server 2012
This topic includes procedures for adding an attribute to the filtered attribute set (FAS) for a readonly domain controller (RODC) and marking the attribute as confidential data. You can perform these procedures to exclude specific data from replicating to RODCs in the forest. Because the data is not replicated to any RODCs, you can be assured that the data will not be revealed to an attacker who manages to successfully compromise an RODC. In most cases, adding an attribute to the RODC FAS is completed by the developer of the application that added the attribute to the schema.
– Determine and then modify the current searchFlags value of an attribute
– Verify that an attribute is added to the RODC FAS
– Determine and then modify the current searchFlags value of an attribute
To add an attribute to an RODC FAS, you must first determine the current searchFlags value of the attribute that you want to add, and then set the following values for searchflags:
– To add the attribute to the RODC FAS, set the 10th bit to 0x200.
– To mark the attribute as confidential, set the 7th bit to 0x080.
http://technet.microsoft.com/en-us/library/cc754794(v=ws.10).aspx


Braindump2go 70-413 Exam Dumps are the latest updated! We guarantee you a 100% Pass of all exams Or Full Money Back! Download our Latest 70-413 Exam Dumps Full Version Now! Instant Download Provided!

1[5]