Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Microsoft 70-413

Microsoft 70-413 Exam Practice Questions (P. 2)

  • Full Access (337 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.

All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the VPN enforcement method.
Does this meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B
VPN Enforcement needs to be setup in connection with NAP (Network Access Protection).

Question #12
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.

All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
  1. A
    Yes
  2. B
    No

Correct Answer:
B

Question #13
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server server role installed.
You configure Server1 as part of a Network Access Protection (NAP) solution that uses the 802.lx enforcement method,
You add a new switch to the network and you configure the switch to use 802.lx authentication.
You need to ensure that only compliant client computers can access network resources through the new switch.
What should you do on Server1?
  1. A
    Add the IP address of each new switch to a remediation server group.
  2. B
    Add the IP address of each new switch to the list of RADIUS clients.
  3. C
    Add the IP address of each new switch to a connection request policy as an Access Client IPv4 Address.
  4. D
    Add the IP address of each new switch to a remote RADIUS server group.

Correct Answer:
B
802.1X and RADIUS-compliant APs (Acess Points), when they are deployed in a RADIUS infrastructure with a RADIUS server such as an NPS server, are called
RADIUS clients.

Question #14
Your network contains an Active Directory domain named contoso.com.
Your company has 100 users in the sales department. Each sales user has a domain-joined laptop computer that runs either Windows 7 or Windows 8. The sales users rarely travel to the company's offices to connect directly to the corporate network.
You need to recommend a solution to ensure that you can manage the sales users' laptop computers when the users are working remotely.
What solution should you include in the recommendation?
  1. A
    Deploy the Remote Access server role on a server on the internal network.
  2. B
    Deploy the Network Policy and Access Services server role on a server on the internal network.
  3. C
    Deploy a Microsoft System Center 2012 Service Manager infrastructure.
  4. D
    Deploy a Microsoft System Center 2012 Operations Manager infrastructure.

Correct Answer:
A
The question is asking what you should INCLUDE in your recommendation; it is not asking for the complete solution.
Reference:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn636119(v=ws.11)?redirectedfrom=MSDN

Question #15
HOTSPOT -
Your network contains an Active Directory domain named contoso.com.
The domain has a certification authority (CA). You create four certificate templates. The templates are configured as shown in the following table:

You install the Remote Access server role in the domain.
You need to configure DirectAccess to use one-time password (OTP) authentication.
What should you do? To answer, select the appropriate options in the answer area.
Hot Area:


Correct Answer:

Question #16
DRAG DROP -
Your company plans to deploy a remote access solution to meet the following requirements:
✑ Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
✑ Ensure that client computers that run Windows Vista or earlier can connect remotely.
✑ Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements.
Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all.
Additionally, you may need to drag the split bar between panes or scroll to view content.
Select and Place:


Correct Answer:

 Note:
*Direct is supported in Windows 7 and newer so second answer is not correct it should be L2TP VPN.
* DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN).
* Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows Vistaֲ® and Windows XP remote access clients, and VPN server support for L2TP is built in to members of the Windows Serverֲ® 2008 and Windows Server 2003 family.
* Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers.

Question #17
DRAG DROP -
Your network contains an Active Directory domain named contoso.com. The domain contains five servers. The servers are configured as shown in the following table.

You plan to implement Network Access Protection (NAP) with IPSec enforcement on all client computers.
You need to identify on which servers you must perform the configurations for the NAP deployment.
Which servers should you identify? To answer, drag the appropriate servers to the correct actions. Each server may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.)
Select and Place:


Correct Answer:

 * Network Policy Server (Server3)
You configure remediation server groups on the Network Policy Server.

✑ To create the System Health Validator health policies for just Configuration Manager, follow these procedures:
Load the Network Policy Server console.
* Domain Controller (Server1)
This feature is installed automatically on a domain controller running Windows Server 2008 and Windows Server 2008 R2. This feature can be installed on a member server running Windows Server 2008 or Windows Server 2008 R2. You can use Group Policy to configure NAP settings on NAP clients running Windows
Server 2008, Windows Server 2008 R2, Windows Vista, Windows 7, and Windows XP SP3.

Question #18
DRAG DROP -
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 resides in the perimeter network and has the Remote Access server role installed.
Some users have laptop computers that run Windows 7 and are joined to the domain. Some users work from home by using their home computers. The home computers run either Windows XP, Windows Vista/ Windows 7, or Windows 8.
You need to configure the computers for remote access.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:


Correct Answer:

 * Installing CMAK
CMAK is an optional component that is not installed by default. You must install CMAK to create connection profiles that your users can install to access remote networks.
* The Connection Manager Administration Kit (CMAK) is a tool that you can use to customize the remote connection experience for users on your network by creating predefined connections to remote servers and networks. To create and customize a connection for your users, you use the CMAK wizard.
* Distributing your completed connection profile
Running the CMAK wizard produces a connection profile that is stored in an executable file. Running that file on a client computer equips that computer with everything needed to establish the network connection that you designed.

Question #19
Your network contains an Active Directory domain. All servers run Windows Server 2012 R2.
The domain contains the servers shown in the following table.

You need to recommend which servers will benefit most from implementing data deduplication.
Which servers should you recommend?
  1. A
    Server1 and Server2
  2. B
    Server1 and Server3
  3. C
    Server1 and Server4
  4. D
    Server2 and Server3
  5. E
    Server2 and Server4
  6. F
    Server3 and Server4

Correct Answer:
D
* Server 2: Data deduplication involves finding and removing duplication within data without compromising its fidelity or integrity. The goal is to store more data in less space by segmenting files into small variable-sized chunks (32ג€"128 KB), identifying duplicate chunks, and maintaining a single copy of each chunk.
Redundant copies of the chunk are replaced by a reference to the single copy. The chunks are compressed and then organized into special container files in the
System Volume Information folder
* Server 3: In Windows Server 2012 R2, Data Deduplication can be installed on a scale-out file server and used to optimize live VHDs for VDI workloads.

Question #20
Your network contains an Active Directory forest named adatum.com. All domain controllers run Windows Server 2008 R2. The functional level of the domain and the forest is Windows Server 2008.
You deploy a new Active Directory forest named contoso.com. All domain controllers run Windows Server 2012 R2. The functional level of the domain and the forest is Windows Server 2012 R2.
You establish a two-way, forest trust between the forests. Both networks contain member servers that run either Windows Server 2012 R2, Windows Server 2012,
Windows Server 2008 R2 or Windows Server 2008.
You plan to use the Active Directory Migration Tool 3.2 (ADMT 3.2) to migrate user accounts from adatum.com to contoso.com. SID history will be used in contoso.com and passwords will be migrated by using a Password Export Server (PES).
You need to recommend which changes must be implemented to support the planned migration.
Which two changes should you recommend? Each correct answer presents part of the solution.
  1. A
    In the contoso.com forest, deploy a domain controller that runs Windows Server 2008 R2.
  2. B
    In the adatum.com forest, upgrade the functional level of the forest and the domain.
  3. C
    In the contoso.com forest, downgrade the functional level of the forest and the domain.
  4. D
    In the adatum.com forest, deploy a domain controller that runs Windows Server 2012 R2.

Correct Answer:
AC

Previous Questions Next Questions

All Pages