Microsoft 70-414 Exam Practice Questions (P. 2)

Your company has an office in New York.
Many users connect to the office from home by using the Internet.
You deploy an Active Directory Certificate Services (AD CS) infrastructure that contains an enterprise certification authority (CA) named CA1. CA1 is only available from hosts on the internal network.
You need to ensure that the certificate revocation list (CRL) is available to all of the users.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.)

HOTSPOT -
Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. The forest contains two servers.
The servers are configured as shown in the following table.

You prepare the forest to support Workplace Join and you enable the Device Registration Service (DRS) on Server1.
You need to ensure that Workplace Join meets the following requirements:
✑ Application access must be based on device claims.
✑ Users who attempt to join their device to the workplace through Server2 must be prevented from locking out their Active Directory account due to invalid credentials.
Which cmdlet should you run to achieve each requirement? To answer, select the cmdlet for each requirement in the answer area.
Hot Area:

Your network contains the following roles and applications:
✑ Microsoft SQL Server 2012
✑ Distributed File System (DFS) Replication
✑ Active Directory Domain Services (AD DS)
✑ Active Directory Rights Management Services (AD RMS)
✑ Active Directory Lightweight Directory Services (AD LDS)
You plan to deploy Active Directory Federation Services (AD FS).
You need to identify which deployed services or applications can be used as attribute stores for the planned AD FS deployment.
What should you identify? (Each correct answer presents a complete solution. Choose all that apply.)

Your company has 10,000 users located in 25 different sites.
All servers run Windows Server 2012. All client computers run either Windows 7 or Windows 8.
You need to recommend a solution to provide self-service password reset for all of the users.
What should you include in the recommendation?

Your network contains an Active Directory domain named contoso.com. The domain contains 200 servers that run either Windows Server 2012 R2, Windows
Server 2012, or Windows Server 2008 R2. The servers run the following enterprise applications:
✑ Microsoft Exchange Server 2013
✑ Microsoft SQL Server 2014
System Center 2012 R2 Operations Manager is deployed to the domain. Operations Manager monitors all of the servers in the domain. Audit Collection Services
(ACS) is installed.
You need to recommend a monitoring strategy for the domain that meets the following requirements:
✑ A group of administrators must be notified when an error is written to the System log on the servers that run Exchange Server 2013.
✑ A group of administrators must be notified when a specific event is written to The Application log on the servers that run SQL Server 2014.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.