★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-980 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-980-dumps.html
Master the 70 980 vce Recertification for MCSE: Server Infrastructure content and be ready for exam day success quickly with this Testking exam 70 980 free practice exam. We guarantee it!We make it a reality and give you real 70 980 dump questions in our Microsoft 70 980 vce braindumps.Latest 100% VALID Microsoft 70 980 vce Exam Questions Dumps at below page. You can use our Microsoft exam 70 980 braindumps and pass your exam.
Q71. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Which Network Access Protection (NAP) enforcement method should you implement?
A. VPN
B. DHCP
C. IPsec
D. 802.1x
Answer: D
Explanation:
http://blogs.technet.com/b/wincat/archive/2008/08/19/network-access-protection-using-802-1x-vlan-s-orportacls-which-is-right-for-you.aspx The most common method of the list is 802.1x for a variety of reasons. First, the industry has been selling 802.1x network authentication for the last 10 years. 1x gained tremendous popularity as wireless networking became prevalent in the late 90's and early 2000's and has been proven to be a viable solution to identifying assets and users on your network. For customers that have invested in 802.1x capable switches and access points, NAP can very easily be implemented to complement what is already in place. The Network Policy Server (NPS) role Windows Server 2008 has been dramatically improved to make 802.1x policy creation much simpler to do.
Q72. DRAG DROP - (Topic 9)
Your network contains an Active Directory forest named adatum.com. The forest contains a single domain. All servers run Windows Server 2012 R2. All client computers run Windows
8.1.
The DNS zone of adatum.com is Active Directory-integrated.
You need to implement DNSSEC to meet the following requirements:
Ensure that the zone is signed.
Ensure that the zone signing key (ZSK) changes every 30 days.
Ensure that the key signing key (KSK) changes every 365 days.
What should you do? To answer, drag the appropriate cmdlets to the correct requirements. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q73. - (Topic 6)
You need to recommend changes to the existing environment to meet the web server requirement.
Which two actions should you recommend? Each correct answer presents part of the solution.
A. On one web server, run the Start-DSCConfiguration cmdlet. Create and run a configuration script.
B. On all of the web servers, install the Windows PowerShell Web Access feature, and then run the Set-DscLocalConfigurationManager cmdlet.
C. On all of the web servers, configure the Local Configuration Manager settings, and then run the Set-DscLocalConfigurationManager cmdlet.
D. On one web server, install the Windows PowerShell Desired State Configuration (DSC)
feature. Create and run a configuration script.
Answer: C,D
Q74. - (Topic 9)
Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Windows Server 2008 R2 or Windows Server 2012.
All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.
All client computers receive IP addresses by using DHCP.
You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:
Verify whether the client computers have up-to-date antivirus software.
Provides a warning to users who have virus definitions that are out-of-date.
Ensure that client computers that have out-of-date virus definitions can connect to
the network.
Which NAP enforcement method should you recommend?
A. DHCP
B. IPSec
C. VPN
D. 802.1x
Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/cc733020(v=ws.10).aspx
NAP enforcement for DHCP
DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS).
Using DHCP enforcement, DHCP servers and NPS can enforce health policy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective.
Q75. - (Topic 10)
Your network contains two servers named Server1 and Server2 that run Windows Server 2012. Server1 and Server2 have the Hyper-V server role installed and are part of a host group named Group1 in Microsoft System Center 2012 Virtual Machine Manager (VMM).
Server1 and Server2 have identical hardware, software, and settings.
You configure VMM to migrate virtual machines if the CPU utilization on a host exceeds 65 percent. The current load on the servers is shown following table.
You start a new virtual machine on Server2 named VM8. VM8 has a CPU utilization of 20
percent.
You discover that none of the virtual machines hosted on Server2 are migrated to Server1.
You need to ensure that the virtual machines hosted on Server2 are migrated to Server1.
What should you modify from the Dynamic Optimization configuration?
A. The Host Reserve threshold
B. The Power Optimization threshold
C. The Aggressiveness level
D. The Dynamic Optimization threshold
Answer: C
Q76. - (Topic 9)
You are designing an Active Directory forest for a company named Contoso, Ltd. Contoso identifies the following administration requirements for the design:
. User account administration and Group Policy administration will be performed by network technicians. The technicians will be added to a group named OUAdmins.
. IT staff who are responsible for backing up servers will have user accounts that are members of the Backup Operators group in the domain.
. All user accounts will be located in an organizational unit (OU) named AllEmployees.
You run the Delegation of Control Wizard and assign the OUAdmins group full control to all of the objects in the AllEmployeesOU.
After delegating the required permissions, you discover that the user accounts of some of the IT staff have inconsistent permissions on the objects in AllEmployees.
You need to recommend a solution to ensure that the members of OUAdmins can manage all of the objects in AllEmployees.
What should you include in the recommendation?
A. Remove the IT staff user accounts from Backup Operators and place them in a new group. Grant the new group the Backup files and directories user right and the Restore files and directories user right. Enforce permission inheritance on all of the objects in the AllEmployeesOU.
B. Create separate administrator user accounts for the technicians. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Delegate permissions to the new useraccounts.
C. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Run the Delegation of Control Wizard.
D. Move the user accounts of the technicians to a separate OU. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Run the Delegation of Control Wizard on the AllEmployeesOU.
Answer: B
Q77. - (Topic 10)
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
All client computers have a custom application named App1 installed. App1 generates an Event ID 42 every time the application runs out of memory.
Users report that when App1 runs out of memory, their client computer runs slowly until they manually restart App1.
You need to recommend a solution that automatically restarts App1 when the application runs out of memory. The solution must use the least amount of administrative effort.
What should you include in the recommendation?
A. From Configurations Manager, create a desired configuration management baseline.
B. From Windows System Resource Manager, create a resource allocation policy.
C. From Event Viewer, attach a task to the event.
D. From Operations Manager, create an alert.
Answer: D
Q78. - (Topic 9)
Your network contains an Active Directory domain.
You plan to implement a remote access solution that will contain three servers that run
Windows Server 2012. The servers will be configured as shown in the following table.
Server1 will support up to 200 concurrent VPN connections.
You need to ensure that all VPN connection requests are authenticated and authorized by either Server2 or Server3. The solution must ensure that the VPN connections can be authenticated if either Server2 or Server3 fails.
What should you do?
A. On Server1, configure a RADIUS proxy. On Server2 and Server3, add a RADIUS client.
B. On Server2 and Server3, add a RADIUS client. On Server1, modify the Authentication settings.
C. On Server1, configure a RADIUS proxy. Add Server2 and Server3 to a failover cluster.
D. Add Server2 and Server3 to a Network Load Balancing (NLB) cluster. On Server1, modify the Authentication settings.
Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/cc754033.aspx
Q79. - (Topic 9)
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
The domain contains two global groups. The groups are configured as shown in the following table.
You need to ensure that the RODC is configured to meet the following requirements:
. Cache passwords for all of the members of Branch1Users.
. Prevent the caching of passwords for the members of Helpdesk.
What should you do?
A. Modify the membership of the Denied RODC Password Replication group.
B. Install the BranchCache feature on RODC1.
C. Modify the delegation settings of RODC1.
D. Create a Password Settings object (PSO) for the Helpdesk group.
Answer: A
Q80. DRAG DROP - (Topic 10)
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2. The domain contains a server named Server1.
Server1 is a certification authority (CA). All servers run Windows Server 2012 R2.
You plan to deploy BitLocker Drive Encryption (BitLocker) to all client computers. The unique identifier for your organization is set to Contoso.
You need to ensure that you can recover the BitLocker encrypted data by using a BitLocker data recovery agent. You must be able to perform the recovery from any administrative computer.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer: