This page was exported from New Lead2pass PDF And VCE Ensure IT Exam Pass 100%
[
https://www.dumps4microsoft.com
]
Export date: Thu Mar 28 8:30:56 2024 / +0000 GMT
In recent years, many people choose to take Microsoft 70-414 certification exam which can make you get the Microsoft certificate and that is the passport to get a better job and get promotions. How to prepare for Microsoft 70-414 exam and get the certificate? Please refer to Microsoft 70-414 exam questions and answers on GreatExam. QUESTION 61 A. DFS Answer: CDE QUESTION 62 A. The Network Device Enrollment Service role service Answer: D QUESTION 63 A. Deploy a certification authority (CA) that is subordinate to an external root CA. Answer: A QUESTION 64 A. An offline standalone root CA and an online enterprise issuing CA Answer: A QUESTION 65 A. From the properties of the User certificate template, assign the Allow-Enroll permission to the Authenticated Users group. Answer: D QUESTION 66 A. Issue a CEP Encryption certificate to the members of the Audit group. Answer: C QUESTION 67 A. The Certification Authority Web Enrollment role service and the Online Responder role service Answer: C QUESTION 68 QUESTION 69 QUESTION 70 A. Configure all of the client computers to use IPv6 addresses, and then configure Server1 and Server2 to run DHCP in stateless mode. Answer: BCD Existing Environment Current Issues - A web front end - Help desk tickets must be created and assigned automatically when an instance of App1 becomes unresponsive. - An offline root certification authority (CA) must be configured. QUESTION 71 A. 2 Answer: C QUESTION 72 A. Export the server authentication certificate and provide the certificate to Trey Research. Answer: C QUESTION 73 A. A scale-out file server that uses an NFS share Answer: C QUESTION 74 A. Operations Manager, Service Manager and Orchestrator Answer: A QUESTION 75 A. Audit policy change Answer: D QUESTION 76 A. Multi-site Failover Clustering Answer: B QUESTION 77 A. Read-Only Administrator Answer: D QUESTION 78 A. Certificate Enrollment Web Service and Certificate Enrollment Policy Web Service Answer: A QUESTION 79 A. Guest OS profile Answer: D QUESTION 80 A. Distributed File System (DFS) Replication Answer: D GreatExam is a good website that provides all candidates with the latest IT certification exam materials. GreatExam will provide you with the exam questions and verified answers that reflect the actual exam. The Microsoft 70-414 exam dumps are developed by experienced IT professionals. 99.9% of hit rate. Guarantee you success in your 70-414 exam with our exam materials.
Your network contains the following roles and applications:
- Microsoft SQL Server 2012
- Distributed File System (DFS) Replication
- Active Directory Domain Services (AD DS)
- Active Directory Rights Management Services (AD RMS)
- Active Directory Lightweight Directory Services (AD LDS)
You plan to deploy Active Directory Federation Services (AD FS).
You need to identify which deployed services or applications can be used as attribute stores for the planned AD FS deployment.
What should you identify? (Each correct answer presents a complete solution. Choose all that apply.)
B. AD RMS
C. Microsoft SQL Server 2012
D. AD LDS
E. AD DS
Explanation:
http://technet.microsoft.com/library/dd807092(v=ws.10).aspx
Your network contains an Active Directory domain named contoso.com.
The network contains 15,000 client computers.
You plan to deploy an Active Directory Certificate Services (AD CS) infrastructure and issue certificates to all of the network devices.
You need to recommend a solution to minimize the amount of network utilization caused by certificate revocation list (CRL) checking.
What should you include in the recommendation? More than one answer choice may achieve the goal. Select the BEST answer.
B. An increase of the CRL validity period
C. A reduction of the CRL validity period
D. The Online Responder role service
Explanation:
http://technet.microsoft.com/en-us/library/cc753468.aspx
Your network contains an Active Directory domain named contoso.com.
You deploy Active Directory Certificate Services (AD CS).
You plan to deploy 100 external Web servers that will be publicly accessible and will require Secure Sockets Layer (SSL) certificates.
You also plan to deploy 50,000 certificates for secure email exchanges with Internet-based recipients.
You need to recommend a certificate services solution for the planned deployment.
What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.
B. Purchase 50,100 certificates from a trusted third-party root certification authority (CA).
C. Distribute a copy of the root certification authority (CA) certificate to external relying parties.
D. Instruct each user to request a Secure Email certificate from a trusted third-party root CA, and then purchase 100 Web server certificates.
Explanation:
http://technet.microsoft.com/en-us/library/cc772192(v=ws.10).aspx
Your company, which is named Contoso, Ltd., has offices only in North America.
The company has 2,000 users.
The network contains an Active Directory domain named contoso.com.
You plan to deploy an Active Directory Certificate Services (AD CS) infrastructure and assign certificates to all client computers.
You need to recommend a PKI solution to protect the private key of the root certification authority (CA) from being accessed by external users.
What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.
B. An online enterprise root CA and an online enterprise issuing CA
C. An offline standalone root CA and an offline enterprise issuing CA
D. An online enterprise root CA, an online enterprise policy CA, and an online enterprise issuing CA
Explanation:
http://technet.microsoft.com/en-us/library/cc737481(v=ws.10).aspx
Your network contains an Active Directory domain named contoso.com.
The network has an Active Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:
- Ensure that the users can encrypt files by using Encrypting File System (EFS).
- Ensure that all of the users reenroll for their certificate every six months.
What should you do first?
B. From the properties of the Basic EFS template, assign the Allow-Enroll permission to the Authenticated Users group.
C. Create a copy of the User certificate template, and then modify the extensions of the copy.
D. Create a copy of the Basic EFS certificate template, and then modify the validity period of the copy.
Explanation:
http://technet.microsoft.com/en-us/library/cc786499(v=ws.10).aspx
Your network contains an Active Directory domain named contoso.com.
The network has an Active Directory Certificate Services (AD CS) infrastructure.
You deploy Active Directory Rights Management Services (AD RMS) on the network.
You provide several users on the network with the ability to protect content by using AD RMS. You need to recommend a solution to provide the members of a group named Audit with the ability to read and modify all of the AD RMS-protected content.
What should you recommend?
B. Issue a key recovery agent certificate to the members of the Audit group.
C. Add the Audit group as a member of the super users group.
D. Add the Audit group as a member of the Domain Admins group.
Explanation:
http://technet.microsoft.com/en-us/library/ee424431.aspx
Your network contains an Active Directory domain named contoso.com.
The network contains a perimeter network.
The perimeter network and the internal network are separated by a firewall.
On the perimeter network, you deploy a server named Server1 that runs Windows Server 2012. You deploy Active Directory Certificate Services (AD CS).
Each user is issued a smart card. Users report that when they work remotely, they are unable to renew their smart card certificate.
You need to recommend a solution to ensure that the users can renew their smart card certificate from the Internet.
What should you recommend implementing on Server1? More than one answer choice may achieve the goal. Select the BEST answer.
B. The Active Directory Federation Services server role
C. The Certificate Enrollment Policy Web Service role service and the Certificate Enrollment Web Service role service
D. An additional certification authority (CA) and the Online Responder role service
Explanation:
http://technet.microsoft.com/en-us/library/dd759230.aspx
Your network contains an Active Directory domain named contoso.com.
The network has an Active Directory Certificate Services (AD CS) infrastructure.
You publish the certificate revocation list (CRL) to a farm of Web servers.
You are creating a disaster recovery plan for the AD CS infrastructure.
You need to recommend which actions must be performed to restore certificate revocation checking if a certification authority (CA) is offline for an extended period of time.
Which three actions should you recommend? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
http://technet.microsoft.com/en-us/library/cc732443(v=ws.10).aspx
Your network contains an Active Directory domain named contoso.com.
The domain contains four servers named Server1, Server2, Server3, and Server4 that run Windows Server 2012. Server1 and 5erver2 are configured as file servers and are part of a failover cluster named Cluster1.
Server3 and Server4 have Microsoft SQL Server 2012 installed and are part of a failover cluster named Cluster2.
You add a disk named Disk1 to the nodes in Cluster1.
Disk1 will be used to store the data files and log files used by SQL Server 2012.
You need to configure the environment so that access to Disk1 remains available when a node on Cluster1 fails over or fails back.
Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
http://blogs.technet.com/b/josebda/archive/2012/08/23/windows-server-2012-scale-out-file-server-for-sqlserver-2012-step-by-step-installation.aspx
Your network contains an Active Directory domain.
The domain contains a site named Site1.
All of the client computers in Site1 use static IPv4 addresses on a single subnet.
Site1 contains a Storage Area Network (SAN) device and two servers named Server1 and Server2 that run Windows Server 2012.
You plan to implement a DHCP infrastructure that will contain Server1 and Server2.
The infrastructure will contain several IP address reservations.
You need to recommend a solution for the DHCP infrastructure to ensure that clients can receive IP addresses from a DHCP server if either Server1 or Server2 fails.
What should you recommend? (Each correct answer is a complete solution. Choose all that apply.)
B. Configure Server1 and Server2 as members of a failover cluster, and then configure DHCP as a clustered resource.
C. Configure a DHCP failover relationship that contains Server1 and Server2.
D. Create a scope for each server, and then configure each scope to contain half of the IP addresses.
Explanation:
http://blogs.technet.com/b/teamdhcp/archive/2012/06/28/ensuring-high-availability-of-dhcp-using-windowsserver-2012-dhcp-failover.aspx
Case Study 2: A. Datum (QUESTION 71 - QUESTION 84)
Overview
A.Datum Corporation is an accounting company.
The company has a main office and two branch offices.
The main office is located in Miami.
The branch offices are located in New York and Seattle.
Network Infrastructure
The network contains an Active Directory domain named adatum.com.
All servers run Windows Server 2008 R2.
The main office has the following servers and client computers:
- Two domain controllers configured as DNS servers and DHCP servers
- One file server that has multiples shares
- One thousand client computers that run Windows 7
- Each branch office has the following servers and client computers:
- One domain controller configured as a DNS server and a DHCP server
- Five hundred to 800 client computers that run Windows XP Each office has multiple subnets.
The network speed of the local area network (LAN) is 1 gigabit per second.
The offices connect to each other by using a WAN link.
The main office is connected to the Internet.
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high
latency. The link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named Appl.
App1 is a multi-tier application that will be sold as a service to customers.
Each instance of App1 is comprised of the following three tiers:
- A middle tier that uses Windows Communication Foundation (WCF)
- A Microsoft SQL Server 2008 R2 database on the back end
Each tier will be hosted on one or more virtual machines.
Multiple-tiers cannot coexist on the same virtual machine.
When customers purchase App1, they can select from one of the following service levels:
- Standard: Uses a single instance of each virtual machine required by Appl. If a virtual machine become unresponsive, the virtual machine must be restarted.
- Enterprise: Uses multiple instances of each virtual machine required by App1 to provide high-availability and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share.
The VHDs must be available if a server fails.
You plan to deploy an application named App2.
App2 is comprised of the following two tiers:
- A web front end
- A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office.
The virtual machines will use dynamic IP addresses.
A copy of the App2 virtual machines will be maintained in the Seattle office.
App2 will be used by users from a partner company named Trey Research.
Trey Research has a single Active Directory domain named treyresearch.com.
Treyresearch.com contains a server that has the Active Directory Federation Services server role and all of the Active Directory Federation Services (AD F5} role services installed.
Planned Changes
Datum plans to implement the following changes:
- Replace all of the servers with new servers that run Windows Server 2012.
- Implement a private cloud by using Microsoft System Center 2012 to host instances of Appl.
- In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
- In the Miami office, deploy two new Hyper-V hosts to the local network.
- In the Seattle office, deploy two new Hyper-V hosts.
- In the Miami office, implement a System Center 2012 Configuration Manager primary site that has all of the system roles installed.
- Implement a public key infrastructure (PKI).
- Implement AD FS.
Notification Requirements
Datum identifies the following notification requirements:
- Customers who select the Enterprise service level must receive an email notification each time a help desk ticket for their instance of App1 is opened or closed.
Technical Requirements
Datum identifies the following technical requirements:
- Minimize costs whenever possible.
- Minimize the amount of WAN traffic.
- Minimize the amount of administrative effort whenever possible.
- Provide the fastest possible failover for the virtual machines hosting App2.
- Ensure that administrators can view a consolidated report about the software updates in all of the offices.
- Ensure that administrators in the Miami office can approve updates for the client computers in all of the offices.
Security Requirements
Datum identifies the following security requirements:
- Client computers must be issued certificates by a server in their local office.
- Changes to the CA configuration settings and the CA security settings must be logged.
- Client computers must be able to renew certificates automatically over the Internet.
- The number of permissions and privileges assigned to users must be minimized whenever possible.
- Users from a group named Group1 must be able to create new instances of App1 in the private cloud.
- Cent computers must be issued new certificates when the computers are connected to the local network only.
- The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
- Users from Trey Research must be able to access App2 by using their credentials from treyresearch.com.
What is the minimum number of certificate servers you need to deploy?
B. 3
C. 4
D. 5
In adatum.com, you install and configure a server that has the Active Directory Federation Services server role and all of the AD FS role services installed.
You need to recommend which AD FS configurations must be performed m adatum.com to meet the security requirements.
Which configurations should you recommend before creating a trust policy?
Import the token-signing certificate from Trey Research.
B. Export the server authentication certificate and provide the certificate to Trey Research.
Import the server authentication certificate from Trey Research.
C. Export the token-signing certificate and provide the certificate to Trey Research.
Import the server authentication certificate from Trey Research.
D. Export the token-signing certificate and provide the certificate to Trey Research.
Import the token-signing certificate from Trey Research.
You need to recommend which type of clustered file server and which type of file share must be used in the Hyper-V cluster that hosts App2.
The solution must meet the technical requirements and the security requirements.
What should you recommend?
B. A file server that uses an SMB share
C. A scale-out file server that uses an SMB share
D. A file server that uses an NFS share
Explanation:
http://technet.microsoft.com/en-us/library/hh831349.aspx
You need to recommend a solution that meets the notification requirements.
Which System Center 2012 components should you include in the recommendation?
B. Configuration Manager, Service Manager and Orchestrator
C. App Controller, Configuration Manager and Operations Manager
D. Service Manager, Orchestrator and App Controller
Explanation:
http://www.microsoftvirtualacademy.com/tracks/system-center-2012-orchestrator-service-manager
You are configuring the Certification Authority role service.
From the Certification Authority console, you enable logging.
You need to ensure that configuration changes to the certification authority (CA) are logged. Which audit policy should you configure?
B. Audit privilege use
C. Audit system events
D. Audit object access
Explanation:
http://terrytlslau.tls1.cc/2012/05/how-to-enable-certification-authority.html
You need to recommend a solution to maintain a copy of App2.
The solution must meet the application requirements and must minimize additional hardware purchases.
What should you include in the recommendation?
B. Hyper-V replicas
C. Single-site Failover Clustering
D. Distributed File System (DFS) Replication
Explanation:
http://technet.microsoft.com/en-us/library/jj134172.aspx
You need to recommend a solution that meets the security requirements for Group1.
To which System Center 2012 Virtual Machine Manager (VMM) group should you assign Group1?
B. Administrators
C. Delegated Administrator
D. Self-Service User
Explanation:
http://mountainss.wordpress.com/2011/11/19/user-roles-in-system-center-virtual-machine-manager-2012/
http://technet.microsoft.com/en-us/library/gg696971.aspx
You need to recommend which Certificate Services role service must be deployed to the perimeter network.
The solution must meet the technical requirements.
Which Certificate Services role services should you recommend?
B. Certificate Enrollment Policy Web Service and Certification Authority Web Enrollment
C. Online Responder and Network Device Enrollment Service
D. Online Responder and Certificate Enrollment Web Service
Explanation:
http://technet.microsoft.com/en-us/library/dd759230.aspx
You have a service template to deploy Appl.
You are evaluating the use of Network Load Balancing (NLB) for the front-end servers used by Appl.
You need to recommend which component must be added to the service template.
What should you recommend?
B. A host profile
C. A capability profile
D. A VIP template
Explanation:
http://technet.microsoft.com/library/gg610569.aspx
You need to recommend a storage solution for the App1 VHDs.
The solution must minimize downtime if a Hyper-V host fails.
What should you include in the recommendation?
B. A clustered file server of the File Server for general use type
C. A Distributed File System (DFS) namespace
D. A clustered file server of the File Server for scale-out application data type
Explanation:
http://technet.microsoft.com/en-us/library/hh831349.aspx
Post date: 2016-05-03 08:57:34
Post date GMT: 2016-05-03 08:57:34
Post modified date: 2016-05-03 08:57:34
Post modified date GMT: 2016-05-03 08:57:34
Powered by [ Universal Post Manager ] plugin. MS Word saving format developed by gVectors Team www.gVectors.com