Download Implementing an Advanced Server Infrastructure.70-414.CertKiller.2018-09-25.164q.vcex

Vendor: Microsoft
Exam Code: 70-414
Exam Name: Implementing an Advanced Server Infrastructure
Date: Sep 25, 2018
File Size: 6 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

ProfExam Discount

Demo Questions

Question 1
Your network contains two servers named Server1 and Server2 that run Windows Server 2012. 
Server1 has the iSCSI Target Server role service installed and is configured to have five iSCSI virtual disks. 
You install the Multipath I/O (MPIO) feature on Server2. 
From the MPIO snap-in, you add support for iSCSI devices. 
You need to ensure that Server2 can connect to the five iSCSI disks. The solution must ensure that Server2 uses MPIO to access the disks. 
Which three actions should you perform? 
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Correct answer: To work with this question, an Exam Simulator is required.
Question 2
You administer an Active Directory Domain Services environment. There are no certification authorities (CAs) in the environment. 
You plan to implement a two-tier CA hierarchy with an offline root CA. 
You need to ensure that the issuing CA is not used to create additional subordinate CAs. 
What should you do?
  1. In the CAPolicy.inf file for the issuing CA, enter the following constraint:PathLength=1
  2. In the CAPolicy.inf file for the root CA, enter the following constraint:PathLength=1
  3. In the CAPolicy.inf file for the root CA, enter the following constraint:PathLength=2
  4. In the CAPolicy.inf file for the issuing CA, enter the following constraint:PathLength=2
Correct answer: B
Explanation:
You can use the CAPolicy.inf file to define the PathLength constraint in the Basic Constraints extension of the root CA certificate. Setting the PathLength basic constraint allows you to limit the path length of the CA hierarchy by specifying how many tiers of subordinate CAs can exist beneaththe root. A PathLength of 1 means there can be at most one tier of CAs beneath the root. These subordinate CAs will have a PathLength basic constraint of 0, which means that they cannot issue any subordinate CA certificates. References: http://blogs.technet.com/b/askds/archive/2009/10/15/windows-server-2008-r2-capolicy-inf-syntax.aspx
You can use the CAPolicy.inf file to define the PathLength constraint in the Basic Constraints extension of the root CA certificate. Setting the PathLength basic constraint allows you to limit the path length of the CA hierarchy by specifying how many tiers of subordinate CAs can exist beneaththe root. A PathLength of 1 means there can be at most one tier of CAs beneath the root. These subordinate CAs will have a PathLength basic constraint of 0, which means that they cannot issue any subordinate CA certificates. 
References: http://blogs.technet.com/b/askds/archive/2009/10/15/windows-server-2008-r2-capolicy-inf-syntax.aspx
Question 3
You have a Windows Server 2012 R2 failover cluster that contains four nodes. Each node has four network adapters. The network adapters on each node are configured as shown in the following table. 
  
NIC4 supports Remote Direct Memory Access (RDMA) and Receive Side Scaling (RSS). The cluster networks are configured as shown in the following table. 
  
You need to ensure that ClusterNetwork4 is used for Cluster Shared Volume (CSV) redirected traffic. 
What should you do?
  1. Set the metric of ClusterNetwork4 to 90,000 and disable SMB Multichannel.
  2. Set the metric of ClusterNetwork4 to 90,000 and enable SMB Multichannel.
  3. Set the metric of ClusterNetwork4 to 30,000 and disable SMB Multichannel.
  4. Set the metric of ClusterNetwork4 to 30,000 and enable SMB Multichannel.
  5. On each server, enable RDMA on NIC4.
  6. Prevent clients from connecting to ClusterNetwork4.
Correct answer: C
Explanation:
References: https://blogs.technet.microsoft.com/cedward/2013/11/05/windows-server-2012-smb-multichannel-and-csv-redirected-traffic-caveats/
References: https://blogs.technet.microsoft.com/cedward/2013/11/05/windows-server-2012-smb-multichannel-and-csv-redirected-traffic-caveats/
Question 4
Your network contains an Active Directory domain named contoso.com. The domain contains four servers named Server1, Server2, Server3 and Server4 that run Windows Server 2012. 
Server1 and Server2 are configured as file servers and are part of a failover cluster named Cluster1. Server3 and Server4 have Microsoft SQL Server 2012 installed and are part of a failover cluster named Cluster2. 
You add a disk named Disk1 to the nodes in Cluster1. Disk1 will be used to store the data files and log files used by SQL Server 2012. 
You need to configure the environment so that access to Disk1 remains available when a node on Cluster1 fails over or fails back. 
Which three actions should you perform? 
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order. 
Correct answer: To work with this question, an Exam Simulator is required.
Question 5
Your network contains an Active Directory Rights Management Services (AD RMS) cluster named Cluster1. 
You plan to change Cluster1 to a new AD RMS cluster named Cluster2. 
You need to ensure that all users retrieve the location of the AD RMS templates from Cluster2. 
What should you do?
  1. Modify the Service Connection Point (SCP).
  2. Modify the exclusion policies.
  3. Modify the templates file location of the rights policy templates.
  4. Create an alias (CNAME) record named Cluster1.contoso.com that points to Cluster2.
Correct answer: A
Question 6
Your network contains an Active Directory domain named contoso.com. The network contains a server named Server1 that runs Windows Server 2012. Server1 has the Active Directory Certificate Services server role installed. Server1 is configured as an offline standalone root certification authority (CA). 
You install the Active Directory Certificate Services server role on Server2 and configure the server as an enterprise subordinate CA. 
You need to ensure that the certificate issued to Server2 is valid for 10 years. 
What should you do first?
  1. Modify the subordinate CA certificate template.
  2. Modify the registry on Server2.
  3. Modify the registry on Server1.
  4. Modify the CAPolicy.inf file on Server2.
  5. Modify the CAPolicy.inf file on Server1.
Correct answer: C
Question 7
Your company has an office in New York. 
Many users connect to the office from home by using the Internet. 
You deploy an Active Directory Certificate Services (AD CS) infrastructure that contains an enterprise certification authority (CA) named CA1. CA1 is only available from hosts on the internal network. 
You need to ensure that the certificate revocation list (CRL) is available to all of the users. 
What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
  1. Create a scheduled task that copies the CRL files to a Web server.
  2. Run the Install-ADCSWebEnrollment cmdlet.
  3. Run the Install-EnrollmentPolicyWebService cmdlet.
  4. Deploy a Web server that is accessible from the Internet and the internal network.
  5. Modify the location of the Authority Information Access (AIA).
  6. Modify the location of the CRL distribution point (CDP).
Correct answer: ADF
Explanation:
CRLs will be located on Web servers which are Internet facing. CRLs will be accessed using the HTTP retrieval protocol. CRLs will be accessed using an external URL of http://dp1.pki.contoso.com/pkiF: To successfully authenticate an Internet Protocol over Secure Hypertext Transfer Protocol (IP-HTTPS)-based connection, DirectAccess clients must be able to check for certificate revocation of the secure sockets layer (SSL) certificate submitted by the DirectAccess server. To successfully perform intranet detection, DirectAccess clients must be able to check for certificate revocation of the SSL certificate submitted by the network location server. This procedure describes how to do the following:Create a Web-based certificate revocation list (CRL) distribution point using Internet Information Services (IIS) Configure permissions on the CRL distribution shared folder Publish the CRL in the CRL distribution shared folder
CRLs will be located on Web servers which are Internet facing. 
CRLs will be accessed using the HTTP retrieval protocol. 
CRLs will be accessed using an external URL of http://dp1.pki.contoso.com/pki
F: To successfully authenticate an Internet Protocol over Secure Hypertext Transfer Protocol (IP-HTTPS)-based connection, DirectAccess clients must be able to check for certificate revocation of the secure sockets layer (SSL) certificate submitted by the DirectAccess server. To successfully perform intranet detection, DirectAccess clients must be able to check for certificate revocation of the SSL certificate submitted by the network location server. This procedure describes how to do the following:
  • Create a Web-based certificate revocation list (CRL) distribution point using Internet Information Services (IIS) 
  • Configure permissions on the CRL distribution shared folder 
  • Publish the CRL in the CRL distribution shared folder
Question 8
Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. The forest contains two servers. 
The servers are configured as shown in the following table. 
  
You prepare the forest to support Workplace Join and you enable the Device Registration Service (DRS) on Server1. 
You need to ensure that Workplace Join meets the following requirements:
  • Application access must be based on device claims. 
  • Users who attempt to join their device to the workplace through Server2 must be prevented from locking out their Active Directory account due to invalid credentials. 
Which cmdlet should you run to achieve each requirement? To answer, select the cmdlet for each requirement in the answer area. 
Correct answer: To work with this question, an Exam Simulator is required.
Question 9
Your network contains the following roles and applications:
  • Microsoft SQL Server 2012 
  • Distributed File System (DFS) Replication 
  • Active Directory Domain Services (AD DS) 
  • Active Directory Rights Management Services (AD RMS) 
  • Active Directory Lightweight Directory Services (AD LDS) 
You plan to deploy Active Directory Federation Services (AD FS). 
You need to identify which deployed services or applications can be used as attribute stores for the planned AD FS deployment. 
What should you identify? (Each correct answer presents a complete solution. Choose all that apply.)
  1. DFS
  2. AD RMS
  3. Microsoft SQL Server 2012
  4. AD LDS
  5. AD DS
Correct answer: CDE
Question 10
Your company has 10,000 users located in 25 different sites. 
All servers run Windows Server 2012. All client computers run either Windows 7 or Windows 8. 
You need to recommend a solution to provide self-service password reset for all of the users. 
What should you include in the recommendation?
  1. The Microsoft System Center 2012 Service Manager Self-Service Portal and Microsoft System Center 2012 Orchestrator runbooks
  2. Microsoft System Center 2012 Operations Manager management packs and Microsoft System Center 2012 Configuration Manager collections
  3. The Microsoft System Center 2012 Service Manager Self-Service Portal and Microsoft System Center 2012 Operation Manager management packs
  4. Microsoft System Center 2012 App Controller and Microsoft System Center 2012 Orchestrator runbooks
  5. the Microsoft System Center 2012 Service Manager and Microsoft System Center 2012 Configuration Manager collections
  6. the Microsoft System Center 2012 Orchestrator runbooks and Microsoft System Center 2012 Operation Manager management packs
  7. the Microsoft System Center 2012 Service Manager Self-Service Portal and Microsoft System Center 2012 App Controller
Correct answer: A
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!