You are a network administrator for a Cloud Service Provider (CSP). The company hosts workloads from multiple customers. Connectivity with customer on-premises networks is done through a Virtual Private Network (VPN) hardware concentrator. This VPN hardware concentrator is reaching the physical resource utilization limit, and the network team is evaluating the purchase of new hardware. The VPN hardware concentrator lacks integration with Hyper-V virtualization, which is broadly adopted in the datacenter. You need to suggest a solution. The new solution should be capable of supporting multiple tenants, support load balancing and high availability, use single public IP address, learn VLANs dynamically, and must be aligned with Software Defined Network (SDN) company initiative. Which two solutions should you suggest? Each correct answer presents a complete solution.
- B. RAS Gateway using Internet Key Exchange version 2 (IKEv2) site-to-site virtual private networking (S2S) VPN
You need to force all DirectAccess clients to authenticate using a one-time password when connecting to your company's Active Directory Domain Services (AD DS) environment. Which Windows PowerShell command should you use?
Your network is configured as an Active Directory Domain Services (AD DS) domain. Your network infrastructure includes an Active Directory Certificate Services (AD CS) infrastructure. You deploy a Network Policy Server (NPS) configured as a RADIUS server in your domain. You need to configure secure communication for messages passed between the RADIUS server and a RADIUS proxy deployed in a trusted domain.
- A. Install server certificates from the local certificate authority (CA) on the RADIUS server and RADIUS proxy.
- B. Install a server certificate from the local certificate authority (CA) on the RADIUS server and a computer certificate on the RADIUS proxy
You are an administrator for your company. The company network consists of servers running Windows Server 2016 and workstations with Windows 10. Your company has DirecAccess deployed to support remote connectivity to the enterprise internal network and to allow administrators manage the remote computers and keep them updated with security patches and Group Policies. The security policy states that all traffic between the DirectAccess client and the internet should be routed through the internal network. A remote user reports that his client computer is showing an exclamation mark on network icon and a limited connectivity message, but he can access the internet normally. You need to restore connectivity to the user. What should you do?
- C. Create a Group Policy with the Turn off Windows Network Connectivity Status Indicator active tests configuration enabled
You are an administrator for an Active Directory Domain Services (AD DS) domain. You deploy Software Defined Networking (SDN) in the domain. A domain member server runs Microsoft Server 2016 Standard with Hyper-V enabled. The host server has four physical network adapters. You need to create a virtual switch that configures all four network adapters in a fault-tolerant configuration. Which PowerShell cmdlet should you run first?
You are the administrator of your company's DHCP implementation. You install a new DHCP server and need to authorize it in Active Directory Domain Services (AD DS). What command should you run?
You manage a datacenter environment with servers that run Windows Server 2016 Datacenter edition. System Center Virtual Machine Manager is deployed. You plan to deploy Network Controller in the environment. You need to configure the Active Directory Domain Services (AD DS) settings for the deployment. Which two actions should you perform? Each correct answer presents part of the solution.
You are deploying Domain Name System (DNS) policies on a Windows Server 2016 DNS server in the company's Active Directory Domain. The policies will provide geo-location based traffic management for the London and New York subnets. You successfully create the DNS client subnets, create the scopes for the DNS zones, and add DNS records to the zone scopes. You need to create the DNS policies required to support geo-location traffic management. What should you do?
You manage a high-performance network with servers that run Windows Server 2016 Datacenter Edition and the Hyper-V role. You need to configure Remote Direct Memory Access (RDMA) over Converged Ethernet (RoCE). Which feature or role should you install?
User1 will be responsible for tracking IP address usage in the domain. You need to assign the proper IPAM role to User1 . Which role should you assign?
NetSupp is a domain member in your company's Active Directory Domain Services (AD DS) domain. NetSupp runs Microsoft Windows Server 2016 and has the IPAM feature installed. When you originally set up IPAM, you configured the server for manual provisioning. You decide that this will result in an excessive amount of administrative overhead and decide to switch over to Group Policy-based provisioning. You create a Group Policy object (GPO) for IPAM, but none of the policies are applied. You need to apply the policies from the GPO. What should you do?
You are the administrator of your company's DHCP implementation. Your DHCP server has two network cards, each configured with a static IP address for a different network segment. You need to ensure that the correct network interface is used when the server provides DHCP leases for each network. What should you do?
You are an administrator for an Active Directory Domain Services (AD DS) domain. The domain includes a member server running Windows Server 2016 Nano Server configured to support Hyper-V. The host computer is configured with two physical NICs configured for Switch Embedded Teaming (SET). The current switch supports four guest virtual machines (VMs). You install an additional physical NIC and deploy a guest VM that will run a database that is used to support a large number of retail locations. The new NIC will be used to carry traffic relating to database activities only. You need to configure the new NIC for maximum throughput to the VM. Which Windows PowerShell cmdlet should you run?
You are the administrator for your company's DNS domain. DNS information is not replicated to secondary servers, and is causing issues in your environment. You need to determine if secondary servers in the domain will initiate a zone replication or if further actions need to be taken. Which value on the authoritative server should you compare with your secondary servers?
Your network is configured as an Active Directory Domain Services (AD DS) domain with a single subnet. You configure a member server as a Network Address Translation (NAT) server. The NAT server is configured with two network adapters. The NAT server is configured to provide client computers with private IPv4 addresses. Your company has multiple public IP addresses. You need to make the addresses available for client use when they access the Internet. A client should be able to access the Internet using any available public address. You want to keep the network and server physical configuration changes to a minimum. What should you do?
You are deploying a software defined networking (SDN) infrastructure in your Active Directory Domain Services (AD DS) domain using Virtual Machine Manager (VMM). You are preparing to add a Network Controller in your VMM fabric. You create domain local security groups for Network Controller management and Network Controller clients. You need to complete the required prerequisites for installing Network Controller. What should you create?
You are implementing a large remote access solution for your company's Active Directory Domain Services (AD DS) environment. You have 1,000 users connecting to company resources from home offices. You have 10 VPN servers available for remote connections and two RADIUS servers. You need to ensure that user login requests are spread across the servers. What are two possible ways to achieve this goal? Each correct answer presents a complete solution
You manage the file services environment for a company. You need to enable the BranchCache services for a file server that uses Server Message Block (SMB). What should you install?
Your organization is worried that malicious attacks can be performed against the DNS servers in the domain. They are especially concerned about using the default DNS communication port. You need to ensure that the default DNS communication port is not used. What should you do?
You manage a Distributed File System (DFS) environment for a company. You need to configure a specific port for DFS replication to operate on. Which Windows PowerShell cmdlet should you run?
You are an administrator in an Active Directory Domain Services (AD DS) domain. Your network includes the domains fiprint.com and ops.fiprint.com. NetSupp is a member server in the fiprint.com domain configured with the IPAM feature. IPAM discovery is current configured to search for DNS and DHCP servers in ops.fiprint.com. You need to reconfigure IPAM discovery to search for DNS servers only in ops.fiprint.com. Which PowerShell cmdlet should you run?
You manage a datacenter environment for an enterprise. The datacenter contains three tenants for subsidiary companies. You plan to use Remote Access Service (RAS) Gateway to manage and assign public IP addresses to the datacenter tenants. You need to configure the environment and ensure high availability. What should you do?
You are an administrator for an Active Directory Domain Services (AD DS) domain. The domain includes a member server running Windows Server 2016 that is configured as an IPAM Administrator. You are a member of the IPAM Administrator role on the server. You want to delegate IPAM administration tasks to other users within the organization. You identify two users to manage DHCP and DNS server settings, including scopes and options. You need to grant the users the minimum permissions necessary. To which group or role should you assign the users?
You manage a distributed network environment with servers that run Windows Server 2016. The environment has IPv6 networks that are segmented by IPv4 routers. You need to ensure that you can use DNS to communicate between the IPv6 networks. What should you do?
Host3 is a member server in an Active Directory Domain Services (AD DS) domain. Host3 runs Windows Server 2016 and is configured with four physical network adapters. You want to improve network performance for a virtual machine (VM) named VSupp on Host3. The VM receives a large amount of incoming traffic. You need to distribute the load for network traffic across multiple processor cores on the host and VM. Which feature should you enable?
You are the administrator of your company's DHCP implementation. This includes two DHCP servers, each with multiple scopes. You need to back up specific DHCP scopes. Which command should you use?
You have set up a VPN solution for your company's Active Directory Domain Services (AD DS) environment. You need to configure the VPN solution to only let users connect during business hours. What should you do?
You are the administrator for your company's new domain. The domain consists of a primary domain named company.com, and a subdomain named sub.company.com. The primary domain has a domain controller named DC1, and the subdomain has a domain controller named SubDC1. You need to configure a Name Server (NS) resource record for the subdomain. Which line should you add to the zone file?
You manage the network policies by using Network Policy Server (NPS). You notice that a client connection is using an incorrect network policy. You need to identify why the client is obtaining the wrong policy. What should you identify?
You create a failover-ena bled scope in DHCP by using IPAM. You need to modify the failover settings and ensure that the changes are applied to both the primary server and the corresponding partner server. What should you do?
- A. Delete the failover relationship from the primary DHCP server and re-create the DHCP scope with the new settings.
About Individual Course:
|Learning Style||Self-Paced Learning|
|Course Duration||1 Hour|