An Active Directory Forest named contoso.com is contained by your network. There is an Active Directory Rights management service (AD RMS) which is contain by the forest. With a company named Fabrikam, inc your company establishes a partnership. Fabrikam networks contain an Active Directory forest named fabrikam.com and an AD RMS deployment. Rights protected documents sent by the users of Fabrikam.com should be access by the users in contoso.com. To ensure this consider the following solution.

Solution: You configure contoso.com as a trusted publisher domain from AD RMS in fabrikam.com.

Is this the correct solution?

An Active Directory Forest named contoso.com is contained by your network. There is an Active Directory Rights management service (AD RMS) which is contain by the forest. With a company named Fabrikam, inc your company establishes a partnership. Fabrikam networks contain an Active Directory forest named fabrikam.com and an AD RMS deployment. Rights protected documents sent by the users of Fabrikam.com should be access by the users in contoso.com. To ensure this consider the following solution.

Solution: You configure contoso.com as a trusted publisher domain from AD RMS in contoso.com.

Is this the correct solution?

An Active Directory Forest named contoso.com is contained by your network. There is an Active Directory Rights management service (AD RMS) which is contain by the forest. With a company named Fabrikam, inc your company establishes a partnership. Fabrikam networks contain an Active Directory forest named fabrikam.com and an AD RMS deployment. Rights protected documents sent by the users of Fabrikam.com should be access by the users in contoso.com. To ensure this consider the following solution.

Solution: You configure contoso.com as a trusted user domain from AD RMS in fabrikam.com.

Is this the correct solution?

Note: Presenting same scenario, this question is the part of series of questions. There is a unique solution that each question in the series contain that might meet the stated goal. There might be more than one correct solution of some questions sets, while other not have a correct solution. In this section after answering a question you will not be able to return to it. As a result, in the review screen these question will not appear.

An Active Directory Forest named contoso.com is contained by your network. A member server name Server1 contains by the forest that runs windows server 2016. All domain controllers run Windows Server 2012 R2.

Contoso.com has the following configuration:

PS C:\> (Get-ADForest).ForestMode Windows2008R2Forest

PS C:\> (Get-ADDomain).DomainMode

Windows2008R2Domain

PS C:\>

You plan to configure device registration and deploy an Active Directory Federation Services (AD FS) farm on Server1. To support the planned deployment you need to configure active directory.

Solution: From the windows server 2016 installation media you run adprep.exe. is this the correct solution?

Note: Presenting same scenario, this question is the part of series of questions. There is a unique solution that each question in the series contain that might meet the stated goal. There might be more than one correct solution of some questions sets, while other not have a correct solution. In this section after answering a question you will not be able to return to it. As a result, in the review screen these question will not appear.

An Active Directory Forest named contoso.com is contained by your network. A member server name Server1 contains by the forest that runs windows server 2016. All domain controllers run Windows Server 2012 R2.

Contoso.com has the following configuration:

PS C:\> (Get-ADForest).ForestMode Windows2008R2Forest

PS C:\> (Get-ADDomain).DomainMode

Windows2008R2Domain

PS C:\>

You plan to configure device registration and deploy an Active Directory Federation Services (AD FS) farm on Server1. To support the planned deployment you need to configure active directory.

Solution: to windows server 2016 you upgrade a domain controller. Is this the correct solution?

An Active Directory Forest named contoso.com is contained by your network. A member server name Server1 contains by the forest that runs windows server 2016. All domain controllers run Windows Server 2012 R2.

Contoso.com has the following configuration:

PS C:\> (Get-ADForest).ForestMode Windows2008R2Forest

PS C:\> (Get-ADDomain).DomainMode

Windows2008R2Domain

PS C:\>

You plan to configure device registration and deploy an Active Directory Federation Services (AD FS) farm on Server1. To support the planned deployment you need to configure active directory.

Solution: to windows server 2012 R2 you raise the domain functional level. Is this the right solution?

An Active Directory Forest named contoso.com is contained by your network. A server named Server1 contains by the domain that runs Windows Server 2016. For server1 the computer account is in organizational unit (OU) named OU1. A group policy object (GPO) named GPO1 is created and link GPO1 to OU1. To the local administration group on server you need to add a domain user named user1. Solution: you run the Set-AdComputer cmdlet from the domain controller.

Is this the right solution?

An Active Directory Forest named contoso.com is contained by your network. . A server named Server1 contains by the domain that runs Windows Server 2016. For server1 the computer account is in organizational unit (OU) named OU1. A group policy object (GPO) named GPO1 is created and link GPO1 to OU1. To the local administration group on server you need to add a domain user named user1.

Solution: you configure the Local Users and Groups preference from the computer configuration node of GPO1.

Is this the right solution?

An Active Directory Forest named contoso.com is contained by your network. . A server named Server1 contains by the domain that runs Windows Server 2016.. For server1 the computer account is in organizational unit (OU) named OU1. A group policy object (GPO) named GPO1 is created and link GPO1 to OU1. To the local administration group on server you need to add a domain user named user1.

Solution: you configure the Account Policies settings preference from the computer configuration node of GPO1.

Is this the right solution?

An Active Directory Forest named contoso.com is contained by your network. The domain contains a server named Server1. From server1 to an alternate location you recently restored a backup of the Active Directory database. On server1 the active directory services is not interrupted by the restore operation. By using lightweight directory protocol you need to make the Active Directory data in the backup accessible.

Which tool should be chosen?

An Active Directory Forest named contoso.com is contained by your network. You need to limit the object of Active Directory Domain Services (AD DS) that a user can create in the domain.

Which tool should be chosen?

An Active Directory Forest named contoso.com is contained by your network. Windows server 2012 R2 is the forest functional level. A deleted active directly object can be quickly recovered by a domain administrator needs to be ensured.

Which tool should be chosen?

By using HTTPS you have users that access web application. On the server in the perimeter network web applications are located. Obtained from an enterprise root certification authority CA the servers uses certificates. By using a custom template named WebApp the certificates are generated. To active directory the certificate revocation list (CRL) is published. From the internet when the users attempt to access the web application, the users report that they received a revocation warning message in their web browser. When the users access the web application from the intranet they do not receive the message. When the users access the web application from internet they don’t not receive this message. To ensure this what should you do?

An Active Directory Forest named contoso.com is contained by your network. An enterprise certification authority (CA) named CA1 is contain by the domain. Isolated physically from the corporate network and the internet you have a test environment. You duplicate the web server template on CA1, and you name the template Web_Cert_test. You need to request a certificate that does not contain the revocation information of CA1 for the web server. What should you do first?

An Active Directory Forest named contoso.com is contained by your network. A single domain is contain by the forest. A server named Server1 is contain by the domain. As a standalone certificate authority (CA) an administrator named admin01 plans to configure server1. To configure server1 as a standalone C you need to identify to which group admin01 must be a member.

There must be the principle of least privilege used by the solution. To which group should Admin01 be added?

An Active Directory Forest named contoso.com is contained by your network. Several domains are contained by the forest. On a server named server1. An administrator named admin01 installs windows server 2016 and then join server1 to the contoso.com domain. As an enterprise certification root authority (CA) admin01 plans to configure server1.

You need to ensure that Admin01 can configure Server1 as an enterprise C.

There must be the principle of least privilege used by the solution. To which group should Admin01 be added?

An enterprise root certification authority (CA) named CA1 is contain by your network. For certificates that will expire in one year multiple computers successfully enroll on the network. On a template named Secure_computer certificates are based. Schema version 2 is used by the template. New certificates based on Secure_computer must be valid for three years. To ensure this what should be done?

What should you do?

A new enterprise certification authority (CA) named CA1 is deployed by you. Based on the User certificate template you plan to issue certificates. The issue certificate are valid for two years and support autoenrollment. To ensure this what should you do first?

An active directory domain named contoso.com is contained by your network. 1000 desktop computers and 500 laptops are contained by the domain. For the desktop computers and the networks an organizational unit (OU) named OU1 contains the computer accounts. A windows PowerShell script named script1.ps1 is created by you that removes temporary files and cookies. A group policy object (GPO) named GPO1 is created by you and then GPO1 is linked to OU1. Only on the laptops once weekly you need to run the script. What should be done?