Get a complete hold on 70-413 exam syllabus through Lead2pass training and boost up your skills. No need to hassle if you are stuck in exam difficulties, Lead2pass will assist you right through exam specific preparation material. Lead2pass delivers the most comprehensive preparation material, covering each and every aspect of 70-413 exam curriculum.
QUESTION 121
Your network contains an Active Directory domain named contoso.com.
The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement
Solution: You set the ISATAP State to state disabled.
Does this meet the goal?
A. Yes
B. No
Answer: B
QUESTION 122
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable split tunneling.
Does this meet the goal?
A. Yes
B. No
Answer: B
QUESTION 123
Your network contains an Active Directory domain named contoso.com.
The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8.
Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: A
QUESTION 124
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8. The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the VPN enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: B
QUESTION 125
Your network contains an Active Directory domain named contoso.com.
The domain contains three VLANs. The VLANs are configured as shown in the following table.
All client computers run either Windows 7 or Windows 8. The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Answer: B
QUESTION 126
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server server role installed.
You configure Server1 as part of a Network Access Protection (NAP) solution that uses the 802.lx enforcement method,
You add a new switch to the network and you configure the switch to use 802.lx authentication. You need to ensure that only compliant client computers can access network resources through the new switch.
What should you do on Server1?
A. Add the IP address of each new switch to a remediation server group.
B. Add the IP address of each new switch to the list of RADIUS clients.
C. Add the IP address of each new switch to a connection request policy as an Access Client IPv4 Address.
D. Add the IP address of each new switch to a remote RADIUS server group.
Answer: B
QUESTION 127
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain has a certification authority (CA).
You create four certificate templates.
The templates are configured as shown in the following table:
You install the Remote Access server role in the domain.
You need to configure DirectAccess to use one-time password (OTP) authentication.
What should you do?
To answer, select the appropriate options in the answer area,
Answer:
QUESTION 128
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
The domain contains five servers. The servers are configured as shown in the following table.
You plan to implement Network Access Protection (NAP) with IPSec enforcement on all client computers.
You need to identify on which servers you must perform the configurations for the NAP deployment.
Which servers should you identify?
To answer, drag the appropriate servers to the correct actions. Each server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
QUESTION 129
Your network contains an Active Directory domain. All servers run Windows Server 2012 R2.
The domain contains the servers shown in the following table.
You need to recommend which servers will benefit most from implementing data deduplication.
Which servers should you recommend?
A. Server1 and Server2
B. Server1 and Server3
C. Server1 and Server4
D. Server2 and Server3
E. Server2 and Server4
F. Server3 and Server4
Answer: D
QUESTION 130
Your network contains an Active Directory forest named adatum.com. All domain controllers run Windows Server 2008 R2. The functional level of the domain and the forest is Windows Server 2008.
You deploy a new Active Directory forest named contoso.com. All domain controllers run Windows Server 2012 R2. The functional level of the domain and the forest is Windows Server 2012 R2.
You establish a two-way, forest trust between the forests. Both networks contain member servers that run either Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 or Windows Server 2008.
You plan to use the Active Directory Migration Tool 3.2 (ADMT 3.2) to migrate user accounts from adatum.com to contoso.com. SID history will be used in contoso.com and passwords will be migrated by using a Password Export Server (PES).
You need to recommend which changes must be implemented to support the planned migration.
Which two changes should you recommend?
Each correct answer presents part of the solution.
A. In the contoso.com forest, deploy a domain controller that runs Windows Server 2008 R2.
B. In the adatum.com forest, upgrade the functional level of the forest and the domain.
C. In the contoso.com forest, downgrade the functional level of the forest and the domain.
D. In the adatum.com forest, deploy a domain controller that runs Windows Server 2012 R2.
Answer: AC
70-413 exam is worth challenging task but you should not feel hesitant against the confronting difficulties. Get a complete hold on 70-413 exam syllabus through Lead2pass training and boost up your skills. No need to hassle if you are stuck in exam difficulties, Lead2pass will assist you right through exam specific preparation material. Lead2pass delivers the most comprehensive preparation material, covering each and every aspect of 70-413 exam curriculum.