Download Identity with Windows Server 2016.70-742.TestKing.2018-08-07.109q.tqb
| Vendor: | Microsoft |
| Exam Code: | 70-742 |
| Exam Name: | Identity with Windows Server 2016 |
| Date: | Aug 07, 2018 |
| File Size: | 2 MB |
How to open TQB files?
Files with TQB (Taurus Question Bank) extension can be opened by Taurus Exam Studio.
Purchase
Coupon: TAURUSSIM_20OFF
Discount: 20%
Demo Questions
Question 1
Note: This question is part of a series of questions that use the same scenario. For you convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
You work for a company named Contoso, Ltd.
The network contains an Active Directory forest named contoso.com. A forest trust exists between contoso.com and an Active Directory forest named adatum.com.
The contoso.com forest contains the objects configured as shown in the following table.
Group1 and Group2 contain only user accounts.
Contoso hires a new remote user named User3. User3 will work from home and will use a computer named Computer3 that runs Windows 10. Computer3 is currently in a workgroup.
An administrator named Admin1 is a member of the Domain Admins group in the contoso.com domain.
From Active Directory Users and Computers, you create an organizational unit (OU) named OU1 in the contoso.com domain, and then you create a contact named Contact1 in OU1.
An administrator of the adatum.com domain runs the Set-ADUser cmdlet to configure a user named User1 to have a user logon name of [email protected].
End of repeated scenario.
You need to ensure that User2 can add Group4 as a member of Group5.
What should you modify?
- the group scope of Group5
- the Managed By settings of Group4
- the group scope of Group4
- the Managed By settings of Group5
Correct answer: D
Question 2
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
You work for a company named Contoso, Ltd.
The network contains an Active Directory forest named contoso.com. A forest trust exists between contoso.com and an Active Directory forest named adatum.com.
The contoso.com forest contains the objects configured as shown in the following table.
Group1 and Group2 contain only user accounts.
Contoso hires a new remote user named User3. User3 will work from home and will use a computer named Computer3 that runs Windows 10. Computer3 is currently in a workgroup.
An administrator named Admin1 is a member of the Domain Admins group in the contoso.com domain.
From Active Directory Users and Computers, you create an organizational unit (OU) named OU1 in the contoso.com domain, and then you create a contact named Contact1 in OU1.
An administrator of the adatum.com domain runs the Set-ADUser cmdlet to configure a user named User1 to have a user logon name of [email protected].
End or repeated scenario.
You need to ensure that Admin1 can add Group2 as a member of Group3.
What should you modify?
- Modify the Security settings of Group3.
- Modify the group scope of Group3.
- Modify the group type of Group3.
- Set Admin1 as the manager of Group3.
Correct answer: B
Explanation:
A domain local group (group2) can only be a member of another domain local group. Therefore, we need to change the scope of Group3 from Universal to Domain Local. A domain local group (group2) can only be a member of another domain local group. Therefore, we need to change the scope of Group3 from Universal to Domain Local.
Question 3
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit.
The relevant users and client computer in the domain are configured as shown in the following table.
End of repeated scenario.
You are evaluating what will occur when you block inheritance on OU4.
Which GPO or GPOs will apply to User1 when the user signs in to Computer1 after block inheritance is configured?
- A1, A5, and A6
- A3, A1, A5, and A7
- A3 and A7 only
- A7 only
Correct answer: D
Question 4
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit.
The relevant users and client computer in the domain are configured as shown in the following table.
End of repeated scenario.
You are evaluating what will occur when you disable the Group Policy link for A6.
Which GPOs will apply to User2 when the user signs in to Computer1 after the link for A6 is disabled?
- A1 and A5 only
- A3, A1, and A5 only
- A3, A1, A5, and A4 only
- A3, A1, A5, and A7
Correct answer: C
Question 5
Your network contains an Active Directory forest named contoso.com.
You have an Active Directory Federation Services (AD FS) farm. The farm contains a server named Server1 that runs Windows Server 2012 R2.
You add a server named Server2 to the farm. Server2 runs Windows Server 2016.
You remove Server1 from the farm.
You need to ensure that you can use role separation to manage the farm.
Which cmdlet should you run?
- Set-AdfsFarmInformation
- Update-AdfsRelyingPartyTrust
- Set-AdfsProperties
- Invoke-AdfsFarmBehaviorLevelRaise
Correct answer: D
Question 6
Your network contains an Active Directory forest named contoso.com. The forest contains a member server named Server1 that runs Windows Server 2016. Server1 is located in the perimeter network.
You install the Active Directory Federation Services server role on Server1. You create an Active Directory Federation Services (AD FS) farm by using a certificate that has a subject name of sts.contoso.com.
You need to enable certificate authentication from the Internet on Server1.
Which two inbound TCP ports should you open on the firewall? Each correct answer presents part of the solution.
- 389
- 443
- 3389
- 8531
- 49443
Correct answer: BE
Question 7
You have a server named Server1 that runs Windows Server 2016.
You need to configure Server1 as a Web Application Proxy.
Which server role or role service should you install on Server1?
- Remote Access
- Active Directory Federation Services
- Web Server (IIS)
- DirectAccess and VPN (RAS)
- Network Policy and Access Services
Correct answer: A
Question 8
Your network contains an Active Directory forest named contoso.com
Your company plans to hire 500 temporary employees for a project that will last 90 days.
You create a new user account for each employee. An organizational unit (OU) named Temp contains the user accounts for the employees.
You need to prevent the new users from accessing any of the resources in the domain after 90 days.
What should you do?
- Run the Get-ADUser cmdlet and pipe the output to the Set-ADUser cmdlet.
- Create a group that contains all of the users in the Temp OU. Create a Password Setting object (PSO) for the new group.
- Create a Group Policy object (GPO) and link the GPO to the Temp OU. Modify the Password Policy settings of the GPO.
- Run the GET-ADOrganizationalUnit cmdlet and pipe the output to the Set-Date cmdlet.
Correct answer: A
Question 9
Your network contains an Active Directory forest. The forest contains two domains named litwarenc.com and contoso.com. The contoso.com domain contains two domains controllers named LON-DC01 and LON-DC02. The domain controllers are located in a site named London that is associated to a subnet of 192.168.10.0/24
You discover that LON-DC02 is not a global catalog server.
You need to configure LON-DC02 as a global catalog server.
What should you do?
- From Active Directory Sites and Services, modify the properties of the 192.168.10.0/24 IP subnet.
- From Windows PowerShell, run the Set-NetNatGlobal cmdlet.
- From Active Directory Sites and Services, modify the NTDS Settings object of LON-DC02.
- From Windows PowerShell, run the Enable-ADOptionalFeature cmdlet.
Correct answer: C
Question 10
Your network contains an Active Directory domain named contoso.com. The domain functional level is Windows Server 2012 R2.
You need to secure several high-privilege user accounts to meet the following requirements:
- Prevent authentication by using NTLM.
- Use Kerberos to verify authentication request to any resources.
- Prevent the users from signing in to a client computer if the computer is disconnected from the domain.
What should you do?
- Create a universal security group for the user accounts and modify the Security settings of the group.
- Add the users to the Windows Authorization Access Group group.
- Add the user to the Protected Users group.
- Create a separate organizational unit (OU) for the user accounts and modify the Security settings of the OU.
Correct answer: C
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
HOW TO OPEN VCEX FILES
Use ProfExam Simulator to open VCEX files
ProfExam at a 20% markdown
You have the opportunity to purchase ProfExam at a 20% reduced price
Get Now!