Question 6 of 337
Your company has three offices. The offices are located in New York, Chicago, and Atlanta.
The network contains an Active Directory domain named contoso.com that has three Active Directory sites named Site1, Site2, and Site3. The New York office is located in Site1. The Chicago office is located in Site2. The Atlanta office is located in Site3. There is a local IT staff to manage the servers in each site. The current domain controllers are configured as shown in the following table.
Exam 70-413: Question 6 - Image 1
The company plans to open a fourth office in Montreal that will have a corresponding Active Directory site. Because of budget cuts, a local IT staff will not be established for the Montreal site.
The Montreal site has the following requirements:
✑ Users must be able to authenticate locally.
Users must not have the ability to log on to the domain controllers.
Exam 70-413: Question 6 - Image 2
✑ Domain account passwords must not be obtained from servers in the Montreal site.
✑ Network bandwidth between the Montreal site and the other sites must be minimized.
✑ Users in the Montreal office must have access to applications by using Remote Desktop Services (RDS).
You need to recommend a solution for the servers in the Montreal site.
What should you recommend?
Correct Answer: F

Question 7 of 337
Your network contains 50 servers that run Windows Server 2008 Service Pack 2 (SP2) and 50 servers that run Windows Server 2008 R2.
You plan to implement Windows Server 2012 R2.
You need to create a report that includes the following information:
✑ The servers that run applications and services that can be moved to Windows Server 2012 R2
The servers that have hardware that can run Windows Server 2012 R2
Exam 70-413: Question 7 - Image 1
✑ The servers that are suitable to be converted to virtual machines hosted on Hyper-V hosts that run Windows Server 2012 R2
Solution: You install Windows Server 2012 R2 on a new server, and then you run the Windows Server Migration Tools. Does this meet the goal?
Correct Answer: B

Question 8 of 337
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement
Solution: You set the ISATAP State to state disabled.
Does this meet the goal?
Correct Answer: B

Question 9 of 337
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable split tunneling.
Does this meet the goal?
Correct Answer: B

Question 10 of 337
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
Exam 70-413: Question 10 - Image 1
All client computers run either Windows 7 or Windows 8.
Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1.
The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.
Does this meet the goal?
Correct Answer: A

The goal is to ensure that only client computers with all required security updates installed can access VLAN 1, and all other client computers are redirected to VLAN 3. Implementing the 802.1x Network Access Protection (NAP) enforcement method meets this requirement. 802.1x NAP can be used for both wired and wireless connections and supports VLAN remediation. This means it can ensure compliant machines access the appropriate VLAN while non-compliant ones are redirected to another VLAN, satisfying the conditions stated in the question.