MCSE Implementing an Advanced Server Infrastructure

Here you have the best Microsoft 70-414 practice exam questions

  • You have 171 total questions to study from
  • Each page has 5 questions, making a total of 35 pages
  • You can navigate through the pages using the buttons at the bottom
  • This questions were last updated on November 1, 2025
  • This site is not affiliated with or endorsed by Microsoft.
Question 1 of 171
Your network contains an Active Directory domain named contoso.com. The network contains a server named Server1 that runs Windows Server 2012. Server1 has the Active Directory Certificate Services server role installed. Server1 is configured as an offline standalone root certification authority (CA).
You install the Active Directory Certificate Services server role on Server2 and configure the server as an enterprise subordinate CA.
You need to ensure that the certificate issued to Server2 is valid for 10 years.
What should you do first?
    Correct Answer: C

Question 2 of 171
Your company has an office in New York.
Many users connect to the office from home by using the Internet.
You deploy an Active Directory Certificate Services (AD CS) infrastructure that contains an enterprise certification authority (CA) named CA1. CA1 is only available from hosts on the internal network.
You need to ensure that the certificate revocation list (CRL) is available to all of the users.
What should you do? (Each correct answer presents part of the solution. Choose all that apply.)
    Correct Answer: D, F

Question 3 of 171
HOTSPOT -
Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. The forest contains two servers.
The servers are configured as shown in the following table.
Exam 70-414: Question 3 - Image 1
You prepare the forest to support Workplace Join and you enable the Device Registration Service (DRS) on Server1.
You need to ensure that Workplace Join meets the following requirements:
✑ Application access must be based on device claims.
✑ Users who attempt to join their device to the workplace through Server2 must be prevented from locking out their Active Directory account due to invalid credentials.
Which cmdlet should you run to achieve each requirement? To answer, select the cmdlet for each requirement in the answer area.
Hot Area:
Exam 70-414: Question 3 - Image 2
    Correct Answer:
    Exam 70-414: Question 3 - Image 3
Question 4 of 171
Your network contains the following roles and applications:
✑ Microsoft SQL Server 2012
✑ Distributed File System (DFS) Replication
✑ Active Directory Domain Services (AD DS)
✑ Active Directory Rights Management Services (AD RMS)
✑ Active Directory Lightweight Directory Services (AD LDS)
You plan to deploy Active Directory Federation Services (AD FS).
You need to identify which deployed services or applications can be used as attribute stores for the planned AD FS deployment.
What should you identify? (Each correct answer presents a complete solution. Choose all that apply.)
    Correct Answer: C, D, E

Question 5 of 171
Your company has 10,000 users located in 25 different sites.
All servers run Windows Server 2012. All client computers run either Windows 7 or Windows 8.
You need to recommend a solution to provide self-service password reset for all of the users.
What should you include in the recommendation?
    Correct Answer: A