Examice

Exam AZ-800 All QuestionsBrowse all questions from this exam

Question 140

Your network contains an Active Directory Domain Services (AD DS) domain. The domain contains a user named User1 and the servers shown in the following table.

You need to ensure that User1 can manage only Scope1 and Scope3.

What should you do?

Add User1 to the DHCP Administrators group on Server1 and Server2.

Implement IP Address Management (IPAM).

Add User1 to the DHCP Administrators domain local group.

Implement Windows Admin Center and add connections to Server1 and Server2.

Correct Answer: B

To ensure that User1 can manage only Scope1 and Scope3, the most appropriate solution is to implement IP Address Management (IPAM). IPAM provides the functionality to manage DHCP scopes on a more granular level, allowing specific control over certain scopes without granting full administrative rights over all scopes or servers. This is not achievable through simply adding User1 to the DHCP Administrators group on the servers or the domain, as those actions would give User1 broader control than required. Similarly, implementing Windows Admin Center does not provide the necessary granularity for scope-level management.

Discussion

WISSYWISE

https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn741281(v=ws.11)

WISSYWISEOption: B

https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn741281(v=ws.11)

KrayzrOption: B

IPAM allows for the management of DHCP scopes on a more granular level. By implementing IPAM, you can delegate control over specific DHCP scopes to specific users. In this case, you can delegate control of Scope1 and Scope3 to User1. The other options do not provide the necessary level of granularity. Adding User1 to the DHCP Administrators group on Server1 and Server2 (Option A) or to the DHCP Administrators domain local group (Option C) would give User1 control over all scopes on those servers, not just Scope1 and Scope3. Implementing Windows Admin Center and adding connections to Server1 and Server2 (Option D) would provide a management interface, but it does not inherently limit scope management to specific users.

JimmyCOption: B

Even if you don't know anything about IPAM (or any of the other options frankly), you must be able to see that the other options won't do what you need.

Joedn

Valid 05/28/2024