Microsoft 70-413 Exam Questions

Question 6 of 331

Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
Exam 70-413: Question 6 - Image 1

All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?

Yes

Correct Answer: B

Question 7 of 331

Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server server role installed.
You configure Server1 as part of a Network Access Protection (NAP) solution that uses the 802.lx enforcement method,
You add a new switch to the network and you configure the switch to use 802.lx authentication.
You need to ensure that only compliant client computers can access network resources through the new switch.
What should you do on Server1?

Add the IP address of each new switch to a remediation server group.

Add the IP address of each new switch to the list of RADIUS clients.

Add the IP address of each new switch to a connection request policy as an Access Client IPv4 Address.

Add the IP address of each new switch to a remote RADIUS server group.

Correct Answer: B

Question 8 of 331

Your network contains an Active Directory domain named contoso.com.
Your company has 100 users in the sales department. Each sales user has a domain-joined laptop computer that runs either Windows 7 or Windows 8. The sales users rarely travel to the company's offices to connect directly to the corporate network.
You need to recommend a solution to ensure that you can manage the sales users' laptop computers when the users are working remotely.
What solution should you include in the recommendation?

Deploy the Remote Access server role on a server on the internal network.

Deploy the Network Policy and Access Services server role on a server on the internal network.

Deploy a Microsoft System Center 2012 Service Manager infrastructure.

Deploy a Microsoft System Center 2012 Operations Manager infrastructure.

Correct Answer: A

Question 9 of 331

HOTSPOT -
Your network contains an Active Directory domain named contoso.com.
The domain has a certification authority (CA). You create four certificate templates. The templates are configured as shown in the following table:
Exam 70-413: Question 9 - Image 1

You install the Remote Access server role in the domain.
You need to configure DirectAccess to use one-time password (OTP) authentication.
What should you do? To answer, select the appropriate options in the answer area.
Hot Area:
Exam 70-413: Question 9 - Image 2

Correct Answer:

Question 10 of 331

DRAG DROP -
Your company plans to deploy a remote access solution to meet the following requirements:
✑ Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
✑ Ensure that client computers that run Windows Vista or earlier can connect remotely.
✑ Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements.
Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area. Each solution may be used once, more than once, or not at all.
Additionally, you may need to drag the split bar between panes or scroll to view content.
Select and Place:
Exam 70-413: Question 10 - Image 1

Correct Answer:

Note:
*Direct is supported in Windows 7 and newer so second answer is not correct it should be L2TP VPN.
* DirectAccess, introduced in the Windows 7 and Windows Server 2008 R2 operating systems, allows remote users to securely access enterprise shares, web sites, and applications without connecting to a virtual private network (VPN).
* Both L2TP and IPsec must be supported by both the VPN client and the VPN server. Client support for L2TP is built in to the Windows Vistaֲ® and Windows XP remote access clients, and VPN server support for L2TP is built in to members of the Windows Serverֲ® 2008 and Windows Server 2003 family.
* Secure Socket Tunneling Protocol (SSTP) is a form of VPN tunnel that provides a mechanism to transport PPP or L2TP traffic through an SSL 3.0 channel. SSL provides transport-level security with key-negotiation, encryption and traffic integrity checking. The use of SSL over TCP port 443 allows SSTP to pass through virtually all firewalls and proxy servers. Exam 70-413: Question 10 - Image 2