Question 6 of 58

Your network contains an Active Directory forest named adatum.com. All domain controllers run Windows Server 2008 R2. The functional level of the domain and the forest is Windows Server 2008.

You deploy a new Active Directory forest named contoso.com. All domain controllers run Windows Server 2012 R2. The functional level of the domain and the forest is Windows Server 2012 R2.

You establish a two-way, forest trust between the forests. Both networks contain member servers that run either Windows Server 2012 R2, Windows Server 2012,

Windows Server 2008 R2 or Windows Server 2008.

You plan to use the Active Directory Migration Tool 3.2 (ADMT 3.2) to migrate user accounts from adatum.com to contoso.com. SID history will be used in contoso.com and passwords will be migrated by using a Password Export Server (PES).

You need to recommend which changes must be implemented to support the planned migration.

Which two changes should you recommend? Each correct answer presents part of the solution.

    Correct Answer: A, D

    To use the Active Directory Migration Tool (ADMT) 3.2 and the Password Export Server (PES) for migrating user accounts and passwords from adatum.com to contoso.com, specific compatibility requirements must be met. One requirement is that ADMT 3.2 can only be installed on a domain controller running Windows Server 2008 R2. Therefore, in the contoso.com forest, a domain controller that runs Windows Server 2008 R2 must be deployed. Additionally, to facilitate the migration and ensure compatibility with the PES, a domain controller running Windows Server 2012 R2 must be deployed in the adatum.com forest as well. This ensures that the necessary infrastructure is in place to support the migration process and maintain functionality across both forests.

Question 7 of 58

Your company has a main office and four branch offices. The main office is located in London.

The network contains an Active Directory domain named contoso.com. The network is configured as shown in the exhibit. (Click the Exhibit tab.)

Each office contains several servers that run Windows Server 2012.

In each branch office, you plan to deploy an additional 20 servers that will run Windows Server 2012. Some of the servers will have a Server Core Installation of

Windows Server 2012.

You identify the following requirements for the deployment of the new servers:

✑ Operating system images must be administered centrally.

✑ The operating system images must be deployed by using PXE.

✑ The WAN traffic caused by the deployment of each operating system must be minimized.

You need to recommend a solution for the deployment of the new servers.

What should you recommend?

Exhibits -

    Correct Answer: A

    Deploying Windows Deployment Services (WDS) in each office and replicating the images using Distributed File System (DFS) Replication is the best solution for the following reasons: First, WDS allows for centralized administration of operating system images, which addresses the requirement that operating system images must be centrally administered. Second, by deploying WDS in each office, local servers can distribute the images via PXE, which meets the requirement of deploying images using PXE. Finally, using DFS Replication to replicate images to each office ensures that the initial replication of images does not congest the WAN links, and subsequent deployments in each branch office utilize the local copy of images, minimizing WAN traffic. This approach ensures efficient deployment and management, meeting all the specified requirements.

Question 8 of 58

Your network contains an Active Directory domain named contoso.com. The physical topology of the network is configured as shown in the exhibit.

Each office contains 500 employees.

You plan to deploy several domain controllers to each office.

You need to recommend a site topology for the planned deployment.

What should you include in the recommendation?

More than one answer choice may achieve the goal. Select the BEST answer.

Exhibit -

    Correct Answer: D

    To effectively manage Active Directory replication and authentication traffic, it is recommended to configure separate sites for each physical location where the network connectivity is relatively slow or subject to reliability issues. Given that there are five distinct locations (Washington DC, Boston, Atlanta, New York, and Sydney) with various network speeds between them, it would be prudent to configure five sites—each corresponding to one of these locations. By doing so, users will authenticate against local domain controllers, minimizing traffic over slower WAN links. Additionally, three site links should connect these five sites to accommodate the best possible routes for replication, ensuring efficient and timely updates between domain controllers. Thus, the best site topology for the planned deployment includes five sites and three site links.

Question 9 of 58

Your network contains an Active Directory forest named contoso.com. The forest contains five domains. You need to ensure that the CountryCode attribute is replicated to the global catalog.

What should you do?

    Correct Answer: A

    To ensure that the CountryCode attribute is replicated to the global catalog, you need to modify the schema partition. The schema partition contains the definitions for all attributes and object classes within the Active Directory forest. By modifying the schema to include the CountryCode attribute for replication, you ensure this attribute is available in the global catalog. This process involves the Active Directory Schema snap-in and requires schema admin rights to implement the change.

Question 10 of 58

Your company has three offices. The offices are located in Montreal, Toronto, and Vancouver.

The network contains two Active Directory forests named contoso.com and adatum.com. The contoso.com forest contains one domain. The adatum.com forest contains two domains. All of the servers in adatum.com are located in the Toronto office. The servers in contoso.com are located in the Montreal and Vancouver offices. All of the servers in both of the forests run Windows Server 2012 R2.

A two-way, forest trusts exists between the forests.

Each office contains DHCP servers and DNS servers.

You are designing an IP Address Management (IPAM) solution to manage the network.

You need to recommend a solution for the placement of IPAM servers to manage all of the DHCP servers and all of the DNS servers in both of the forests. The solution must minimize the number of IPAM servers deployed.

What should you recommend?

    Correct Answer: B

    To manage DHCP and DNS servers across multiple forests efficiently, we need to minimize the number of IPAM servers while ensuring all servers are covered. Since the Toronto office contains servers from adatum.com and the other offices, Montreal and Vancouver, contain servers from contoso.com, placing one IPAM server in the Montreal office and one in the Toronto office ensures that we can manage all DHCP and DNS servers in both forests. This setup leverages a centralized approach by having minimal IPAM servers, thus reducing complexity and resource requirements.