Microsoft Server Infrastructure 070-413 exam dumps, free practical effective 070-413 Practice test

Softwaregeneralist updates free and effective exam dumps throughout the year, with all exam content coming from Pass4itsure experts,
the latest Microsoft Server Infrastructure 070-413 Exam Dumps. download the 070-413 PDF Online to help you open the certification gate
and get the Microsoft 070-413 exam certificate by exam Select: https://www.pass4itsure.com/070-413.html VCE dump or PDF Dumps (Q&As:245 latest update)

[PDF] Free Microsoft Server Infrastructure 070-413 dumps download from Google Drive:
https://drive.google.com/open?id=1jrcsCxPaUMIk8DDt3XhR4OuCCTgwQHcR

[PDF] Free Full Microsoft dumps download from Google Drive:
https://drive.google.com/open?id=1gdQrKIsiLyDEsZ24FxsyukNPYmpSUDDO

Exam 70-413: Designing and Implementing a Server Infrastructure:
https://www.microsoft.com/en-us/learning/exam-70-413.aspx

Pass4itsure offers the latest Microsoft Server Infrastructure 070-413 practice test free of charge (40Q&As)

QUESTION 1
A company has a line-of-business application named Appl that runs on an internal IIS server. Appl uses a SQL Server 2008 database that is hosted on the same server. You move the database to a dedicated SQL Server named SQL1. Users
report that they can no longer access the application by using their domain credentials. You need to ensure that users can access Appl.
Solution: You configure App1 and SQL1 to use NTLM authentication. Then you restart the IIS and SQL Server services.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Explanation
Explanation/Reference:
Explanation: We would need to map the Windows Identity to a SQL Server database as well.
Note: NTLM authentication is also known as integrated Windows authentication. If your application runs on a Windows-based intranet, you might be able to use Windows integrated authentication for database access. Integrated security uses
the current Windows identity established on the operating system thread to access the SQL Server database. You can then map the Windows identity to a SQL Server database and permissions.
Reference: How to: Access SQL Server Using Windows Integrated Security
https://msdn.microsoft.com/en-us/library/bsz5788z(v=vs.100).aspx

QUESTION 2
You manage a server infrastructure for a software development company. There are 30 physical servers distributed across 4 subnets, and one Microsoft Hyper-V cluster that can run up to 100 virtual machines (VMs). You configure the
servers to receive the IP address from a DHCP server named SERVER1 that runs Microsoft Windows Server 2012 R2. You assign a 30-day duration to all DHCP leases.
Developers create VMs in the environment to test new software. They may create VMs several times each week.
Developers report that some new VMs cannot acquire IP address. You observe that the DHCP scope is full and delete non-existent devices manually. All physical servers must keep their current DHCP lease configuration.
You need to ensure that the DHCP lease duration for VMs is 8 hours.
What should you configure?
A. 4 server-level Allow filters
B. 1 server-level DHCP policy
C. 1 scope-level DHCP policy
D. 4 scope-level exclusion ranges
Correct Answer: B
Explanation
Explanation/Reference:
Explanation: We should use a server level DHCP policy as they apply to all DHCP clients.
Note: Polices can apply at the server level or the scope level. Server level policies are processed for all DHCP client requests received by the server. Scope level policies are processed only for DHCP client requests that apply to a specific
scope.
Reference: Introduction to DHCP Policies
https://technet.microsoft.com/en-us/library/dn425039.aspx

QUESTION 3
Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Windows Server 2008 R2 or Windows Server 2012.
All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.
All client computers receive IP addresses by using DHCP.
You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:
Verify whether the client computers have up-to-date antivirus software. Provides a warning to users who have virus definitions that are out-of-date. Ensure that client computers that have out-of-date virus definitions can connect to the
network.
Which NAP enforcement method should you recommend?
A. DHCP
B. IPSec
C. VPN
D. 802.1x
Correct Answer: A
Explanation
Explanation/Reference:
NAP enforcement for DHCP
DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS).
Using DHCP enforcement, DHCP servers and NPS can enforce health policy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise
configured to circumvent the use of DHCP, this enforcement method is not effective.
Note: The NAP health policy server can use a health requirement server to validate the health state of the NAP client or to determine the current version of software or updates that need to be installed on the NAP client.
Reference: NAP Enforcement for DHCP
http://technet.microsoft.com/en-us/library/cc733020(v=ws.10).aspx

QUESTION 4
Your network contains an Active Directory domain.
You plan to implement a remote access solution that will contain three servers that run Windows Server 2012. The servers will be configured as shown in the following table.
pass4itsure 070-413 question
Server1 will support up to 200 concurrent VPN connections.
You need to ensure that all VPN connection requests are authenticated and authorized by either Server2 or Server3. The solution must ensure that the VPN connections can be authenticated if either Server2 or Server3 fails.
What should you do?
A. On Server1, configure a RADIUS proxy. On Server2 and Server3, add a RADIUS client.
B. On Server2 and Server3, add a RADIUS client. On Server1, modify the Authentication settings.
C. On Server1, configure a RADIUS proxy. Add Server2 and Server3 to a failover cluster.
D. Add Server2 and Server3 to a Network Load Balancing (NLB) cluster. On Server1, modify the Authentication settings.
Correct Answer: B
Explanation
Explanation/Reference:
* A network access server (NAS) is a device that provides some level of access to a larger network. A NAS using a RADIUS infrastructure is also a RADIUS client, sending connection requests and accounting messages to a RADIUS server
for authentication, authorization, and accounting.
* Client computers, such as wireless portable computers and other computers running client operating systems, are not RADIUS clients. RADIUS clients are network access servers–such as wireless access points, 802.1X-capable switches,
virtual private network (VPN) servers, and dial-up servers–because they use the RADIUS protocol to communicate with RADIUS servers such as Network Policy Server (NPS) servers.
Reference: RADIUS Client
http://technet.microsoft.com/en-us/library/cc754033.aspx

QUESTION 5
Your network contains an Active Directory domain named contoso.com.
The domain contains the organization units (OUs) configured as shown in the following table.
pass4itsure 070-413 question
Users and computers at the company change often.
You create a Group Policy object (GPO) named GPO6. GPO6 contains user settings.
You need to ensure that GPO6 applies to users when they log on to the kiosk computers only. The solution must minimize administrative effort.
What should you do?
A. Link GPO6 to OU4 and configure loopback processing in GPO6.
B. Link GPO6 to OU1 and configure WMI filtering on GPO3.
C. Link GPO6 to OU1 and configure loopback processing in GPO6.
D. Link GPO6 to OU1 and configure loopback processing in GPO5.
Correct Answer: A
Explanation
Explanation/Reference:
Explanation: Group Policy applies to the user or computer in a manner that depends on where both the user and the computer objects are located in Active Directory. However, in some cases, users may need policy applied to them based on
the location of the computer object alone. You can use the Group Policy loopback feature to apply Group Policy Objects (GPOs) that depend only on which computer the user logs on to.

QUESTION 6
Your network contains an Active Directory forest. The forest contains a single domain. The forest has five Active Directory sites. Each site is associated to two subnets.
You add a site named Site6 that contains two domain controllers. Site6 is associated to one subnet.
You need to verify whether replication to the domain controllers in Site6 completes successfully.
Which two possible commands can you use to achieve the goal? Each correct answer presents a complete solution.
A. Get-ADReplicationSubnet
B. Get-ADReplicationUpToDatenessVectorTable
C. repadmin /showattr
D. Get-ADReplicationSite1ink
E. repadmin /showrepl
Correct Answer: BE
Explanation
Explanation/Reference:
Explanation: B: The Get-ADReplicationUpToDatenessVectorTable cmdlet displays the highest Update Sequence Number (USN) for the specified domain controller(s). This information shows how up-to-date a replica is with its replication
partners. During replication, each object that is replicated has USN and if the object is modified, the USN is incremented. The value of the USN for a given object is local to each domain controller where it has replicated are number is different
on each domain controller.
E: The repadmin /showrepl command helps you understand the replication topology and replication failures. It reports status for each source domain controller from which the destination has an inbound connection object. The status report is
categorized by directory partition.

QUESTION 7
You have a Windows Server 2012 R2 failover cluster that contains four nodes. The cluster has Dynamic Optimization enabled. You deploy three highly available virtual machines to the cluster by using System Center 2012 R2 Virtual Machine
Manager (VMM).
You need to prevent Dynamic Optimization from placing any of the three virtual machines in the same node.
What should you do?
A. From the Virtual Machine Manager console, modify the Compatibility settings in the Hardware Configuration properties of the virtual machines.
B. Set the Priority property of the virtual machine cluster role.
C. From the Virtual Machine Manager console, modify the Servicing Windows settings of the virtual machines.
D. From the Virtual Machine Manager console, modify the Availability settings in the Hardware Configuration properties of the virtual machines.
Correct Answer: D
Explanation

QUESTION 8
Your network contains on Active Directory domain named adatum.com.
An administrator plans to delegate control of custom tasks on several organizational units (OUs).
You need to ensure that the custom tasks appear in the list of tasks that can be delegated from the Delegation of Control Wizard.
What should you do?
A. Configures custom MMC console.
B. Add a new class to the Active Directory schema.
C. Configure a new authorization store by using Authorization Manager.
D. Modify the Delegwiz.inf file.
Correct Answer: D
Explanation

QUESTION 9
Your network contains an Active Directory domain named contoso.com. The domain contains three Active Directory sites. The Active Directory sites are configured as shown in the following table.
pass4itsure 070-413 question
Site link name Connected sites
You need to design the Active Directory site topology to meet the following requirements:
Ensure that all replication traffic between Site2 and Site3 replicates through Site1 if a domain controller in Site1 is available.
Ensure that the domain controllers between Site2 and Site3 can replicate if all of the domain controllers in Site1 are unavailable.
What should you do?
A. Delete Link1.
B. Delete Link2.C. Delete Link3.
D. Disable site link bridging.
E. Create one site link bridge.
F. Modify the cost of Link2.
G. Create one SMTP site link between Site2 and Site3.
H. Create one SMTP site link between Site1 and Site3. Create one SMTP site link between Site1 and Site2.
Correct Answer: F
Explanation
Explanation/Reference:
Explanation: The cost setting on a site link object determines the likelihood that replication occurs over a particular route between two site. Replication routes with the lowest cumulative cost are preferred.
Incorrect:
Not B: If we delete Link2 we would not be able to use this redundant link if another link goes down.
Reference: Configure the Site Link Cost to Establish a Priority for Replication Routing
https://technet.microsoft.com/en-us/library/cc794882(v=ws.10).aspx

QUESTION 10
Your company has a main office and a branch office.
The main office and Two The branch office
main office contains 25000 users.
The branch office contains 1800 users in each
Each office contains two IP subnets.
The company plans to deploy an Active Directory forest.
You need to recommend an Active Directory infrastructure to meet the following requirements:
(Remeber these two requirement need help wat & how mny domain site they need)
– Ensure that the users are authenticated by using a domain controller in their respective office.
– Minimize the amount of Active Directory replication traffic between the offices.
Select the BEST answer.
A. Three domains and one site
B. Two domains and one sites
C. One domain and three sites
D. Three domain and Three sites
Correct Answer: D
Explanation

QUESTION 11
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
pass4itsure 070-413 question
All client computers run either Windows 7 or Windows 8.
Goal: You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the 802.1x Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Explanation
Explanation/Reference:
Explanation: NAP supports a variety of what we call enforcement methods. In the NAP space, and enforcement method is simply a term that defines the way a machine connects to a network. In NAP, these are DHCP, 802.1x (wired or
wireless), VPN, IPsec, or via a Terminal Services Gateway.

QUESTION 12
A company has a single-forest and single Active Directory Domain Services (AD DS) domain named Fabrikam.com that runs Windows 2012 Server. The AD DS forest functional level and the domain functional level are both set to Windows
2008 R2. You use IP Address Management (IPAM) as the IP management solution. You have two DHCP Servers named DHCP1 and DHCP2, and one IPAM server named IPAM1.
The company plans to acquire a company named Contoso, Ltd., which has a single-forest and single-domain AD DS named contoso.com. The forest functional level and domain functional level of Contoso.com is set to Windows 2008. All
servers at Contoso run Windows Server 2008. The IP management solution at Contoso is based on a single DHCP server named SERVER3.
pass4itsure 070-413 question
The total number of users in both companies will be 5000.
You have the following requirements:
The solution must be able to allocate up to three IP addresses per user. All IP address leases must be renewed every two days.
You need to ensure that the corresponding servers will have enough capacity to store six years of IP utilization data and eight months of event catalog data.
What should you recommend?
A. Add at least 20 GB of storage to the IPAM server.
B. Migrate Contoso.com to Fabrikam.com.
C. Establish a forest trust between Contoso.com and Fabrikam.com.
D. Upgrade SERVER3 to Windows Server 2012.
Correct Answer: D
Explanation
Explanation/Reference:
Explanation: You can use IPAM to manage DHCP servers running on Windows Server 2008 R2 and above. Here Server3 is running Windows 2008 however, so it needs to be upgraded.
Reference: IPAM managed DHCP server requirements
http://windowsitpro.com/windows-server-2003-end-support/ipam-managed-dhcp-server- requirements

QUESTION 13
This question consists of two statements: One is named Assertion and the other Is named Reason. Both of these statements may be true; both may be false; or one may be true, while the other may be false.
To answer this question, you must first evaluate whether each statement is true on its own. If both statements are true, then you must evaluate whether the Reason (the second statement) correctly explains the Assertion (the first statement).
You will then select the answer from the list of answer choices that matches your evaluation of the two statements.
Assertion:
DHCP failover clustering provides load balancing when you use multiple DHCP servers to distribute IP addresses to the network clients. Clients can renew their IP leases even if some of the DCHP servers become unavailable. DHCP failover
clustering supports stateless and stateful IPv4 and IPv6 IP addresses, as well as DHCP policies and filtering.
Reason:The cluster health monitoring mechanism ensures the fault tolerance of the DHCP service and all configured DHCP settings. It also protects the DHCP database from failures and corruptions.
Evaluate the Assertion and Reason statements and choose the correct answer option.
A. Both the Assertion and Reason are true, and the Reason is the correct explanation for the Assertion
B. Both the Assertion and Reason are true, but the Reason is not the correct explanation for the Assertion.
C. The Assertion is true, but the Reason is false.
D. The Assertion is false, but the Reason is true.
E. Both the Assertion and the Reason are false.
Correct Answer: E
Explanation
Explanation/Reference:
Explanation: * The assertion is false.
DHCP failover cluster does not provide load balancing. It places the DHCP server in a cluster with an additional server configured with the DHCP service that assumes the load if the primary DHCP server fails.
* The reason is false.
The cluster health monitoring mechanism is known as the cluster heartbeat. The heartbeat detects if a cluster node is down, but it does not help in protecting the DHCP databas.

QUESTION 14
You have a Hyper-V host named Hyper1 that has Windows Server 2012 installed. Hyper1 hosts 20 virtual machines.
Hyper1 has one physical network adapter.
You need to implement a networking solution that evenly distributes the available bandwidth on Hyper1 to all of the virtual machines.
What should you modify?
A. The settings of the virtual switch
B. The settings of the virtual network adapter
C. The Quality of Service (QoS) Packet Scheduler settings of the physical network adapter
D. The settings of the legacy network adapter
Correct Answer: A
Explanation

QUESTION 15
Your network contains an Active Directory domain. All servers run Windows Server 2012 R2.
The domain contains the servers shown in the following table.
pass4itsure 070-413 question
You need to recommend which servers will benefit most from implementing data deduplication.
Which servers should you recommend?
A. Server1 and Server2
B. Server1 and Server3
C. Server1 and Server4
D. Server2 and Server3
E. Server2 and Server4
F. Server3 and Server4
Correct Answer: D
Explanation
Explanation/Reference:
Explanation: * Server 2: Data deduplication involves finding and removing duplication within data without compromising its fidelity or integrity. The goal is to store more data in less space by segmenting files into small variable-sized chunks
(32?28 KB), identifying duplicate chunks, and maintaining a single copy of each chunk. Redundant copies of the chunk are replaced by a reference to the single copy. The chunks are compressed and then organized into special container
files in the System Volume Information folder
* Server 3: In Windows Server 2012 R2, Data Deduplication can be installed on a scale-out file server and used to optimize live VHDs for VDI workloads.
Reference: What’s New in Data Deduplication in Windows Server

QUESTION 16
Your network contains an Active Directory forest named contoso.com. The forest is managed by using Microsoft System Center 2012.
You plan to create virtual machine templates to deploy servers by using the Virtual Machine
Manager Self-service Portal (VMMSSP).
To the Virtual Machine Manager (VMM) library, you add a VHD that has a generalized image of Windows Server 2012.
You need to identify which VMM components must be associated with the image.
Which components should you identify? (Each correct answer presents part of the solution.
Choose all that apply.)
A. A guest OS profile
B. A hardware profile
C. A capability profile
D. A host profile
Correct Answer: AB
Explanation
Explanation/Reference:
Profiles
VMM provides the following profiles:
* (A) Guest operating system profile–A guest operating system profile defines operating system configured settings which will be applied to a virtual machine created from the template. It defines common operating system settings such as the
type of operating system, the computer name, administrator password, domain name, product key, and time zone, answer file and run once file.
* (B) Hardware profile–A hardware profile defines hardware configuration settings such as CPU, memory, network adapters, a video adapter, a DVD drive, a floppy drive, COM ports, and the priority given the virtual machine when allocating
resources on a virtual machine host.
Incorrect:
Not D: VMM also includes host profiles. Host profiles are not used for virtual machine creation.
They are used during the conversion of a bare-metal computer to a Hyper-V host.
Reference: Creating Profiles and Templates in VMM Overview
https://technet.microsoft.com/en-us/library/jj860424.aspx

QUESTION 17
Your network contains an internal network and a perimeter network. The internal network contains an Active Directory forest named contoso.com. The forest contains a Microsoft Exchange Server 2010 organization. All of the domain
controllers in contoso.com run Windows Server 2012.
The perimeter network contains an Active Directory forest named litware.com.
You deploy Microsoft Forefront Unified Access Gateway (UAG) to litware.com. All of the domain controllers in litware.com run Windows Server 2012.
Some users connect from outside the network to use Outlook Web App.
You need to ensure that external users can authenticate by using client certificates.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. To the perimeter network, add an Exchange server that has the Client Access server role installed.B. Deploy UAG to contoso.com.
C. Enable Kerberos delegation in litware.com.
D. Enable Kerberos constrained delegation in litware.com.
Correct Answer: D
Explanation
Explanation/Reference:
Explanation: Forefront TMG provides support for Kerberos constrained delegation (often abbreviated as KCD) to enable published Web servers to authenticate users by Kerberos afterForefront TMG verifies their identity by using a non-
Kerberos authentication method. When used in this way, Kerberos constrained delegation eliminates the need for requiring users to provide credentials twice.
Reference: About Kerberos constrained delegation
https://technet.microsoft.com/en-us/library/cc995228.aspx

QUESTION 18
You plan to deploy serverl.child.contoso.com as a read-only domain controller (RODC).
You run the adprep.exe /rodcprep command on DC3 and receive the following error message:
pass4itsure 070-413 question
You need to identify what prevents you from successfully running Adprep /rodcprep on DC3.
What should you identify?
A. The domain functional level of child.contoso.com isset to the wrong level.
B. DC3 cannot connect to the domain naming master on DC1.
C. The forest functional level is set to the wrong level.
D. DC3 cannot connect to the infrastructure master onDC2.
Correct Answer: D
Explanation
Explanation/Reference:
Explanation: Adprep could not contact a replica… This problem occurs when the Adprep /rodcprep command tries to contact the infrastructure master for each application partition in the forest. Reference: Error message when you run the
“Adprep /rodcprep” command in Windows Server 2008: “Adprep could not contact a replica for partition DC=DomainDnsZones,DC=Contoso,DC=com”
https://support.microsoft.com/en-us/kb/949257

QUESTION 19
You are designing an Active Directory forest for a company named Contoso, Ltd. Contoso identifies the following administration requirements for the design:
User account administration and Group Policy administration will be performed by network technicians. The technicians will be added to a group named OUAdmins. IT staff who are responsible for backing up servers will have user accounts
that are members of the Backup Operators group in the domain. All user accounts will be located in an organizational unit (OU) named AllEmployees.
You run the Delegation of Control Wizard and assign the OUAdmins group full control to all of the objects in the AllEmployeesOU.
After delegating the required permissions, you discover that the user accounts of some of the IT staff have inconsistent permissions on the objects in AllEmployees.
You need to recommend a solution to ensure that the members of OUAdmins can manage all of the objects in AllEmployees.
What should you include in the recommendation?
A. Remove the IT staff user accounts from Backup Operators and place them in a new group. Grant the new group the Backup files and directories user right and the Restore files and directories user right. Enforce permission inheritance on
all of the objects in the AllEmployeesOU.
B. Create separate administrator user accounts for the technicians. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Delegate permissions to the new user accounts.
C. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Run the Delegation of Control Wizard.
D. Move the user accounts of the technicians to a separate OU. Enforce permission inheritance on all of the objects in the AllEmployeesOU. Run the Delegation of Control Wizard on the AllEmployeesOU.
Correct Answer: A
Explanation

QUESTION 20
Your network contains two servers named Server1 and Server2 that run Windows Server 2012. Server1 and Server2 have the Hyper-V server role installed and are part of a host group named Group1 in Microsoft System Center 2012 Virtual
Machine Manager (VMM).
Server1 and Server2 have identical hardware, software, and settings.
You configure VMM to migrate virtual machines if the CPU utilization on a host exceeds 65 percent. The current load on the servers is shown following table.
pass4itsure 070-413 question
You start a new virtual machine on Server2 named VM8. VM8 has a CPU utilization of 20 percent.
You discover that none of the virtual machines hosted on Server2 are migrated to Server1.
You need to ensure that the virtual machines hosted on Server2 are migrated to Server1.
What should you modify from the Dynamic Optimization configuration?
A. The Host Reserve threshold
B. The Power Optimization threshold
C. The Aggressiveness level
D. The Dynamic Optimization threshold
Correct Answer: C
Explanation
Explanation/Reference:

QUESTION 21
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
pass4itsure 070-413 question
The domain contains two global groups. The groups are configured as shown in the following table.
pass4itsure 070-413 question
You need to ensure that the RODC is configured to meet the following requirements:
Cache passwords for all of the members of Branch1Users. Prevent the caching of passwords for the members of Helpdesk.
What should you do?
A. Modify the membership of the Denied RODC Password Replication group.
B. Install the BranchCache feature on RODC1.
C. Modify the delegation settings of RODC1.
D. Create a Password Settings object (PSO) for the Helpdesk group.
Correct Answer: A
Explanation
Explanation/Reference:
Explanation: Password Replication Policy Allowed and Denied lists Two new built-in groups are introduced in Windows Server 2008 Active Directory domains to support RODC operations. These are the Allowed RODC Password Replication
Group and Denied RODC Password Replication Group.
These groups help implement a default Allowed List and Denied List for the RODC Password Replication Policy. By default, the two groups are respectively added to the msDS-RevealOnDemandGroup and msDS-NeverRevealGroup Active
Directory attributes.
Reference: Password Replication Policy
https://technet.microsoft.com/en-us/library/cc730883(v=ws.10).aspx

QUESTION 22
Your company plans to hire 100 sales representatives who will work remotely.
Each sales representative will be given a laptop that will run Windows 7. A corporate image of Windows 7 will be applied to each laptop.
While the laptops are connected to the corporate network, they will be joined to the domain. The sales representatives will not be local administrators.
Once the laptops are configured, each laptop will be shipped by courier to a sales representative.
The sales representative will use a VPN connection to connect to the corporate network.
You need to recommend a solution to deploy the VPN settings for the sales representatives. The solution must meet the following requirements:
Ensure that the VPN settings are the same for every sales representative. Ensure that when a user connects to the VPN, an application named App1 starts.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A. VPN auto triggering
B. The Add-VpnConnection cmdlet
C. The Connection Manager Administration Kit (CMAK)
D. Group Policy preferences
Correct Answer: C
Explanation
Explanation/Reference:
Explanation: We can use CMAK to create a connection that starts the Application App1 when the connectioin is established. The latter is achieved through the configuring CMAK “Post-Connect” custom action.
Note : Connection Manager is a client network connection tool that allows a user to connect to a remote network, such as an Internet service provider (ISP), or a corporate network protected by a virtual private network (VPN) server. The
Connection Manager Administration Kit (CMAK) is a tool that you can use to customize the remote connection experience for users on your network by creating predefined connections to remote servers and networks. To create and
customize a connection for your users, you use the CMAK wizard.
Incorrect:
Not B: The Add-VpnConnection cmdlet would be able to establish a connection, but it could not start the App1 application.
Reference: Connection Manager Administration Kit
https://technet.microsoft.com/en-us/library/cc752995.aspx

QUESTION 23
Your network contains an Active Directory domain named contoso.com. The network has an Active Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:
Ensure that the users can encrypt files by using Encrypting File System (EFS). Ensure that all of the users reenroll for their certificate every six months.
Solution: You create a copy of the Basic EFS certificate template, and then you modify the validity period of the copy.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Explanation

QUESTION 24
Your network contains an Active Directory domain. The domain contains 10 file servers. The file servers connect to a Fibre Channel SAN. You plan to implement 20 Hyper-V hosts in a failover cluster.
The Hyper-V hosts will not have host bus adapters (HBAs).
You need to recommend a solution for the planned implementation that meets the following requirements:
The virtual machines must support live migration.
The virtual hard disks (VHDs) must be stored on the file servers.
Which two technologies achieve the goal? Each correct answer presents a complete solution.
A. Cluster Shared Volume (CSV)
B. An NFS share
C. Storage pools
D. SMB 3.0 shares
Correct Answer: CD
Explanation

QUESTION 25
Your network contains an Active Directory forest. The forest contains two Active Directory domains named contoso.com and child.contoso.com. The forest functional level is Windows Server 2003. The functional level of both domains is
Windows Server 2008.
The forest contains three domain controllers. The domain controllers are configured as shown in the following table
pass4itsure 070-413 question
DC1 and DC2 have the DNS Server server role installed and are authoritative for both contoso.com and child.contoso.com.
The child.contoso.com domain contains a server named serverl.child.contoso.com that runs Windows Server 2012.
You plan to deploy server1.child.contoso.com as a read-only domain controller (RODC).You run the adprep.exe /rodcprep command on DC3 and receive the following error message:
pass4itsure 070-413 question
You need to identify what prevents you from successfully running Adprep /rodcprep on DC3.
What should you identify?
A. The domain functional level of child.contoso.com is set to the wrong level.
B. DC3 cannot connect to the infrastructure master on DC2.
C. DC3 cannot connect to the domain naming master on DC1.
D. The forest functional level is set to the wrong level.
Correct Answer: B
Explanation
Explanation/Reference:
Explanation: Adprep could not contact a replica… This problem occurs when the Adprep /rodcprep command tries to contact the infrastructure master for each application partition in the forest.
Reference: Error message when you run the “Adprep /rodcprep” command in Windows Server 2008: “Adprep could not contact a replica for partition DC=DomainDnsZones,DC=Contoso,DC=com”
https://support.microsoft.com/en-us/kb/949257

QUESTION 26
Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following table.
pass4itsure 070-413 question
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the DHCP Network Access Protection (NAP) enforcement method.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Explanation
Explanation/Reference:
Explanation: Implementing DHCP NAP to Enforce WSUS Updates

QUESTION 27
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
You deploy a second System Center 2012 infrastructure in a test environment. You create a service template named Template1 in both System Center 2012 infrastructures.
For self-service users, you create a service offering for Template1. The users create 20 instances of Template1.
You modify Template1 in the test environment. You export the service template to a file named Template1.xml.
You need to ensure that the changes to Template1 can be applied to the existing instances in the production environment.
What should you do when you import the template?
A. Overwrite the current service template.
B. Change the name of the service template.
C. Create a new service template.
D. Change the release number of the service template.
Correct Answer: D
Explanation

QUESTION 28
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
You deploy a service named Service1 by using a service template. Service1 contains two virtual machines. The virtual machines are configured as shown in the following table.
pass4itsure 070-413 question
You need to recommend a monitoring solution to ensure that an administrator can review the availability information of Service1.
Solution: From Operations Manager, you create a Distributed Application and a Service Level Tracking object.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Explanation

QUESTION 29
A company has offices in multiple geographic locations, The sites have high-latency, low- bandwidth connecbons, You need to implement a multiple Windows Deployment Server (WDS) topology for deploying standard client device images to
all sites.
Solution: You install four WDS servers and configure them as load-balanced cluster
Does this meet you goal?
A. YesB. No
Correct Answer: B
Explanation

QUESTION 30
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
Solution: You enable force tunneling.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Explanation
Explanation/Reference:
Explanation: DirectAccess allows connectivity to organizational network resources without the need for traditional virtual private network (VPN) connections.
DirectAccess allows remote users to securely access internal network file shares, Web sites, and applications without connecting to a virtual private network (VPN). An internal network is also known as a private network or intranet.
DirectAccess establishes bi- directional connectivity with an internal network every time a DirectAccess-enabled computer connects to the Internet, even before the user logs on. Users never have to think about connecting to the internal
network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.
Reference: DirectAccess Overview
https://technet.microsoft.com/en-us/library/dd759144.aspx

QUESTION 31
Your company, which is named Contoso, Ltd., has a main office and two branch offices. The main office is located in North America. The branch offices are located in Asia and Europe.
You plan to design an Active Directory forest and domain infrastructure.
You need to recommend an Active Directory design to meet the following requirements:
* The contact information of all the users in the Europe office must not be visible to the users in the other offices.
* The administrators in each office must be able to control the user settings and the computer settings of the users in their respective office.
The solution must use the least amount of administrative effort.
What should you include in the recommendation?
A. One forest that contains three domains
B. Three forests that each contain one domain
C. Two forests that each contain one domain
D. One forest that contains one domain
Correct Answer: D
Explanation
Explanation/Reference:
Explanation: The most basic of all Active Directory structures is the single domain model; this type of domain structure comes with one major advantage over the other models:
simplicity. A single security boundary defines the borders of the domain, and all objects are located within that boundary. The establishment of trust relationships between other domains is not necessary, and implementation of technologies
such as Group Policies is made easier by the simple structure.

QUESTION 32
Your network contains an Active Directory forest that has two domains named contoso.com and europe.contoso.com. The forest contains five servers. The servers are configured as shown in the following table.
pass4itsure 070-413 question
You plan to manage the DHCP settings and the DNS settings centrally by using IP Address Management (IPAM).
You need to ensure that you can use IPAM to manage the DHCP and DNS settings in both domains. The solution must use the minimum amount of administrative effort.
What should you do?
A. Upgrade DCE1 and DCE2 to Windows Server 2012, and then install the IP Address Management (IPAM) Server feature. Run the Set-IpamConfiguration cmdlet for each domain.
B. Upgrade DCE1 and DCE2 to Windows Server 2012, and then install the IP Address Management (IPAM) Server feature. Run the Invoke-IpamGpoProvisioning cmdlet for each domain.
C. Upgrade DC1 and DC2 to Windows Server 2012, and then install the IP Address Management (IPAM) Server feature. Run the Invoke-IpamGpoProvisioning cmdlet for each domain.
D. Upgrade DC1 and DC2 to Windows Server 2012, and then install the IP Address Management (IPAM) Server feature. Run the Set-IpamConfiguration cmdlet for each domain.
Correct Answer: B
Explanation
Explanation/Reference:
Explanation: * You can use IPAM to manage DHCP servers running on Windows Server 2008 R2 and above. Here DCE1 and DCE2 are running Windows 2003, so they need to be upgraded to Windows Server 2008 R2 or above.
* Invoke-IpamGpoProvisioning
Creates and links group policies in the specified domain for provisioning required access settings on the servers managed by the computer running the IP Address Management (IPAM) server.
Incorrect:
Not C: DC1 and DC2 do not need to be upgraded as IPAM can manage DHCP servers running on Windows Server 2008 R2 and above.
Not A, Not D: Set-IpamConfiguration
Sets the configuration for the computer running the IP Address Management (IPAM) server, including the TCP port number over which the computer running the IPAM Remote Server Administration Tools (RSAT) client connects with the
computer running the IPAM server.
Reference: IPAM managed DHCP server requirements
http://windowsitpro.com/windows-server-2003-end-support/ipam-managed-dhcp-server- requirements
Upgrade the Windows 2003 Servers.

QUESTION 33
Your network contains an Active Directory domain named contoso.com. The network has an Active Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:
Ensure that the users can encrypt files by using Encrypting File System (EFS). Ensure that all of the users reenroll for their certificate every six months.
Solution: From the properties of the User certificate template, you assign the Allow – Enroll permission to the Authenticated Users group.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Explanation

QUESTION 34
Your network contains a Hyper-V cluster named Cluster1.
You install Microsoft System Center 2012 Virtual Machine Manager (VMM).
You create a user account for another administrator named User1.
You plan to provide User1 with the ability to manage only the virtual machines that User1 creates.
You need to identify what must be created before you delegate the required permissions.
What should you identify?
A. A service template
B. A Delegated Administrator
C. A cloud
D. A host group
Correct Answer: D
Explanation

QUESTION 35
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
What should you include in the recommendation?
A. Set the ISATAP State to state enabled.
B. Enable split tunneling.
C. Set the ISATAP State to state disabled.
D. Enable force tunneling.
Correct Answer: D
Explanation
Explanation/Reference:
You can configure DirectAccess clients to send all of their traffic through the tunnels to theDirectAccess server with force tunneling. When force tunneling is configured, DirectAccess clients that detect that they are on the Internet modify their
IPv4 default route so that default route IPv4 traffic is not sent. With the exception of local subnet traffic, all traffic sent by the DirectAccess client is IPv6 traffic that goes through tunnels to the DirectAccess server.

QUESTION 36
Your company has a main office and four branch offices. The main office is located in London.
The network contains an Active Directory domain named contoso.com. The network is configured as shown in the exhibit. (Click the Exhibit button.)
Each office contains several servers that run Windows Server 2012.
In each branch office, you plan to deploy an additional 20 servers that will run Windows Server 2012. Some of the servers will have a Server Core installation of Windows Server 2012.
You identify the following requirements for the deployment of the new servers:
Operating system images must be administered centrally.
The operating system images must be deployed by using PXE.
The WAN traffic caused by the deployment of each operating system must be minimized.
You need to recommend a solution for the deployment of the new servers.
What should you recommend?
Exhibits
pass4itsure 070-413 question
A. Deploy Windows Deployment Services (WDS) in each office. Replicate the images by using Distributed File System (DFS) Replication,
B. Deploy Windows Deployment Services (WDS) in the main office only. Replicate the images by using Distributed File System (DFS) Replication.
C. Deploy Windows Deployment Services (WDS) in each office. Copy the images by using BranchCache.
D. Deploy Windows Deployment Services (WDS) in the main office only. Copy the images by using BranchCache.
Correct Answer: A
Explanation
Explanation/Reference:
Explanation: DFS Replication is a replication engine that you can use to replicate images between Windows Deployment Services servers.
Reference: Storing and Replicating Images Using DFS

QUESTION 37
Your network contains an Active Directory domain named contoso.com. The Active Directory site topology is configured as shown in the exhibit. (Click the Exhibit button.)
pass4itsure 070-413 question
DC1 and DC2 run Windows Server 2003 R2. All FSMO roles are located on DC2.
You plan to deploy a read-only domain controller (RODC) to Site3. You need to recommend changes to the network to support the planned RODC implementation.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.
A. To Site1, add an RODC that runs Windows Server 2012.
B. Replace DC2 with a domain controller that runs Windows Server 2012.
C. To Site2, add an RODC that runs Windows Server 2012.
D. Replace DC1 with a domain controller that runs Windows Server 2012.
Correct Answer: D
Explanation
Explanation/Reference:
Explanation: Each RODC requires a writable domain controller running Windows Server 2012 for the same domain from which the RODC can directly replicate. Typically, this requires that a writable domain controller running Windows Server
2012 be placed in the nearest site in the topology.
Reference: Active Directory Replication Considerations
https://technet.microsoft.com/en-us/library/cc772065(v=ws.10).aspx

QUESTION 38
Your company has a main office and a branch office.
You plan to implement a failover cluster named Cluster1 to host an application named App1. The data of App1 will replicate to all of the nodes in Cluster1.
Cluster1 will contain two servers. The servers will be configured as shown in the following table.
pass4itsure 070-413 question
The cluster nodes will not use shared storage.
The branch office contains two file servers named Server3 and Server4.
You need to ensure that App1 fails over automatically to another server if a single node in Cluster1 fails.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Add Server3 as a node in Cluster1.
B. Add Server1, Server2, and Server3 to a Network Load Balancing (NLB) cluster.
C. Add Server3 and Server4 to a new failover cluster named Cluster2. Install App1 on Cluster2.
D. Add Server3 as a file share witness for Cluster1.
Correct Answer: D
Explanation

QUESTION 39
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The main office contains domain controllers that run Windows Server 2012. The branch office contains a read-only domain controller (RODC) that runs Windows Server
2012.
You need to recommend a solution to control which Active Directory attributes are replicated to the RODC.
What should you include in the recommendation?
A. The partial attribute set
B. The filtered attribute set
C. Application directory partitions
D. Constrained delegation
Correct Answer: B
Explanation
Explanation/Reference:
Explanation: RODC filtered attribute set
Some applications that use AD DS as a data store might have credential-like data (such as passwords, credentials, or encryption keys) that you do not want to be stored on an RODC in case the RODC is compromised.
For these types of applications, you can dynamically configure a set of attributes in the schema for domain objects that will not replicate to an RODC. This set of attributes is called the RODC filtered attribute set. Attributes that are defined in
the RODC filtered attribute set are not allowed to replicate to any RODCs in the forest.
Reference: AD DS: Read-Only Domain Controllers
https://technet.microsoft.com/en-us/library/cc732801(v=ws.10).aspx

QUESTION 40
Your network contains an Active Directory domain named contoso.com.
On several organizational units (OUs), an administrator named Admin1 plans to delegate control of custom tasks. You need to ensure that Admin1 can delegate a custom task named Task1 by using the Delegation of Control Wizard.
What should you do?
A. Add a new class to the Active Directory schema.
B. Configure a custom MMC console.
C. Modify the Delegwiz.inf file.
D. Configure a new authorization store by using Authorization Manager.
Correct Answer: C
Explanation
Explanation/Reference:
To add a task to the Delegation Wizard, you must create a task template by using the following syntax in the Delegwiz.inf file
;——————————————————— [template1]
AppliesToClasses=
Description = “” Etc.
Reference: How to customize the task list in the Delegation Wizard
http://support.microsoft.com/kb/308404

Conclusion:
Softwaregeneralist free sharing of 40 Microsoft Server Infrastructure 070-413 exam dumps and 070-413 PDF online downloads to help you
practice testing, we share high quality exam dumps for free throughout the year, If you want to get a 070-413 exam certificate,
select Microsoft 070-413 full Exam dumps:https://www.pass4itsure.com/070-413.html (Q&As:245 vce+ pdf)

[PDF] Free Microsoft Server Infrastructure 070-413 dumps download from Google Drive:
https://drive.google.com/open?id=1jrcsCxPaUMIk8DDt3XhR4OuCCTgwQHcR

[PDF] Free Full Microsoft dumps download from Google Drive:
https://drive.google.com/open?id=1gdQrKIsiLyDEsZ24FxsyukNPYmpSUDDO

Pass4itsure Promo Code 15% Off

pass4itsure 070-413 coupon

related: https://www.softwaregeneralist.com/100-pass-rate-lpi-101-400-dumps/