the following options can she use to meet these requirements? (Choose all that apply.)
A. Implement the inheritance functionality of GPOs.
B. Implement delegation of specific objects within Active Directory.
C. Implement the No Override functionality of GPOs.
D. Create administrative templates.
E. Provide administrative templates to the system administrators who are responsible for creating Group Policy for the applications.
33. You are the network administrator for your organization. A new company policy has been released wherein if a user enters their password incorrectly three times within 5 minutes, they are locked out for 30 minutes. What three actions do you need to set to comply with this policy? (Choose all that apply.)
A. Set Account Lockout Duration to 5 minutes.
B. Set Account Lockout Duration to 30 minutes.
C. Set the Account Lockout Threshold setting to 3 invalid logon attempts.
D. Set the Account Lockout Threshold setting to 30 minutes.
E. Set the Reset Account Lockout Counter setting to 5 minutes.
F. Set the Reset Account Lockout Counter setting to 3 times.
34. You are teaching a Microsoft Active Directory class, and one of your students asks you, “Which of the following containers in the Active Directory Users and Computers tool is used when users from outside the forest are granted access to resources within a domain?” What answer would you give your student?
A. Users
B. Computers
C. Domain Controllers
D. Foreign Security Principals
35. Your manager has decided your organization needs to use an Active Directory application data partition. Which command can you use to create and manage application data partitions?
A. DCPromo.exe
B. NTDSUtil.exe
C. ADUtil.exe
D. ADSI.exe
36. Your network contains an Active Directory domain named Sybex.com. The domain contains a RADIUS server named Server1 that runs Windows Server 2012 R2. You add a VPN server named Server2 to the network. On Server1, you create several network policies. You need to configure Server1 to accept authentication requests from Server2. Which tool should you use on Server1?
A. Set-RemoteAccessRadius
B. CMAK
C. NPS
D. Routing and Remote Access
37. Your network contains an Active Directory domain named Sybex.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the following role services installed:
■ DirectAccess and VPN (RRAS)
■ Network Policy Server
Remote users have client computers that run Windows XP, Windows 7, or Windows 8. You need to ensure that only the client computers that run Windows 7 or Windows 8 can establish VPN connections to Server1. What should you configure on Server1?
A. A vendor-specific RADIUS attribute of a Network Policy Server (NPS) connection request policy
B. A condition of a Network Policy Server (NPS) network policy
C. A condition of a Network Policy Server (NPS) connection request policy
D. A constraint of a Network Policy Server (NPS) network policy
38. You are the network administrator for a large organization that contains an Active Directory domain named WillPanek.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Network Policy and Access Services server role installed. You plan to deploy 802.1x authentication to secure the wireless network. You need to identify which Network Policy Server (NPS) authentication method supports certificate-based mutual authentication for the 802.lx deployment. Which authentication method should you identify?
A. PEAP-MS-CHAP v2
B. MS-CHAP v2
C. EAP-TLS
D. MS-CHAP
39. You have an Active Directory domain named WillPanek.com. The domain contains a server named ServerA that runs Windows Server 2012 R2. ServerA has the Network Policy and Access Services server role installed. Your company’s security policy requires that certificate-based authentication must be used by some network services. You need to identify which Network Policy Server (NPS) authentication methods comply with the security policy. Which two authentication methods should you identify? Each correct answer presents part of the solution. (Choose two.)
A. MS-CHAP
B. PEAP-MS-CHAP v2
C. CHAP
D. EAP-TLS
E. MS-CHAP v2
40. You are the network administrator, and you have been asked to set up an accounting system so that each department is responsible for the cost of their use of network services. Your network contains a Network Policy Server (NPS) server named ServerA. The network contains a server named Database1 that has Microsoft SQL server installed. All servers run Windows Server 2012 R2. You configure NPS on ServerA to log accounting data to a database on Database1. You need to ensure that the accounting data is captured if Database1 fails. The solution must minimize cost. What should you do?
A. Implement Failover Clustering.
B. Implement database mirroring.
C. Run the Accounting Configuration Wizard.
D. Modify the SQL Server Logging properties.
41. In a secure environment, IPsec encryption should only be disabled for inter-node cluster communication (such as cluster heartbeat) under what circumstances?
A. Certificates use weak encryption methods such as DES
B. LowerQuorumPriorityNodeID is set on a node.
C. DatabaseReadWriteMode is set to 2
D. Group Policy Updates have a high processing latency
42. In Windows Server 2012 R2, Failover Clustering supports how many nodes?
A. 8000
B. 1024
C. 64
D. 1000
43. In Windows Server 2012 R2, what feature dynamically adjusts cluster node votes in order to maintain an odd vote count where no witness is being used?
A. Witness Dynamic Weighting
B. Tie Breaker for a 50 % Node Split
C. Lower Quorum Priority Node
D. Force quorum resiliency
44. What authentication mechanism does Active Directory–detached clusters utilize?
A. NTLM
B. MIT Kerberos Realms
C. AD Kerberos
D. SSL
45. Shared virtual hard disks can be utilized by SQL Server and Exchange Server for virtualized workloads.
A. True
B. False
46. What is the default TCP port for iSCSI?
A. 3389
B. 21
C. 1433
D. 3260
47. You are a server administrator, and you are trying to save