Case Study 1: Contoso Ltd Case A
Overview
Contoso, Ltd. is a recruiting and staffing company that has offices throughout North America. The
company has a main office and six branch offices. The main office is located in Miami. The branch offices
are located in New York, Seattle, Los Angeles, Montreal, Toronto, and Vancouver.
Existing Environment
Network Infrastructure
The network contains one Active Directory domain named contoso.com.
The main office has the following servers:
- One file server that maintains multiples shares
- Two domain controllers configured as DNS servers
- One Windows Server Update Services (WSUS) server
- Two DHCP servers that each have a scope for all of the subnets
- Two servers that have Failover Clustering configured and are used as virtualization hosts
- One server that has Microsoft SQL Server 2012 installed and maintains a customer relationship
management (CRM) database
Each branch office has the following servers:
- One domain controller configured as a DNS server
- One DHCP server that has a single scope for its respective office Each office has a single subnet.
The network speed of the local area network (LAN) is 1 gigabit per second. All of the offices have a highspeed
connection to the Internet. The offices connect to each other by using VPN
appliances.
Current Issues
Users report that it can take a long time to download files from network shares in the main office. A root
cause analysis identifies that network traffic peaks when the users experience this issue.
Requirements
Planned Changes
The company plans to implement the following changes:
- Replace all of the domain controllers with new servers that run Windows Server 2012.
- Upgrade the CRM application to use a web-based application that connects to the current CRM
database. The web application will store session data in the memory of each web server.
- Initially, deploy two front-end web servers to two virtual machines. Additional virtual web servers will be
deployed in the future.
- Monitor the availability of the CRM application and create alerts when the overall availability is less than
99 percent.
- Implement Microsoft System Center 2012 to manage the new environment.
Business Requirements
The company identifies the following business requirements:
- Minimize hardware costs and software costs whenever possible.
- Minimize the amount of network traffic over the VPN whenever possible.
- Ensure that the users in the branch offices can access files currently on the main office file server if a
Internet link fails.
Technical Requirements
The company identifies the following technical requirements:
- Provide a highly available DHCP solution.
- Maintain a central database that contains the security events from all of the servers.The database must
be encrypted.
- Ensure that an administrator in the main office can manage the approval of Windows updates and
updates to third-party applications for all of the users.
- Ensure that all of the domain controllers have the ReliableTimeSource registry value in
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters set to 1, even if
an administrator changes that value manually.
Virtualization Requirements
The company identifies the following virtualization requirements:
- Minimize the number of permissions and privileges assigned to users.
- Ensure that the members of a group named Group2 can add a WSUS server to the fabric.
- Ensure that a diagram view of the virtualization environment can be generated dynamically.
- Minimize the amount of administrative effort required to manage the virtualization environment.
- Prevent the failure of a front-end web server from affecting the availability of the CRM application.
- Ensure that the members of a group named Group1 can create new virtual machines in the Los Angeles
office only.
- Only create virtual machine templates by using objects that already exist in the System Center 2012
Virtual Machine Manager (VMM) library.
- On the failover cluster in the main office, apply limited distribution release (LDR) updates to the
virtualization hosts without disrupting the virtual machines hosted on the virtualization hosts.
QUESTION 1
You are planning the delegation for the virtualization environment.
The delegation must meet the virtualization requirements.
Which user role profile should you select for Group2?
A. Delegated Administrator
B. Read-Only Administrator
C. Administrators
D. Self-Service User
Correct Answer: C
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
QUESTION 2
You need to create a virtual machine template for the web servers used by the CRM application.
The solution must meet the virtualization requirements.
What should you use?
A. An .iso image
B. A virtual machine
C. A Windows PowerShell script
D. A virtual hard disk (VHD)
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 3
You are planning the deployment of System Center 2012 Virtual Machine Manager (VMM).
You need to identify which additional System Center 2012 product is required to meet the
visualization requirements.
What should you include in the recommendation?
A. System Center 2012 Service Manager
B. System Center 2012 Operations Manager
C. System Center 2012 Configuration Manager
D. System Center 2012 App Controller
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
certbase notes:
In the section infrastructure requirements for virtualizing the following, crucial requirement is: It must
be possible to dynamically generate a diagrammatic view of the virtualization environment.
You can System Center 2012 - Virtual Machine Manager connect (VMM) with Operations Manager
integrity and availability of the managed by VMM virtual machines and virtual machine hosts to monitor.
You can also monitor and display using the Operations Console in Operations Manager diagram views of
the virtualized environment integrity and availability of the VMM management server, the VMM database
server, the library server and the VMM Self-Service Portal Web server.
http://technet.microsoft.com/en-us/library/jj656649.aspx
QUESTION 4
You need to recommend a solution for updating the virtualization hosts.
The solution must meet the visualization requirements.
What should you include in the recommendation?
A. Cluster-Aware Updating
B. WSUS
C. System Center Updates Publisher 2011
D. System Center 2012 Configuration Manager
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 5
You need to ensure that Group1 can perform the required tasks.
The solution must meet the visualization requirements.
What should you create?
A. A collection
B. A host group
C. An organizational unit (OU)
D. A site
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
Notes:
The section demands on infrastructure for virtualization contains the following relevant requirements:
The members of a group named Group1 must have the possibility, at the Linz site new virtual machines
(VMs) to create. At other sites, they may not create new VMs can.
You can create custom groups of virtual machine hosts create so-called host groups to group hosts and
their virtual machines useful.
For example, you might create a host group for each branch of your organization. Using host groups, you
can also reserve resources on a host for use by the host operating system.
Host groups are in the navigation pane in the View hosts and in the view of virtual machines displayed
as folders and can also serve as part of the delegation of permissions as a base.
http://technet.microsoft.com/en-us/library/gg610645.aspx
QUESTION 6
You need to recommend a solution for managing updates.
The solution must meet the technical requirements.
What should you include in the recommendation?
A. A System Center 2012 Configuration Manager management point in the main office and a System
Center 2012 Configuration Manager distribution point in each office.
B. A System Center 2012 Configuration Manager management point in the main office and a WSUS
downstream server in each office.
C. A System Center 2012 Configuration Manager software update point in the main office and a System
Center 2012 Configuration Manager distribution point in each office.
D. A WSUS upstream server in and a WSUS downstream server in each office.
Correct Answer: C
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
notes:
The section Technical Requirements states:
An administrator of the main office has Windows updates and updates for third-party applications can be
approved for all users.
The free Windows Server Update Services (WSUS) enables the distribution of Microsoft Updates. The
distribution of updates for third-party software provider is also limited only right on the WSUS API is
possible.
With the System Center 2012 Configuration Manager, a solution is available that meets all Anfordeurngen
justice. In Configuration Manager site system roles are used to manage operations to support at the
individual sites.
When you install a Configuration Manager site some site system roles are automatically installed and
assigned to the server on which Configuration Manager Setup has completed successfully.
One of these site system roles, the location server that can not be transferred or removed to another
server without uninstalling the location. You can use other servers to perform additional site system roles
or assign some site system roles from the site server by installing Configuration Manager site system
server and configure. From each site system role certain administrative functions are supported.
System Center 2012 Configuration Manager management point
About this site system role, information on policies and duty stations for clients provided, and go with her
configuration data of clients a.
System Center 2012 Configuration Manager Distribution Point
This is a site system role with source files that can be downloaded from clients, including application
content, software packages, software updates, operating system images and boot images.
System Center 2012 Configuration Manager Software Update Point
This site system role is integrated into Windows Server Update Services (WSUS) to provide Configuration
Manager client software updates.
http://technet.microsoft.com/en-US/library/gg682106.aspx
QUESTION 7
You need to recommend an automated remediation solution for the ReliableTimeSource registry
value.
The solution must meet the technical requirements.
What should you include in the recommendation?
A. A System Center 2102 Configuration Manager configuration baseline.
B. A System Center 2012 Operations Manager performance counter rule.
C. A System Center 2012 Configuration Manager maintenance task.
D. A System Center 2012 Operations Manager event rule.
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
http://technet.microsoft.com/en-US/library/gg682106.aspx
QUESTION 8
You need to recommend a solution that resolves the current file server issue.
The solution must meet the business requirements.
What should you include in the recommendation?
A. Distributed File System (DFS)
B. BranchCache in distributed cache mode
C. BranchCache in hosted cache mode
D. A storage pool
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
Scenarios for Using DFS
By using from DFS-N and DFS Replication, your organization can benefit from several implementation
scenarios including:
- Sharing files across branch offices
- Data collection
- Data distribution
- Sharing Files Across Branch Offices
Organizations with multiple physical offices tend to share files or collaborate between offices.
You can use DFS Replication to replicate files between these offices, or from branch offices to a hub site.
This form of replication helps reduce wide area network (WAN) traffic, and provides high availability should
a WAN link or a server fail.
DFS Replication ensures that when changes are made to a file, the changes are replicated to all other
sites by using delta replication.
QUESTION 9
You need to create a service template for the web servers used by the CRM application.
What should you include in the service template?
A. A VIP template
B. A host profile
C. Guest OS profile
D. A capability profile
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 10
You need to recommend a solution that meets the technical requirements for DHCP.
What should you include in the recommendation for each office?
A. Network Load Balancing (NLB)
B. DHCP failover
C. DHCP server policies
D. IP Address Management (IPAM)
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 11
You need to recommend a solution for deploying the web servers for the CRM application.
The solution must meet the visualization requirements.
What should you include in the recommendation?
A. Network Load Balancing (NLB) without affinity
B. Failover Clustering with one active node
C. Failover Clustering with two active nodes
D. Network Load Balancing (NLB) with client affinity
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 12
You need to recommend a solution that manages the security events.
The solution must meet the technical requirements.
Which configuration should you include in the recommendation?
A. Object access auditing by using a Group Policy object (GPO)
B. Event rules by using System Center 2012 Operations Manager
C. Event forwarding by using Event Viewer
D. Audit Collection Services (ACS) by using System Center 2012
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
Checked 06/12/2015
The section Technical Requirements states that it should be implemented and maintained a central
database of the entries in the security logs of all servers. The database must be encrypted. Use the Audit
Collection Services (ACS) System Center 2012 - Operations Manager allows you to records that were
generated by an audit policy capture, and store them in a centralized database. If an audit policy is
installed on a Windows computer, this computer stores by default and automatically all generated by the
audit policy events in the local Security log. This applies to all Windows workstations and also on all
servers. In companies with stringent security requirements audit policies can generate large amounts of
events quickly. Using ACS, organizations can consolidate individual Security logs into a centrally managed
database and filter events with the data analysis and reporting tools provided by Microsoft SQL Server and
analyze. With ACS, only a user, expressly the right to access the ACS database has been granted, run
queries and create reports on the collected data.
QUESTION 13
You need to deploy the dedicated storage servers to support the new web application servers.
What should you do?
A. Install windows storage server 2012 R2 workgroup on STORAGE1 and STORAGE2.
Use STORAGE 1 and STORAGE2 as scale-out file servers.
B. Install windows storage server 2012 R2 standard on STORAGE1 and STORAGE2.
Use STORAGE1 and STORAGE2 as ISCSI target servers.
C. Install windows storage server 2012 R2 workgroup on STORAGE1 and STORAGE2.
Use STORAGE1 and STORAGE2 as ISCSI target servers.
D. Install windows storage server 2012 R2 standard on STORAGE1 and STORAGE2.
Use STORAGE1 and STORAGE2 as scale-out file server.
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
Testlet 1
Case Study 2: A. Datum
Overview
Datum Corporation is an accounting company.
The company has a main office and two branch offices. The main office is located in Miami. The
branch offices are located in New York and Seattle.
Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com. All servers run Windows Server
2008 R2.
The main office has the following servers and client computers:
- Two domain controllers configured as DNS servers and DHCP servers
- One file server that has multiples shares
- One thousand client computers that run Windows 7
- Each branch office has the following servers and client computers:
- One domain controller configured as a DNS server and a DHCP server
- Five hundred to 800 client computers that run Windows XP Each office has multiple subnets.
The network speed of the local area network (LAN) is 1 gigabit per second. The offices connect to each
other by using a WAN link. The main office is connected to the Internet.
Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high latency. The
link will not be replaced for another year.
Requirements
Application Requirements
The company is developing an application named App1. App1 is a multi-tier application that will be sold as
a service to customers.
Each instance of App1 is comprised of the following three tiers:
- A web front end
- A middle tier that uses Windows Communication Foundation (WCF)
- A Microsoft SQL Server 2008 R2 database on the back end
Each tier will be hosted on one or more virtual machines. Multiple-tiers cannot coexist on the same virtual
machine. When customers purchase App1, they can select from one of the following service levels:
- Standard: Uses a single instance of each virtual machine required by App1. If a virtual machine become
unresponsive, the virtual machine must be restarted.
- Enterprise: Uses multiple instances of each virtual machine required by App1 to provide high-availability
and fault tolerance.
All virtual hard disk (VHD) files for App1 will be stored in a file share. The VHDs must be available if a
server fails.
You plan to deploy an application named App2. App2 is comprised of the following two tiers:
- A web front end
- A dedicated SQL Server 2008 R2 database on the back end
App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office.
The virtual machines will use dynamic IP addresses. A copy of the App2 virtual machines will be
maintained in the Seattle office. App2 will be used by users from a partner company named Trey
Research. Trey Research has a single Active Directory domain named treyresearch.com.
Treyresearch.com contains a server that has the Active Directory Federation Services server role and all of
the Active Directory Federation Services (AD F5} role services installed.
Planned Changes
Datum plans to implement the following changes:
- Replace all of the servers with new servers that run Windows Server 2012.
- Implement a private cloud by using Microsoft System Center 2012 to host instances of Appl.
- In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
- In the Miami office, deploy two new Hyper-V hosts to the local network.
- In the Seattle office, deploy two new Hyper-V hosts.
- In the Miami office, implement a System Center 2012 Configuration Manager primary site that has all of
the system roles installed.
- Implement a public key infrastructure (PKI).
- Implement AD FS.
Notification Requirements
Datum identifies the following notification requirements:
- Help desk tickets must be created and assigned automatically when an instance of App1 becomes
unresponsive.
- Customers who select the Enterprise service level must receive an email notification each time a help
desk ticket for their instance of App1 is opened or closed.
Technical Requirements
Datum identifies the following technical requirements:
- Minimize costs whenever possible.
- Minimize the amount of WAN traffic.
- Minimize the amount of administrative effort whenever possible.
- Provide the fastest possible failover for the virtual machines hosting App2.
- Ensure that administrators can view a consolidated report about the software updates in all of the offices.
- Ensure that administrators in the Miami office can approve updates for the client computers in all of the
offices.
Security Requirements
Datum identifies the following security requirements:
- An offline root certification authority (CA) must be configured.
- Client computers must be issued certificates by a server in their local office.
- Changes to the CA configuration settings and the CA security settings must be logged.
- Client computers must be able to renew certificates automatically over the Internet.
- The number of permissions and privileges assigned to users must be minimized whenever possible.
- Users from a group named Group1 must be able to create new instances of App1 in the private cloud.
- Cent computers must be issued new certificates when the computers are connected to the local network
only.
- The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
- Users from Trey Research must be able to access App2 by using their credentials from
treyresearch.com.
QUESTION 1
In adatum.com, you install and configure a server that has the Active Directory Federation Services server
role and all of the AD FS role services installed.
You need to recommend which AD FS configurations must be performed m adatum.com to meet
the security requirements.
Which configurations should you recommend before creating a trust policy?
A. Export the server authentication certificate and provide the certificate to Trey Research. Import the
token-signing certificate from Trey Research.
B. Export the server authentication certificate and provide the certificate to Trey Research. Import the
server authentication certificate from Trey Research.
C. Export the token-signing certificate and provide the certificate to Trey Research. Import the server
authentication certificate from Trey Research.
D. Export the token-signing certificate and provide the certificate to Trey Research. Import the tokensigning
certificate from Trey Research.
Correct Answer: C
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 2
You need to recommend which type of clustered file server and which type of file share must be
used in the Hyper-V cluster that hosts App2.
The solution must meet the technical requirements and the security requirements.
What should you recommend?
A. A scale-out file server that uses an NFS share
B. A file server that uses an SMB share
C. A scale-out file server that uses an SMB share
D. A file server that uses an NFS share
Correct Answer: C
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 3
You are configuring the Certification Authority role service.
From the Certification Authority console, you enable logging.
You need to ensure that configuration changes to the certification authority (CA) are logged.
Which audit policy should you configure?
A. Audit policy change
B. Audit privilege use
C. Audit system events
D. Audit object access
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 4
You need to recommend a solution that meets the notification requirements.
Which System Center 2012 components should you include in the recommendation?
A. Operations Manager, Service Manager and Orchestrator
B. Configuration Manager, Service Manager and Orchestrator
C. App Controller, Configuration Manager and Operations Manager
D. Service Manager, Orchestrator and App Controller
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 5
You need to recommend a solution to maintain a copy of App2.
The solution must meet the application requirements and must minimize additional hardware purchases.
What should you include in the recommendation?
A. Multi-site Failover Clustering
B. Hyper-V replicas
C. Single-site Failover Clustering
D. Distributed File System (DFS) Replication
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 6
You need to recommend a solution that meets the security requirements for Group1.
To which System Center 2012 Virtual Machine Manager (VMM) group should you assign Group1?
A. Read-Only Administrator
B. Administrators
C. Delegated Administrator
D. Self-Service User
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 7
You need to recommend which Certificate Services role service must be deployed to the perimeter
network.
The solution must meet the technical requirements.
Which Certificate Services role services should you recommend?
A. Certificate Enrollment Web Service and Certificate Enrollment Policy Web Service
B. Certificate Enrollment Policy Web Service and Certification Authority Web Enrollment
C. Online Responder and Network Device Enrollment Service
D. Online Responder and Certificate Enrollment Web Service
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 8
You have a service template to deploy Appl.
You are evaluating the use of Network Load Balancing (NLB) for the front-end servers used by Appl.
You need to recommend which component must be added to the service template.
What should you recommend?
A. Guest OS profile
B. A host profile
C. A capability profile
D. A VIP template
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 9
You need to recommend a storage solution for the App1 VHDs.
The solution must minimize downtime if a Hyper-V host fails.
What should you include in the recommendation?
A. Distributed File System (DFS) Replication
B. A clustered file server of the File Server for general use type
C. A Distributed File System (DFS) namespace
D. clustered file server of the File Server for scale-out application data type
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 10
You are evaluating the deployment of a multi-site Hyper-V failover cluster in the Miami office and the
Seattle office to host App2.
You need to identify which changes must be made to support the use of the multi-site cluster.
Which changes should you identify?
A. Purchase a storage solution that replicates the virtual machines.
Configure all of the virtual machines to use dynamic memory.
B. Upgrade the WAN link between the Miami and Seattle offices.
Purchase a storage solution that replicates the virtual machines.
C. Configure all of the virtual machines to use dynamic memory.
Implement Distributed File System (DFS) Replication and store the virtual machine files in a replicated
folder.
D. Implement Distributed File System (DFS) Replication and store the virtual machine files in a replicated
folder.
Upgrade the WAN link between the Miami and Seattle offices.
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
You must have a Fast WAN for Multisite clustering and DFS doesn't work for multisite Hyper-V Clusters
http://technet.microsoft.com/en-us/library/dd197575%28v=ws.10%29.aspx
QUESTION 11
You need to recommend a software update solution that meets the technical requirements.
What should you recommend deploying to each branch office?
A. An endpoint protection point
B. A distribution point
C. A management point
D. An enrollment proxy point
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
29/11/2015 // Checked
Explanation:
QUESTION 12
You need to recommend which type of clustered file server and which type of file share must be
used in the Hyper-V cluster that hosts App2.
The solution must meet the technical requirements and the security requirements.
Solution: You recommend a scale-out file server that uses an SMB share.
Does this meet the goal?
A. Yes
B. No
Correct Answer: A
Section: [none]
Explanation
Explanation/Reference:
https://technet.microsoft.com/en-GB/library/hh831349.aspx
QUESTION 13
You need to recommend which type of clustered file server and which type of file share must be
used in the Hyper-V cluster that hosts App2.
The solution must meet the technical requirements and the security requirements.
Solution: You recommend a scale-out file server that uses an NFS share.
Does this meet the goal?
A. Yes
B. No
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
Hyper-V in Windows Server 2012 supports file shares that use the Server Message Block (SMB) protocol
version. 3 NFS shares are however not supported as the data store. Note: Windows Server 2012 features
but on an implementation of the Network File System (NFS) in version 4.1 and can provide NFS shares
that can be used as storage of VMware vSphere.
QUESTION 14
You are planning the implementation of the Public Key Infrastructure Public Key Infrastructure
(PKI).
How many CAs server you need at least?
A. 2
B. 3
C. 4
D. 5
Correct Answer: C
Section: [none]
Explanation
Explanation/Reference:
06/12/2015 // Checked
In the section safety requirements contains the following relevant points:
It is a root certification authority (CA) to be implemented in offline mode.
Client computers must obtain certificates from a server within their own site.
Testlet 1
Case Study 3: Proseware Inc
Overview
General Overview
Proseware Inc., is a manufacturing company that has 4,000 employees.
Proseware works with a trading partner named Fabrikam, Inc.
Physical Locations
Proseware has a main office and two branch offices. The main office is located in London. The branch
offices are located in Madrid and Berlin. Proseware has a sales department based in the London office
and a research department based in the Berlin office.
The offices connect to each other by using a WAN link. Each office connects directly to the Internet.
Proseware rents space at a hosting company. All offices have a dedicated WAN link to the hosting
company. Web servers that are accessible from the Internet are located at the hosting company.
Active Directory
The Proseware network contains an Active Directory forest named proseware.com. The forest contains a
single domain. The forest functional level is Windows Server 2012.
Each office contains three domain controllers. An Active Directory site is configured for each office.
System state backups are performed every day on the domain controllers by using System Center 2012
R2 Data Protection Manager (DPM).
Virtualization
Proseware has Hyper-V hosts that run Windows Server 2012 R2. Each Hyper-V host manages eight to ten
virtual machines. The Hyper-V hosts are configured as shown in the following table.
All of the Hyper-V hosts store virtual machines on direct-attached storage (DAS).
Servers
All servers run Windows Server 2012 R2. All of the servers are virtualized, except for the Hyper- V hosts.
VDI1 and VDI2 use locally attached storage to host virtual hard disk (VHD) files. The VHDs use the .vhd
format.
A line-of-business application named SalesApp is used by the sales department and runs on a server
named APP1. APP1 is hosted on HyperV2.
A server named CA1 has the Active Directory Certificate Services server role installed and is configured as
an enterprise root certification authority (CA) named ProsewareCA.
Ten load-balanced web servers hosted on HyperV7 and HyperV8 run the Internet-facing web site that
takes orders from Internet customers.
System Center 2012 R2 Operations Manager is used to monitor the health of the servers on the network.
All of the servers are members of the proseware.com domain, except for the servers located in the
perimeter network.
Client Computers
All client computers run either Windows 8.1 or Windows 7. Some of the users in the London office connect
to pooled virtual desktops hosted on VDI1 and VDI2.
Problem Statements
Proseware identifies the following issues on the network:
Virtualization administrators report that the load on the Hyper-V hosts is inconsistent. The virtualization
administrators also report that administrators fail to account for host utilization when creating new virtual
machines.
Users in the sales department report that they experience issues when they attempt to access SalesApp
from any other network than the one in the London office.
Sometimes, configuration changes are not duplicated properly across the web servers, resulting in
customer ordering issues. Web servers are regularly changed.
Demand for virtual desktops is increasing. Administrators report that storage space is becoming an issue
as they want to add more virtual machines.
In the past, some personally identifiable information (PII) was exposed when paper shredding procedures
were not followed.
Requirements
Proseware plans to implement the following changes on the network:
- Implement a backup solution for Active Directory.
- Relocate the sales department to the Madrid office.
- Implement System Center 2012 R2 components, as required.
- Protect email attachments sent to Fabrikam that contain PII data so that the attachments cannot be
printed.
- Implement System Center 2012 R2 Virtual Machine Manager (VMM) to manage the virtual machine
infrastructure. Proseware does not plan to use private clouds in the near future.
- Deploy a new Hyper-V host named RESEARCH1 to the Berlin office. RESEARCH1 will be financed by
the research department. All of the virtual machines deployed to RESEARCH1 will use VMM templates.
Technical Requirements
Proseware identifies the following virtualization requirements:
- The increased demand for virtual desktops must be met.
- Once System Center is deployed, all of the Hyper-V hosts must be managed by using VMM.
- If any of the Hyper-V hosts exceeds a set number of virtual machines, an administrator must be notified
by email.
- Network administrators in each location must be responsible for managing the Hyper-V hosts in their
respective location. The management of the hosts must be performed by using VMM.
- The network technicians in each office must be able to create virtual machines in their respective office.
- The network technicians must be prevented from modifying the host server settings.
- New virtual machines must be deployed to RESEARCH1 only if the virtual machine template used to
create the machine has a value specified for a custom property named CostCenter' that matches
Research'.
The web site configurations must be identical on all web servers.
Security Requirements
Proseware identifies the following security requirements:
- All email messages sent to and from Fabrikam must be encrypted by using digital certificates issued to
users by the respective CA of their company. No other certificates must be trusted between the
organizations.
- Microsoft Word documents attached to email messages sent from Proseware to Fabrikam must be
protected.
- Privileges must be minimized, whenever possible.
QUESTION 1
You need to recommend changes to the virtual desktop infrastructure (VDI) environment.
What should you recommend?
A. Implement Hyper-V replication between VDI1 and VDI2.
B. Create new VDI virtual machines that are Generation 2 virtual machines.
C. Convert the existing VHDs to .vhdx format.
D. Move the VHDs to a Cluster Shared Volume (CSV) and implement Data Deduplication on the CSV.
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
Problem Statements States:
The need for virtual desktops is increasing steadily. The administrators reported that bottlenecks occur
during storage in the provision of additional virtual machines.
The deduplication enables a very effective optimization of memory usage and reducing the space used -.
In selecting the right data by 50% to 90%
From Windows Server 2012 R2 supports data deduplication and virtual hard disks (VHDs) a virtual
desktop infrastructure (VDI). On Windows Server 2012 deduplication for VHDs could not be used in a
virtual desktop infrastructure.
QUESTION 2
You need to recommend changes to the existing environment to meet the web server requirement.
Which two actions should you recommend? Each Answer presents part of the solution.
A. On one web server, run the Start-DSCConfiguration cmdlet.
Create and run a configuration script.
B. On all of the web servers, install the Windows PowerShell Web Access feature, and then run the Set-
DscLocalConfigurationManager cmdlet.
C. On all of the web servers, configure the Local Configuration Manager settings, and then run the Set-
DscLocalConfigurationManager cmdlet.
D. On one web server, install the Windows PowerShell Desired State Configuration (DSC) feature.
Create and run a configuration script.
Correct Answer: CD
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
Problem Statements States:
Sometimes configuration changes are not transmitted correctly on all web servers of the Web
server farm. This leads to problems in customers' orders.
The web server will be changed regularly. Desired Configuration State (DSC) is a new feature of Windows
PowerShell 4.0 or the Windows Management Framework 4.0. It makes it possible to describe the desired
configuration of one or more computers (nodes) in a configuration file and then apply via PowerShell
cmdlet on one or more computers.
By applying the configuration file to configure the computer is adapted to the settings described in the file.
The Local Configuration Manager is a service of the desired state Configuration (DSC) with which to
automate the retrieval and applying a configuration.
QUESTION 3
You are evaluating the use of VMM to migrate APP1 for the sales users.
You need to identify the effects of the migration.
What should you identify?
A. The VHDs and the virtual machine configuration files will move.
The sales users' access to APP1 will be interrupted.
B. The VHDs will move but the virtual machine configuration files will remain in the original location.
The sales users will continue to have uninterrupted access to APP1.
C. The virtual machine configuration files will move but the VHDs will remain in the original location.
The sales users' access to APP1 will be interrupted.
D. The VHDs and the virtual machine configuration files will move.
The sales users will continue to have uninterrupted access to APP1.
Correct Answer: D
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
The sales department uses an industry-specific application named SallesApp. The application runs on a
server named App1.
In section Planned changes it says.
The sales department will be relocated to the Madrid location in the section Problem Reports states:
The Sales Department report that problems arise when they are out access to another network than the of
London on the SallesApp.
Virtual Machine Manager (VMM) in System Center 2012 R2 provides support for migrations between
standalone Hyper-V hosts or hosts in a cluster.
If the resource files of a VM in an SMB 3.0 file sharing are stored, the virtual disks and configuration files
without interrupting the operation of the virtual machine can be moved from one host to another host.
NEED TO FIND A ENG VERSION :)
QUESTION 4
You need to recommend changes to the existing environment to meet the PII requirement.
What should you recommend?
A. In the Default Domain Policy, configure auto-enrollment for the S/MIME certificates from ProsewareCA.
B. Create an AD RMS cluster in Proseware, and then provision the user accounts in Proseware for the
Fabrikam users.
C. Configure Active Directory Federation Services (AD FS) in Fabrikam, and then install a web application
proxy in Proseware.
D. In the Default Domain Policy, configure auto-enrollment for the S/MIME certificates from FabrikamCA.
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
Notes:
Regarding personal data the section contains Planned changes include
file attachments to e-mail messages that contain personally identifiable information and are sent to
employees of Fabrikam, are to be protected so that they can not be printed.
In the Active Directory -Rechteverwaltungsdiensten (AD RMS - Active Directory Rights Management
Services) is an information protection technology that protects digital information in conjunction with AD
RMS-enabled applications from unauthorized use. Content owners can define who can open the
information, change, print, or forward or perform other actions with the information.
QUESTION 5
You need to ensure that RESEARCH1 only contains the required virtual machines.
What should you do?
A. Create an availability set.
B. Create a custom placement rule.
C. Set RESEARCH1 as a possible owner.
D. Set RESEARCH1 as a preferred owner.
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
The section Technical Requirements contains the following relevant point:.
New Virtual Machine may only be provided on research1 when the template used in a custom property
named cost center contains the value of research in Virtual Machine Manager (VMM) can create custom
properties create and host servers, virtual machines and virtual machine templates are assigned.
Using custom rules can then placing a rule can be created based on the assigned properties, which
prescribes that the host server and the virtual machine or template to a virtual machine must have the
same value for a particular property. With deviating values, the VM can then not running on the
virtualization host or not provided. Placement rules are configured in the properties of the host groups.
In the following example, the host server and virtual machine must have the same value for the property
Custom1 exhibit.
Otherwise, the virtual machine is blocked on the host: VMM Availability sentences serve to define virtual
machines (VMs) to be hosted by VMM on separate hosts to improve service continuity.
The answers C and D relate to configuration settings of a failover cluster. In research1 is a single host.
QUESTION 6
You need to recommend changes to the existing environment to meet the email requirement.
What should you recommend?
A. Implement a two-way forest trust that has selective authentication.
B. Implement qualified subordination.
C. Deploy the FabrikamCA root certificate to all of the client computers.
D. Deploy a user certificate from FabrikamCA to all of the users.
Correct Answer: B
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
In the section safety requirements states that all e-mail messages that are sent to the Fabrikam or
received by the Fabrikam must be encrypted with a digital certificate that users issued by a certification
body of their respective companies. Other certificates can not be relied upon in relation to the e-mail
encryption between the two companies. Using qualified subordination, you can for subordinate CAs place
restrictions on the issue of the certificate and specify use restrictions issued by those CAs certificates.
With qualified subordination, you can align subordinate CAs to specific certification requirements and the
Public Key Infrastructure Public Key Infrastructure (PKI) more efficiently manage. You can also use
qualified subordination establish trust between CAs in separate trust hierarchies. This type of trust
relationship is also called cross-certification. With this trust relationship, qualified subordination is not
limited to subordinate CAs. Trusts between hierarchies may be established in another hierarchy by using a
subordinate CA in one hierarchy and the root certification authority.
QUESTION 7
You need to implement a solution for the email attachments.
Both organizations exchange root CA certificates and install the certificates in the relevant stores.
You duplicate the Enrollment Agent certificate template and generate a certificate based on the
new template.
Which additional two actions should you perform? Each Answer presents part of the solution.
A. Request cross-certification authority certificates.
B. Create Capolicy.inf files.
C. Request subordinate CA certificates.
D. Create Policy.inf files.
Correct Answer: AD
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
In the section safety requirements states that all e-mail messages that are sent to the Fabrikam or
received by the Fabrikam must be encrypted with a digital certificate that users issued by a certification
body of their respective companies. Other certificates can not be trusted between the two companies.
Using cross certificates is a trust relationship between separate certification hierarchies prepared for. B. in
separate networks or parts of a network. The purpose of such trust is, inter alia, that can be limited, which
is trusted certificates. The client should not rely on a lump sum all the certificates of other CA according to
the safety requirements. Cross certificates are typically configured for the following purposes:
Define the namespaces for use issued in a certification hierarchy and certificates may be accepted in
the second hierarchy.
Specify the acceptable uses of by a cross-certified CA (Certification Authority, CA) issued certificates.
Define the exhibition practices that must be followed for a document issued by a cross-certified CA
certificate so that this is considered as valid in the other hierarchy.
Creating a managed trust between separate certification hierarchies.
Policy.inf files of cross-certification between two CAs are used to describe the limitations of the trust under.
With a CAPolicy.inf configuration settings can be specified, which normally can not be configured during
installation of the certification authority. The file must be created before installing Certificate Services. For
more information on the topic, see the following TechNet blog article Constraints: What They are and how
they 're used and in the following Articles of WindowsITPro.com: CA Trust Relationships in Windows
Server 2003 PKI
http://windowsitpro.com/security/ca-trust-relationships-windows-server-2003-pki
QUESTION 8
You need to recommend a design that meets the technical requirements for managing the Hyper-V
hosts by using VMM.
What should you recommend? To answer, select the appropriate options in the answer area.
Hot Area:
Correct Answer:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
Problem Statements
The network administrators at each site shall be responsible for the Hyper-V hosts within its site. Are
used for managing the hosts must Virtual Machine Manager (VMM).
The network engineers at each site must be given the ability to create virtual machines at their location.
The network engineers must be prevented from changing settings in the Hyper-V host server.
For the Hyper-V host research1 a separate host group may have to be created in order to apply a custom
placement rule can. The host research1 located but in Berlin and is not relevant here. Description of the
user roles in VMM The following are the functions of the individual user roles in VMM summarized.
Administrator - members of the user role "Administrators" can be used for all objects that are managed by
VMM, run all administrative actions.
Fabrican Administrator (delegated administrator) - members of the user role "delegated administrator"
can perform all administrative tasks within their assigned host groups and library servers Clouds, one
exception is the addition of XenServer and adding WSUS servers. Delegated administrators can not
change the VMM settings and add any members of the user role "Administrators" or remove.
Administrator with read permission - Administrators with read permission, properties, status and job
status of objects within their assigned host groups and library servers Clouds View, however, it is not
possible for you to change the properties. Administrators with read permissions can also view Run As
Accounts that have been specified by administrators or delegated administrators for the role of
administrators with read permission.
Tenant Administrator - members of the user role "tenant administrator" to manage self-service users and
VM networks. Client administrators can create on the VMM console or a Web portal their own virtual
machines and services, deploy and manage. You may also possible to specify the tasks that self-service
users can perform on their virtual machines and services, and to set quotas for computer resources and
virtual machines.
Application Administrator (self-service user) - Members of the role "self-service user" can create on the
VMM console or a Web portal their own virtual machines and services, deploy and manage.
QUESTION 9
You need to recommend a monitoring solution for Proseware.
Which three actions should you recommend performing in sequence? To answer, move the appropriate
actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:
Correct Answer:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
The section Technical Requirements contains the following relevant requirements:
If any of the Hyper-V hosts exceeds a predetermined number of running virtual machines, an administrator
via e-mail must be notified.
You can System Center 2012 - Virtual Machine Manager (VMM) with . Connect Operations Manager to
monitor integrity and availability of the managed by VMM virtual machines and virtual machine hosts
Integrating Operation Manager in Virtual Machine Manager takes place in the System Center VMM
console settings:
Testlet 1
Case Study 4: Northwind Traders
Overview
Northwind Traders is an IT services and hosting provider.
Northwind Traders has two main data centers in North America. The data centers are located in the same
city. The data centers connect to each other by using high-bandwidth, low-latency WAN links. Each data
center connects directly to the Internet. Northwind Traders also has a remote office in Asia that connects
to both of the North American data centers by using a WAN link. The Asian office has 30 multipurpose
servers.
Each North American data center contains two separate network segments. One network segment is used
to host the internal servers of Northwind Traders. The other network segment is used for the hosted
customer environments.
Existing Environment
Active Directory
The network contains an Active Directory forest named northwindtraders.com. The forest contains a
single domain. All servers run Windows Server 2012 R2.
Server Environment
The network has the following technologies deployed:
- Service Provider Foundation
- Windows Azure Pack for Windows Server
- System Center 2012 R2 Virtual Machine Manager (VMM)
- An Active Directory Rights Management Services (AD RMS) cluster
- An Active Directory Certificate Services (AD CS) enterprise certification authority (CA)
All newly deployed servers will include the following components:
- Dual 10-GbE Remote Direct Memory Access (RDMA)-capable network adapters
- Dual 1-GbE network adapters
- 128 GB of RAM
Requirements
Business Goals
Northwind Traders will provide hosting services to two customers named Customer1 and Customer2.
The network of each customer is configured as shown in the following table.
Planned Changes
Northwind Traders plans to implement the following changes:
- Deploy System Center 2012 R2 Operations Manager.
- Deploy Windows Server 2012 R2 iSCSI and SMB-based storage.
- Implement Hyper-V Recovery Manager to protect virtual machines.
- Deploy a certificate revocation list (CRL) distribution point (CDP) on the internal network.
- For Customer 1, install server authentication certificates issued by the CA of Northwind Traders on the
virtual machine in the hosting networks.
General Requirements
Northwind Traders identifies the following requirements:
- Storage traffic must use dedicated adapters.
- All storage and network traffic must be load balanced.
- The amount of network traffic between the internal network and the hosting network must be minimized.
- The publication of CRLs to CDPs must be automatic.
- Each customer must use dedicated Hyper-V hosts.
- Administrative effort must be minimized, whenever possible.
- All servers and networks must be monitored by using Operations Manager.
- Anonymous access to internal file shares from the hosting network must be prohibited.
- All Hyper-V hosts must use Cluster Shared Volume (CSV) shared storage to host virtual machines.
- All Hyper-V storage and network traffic must remain available if single network adapter fails.
- The Hyper-V hosts connected to the SMB-based storage must be able to make use of the RDMA
technology.
- The number of servers and ports in the hosting environment to which the customer has access must be
minimized.
Customer1 Requirements
Northwind Traders identifies the following requirements for Customer1:
- Customer1 must use SMB-based storage exclusively.
- Customer1 must use App Controller to manage hosted virtual machines.
- The virtual machines of Customer1 must be recoverable if a single data center fails.
- Customer1 must be able to delegate self-service roles in its hosted environment to its users.
- Customer1 must be able to check for the revocation of certificates issued by the CA of Northwind
Traders.
- The users of Customer1 must be able to obtain use licenses for documents protected by the AD RMS of
Northwind Traders.
- Certificates issued to the virtual machines of Customer1 that reside on the hosted networks must be
renewed automatically.
Customer2 Requirements
Northwind Traders identifies the following requirements for Customer2:
- Customer2 must use iSCSI-based storage exclusively.
- All of the virtual machines of Customer2 must be migrated by using a SAN transfer.
- None of the metadata from the virtual machines of Customer2 must be stored in Windows Azure.
- The network configuration of the Hyper-V hosts for Customer2 must be controlled by using logical
switches.
- The only VMM network port profiles and classifications allowed by Customer2 must be low-bandwidth,
medium-bandwidth, or high-bandwidth.
- The users at Northwind Traders must be able to obtain use licenses for documents protected by the AD
RMS cluster of Customer2. Customer2 plans to decommission its AD RMS cluster during the next year.
QUESTION 1
You need to recommend a monitoring solution for Northwind Traders.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select
the BEST answer.
A. Three Operations Manager management servers and two Operations Manager gateway servers
B. One Operations Manager management server
C. Two Operations Manager management servers and three Operations Manager gateway servers
D. Five Operations Manager management servers
Correct Answer: C
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
In the section General requirements states that
All servers and networks must be monitored by System Center 2012 R2 Operations Manager.
System Center 2012 – Operations Manager requires mutual authentication be performed between agents
and management servers prior to the exchange of information between them. To secure the authentication
process between the two, the process is encrypted. When the agent and the management server reside in
the same Active Directory domain or in Active Directory domains that have established trust relationships,
they make use of Kerberos V5 authentication mechanisms provided by Active Directory. When the agents
and management servers do not lie within the same trust boundary, other mechanisms must be used to
satisfy the secure mutual authentication requirement.
In Operations Manager, this is accomplished through the use of X.509 certificates issued for each
computer. If there are many agent-monitored computers, this results in high administrative overhead for
managing all those certificates. In addition, if there is a firewall between the agents and management
servers, multiple authorized endpoints must be defined and maintained in the firewall rules to allow
communication between them.
To reduce this administrative overhead, Operations Manager has a server role called the gateway server.
Gateway servers are located within the trust boundary of the agents and can participate in the mandatory
mutual authentication. Because they lie within the same trust boundary as the agents, the Kerberos V5
protocol for Active Directory is used between the agents and the gateway server. Each agent then
communicates only with the gateway servers that it is aware of. The gateway servers communicate with
the management servers.
To support the mandatory secure mutual authentication between the gateway servers and the
management servers, certificates must be issued and installed, but only for the gateway and management
servers. This reduces the number of certificates required, and in the case of an intervening firewall it also
reduces the number of authorized endpoints to be defined in the firewall rules. The following illustration
shows the authentication relationships in a management group using a gateway server.
https://technet.microsoft.com/en-us/library/hh212823.aspx
QUESTION 2
You plan to implement a solution that meets the certificate requirements of Customer1.
You need to identify which role services must be deployed to the hosting environment.
Which two role services should you identify? Each Answer presents part of the solution.
A. Certification Authority Web Enrollment
B. Online Responder
C. Certificate Enrollment Policy Web Service
D. Certificate Enrollment Web Service
Correct Answer: CD
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
The section demands of Customer1 contains the following two relevant points:
Customer1 must be able to check the revocation status of certificates, issued by the Northwind
Traders.
Certificates that have been issued for the virtual machines from Customer1 must be renewed
automatically.
The Certificate Enrollment Policy Web Service is an Active Directory Certificate Services role service
(Active Directory Certificate Services AD CS), which allows users and computers to retrieve information on
the Certificate Enrollment Policy. Together with the Certificate Enrollment Web Service, this enables policybased
certificate enrollment when the client computer is not joined to a domain or if there is no connection
with the domain for a domain member.
The Certificate Enrollment Policy Web Service uses the HTTPS protocol to pass information about
certificate policy on network client computers , The Web service calls by using the LDAP protocol from
information about the certificate policy from Active Directory Domain Services (Active Directory Domain
Services, AD DS) and stores the policy information for the processing of client requests between. In
previous versions of AD CS could only domain client computers that use the LDAP protocol to access the
information on the certificate policy.
Thus the issue of policy-based certificates is limited to the conditions laid down by the forests of the
Active Directory Domain Services Trust boundaries. The publication of registration guidelines HTTPS
enables the following new deployment scenarios:
Certificate enrollment across forest boundaries to reduce the number of certification bodies
(Certification Authorities CAs) in an organization.
Extranet deployment to issue mobile employees and business partners certificates.
QUESTION 3
You need to recommend changes to allow Customer1 to delegate permissions in its hosting
environment to its users.
Where should you recommend performing each task? To answer, select the appropriate location for each
task in the answer area.
Hot Area:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked with certbase
In the section requirements of Customer1 states:
Can delegate Customer1 must self-service user roles to his colleagues.
Applies To: System Center 2012 SP1 - Orchestrator, System Center 2012 R2 Orchestrator
Service providers can use Service Provider Foundation technology to offer infrastructure as a service
(IaaS) to their clients. If a service provider has a front-end portal for clients to interact with, Service
Provider Foundation makes it possible for the clients to access the resources on their hosting provider’s
system without making changes to the portal.
The following illustration provides a high-level view of how Service Provider Foundation operates.
The tenant represents a hoster's customer, and the tenant has assets on the hoster's system. Each tenant
has their own administrators, applications, scripts, and other tools.
The hoster provides tenants with the environment, which can include virtual machines. The hoster has an
existing front-end portal, which all tenants can use. On the back end, the hoster has a collection of
resources, which is called the fabric. The hoster allocates those resources into discrete groups according
to the hoster’s needs. Each of these groups is known as a stamp. The hoster can then assign the tenant’s
resources to stamps in whatever manner is appropriate to the hoster. The resources may be divided
across several stamps, according to the hoster’s business model scheme. Service Provider Foundation
makes it possible for the hoster to present a seamless user experience to the tenant by aggregating the
data from each stamp and allowing the tenant to use the Service Provider Foundation application
programming interfaces (APIs) to access that data.
A stamp in Service Provider Foundation is a logical scale unit designed for scalability that provides an
association between a server and its System Center 2012 Service Pack 1 (SP1) components. As tenant
demand increases, the hoster provides additional stamps to meet the demand. Note that Service Provider
Foundation System Center 2012 SP1 supported only one type of stamp; that is a single server that has
Virtual Machine Manager (VMM) installed.
Service Provider Foundation does not configure clouds; instead, it manages their resources. Virtual
machines are set to clouds, for example, when they are created for VMM or when they are created by the
T:Microsoft.SystemCenter.VirtualMachineManager.Cmdlets.New-SCVirtualMachine cmdlet.
The hoster can have a portal client, which faces the tenant, that provides access to the infrastructure that
the hoster has granted. The portal uses an extensible representational state transfer (REST) API to
communicate with the web service by using the OData protocol. The claims-based authentication verifies
the tenant’s identity and associates it with the user role that the hoster assigns.
Service Provider Foundation uses a database to aggregate the tenant resources, which are managed with
Windows PowerShell scripts and Orchestrator runbooks. This makes it possible for the hoster to distribute
tenant resources among management stamps in whatever way it decides, while to the tenant the
resources are easy to access and appear contiguous.
https://technet.microsoft.com/en-us/library/jj642897.aspx
QUESTION 4
You need to recommend a solution that meets the AD RMS requirements of Customer1 and
Customer2.
Which actions should you recommend performing for each customer? To answer, select the appropriate
customer for each action in the answer area.
Hot Area:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked with certbase
https://technet.microsoft.com/en-us/library/cc755156.aspx
In the section requirements of Customer1 states:
The user of Customer1 must be able to obtain operating licenses for documents that are protected by the
AD RMS cluster the Northwind Traders.
In the section requirements of Customer2 states:
The user of the Northwind Traders must be able to obtain operating licenses for documents that are
protected by the AD RMS cluster of Customer2.
Customer2 plans to take his AD RMS cluster in the course of next year out of order. You can AD RMS
Trust Policies create so that AD RMS can process licensing requests for content that has been protected
by another AD RMS cluster by rights. Trust Policies can be defined as follows:
Trusted User Domains
The addition of a trusted user domain allows the AD RMS root cluster to process requests for client
licensor certificates or use licenses from users whose rights account certificates (RACs) were issued by a
different AD RMS root cluster. You add a trusted user domain by importing the server licensor certificate of
the AD RMS cluster to trust.
Windows Live ID Setting up a trust with Microsoft’s online RMS service allows an AD RMS user to send
rights-protected content to a user with a Windows Live ID. The Windows Live ID user will be able to
consume rights-protected content from the AD RMS cluster that has trusted Microsoft’s online RMS
service, but the Windows Live ID user will not be able to create content that is rights-protected by the AD
RMS cluster.
Microsoft Federation Gateway . Establishing a trust through the Microsoft Federation Gateway enables
an AD RMS cluster to accept certification and licensing requests from external organizations by accepting
claims-based authentication tokens from the Microsoft Federation Gateway. In effect, the Microsoft
Federation Gateway acts as a trusted broker between the two organizations by verifying the identity of the
two organizations in the transaction. Unlike a federated trust, establishing a trust relationship through
Microsoft Federation Gateway does not require a forest in one organization to explicitly federate with a
forest in the other organization. Instead, you can use filter lists to determine which domains can receive
certificates or licenses from the AD RMS cluster.
The following diagram illustrates the flow of data between a remote user and an AD RMS cluster that is
federated to the remote user’s forest.
QUESTION 5
You need to prepare for the migration of virtual machines across the Hyper-V hosts of Customer2.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the
list of actions to the answer area and arrange them in the correct order.
Select and Place:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
In the section requirements of Customer2 states:
For the migration of virtual machines (VMs) from Customer2 to use the direct transfer between Storage
Area Networks (SANs).
System Center 2012 R2 Virtual Machine Manager provides support for Offloaded Data Transfer ( OXD). .
Through ODX VMs can be much faster from a library to provide as with earlier versions
To use ODX the following requirements must be met:
Hardware:
Storage Array with ODX support (iSCSI, FC, FCoE, or SAS)
Software:
Windows Server 2012 or Windows Server 2012 R2
File system: NTFS
Files must be greater than 256 KB
Hyper-V:
To use ODX within a VM, must be fulfilled one of the points:
VHD / VHDX files of VM must be on an ODX-enabled LUN.
ODX capable iSCSI LUN that is connected to the iSCSI initiator directly to the VM.
ODX-capable Fibre Channel LUN, which is connected to the virtual FC adapter directly to the VM.
SMB 3.0 release, which lies on a ODX capable storage array.
As part of the preparation, it is important to involve the storage array in VMM. In the first step the array
multipath support on the Hyper-V hosts must be involved (Action 3).
Following it can be added to the fabric settings VMM. After the storage array has been added to the fabric
settings VMM, the iSCSI array can in the properties of a host or a host group in the section memory is
selected and added (Action 2). After adding the array then individual disks in the array can be hinzugeügt
(Action 4). The figure shows the properties of a Hyper-V cluster node named VH1.
The cluster is added to an iSCSI storage array. The disk Physicaldrive3 is a iSCSI disk, which is located on
the array. In turn, the iSCSI disk containing a volume named iDaten1, which is assigned to the cluster as a
shared cluster disk.
QUESTION 6
You need to recommend a network configuration for the newly deployed Hyper-V hosts used by
Customer1.
On which network adapter should you recommend performing each configuration? To answer, select the
appropriate network adapter for each configuration in the answer area.
Hot Area:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
All newly installed server contains a dual-port 10GbE network adapters with support for Remote Direct
Memory Access (RDMA) and a dual-port 1 GbE network adapter. See the section General requirements
states that:
Access the Hyper-V hosts to the storage and network traffic with the virtual machines must be possible
even if a single network adapter.
The need to use Hyper-V hosts that are SMB-based storage Remote Direct Memory Access (RDMA)
can use technology.
Windows Server 2012 includes the new feature "SMB Direct", which supports the use of network adapters
with function for direct remote memory access (Remote Direct Memory Access, RDMA). Network adapters
with RDMA can at maximum speed to work with very low latency - and the CPU usage at very low. For
workloads such as Hyper-V or Microsoft SQL Server, this means that a remote file server is equivalent to a
local store. "SMB Direct" features
Increased throughput: uses the entire throughput of high-speed networks, the network adapter
coordinate the transfer large amounts of data at the transfer rate of the line.
Low latency: provides extremely fast responses to network requirements and consequently aroused the
impression that the remote storage of files is just like saving a block storage directly connected.
Low CPU usage: used in data transmission over the network CPU cycles, thereby maintaining more
power reserves for server applications.
"SMB Direct" 2012 will be configured automatically by Windows Server. "SMB Multichannel" and "SMB
Direct" When "SMB Multichannel" is the feature for detecting the RDMA function of network adapters to
enable "SMB Direct".
Without "SMB Multichannel," used SMB regular TCP / IP for RDMA-capable network adapter (all network
adapters provide along with the new RDMA stack a TCP / IP stack available). With "SMB Multichannel"
recognizes SMB whether a network adapter on the RDMA function features.
Subsequently, several RDMA connections for that one session be made (two per port). This enables the
use of SMB high throughput, low latency and low CPU utilization that can offer RDMA-capable network
adapters. The feature also provides a fault tolerance, if you use multiple RDMA interfaces.
Important:
You should not be summed up in teams RDMA-capable network adapters if you want to use the RDMA
function of the network adapter. In a summary in the team network adapters do not offer RDMA
support.
After at least one RDMA network connection was created that used for the original protocol negotiation
TCP / IP connection is no longer used. In the event that the RDMA network connections fail, the TCP /
IP connection remains applicable.
QUESTION 7
You need to recommend which setting must be applied to the virtualization infrastructure of
Northwind Traders to minimize the impact of multiple virtual machines starting concurrently.
What command should you recommend running? To answer, select the appropriate options in the answer
area.
Hot Area:
Correct Answer:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
In the section General requirements states that all Hyper-V hosts must use for hosting virtual machines
Cluster Shared Volumes (Cluster Shared Volumes, CSVs).
In order to improve the performance of Cluster Shared Volumes in termsworkloads with intensive read
accesses the CSV Cache be increased for each node of the cluster. By default, the cache with 0 MB is
determined by the following call to the cache with 8192 MB is specified:
For Windows Server 2012 R2:
(Get-Cluster) .BlockCacheSize = 8192
For Windows Server 2012:
(Get-Cluster).SharedVolumeBlockCacheSizeInMB = 8192
In the following TechNet article for more information on the topic:
https://technet.microsoft.com/en-gb/library/jj612868.aspx
QUESTION 8
You need to prepare the required Hyper-V virtual network components for Customer2.
Which four objects should you create and configure in sequence? To answer, move the appropriate
objects from the list of objects to the answer area and arrange them in the correct order.
Select and Place:
Section: [none]
Explanation
Explanation/Reference:
01/12/2015 // Checked
Certbase notes:
In the section requirements of Customer2 states:
http://blogs.technet.com/b/scvmm/archive/2013/11/27/adopting-network-virtualization-part-ii.aspx
The network configuration of Hyper-V hosts of Customer2 must be controlled by logic switches.
Logical switches contain configurations that hosts can be applied to virtual switches different Hyper-V.
The wizard for creating a logical Switches are the order
of the objects to be created before:
 |
 |
 |
 |
 | |
|---|---|---|---|---|---|
|
Test
King
|
Pass4sure
|
Actual
Tests
|
Other
Brands
| ||
| Customer Reviews |  |
 |
 |
 |
 |
|
$89.99
|
$124.99
|
$125.99
|
$189.00
|
$29.99~$49.99
| |
| Up-To-Dated |  |
 |
 |
 |
 |
| Real Questions & Answers |  |
 |
 |
 |
 |
| Correct All Error |  |
 |
 |
 |
 |
| Premium VCE Dumps |  |
 |
 |
 |
 |
| Free VCE Simulator |  |
 |
 |
 |
 |
| Unlimited After One Time Purchasing |  |
 |
 |
 |
 |
| Instant Download |  |
 |
 |
 |
 |
| Printable PDF Dumps |  |
 |
 |
 |
 |
| 100% Pass Guarantee |  |
 |
 |
 |
 |
| 100% Money Back |  |
 |
 |
 |
 |
100% Pass:http://examsavior.com/
No comments:
Post a Comment