[2016 NEW! 70-414 Exam] Microsoft Braindumps 70-414 part4 Exam VCE Dumps For free download with 100%pass ensure

Do you want to pass the 70-414 exam? What are the new questions of the latest 70-414  exam? Braindumps 70-414  VCE dumps and 70-414  PDF dumps will tell you all about the 70-414  exam.Here are the newest and covered all new added questions and answers, which will help you 100% passing 70-414  exam.Hurry up and get the free exam from here! 
 



QUESTION 170 Hotspot Question You plan to configure Windows Network Load Balancing (NLB) for a company. You display following Network Load Balancing Manager window:

Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic.

QUESTION 171 Drag and Drop Question You need to implement Windows Network Load Balancing (NLB).
Which three actions should you perform in sequence? To answer, move the appropriate actions
from the list of actions to the answer area and arrange them in correct order.

QUESTION 172 Drag and Drop Question You need to collect the required security logs.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

QUESTION 173 Hotspot Question You need to implement App1.
How should you configure the locations? To answer, select the appropriate option from each list in the answer area.

QUESTION 174 Drag and Drop Question You need to configure access to the Certificate Revocation Lists (CRLs). How should you configure the access? To answer, drag the appropriate protocol or servers to the correct network type. Each protocol or server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

Answer:

QUESTION 175
Hotspot Question You need to deploy the new SQL cluster for App2. How should you complete the relevant Windows PowerShell command? To answer, select the appropriate Windows PowerShell segment from each list in the answer area.

Answer:

QUESTION 176 Hotspot Question You need to implement the file share for the new virtual desktop environment.
How should you configure the implementation? To answer, select the appropriate option from each list in the answer area.

Answer:

QUESTION 177 Drag and Drop Question You need to implement VM-SQLclusterl.contoso.com.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Explanation:
Based on the fact that shared VHDX is only supported on R2 http://blogs.technet.com/b/askpfeplat/archive/2015/06/01/how-shared-vhdx-works-on-server- 2012-r2.aspx Steps are from: https://technet.microsoft.com/en-us/library/dn265980.aspx
QUESTION 178
You need to implement a new highly available storage solution for the Hyper-V environment.
Which servers should you include in the scale-out file cluster?
A.
CHI-SERVER1 and CHI-SERVER2
B.
SEA3-HVNODE1 and SEA3-HVNODE2
C.
SEA-SERVER1 and SEA-SERVER2
D.
CHIl-HVNODE1 and CHI1-HVNODE2
Answer: A
QUESTION 179 You plan to allow users to run internal applications from outside the company's network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices. Solution: You migrate the AD FS server to Microsoft Azure and connect it to the internal Active Directory instance on the network. Then, you use the Workplace Join process to configure access for personal devices to the on- premises resources. Does this meet the goal?
A.
Yes
B.
No
Answer: A
QUESTION 180 You plan to allow users to run internal applications from outside the company s network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices. Solution: You install a local instance of the MFA Server. You connect the instance to the Microsoft Azure MFA provider and then you use Microsoft Intune to manage personal devices. Does this meet the goal?
A.
Yes
B.
No
Answer: A
QUESTION 181 A company has data centers in Seattle and New York. A high-speed link connects the data centers. Each data center runs a virtualization infrastructure that uses Hyper-V Server 2012 and Hyper-V Server 2012 R2.
Administrative users from the Seattle and New York offices are members of Active Directory Domain Services groups named SeattleAdmins and NewYorkAdmins, respectively.
You deploy one System Center Virtual Machine Manager (SCVMM) in the Seattle data center. You create two private clouds named SeattleCloud and NewYorkCloud in the Seattle and New York data centers, respectively. You have the following requirements:
- Administrators from each data center must be able to manage the virtual machines and services from their location by using a web portal.
- Administrators must not apply new resource quotas or change resource
quotas.
- You must manage public clouds by using the existing SCVMM server.
- You must use the minimum permissions required to perform the administrative tasks.
You need to configure the environment. What should you do?
A.
For both the Seattle and New York admin groups, create a User Role and assign it to the Application Administrator profile. Add the Seattle and New York private clouds to the corresponding User Role.
B.
For both the Seattle and New York admin groups, create a User Role and assign it to the Delegated Administrator profile. Add the Seattle and New York private clouds to the corresponding User Role.
C.
For both the Seattle and New York admin groups, create a User Role and assign it to the Tennant Administrator profile. Add the Seattle and New York private clouds to the corresponding User Role.
D.
Add both SeattleAdmins and NewYorkAdmins to the Local Administrators group of each Hyper-V host in Seattle and New York, respectively.
Answer: B
QUESTION 182 You administer an Active Directory Domain Services forest that includes an Active Directory Federation Services (AD FS) server and Azure Active Directory. The fully qualified domain name of the AD FS server is adfs.contoso.com. Your must implement single sign-on (SSO) for a cloud application that is hosted in Azure. All domain users must be able to use SSO to access the application. You need to configure SSO for the application. Which two actions should you perform? Each correct answer presents part of the solution.
A.
Use the Azure Active Directory Synchronization tool to configure user synchronization.
B.
Use the AD FS Configuration wizard to specify the domain and administrator for the Azure Active Directory service.
C.
Create a trust between AD FS and Azure Active Directory.
D.
In the Azure management portal, activate directory synchronization.
Answer: AC
Explanation: https://msdn.microsoft.com/en-us/library/azure/hh967643.aspx
QUESTION 183
Your network contains an Active Directory domain named contoso.com.
You currently have an intranet web site that is hosted by two Web servers named Web1 and
Web2. Web1 and Web2 run Windows Server 2012. Users use the name intranet.contoso.com to request the web site and use DNS round robin. You plan to implement the Network Load Balancing (NLB) feature on Web1 and Web2. You need to recommend changes to the DNS records for the planned implementation. What should you recommend?
A.
Create a service locator (SRV) record. Map the SRV record to Intranet.
B.
Delete both host (A) records named Intranet. Create a pointer (PTR) record for each Web server.
C.
Remove both host (A) records named Intranet. Create a new host (A) record named Intranet.
D.
Delete both host (A) records named Intranet. Create two new alias (CNAME) records named Intranet. Map each CNAME record to a Web server name.
Answer: C
QUESTION 184 You have a small Hyper-V cluster built on two hosts that run Windows Server 2012 R2 Hyper-V. You manage the virtual infrastructure by using System Center Virtual Machine Manager 2012. Distributed Key Management is not installed. You have the following servers in the environment: You have the following requirements:
- You must back up virtual machines at the host level.
- You must be able to back up virtual machines that are configured for
live migration.
- You must be able to restore the entire VMM infrastructure.
You need to design and implement the backup plan. What should you do?

A. Run the following Windows PowerShell command: Checkpoint-VM -Name DPMI -ComputerName SQL1
B.
Install the DPM console on VMM1
C.
Configure backup for all disk volumes on FILESERVER1.
D.
Install the VMM console on DPMI.
Answer: D
Explanation:
http://blogs.technet.com/b/dpm/archive/2013/04/24/sc-2012-sp1-dpm-windows-2012-vm-mobility- uninterrupted-data-protection.aspx
QUESTION 185
You are an Active Directory administrator for Contoso, Ltd. You have a properly configured certification authority (CA) in the contoso.com Active Directory Domain Services (AD DS) domain. Contoso employees authenticate to the VPN by using a user certificate issued by the CA. Contoso acquires a company named Litware, Inc., and establishes a forest trust between contoso.com and litwareinc.com. No CA currently exists in the litwareinc.com AD DS domain. Litware employees do not have user accounts in contoso.com and will continue to use their litwareinc.com user accounts. Litware employees must be able to access Contoso's VPN and must authenticate by using a user certificate that is issued by Contoso's CA. You need to configure cross-forest certificate enrollment for Litware users. Which two actions should you perform? Each correct answer presents part of the solution.
A.
Grant the litwareinc.com AD DS Domain Computers group permissions to enroll for the VPN template on the Contoso CA.
B.
Copy the VPN certificate template from contoso.com to litwareinc.com.
C.
Add Contoso's root CA certificate as a trusted root certificate to the Trusted Root Certification Authority in litware.com.
D.
Configure clients in litwareinc.com to use a Certificate Policy server URI that contains the location of Contoso's CA.
Answer: CD
QUESTION 186 You manage a Hyper-V 2012 cluster by using System Center Virtual Machine Manager 2012 SP1. You need to ensure high availability for business-critical virtual machines (VMs) that host business-critical SQL Server databases. Solution: You set the memory-weight threshold value to High for each business-critical VM, Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 187 You administer a group of servers that run Windows Server 2012 R2. You must install all updates.
You must report on compliance with the update policy on a monthly basis. You need to configure updates and compliance reporting for new devices.
What should you do?
A.
Deploy the Microsoft Baseline Security Analyzer. Scan the servers and specify the /apply switch.
B.
In Configuration Manager, deploy a new Desired Configuration Management baseline that includes all required updates.
C.
Configure a new group policy to install updates monthly. Deploy the group policy to all servers.
D.
In Operations Manager, create an override that enables the software updates management pack. Apply the new override to the servers.
Answer: B
Explanation: https://technet.microsoft.com/en-us/library/bb680553.aspx
QUESTION 188
NOTE: Once you answer this question, you will NOT be able to return to it. You manage a Hyper-V 2012 cluster by using System Center Virtual Machine Manager 2012 SP1. You need to ensure high availability for business-critical virtual machines (VMs) that host business-critical SQL Server databases. Solution: You configure preferred and possible owners for each business-critical VM. Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 189 Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure. You deploy a service named Service1 by using a service template. Service1 contains two virtual machines. The virtual machines are configured as shown in the following table.

You need to recommend a monitoring solution to ensure that an administrator can review the availability information of Service1.
Solution: From Configuration Manager, you create a Collection and a Desired Configuration Management baseline. Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 190 You have a small Hyper-V cluster built on two hosts that run Windows Server 2012 R2 Hyper-V. You manage the virtual infrastructure by using System Center Virtual Machine Manager 2012. Distributed Key Management is not installed. You have the following servers in the environment:

You have the following requirements:
- You must back up virtual machines at the host level.
- You must be able to back up virtual machines that are configured for live migration.
- You must be able to restore the entire VMM infrastructure.
You need to design and implement the backup plan. What should you do?
A.
Run the following Windows PowerShell command: Checkpoint-VM -Name DPMI -ComputerName SQL1
B.
Install the DPM console on VMM1
C.
Configure backup for all disk volumes on FILESERVER1.
D.
Install the VMM console on DPMI.
Answer: D
Explanation:
http://blogs.technet.com/b/dpm/archive/2013/04/24/sc-2012-sp1-dpm-windows-2012-vm-mobility- uninterrupted-data-protection.aspx
QUESTION 191
You administer a group of servers that run Windows Server 2012 R2. You must install all updates. You must report on compliance with the update policy on a monthly basis. You need to configure updates and compliance reporting for new devices. What should you do?
A.
Deploy the Microsoft Baseline Security Analyzer. Scan the servers and specify the /apply switch.
B.
In Configuration Manager, deploy a new Desired Configuration Management baseline that includes all required updates.
C.
Configure a new group policy to install updates monthly. Deploy the group policy to all servers.
D.
In Operations Manager, create an override that enables the software updates management pack. Apply the new override to the servers.
Answer: B
Explanation: https://technet.microsoft.com/en-us/library/bb680553.aspx
QUESTION 192
You are an Active Directory administrator for Contoso, Ltd. You have a properly configured certification authority (CA) in the contoso.com Active Directory Domain Services (AD DS) domain. Contoso employees authenticate to the VPN by using a user certificate issued by the CA. Contoso acquires a company named Litware, Inc., and establishes a forest trust between contoso.com and litwareinc.com. No CA currently exists in the litwareinc.com AD DS domain. Litware employees do not have user accounts in contoso.com and will continue to use their litwareinc.com user accounts. Litware employees must be able to access Contoso's VPN and must authenticate by using a user certificate that is issued by Contoso's CA. You need to configure cross-forest certificate enrollment for Litware users. Which two actions should you perform? Each correct answer presents part of the solution.
A.
Grant the litwareinc.com AD DS Domain Computers group permissions to enroll for the VPN template on the Contoso CA.
B.
Copy the VPN certificate template from contoso.com to litwareinc.com.
C.
Add Contoso's root CA certificate as a trusted root certificate to the Trusted Root Certification Authority in litware.com.
D.
Configure clients in litwareinc.com to use a Certificate Policy server URI that contains the location of Contoso's CA.
Answer: CD
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/7734.certificate-enrollment-web-services- in-active-directory-certificate-services.aspx#Forest_Consolidation
QUESTION 193
A company has data centers in Seattle and New York. A high-speed link connects the data centers. Each data center runs a virtualization infrastructure that uses Hyper-V Server 2012 and Hyper-V Server 2012 R2. Administrative users from the Seattle and New York offices are
members of Active Directory Domain Services groups named SeattleAdmins and NewYorkAdmins, respectively. You deploy one System Center Virtual Machine Manager (SCVMM) in the Seattle data center. You create two private clouds named SeattleCloud and NewYorkCloud in the Seattle and New York data centers, respectively. You have the following requirements:
- Administrators from each data center must be able to manage the virtual machines and services
from their location by using a web portal.
- Administrators must not apply new resource quotas or change resource
quotas.
- You must manage public clouds by using the existing SCVMM server.
- You must use the minimum permissions required to perform the
administrative tasks. You need to configure the environment. What should you do?
A.
For both the Seattle and New York admin groups, create a User Role and assign it to the Application Administrator profile. Add the Seattle and New York private clouds to the corresponding User Role.
B.
For both the Seattle and New York admin groups, create a User Role and assign it to the Delegated Administrator profile. Add the Seattle and New York private clouds to the corresponding User Role.
C.
For both the Seattle and New York admin groups, create a User Role and assign it to the Tennant Administrator profile. Add the Seattle and New York private clouds to the corresponding User Role.
D.
Add both SeattleAdmins and NewYorkAdmins to the Local Administrators group of each Hyper-V host in Seattle and New York, respectively.
Answer: B
QUESTION 194 You administer an Active Directory Domain Services forest that includes an Active Directory Federation Services (AD FS) server and Azure Active Directory. The fully qualified domain name of the AD FS server is adfs.contoso.com. Your must implement single sign-on (SSO) for a cloud application that is hosted in Azure. All domain users must be able to use SSO to access the application. You need to configure SSO for the application. Which two actions should you perform? Each correct answer presents part of the solution.
A.
Use the Azure Active Directory Synchronization tool to configure user synchronization.
B.
Use the AD FS Configuration wizard to specify the domain and administrator for the Azure Active Directory service.
C.
Create a trust between AD FS and Azure Active Directory.
D.
In the Azure management portal, activate directory synchronization.
Answer: AC
Explanation: https://msdn.microsoft.com/en-us/library/azure/hh967643.aspx
QUESTION 195
You manage a Hyper-V 2012 cluster by using System Center Virtual Machine Manager 2012 SP1. You need to ensure high availability for business-critical virtual machines (VMs) that host business-critical SQL Server databases. Solution: You set the memory-weight threshold value to High for each business-critical VM, Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 196 NOTE: Once you answer this question, you will NOT be able to return to it. You manage a Hyper- V 2012 cluster by using System Center Virtual Machine Manager 2012 SP1. You need to ensure high availability for business-critical virtual machines (VMs) that host business-critical SQL Server databases. Solution: You configure preferred and possible owners for each business-critical VM. Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 197 You plan to allow users to run internal applications from outside the company's network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices. Solution: You migrate the AD FS server to Microsoft Azure and connect it to the internal Active Directory instance on the network. Then, you use the Workplace Join process to configure access for personal devices to the on-premises resources. Does this meet the goal?
A.
Yes
B.
No
Answer: A
QUESTION 198 You plan to allow users to run internal applications from outside the company s network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices. Solution: You install a local instance of the MFA Server. You connect the instance to the Microsoft Azure MFA provider and then you use Microsoft Intune to manage personal devices.
Does this meet the goal?
A.
Yes
B.
No
Answer: A
QUESTION 199 Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure. You deploy a service named Service1 by using a service template. Service1 contains two virtual machines. The virtual machines are configured as shown in the following table.

You need to recommend a monitoring solution to ensure that an administrator can review the availability information of Service1. Solution: From Configuration Manager, you create a Collection and a Desired Configuration Management baseline. Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 200 Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
You deploy a service named Service1 by using a service template. Service1 contains two virtual machines. The virtual machines are configured as shown in the following table.

You need to recommend a monitoring solution to ensure that an administrator can review the availability information of Service1. Solution: From Operations Manager, you create a Distributed Application and a Monitor Override. Does this meet the goal?
A.
Yes
B.
No
Answer: B
QUESTION 201 An organization uses an Active Directory Rights Management Services (AD RMS) cluster names RMS1 to protect content for a project. You uninstall AD RMS when the project is complete. You need to ensure that the protected content is still available after AD RMS is uninstalled. Solution: You run the following Windows PowerShell command: Set-ItemProperty -Path <protected content>:\ -Name IsDecommissioned - Value $true - EnableDecommission Does this meet the goal?
A.
Yes
B.
No
Answer: A
QUESTION 202 An organization uses an Active Directory Rights Management Services (AD RMS) cluster named RMS1 to protect content for a project. You uninstall AD RMS when the project is complete. You need to ensure that the protected content is still available after AD RMS is uninstalled. Solution: You add the backup service account to the SuperUsers group and back up the protected content. Then, you restore the content to a file server and apply the required NTFS permissions to the files. Does this meet the goal?
A. Yes
B. No
Answer: B
QUESTION 203 You install the Service Manager Self-Service Portal on a server named CONTOSOSSP1. Users report that they receive access denied messages when they try to connect to the portal. You must grant users the minimum required permissions. You need to ensure that all users in the Contoso domain can access the Service Manager Self- Service Portal. What should you do?
A.
In Active Directory, create a new group named PortalUsers. Add the PortalUsers group to the Contoso \Domain Users group, and then add the group to the local users group on CONTOSOSSP1.
B.
Using the account that you used to install the Self-Service portal, grant the Contoso\Domain Users group Read permissions to the portal.
C.
In Service Manager, create a new user role named PortalUsers. Grant the PortalUsers role rights to all catalog items, and then add the Contoso\Domain Users Active Directory Domain Services group to the PortalUsers role.
D.
Using the account that you used to install the Self-Serviceportal, grant the Contoso\Domain Users group Contribute permissions to the portal.
Answer: B
QUESTION 204 You need to deploy the virtual network for the development servers. Which two actions should you perform? Each correct answer presents part of the solution.
A.
Associate VLAN ID 40 with the new logical network.
B.
On HV-Cluster1, create a new logical network that uses a single connected network.
C.
Associate VLAN ID 20 with the new logical network.
D.
On HV-Cluster1, create a new logical network that uses private VLAN networks.
E.
On HV-Cluster2, create a new logical network that uses a single connected network.
F.
On HV-Cluster2, create a new logical network that uses private VLAN networks.
Answer: AD
QUESTION 205 You need to configure migration for HV-CLUSTER1. What should you do?
A.
Use live migration between HV-Cluster1 and HV-Cluster3.
B.
Configure a Hyper-V replica between HV-Cluster1 and HV-Cluster3.
C.
Configure a Hyper-V replica between HV-Cluster1 and HV-Cluster4.
D.
Use live migration between HV-Cluster1 and HV-Cluster4.
Answer: C
QUESTION 206
You need to change the HR application server environment. What should you do?
A.
Use Microsoft Virtual Machine Converter 3.0 to convert DAL-APPSERVER2.
B.
Use Virtual Machine Manager to convert DAL-APPSERVER2.
C.
Use Microsoft Virtual Machine Converter 3.0 to convert DAL-APPSERVER1.
D.
Use Virtual Machine Manager to convert DAL-APPSERVER1.
Answer: C
QUESTION 207 Drag and Drop Question You use the entire System Center suite. You integrate Service Manager with Operations Manager. Virtual Machine Manager, Orchestrator, and Active Directory. You perform all remediation by using Orchestrator runbooks. An application experiences performance problems on a periodic basis. You have the following requirements:
- A new incident must be opened when System Center Operations Manager (SCOM) detects a performance problem.
- The incident must be closed when the performance problem is resolved.
- The incident must be associated with the HR performance problem in
Service Manager. You need to configure the environment.

Answer:
QUESTION 208 Drag and Drop Question You are planning to set up a proof-of-concept network virtualization environment. The environment will contain three servers. The servers will be configured as shown in the following table.
VMM will be used to manage the virtualization environment. Server2 runs three virtual machines. All of the virtual machines are configured to use network virtualization. You need to enable network connectivity between the virtual machines and Server3. Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:

QUESTION 209
Drag and Drop Question You need to ensure that all new production Hyper-V virtual machines can be deployed correctly. Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

QUESTION 210
Drag and Drop Question You need to configure the environment to support App1.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Answer:

QUESTION 211 Hotspot Question You need to create a script to deploy DFS replication.
Which Windows PowerShell commands should you add to the script? To answer, select the appropriate Windows PowerShell commands in each list in the answer area.

Answer:

Case Study 7: Contoso Ltd Case D (QUESTION 212 - QUESTION 225) Overview Contoso, Ltd., is a manufacturing company that makes several different components that are used in automobile production. Contoso has a main office in Detroit, a distribution center in Chicago, and branch offices in Dallas, Atlanta, and San Diego. The contoso.com forest and domain functional level are Windows Server 2008 R2. All servers run Windows Server 2012 R2, and all client workstations run Windows 7 or Windows 8. Contoso uses System Center 2012 Operations Manager and Audit Collection Services (ACS) to monitor the environment. There is no certification authority (CA) in the environment.
Current Environment
The contoso.com domain contains the servers as shown in the following table:

Contoso sales staff travel within the United States and connect to a VPN by using mobile devices to access the corporate network. Sales users authenticate to the VPN by using their Active Directory usernames and passwords. The VPN solution also supports certification-based authentication. Contoso uses an inventory system that requires manually counting products and entering that count into a database. Contoso purchases new inventory software that supports wireless handheld scanners and several wireless handheld scanners. The wireless handheld scanners run a third party operating system that supports the Network Device Enrollment Service (NDES).
Business Requirements Security
The wireless handheld scanners must use certification-based authentication to access the wireless network. Sales users who use mobile devices must use certification-based authentication to access the VPN. When sales users leave the company, Contoso administrators must be able to disable their VPN access by revoking their certificates.
Monitoring
All servers must be monitored by using System Center 2012 Operating Manager. In addition to monitoring the Windows operating system, you must collect security logs from the CA servers by using ACS, and monitor the services that run on the CA and Certificate Revocation List (CRL) servers, such as certification authority and web services.
Technical Requirements CA Hierarchy
Contoso requires a two-tier CA hierarchy. The CA hierarchy must include a stand-alone offline root and two Active Directory-integrated issuing CAs: one for issuing certificates to domain-joined devices, and one for issuing certificates to non-domain-joined devices by using the NDES. CRLs must be published to two web servers: one in Detroit and one in Chicago.
Contoso has servers that run Windows Server 2012 R2 to use for the CA hierarchy. The servers are described in the following table:

The IT security department must have the necessary permissions to manage the CA and CRL servers. A domain group named Corp-IT Security must be used for this purpose. The IT security department users are not domain admins.
Fault Tolerance
The servers that host the CRL must be part of a Windows Network Load Balancing (NLB) cluster. The CRL must be available to users in all locations by using the hostname crl.contoso.com, even if one of the underlying web servers is offline.
QUESTION 212
You need to automatically restart the appropriate web service on DETCRL01 and CHICRL01 if the web service is stopped. Solution: You create a recovery task in SCOM and configure it to start the World Wide Web publishing service. Does this meet the goal?
A.
Yes
B.
No
Answer: A Explanation: Explanation: The Internet Information Services (IIS) World Wide Web Publishing Service (W3SVC), sometimes referred to as the WWW Service, manages the HTTP protocol and HTTP performance counters. The following is a list of the managed entities that are included in this managed entity:
* IIS Web Site
An Internet Information Services (IIS) Web site is a unique collection of Web pages and Web applications that is hosted on an IIS Web server. Web sites have bindings that consist of a port number, an IP address, and an optional host name or names.
* Active Server Pages (ASP)
https://technet.microsoft.com/en-us/library/cc734944(v=ws.10).aspx
QUESTION 213
You plan to allow users to run internal applications from outside the company's network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices. Solution: You install a local instance of MFA Server. You connect the instance to the Microsoft Azure MFA provider, and then run the following Windows PowerShell cmdlet.
Enable-AdfsDeviceRegistration
Does this meet the goal?
A.
Yes
B.
No
Answer: B
Explanation: We must install AD FS Adapter, not register a host for the Device Registration Service. Note: The Enable-AdfsDeviceRegistration cmdlet configures a server in an Active Directory Federation Services (AD FS) farm to host the Device Registration Service. https://msdn.microsoft.com/en-us/library/azure/dn807157.aspx
QUESTION 214
An organization uses an Active Directory Rights Management Services (AD RMS) cluster named RMS1 to protect content for a project. You uninstall AD RMS when the project is complete. You need to ensure that the protected content is still available after AD RMS is uninstalled. Solution: You enable the decommissioning service by using the AD RMS management console. You grant all users the Read & Execute permission to the decommission pipeline. Does this meet the goal?
A.
Yes
B.
No
Answer: B
Explanation: The proper procedure is: Inform your users that you are decommissioning the AD RMS installation and advise them to connect to the cluster to save their content without AD RMS protection. Alternatively, you could delegate a trusted person to decrypt all rights- protected content by temporarily adding that person to the AD RMS super users group. After you believe that all of the content is unprotected and saved, you should export the server licensor certificate, and then uninstall AD RMS from the server.

Latest online browsing the 70-414 exam!
70-414 PDF dumps & 70-414 VCE dumps:  http://examsavior.com/70-414
 
 

	Examsavior	Test King	Pass4sure	Actual Tests	Other Brands
Customer Reviews
	$89.99	$124.99	$125.99	$189.00	$29.99~$49.99
Up-To-Dated
Real Questions & Answers
Correct All Error
Premium VCE Dumps
Free VCE Simulator
Unlimited After One Time Purchasing
Instant Download
Printable PDF Dumps
100% Pass Guarantee
100% Money Back

100% Pass:http://examsavior.com/