Microsoft Identity with Windows Server 2016 - 070-742 Exam Practice Test
Your network contains an Active Directory domain named contoso.com. The domain contains a user named User1, a group named Group1, and an Organizational unit (OU) named OU1.
You need to enable User1 to link Group Policies to OU1.
Solution: From Active Directory Users and Computers, you add User1 to the Group Policy Creator Owner group.
Does this meet the goal?
You need to enable User1 to link Group Policies to OU1.
Solution: From Active Directory Users and Computers, you add User1 to the Group Policy Creator Owner group.
Does this meet the goal?
Correct Answer: A
Vote an answer
You have a server named Server1 in a workgroup.
You need to configure a Group Policy setting on Server1 that will apply to only non-administrative users.
What should you do?
You need to configure a Group Policy setting on Server1 that will apply to only non-administrative users.
What should you do?
Correct Answer: B
Vote an answer
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com.
You recently deleted 5,000 objects from the Active Directory database.
You need to reduce the amount of disk space used to store the Active Directory database on a domain controller.
Your network contains an Active Directory domain named contoso.com.
You recently deleted 5,000 objects from the Active Directory database.
You need to reduce the amount of disk space used to store the Active Directory database on a domain controller.
Correct Answer: H
Vote an answer
You have a server named Server1 that runs Windows Server 2016. Server1 has the Web Application Proxy role service installed.
You plan to deploy Remote Desktop Gateway (RD Gateway) services. Clients will connect to the RD Gateway services by using various types of devices including Windows, iOS and Android devices.
You need to publish the RD Gateway services through the Web Application Proxy.
Which command should you run? To answer, select the appropriate options in the answer area.
You plan to deploy Remote Desktop Gateway (RD Gateway) services. Clients will connect to the RD Gateway services by using various types of devices including Windows, iOS and Android devices.
You need to publish the RD Gateway services through the Web Application Proxy.
Which command should you run? To answer, select the appropriate options in the answer area.
Correct Answer:
Explanation
You network contains an Active Directory domain named contoso.com. The domain contains the objects shown in the following table.
The domain has the Group Policy objects (GPOs) shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The domain has the Group Policy objects (GPOs) shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Correct Answer:
Explanation
Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named TestOU that contains test computers.
You need to enable a technician named Tech1 to create Group Policy objects (GPOs) and to link the GPOs to TestOU. The solution must use the principle of least privilege.
Which two actions should you perform? Each correct answer presents part of the solution.
You have an organizational unit (OU) named TestOU that contains test computers.
You need to enable a technician named Tech1 to create Group Policy objects (GPOs) and to link the GPOs to TestOU. The solution must use the principle of least privilege.
Which two actions should you perform? Each correct answer presents part of the solution.
Correct Answer: A,C
Vote an answer
Your network contains an Active Directory domain. All servers run Windows Server 2016. All client computers run Windows 10 Enterprise.
You deploy an enterprise certification authority (CA).
You are implementing an online responder.
You need to ensure that any clients that are issued certificates by the CA will use the online responder.
How should you configure the extension settings of the CA?
You deploy an enterprise certification authority (CA).
You are implementing an online responder.
You need to ensure that any clients that are issued certificates by the CA will use the online responder.
How should you configure the extension settings of the CA?
Correct Answer: B
Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
You network contains an Active Directory forest. The forest contains an Active Directory Federation Services (AD FS) deployment.
The AD FS deployment contains the following:
* An AD FS server named server1.contoso.com that runs Windows Server 2016
* A Web Application Proxy used to publish AD FS
* A LIPN that uses the contoso.com suffix
* A namespace named adfs.contoso.com
You create a Microsoft Office 365 tenant named contoso.onmicrosoft.com. You use Microsoft Azure Active Directory Connect (AD Connect) to synchronize all of the users and the UPNs from the contoso.com forest to Office 365.
You need to configure federation between Office 365 and the on-premises deployment of Active Directory.
Which three commands should you run in sequence from Server1? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
The AD FS deployment contains the following:
* An AD FS server named server1.contoso.com that runs Windows Server 2016
* A Web Application Proxy used to publish AD FS
* A LIPN that uses the contoso.com suffix
* A namespace named adfs.contoso.com
You create a Microsoft Office 365 tenant named contoso.onmicrosoft.com. You use Microsoft Azure Active Directory Connect (AD Connect) to synchronize all of the users and the UPNs from the contoso.com forest to Office 365.
You need to configure federation between Office 365 and the on-premises deployment of Active Directory.
Which three commands should you run in sequence from Server1? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Correct Answer:
Explanation
Your network contains two Active Directory forests named fabrikam.com and contoso.com. Each forest contains two sites. Each site contains two domain controllers.
You need to configure all the domain controllers in both the forests as global catalog servers.
Which snap-in should you us?
You need to configure all the domain controllers in both the forests as global catalog servers.
Which snap-in should you us?
Correct Answer: D
Vote an answer
Your network contains an Active Directory forest. The forest contains an Active Directory Federation Services (AD FS) deployment.
The AD FS deployment contains the following.
* An AD FS server named server1.contoso.com that runs Windows Server 2016
* A Web Application Proxy used to publish AD FS
* A UPN that uses the contoso.com suffix
* A namespace named adfs.contoso.com
You create a Microsoft Office 365 tenant named contoso.onmicrosoft.com. You use Microsoft Azure Active Directory Connect (AD Connect) to synchronize all of the users and the UPNs from the contoso.com forest to Office 365.
You need to configure federation between Office 365 and the on-premises deployment of Active Directory.
Which three commands should you run in sequence from Server1? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
The AD FS deployment contains the following.
* An AD FS server named server1.contoso.com that runs Windows Server 2016
* A Web Application Proxy used to publish AD FS
* A UPN that uses the contoso.com suffix
* A namespace named adfs.contoso.com
You create a Microsoft Office 365 tenant named contoso.onmicrosoft.com. You use Microsoft Azure Active Directory Connect (AD Connect) to synchronize all of the users and the UPNs from the contoso.com forest to Office 365.
You need to configure federation between Office 365 and the on-premises deployment of Active Directory.
Which three commands should you run in sequence from Server1? To answer, move the appropriate commands from the list of commands to the answer area and arrange them in the correct order.
Correct Answer:
Explanation
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com.
You need to identify which server is the schema master.
Solution: From a command prompt, you run
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com.
You need to identify which server is the schema master.
Solution: From a command prompt, you run
Does this meet the goal?
Correct Answer: B
Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
You have an offline root certification authority (CA) named CA1. CA1 is hosted on a virtual machine.
You only turn on CA1 when the CA must be patched or you must generate a key for subordinate CAs.
You start CA1, and you discover that the filesystem is corrupted.
You resolve the filesystem corruption and discover that you must reload the CA root from a backup.
When you attempt to run the Restore-CARoleService cmdlet, you receive the following error message: "The process cannot access the file because it is being used by another process."
You only turn on CA1 when the CA must be patched or you must generate a key for subordinate CAs.
You start CA1, and you discover that the filesystem is corrupted.
You resolve the filesystem corruption and discover that you must reload the CA root from a backup.
When you attempt to run the Restore-CARoleService cmdlet, you receive the following error message: "The process cannot access the file because it is being used by another process."
Correct Answer: B
Vote an answer
Your network contains an Active directory domain named conloso.com. The domain has an enterprise certification authority (CA).
You duplicate the Basic EFS template, and you name the template Template1. You configure the CA to issue Template1.
Users are configured to obtain a new certificate automatically when they sign in to a computer in the domain.
You need to enable the users to automatically obtain a certificate based on Template1.
What should you modify?
You duplicate the Basic EFS template, and you name the template Template1. You configure the CA to issue Template1.
Users are configured to obtain a new certificate automatically when they sign in to a computer in the domain.
You need to enable the users to automatically obtain a certificate based on Template1.
What should you modify?
Correct Answer: C
Vote an answer
Your network contains an Active Directory forest named contoso.com. All domain controllers run Windows Server 2012 R2. You deploy a new server named Server1 that runs Windows Server 2016.
A server administrator named ServerAdmin01 is a member of the Domain users group. You add ServerAdmin01 to the Administrators group on Server1.
ServerAdmin01 signs in to Server1 and successfully configures a new Active Directory flights Management Services (AD RMS) cluster.
You need to ensure that clients can discover the AD RMS cluster by querying Active Directory. What should you do?
A server administrator named ServerAdmin01 is a member of the Domain users group. You add ServerAdmin01 to the Administrators group on Server1.
ServerAdmin01 signs in to Server1 and successfully configures a new Active Directory flights Management Services (AD RMS) cluster.
You need to ensure that clients can discover the AD RMS cluster by querying Active Directory. What should you do?
Correct Answer: D
Vote an answer
Your network contains an Active Directory domain named contoso.com.
All the accounts of the users in the sales department are in an organizational unit (OU) named SalesOU.
An application named App1 is deployed to the user accounts in SalesOU by using a Group Policy object (GPO) named SalesGPO. You need to set the registry value of
\HKEY_CURRENT_USER\Software\App1\CoIlaboration to 0.
Solution: You add a user preference that has an Update action.
Does this meet the goal?
All the accounts of the users in the sales department are in an organizational unit (OU) named SalesOU.
An application named App1 is deployed to the user accounts in SalesOU by using a Group Policy object (GPO) named SalesGPO. You need to set the registry value of
\HKEY_CURRENT_USER\Software\App1\CoIlaboration to 0.
Solution: You add a user preference that has an Update action.
Does this meet the goal?
Correct Answer: B
Vote an answer