70-741 無料問題集「Microsoft Networking with Windows Server 2016」
Your network contains an Active Directory forest named contoso.com. The forest contains the VPN servers configured as shown in the following table.
You are configuring a Network Policy Server (NPS) server named Server1. Server1 has the following RADIUS clients.
All three VPN servers are configured to use Server1 for RADIUS authentication. All of the users in comtoso.com are allowed to establish a VPN connection. For each of the following statements, select YES if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
You are configuring a Network Policy Server (NPS) server named Server1. Server1 has the following RADIUS clients.
All three VPN servers are configured to use Server1 for RADIUS authentication. All of the users in comtoso.com are allowed to establish a VPN connection. For each of the following statements, select YES if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation:
References: https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/vpn-deploy-nps
You have a Hyper-V server named Server1 that runs Windows Server 2016. Server1 has an IP address of 192.168.1.78. Server1 has a container named Container1 that hosts a web application on port 84. Container1 has an IP address of 172.16.5.6. Container1 has a port mapping from port 80 on Server1 to port 84 on Container1. You have a server named Server2 that has an IP address of 192.168.1.79, You need to connect to the web application from Server2. To which IP address and port should you connect?
正解:D
解答を投票する
Your network contains an Active Directory domain named contoso.com. The domain contains a DHCP server named Server1 that runs Windows Server 2016.
You have a DHCP scope for the 10.0.0.0/24 IP subnet. One hundred and fifty clients reside in the subnet. Fifty of the DHCP clients are NOT domain-joined.
You need to ensure that DHCP clients without a configured DNS suffix register automatically in a DNS zone named workgroup.contoso.com. The other DHCP clients must register in the DNS zone of their respective domain.
What should you do?
You have a DHCP scope for the 10.0.0.0/24 IP subnet. One hundred and fifty clients reside in the subnet. Fifty of the DHCP clients are NOT domain-joined.
You need to ensure that DHCP clients without a configured DNS suffix register automatically in a DNS zone named workgroup.contoso.com. The other DHCP clients must register in the DNS zone of their respective domain.
What should you do?
正解:D
解答を投票する
You have a DNS server named Server1 that runs Windows Server 2016. Server1 has network interfaces that have the following IP addresses:
-10.0.0.100
-131.107.0.100
The internal network uses an IP address space of 10.0.0.0/16.
Server1 provides DNS name resolution to both internal and external clients. Server1 hosts the primary zone for contoso.com.
You need to configure Server1 to meet the following requirements:
* Internal clients must be able to use Server 1 to resolve internal-based DNS names.
* External clients must not be able to use Server1 to resolve Internal-based DNS names.
* External clients must able to use Server1 to resolve names in the contoso.com zone.
Which commands should you run on Server1.? To answer select the appropriate option in answer area.
-10.0.0.100
-131.107.0.100
The internal network uses an IP address space of 10.0.0.0/16.
Server1 provides DNS name resolution to both internal and external clients. Server1 hosts the primary zone for contoso.com.
You need to configure Server1 to meet the following requirements:
* Internal clients must be able to use Server 1 to resolve internal-based DNS names.
* External clients must not be able to use Server1 to resolve Internal-based DNS names.
* External clients must able to use Server1 to resolve names in the contoso.com zone.
Which commands should you run on Server1.? To answer select the appropriate option in answer area.
正解:
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of the repeated scenario
Your network contains an Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2012.
The network uses an address space of 192.168.0.0/16 and contains multiple subnets.
The network is not connected to the Internet.
The domain contains three servers configured as shown in the following table.
Client computers obtain TCP/IP settings from Server3.
You add a second network adapter to Server2. You connect the new network adapter to the Internet. You install the Routing role service on Server2.
Server1 has four DNS zones configured as shown in the following table.
End of the repeated scenario
You need to configure an administrator named [email protected] as the contact person for the fabrikam.com zone.
What should you modify? To answer, select the appropriate options in the answer area.
Start of the repeated scenario
Your network contains an Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2012.
The network uses an address space of 192.168.0.0/16 and contains multiple subnets.
The network is not connected to the Internet.
The domain contains three servers configured as shown in the following table.
Client computers obtain TCP/IP settings from Server3.
You add a second network adapter to Server2. You connect the new network adapter to the Internet. You install the Routing role service on Server2.
Server1 has four DNS zones configured as shown in the following table.
End of the repeated scenario
You need to configure an administrator named [email protected] as the contact person for the fabrikam.com zone.
What should you modify? To answer, select the appropriate options in the answer area.
正解:
Explanation:
References: https://www.microsoftpressstore.com/articles/article.aspx?p=2756482&seqNum=2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. All client computers run Windows 10.
On Server1, you have the following zone configuration.
You need to ensure that all of the client computers in the domain perform DNSSEC validation for the fabrikam.com namespace.
Solution: From a Group Policy object (GPO) in the domain, you add a rule to the Name Resolution Policy Table (NRPT).
Does this meet the goal?
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. All client computers run Windows 10.
On Server1, you have the following zone configuration.
You need to ensure that all of the client computers in the domain perform DNSSEC validation for the fabrikam.com namespace.
Solution: From a Group Policy object (GPO) in the domain, you add a rule to the Name Resolution Policy Table (NRPT).
Does this meet the goal?
正解:A
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain-based Distributed file System (DFS) namespace named Namespace1 that has access-based enumeration enabled. Namespace1 has a folder named folder1. Folder1 has a target of \\Server1\Folder1.
The Permission for folder1 are configured as shown in the following table.
Access-based enumeration is disabled for the share of Folder1.
You need to ensure that both User1 and User2 can see Folder1 when they access \\Contoso.com\NameSpace1 What should you do?
The Permission for folder1 are configured as shown in the following table.
Access-based enumeration is disabled for the share of Folder1.
You need to ensure that both User1 and User2 can see Folder1 when they access \\Contoso.com\NameSpace1 What should you do?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have a Scale-Out File Server that has a share named Share1. Share1 contains a virtual disk file named Disk1.vhd.
You plan to create a guest failover cluster.
You need to ensure that you can use the virtual disk as a shared virtual disk for the gust failover cluster.
Which cmdlet should you use?
You plan to create a guest failover cluster.
You need to ensure that you can use the virtual disk as a shared virtual disk for the gust failover cluster.
Which cmdlet should you use?
正解:D
解答を投票する
You are implementing a secure network. The network contains a DHCP server named Server1 that runs Windows Server 2016.
You create a DHCP allow filter that contains all of the computers on the network that are authorized to receive IP addresses.
You discover that unauthorized computers can obtain an IP address from Server1.
You need to ensure that only authorized computers can receive an IP address from Server1.
Solution: You run the following command.
Add-DHCPServer4Filter -ComputerName Server1 -MacAddress -List Allow
Does this meet the goal?
You create a DHCP allow filter that contains all of the computers on the network that are authorized to receive IP addresses.
You discover that unauthorized computers can obtain an IP address from Server1.
You need to ensure that only authorized computers can receive an IP address from Server1.
Solution: You run the following command.
Add-DHCPServer4Filter -ComputerName Server1 -MacAddress -List Allow
Does this meet the goal?
正解:A
解答を投票する
You have a Hyper-V host named Server1 that runs Windows Server 2016. Server1 has multiple network adapters that have virtual machine queue (VMQ) enabled.
On Server1, you create a virtual machine named VM1 as shown in the exhibit.
You need to ensure that you can use virtual Receive-side Scaling (vRSS) on VM1.
What should you do?
On Server1, you create a virtual machine named VM1 as shown in the exhibit.
You need to ensure that you can use virtual Receive-side Scaling (vRSS) on VM1.
What should you do?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
You have a remote access server named Server1 that runs Windows Server 2016. Server1 has DirectAccess enabled.
A firewall connects Server1 to the Internet.
You need to configure the firewall to ensure that DirectAccess clients can connect to Server1 by using Teredo, 6to4, and IP-HTTPS.
Which inbound port should be open on the firewall for each transition technology?
To answer, drag the appropriate ports and protocols to the correct transition technologies. Each port and protocol may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
A firewall connects Server1 to the Internet.
You need to configure the firewall to ensure that DirectAccess clients can connect to Server1 by using Teredo, 6to4, and IP-HTTPS.
Which inbound port should be open on the firewall for each transition technology?
To answer, drag the appropriate ports and protocols to the correct transition technologies. Each port and protocol may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
正解:
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that runs Windows Server 2016 and has the DNS Server role installed. Automatic scavenging of state records is enabled and the scavenging period is set to 10 days.
All client computers dynamically register their names in the contoso.com DNS zone on Server1.
You discover that the names of multiple client computers that were removed from the network several weeks ago can still be resolved.
You need to configure Server1 to automatically remove the records of the client computers that have been offline for more than 10 days.
Solution: You set the Time to live (TTL) value of all of the records in the zone.
Does this meet the goal?
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that runs Windows Server 2016 and has the DNS Server role installed. Automatic scavenging of state records is enabled and the scavenging period is set to 10 days.
All client computers dynamically register their names in the contoso.com DNS zone on Server1.
You discover that the names of multiple client computers that were removed from the network several weeks ago can still be resolved.
You need to configure Server1 to automatically remove the records of the client computers that have been offline for more than 10 days.
Solution: You set the Time to live (TTL) value of all of the records in the zone.
Does this meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Hyper-V host named Server 1. The network adapters on Server1 have single root I/O virtualization (SR-IOV) enabled.
Server1 hosts a virtual machine named VM1 that runs Windows Server 2016.
You need to identify whether SR-IOV is used by VM1.
Solution: You sign in to VM1. You run the Get-NetAdapterSriov cmdlet.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Hyper-V host named Server 1. The network adapters on Server1 have single root I/O virtualization (SR-IOV) enabled.
Server1 hosts a virtual machine named VM1 that runs Windows Server 2016.
You need to identify whether SR-IOV is used by VM1.
Solution: You sign in to VM1. You run the Get-NetAdapterSriov cmdlet.
Does this meet the goal?
正解:B
解答を投票する