70-742 無料問題集「Microsoft Identity with Windows Server 2016」
Your network contains an Active Directory domain named contoso.com.
You have an application named App1 that is deployed to all the client computers in the domain. App1 writes a registry value named LocalStorage on all the client computers.
You need to delete the LocalStorage registry value from all the client computers in the domain that have less than 100 GB of free disk space on their system volume.
What should you do?
You have an application named App1 that is deployed to all the client computers in the domain. App1 writes a registry value named LocalStorage on all the client computers.
You need to delete the LocalStorage registry value from all the client computers in the domain that have less than 100 GB of free disk space on their system volume.
What should you do?
正解:C
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012 R2.
You need to ensure that a domain administrator can recover a deleted Active Directory object quickly.
Which tool should you use?
Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012 R2.
You need to ensure that a domain administrator can recover a deleted Active Directory object quickly.
Which tool should you use?
正解:D
解答を投票する
Your network contains an Active Directory domain named contso.com.
Each department at your company has an organizational unit (OU) in Active Directory and a global that contains the users in that department.
You need to implement the following security requirements:
User in the research department must use complex passwords that are at least 14 characters.
User in the following department must use complex passwords that are at least 10 characters.
All other users must use an eight-character, non-complex password.
What should you do?
Each department at your company has an organizational unit (OU) in Active Directory and a global that contains the users in that department.
You need to implement the following security requirements:
User in the research department must use complex passwords that are at least 14 characters.
User in the following department must use complex passwords that are at least 10 characters.
All other users must use an eight-character, non-complex password.
What should you do?
正解:C
解答を投票する
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2.
DC1 holds the RID master operations role. DC1 fails and cannot be repaired. You need to move the RID role to DC2.
Solution: On DC2, you open the command prompt, run dsmgmt.exe, connect to DC2, and use the Seize RID master opinion.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2.
DC1 holds the RID master operations role. DC1 fails and cannot be repaired. You need to move the RID role to DC2.
Solution: On DC2, you open the command prompt, run dsmgmt.exe, connect to DC2, and use the Seize RID master opinion.
Does this meet the goal?
正解:B
解答を投票する
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit. (Click the Exhibit button.)
The relevant users and client computer in the domain are configured as shown in the following table.
End of repeated scenario.
Which five GPOs will apply to User1 in sequence when the user signs in to Computer1? To answer, move the appropriate GPOs from the list to the answer area and arrange them in the correct order.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit. (Click the Exhibit button.)
The relevant users and client computer in the domain are configured as shown in the following table.
End of repeated scenario.
Which five GPOs will apply to User1 in sequence when the user signs in to Computer1? To answer, move the appropriate GPOs from the list to the answer area and arrange them in the correct order.
正解:
Explanation
Your network contains an Active Directory domain named adatum.com. The domain uses Active Directory Federation Services (AD FS), AD FS has a relying party trust named RP1 to a claims-aware application named App1. The domain contains the users shown in the following table.
The network contains the network segments shown in the following table.
The following access control policy is assigned to RP1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The network contains the network segments shown in the following table.
The following access control policy is assigned to RP1.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
You deploy a Remote Desktop server named RDP1. RDP1 has two volumes named C and D.
You plan to allow users to connect to RDP1 to run multiple applications.
You need to ensure that when the users establish a Remote Desktop connection to RDP1, volume D is hidden.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
You plan to allow users to connect to RDP1 to run multiple applications.
You need to ensure that when the users establish a Remote Desktop connection to RDP1, volume D is hidden.
What should you do? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
正解:
Explanation
References:
https://support.citrix.com/article/CTX220108
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. You have an organizational unit (OU) named LondonUsers that contains 10,000 users. You need to modify the office attribute of all the users in the LondonUsers OU.
Solution: You create a CSV file. You run csvde.exe and specify the -i and -f parameters.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. You have an organizational unit (OU) named LondonUsers that contains 10,000 users. You need to modify the office attribute of all the users in the LondonUsers OU.
Solution: You create a CSV file. You run csvde.exe and specify the -i and -f parameters.
Does this meet the goal?
正解:B
解答を投票する
解説: (JPNTest メンバーにのみ表示されます)
Your network contains an Active Directory domain named contoso.com.
The domain contain the computers configured as shown in the following table.
The domain contains a user named User1.
A Group Policy object (GPO) named GPO1 is linked to the domain. GPO1 contains a user preference that is configured as shown in the Shortcut1 Properties exhibit.
Item-level targeting for the user preference is configured as shown in the Targeting exhibit. (Click the Exhibit button.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
The domain contain the computers configured as shown in the following table.
The domain contains a user named User1.
A Group Policy object (GPO) named GPO1 is linked to the domain. GPO1 contains a user preference that is configured as shown in the Shortcut1 Properties exhibit.
Item-level targeting for the user preference is configured as shown in the Targeting exhibit. (Click the Exhibit button.)
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
正解:
Explanation
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy a new Active Directory forest.
You need to ensure that you can create a group Managed Service Account (gMSA) for multiple member servers.
Solution: From Windows PowerShell on a domain controller, you run the Set-KdsConfiguration cmdlet.
Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy a new Active Directory forest.
You need to ensure that you can create a group Managed Service Account (gMSA) for multiple member servers.
Solution: From Windows PowerShell on a domain controller, you run the Set-KdsConfiguration cmdlet.
Does this meet the goal?
正解:B
解答を投票する
Your network contains an Active Directory forest named contoso.com. All domain controllers run Windows Server 2012 R2. You deploy a new server named Server1 that runs Windows Server 2016.
A server administrator named ServerAdmin01 is a member of the Domain users group. You add ServerAdmin01 to the Administrators group on Server1.
ServerAdmin01 signs in to Server1 and successfully configures a new Active Directory flights Management Services (AD RMS) cluster.
You need to ensure that clients can discover the AD RMS cluster by querying Active Directory. What should you do?
A server administrator named ServerAdmin01 is a member of the Domain users group. You add ServerAdmin01 to the Administrators group on Server1.
ServerAdmin01 signs in to Server1 and successfully configures a new Active Directory flights Management Services (AD RMS) cluster.
You need to ensure that clients can discover the AD RMS cluster by querying Active Directory. What should you do?
正解:D
解答を投票する
Your network contains an Active Directory domain named contos.com. The domain contains a server named Server1 that runs a server core installation of windows Server 2016. Server is configured as an Active Directory Rights Management Services (AD RMS) server for the domain.
You need to install the identity Federation Support role service on Server1.
What should you don first?
You need to install the identity Federation Support role service on Server1.
What should you don first?
正解:C
解答を投票する
Your network contains an Active Directory forest named contoso.com.
Your company has a custom application named ERP1. ERP1 uses an Active Directory Lightweight Directory Services (AD LDS) server named Server1 to authenticate users.
You have a member server named Server2 that runs Windows Server 2016. You install the Active Directory Federation Services (AD FS) server role on Server2 and create an AD FS farm.
You need to configure AD FS to authenticate users from the AD LDS server.
Which cmdlets should you run? To answer, select the appropriate options in the answer area.
Your company has a custom application named ERP1. ERP1 uses an Active Directory Lightweight Directory Services (AD LDS) server named Server1 to authenticate users.
You have a member server named Server2 that runs Windows Server 2016. You install the Active Directory Federation Services (AD FS) server role on Server2 and create an AD FS farm.
You need to configure AD FS to authenticate users from the AD LDS server.
Which cmdlets should you run? To answer, select the appropriate options in the answer area.
正解:
Explanation
To configure your AD FSfarm to authenticate users from an LDAP directory, you can complete the following steps:
Step 1: New-AdfsLdapServerConnection
First, configure a connection to your LDAP directory using the New-AdfsLdapServerConnection cmdlet:
$DirectoryCred = Get-Credential
$vendorDirectory = New-AdfsLdapServerConnection -HostName dirserver -Port 50000-SslMode None
-AuthenticationMethod Basic -Credential $DirectoryCred
Step 2 (optional):
Next, you can perform the optional step of mapping LDAP attributes to the existing AD FS claims using the New-AdfsLdapAttributeToClaimMapping cmdlet.
Step 3: Add-AdfsLocalClaimsProviderTrust
Finally, you must register the LDAP store with AD FS as a local claims provider trust using the Add-AdfsLocalClaimsProviderTrust cmdlet:
Add-AdfsLocalClaimsProviderTrust -Name "Vendors" -Identifier "urn:vendors" -Type L References: https://technet.microsoft.com/en-us/library/dn823754(v=ws.11).aspx
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Web1 that runs Windows Server 2016.
You need to list all the SSL certificates on Web1 that will expire during the next 60 days.
Solution: You run the following command.
Get-ChildItem Cert:\CurrentUser\Trust |? { $_.NotAfter -It (Get-Date).AddDays( 60 ) } Does this meet the goal?
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Web1 that runs Windows Server 2016.
You need to list all the SSL certificates on Web1 that will expire during the next 60 days.
Solution: You run the following command.
Get-ChildItem Cert:\CurrentUser\Trust |? { $_.NotAfter -It (Get-Date).AddDays( 60 ) } Does this meet the goal?
正解:B
解答を投票する