[Free] Get all latest Microsoft 70-411 Actual Tests 131-140

Ensurepass

QUESTION 131

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012. The domain contains two servers. The servers are configured as shown in the following table.

 

clip_image001

 

All client computers run Windows 8 Enterprise. You plan to deploy Network Access Protection (NAP) by using IPSec enforcement. A Group Policy object (GPO) named GPO1 is configured to deploy a trusted server group to all of the client computers. You need to ensure that the client computers can discover HRA servers automatically. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

 

A.      On DC1, create a service location (SRV) record.

B.      On Server2, configure the EnableDiscovery registry key.

C.      On all of the client computers, configure the EnableDiscovery registry key.

D.      In a GPO, modify the Request Policy setting for the NAP Client Configuration.

E.       On DC1, create an alias (CNAME) record.

 

Correct Answer: ACD

 

 

QUESTION 132

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server role service installed. You plan to configure Server1 as a Network Access Protection (NAP) health policy server for VPN enforcement by using the Configure NAP wizard. You need to ensure that you can configure the VPN enforcement method on Server1 successfully. What should you install on Server1 before you run the Configure NAP wizard?

 

A.      The Host Credential Authorization Protocol (HCAP)

B.      A system health validator (SHV)

C.      The Remote Access server role

D.      A Computer certificate

 

Correct Answer: D

 

 

QUESTION 133

You deploy two servers named Server1 and Server2. You install Network Policy Server (NPS) on both servers. On Server1, you configure the following NPS settings:

 

Ÿ   RADIUS Clients

Ÿ   Network Policies

Ÿ   Connection Request Policies

Ÿ   SQL Server Logging Properties

 

You export the NPS configurations to a file and import the file to Server2. You need to ensure that the NPS configurations on Server2 are the same as the NPS configurations on Server1. Which settings should you manually configure on Server2?

 

A.      SQL Server Logging Properties

B.      Connection Request Policies

C.      RADIUS Clients

D.      Network Policies

 

Correct Answer: A

 

 

QUESTION 134

You have a server named Server1 that has the Network Policy and Access Services server role installed. You plan to configure Network Policy Server (NPS) on Server1 to use certificate-based authentication for VPN connections. You obtain a certificate for NPS. You need to ensure that NPS can perform certificate-based authentication. To which store should you import the certificate?

 

To answer, select the appropriate store in the answer area.

 

Hot Area:

clip_image002

 

Correct Answer:

clip_image003

 

 

QUESTION 135

Your network contains an Active Directory domain named contoso.com. The domain contains a RADIUS server named Server1 that runs Windows Server 2012. You add a VPN server named Server2 to the network. On Server1, you create several network policies. You need to configure Server1 to accept authentication requests from Server2. Which tool should you use on Server1?

 

A.      Connection Manager Administration Kit (CMAK).

B.      Routing and Remote Access

C.      Network Policy Server (NPS)

D.      Set-RemoteAccessRadius

 

Correct Answer: C

 

 

QUESTION 136

Your network contains a RADIUS server named Server1. You install a new server named Server2 that runs Windows Server 2012 and has Network Policy Server (NPS) installed. You need to ensure that all accounting requests for Server2 are forwarded to Server1. On Server2, you create a new remote RADIUS server group named Group1 that contains Server1. What should you configure next on Server2?

 

To answer, select the appropriate node in the answer area.

 

Hot Area:

clip_image004

 

Correct Answer:

clip_image005

 

 

 

 

QUESTION 137

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the DHCP Server role and the Network Policy Server role service installed. Server1 contains three non-overlapping scopes named Scope1, Scope2, and Scope3. Server1 currently provides the same Network Access Protection (NAP) settings to the three scopes. You modify the settings of Scope1 as shown in the exhibit.

 

clip_image006

 

You need to configure Server1 to provide unique NAP enforcement settings to the NAP non- compliant DHCP clients from Scope1.

What should you create?

 

A.      A network policy that has the MS-Service Class condition

B.      A network policy that has the Identity Type condition

C.      A connection request policy that has the Identity Type condition

D.      A connection request policy that has the Service Type condition

 

Correct Answer: A

 

 

QUESTION 138

HOTSPOT

You have a server named Server1 that runs Windows Server 2012. Server1 has the Remote Access server role installed. You have a client named Client1 that is configured as an 802.1X supplicant. You need to configure Server1 to handle authentication requests from Client1. The solution must minimize the number of authentication methods enabled on Server1. Which authentication method should you enable?

 

To answer, select the appropriate authentication method in the answer area.

 

Hot Area:

clip_image007

 

Correct Answer:

clip_image008

 

 

QUESTION 139

DRAG DROP

Your network contains an Active Directory domain named adatum.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server. You need to log all DHCP clients that have Windows Firewall disabled. Which three actions should you perform in sequence?

 

To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 

A.      Create a connection request policy

B.      Create Network Policy

C.      Create remediation server group

D.      Create Windows Security Health Validator (VSHV)

E.       Create a health Policy

 

Correct Answer: BCD

 

 

 

 

 

 

 

QUESTION 140

DRAG DROP

Your network contains an Active Directory domain named adatum.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server. You need to log all DHCP clients that have Windows Firewall disabled. Which three actions should you perform in sequence?

 

To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 

Select and Place:

clip_image010

 

Correct Answer:

clip_image011

 

 

Instant Access to Download Testing Software & PDF File for Microsoft 70-411 Real Exam

Instant Access to Try Microsoft 70-411 Free Demo