IT認証試験問題集
毎月、ITshikenは1500人以上の受験者が試験準備を助けて、試験に合格するために受験者にご協力します
 ホームページ / 70-414 問題集  / 70-414 問題練習

Microsoft 70-414 問題練習

Implementing an Advanced Server Infrastructure 試験

最新更新時間: 2021/01/07,合計533問。

2021新年のギフト:70-414 最新真題を買う時、日本語版と英語版両方を同時に獲得できます。

実際の問題集を練習し、試験のポイントを了解し、テストに申し込むするかどうかを決めることができます。

さらに試験準備時間の35%を節約するには、70-414 問題集を使用してください。

 / 36

Question No : 1
An organization uses an Active Directory Rights Management Services (AD RMS) cluster named RMS1 to protect content for a project. You uninstall AD RMS when the project is complete. You need to ensure that the protected content is still available after AD RMS is uninstalled.
Solution: You enable the decommissioning service by using the AD RMS management console. You grant all users the Read & Execute permission to the decommission pipeline.
Does this meet the goal?

正解:
Explanation:
The proper procedure is:

Question No : 2
You plan to allow users to run internal applications from outside the company’s network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices.
Solution: You install a local instance of MFA Server. You connect the instance to the Microsoft Azure MFA provider, and then run the following Windows PowerShell cmdlet.
Enable-AdfsDeviceRegistration
Does this meet the goal?

正解:
Explanation:
We must install AD FS Adapter, not register a host for the Device Registration Service.
Note: The Enable-AdfsDeviceRegistration cmdlet configures a server in an Active Directory Federation Services (AD FS) farm to host the Device Registration Service.
Reference: Using Multi-Factor Authentication with Windows Server 2012 R2 AD FS
https: //msdn.microsoft.com/en-us/library/azure/dn807157.aspx

Question No : 3
You need to automatically restart the appropriate web service on DETCRL01 and CHICRL01 if the web service is stopped.
Solution: You create a recovery task in SCOM and configure it to start the World Wide Web publishing service.
Does this meet the goal?

正解:
Explanation:
The Internet Information Services (IIS) World Wide Web Publishing Service (W3SVC), sometimes referred to as the WWW Service, manages the HTTP protocol and HTTP performance counters.
The following is a list of the managed entities that are included in this managed entity:
* IIS Web Site
An Internet Information Services (IIS) Web site is a unique collection of Web pages and Web applications that is hosted on an IIS Web server. Web sites have bindings that consist of a port number, an IP address, and an optional host name or names.
* Active Server Pages (ASP)
Active Server Pages (ASP)
Reference: IIS World Wide Web Publishing Service (W3SVC)
https://technet.microsoft.com/en-us/library/cc734944(v=ws.10).aspx

Question No : 4
You need to automatically restart the appropriate web service on DETCRL01 and CHICRL01 if the web service is stopped.
Solution: You create a diagnostic task in SCOM and configure it to start the Server service.
Does this meet the goal?

正解:
Explanation:
It is not the Server service that needs to be restarted. The Internet Information Services (IIS) World Wide Web Publishing Service (W3SVC), which manages the HTTP protocol and HTTP performance counters, needs to be restarted.
Reference: IIS World Wide Web Publishing Service (W3SVC)
https://technet.microsoft.com/en-us/library/cc734944(v=ws.10).aspx

Question No : 5
Topic 7, Contoso, Ltd Case D

Overview
Contoso, Ltd., is a manufacturing company that makes several different components that are used in automobile production. Contoso has a main office in Detroit, a distribution center in Chicago, and branch offices in Dallas, Atlanta, and San Diego.
The contoso.com forest and domain functional level are Windows Server 2008 R2. All servers run Windows Server 2012 R2, and all client workstations run Windows 7 or Windows 8. Contoso uses System Center 2012 Operations Manager and Audit Collection Services (ACS) to monitor the environment. There is no certification authority (CA) in the environment.

Current Environment
The contoso.com domain contains the servers as shown in the following table:



Contoso sales staff travel within the United States and connect to a VPN by using mobile devices to access the corporate network. Sales users authenticate to the VPN by using their Active Directory usernames and passwords. The VPN solution also supports certification-based authentication.

Contoso uses an inventory system that requires manually counting products and entering that count into a database. Contoso purchases new inventory software that supports wireless handheld scanners and several wireless handheld scanners. The wireless handheld scanners run a third party operating system that supports the Network Device Enrollment Service (NDES).

Business Requirements
Security
The wireless handheld scanners must use certification-based authentication to access the wireless network.
Sales users who use mobile devices must use certification-based authentication to access the VPN. When sales users leave the company, Contoso administrators must be able to disable their VPN access by revoking their certificates.

Monitoring
All servers must be monitored by using System Center 2012 Operating Manager. In addition to monitoring the Windows operating system, you must collect security logs from the CA servers by using ACS, and monitor the services that run on the CA and Certificate Revocation List (CRL) servers, such as certification authority and web services.

Technical Requirements
CA Hierarchy
Contoso requires a two-tier CA hierarchy. The CA hierarchy must include a stand-alone offline root and two Active Directory-integrated issuing CAs: one for issuing certificates to domain-joined devices, and one for issuing certificates to non-domain-joined devices by using the NDES. CRLs must be published to two web servers: one in Detroit and one in Chicago.
Contoso has servers that run Windows Server 2012 R2 to use for the CA hierarchy.
The servers are described in the following table:



The IT security department must have the necessary permissions to manage the CA and CRL servers. A domain group named Corp-IT Security must be used for this purpose. The IT security department users are not domain admins.

Fault Tolerance
The servers that host the CRL must be part of a Windows Network Load Balancing (NLB) cluster. The CRL must be available to users in all locations by using the hostname crl.contoso.com, even if one of the underlying web servers is offline.

DRAG DROP
You need to delegate permissions for DETCA01.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.



正解:


Explanation:
Reference: Implement Role-Based Administration
https://technet.microsoft.com/en-us/library/cc732590.aspx

Question No : 6
You need to deploy the new SQL Server virtual machines.
What should you do?

正解:
Explanation:
* Scenario: A Hyper-V cluster named Clusterl.contoso.com includes two unused SQL Server virtual machines (VMs) named SQL-SERVER1 and SQL-SERVER2. The cluster also includes a Hyper-V Host group named Chi-Primary.
* The Add-SCCustomPlacementRule adds a custom placement rule to the placement configuration for a host group.
Reference: Add-SCCustomPlacementRule
https://technet.microsoft.com/en-us/library/hh801560.aspx

Question No : 7
This question consists of two statements: One is named Assertion and the other is named Reason. Both of these statements may be true; both may be false; or one may be true, while the other may be false.
To answer this question, you must first evaluate whether each statement is true on its own. If both statements are true, then you must evaluate whether the Reason (the second statement) correctly explains the Assertion (the first statement). You will then select the answer from the list of answer choices that matches your evaluation of the two statements.

Assertion:
You must install and configure Network Device Enrollment Services (NDES) on CHICA01.

Reason:
NDES allows non-domain joined devices to obtain a Certificate Revocation List from an Active Directory-integrated certification authority, and then validate whether a certificate is valid.
Evaluate the Assertion and Reason statements and choose the correct answer option.

正解:
Explanation:
The Network Device Enrollment Service (NDES) allows software on routers and other network devices running without domain credentials to obtain certificates based on the Simple Certificate Enrollment Protocol (SCEP).
Reference: Network Device Enrollment Service Guidance
https://technet.microsoft.com/en-us/library/hh831498.aspx

Question No : 8
You need to deploy the new SQL Server virtual machines.
What should you do?

正解:
Explanation:
* Scenario: The Seattle office contains a primary data center and a backup data center. The primary data center is located on a Hyper-V cluster named Cluster3.contoso.com.
Any new VMs that are deployed to the Hyper-V cluster in Cluster3.contoso.com have the following requirements: New SQL Server VMs must be deployed only to odd-numbered servers in the cluster.
* The Add-SCCustomPlacementRule cmdlet adds a custom placement rule to the placement configuration for a host group.

Question No : 9
You need to prepare the environment for App1.
Which two actions should you perform? Each correct answer presents part of the solution.

正解:

Question No : 10
DRAG DROP
You need to collect the required security logs.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.



正解:


Explanation:
Note:
* Audit collection services (Box 1)
In System Center 2012 C Operations Manager, Audit Collection Services (ACS) provides a means to collect records generated by an audit policy and store them in a centralized database.
ACS requires the following components: ACS Forwarders, ACS Collector, ACS Database
* ACS Forwarders (box 2)
The service that runs on ACS forwarders is included in the Operations Manager agent. By default, this service is installed but not enabled when the Operations Manager agent is installed. You can enable this service for multiple agent computers at the same time using the Enable Audit Collection task.
* (box 3) Enable audit collection
After you install the ACS collector and database you can then remotely enable this service on multiple agents through the Operations Manager console by running the Enable Audit Collection task.
To enable audit collection on Operations Manager agents (see step 5 below)

Question No : 11
HOTSPOT
You plan to configure Windows Network Load Balancing (NLB) for a company.
You display following Network Load Balancing Manager window:



Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic.



正解:

Question No : 12
DRAG DROP
You need to configure access to the Certificate Revocation Lists (CRLs).
How should you configure the access? To answer, drag the appropriate protocol or servers to the correct network type. Each protocol or server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.



正解:

Question No : 13
DRAG DROP
You need to implement Windows Network Load Balancing (NLB).
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.



正解:

Question No : 14
You need to enable virtual machine network health detection on all supported clusters.
What should you do?

正解:
Explanation:
Protected network option is available on the VM settings page for the cluster, not on each VM. Also Protected Network is a 2012R2 feature. Cluster1 is all 2012. And, Cluster4 is 2012R2, but only has a single network. The only option left is E with Cluster3.

Question No : 15
HOTSPOT
You need to implement App1.
How should you configure the locations? To answer, select the appropriate option from each list in the answer area.



正解:

 / 36