[Up-to-Dated] 70-414 New Questions For Passing The 70-414 Certification Exam (61-80)

2017 August Microsoft Official New Released 70-414 Q&As in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

Test your preparation for Microsoft 70-414 with these actual 70-414 new questions below. Exam questions are a sure method to validate one’s preparation for actual certification exam.

Following questions and answers are all new published by Microsoft Official Exam Center: https://www.lead2pass.com/70-414.html

QUESTION 61
Your network contains the following roles and applications:

– Microsoft SQL Server 2012
– Distributed File System (DFS) Replication
– Active Directory Domain Services (AD DS)
– Active Directory Rights Management Services (AD RMS)
– Active Directory Lightweight Directory Services (AD LDS)

You plan to deploy Active Directory Federation Services (AD FS).
You need to identify which deployed services or applications can be used as attribute stores for the planned AD FS deployment.
What should you identify? (Each correct answer presents a complete solution. Choose all that apply.)

A.    DFS
B.    AD RMS
C.    Microsoft SQL Server 2012
D.    AD LDS
E.    AD DS

Answer: CDE
Explanation:

 

http://technet.microsoft.com/library/dd807092(v=ws.10).aspx

QUESTION 62
Your network contains an Active Directory domain named contoso.com.
The network contains 15,000 client computers.
You plan to deploy an Active Directory Certificate Services (AD CS) infrastructure and issue certificates to all of the network devices.
You need to recommend a solution to minimize the amount of network utilization caused by certificate revocation list (CRL) checking.
What should you include in the recommendation? More than one answer choice may achieve the goal. Select the BEST answer.

A.    The Network Device Enrollment Service role service
B.    An increase of the CRL validity period
C.    A reduction of the CRL validity period
D.    The Online Responder role service

Answer: D
Explanation:

 

http://technet.microsoft.com/en-us/library/cc753468.aspx

QUESTION 63
Your network contains an Active Directory domain named contoso.com.
You deploy Active Directory Certificate Services (AD CS).
You plan to deploy 100 external Web servers that will be publicly accessible and will require Secure Sockets Layer (SSL) certificates.
You also plan to deploy 50,000 certificates for secure email exchanges with Internet-based recipients.
You need to recommend a certificate services solution for the planned deployment.
What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.

A.    Deploy a certification authority (CA) that is subordinate to an external root CA.
B.    Purchase 50,100 certificates from a trusted third-party root certification authority (CA).
C.    Distribute a copy of the root certification authority (CA) certificate to external relying parties.
D.    Instruct each user to request a Secure Email certificate from a trusted third-party root CA,
and then purchase 100 Web server certificates.

Answer: A
Explanation:

 

http://technet.microsoft.com/en-us/library/cc772192(v=ws.10).aspx

QUESTION 64
Your company, which is named Contoso, Ltd., has offices only in North America.
The company has 2,000 users.
The network contains an Active Directory domain named contoso.com.
You plan to deploy an Active Directory Certificate Services (AD CS) infrastructure and assign certificates to all client computers.
You need to recommend a PKI solution to protect the private key of the root certification authority (CA) from being accessed by external users.
What should you recommend? More than one answer choice may achieve the goal. Select the BEST answer.

A.    An offline standalone root CA and an online enterprise issuing CA
B.    An online enterprise root CA and an online enterprise issuing CA
C.    An offline standalone root CA and an offline enterprise issuing CA
D.    An online enterprise root CA, an online enterprise policy CA, and an online enterprise issuing
CA

Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/cc737481(v=ws.10).aspx

QUESTION 65
Your network contains an Active Directory domain named contoso.com.
The network has an Active Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:

– Ensure that the users can encrypt files by using Encrypting File System (EFS).
– Ensure that all of the users reenroll for their certificate every six months.

What should you do first?

A.    From the properties of the User certificate template, assign the Allow-Enroll permission to
the Authenticated Users group.
B.    From the properties of the Basic EFS template, assign the Allow-Enroll permission to the Authenticated Users group.
C.    Create a copy of the User certificate template, and then modify the extensions of the copy.
D.    Create a copy of the Basic EFS certificate template, and then modify the validity period of
the copy.

Answer: D
Explanation:

 

http://technet.microsoft.com/en-us/library/cc786499(v=ws.10).aspx

QUESTION 66
Your network contains an Active Directory domain named contoso.com.
The network has an Active Directory Certificate Services (AD CS) infrastructure.
You deploy Active Directory Rights Management Services (AD RMS) on the network.
You provide several users on the network with the ability to protect content by using AD RMS. You need to recommend a solution to provide the members of a group named Audit with the ability to read and modify all of the AD RMS-protected content.
What should you recommend?

A.    Issue a CEP Encryption certificate to the members of the Audit group.
B.    Issue a key recovery agent certificate to the members of the Audit group.
C.    Add the Audit group as a member of the super users group.
D.    Add the Audit group as a member of the Domain Admins group.

Answer: C
Explanation:

 

http://technet.microsoft.com/en-us/library/ee424431.aspx

QUESTION 67
Your network contains an Active Directory domain named contoso.com.
The network contains a perimeter network.
The perimeter network and the internal network are separated by a firewall.
On the perimeter network, you deploy a server named Server1 that runs Windows Server 2012. You deploy Active Directory Certificate Services (AD CS).
Each user is issued a smart card. Users report that when they work remotely, they are unable to renew their smart card certificate.
You need to recommend a solution to ensure that the users can renew their smart card certificate from the Internet.
What should you recommend implementing on Server1? More than one answer choice may achieve the goal. Select the BEST answer.

A.    The Certification Authority Web Enrollment role service and the Online Responder role
service
B.    The Active Directory Federation Services server role
C.    The Certificate Enrollment Policy Web Service role service and the Certificate Enrollment
Web Service role service
D.    An additional certification authority (CA) and the Online Responder role service

Answer: C
Explanation:

 

http://technet.microsoft.com/en-us/library/dd759230.aspx

QUESTION 68
Your network contains an Active Directory domain named contoso.com.
The network has an Active Directory Certificate Services (AD CS) infrastructure.
You publish the certificate revocation list (CRL) to a farm of Web servers.
You are creating a disaster recovery plan for the AD CS infrastructure.
You need to recommend which actions must be performed to restore certificate revocation checking if a certification authority (CA) is offline for an extended period of time.
Which three actions should you recommend? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 

Answer:

 

Explanation:

 

http://technet.microsoft.com/en-us/library/cc732443(v=ws.10).aspx

QUESTION 69
Your network contains an Active Directory domain named contoso.com.
The domain contains four servers named Server1, Server2, Server3, and Server4 that run Windows Server 2012. Server1 and 5erver2 are configured as file servers and are part of a failover cluster named Cluster1.
Server3 and Server4 have Microsoft SQL Server 2012 installed and are part of a failover cluster named Cluster2.
You add a disk named Disk1 to the nodes in Cluster1.
Disk1 will be used to store the data files and log files used by SQL Server 2012.
You need to configure the environment so that access to Disk1 remains available when a node on Cluster1 fails over or fails back.
Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

 

Answer:

 

Explanation:
http://blogs.technet.com/b/josebda/archive/2012/08/23/windows-server-2012-scale-out-file-server-for-sqlserver-2012-step-by-step-installation.aspx

QUESTION 70
Your network contains an Active Directory domain.
The domain contains a site named Site1.
All of the client computers in Site1 use static IPv4 addresses on a single subnet.
Site1 contains a Storage Area Network (SAN) device and two servers named Server1 and Server2 that run Windows Server 2012.
You plan to implement a DHCP infrastructure that will contain Server1 and Server2.
The infrastructure will contain several IP address reservations.
You need to recommend a solution for the DHCP infrastructure to ensure that clients can receive IP addresses from a DHCP server if either Server1 or Server2 fails.
What should you recommend? (Each correct answer is a complete solution. Choose all that apply.)

A.    Configure all of the client computers to use IPv6 addresses, and then configure Server1
and Server2 to run DHCP in stateless mode.
B.    Configure Server1 and Server2 as members of a failover cluster, and then configure DHCP
as a clustered resource.
C.    Configure a DHCP failover relationship that contains Server1 and Server2.
D.    Create a scope for each server, and then configure each scope to contain half of the IP addresses.

Answer: BCD
Explanation:

 

http://blogs.technet.com/b/teamdhcp/archive/2012/06/28/ensuring-high-availability-of-dhcp-using-windowsserver-2012-dhcp-failover.aspx

 

Case Study 2: A. Datum (QUESTION 71 – QUESTION 84)
Overview
A.Datum Corporation is an accounting company.
The company has a main office and two branch offices.
The main office is located in Miami.
The branch offices are located in New York and Seattle.

Existing Environment
Network Infrastructure
The network contains an Active Directory domain named adatum.com.
All servers run Windows Server 2008 R2.
The main office has the following servers and client computers:

– Two domain controllers configured as DNS servers and DHCP servers
– One file server that has multiples shares
– One thousand client computers that run Windows 7
– Each branch office has the following servers and client computers:
– One domain controller configured as a DNS server and a DHCP server
– Five hundred to 800 client computers that run Windows XP Each office has multiple subnets.

The network speed of the local area network (LAN) is 1 gigabit per second.
The offices connect to each other by using a WAN link.
The main office is connected to the Internet.

Current Issues
The WAN link between the Miami office and the Seattle office is a low bandwidth link with high
latency. The link will not be replaced for another year.

Requirements
Application Requirements
The company is developing an application named Appl.
App1 is a multi-tier application that will be sold as a service to customers.
Each instance of App1 is comprised of the following three tiers:

– A web front end
– A middle tier that uses Windows Communication Foundation (WCF)
– A Microsoft SQL Server 2008 R2 database on the back end

Each tier will be hosted on one or more virtual machines.
Multiple-tiers cannot coexist on the same virtual machine.
When customers purchase App1, they can select from one of the following service levels:

– Standard: Uses a single instance of each virtual machine required by Appl. If a virtual machine become unresponsive, the virtual machine must be restarted.
– Enterprise: Uses multiple instances of each virtual machine required by App1 to provide high-availability and fault tolerance.

All virtual hard disk (VHD) files for App1 will be stored in a file share.
The VHDs must be available if a server fails.
You plan to deploy an application named App2.
App2 is comprised of the following two tiers:

– A web front end
– A dedicated SQL Server 2008 R2 database on the back end

App2 will be hosted on a set of virtual machines in a Hyper-V cluster in the Miami office.
The virtual machines will use dynamic IP addresses.
A copy of the App2 virtual machines will be maintained in the Seattle office.
App2 will be used by users from a partner company named Trey Research.
Trey Research has a single Active Directory domain named treyresearch.com.
Treyresearch.com contains a server that has the Active Directory Federation Services server role and all of the Active Directory Federation Services (AD F5} role services installed.

Planned Changes
Datum plans to implement the following changes:

– Replace all of the servers with new servers that run Windows Server 2012.
– Implement a private cloud by using Microsoft System Center 2012 to host instances of Appl.
– In the Miami office, deploy four new Hyper-V hosts to the perimeter network.
– In the Miami office, deploy two new Hyper-V hosts to the local network.
– In the Seattle office, deploy two new Hyper-V hosts.
– In the Miami office, implement a System Center 2012 Configuration Manager primary site that has all of the system roles installed.
– Implement a public key infrastructure (PKI).
– Implement AD FS.

Notification Requirements
Datum identifies the following notification requirements:

– Help desk tickets must be created and assigned automatically when an instance of App1 becomes unresponsive.
– Customers who select the Enterprise service level must receive an email notification each time a help desk ticket for their instance of App1 is opened or closed.

Technical Requirements
Datum identifies the following technical requirements:

– Minimize costs whenever possible.
– Minimize the amount of WAN traffic.
– Minimize the amount of administrative effort whenever possible.
– Provide the fastest possible failover for the virtual machines hosting App2.
– Ensure that administrators can view a consolidated report about the software updates in all of the offices.
– Ensure that administrators in the Miami office can approve updates for the client computers in all of the offices.

Security Requirements
Datum identifies the following security requirements:

– An offline root certification authority (CA) must be configured.
– Client computers must be issued certificates by a server in their local office.
– Changes to the CA configuration settings and the CA security settings must be logged.
– Client computers must be able to renew certificates automatically over the Internet.
– The number of permissions and privileges assigned to users must be minimized whenever possible.
– Users from a group named Group1 must be able to create new instances of App1 in the private cloud.
– Cent computers must be issued new certificates when the computers are connected to the local network only.
– The virtual machines used to host App2 must use BitLocker Drive Encryption (BitLocker).
– Users from Trey Research must be able to access App2 by using their credentials from treyresearch.com.

QUESTION 71
What is the minimum number of certificate servers you need to deploy?

A.    2
B.    3
C.    4
D.    5

Answer: C
Explanation:

 

 

QUESTION 72
In adatum.com, you install and configure a server that has the Active Directory Federation Services server role and all of the AD FS role services installed.
You need to recommend which AD FS configurations must be performed m adatum.com to meet the security requirements.
Which configurations should you recommend before creating a trust policy?

A.    Export the server authentication certificate and provide the certificate to Trey Research.
Import the token-signing certificate from Trey Research.
B.    Export the server authentication certificate and provide the certificate to Trey Research.
Import the server authentication certificate from Trey Research.
C.    Export the token-signing certificate and provide the certificate to Trey Research.
Import the server authentication certificate from Trey Research.
D.    Export the token-signing certificate and provide the certificate to Trey Research.
Import the token-signing certificate from Trey Research.

Answer: C

QUESTION 73
You need to recommend which type of clustered file server and which type of file share must be used in the Hyper-V cluster that hosts App2.
The solution must meet the technical requirements and the security requirements.
What should you recommend?

A.    A scale-out file server that uses an NFS share
B.    A file server that uses an SMB share
C.    A scale-out file server that uses an SMB share
D.    A file server that uses an NFS share

Answer: C
Explanation:

 

 

http://technet.microsoft.com/en-us/library/hh831349.aspx

QUESTION 74
You need to recommend a solution that meets the notification requirements.
Which System Center 2012 components should you include in the recommendation?

A.    Operations Manager, Service Manager and Orchestrator
B.    Configuration Manager, Service Manager and Orchestrator
C.    App Controller, Configuration Manager and Operations Manager
D.    Service Manager, Orchestrator and App Controller

Answer: A
Explanation:

 

 

 

http://www.microsoftvirtualacademy.com/tracks/system-center-2012-orchestrator-service-manager

QUESTION 75
You are configuring the Certification Authority role service.
From the Certification Authority console, you enable logging.
You need to ensure that configuration changes to the certification authority (CA) are logged. Which audit policy should you configure?

A.    Audit policy change
B.    Audit privilege use
C.    Audit system events
D.    Audit object access

Answer: D
Explanation:

 

 

http://terrytlslau.tls1.cc/2012/05/how-to-enable-certification-authority.html

QUESTION 76
You need to recommend a solution to maintain a copy of App2.
The solution must meet the application requirements and must minimize additional hardware purchases.
What should you include in the recommendation?

A.    Multi-site Failover Clustering
B.    Hyper-V replicas
C.    Single-site Failover Clustering
D.    Distributed File System (DFS) Replication

Answer: B
Explanation:

 

 

http://technet.microsoft.com/en-us/library/jj134172.aspx

QUESTION 77
You need to recommend a solution that meets the security requirements for Group1.
To which System Center 2012 Virtual Machine Manager (VMM) group should you assign Group1?

A.    Read-Only Administrator
B.    Administrators
C.    Delegated Administrator
D.    Self-Service User

Answer: D
Explanation:

 

 

http://mountainss.wordpress.com/2011/11/19/user-roles-in-system-center-virtual-machine-manager-2012/
http://technet.microsoft.com/en-us/library/gg696971.aspx

QUESTION 78
You need to recommend which Certificate Services role service must be deployed to the perimeter network.
The solution must meet the technical requirements.
Which Certificate Services role services should you recommend?

A.    Certificate Enrollment Web Service and Certificate Enrollment Policy Web Service
B.    Certificate Enrollment Policy Web Service and Certification Authority Web Enrollment
C.    Online Responder and Network Device Enrollment Service
D.    Online Responder and Certificate Enrollment Web Service

Answer: A
Explanation:

 

 

http://technet.microsoft.com/en-us/library/dd759230.aspx

QUESTION 79
You have a service template to deploy Appl.
You are evaluating the use of Network Load Balancing (NLB) for the front-end servers used by Appl.
You need to recommend which component must be added to the service template.
What should you recommend?

A.    Guest OS profile
B.    A host profile
C.    A capability profile
D.    A VIP template

Answer: D
Explanation:

 

 

http://technet.microsoft.com/library/gg610569.aspx

QUESTION 80
You need to recommend a storage solution for the App1 VHDs.
The solution must minimize downtime if a Hyper-V host fails.
What should you include in the recommendation?

A.    Distributed File System (DFS) Replication
B.    A clustered file server of the File Server for general use type
C.    A Distributed File System (DFS) namespace
D.    A clustered file server of the File Server for scale-out application data type

Answer: D
Explanation:

 

 

http://technet.microsoft.com/en-us/library/hh831349.aspx

These Microsoft 70-414 exam questions are all a small selection of questions. If you want to practice more questions for actual 70-414 exam, use the links at the end of this document. Also you can find links for 70-414 VCE software that is great for preparation and self-assessment for Microsoft 70-414 exam.

70-414 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDVU9UZlRkY2VCaW8

2017 Microsoft 70-414 exam dumps (All 252 Q&As) from Lead2pass:

https://www.lead2pass.com/70-414.html [100% Exam Pass Guaranteed]