[May-2018-New]Free Microsoft 202Q 70-742 Exam Dumps PDF and VCE Braindump2go Offers[118-128]

2018 May New Microsoft 70-742 Exam Dumps with PDF and VCE Just Updated Today! Following are some new 70-742 Real Exam Questions:

1.|2018 Latest 70-742 Exam Dumps (PDF & VCE) 202Q Download:

https://www.braindump2go.com/70-742.html

2.|2018 Latest 70-742 Exam Questions & Answers Download:

https://drive.google.com/drive/folders/0B75b5xYLjSSNTHFSYmh4MkNta2M?usp=sharing

QUESTION 118
Your network contains an Active Directory domain named contoso.com.
You plan to deploy a new Active Directory Rights Management Services (AD RMS) cluster on a server named Server1.
You need to create the AD RMS service account. The solution must use the principle of least privilege
What should you do?

A. Create a domain user account and add the account to the Account Operators group in the domain.
B. Create a local user account on Server1 and add the account to the Administrators group on Server1.
C. Create a domain user account and add the account to the Domain Users group in the domain.
D. Create a domain user account and add the account to the Administrators group on Server1.

Answer: C

QUESTION 119
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated Scenario:
You work for a company named Contoso, Ltd.
The network contains an Active Directory forest named contoso.com. A forest trust exists between contoso.com and an Active Directory forest named adatum.com.
The contoso.com forest contains the objects configured as shown in the following table.
Scenario:
Refer to following table:

Group1 and Group 2 contain only user accounts.
Contoso hires a new remote user named User3. User3 will work from home and will use a computer named Computed that runs Windows 10. Computed is currently in a workgroup.
An administrator named Admin1 is a member of the Domain Admins group in the contoso.com domain.
From Active Directory Users and Computers, you create an organizational unit (OU) named OU1 in the contoso.com domain, and then you create a contact named Contact1 in OU1,
An administrator of the adatum.com domain runs the Set-ADUser cmdlet to configure a user named User1 to have a user logon name of [email protected].
End of Scenario:
Admin1 attempts to delete OU1 and receives an error message. You need to ensure that Admin1 can delete OU1. What should you do first?

A. Delete Contact1.
B. Add Admin1 to the Enterprise Admins group.
C. Modify the Object settings for OU1.
D. Disable the Active Directory Recycle Bin.

Answer: C

QUESTION 120
Your network contains an Active Directory domain named contoso.com.
You discover that users can use passwords that contain only numbers.
You need to ensure that all the user passwords in the domain contain at least three of the following types of characters:
– Numbers
– Uppercase letters
– Lowercase letters
– Special characters
What should you do?

A. the Default Domain Policy
B. the local policy on each client computer
C. the Default Domain Controllers Policy
D. the local policy on each domain controller

Answer: A

QUESTION 121
Your network contains an Active Directory domain named contoso.com.
You create a domain security group named Group1 and add several users to it.
You need to force all of the users in Group1 to change their password every 35 days. The solution must affect the Group1 users only.
What should you do?

A. From Windows PowerShell, run the Set-ADDomain cmdlet, and then run the Set-ADAccountPassword cmdlet.
B. Modify the Password Policy settings in a Group Policy object (GPO) that is linked to the domain, and then filter the GPO to Group1 only.
C. Create a forms authentication provider, and then set the forms authentication credentials.
D. From Active Directory Administrative Center, create a Password Setting object (PSO).

Answer: D

QUESTION 122
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2016. The computer accounts of Server1 and Server2 are in the Computers container.
A Group Policy object (GPO) named GPO1 is linked to the domain. GPO1 has multiple computer settings defined and has following the configurations.

An administrator discovers that GPO1 is not applied to Served. GPO1 is applied to Server2. Which configuration possibly prevents GPO1 from being applied to Server1?

A. the permissions on the computer object of Server1
B. the permissions on GPO1
C. the loopback processing mode in GPO1
D. the permissions on the Computers container

Answer: B

QUESTION 123
You have an offline root certification authority (CA) named CA1. CA1 is hosted on a virtual machine.
You only turn on CA1 when the CA must be patched or you must generate a key for subordinate CAs.
You start CA1, and you discover that the filesystem is corrupted.
You resolve the file system corruption and discover that you must reload the CA root from a backup.
When you attempt to run the Restore-CARoleService cmdlet, you receive the following error message: “The process cannot access the file because it is being used by another process.”

A. Stop the Active Directory Domain Services (AD DS) service.
B. Run the Restore-CARoleService cmdlet and specify the path to a valid CA key.
C. Stop the Active Directory Certificate Services (AD CS) service.
D. Run the Restore-CARoleService cmdlet and specify the Force parameter.

Answer: C

QUESTION 124
A technician named Tech1 is assigned the task of joining the laptops to the domain. The computer accounts of each laptop must be in an organizational unit (OU) that is associated to the department of the user who will use that laptop. The laptop names must start with four characters indicating the department followed by a four-digit number
Tech1 is a member of the Domain Users group only. Tech1 has the administrator logon credentials for all the laptops.
You need Tech1 to join the laptops to the domain. The solution must ensure that the laptops are named correctly, and that the computer accounts of the laptops are in the correct OUs.
Solution: You script the creation of files for an offline domain join, and then you give the files to Tech1.
You instruct Tech1 to sign in to each laptop, and then to run djoin.exe.
Does this meet the goal?

A. Yes
B. No

Answer: A

QUESTION 125
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit.
(Click the Exhibit button.)

The relevant users and client computer in the domain are configured as shown in the following table.

You are evaluating what will occur when you set User Group Policy loopback processing mode to Replace in A4.
Which GPO or GPOs will apply to User2 when the user signs in to Computer1 after loopback processing is configured?

A. A1, A5, A6, and A4
B. A3, A1, A4, and A7
C. A3, A1, A5 and A4
D. A4 only

Answer: A

QUESTION 126
Your network contains an Active Directory forest named contoso.com. The forest contains an enterprise root certification authority (CA) on a server that runs Windows Server 2016.
You plan to create and issue a custom subordinate CA template.
You need to prevent subordinate CAs from issuing subordinate certificates.
What should you configure in the template?

A. the Request Handling settings
B. the Cryptography settings
C. the Basic Constraints extension
D. the Security settings

Answer: D

QUESTION 127
You are deploying a web application named WebApp1 to your internal network. WebApp1 is hosted on a server named Web1 that runs Windows Server 2016.
You deploy an Active Directory Federation Services (AD FS) infrastructure and a Web Application Proxy to provide access to WebApp1 for remote users.
You need to ensure that Web1 can authenticate the remote users.
What should you do?

A. Publish WebApp1 by using pass-through preauthentication.
B. Publish WebApp 1 as a Remote Desktop Gateway (RD Gateway) application in the Web Application Proxy.
C. Publish WebApp1 by using AD FS preauthentication.
D. Publish WebApp1 by using client certificate preauthentication.

Answer: A

QUESTION 128
You have an internal web server that hosts websites. The websites use HTTP and HTTPS.
You deploy a Web Application Proxy to your perimeter network.
You need to ensure that users from the Internet can access the websites by using HTTPS only. Internet access to the websites must use the Web Application Proxy.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. From the Remote Access Management Console, publish the websites. Configure pass- through authentication and select Enable HTTP to HTTPS redirection.
B. Configure the Web Application Proxy to perform preauthentication by using Oauth2.
C. On external DNS name servers, create DNS entries that point to the private IP address of the web server.
D. From the web server, enable HTTP Redirect on the Web Application Proxy server.
E. On external DNS name servers, create DNS entries that point to the public IP address of the Web Application Proxy.

Answer: AE


!!!RECOMMEND!!!

1.|2018 Latest 70-742 Exam Dumps (PDF & VCE) 202Q Download:

https://www.braindump2go.com/70-742.html

2.|2018 Latest 70-742 Study Guide Video:

https://youtu.be/PMWnGkIr-iw