Microsoft Windows Server 2016 Certification: Exam 70-741 Set 4

You are the administrator for your company network. Your network contains an Active Directory domain. Network Access Protection (NAP) is deployed to the domain. What should you run if you need to create NAP event trace log files on a client computer?


Options are :

  • Logman
  • Register-EngineEvent
  • Register-ObjectEvent
  • Tracert

Answer : Logman

You are the administrator for your company network. You and a colleague are discussing DirectAccess and VPN servers. What PowerShell cmdlet would you use to view the configuration of a DirectAccess or VPN server?


Options are :

  • Get-RASAccess
  • Get-RemoteAccess
  • Get-Server
  • View-Server

Answer : Get-RemoteAccess

Microsoft Windows Server 2016 Certification: Exam 70-741 Set 5

You are the administrator for your company network. Your network contains four NPS servers named Server1, Server2, Server3, and Server4. Server1 is configured as a RADIUS proxy that forwards connection requests to a remote RADIUS server group named Group1. You need to ensure that Server2 and Server3 receive connection requests. Server4 should receive connection requests only if Server2 and Server3 are both unavailable. How should you configure Group1?


Options are :

  • Change the weight of Server2 and Server3 to 10.
  • Change the weight of Server4 to 10.
  • Change the priority of Server2 and Server3 to 10.
  • Change the priority of Server4 to 10.

Answer : Change the priority of Server4 to 10.

You are the administrator for your company network. You and a colleague are discussing DirectAccess. What PowerShell cmdlet would you use if you need to set the properties of your DirectAccess server?


Options are :

  • Set-DirectAccessServer
  • Set-DAServer
  • Set-DirectServer
  • Set-RASServer

Answer : Set-DAServer

You are the administrator for your company network. You and a colleague are discussing implementing a VPN server. You want to use PowerShell to implement the VPN server. You want to set the authentication type. What cmdlet do you use?


Options are :

  • Set-AuthType
  • Set-VpnAuth
  • Set-VpnAuthType
  • Set-VpnType

Answer : Set-VpnAuthType

70-513 WCF Development with Microsoft .NET Framework 4 Exam Set 1

You are the administrator for your company network. Your network contains an Active Directory domain where all servers run Windows Server 2016. The domain contains a server named Server1 that has the NPS server role and the Remote Access server role installed. The domain contains a server named Server2 that is configured as a RADIUS server. Server1 provides VPN access to external users. What should you run if you need to ensure that all of the VPN connections to Server1 are logged to the RADIUS server on Server2?


Options are :

  • Add-RemoteAccessRadius -ServerNameServer1 - AccountingOnOffMsg Enabled -SharedSecret "Secret" -Purpose Accounting
  • Add-RemoteAccessRadius -ServerName Server2 -AccountingOnOffMsg Enabled -SharedSecret "Secret" -Purpose Accounting
  • Set-RemoteAccessAccounting -AccountingOnOffMsg Enabled -AccountingOnOffMsg Enabled
  • Set-RemoteAccessAccounting -EnableAccountingType Inbox -AccountingOnOffMsg Enabled

Answer : Add-RemoteAccessRadius -ServerName Server2 -AccountingOnOffMsg Enabled -SharedSecret "Secret" -Purpose Accounting

You are the administrator for your company network. What PowerShell cmdlet would you use if you needed to add a new external RADIUS server for VPN connectivity?


Options are :

  • Add-RASServer
  • Add-RemoteAccess
  • Add-RemoteAccessRadius
  • Add-RemoteAccessServer

Answer : Add-RemoteAccessRadius

You are the administrator for your company network. You and a colleague are discussing different protocols. What protocol handles the details of establishing and configuring the lowest-level Point-to-Point Protocol (PPP) link?


Options are :

  • Challenge Handshake Authentication Protocol (CHAP)
  • Compression Control Protocol (CCP)
  • IP Control Protocol (IPCP)
  • Link Control Protocol (LCP)

Answer : Link Control Protocol (LCP)

70-513 WCF Development with Microsoft .NET Framework 4 Exam Set 2

You are the administrator for your company network. Your network contains an Active Directory domain. The domain contains a server named Server1 that has the Remote Access server role installed. By using the default configuration, DirectAccess is implemented on Server1. You discover that DirectAccess clients do not use DirectAccess when accessing websites on the Internet. What should you do if you need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess connection?


Options are :

  • Configure DirectAccess to enable force tunneling.
  • Configure a DNS suffix search list on the DirectAccess clients.
  • Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client Settings GPO.
  • Enable the Route All Traffic Through The Internal Network policy setting in the DirectAccess Server Settings GPO.

Answer : Configure DirectAccess to enable force tunneling.

You are the administrator for your company network. You and a colleague are discussing protocols. Which of the following is a more secure protocol between Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP)?


Options are :

  • PPTP and L2TP. Both of them define the same security standard.
  • PPTP is more secure than L2TP.
  • PPTP and L2TP. Both of them are used to provide the database connection.
  • L2TP is more secure than PPTP.

Answer : L2TP is more secure than PPTP.

You are the administrator for your company network. You have a Windows Server 2016 server named Server1 that has the Remote Access server role installed. What should you modify if you need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1 by using TCP port 443?


Options are :

  • WAN Miniport (IKEv2)
  • WAN Miniport (L2TP)
  • WAN Miniport (PPTP)
  • WAN Miniport (PPPOE)
  • WAN Miniport (SSTP)

Answer : WAN Miniport (SSTP)

70-513 WCF Development with Microsoft .NET Framework 4 Exam Set 3

You are the administrator for your company network. You and a colleague are discussing Server Logging properties. By default, where are the log files stored?


Options are :

  • systemroot\system\Logs
  • systemroot\system\LogFiles
  • systemroot\system32\Logs
  • systemroot\system32\LogFiles

Answer : systemroot\system32\LogFiles

You are the administrator for your company network. You and a colleague are discussing setting VPN options. On which tab of the Connection Properties dialog box do you set the VPN options?


Options are :

  • The General tab
  • The Networking tab
  • The Options tab
  • The Security tab

Answer : The General tab

You are the administrator for your company network. Your network contains an Active Directory domain. The domain contains a Windows Server 2016 RADIUS server named Server1. You add a VPN server named Server2 to the network. On Server1, you create several network policies. Which tool should you use on Server1 if you need to configure Server1 to accept authentication requests from Server2?


Options are :

  • Connection Manager Administration Kit (CMAK)
  • Network Policy Server (NPS)
  • Routing and Remote Access
  • Set-RemoteAccessRadius

Answer : Network Policy Server (NPS)

70-513 WCF Development with Microsoft .NET Framework 4 Exam Set 4

You are the administrator for your company network. You are discussing RAS Gateway modes with a colleague. Which RAS Gateway mode is being described if you deploy a RAS Gateway server between your Cloud Service Providers (CSPs) and Enterprise networks?


Options are :

  • Multitenant mode
  • Single tenant mode
  • Unattached tenant mode
  • Remote tenant mode

Answer : Multitenant mode

You are the administrator for your company network. You have a Windows Server 2016 Nano Server named Server1. You want to install the Domain Name System (DNS) Server role on Server1. What should you run?


Options are :

  • The dns.exe command
  • The Enable-WindowsOptionalFeature cmdlet
  • The Install-Package cmdlet
  • The optionalfeature.exe command

Answer : The Enable-WindowsOptionalFeature cmdlet

70-513 WCF Development with Microsoft .NET Framework 4 Exam Set 5

You are the administrator for your company network. You have a Windows Server 2016 Hyper-V host. The host contains a virtual machine named VM1 that has resource metering enabled. What cmdlet should you run if you need to use resource metering to track the amount of network traffic that VM1 sends to the 10.0.0.0/8 network?


Options are :

  • New-VMResourcePool
  • Set-VMNetworkAdapter
  • Set-VMNetworkAdapterRoutingDomainMapping
  • Add-VMNetworkAdapterAcl

Answer : Add-VMNetworkAdapterAcl

You are the administrator for your company network. You have a Windows Server 2016 server named Server1 that is configured as a domain controller. You install the DNS Server role on Server1. You plan to store a DNS zone in a custom Active Directory partition. What should you use if you need to create a new Active Directory partition for the zone?


Options are :

  • dnscmd.exe
  • Set-DnsServer
  • dns.exe
  • Active Directory Sites and Services

Answer : dnscmd.exe

You are the administrator for your company network. You have an IP Address Management (IPAM) deployment that is used to manage all of the DNS servers on the network. IPAM is configured to use Group Policy provisioning. You discover that a user has added a new mail exchanger (MX) record to one of the DNS zones and you want to figure out which user added the record. You open Event Catalog on an IPAM server and discover that the most recent event occurred yesterday. What should you do if you need to ensure that the operational events in the event catalog are never older than one hour?


Options are :

  • From Task Scheduler, create a scheduled task that runs the Update-IpamServer cmdlet
  • From Task Scheduler, modify the Microsoft\Windows\IPAM\Audit task.
  • From the properties on the DNS zone, modify the refresh interval.
  • From an IPAM_DNS Group Policy Object (GPO), modify the Group Policy refresh interval.

Answer : From the properties on the DNS zone, modify the refresh interval.

70-515 Web Applications Development with Microsoft .NET Exam Set 1

You are the administrator for your company network. You are discussing Group Policy Objects (GPOs) with a colleague. If you choose the Group Policy–based provisioning method for IPAM, you must also provide a GPO name prefix in the provisioning wizard. After you provide a GPO name prefix, the wizard will display the GPO names that must be created in domains that will be managed by IPAM. In the following PowerShell command, how many GPOs would be created? Invoke-IpamGpoProvisioning -Domain abc.com -GpoPrefixName IPAM1-DelegatedGpoUser user1 -IpamServerFqdn ipam1.abc.com


Options are :

  • 1
  • 2
  • 3
  • 4

Answer : 3

You are the administrator for your company network. What should you do if you need to modify the GPO prefix by IPAM?


Options are :

  • Run the Invoke-IpamGpoProvisioning cmdlet.
  • Run the Set-IpamConfiguration cmdlet.
  • Click Provision the IPAM Server in Server Manager.
  • Click Configure Server Discovery in Server Manager.

Answer : Run the Set-IpamConfiguration cmdlet.

You are the administrator for your company network. You have a Windows Server 2016 IPAM server named IPAM1 that manages 10 DHCP servers. You need to provide a user with the ability to track which clients receive which IP addresses from DHCP. The solution must minimize administrative privileges. To which group should you add this user?


Options are :

  • IPAM User
  • IPAM MSM Administrators
  • IPAM ASM Administrators
  • IPAM IP Audit Administrators

Answer : IPAM MSM Administrators

70-642 Windows Server 2008 Network Infrastructure Exam Set 1

You are the administrator for your company network. Your network contains an Active Directory domain that has a Windows Server 2016 server named Server1, which is a member server and has the DNS Server role installed. Automatic scavenging of state records is enabled, and the scavenging period is set to 10 days. All client computers dynamically register their names in the DNS zone on Server1. You discover that the names of multiple client computers that were removed from the network several weeks ago can still be resolved. What should you do if you need to configure Server1 to automatically remove the records of the client computers that have been offline for more than 10 days?


Options are :

  • Run the dnscmd.exe command and specify the /AgeAllRecords parameter for the zone.
  • Modify the Zone Aging/Scavenging properties of the zone.
  • Set the Time to Live (TTL) value of all the records in the zone.
  • Set the Expires After value of the zone.

Answer : Modify the Zone Aging/Scavenging properties of the zone.

You are the administrator for your company network. You have 2,000 devices, and 100 of these are mobile devices that have physical addresses beginning with 98-5F. You have a Windows Server 2016 DHCP server named Server1. What should you do if you need to ensure that the mobile devices register their host names by using a DNS suffix of mobile.abc.com?


Options are :

  • Create a new filter from IPv4.
  • Create a reservation.
  • Modify the Conflict Detection Attempts setting from the properties of Scope1.
  • Run the DHCP Policy Configuration Wizard from IPv4.
  • Configure Name Protection from the properties of Scope1.
  • Configure the bindings from the properties of IPv4.
  • Create an exclusion range from the properties of Scope1

Answer : Run the DHCP Policy Configuration Wizard from IPv4.

You are the administrator for your company network. You and a colleague are discussing client reservations. With client reservations, you can reserve an IP address for permanent use by a DHCP client. Typically, you will need to do this if the client uses an IP address that was assigned using another method for TCP/IP configuration. If you are reserving an IP address for a new client, or an address that is different from its current one, you should verify that the address has not already been leased by the DHCP server. Reserving an IP address in a scope does not automatically force a client currently using that address to stop using it. So, what ipconfig command would you use if the address is already in use?


Options are :

  • ipconfig /release
  • ipconfig /renew
  • ipconfig /flushdns
  • ipconfig /registerdns

Answer : ipconfig /release

70-642 Windows Server 2008 Network Infrastructure Exam Set 2

You are the administrator for your company network. You and a colleague are discussing Domain Name System (DNS). The DNS Server service provides several types of zones. What zone type helps to keep delegated zone information current, improve name resolution, and simplify DNS administration, but is not an alternative for enhancing redundancy and load sharing?


Options are :

  • Secondary zone
  • Stub zone
  • Principal zone
  • Primary zone

Answer : Stub zone

You are the administrator for your company network. You and a colleague are discussing DNS queries. The following is an example of DNS query results that are performed from a DNS client computer using the Resolve-DnsName cmdlet: resolve-dnsname -name finance.secure.abc.com -type A -server dns1.abc.com What extra parameter should you use if you want to include the DO bit in a DNS query to make sure the client is DNSSEC-aware and that it is okay for the DNS server to return DNSSEC data in a response?


Options are :

  • -DnssecCd
  • -DnssecOk
  • -DnsOnly
  • -LlmnrOnly

Answer : -DnssecOk

You are the administrator for your company network. You and a colleague are discussing socket pools. The socket pool enables a DNS server to use source port randomization when issuing DNS queries. What command offers the greatest protection?


Options are :

  • dnscmd /config /socketpoolsize 0
  • dnscmd /config /socketpoolsize 1
  • dnscmd /config /socketpoolsize 1000
  • dnscmd /config /socketpoolsize 1000 /socketpoolexcludedportranges 1-65535

Answer : dnscmd /config /socketpoolsize 1000

70-642 Windows Server 2008 Network Infrastructure Exam Set 3

You are the administrator for your company network. You have a Windows Server 2016 server named Server1 that has the DHCP Server and the Windows Deployment Service (WDS) server roles installed. Server1 is located on the same subnet as client computers. You need to ensure that clients can perform a PXE boot from Server1. Which IPv4 options should you configure in DHCP? (Choose two.)


Options are :

  • 003 Router
  • 006 DNS Servers
  • 015 DNS Domain Name
  • 060 Option 60
  • 066 Boot Server Host Name

Answer : 060 Option 60 066 Boot Server Host Name

You are the administrator for your company network. You have two Windows Server 2016 DNS servers named Server1 and Server2. All client computers run Windows 10 and are configured to use Server1 for DNS name resolution. Server2 hosts a primary zone named abc.com. Your network recently experienced several DNS spoofing attacks. What should you do to prevent further attacks from succeeding on Server2? (Choose two.)


Options are :

  • Configure the abc.com zone to be Active Directory integrated.
  • Sign the abc.com zone.
  • Configure DNS Cache locking.
  • Configure Response Rate Limiting (RRL).

Answer : Sign the abc.com zone. Configure DNS Cache locking.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions