70-742 | 100% Guarantee 70-742 Testing Bible 2020

Cause all that matters here is passing the Microsoft 70-742 exam. Cause all that you need is a high score of 70-742 Identity with Windows Server 2016 exam. The only one thing you need to do is downloading Examcollection 70-742 exam study guides now. We will not let you down with our money-back guarantee.

Free 70-742 Demo Online For Microsoft Certifitcation:

NEW QUESTION 1
You have a server named Server1 that runs Windows Server 2016. Server1 has the Web Application Proxy role service installed.
You need to publish Microsoft Exchange Server 2013 services through the Web Application Proxy. The solution must use preauthentication whenever possible.
How should you configure the preauthentication method for each service? To answer, select the appropriate options in the answer area.
70-742 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
Box 1: Pass-through
Box 2: Active Directory Federation Services (ADFS) Box 3: Pass-through
The following table describes the Exchange services that you can publish through Web Application Proxy and the supported preauthentication for these services:
70-742 dumps exhibit
References: https://technet.microsoft.com/en-us/library/dn528827(v=ws.11).aspx

NEW QUESTION 2
Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.
Start of repeated scenario.
Your network contains an Active Directory domain named contoso.com. The domain contains a single site
named Site1. All computers are in Site1.
The Group Policy objects (GPOs) for the domain are configured as shown in the exhibit. (Click the Exhibit button.)
70-742 dumps exhibit
The relevant users and client computer in the domain are configured as shown in the following table.
70-742 dumps exhibit
End of repeated scenario.
You are evaluating what will occur when you set user Group Policy loopback processing mode to Replace in A4.
Which GPO or GPOs will apply to User2 when the user signs in to Computer1 after loopback processing is configured?

  • A. A1, A5, A6 and A4
  • B. A3, A1, A4, A6 and A7
  • C. A3, A1, A5 and A4
  • D. A4 only

Answer: A

NEW QUESTION 3
Your network contains an Active Directory domain named contoso.com.
You create a domain security group named Group1 and add several users to it.
You need to force all of the users in Group1 to change their password every 35 days. The solution must affect the Group1 users only.
What should you do?

  • A. From Windows PowerShell, run the Set-ADDomain cmdlet, and then run the Set-ADAccountPassword cmdlet.
  • B. Modify the Password Policy settings in a Group Policy object (GPO) that is linked to the domain, and then filter the GPO to Group1 only.
  • C. Create a forms authentication provider, and then set the forms authentication credentials.
  • D. From Active Directory Administrative Center, create a Password Setting object (PSO).

Answer: D

NEW QUESTION 4
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.
You install IP Address Management (IPAM) on Server1. You select the automatic provisioning method, and then you specify a prefix of IPAM1.
You need to configure the environment for automatic IPAM provisioning.
Which cmdlet should you run? To answer, select the appropriate options in the answer area.
70-742 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
70-742 dumps exhibit

NEW QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2.
DC1 holds the RID master operations role. DC1 fails and cannot be repaired. You need to move the RID role to DC2.
Solution: On DC2, you open Windows PowerShell and run
Move-AddirectoryServerOperationMasterRole -OperationMasterRidMaster -Identity DC2.Adatum.com Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
You would need to use the -Force parameter because the server that held the role (DC1) if offline.

NEW QUESTION 6
The network contains an Active Directory forest named contoso.com.
The forest contains three domain controllers configured as shown in the following table.
70-742 dumps exhibit
The company physically relocates Server2 from the Montreal office to the Seattle office.
You discover that both Server1 and Server2 authenticate users who sign in to the client computers in the Montreal office. Only Server3 authenticates users who sign in to the computers in the Seattle office.
You need to ensure that Server2 authenticates the users in the Seattle office during normal network operations. What should you do?

  • A. From Windows PowerShell, run the Set-ADReplicationSite cmdlet.
  • B. From Active Directory Users and Computers, modify the Location Property of Server2.
  • C. From Network Connections on Server2, modify the Internet Protocol Version 4 (TCP/IPv4) configuration.
  • D. From Windows PowerShell, run the Move-ADDirectoryServer cmdlet.

Answer: A

NEW QUESTION 7
Your company has a main office and three branch offices.
The network contains an Active Directory domain named contoso.com.
The main office contains three domain controllers. Each branch office contains one domain controller.
You discover that new settings in the Default Domain Policy are not applied in one of the branch offices, but all other Group Policy objects (GPOs} are applied.
You need to check the replication of the Default Domain Policy for the branch office. What should you do from a domain controller in the main office?

  • A. From a command prompt, run dcdiag.exe.
  • B. From Group Policy Management, click Default Domain Policy under Contoso.com, and then open theDetails tab.
  • C. From Group Policy Management, click Default Domain Policy under Contoso.com, and then open theScope tab.
  • D. From a command prompt, run repadmin.exe.

Answer: D

NEW QUESTION 8
You use Application Request Routing (ARR) to make internal web applications available to the Internet by using NTLM authentication.
You need to replace ARR by using the Web Application Proxy. Which server role should you deploy first?

  • A. Active Directory Lightweight Directory Services
  • B. Active Directory Rights Management Services
  • C. Active Directory federation Services
  • D. Active Directory Certificate Services

Answer: C

NEW QUESTION 9
Your company recently deployed a new child domain to an Active Directory forest.
You discover that a user modified the Default Domain Policy to configure several Windows components in the child domain.
A company policy states that the Default Domain Policy must be used only to configure domain-wide security settings.
You create a new Group Policy object (GPO) and configure the settings for the Windows components in the new GPO.
You need to restore the Default Domain Policy to the default settings from when the domain was first installed.
What should you do?

  • A. From Group Policy Management, click Starter GPOs, and then click Manage Backups.
  • B. From a command prompt, run the dcgpofix.exe command.
  • C. From Windows PowerShell, run the Copy-GPO cmdlet.
  • D. Run ntdsutil.exe to perform a metadata cleanup and a semantic database analysis.

Answer: B

NEW QUESTION 10
A technician named Tech1 is assigned the task of joining the laptops to the domain. The computer accounts of each laptop must be in an organizational unit (OU) that is associated to the department of the user who will use that laptop. The laptop names must start with four characters indicating the department followed by a
four-digit number
Tech1 is a member of the Domain Users group only. Tech1 has the administrator logon credentials for all the laptops.
You need Tech1 to join the laptops to the domain. The solution must ensure that the laptops are named correctly, and that the computer accounts of the laptops are in the correct OUs.
Solution: You pre-create the computer account of each laptop in Active Directory users and computers. You instruct Tech1 to sign in to each laptop, and then to run djoin.exe.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 11
Your network contains an Active Directory forest named contoso.com. The forest contains 10 domains. The root domain contains a global catalog server named DC1.
You remove the global catalog server role from DC1.
You need to decrease the size of the Active Directory database on DC1.
Solution: You restart DC1 in Safe Mode. You run ntdsutil.exe, use the files option, and then restart DC1. Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

NEW QUESTION 12
Note: This question is part of a series of questions that use the same or similar answer choice. An answer choice may be correct for more than one question in the series. Each question is Independent of the other questions in this series. Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com. The domain functional level is Windows Server 2012 R2.
Your company hires 3 new security administrators to manage sensitive user data. You create a user account named Secunty1 for the security administrator.
You need to ensure that the password for Secunty1 has at least 12 characters and is modified every 10 days. The solution must apply to Security 1 only.
Which tool should you use?

  • A. Dsadd quota
  • B. Dsmod
  • C. Active Directory Administrative Center
  • D. Dsacis
  • E. Dsamain

Answer: C

Explanation:
Using Fine-Grained Password Policies you specify multiple password policies in a single domain and apply different restrictions for password and account lockout policies to different sets of users in a domain. You can apply stricter settings to privileged accounts and less strict settings to the accounts of other users.To enable Fine-Grained Password Policies (FGPP), you need to open the Active Directory Administrative Center (ADAC)https://blogs.technet.microsoft.com/canitpro/2013/05/29/step-by-step-enabling-and-using-fine-grained-

NEW QUESTION 13
Your network contains an Active Directory forest named contoso.com. The forest contains three domains named contoso.com, corp.contoso.com, and ext.contoso.com. The forest contains three Active Directory sites named Site1, Site2, and Site3.
You have the three administrators as described in the following table.
70-742 dumps exhibit
You create a Group Policy object (GPO) named GPO1.
Which administrator or administrators can link GPO1 to Site2?

  • A. Admin1 and Admin2 only
  • B. Admin1, Admin2, and Admin3
  • C. Admin3 only
  • D. Admin1 and Admin3 only

Answer: D

Explanation:
References:
https://technet.microsoft.com/en-us/library/cc732979(v=ws.11).aspx

NEW QUESTION 14
You are deploying a web application named WebApp1 to your internal network. WebApp1 is hosted on a server named Web1 that runs Windows Server 2016.
You deploy an Active Directory Federation Services (AD FS) infrastructure and a Web Application Proxy to provide access to WebApp1 for remote users.
You need to ensure that Web1 can authenticate the remote users. What should you do?

  • A. Publish WebApp1 by using pass-through preauthentication.
  • B. Publish WebApp 1 as a Remote Desktop Gateway (RD Gateway) application in the Web Application Proxy.
  • C. Publish WebApp1 by using AD FS preauthentication.
  • D. Publish WebApp1 by using client certificate preauthentication.

Answer: A

NEW QUESTION 15
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series.
Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com. The domain contains 5,000 user accounts.
You have a Group Policy object (GPO) named DomainPolicy that is linked to the domain and a GPO named DCPolicy that is linked to the Domain Controllers organizational unit (OU).
You need to configure the Documents folder of every user to be stored on a server named FileServer1. What should you do?

  • A. From the Computer Configuration node of DCPolicy, modify Security Settings.
  • B. From the Computer Configuration node of DomainPolicy, modify Security Settings.
  • C. From the Computer Configuration node of DomainPolicy, modify Administrative Templates.
  • D. From the User Configuration node of DCPolicy, modify Security Settings.
  • E. From the User Configuration node of DomainPolicy, modify Folder Redirection.
  • F. From user Configuration node of DomainPolicy, modify Administrative Templates.
  • G. From Preferences in the User Configuration node of DomainPolicy, modify Windows Settings.
  • H. From Preferences in the Computer Configuration node of DomainPolicy, modify Windows Settings.

Answer: E

NEW QUESTION 16
Your network contains an Active Directory forest. The forest contains a domain named contoso.com. The domain contains three domain controllers.
A domain controller named lon-dc1 fails. You are unable to repair lon-dc1.
You need to prevent the other domain controllers from attempting to replicate to lon-dc1. Solution: From ntdsutil.exe, you perform a metadata cleanup.
Does this meet the goal?

  • A. Yes
  • B. NO

Answer: A

NEW QUESTION 17
You have a server named Server1 that runs Windows Server 2016. Server1 has the Web Application Proxy role service installed.
You are publishing an application named App1 that will use Integrated Windows authentication as shown in the following graphic.
70-742 dumps exhibit
Use the drop-down menus to select the answer area choice that completes each statement based on the information presented in the graphic.
70-742 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
70-742 dumps exhibit

NEW QUESTION 18
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.
Server1 has IP Address Management (IPAM) installed. IPAM is configured to use the Group Policy based provisioning method. The prefix for the IPAM Group Policy objects (GPOs) is IP.
From Group Policy Management, you manually rename the IPAM GPOs to have a prefix of IPAM. You need to modify the GPO prefix used by IPAM.
What should you do?

  • A. Click Configure server discovery in Server Manager.
  • B. Run the Set-IpamConfiguration cmdlet.
  • C. Run the Invoke-IpamGpoProvisioning cmdlet.
  • D. Click Provision the IPAM server in Server Manager.

Answer: B

Explanation:
The Set-IpamConfiguration cmdlet modifies the configuration for the computer that runs the IPAM server. The -GpoPrefix<String> parameter specifies the unique Group Policy object (GPO) prefix name that IPAM
uses to create the group policy objects. Use this parameter only when the value of the ProvisioningMethod parameter is set to Automatic.
References: https://technet.microsoft.com/en-us/library/jj590816.aspx

NEW QUESTION 19
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com. The forest contains a member server named Server1 that runs Windows Server 2016. All domain controllers run Windows Server 2012 R2.
Contoso.com has the following configuration. PS C:\> (Get-ADForest).ForestMode Windows2008R2Forest
PS C:\> (Get-ADDomain).DomainMode Windows2008R2Domain
PS C:\>
You plan to deploy an Active Directory Federation Services (AD FS) farm on Server1 and to configure device registration.
You need to configure Active Directory to support the planned deployment. Solution: You raise the domain functional level to Windows Server 2012 R2. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
Device Registration requires Windows Server 2012 R2 forest schema (not just domain schema).

NEW QUESTION 20
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. A user named User1 is in an organizational unit (OU) named OU1.
You are troubleshooting a folder access issue for User1.
You need a list of groups to which User1 is either a direct member or an indirect member. Solution: You run Get-ADUser –Identity User1 –Property MemberOf.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation:
The Get-ADUser cmdlet does not include the MemberOf property. The command above is, therefore, not valid.
References:
https://docs.microsoft.com/en-us/powershell/module/addsadministration/get-aduser?view=win10-ps

NEW QUESTION 21
Your network contains an Active Directory domain named contoso.com. The domain contains an administrative workstation named WKS1 that runs Windows 10.
You have a Group Policy object (GPO) named GPO1.
You download a custom administrative template that contains the following files:
You need to ensure that you can configure GPO1 by using the settings in the new administrative template. To where should you copy each file? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
70-742 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
References:
https://support.microsoft.com/en-us/help/918239/how-to-write-custom-adm-and-admx-administrative-template-f

NEW QUESTION 22
Your network contains an Active Directory forest. The forest contains an Active Directory Federation Services (AD FS) deployment.
The AD FS deployment contains the following.
• An AD FS server named server1.contoso.com that runs Windows Server 2016
• A Web Application Proxy used to publish AD FS
• A UPN that uses the contoso.com suffix
• A namespace named adfs.contoso.com
You create a Microsoft Office 365 tenant named contoso.onmicrosoft.com. You use Microsoft Azure Active Directory Connect (AD Connect) to synchronize all of the users and the UPNs from the contoso.com forest to Office 365.
You need to configure federation between Office 365 and the on-premises deployment of Active Directory. Which three commands should you run in sequence from Server1? To answer, move the appropriate
commands from the list of commands to the answer area and arrange them in the correct order.
70-742 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
70-742 dumps exhibit

NEW QUESTION 23
You deploy a new certification authority (CA) to a server that runs Windows Server 2016. You need to configure the CA to support recovery of certificates.
What should you do first?

  • A. Modify the Recovery Agents settings from the properties of the CA.
  • B. Assign the Request Certificates permission to the user account that will be responsible for recovering certificates.
  • C. Configure the Key Recovery Agent template as a certificate template to issue.
  • D. Modify the extensions of the OCSP Response Signing template.

Answer: C

Explanation:
References:
http://markgossa.blogspot.co.uk/2017/03/enable-key-archival-in-server-2012-r2.html

NEW QUESTION 24
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. A user named User1 is in an organizational unit (OU) named OU1.
You are troubleshooting a folder access issue for User1.
You need a list of groups to which User1 is either a direct member or ab indirect member. Solution: You run dsget user cn=User1, ou=OU1, dc=contoso, dc=com –memberof –expand. Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

Explanation:
DSGET displays the properties of a user in the directory. There are two variations of this command. The first variation displays the properties of multiple users. The second variation displays the group membership information of a single user.
To show the list of groups, recursively expanded, to which the user Mike Danseglio belongs, type: dsget user "CN=Mike Danseglio,CN=users,dc=ms,dc=tld" -memberof –expand
References:
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc73253

NEW QUESTION 25
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1.
You create and link a Group Policy object (GPO) named SalesAppGPO to an organizational unit (OU) named SalesOU. All the computer accounts are in the Computers container. All the user accounts of the users in the sales department are in SalesOU.
You have a line-of-business application named SalesApp that is installed by using a Windows Installer package.
You need to make SalesApp available to only the sales department users.
Which three actions should you perform in sequence? To answer move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
70-742 dumps exhibit

  • A. Mastered
  • B. Not Mastered

Answer: A

Explanation:
70-742 dumps exhibit

NEW QUESTION 26
......

P.S. Easily pass 70-742 Exam with 266 Q&As Certifytools Dumps & pdf Version, Welcome to Download the Newest Certifytools 70-742 Dumps: https://www.certifytools.com/70-742-exam.html (266 New Questions)