NET141
You have a server named CorpNet_DHCP that runs WIndows Server 2016 and has the DHCP Server role installed on it. You have another server named CorpNet_WDS with the Windows Deployment Service (WDS) server role installed. Both servers are located on the same subnet as client computers. You need to make sure that clients can perform a PXE boot from CorpNet_DHCP and install the image located on CorpNet_WDS. Which two additional IPv4 options should you configure in DHCP? (Select two. Each answer is part of the complete solution.)
- 066 Boot Server Host Name - 067 Bootfile Name
You are the DNS manager for the eastsim.com domain. You have set up a website for your intranet that holds company information for use by the employees. Employees access the website using the URL intraweb.eastsim.com. Because of the large number of employees, you decide to configure three different web servers that will hold the intranet content. When users enter the URl in their browsers, you want to use the DNS server to respond with the IP address of one of the three servers. The DNS server should evenly use each of the three web server addresses. What should you do? (Select two. Each choice is a required part of the solution.)
- Configure three different host (A) records for intraweb.eastsim.com, with each pointing to a different server. - On the DNS server, enable DNS Round Robin.
The DHCP server and the client use broadcasts to communicate with each other. Clients go through four steps to obtain an address from a DHCP server. Drag steps from the left pane to the right pane to arrange them in the order they occur when a client obtains IP configuration from a DHCP server. Each step may be used once, more than once, or not at all.
- DHCP Discover, DHCP Offer, DHCP Request, DHCP ACK - Discover, Offer, Request, ACK
You are a network administrator. You have determined that you need to install and configure a local DNS server. You have decided that installing DNS on Nano Server is best for the following reasons. (Select three.)
- Nano Server requires fewer patches and reboots. - Nano Server requires less disk space. - Nano Server can be deployed as a Hyper-V VM.
You are the administrator of a network with a single subnet. A single Windows server (Srv1) on Subnet1 is the domain controller, DNS server, and DHCP server. Due to recent expansion, you are adding a second subnet. The second subnet is connected to the first using a dedicated router. On Subnet2, you add a second Windows server (Srv2) that provides file and print services for hosts on that subnet. You want hosts on Subnet 2 to receive IP addressing information from the server on Subnet1. What should you do? (Select two. Each choice is a complete solution.)
- On Srv2, add the Remote Access role with routing. In Routing and Remote Access, configure the Relay Agent protocol. - Enable BootP forwarding on the router connecting Subnet1 to Subnet2.
Your Active Directory network uses the internal DNS namespace private.westsim.com. Several other Active Directory domains also exist, which are children to the private.westsim.com domain. On the internet, your company uses westsim.com for its public domain name. Your company manages its own DNS servers that are authoritative for the westsim.com zone. The private.westsim.com zone has been delegated to your company's Active Directory domain controllers, which are also DNS servers. Computers that are members of the private.westsim.com domain and all child domains must be able to resolve DNS names of internet resources. However, to help secure your network, DNS queries for resources in the private.westsim.com domain and all child domains must never be sent to internet DNS servers. Queries for internet names must go first to your public DNS server that is authoritative for the westsim.com domain. You need to configure your company's DNS servers to meet these requirements. What should you do? (Select two. Each correct choice is part of the solution.)
- On all DNS servers that are authoritative for the private.westsim.com zone or any child zone, create a forwarders list. Forward to DNS servers that are authoritative for the parent zone, westsim.com. - Delete root hints to internet DNS servers on all DNS servers that are authoritative for the private.westsim.com zone or any child zone.
You have a small network with three subnets as shown in the Exhibit. IP addresses or each router interface are also indicated. You need to connect Wrk1_A to SubnetA and Wrk5_C to SubnetC. Which IP addresses should you use? (Select two.)
- Wrk_A = 192.168.111.62 - Wrk5_C = 10.155.64.97
A client's primary DNS suffix is east.corpsim.com. The client is also configured with a DNS suffix search list containing west.corpsim.com and ny.east.corpsim.com. Which FQDNs will be included in DNS queries when DNS devolution is used by the client to resolve a single-label name of srv42? (Select two.)
- srv42.east.corpsim.com - srv42.corpsim.com
Which of the following are the IEEE version of STP? (Choose 2) 802.1x VLANs 802.1d 802.11 802.1w
802.1d 802.1w 802.1d and 802.1w are both IEEE STP versions, with 802.1w being the latest and greatest version
Your ISP has assigned you the IP address of 172.22.19.0 with a default subnet mask of 255.255.255.0. You need to create three subnets to meet the following requirements: • Subnet A = 60 hosts • Subnet B = 25 hosts • Subnet C = 31 hosts To provide the minimal number of hosts possible for each subnet, what values should you use?
A = Subnet address 172.22.19.64 with a mask of 255.255.255.192 B = Subnet address 172.22.19.32 with a mask of 255.255.255.224 C = Subnet address 172.22.19.192 with a mask of 255.255.255.192
The types of ports that can found on a switch are___________________ and ___________________. (Choose two.) VLAN Trunk Protocol Access 802.1Q Trunk
Access Trunk Hosts are connected to a switch and are members of one VLAN. This is called an access port. Trunk links connect between switches and pass information about all VLANs.
You manage the network infrastructure for the westsim.com domain. All servers have recently been upgraded to Windows Server 2016, and all clients run Windows 10. All server and client computers are members of the domain. You have configured a DFS solution with a domain-based DFS root. Srv1 hosts the DFS root, and the namespace is named Sales. A single folder named Contacts in the DFS root points to the SalesSF shared folder on Srv3. You would like to provide redundancy so that the data in the Contacts shared folder will still be available, even if Srv1 goes down. You want to use Srv4 to provide the redundancy. What should you do?
Add Srv4 as a namespace server.
You are the network administrator ro Corpnet.xyz. All of the servers run Windows Server 2016. You have deployed a server named IPAM1 that has the IPAM feature installed on it. A user named User1 works at the company help desk. You need to enable User1 to view all the information in Server Discovery, IP Address Space, and Server Management as well as IPAM and DHCP server operational events. User1 should not be able to view IP address tracking information. What should you do?
Add User1 to the IPAM Users group.
You manage Windows 8 and Windows 10 notebooks that are joined to the mydomain.com Active Directory domain. Because these notebook computers are frequently taken on sales visits to client sites, you have decided to implement DirectAccess on your network. You run the setup for DirectAccess on the DA1 server with the following configuration: • End-to-end authentication with a smart card required for authentication. • Root certificate from ca1.mydomain.com. • The security group name DirectAccessGroup. • The Network Location service running on the DirectAccess server. You need to configure the client computers for the DirectAccess connection. What should you do?
Add the computer account for each client computer to the DirectAccessGroup security group.
Three switch functions
Address learning forward/filter decisions loop avoidance
What are the distinct functions of Layer 2 switching that increase available bandwidth on the network? (Choose three.) Address learning Routing Forwarding and filtering Creating network loops Loop avoidance IP addressing
Address learning Forwarding and filtering Loop avoidance Layer 2 features include address learning, forwarding and filtering of the network, and loop avoidance
What are the three switch functions at Layer 2?
Address learning, filtering, and loop avoidance
Rachel is a junior system administrator for a network with a single Active Directory domain. The network has just expanded to include an additional subnet. Rachel has installed a new server running Windows Server 2016 on the new subnet and configure it as a DHCP server. When she checks the server icon in the DHCP Management console, she notices the server has a down icon. The DHCP server has started, but the server does not respond to DHCP lease requests. What should Rachel do to solve the problem?
Ask a member of the Enterprise Admins group to authorize the server.
Nadine is the systems administrator for a network with a single subnet. The subnet uses 192.168.1.0 with a mask of 255.255.255.0. The network has 10 servers running Windows Server. Srv1 currently provides both DHCP and DNS services. Nadine wants to increase the fault tolerance for her DHCP servers. She installs a new server, Srv11, and configures it for DHCP. She configures a scope on Srv11 to match the scope on Srv1 and then excludes half of the addresses in the scope on Srv1 and the other half of the addresses on the Srv11. Nadine decides to test her solution and shuts down Srv1. As a test, she forces a workstation to release its IP address and request a new one. She finds that the workstation has the IP address 169.254.0.15 with a mask of 255.255.0.0. What should Nadine do to fix the problem?
Authorize Srv11.
What is a disadvantage of using port spanning? It breaks up broadcast domains on all ports It can create overhead on the switch It makes the switch one large collision domain It makes the switch fast between only two ports instead of all ports
Be careful when using port mirroring/spanning on a switch because it can cause a lot of overhead on the switch and possibly crash your network. So, it's a good idea to use this feature at strategic times and only for short periods if possible
If a switch receives a frame, and the source MAC address is not in the MAC address table but the destination address is, what will the switch do with the frame? Discard it and send an error message back to the originating host Flood the network with the frame Add the source address and port to the MAC address table and forward the frame out the destination port Add the destination to the MAC address table and then forward the frame
Because the source MAC address is not in the MAC address table, the switch will add the source address and the port it is connected to into the MAC address table and then forward the frame to the outgoing port.
Match the view in the IP Address Space node of the IPAM console with the tasks that can be performed in that view on the right. Each view may be used more than once.
Blocks Addresses Addresses Ranges Addresses Ranges Ranges
VLANs break up ________ domains in a Layer 2 switched network.
Broadcast
You want to improve network performance by increasing the bandwidth available to hosts and limiting the size of the broadcast domains. Which of the following options will achieve this goal? Managed hubs Bridges Switches Switches configured with VLANs
By creating and implementing VLANs in your switched network, you can break up broadcast domains at Layer 2. For hosts on different VLANs to communicate, you must have a router or Layer 3 switch.
You have a small network as shown in the image. You are unable to ping Wrk2 from Wrk1. What should you do to fix the problem?
Change the subnet mask on Wrk1.
You are the administrator for the corp.westsim.com domain. The network has two child domains, acct.corp.westsim.com and sales.corp.westsim.com. You need to configure DNS name resolution properties on the srv2.sales.corp.westsim.com server. You decide to change the network interface's TCP/IP settings to do this. When an unqualified name is submitted for name resolution, you want the server to search using the following suffixes: • sales.corp.westsim.com • acct.corp.westsim.com • corp.westsim.com • westsim.com What should you do?
Click Advanced and from the DNS tab, configure custom search suffixes of sales.corp.westsim.com, acct.corp.westsim.com, corp.westsim.com, and westsim.com.
Switches, by default, only break up ________ domains.
Collisioin
You administer a branch office connected to the main headquarters with a WAN link. Servers in the branch office provide DNS and DHCP services. The company network has multiple domains. A single domain represents the branch office. A DNS server named DCI at the branch office is authoritative for the branch office's primary zone and contains no other DNS zones. DNS servers at headquarters provide name resolution for hosts in other domains. One day, you come to work to find a number of customer service complaints. They all report something similar -- clients can resolve local host names, but cannot resolve host names for other domains on the network. You contact the enterprise administrator. She tells you the IP address for the DNS server that previously used as a forwarder for the branch office has been changed to 10.155.11.15. What should you do to fix the problem?
Configure DC1 to forward name resolution requests to 10.155.11.15.
The image depicts the network layout for NorthSim Corporation. Currently, the network uses static IP addressing. You want to use DHCP instead. You configure SRV1 as a DHCP server, and you create two scopes on the server. You configure all clients on both subnets to request IP addressing and other configuration parameters from the DHCP server. After starting the service, you find that hosts on subnet 192.168.1.0 have obtained addresses from the DHCP server. However, all hosts on subnet 192.168.2.0 have assigned themselves addresses in the APIPA range. What should you do?
Configure SRV2 as a relay agent.
The image depicts the network layout for NorthSim Corporation. Currently, the network uses static IP addressing. You want to use DHCP instead. You configure SRV1 as a DHCP server, and you create two scopes on the server. You configure all clients on both subnets to request IP addressing and other configuration parameters from the DHCP server. After starting the service, you find that hosts on subnet 192.168.1.0 have obtained addresses from the DHCP server. However, all hosts on subnet 192.168.2.0 have assigned themselves addresses in the APIPA range. What should you do?
Configure SRV2 as a relay agent.
You are the systems administrator for WestSim Corporation. You have been assigned to set up a new branch office in Tulsa. The branch will be represented by a single domain. You install a single DNS server called TulsaDNS and configure a primary zone for the branch office domain. You test name resolution and find that hosts can only resolve names for hosts within the domain. You need to enable clients in the Tulsa location to resolve names for hosts in other domains within your private network. You would like to minimize traffic across the WAN link between the sites. What should you do?
Configure TulsaDNS to use forwarders.
You are the network administrator for westsim.com. The network consists of a single domain. All the servers run Windows Server 2016. All the clients run Windows 10. The main office contains a server named RRAS1. You are in the process of configuring RRAS1 to support DirectAccess connections. You need to configure RRAS1 to allow IPv6 connectivity for the clients to RRAS1 for the purpose of DirectAccess. What should you do?
Configure Windows Firewall with Advanced Security to allow ICMPv6 Echo Requests.
An employee in your organization has started to work from home two days a week. The employee uses a company laptop for work in both the office and at home. The laptop automatically connects to the wireless network in the office, but does not automatically connect to the employee's home wireless network. The employee would like the laptop to connect automatically both at home and at work. What should you do?
Configure an alternate TCP/IP configuration on the laptop's wireless adapter to use a static IP address that is compatible with the home network.
You have just received a new laptop at work that you will use on your company network and at home. The company network uses dynamic addressing, while your home network uses static addressing. You connect the laptop to the company network and everything works fine. When you take your laptop home you can connect to the devices on your home network or the Internet. You run ipconfig on the laptop and receive the following output: Connection-specific DNS suffix. . . : IPv4 Address . . . . . . : 169.254.22.74 Subnet Mask . . . . . : 255.255.0.0 Default Gateway. . . . . : You need to be able to connect both the company network and your home network with the least amount of configuration and cost. What should you do?
Configure an alternate TCP/IP configuration.
You are a network engineer working for WestSim Corporation. The company has an internet domain named westsim.com. The private network uses the namespace of private.westsim.com. Your company manages its own Domain Name System (DNS) servers that are authoritative for both the company's namespaces. Your network consists of several subnets at multiple locations. Sites are connected with WAN links. www.private.westsim.com is an intranet web server that is commonly used throughout the company. You want to ensure that users can always access this server by name, even if an authoritative DNS server is not available. What should you do?
Configure each client computer's hosts file with an entry for vmw.private.westsim.com.
You have a laptop computer that runs Windows 10. The computer is a member of a domain. You want to use DirectAccess to access application servers on your corporate intranet. Application servers are currently running Windows Server 2008. You need to implement a solution that accomplishes the following: • All communications sent to the private network server over the internet are encrypted. • Client computers authenticate with application servers on the intranet. • Following authentication, traffic on the intranet is not encrypted. What should you do? (Select two. Each choice is a required part of the solution).
Configure selected server access (modified end-to-edge) Upgrade application servers to Windows Server 2008 R2 or newer.
You need to implement a separate network for contractors and guests working at your office. Which technology should you implement?
Create a VLAN for Contractor and another VLAN for guests
You have created a DFS namespace that is accessed using \\westsim.com\Accounting. The namespace currently has a single folder named Accounting with two targets. You want to configure DFS replication so that data can only be modified on Srv1 with all changes being replicated to Srv2. Users should not be able to make changes to files on Srv2. You want to follow Microsoft's recommendations for doing this. What should you do?
Create two one-way connections. Configure a read-only replicated folder on Srv2.
You have a network with 50 workstations. You want to automatically configure workstations with the IP address, subnet mask, and default gateway values.
DHCP server
You want to implement a protocol on your Network that allows computers to find the IP address of a host using a logical name. Which protocol should you implement?
DNS
You need to define a new IPv4 DHCP scope on the DC1 server in the westsim.com domain. Click the option in the IPAM console that you should use to accomplish this task.
DNS and DHCP Servers
You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. Which device would you use to accomplish this task?
DNS server
You are a junior systems manager for your company's network. There are 600 workstations running Windows 10, and they receive services from 20 Windows servers. The network is split into 10 subnets. You've configured the DHCP servers on 10 servers, one for each subnet. However, shortly after you finish configuring the servers, your boss receives reports that workstations are not able to communicate properly with other workstations. Your boss investigates and soon discovers that the subnet masks you assigned in the DHCP scopes are incorrect. Your boss tells you to correct your error with the least amount of administrative effort. What should you do?
Delete all of the scopes and start over.
You manage the branch office for your company network. The branch office consists of two subnets and 10 host computers. You use static addressing for all hosts on both subnets. To provide name resolution between subnets, you configure static entries on each computer. As the network grows, you decide to implement dynamic services. You configure a Windows Server 2016 server as a DHCP and DNS server. You configure a DNS zone and DHCP scopes. You configure DHCP options on the DHCP server to deliver the IP address of the DNS server to all hosts. You configure each client to get IP address and DNS server information from the DHCP server. You need to configure each client so that it no longer uses static entries for name resolution. What should you do?
Delete the hosts file on each client.
You have a laptop that runs Windows 10. You want to use the laptop to connect to your corporate intranet while you are at home or traveling. Your solution should meet the following requirements: • The computer should connect automatically to the intranet without user initiation. • All communications between your laptop and the intranet should be encrypted. • the connection should allow for remote management of the computer from the corporate intranet. • Internet traffic should be directed to internet servers without going through servers at the corporate network. • The solution should work through firewalls where only HTTP and HTTPS are permitted. Which feature should you implement?
DirectAccess
You are creating a DFS namespace on a Windows Server 2016 system that is joined to the eastsim.com domain. You want any files and folders that users do not have permission to access to be hidden in the namespace folder targets. Click the options you must select to configure the namespace to function in this manner.
Domain-based namespace Enable Windows Server 2008 mode
You manage a Windows 10 computer connected to a business network using switches and multiple subnets. You connect a workstation to the 192.168.1.0/24 subnet. The workstation can communicate with all hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . : Broadcom network adapter Physical Address . . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . . . : No Autoconfiguration Enabled . . . : Yes IPv4 Address . . . . . . : 192.168.1.102 (Preferred) Subnet Mask . . . . . . : 255.255.255.0 Default Gateway . . . . . . : 192.168.2.1 DNS Servers . . . . . . : 192.168.2.20 What should you do?
Edit the IPv4 properties and change the default gateway.
You are the server administrator for the network shown in the first image. SRV2 is a domain controller that hosts an Active Directory-integrated zone for the network. SRV1 is an application server. Both subnets use the default subnet mask. SRV2 has also been recently configured as a DHCP server for both subnets, and all clients have been modified to receive their IP configuration information from the DHCP server. The user at Host A reports that he can access SRV2. Others on the same subnet seem to be having the same problem. Users on the same subnet as SRV2 report no problems. You run ipconfig /all to verify the TCP/IP configuration of Host A. The output is shown in the second image. What should you do?
Enable BOOTP forwarding on the router.
You are the network administrator for westsim.com. The network consists of a single Active Directory domain. All the servers run Windows Server 2016. All the clients run Windows 10. The westsim.com organization has one main office with a single subnet. There are two application servers located in the main office that host a custom web application. They are named APP1 and APP2. You have been instructed to ensure that APP1 and APP2 each service about half the clients who need access to the custom web application using the minimum amount of administrative effort. You create two CNAME records linking the customapp.westsim.com Fully Qualified Domain Name (FQDN) to each of the servers. What should you do?
Enable Round Robin on the DNS server.
You administer the DNS and DHCp servers on your network. The network has just added a new subnet. The subnet is represented as a new domain in DNS named acct.istp.private. The subnet uses address 192.168.16.0/24. All servers on the subnet run Windows 2016 and all clients run Windows 10. The new subnet will use existing DNS and DHCP servers on another subnet. You need to configure DNS to support the new subnet. You configure a delegation to the new domain from its parent and create a primary zone for the new domain. You also create a primary reverse lookup zone for the subnet address. When you check the DNS database, you find that there are no A or PTR records for hosts on the subnet. At a client computer, you run the ipconfig /registerdns command. However, the corresponding DNS records are still not created. What should you do?
Enable dynamic updates on the acct.istp.private and the reverse lookup zone for the subnet.
You are the network administrator for eastsim.com. The network consists of a single Active Directory domain. All of the servers run Windows Server 2016. All of the clients run Windows 10. There are two main sites, one in New York and one in Los Angeles. All of the computers in the New York site are configured with IP addresses in the 10.0.0.0/24 subnet. All of the computers in the Los Angeles site are configured with IP addresses in the 172.16.0.0/24 subnet. There is an application server located in New York named APP1 with an IP address of 10.0.0.10. There is a replica application server located in Los Angeles that is also named APP2. It has an IP address of 172.16.0.10. Users must access the application using a URL of http://customapp.eastsim.com. You create two CNAME records for customapp.eastsim.com that link to each of the two application servers. You need to ensure that users in each office will be referred to the local server when accessing the applications using this URL. What should you do?
Enable the Netmask Ordering option on the DNS server.
If a frame is received on a switch port and the source MAC address is not in the forward/filter table, what will the switch do?
Flood the frame out all ports except the port it was received on
Why are switches better than hubs in your network by default? Because they break up broadcast commands by default Because each port on a switch is a broadcast domain Because each port on a switch is a collision domain Because all ports on a hub are broken into broadcast domains by default
Hubs create one collision domain and one broadcast domain. Switches break up collision domains but the network is one large broadcast domain by default.
You manage the network that is shown in the graphic. You have just added Host B to the network. All hosts use manually-configured IP addresses, and Srv1 is the DNS server for the entire network. Both subnets use a 27-bit subnet mask. Which TCP/IP configuration values should you choose for Host B? To answer, drag a value to each TCP/Ip parameter shown in the diagram.
IP Address - 192.168.1.193 Subnet Mask - 255.255.255.224 Default Gateway - 192.168.1.221 DNS Server - 192.168.1.189 .193, .224, .221, .189
You need to view a list of all IP addresses sorted by device type that have been assigned by DHCP servers in the westsim.com domain. Click the option in the IPAM console that you should use to view this information.
IP Address Inventory
Your network has 200 workstations split into two network segments. Each segment has two servers running Windows Server. The two segments are connected by a single router that is not BootP enabled. To get around this roadblock, you've set up a DHCP server on Subnet1 and a DHCP Relay Agent on Subnet2. Over the weekend, you receive an email alert that the DHCP server went down. When you arrive onsite, you find the DHCP server has suffered a critical failure from which it will not easily recover. You decide to replace it. You add the DHCP role to the other server on Subnet1 and configure it with both scopes. You configure all server and scope options. When you arrive for work Monday morning, you receive reports that computers on one subnet cannot communicate with computers on the other subnet. Computers are able to communicate with workstations on the same subnet. You find that computers on Subnet1 have received IP addresses from the DHCP server, but computers in Subnet2 have not. What should you do?
In Routing and Remote Access, change the IP address configured for the Relay Agent protocol.
You connect your host to a switch that is running network analyses software. However, you are not seeing any packets from the server. What do you need to implement on the switch to see all the packet information? VLANs STP Port Mirroring Authentication
In order to see all frames that pass through the switch and read the packets with a network analyzer, you need to enable port mirroring on the port your diagnostic host is plugged into.
You have configured your organization's DHCP server to dynamically assign IP addresses to DHCP clients using a lease duration of four days. You are using a Windows server for DHCP, and the default lease time is eight days. What impact, if any, will this have on the network?
Increased network traffic
What is the result of segmenting a network with a bridge (switch)? (Choose two.) It increases the number of collision domains. It decreases the number of collision domains. It increases the number of broadcast domains. It decreases the number of broadcast domains. It makes smaller collision domains. It makes larger collision domains.
It increases the number of collision domains. It makes smaller collision domains. Bridges break up collision domains, which would increase the number of collision domains in a network and also make smaller collision domains.
If a frame is received on a switch port and the source MAC address is not in the forward/filter table, what will the switch do?
It will add the source MAC address to the forward/filter table
You have purchased a new laptop that runs Windows 10. You want to use DirectAccess to connect the laptop to your corporate intranet. You will use Group Policy to enforce DirectAccess settings on the client. What should you do to configure the laptop for the DirectAccess connection?
Join the computer to a domain.
In which two states is the MAC address table populated with addresses? Blocked Listening Learning Forwarding
Learning Forwarding In the blocked and listening states, the MAC address table is not learning. Only in the learning and forwarding states is the MAC address table learning MAC addresses and populating the MAC address table
You are the network administrator for your company's network. Your network consists of eight Windows Server 2016 computers, 500 Windows 10 client computers, and five UNIX servers. One of your Windows Server 2016 computers is your DNS server. The DNS zone is configured as an Active Directory-integrated zone. The DNS zone is also configured to allow dynamic updates. Users report that although they can access the Windows 10 computers by host name, they cannot access the UNIX servers by host name. What should you do?
Manually enter A (host) records for the UNIX servers in the zone database.
When you initially provisioned the IPAM server running on your Windows Server 2016, you configured it to use the Windows Internal Database (WID) server running on the same system. However, because of the size of your organization's network, you have determined that the IPAM server needs to be configured to use a Microsoft SQL database running on a different server. This will divide up the workload between the two servers and provide better overall performance. To accomplish this, you need to move the existing IPAM database from the WID server on the local computer to the MS SQL database server. Which PowerShell cmdlets should you use to accomplish this task? (Select two. Each answer is a part of the complete solution.)
Move-IpamDatabase Set-IpamDatabase
You would like to implement DirectAccess on our corporate network. Which of the following is not an infrastructure requirement for using DirectAccess?
Network access for files server role
You have purchased a new laptop that runs Windows 10. You want to use DirectAccess to connect the computer to your corporate intranet from home. Your home network is connected to the internet with a single public IP address and NAT. Firewalls between your network and the intranet allow only HTTP and HTTPS traffic. What should you do to configure the laptop for the DirectAccess connection?
Obtain a computer certificate for the laptop.
You manage a network with a main office and one branch office. Each office has its own internet connection, and the offices are connected with a WAN link. All computers in the main office are members of the westsim.private domain. All computers in the branch office are members of the tulsa.westsim.private domain. The DNS1 server in the main office holds a primary zone for the westsim.private domain, while the DNS2 server in the branch office holds the primary zone for the tulsa.westsim.private domain. Clients in the branch office are able to resolve hostnames for the tulsa.westsim.private domain and for all internet hosts. However, they cannot resolve hostnames for hosts in the westsim.private domain. You need to allow hosts in the branch office to resolve names for hosts in the main office while still allowing internet name resolution and minimizing WAN traffic. What should you do?
On DNS2, configure a conditional forwarder for the westsim.private domain to forward all requests to DNS1.
You have created a DFS namespace that is accessed using \\westsim.com\Accounting. The namespace currently has a single folder named Accounting with two targets. You have configured DFS replication so that data is replicated between the two target folders. The content on Srv1 is considered the master folder, with changes only being allowed on that server. Data is replicated to a read-only folder on Srv2. The target folder on Srv1 includes a subfolder named Salaries that includes pay information for all employees. You want to make sure that this folder is not replicated when it is copied to Srv2. What should you do?
On the replicated folder, configure a filter to exclude the Salaries subfolder.
You need to design a network that supports 275 hosts. You want to place all hosts in a single broadcast domain, and you want to make sure you do not waste IP addresses. How should you implement your plan?
Place all hosts on the same subnet. Use a mask of 255.255.240.0.
You need to power a device, such as an access point or IP phone. What protocol can provide power to these devices over an Ethernet cable?
Power over Ethernet (PoE)
You are the network administrator for westsim.com. The network consists of a single domain. All the servers run Windows Server 2016. All the clients run Windows 10. There is a single main office located in New York. A perimeter network separates the main office from the internet. Corporate policy requires that all servers be isolated from the internet. No external clients may directly access internal resources unless the connection is secure. External connections to servers located in the perimeter network are permitted. You plan to implement DirectAccess to support encrypted connections from remote clients to the internal network. A server named RRAS1 will provide DirectAccess connections for the clients. The DirectAccess clients will use IP-HTTPS connections. Certificates for the DirectAccess clients and servers will be issued by an Enterprise root CA named CA1. You need to configure to support DirectAccess clients.
Publish the CA1 Certificate Revocation List (CRL) on a server in the perimeter network.
What is the first action that a DNS client will take when attempting to resolve a single-label name to an IP address?
Query a DNS server for a host name formed by appending the client's primary DNS to the single-label name.
You are the network administrator for corpnet.com. All of your servers run Windows Server 2016. You have a server named IPAM1 that has the IPAM feature installed on it. All of the IP addresses in the address block for the 192.168.0.0/16 network appear to be in use. You suspect that some of the IP addresses are available for use on the network. You need to update the IPAM database to show which IP addresses are available. Which action should you take to accomplish this task?
Right-click the IP Address Ranges and then click Reclaim IP Addresses.
You have a Windows Server 2016 system that you want to use as a DHCP relay agent. Which Windows Server 2016 would you use to make this possible?
Routing and Remote Access
You are the network administrator for corpnet.com. All of the servers run Windows Server 2016. You have installed the IPAM Feature on a server named IPAM1. You configure the server using the Group Policy provisioning method. After gpupdate /force fails, you discover that there are no Group Policy objects related to IPAM in Active Directory. You need to create the relevant GPOs to successfully deploy IPAM in the environment. What should you do?
Run the Invoke-IPAMGPOProvisioning cmdlet.
You manage the network infrastructure for the westsim.com domain. All servers run Windows Server 2016, and all clients run Windows 10. All server and client computers are members of the domain. You have just created a stand-alone DFS root with the namespace name SharedFiles on Srv1. You create a folder in DFS named Reports that points to the 2011-rep shared folder on Srv2. You would like to configure Srv3 to provide redundancy so that data in the shared folder is still accessible, even if Srv2 goes down. What should you do?
Share a folder on Srv3. Add this folder as a target to the Reports folder. Configure DFS replication.
What is used at Layer 2 to prevent switching loops?
Spanning Tree Protocol (STP)
You are configuring the DHCP Relay Agent role on a Windows server. Which of the following is a required step for the configuration?
Specify which server network interface the agent listens on for DHCP messages.
Your ISP has assigned you a Class C IP address with a default subnet mask of 255.255.255.0. You need to create three subnets, meeting the following usable host requirements: • Subnet A = 50 hosts • Subnet B = 15 hosts • Subnet C = 65 hosts Without wasting host addresses, which subnet masks should you use?
SubnetA = 255.255.255.192 SubnetB = 255.255.255.224 SubnetC = 255.255.255.128
You have multiple departments all connected to switches, with cross‐over cables connecting the switches together. However, response time on the network is still very slow because you have upgraded from hubs to switches. What technology should you implement to improve response time on the networks? STP VLANs Convergence OSPF
Switches break up collision domains by default, but the network is still one large broadcast domain. In order to break up broadcast domains in a Layer 2 switched network, you need to create Virtual LANs.
Which of the following statements is true? A switch creates a single collision domain and a single broadcast domain. A router creates a single collision domain. A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain. A switch creates a single collision domain and separate broadcast domains. A router provides a separate broadcast domain as well. A switch creates separate collision domains and separate broadcast domains. A router provides separate collision domains.
Switches break up collision domains, and routers break up broadcast domains.
What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table? Forwards the switch to the first available link Drops the frame Floods the network with the frame looking for the device Sends back a message to the originating station asking for a name resolution
Switches flood all frames that have an unknown destination address. If a device answers the frame, the switch will update the MAC address table to reflect the location of the device.
A workstation configured to use DHCP for IP addressing sends a DHCP Discover frame on the local network segment. The frame is received by the DHCP service running on a Windows Server 2012 R2 system. What happens next?
The DHCP server responds with a DHCP Offer.
Which of the following is a Layer 2 protocol used to maintain a loop‐free network? VTP STP RIP CDP
The Spanning Tree Protocol is used to stop switching loops in a switched network with redundant paths.
You plug a host into a switch port, but the user can't get to the services it needs. What is probably the problem?
The VLAN port membership is set wrong
The main purpose of the Spanning Tree Protocol in a switched LAN
The main purpose of STP is to prevent switching loops in a network with redundant switched paths.
The states of STP
The purpose of the blocking state is to prevent the use of looped paths. A port in the listening state prepares to forward data frames without populating the MAC address table. A port in the learning state populates the MAC address table but doesn't forward data frames. A port in the forwarding state sends and receives all data frames on the bridged port. Last, a port in the disabled state is virtually nonoperational.
You connect a host to a switch port, but the new host cannot log into the server that is plugged into the same switch. What could the problem be? (Choose two.) The router is not configured for the new host. The STP configuration on the switch is not updated for the new host. The host has an invalid MAC address. The switch port the host is connected to is not configured to the correct VLAN membership. The STP shut down the port
The switch port the host is connected to is not configured to the correct VLAN membership. The STP shut down the port Tthe best answers are that the VLAN membership for the port is configured incorrectly and that STP shut down the port.
Which of the following are benefits of VLANs? (Choose three.) They increase the size of collision domains. They allow logical grouping of users by function. They can enhance network security. They increase the size of broadcast domains while decreasing the number of collision domains. They simplify switch administration. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
They allow logical grouping of users by function. They can enhance network security. They increase the number of broadcast domains while decreasing the size of the broadcast domains. VLANs break up broadcast domains in a switched Layer 2 network, which means smaller broadcast domains. They allow configuration by logical function instead of physical location and can create some security if configured correctly.
Which of the following features of a switch will allow two switches to pass network information? PoE VLANs Trunking STP
Trunking allows switches to pass information about many or all VLANs configures on the switches.
What does trunking provide?
Trunking allows you to make a single port part of multiple VLANs at the same time
You are the network administrator for Corpnet.xyz. All of the servers run Windows Server 2016. You have installed the IPAM Feature on a server named IPAM1. You configured the server using the manual provisioning method. After you configured the server, management released a new policy that requires all IPAM servers to be provisioned using Group Policy. You need to change the provisioning method of the IPAM1 server. What should you do?
Uninstall and then reinstall the IPAM feature on IPAM1.
You need to create a domain-based namespace on a Windows Server 2016 server in the westsim.com domain. Which of the following is true concerning this type of namespace? (Select two.)
Users access the namespace using the Active Directory domain name instead of the server name. It can be hosted by multiple namespace servers to increase availability.
Which switching technology reduces the size of a broadcast domain? ISL 802.1Q VLANs STP
Virtual LANs break up broadcast domains in Layer 2 switched internetworks
Which of the following help isolate network traffic? hubs VLANs Repeaters Hosts
Virtual LANs help isolate network traffic by breaking up broadcast domains in a layer‐2 switched network
When is STP said to be converged? (Choose two.) When all ports are in the forwarding state When all ports are in the blocking state When all ports are in the Listening state When all ports are in the Learning state
When all ports are in the forwarding state When all ports are in the blocking state The sequence of steps for STP convergence is, by default, blocking, listening, learning, and forwarding. When all ports are in either the blocking or forwarding state, STP is converged.
You are the network administrator for northsim.com. The network consists of a single Active Directory domain. ALl the servers run Windows Server 2016. All the clients run Windows 10. The northsim.com netowkr has one main office with 1,500 users. There are two domain controllers called DC1 and DC2, as well as several file servers and an application server. DC1 hosts a standard primary zone for the northsim.com domain. DC2 hosts a standard secondary zone for the northsim.com domain. A new corporate security policy requires that all clients perform Secure Dynamic Updates to DNS records. You open the properties of the northsim.com forward lookup zone. The Secure Only option is missing from the Dynamic Updates drop-down combo box. You must ensure that all updates to the northsim.com DNS domain are secure. What should you do?
You should convert the northsim.com zone to an Active Directory-integrated zone.
You manage the network infrastructure for the westsim.com domain. All servers have recently been upgraded to Windows Server 2016, and all clients run Windows 10. All server and client computers are members of the domain. You've implemented a stand-alone DFS solution with Srv1 as the namespace server and Accounting as the namespace root. You created a payroll folder with a target that points to the AccPay shared folder on Srv2. Which UNC path should you use to access data in the AccPay shared folder from a Windows 10 client system?
\\Srv1\Accounting
You are the network administrator for the westsim.com domain. You created a domain-based namespace named PublicFiles with Srv1 as a namespace server. The D:\Data2 shared folder on Srv2 has been shared with a share name of Data. You want to make this share available through DFS using a name of ReportData. Which UNC path should you use to configure the folder target in DFS?
\\Srv2\Data
You need to configure a Cisco RFC 1542-compliant router to forward any received DHCP frames to the appropriate subnet. The address of the remote DHCP server is 172.16.30.1. Which of the following commands would you use to configure the router?
ip helper-address 172.16.30.1
