You are designing a data warehouse hosted on Windows Azure SQL Database. The data warehouse currently includes the dimUser and dimRegion dimension tables and the factSales fact table. The dimUser table contains records for each user permitted to run reports against the warehouse, and the dimRegion table contains information about sales regions.
The system is accessed by users from certain regions, as well as by area supervisors and
users from the corporate headquarters.
You need to design a table structure to ensure that certain users can see sales data for only certain regions. Some users must be permitted to see sales data from multiple regions.
What should you do?
A. For each region, create a view of the factSales table that includes a WHERE clause for the region.
B. Create a userRegion table that contains primary key columns from the dimUser and dimRegion tables.
C. Add a region column to the dimUser table.
D. Partition the factSales table on the region column.
You administer two instances of Microsoft SQL Server 2012. You deploy an application that uses a database on the named instance.
The application is unable to connect to the database on the named instance.
You need to ensure that the application can connect to the named instance.
What should you do?
A. Use the Data Quality Client to configure the application.
B. Start the SQL Server Browser Service.
C. Use the Master Data Services Configuration Manager to configure the application.
D. Start the SQL Server Integration Services Service.
You administer a Microsoft SQL Server database that supports a shopping application.
You need to retrieve a list of customers who live in territories that do not have a sales person.
Which Transact- SQL query or queries should you use? (Each correct answer presents a complete solution. Choose all that apply.)
A. SELECT CustomerID FROM Customer
WHERE TerritoryID <> SOME(SELECT TerritoryID FROM Salesperson)
B. SELECT CustomerID FROM Customer
WHERE TerritoryID <> ALL(SELECT TerritoryID FROM Salesperson)
C. SELECT CustomerID FROM Customer
WHERE TerritoryID <> ANY(SELECT TerritoryID FROM Salesperson)
D. SELECT CustomerID FROM Customer
WHERE TerritoryID NOT IN(SELECT TerritoryID FROM Salesperson)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the IP Address Management (IPAM) Server feature installed. Server2 has the DHCP Server server role installed. A user named User1 is a member of the IPAM Users group on Server1. You need to ensure that User1 can use IPAM to modify the DHCP scopes on Server2. The solution must minimize the number of permissions assigned to User1.
To which group should you add User1?
A. IPAM ASM Administrators on Server1
B. IPAMUG in Active Directory
C. DHCP Administrators on Server2
D. IPAM MSM Administrators on Server1
Sever2 “DHCP Users” group membership is required to modify scopes on Server2 of course DHCP Administrators can proceed these tasks too. From the MSPress book “Upgrading your skills to MCSA Windows Server 2012 R2” IPAM Provisioning IPAM installation sets up various periodic data collection tasks to collect relevant data from managed DNS, DHCP, DC and NPS servers to enable address space management, multiserver management and monitoring and event catalog scenarios. All IPAM tasks launch under the Network Service account, which presents the local computer’s credentials to remote servers. To accomplish this, administrators must enable read access and security permissions for the required resources over managed servers for the IPAM server’s computer account. Further the relevant firewall ports need to be configured on these managed servers. IPAM Access Settings The following table provides a mapping of the IPAM functionality and managed server role type to access setting and FW rule required by IPAM periodic tasks
IPAM Access Monitoring
IPAM access monitoring tracks the provisioning state of the following statuses on the server roles, which are displayed in the details pane of the IPAM server inventory view
An organization uses an Active Directory Rights Management Services (AD RMS) cluster named RMS1 to protect content for a project. You uninstall AD RMS when the project is complete. You need to ensure that the protected content is still available after AD RMS is uninstalled.
Solution: You add the backup service account to the SuperUsers group and back up the protected content. Then, you restore the content to a file server and apply the required NTFS permissions to the files.
Does this meet the goal?
You need to recommend a remote access solution that meets the VPN requirements.
Which role service should you include in the recommendation?
B. Network Policy Server
C. DirectAccess and VPN (RAS)
D. Host Credential Authorization Protocol
A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.
Ensure that NAP with IPSec enforcement can be configured.
Network Policy Server
Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for client health, connection request authentication, and connection request authorization. In addition, you can use NPS as a Remote Authentication Dial-In User Service (RADIUS) proxy to forward connection requests to a server running NPS or other RADIUS servers that you configure in remote RADIUS server groups. NPS allows you to centrally configure and manage network access authentication, authorization, are client health policies with the following three features: RADIUS server. NPS performs centralized authorization, authorization, and accounting for wireless, authenticating switch, remote access dial-up and virtual private network (VNP) connections. When you use NPS as a RADIUS server, you configure network access servers, such as wireless access points and VPN servers, as RADIUS clients in NPS. You also configure network policies that NPS uses to authorize connection requests, and you can configure RADIUS accounting so that NPS logs accounting information to log files on the local hard disk or in a Microsoft SQL Server database.
Reference: Network Policy Server
You have a server named Server1 that runs Windows Server 2012 R2 and uses Windows Server Backup.
You need to identify whether the backups performed on Server1 support bare metal recovery.
Which cmdlet should you run?
Get-OBMachineSetting is for Azure Backup, question asks about Windows Backup
GetWBVSSBackupOption cmdlet doesn’t exist
Get-WBPolicy is for Windows Backup
Get-OBPolicy is for Azure Backup, question asks Windows Backup (https://technet.microsoft.com/en-us/library/Ee706650.aspx)
Your network contains a single Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
The domain contains 400 desktop computers that run Windows 8 and 10 desktop computers that run Windows XP Service Pack 3 (SP3). All new desktop computers that are added to the domain run Windows 8.
All of the desktop computers are located in an organizational unit (OU) named OU1.
You create a Group Policy object (GPO) named GPO1. GPO1 contains startup script settings. You link GPO1 to OU1.
You need to ensure that GPO1 is applied only to computers that run Windows XP SP3.
What should you do?
A. Create and link a WML filter to GPO1
B. Run the Set-GPInheritance cmdlet and specify the -target parameter.
C. Run the Set-GPLink cmdlet and specify the -target parameter.
D. Modify the Security settings of OU1.
Section: Volume B
WMI Filtering is used to get information of the system and apply the GPO on it with the condition is met.
Security filtering: apply a GPO to a specific group (members of the group)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server 2012. You create a group Manged Service Account named gservice1. You need to configure a service named Service1 to run as the gservice1 account. How should you configure Service1?
A. From a command prompt, run sc.exe and specify the config parameter.
B. From Windows PowerShell,run Set-Service and specify the -PassThrough parameter
C. From Windows PowerShell,run Set-Service and specify the -StartupType parameter
D. From Services Console configure the General settings
You are the Office 365 administrator for your company.
The company uses Office 365 ProPlus and has multiple Microsoft SharePointOnline sites.
The company recently started a project that requires employees to collaborate with external users on the development of a set of documents that are stored in a team site. You need to ensure that external users can access and edit the documents without affecting the security of other content.
What should you do?
A. Create a new SharePoint team site and share it by using the Share function and adding the external users to the Visitors group.
B. Create a new SharePoint team site and share it by using the Share function and adding the external users to the Contributors group.
C. Share the existing SharePoint team site by using the Share function and adding the external users to the Visitors group.
D. Share the existing SharePoint team site by using the Share function and adding the external users to the Contributors group.