01. You want to test DANE and TLSA records in your testing environment. You want to use only certificates that do not have to be signed by a valid CA. Which value should you use for the Certificate Usage parameter when you create your TLSA records with the PowerShell cmdlet Add-DnsServerRecourseRecord?
a) Service Certificate Constraint
b) Domain Issued Certificates
d) TrustAnchor Assertion
02. What are two core functionalities of DANE?
a) Enables you to specify which CA is allowed to issue certificates for a resource
b) Authenticates TLS client and server entities without a Certificate Authority
c) Improves DNS response performance from Windows Server 2016 DNS servers
d) Simplifies certificate validation in a mixed IPv4/IPv6 environment
03. You want to configure your Windows Server 2016 VPN server so that only EAP authentication protocol connections are allowed. Which PowerShell cmdlet can you use to verify which user authentication protocols your VPN server accepts?
04. Your Windows Server 2016 NPS server works as a RADIUS server. It stops processing connection requests and prevents users from accessing network resources. The NPS server is configured to use local NPS log files. Which configuration can prevent such problems?
a) Keep NPS log files separate from the system partition.
b) Use an NPS replica server.
c) Use a RADIUS server group.
d) Use SQL logging instead of NPS log files.
05. Which command do you have use if you want to use the BranchCache feature for your application server?
a) Install-WindowsFeature BranchCache, BITS
b) Install-WindowsFeature BranchCache
c) Install-WindowsFeature BranchCache, FS-BranchCache
d) Install-WindowsFeature BranchCache, FS-Data-Deduplication
06. You manage a domain named pearson.com. You have a Windows Server 2016 DHCP server named DHCP1 and you want to implement DHCP failover with hot standby mode. You want to choose DHCP2, which is a Windows Server 2016 Nano Server, as a partner server. Which changes must you make so that you can use DHCP2 as a DHCP failover replication partner for DHCP1?
a) Authorize DHCP server DHCP2 in ADDS
b) Add DHCP server DHCP2 to the domain pearson.com
c) Replace DHCP2 with a Windows Server 2016 Datacenter server
d) Install the DHCP server role on DHCP2 and authorize DHCP2
07. You need to import 50 IP addresses from the network 188.8.131.52/24 into your IPAM database through a CSV file named addresses.csv. The CSV file contains data for a field named Division. Which configuration steps should you perform?
a) Use Add-IPAMCustomField to create the Division field.
b) Use Format-Custom to prepare the Division field.
c) Use Add-IPAMCustomValue to add values to Division.
d) Use Import-IPAMAddress to import from addresses.csv.
e) Use Import-IpamSubnet to import from addresses.csv.
f) Use Import-IpamRange to import from addresses.csv.
g) Ensure that the RIR field and values are available in addresses.csv.
08. On which object can you configure a persistent site-to-site VPN connection?
a) Connection Request Policy on the answering router
b) Connection Request Policy on the calling router
c) Network Policy on the answering router
d) Network Policy on the calling router
09. You use the New Domain setting in the DNS Manager to create a subdomain named USA under the existing zone pearson.com. The subdomain is not displayed in the IPAM configuration console under Forward Lookup. The zone pearson.com is displayed with a green bullet. You also want to display the subdomain in the IPAM configuration console. What configuration do you need so that the subdomain usa.pearson.com is displayed in the IPAM configuration console under Forward Lookup?
a) Remove the subdomain and use New Delegation in the DNS Manager to create the usa.pearson.com zone.
b) Remove the subdomain, select the DNS server in the DNS and DHCP Servers list, and use Create DNS Zone to create the usa.pearson.com zone.
c) Select pearson.com, Reset Zone Status, and then Retrieve Server Data.
d) Remove the subdomain and create usa.pearson.com with the New Zone Wizard in the DNS Manager.
10. You have established a P2S connection to your Azure VNet. You want to verify the gateway IP address through which the P2S network traffic flows. Which command can you use?