Topic: Manage and monitor server environments
Your network includes a server called Server1. Server1 has the Windows Server 2016 operating system and the IP Address Management Server (IPAM) feature installed.
You must change the GPO prefix that IPAM uses.
What do you do?
Answer: Run the Set-IpamConfiguration cmdlet.
Your network includes an Active Directory overall structure called cybercop-training.ch. The overall structure includes a single domain with four domain controllers. The Windows Server 2016 operating system is installed on all domain controllers.
You must determine which domain controller is running the Schemamaster operation master role.
1: You run the netdom query fsmo command.
Does the procedure meet your goal?
Your network includes an Active Directory domain services (AD DS) domain called cybercop-training.ch. The domain contains a server named Server1. Server1 has the Windows Server 2016 operating system installed.
You install the IP address management server (IPAM server) feature on Server1. You select the Group Policy-based deployment method and specify a prefix for the IPAM GPOs.
You must configure the environment for automatic server discovery.
What cmdlet are you running?
Invoke-IpamGpoProvisioning -Domain "cybercop-training.ch" -GpoPrefixName "IPAM1"
Your network includes a complete Active Directory structure called cybercop-training.ch. The overall structure contains a member server with the name Server1. The Windows Server 2016 operating system is installed on Server1. Server1 is located in the company’s area network.
You install the Active Directory network services (AD FS) on Server1. You create a federated server farm and use a certificate with the common name sts.certbase.de.
You must enable certificate-based authentication for Internet clients.
Which two incoming TCP ports do you open on the firewall?
Answer: Port 443 and Port 49443
Your network includes an Active Directory domain services (AD DS) domain called certbase.de. The domain contains a DNS server named Server1.
You enable the Response Rate Limiting (RRL) security feature on Server1.
You must prevent Response Rate Limiting (RRL) from being applied to hosts on the 10.0.0.0/24 subnet.
What cmdlets do you run?
You are deploying DirectAccess (DA) on a server named DA1. DA1 is behind a firewall and has a single network adapter. DA1 uses Internet Protocol version 4 (IPv4) to communicate with clients.
You must configure the firewall to support DirectAccess.
What firewall rules do you create for network communication with DA1?
Teredo traffic: UDP 3544
6to4 data traffic: IP protocol ID 41
IP-HTTPS: TCP 443
Your network includes multiple Hyper-V servers that provide 50 Web servers, 10 Microsoft SQL Server servers, 10 file servers, and eight domain controllers.
You need to design a virtual machine backup solution. Your solution must meet the following requirements:
All servers must be backed up.
The solution must provide centralized management of backups.
The solution must enable application-level backups.
The solution must support bare-metal recovery (BMR).
Answer: Microsoft Azure Backup Server
You have a file server with the name Server1. Server1 is running Windows Server 2016. Server1 is configured to monitor object access attempts.
You must filter the Security event log to see all log entries that refer to a user named User1.
What do you do?
Answer: Click with the right mouse button on the security log and then on «Filter current log…». In the «Filter current log» dialog, enter a value in the User field.
You have a server called Server1. Server1 runs the Windows Server 2016 operating system.
An application named App1 is installed on Server1. App1 writes entries to the application log if errors occur. The events have IDs 111 or 112.
You must restart the service each time one of these events is logged.
What do you do?
Answer: Use the Create Task… action in task scheduling and create a task that contains triggers for both event IDs.