Realistic 70-742 Braindumps 2021

Master the content and be ready for exam day success quickly with this . We guarantee it!We make it a reality and give you real in our Microsoft 70-742 braindumps. Latest 100% VALID at below page. You can use our Microsoft 70-742 braindumps and pass your exam.

Free demo questions for Microsoft 70-742 Exam Dumps Below:

NEW QUESTION 1
Your network contains an Active Directory domain named contoso.com. The domain contains a user named User1, a group named Group1, and an organizational unit (OU) named OU1.
You need to enable user1 to link Group Policies to OU1.
Solution: From Active Directory Users and Computers, you add User1 to the Group Policy Creator owners group.
Does this meet the goal?

  • A. Yes
  • B. NO

Answer: AB

Explanation: http://www.itprotoday.com/management-mobility/what-group-policy-creator-owners-group

NEW QUESTION 2
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. A user named User1 is in an organizational unit (OU) named OU1.
You are troubleshooting a folder access issue for User1.
You need a list of groups to which User1 is either a direct member or an indirect member. Solution: You run Get-ADUser –Identity User1 –Property MemberOf.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation: The Get-ADUser cmdlet does not include the MemberOf property. The command above is, therefore, not valid.
References:
https://docs.microsoft.com/en-us/powershell/module/addsadministration/get-aduser?view=win10-ps

NEW QUESTION 3
Your network contains an Active Directory domain.
You have a user account that is a member if the Domain Admins group.
You have 100 laptops that have a standard corporate image installed. The laptops are in workgroups and have random names.
A technician named Tech1 is assigned the task of joining the laptops to the domain. The computer accounts of each laptop must be in an organizational unit (OU) that is associated to the department of the user who will use the laptop. The laptop names must start with four characters indicating the department, followed by a fourdigit number.
Tech1 is a member of the Domain Users group only. Tech1 has the administrator logon credentials for all the laptops.
You need Tech1 to join the laptops to the domain. The solution must ensure that the laptops are named correctly, and the computer accounts of the laptops are in the correct OUs.
Solution: You pre-create the computer account of each laptop in Active Directory Users and Computers.
You instruct Tech1 to sign in to each laptop, to rename each laptop, and then to join each laptop to the domain by using System in Control Panel.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 4
You create a user account that will be used as a template for new user accounts.
Which setting will be copied when you copy the user account from Active Directory Users and Computers?

  • A. Published Certificates
  • B. the Member of attribute
  • C. the Office attribute
  • D. the Description attribute

Answer: B

NEW QUESTION 5
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You deploy a new Active Directory forest.
You need to ensure that you can create a group Managed Service Account (gMSA) for multiple member servers.
Solution: You configure Kerberos constrained delegation on the computer account of each domain controller. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 6
You deploy a new certification authority (CA) to a server that runs Windows Server 2021. You need to configure the CA to support recovery of certificates.
What should you do first?

  • A. Modify the extensions of the OCSP Response Signing template
  • B. Modify the Recovery Agents settings from the properties of the CA.
  • C. Assign the Request Certificates permission to the user account that will be responsible for recovering certificates.
  • D. Configure the Key Recovery Agent template as a certificate template to issue.

Answer: A

NEW QUESTION 7
Your network contains an Active Directory domain named contoso.com.
The user account for a user named User1 is in an organizational unit (OU) named OU1. You need to enable User1 to sign in as user1@adatum.com.
Solution: From Active Directory Domains and Trusts, you configure an alternative UPN suffix, From Active Directory Administrative Center, you configure the User UPN logon property of User1.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: A

NEW QUESTION 8
Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2021.
You need to create a snapshot of the Active Directory database on DC1. Which tool should you use?

  • A. Dsadd quota
  • B. Dsmod
  • C. Active Directory Administrative Center
  • D. Dsacls
  • E. Dsmain
  • F. Active Directory Users and Computers
  • G. Ntdsutil
  • H. Group Policy Management Console

Answer: E

NEW QUESTION 9
Your network contains an Active Directory forest. The forest contains a domain named contoso.com. The domain contains three domain controllers.
A domain controller named lon-dc1 fails. You are unable to repair lon-dc1.
You need to prevent the other domain controllers from attempting to replicate to lon-dc1.
Solution: From Active Directory Domains and Trusts, you transfer the operations master roles from lon-dc1. Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

NEW QUESTION 10
Your network contains an Active Directory domain named adatum.com. The domain contains a security group named G_Research and an organizational unit (OU) named OU_Research.
All the users in the research department are members of G_Research and their user accounts are in OU_Research.
You need to ensure that all the research department users change their password every 28 days and enforce a complex password that is 12 characters long.
What should you do?

  • A. From a Group Policy Management, create and link a Group Policy object (GPO) to OU_Research.Modify the password policy in the GPO.
  • B. From a Group Policy Management, create and link a Group Policy object (GPO) to the domai
  • C. Modify the password policy in the GP
  • D. Filter the GPO to apply to G_Research only.
  • E. From Active Directory Users and Computers, modify the properties of the Password Settings Container.
  • F. From Active Directory Administrative Center, create a new Password Settings object (PSO).

Answer: D

NEW QUESTION 11
You have users that access web applications by using HTTPS. The web applications are located on the servers in your perimeter network. The servers use certificates obtained from an enterprise root certification authority (CA). The certificates are generated by using a custom template named WebApps. The certificate revocation list (CRL) is published to Active Directory.
When users attempt to access the web applications from the Internet, the users report that they receive a revocation warning message in their web browser. The users do not receive the message when they access the web applications from the intranet.
You need to ensure that the warning message is not generated when the users attempt to access the web applications from the Internet.
What should you do?

  • A. Install the Certificate Enrollment Web Service role service on a server in the perimeter network.
  • B. Modify the WebApps certificate template, and then issue the certificates used by the web application servers.
  • C. Install the Web Application Proxy role service on a server in the perimeter networ
  • D. Create a publishing point for the CA.
  • E. Modify the CRL distribution point, and then reissue the certificates used by the web application servers.

Answer: C

NEW QUESTION 12
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com. The forest contains a member server named Server1 that runs Windows Server 2021. All domain controllers run Windows Server 2012 R2.
Contoso.com has the following configuration. PS C:> (Get-ADForest).ForestMode Windows2008R2Forest
PS C:> (Get-ADDomain).DomainMode
Windows2008R2Domain PS C:>
You plan to deploy an Active Directory Federation Services (AD FS) farm on Server1 and to configure device registration.
You need to configure Active Directory to support the planned deployment. Solution: You upgrade a domain controller to Windows Server 2021.
Does this meet the goal?

  • A. Yes
  • B. No

Answer: B

Explanation: Device Registration requires Windows Server 2012 R2 forest schema.

NEW QUESTION 13
Your network contains an Active Directory forest. The forest contains two domains named litwareinc.com and contoso.com. The contoso.com domain contains two domain controllers named LON-DC01 and LON-DC02. The domain controllers are located in a site named London that is associated to a subnet of 192.168.10.0/24.
You discover that LON-DC02 is not a global catalog server. You need to configure LON-DC02 as a global catalog server.
What should you do?

  • A. From Active Directory Sites and Services, modify the NTDS Settings object of the London site.
  • B. From Windows Power Shell, run the Enable-ADOptionalFeature cmdlet.
  • C. From the properties of the LON-DC02 computer account in Active Directory Users and Computers modify the NTDS settings.
  • D. From the properties of the LON-DC02 computer account in Active Directory Users and Computers, modify the City attribute.

Answer: C

NEW QUESTION 14
Your network contains an Active Directory domain named contoso.com.
You have an organizational unit (OU) named TestOU that contains test computers.
You need to enable a technician named Tech1 to create Group Policy objects (GPOs) and to link the GPOs to TestOU. The solution must use the principle of least privilege.
Which two actions should you perform? Each correct answer presents part of the solution.

  • A. Add Tech1 to the Group Policy Creator Owners group.
  • B. From Group Policy Management, modify the Delegation settings of the TestOU OU.
  • C. Add Tech1 to the Protected Users group.
  • D. From Group Policy Management, modify the Delegation settings of the contoso.com container.
  • E. Create a new universal security group and add Tech1 to the group.

Answer: AB

NEW QUESTION 15
Your network contains an Active Directory domain named contoso.com.
You need to view a list of all the domain user accounts that are enabled. But whose users have not signed in during the last 30 days.
Which command should you run? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
70-742 dumps exhibit

    Answer:

    Explanation: 70-742 dumps exhibit

    NEW QUESTION 16
    You are deploying a web application named WebApp1 to your internal network. WebApp1 is hosted on a server named Web1 that runs Windows Server 2021.
    You deploy an Active Directory Federation Services (AD FS) infrastructure and a Web Application Proxy to provide access to WebApp1 for remote users.
    You need to ensure that Web1 can authenticate the remote users. What should you do?

    • A. Publish WebApp1 by using pass-through preauthentication.
    • B. Publish WebApp 1 as a Remote Desktop Gateway (RD Gateway) application in the Web Application Proxy.
    • C. Publish WebApp1 by using AD FS preauthentication.
    • D. Publish WebApp1 by using client certificate preauthentication.

    Answer: A

    NEW QUESTION 17
    Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
    Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named Server1.
    You recently restored a backup of the Active Directory database from Server1 to an alternate Location. The restore operation does not interrupt the Active Directory services on Server1.
    You need to make the Active Directory data in the backup accessible by using Lightweight Directory Access Protocol (LDAP).
    Which tool should you use?

    • A. Dsadd quota
    • B. Dsmod
    • C. Active Directory Administrative Center
    • D. Dsacls
    • E. Dsamain
    • F. Active Directory Users and Computers
    • G. Ntdsutil
    • H. Group Policy Management Console

    Answer: E

    NEW QUESTION 18
    Your network contains an Active Directory domain named contoso.com. Domain users use smart cards to sign in to their client computer.
    Some users report that it takes a long time to sign in to their computer and that the logon attempt times out, so they must restart the sign in process.
    You discover that the issues to checking the certificate revocation list (CRL) of the smart card certificates. You need to resolve the issue without diminishing the security of the smart card logons.
    What should you do?

    • A. From the properties of the smart card's certificate template, modify the Request Handling settings.
    • B. From the properties of the smart card's certificate template, modify the Issuance Requirements settings.
    • C. Deactivate certificate revocation checks on the computers.
    • D. Implement an Online Certification Status Protocol (OCSP) responder.

    Answer: D

    NEW QUESTION 19
    Your network contains an Active Directory domain named contoso.com. The domain contains a member
    server named Server1 that runs Windows Server 2021.
    Server1 has IP Address Management (IPAM) installed. IPAM uses a Windows Internal Database. You install Microsoft SQL Server on Server1.
    You plan to move the IPAM database to SQL Server.
    You need to create a SQL Server login for the IPAM service account.
    For which user should you create the login? To answer, select the appropriate options in the answer area.
    70-742 dumps exhibit

      Answer:

      Explanation: References:
      https://blogs.technet.microsoft.com/yagmurs/2014/07/31/moving-ipam-database-from-windows-internal-databas

      100% Valid and Newest Version 70-742 Questions & Answers shared by Surepassexam, Get Full Dumps HERE: https://www.surepassexam.com/70-742-exam-dumps.html (New 222 Q&As)