MCSA Networking with Windows Server 2016 v1.0

HOTSPOT -
You have a network address translation (NAT) server named NAT1 that has an external IP address of 131.107.50.1 and an internal IP address of 10.0.0.1.
You deploy a new server named Web1 that has an IP address of 10.0.0.211.
A remote server named app.fabrikam.com has an IP address of 131.107.1.232.
You need to make Web1 accessible to app.fabrikam.com through NAT1.
What command should you run from NAT1? To answer, select the appropriate options in the answer area.
Hot Area:

Your network contains multiple wireless access points (WAPs) that use WPA2-Personal authentication. The network contains an enterprise root certification authority (CA).
The security administrator at your company plans to implement WPA2-Enterprise authentication on the WAPs.
To support the authentication change, you deploy a server that has Network Policy Server (NPS) installed.
You need to configure NPS to authenticate the wireless clients.
What should you do on the NPS server?

Your company has 5,000 users who work remotely.
You have 40 VPN servers that host the remote connections for the users.
You plan to deploy a RADIUS solution that contains five RADIUS servers.
You need to ensure that client authentication requests are distributed evenly between the five RADIUS servers.
What should you do?

Your network contains an Active Directory forest named contoso.com. The functional level of the forest is Windows Server 2012.
The forest contains five domain controllers and five VPN servers that run Windows Server 2016.
Five hundred users connect to the VPN servers daily.
You need to configure a new server named Server1 as a RADIUS server.
What should you do first?

Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and litwareinc.com.
Your company recently deployed DirectAccess for the members of a group named DA_Computers. All client computers are members of DA_Computers.
You discover that DirectAccess clients can access the resources located in the contoso.com domain only. The clients can access the resources in the litwareinc.com domain by using an L2TP VPN connection to the network.
You need to ensure that the DirectAccess clients can access the resources in the litwareinc.com domain.
What should you do?

You have a server named Server1 that runs Windows Server 2016. Server1 is located on the perimeter network, and only inbound TCP port 443 is allowed to connect Server1 from the Internet.
You install the Remote Access server role on Server1.
You need to configure Server1 to accept VPN connections over port 443.
Which VPN protocol should you use?

You have an Active Directory domain named Contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2016.
You install the Remote Access server role on Server1. You install the Network Policy and Access Services server role on Server2.
You need to configure Server1 to use Server2 as a RADIUS server.
What should you do?

Your company has a main office in London. The company has 1,000 users who are located in many countries.
You plan to deploy a large remote access solution for the company.
The London office has three servers named Server1, Server2, and Server3 that run Windows Server 2016.
You plan to use Server1 as a VPN server, Server2 as a RADIUS proxy, and Server3 as a RADIUS server.
You need to configure Server2 to support the planned deployment.
Which three actions should you perform on Server2? Each correct answer presents part of the solution.

You have a server named Host1 that runs Windows Server 2016.
You configure Host1 as a virtualization host and create 20 new virtual machines on Host1.
You need to ensure that all of the virtual machines can connect to the Internet through Host1.
Which three actions should you perform? Each correct answer presents part of the solution.

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a DHCP server named Server1 that has three network cards. Each network card is configured to use a static IP address. Each network card connects to a different network segment.
Server1 has an IPv4 scope named Scope1.
You need to ensure that Server1 only uses one network card when leasing IP addresses in Scope1.
What should you do?

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a DHCP server named Server1 that has three network cards. Each network card is configured to use a static IP address.
You need to prevent all client computers that have physical addresses beginning with 98-5F from leasing an IP address from Server1.
What should you do?

Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series. Information and details provided in a question apply only to that question.
You have a DHCP server named Server1 that has an IPv4 scope named Scope1.
Users report that when they turn on their client computers, it takes a long time to access the network.
You validate that it takes a long time for the computers to receive an IP address from Server1.
You monitor the network traffic and discover that Server1 issues five ping commands on the network before leasing an IP address.
You need to reduce the amount of time it takes for the computers to receive an IP address.
What should you do?

Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Your network contains an Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2012.
The network uses an address space of 192.168.0.0/16 and contains multiple subnets.
The network is not connected to the Internet.
The domain contains three servers configured as shown in the following table.

Client computers obtain TCP/IP settings from Server3.
You add a second network adapter to Server2. You connect the new network adapter to the Internet. You install the Routing role service on Server2.
Server1 has four DNS zones configured as shown in the following table.


You need to ensure that when a computer is removed from the network, the associated records are deleted automatically after 15 days.
Which two actions should you perform? Each correct answer presents part of the solution.

Note: This question is part of a series of questions that use the same scenario. For your convenience, the scenario is repeated in each question. Each question presents a different goal and answer choices, but the text of the scenario is exactly the same in each question in this series.

Your network contains an Active Directory domain named contoso.com. The functional level of the domain is Windows Server 2012.
The network uses an address space of 192.168.0.0/16 and contains multiple subnets.
The network is not connected to the Internet.
The domain contains three servers configured as shown in the following table.

Client computers obtain TCP/IP settings from Server3.
You add a second network adapter to Server2. You connect the new network adapter to the Internet. You install the Routing role service on Server2.
Server1 has four DNS zones configured as shown in the following table.


What should you do to enable Server2 as a NAT server?