Your network contains an Active Directory forest named contoso.com. The forest contains several domains.
An administrator named Admin01 installs Windows Server 2016 on a server named Server1 and then joins Server1 to the contoso.com domain.
Admin01 plans to configure Server1 as an enterprise root certification authority (CA).
You need to ensure that Admin01 can configure Server1 as an enterprise CA. The solution must use the principle of least privilege.
To which group should you add Admin01?
A. Server Operators in the contoso.com domainYour network contains an Active Directory domain named contoso.com.
The domain contains five domain controllers.
You have a branch office that has a local support technician named Tech1.
Tech1 installs Windows Server 2016 on a server named RODC1 in a workgroup.
You need Tech1 to deploy RODC1 as a read-only domain controller (RODC) in the contoso.com domain.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Instruct Tech1 to run the Active Directory Domain Services Configuration Wizard.Your network contains an Active Directory domain. The domain contains the servers shown in the following table.

You have a server named WebServer2 in a workgroup. WebServer2 has the Web Server (IIS) server role installed. You plan to deploy a Web Application Proxy to provide preauthentication for HTTP Basic application publishing to allow users
to connect to mailboxes by using Exchange ActiveSync.
You need to install the Web Application Proxy role service. The solution must minimize the attack surface.
On which server should you install the role service?
A. WebServer2HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains an administrative workstation named WKS1 that runs Windows 10.
You have a Group Policy object (GPO) named GPO1.
You download a custom administrative template that contains the following files:
App1.admx App1.adml You need to ensure that you can configure GPO1 by using the settings in the new administrative template.
To where should you copy each file? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Hot Area:

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains the Active Directory forests and domains shown in the following table:

A two-way forest trust exists between ForestA and ForestB.
Each domain in ForestB contains user accounts that are used to manage servers.
You need to ensure that the user accounts used to manage the servers in ForestB are members of the Server Operators in ForestA.
Solution: In each domain in ForestB, you create a global group that contains the user accounts of the respective domain. You create a universal group in DomainBRoot. You add the new global groups to the new universal group. You modify
the membership of the Server Operators in ForestA.
Does this meet the goal?
A. YesNote: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series.
Information and details provided in a question apply only to that question.
Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012 R2.
You need to ensure that a domain administrator can recover a deleted Active Directory object quickly.
Which tool should you use?
A. Dsadd quotaNote: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen. Your network contains an Active Directory forest. The forest contains a domain named
contoso.com. The domain contains three domain controllers.
A domain controller named lon-dc1 fails. You are unable to repair lon-dc1.
You need to prevent the other domain controllers from attempting to replicate to lon-dc1.
Solution: From Active Directory Users and Computers, you remove the computer account of lon-dc1.
Does this meet the goal?
A. YesNote: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while
others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com.
The user account for a user named User1 is in an organizational unit (OU) named OU1.
You need to enable User1 to sign in as [email protected].
Solution: From Windows PowerShell, you run
Set-ADObject 'CN=User1,OU=OU1,DC=Contoso,DC=com'
–Add @{UserPrincipalName='[email protected]'}
–Remove @ {UserPrincipalName='[email protected]'}.
Does this meet the goal?
A. YesYour network contains an Active Directory domain named contoso.com.
You plan to deploy a new Active Directory Rights Management Services (AD RMS) cluster on a server named Server1.
You need to create the AD RMS service account. The solution must use the principle of least privilege.
What should you do?
A. Create a local user account on Server1 and add the account to the Administrators group on Server1.Your company has multiple branch offices.
The network contains an Active Directory domain named contoso.com.
In one of the branch offices, a new technician is hired to add computers to the domain.
After successfully joining multiple computers to the domain, the technician fails to join any more computers to the domain.
You need to ensure that the technician can join an unlimited number of computers to the domain.
What should you do?
A. Configure the technician's user account as a manager service account.Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-742 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.