1. Home
  2. Microsoft
  3. 70-742

Microsoft 70-742 Online Practice Questions and Exam Preparation

70-742 Exam Details

  • Exam Code
    :70-742
  • Exam Name
    :Identity with Windows Server 2016
  • Certification
    :Microsoft Certifications
  • Vendor
    :Microsoft
  • Total Questions
    :289 Q&As
  • Last Updated
    :Feb 07, 2022

Microsoft 70-742 Online Questions & Answers

  • Question 101:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    You deploy a new Active Directory forest.

    You need to ensure that you can create a group Managed Service Account (gMSA) for multiple member servers.

    Solution: You configure Kerberos constrained delegation on the computer account of each domain controller.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 102:

    You network contains one Active Directory domain named adatum.com.

    The domain contains a DNS server named Server1 that runs Windows Server 2016.

    All domain computers use Server1 for DNS.

    You sign adatum.com by using DNSSEC.

    You need to configure the domain computers to validate DNS responses for adatum.com records.

    What should you configure in Group Policy?

    A. Network List Manager Policies
    B. Network Access Protection (NAP)
    C. Name Resolution Policy
    D. Public Key Policy

  • Question 103:

    Note: This question is part of a series of questions that use the same or similar answer choices. An answer choice may be correct for more than one question in the series. Each question is independent of the other questions in this series.

    Information and details provided in a question apply only to that question.

    Your network contains an Active Directory domain named contoso.com. The domain contains 5,000 user accounts.

    You have a Group Policy object (GPO) named DomainPolicy that is linked to the domain and a GPO named DCPolicy that is linked to the Domain Controllers organizational unit (OU).

    You need to use the application control policy settings to prevent several applications from running on the network.

    What should you do?

    A. From the Computer Configuration node of DCPolicy, modify Security Settings.
    B. From the Computer Configuration node of DomainPolicy, modify Security Settings.
    C. From the Computer Configuration node of DomainPolicy, modify Administrative Templates.
    D. From the User Configuration node of DCPolicy, modify Security Settings.
    E. From the User Configuration node of DomainPolicy, modify Folder Redirection.
    F. From user Configuration node of DomainPolicy, modify Administrative Templates.
    G. From Preferences in the User Configuration node of DomainPolicy, modify Windows Settings.
    H. From Preferences in the Computer Configuration node of DomainPolicy, modify Windows Settings.

  • Question 104:

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2016.

    You install IP Address Management (IPAM) on Server1.

    You select the automatic provisioning method, and then you specify a prefix of IPAM1.

    You need to configure the environment for automatic IPAM provisioning.

    Which cmdlet should you run? To answer, select the appropriate options in the answer area.

    Hot Area:

  • Question 105:

    Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 and a domain controller named DC1. Both servers run Windows Server 2016. Server1 is used to perform administrative tasks, including managing Group Polices.

    After maintenance is performed on DC1, you open a Group Policy object (GPO) from Server1 as shown in the exhibit.

    You need to be able to view all of the Administrative Templates settings in GPO1. What should you do?

    A. From File Explorer, copy the administrative templates from \\contoso.com\SYSVOL\contoso.com\Policies to the PolicyDefinitions folder on Server1.
    B. From File Explorer, delete \\contoso.com\SYSVOL\contoso.com\Policies\PolicyDefinitions.
    C. From File Explorer, delete the PolicyDefinitions folder from Server1.
    D. From Group Policy Management, configure WMI Filtering for GPO1.

  • Question 106:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2.

    DC1 holds the RID master operations role. DC1 fails and cannot be repaired. You need to move the RID role to DC2.

    Solution: On DC2, you open the command prompt, run ntdsutil.exe, connect to DC2, and use the Transfer RID master option.

    Does this meet the goal?

    A. Yes
    B. No

  • Question 107:

    HOTSPOT

    Your network contains a single-domain Active Directory forest named contoso.com. The forest functional level is Windows Server 2016.

    You plan to create and link a Group Policy object (GPO) named GPO1 will contain user settings only.

    You plan to apply GPO1 only to users who are members of a group named Group1.

    You need to ensure that GPO1 only applies to the members of Group1. The solution must use the principle of least privilege.

    What should you configure? To answer, select the appropriate options in the answer area.

    NOTE: Each correct selection is worth one point.

    Hot Area:

  • Question 108:

    Your network contains an Active Directory forest named contoso.com.

    Your company has a custom application named ERP1. ERP1 uses an Active Directory Lightweight Directory Services (AD LDS) server named Server1 to authenticate users.

    You have a member server named Server2 that runs Windows Server 2016. You install the Active Directory Federation Services (AD FS) server role on Server2 and create an AD FS farm.

    You need to configure AD FS to authenticate users from the AD LDS server.

    Which cmdlets should you run? To answer, select the appropriate options in the answer area.

    Hot Area:

  • Question 109:

    You have a server named Server1 that runs Windows Server 2016. Server1 has the Web Application Proxy role service installed. You are publishing an application named App1 that will use Integrated Windows authentication as shown in the following graphic.

    Use the drop-down menus to select the answer area choice that completes each statement based on the information presented in the graphic.

    Hot Area:

  • Question 110:

    Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

    others might not have a correct solution.

    After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

    Your network contains an Active Directory domain.

    You have a user account that is a member of the Domain Admins group.

    You have 100 laptops that have a standard corporate image installed. The laptops are in workgroups and have random names.

    A technician named Tech1 is assigned the task of joining the laptops to the domain. The computer accounts of each laptop must be in an organizational unit (OU) that is associated to the department of the user who will use the laptop. The

    laptop names must start with four characters indicating the department, followed by a four-digit number.

    Tech1 is a member of the Domain Users group only. Tech1 has the administrator logon credentials for all the laptops.

    You need Tech1 to join the laptops to the domain. The solution must ensure that the laptops are named correctly, and the computer accounts of the laptops are in the correct OUs.

    Solution: You pre-create the computer account of each laptop in Active Directory Users and Computers.

    You instruct Tech1 to sign in to each laptop, to rename each laptop, and then to join each laptop to the domain by using System in Control Panel.

    Does this meet the goal?

    A. Yes
    B. No

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Microsoft exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 70-742 exam preparations and Microsoft certification application, do not hesitate to visit our Vcedump.com to find your solutions here.