What should you include in the recommendation?

Your company has two main offices and 10 branch offices. Each office is configured as a
separate Active Directory site.
The main offices sites are named Site1 and Site2. Each office connects to Site1 and Site2
by using a WAN link. Each site contains a domain controller that runs Windows Server 2008.
You are redesigning the Active Directory infrastructure.
You plan to implement domain controllers that run Windows Server 2012 and decommission
all of the domain controllers that run Windows Server 2008.
You need to recommend a placement plan for the Windows Server 2012 domain controllers
to meet the following requirements:
Ensure that users can log on to the domain if a domain controller or a WAN link fails.
Minimize the number of domain controllers implemented.
What should you include in the recommendation? (Each correct answer presents part of the
solution. Choose all that apply.)

Your company has two main offices and 10 branch offices. Each office is configured as a
separate Active Directory site.
The main offices sites are named Site1 and Site2. Each office connects to Site1 and Site2
by using a WAN link. Each site contains a domain controller that runs Windows Server 2008.
You are redesigning the Active Directory infrastructure.
You plan to implement domain controllers that run Windows Server 2012 and decommission
all of the domain controllers that run Windows Server 2008.
You need to recommend a placement plan for the Windows Server 2012 domain controllers
to meet the following requirements:
Ensure that users can log on to the domain if a domain controller or a WAN link fails.
Minimize the number of domain controllers implemented.
What should you include in the recommendation? (Each correct answer presents part of the
solution. Choose all that apply.)

A.
Read-only domain controllers (RODCs) in the branch office sites

B.
A writable domain controller in Site1

C.
A writable domain controller in Site2

D.
Writable domain controllers in the branch office sites



Leave a Reply 8

Your email address will not be published. Required fields are marked *


Brandon

Brandon

This seems wrong. I think it should be ABC, RODCs can cache logins for branch offices. I don’t understand why you would need a writable domain controller in a branch office.

puck

puck

Answer should be B and C.

Requirements:
-Ensure that users can log on to the domain if a [Singular, not plural] domain controller or a [singular, not plural] WAN link fails.
-MINIMIZE the number of domain controllers implemented.

Then – Each office connects to Site1 and Site2
by using a WAN link.

So there are two WAN links for each branch office, since they connect to Site 1 and Site 2. If ONE WAN (Site 1) link fails, then the branches can connect to Site 2 using the second WAN link.

We need to minimize the number of RODCs deployed. So creating a writable DC in the two main offices meets this criteria. All branches will authenticate over the lowest cost WAN link. If one WAN link goes down, they will use the other Site to authenticate.

We only need the two DCs in the main site.

Also, both D and A have NOTHING to do with the requirements… think about it, the requirements don’t stipulate any information that would allow you to choose between an RODC or a writable DC, so if one of those was a correct answer option, how would you know which one.

It does not say Branch users need to log on locally either. And even if it did, it still doesn’t give any information that enables you to decide between RODC or writable DC.

Piet

Piet

I.m.h.o. B, C and D are correct. Every branch has a WAN connection to each main office. Thus we can assume that for each branch office 2 WAN links are involved. But the question does not mention a WAN link between the main offices! Also the question does not give any information about the network and if it is fully routable.
A RODC is a DC so replacing a writable DC with a RODC does not minimize the number of DCs.
If none of the branch offices has a DC than 1 WAN link can fail and also one DC in a main office.
But what if for one branch office the WAN link to Site 1 fails and at the same time the DC in Site 2 is unavailable? If the network is not fully routable, which is what I assume, clients in that specific branch office will not be able to authenticate.

Hassona

Hassona

answer is BC

Chrisjones

Chrisjones

I agree with Puck completely.
I think its B and C,

Each office connects to Site1 and Site2 by using a WAN link.
There’s a DC at each site.
If one Wan link goes down they can still get to the other site.
If one DC goes down they can still get to the other DC.

Mnoble

Mnoble

No, each branch office has A (singular) WAN link. They don’t have WAN LINKS.

If the WAN link at a branch office goes down they aren’t getting to either site. They need a RODC at each branch.

RR

RR

By Default a RODC does not cache passwords. There is no info in the question that it does this for users at the remote site. If the remote site has only one WAN link (shared to both main sites), it needs a writable DC on its site if the WAN link is down. Therefore D is correct (and also BC)

Max

Max

I disagree, we’re talking about RECOMMENDATIONS here, not actual projects. For such a case, I would recommend ABC; once implemented, it CAN cache passwords and therefore authenticate users, even if the branch office is competely isolated. And, if anything, minimize the use of WRITABLE DCs.