You need to configure Active Directory Rights Management Services (AD RMS)

###BeginCaseStudy###
Case Study: 5
Contoso Ltd Case B
Background
Overview

Contoso, Ltd., is a software development company. The company has a main office in Seattle
and branch offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are
all located in the Los Angeles office. Contoso’s software developers are all located in the
New Delhi office.
Current Environment
The network for the Seattle office contains:
• 2 domain controllers with integrated DNS
• 200 Windows workstations
• 14-node Hyper-V cluster
• 1 file server with multiple shares
• 1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
• 2 domain controllers with integrated DNS
• 100 Windows workstations
• 1 file server with multiple shares
The network for the New Delhi office contains:
• 2 domain controllers with integrated DNS
• 300 Windows workstations
• 10 Hyper-V servers that host 100 development virtual machines (VMs)
• 50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is
connected to the Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named
contoso.com. Contoso.com has a configured certification authority (CA). Contoso currently
leverages System Center Virtual Machine Manager 2012 R2 to manage its virtual
environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR
users report that the application stops responding and must be restarted before they can
continue their work.
Fabrikam Inc
Contoso has recently acquired Fabrikam. Inc. Fabrikam has a single office that is located in
Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
• The network for Fabrikam contains:
• 2 domain controllers with Active Directory-integrated DNS
• 150 Windows workstations
• 5 Hyper-V servers
• 1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business Requirements
Consolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The
consolidation of the two networks must:
• Minimize all hardware and software costs.
• Minimize WAN traffic.
• Enable the users by providing self-service whenever possible.

Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using
the Trusted Platform
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
• Developers must be able to manage their own VM checkpoints.
• You must implement a disaster recovery strategy for development
virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
• Consolidate reporting of all software updates in all offices.
• Software updates must be applied to all Windows devices.
• Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
• Each time HRApp1 shows performance problems, ensure that a ticket
is created.
• When performance problems are resolved, ensure that the ticket closes
automatically.
Security
You have the following security requirements:
• Ensure that all documents are protected.
• Ensure that contoso.com domain users get use licenses for RMSprotected documents from the domain contoso.com.
• Ensure that fabrikam.com domain users get use licenses for RMSprotected documents from the domain contoso.com.
###EndCaseStudy###

DRAG DROP
You need to configure Active Directory Rights Management Services (AD RMS).
What should you do? To answer, drag the appropriate domain or option to the correct location.
Each domain or option may be used once, more than once, or not at all. You may need to drag the
split bar between panes or scroll to view content.

###BeginCaseStudy###
Case Study: 5
Contoso Ltd Case B
Background
Overview

Contoso, Ltd., is a software development company. The company has a main office in Seattle
and branch offices that are located in Los Angeles and New Delhi. Contoso’s sales staff are
all located in the Los Angeles office. Contoso’s software developers are all located in the
New Delhi office.
Current Environment
The network for the Seattle office contains:
• 2 domain controllers with integrated DNS
• 200 Windows workstations
• 14-node Hyper-V cluster
• 1 file server with multiple shares
• 1 Active Directory Rights Management Services (AD RMS) cluster
The network for the Los Angeles office contains:
• 2 domain controllers with integrated DNS
• 100 Windows workstations
• 1 file server with multiple shares
The network for the New Delhi office contains:
• 2 domain controllers with integrated DNS
• 300 Windows workstations
• 10 Hyper-V servers that host 100 development virtual machines (VMs)
• 50 production virtual machines that are hosted in Azure
All the Contoso offices connect to each other by using VPN links, and each office is
connected to the Internet.
Contoso has a single Active Directory Domain Services (AD DS) domain named
contoso.com. Contoso.com has a configured certification authority (CA). Contoso currently
leverages System Center Virtual Machine Manager 2012 R2 to manage its virtual
environment servers.
Contoso uses an application named HRApp1 for its human resources (HR) department. HR
users report that the application stops responding and must be restarted before they can
continue their work.
Fabrikam Inc
Contoso has recently acquired Fabrikam. Inc. Fabrikam has a single office that is located in
Seattle.
Fabrikam has a single AD DS domain named fabrikam.com.
• The network for Fabrikam contains:
• 2 domain controllers with Active Directory-integrated DNS
• 150 Windows workstations
• 5 Hyper-V servers
• 1 file server with multiple shares
A two-way trust exists between Contoso.com and Fabrikam.com.
Business Requirements
Consolidation
Contoso must complete the consolidation of the Contoso and Fabrikam networks. The
consolidation of the two networks must:
• Minimize all hardware and software costs.
• Minimize WAN traffic.
• Enable the users by providing self-service whenever possible.

Security
Contoso requires that all Windows client devices must be encrypted with BitLocker by using
the Trusted Platform
The CA for the domain contoso.com must be designated as the resource forest. The domain
fabrikam.com must leverage certificates that are issued by the domain contoso.com.
Other Information
HRApp1
Each time HRApp1 stops responding and is restarted, an incident must be created and
associated with the existing problem ticket.
Development environment
You have the following requirements:
• Developers must be able to manage their own VM checkpoints.
• You must implement a disaster recovery strategy for development
virtual machines.
Technical Requirements
Windows System Updates
You have the following system update requirements:
• Consolidate reporting of all software updates in all offices.
• Software updates must be applied to all Windows devices.
• Ensure the ability to report on update compliance.
Monitoring
You have the following monitoring requirements:
• Each time HRApp1 shows performance problems, ensure that a ticket
is created.
• When performance problems are resolved, ensure that the ticket closes
automatically.
Security
You have the following security requirements:
• Ensure that all documents are protected.
• Ensure that contoso.com domain users get use licenses for RMSprotected documents from the domain contoso.com.
• Ensure that fabrikam.com domain users get use licenses for RMSprotected documents from the domain contoso.com.
###EndCaseStudy###

DRAG DROP
You need to configure Active Directory Rights Management Services (AD RMS).
What should you do? To answer, drag the appropriate domain or option to the correct location.
Each domain or option may be used once, more than once, or not at all. You may need to drag the
split bar between panes or scroll to view content.

Answer:

Show Hint

Leave a Reply 10

Your email address will not be published. Required fields are marked *

Clever4ever

Clever4ever

The Question is a table, consisting of an Action-Column and a Domain-Column.

Action: Deploy AD RMS Cluster to Domain:

Action: Configure as a for the Domain. Domain:

Options to fill in: a)fabrikam.com b)trusted publishing domain c)contoso.com d) trusted user domain

Solution 1=c ; 2=a ; 3=b ; 4=a

Reply

Recover

Recover

I guess Answer would be

Deploy Ad RMS Cluster to Domain Contoso.com
Configure Fabrikam.com as a trusted publishing domain for the domain Contoso.com

1=c 2=a 3=b 4=c

Reply

Recover

Recover

Slight change in above answer might be

Deploy Ad RMS Cluster to Domain Contoso.com
Configure contoso.com as a trusted publishing domain for the domain Fabrikam.com

1=c 2=c 3=b 4=a

Reply

To wit

To wit

“Ensure that fabrikam.com domain users get use licenses for RMS protected documents from the domain contoso.com”

Deploy Ad RMS Cluster to Domain fabrikam.com
Configure Fabrikam.com as a trusted user domain for the domain Contoso.com

1=a 2=a 3=d 4=c

https://technet.microsoft.com/en-us/library/dd983944%28v=ws.10%29.aspx

An AD RMS cluster already exists in contoso.com; to establish any RMS trust, one is required in fabrikam.com.

Reply

Billy

Billy

Thank you for this. I thought I was going crazy! Why would we deploy a cluster to contoso.com when there’s already one there? Your answer makes more sense.

Reply

Jake

Jake

I agree with To Wit. Link explains nicely

Reply

JamesL

JamesL

Current Contoso Environment

• 1 Active Directory Rights Management Services (AD RMS) cluster

You have the following security requirements:
• Ensure that all documents are protected.
• Ensure that fabrikam.com domain users get use licenses for RMSprotected documents from the domain contoso.com.

I agree with answer provided by To wit

Reply

JamesL

JamesL

To assist anyone who is struggling with RMS TPD & TUD here are two good links

Link one covers the correct answer (after installing RMS in Fabrikam).
http://blogs.technet.com/b/rms/archive/2012/04/29/sharing-protected-documents-when-partners-have-an-ad-rms-installation.aspx

Link 2 also explains the answer as an option (Without the initial Fabrikam RMS installation)
http://blogs.technet.com/b/rms/archive/2012/04/29/sharing-protected-documents-when-partners-do-not-have-an-ad-rms-installation.aspx

Hope they help

Reply

bangbang

bangbang

can someone please finalize the answer to this … I am really confused!

Reply

BluAlien

BluAlien

To Wit is correct, no dubt.

Reply