Does this meet the goal?

In this section, you’ll see one or more sets of questions with the same scenario and problem. Each
question presents a unique solution to the problem, and you must determine whether the solution
meets the stated goals Any of the solutions might solve the problem. It is also possible that none
of the solutions solve the problem. Once you answer a question in this section, you will NOT be
able to return to it. As a result, these questions will not appear in the review screen.
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution Determine whether the solution meets the
stated goals.
Your network contains an Active Directory forest named contoso.com. The forest contains a
member server named Server1 that runs Windows Server 2016. All domain controllers run
Windows Server 2012 R2. contoso.com has the following configuration.

You plan to deploy an Active Directory Federation Services (AD FS) farm on Served and to
configure device registration. You need to configure Active Directory to support the planned
deployment. Solution: You upgrade a domain controller to Windows Server 2016. Does this meet
the goal?

In this section, you’ll see one or more sets of questions with the same scenario and problem. Each
question presents a unique solution to the problem, and you must determine whether the solution
meets the stated goals Any of the solutions might solve the problem. It is also possible that none
of the solutions solve the problem. Once you answer a question in this section, you will NOT be
able to return to it. As a result, these questions will not appear in the review screen.
Note: This question is part of a series of questions that present the same scenario. Each
question in the series contains a unique solution Determine whether the solution meets the
stated goals.
Your network contains an Active Directory forest named contoso.com. The forest contains a
member server named Server1 that runs Windows Server 2016. All domain controllers run
Windows Server 2012 R2. contoso.com has the following configuration.

You plan to deploy an Active Directory Federation Services (AD FS) farm on Served and to
configure device registration. You need to configure Active Directory to support the planned
deployment. Solution: You upgrade a domain controller to Windows Server 2016. Does this meet
the goal?

A.
Yes

B.
No

Show Hint

Leave a Reply 13

Your email address will not be published. Required fields are marked *

d-man

d-man

I say A also, question says you “upgrade a DC to 2016” to do this, the 2016 schema must already be in place.

These 2 ADFS scenario questions are quite tricky and everyone seems to have conflicting answers.

Reply

Nicolas G.

Nicolas G.

Upgrade a domain controller to Windows Server 2016 will update the schema also during the DCpromo wizard. so after we have alle pre-requisites for support device registration. The answer is A for me :

https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-fs/operations/configure-device-based-conditional-access-on-premises

Requirement Description
An Azure AD subscription with Azure AD Premium To enable device write back for on premises conditional access – a free trial is fine
Intune subscription only required for MDM integration for device compliance scenarios -a free trial is fine
Azure AD Connect November 2015 QFE or later. Get the latest version here.
Windows Server 2016 Build 10586 or newer for AD FS
Windows Server 2016 Active Directory schema Achema level 85 or higher is required for msDS-IsCompliant attribute for device compliance scenarios
Windows Server 2016 domain controller This is only required for Microsoft Passport for Work
Windows 10 client Build 10586 or newer, joined to the above domain is required for Windows 10 Domain Join and Microsoft Passport for Work scenarios only
Azure AD user account with Azure AD Premium license assigned For registering the device

Reply

Tetra-Grammaton-Cleric

Tetra-Grammaton-Cleric

Answer is “B. No”

Installing Server 2016 does not automaticaaly upgrade the DFL or FFL. Going to ADUC and *manually* upgrading the DFL will while opening AD Domains and Trusts and right-clicking on ADDT will allow you to upgrade the FFL.

ADFS 3.0 (the default in Server 2012 and 2016) Device Registration requires Forest Functional Level of at least Server 2012 R2.

Reply

Knox

Knox

Source? I’ve seen this link that specifies all you need is the AD schema prep: https://technet.microsoft.com/en-us/library/dn550982(v=ws.11)

“You do not need a domain controller running Windows Server 2012 R2 for this solution. All you need is a schema update from your current AD DS installation. For more information about extending the schema, see Install Active Directory Domain Services. You can update the schema on existing domain controllers without installing a domain controller that runs Windows Server 2012 R2 by Running Adprep.exe.”

ADprep is performed during the DC promotion process starting with Server 2012

Reply

dziri

dziri

Correct Answer: –>> A

We are upgrading DS not AD FS, Since the beginning the schema version is 85, which means we can deploy AD FS in W2K16

***********************************************
Moving from AD FS in Windows Server 2012 R2 to
AD FS in Windows Server 2016 is easier
***********************************************
Previously, migrating to a new version of AD FS required exporting configuration from the old farm and importing to a brand new, parallel farm.

Now, moving from AD FS on Windows Server 2012 R2 to AD FS on Windows Server 2016 has become much easier. Simply add a new Windows Server 2016 server to a Windows Server 2012 R2 farm, and the farm will act at the Windows Server 2012 R2 farm behavior level, so it looks and behaves just like a Windows Server 2012 R2 farm.

Then, add new Windows Server 2016 servers to the farm, verify the functionality and remove the older servers from the load balancer. Once all farm nodes are running Windows Server 2016, you are ready to upgrade the farm behavior level to 2016 and begin using the new features.

Reply

Ray

Ray

Answer: B
Explanation:
Device Registration requires Windows Server 2012 R2 forest schema (not just domain schema).

Reply

Don Smith

Don Smith

Upgrading a domain controller does NOT automatically upgrade the functional level. It simply installs server 2016 and leaves the FFL intact. All DC’s must be deprecated that do not support the functional level you wish to upgrade to.

Functional level required for mobile device registration through ADFS is 2012R2 as already stated.

The answer is B.

Reply

Rickey Keith

Rickey Keith

New MCSA (Server 2016) 70-743 Exam Questions and Answers (1/Dec/2017 Updated):

NEW QUESTION 154
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. You need to create a Nano Server image named Nano1 that will be used as a virtualization host. The Windows Server 2016 source files are located in Drive D.
Solution: You run the following cmdlet:
New-NanoServerImage -Edition Datacenter -DeploymentType Host -Package Microsoft-NanoServer-SCVMM-Package -MediaPath D:\ -TargetPath C:\Nano1\Nano1.wim -ComputerName Nano1 -Domainname contoso.com
Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 155
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solutions, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Server1 that runs Windows Server 2016. Server1 is configured as a VPN server. Server1 is configured to allow domain users to establish VPN connections from 06:00 to 18:00 everyday of the week. You need to ensure that domain users can establish VPN connections only between Monday and Friday.
Solution: From Routing and Remote Access, you configure the Properties of Server1.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 156
Your network contains three subnets, a production subnet that contains production servers, a development network that contains development servers, and a client network that contains client computers. The development network is used to test applications and reproduces servers that are located on the production network. The development network and the production network use the same IP address range. A developer has a client computer on the client network. The developer reports that when he attempts to connect to the IP address 10.10.1.6 from his computer, he connects to a server on the production network. You need to ensure that when the developer connects to 10.10.1.6, he connects to a sever on the development network. Which cmdlet should you use?

A. New-NetNeighbor
B. New-NetRoute
C. Set-NetTcpSetting
D. Set-NetNeighbir

Answer: B

NEW QUESTION 157
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solutions, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com. The forest has three sites located in London, Paris and Berlin. The London site contains a web server named Web1 that runs Windows Server 2016. You need to configure Web1 as an HTTP content server for the hosted cache servers located in the Paris and Berlin sites.
Solution: You install the DFS Replication role service, and then you start the Network Connections service.
Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 158
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solutions, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com. The forest has three sites located in London, Paris and Berlin. The London site contains a web server named Web1 that runs Windows Server 2016. You need to configure Web1 as an HTTP content server for the hosted cache servers located in the Paris and Berlin sites.
Solution: You install the BranchCache feature, and then you start the BranchCache service.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 159
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solutions, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com. The forest has three sites located in London, Paris and Berlin. The London site contains a web server named Web1 that runs Windows Server 2016. You need to configure Web1 as an HTTP content server for the hosted cache servers located in the Paris and Berlin sites.
Solution: You install the Deployment Server role service, and then you restart the World Wide Web Publishing Service.
Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 160
You are implementing a new network. The network contains a DHCP server named DHCP1 that runs Windows Server 2016. DHCP1 contains a scope named Scope1 for the 192.168.0/24 subnet. Your company has the following policy for allocating IP addresses:
– All server addresses must be excluded from DHCP scopes.
– All client computer must receive IP addresses from Scope1.
– All Windows servers must have IP addresses in the range of 192.168.0.200 to 192.168.0.240.
– All other network devices must have IP addresses in the range of 192.168.0.180 to 192.168.0.199.
You deploy a print device named Print1. You need to ensure that Print1 adheres to the policy for allocating IP addresses. Which command should you use?

A. Add-DhcpServerv4Lease
B. Add-DhcpServerv4ExclusionRange
C. Add-DhcpServerv4Filter
D. Add-DhcpServerv4Reservation

Answer: B

NEW QUESTION 161
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution. After your answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory forest named contoso.com. You need to identify which server is the schema master.
Solution: From Windows PowerShell, you run Get-ADDomainController -Discover -Service 2 cmdlet.
Does this meet the goal?

A. Yes
B. No

Answer: B

NEW QUESTION 162
You have a Scale-Out File Server that has a share named Share1. Share1 contains a virtual disk file named Disk1.vhd. You plan to create a guest failover cluster. You need to ensure that you can use the virtual disk as a shared virtual disk for the gust failover cluster. Which cmdlet should you use?

A. Optimize VHD
B. Optimize VHDSet
C. Convert-VHD
D. Set-VHD

Answer: A

NEW QUESTION 163
You plan to deploy several Hyper-V hosts that run Windows Server 2016. The deployment will use Software Defined Networking (SDN) and VXLAN. Which server role should you install on the network to support the planned deployment?

A. Network Controller
B. Network Policy and Access Services
C. Remote Access
D. Host Guardian Service

Answer: D

NEW QUESTION 164
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some questions sets might have more than one correct solutions, while others might not have a correct solution. After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a server named Server1 that runs Windows Server 2016. Server1 is configured as a VPN server. Server1 is configured to allow domain users to establish VPN connections from 06:00 to 18:00 everyday of the week. You need to ensure that domain users can establish VPN connections only between Monday and Friday.
Solution: From Network Policy Server, you modify the Network Policies on Server1.
Does this meet the goal?

A. Yes
B. No

Answer: A

NEW QUESTION 165
……

P.S. You Can Get The Newest 70-743 Dumps In PDF And VCE From — https://www.passleader.com/70-743.html (187q VCE and PDF)

Good Luck!

Reply