Design and Implement Network Infrastructure Services
- 11/15/2012
Answers
This section contains the solutions to the thought experiments and answers to the objective review questions in this chapter.
Objective 2.1: Thought experiment
You would likely use Hot Standby Failover deploying two servers. The server at the primary location would normally service clients at the primary location, and a secondary server at a remote location would service requests for the remote site. In a Hot Standby scenario, if one of the servers fails, the other can service requests for its failed partner.
Objective 2.1: Review
Correct answer: C
Incorrect: This isn’t the correct split as recommended.
Incorrect: This isn’t the correct split as recommended.
Correct: An 80 percent/20 percent ratio for split scopes is good practice, with the primary server receiving 80 percent of the addresses and the secondary server receiving 20 percent.
Incorrect: This isn’t the correct split as recommended.
Correct answers: A and B
Correct: 00-11-09-*-*-* is a valid filter using wildcards to match multiple MACs.
Correct: 001109001111 is a valid MAC filter.
Incorrect: 00: 11: 09: 09: 11: 09 isn’t a valid MAC filter; it uses colons as a separator.
Incorrect: 00-11-09-7c-ef-% isn’t a valid MAC filter; it uses a percent sign as a wildcard indicator.
Correct answer: A
Correct: The path C:\Windows\system32\dhcp is the default location for the database. This is configured in the DHCP server’s Properties sheet.
Incorrect: The path C:\Program Files\Microsoft\DHCP\Data doesn’t exist.
Incorrect: The path C:\Windows\system32\DHCP\Data doesn’t exist.
Incorrect: The registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DHCP doesn’t house the DHCP database.
Correct answer: B
Incorrect: Increasing the split ratio so that the secondary server has more IP addresses from the scope makes it only so that the secondary server can assign more addresses; it doesn’t help alleviate the issue of the secondary server assigning addresses to clients at the primary location.
Correct: Introducing a delay for DHCP offers from the secondary using the DHCP management console accomplishes this task by allowing the primary server to respond first but the secondary to respond after a period of time. Because DHCP clients accept the first response, this achieves the requirements.
Incorrect: Reducing the load on the primary server so that it can respond faster may help, but because the scenario doesn’t indicate that the primary server was overloaded, the secondary server may just be responding faster for other reasons.
Incorrect: Placing the secondary DHCP server on a different network segment to introduce a delay in the response doesn’t meet the requirement and may introduce connectivity problems for DHCP responses.
Objective 2.2: Thought experiment
On the secondary server, you should make sure that the primary server is reachable. This might be achieved with a simple ping command, assuming that ICMP echo requests and echo responses aren’t blocked by a firewall. You could also use nslookup on the secondary server and point to the primary server to query for information on the contoso.com domain.
On the primary server, you should ensure network connectivity to the secondary server and—importantly—ensure that zone transfers are allowed to the secondary server. This is accomplished at the zone level within the Zone Transfers tab of the Properties sheet. Ensuring that the firewall allows both UDP and TCP ports 53 inbound is also a good idea.
Objective 2.2: Review
Correct answers: B and C.
Incorrect: This isn’t a supported configuration as defined by Microsoft.
Correct: This is a supported configuration.
Correct: This is a supported configuration
Incorrect: This isn’t a supported configuration.
Correct answer: C
Incorrect: The dnscmd command syntax is incorrect.
Incorrect: The dnscmd command syntax is incorrect.
Correct: This is the correct syntax for this task.
Incorrect: The dnscmd command syntax is incorrect.
Correct answer: A
Correct: DNS socket pool randomizes source ports for queries.
Incorrect: This isn’t a valid option.
Incorrect: This isn’t a valid option.
Incorrect: This isn’t a valid option.
Correct answer: D
Incorrect: This isn’t a valid registry key.
Incorrect: This isn’t a valid registry key.
Incorrect: This isn’t a valid registry key.
Correct: This is the correct registry key.
Objective 2.3: Thought experiment
You first need create the GPOs by using the Invoke-IpamGpoProvisioning command. Then, you need to run gpupdate /force on the servers to be managed. Finally, you need to set the server to Managed status within IPAM.
Objective 2.3: Review
Correct answer: D
Incorrect: IPAM Users is a real group but doesn’t include the permission to view audit information.
Incorrect: This isn’t a real group.
Incorrect: The IPAM Administrators group has the privilege but isn’t the minimum level necessary for the task.
Correct: IPAM IP Audit Administrators is the minimum privileges required for this task.
Correct answer: D
Incorrect: This isn’t a real command.
Incorrect: Although gpupdate is a real command, the proposed answer shows an invalid switch for this operation.
Incorrect: This is an invalid command.
Correct: The gpupdate /force command retrieves the appropriate GPOs from the IPAM server.
Correct answer: C
Incorrect: This interval is invalid for this task.
Incorrect: This interval is invalid for this task.
Correct: The ServerDiscovery task runs once daily through Task Scheduler by default.
Incorrect: This interval is invalid for this task.
Correct answer: B
Incorrect: This is a valid criterion; refer to Figure 2-16.
Correct: Event Region isn’t a valid criterion.
Incorrect: This is a valid criterion; refer to Figure 2-16.
Incorrect: This is a valid criterion; refer to Figure 2-16.
Correct answer: B
Incorrect: IPAM servers don’t exchange information.
Correct: IPAM servers don’t communicate to exchange information.
Incorrect: IPAM servers don’t communicate using this protocol.
Incorrect: IPAM servers don’t exchange information.
){kind=link}