← Back to exam page

70-742 Identity with Windows Server 2016

Loading demo links...

Showing 10–12 of 15 questions

Question 10 (Implement Active Directory Certificate Services)

You deploy a new certification authority (CA) to a server that runs Windows Server 2016.

You need to configure the CA to support recovery of certificates.

What should you do first?

Select an option, then click Submit answer.

  • Assign the Request Certificates permission to the user account that will be responsible for recovering certificates.

  • Configure the Key Recovery Agent template as a certificate template to issue.

  • Modify the Recovery Agents settings from the properties of the CA.

  • Modify the extension of the OCSP Response Signing template.
Question 11 (Manage and Maintain AD DS)

Your network contains an Active Directory forest named contoso.com.

A partner company has a forest named fabrikam.com. Each forest contains one domain.

You need to provide access for a group named Research in fabrikam.com to resources in contoso.com. The solution must use the principle of least privilege.

What should you do?

Select an option, then click Submit answer.

  • Create an external trust from fabrikam.com to contoso.com. Enable Active Directory split permissions in fabrikam.com.

  • Create an external trust from contoso.com to fabrikam.com. Enable Active Directory split permissions in contoso.com.

  • Create a one-way forest trust from contoso.com to fabrikam.com that uses selective authentication.

  • Create a one-way forest trust from fabrikam.com to contoso.com that uses selective authentication.
Question 12 (Implement Identity Federation and Access Solutions)

Your company uses Active Directory Rights Management Services (AD RMS).

You need to ensure that only users who use AD RMS client version 2.1 or newer can obtain a rights account certificate from the AD RMS cluster.

What should you enable first?

Select an option, then click Submit answer.

  • decommissioning

  • user exclusion

  • lockbox exclusion

  • Application Exclusion