install ActiveDirectory Domain Services (ADDS) both run Windows Server2008 with Service Pack2 or later or Windows Server2008R2, and if you are using Distributed File System (DFS) Replication for SYSVOL, you can run the ntdsutil ifm command with an option to include the SYSVOL shared folder in the installation media. If the installation media includes SYSVOL, you must use Robocopy.exe to copy the installation media from the source domain controller to the destination server. For more information, see Installing an Additional Domain Controller by Using IFM.
Certification Preparation Material Page | 8 Question: 8 Your network consists of a single Active Directory domain. The network is located on the 172.16.0.0/23 subnet. The company hires temporary employees. You provide user accounts and computers to the temporary employees. The temporary employees receive computers that are outside the Active Directory domain. The temporary employees use their computers to connect to the network by using wired connections and wireless connections. The company's security policy specifies that the computers connected to the network must have the latest updates for the operating system. You need to plan the network's security so that it complies with the company's security policy. What should you include in your plan? A. Implement a Network Access Protection (NAP) strategy for the 172.16.0.0/23 subnet. B. Create an extranet domain within the same forest. Migrate the temporary employees' user accounts to the extranet domain. Install the necessary domain resources on the 172.16.0.0/23 subnet. C. Move the temporary employees' user accounts to a new organizational unit (OU). Create a new Group Policy object (GPO) that uses an intranet Microsoft Update server. Link the new GPO to the new OU. D. Create a new subnet in a perimeter network. Relocate the wireless access point to the perimeter network. Require authentication through a VPN server before allowing access to the internal resources. Answer: A Explanation: Network Access Protection Design Guide Updated: October 6, 2008 Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows Vista Network Access Protection (NAP) is one of the most anticipated features of the WindowsServer®2008 operating system. NAP is a new platform that allows network administrators to define specific levels of network access based on a client’s identity, the groups to which the client belongs, and the degree to which the client complies with corporate governance policy. If a client is not compliant, NAP provides a mechanism for automatically bringing the client into compliance (a process known as remediation) and then dynamically increasing its level of network access. NAP is supported by Windows Server2008R2, Windows Server2008, Windows7, WindowsVista®, and Windows® XP