You need four (4) servers and three (3) workstations. You need to create two new VMs that will become the base VMs for all other machines: one for Windows Server 2016 and one for Windows 10. Configure the basic OS settings (time zone, date/time, networking, etc.) for both OSs, configure and install updates from Windows Update, and run sysprep. Using Hyper-V Manager, export both VMs. Using Windows Explorer, create a new folder that will contain the lab VMs. In that newly created folder, create seven subfolders for each VM you need. Copy the entire folder of the exported base Windows Server 2016 VMs into each respective server folder, four copies. Copy the entire folder of the exported base Windows 10 VMs into each respective workstation folder, three copies. Using Hyper-V Manager, import each of the copied VMs. After the import has been completed, make sure to rename the VM in Hyper-V Manager to its respective name. After all VMs have been imported, configure the Active Directory Domain Services (AD DS), DNS, and DHCP server for the test domain. Next, configure the three application servers, including joining the test domain and installing the LOB applications. Lastly, configure each of the workstations, including joining the test domain and installing both the corporate standard applications and the client software for the LOB applications. Scenario 8-2: Securing a VM You administer a virtual machine running on Hyper-V that contains secret information, which needs to be protected at all costs. Describe how to ensure that the virtual machine is secure. You can use several Hyper-V security options, including Secure Boot, encryption support, and shielding. To use these options, the virtual machine must be a Generation 2 virtual machine. The Secure Boot will ensure that the machine boots only software that is trusted by the PC manufacturer or the user and will help prevent malware. Next, you can enable the Trusted Platform Module (TPM) chip to encrypt the virtual disk using BitLocker. You can then use the Hyper-V shielding option, which will disable certain management features like console connection, PowerShell Direct, and some integration components.