Which managed service accounts should you recommend?

Testlet: Humongous Insurance
You need to recommend a strategy for using managed service accounts on the Web servers
Which managed service accounts should you recommend?
Testlet: Humongous Insurance (Case Study):
COMPANY OVERVIEW
Humongous Insurance has a main office and 20 branch offices. The main office is located in New York. The branch offices are located throughout North America. The main office has 8,000 users. Each branch office has 2 to 250 users.
PLANNED CHANGES
Humongous Insurance plans to implement Windows BitLocker Drive Encryption (BitLocker) on all servers.
EXISTING ENVIRONMENT
The network contains servers that run either Windows Server 2003, Windows Server 2008, or Windows Server 2008 R2. All client computers run either Windows 7 Enterprise or Windows Vista Enterprise.
BUSINESS GOALS
Humongous Insurance wants to minimize costs whenever possible.
EXISTING ACTIVE DIRECTORY/DIRECTORY SERVICES
The network contains a single Active Directory forest named humongousinsurance.com. The forest contains two child domains named north.humongousinsurance.com and south.humongousinsurance.com. The functional level of the forest is Windows Server 2008 R2.
EXISTING NETWORK INFRASTRUCTURE
Each child domain contains a Web server that has Internet Information Services (IIS) installed. The forest root domain contains three Web servers that have IIS installed. The Web servers in the forest root domain are configured in a Network Load Balancing (NLB) cluster. Currently, all of the Web servers use a single domain user account as a service account.
Windows Server Update Services (WSUS) is used for company-wide patch management. The WSUS servers do not store updates locally.
The network contains Remote Desktop servers that run Windows Server 2008 R2. Users in the sales department access a line-of-business Application by using Remote Desktop. Managers in the sales department use the Application to generate reports. Generating the reports is CPU intensive.
The sales managers report that when many users are connected to the servers, the reports take a long time to process.
Humongous Insurance has the following standard server builds:
. Class 1 – Dual x64 CPUs, 4-GB RAM, Windows Web Server 2008 R2
. Class 2 – Dual x64 CPUs, 4-GB RAM, Windows Server 2008 R2 Standard
. Class 3 – Quad x64 CPUs, 8-GB RAM, Windows Server 2008 R2 Standard
. Class 4 – Quad x64 CPUs, 8-GB RAM, Windows Server 2008 R2 Enterprise
CURRENT ADMINISTRATION MODEL
Humongous Insurance currently uses the following technologies to manage the network:
. Microsoft Desktop Optimization Pack
. Microsoft Forefront EndPoint Protection
. Microsoft System Center Operations Manager
. Microsoft System Center Configuration Manager
TECHNICAL REQUIREMENTS
Humongous Insurance must meet the following technical requirements:
. A certificate must be required to recover BitLocker-protected drives.
. Newly implemented technologies must minimize the impact on LAN traffic.
. Newly implemented technologies must minimize the storage requirements.
. The management of disk volumes and shared folders must be performed remotely whenever possible.
. Newly implemented technologies must minimize the amount of bandwidth used on Internet connections.
. All patches and updates must be tested in a non-production environment before they are applied to production servers.
. Multiple versions of a Group Policy object (GPO) must be maintained in a central archive to facilitate a roll back required.
. The management of passwords and service principal names (SPNs) for all service accounts must be automated whenever possible.
A. One account for all the web servers.
B. One account for each web server.
C. One account for the parent domain and one account for both child domains.
D. One account for the parent domain and one account for each child domain.

microsoft-exams

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.