Categories
70-412 Dumps

70-412 Real Exam Dumps Questions and answers 71-80

Get Full Version of the Exam
http://www.EnsurePass.com/70-412.html

Question No.71

DRAG DROP

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.

You plan to install the Active Directory Federation Services server role on Server1 to allow for Workplace Join.

You run nslookup enterprise registration and you receive the following results:

image

You need to create a certificate request for Server1 to support the Active Directory Federation Services (AD FS) installation.

How should you configure the certificate request?

To answer, drag the appropriate names to the correct locations. Each name may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

image

Correct Answer:

image

Question No.72

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is an enterprise root certification authority (CA) for contoso.com. Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA. Your account is a member of the local Administrators group on Server1. You enable CA role separation on Server1. You need to ensure that you can manage the certificates on the CA. What should you do?

  1. Remove your user account from the local Administrators group.

  2. Assign the CA administrator role to your user account.

  3. Assign your user account the Bypass traverse checking user right.

  4. Remove your user account from the Manage auditing and security log user right.

Correct Answer: D

Question No.73

Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed. Server2 is a file server. Your company introduces a Bring Your Own Device (BYOD) policy. You need to ensure that users can use a personal device to access domain resources by using Single Sign-On (SSO) while they are connected to the internal network. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

  1. Enable the Device Registration Service in Active Directory.

  2. Publish the Device Registration Service by using a Web Application Proxy.

  3. Configure Active Directory Federation Services (AD FS) for the Device Registration Service.

  4. Create and configure a sync share on Server2.

  5. Install the Work Folders role service on Server2.

Correct Answer: AC

Question No.74

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domain-joined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

  1. Active Directory Users and Computers

  2. Certificate Templates

  3. The Security Configuration Wizard

  4. The Certificates snap-in

Correct Answer: A

Question No.75

DRAG DROP

Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2.

A federated trust exists between adatum.com and contoso.com. The trust provides adatum.com users with access to contoso.com resources.

You need to configure Active Directory Federation Services (AD FS) claim rules for the federated trust.

The solution must meet the following requirements:

image

In contoso.com, replace an incoming claim type named Group with an outgoing claim type named Role.

image

In adatum.com, allow users to receive their tokens for the relying party by using their Active Directory group membership as the claim type.

The AD FS claim rules must use predefined templates.

Which rule types should you configure on each side of the federated trust?

To answer, drag the appropriate rule types to the correct location or locations. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

image

Correct Answer:

image

Question No.76

You have a datacenter that contains six servers. Each server has the Hyper-V server role installed and runs Windows Server 2012 R2. The servers are configured as shown in the following table.

image

Host4 and Host5 are part of a cluster named Cluster1. Cluster1 hosts a virtual machine named VM1.

You need to move VM1 to another Hyper-V host. The solution must minimize the downtime of VM1.

To which server and by which method should you move VM1?

  1. To Host3 by using a storage migration

  2. To Host6 by using a storage migration

  3. To Host2 by using a live migration

  4. To Host1 by using a quick migration

Correct Answer: A

Explanation:

The migration of a virtual machine between physical computers is only supported on computers that have the same processor steppings or are from the same vendor. Therefore you cannot move a virtual machine from a Hyper-V host on an Intel-based server to a Hyper-V Host on an AMD-based server.

Ref: http://technet.microsoft.com/en-us/library/ee849855(v=WS.10).aspx

Hyper-V in Windows Server 2012 introduces support for moving virtual machine storage without downtime by making it possible to move the storage while the virtual machine remains running. Ref: http://technet.microsoft.com/en-us/library/hh831656.aspx

Quick Migration saves, moves and restores VMs, which results in some downtime. Ref: http://technet.microsoft.com/en-us/library/jj628158.aspx

Windows Server 2008 R2 amp; Microsoft Hyper-V Server 2008 R2 – Hyper-V Live Migration Overview amp; Architecture (http://www.microsoft.com/en- us/download/details.aspx?id=12601)

Question No.77

DRAG DROP

You have two failover clusters named Cluster1 and Cluster2. All of the nodes in both of the clusters run Windows Server 2012 R2.

Cluster1 hosts two virtual machines named VM1 and VM2.

You plan to configure VM1 and VM2 as nodes in a new failover cluster named Cluster3. You need to configure the witness disk for Cluster3 to be hosted on Cluster2.

Which three actions should you perform in sequence?

To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.

image

Correct Answer:

image

Question No.78

Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a Clustered Shared Volume (CSV). A developer creates an application named App1. App1 is NOT a cluster-aware application. App1 stores data in the file system. You need to ensure that App1 runs in Cluster1. The solution must minimize development effort. Which cmdlet should you run?

  1. Add-ClusterServerRole

  2. Add-ClusterGenericServiceRole

  3. Add ClusterScaleOutFileServerRole

  4. Add ClusterGenericApplicationRole

Correct Answer: D

Explanation:

  • Add-ClusterGenericApplicationRole Configure high availability for an application that was not originally designed to run in a failover cluster.

  • If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over.

    Question No.79

    HOTSPOT

    Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2.

    Server1 and 5erver2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the URL http://app1.contoso.com.

    You deploy a new server named Server3 that runs Windows Server 2012 R2. The contoso.com DNS zone contains the records shown in the following table.

    image

    You need to add Server3 to the NLB cluster. What command should you run?

    To answer, select the appropriate options in the answer area.

    image

    Correct Answer:

    image

    Question No.80

    DRAG DROP

    Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server1, Server2, Server3, and Server4. All servers run Windows Server 2012 R2.

    Server1 and Server3 are located in a site named Site1. Server2 and Server4 are located in a site named Site2. The servers are configured as nodes in a failover cluster named Cluster1.

    Dynamic quorum management is disabled.

    Cluster1 is configured to use the Node Majority quorum configuration.

    You need to ensure that users in Site2 can access Cluster1 if the network connection between the two sites becomes unavailable.

    What should you run from Windows PowerShell?

    To answer, drag the appropriate commands to the correct location. Each command may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

    image

    Correct Answer:

    image

    Get Full Version of 70-412 Dumps

  • Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 81-90

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.81

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers are configured as nodes in an NLB cluster named Cluster1. Port rules are configured for all clustered Applications. You need to ensure that Server2 handles all client requests to the cluster that are NOT covered by a port rule. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. The Scale-Out File Server

    Correct Answer: G

    Explanation:

    http://technet.microsoft.com/en-us/library/bb742455.aspx

    image

    Question No.82

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 hosts an Application named App1. You need to ensure that Server2 handles all of the client requests to the cluster for App1. The solution must ensure that if Server2 fails, Server1 becomes the active node for App1. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. the Scale-Out File Server

    Correct Answer: J

    Explanation:

    http://blogs.msdn.com/b/clustering/archive/2008/10/14/9000092.aspx

    The preferred owner in a 2 server cluster will always be the active node unless it is down.

    Question No.83

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. You add two additional nodes to Cluster1. You have a folder named Folder1 on Server1 that contains Application data. You plan to provide continuously available access to Folder1. You need to ensure that all of the nodes in Cluster1 can actively respond to the client requests for Folder1. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. The Scale-Out File Server

    Correct Answer: L

    Explanation:

    http://technet.microsoft.com/en-us/library/hh831349.aspx

    Scale-Out File Server for Application data (Scale-Out File Server) This clustered file server is introduced in Windows Server 2012 R2 and lets you store server Application data, such as Hyper-V virtual machine files, on file shares, and obtain a similar level of reliability, availability, manageability, and high performance that you would expect from a storage area network. All file shares are online on all nodes simultaneously. File shares associated with this type of clustered file server are called scale-out file shares. This is sometimes referred to as active-active.

    image

    Question No.84

    Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the

    DNS Server server role installed.

    The network contains client computers that run either Linux, Windows 7, or Windows 8. You have a zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)

    image

    You plan to configure Name Protection on all of the DHCP servers.

    You need to configure the adatum.com zone to support Name Protection. What should you do?

    1. Change the zone type.

    2. Sign the zone.

    3. Add a DNSKEY record.

    4. Configure Dynamic updates.

    Correct Answer: D

    Question No.85

    HOTSPOT

    Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.

    The network has the physical sites and TCP/IP subnets configured as shown in the following table.

    image

    You have a web application named App1 that is hosted on six separate Web servers. DNS has the host names and IP addresses registered as shown in the following table.

    image

    You discover that when users connect to appl.contoso.com, they are connected frequently to a server that is not on their local subnet.

    You need to ensure that when the users connect to appl.contoso.com, they connect to a server on their local subnet. The connections must be distributed across the servers that host app1.contoso.com on their subnet.

    Which two settings should you configure?

    To answer, select the appropriate two settings in the answer area.

    image

    Correct Answer:

    image

    Question No.86

    You have a server named Server1 that runs Windows Server 2012 R2. Server1 is located in the perimeter network and has the DNS Server server role installed.

    Server1 has a zone named contoso.com. You Apply a security template to Server1.

    After you Apply the template, users report that they can no longer resolve names from contoso.com.

    On Server1, you open DNS Manager as shown in the DNS exhibit. (Click the Exhibit button.)

    image

    On Server1, you open Windows Firewall with Advanced Security as shown in the Firewall exhibit. (Click the Exhibit button.)

    image

    You need to ensure that users can resolve contoso.com names. What should you do?

    1. From Windows Firewall with Advanced Security, disable the DNS (TCP, Incoming) rule and the DNS (UDP, Incoming) rule.

    2. From DNS Manager, modify the Zone Transfers settings of the contoso.com zone.

    3. From DNS Manager, unsign the contoso.com zone.

    4. From DNS Manager, modify the Start of Authority (SOA) of the contoso.com zone.

    5. From Windows Firewall with Advanced Security, modify the profiles of the DNS (TCP, Incoming) rule and the DNS (UDP, Incoming) rule.

    Correct Answer: E

    Question No.87

    Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2.

    The domain contains four servers. The servers are configured as shown in the following table.

    image

    You need to deploy IP Address Management (IPAM) to manage DNS and DHCP. On which server should you install IPAM?

    1. DC1

    2. DC2

    3. DC3

    4. Server1

    Correct Answer: D

    Explanation:

    D.IPAM cannot be installed on Domain Controllers. All other servers have the DC role http://technet.microsoft.com/en-us/library/hh831353.aspx

    image

    Question No.88

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. You install the DHCP Server server role on Server1 and Server2. You install the IP Address Management (IPAM) Server feature on Server1. You notice that you cannot discover Server1 or Server2 in IPAM. You need to ensure that you can use IPAM to discover the DHCP infrastructure. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

    1. On Server2, create an IPv4 scope.

    2. On Server1, run the Add-IpamServerInventory cmdlet.

    3. On Server2, run the Add-DhcpServerInDc cmdlet

    4. On both Server1 and Server2, run the Add-DhcpServerv4Policy cmdlet.

    5. On Server1, uninstall the DHCP Server server role.

    Correct Answer: AE Explanation: Solution:

    1. Verify that the DHCP server role is not installed on the IPAM server.

    2. Verify that at least one IPv4 scope is configured on a DHCP server. http://technet.microsoft.com/en-us/library/jj878309.aspx

    Question No.89

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. Server1 has an IPv6 scope named Scope1. You implement an additional DHCP server named Server2 that runs Windows Server 2012 R2. You need to provide high availability for Scope1. The solution must minimize administrative effort. What should you do?

    1. Install and configure Network Load Balancing (NLB) on Server1 and Server2.

    2. Create a scope on Server2.

    3. Configure DHCP failover on Server1.

    4. Install and configure Failover Clustering on Server1 and Server2.

    Correct Answer: B

    Explanation:

    http://blogs.technet.com/b/canitpro/archive/2013/07/10/step-by-step-dhcp-high-availability-with- windowsserver-2012-r2.aspx

    http://technet.microsoft.com/en-us/library/hh831385.aspx

    Configure DHCP failover on the server that created the scope. In this case Server1 created Scope1 therefore DHCP Failover should be configured on Server1

    Question No.90

    Your network contains two Active Directory forests named contoso.com and corp.contoso.com.

    image

    User1 is a member of the DnsAdmins domain local group in contoso.com.

    User1 attempts to create a conditional forwarder to corp.contoso.com but receive an error message shown in the exhibit. (Click the Exhibit button.)

    image

    You need to configure bi-directional name resolution between the two forests. What should you do first?

    1. Add User1 to the DnsUpdateProxy group.

    2. Configure the zone to be Active Directory-integrated.

    3. Enable the Advanced view from DNS Manager.

    4. Run the New Delegation Wizard.

    Correct Answer: B

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 91-100

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.91

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server3 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.

    DHCP is configured as shown in the exhibit. (Click the Exhibit button.)

    image

    Scope1, Scope2, and Scope3 are configured to assign the IP addresses of two DNS servers to DHCP clients. The remaining scopes are NOT configured to assign IP addresses of DNS servers to DHCP clients.

    You need to ensure that only Scope1, Scope3, and Scopes assign the IP addresses of the DNS servers to the DHCP clients. The solution must minimize administrative effort.

    What should you do?

    1. Create a superscope and a filter.

    2. Create a superscope and scope-level policies.

    3. Configure the Server Options.

    4. Configure the Scope Options.

    Correct Answer: D

    Question No.92

    Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com. Selective authentication is enabled on the forest trust. Contoso contains 10 servers that have the File Server role service installed. Users successfully access shared folders on the file servers by using permissions granted to the Authenticated Users group. You migrate the file servers to adatum.com. Contoso users report that after the migration, they are unable to access shared folders on the file servers. You need to ensure that the Contoso users can access the shared folders on the file servers. What should you do?

    1. Disable selective authentication on the existing forest trust.

    2. Disable SID filtering on the existing forest trust.

    3. Run netdom and specify the /quarantine attribute.

    4. Replace the existing forest trust with an external trust.

    Correct Answer: B

    Explanation:

    http://technet.microsoft.com/en-us/library/cc794713(v=ws.10).aspx

    image

    Question No.93

    Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. The functional level of the forest is Windows Server 2003.

    You have a domain outside the forest named adatum.com.

    image

    You need to configure an access solution to meet the following requirements: Users in adatum.com must be able to access resources in contoso.com.

    image

    Users in adatum.com must be prevented from accessing resources in fabrikam.com.

    image

    Users in both contoso.com and fabrikam.com must be prevented from accessing resources in adatum.com.

    What should you create?

    1. a one-way realm trust from contoso.com to adatum.com

    2. a one-way realm trust from adatum.com to contoso.com

    3. a one-way external trust from contoso.com to adatum.com

    4. a one-way external trust from adatum.com to contoso.com

    Correct Answer: C

    Explanation:

    In a One-way: incoming trust, users in your (trusted) domain can be authenticated in the other (trusting) domain. Users in the other domain cannot be authenticated in your domain.

    Question No.94

    Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest functional level is Windows Server 2012 R2. You have a domain controller named DC1. On DC1, you create a new Group Policy object (GPO) named GPO1. You need to verify that GPO1 was replicated to all of the domain controllers. Which tool should you use?

    1. Group Policy Management

    2. Active Directory Sites and Services

    3. DFS Management

    4. Active Directory Administrative Center

    Correct Answer: A

    Explanation:

    http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/3e580e00-d619-4d25- b22d-18f0170279c4

    http://technet.microsoft.com/en-us/library/jj134176.aspx

    Question No.95

    Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and child1.contoso.com. The domains contain three

    domain controllers. The domain controllers are configured as shown in the following table.

    image

    You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in both domains.

    Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

    1. Raise the domain functional level of contoso.com.

    2. Raise the domain functional level of child1.contoso.com.

    3. Raise the forest functional level of contoso.com.

    4. Upgrade DC11 to Windows Server 2012 R2.

    5. Upgrade DC1 to Windows Server 2012 R2.

    Correct Answer: AE

    Explanation:

    The root domain in the forest must be at Windows Server 2012 level. First upgrade DC1 to this level, then raise the contoso.com domain functional level to Windows Server 2012.

    Question No.96

    Your company recently deployed a new Active Directory forest named contoso.com. The forest contains two Active Directory sites named Site1 and Site2. The first domain controller in the forest runs Windows Server 2012 R2. You need to force the replication of the SYSVOL folder from Site1 to Site2. Which tool should you use?

    1. Active Directory Sites and Services

    2. DFS Management

    3. Repadmin

    4. Dfsrdiag

    Correct Answer: D

    Explanation:

    D. In Windows Server 2012 R2, Windows Server 2008 R2, or Windows Server 2008, you can force replication immediately by using DFS Management, as described in Edit Replication Schedules. You can also force replication by using the Dfsrdiag SyncNow command. You can force polling by using the Dfsrdiag PollAD command.

    http://technet.microsoft.com/en-us/library/cc773238(v=ws.10).aspx#BKMK_072

    Question No.97

    Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest contains three Active Directory sites named SiteA, SiteB, and SiteC. The sites contain four domain controllers. The domain controllers are configured as shown in the following table.

    image

    An IP site link exits between each site.

    You discover that the users in SiteC are authenticated by the domain controllers in SiteA and SiteB.

    You need to ensure that the SiteC users are authenticated by the domain controllers in SiteB, unless all of the domain controllers in SiteB are unavailable.

    What should you do?

    1. Create an SMTP site link between SiteB and SiteC.

    2. Create additional connection objects for DC3 and DC4.

    3. Decrease the cost of the site link between SiteB and SiteC.

    4. Create additional connection objects for DC1 and DC2.

    Correct Answer: C

    Explanation:

    By decreasing the site link cost between SiteB and SiteC the SiteC users would be authenticated by SiteB rather than by SiteA.

    Question No.98

    Your network contains an Active Directory forest. The forest contains one domain named adatum.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.

    image

    DC2 has all of the domain-wide operations master roles. DC3 has all of the forest-wide operation master roles.

    You need to ensure that you can use Password Settings objects (PSOs) in the domain. What should you do first?

    1. Uninstall Active Directory from DC1.

    2. Change the domain functional level.

    3. Transfer the domain-wide operations master roles.

    4. Transfer the forest-wide operations master roles.

    Correct Answer: A

    Question No.99

    You have a server named FS1 that runs Windows Server 2012 R2. You install the File and Storage Services server role on FS1. From Windows Explorer, you view the properties of a shared folder named Share1 and you discover that the Classification tab is missing. You need to ensure that you can assign classifications to Share1 from Windows Explorer manually. What should you do?

    1. From Folder Options, select Show hidden files, folders, and drives.

    2. From Folder Options, clear Use Sharing Wizard (Recommend).

    3. Install the File Server Resource Manager role service.

    4. Install the Enhanced Storage feature.

    Correct Answer: C

    Question No.100

    Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 are configured as shown in the following table.

    image

    You need to ensure that when new targets are added to Server1, the targets are registered on Server2 automatically.

    What should you do on Server1?

    1. Configure the Discovery settings of the iSCSI initiator.

    2. Configure the security settings of the iSCSI target.

    3. Run the Set-Wmilnstance cmdlet.

    4. Run the Set-IscsiServerTarget cmdlet.

    Correct Answer: C

    Explanation:

    http://blogs.technet.com/b/filecab/archive/2012/06/08/iscsi-target-cmdlet-reference.aspx 11.Manage iSNS server registration

    The iSNS server registration can be done using the following cmdlets, which manages the WMI objects.

    To add an iSNS server:

    Set-WmiInstance -Namespace root\wmi -Class WT_iSNSServer -Arguments

    @{ServerName=quot;ISNSservernamequot;}

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 101-110

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.101

    HOTSPOT

    You have a file server named Server1 that runs Windows Server 2012 R2.

    Server1 contains a file share that must be accessed by only a limited number of users.

    You need to ensure that if an unauthorized user attempts to access the file share, a custom access-denied message appears, which contains a link to request access to the share. The message must not appear when the unauthorized user attempts to access other shares.

    Which two nodes should you configure in File Server Resource Manager? To answer, select the appropriate two nodes in the answer area.

    image

    Correct Answer:

    image

    Question No.102

    Your network contains three servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2. You need to ensure that Server1 can provide iSCSI storage for Server2 and Server3. What should you do on Server1?

    1. Start the Microsoft iSCSI Initiator Service and configure the iSCSI Initiator Properties.

    2. Install the iSNS Server service feature and create a Discovery Domain.

    3. Install the Multipath I/O (MPIO) feature and configure the MPIO Properties.

    4. Install the iSCSI Target Server role service and configure iSCSI targets.

    Correct Answer: D

    Explanation:

    iSCSI: it is an industry standard protocol allow sharing block storage over the Ethernet. The server shares the storage is called iSCSI Target. The server (machine) consumes the storage is called iSCSI initiator. Typically, the iSCSI initiator is an application server. For example, iSCSI Target provides storage to a SQL server, the SQL server will be the iSCSI initiator in this deployment.

    Target: It is an object which allows the iSCSI initiator to make a connection. The Target keeps track of the initiators which are allowed to be connected to it. The Target also keeps track of the iSCSI virtual disks which are associated with it. Once the initiator establishes the connection to the Target, all the iSCSI virtual disks associated with the Target will be accessible by the initiator. iSCSI Target Server: The server runs the iSCSI Target. It is also the iSCSI Target role name in Windows Server 2012.

    image

    Question No.103

    HOTSPOT

    You have a server named Server1 that runs Windows Server 2012 R2. You are configuring a storage space on Server1.

    You need to ensure that the storage space supports tiered storage. Which settings should you configure?

    To answer, select the appropriate options in the answer area.

    image

    Correct Answer:

    image

    Question No.104

    HOTSPOT

    Your company has a main office and a branch office. An Active Directory site exists for each office.

    The network contains an Active Directory forest named contoso.com. The contoso.com domain contains three member servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2.

    In the main office, you configure Server1 as a file server that uses BranchCache.

    In the branch office, you configure Server2 and Server3 as BranchCache hosted cache servers. You are creating a Group Policy for the branch office site.

    Which two Group Policy settings should you configure?

    To answer, select the appropriate two settings in the answer area.

    image

    Correct Answer:

    image

    Question No.105

    HOTSPOT

    Your company has a main office and a branch office. The main office is located in Detroit. The branch office is located in Seattle.

    The network contains an Active Directory domain named adatum.com. Client computers run either Windows 7 Enterprise or Windows 8 Enterprise.

    The main office contains 1,000 client computers and 50 servers. The branch office contains 20 client computers.

    All computer accounts for the branch office are located in an organizational unit (OU) named SeattleComputers. A Group Policy object (GPO) named GPO1 is linked to the SeattleComputers OU.

    You need to configure BranchCache for the branch office.

    image

    Correct Answer:

    image

    Question No.106

    Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. You are creating a central access rule named TestFinance that will be used to grant members of the Authenticated users group access to a folder stored on a Microsoft SharePoint Server 2013 server. You need to ensure that the permissions are granted when the rule is published. What should you do?

    1. Set the Permissions to Use the following permissions as proposed permissions.

    2. Set the Permissions to Use following permissions as current permissions.

    3. Add a Resource condition to the current permissions entry for the Authenticated Users principal.

    4. Add a User condition to the current permissions entry for the Authenticated Users principal.

    Correct Answer: B

    Question No.107

    HOTSPOT

    You have a server that runs Windows Server 2012 R2 and has the iSCSI Target Server role service installed.

    You run the New-IscsiVirtualDisk cmdlet as shown in the New-IscsiVirtualDisk exhibit. (Click the Exhibit button.)

    image

    To answer, complete each statement according to the information presented in the exhibits. Each correct selection is worth one point.

    image

    Correct Answer:

    image

    Question No.108

    Your network contains an Active Directory domain named contoso.com. The network contains a file server named Server1 that runs Windows Server 2012 R2. You are configuring a central access policy for temporary employees. You enable the Department resource property and assign the property a suggested value of Temp. You need to configure a target resource condition for the central access rule that is scoped to resources assigned to Temp only. Which condition should you use?

    1. (Temp.Resource Equals quot;Departmentquot;)

    2. (Resource.Temp Equals quot;Departmentquot;)

    3. (Resource.Department Equals quot;Tempquot;)

    4. (Department.Value Equals quot;Tempquot;)

    Correct Answer: C

    Explanation:

    http://technet.microsoft.com/fr-fr/library/hh846167.aspx

    image

    Question No.109

    Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2 and two domain controllers named DC1 and DC2. Both domain controllers are located in Site1. You install an additional domain controller named DC3 in Site1 and you ship DC3 to Site2. A technician connects DC3 to Site2. You discover that users in Site2 are authenticated by all three domain controllers. You need to ensure that the users in Site2 are authenticated by DC1 or DC2 only if DC3 is unavailable. What should you do?

    1. From Network Connections, modify the IP address of DC3.

    2. In Active Directory Sites and Services, modify the Query Policy of DC3.

    3. From Active Directory Sites and Services, move DC3.

    4. In Active Directory Users and Computers, configure the insDS-PrimaryComputer attribute for the users in Site2.

    Correct Answer: C

    Explanation:

    1. Modifying IP will not effect authentication

    2. A query policy prevents specific Lightweight Directory Access Protocol (LDAP) operations from adversely impacting the performance of the domain controller and also makes the domain controller more resilient to denial-of-service attacks.

    3. DC3 needs to be moved to Site2 in AD DS http://technet.microsoft.com/en-us/library/cc778098(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc759326(v=ws.10).aspx

    Question No.110

    Your network contains two Active Directory forests named contoso.com and litwareinc.com. A two-way forest trusts exists between the forest. Selective authentication is enabled on the trust. The contoso.com forest contains a server named Server1. You need to ensure that users in litwareinc.com can access resources on Server1. What should you do?

    1. Install Active Directory Rights Management Services on a domain controller in contoso.com.

    2. Modify the permission on the Server1 computer account.

    3. Install Active Directory Rights Management Services on a domain controller in litwareinc.com.

    4. Configure SID filtering on the trust.

    Correct Answer: B

    Explanation:

    Selective authentication between forests

    If you decide to set selective authentication on an incoming forest trust, you need to manually assign permissions on each computer in the domain as well as the resources to which you want users in the second forest to have access. To do this, set a control access right Allowed to authenticate on the computer object that hosts the resource in Active Directory Users and Computers in the second forest. Then, allow user or group access to the particular resources you want to share.

    Reference: Accessing resources across forests

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 111-120

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.111

    Your network contains an Active Directory domain named adatum.com. The domain contains two domain controllers that run Windows Server 2012 R2. The domain controllers are configured as shown in the following table.

    image

    You log on to DC1 by using a user account that is a member of the Domain Admins group, and then you create a new user account named User1.

    You need to prepopulate the password for User1 on DC2. What should you do first?

    1. Connect to DC2 from Active Directory Users and Computers.

    2. Add DC2 to the Allowed RODC Password Replication Policy group.

    3. Add the User1 account to the Allowed RODC Password Replication Policy group.

    4. Run Active Directory Users and Computers as a member of the Enterprise Admins group.

    Correct Answer: C

    Explanation:

    http://technet.microsoft.com/en-us/library/cc730883(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc753470(v=ws.10).aspx#BKMK_pre

    image

    Question No.112

    Your network contains an Active Directory forest named contoso.com. The contoso.com domain only contains domain controllers that run Windows Server 2012 R2.

    The forest contains a child domain named child.contoso.com. The child.contoso.com domain only contains domain controllers that run Windows Server 2008 R2. The child.contoso.com domain contains a member server named Server1 that runs Windows Server 2012 R2.

    You have access to four administrative user accounts in the forest. The administrative user accounts are configured as shown in the following table.

    image

    You need to ensure that you can add a domain controller that runs Windows Server 2012 R2 to the child.contoso.com domain.

    Which account should you use to run adprep.exe?

    1. Admin1

    2. Admin2

    3. Admin3

    4. Admin4

    Correct Answer: C

    Explanation:

    http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx

    image

    Question No.113

    Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 is a file server that has the Hyper-V server role installed. Server1 hosts several virtual machines. The virtual machine configuration files are stored on drive D and the VHD files are stored on drive E. You plan to replace drive E with a larger volume. You need to ensure that the virtual machines on Server1 remain available while drive E is being replaced. What should you do?

    1. Perform a quick migration.

    2. Add Server1 and Server2 as nodes in a failover cluster.

    3. Perform a live migration.

    4. Perform a storage migration.

    Correct Answer: D

    Explanation:

    D. Hyper-V in Windows Server 2012 R2 introduces support for moving virtual machine storage without downtime by making it possible to move the storage while the virtual machine remains running.

    http://technet.microsoft.com/en-us/library/hh831656.aspx

    image

    Question No.114

    Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 and Server2 are nodes in a failover cluster named Cluster1. The network contains two servers named Server3 and Server4 that run Windows Server 2012 R2. Server3 and Server4 are nodes in a failover cluster named Cluster2. You need to move all of the applications and the services from Cluster1 to Cluster2. What should you do first from Failover Cluster Manager?

    1. On a server in Cluster2, configure Cluster-Aware Updating.

    2. On a server in Cluster2, click Move Core Cluster Resources, and then click Best Possible Node.

    3. On a server in Cluster1, click Move Core Cluster Resources, and then click Best Possible Node.

    4. On a server in Cluster1, click Migrate Roles.

    Correct Answer: A

    Explanation:

    https://technet.microsoft.com/en-us/library/dn486833.aspx

    Some additional steps typically are needed before or after you run the wizard, including the following:

    Configure Cluster Aware Updating (CAU). (Windows Server 2012 only) and If this is the case then the answer would be 鈥淎鈥? Cluster aware updating.

    Question No.115

    You deploy an Active Directory Federation Services (AD FS) 2.1 infrastructure. The infrastructure uses Active Directory as the attribute store. Some users report that they fail to authenticate to the AD FS infrastructure. You discover that only users who run third-party web browsers experience issues. You need to ensure that all of the users can authenticate to the AD FS infrastructure successfully. Which Windows PowerShell command should you run?

    1. Set-ADFSProperties -ProxyTrustTokenLifetime 1:00:00

    2. Set-ADFSProperties -AddProxyAuthenticationRules None

    3. Set-ADFSProperties -SSOLifetime 1:00:00

    4. Set-ADFSProperties -ExtendedProtectionTokenCheck None

    Correct Answer: D

    Explanation:

    image

    Question No.116

    Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and is configured as a standalone certification authority (CA). You install a second server named Server2. You install the Online Responder role service on Server2. You need to ensure that Server1 can issue an Online Certificate Status Protocol (OCSP) Response Signing certificate to Server2. What should you run on Server1?

    1. The certreq.exe command and specify the -policy parameter

    2. The certutil.exe command and specify the -getkey parameter

    3. The certutil.exe command and specify the -setreg parameter

    4. The certreq.exe command and specify the -retrieve parameter

    Correct Answer: C

    Question No.117

    DRAG DROP

    Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains an Active Directory Rights Management Services (AD RMS) root cluster. All servers run Windows Server 2012 R2.

    You need to ensure that the rights account certificates issued in adatum.com are accepted by the AD RMS root cluster in contoso.com.

    What should you do in each forest?

    To answer, drag the appropriate actions to the correct forests. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

    image

    Correct Answer:

    image

    Question No.118

    Your network contains four Active Directory forests. Each forest contains an Active Directory Rights Management Services (AD RMS) root cluster. All of the users in all of the forests must be able to access protected content from any of the forests. You need to identify the minimum number of AD RMS trusts required. How many trusts should you identify?

    1. 3

    2. 6

    3. 12

    4. 16

    Correct Answer: C

    Question No.119

    Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domain-joined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

    1. Active Directory Users and Computers

    2. Server Manager

    3. The Certificates snap-in

    4. The Certification Authority console

    Correct Answer: A

    Question No.120

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs a Server Core installation of Windows Server 2012 R2. You need to deploy a certification authority (CA) to Server1. The CA must support the auto- enrollment of certificates. Which two cmdlets should you run? (Each correct answer presents part of the solution. Choose two.)

    1. Add-CAAuthoritylnformationAccess

    2. Install-AdcsCertificationAuthority

    3. Add-WindowsFeature

    4. Install-AdcsOnlineResponder

    5. Install-AdcsWebEnrollment

    Correct Answer: BE

    Explanation:

  • The Install-AdcsCertificationAuthority cmdlet performs installation and configuration of the AD CS CA role service.

  • *The Install-AdcsWebEnrollment cmdlet performs initial installation and configuration of the Certification Authority Web Enrollment role service.

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 121-130

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.121

    Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights Management Services server role installed. The domain contains a domain local group named Group1. You create a rights policy template named Template1. You assign Group1 the rights to Template1. You need to ensure that all the members of Group1 can use Template1.

    What should you do?

    1. Configure the email address attribute of Group1.

    2. Convert the scope of Group1 to global.

    3. Convert the scope of Group1 to universal.

    4. Configure the email address attribute of all the users who are members of Group1.

    Correct Answer: D

    Explanation:

    http://social.technet.microsoft.com/wiki/contents/articles/13130.ad-rms-troubleshooting-

    guide.aspx

    Question No.122

    You have a server named Server1 that runs Windows Server 2012 R2.

    From Server Manager, you install the Active Directory Certificate Services server role on Server1. A domain administrator named Admin1 logs on to Server1.

    When Admin1 runs the Certification Authority console, Admin1 receive the following error message.

    image

    You need to ensure that when Admin1 opens the Certification Authority console on Server1, the error message does not appear.

    What should you do?

    1. Run the Install-AdcsCertificationAuthority cmdlet.

    2. Install the Active Directory Certificate Services (AD CS) tools.

    3. Modify the PATH system variable.

    4. Add Admin1 to the Cert Publishers group.

    Correct Answer: A

    Question No.123

    Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1. The File Server Resource Manager role service is installed on Server1. All servers run Windows Server 2012 R2.

    A Group Policy object (GPO) named GPO1 is linked to the organizational unit (OU) that contains Server1. The following graphic shows the configured settings in GPO1.

    image

    Server1 contains a folder named Folder1. Folder1 is shared as Share1.

    You attempt to configure access-denied assistance on Server1, but the Enable access- denied assistance option cannot be selected from File Server Resource Manager.

    You need to ensure that you can configure access-denied assistance on Server1 manually by using File Server Resource Manager.

    Which two actions should you perform?

    1. Set the Enable access-denied assistance on client for all file types policy setting to Disabled for GPO1.

    2. Set the Customize message for Access Denied errors policy setting to Not Configured for GPO1.

    3. Set the Enable access-denied assistance on client for all file types policy setting to Enabled for GPO1.

    4. Set the Customize message for Access Denied errors policy setting to Enabled for GPO1.

    Correct Answer: CD

    Explanation:

    http://technet.microsoft.com/en-us/library/hh831402.aspx

    Question No.124

    Your network contains an Active Directory forest named contoso.com. The forest contains four domains. All servers run Windows Server 2012 R2. Each domain has a user named User1. You have a file server named Server1 that is used to synchronize user folders by using the Work Folders role service. Server1 has a work folder named Sync1. You need to ensure that each user has a separate folder in Sync1. What should you do?

    1. From Windows Explorer, modify the Sharing properties of Sync1.

    2. Run the Set-SyncServerSetting cmdlet.

    3. From File and Storage Services in Server Manager, modify the properties of Sync1.

    4. Run the Set-SyncShare cmdlet.

    Correct Answer: D

    Explanation:

    http://technet.microsoft.com/en-US/library/dn296649.aspx

    Question No.125

    HOTSPOT

    Your network contains an Active Directory domain named contoso.com. The relevant servers in the domain are configured as shown in the following table.

    image

    You plan to create a shared folder on Server1 named Share1. Share1 must only be accessed by users who are using computers that are joined to the domain.

    You need to identify which servers must be upgraded to support the requirements of Share1.

    In the table below, identify which computers require an upgrade and which computers do not require an upgrade. Make only one selection in each row. Each correct selection is worth one point.

    image

    Correct Answer:

    image

    Question No.126

    You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.

    You attempt to delete a classification property and you receive the error message as shown in the exhibit. (Click the Exhibit button.)

    image

    You need to delete the is Confidential classification property. What should you do?

    1. Delete the classification rule that is assigned the is Confidential classification property.

    2. Disable the classification rule that is assigned the is Confidential classification property.

    3. Set files that have an is Confidential classification property value of Yes to No.

    4. Clear the is Confidential classification property value of all files.

    Correct Answer: A

    Explanation:

    What is the File Classification Infrastructure?

    The Windows Server 2008 R2 File Classification Infrastructure (FCI) automates classification processes so that you can manage your data more effectively. You can save money and reduce

    risk by storing and retaining files based on their business value or impact. The built-in solution for file classification provides expiration, custom tasks, and reporting. The extensible infrastructure enables you to meet additional customer classification needs by building rich end-to-end classification solutions that are built on the classification foundation of Windows Server in a consistent and supported way and within the existing Windows file serving platforms.

    Question No.127

    Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed. You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL). You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted. Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.)

    1. Client Authentication

    2. Kernel Mode Code Signing

    3. Server Authentication

    4. IP Security end system

    5. KDC Authentication

    Correct Answer: AC

    Explanation:

    Replica Server Certificate Requirements

    To enable a server to receive replication traffic, the certificate in the replica server must meet the following conditions

    * Enhanced Key Usage must support both Client and Server authentication Etc. Reference: Hyper-V Replica – Prerequisites for certificate based deployments

    Question No.128

    HOTSPOT

    You have a server named Server1 that runs Windows Server 2012 R2. The volumes on Server1 are configured as shown in the following table.

    image

    A new corporate policy states that backups must use Windows Azure Online Backup whenever possible.

    You need to identify which backup methods you must use to back up Server1. The solution must use Windows Azure Online Backup whenever possible.

    Which backup type should you identify for each volume?

    To answer, select the appropriate backup type for each volume in the answer area.

    image

    Correct Answer:

    image

    Question No.129

    You have a file server named Server1 that runs a Server Core Installation of Windows Server 2012 R2. Server1 has a volume named D that contains user data. Server1 has a volume named E that is empty. Server1 is configured to create a shadow copy of volume D every hour. You need to configure the shadow copies of volume D to be stored on volume E. What should you run?

    1. The Set-Volume cmdlet with the -driveletter parameter

    2. The Set-Volume cmdlet with the -path parameter

    3. The vssadmin.exe add shadowstorage command

    4. The vssadmin.exe create shadow command

    Correct Answer: C

    Explanation:

    1. Sets or changes the file system label of an existing volume. -DriveLetter Specifies a letter used to identify a drive or volume in the system.

    2. Sets or changes the file system label of an existing volume -Path Contains valid path information.

    3. Displays current volume shadow copy backups and all installed shadow copy writers and providers. AddShadowStroage Adds a shadow copy storage association for a specified volume.

    4. Displays current volume shadow copy backups and all installed shadow copy writers and providers. Shadow Creates a new shadow copy of a specified volume.

    http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx

    Question No.130

    You have a server named Server1 that runs Windows Server 2012 R2. Each day, Server1 is backed up fully to an external disk. On Server1, the disk that contains the operating system fails. You replace the failed disk. You need to perform a bare-metal recovery of Server1 by using the Windows Recovery Environment (Windows RE). What should you use?

    1. The Wbadmin.exe command

    2. The Repair-bde.exe command

    3. The Get-WBBareMetalRecovery cmdlet

    4. The Start-WBVolumeRecovery cmdlet

    Correct Answer: A

    Explanation:

    1. Enables you to back up and restore your operating system, volumes, files, folders, and applications from a command prompt.

    2. Accesses encrypted data on a severely damaged hard disk if the drive was encrypted by using BitLocker. Repair-bde can reconstruct critical parts of the drive and salvage recoverable data as long as a valid recovery password or recovery key is used to decrypt the data.

    3. Gets the value that indicates whether the ability to perform bare metal recoveries from backups has been added to the backup policy (WBPolicy object).

    4. Starts a volume recovery operation.

    >

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 41-50

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.41

    You have 30 servers that run Windows Server 2012 R2. All of the servers are backed up daily by using Windows Azure Online Backup. You need to perform an immediate backup of all the servers to Windows Azure Online Backup. Which Windows PowerShell cmdlets should you run on each server?

    1. Get-OBPolicy | StartOBBackup

    2. Start-OBRegistration | StartOBBackup

    3. Get-WBPolicy | Start-WBBackup

    4. Get-WBBackupTarget | Start-WBBackup

    Correct Answer: A

    Explanation:

    A.starts a backup job using a policy

    B.Registers the current computer to Windows Azure Backup. C.Not using Azure

    D.Not using Azure

    http://technet.microsoft.com/en-us/library/hh770406(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh770426.aspx http://technet.microsoft.com/en-us/library/hh770398.aspx

    Question No.42

    You have a server named Server1 that runs Windows Server 2012 R2 and is used for testing. A developer at your company creates and installs an unsigned kernel-mode driver on Server1. The developer reports that Server1 will no longer start. You need to ensure that the developer can test the new driver. The solution must minimize the amount of data loss. Which Advanced Boot Option should you select?

    1. Disable Driver Signature Enforcement

    2. Disable automatic restart on system failure

    3. Last Know Good Configuration (advanced)

    4. Repair Your Computer

    Correct Answer: A

    Explanation:

    1. By default, 64-bit versions of Windows Vista and later versions of Windows will load a kernel- mode driver only if the kernel can verify the driver signature. However, this default behavior can be disabled to facilitate early driver development and non-automated testing.

    2. Specifies that Windows automatically restarts your computer when a failure occurs

    3. Developer would not be able to test the driver as needed

    4. Removes or repairs critical windows files, Developer would not be able to test the driver as needed and some file loss

    http://technet.microsoft.com/en-us/library/jj134246.aspx http://msdn.microsoft.com/en-us/library/windows/hardware/ff547565(v=vs.85).aspx

    image

    Question No.43

    You have a server named Server1 that runs Windows Server 2012 R2.

    When you install a custom Application on Server1 and restart the server, you receive the following error message: quot;The Boot Configuration Data file is missing some required information.

    File: \Boot\BCD

    Error code: 0x0000034.quot;

    You start Server1 by using Windows PE.

    You need to ensure that you can start Windows Server 2012 R2 on Server1. Which tool should you use?

    1. Bootsect

    2. Bootim

    3. Bootrec

    4. Bootcfg

    Correct Answer: C

    Explanation:

    A. Bootsect.exe updates the master boot code for hard disk partitions to switch between BOOTMGR and NTLDR. You can use this tool to restore the boot sector on your computer. This tool replaces FixFAT and FixNTFS.

    1. Bootrec.exe tool to troubleshoot quot;Bootmgr Is Missingquot; issue. The /ScanOs option scans all disks for installations that are compatible with Windows Vista or Windows 7. Additionally, this option displays the entries that are currently not in the BCD store. Use this option when there are Windows Vista or Windows 7 installations that the Boot Manager menu does not list.

    2. The bootcfg command is a Microsoft Windows Server 2003 utility that modifies the Boot.ini file. http://technet.microsoft.com/en-us/library/cc749177(v=ws.10).aspx http://support.microsoft.com/kb/927392/en-us

    http://answers.microsoft.com/en-us/windows/forum/windows_7-system/error-code-0x0000034-in- windows-7/4dcb8d38-a206-40ed-bced-55e4a4de9bf2

    Question No.44

    You have a server named Server1 that runs Windows Server 2012 R2.

    Server1 is backed up by using Windows Server Backup. The backup configuration is shown in the exhibit. (Click the Exhibit button.)

    image

    You discover that only the last copy of the backup is maintained. You need to ensure that multiple backup copies are maintained. What should you do?

    1. Modify the backup destination.

    2. Configure the Optimize Backup Performance settings.

    3. Modify the Volume Shadow Copy Service (VSS) settings.

    4. Modify the backup times.

    Correct Answer: A

    Explanation:

    A. The destination in the exhibit shows a network share is used. If a network share is being used only the latest copy will be saved

    http://windows.microsoft.com/en-us/windows7/where-should-i-save-my-backup

    image

    Question No.45

    Your network contains an Active Directory domain named contoso.com. The domain contains four servers named Server1, Server2, Server3, and Server4 that run Windows Server 2012 R2. All servers have the Hyper-V server role and the Failover Clustering feature installed.

    image

    You need to replicate virtual machines from Cluster1 to Cluster2.

    Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

    1. From Hyper-V Manager on a node in Cluster2, create three virtual machines.

    2. From Cluster2, add and configure the Hyper-V Replica Broker role.

    3. From Failover Cluster Manager on Cluster1, configure each virtual machine for replication.

    4. From Cluster1, add and configure the Hyper-V Replica Broker role.

    5. From Hyper-V Manager on a node in Cluster2 modify the Hyper-V settings.

    Correct Answer: BCD

    Explanation:

    These are two clusters, to replicate any VM to a cluster you need to configure the Replica Broker role on each cluster the last step should be enabling replication on the VMs.

    Question No.46

    You have a server named Server1 that runs Windows Server 2012 R2. Each day, Server1 is backed up fully to an external disk. On Server1, the disk that contains the operating system fails. You replace the failed disk. You need to perform a bare-metal recovery of Server1 by using the Windows Recovery Environment (Windows RE). What should you do?

    1. Run the Start-WBVolumeRecovery cmdlet and specify the -backupset parameter.

    2. Run the Get-WBBareMetalRecovery cmdlet and specify the -policy parameter.

    3. Run the wbadmin.exe start recovery command and specify the -recoverytarget parameter.

    4. Run the wbadmin.exe start sysrecovery command and specify the -backuptarget parameter.

    Correct Answer: D

    Explanation:

    Performs a system recovery (bare metal recovery). This subcommand can be run only from the Windows Recovery Environment.

    Ref: http://technet.microsoft.com/en-us/library/cc742118.aspx

    Question No.47

    You have a virtual machine named VM1 that runs on a host named Host1. You configure VM1 to replicate to another host named Host2. Host2 is located in the same physical location as Host1. You need to add an additional replica of VM1. The replica will be located in a different physical site. What should you do?

    1. From VM1 on Host2, click Extend Replication.

    2. On Host1, configure the Hyper-V settings.

    3. From VM1 on Host1, click Extend Replication.

    4. On Host2, configure the Hyper-V settings.

    Correct Answer: A

    Explanation:

    http://blogs.technet.com/b/virtualization/archive/2013/12/10/hyper-v-replica-extend- replication.aspx

    Once that is done, go to replica site and from Hyper-V UI manager select the VM for which you want to extend the replication. Right click on VM and select quot;Replication-gt;Extend Replication …quot;. This will open Extend Replication Wizard which is similar to Enable Replication Wizard. http://technet.microsoft.com/en-us/library/dn551365.aspx

    http://technet.microsoft.com/en-us/library/jj134240.aspx

    NOTE:

    You configure a server to receive replication with Hyper-V Manager, in this situation the replica site is assumed to be the Replica Server. Therefore you extend replication from VM1 on Host2.

    Question No.48

    Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed. Server1 and Server2 are located in different offices. The offices connect to each other by using a high-latency WAN link. Server2 hosts a virtual machine named VM1. You need to ensure that you can start VM1 on Server1 if Server2 fails. The solution must minimize hardware costs. What should you do?

    1. On Server1, install the Multipath I/O (MPIO) feature. Modify the storage location of the VHDs for VM1.

    2. From the Hyper-V Settings of Server2, modify the Replication Configuration settings. Enable replication for VM1.

    3. On Server2, install the Multipath I/O (MPIO) feature. Modify the storage location of the VHDs for VM1.

    4. From the Hyper-V Settings of Server1, modify the Replication Configuration settings. Enable replication for VM1.

    Correct Answer: D

    Explanation:

    You first have to enable replication on the Replica serverServer1by going to the server and modifying the quot;Replication Configurationquot; settings under Hyper-V settings. You then go to VM1 which presides on Server2 and run the quot;Enable Replicationquot; wizard on VM1.

    image

    Question No.49

    You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 contains a virtual machine named VM1 that runs Windows Server 2012 R2. You fail to start VM1 and you suspect that the boot files on VM1 are corrupt. On Server1, you attach the virtual hard disk (VHD) of VM1 and you assign the VHD a drive letter of F. You need to repair the corrupt boot files on VM1. What should you run?

    1. bootrec.exe /rebuildbcd

    2. bootrec.exe /scanos

    3. bcdboot.exe f:\windows /s c:

    4. bcdboot.exe c:\windows /s f:

    Correct Answer: D

    Explanation:

    Enables you to quickly set up a system partition, or to repair the boot environment located on the system partition. The system partition is set up by copying a simple set of Boot Configuration Data (BCD) files to an existing empty partition.

    image

    Question No.50

    DRAG DROP

    Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1. All servers run Windows Server 2012 R2.

    All domain user accounts have the Division attribute automatically populated as part of the user provisioning process. The Support for Dynamic Access Control and Kerberos armoring policy is enabled for the domain.

    You need to control access to the file shares on Server1 based on the values in the Division attribute and the Division resource property.

    Which three actions should you perform in sequence?

    image

    Correct Answer:

    image

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 51-60

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.51

    You have a server named LON-DC1 that runs Windows Server 2012 R2. An iSCSI virtual disk named VirtualiSCSI1.vhd exists on LON-DC1 as shown in the exhibit. (Click the Exhibit button.)

    image

    You create a new iSCSI virtual disk named VirtualiSCSI2.vhd by using the existing itgt iSCSI target.

    VirtualiSCSIl.vhd is removed from LON-DC1.

    You need to assign VirtualiSCSI2.vhd a logical unit value of 0. What should you do?

    1. Modify the properties of the itgt ISCSI target.

    2. Modify the properties of the VirtualiSCSI2.vhd iSCSI virtual disk.

    3. Run the Set-VirtualDisk cmdlet and specify the -Uniqueld parameter.

    4. Run the iscsicli command and specify the reportluns parameter.

    Correct Answer: B

    Explanation:

    The virtual disk has the option to change the lun ID, no other option available in the answers appear to allow this change.

    Note:

    Logical unit numbers (LUNs) created on an iSCSI disk storage subsystem are not directly assigned to a server. For iSCSI, LUNs are assigned to logical entities called targets.

    Question No.52

    HOTSPOT

    You have a file server named Server1 that runs Windows Server 2012 R2.

    You need to ensure that you can use the NFS Share – Advanced option from the New Share Wizard in Server Manager.

    Which two role services should you install?

    To answer, select the appropriate two role services in the answer area.

    image

    Correct Answer:

    image

    Question No.53

    DRAG DROP

    Your network contains an Active Directory domain named contoso.com. All file servers in the domain run Windows Server 2012 R2.

    The computer accounts of the file servers are in an organizational unit (OU) named OU1. A Group Policy object (GPO) named GPO1 is linked to OU1.

    You plan to modify the NTFS permissions for many folders on the file servers by using central access policies.

    You need to identify any users who will be denied access to resources that they can currently access once the new permissions are implemented.

    In which order should you Perform the five actions?

    image

    Correct Answer:

    image

    Question No.54

    Your network contains 20 iSCSI storage appliances that will provide storage for 50 Hyper-V hosts running Windows Server 2012 R2. You need to configure the storage for the Hyper-V hosts. The solution must minimize administrative effort. What should you do first?

    1. Install the iSCSI Target Server role service and configure iSCSI targets.

    2. Install the iSNS Server service feature and create a Discovery Domain.

    3. Start the Microsoft iSCSI Initiator Service and configure the iSCSI Initiator Properties.

    4. Install the Multipath I/O (MPIO) feature and configure the MPIO Properties.

    Correct Answer: C

    Explanation:

    鈥滱 software iSCSI initiator is installed by default on Windows Server 2012 and Hyper-V Server 2012 as the MSiSCSI service. However, the MSiSCSI service isn鈥檛 set to automatically startup, so we can start the MSiSCSI service with the following PowerShell command lines:

    Set-Service -Name MSiSCSI -StartupType Automatic鈥?/p>

    Question No.55

    Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. All client computers run Windows

    8. You need to configure a custom Access Denied message that will be displayed to users when they are denied access to folders or files on Server1. What should you configure?

    1. A classification property

    2. The File Server Resource Manager Options

    3. A file management task

    4. A file screen template

    Correct Answer: B

    Question No.56

    DRAG DROP

    You have a server that runs Windows Server 2012 R2. You create a new work folder named Share1.

    You need to configure Share1 to meet the following requirements:

    Ensure that all synchronized copies of Share1 are encrypted. Ensure that clients synchronize to Share1 every 30 minutes.

    Ensure that Share1 inherits the NTFS permissions of the parent folder. Which cmdlet should you use to achieve each requirement?

    To answer, drag the appropriate cmdlets to the correct requirements. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

    image

    Correct Answer:

    image

    Question No.57

    HOTSPOT

    Your network contains an Active Directory domain named contoso.com. All client computers run Windows 8 Enterprise.

    You have a remote site that only contains client computers. All of the client computer accounts are located in an organizational unit (CU) named Remote1. A Group Policy object (GPO) named GPO1 is linked to the Remote1 OU.

    You need to configure BranchCache for the remote site. Which two settings should you configure in GPO1?

    To answer, select the two appropriate settings in the answer area.

    image

    Correct Answer:

    image

    Question No.58

    You have a server named Server1 that runs Windows Server 2012 R2. The storage on Server1 is configured as shown in the following table.

    image

    You plan to implement Data Deduplication on Server1.

    You need to identify on which drives you can enable Data Deduplication.

    Which three drives should you identify? (Each correct answer presents part of the solution. Choose three.)

    1. C

    2. D

    3. E

    4. F

    5. G

    Correct Answer: BDE

    Explanation:

    Volumes that are candidates for deduplication must conform to the following requirements:

    • Must not be a system or boot volume.

    • Can be partitioned as a master boot record (MBR) or a GUID Partition Table (GPT), and must be formatted using the NTFS file system.

    • Can reside on shared storage, such as storage that uses a Fibre Channel or an SAS array, or when an iSCSI SAN and Windows Failover Clustering is fully supported.

    • Do not rely on Cluster Shared Volumes (CSVs). You can access data if a deduplication-

      enabled volume is converted to a CSV, but you cannot continue to process files for deduplication.

    • Do not rely on the Microsoft Resilient File System (ReFS).

    • Must be exposed to the operating system as non-removable drives. Remotely-mapped drives are not supported.

      Ref: http://technet.microsoft.com/en-us/library/hh831700.aspx

      Question No.59

      Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. You are creating a central access rule named TestFinance that will be used to audit members of the Authenticated Users group for access failure to shared folders in the finance department. You need to ensure that access requests are unaffected when the rule is published. What should you do?

      1. Add a User condition to the current permissions entry for the Authenticated Users principal.

      2. Set the Permissions to Use the following permissions as proposed permissions.

      3. Add a Resource condition to the current permissions entry for the Authenticated Users principal.

      4. Set the Permissions to Use following permissions as current permissions.

      Correct Answer: B

      Explanation:

      http://technet.microsoft.com/en-us/library/jj134043.aspx

      image

      Question No.60

      You create a new virtual disk in a storage pool by using the New Virtual Disk Wizard. You discover that the new virtual disk has a write-back cache of 1 GB. You need to ensure that the virtual disk has a write-back cache of 5 GB. What should you do?

      1. Detach the virtual disk, and then run the Resize-VirtualDisk cmdlet.

      2. Detach the virtual disk, and then run the Set-VirtualDisk cmdlet.

      3. Delete the virtual disk, and then run the New-StorageSubSystemVirtualDisk cmdlet.

      4. Delete the virtual disk, and then run the New-VirtualDisk cmdlet.

      Correct Answer: D

      Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 61-70

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.61

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. You configure File Services and DHCP as clustered resources for Cluster1. Server1 is the active node for both clustered resources. You need to ensure that if two consecutive heartbeat messages are missed between Server1 and Server2, Server2 will begin responding to DHCP requests. The solution must ensure that Server1 remains the active node for the File Services clustered resource for up to five missed heartbeat messages. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. the Scale-Out File Server

    Correct Answer: D

    Explanation:

    A. The number of heartbeats that can be missed before failover occurs is known as the heartbeat threshold

    http://technet.microsoft.com/en-us/library/dn265972.aspx http://technet.microsoft.com/en-us/library/dd197562(v=ws.10).aspx http://blogs.msdn.com/b/clustering/archive/2012/11/21/10370765.aspx

    Question No.62

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. You add two additional nodes to Cluster1. You need to ensure that Cluster1 stops running if three nodes fail. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. the Scale-Out File Server

    Correct Answer: C

    Explanation:

    C. The quorum configuration in a failover cluster determines the number of failures that the cluster can sustain.

    http://technet.microsoft.com/en-us/library/cc731739.aspx

    image

    Question No.63

    Information and details provided in a question App1y only to that question. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers are configured as nodes in an NLB cluster named Cluster1. Cluster1 hosts a secure web Application named WebApp1.

    WebApp1 saves user state information locally on each node. You need to ensure that when users connect to WebApp1, their session state is maintained. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. the Scale-Out File Server

    Correct Answer: B

    Explanation:

    http://technet.microsoft.com/en-us/library/bb687542.aspx

    image

    Question No.64

    Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. You add two additional nodes in Cluster1. You have a folder named Folder1 on Server1 that hosts Application data. Folder1 is a folder target in a Distributed File System (DFS) namespace. You need to provide highly available access to Folder1. The solution must support DFS Replication to Folder1. What should you configure?

    1. Affinity-None

    2. Affinity-Single

    3. The cluster quorum settings

    4. The failover settings

    5. A file server for general use

    6. The Handling priority

    7. The host priority

    8. Live migration

    9. The possible owner

    10. The preferred owner

    11. Quick migration

    12. The Scale-Out File Server

    Correct Answer: E

    Question No.65

    Your network contains an Active Directory domain named contoso.com. The domain contains three servers named Server1, Server2, and Server3 that run Windows Server 2012 R2. All three servers have the Hyper-V server role installed and the Failover Clustering feature installed.

    Server1 and Server2 are nodes in a failover cluster named Cluster1. Several highly available virtual machines run on Cluster1. Cluster1 has the Hyper-V Replica Broker role installed. The Hyper-V Replica Broker currently runs on Server1. Server3 currently has no virtual machines. You need to configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster1. Which two tools should you use? (Each correct answer presents part of the solution. Choose two.)

    1. The Hyper-V Manager console connected to Server3

    2. The Failover Cluster Manager console connected to Server3

    3. The Hyper-V Manager console connected to Server1.

    4. The Failover Cluster Manager console connected to Cluster1

    5. The Hyper-V Manager console connected to Server2

    Correct Answer: AD

    Explanation:

    http://technet.microsoft.com/en-us/library/jj134240.aspx

    image

    Question No.66

    Your network contains an Active Directory domain named contoso.com. The domain contains a file server named File1 that runs a Server Core Installation of Windows Server 2012 R2. File1 has a volume named D that contains home folders. File1 creates a shadow copy of volume D twice a day. You discover that volume D is almost full. You add a new volume named H to File1. You need to ensure that the shadow copies of volume D are stored on volume H. Which command should you run?

    1. The Set-Volume cmdlet with the -driveletter parameter

    2. The vssadmin.exe create shadow command

    3. The Set-Volume cmdlet with the -path parameter

    4. The vssadmin.exe add shadowstorage command

    Correct Answer: D

    Explanation:

    A.Sets or changes the file system label of an existing volume. -DriveLetter Specifies a letter used to identify a drive or volume in the system.

    B.Displays current volume shadow copy backups and all installed shadow copy writers and providers. Shadow Creates a new shadow copy of a specified volume.

    C.Sets or changes the file system label of an existing volume -Path Contains valid path information.

    D.Displays current volume shadow copy backups and all installed shadow copy writers and providers.

    AddShadowStroage Adds a shadow copy storage association for a specified volume.

    http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx

    Question No.67

    You have a server named Server1 that runs Windows Server 2012 R2. Server1 has a single volume that is encrypted by using BitLocker Drive Encryption (BitLocker). BitLocker is configured to save encryption keys to a Trusted Platform Module (TPM). Server1 is configured to perform a daily system image backup. The motherboard on Server1 is upgraded. After the upgrade, Windows Server 2012 R2 on Server1 fails to start. You need to start the operating system on Server1 as soon as possible. What should you do?

    1. Start Server1 from the installation media. Run startrec.exe.

    2. Move the disk to a server that has a model of the old motherboard. Start the server from the installation media. Run bcdboot.exe.

    3. Move the disk to a server that has a model of the old motherboard. Start the server. Run tpm.msc.

    4. Start Server1 from the installation media. Perform a system image recovery.

    Correct Answer: D

    Explanation:

    http://technet.microsoft.com/en-us/library/jj131725.aspx

    Question No.68

    Your network contains two servers that run Windows Server 2012 R2 named Server1 and Server2. Both servers have the File Server role service installed. On Server2, you create a share named Backups. From Windows Server Backup on Server1, you schedule a full backup to run every night. You set the backup destination to \\Server2 \Backups. After several weeks, you discover that \\Server2\Backups only contains the last backup that completed on Server1. You need to ensure that multiple backups of Server1 are maintained. What should you do?

    1. Modify the Volume Shadow Copy Service (VSS) settings.

    2. Modify the properties of the Windows Store Service (WSService) service.

    3. Change the backup destination.

    4. Configure the permission of the Backups share.

    Correct Answer: C

    Explanation:

    image

    Question No.69

    Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other. Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1. You need to verify whether the replica of VM5 on Server1 is functional. The solution must ensure that VM5 remains accessible to clients. What should you do from Hyper-V Manager?

    1. On Server1, execute a Planned Failover.

    2. On Server1, execute a Test Failover.

    3. On Server2, execute a Planned Failover.

    4. On Server2, execute a Test Failover.

    Correct Answer: B

    Explanation:

    image

    Question No.70

    HOTSPOT

    Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. The servers have the Hyper-V server role installed.

    A certification authority (CA) is available on the network.

    A virtual machine named vml.contoso.com is replicated from Server1 to Server2. A virtual machine named vm2.contoso.com is replicated from Server2 to Server1.

    You need to configure Hyper-V to encrypt the replication of the virtual machines. Which common name should you use for the certificates on each server?

    To answer, configure the appropriate common name for the certificate on each server in the answer area.

    image

    Correct Answer:

    image

    Get Full Version of 70-412 Dumps

    Categories
    70-412 Dumps

    70-412 Real Exam Dumps Questions and answers 1-10

    Get Full Version of the Exam
    http://www.EnsurePass.com/70-412.html

    Question No.1

    Your company recently deployed a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012 R2. You need to identify the time-to- live (TTL) value for domain referrals to the NETLOGON and SYSVOL shared folders. Which tool should you use?

    1. Ultrasound

    2. Replmon

    3. Dfsdiag

    4. Frsutil

    Correct Answer: C

    Explanation:

    http://blogs.technet.com/b/josebda/archive/2009/07/15/five-ways-to-check-your-dfs-namespaces- dfs-nconfiguration-with-the-dfsdiag-exe-tool.aspx

    image

    Question No.2

    HOTSPOT

    Your network contains an Active Directory forest named contoso.com that contains a single domain. The forest contains three sites named Site1, Site2, and Site3.

    Domain controllers run either Windows Server 2008 R2 or Windows Server 2012 R2. Each site contains two domain controllers. Site1 and Site2 contain a global catalog server.

    You need to create a new site link between Site1 and Site2. The solution must ensure that the site link supports the replication of all the naming contexts.

    From which node should you create the site link?

    To answer, select the appropriate node in the answer area.

    image

    Correct Answer:

    image

    Question No.3

    Your network contains two Active Directory forests named contoso.com and adatum.com. Contoso.com contains one domain. Adatum.com contains a child domain named child.adatum.com. Contoso.com has a one-way forest trust to adatum.com. Selective authentication is enabled on the forest trust. Several user accounts are migrated from child.adatum.com to adatum.com. Users report that after the migration, they fail to access resources in contoso.com. The users successfully accessed the resources in contoso.com before the accounts were migrated. You need to ensure that the migrated users can access the resources in contoso.com. What should you do?

    1. Replace the existing forest trust with an external trust.

    2. Run netdom and specify the /quarantine attribute.

    3. Disable SID filtering on the existing forest trust.

    4. Disable selective authentication on the existing forest trust.

    Correct Answer: C

    Explanation:

    1. Enables administrators to manage Active Directory domains and trust relationships from the command prompt, /quarantine Sets or clears the domain quarantine

    2. Need to gain access to the resources in contoso.com

    3. Selective authentication over a forest trust restricts access to only those users in a trusted forest who have been explicitly given authentication permissions to computer objects (resource computers) that reside in the trusting forest

    http://technet.microsoft.com/en-us/library/cc755321(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc758152(v=ws.10).aspx

    image

    Question No.4

    HOTSPOT

    Your network contains an Active Directory domain named contoso.com. The domain contains domain controllers that run either Windows Server 2003, Windows Server 2008 R2, or Windows Server 2012 R2.

    You plan to implement a new Active Directory forest. The new forest will be used for testing and will be isolated from the production network.

    In the test network, you deploy a server named Server1 that runs Windows Server 2012 R2. You need to configure Server1 as a new domain controller in a new forest named contoso.test. The solution must meet the following requirements:

    image

    image

    The functional level of the forest and of the domain must be the same as that of contoso.com. Server1 must provide name resolution services for contoso.test.

    What should you do?

    To answer, configure the appropriate options in the answer area.

    image

    Correct Answer:

    image

    Question No.5

    Your network contains an Active Directory forest named adatum.com. The forest contains a single domain. The domain contains four servers. The servers are configured as shown in the following table.

    image

    You need to update the schema to support a domain controller that will run Windows Server 2012 R2.

    On which server should you run adprep.exe?

    1. Server1

    2. DC3

    3. DC2

    4. DC1

    Correct Answer: B

    Explanation:

    You can use adprep.exe on domain controllers that run 64-bit versions of Windows Server 2008 or Windows Server 2008 R2 to upgrade to Windows Server 2012. You cannot upgrade domain controllers that run Windows Server 2003 or 32-bit versions of Windows Server 2008. To replace them, install domain controllers that run a later version of Windows Server in the domain, and then remove the domain controllers that Windows Server 2003.

    Ref:

    http://technet.microsoft.com/en-us/library/hh994618.aspx#BKMK_UpgradePaths http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx

    image

    Question No.6

    HOTSPOT

    Your network contains three Active Directory forests. The forests are configured as shown in the following table.

    image

    A two-way forest trust exists between contoso.com and division1.contoso.com. A two-way forest trust also exists between contoso.com and division2.contoso.com.

    You plan to create a one-way forest trust from division1.contoso.com to division2.contoso.com.

    You need to ensure that any cross-forest authentication requests are sent to the domain controllers in the appropriate forest after the trust is created.

    How should you configure the existing forest trust settings?

    In the table below, identify which configuration must be performed in each forest. Make only one selection in each column. Each correct selection is worth one point.

    image

    Correct Answer:

    image

    Question No.7

    Your network contains an Active Directory forest named contoso.com. The forest contains three domains. All domain controllers run Windows Server 2012 R2. The forest has a two-way realm trust to a Kerberos realm named adatum.com. You discover that users in adatum.com can only access resources in the root domain of contoso.com. You need to ensure that the adatum.com users can access the resources in all of the domains in the forest. What should you do in the forest?

    1. Delete the realm trust and create a forest trust.

    2. Delete the realm trust and create three external trusts.

    3. Modify the incoming realm trust.

    4. Modify the outgoing realm trust.

    Correct Answer: D

    Question No.8

    Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers.

    The domain controllers are configured as shown in the following table.

    image

    You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in the child1.contoso.com domain.

    Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

    1. Upgrade DC1 to Windows Server 2012 R2.

    2. Upgrade DC11 to Windows Server 2012 R2.

    3. Raise the domain functional level of child1.contoso.com.

    4. Raise the domain functional level of contoso.com.

    5. Raise the forest functional level of contoso.com.

    Correct Answer: BC

    Explanation:

    If you want to create access control based on claims and compound authentication, you need to deploy Dynamic Access Control. This requires that you upgrade to Kerberos clients and use the KDC, which support these new authorization types. With Windows Server 2012 R2, you do not have to wait until all the domain controllers and the domain functional level are upgraded to take advantage of new access control options.

    http://technet.microsoft.com/en-us/library/hh831747.aspx.

    Question No.9

    Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers.

    The domain controllers are configured as shown in the following table.

    image

    You configure a user named User1 as a delegated administrator of DC10.

    You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails.

    What should you do?

    1. Add User1 to the Domain Admins group.

    2. On DC10, modify the User Rights Assignment in Local Policies.

    3. Run repadmin and specify the /prp parameter.

    4. On DC10, run ntdsutil and configure the settings in the Roles context.

    Correct Answer: C

    Explanation:

    repadmin /prp will allow the password caching of the local administrator to the RODC.

    Question No.10

    Your company has offices in Montreal, New York, and Amsterdam. The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITE1INK site link. You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office. The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day. What should you do?

    1. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITE1INK. Modify the schedule of DEFAULTIPSITE1INK.

    2. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of DEFAU LTIPSITE1INK.

    3. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITE1INK. Modify the schedule of the new site link.

    4. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of the new site link.

    Correct Answer: C

    Explanation:

    Very Smartly reworded with same 3 offices. In the exam correct answer is quot;Create a new site link that contains Newyork to Montreal. Remove Montreal from DEFAULTIPSITE1INK.Modify the schedule of the new site linkquot;.

    http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

    Get Full Version of 70-412 Dumps