Official 2014 Latest Microsoft 70-410 Exam Dump Free Download(371-380)!

QUESTION 371
A company’s server deployment team needs to install fourteen Windows Server 2012 R2 to handle the expected increase in holiday traffic. The team would like the option of switching the servers between Server Core and Full GUI servers and do not want to be locked in to their first choice.
The server team would like four of the servers to include the Windows 8 Shell. Which installation option is required for these servers?

A.    Server Core
B.    Desktop Experience
C.    Server with a GUI
D.    Minimal Server Interface

Answer: B
Explanation:
The Desktop Experience installation option includes the Windows 8 Shell feature. This installation option also includes other features available for installation not found in the other three; such as Themes, Windows Store and support for Windows Store apps, and Windows Media Player.
Quick Tip: To completely remove a feature and the binary files from the disk, use the Windows PowerShell command Uninstall-WindowsFeature. For example, to remove Desktop Experience:
Uninstall-WindowsFeature Desktop-Experience -Remove
http://technet.microsoft.com/en-us/library/hh831786.aspx
http://mcpmag.com/articles/2013/01/22/70-410-win2012-install.aspx

QUESTION 372
A company’s network administrator needs to ensure a specific IP address is never assigned by a Windows Server 2012 R2 DHCP server to any device connecting to the network.
Which of the following should the administrator configure on the Windows Server 2012 R2 DHCP server?

A.    Reservation
B.    Scope options
C.    NAP
D.    Scope properties

Answer: A
Explanation:
Configuring an IP address as a reservation will restrict a DHCP server’s assignment of that address unless a specific MAC address makes a request for the address.
Exclusion is for not use the IP Address or range inside the Scope Pool, Filter is for not use theMAC Address or range.
Quick Tip: Policies can also be defined per scope or server. Policy based assignment (PBA) allows an administrator to group DHCP clients by specific attributes based on fields contained in the DHCP client request packet. This feature allows for targeted administration and greater control of configuration parameters delivered to network devices.
http://technet.microsoft.com/en-us/library/jj200226.aspx
http://mcpmag.com/articles/2013/02/12/70-410-dhcp.aspx
Another correct answer? Create a Exclusion Range? You decide… but that option is not at the options list at this question.
 clip_image002[24]

QUESTION 373
A company’s server virtualization team needs to provision a series of Hyper-V workloads to use existing network storage arrays. The team has chosen to use Fibre Channel ports within the guest operating systems.
Which of the following Windows Server versions can be used as guest operating systems when using Hyper-V Fibre Channel ports?

A.    2003 R2
B.    2008
C.    2003
D.    2012

Answer: BD
Explanation:
Windows Server 2008, 2008 R2, and 2012 R2 can be guest operating systems when using Hyper-V Fibre Channel host bus adaptors (HBAs). Updated HBA drivers are needed along with NPIV-enabled (N_Port ID Virtualization) SANs.
Quick Tip: Virtual Fibre Channel logical units cannot be used as boot media.
http://technet.microsoft.com/en-us/library/hh831413.aspx
http://mcpmag.com/articles/2013/02/05/70-410-win2012-fibre.aspx

QUESTION 374
A company’s server deployment team needs to introduce many new Windows Server 2012 R2 domain controllers throughout the network into a single Windows Server 2008 R2 domain. The team has chosen to use Windows PowerShell.
Which Windows PowerShell module includes the command-line options for installing domain controllers?

A.    AD DS Administration cmdlets
B.    AD DS Deployment cmdlets
C.    AD CS Deployment cmdlets
D.    AD DS Administration cmdlets

Answer: B
Explanation:
First use the Import-Module ADDSDeployment command in PowerShell–it includes the cmdlets needed to add new domain controllers. Then run Install-ADDSDomainController along with the required arguments.
Quick Tip: DCPromo.exe has been deprecated but can still be used along with an answer file, and ADPrep.exe runs automatically when needed (but can be run with elevated rights for more control).
http://technet.microsoft.com/en-us/library/hh994618.aspx
http://mcpmag.com/articles/2013/02/19/70-410-win2012-ad.aspx

QUESTION 375
A company’s server administration team would like to take advantage of the newest file systems available with Windows Server 2012 R2. The team needs a file system capable of managing extremely large data drives that can auto-detect data corruption and automatically perform needed repairs without taking a volume offline.
Which file system should the server administration team choose?

A.    NFS
B.    DFS
C.    NTFS
D.    ReFS

Answer: D
Explanation:
The ReFS (Resilient File System) is capable of managing extremely large data drives (1 YB Yottabyte), can auto-detect data corruption, and automatically perform needed repairs without taking the volume offline.
Quick Tip: The command fsutil fsinfo volumeinfo x: will display the volume file system. ReFS is only intended for data drives and not compatible with all Windows Server 2012 R2 file system technologies, however it is compatible with the new Storage Spaces.
http://technet.microsoft.com/en-us/library/hh831724.aspx
http://mcpmag.com/articles/2013/01/29/70-410-win2012-file.aspx

QUESTION 376
A company’s server security team needs a solution that will prevent users from installing and using unauthorized applications on their Windows 8 desktop computers. Which technology should the team choose?

A.    Starter GPOs
B.    Group Policy Objects
C.    Software Restriction Policies
D.    AppLocker

Answer: D
Explanation:
AppLocker (Application Locker) can help prevent malicious (malware) and unsupported applications from affecting computers. These include executable files, scripts, Windows Installer files, DLLs, Packaged apps and Packaged app installers.
Quick Tip: AppLocker is also supported by Windows Server 2008 R2 and Windows 7.
http://technet.microsoft.com/en-us/library/hh831440.aspx
http://mcpmag.com/articles/2013/02/26/controlling-applications.aspx ExamRef

QUESTION 376
You are attempting to delete a global security group in the Active Directory Users and Computers console, and the console will not let you complete the task. Which of the following could possibly be causes for the failure? (Choose all answers that are correct.)

A.    There are still members in the group.
B.    One of the group’s members has the group set as its primary group.
C.    You do not have the proper permissions for the container in which the group is located.
D.    You cannot delete global groups from the Active Directory Users and Computers console.

Answer: BC
Explanation:
A. Incorrect: It is possible to delete a group that has members.
B. Correct: If any member sets the group as its primary group, then the system does not permit the group to be deleted.
C. Correct: You must have the appropriate Active Directory permissions for the container in which the group is located to delete it.
D. Incorrect: It is possible to delete groups using the Active Directory Users and Groups console.

QUESTION 377
In a domain running at the Windows Server 2012 R2 domain functional level, which of the following security principals can members of a global group? (Choose all answers that are correct.)

A.    Users
B.    Computers
C.    Universal groups
D.    Global groups

Answer: ABD
Explanation:
A. Correct: Users can be security principals in a global group.
B. Correct: Computers can be security principals in a global group.
C. Incorrect: Universal groups cannot be security principals in a global group.
D. Correct: Global group can be security principals in a global group.

QUESTION 378
Which of the following group scope modifications are never permitted? (Choose all answers that are correct.)

A.    Global to universal
B.    Global to domain local
C.    Universal to global
D.    Domain local to universal

Answer: B
Explanation:
A. Incorrect: Global to universal group conversions are sometimes permitted.
B. Correct: Global to domain local group conversions are never permitted.
C. Incorrect: Universal to global group conversions are sometimes permitted.
D. Incorrect: Domain local to universal group conversions are sometimes permitted.

QUESTION 379
Which of the following is not a correct reason for creating an OU?

A.    To create a permanent container that cannot be moved or renamed
B.    To duplicate the divisions in your organization
C.    To delegate administration tasks
D.    To assign different Group Policy settings to a specific group of users or computers

Answer: A
Explanation:
A. Correct: The reasons for creating an OU include duplicating organizational divisions, assigning Group Policy settings, and delegating administration. You can easily move or rename an OU at will.
B. Incorrect: Duplicating organizational divisions is a viable reason for creating an OU.
C. Incorrect: Delegating administration tasks is a viable reason for creating an OU.
D. Incorrect: Assigning Group Policy settings is a viable reason for creating an OU.

QUESTION 380
Which of the following groups do you use to consolidate groups and accounts that either span multiple domains or the entire forest?

A.    Global
B.    Domain local
C.    Built-in
D.    Universal

Answer: D
Explanation:
A. Incorrect: Global groups cannot contain users from other domains.
B. Incorrect: Domain local groups cannot have permissions for resources in other domains.
C. Incorrect: Built-in groups have no inherent cross-domain qualities.
D. Correct: Universal groups, like global groups, are used to organize users according to their resource access needs. You can use them to organize users to facilitate access to any resource located in any domain in the forest through the use of domain local groups. Universal groups are used to consolidate groups and accounts that either span multiple domains or the entire forest.

Official 2014 Latest Microsoft 70-410 Exam Dump Free Download(361-370)!

QUESTION 361
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing Group Policy preference.
Which of the following is TRUE with regards to Group Policy preference?

A.    It supports applications and operating system features that are not compatible with Group Policy
B.    It does not support item-level targeting.
C.    It is the same as Group Policy filtering.
D.    It does not cause the application or operating system feature to disable the user interface for the settings
they configure.

Answer: AD

QUESTION 362
You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers in the ABC.com domain, including domain controllers, have Windows Server 2012 R2 installed.
ABC.com has a domain controller, named ABC-DC01, which contains the ABC.com domain’s primary DNS zone. ABC.com’s workstations refer to ABC-DC01 as their primary DNS server.
You have been instructed to make sure that any DNS requests that are not for the ABC.com domain, is resolved by ABC-DC01 querying the DNS server of ABC.com’s Internet Service Provider (ISP).
Which of the following actions should you take?

A.    You should consider configuring a reverse lookup zone.
B.    You should consider configuring forward lookup zone.
C.    You should consider configuring Forwarders.
D.    You should consider configuring 019 IP Layer Forwarding.

Answer: C
Explanation:
A forwarder is a Domain Name System (DNS) server on a network that forwards DNS queries for external DNS names to DNS servers outside that network. You can also forward queries according to specific domain names using conditional forwarders.
You designate a DNS server on a network as a forwarder by configuring the other DNS servers in the network to forward the queries that they cannot resolve locally to that DNS server. By using a forwarder, you can manage name resolution for names outside your network, such as names on the Internet, and improve the efficiency of name resolution for the computers in your network.
http://technet.microsoft.com/en-us/library/cc754931.aspx
http://technet.microsoft.com/en-us/library/cc730756.aspx

QUESTION 363
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
L2P.com has a server, named L2P-SR13, which is configured as the primary DNS server in the L2P.com domain. L2P.com has another server, named L2P-SR14, which makes use of L2PSR13 for DNS queries.
You want to make sure that running nslookup.exe from L2P-SR14 produces a result that shows the proper name of the default server.
Which of the following actions should you take?

A.    You should consider creating a reverse lookup zone on L2P-SR14.
B.    You should consider creating a forward lookup zone on L2P-SR14.
C.    You should consider creating a reverse lookup zone on L2P-SR13.
D.    You should consider creating a forward lookup zone on L2P-SR13.

Answer: C
Explanation:
When you start Nslookup from a command line, the following error message may be displayed: DNS request timed out
timeout was x seconds
Can’t find server name for address xxx.xxx.xxx.xxx: Timed out
Default servers are not available
Default Server: UnKnown
Address: xxx.xxx.xxx.xxx
where xxx.xxx.xxx.xxx is the Internet Protocol (IP) address of the host on which you are attempting to start Nslookup.
CAUSE When Nslookup starts, it attempts to resolve the IP address of its host’s DNS server to its fully qualified domain name (FQDN). If the DNS server does not respond or if the DNS server’s reverse lookup zones do not contain a PTR record for the DNS server’s IP address, the error message is displayed.
http://support.microsoft.com/kb/242906/en-us

QUESTION 364
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
L2P.com has a server, named L2P-SR07, which has the ADDS, DHCP, and DNS server roles installed. L2P.com also has a server, named L2P-SR08, which has the DHCP, and Remote Access server roles installed. You have configured a server, which has the File and Storage Services server role installed, to automatically acquire an IP address. The server is named L2PSR09.
You then create reservation on L2P-SR07, and a filter on L2P-SR08.
Which of the following is a reason for this configuration?

A.    It allows L2P-SR09 to acquire a constant IP address from L2P-SR08 only.
B.    It configures L2P-SR09 with a static IP address.
C.    It allows L2P-SR09 to acquire a constant IP address from L2P-SR07 and L2PSR08.
D.    It allows L2P-SR09 to acquire a constant IP address from L2P-SR07 only.

Answer: D
Explanation:
To configure the Deny filter
In the DHCP console tree of DHCP Server 1, under IPv4, click Filters, right-click Deny under Filters, and then click New Filter. In the New Deny Filter dialog box, in MAC Address, enter a six hexadecimal number representing the MAC or physical address of DHCP Client 2, click Add, and then click Close. Under Filters right-click the Deny node, and then click the Enable pop-up menu item.
http://technet.microsoft.com/en-us/library/ee405265%28WS.10%29.aspx

QUESTION 365
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com.
L2P.com has a server, named L2P-SR15, which has Windows Server 2012 R2 installed. L2P.com also has a server, named L2P-SR16, which has Windows Server 2008 R2 SP1 installed.
You have been instructed to make sure that L2P-SR16 is able to run Windows PowerShell 3.0.
Which of the following actions should you take? (Choose two.)

A.    You should consider making sure that L2P-SR16 has a full installation of Microsoft .NET Framework 4
installed.
B.    You should consider making sure that L2P-SR16 has a full installation of Microsoft .NET Framework 2
installed.
C.    You should consider making sure that L2P-SR16 has WS-Management 3.0 installed.
D.    You should consider making sure that L2P-SR16 is upgraded to Windows Server 2012 R2.

Answer: AC
Explanation:
WS-Management 3.0 – Windows Management Framework 3.0 Includes Windows PowerShell 3.0, WMI, WinRM, Management OData IIS Extension, and Server Manager CIM Provider
Windows Management Framework 3.0 requires Microsoft .NET Framework 4.0.
http://www.microsoft.com/en-us/download/details.aspx?id=34595

QUESTION 366
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
L2P.com has a server, named L2P-SR13. L2P-SR13 hosts a shared folder, named L2PShare, which has been shared as L2PShare$.
Which of the following is TRUE with regards to sharing the folder in this manner?

A.    It allows all users to view L2PShare when browsing the network.
B.    It prevents users from viewing L2PShare when browsing the network.
C.    It only allows L2P-SR13’s users to view L2PShare.
D.    It removes the permissions configured for L2PShare.

Answer: B
Explanation:
A hidden share is identified by a dollar sign ($) at the end of the share nameHidden shares are not listed when you look through the shares on a computer or use the “net view” command
Why Use Hidden Shares?
Using hidden shares on your network is useful if you do not want a shared folder or drive on the network to be easily accessible. Hidden shares can add another layer of protection for shared files against unauthorized people connecting to your network. Using hidden shares helps eliminate the chance for people to guess your password (or be logged into an authorized Windows account) and then receive access to the shared resource.
 clip_image001[30]
http://support.microsoft.com/kb/314984
http://technet.microsoft.com/en-us/library/cc784710(v=ws.10).aspx

QUESTION 367
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing printer pooling.
Which of the following is TRUE with regards to printer pooling? (Choose all that apply.)

A.    Printers in a pool must be of the same model, and use the same printer driver.
B.    Each printer in the pool must have a different printer driver.
C.    Printer ports used in the pool must be of the same type.
D.    The types of printer ports used in the pool must be mixed.
E.    Pooled printers appear to workstations as a single printer.
F.    A minimum of three printers are required to configure a printer pool.

Answer: AE
Explanation:
You can create a printing pool to automatically distribute print jobs to the next available printer. A printing pool is one logical printer connected to multiple printers through multiple ports of the print server. The printer that is idle receives the next document sent to the logical printer. This is useful in a network with a high volume of printing because it decreases the time users wait for their documents. A printing pool also simplifies administration because multiple printers can be managed from the samelogical printer on a server.
http://technet.microsoft.com/en-us/library/cc757086%28v=ws.10%29.aspx

QUESTION 368
You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers in the ABC.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You have installed the DNS Server Role on a ABC.com server, named ABC-SR13. ABC.com’s workstations make use of a web proxy to access the Internet, and refer to ABC-SR13 as a primary DNS server.
You have been instructed to make sure that Internet host names for ABC.com’s workstations are not resolved by ABC-SR13.
Which of the following actions should you take?

A.    You should consider configuring a primary zone on L2P-SR13.
B.    You should consider configuring a secondary zone on L2P-SR13.
C.    You should consider configuring a reverse lookup zone on L2P-SR13.
D.    You should consider configuring a forward lookup zone on L2P-SR13.

Answer: A
Explanation:
Open DNS Server Manager | Expand DNS Server | Expand Forward Lookup Zones | Right Click on Forward Lookup Zones and select New Zone | Primary Zone | Zone Name: “.” (only dot, without quotation marks) When you create such a zone, you are configuring the DNS server to be the ultimate authority for the DNS namespace. The DNS server will no longer attempt to forward any DNS requests that it is not authoritative for.
When you install DNS on a Windows server that does not have a connection to the Internet, the zone for the domain is created and a root zone, also known as a dot zone, is also created. This root zone may prevent access to the Internet for DNS and for clients of the DNS. If there is a root zone, there are no other zones other than those that are listed with DNS, and you cannot configure forwarders or roothint servers.
Root domain This is the top of the tree, representing an unnamed level; it is sometimes shown as two empty quotation marks (“”), indicating a null value. When used in a DNS domain name, it is stated by a trailing period (.) to designate that the name is located at the root or highest level of the domain hierarchy. In this instance, the DNS domain name is considered to be complete and points to an exact location in the tree of names. Names stated this way are called fully qualified domain names (FQDNs).
 clip_image001[32]
http://technet.microsoft.com/en-us/library/cc772774%28v=ws.10%29.aspx http://youtu.be/KjMDtlR6Mhk http://support.microsoft.com/kb/298148/en-us
http://www.wincert.net/tips/windows-server/2510-how-to-remove-root-hints-in-windows-server-2008-r2- dns-server http://support.microsoft.com/kb/298148/en-us

QUESTION 369
You run a Windows Server 2012 R2, what is the PowerShell command to set preferred dns server. Note: Other config such as ip address should not be changed.

A.    Register-DnsClient
B.    Set-DnsClient
C.    Set-DnsPreferredClientServerAddress
D.    Set-DnsClientServerAddress

Answer: D
Explanation:
Set-DnsClientServerAddress – Sets DNS server addresses associated with the TCP/IP properties on an interface.
Set-DnsClientServerAddress -InterfaceIndex 12 -ServerAddresses (“10.0.0.1”)
 clip_image001[34]
There is a fair bit of confusion around the purpose of the Alternate DNS Server. This Post should hopefully put these questions to bed.
The general assumption is that, the Windows DNS Client on all counts, will send a DNS query to the Preferred DNS first. If this query fails, then it will query the Alternate DNS Server, and so on and so forth.
The above statement is true, however there is a twist.
The Windows DNS Client will reset the DNS Server Priority at periodic intervals. By default, the server priorities are reset every 15 minutes.
Let’s look at an example:
I have a DNS Client configured as follows:
Preferred DNS: 192.168.0.1
Alternate DNS: 10.10.0.1
The DNS Client will start by sending queries to 192.168.0.1. After 15 minutes it will switch priority to 10.10.0.1. Thus all queries will first be sent to 10.10.0.1 for a period of 15 minutes before switching back to 192.168.0.1
There is another condition that triggers a Priority Switch.
If say the Preferred DNS timed out on a DNS query, the DNS Client will send that DNS Query to the Alternate DNS.
If the Alternate DNS resolves the Query, the Priority will now switch to the Alternate DNS, until either it times out on a Query or the Priority Time Limit expires.
It is a common practice to configure the Preferred DNS Server with the IP of a Local Site DNS Server and the Alternate DNS Server with that of a Remote Site. The problem arises when Firewall/Network folk raise complaints that Clients are sending DNS Traffic to Remote DNS Servers. Well, that is because they have been configured to do so.
http://blogs.technet.com/b/ajayr/archive/2011/12/14/who-does-dns-client-prefer-preferred-or-alternate.aspx
http://technet.microsoft.com/en-us/library/cc738344%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/jj590768.aspx

QUESTION 370
Command to set configure network interface primary dns server. Note: Other config such as ip address should not be changed.
 clip_image001[36]

A.    set-ipaddress
B.    netsh
C.    ipconfig
D.    winipconfig

Answer: B
Explanation:
netsh interface ipv4 set dns name=”Local Area Connection” source=static address
=192.168.100.49 primary
http://exchangeserverpro.com/how-to-add-multiple-dns-servers-to-windows-server-2008-core/

Passing Microsoft 70-410 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-410 Dump:

http://www.braindump2go.com/70-410.html

Official 2014 Latest Microsoft 70-410 Exam Dump Free Download(351-360)!

QUESTION 351
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You have just executed the Uninstall-WindowsFeature Server-Gui-Shell L2P.com server, named L2P-SR13.
Which of the following is the reason for doing this?

A.    To only remove Windows Explorer from L2P-SR13.
B.    To only remove the Windows Internet Explorer from L2P-SR13.
C.    To only remove the components and files related to Windows Explorer from L2PSR13.
D.    To remove Windows Explorer, Windows Internet Explorer, and all associated components and files from
L2P-SR13.

Answer: D
Explanation:
Minimal Server Interface
If the server has a full installation of Windows Server, and I need to bring the server down to minimal server interface, I only need to remove the Server-GUI-Shell. The command is shown here.
Get-WindowsFeature Server-Gui-Shell | Uninstall-WindowsFeature – restart
Minimal Server Interface is situated between the Server Core and Server with a GUI modes, you can either install features on Server Core or remove features from Server with a GUI to reach the Minimal Server Interface installation state
http://blogs.technet.com/b/heyscriptingguy/archive/2013/01/25/use-powershell-to-remove-the-gui-on- windows-server-2012.aspx
http://blogs.technet.com/b/server_core/archive/2012/05/09/configuring-the-minimal-server-interface.aspx

QUESTION 352
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You have been instructed to add a new domain controller to L2P.com’s existing environment.
Which of the following actions should you take?

A.    You should consider making use of Server Manager.
B.    You should consider making use of Authorization Manager.
C.    You should consider making use of Remote Desktop Gateway Manager.
D.    You should consider making use of Network Load Balancing Manager.

Answer: A
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/12370.step-by-step-guide-for-setting-up-windows- server-2012-domain-controller.aspx

QUESTION 3513
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 installed.
You have been instructed to modify an Active Directory computer object.
Which of the following actions should you take?

A.    You should consider making use of the Get-ADComputer Windows PowerShell cmdlet.
B.    You should consider making use of the Set-ADComputer Windows PowerShell cmdlet
C.    You should consider making use of the New-ADComputer Windows PowerShell cmdlet
D.    You should consider making use of the Get-ADComputerServiceAccount Windows PowerShell cmdlet

Answer: B
Explanation:
Set-ADComputer – Modifies an Active Directory computer object.
http://technet.microsoft.com/en-us/library/ee617263.aspx

QUESTION 354
You work as an administrator at L2P.com. The L2P.com network consists of an Active Directory forest that contains a root domain, named L2P.com, and two child domains, named us.L2P.com and uk.L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
The root domain hosts a domain local distribution group, named L2PGroup. You are preparing to issue L2PGroup read-only access to a shared folder hosted by the us.L2P.com domain.
You want to make sure that L2PGroup is able to access the shared folder in the us.L2P.com domain.
Which of the following actions should you take?

A.    You should consider re-configuring L2PGroup as a universal Admins group.
B.    You should consider re-configuring L2PGroup as a universal security group.
C.    You should consider re-configuring L2PGroup as a global administrators group.
D.    You should consider re-configuring L2PGroup as a local administrators group.

Answer: B
Explanation:
Group scope Universal can be assigned permissions in any domain or forest.
 clip_image001[28]
http://technet.microsoft.com/en-us/library/cc781446(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc755692(v=ws.10).aspx

QUESTION 355
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com.
L2P.com has a domain controller, named L2P-DC01, which has Windows Server 2012 R2 installed. Another L2P.com domain controller, named L2P-DC02, has Windows Server 2008 R2 installed.
You have deployed a server, named L2P-SR15, on L2P.com’s perimeter network. L2PSR15 is running a Server Core Installation of Windows Server 2012 R2.
You have been instructed to make sure that L2P-SR15 is part of the L2P.com domain.
Which of the following actions should you take?

A.    You should consider making use of Set-Computer Windows PowerShell cmdlet on L2P-SR15.
B.    You should consider making use of Get-Computer Windows PowerShell cmdlet on L2P-SR15.
C.    You should consider making use of Test-Computer Windows PowerShell cmdlet on L2P-SR15.
D.    You should consider making use of Add-Computer Windows PowerShell cmdlet on L2P-SR15.

Answer: D
Explanation:
Add-Computer – Add the local computer to a domain or workgroup.
http://technet.microsoft.com/en-us/library/hh849798.aspx

QUESTION 356
You work as an administrator at L2P.com. The L2P.com network consists of two Active Directory forests, named L2P.com and test.com. There is no trust relationship configured between the forests.
A backup of Group Policy object (GPO) from the test.com domain is stored on a domain controller in the L2P.com domain. You are informed that a GPO must be created in the L2P.com domain, and must be based on the settings of the GPO in the test.com domain.
You start by creating the new GPO using the New-GPO Windows PowerShell cmdlet. You want to complete the task via a Windows PowerShell cmdlet.
Which of the following actions should you take?

A.    You should consider making use of the Invoke-GPUpdate Windows PowerShell cmdlet.
B.    You should consider making use of the Copy-GPO Windows PowerShell cmdlet.
C.    You should consider making use of the New-GPLink Windows PowerShell cmdlet.
D.    You should consider making use of the Import-GPO Windows PowerShell cmdlet.

Answer: D
Explanation:
Import-GPO -Imports the Group Policy settings from a backed-up GPO into a specified GPO.
http://technet.microsoft.com/en-us/library/ee461044.aspx

QUESTION 357
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 R2 installed.
L2P.com has a server, named L2P-SR15, which is configured as a file server. You have received instructions to make sure that a user, named Mia Hamm, has the ability to generate a complete backup of L2P-SR15 via Windows Server Backup.
Which of the following actions should you take?

A.    You should consider making use of Computer Management to configure the local groups.
B.    You should consider making use of Computer Management to configure the domain local groups.
C.    You should consider making use of Computer Management to configure the global groups.
D.    You should consider making use of Computer Management to configure the administrator groups.

Answer: A
Explanation:
To perform backups or recoveries by using Windows Server Backup, you must be a member of the Administrators or Backup Operators groups.
http://technet.microsoft.com/en-us/library/ee849849%28v=ws.10%29.aspx
Notes
You can only use Backup locally; you cannot backup a remote computer.
You can only back up and restore System State data on a local computer. You cannot back up and restore System State data on a remote computer even if you are an administrator on the remote computer.
http://technet.microsoft.com/en-us/library/cc776822%28v=ws.10%29.aspx

QUESTION 358
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing the Windows Firewall with Advanced Security feature.
Which of the following is TRUE with regards to Windows Firewall with Advanced Security? (Choose all that apply.)

A.    It provides host-based, two-way network traffic filtering for a computer.
B.    It provides host-based, one-way network traffic filtering for a computer.
C.    It blocks unauthorized network traffic flowing into or out of the local computer.
D.    It only blocks unauthorized network traffic flowing into the local computer.
E.    It only blocks unauthorized network traffic flowing out of the local computer.

Answer: AC
Explanation:
Windows Firewall with Advanced Security is an important part of a layered security model.
By providing host-based, two-way network traffic filtering for a computer, Windows Firewall with Advanced Security blocks unauthorized network traffic flowing into or out of the local computer. Windows Firewall with Advanced Security also works with Network Awareness so that it can apply security settings appropriate to the types of networks to which the computer is connected. Windows Firewall and Internet Protocol Security (IPsec) configuration settings are integrated into a single Microsoft Management Console (MMC) named portant part of your network’s
Windows Firewall with Advanced Security, so Windows Firewall is also an im isolation strategy.
http://technet.microsoft.com/en-us/library/hh831365.aspx

QUESTION 359
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing connection security rules.
Which of the following is TRUE with regards to connection security rules? (Choose all that apply.)

A.    Connection security rules allows for traffic to be secured via IPsec.
B.    Connection security rules do not allow the traffic through the firewall.
C.    Connection security rules are applied to programs or services.
D.    Connection security rules are applied between two computers.

Answer: ABD
Explanation:
Connection security involves the authentication of two computers before they begin communications and the securing of information sent between two computers. Windows Firewall with Advanced Security uses Internet Protocol security (IPsec) to achieve connection security by using key exchange, authentication, data integrity, and, optionally, data encryption.
How firewall rules and connection security rules are related
Firewall rules allow traffic through the firewall, but do not secure that traffic. To secure traffic with IPsec, you can create Computer Connection Security rules. However, the creation of a connection securityrule does not allow the traffic through the firewall. You must create a firewall rule to do this, if the traffic is not allowed by the default behavior of the firewall. Connection security rules are not applied toprograms or services; they are applied between the computers that make up the two endpoints.
http://technet.microsoft.com/en-us/library/cc772017.aspx
http://technet.microsoft.com/en-us/library/cc772017%28v=ws.10%29.aspx

QUESTION 360
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You have been instructed to make sure that L2P.com users are not able to install a Windows Store application. You then create a rule for packaged apps.
Which of the following is the rule based on? (Choose all that apply.)

A.    The publisher of the package.
B.    The publisher of the application.
C.    The name of the package
D.    The name of the application
E.    The package version.
F.    The application version.

Answer: ACE
Explanation:
Packaged apps (also known as Windows 8 apps) are new to Windows Server 2012 R2 and Windows 8.
They are based on the new app model that ensures that all the files within an app package share the same identity. Therefore, it is possible to control the entire application using a single AppLocker rule as opposed to the non-packaged apps where each file within the app could have a unique identity. Windows does not support unsigned packaged apps which implies all packaged apps must be signed.
AppLocker supports only publisher rules for Packaged apps.
A publisher rule for a Packaged app is based on the following information:
Publisher of the package
Package name
Package version
All the files within a package as well as the package installer share these attributes. Therefore, an AppLocker rule for a Packaged app controls both the installation as well as the running of the app. Otherwise, the publisher rules for Packaged apps are no different than the rest of the rule collections; they support exceptions, can be increased or decreased in scope, and can be assigned to users and groups.
http://technet.microsoft.com/en-us/library/hh994588.aspx

Passing Microsoft 70-410 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-410 Dump:

http://www.braindump2go.com/70-410.html

Official 2014 Latest Microsoft 70-410 Exam Dump Free Download(341-350)!

QUESTION 341
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain have Windows Server 2012 R2 installed, while domain controllers have Windows Server 2008 R2 installed.
You are then tasked with deploying a new Windows Server 2012 R2 domain controller. You are preparing to install the DNS Server role, and enable the global catalog server option.
Which of the following actions should you take?

A.    You should consider making use of Server Manager.
B.    You should consider making use of the Active Directory Installation Wizard.
C.    You should consider making use of the DHCP Installation Wizard
D.    You should consider making use of TS Manager

Answer: A
Explanation:
 clip_image001[20]

 clip_image001[22]
 clip_image001[24]
http://kpytko.pl/2012/09/07/adding-first-windows-server-2012-domain-controller-within-windows- 200320082008r2-network/
http://www.msserverpro.com/migrating-active-directory-domain-controller-from-windows-server-2008-r2-to- windows-server-2012/

QUESTION 342
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. all servers in the L2P.com domain has Windows Server 2012 R2 nstalled.
You have logged on to a server, named L2P-SR07, and would like to obtain the IP configurations of a server, named L2P-SR13.
Which of the following actions should you take?

A.    You should consider making use of the Winrs.exe command.
B.    You should consider making use of the Winsat.exe command.
C.    You should consider making use of the Winpop.exe command.
D.    You should consider making use of the Dsrm.exe command.

Answer: A
Explanation:
Windows Remote Management allows you to manage and execute programs remotely.
You can use WinRS to administer a Server Core installation remotely from the command line. WinRS is a command-line tool included in both Windows Vista and the Full installation of Windows Server 2008, which relies on Windows Remote Management (WinRM) to execute remote commands, especially for headless servers. WinRM is Microsoft’s implementation of the WS-Management protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that enables hardware and operating systems from different vendors to interoperate. You can think of WinRM as the server side and WinRS the client side of WS-Management.
winrs -r:<some computer> ipconfig /all
 clip_image002[14]
http://technet.microsoft.com/en-us/library/dd163506.aspx

QUESTION 343
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed. You have been instructed to make sure that a server, named L2P-SR07, is configured to be managed remotely from L2P-SR01 using Server Manager.
Which of the following is not a valid option to take? (Choose all that apply.)

A.    You could access the server manager on L2P-SR01.
B.    You could access the server manager on L2P-SR13.
C.    You could run the %windir%\system32\Configure-SMRemoting.exe from n elevated command prompt
on L2P-SR13.
D.    You could run the Configure-SMRemoting.exe – enable cmdlet on L2P-SR01.

Answer: BC
Explanation:
To enable Server Manager remote management by using Windows PowerShell
 clip_image002[16]
On the computer that you want to manage remotely, do one of the following to open a Windows PowerShell session with elevated user rights.
Configure-SMRemoting.exe -enable
http://technet.microsoft.com/en-us/library/hh921475.aspx
http://technet.microsoft.com/en-us//library/dd759202.aspx

QUESTION 344
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2008 R2 installed.
Most of the L2P.com servers have 64 – bit CPU’s installed, while the rest have 32 – bit CPU’s
installed. You are informed that L2P.com wants to deploy Windows Server 2012 R2 on all their servers.
You need to make recommendations to ensure that this is possible.
Which of the following would you recommend?

A.    You should inform L2P.com that the deployment can proceed without any changes.
B.    You should inform L2P.com that the servers with 32 bit CPU’s must be upgraded to include 64 bit
CPU’s for the deployment to proceed.
C.    You should inform L2P.com that the servers with 64 bit CPU’s must be upgraded to include 32 bit
CPU’s for the deployment to proceed.
D.    You should inform L2P.com that the deployment is not in any way possible.

Answer: B
Explanation:
Windows Server 2012 is a 64-bit only operating system.
Minimum: 1.4 GHz 64-bit processor
http://technet.microsoft.com/en-us/library/jj134246.aspx

QUESTION 345
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 installed.
L2P.com has its headquarters in London, and several widespread satellite offices. When L2P.com releases a new written policy stating that the graphical user interface (GUI) should not be installed on any servers deployed to L2P.com’s satellite offices.
It is reported that a server in one of the satellite offices are not compliant with the new written policy. You are required to remedy the situation, while using the least amount of user interaction.
Which of the following actions should you take?

A.    You should consider uninstalling the User Interfaces and Infrastructure feature using a PowerShell cmdlet.
B.    You should consider uninstalling the User Interfaces and Infrastructure feature via TS Manager.
C.    You should consider uninstalling the User Interfaces and Infrastructure feature via Server Manager.
D.    You should consider uninstalling the User Interfaces and Infrastructure feature using the Dsrm.exe command
from the command prompt.

Answer: C
Explanation:
One of the great things about Windows PowerShell on Windows Server 2012 is all the great cmdlets and functions. But these did not spring into being from nothingness
http://blogs.technet.com/b/heyscriptingguy/archive/2013/01/25/use-powershell-to-remove-the-gui-on- windows-server-2012.aspx

QUESTION 346
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 installed.
L2P.com has a server, named L2P-SR07, which has four network adapters. L2P.com has two SR07’s network adapters are connected to the one LAN,
local area networks (LANs). Two of L2P-
while the other two are connected to the other LAN.
You are required to configure one of the network adapter pairs into a network adapter team.
Which of the following actions should you take?

A.    You should consider accessing the Group Policy Management Console (GPMC) on L2P-SR07.
B.    You should consider accessing the TS Manager console on L2P-SR07.
C.    You should consider accessing the Server Manager console on L2P-SR07.
D.    You should consider accessing the Remote Desktop Gateway Manager console on L2P-SR07.

Answer: C
Explanation:
NIC teaming, also known as Load Balancing/Failover (LBFO), allows multiple network adapters tobe placed into a team for the purposes of bandwidth aggregation, and/or traffic failover to maintain connectivity in the event of a network component failure.
 clip_image002[18]
#####
 clip_image002[20]
 clip_image002[22]

http://www.microsoft.com/en-us/download/details.aspx?id=30160

QUESTION 347
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 installed.
A server named, L2P-SR13, has a Server Core Installation of Windows Server 2012 installed.
SR13’s installation to a Server with GUI installation.
You are instructed to convert L2P-
You want to use a Windows PowerShell cmdlet that uses Windows Update as a source.
Which of the following actions should you take?

A.    You should consider making use of the Install-WindowsFeature Server-Gui-Mgmt-Infra,
Server-Gui-Shell -Restart cmdlet.
B.    You should consider making use of the Install-WindowsFeature Server-Gui-Mgmt-Infra,
Server-Gui-Shell -Restart -Source c:\mountdir\windows\winsxs cmdlet.
C.    You should consider making use of the Uninstall-WindowsFeature Server-Gui-Shell–Remove cmdlet.
D.    You should consider making use of the Set-ExecutionPolicy cmdlet.

Answer: A
Explanation:
The Full GUI Server Interface provides you with the full GUI of Windows Server 2012 R2.
PowerShell Command: Install-WindowsFeature Server-Gui-Mgmt-Infra, Server-Gui-Shell
When its done, we will need to restart our server by using the Shutdown command:
shutdown -r -t 0
http://blogs.technet.com/b/bruce_adamczak/archive/2013/02/06/windows-2012-core-survival-guide- changing-the-gui-type.aspx
http://www.howtogeek.com/111967/how-to-turn-the-gui-off-and-on-in-windows-server-2012/

QUESTION 348
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 installed.
You are running a training exercise for junior administrators. You are currently discussing Storage Spaces.
Which of the following is TRUE with regards to Storage Spaces?

A.    Mirroring and parity are optional resilient storage modes of Storage Spaces.
B.    Failover clustering is not supported by Storage Spaces.
C.    Storage spaces are virtual disks with associated attributes such as a preferred level of resiliency,
and thin or fixed provisioning.
D.    Storage spaces are a collection of physical disks with associated attributes such as a preferred
level of resiliency, and thin or fixed provisioning.

Answer: AC
Explanation:
Storage Spaces lets you group drives together in a storage pool. Then you can use pool capacity to create storage spaces.
Storage spaces are virtual drives that appear in File Explorer. You can use them like any other drive, so it’s easy to work with files on them.
You can create large storage spaces and add more drives to them when you run low on pool capacity.
If you have two or more drives in the storage pool, you can create storage spaces that won’t be –or even the failure of two drives, if you create a three-way mirror storage space.
affected by a drive failure
Storage Spaces includes the following features:
1. Storage pools. Storage pools are the fundamental building blocks for Storage Spaces.
Administrators are already familiar with this concept, so they will not have to learn a new model. They can flexibly create storage pools based on the needs of the deployment. For example, given a set of physical disks, an administrator can create one pool (by using all the available physical disks) or multiple pools (by dividing the physical disks as required). Furthermore, to maximize the value from storage hardware, the administrator can map a storage pool to combinations of hard disks as well as solid-state drives (SSDs). Pools can be expanded dynamically by simply adding additional drives, thereby seamlessly scaling to cope with unceasing data growth.
2. Multitenancy. Administration of storage pools can be controlled through access control lists (ACLs) and delegated on a per-pool basis, thereby supporting hosting scenarios that require tenant isolation. Storage Spaces follows the familiar Windows security model; therefore, it can be fully integrated with Active Directory Domain Services.
3. Resilient storage. Storage Spaces support two optional resiliency modes: mirroring and parity. Per-pool support for disks that are reserved for replacing failed disks (hot spares), background scrubbing, and intelligent error correction allow continuous service availability despite storage component failures. In the event of a power failure or cluster failover, the integrity of data is preserved so that recovery happens quickly and does not result in data loss.
4. Continuous availability. Storage Spaces is fully integrated with failover clustering, which allows it to deliver continuously available service deployments. One or more pools can be clustered across multiple nodes within a single cluster. Storage spaces can then be instantiated on individual nodes, and the storage will seamlessly fail over to a different node when necessary (in response to failure conditions or due to load balancing). Integration with CSVs permits scale-out access to data.
5. Optimal storage use. Server consolidation often results in multiple data sets sharing the same storage hardware. Storage Spaces supports thin provisioning to allow businesses to easily share storage capacity among multiple unrelated data sets and thereby maximize capacity use.
6. Storage Spaces also supports trim, automatically running the Storage Optimizer to help reduce the physical footprint of data by consolidating data.
7. Operational simplicity. Fully remoteable and scriptable management is permitted through the Windows Storage Management API, WMI, and Windows PowerShell. Storage Spaces can be easily managed through the File and Storage Services role in Server Manager. Storage Spaces also provides notifications when the amount of available capacity in a storage pool hits a configurable threshold.
 clip_image001[26]
http://windows.microsoft.com/en-us/windows-8/storage-spaces-pools http://technet.microsoft.com/en-us/library/hh831739.aspx
http://www.howtogeek.com/109380/how-to-use-windows-8s-storage-spaces-to-mirror-combine-drives/

QUESTION 349
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 installed.
You are running a training exercise for junior administrators. You are currently discussing NIC Teaming.
Which of the following is TRUE with regards to NIC Teaming? (Choose all that apply.)

A.    It allows for traffic failover to prevent connectivity loss if a network component fails.
B.    It prevents bandwidth aggregation.
C.    The Windows Server 2012 implementation of NIC Teaming supports a maximum of 5 NICs in a team.
D.    The Windows Server 2012 implementation of NIC Teaming supports a maximum of 32 NICs in a team.

Answer: AD
Explanation:
NIC teaming, also known as Load Balancing/Failover (LBFO), allows multiple network adapters to be placed into a team for the purposes of bandwidth aggregation, and/or traffic failover to maintain connectivity in the event of a network component failure. This feature has long been available from NIC vendors but until now NIC teaming has not been included with Windows Server.
Do I have to select a standby member to get fault tolerance (failover)? No. IN any team with two or more network adapters if a network adapter fails in an Active/Active configuration, the traffic on that network adapter will gracefully failover to the other network adapters in the team even if none of the other adapters are in standby mode.
Number of NICs in a team in a native host
NIC teaming requires the presence of at least one Ethernet NIC. A team of one NIC may be used for separation of traffic using VLANs. Obviously a team with only one team member has no failure protection. Fault protection (failover) requires a minimum of two Ethernet NICs in the team. The Windows Server 2012 implementation supports up to 32 NICs in a team.
Number of team interfaces for a team Windows Server
2012 supports up to 32 team interfaces.
http://download.microsoft.com/download/F/6/5/F65196AA-2AB8-49A6-A427-373647880534/%5BWindows %20Server%202012%20NIC%20Teaming%20(LBFO)%20Deploy
ment%20and%20Management% 5D.docx

QUESTION 350
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 installed.
You are running a training exercise for junior administrators. You are currently discussing spanned volumes.
Which of the following is TRUE with regards to spanned volumes? (Choose all that apply.)

A.    Spanned volumes do not provide fault tolerance.
B.    Spanned volumes are a fault tolerant solution.
C.    You can extend a spanned volume onto a maximum of 16 dynamic disks.
D.    You cannot create a spanned volume using a system volume or boot volume.

Answer: AD
Explanation:
A spanned volume is a dynamic volume consisting of disk space on more than one physical disk. If a simple volume is not a system volume or boot volume, you can extend it across additional disks to create a spanned volume, or you can create a spanned volume in unallocated space on a dynamic disk.
You need at least two dynamic disks in addition to the startup disk to create a spanned volume. You can extend a spanned volume onto a maximum of 32 dynamic disks.
Spanned volumes are not fault tolerant.
http://technet.microsoft.com/en-us/library/cc772180.aspx

Passing Microsoft 70-410 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-410 Dump:

http://www.braindump2go.com/70-410.html

Official 2014 Latest Microsoft 70-410 Exam Dump Free Download(331-340)!

QUESTION 331
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. A server named Server1 is configured to encrypt all traffic by using IPSec. You need to ensure that Server1 can respond to ping requests from computers that do not support IPSec. What should you do?

A.    From a command prompt, run netsh set global autotuninglevel = restricted congestionprovider = ctcp.
B.    From Windows Firewall with Advanced Security, exempt ICMP from IPSec.
C.    From a command prompt, run netsh set global
autotuninglevelhighlyrestrictedcongestionprovider=none.
D.    From Windows Firewall with Advanced Security, allow unicast responses for the Domain Profile.

Answer: B
Explanation:
 clip_image002

QUESTION 332
Hotspot Question
Your network contains an Active Directory domain. The domain contains a server named Server28. The computer account of Server 28 is located in an organizational unit (OU) named OU1. A Group Policy object (GPO) named Application Restriction Policy is linked to OU1. The settings of the GPO are configured as shown in the GPO Settings exhibit. (Click the Exhibit button.)
 clip_image001
The Services console on Server28 is shown in the Services exhibit. (Click the Exhibit button.)
 clip_image001[4]
Select Yes if the statement can be shown to be true based on the available information; otherwise select No. Each correct selection is worth one point.
 clip_image001[6]
Answer:
 clip_image002[4]

QUESTION 333
Drag and Drop Question
You have a Hyper-V host named Server1. Server1 hosts a virtual machine named VM1. You view the properties of VM1 as shown in the following exhibit. (Click the Exhibit button.)
 clip_image001[8]
You need to configure bandwidth management for VM1. Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)

 clip_image001[10]
Answer:
 clip_image002[6]

QUESTION 334
You plan to deploy a file server to a temporary location. The temporary location experiences intermittent power failures. The file server will contain a dedicated volume for shared folders. You need to create a volume for the shared folders. The solution must minimize the likelihood of file corruption if a power failure occurs. Which file system should you use?

A.    ReFS
B.    NFS
C.    NTFS
D.    FAT32

Answer: A
Explanation:
The ReFS file system allows for resiliency against corruptions with the option to salvage amongst many other key features like Metadata integrity with checksums, Integrity streams with optional user data integrity, and shared storage pools across machines for additional failure tolerance and load balancing, etc.

QUESTION 335
Your company has a main office and four branch offices. The main office contains a server named Server1 that runs Windows Server 2012 R2. The IP configuration of each office is configured as shown in the following table.
 clip_image001[12]
You need to add a single static route on Server1 to ensure that Server1 can communicate with the hosts on all of the subnets. Which command should you run?

A.    route.exe add -p 10.10.0.0 mask 255.255.252.0 10.10.0.1
B.    route.exe add -p 172.16.16.0 mask 255.255.252.0 10.10.0.1
C.    route.exe add -p 10.10.0.0 mask 255.255.252.0 172.16.0.0
D.    route.exe add -p 172.16.18.0 mask 255.255.252.0 10.10.0.1

Answer: B
Explanation:
These parameters will allow communication with all the hosts.
 clip_image001[14]

QUESTION 336
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers on the L2P.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing what happens when you run the Remove-NetLbfoTeam Windows PowerShell cmdlet.
Which of the following describes the results of running this cmdlet?

A.    It removes one or more network adapters from a specified NIC team.
B.    It removes a team interface from a NIC team.
C.    It removes a specified NIC team from the host.
D.    It removes a network adapter member from a switch team.

Answer: C
Explanation:
Remove-NetLbfoTeam removes the specified NIC team from the host
The Remove-NetLbfoTeam cmdlet removes the specified NIC team from the host. This cmdlet disconnects all associated team members and providers from the team. You can specify the team to remove by using either a team object retrieved by Get-NetLbfoTeam, or by specifying a team name.
You can use Remove-NetLbfoTeam to remove all NIC teams from the server.
You need administrator privileges to use Remove-NetLbfoTeam.
http://technet.microsoft.com/en-us/library/jj130848%28v=wps.620%29.aspx

QUESTION 337
You work as a senior administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing the Virtual Fibre Channel SAN feature.
Which of the following is TRUE with regards to the Virtual Fibre Channel SAN feature? (Choose all that apply.)

A.    It prevents virtual machines from connecting directly to Fibre Channel storage.
B.    It allows for virtual machines to connect to Fibre Channel storage directly.
C.    It includes support for virtual SANs, live migration, and multipath I/O.
D.    It includes support for virtual SANs, and live migration, but not multipath I/O.

Answer: BC
Explanation:
To gain the full benefits of server virtualization and cloud architectures, virtualized workloads need to connect easily and reliably to existing SANs. For many enterprise organizations, Hyper-V deployments were limited in scale and scope because they
lacked the ability to directly connect VMs to Fibre Channel SAN storage from inside a VM. Hyper-V in Windows Server 2012 R2 now provides virtual Fibre Channel Host Bus Adapter (HBA) ports within the guest operating system that runs the virtual machine, connecting virtual machines directly to FibreChannel SAN Logical Unit Numbers (LUNs).
Virtual Fibre Channel for Hyper-V provides several important advantages for Hyper-V environments:
Simplifies storage connectivity for virtualized workloads to ultra-reliable, high-performance Fibre Channel SAN storage
Enables new solutions that require shared storage, such as failover clustering, live migration, andmultipath I/O
Leverages and protects existing investments in Fibre Channel storage ?
Enables advanced FC SAN storage functionality for VMs
Facilitates migration of FC workloads into the cloud
Enables improved monitoring and troubleshooting, with visibility from the VM to the FC SAN storage
Enables centralized management of Ethernet and FC-based virtualized workloads
Combining Virtual Fibre Channel for Hyper-V and the Brocade?Fibre Channel SAN infrastructure greatly simplifies connectivity between Fibre Channel SAN storage and virtualized applications, enabling enterprise IT and hosting providers to achieve new levels of availability, reliability, and scalability for cloud-based services.
You need your virtualized workloads to connect easily and reliably to your existing storage arrays. Windows Server 2012 R2 provides Fibre Channel ports within the guest operating system, which allows you to connect to Fibre Channel directly from within virtual machines. This feature protects your investments in Fibre Channel, enables you to virtualize workloads that use direct access to Fibre Channel storage, allows you to cluster guest operating systems over Fibre Channel, and provides an important new storage option for servers hosted in your virtualization infrastructure.
With this Hyper-V virtual Fibre Channel feature, you can connect to Fibre Channel storage from within a virtual machine. This allows you to use your existing Fibre Channel investments to support virtualized workloads. Support for Fibre Channel in Hyper-V guests also includes support for many relatedfeatures, such as virtual SANs, live migration, and MPIO.
http://technet.microsoft.com/en-us/library/hh831413.aspx
http://www.brocade.com/downloads/documents/technical_briefs/virtual-fibre-channel-hyperv-tb.pdf

QUESTION 338
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. On a server named Server2, you perform a Server Core Installation of Windows Server 2012 R2.
You join Server2 to the contoso.com domain. You need to ensure that you can manage Server2 by using the Computer Management console on Server1. What should you do on Server2?

A.    Install Remote Server Administration Tools (RSAT).
B.    Install Windows Management Framework.
C.    Run sconfig.exe and configure remote management.
D.    Run sconfig.exe and configure Remote Server Administration Tools (RSAT).

Answer: C
Explanation:
In Windows Server 2012 R2, you can use the Server Configuration tool (Sconfig.cmd) to configure and manage several common aspects of Server Core installations. You must be a member of the Administrators group to use the tool. Sconfig.cmd is available in the Minimal Server Interface and in Server with a GUI mode.
 clip_image002[8]

QUESTION 339
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com. All servers in the L2P.com domain, including domain controllers, have Windows Server 2012 R2 installed.
When you recently added new workstations to the L2P.com manually, you found that that the computer accounts were created in the default container. You want to make sure that the default container for newly created computers is redirected to a specified, target organizational unit (OU).
Which of the following actions should you take?

A.    You should consider making use of the replace.exe command-line tool.
B.    You should consider making use of the redircmp.exe command-line tool.
C.    You should consider making use of the redirusr.exe command-line tool.
D.    You should consider making use of the rexec.exe command-line tool.

Answer: B
Explanation:
redircmp.exe redirects the default container for newly created computers to a specified, targetorganizational unit (OU) so that newly created computer objects are created in the specific target OU instead of in CN=Computers.
 clip_image002[10]
http://technet.microsoft.com/pt-pt/library/cc770619%28v=ws.10%29.aspx http://support.microsoft.com/kb/324949/en-us
http://support.microsoft.com/kb/555573/en-us

QUESTION 340
You work as an administrator at L2P.com. The L2P.com network consists of a single domain named L2P.com.
L2P.com has a Windows Server 2012 R2 domain controller, named L2P-DC01, which has the Domain Naming master and the Schema master roles installed. L2P.com also has a Windows Server 2008 R2 domain controller, named L2P-DC02, which has the PDC Emulator, RID master, and Infrastructure master roles installed.
You have deployed a new Windows Server 2012 server, which belongs to a workgroup, in L2P.com’s perimeter network. You then executed the djoin.exe command.
Which of the following is the purpose of the djoin.exe command?

A.    It sets up a computer account in a domain and requests an offline domain join when a computer restarts.
B.    It sets up a user account in a domain and requests an online domain join when a computer restarts.
C.    It sets up a computer account in a domain and requests an offline domain join immediately.
D.    It sets up a computer account in a domain and requests an online domain join immediately.

Answer: A
Explanation:
To perform an offline domain join, you run commands by using a new tool named Djoin.exe. You use Djoin.exe to provision computer account data into AD DS. You also use it to insert the computer account data into the Windows directory of the destination computer, which is the computer that you want to join to the domain.
/localos Targets the local operating system installation, instead of an offline image, with the domain join information. Because this parameter injects the blob data into the locally running operating system image, you must restart the computer to complete the domain join operation, as you must also do for an onlinedomain join.
 clip_image002[12]
 clip_image001[16]
 clip_image001[18]
http://technet.microsoft.com/en-us/library/offline-domain-join-djoin-step-by-step%28v=ws.10%29.aspx

Passing Microsoft 70-410 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-410 Dump:

http://www.braindump2go.com/70-410.html

Official 2014 Latest Microsoft 70-411 Exam Dump Free Download(181-190)!

QUESTION 181
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed. You need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1 by using TCP port 443.
What should you modify? To answer, select the appropriate object in the answer area.
 clip_image001[32]
Answer:
 clip_image001[34]
Explanation:
http://technet.microsoft.com/en-us/library/cc771298(v=ws.10).aspx
Secure Socket Tunneling Protocol (SSTP) is a new tunneling protocol that uses the HTTPS protocol over TCP port 443 to pass traffic through firewalls and Web proxies that might block PPTP and L2TP/IPsec traffic.

QUESTION 182
Your network contains two Active Directory domains named contoso.com and adatum.com. The network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the DNS Server server role installed. Server1 has a copy of the contoso.com DNS zone. You need to configure Server1 to resolve names in the adatum.com domain.
The solution must meet the following requirements:
– Prevent the need to change the configuration of the current name servers that host zones for adatum.com.
– Minimize Administrative effort.
Which type of zone should you create?

A.    Primary
B.    Secondary
C.    Reverse lookup
D.    Stub

Answer: D
Explanation:
A. When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS.
B. When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone
C. clients use a known IP address and look up a computer name based on its address. A reverse lookup takes the form of a question, such as “Can you tell me the DNS name of the computer that uses the IP address 192.168.1.20?”
D. When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone.
– Prevents Change to current zone
http://technet.microsoft.com/en-us/library/cc771898.aspx
http://technet.microsoft.com/en-us/library/cc730980.aspx

QUESTION 183
Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2 and have the DNS Server server role installed.
On Server1, you create a standard primary zone named contoso.com.
You need to ensure that Server2 can host a secondary zone for contoso.com.
What should you do from Server1?

A.    Add Server2 as a name server.
B.    Convert contoso.com to an Active Directory-integrated zone.
C.    Create a zone delegation that points to Server2.
D.    Create a trust anchor named Server2.

Answer: A
Explanation:
A. You must add a new Name Server. To add a name server to the list of authoritative servers for the zone, you must specify both the server’s IP address and its DNS name. When entering names, click Resolve to resolve the name to its IP address prior to adding it to the list.
B. Instead of adding standard secondary DNS servers, you can convert the server from a primary DNS server to an Active Directory Integrated Primary server and configure another domain controller to be a DNS server
C. You can divide your Domain Name System (DNS) namespace into one or more zones. You can delegate management of part of your namespace to another location or department in your organization by delegating the management of the corresponding zone.
http://technet.microsoft.com/en-us/library/cc770984.aspx
http://support.microsoft.com/kb/816101
http://technet.microsoft.com/en-us/library/cc753500.aspx
http://technet.microsoft.com/en-us/library/cc771640(v=ws.10).aspx http://technet.microsoft.com/en-us/library/ee649280(v=ws.10).aspx

QUESTION 184
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed. On Server1, you create a network policy named Policy1.
You need to configure Policy1 to apply only to VPN connections that use the L2TP protocol.
What should you configure in Policy1?

A.    The Tunnel Type
B.    The Service Type
C.    The NAS Port Type
D.    The Framed Protocol

Answer: A
Explanation:
A. Restricts the policy to only clients that create a specific type of tunnel, such as PPTP or L2TP. B. Restricts the policy to only clients specifying a certain type of service, such as Telnet or Point to Point Protocol connections.
C. Allows you to specify the type of media used by the client computer to connect to the network. D. Restricts the policy to clients that specify a certain framing protocol for incoming packets, such as PPP or SLIP.
 clip_image001[36]
http://technet.microsoft.com/en-us/library/cc731220(v=ws.10).aspx

QUESTION 185
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. All client computers run Windows 8 Enterprise. DC1 contains a Group Policy object (GPO) named GPO1.
You need to deploy a VPN connection to all users.
What should you configure from User Configuration in GPO1?

A.    Preferences/Control Panel Settings/Network Options
B.    Policies/Administrative Templates/Windows Components/Windows Mobility Center
C.    Policies/Administrative Templates/Network/Windows Connect Now
D.    Policies/Administrative Templates/Network/Network Connections

Answer: A
Explanation:
A. The Network Options extension allows you to centrally create, modify, and delete dial-up networking and virtual private network (VPN) connections. Before you create a network option preference item, you should review the behavior of each type of action possible with the extension. http://technet.microsoft.com/en-us/library/cc772449.aspx

QUESTION 186
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. All sales users have laptop computers that run Windows 8. The sales computers are joined to the domain. All user accounts for the sales department are in an organizational unit (OU) named Sales_OU. A Group Policy object (GPO) named GPO1 is linked to Sales_OU.
You need to configure a dial-up connection for all of the sales users.
What should you configure from User Configuration in GPO1?

A.    Policies/Administrative Templates/Network/Windows Connect Now
B.    Policies/Administrative Templates/Windows Components/Windows Mobility Center
C.    Preferences/Control Panel Settings/Network Options
D.    Policies/Administrative Templates/Network/Network Connections

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc772107.aspx

QUESTION 187
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has 2 dual-core processors and 16 GB of RAM.
You install the Hyper-V server role in Server1.
You plan to create two virtual machines on Server1.
You need to ensure that both virtual machines can use up to 8 GB of memory. The solution must ensure that both virtual machines can be started simultaneously.
What should you configure on each virtual machine?

A.    Dynamic Memory
B.    NUMA topology
C.    Memory weight
D.    Ressource Control

Answer: A

QUESTION 188
Your network contains an Active Directory domain named corp.contoso.com. The domain contains a domain controller named DC1. When you run ping dcl.corp.contoso.com, you receive the result as shown in the exhibit. (Click the Exhibit button.)
 clip_image002[20]
You need to ensure that DC1 can respond to the Ping command.
Which rule should you modify? To answer, select the appropriate rule in the answer area.
 clip_image002[22]
Answer:
 clip_image002[24]

QUESTION 189
You have a server named Server1 that runs Windows Server 2012 R2.
You promote Server1 to domain controller.
You need to view the service location (SVR) records that Server1 registers on DNS.
What should you do on Server1?

A.    Open the Srv.sys file
B.    Open the Netlogon.dns file
C.    Run ipconfig/displaydns
D.    Run Get-DnsServerDiagnostics

Answer: B

QUESTION 190
Your company has a remote office that contains 600 client computers on a single subnet.
You need to select a subnet mask for the network that will support all of the client computers. The solution must minimize the number of unused addresses.
Which subnet mask should you select?

A.    255.255.252.0
B.    255.255.254.0
C.    255.255.255.0
D.    255.255.255.128

Answer: A
Passing Microsoft 70-411 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-411.html

Official 2014 Latest Microsoft 70-411 Exam Dump Free Download(171-180)!

QUESTION 171
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2. Both servers have the File and Storage Services server role, the DFS Namespace role service, and the DFS Replication role service installed. Server1 and Server2 are part of a Distributed File System (DFS) Replication group named Group1. Server1 and Server2 are connected by using a high-speed LAN connection.
You need to minimize the amount of processor resources consumed by DFS Replication.
What should you do?

A.    Reduce the bandwidth usage.
B.    Disable Remote Differential Compression (RDC).
C.    Modify the staging quota.
D.    Modify the replication schedule.

Answer: B
Explanation:
Because disabling RDC can help conserve disk input/output (I/O) and CPU resources, you might want to disable RDC on a connection if the sending and receiving members are in a local area network (LAN), and bandwidth use is not a concern. However, in a LAN environment where bandwidth is contended, RDC can be beneficial when transferring large files.
Question tells it uses a high-speed LAN connection.
http://technet.microsoft.com/en-us/library/cc758825%28v=ws.10%29.aspx
http://technet.microsoft.com/en-us/library/cc754229.aspx

QUESTION 172
Your company has a main office and two branch offices. The main office is located in New York. The branch offices are located in Seattle and Chicago.
The network contains an Active Directory domain named contoso.com. An Active Directory site exists for each office. Active Directory site links exist between the main office and the branch offices. All servers run Windows Server 2012 R2.
The domain contains three file servers. The file servers are configured as shown in the following table.
 clip_image001[26]
You implement a Distributed File System (DFS) replication group named Rep1Group.
Rep1Group is used to replicate a folder on each file server. Rep1Group uses a hub and spoke topology. NYC-SVR1 is configured as the hub server.
You need to ensure that replication can occur if NYC-SVR1 fails.
What should you do?

A.    Create an Active Directory site link.
B.    Modify the properties of Rep1Group.
C.    Create an Active Directory site link bridge.
D.    Create a connection in Rep1lGroup.

Answer: D
Explanation:
http://faultbucket.ca/2012/08/fixing-a-dfsr-connection-problem/ http://faultbucket.ca/2012/08/fixing-a-dfsr-connection-problem/
http://technet.microsoft.com/en-us/library/cc771941.aspx

QUESTION 173
You have a server named Server1 that runs Windows Server 2012 R2. On Server1, you configure a custom Data Collector Set (DCS) named DCS1. DCS1 is configured to store performance log data in C:\Logs.
You need to ensure that the contents of C:\Logs are deleted automatically when the folder reaches 100 MB in size.
What should you configure?

A.    A File Server Resource Manager (FSRM) quota on the C:\Logs folder
B.    A File Server Resource Manager (FSRM) file screen on the C:\Logs folder
C.    A schedule for DCS1
D.    The Data Manager settings of DCS1

Answer: D
Explanation:
http://sourcedaddy.com/windows-7/using-data-manager-view-performance-data.html

QUESTION 174
Your domain has contains a Windows 8 computer name Computer1 using BitLocker. The E:\ drive is encrypted and currently locked.
You need to unlock the E:\ drive with the recovery key stored on C:\
What should you run?

A.    Unlock-BitLocker
B.    Suspend-BitLocker
C.    Enable-BitLockerAutoUnloc
D.    Disable-BitLocker

Answer: A
Explanation:
A. Restores access to data on a BitLocker volume.
http://technet.microsoft.com/en-us/library/jj649833(v=wps.620).aspx

QUESTION 175
Your network contains and active Directory domain named contoso.com. The doman contains a server named Server1 that runs Windows Server 2012 R2 A local account named Admin1 is a member of the Administrators group on Server1.
You need to generate an audit event whenever Admin1 is denied access to a file or folder.
What should you run?

A.    auditpol.exe /set /user:admin1 /category:”detailed tracking” /failure:enable
B.    auditpol.exe /set/user:admin1 /failure:enable
C.    auditpol.exe /resourcesacl /set /type:keyauditpol.exe /resourcesacl /set /type: /access:ga
D.    auditpol.exe /resourcesacl /set /type:file /user:admin1 /failure

Answer: D
Explanation:
http://technet.microsoft.com/en-us/library/ff625687.aspx
set a global resource SACL to audit successful and failed attempts by a user to perform generic read and write functions on files or folders:
auditpol /resourceSACL /set /type:File /user:MYDOMAINmyuser /success /failure /access:FRFW
http://technet.microsoft.com/en-us/library/ff625687%28v=ws.10%29.aspx Syntax
auditpol /resourceSACL
[/set /type:<resource> [/success] [/failure] /user:<user> [/access:<access flags>]] [/remove /type:<resource> /user:<user> [/type:<resource>]] [/clear [/type:<resource>]]
[/view [/user:<user>] [/type:<resource>]]
http://technet.microsoft.com/en-us/library/ff625687%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/ff625687%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/ff625687.aspx
http://technet.microsoft.com/en-us/library/ff625687%28v=ws.10%29.aspx

QUESTION 176
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2.
You view the effective policy settings of Server1 as shown in the exhibit. (Click the Exhibit button.)
 clip_image002[14]
You need to ensure that an entry is added to the event log whenever a local user account is created or deleted on Server1.
What should you do?

A.    In Servers GPO, modify the Advanced Audit Configuration settings.
B.    On Server1, attach a task to the security log.
C.    In Servers GPO, modify the Audit Policy settings.
D.    On Server1, attach a task to the system log.

Answer: A
Explanation:
When you use Advanced Audit Policy Configuration settings, you need to confirm that these settings are not overwritten by basic audit policy settings. The following procedure shows how to prevent conflicts by blocking the application of any basic audit policy settings.
Enabling Advanced Audit Policy Configuration
Basic and advanced audit policy configurations should not be mixed. As such, it’s best practice to enable Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings in Group Policy to make sure that basic auditing is disabled. The setting can be found under Computer Configuration\Policies\Security Settings\Local Policies\Security Options, and sets the SCENoApplyLegacyAuditPolicy registry key to prevent basic auditing being applied using Group Policy and the Local Security Policy MMC snap-in.
In Windows 7 and Windows Server 2008 R2, the number of audit settings for which success and failure can be tracked has increased to 53. Previously, there were nine basic auditing settings under Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Audit Policy. These 53 new settings allow you to select only the behaviors that you want to monitor and exclude audit results for behaviors that are of little or no concern to you, or behaviors that create an excessive number of log entries. In addition, because Windows 7 and Windows Server 2008 R2 security audit policy can be applied by using domain Group Policy, audit policy settings can be modified, tested, and deployed to selected users and groups with relative simplicity.
Audit Policy settings
Any changes to user account and resource permissions.
Any failed attempts for user logon.
Any failed attempts for resource access.
Any modification to the system files.
Advanced Audit Configuration SettingsAudit compliance with important business-related and security-related rules by tracking precisely defined activities, such as:
A group administrator has modified settings or data on servers that contain finance information.
An employee within a defined group has accessed an important file. The correct system access control list (SACL) is applied to every file and folder or registry key on a computer or file share as a verifiable safeguard against undetected access.
In Servers GPO, modify the Audit Policy settings – enabling audit account management setting will generate events about account creation, deletion and so on.
Advanced Audit Configuration SettingsAdvanced Audit Configuration Settings ->Audit Policy
-> Account Management -> Audit User Account Management
 clip_image001[28]
In Servers GPO, modify the Audit Policy settings – enabling audit account management setting will generate events about account creation, deletion and so on.
 clip_image002[16]
http://blogs.technet.com/b/abizerh/archive/2010/05/27/tracing-down-user-and-computer-account-deletion-in-active-directory.aspx
http://technet.microsoft.com/en-us/library/dd772623%28v=ws.10%29.aspx
http://technet.microsoft.com/en-us/library/jj852202(v=ws.10).aspx
http://www.petri.co.il/enable-advanced-audit-policy-configuration-windows-server.htm http://technet.microsoft.com/en-us/library/dd408940%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/dd408940%28v=ws.10%29.aspx#BKMK_step2

QUESTION 177
You have 3 server that runs Windows Server 2012 R2. The server contains the disks configured as shown in the following table.
 clip_image001[30]
You need to create a volume that can store up to 3 TB of user files. The solution must ensure that the user files are available if one of the disks in the volume fails. What should you create?

A.    A storage pool on Disk 2 and Disk 3
B.    A mirrored volume on Disk 2 and Disk 3
C.    A storage pool on Disk 1 and Disk 3
D.    A mirrored volume on Disk l and Disk 4
E.    Raid 5 Volume out of Disks 1, 2 and 3

Answer: B
Explanation:
A. Storage pool can’t use Dynamic disk
B. Mirrored volume will be > 3Tb
C. Storage pool can’t use Dynamic disk
D. is impossible, we need 3Tb of disk space
E. Raid5 need to be on dynamic disk

QUESTION 178
Your network contains an Active Directory domain named contoso.com. The domain functional level is Windows Server 2008. All domain controllers run Windows Server 2008 R2.
The domain contains a file server named Server1 that runs Windows Server 2012 R2. Server1 has a BitLocker Drive Encryption (BitLocker)-encrypted drive. Server1 uses a Trusted Platform Module (TPM) chip.
You enable the Turn on TPM backup to Active Directory Domain Services policy setting by using a Group Policy object (GPO).
You need to ensure that you can back up the BitLocker recovery information to Active Directory.
What should you do?

A.    Raise the forest functional level to Windows Server 2008 R2.
B.    Enable the Configure the level of TPM owner authorization information available to the operating
system policy setting and set the Operating system managed TPM authentication level to None.
C.    Add a BitLocker data recovery agent.
D.    Import the TpmSchemaExtension.ldf and TpmSchemaExtensionACLChanges.ldf schema extensions
to the Active Directory schema.

Answer: D
Explanation:
You can configure BitLocker Drive Encryption to back up recovery information for BitLocker-protected drives and the Trusted Platform Module (TPM) to Active Directory Domain Services (AD DS). Recovery information includes the recovery password for each BitLocker-protected drive, the TPM owner password, and the information required to identify which computers and drives the recovery information applies to. Optionally, you can also save a package containing the actual keys used to encrypt the data as well as the recovery password required to access those keys.
Backing up recovery passwords for a BitLocker-protected drive allows administrators to recover the drive if it is locked. This ensures that encrypted data belonging to the enterprise can always be accessed by authorized users.
Backing up the TPM owner information for a computer allows administrators to locally and remotely configure the TPM security hardware on that computer. As an example, an administrator might want to reset the TPM to factory defaults when decommissioning or repurposing computers.
For Windows 8 a change to how the TPM owner authorization value is stored in AD DS was implemented in the AD DS schema.
The TPM owner authorization value is now stored in a separate object which is linked to the Computer object. This value was stored as a property in the Computer object itself for the default Windows Server 2008 R2 schemas. Windows Server 2012 domain controllers have the default schema to backup TPM owner authorization information in the separate object. If you are not upgrading your domain controller to Windows Server 2012 you need to extend the schema to support this change. If Active Directory backup of the TPM owner authorization value is enabled in a Windows Server 2008 R2 environment without extending the schema, the TPM provisioning will fail and the TPM will remain in a Not Ready state for computers running Windows 8.
 clip_image002[18]
http://technet.microsoft.com/en-us/library/dd875529%28v=ws.10%29.aspx
http://technet.microsoft.com/en-us/library/jj635854.aspx
http://technet.microsoft.com/en-us/library/jj679889.aspx

QUESTION 179
Your network contains an Active Directory domain named contoso.com. The domain contains a Web server named www.contoso.com. The Web server is available on the Internet.
You implement DirectAccess by using the default configuration.
You need to ensure that users never attempt to connect to www.contoso.com by using DirectAccess. The solution must not prevent the users from using DirectAccess to access other resources in contoso.com.
Which settings should you configure in a Group Policy object (GPO)?

A.    Name Resolution Policy
B.    DNS Client
C.    Network Connections
D.    DirectAccess Client Experience Settings

Answer: A
Explanation:
For DirectAccess, the NRPT must be configured with the namespaces of your intranet with a leading dot (for example, .internal.contoso.com or .corp.contoso.com). For a DirectAccess client, any name request that matches one of these namespaces will be sent to the specified intranet Domain Name System (DNS) servers.
Include all intranet DNS namespaces that you want DirectAccess client computers to access. There are no command line methods for configuring NRPT rules. You must use Group Policy settings. To configure the NRPT through Group Policy, use the Group Policy add-in at Computer Configuration \Policies\Windows Settings\Name Resolution Policy in the Group Policy object for DirectAccess clients. You can create a new NRPT rule and edit or delete existing rules. For more information, see Configure the NRPT with Group Policy.

QUESTION 180
You have a DNS server named Server1. Server1 has a primary zone named contoso.com. Zone Aging/ Scavenging is configured for the contoso.com zone. One month ago, an Administrator removed a server named Server2 from the network.
You discover that a static resource record for Server2 is present in contoso.com. Resource records for decommissioned client computers are removed automatically from contoso.com.
You need to ensure that the static resource records for all of the servers are removed automatically from contoso.com.
What should you modify?

A.    The Security settings of the static resource records
B.    The Expires after value of contoso.com
C.    The Record time stamp value of the static resource records
D.    The time-to-live (TTL) value of the static resource records

Answer: C
Explanation:
C. reset and permit them to use a current (non-zero) time stamp value. This enables these records to become aged and scavenged.
D. For most resource records, this field is optional. It indicates a length of time used by other DNS servers to determine how long to cache information for a record before expiring and discarding it.
http://technet.microsoft.com/en-us/library/cc771677.aspx http://technet.microsoft.com/en-us/library/cc758321(v=ws.10).aspx

Passing Microsoft 70-411 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-411.html

Official 2014 Latest Microsoft 70-411 Exam Dump Free Download(161-170)!

QUESTION 161
Your network contains an Active Directory domain named contoso.com. The domain does not contain a certification authority (CA). All servers run Windows Server 2012 R2. All client computers run Windows 8.
You need to add a data recovery agent for the Encrypting File System (EFS) to the domain.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    From Windows PowerShell, run Get-Certificate.
B.    From the Default Domain Controllers Policy, select Create Data Recovery Agent.
C.    From the Default Domain Policy, select Add Data Recovery Agent.
D.    From a command prompt, run cipher.exe.
E.    From the Default Domain Policy, select Create Data Recovery Agent.
F.    From the Default Domain Controllers Policy, select Add Data Recovery Agent.

Answer: AC
Explanation:
A. Submits a certificate request to an enrollment server and installs the response or retrieves a certificate for a previously submitted request.
C. Add agent to default domain policy
http://technet.microsoft.com/en-us/library/hh848632(v=wps.620).aspx http://technet.microsoft.com/en-us/library/dd875560(v=ws.10).aspx#BKMK_proc_dra http://windowsitpro.com/systems-management/how-can-i-add-user-efs-recovery-agent-domain

QUESTION 162
Your network contains an Active Directory domain named contoso.com. The domain contains three domain controllers.
 clip_image001[16]
You are creating a Distributed File System (DFS) namespace as shown in the exhibit. (Click the Exhibit button.)
 clip_image002[12]
You need to identify which configuration prevents you from creating a DFS namespace in Windows Server 2008 mode.
Which configuration should you identify?

A.    The location of the PDC emulator role
B.    The functional level of the domain
C.    The operating system on Server1 and Server3
D.    The location of the RID master role

Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/ff633469(v=WS.10).aspx
Migrate the following domain-based namespace from Windows 2000 Server mode to Windows Server 2008 mode.

QUESTION 163
Your network contains an Active Directory domain named adatum.com. The domain contains five servers. The servers are configured as shown in the following table.
 clip_image001[18]
All desktop computers in adatum.com run Windows 8 and are configured to use BitLocker Drive Encryption (BitLocker) on all local disk drives.
You need to deploy the Network Unlock feature. The solution must minimize the number of features and server roles installed on the network.
To which server should you deploy the feature?

A.    Server3
B.    Server1
C.    DC2
D.    Server2
E.    DC1

Answer: B
Explanation:
The BitLocker-NetworkUnlock feature must be installed on a Windows Deployment Server (which does not have to be configured–the WDSServer service just needs to be running). http://technet.microsoft.com/en-us/library/jj574173.aspx

QUESTION 164
Your network contains multiple Active Directory sites.
You have a Distributed File System (DFS) namespace that has a folder target in each site.
You discover that some client computers connect to DFS targets in other sites.
You need to ensure that the client computers only connect to a DFS target in their respective site.
What should you modify?

A.    The properties of the Active Directory sites
B.    The properties of the Active Directory site links
C.    The delegation settings of the namespace
D.    The referral settings of the namespace

Answer: D
Explanation:
A. A site is a set of well-connected subnets.
B. To control which sites replicate directly with each other
C. Determines the users and groups granted permissions to manage the replication group
D. A referral is an ordered list of servers that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or DFS folder with targets. After the computer receives the referral, the computer attempts to access the first server in the list. If the server is not available, the client computer attempts to access the next server. If a server becomes unavailable, you can configure clients to fail back to the preferred server after it becomes available.
http://www.windowsnetworking.com/articles_tutorials/Configuring-DFS-Namespaces.html http://technet.microsoft.com/en-us/library/cc794914(v=ws.10).aspx

QUESTION 165
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. Server1 has a folder named Folder1 that is used by the sales department.
You need to ensure that an email notification is sent to the sales manager when a File Screening Audit report is generated.
What should you configure on Server1?

A.    A file screen exception
B.    A file group
C.    A storage report task
D.    A file screen

Answer: C
Explanation:
A. A file screen exception is a special type of file screen that overrides any file screening that would otherwise apply to a folder and all its subfolders in a designated exception path. That is, it creates an exception to any rules derived from a parent folder.
B. A file group is used to define a namespace for a file screen, file screen exception, or Files by File Group storage report.
C. file screening report will identify individuals or applications that violate file screening policy, To set e-mail notifications and certain reporting capabilities, you must first configure the general File Server Resource Manager options.
D. Control the types of files that users can save
http://technet.microsoft.com/en-us/library/cc730822.aspx
http://technet.microsoft.com/en-us/library/cc770594.aspx
http://technet.microsoft.com/en-us/library/cc771212.aspx
http://technet.microsoft.com/en-us/library/cc732074.aspx
http://technet.microsoft.com/en-us/library/cc755988.aspx

QUESTION 166
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 has the File Server Resource Manager role service installed.
You configure a quota threshold as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[20]
You need to ensure that a user named User1 receives an email notification when the threshold is exceeded.
What should you do?

A.    Configure the File Server Resource Manager Options.
B.    Modify the members of the Performance Log Users group.
C.    Create a performance counter alert.
D.    Create a classification rule.

Answer: A
Explanation:
A. When you create quotas and file screens, you have the option of sending e-mail notifications to users when their quota limit is approaching or after they have attempted to save files that have been blocked
B. Members of this group can manage performance counters, logs and alerts on the server locally and from remote clients without being a member of the Administrators group.
C. You can set an alert on a counter, thereby defining that a message be sent, a program be run, an entry made to the application event log, or a log be started when the selected counter’s value exceeds or falls below a specified setting.
D. File Classification Infrastructure provides insight into your data by automating classification processes so that you can manage your data more effectively. You can classify files and apply policies based on this classification. Example policies include dynamic access control for restricting access to files, file encryption, and file expiration. Files can be classified automatically by using file classification rules or manually by modifying the properties of a selected file or folder. http://technet.microsoft.com/en-us/library/cc756031(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc785098(v=ws.10).aspx http://technet.microsoft.com/en-us/library/bb490759.aspx
http://technet.microsoft.com/en-us/library/hh831701.aspx

QUESTION 167
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2. Both servers have the File and Storage Services server role. The DFS Namespaces role service, and the DFS Replication role service installed. Server1 and Server2 are part of a Distributed File System (DFS) Replication group named Group1. Server1 and Server2 are separated by a low-speed WAN connection.
You need to limit the amount of bandwidth that DFS can use to replicate between Server1 and Server2.
What should you modify?

A.    The referral ordering of the namespace
B.    The cache duration of the namespace
C.    The schedule of the replication group
D.    The staging quota of the replicated folder

Answer: C
Explanation:
A. A referral is an ordered list of targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or folder with targets in the namespace. You can adjust how long clients cache a referral before requesting a new one.
B. DFS Replication uses staging folders for each replicated folder to act as caches for new and changed files that are ready to be replicated from sending members to receiving members.
C. A referral is an ordered list of targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or folder with targets. After the client receives the referral, the client attempts to access the first target in the list. If the target is not available, the client attempts to access the next target.
D. Scheduling allows less bandwidth the by limiting the time interval of the replication
http://technet.microsoft.com/en-us/library/cc771251.aspx
http://technet.microsoft.com/en-us/library/cc754229.aspx
http://technet.microsoft.com/en-us/library/cc732414.aspx
http://technet.microsoft.com/en-us/library/cc753923.aspx

QUESTION 168
Your network contains an Active Directory domain named adatum.com. The domain contains five servers. The servers are configured as shown in the following table.
 clip_image001[22]
All desktop computers in adatum.com run Windows 8 and are configured to use BitLocker Drive Encryption (BitLocker) on all local disk drives.
You need to deploy the Network Unlock feature. The solution must minimize the number of features and server roles installed on the network.
To which server should you deploy the feature

A.    DC1
B.    DC2
C.    Server1
D.    Server2

Answer: C
Explanation:
The BitLocker-NetworkUnlock feature must be installed on a Windows Deployment Server (which does not have to be configured–the WDSServer service just needs to be running). http://technet.microsoft.com/en-us/library/jj574173.aspx

QUESTION 169
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2.
You view the effective policy settings of Server1 as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[24]
On Server1, you have a folder named C:\Share1 that is shared as Share1. Share1 contains confidential data. A group named Group1 has full control of the content in Share1.
You need to ensure that an entry is added to the event log whenever a member of Group1 deletes a file in Share1.
What should you configure?

A.    The Audit File System setting of Servers GPO
B.    The Sharing settings of C:\Share1
C.    The Security settings of C:\Share1
D.    The Audit File Share setting of Servers GPO

Answer: C
Explanation:
C. Access to objects, such as files and folders can be audited using the advanced security setting auditing tab on Share1 and adding Group1 and selecting the delete check box http://technet.microsoft.com/en-us/library/cc753927(v=ws.10).aspx http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/13779c78-0c73-4477- 8014-f2eb10f3f10f/

QUESTION 170
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. Server1 has a folder named Folder1 that is used by the human resources department.
You need to ensure that an email notification is sent immediately to the human resources manager when a user copies an audio file or a video file to Folder1.
What should you configure on Server1?

A.    A file screen
B.    A file screen exception
C.    A file group
D.    A storage report task

Answer: A
Explanation:
A. Create file screens to control the types of files that users can save, and generate notifications when users attempt to save unauthorized files
B. A file screen exception is a special type of file screen that overrides any file screening that would otherwise apply to a folder and all its subfolders in a designated exception path. That is, it creates an exception to any rules derived from a parent folder.
C. File are a group of file classified by extension (i.e. Images: ,jpg, .gif, etc..)
D. Create reports based on file use
http://technet.microsoft.com/en-us/library/cc732074.aspx http://technet.microsoft.com/en-us/library/cc730822.aspx http://technet.microsoft.com/en-us/library/cc755988(v=ws.10).aspx

Passing Microsoft 70-411 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-411.html

Official 2014 Latest Microsoft 70-411 Exam Dump Free Download(151-160)!

QUESTION 151
You have a server named Server1 that runs Windows Server 2012 R2.
You create a Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to log data to D:\logs.
What should you do?

A.    Right-click DCS1 and click Properties.
B.    Right-click DCS1 and click Save template…
C.    Right-click DCS1 and click Data Manager…
D.    Right-click DCS1 and click Export list…

Answer: A

QUESTION 152
You have a server named WSUS1 that runs Windows Server 2012 R2. WSUS1 has the Windows Server Update Services server role installed and has one volume. You add a new hard disk to WSUS1 and then create a volume on the hard disk. You need to ensure that the Windows Server Update Services (WSUS) update files are stored on the new volume. What should you do?

A.    From a command prompt, run wsusutil.exe and specify the movecontent parameter.
B.    From the Update Services console, run the Windows Server Update Services Configuration Wizard.
C.    From the Update Services console, configure the Update Files and Languages option.
D.    From a command prompt, run wsusutil.exe and specify the export parameter.

Answer: A
Explanation:
A. configuration wizard will be run immediately after installation or at a later time. If you want to change the configuration later, you run WSUS Server Configuration Wizard from the Options page of the WSUS 3.0 Administration console
B. Changes the file system location where the WSUS server stores update files, and optionally copies any update files from the old location to the new location
C. The export command enables you to export update metadata to an export package file. You cannot use this parameter to export update files, update approvals, or server settings.
D. Allows you to specify where store downloaded update file, will not move already downloaded updates
http://technet.microsoft.com/en-us/library/cc720475(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc708480(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc720466(v=ws.10).aspx

QUESTION 153
Your network contains an Active Directory domain named contoso.com. All client computers run Windows 8 Pro.
You have a Group Policy object (GPO) named GP1. GP1 is linked to the domain. GP1 contains the Windows Internet Explorer 10 and 11 Internet Settings. The settings are shown in the exhibit. (Click the Exhibit button.) Users report that when they open Windows Internet Explorer, the home page is NOT set to http:// www.contoso.com.
You need to ensure that the home page is set to http://www.contoso.com the next time users log on to the domain.
What should you do?
 clip_image001[6]

A.    On each client computer, run gpupdate.exe.
B.    Open the Internet Explorer 10 and 11 Internet Settings, and then press F5.
C.    Open the Internet Explorer 10 and 11 Internet Settings, and then modify the Tabs settings.
D.    On each client computer, run Invoke-GPupdate.

Answer: B
Explanation:
You can use Group Policy Preferences to manage Internet Explorer 10.
 clip_image001[8]
Enabling and disabling settings with F5 – F8
As you can see, the tabs are exactly the same as in Internet Explorer, but with added green and dotted red lines underneath individual settings or red and green circles in front of individual settings:
Settings with green lines underneath them or green circles in front of them get applied.
Settings with red lines underneath them or red circles in front of them do not get applied.
You can change theses statuses with the F5, F6, F7 and F8 buttons. With F5 you can enable all settings on a tab, while F6 only enables the specific setting you edited last. F8 disables all settings on a tab, while F7 only disables the specific setting you edited last. Press OK when done configuring settings.
http://4sysops.com/archives/internet-explorer-10-administration-part-3-group-policy-preferences/

QUESTION 154
Your network contains an Active Directory domain named contoso.com. The domain does not contain a certification authority (CA). All servers run Windows Server 2012 R2. All client computers run Windows 8.
You need to add a data recovery agent for the Encrypting File System (EFS) to the domain.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two).

A.    From the Default Domain Controllers policy, select Create Data Recovery Agent.
B.    From the Default Domain Controllers policy, select Add Data Recovery Agent.
C.    From Windows PowerShell, run Get-Certificate.
D.    From the Default Domain Policy, select Add Data Recovery Agent.
E.    From a command prompt, run cipher.exe.
F.    From the Default Domain Policy, select Create Data Recovery Agent.

Answer: CD
Explanation:
http://technet.microsoft.com/en-us/library/cc778448(v=ws.10).aspx

QUESTION 155
Your network contains multiple Active Directory sites.
You have a Distributed File System (DFS) namespace that has a folder target in each site.
You discover that some client computers connect to DFS targets in other sites.
You need to ensure that the client computers only connect to a DFS target in their respective site.
What should you modify?

A.    the properties of the Active Directory site links.
B.    the properties of the Active Directory sites.
C.    the delegation settings of the namespace
D.    the referral settings of the namespace

Answer: D

QUESTION 156
Your network contains an Active Directory domain named contoso.com.
You have a failover cluster named Cluster1. All of the nodes in Cluster1 have BitLocker Drive Encryption (BitLocker) installed.
You plan to add a new volume to the shared storage of Cluster1.
You need to add the new volume to the shared storage. The solution must meet the following requirements:
– Encrypt the volume.
– Avoid using maintenance mode on the cluster.
Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002
Answer:
 clip_image002[4]
Explanation:
http://technet.microsoft.com/en-us/library/jj649829.aspx

QUESTION 157
Your network contains an Active Directory domain named contoso.com. The domain functional level in Windows Server 2008. All domain controllers run Windows Server 2008 R2. The domain contains a file server named Server1 that runs Windows Server 2012 R2. Server1 has a BitLocker Drive Encryption (BitLocker)-encrypted drive. Server1 uses a trusted Platform Module (TPM) chip.
You enable the Turn on TPM backup to Active Directory Domain Services policy setting by using a Group Policy object (GPO).
You need to ensure that you can back up the BitLocker recovery information to Active Directory.
What should you do?

A.    Upgrade a domain controller to Windows 2012.
B.    Enable the Store BitLocker recovery information in the Active Directory Services (Windows Server2008
and Windows Vista) policy settings.
C.    Raise the forest functional level to Windows 2008 R2.
D.    Add a BitLocker data recovery agent

Answer: B
Explanation:
B. You should also configure AD DS before configuring BitLocker on client computers. If BitLocker is enabled first, recovery information for those computers will not be automatically added to AD DS. If necessary, recovery information can be backed up to AD DS after BitLocker has been enabled by using either the Manage-bde command-line tool or the BitLocker Windows Management Instrumentation (WMI) provider.
http://technet.microsoft.com/en-us/library/dd875529(v=ws.10).aspx

QUESTION 158
Your company has a main office and a branch office. The main office is located in Seattle. The branch office is located in Montreal. Each office is configured as an Active Directory site. The network contains an Active Directory domain named adatum.com. The Seattle office contains a file server named Server1. The Montreal office contains a file server named Server2. The servers run Windows Server 2012 R2 and have the File and Storage Services server role, the DFS Namespaces role service, and the DFS Replication role service installed. Server1 and Server2 each have a share named Share1 that is replicated by using DFS Replication.
You need to ensure that users connect to the replicated folder in their respective office when they connect to \\contoso.com\Share1.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A.    Create a replication connection.
B.    Create a namespace.
C.    Share and publish the replicated folder.
D.    Create a new topology.
E.    Modify the Referrals settings.

Answer: BCE
Explanation:
To share a replicated folder and publish it to a DFS namespace Click Start, point to Administrative Tools, and then click DFS Management. In the console tree, under the Replication node, click the replication group that contains the replicated folder you want to share. In the details pane, on the Replicated Folders tab, right-click the replicated folder that you want to share, and then click Share and Publish in Namespace. In the Share and Publish Replicated Folder Wizard, click Share and publish the replicated folder in a namespace, and then follow the steps in the wizard.
Note that: If you do not have an existing namespace, you can create one in the Namespace Path page in the Share and Publish Replicated Folder Wizard. To create the namespace, in the Namespace Path page, click Browse, and then click New Namespace.
To create a namespace
Click Start, point to Administrative Tools, and then click DFS Management.
In the console tree, right-click the Namespaces node, and then click New Namespace. Follow the instructions in the New Namespace Wizard.
To create a stand-alone namespace on a failover cluster, specify the name of a clustered file server instance on the Namespace Server page of the New Namespace Wizard.
Important
Do not attempt to create a domain-based namespace using the Windows Server 2008 mode unless the forest functional level is Windows Server 2003 or higher. Doing so can result in a namespace for which you cannot delete DFS folders, yielding the following error message: “The folder cannot be deleted. Cannot complete this function.”
http://technet.microsoft.com/en-us/library/cc731531.aspx
http://technet.microsoft.com/en-us/library/cc772778%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/cc732414.aspx
http://technet.microsoft.com/en-us/library/cc772379.aspx
http://technet.microsoft.com/en-us/library/cc732863%28v=ws.10%29.aspx http://technet.microsoft.com/en-us/library/cc725830.aspx
http://technet.microsoft.com/en-us/library/cc771978.aspx

QUESTION 159
You have a server named Server1 that runs Windows Server 2012 R2. An administrator creates a quota as shown in the Quota exhibit. (Click the Exhibit button.)
 clip_image002[6]
You run the dir command as shown in the Dir exhibit. (Click the Exhibit button.)
 clip_image001[10]
You need to ensure that D:\Folder1 can only consume 100 MB of disk space.
What should you do?

A.    From File Server Resource Manager, edit the existing quota.
B.    From the properties of drive D, enable quota management.
C.    From the Services console, set the Startup Type of the Optimize drives service to Automatic.
D.    From File Server Resource Manager, create a new quota.

Answer: D
Explanation:
Create a new Quota on path, without using the auto apply template and create quota on existing and new subfolders.

 clip_image002[8]
 clip_image002[10]
 clip_image001[12]
http://technet.microsoft.com/en-us/library/cc755603(v=ws.10).aspx

QUESTION 160
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains an organizational unit (OU) named FileServers_OU. FileServers_OU contains the computer accounts for all of the file servers in the domain.
You need to audit the users who successfully access shares on the file servers.
Which audit category should you configure? To answer, select the appropriate category in the answer area.
 clip_image001[14]
Answer:
 clip_image002
Explanation:
http://technet.microsoft.com/en-us/library/hh831382.aspx
http://technet.microsoft.com/en-us/library/cc766468(v=ws.10).aspx

Passing Microsoft 70-411 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-411.html

Official 2014 Latest Microsoft 70-411 Exam Dump Free Download(141-150)!

QUESTION 141
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Windows Server Update Services roll installed. Server1 stores update files locally in C:\Updates.
You need to change the location in which the updates files are stored to D:\Updates
What should you do?

A.    From the Update Services Console, run the Windows Server Update Services Configuration Wizard
B.    From the command prompt, run wsusutil.exe and specify the movecontent parameter
C.    From the command prompt, run wsusutil.exe and specify the export parameter
D.    From the Update Services Console, configure the update Files and Languages option

Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/cc720466(v=ws.10).aspx

QUESTION 142
You have Site1 with 400 desktops and Site2 with 150 desktops.
You have a WSUS Server to deploy updates for both sites.
You need to make sure that all computers in the same site will have the same updates.
What should you configure?

A.    Computer Groups
B.    Security Groups
C.    Synchronization Options
D.    Classifications

Answer: A
Explanation:
A. WSUS allows you to target updates to groups of client computers, so you can ensure that specific computers always get the right updates at the most convenient times. For example, if all the computers in one department (such as the Accounting team) have a specific configuration, you can set up a group for that team, decide which updates their computers need and what time they should be installed, and then use WSUS reports to evaluate the updates for the team.
http://technet.microsoft.com/en-us/library/hh328559(v=ws.10).aspx

QUESTION 143
You have a WDS server named Server1 on Windows Server 2012 R2.
You need to automate the WDS deployment.
Which Tab should you configure?

A.    Boot Properties
B.    Client Properties
C.    Network Settings
D.    PXE Response Settings

Answer: B
Explanation:
B. On the Client tab, select Enable unattended installation, browse to the appropriate unattend file, and then click Open.
http://technet.microsoft.com/en-us/library/dd637990(v=ws.10).aspx
 clip_image001

QUESTION 144
Which parameter do you need to use to import GUID and MAC address?

A.    /get-AutoAddDevices
B.    /get-Device
C.    /add
D.    /enable

Answer: B
Explanation:
wdsutil /get-device /id:01-23-45-67-89-AB
wdsutil /get-device /id:0123456789AB

QUESTION 145
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 and has the Windows Deployment Services (WDS) server role installed.
You need to use WDS to deploy an image to a client computer that does not support PXE.
Which type of image should you use to start the computer?

A.    boot
B.    install
C.    discovery
D.    capture

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/dd637996(v=ws.10).aspx
WDSUTIL /New-DiscoverImage /Image:<name> /Architecture:{x86|x64|ia64} . To specify whichserver the
/DestinationImage /FilePath:<path and name to new file>
discover image connects to, append /WDSServer:<server nameor IP>.
 clip_image001[4]

QUESTION 146
You are a admin (what a suprise huh?) you have wsus with 2 sites wich contain computers. you want to have the ability to update the computers per site or together. wich 3 steps do you do?

A.    Create computer groups in wsus
B.    Create synchronization options
C.    Create GPO and configure updates
D.    Under Tasks, click Synchronize now

Answer: ABC
Explanation:
http://technet.microsoft.com/en-us/library/hh852346.aspx
http://technet.microsoft.com/es-es/library/cc708455(v=ws.10).aspx

QUESTION 147
Which of the options should you configure for a WDS pre-staged computer name? You should select 2 of the 4 check boxes.

A.    GUID
B.    WdsClientUnattend
C.    MAC-address preceding with nulls
D.    ReferralServer

Answer: AC
http://technet.microsoft.com/en-us/library/cc754469.aspx

QUESTION 148
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2008 R2.
You plan to test Windows Server 2012 R2 by using native-boot virtual hard disks (VHDs).
You attach a new VHD to Server1.
You need to install Windows Server 2102 R2 in the VHD.
What should you do?

A.    Run dism.exe and specify the /apply-image parameter.
B.    Run dism.exe and specify the /append-image parameter.
C.    Run imagex.exe and specify the /export parameter.
D.    Run imagex.exe and specify the /append parameter.

Answer: A

QUESTION 149
You have a server named Admin1 that runs Windows Server 2012 R2.
On Admin1, you configure a custom Data Collector Set (DCS) named DCS1. DCS1 is configured to store performance log data in C:\Logs.
You need to ensure that the contents of C:\Logs are deleted automatically when the folder reaches 100 MB in size.
What should you configure?

A.    A File Server Resource Manager (FSRM) quota on the C:\Logs folder
B.    A File Server Resource Manager (FSRM) file screen on the C:\Logs folder
C.    A schedule for DCS1
D.    The Data Manager settings of DCS1

Answer: D
Explanation:
http://sourcedaddy.com/windows-7/using-data-manager-view-performance-data.html

QUESTION 150
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and a server named Server2 that has the File Services server role installed.
You install the Windows Deployment Services server role on Server1.
You plan to use Server2 as a reference computer.
You need to create an image of Server2 by using Windows Deployment Services.
Which type of image should you add to Server1 first?

A.    Boot
B.    Discovery
C.    Install
D.    Capture

Answer: A
Explanation:
A. Configure the server and add the default images (Install.wim and Boot.wim) that are included on the installation media (in the \Sources folder).
B. A type of boot image that you can use to install an operating system on a computer that is not Pre-Boot Execution Environment (PXE) enabled. When you boot a computer into a discover image, a Windows Deployment Services server will be located, and then you can choose the install image you want to install.
C. The operating system image that you deploy to the client computer. To create install images using Windows Deployment Services, you must first create a capture image.
D. A type of boot image that you boot a client computer into to capture the operating system as a .wim file.
You must first create a capture image when you are creating custom install images. http://technet.microsoft.com/en-us/library/cc730907(v=ws.10).aspx http://technet.microsoft.com/en-us/library/jj648426.aspx http://itadmi
ntips.wordpress.com/2011/05/19/wds-setup-guide-part-2-boot-image-setup/
Passing Microsoft 70-411 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-411.html

1 492 493 494 495 496 507