Exambible provides the examinees with the totally free downloadable 70-410 exam questions. You can require a quiz to look at the questions as well as answers quality of ourMicrosoft Microsoft training materials before a person purchase the idea. It is additionally helpful to suit your needs to seek out your Microsoft exam weakness, you then should perform harder on this specific in your after study. Each of the Microsoft certification study merchandise can be purchased at Exambible website. Youll be able to download them regarding free in accordance with your personal needs.
2021 Feb 70-410 exam price
Q141. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Web Server (US) server role installed.
Server1 has a web site named Web1. Web1 is configured to use digest authentication.
You need to ensure that a user named User1 can access Web1.
What should you do from Active Directory Users and Computers?
A. From the properties of User1, select Store password using reversible encryption.
B. From the properties of User1, select Use Kerberos DES encryption types for this account.
C. From the properties of Server1, select Trust this computer for delegation to any service (Kerberos only).
D. From the properties of Server1, assign the Allowed to Authenticate permission to User1.
Answer: A
Explanation:
Challenge Handshake Authentication Protocol (CHAP) is a basic level of iSCSI security that is used to authenticate the peer of a connection and is based upon the peers sharing a secret: that secret being a password. To make sure that User1 can connect to the server, you should use Active Directory Users and Computers to store that password.
Q142. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
Server2 establishes an IPSec connection to Server1.
You need to view which authentication method was used to establish the initial IPSec connection.
What should you do?
A. From Windows Firewall with Advanced Security, view the quick mode security association.
B. From Event Viewer, search the Application Log for events that have an ID of 1704.
C. From Event Viewer, search the Security Log for events that have an ID of 4672.
D. From Windows Firewall with Advanced Security, view the main mode security association.
Answer: D
Explanation:
Main mode negotiation establishes a secure channel between two computers by determining a set of cryptographic protection suites, exchanging keying material to establish a shared secret key, and authenticating computer and user identities. A security association (SA) is the information maintained about that secure channel on the local computer so that it can use the information for future network traffic to the remote computer. You can monitor main mode SAs for information like which peers are currently connected to this computer and which protection suite was used to form the SA. To get to this view In the Windows Firewall with Advanced Security MMC snap-in, expand Monitoring, expand Security Associations, and then click Main Mode. The following information is available in the table view of all main mode SAs. To see the information for a single main mode SA, double-click the SA in the list. Main mode SA information You can add, remove, reorder, and sort by these columns in the Results pane: Local Address: The local computer IP address. Remote Address: The remote computer or peer IP address. 1st Authentication Method: The authentication method used to create the SA. 1st Authentication Local ID: The authenticated identity of the local computer used in first authentication. 1st Authentication Remote ID: The authenticated identity of the remote computer used in first authentication.
2nd Authentication Method: The authentication method used in the SA.
2nd Authentication Local ID: The authenticated identity of the local computer used in
second authentication.
2nd Authentication Remote ID: The authenticated identity of the remote computer used in
second authentication.
Encryption: The encryption method used by the SA to secure quick mode key exchanges.
Integrity: The data integrity method used by the SA to secure quick mode key exchanges.
Key Exchange: The Diffie-Hellman group used to create the main mode SA.
: http://technet.microsoft.com/en-us/library/dd448497(v=ws.10).aspx
Q143. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed. Server1 is connected to two Fibre Channel SANs and is configured as shown in the following table.
You have a virtual machine named VM1.
You need to configure VM1 to connect to SAN1.
What should you do first?
A. Add one HBA
B. Create a Virtual Fibre Channel SAN.
C. Create a Hyper-V virtual switch.
D. Configure network adapter teaming.
Answer: B
Explanation:
You need your virtualized workloads to connect easily and reliably to your existing storage
arrays.
Windows Server 2012 provides Fibre Channel ports within the guest operating system,
which allows you to connect to Fibre Channel directly from within virtual machines. This
feature protects your investments in Fibre Channel, enables you to virtualize workloads that use direct access to Fibre Channel storage, allows you to cluster guest operating systems over Fibre Channel, and provides an important new storage option for servers hosted in your virtualization infrastructure. With this Hyper-V virtual Fibre Channel feature, you can connect to Fibre Channel storage from within a virtual machine. This allows you to use your existing Fibre Channel investments to support virtualized workloads. Support for Fibre Channel in Hyper-V guests also includes support for many related features, such as virtual SANs, live migration, and MPIO.
Q144. - (Topic 1)
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2.
The domain contains a user named User1 and a global security group named Group1.
You need to prevent User1 from changing his password. The solution must minimize administrative effort.
Which cmdlet should you run?
A. Add-AdPrincipalGroupMembership
B. Install-AddsDomainController
C. Install-WindowsFeature
D. Install-AddsDomain
E. Rename-AdObject
F. Set-AdAccountControl
G. Set-AdGroup
H. Set-User
Answer: F
Explanation:
The Set-ADAccountControlcmdlet modifies the user account control (UAC) values for an Active Directory user or computer account. UAC values are represented by cmdlet parameters. CannotChangePassword Modifies the ability of an account to change its password. To disallow password change by the account set this to $true. This parameter changes the Boolean value of the CannotChangePassword property of an account. The following example shows how to specify the PasswordCannotChange parameter. -CannotChangePassword $false
References:
http://technet.microsoft.com/en-us/library/ee617249.aspx http://technet.microsoft.com/en-us/library/hh974723.aspx http://technet.microsoft.com/en-us/library/hh974722.aspx
Q145. - (Topic 2)
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2
Datacenter.Server1 is located in an isolated network that cannot access the Internet.
On Server1, you install a new virtual machine named VM1.VM1 runs Windows Server 2012
R2 Essentials and connects to a private virtual network.
After 30 days, you discover that VM1 shuts down every 60 minutes.
You need to resolve the issue that causes VM1 to shut down every 60 minutes.
What should you do?
A. OnVM1, run slmgr.exe and specify the /ipk parameter.
B. OnServer1, run slmgr.exe and specify the /rearm-sku parameter.
C. Create a new internal virtual network and attach VM1 to the new virtual network.
D. On Server1, run Add-WindowsFeatureVolumeActivation.
Answer: A
Renovate 70-410 simulations:
Q146. HOTSPOT - (Topic 3)
You have a DNS server named Server 1. Server1 runs Windows Server 2012 R2.
The network ID is 10.1.1.0/24.
An administrator creates several reverse lookup zones.
You need to identify which reverse lookup zone is configured correctly.
Which zone should you identify?
To answer, select the appropriate zone in the answer area.
Answer:
Q147. - (Topic 3)
Your network contains an Active Directory forest named contoso.com. The forest contains a child domain named corp.contoso.com.
The network has Microsoft Exchange Server 2010 deployed.
You need to create a mail-enabled distribution group.
Which type of group should you create?
A. Global
B. Local
C. Domain local
D. Universal
Answer: D
Explanation:
Universal groups Groups that are used to grant permissions on a wide scale throughout a
domain tree or forest. Members of global groups include accounts and groups from any
domain in the domain tree or forest.
Microsoft Exchange Server 2007: Implementation and Administration. By Jim McBee,
Benjamin Craig page 248: Only universal groups should be used as mail-enabled groups.
Q148. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed. You need to log the amount of system resources used by each virtual machine. What should you do?
A. From Windows PowerShell, run the Enable-VMResourceMetering cmdlet.
B. From Windows System Resource Manager, enable Accounting.
C. From Windows System Resource Manager, add a resource allocation policy.
D. From Windows PowerShell, run the Measure-VM cmdlet.
Answer: A
Explanation:
Enable-VMResourceMetering – The Enable-VMResourceMeteringcmdlet starts collecting
resourceutilization data for a virtual machine or resource pool.
Measure-VM – The Measure-VM cmdlet reports data on processor usage, memory usage,
network traffic, and disk capacity for one or more virtual machines.
Q149. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. You log on to Server1. You need to retrieve the IP configurations of Server2. Which command should you run from Server1?
A. winrs -r:server2 ipconfig
B. winrm get server2
C. dsquery *-scope base-attr ip, server2
D. ipconfig > server2.ip
Answer: A
Q150. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 runs Windows Server 2012 R2. Server2 runs Windows Server 2008 R2 Service Pack 1 (SP1) and has the DHCP Server server role installed.
You need to manage DHCP on Server2 by using the DHCP console on Server1.
What should you do first?
A. From Windows Firewall with Advanced Security on Server2, create an inbound rule.
B. From Internet Explorer on Server2, download and install Windows Management Framework 3.0.
C. From Server Manager on Server1, install a feature.
D. From Windows PowerShell on Server2, run Enable PSRemoting.
Answer: C
Explanation:
The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology. On Windows Server 2012 R2, Windows PowerShell remoting is enabled by default. You can use Enable-PSRemoting to enable Windows PowerShell remoting on other supported versions of Windows and to re-enable remoting on Windows Server 2012 if it becomes disabled. You need to run this command only once on each computer that will receive commands. You do not need to run it on computers that only send commands. Because the configuration activates listeners, it is prudent to run it only where it is needed. Note: (not B) You can use Server Manager to manage remote servers that are running Windows Server 2008 and Windows Server 2008 R2, but the following updates are required to fully manage these older operating systems.