It is impossible to pass Microsoft 70 410 exam questions and answers pdf exam without any help in the short term. Come to Exambible soon and find the most advanced, correct and guaranteed Microsoft 70 410 exam questions pdf practice questions. You will get a surprising result by our Up to the immediate present Installing and Configuring Windows Server 2012 practice guides.

Q111. - (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 runs Windows Server 2012 R2. Server2 runs Windows Server 2008 R2 Service Pack 1 (SP1) and has the DHCP Server server role installed. 

You need to manage DHCP on Server2 by using the DHCP console on Server1. 

What should you do first? 

A. From Windows Firewall with Advanced Security on Server2, create an inbound rule. 

B. From Internet Explorer on Server2, download and install Windows Management Framework 3.0. 

C. From Server Manager on Server1, install a feature. 

D. From Windows PowerShell on Server2, run Enable PSRemoting. 

Answer:

Explanation: 

The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology. On Windows Server 2012 R2, Windows PowerShell remoting is enabled by default. You can use Enable-PSRemoting to enable Windows PowerShell remoting on other supported versions of Windows and to re-enable remoting on Windows Server 2012 if it becomes disabled. You need to run this command only once on each computer that will receive commands. You do not need to run it on computers that only send commands. Because the configuration activates listeners, it is prudent to run it only where it is needed. Note: (not B) You can use Server Manager to manage remote servers that are running Windows Server 2008 and Windows Server 2008 R2, but the following updates are required to fully manage these older operating systems. 


Q112. - (Topic 3) 

Your network contains one Active Directory domain named contoso.com. The domain contains 

2,000 client computers used by students. You recently discover an increase in calls to the helpdesk that relate to security policy to meet the following requirement: 

. Modify the UserName of the built-in account named Administrator . Support a time mismatch between client computers and domain controllers of up to three minutes. 

Which Two security settings should you modify? 

A. Account Policies 

B. Password Policy 

C. Account Lockout Policy 

D. Kerberos Policy 

E. Local Policies 

F. Audit Policy 

G. User Rights Assignment 

H. Security Options 

Answer: D,H 

Explanation: 

In Group Policy Object Editor, click Computer Configuration, click Windows Settings, click Security Settings, click Local Policies, and then click Security Options. In the details pane, double-click Accounts: Rename administrator account. 


Q113. - (Topic 2) 

You have a server that runs a Server Core installation of Windows Server 2012 R2. 

You need to change the DNS server used by IPv6. 

What should you do? 

A. From Sconfig, configure the Network Settings. 

B. Run the sc.exe command and specify the config parameter. 

C. From Windows PowerShell, run the Set-NetIpv6Protocol cmdlet. 

D. From Windows PowerShell, run the Set-DnsClientServerAddress cmdlet. 

Answer:

Explanation: 

The Set-DnsClientServerAddresscmdlet sets one or more IP addresses for DNS servers associated with an interface. This cmdlet statically adds DNS server addresses to the interface. If this cmdlet is used to add DNS servers to the interface, then the DNS servers will override any DHCP configuration for that interface. PS C:\> Set-DnsClientServerAddress -InterfaceIndex 12 -ServerAddresses "10.0.0.1","10.0.0.2") 

References: http://technet.microsoft.com/en-us/library/jj592692.aspx 

http://technet.microsoft.com/en-us/library/jj590768.aspx 


Q114. HOTSPOT - (Topic 3) 

You have a Server Core 2012 installation and all roles and features removed. The server does not haveaccess to Windows Update. You mount the network volume containing the installation files for Server 2012. 

You need to install DNS and DHCP server role. 

Which directory do you reference for installing? 

Answer: 


Q115. - (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain 

contains a server named Server1. Server1 runs Windows Server 2012 R2. 

An administrator creates a security template named Template1. 

You need to apply Template1 to Server1. 

Which snap-in should you use? 

A. Resultant Set of Policy 

B. Security Configuration and Analysis 

C. Authorization Manager 

D. Security Templates 

Answer:

Explanation: 

The Security Configuration and Analysis tool contains the Local Security Policy snap-in that is used to apply templates. 

References: 

http://technet.microsoft.com/en-us/library/bb742512.aspx http://technet.microsoft.com/en-us/library/cc739442%28v=WS.10%29.aspx 


Q116. DRAG DROP - (Topic 2) 

You have a server named Server1 that runs Windows Server 2012 R2. 

You add a new internal SAS disk to Server1. 

You need to ensure that the new disk is available to store files. 

Which three cmdlets should you run in sequence? 

To answer, move the appropriate three cmdlets from the list of cmdlets to the answer area 

and arrange them in the correct order. 

Answer: 


Q117. - (Topic 3) 

Your network contains an Active Directory domain named adatum.com. The domain contains the servers shown in the following table. 

You need to ensure that you can use Server Manager on DC1 to manage DC2. 

Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Install Microsoft .NET Framework 4 on DC2. 

B. Install Remote Server Administration Tools on DC1. 

C. Install Remote Server Administration Tools on DC2. 

D. Install Windows Management Framework 3.0 on DC2. 

Answer: A,D 

Explanation: 

Windows Management Framework 3.0. To use this release of Server Manager to access and manage remote servers that are running Windows Server 2008 or Windows Server 2008 R2, you must first install .NET Framework 4.0, and then install Windows Management Framework 3.0 on those servers. Note: In Windows Server 2012 R2, you can use Server Manager to perform management tasks on remote servers. Remote management is enabled by default on servers that are running Windows Server 2012 R2. To manage a server remotely by using Server Manager, you add the server to the Server Manager server pool. You can use Server Manager to manage remote servers that are running Windows Server 2008 and Windows Server 2008 R2, but the following updates are required to fully manage these older operating systems (see above). 

Reference: Configure Remote Management in Server Manager. 


Q118. - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

You create and enforce the default AppLocker executable rules. 

Users report that they can no longer execute a legacy application installed in the root of drive C. 

You need to ensure that the users can execute the legacy application. 

What should you do? 

A. Create a new rule. 

B. Delete an existing rule. 

C. Modify the action of the existing rules. 

D. Add an exception to the existing rules. 

Answer:

Explanation: 

AppLocker is a feature that advances the functionality of the Software Restriction Policies 

feature. AppLocker contains new capabilities and extensions that reduce administrative 

overhead and help administrators control how users can access and use files, such as 

executable files, scripts, Windows Installer files, and DLLs. By using AppLocker, you can: 

Define rules based on file attributes that persist across application updates, such as the 

publisher name (derived from the digital signature), product name, file name, and file 

version. You can also create rules based on the file path and hash. 

Assign a rule to a security group or an individual user. 

Create exceptions to rules. For example, you can create a rule that allows all users to run 

all Windows binaries except the Registry Editor (Regedit.exe). 

Use audit-only mode to deploy the policy and understand its impact before enforcing it. . 

Create rules on a staging server, test them, export them to your production environment, 

and then import them into a Group Policy Object. 

Simplify creating and managing AppLocker rules by using Windows PowerShell cmdlets for 

AppLocker. 

AppLocker default rules 

AppLocker allows you to generate default rules for each of the rule types. 

Executable default rule types: 

Allow members of the local Administrators group to run all applications. Allow members of the Everyone group to run applications that are located in the Windows folder. Allow members of the Everyone group to run applications that are located in the Program Filesfolder. Windows Installer default rule types: Allow members of the local Administrators group to run all Windows Installer files. Allow members of the Everyone group to run digitally signed Windows Installer files. Allow members of the Everyone group to run all Windows Installer files located in the Windows\Installer folder. Script default rule types: Allow members of the local Administrators group to run all scripts. Allow members of the Everyone group to run scripts located in the Program Files folder. Allow members of the Everyone group to run scripts located in the Windows folder. DLL default rule types: (this on can affect system performance ) Allow members of the local Administrators group to run all DLLs. Allow members of the Everyone group to run DLLs located in the Program Files folder. Allow members of the Everyone group to run DLLs located in the Windows folder. You can apply AppLocker rules to individual users or to a group of users. If you apply a rule to a group of users, all users in that group are affected by that rule. If you need to allow a subset of a user group to use an application, you can create a special rule for that subset. For example, the rule “Allow Everyone to run Windows except Registry Editor” allows everyone in the organization to run the Windows operating system, but it does not allow anyone to run Registry Editor. The effect of this rule would prevent users such as Help Desk personnel from running a program that is necessary for their support tasks. To resolve this problem, create a second rule that applies to the Help Desk user group: “Allow Help Desk to run Registry Editor.” If you create a deny rule that does not allow any users to run Registry Editor, the deny rule will override the second rule that allows the Help Desk user group to run Registry Editor. 


Q119. HOTSPOT - (Topic 3) 

You have a server named Server1 that runs Windows Server 2012 R2. 

Several users are members of the local Administrators group. 

You need to ensure that all local administrators receive User Account Control (UAC) 

prompts when they run a Microsoft Management Console (MMC). 

Which settings should you modify from the Local Security Policy? To answer, select the 

appropriate settings in the answer area. 

Answer: 


Q120. - (Topic 3) 

Your network contains an Active Directory forest named adatum.com. The forest contains a child domain named asia.adatum.com. The asia.adatum.com child domain contains a server named DHCP1 that runs Windows Server 2012 R2. 

You install the DHCP Server server role on DHCP1. 

You have access to the administrative accounts shown in the following table. 

You need to authorize DHCP1. 

Which user account should you use? 

A. Admin1 

B. Admin2 

C. Admin3 

D. Admin4 

Answer: