Act now and download your Microsoft 70-411 test today! Do not waste time for the worthless Microsoft 70-411 tutorials. Download Rebirth Microsoft Administering Windows Server 2012 exam with real questions and answers and begin to learn Microsoft 70-411 with a classic professional.
2021 Mar 70-411 practice
Q41. DRAG DROP
Your network contains an Active Directory forest named contoso.com. The forest contains a Network Policy Server (NPS) server named NPS1 and a VPN server named VPN1. VPN1 forwards all authentication requests to NPS1.
A partner company has an Active Directory forest named adatum.com. The adatum.com forest contains an NPS server named NPS2.
You plan to grant users from adatum.com VPN access to your network.
You need to authenticate the users from adatum.com on VPN1.
What should you create on each NPS server?
To answer, drag the appropriate objects to the correct NPS servers. Each object may be
used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q42. HOTSPOT
You have a server named Servers that runs Windows Server 2012 R2. Servers has the Windows Deployment Services server role installed.
Server5 contains several custom images of Windows 8.
You need to ensure that when 32-bit client computers start by using PXE, the computers automatically install an image named Image 1.
What should you configure?
To answer, select the appropriate tab in the answer area.
Answer:
Q43. HOTSPOT
Your network contains a DNS server named Server1 that runs Windows Server 2012 R2. Server1 has a zone named contoso.com. The network contains a server named Server2 that runs Windows Server 2008 R2. Server1 and Server2 are members of an Active Directory domain named contoso.com.
You change the IP address of Server2.
Several hours later, some users report that they cannot connect to Server2.
On the affected users' client computers, you flush the DNS client resolver cache, and the users successfully connect to Server2.
You need to reduce the amount of time that the client computers cache DNS records from contoso.com.
Which value should you modify in the Start of Authority (SOA) record? To answer, select the appropriate setting in the answer area.
Answer:
Q44. Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2003, Windows Server 2008 R2, or Windows Server 2012 R2.
A support technician accidentally deletes a user account named User1.
You need to use tombstone reanimation to restore the User1 account.
Which tool should you use?
A. Active Directory Administrative Center
B. Ntdsutil
C. Ldp
D. Esentutl
Answer: C
Explanation:
Use Ldp.exe to restore a single, deleted Active Directory object This feature takes advantage of the fact that Active Directory keeps deleted objects in the database for a period of time before physically removing them. use Ldp.exe to restore a single, deleted Active Directory object
The LPD.exe tool, included with Windows Server 2012, allows users to perform operations against any LDAP-compatible directory, including Active Directory. LDP is used to view objects stored in Active Directory along with their metadata, such as security descriptors and replication metadata.
References:
http: //www. petri. co. il/manually-undeleting-objects-windows-active-directory-ad. htm
http: //www. petri. co. il/manually-undeleting-objects-windows-active-directory-ad. htm
http: //technet. microsoft. com/en-us/magazine/2007. 09. tombstones. aspx
http: //technet. microsoft. com/nl-nl/library/dd379509(v=ws. 10). aspx#BKMK_2
http: //technet. microsoft. com/en-us/library/hh875546. aspx
http: //technet. microsoft. com/en-us/library/dd560651(v=ws. 10). aspx
Q45. Your company has a main office and two branch offices. The main office is located in New York. The branch offices are located in Seattle and Chicago.
The network contains an Active Directory domain named contoso.com. An Active Directory site exists for each office. Active Directory site links exist between the main office and the branch offices. All servers run Windows Server 2012 R2.
The domain contains three file servers. The file servers are configured as shown in the following table.
You implement a Distributed File System (DFS) replication group named ReplGroup.
ReplGroup is used to replicate a folder on each file server. ReplGroup uses a hub and spoke topology. NYC-SVR1 is configured as the hub server.
You need to ensure that replication can occur if NYC-SVR1 fails.
What should you do?
A. Create an Active Directory site link bridge.
B. Create an Active Directory site link.
C. Modify the properties of Rep1Group.
D. Create a connection in Rep1Group.
Answer: D
Explanation:
Unsure about this answer.
D:
A:
The Bridge all site links option in Active Directory must be enabled. (This option is available in the Active Directory Sites and Services snap-in.) Turning off Bridge all site links can affect the ability of DFS to refer client computers to target computers that have the least expensive connection cost. An Intersite Topology Generator that is running Windows Server 2003 relies on the Bridge all site links option being enabled to generate the intersite cost matrix that DFS requires for its site-costing functionality. If you turn off this option, you must create site links between the Active Directory sites for which you want DFS to calculate accurate site costs. Any sites that are not connected by site links will have the maximum possible cost. For more information about site link bridging, see “Active Directory Replication Topology Technical Reference.”
Reference:
http: //faultbucket. ca/2012/08/fixing-a-dfsr-connection-problem/
http: //faultbucket. ca/2012/08/fixing-a-dfsr-connection-problem/
http: //technet. microsoft. com/en-us/library/cc771941. aspx
Most recent 70-411 rapidshare:
Q46. Your network contains two servers named Server1 and Server2 that run windows Server 2012 R2. Server1 and 5erver2 have the Windows Server Update Services server role installed.
Server1 synchronizes from Microsoft Update. Server2 is a Windows Server Update Services (WSUS) replica of Server1.
You need to configure replica downstream servers to send Server1 summary information about the computer update status.
What should you do?
A. From Server1, configure Reporting Rollup.
B. From Server2, configure Reporting Rollup.
C. From Server2, configure Email Notifications.
D. From Server1, configure Email Notifications.
Answer: A
Explanation:
WSUS Reporting Rollup Sample Tool
This tool uses the WSUS application programming interface (API) to demonstrate centralized monitoring and reporting for WSUS. It creates a single report of update and computer status from the WSUS servers into your WSUS environment. The sample package also contains sample source files to customize or extend the tool functionality of the tool to meet specific needs. The WSUS Reporting Rollup Sample Tool and files are provided AS IS. No product support is available for this tool or sample files. For more information read the readme file.
Reference: http: //technet. microsoft. com/en-us/windowsserver/bb466192. aspx
Q47. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains 500 client computers that run Windows 8 Enterprise.
You implement a Group Policy central store.
You have an application named App1. App1 requires that a custom registry setting be deployed to all of the computers.
You need to deploy the custom registry setting. The solution must minimize administrator effort.
What should you configure in a Group Policy object (GPO)?
A. The Software Installation settings
B. The Administrative Templates
C. An application control policy
D. The Group Policy preferences
Answer: D
Explanation:
. Open the Group Policy Management Console. Right-click the Group Policy object (GPO) that should contain the new preference item, and then click Edit.
. In the console tree under Computer Configuration or User Configuration, expand the Preferences folder, and then expand the Windows Settings folder.
. Right-click the Registry node, point to New, and select Registry Item.
Group Policy preferences provide the means to simplify deployment and standardize configurations. They add to Group Policy a centralized system for deploying preferences (that is, settings that users can change later).
You can also use Group Policy preferences to configure applications that are not Group Policy-aware. By using Group Policy preferences, you can change or delete almost any registry setting, file or folder, shortcut, and more. You are not limited by the contents of Administrative Template files. The Group Policy Management Editor (GPME) includes Group Policy preferences.
References: http: //technet.microsoft.com/en-us/library/gg699429.aspx http: //www. unidesk. com/blog/gpos-set-custom-registry-entries-virtual-desktops-disabling-machine-password
Q48. Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2 and have the DNS Server server role installed. Server1 hosts a primary zone for contoso.com. Server2 hosts a secondary zone for contoso.com. The zone is not configured to notify secondary servers of changes automatically.
You update several records on Server1.
You need to force the replication of the contoso.com zone records from Server1 to Server2.
What should you do from Server2?
A. Right-click the contoso.com zone and click Reload.
B. Right-click the contoso.com zone and click Transfer from Master.
C. Right-click Server2 and click Update Server Data Files.
D. Right-click Server2 and click Refresh.
Answer: B
Explanation:
Initiates zone transfer from secondary server Open DNS; In the console tree, right-click the applicable zone and click Transfer from master.
References: http: //technet. microsoft. com/en-us/library/cc779391%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/cc779391%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/cc786985(v=ws. 10). aspx
http: //technet. microsoft. com/en-us/library/cc779391(v=ws. 10). aspx
Q49. HOTSPOT
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.
You need to audit successful and failed attempts to read data from USB drives on the servers.
Which two objects should you configure? To answer, select the appropriate two objects in the answer area.
Answer:
Q50. Your network contains one Active Directory domain named contoso.com. The forest functional level is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows 8.1.
The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs Windows Server 2012 R2.
You need to identify which domain controller must be online when cloning a domain controller.
Which cmdlet should you use?
A. Get-ADGroupMember
B. Get-ADDomainControllerPasswordReplicationPolicy
C. Get-ADDomainControllerPasswordReplicationPolicyUsage
D. Get-ADDomain
E. Get-ADOptionalFeature
F. Get-ADAccountAuthorizationGroup
Answer: D
Explanation: One requirement for cloning a domain controller is an existing Windows Server 2012 DC that hosts the PDC emulator role. You can run the Get-ADDomain and retrieve which server has the PDC emulator role.
Example: Command Prompt: C:\PS>
Get-ADDomain
Output wouldinclude a line such as: PDCEmulator : Fabrikam-DC1.Fabrikam.com
Incorrect:
Not A: The Get-ADGroupMember cmdlet gets the members of an Active Directory group.
Members can be users, groups, and computers.
Not E: The Get-ADOptionalFeature cmdlet gets an optional feature or performs a search to retrieve multiple optional features from an Active Directory.
Not F: The Get-ADAuthorizationGroup cmdlet gets the security groups from the specified user, computer or service accounts token.
Reference: Step-by-Step: Domain Controller Cloning
http://blogs.technet.com/b/canitpro/archive/2013/06/12/step-by-step-domain-controller-cloning.aspx
Reference: Get-ADDomain https://technet.microsoft.com/en-us/library/ee617224.aspx