Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(331-337)!

QUESTION 331
Hotspot Question
Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2.
Server1 and 5erver2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the name appl.contoso.com.
The NLB cluster has the port rules configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[16]
To answer, complete each statement according to the information presented in the exhibit.
Each correct selection is worth one point.
 clip_image002[14]
Answer:
 clip_image002[16]

QUESTION 332
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You install the IP Address Management (IPAM) Server feature on a server named Server1 and select Manual as the provisioning method.
The IPAM database is located on a server named SQL1.
You need to configure IPAM to use Group Policy Based provisioning.
What command should you run first?
To answer, select the appropriate options in the answer area.
 clip_image001[18]
Answer:
 clip_image001[20]

QUESTION 333
Your network contains an Active Directory domain named contoso.com. The domain contains an IP Address Management (IPAM) server that uses a Windows Internal Database.
You install a Microsoft SQL Server 2012 instance on a new server.
You need to migrate the IPAM database to the SQL Server instance.
Which cmdlet should you run?

A.    Disable-IpamCapability
B.    Set-IpamConfiguration
C.    Update-IpamServer
D.    Move-IpamDatabase

Answer: D

QUESTION 334
Your network contains an Active Directory domain named contoso.com. The domain contains a certification authority (CA).
You suspect that a certificate issued to a Web server is compromised.
You need to minimize the likelihood that users will trust the compromised certificate.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    Stop the Certificate Propagation service.
B.    Modify the validity period of the Web Server certificate template.
C.    Run certutil and specify the -revoke parameter.
D.    Run certutil and specify the -deny parameter.
E.    Publish the certificate revocation list (CRL).

Answer: CE
Explanation:
First revoke the certificate, then publish the CRL.

QUESTION 335
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 is an enterprise root certification authority (CA) for contoso.com.
You need to ensure that the members of a group named Group1 can request code signing
certificates. The certificates must be issued automatically to the members.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    From Certificate Templates, modify the certificate template.
B.    From Certification Authority, add a certificate template to be issued.
C.    From Certificate Authority, modify the CA properties.
D.    From Certificate Templates, duplicate a certificate template.
E.    From Certificate Authority, stop and start the Active Directory Certificate Services (AD CS) service.

Answer: AB
Explanation:
First modify the certificate template in Certificate Templates, then add it in Certification Authority.

QUESTION 336
Hotspot Question
Your network contains an Active Directory forest.
You implement Dynamic Access Control in the forest.
You have the claim types shown in the Claim Types exhibit. (Click the Exhibit button.)
 clip_image002[18]
The properties of a user named User1 are configured as shown in the User1 exhibit. (Click the Exhibit button.)
 clip_image001[22]
The output of Whoa mi /claims for a user named User2 is shown in the Whoa mi exhibit.
(Click the Exhibit button.)
 clip_image001[24]
Select Yes if the statement can be shown to be true based on the available information; otherwise select No. Each correct selection is worth one point.
 clip_image001[26]
Answer:
 clip_image001[28]

QUESTION 337
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.
You are creating a central access rule named TestFinance that will be used to grant members of the Authenticated users group access to a folder stored on a Microsoft SharePoint Server 2013 server.
You need to ensure that the permissions are granted when the rule is published. What should you do?

A.    Set the Permissions to Use the following permissions as proposed permissions.
B.    Set the Permissions to Use following permissions as current permissions.
C.    Add a Resource condition to the current permissions entry for the Authenticated Users principal.
D.    Add a User condition to the current permissions entry for the Authenticated Users principal.

Answer: B

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(321-330)!

QUESTION 321
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012.
Server1 is the enterprise root certification authority (CA) for contoso.com.
You need to enable CA role separation on Server1.
Which tool should you use?

A.    The Certutil command
B.    The Authorization Manager console
C.    The Certsrv command
D.    The Certificates snap-in

Answer: A

QUESTION 322
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server3. The network contains a standalone server named Server2.
All servers run Windows Server 2012 R2. The servers are configured as shown in the following table.
 clip_image001
Server3 hosts an application named Appl. App1 is accessible internally by using the URL https://appl.contoso.com. App1 only supports Integrated Windows authentication.
You need to ensure that all users from the Internet are pre-authenticated before they can access Appl.
What should you do?
To answer, drag the appropriate servers to the correct actions. Each server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image001[4]
Answer:
 clip_image001[6]

QUESTION 323
You have five servers that run Windows Server 2012 R2. The servers have the Failover Clustering feature installed. You deploy a new cluster named Cluster1. Cluster1 is configured as shown in the following table.
 clip_image001[8]
Server1, Server2, and Server3 are configured as the preferred owners of the cluster roles.
Dynamic quorum management is disabled.
You plan to perform hardware maintenance on Server3.
You need to ensure that if the WAN link between Site1 and Site2 fails while you are performing maintenance on Server3, the cluster resource will remain available in Site1.
What should you do?

A.    Add a file share witness in Site1.
B.    Enable DrainOnShutdown on Cluster1.
C.    Remove the node vote for Server4 and Servers.
D.    Remove the node vote for Server3.

Answer: C

QUESTION 324
Hotspot Question
You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has access to disks that connect to a RAID controller, iSCSI disks, and disks connected to a SCSI controller.
You plan to use a tiered storage space on Server1.
You need to identify which storage controller and volume type you must use for the tiered storage space.
Which storage components should you use?
To answer, select the appropriate options in the answer area.
 clip_image001[10]
Answer:
 clip_image001[12]

QUESTION 325
Drag and Drop Question
Your network contains an Active Directory domain named adatum.com. The domain contains three servers. The servers are configured as shown in the following table.
 clip_image001[14]
Server1 is configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image002[4]
Template1 contains custom cryptography settings that are required by the corporate security team.
On Server2, an administrator successfully installs a certificate based on Template1.
The administrator reports that Template1 is not listed in the Certificate Enrollment wizard on Server3, even after selecting the Show all templates check box.
You need to ensure that you can install a server authentication certificate on Server3. The certificate must comply with the cryptography requirements.
Which three actions should you perform in sequence?
To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[6]
Answer:
 clip_image002[8]

QUESTION 326
Your network contains an Active Directory domain named contoso.com.
You deploy a server named Server1 that runs Windows Server 2012 R2.
A local administrator installs the Active Directory Rights Management Services server role on Server1.
You need to ensure that AD RMS clients can discover the AD RMS cluster automatically.
What should you do?

A.    Run the Active Directory Rights Management Services console by using an account that is a member
of the Schema Admins group, and then configure the proxy settings.
B.    Run the Active Directory Rights Management Services console by using an account that is a member
of the Schema Admins group, and then register the Service Connection Point (SCP).
C.    Run the Active Directory Rights Management Services console by using an account that is a member
of the Enterprise Admins group, and then register the Service Connection Point (SCP).
D.    Run the Active Directory Rights Management Services console by using an account that is a member
of the Enterprise Admins group, and then configure the proxy settings.

Answer: C

QUESTION 327
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and is configured to support key archival and recovery.
You create a new Active Directory group named Group1.
You need to ensure that the members of Group1 can request a Key Recovery Agent certificate. The solution must minimize the permissions assigned to Group1.
Which two permissions should you assign to Group1? (Each correct answer presents part of the solution. Choose two.)

A.    Read
B.    Auto enroll
C.    Write
D.    Enroll
E.    Full control

Answer: AD
Explanation:
* In Template, type a new template display name, and then modify any other optional properties as needed.
On the Security tab, click Add, type the name of the users you want to issue the key recovery agent certificates to, and then click OK. Under Group or user names, select the user names that you just added. Under Permissions, select the Read and Enroll check boxes, and then click OK.

QUESTION 328
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a member server named Server1. All servers run Windows Server 2012 R2.
You install the IP Address Management (IPAM) Server feature on Server1.
From the Provision IPAM wizard, you select the Group Policy Based provisioning method and enter a GPO name prefix of IPAM1.
You need to provision IPAM by using Group Policy.
What command should you run on Server1 to complete the process?
To answer, select the appropriate options in the answer area.
 clip_image002[10]
Answer:
 clip_image002[12]

QUESTION 329
You have a server named DNS1 that runs Windows Server 2012 R2.
You discover that the DNS resolution is slow when users try to access the company intranet home page by using the URL http://companyhome.
You need to provide single-label name resolution for CompanyHome that is not dependent on the suffix search order.
Which three cmdlets should you run? (Each correct answer presents part of the solution.
Choose three.)

A.    Add-DnsServerPrimaryZone
B.    Add-DnsServerResourceRecordCName
C.    Set-DnsServerDsSetting
D.    Set-DnsServerGlobalNameZone
E.    Set-DnsServerEDns
F.    Add-DnsServerDirectory Partition

Answer: ABD
Explanation:
*The Add-DnsServerPrimaryZone cmdlet adds a specified primary zone on a Domain Name System (DNS) server.
* The Add-DnsServerResourceRecordCName cmdlet adds a canonical name (CNAME) resource record to a specified Domain Name System (DNS) zone. A CNAME record allows you to use more than one resource record to refer to a single host *The Set-DnsServerGlobalNameZone cmdlet enables or disables single-label Domain Name System (DNS) queries.
It also changes configuration settings for a GlobalNames zone.
The GlobalNames zone supports short, easy-to-use names instead of fully qualified domain names (FQDNs) without using Windows Internet Name Service (WINS) technology. For instance, DNS can query SarahJonesDesktop instead of SarahJonesDesktop.contoso.com.

QUESTION 330
Your network contains three servers named HV1, HV2, and Server1 that run Windows Server 2012 R2. HV1 and HV2 have the Hyper-V server role installed. Server1 is a file server that contains 3 TB of free disk space.
HV1 hosts a virtual machine named VM1. The virtual machine configuration file for VM1 is stored in D:\VM and the virtual hard disk file is stored in E:\VHD.
You plan to replace drive E with a larger volume.
You need to ensure that VM1 remains available from HV1 while drive E is being replaced. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do?

A.    Perform a live migration to HV2.
B.    Add HV1 and HV2 as nodes in a failover cluster. Perform a storage migration to HV2.
C.    Add HV1 and HV2 as nodes in a failover cluster. Perform a live migration to HV2.
D.    Perform a storage migration to Server1.

Answer: D

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(311-320)!

QUESTION 311
You have five servers that run Windows Server 2012 R2. The servers have the Failover Clustering feature installed. You deploy a new cluster named Cluster1. Cluster1 is configured as shown in the following table.
 clip_image001[1]
Server1, Server2, and Server3 are configured as the preferred owners of the cluster roles.
Dynamic quorum management is disabled.
You plan to perform hardware maintenance on Server3.
You need to ensure that if the WAN link between Site1 and Site2 fails while you are performing maintenance on Servers, the cluster resource will remain available in Site1.
What should you do?

A.    Add a file share witness in Site1.
B.    Enable DrainOnShutdown on Cluster1.
C.    Remove the node vote for Server4 and Servers.
D.    Remove the node vote for Server3.

Answer: C

QUESTION 312
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. Server1 is configured to resolve single-label names for DNS clients.
You need to view the number of queries for single-label names that are resolved by Server1.
What command should you run?
To answer, select the appropriate options in the answer area.
 clip_image001[3]
Answer:
 clip_image001[5]

QUESTION 313
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 has the IP Address Management (IPAM) Server feature installed.
A technician performs maintenance on Server1.
After the maintenance is complete, you discover that you cannot connect to the IPAM server on Server1.
You open the Services console as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[7]
You need to ensure that you can connect to the IPAM server.
Which service should you start?

A.    Windows Process Activation Service
B.    windows Event Collector
C.    Windows Internal Database
D.    Windows Store Service (WSService)

Answer: C

QUESTION 314
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You have a Dynamic Access Control policy named Policy1.
You create a new Central Access Rule named Rule1.
You need to add Rule1 to Policy1.
What command should you run?
To answer, select the appropriate options in the answer area.
 clip_image001[9]
Answer:
 clip_image001[11]

QUESTION 315
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a server named Server1. Both servers run Windows Server 2012 R2.
You configure the classification of a share on Server1 as shown in the Share1 Properties exhibit. (Click the Exhibit button.)
You configure the resource properties in Active Directory as shown in the Resource Properties exhibit. (Click the Exhibit button.)
 clip_image002[1]
You need to ensure that the Impact classification can be assigned to Share1 immediately.
Which cmdlet should you run on each server?
To answer, select the appropriate cmdlet for each server in the answer area.
 clip_image001[13]
Answer:
 clip_image001[15]

QUESTION 316
Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[17]
You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in both domains.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    Raise the domain functional level of contoso.com.
B.    Raise the domain functional level ofchildl.contoso.com.
C.    Raise the forest functional level of contoso.com.
D.    Upgrade DC11 to Windows Server 2012 R2.
E.    Upgrade DC1 to Windows Server 2012 R2.

Answer: AE
Explanation:
The root domain in the forest must be at Windows Server 2012 level. First upgrade DC1 to this level, then raise the contoso.com domain functional level to Windows Server 2012.

QUESTION 317
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. Server1 has an IPv6 scope named Scope1.
You implement an additional DHCP server named Server2 that runs Windows Server 2012 R2.
You need to provide high availability for Scope1. The solution must minimize administrative effort.
What should you do?

A.    Install and configure Network Load Balancing (NLB) on Server1 and Server2.
B.    Create a scope on Server2.
C.    Configure DHCP failover on Server1.
D.    Install and configure Failover Clustering on Server1 and Server2.

Answer: B

QUESTION 318
Your company has two offices. The offices are located in Seattle and Montreal.
The network contains an Active Directory domain named contoso.com. The domain contains two DHCP servers named Server1 and Server2. Server1 is located in the Seattle office. Server2 is located in the Montreal office. All servers run Windows Server 2012 R2.
You need to create a DHCP scope for video conferencing in the Montreal office. The scope must be configured as shown in the following table.
 clip_image001[19]
Which Windows PowerShell cmdlet should you run?

A.    Add-DchpServerv4SuperScope
B.    Add-DchpServerv4MulticastScope
C.    Add-DHCPServerv4Policy
D.    Add-DchpServerv4Scope

Answer: B

QUESTION 319
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server3 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[21]
Scope1, Scope2, and Scope3 are configured to assign the IP addresses of two DNS servers to DHCP clients. The remaining scopes are NOT configured to assign IP addresses of DNS servers to DHCP clients.
You need to ensure that only Scope1, Scope3, and Scopes assign the IP addresses of the DNS servers to the DHCP clients. The solution must minimize administrative effort.
What should you do?

A.    Create a superscope and a filter.
B.    Create a superscope and scope-level policies.
C.    Configure the Server Options.
D.    Configure the Scope Options.

Answer: C

QUESTION 320
You have an Active Directory Rights Management Services (AD RMS) cluster.
You need to prevent users from encrypting new content. The solution must ensure that the users can continue to decrypt content that was encrypted already.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    From the Active Directory Rights Management Services console, enable decommissioning.
B.    From the Active Directory Rights Management Services console, create a user exclusion policy.
C.    Modify the NTFS permissions of %systemdrive%\inetpub\wwwroot\_wmcs\licensing.
D.    Modify the NTFS permissions of
%systemdrive%\inetpub\wwwroot\_wmcs\decommission.
E.    From the Active Directory Rights Management Services console, modify the rights policy templates.

Answer: BE

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(301-310)!

QUESTION 301
Hotspot Question
You have a server named Server1 that runs Windows Server 2012 R2.
You are configuring a storage space on Server1.
You need to ensure that the storage space supports tiered storage.
Which settings should you configure?
To answer, select the appropriate options in the answer area.
 clip_image001
Answer:
 clip_image001[4]

QUESTION 302
Hotspot Question
You have a server that runs Windows Server 2012 R2 and has the iSCSI Target Server role service installed.
You run the New-IscsiVirtualDisk cmdlet as shown in the New-IscsiVirtualDisk exhibit.
(Click the Exhibit button.)
 clip_image002
To answer, complete each statement according to the information presented in the exhibits.
Each correct selection is worth one point.
 clip_image001[6]
Answer:
 clip_image001[8]

QUESTION 303
Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and is configured as a standalone certification authority (CA).
You install a second server named Server2. You install the Online Responder role service on Server2.
You need to ensure that Server1 can issue an Online Certificate Status Protocol (OCSP) Response Signing certificate to Server2.
What should you run on Server1?

A.    The certreq.exe command and specify the -policy parameter
B.    The certutil.exe command and specify the -getkey parameter
C.    The certutil.exe command and specify the -setreg parameter
D.    The certreq.exe command and specify the -retrieve parameter

Answer: C

QUESTION 304
Drag and Drop Question
Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains an Active Directory Rights Management Services (AD RMS) root cluster. All servers run Windows Server 2012 R2.
You need to ensure that the rights account certificates issued in adatum.com are accepted by the AD RMS root cluster in contoso.com.
What should you do in each forest?
To answer, drag the appropriate actions to the correct forests. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image002[4]
Answer:
 clip_image002[6]

QUESTION 305
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.
The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA).
All users in the domain are issued a smart card and are required to log on to their domain- joined client computer by using their smart card.
A user named User1 resigned and started to work for a competing company.
You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain.
Which tool should you use?

A.    Active Directory Users and Computers
B.    Active Directory Sites and Services
C.    The Certificates snap-in
D.    Server Manager

Answer: A
Explanation:
Disabling or enabling a user account
To open Active Directory Users and Computers, click Start , click Control Panel , double-click Administrative Tools , and then double-click Active Directory Users and Computers .
To open Active Directory Users and Computers in Windows Server 2012, click Start , type dsa.msc .
In the console tree, click Users .
In the details pane, right-click the user.
Depending on the status of the account, do one of the following:
To disable the account, click Disable Account .
To enable the account, click Enable Account .

QUESTION 306
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs a Server Core installation of Windows Server 2012 R2.
You need to deploy a certification authority (CA) to Server1. The CA must support the auto- enrollment of certificates.
Which two cmdlets should you run? (Each correct answer presents part of the solution.
Choose two.)

A.    Add-CAAuthoritylnformationAccess
B.    Install-AdcsCertificationAuthority
C.    Add-WindowsFeature
D.    Install-AdcsOnlineResponder
E.    Install-AdcsWebEnrollment

Answer: BE
Explanation:
* The Install-AdcsCertificationAuthority cmdlet performs installation and configuration of the AD CS CA role service.
*The Install-AdcsWebEnrollment cmdlet performs initial installation and configuration of the Certification Authority Web Enrollment role service.

QUESTION 307
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights Management Services server role installed.
The domain contains a domain local group named Group1.
You create a rights policy template named Template1. You assign Group1 the rights to Template1.
You need to ensure that all the members of Group1 can use Template1.
What should you do?

A.    Configure the email address attribute of Group1.
B.    Convert the scope of Group1 to global.
C.    Convert the scope of Group1 to universal.
D.    Configure the email address attribute of all the users who are members of Group1.

Answer: D

QUESTION 308
You have a server named Server1 that runs Windows Server 2012 R2.
From Server Manager, you install the Active Directory Certificate Services server role on
Server1.
A domain administrator named Admin1 logs on to Server1.
When Admin1 runs the Certification Authority console, Admin1 receive the following error message.
 clip_image001[10]
You need to ensure that when Admin1 opens the Certification Authority console on Server1, the error message does not appear.
What should you do?

A.    Run the Install-AdcsCertificationAuthority cmdlet.
B.    Install the Active Directory Certificate Services (AD CS) tools.
C.    Modify the PATH system variable.
D.    Add Admin1 to the Cert Publishers group.

Answer: B

QUESTION 309
Your network contains an Active Directory forest named contoso.com. The forest contains four domains. All servers run Windows Server 2012 R2.
Each domain has a user named User1.
You have a file server named Server1 that is used to synchronize user folders by using the
Work Folders role service.
Server1 has a work folder named Sync1.
You need to ensure that each user has a separate folder in Sync1.
What should you do?

A.    From Windows Explorer, modify the Sharing properties of Sync1.
B.    Run the Set-SyncServerSetting cmdlet.
C.    From File and Storage Services in Server Manager, modify the properties of Sync1.
D.    Run the Set-SyncShare cmdlet.

Answer: D

QUESTION 310
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The relevant servers in the domain are configured as shown in the following table.
 clip_image001[12]
You plan to create a shared folder on Server1 named Share1. Share1 must only be accessed by users who are using computers that are joined to the domain.
You need to identify which servers must be upgraded to support the requirements of Share1.
In the table below, identify which computers require an upgrade and which computers do not require an upgrade. Make only one selection in each row. Each correct selection is worth one point.
 clip_image001[14]
Answer:

clip_image001[16]
Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(291-300)!

QUESTION 291
Hotspot Question
Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2.
Server1 and 5erver2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the URL http://app1.contoso.com.
You deploy a new server named Server3 that runs Windows Server 2012 R2. The contoso.com DNS zone contains the records shown in the following table.
 clip_image001[18]
You need to add Server3 to the NLB cluster.
What command should you run?
To answer, select the appropriate options in the answer area.
 clip_image002[33]
Answer:
 clip_image002[35]

QUESTION 292
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server1, Server2, Server3, and Server4. All servers run Windows Server 2012 R2.
Server1 and Server3 are located in a site named Site1. Server2 and Server4 are located in a site named Site2. The servers are configured as nodes in a failover cluster named Cluster1.
Dynamic quorum management is disabled.
Cluster1 is configured to use the Node Majority quorum configuration.
You need to ensure that users in Site2 can access Cluster1 if the network connection between the two sites becomes unavailable.
What should you run from Windows PowerShell?
To answer, drag the appropriate commands to the correct location. Each command may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image002[37]
Answer:
 clip_image002[39]

QUESTION 293
Hotspot Question
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
The network has the physical sites and TCP/IP subnets configured as shown in the following table.
 clip_image001[20]
You have a web application named App1 that is hosted on six separate Web servers. DNS has the host names and IP addresses registered as shown in the following table.
 clip_image001[22]
You discover that when users connect to appl.contoso.com, they are connected frequently to a server that is not on their local subnet.
You need to ensure that when the users connect to appl.contoso.com, they connect to a server on their local subnet. The connections must be distributed across the servers that host appl.contoso.com on their subnet.
Which two settings should you configure?
To answer, select the appropriate two settings in the answer area.
 clip_image001[24]
Answer:
 clip_image001[26]

QUESTION 294
You have a server named Server1.
You install the IP Address Management (IPAM) Server feature on Server1.
You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege.
Which user role should you assign to User1?

A.    IPAM Administrator Role
B.    IPAM DHCP Administrator Role
C.    IPAM ASM Administrator Role
D.    DNS Record Administrator Role

Answer: C
Explanation:
IPAM ASM Administrators
IPAM ASM Administrators is a local security group on an IPAM server that is created when you install the IPAM feature. Members of this group have all the privileges of the IPAM Users security group, and can perform IP address space tasks in addition to IPAM common management tasks.
Note: When you install IPAM Server, the following local role-based IPAM security groups are created:
IPAM Users
IPAM MSM Administrators
IPAM ASM Administrators
IPAM IP Audit Administrators
IPAM Administrators
Incorrect:
not A: Too much privileges.
IPAM Administrators
IPAM Administrators is a local security group on an IPAM server that is created when you install the IPAM feature. Members of this group have privileges to view all IPAM data and perform all IPAM tasks.

QUESTION 295
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2.
You install the DHCP Server server role on Server1 and Server2. You install the IP Address Management (IPAM) Server feature on Server1.
You notice that you cannot discover Server1 or Server2 in IPAM.
You need to ensure that you can use IPAM to discover the DHCP infrastructure.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    On Server2, create an IPv4 scope.
B.    On Server1, run the Add-IpamServerInventory cmdlet.
C.    On Server2, run the Add-DhcpServerInDc cmdlet
D.    On both Server1 and Server2, run the Add-DhcpServerv4Policy cmdlet.
E.    On Server1, uninstall the DHCP Server server role.

Answer: BC
Explanation:
The Add-IpamServerInventory cmdlet adds a new infrastructure server to the IP Address Management (IPAM) server inventory. Use the fully qualified domain name (FQDN) of the server to add to the server inventory.
The Add-DhcpServerInDC cmdlet adds the computer running the DHCP server service to the list of authorized Dynamic Host Configuration Protocol (DHCP) server services in the Active Directory (AD). A DHCP server service running on a domain joined computer needs to be authorized in AD so that it can start leasing IP addresses on the network.

QUESTION 296
Your network contains two Active Directory forests named contoso.com and corp.contoso.com.
 clip_image002[41]
User1 is a member of the DnsAdmins domain local group in contoso.com.
User1 attempts to create a conditional forwarder to corp.contoso.com but receive an error message shown in the exhibit. (Click the Exhibit button.)
 clip_image001[28]
You need to configure bi-directional name resolution between the two forests.
What should you do first?

A.    Add User1 to the DnsUpdateProxy group.
B.    Configure the zone to be Active Directory-integrated.
C.    Enable the Advanced view from DNS Manager.
D.    Run the New Delegation Wizard.

Answer: A

QUESTION 297
Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com. Selective authentication is enabled on the forest trust.
Contoso contains 10 servers that have the File Server role service installed. Users successfully access shared folders on the file servers by using permissions granted to the Authenticated Users group.
You migrate the file servers to adatum.com.
Contoso users report that after the migration, they are unable to access shared folders on the file servers.
You need to ensure that the Contoso users can access the shared folders on the file servers.
What should you do?

A.    Disable selective authentication on the existing forest trust.
B.    Disable SID filtering on the existing forest trust.
C.    Run netdom and specify the /quarantine attribute.
D.    Replace the existing forest trust with an external trust.

Answer: A

QUESTION 298
You have a server named FS1 that runs Windows Server 2012 R2.
You install the File and Storage Services server role on FS1.
From Windows Explorer, you view the properties of a shared folder named Share1 and you discover that the Classification tab is missing.
You need to ensure that you can assign classifications to Share1 from Windows Explorer manually.
What should you do?

A.    From Folder Options, select Show hidden files, folders, and drives.
B.    From Folder Options, clear Use Sharing Wizard (Recommend).
C.    Install the File Server Resource Manager role service.
D.    Install the Enhanced Storage feature.

Answer: C

QUESTION 299
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 are configured as shown in the following table.
 clip_image001[30]
You need to ensure that when new targets are added to Server1, the targets are registered on Server2 automatically. What should you do on Server1?

A.    Configure the Discovery settings of the iSCSI initiator.
B.    Configure the security settings of the iSCSI target.
C.    Run the Set-Wmilnstance cmdlet.
D.    Run the Set-IscsiServerTarget cmdlet.

Answer: C

QUESTION 300
Hotspot Question
You have a file server named Server1 that runs Windows Server 2012 R2.
Server1 contains a file share that must be accessed by only a limited number of users.
You need to ensure that if an unauthorized user attempts to access the file share, a custom access-denied message appears, which contains a link to request access to the share. The message must not appear when the unauthorized user attempts to access other shares.
Which two nodes should you configure in File Server Resource Manager?
To answer, select the appropriate two nodes in the answer area.
 clip_image001[32]
Answer:
 clip_image001[34]

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(281-290)!

QUESTION 281
Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company. The URL of the website is http://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to access the website. However, some users who work from home report that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately.
What should you do?

A.    Run dnscmd and specify the CacheLockingPercent parameter.
B.    Run Set-DnsServerGlobalQueryBlockList.
C.    Run ipconfig and specify the Renew parameter.
D.    Run Set-DnsServerCache.

Answer: A
Explanation:
* To configure cache locking using a command line Open an elevated command prompt.
Type the following command, and then press ENTER:
dnscmd /Config /CacheLockingPercent <percent>
Restart the DNS Server service.
* Parameter <percent>
Optional.Specifies the cache locking percent, from 0 to 100 in decimal format. If no value is entered, the cache locking percent is set to 0.

QUESTION 282
You have a server named Server1.
You install the IP Address Management (IPAM) Server feature on Server1.
You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege.
Which user role should you assign to User1?

A.    DNS Record Administrator Role
B.    IPAM DHCP Reservations Administrator Role
C.    IPAM Administrator Role
D.    IPAM DHCP Administrator Role

Answer: C
Explanation:
When you install IPAM Server, the following local role-based IPAM security groups are created:
IPAM Users
IPAM MSM Administrators
IPAM ASM Administrators
IPAM IP Audit Administrators
IPAM Administrators

QUESTION 283
You have a virtual machine named VM1 that runs on a host named Host1.
You configure VM1 to replicate to another host named Host2. Host2 is located in the same physical location as Host1.
You need to add an additional replica of VM1. The replica will be located in a different physical site.
What should you do?

A.    From VM1 on Host2, click Extend Replication.
B.    On Host1, configure the Hyper-V settings.
C.    From VM1 on Host1, click Extend Replication.
D.    On Host2, configure the Hyper-V settings.

Answer: A

QUESTION 284
Hotspot Question
You have a file server named Server1 that runs Windows Server 2012 R2.
You need to ensure that you can use the NFS Share – Advanced option from the New Share Wizard in Server Manager.
Which two role services should you install?
To answer, select the appropriate two role services in the answer area.
 clip_image002[17]
Answer:
 clip_image002[19]

QUESTION 285
Your network contains 20 iSCSI storage appliances that will provide storage for 50 Hyper-V hosts running Windows Server 2012 R2.
You need to configure the storage for the Hyper-V hosts. The solution must minimize administrative effort.
What should you do first?

A.    Install the iSCSI Target Server role service and configure iSCSI targets.
B.    Install the iSNS Server service feature and create a Discovery Domain.
C.    Start the Microsoft iSCSI Initiator Service and configure the iSCSI Initiator Properties.
D.    Install the Multipath I/O (MPIO) feature and configure the MPIO Properties.

Answer: C

QUESTION 286
Drag and Drop Question
You have a server that runs Windows Server 2012 R2.
You create a new work folder named Share1.
You need to configure Share1 to meet the following requirements:
Ensure that all synchronized copies of Share1 are encrypted. Ensure that clients synchronize to Share1 every 30 minutes. Ensure that Share1 inherits the NTFS permissions of the parent folder.
Which cmdlet should you use to achieve each requirement?
To answer, drag the appropriate cmdlets to the correct requirements. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image002[21]
Answer:
 clip_image002[23]

QUESTION 287
You create a new virtual disk in a storage pool by using the New Virtual Disk Wizard. You discover that the new virtual disk has a write-back cache of 1 GB.
You need to ensure that the virtual disk has a write-back cache of 5 GB.
What should you do?

A.    Detach the virtual disk, and then run the Resize-VirtualDisk cmdlet.
B.    Detach the virtual disk, and then run the Set-VirtualDisk cmdlet.
C.    Delete the virtual disk, and then run the New-StorageSubSystemVirtualDisk cmdlet.
D.    Delete the virtual disk, and then run the New-VirtualDisk cmdlet.

Answer: D

QUESTION 288
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
You plan to install the Active Directory Federation Services server role on Server1 to allow for Workplace Join.
You run nslookup enterprise registration and you receive the following results:
 clip_image001[16]
You need to create a certificate request for Server1 to support the Active Directory Federation Services (AD FS) installation.
How should you configure the certificate request?
To answer, drag the appropriate names to the correct locations. Each name may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image002[25]
Answer:
 clip_image002[27]

QUESTION 289
Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed. Server2 is a file server.
Your company introduces a Bring Your Own Device (BYOD) policy.
You need to ensure that users can use a personal device to access domain resources by using Single Sign-On (SSO) while they are connected to the internal network.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    Enable the Device Registration Service in Active Directory.
B.    Publish the Device Registration Service by using a Web Application Proxy.
C.    Configure Active Directory Federation Services (AD FS) for the Device Registration Service.
D.    Create and configure a sync share on Server2.
E.    Install the Work Folders role service on Server2.

Answer: AC

QUESTION 290
Drag and Drop Question
You have two failover clusters named Cluster1 and Cluster2. All of the nodes in both of the clusters run Windows Server 2012 R2.
Cluster1 hosts two virtual machines named VM1 and VM2.
You plan to configure VM1 and VM2 as nodes in a new failover cluster named Cluster3.
You need to configure the witness disk for Cluster3 to be hosted on Cluster2.
Which three actions should you perform in sequence?
To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[29]
Answer:
 clip_image002[31]

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(271-280)!

QUESTION 271
Your network contains an Active Directory domain named adatum.com. You create a new Group Policy object (GPO) named GPO1.
You need to verify that GPO1 was replicated to all of the domain controllers.
Which tool should you use?

A.    Gpupdate
B.    Gpresult
C.    Group Policy Management
D.    Active Directory Sites and Services

Answer: C

QUESTION 272
Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2.
Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the URL http://app1.contoso.com.
You plan to perform maintenance on Server1.
You need to ensure that all new connections to App1 are directed to Server2. The solution must not disconnect the existing connections to Server1.
What should you run?

A.    The Set-NlbCluster cmdlet
B.    The Set-NlbClusterNode cmdlet
C.    The Stop-NlbCluster cmdlet
D.    The Stop-NlbClusterNode cmdlet

Answer: D
Explanation:
The Stop-NlbClusterNode cmdlet stops a node in an NLB cluster. When you use the stop the nodes in the cluster, client connections that are already in progress are interrupted. To avoid interrupting active connections, consider using the -drain parameter, which allows the node to continue servicing active connections but disables all new traffic to that node.
-Drain <SwitchParameter>
Drains existing traffic before stopping the cluster node. If this parameter is omitted, existing traffic will be dropped.

QUESTION 273
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You have a failover cluster named Cluster1 that contains two nodes named Server1 and Server2. Both servers run Windows Server 2012 R2 and have the Hyper-V server role installed.
You plan to create two virtual machines that will run an application named App1. App1 will store data on a virtual hard drive named App1data.vhdx. App1data.vhdx will be shared by both virtual machines.
The network contains the following shared folders:
– An SMB file share named Share1 that is hosted on a Scale-Out File Server.
– An SMB file share named Share2 that is hosted on a standalone file server.
– An NFS share named Share3 that is hosted on a standalone file server.
You need to ensure that both virtual machines can use App1data.vhdx simultaneously.
What should you do?
To answer, select the appropriate configurations in the answer area.
 clip_image001[8]
 clip_image001[10]
Answer:
 clip_image002

QUESTION 274
Your network contains an Active directory forest named contoso.com. The forest contains two child domains named east.contoso.com and west.contoso.com.
You install an Active Directory Rights Management Services (AD RMS) cluster in each child domain.
You discover that all of the users in the contoso.com forest are directed to the AD RMS cluster in east.contoso.com.
You need to ensure that the users in west.contoso.com are directed to the AD RMS cluster in west.contoso.com and that the users in east.contoso.com are directed to the AD RMS cluster in east.contoso.com.
What should you do?

A.    Modify the Service Connection Point (SCP).
B.    Configure the Group Policy object (GPO) settings of the users in the west.contoso.com domain.
C.    Configure the Group Policy object (GPO) settings of the users in the east.contoso.com domain.
D.    Modify the properties of the AD RMS cluster in west.contoso.com.

Answer: C

QUESTION 275
You have a server named Server1 that runs Windows Server 2012 R2.
From Server Manager, you install the Active Directory Certificate Services server role on Server1.
A domain administrator named Admin1 logs on to Server1.
When Admin1 runs the Certification Authority console, Admin1 receive the following error message.
 clip_image001[12]
You need to ensure that when Admin1 opens the Certification Authority console on Server1, the error message does not appear.
What should you do?

A.    Install the Active Directory Certificate Services (AD CS) tools.
B.    Run the regsvr32.exe command.
C.    Modify the PATH system variable.
D.    Configure the Active Directory Certificate Services server role from Server Manager.

Answer: D

QUESTION 276
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.d
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)

A.    Run Enable-AdfsDeviceRegistration -PrepareActiveDirectory.
B.    Edit the multi-factor authentication global authentication policy settings.
C.    Run Enable-AdfsDeviceRegistration.
D.    Run Set-AdfsProxyProperties HttpPort 80.
E.    Edit the primary authentication global authentication policy settings.

Answer: CE
Explanation:
* To enable Device Registration Service On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Enable seamless second factor authentication
Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a `known’ device and administrators can use this information to drive conditional access and gate access to resources.
To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices
In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.

QUESTION 277
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
You need to ensure that third-party devices can use Workplace Join to access domain resources on the Internet.
Which four actions should you perform in sequence?
To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[5]
Answer:
 clip_image002[7]

QUESTION 278
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
You need to create an IPv6 scope on Server1. The scope must use an address space that is reserved for private networks. The addresses must be routable.
Which IPV6 scope prefix should you use?

A.    2001:123:4567:890A::
B.    FE80:123:4567::
C.    FF00:123:4567:890A::
D.    FD00:123:4567::

Answer: D

QUESTION 279
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. All servers run Windows Server 2012 R2.
You install the DHCP Server server role on both servers.
On Server1, you have the DHCP scope configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[14]
You need to configure the scope to be load-balanced across Server1 and Server2.
What Windows PowerShell cmdlet should you run on Server1?
To answer, select the appropriate options in the answer area.
 clip_image002[9]
Answer:
 clip_image002[11]

QUESTION 280
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two DHCP servers named Server1 and Server2. Both servers have multiple IPv4 scopes.
Server1 and Server2 are used to assign IP addresses for the network IDs of 172.20.0.0/16 and 131.107.0.0/16.
You install the IP Address Management (IPAM) Server feature on a server named IPAM1 and configure IPAM1 to manage Server1 and Server2.
Some users from the 172.20.0.0 network report that they occasionally receive an IP address conflict error message.
You need to identify whether any scopes in the 172.20.0.0 network ID conflict with one another.
What Windows PowerShell cmdlet should you run?
To answer, select the appropriate options in the answer area.
 clip_image002[13]
Answer:
 clip_image002[15]

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(261-270)!

QUESTION 261
Your network contains a Hyper-V host named Server1 that hosts 20 virtual machines. You need to view the amount of memory resources and processor resources each virtual machine uses currently.
Which tool should you use on Server1?

A.    Hyper-V Manager
B.    Windows System Resource Manager (WSRM)
C.    Task Manager
D.    Resource Monitor

Answer: A
Explanation:
You get it from the Hyper-V Manager
 clip_image002[1]

QUESTION 262
You have a server named Server1 that runs Windows Server 2012 R2. You create a Data Collector Set (DCS) named DCS1. You need to configure DCS1 to log data to D:\logs. What should you do?

A.    Right-click DCS1 and click Data Manager…
B.    Right-click DCS1 and click Save Template…
C.    Right-click DCS1 and click Properties.
D.    Right-click DCS1 and click Export list…

Answer: C
Explanation:
It is under the Directory tab from the DCS properties.
http://technet.microsoft.com/en-us/library/cc749267.aspx

QUESTION 263
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a server named Server1. You open Review Options in the Active Directory Domain Services Configuration Wizard, and then you click View script. You need to ensure that you can use the script to promote Server1 to a domain controller. Which file extension should you use to save the script?

A.    .xml
B.    .ps1
C.    .bat
D.    .cmd

Answer: B
Explanation:
The View Script button is used to view the corresponding PowerShell script The PowerShell script extension is .ps1, The Answer could logically be either a .cmd file or a .bat file.
According to http://www.fileinfo.com/:
PAL – Settings file created by Corel Painter or Palette of colors used by Dr. Halo bitmap images BAT – DOS batch file used to execute commands with the Windows Command Prompt (cmd.exe); contains aseries of line commands that typically might be entered at the DOS command prompt; most commonly used tostart programs and run maintenance utilities within Windows. XML – XML (Extensible Markup Language) data file that uses tags to define objects and object attributes;formatted much like an .HTML document, but uses custom tags to define objects and the data within eachobject; can be thought of as a text-based database. CMD – Batch file that contains a series of commands executed in order; introduced with Windows NT, but canbe run by DOS or Windows NT systems; similar to a .BAT file, but is run by CMD.EXE instead of COMMAND.COM.
 clip_image002[3]

QUESTION 264
Your network contains an Active Directory domain named adatum.com. You have a standard primary zone named adatum.com. You need to provide a user named User1 the ability to modify records in the zone. Other users must be prevented from modifying records in the zone. What should you do first?

A.    Run the Zone Signing Wizard for the zone.
B.    From the properties of the zone, change the zone type.
C.    Run the new Delegation Wizard for the zone.
D.    From the properties of the zone, modify the Start Of Authority (SOA) record.

Answer: C

QUESTION 265
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. One of the domain controllers is named DC1. The DNS zone for the contoso.com zone is Active Directory-integrated and has the default settings. A server named Server1 is a DNS server that runs a UNIX-based operating system. You plan to use Server1 as a secondary DNS server for the contoso.com zone. You need to ensure that Server1 can host a secondary copy of the contoso.com zone. What should you do?

A.    From Windows PowerShell, run the Set-DnsServerForwarder cmdlet and specify the contoso.com zone
as a target.
B.    From Windows PowerShell, run the Set-DnsServerSetting cmdlet and specify DC1 as a target.
C.    From Windows PowerShell, run the Set-DnsServerPrimaryZone cmdlet and specify the contoso.com zone
as a target.
D.    From DNS Manager, modify the Advanced settings of DC1.

Answer: C
Explanation:
C. The Set-DnsServerSecondaryZone cmdlet changes settings for an existing secondary zone on a Domain Name System (DNS) server.
http://technet.microsoft.com/en-us/library/jj649920(v=wps.620).aspx

QUESTION 266
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed. Server1 hosts 10 virtual machines. A virtual machine named VM1 runs Windows Server 2012 R2 and hosts a processor-intensive Application named App1. Users report that App1 responds more slowly than expected. You need to monitor the processor usage on VM1 to identify whether changes must be made to the hardware settings of VM1. Which performance object should you monitor on Server1?

A.    Hyper-V Hypervisor Logical Processor
B.    Processor
C.    Hyper-V Hypervisor Root Virtual Processor
D.    Process
E.    Hyper-V Hypervisor Virtual Processor

Answer: E

QUESTION 267
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012 R2.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)

A.    Run Enable AdfsDeviceRegistration -PrepareActiveDirectory.
B.    Edit the multi-factor authentication global authentication policy settings.
C.    Edit the primary authentication global authentication policy settings.
D.    Run Set-AdfsProxyPropertiesHttpPort 80.
E.    Run Enable-AdfsDeviceRegistration.

Answer: AB

QUESTION 268
Your network contains an Active Directory domain named contoso.com. All user accounts reside in an organizational unit (OU) named OU1. You create a Group Policy object (GPO) named GPO1. You link GPO1 to OU1. You configure the Group Policy preference of GPO1 to add a shortcut named Link1 to the desktop of each user. You discover that when a user deletes Link1, the shortcut is removed permanently from the desktop. You need to ensure that if a user deletes Link1, the shortcut is added to the desktop again. What should you do?

A.    Modify the Link1 shortcut preference of GPO1.
B.    Enable loopback processing in GPO1.
C.    Enforce GPO1.
D.    Modify the Security Filtering settings of GPO1.

Answer: A

QUESTION 269
Your network contains an Active Directory forest named contoso.com. The forest contains two sites named Main and Branch. The Main site contains 400 desktop computers and the Branch site contains 150 desktop computers. All of the desktop computers run Windows 8. In Main, the network contains a member server named Server1 that runs Windows Server 2012. You install the Windows Server Update Services server role on Server1. You need to ensure that Windows updates obtained from Windows Server Update Services (WSUS) are the same for the computers in each site. You want to achieve this goal by using the minimum amount of administrative effort. What should you do?

A.    From the Update Services console, create computer groups.
B.    From the Update Services console, configure the Computers options.
C.    From the Group Policy Management console, configure the Windows Update settings.
D.    From the Group Policy Management console, configure the Windows Anytime Upgrade settings.
E.    From the Update Services console, configure the Synchronization Schedule options.

Answer: C
Explanation:
Create one computer group for Main site and another group for Branch site. You can deploy Windows updates by computer group.

QUESTION 270
Hotspot Question
Your network contains three Active Directory forests. The forests are configured as shown in the following table.
 clip_image001
A two-way forest trust exists between contoso.com and divisionl.contoso.com. A two-way forest trust also exists between contoso.com and division2.contoso.com.
You plan to create a one-way forest trust from divisionl.contoso.com to division2.contoso.com.
You need to ensure that any cross-forest authentication requests are sent to the domain controllers in the appropriate forest after the trust is created.
How should you configure the existing forest trust settings?
In the table below, identify which configuration must be performed in each forest. Make only one selection in each column. Each correct selection is worth one point.
 clip_image001[4]
Answer:

clip_image001[6]
Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(251-260)!

QUESTION 251
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. You create an Active Directory snapshot of DC1 each day. You need to view the contents of an Active Directory snapshot from two days ago. What should you do first?

A.    Stop the Active Directory Domain Services (AD DS) service.
B.    Run the ntdsutil.exe command.
C.    Run the dsamain.exe command.
D.    Start the Volume Shadow Copy Service (VSS).

Answer: B

QUESTION 252
You have a server named Server1 that runs Windows Server 2012 R2. You need to configure Server1 to create an entry in an event log when the processor usage exceeds 60 percent. Which type of data collector should you create?

A.    an event trace data collector
B.    a performance counter data collector
C.    a performance counter alert
D.    a configuration data collector

Answer: C

QUESTION 253
Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2, On Server1, you create a Data Collector Set (DCS) named Data1. You need to export Data1 to Server2. What should you do first?

A.    Right-click Data1 and click Data Manager…
B.    Right-click Data1 and click Save template…
C.    Right-click Data1 and click Properties.
D.    Right-click Data1 and click Export list…

Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/cc766318.aspx

QUESTION 254
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1. You make a change to GPO1. You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort. Which tool should you use?

A.    The Set-AdComputercmdlet
B.    Group Policy Object Editor
C.    Active Directory Users and Computers
D.    Group Policy Management Console (GPMC)

Answer: D
Explanation:
In the previous versions of Windows, this was accomplished by having the user run GPUpdate.exe on their computer. Starting with Windows Server?2012 and Windows?8, you can now remotely refresh Group Policy settings for all computers in an OU from one central location through the Group Policy Management Console (GPMC). Or you can use the Invoke-GPUpdate cmdlet to refresh Group Policy for a set of computers, not limited to the OU structure, for example, if the computers are located in the default computers container.
Note: Group Policy Management Console (GPMC) is a scriptable Microsoft Management Console (MMC) snap-in, providing a single administrative tool for managing Group Policy across the enterprise. GPMC is the standard tool for managing Group Policy.
Incorrect:
Not B: Secedit configures and analyzes system security by comparing your current configuration to at least one template.
Reference: Force a Remote Group Policy Refresh (GPUpdate)

QUESTION 255
Your network contains an Active Directory domain named contoso.com. Network Access Protection (NAP) is deployed to the domain. You need to create NAP event trace log files on a client computer.
What should you run?

A.    Logman
B.    Tracert
C.    Register-EngineEvent
D.    Register-ObjectEvent

Answer: A

QUESTION 256
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2. You create a group Managed Service Account named gService1. You need to configure a service named Service1 to run as the gService1 account. How should you configure Service1?

A.    From a command prompt, run sc.exe and specify the sdset parameter.
B.    From the Services console, configure the General settings.
C.    From Windows PowerShell, run Set-Service and specify the -StartupType parameter.
D.    From the Services console, configure the Log On settings.

Answer: A
Explanation:
http://windows.microsoft.com/en-us/windows-vista/using-systemconfiguration http://technet.microsoft.com/en-us/library/ee176963.aspx
http://technet.microsoft.com/en-us/library/cc990290(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc738230(v=ws.10).aspx

QUESTION 257
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has 2 dual-core processors and 16 GB of RAM.
You install the Hyper-V server role in Server1.
You plan to create two virtual machines on Server1. You need to ensure that both virtual machines can use up to 8 GB of memory. The solution must ensure that both virtual machines can be started simultaneously. What should you configure on each virtual machine?

A.    Dynamic Memory
B.    NUMA topology
C.    Memory weight
D.    Ressource Control

Answer: A

QUESTION 258
You perform a Server Core Installation of Windows Server 2012 R2 on a server named Server1. You need to add a graphical user interface (GUI) to Server1. Which tool should you use?

A.    the dism.exe command
B.    the ocsetup.exe command
C.    the setup.exe command
D.    the Install-Module cmdlet

Answer: A
Explanation:
The DISM command is called by the Add-WindowsFeature command. Here is the systax for DISM:
Dism /online /enable-feature /featurename:ServerCore-FullServer /featurename:ServerGui-Shell /featurename:Server-Gui-Mgmt
 clip_image002

QUESTION 259
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two organizational units (OUs) named OU1 and OU2 in the root of the domain. Two Group Policy objects (GPOs) named GPO1 and GPO2 are created. GPO1 is linked to OU1. GPO2 is linked to OU2. OU1 contains a client computer named Computer1. OU2 contains a user named User1. You need to ensure that the GPOs Applied to Computer1areApplied to User1 when User1 logs on. What should you configure?

A.    Item-level targeting
B.    Block Inheritance
C.    GPO links
D.    The Enforced setting

Answer: C

QUESTION 260
Your network contains an Active Directory domain named contoso.com. The domain contains client computers that run either Windows XP, Windows 7, or Windows 8. Network Policy Server (NPS) is deployed to the domain. You plan to create a system health validator (SHV). You need to identify which policy settings can be Applied to all of the computers. Which three policy settings should you identify? (Each correct answer presents part of the solution. Choose three.)

A.    A firewall is enabled for all network connections.
B.    An antispyware application is on.
C.    Automatic updating is enabled.
D.    Antivirus is up to date.
E.    Antispyware is up to date.

Answer: ACD
Explanation:
* System health agent (SHA) is a NAP component.
* System health agent (SHA)
A component that checks the state of the client computer to determine whether the settings monitored by the SHA are up-to-date and configured correctly. For example, the Windows Security Health Agent (WSHA) can monitor Windows Firewall, whether antivirus software is installed, enabled, and updated, whether antispyware software is installed, enabled, and updated, and whether Microsoft Update Services is enabled and the computer has the most recent security updates from Microsoft Update Services. There might also be SHAs (and corresponding system health validators) available from other companies that provide different functionality.

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(241-250)!

QUESTION 241
Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 and Server2 are nodes in a failover cluster named Cluster1. The network contains two servers named Server3 and Server4 that run Windows Server 2012 R2. Server3 and Server4 are nodes in a failover cluster named Cluster2. You need to move all of the applications and the services from Cluster1 to Cluster2. What should you do first from Failover Cluster Manager?

A.    On a server in Cluster1, click Move Core Cluster Resources, and then click Select Node.
B.    On a server in Cluster2, configure Cluster-Aware Updating.
C.    On a server in Cluster1, configure Cluster-Aware Updating.
D.    On a server in Cluster2, click Migrate Roles.

Answer: A

QUESTION 242
Your network contains two servers named HV1 and HV2. Both servers run Windows Server 2012 R2 and have the Hyper-V server role installed. HV1 hosts 25 virtual machines. The virtual machine configuration files and the virtual hard disks are stored in D:\VM. You shut down all of the virtual machines on HV1. You copy D:\VM to D:\VM on HV2. You need to start all of the virtual machines on HV2. You want to achieve this goal by using the minimum amount of administrative effort. What should you do?

A.    Run the Import-VMInitialReplication cmdlet.
B.    From HV1, export all virtual machines to D:\VM.
Copy D:\VM to D:\VM on HV2 and overwrite the existing files.
On HV2, run the Import Virtual Machine wizard.
C.    From HV1, export all virtual machines to D:\VM.
Copy D:\VM to D:\VM on HV2 and overwrite the existing files.
On HV2, run the New Virtual Machine wizard.
D.    Run the Import-VM cmdlet.

Answer: D

QUESTION 243
Your company recently deployed a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012 R2. You need to identify the time-to-live (TTL) value for domain referrals to the NETLOGON and SYSVOL shared folders. Which tool should you use?

A.    Ultrasound
B.    Replmon
C.    Dfsdiag
D.    Frsutil

Answer: C

QUESTION 244
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has Microsoft SQL Server 2012 installed. You install the Active Directory Federation Services server role on Server2. You need to configure Server2 as the first Active Directory Federation Services (AD FS) server in the domain. The solution must ensure that the AD FS database is stored in a SQL Server database on Server1. What should you do on Server2?

A.    From the AD FS console, run the AD FS Federation Server Configuration Wizard and select the Stand-alone
federation server option.
B.    From Server Manager, install the Federation Service Proxy.
C.    From Windows PowerShell, run Install-ADFSFarm.
D.    From Server Manager, install the AD FS Web Agents.

Answer: A
Explanation:
To create the first federation server in a federation server farm There are two ways to start the AD FS Federation Server Configuration Wizard. On the Welcome page, verify that Create a new Federation Service is selected, and then click Next. On the Select Stand-Alone or Farm Deployment page, click New federation server farm, and then click Next.
On the Specify the Federation Service Name page, verify that the SSL certificate that is showing is correct. If this is not the correct certificate, select the appropriate certificate from the SSL certificate list.
Etc.
Note:
After you install the Federation Service role service and configure the required certificates on a computer, you are ready to configure the computer to become a federation server. You can use the following procedure to set up the computer to become the first federation server in a new federation server farm using the AD FS Federation Server Configuration Wizard. The act of creating the first federation server in a farm also creates a new Federation Service and makes this computer the primary federation server. This means that this computer will be configured with a read/write copy of the AD FS configuration database. All other federation servers in this farm must replicate any changes that are made on the primary federation server to their read-only copies of the AD FS configuration database that they store locally. Reference: To create the first federation server in a federation server farm

QUESTION 245
Your network contains two servers that run Windows Server 2012 R2 named Server1 and Server2. Both servers have the File Server role service installed. On Server2, you create a share named Backups. From Windows Server Backup on Server1, you schedule a full backup to run every night. You set the backup destination to \\Server2 \Backups.
After several weeks, you discover that \\Server2\Backups only contains the last backup that completed on Server1. You need to ensure that multiple backups of Server1 are maintained. What should you do?

A.    Modify the Volume Shadow Copy Service (VSS) settings.
B.    Modify the properties of the Windows Store Service (WSService) service.
C.    Change the backup destination,
D.    Configure the permission of the Backups share.

Answer: C

QUESTION 246
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has an enterprise root certification authority (CA) for contoso.com. You deploy another member server named Server2 that runs Windows Server 2012 R2 and has the Web Server (IIS) server role installed. You need to designate a website on Server1 as the certificate revocation list (CRL) distribution point for the C A. The solution must ensure that CRLs are published automatically to Server2. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Create an http:// CRL distribution point (CDP) entry.
B.    Configure a CA exit module.
C.    Create a file:// CRL distribution point (CDP) entry
D.    Configure an enrollment agent.
E.    Configure a CA policy module.

Answer: AE
Explanation:
A: To specify CRL distribution points in issued certificates Open the Certification Authority snap-in.
In the console tree, click the name of the CA.
On the Action menu, click Properties , and then click the Extensions tab. Confirm that Select extension is set to CRL Distribution Point (CDP) .
Do one or more of the following. (The list of CRL distribution points is in the Specify locations from which users can obtain a certificate revocation list (CRL) box.) / To indicate that you want to use a URL as a CRL distribution point Click the CRL distribution point, select the Include in the CDP extension of issued certificates check box, and then click OK .
Click Yes to stop and restart Active Directory Certificate Services (AD CS).
E: You can specify CRL Distribution Points (CDPs) in CAPolicy.inf. Note that any CDP in CAPolicy.inf will take precedence for certificate verifiers over the CDP’s specified in the CA policy module.
Note:
CRLDistributionPoint
You can specify CRL Distribution Points (CDPs) for a root CA certificate in the CAPolicy.inf. This section does not configure the CDP for the CA itself. After the CA has been installed you can configure the CDP URLs that the CA will include in each certificate that it issues. The URLs specified in this section of the CAPolicy.inf file are included in the root CA certificate itself.
Example:
[CRLDistributionPoint]
URL=http://pki.wingtiptoys.com/cdp/WingtipToysRootCA.crl

QUESTION 247
Your network contains an Active Directory domain named adatum.com. You create a new Group Policy object (GPO) named GPO1. You need to verify that GPO1 was replicated to all of the domain controllers. Which tool should you use?

A.    Gpupdate
B.    Gpresult
C.    Group Policy Management
D.    Active Directory Sites and Services

Answer: C

QUESTION 248
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2. You install Windows Server 2012 R2 on a new computer named DC3. You need to manually configure DC3 as a domain controller. Which tool should you use?

A.    winrm.exe
B.    Server Manager
C.    dcpromo.exe
D.    Active Directory Domains and Trusts

Answer: B
Explanation:
When you try to DCpromo a Server 2012, you get this message:
 clip_image001[1]

QUESTION 249
Your network contain an active directory domain named Contoso.com. The domain contains two servers named server1 and server2 that run Windows Server 2012 R2. You create a security template named template1 by using the security template snap-in. You need to apply template1 to server2. Which tool should you use?

A.    Security Configuration and Analysis
B.    Server Manager
C.    Security Template
D.    Computer management

Answer: A

QUESTION 250
Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. You need to create a custom Active Directory Application partition. Which tool should you use?

A.    Netdom
B.    Ntdsutil
C.    Dsmod
D.    Dsamain

Answer: B
Explanation:
* To create or delete an application directory partition Open Command Prompt.
Type:ntdsutil
At the ntdsutil command prompt, type:domain management
At the domain management command prompt, type:connection At the server connections command prompt, type:connect to server ServerName At the server connections command prompt, type:quit
At the domain management command prompt, do one of the following:
* partition management
Manages directory partitions for Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS).
This is a subcommand of Ntdsutil and Dsmgmt. Ntdsutil and Dsmgmt are command-line tools that are built into Windows Server 2008 and Windows Server 2008 R2.
/ partition management create nc %s1 %s2
Creates the application directory partition with distinguished name %s1, on the Active Directory domain controller or AD LDS instance with full DNS name %s2. If you specify “NULL” for %s2, this command uses the currently connected Active Directory domain controller. Use this command only with AD DS. For AD LDS, use create nc %s1 %s2 %s3.
Note:
* An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition.

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(231-240)!

QUESTION 231
You have a server named Server1 that runs Windows Server 2012 R2. You download and install the Windows Azure Online Backup Service Agent on Server1. You need to ensure that you can configure an online backup from Windows Server Backup. What should you do first?

A.    From Windows Server Backup, run the Register Server Wizard.
B.    From Computer Management, add the Server1 computer account to the Backup Operators group.
C.    From a command prompt, run wbadmin.exe enable backup.
D.    From the Services console, modify the Log On settings of the Windows Azure Online Backup Service Agent.

Answer: A
Explanation:
A. Enables you to back up and restore your operating system, volumes, files, folders, and applications from a command prompt.
B. To register a server for use with Windows Azure Backup you must run the register server wizard
http://technet.microsoft.com/en-us/library/hh831677.aspx

QUESTION 232
Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001
You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in the child1.contoso.com domain. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Upgrade DC1 to Windows Server 2012 R2.
B.    Upgrade DC11 to Windows Server 2012 R2.
C.    Raise the domain functional level ofchildl.contoso.com.
D.    Raise the domain functional level of contoso.com.
E.    Raise the forest functional level of contoso.com.

Answer: BD
Explanation:
If you want to create access control based on claims and compound authentication, you need to deploy Dynamic Access Control. This requires that you upgrade to Kerberos clients and use the KDC, which support these new authorization types. With Windows Server 2012 R2, you do not have to wait until all the domain controllers and the domain functional level are upgraded to take advantage of new access control options
http://technet.microsoft.com/en-us/library/hh831747.aspx.

QUESTION 233
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[4]
DC1 hosts an Active Directory-integrated zone for contoso.com. You add the DNS Server server role to DC2. You discover that the contoso.com DNS zone fails to replicate to DC2. You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2. You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Active Directory Domains and Trusts
B.    Active Directory Users and Computers
C.    Repadmin
D.    Ntdsutil

Answer: C
Explanation:
Repadmin.exe is a command line tool that is designed to assist administrators in diagnosing, monitoring, and troubleshooting Active Directory replication problems.
Reference: Repadmin Introduction and Technology Overview
Note: If you see question about AD Replication, First preference is AD sites and services, then
Repadmin and then DNSLINT.

QUESTION 234
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[6]
DC1 hosts an Active Directory-integrated zone for contoso.com. You add the DNS Server server role to DC2. You discover that the contoso.com DNS zone fails to replicate to DC2. You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2. You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Active Directory Users and Computers
B.    Ntdsutil
C.    DNS Manager
D.    Active Directory Domains and Trusts

Answer: C
Explanation:
The primary tool that you use to manage DNS servers is DNS Manager, the DNS snap-in in Microsoft Management Console (MMC), which appears as DNS in Administrative Tools on the Start menu. You can use DNS Manager along with other snapins in MMC, further integrating DNS administration into your total network management. It is also available in Server Manager on computers with the DNS Server role installed. You can use DNS Manager to perform the following basic administrative server tasks:
* Performing initial configuration of a new DNS server.
* Connecting to and managing a local DNS server on the same computer or remote DNS servers on other computers.
* Adding and removing forward and reverse lookup zones, as necessary.
* Adding, removing, and updating resource records in zones.
* Modifying how zones are stored and replicated between servers.
* Modifying how servers process queries and handle dynamic updates.
Modifying security for specific zones or resource records.
In addition, you can also use DNS Manager to perform the following tasks:
* Perform maintenance on the server. You can start, stop, pause, or resume the server or manually update server data files.
* Monitor the contents of the server cache and, as necessary, clear it.
* Tune advanced server options.
Configure and perform aging and scavenging of stale resource records that are stored by the server.
Reference: DNS Tools

QUESTION 235
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[8]
The Branch site contains a perimeter network. For security reasons, client computers in the perimeter network can communicate with client computers in the Branch site only. You plan to deploy a new RODC to the perimeter network in the Branch site. You need to ensure that the new RODC will be able to replicate from DC10. What should you do first on DC10?

A.    Run dcpromo and specify the /createdcaccount parameter.
B.    Run the Active Directory Domain Services Configuration Wizard.
C.    Run the Add-ADDSReadOnlyDomainControllerAccount cmdlet.
D.    Enable the Bridge all site links setting.

Answer: C
Explanation:
Creates a read-only domain controller (RODC) account that can be used to install an RODC in Active Directory.
Note:
* Notes
Once you have added the RODC account, you can add an RODC to a server computer by using the Install-ADDSDomainController cmdlet with the -ReadOnlyReplica switch parameter.
* Example
Adds a new read-only domain controller (RODC) account to the corp.contoso.com domain using the North America site as the source site for the replication source domain controller.
C:\PS>Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName corp.contoso.com -SiteName NorthAmerica
Reference: Add-ADDSReadOnlyDomainControllerAccount

QUESTION 236
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domainjoined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

A.    The Security Configuration Wizard
B.    The Certification Authority console
C.    Active Directory Administrative Center
D.    Certificate Templates

Answer: B
Explanation:
You can use the Certification Authority console to configure CAs. This includes the following tasks:
(B) Scheduling certificate revocation list publication.
Installing the CA certificate when necessary.
Configuring exit module settings.
Configuring policy module settings.
Modifying security permissions and delegate control of CAs. Enabling optional Netscape-compatible Web-based revocation checking.
Reference: Configure Certification Authorities

QUESTION 237
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the DNS Server server role installed. You need to store the contents of all the DNS queries received by Server1. What should you configure?

A.    Logging from Windows Firewall with Advanced Security
B.    Debug logging from DNS Manager
C.    A Data Collector Set (DCS) from Performance Monitor
D.    Monitoring from DNS Manager

Answer: D
Explanation:
The following DNS debug logging options are available:
* Direction of packets
Send Packets sent by the DNS server are logged in the DNS server log file. Receive Packets received by the DNS server are logged in the log file.
* Content of packets
(D) Standard queries Specifies that packets containing standard queries (per RFC 1034) are logged in the DNS server log file.
Updates Specifies that packets containing dynamic updates (per RFC 2136) are logged in the DNS server log file.
Notifies Specifies that packets containing notifications (per RFC 1996) are logged in the DNS server log file.
Etc.
Reference: Using server debug logging options

QUESTION 238
You have a server named LON-DC1 that runs Windows Server 2012 R2. An iSCSI virtual disk named VirtuahSCSIl.vhd exists on LON-DC1 as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[10]
You create a new iSCSI virtual disk named VirtualiSCSI2.vhd by using the existing itgt iSCSI target. VirtuahSCSI1.vhd is removed from LON-DC1. You need to assign VirtualiSCSI2.vhd a logical unit value of 0. What should you do?

A.    Run the Set-IscsiVirtualDisk cmdlet and specify the -DevicePath parameter.
B.    Run the iscsicpl command and specify the virtualdisklun parameter.
C.    Modify the properties of the itgt ISCSI target.
D.    Run the Set-VirtualDisk cmdlet and specify the -Uniqueld parameter.

Answer: D
Explanation:
Set-VirtualDisk
Modifies the attributes of an existing virtual disk.
Applies To: Windows Server 2012 R2
-UniqueId<String>
Specifies an ID used to uniquely identify a Disk object in the system. The ID persists through restarts. Note: Logical unit numbers (LUNs) created on an iSCSI disk storage subsystem are not directly assigned to a server. For iSCSI, LUNs are assigned to logical entities called targets.
Incorrect:
Not A: Set-IscsiVirtualDisk
Modifies the settings for the specified iSCSI virtual disk.
-Path<String> (alias: DevicePath)
Specifies the path of the virtual hard disk (VHD) file that is associated with the iSCSI virtual disk. Filter the iSCSI Virtual Disk object using this parameter.
Not B: iscsicpl.exe could is the Microsoft iSCSI Initiator Configuration Tool.
Microsoft Internet iSCSI Initiator enables you to connect a host computer that is running Windows 7 or Windows Server 2008 R2 to an external iSCSI-based storage array through an Ethernet network adapter.

QUESTION 239
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 contains a virtual machine named VM1 that runs Windows Server 2012 R2. You fail to start VM1 and you suspect that the boot files on VM1 are corrupt. On Server1, you attach the virtual hard disk (VHD) of VM1 and you assign the VHD a drive letter of F. You need to repair the corrupt boot files on VM1. What should you run?

A.    bootrec.exe /rebuildbcd
B.    bootrec.exe /scanos
C.    bcdboot.exe f:\windows /s c:
D.    bcdboot.exe c:\windows /s f:

Answer: D

QUESTION 240
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed. Server1 has a zone named contoso.com. The zone is configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[12]
You need to assign a user named User1 permission to add and delete records from the contoso.com zone only. What should you do first?

A.    Enable the Advanced view from DNS Manager.
B.    Add User1 to the DnsUpdateProxy group.
C.    Run the New Delegation Wizard.
D.    Configure the zone to be Active Directory-integrated.

Answer: D

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

1 2 3 4