70-410 Exam Questions - Online Test
70-410 Premium VCE File
150 Lectures, 20 Hours
Our pass rate is high to 98.9% and the similarity percentage between our exam 70 410 pdf study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft microsoft 70 410 exam exam in just one try? I am currently studying for the Microsoft 70 410 exam exam. Latest Microsoft mcp 70 410 Test exam practice questions and answers, Try Microsoft 70 410 exam Brain Dumps First.
P.S. Guaranteed 70-410 rapidshare are available on Google Drive, GET MORE: https://drive.google.com/open?id=1Tx7a0Kv4S8BSp9VK9XVHC-fWKOkcNnJK
New Microsoft 70-410 Exam Dumps Collection (Question 1 - Question 10)
Question No: 1
You have a server named Server1 that runs Windows Server 2012 R2. You promote Server1 to a domain controller.
You need to view the service location (SRV) records that Server1 registers in DNS. What should you do on Server1?
A. Open the Srv.sys file.
B. Open the Netlogon.dns file.
C. Run ipconfig /displaydns.
D. Run Get-DnsServerDiagnostics.
Answer: B
Explanation:
:A. Timestamp server driver
:B. Netlogon service creates a log file that contains all the locator resource records stored in netlogon.
:C. used to display current resolver cache content
:D. Gets DNS event logging details
:A.
C:\Users\Chaudhry\Desktop\1.jpg
Question No: 2
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed.
On Server1, you create and start a virtual machine named VM1. VM1 is configured as shown in the following table.
You need to recommend a solution to minimize the amount of disk space used for the checkpoint of VM1.
What should you do before you create the checkpoint?
A. Run the Resize-VHD cmdlet.
B. Convert Disk1.vhd to a dynamically expanding disk.
C. Shut down VM1.
D. Run the Convert-VHD cmdlet.
Answer: C
Explanation:
Changing between a fixed and dynamic disk type does not alter the size of a SNAPSHOT much at all.
However, since a snapshot is a record of a VMs state at the exact time that the snapshot was taken, shutting down the VM before taking the snapshot prevents the snapshot from having to contain all of the data in RAM (as there is no data in memory when a machine is powered down).
The question states that the solution should minimize the amount of disk space used for the checkpoint of VM1. If the checkpoint is taken while VM1 is running, there will be two attritional files present at the checkpoint location; a .VSV with VM1 saved state files and a
.BIN file which contains VM1u2021s memory contents. If, however, VM1 is shut down first, these files will not be created, thus saving disk space.
In order to convert Disk1.vhd to a dynamically expanding disk, VM1 still have to be shut down.
Question No: 3
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 are part of a workgroup.
On Server1 and Server2, you create a local user account named Admin1.You add the account to the local Administrators group. On both servers, Admin1 has the same password.
You log on to Server1 as Admin1. You open Computer Management and you.connect to Server2.
When you attempt to create a scheduled task, view the event logs, and manage the shared folders, you receive Access Denied messages.
You need to ensure that you can administer Server2 remotely from Server1 by using Computer Management.
What should you configure on Server2?
A. From Server Manager, modify the Remote Management setting.
B. From Local Users and Groups, modify the membership of the Remote Management Users group.
C. From Windows Firewall, modify the Windows Management Instrumentation (WMI) firewall rule.
D. From Registry Editor, configure the LocalAccountTokenFilterPolicy registry value.
Answer: D
Explanation:
The LocalAccountTokenFilterPolicy setting affects how administrator credentials are applied to remotely administer the computer.
Reference: http://support.microsoft.com/kb/942817
Question No: 4
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
Server2 establishes an IPSec connection to Server1.
You need to view which authentication method was used to establish the initial IPSec connection.
What should you do?
A. From Windows Firewall with Advanced Security, view the quick mode security association.
B. From Event Viewer, search the Application Log for events that have an ID of 1704.
C. From Event Viewer, search the Security Log for events that have an ID of 4672.
D. From Windows Firewall with Advanced Security, view the main mode security association.
Answer: D
Explanation:
Main mode negotiation establishes a secure channel between two computers by determining a set of cryptographic protection suites, exchanging keying material to establish a shared secret key, and authenticating computer and user identities. A security association (SA) is the information maintained about that secure channel on the local computer so that it can use the information for future network traffic to the remote computer. You can monitor main mode SAs for information like which peers are currently connected to this computer and which protection suite was used to form the SA.
To get to this view
In the Windows Firewall with Advanced Security MMC snap-in, expand Monitoring, expand Security Associations, and then click Main Mode.
The following information is available in the table view of all main mode SAs. To see the information for a single main mode SA, double-click the SA in the list.
Main mode SA information
You can add, remove, reorder, and sort by these columns in the Results pane: Local Address: The local computer IP address.
Remote Address: The remote computer or peer IP address.
1st Authentication Method: The authentication method used to create the SA.
1st Authentication Local ID: The authenticated identity of the local computer used in first authentication.
1st Authentication Remote ID: The authenticated identity of the remote computer used in first authentication.
2nd Authentication Method: The authentication method used in the SA.
2nd Authentication Local ID: The authenticated identity of the local computer used in second authentication.
2nd Authentication Remote ID: The authenticated identity of the remote computer used in second authentication.
Encryption: The encryption method used by the SA to secure quick mode key exchanges. Integrity: The data integrity method used by the SA to secure quick mode key exchanges. Key Exchange: The Diffie-Hellman group used to create the main mode SA.
Reference: http://technet.microsoft.com/en-us/library/dd448497(v=ws.10).aspx
Question No: 5
You have a server named Data1 that runs a Server Core Installation of Windows Server 2012 R2 Standard.
You need to configure Data1 to run a Server Core Installation of Windows Server 2012 R2 Enterprise. You want to achieve this goal by using the minimum amount of administrative effort.
What should you perform?
A. a clean installation of Windows Server 2012
B. an offline servicing by using Dism
C. an online servicing by using Dism
D. an upgrade installation of Windows Server 2012
Answer: C
Explanation: References:
Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 2: Deploying Servers, p. 44
Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2: Chapter 1: Installing and Configuring Servers, p. 19-22
Question No: 6
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. Client computers run either Windows 7 or Windows 8.
All of the computer accounts of the client computers reside in an organizational unit (OU) named Clients. A Group Policy object (GPO) named GPO1 is linked to the Clients OU. All of the client computers use a DNS server named Server1.
You configure a server named Server2 as an ISATAP router. You add a host (A) record for ISATAP to the contoso.com DNS zone.
You need to ensure that the client computers locate the ISATAP router. What should you do?
A. Run the Set-DnsServerGlobalQueryBlockList cmdlet on Server1.
B. Configure the Network Options Group Policy preference of GPO1.
C. Run the Add-DnsServerResourceRecord cmdlet on Server1.
D. Configure the DNS Client Group Policy setting of GPO1.
Answer: A
Explanation:
The Set-DnsServerGlobalQueryBlockList command will change the settings of a global query block list which you can use to ensure that client computers locate the ISATAP router.
Windows Server 2008 introduced a new feature, called u201cGlobal Query Block listu201d, which prevents some arbitrary machine from registering the DNS name of WPAD. This is a good security feature, as it prevents someone from just joining your network, and setting himself up as a proxy. The dynamic update feature of Domain Name System (DNS) makes it possible for DNS client computers to register and dynamically update their resource records with a DNS server whenever a client changes its network address or host name. This reduces the need for manual administration of zone records. This convenience comes at a cost, however, because any authorized client can register any unused host name, even a host name that might have special significance for certain Applications. This can allow a malicious user to take over a special name and divert certain types of network traffic to that useru2021s computer. Two commonly deployed protocols are particularly vulnerable to this type of takeover: the Web Proxy Automatic Discovery Protocol (WPAD) and the Intra-site Automatic Tunnel Addressing Protocol (ISATAP). Even if a network does not deploy these protocols, clients that are configured to use them are vulnerable to the takeover that DNS dynamic update enables. Most commonly, ISATAP hosts construct their PRLs by using DNS to locate a host named isatap on the local domain. For example, if the local domain is corp.contoso.com, an ISATAP-enabled host queries DNS to obtain the IPv4 address of a host named isatap.corp.contoso.com. In its default configuration, the Windows Server 2008 DNS Server service maintains a list of names that, in effect, it ignores when it receives a query to resolve the name in any zone for which the server is authoritative. Consequently, a malicious user can spoof an ISATAP router in much the same way as a malicious user can spoof a WPAD server: A malicious user can use dynamic update to register the useru2021s own computer as a counterfeit ISATAP router and then divert traffic between ISATAP-enabled computers on the network. The initial contents of the blocktypes of resource records. Use different switches for different record types. By using this cmdlet, you can list depend on whether WPAD or ISATAP is already deployed when you add the DNS server role to an existing Windows Server 2008 deployment or when you upgrade an earlier version of Windows Server running the DNS Server service. Add- DnsServerResourceRecord u2013 The Add-DnsServerResourceRecordcmdlet adds a resource record for a Domain Name System (DNS) zone on a DNS server. You can add different change a value for a record, configure whether a record has a time stamp, whether any authenticated user can update a record with the same owner name, and change lookup timeout values, Windows Internet Name Service (WINS) cache settings, and replication settings. Set-DnsServerGlobalQueryBlockList u2013 The Set- DnsServerGlobalQueryBlockListcmdlet changes settings of a global query block list on a Domain Name System (DNS) server. This cmdlet replaces all names in the list of names that the DNS server does not resolve with the names that you specify. If you need the DNS server to resolve names such as ISATAP and WPAD, remove these names from the list. Web Proxy Automatic Discovery Protocol (WPAD) and Intra-site Automatic Tunnel Addressing Protocol (ISATAP) are two commonly deployed protocols that are particularly vulnerable to hijacking.
References:
Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 4: Deploying domain controllers, Lesson 4: Configuring IPv6/IPv4 Interoperability, p. 254-256 http://technet.microsoft.com/en-us/library/jj649942(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj649876(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj649874.aspx
http://technet.microsoft.com/en-us/library/jj649909.aspx
Question No: 7
Your network contains an Active Directory domain named adatum.com. The domain contains a member server named L0N-DC1. L0N-DC1 runs Windows Server 2012 R2 and has the DHCP Server server role installed.
The network contains 100 client computers and 50 IP phones. The computers and the phones are from the same vendor.
You create an IPv4 scope that contains addresses from 172.16.0.1 to 172.16.1.254.
You need to ensure that the IP phones receive IP addresses in the range of 172.16.1.100 to 172.16.1.200. The solution must minimize administrative effort.
What should you create?
A. Server level policies
B. Reservations
C. Filters
D. Scope level policies
Answer: D
Explanation:
The scope is already in place.
Scope level policies are typically settings that only apply to that scope. They can also overwrite a setting that was set at the server level.
When a client matches the conditions of a policy, the DHCP server responds to the clients based on the settings of a policy.
Settings associated to a policy can be an IP address range and/or options.
An administrator could configure the policy to provide an IP address from a specified sub- range within the overall IP address range of the scope.
You can also provide different option values for clients satisfying this policy. Policies can be defined server wide or for a specific scope.
A server wide policy u2013 on the same lines as server wide option values u2013 is applicable to all scopes on the DHCP server.
A server wide policy however cannot have an IP address range associated with it. There a couple of ways to segregate clients based on the type of device. One way to do this is by using vendor class/identifier.
This string sent in option 60 by most DHCP clients identify the vendor and thereby the type of the device.
Another way to segregate clients based on device type is by using the MAC address prefix. The first three bytes of a MAC address is called OUI and identify the vendor or manufacturer of the device.
By creating DHCP policies with conditions based on Vendor Class or MAC address prefix, you can now segregate the clients in your subnet in such a way, that devices of a specific type get an IP address only from a specified IP address range within the scope. You can also give different set of options to these clients.
In conclusion, DHCP policies in Windows Server 2012 R2 enables grouping of clients/devices using the different criteria and delivering targeted network configuration to them.
Policy based assignment in Windows Server 2012 R2 DHCP allows you to create simple yet powerful rules to administer DHCP on your network.
References:
Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 6: Network Administration, p.253
Question No: 8
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and a server named Server2 that runs Windows Server 2008 R2 Service Pack 1 (SP1).Both servers are member servers.
On Server2, you install all of the software required to ensure that Server2 can be managed remotely from Server Manager.
You need to ensure that you can manage Server2 from Server1 by using Server Manager. Which two tasks should you perform on Server2? (Each correct answer presents part of the solution.Choose two.)
A. Run the systempropertiesremote. execommand.
B. Run the Fnable-PsRemoting cmdlet.
C. Run the Enable-PsSessionConfigurationcmdlet.
D. Run the Confiqure-SMRemoting.ps1script.
E. Run the Set-ExecutionPolicycmdlet.
Answer: D,E
Explanation:
The output of this command indicates whether Server Manager Remoting is enabled or disabled on the server. To configure Server Manager remote management by using Windows PowerShell
On the computer that you want to manage remotely, open a Windows PowerShell session with elevated user rights.To do this, click Start, click All Programs, click Accessories, click Windows PowerShell, right-click the Windows PowerShell shortcut, and then click Run as administrator.
In the Windows PowerShell session, type the following, and then press Enter. Set-ExecutionPolicy -ExecutionPolicyRemoteSigned
Type the following, and then press Enter to enable all required firewall rule exceptions. Configure-SMRemoting.ps1 -force u2013enable.
Question No: 9
Your network contains an Active Directory domain named contoso.com. The domain contains a DHCP server named Server1 that runs Windows Server 2012 R2.
You create a DHCP scope named Scope1. The scope has a start address of 192.168.1.10, an end address of 192.168.1.50, and a subnet mask of 255.255.255.192.
You need to ensure that Scope1 has a subnet mask of 255.255.255.0. What should you do first?
A. From the DHCP console, reconcile Scope1.
B. From the DHCP console, delete Scope1.
C. From the DHCP console, modify the Scope Options of Scope1.
D. From Windows PowerShell, run the Set-DhcpServerv4Scope cmdlet.
Answer: B
Explanation:
You cannot change the subnet mask of a DHCP scope without deleting the scope and recreating it with the new subnet mask.
Set-DhcpServerv4Scope does not include a parameter for the subnet mask.
Question No: 10
You have a print server named Server1 that runs Windows Server 2012 R2.
You discover that when there are many pending print jobs, the system drive occasionally runs out of free space.
You add a new hard disk to Server1.You create a new NTFS volume.
You need to prevent the print jobs from consuming disk space on the system volume. What should you modify?
A. The properties on the new volume
B. The properties of the Print Spooler service
C. The Print Server Properties
D. The properties of each shared printer
Answer: C
Explanation:
Windows spools print jobs by default to the following directory as they are processed:
%SystemRoot%\SYSTEM32\SPOOL\PRINTERS.
It is possible for the administrator of a Windows print server to manually instruct Windows the location for placing the spool files, if for example there is a concern for disk space.
100% Rebirth Microsoft 70-410 Questions & Answers shared by Certleader, Get HERE: https://www.certleader.com/70-410-dumps.html (New 496 Q&As)
- Approved AZ-300 Bundle 2021
- The Secret of Microsoft 70-488 vce
- What Tested PL-500 Training Materials Is
- All About High quality 70-347 practice test
- Top Quality 70-640 Exam Dumps 2021
- The Secret of Microsoft 70-410 pdf
- Virtual AZ-202 Dumps Questions 2021
- how many questions of 70-499 examcollection?
- Microsoft MS-500 Testing Software 2021
- Microsoft 70-744 Study Guides 2021