70-411 Exam Questions - Online Test
70-411 Premium VCE File
150 Lectures, 20 Hours
Want to know Ucertify exam 70 411 Exam practice test features? Want to lear more about Microsoft Administering Windows Server 2012 certification experience? Study Accurate Microsoft 70 411 study guide answers to Far out 70 411 administering windows server 2012 r2 pdf questions at Ucertify. Gat a success with an absolute guarantee to pass Microsoft 70 411 dumps (Administering Windows Server 2012) test on your first attempt.
Q11. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed.
On Server1, you create a network policy named Policy1.
You need to configure Policy1 to ensure that users are added to a VLAN.
Which attributes should you add to Policy1?
A. Tunnel-Tag, Tunnel-Password, Tunnel-Medium-Type, and Tunnel-Preference
B. Tunnel-Tag, Tunnel-Server-Auth-ID, Tunnel-Preference, and Tunnel-Pvt-Group-ID
C. Tunnel-Type, Tunnel-Tag, Tunnel-Medium-Type, and Tunnel-Pvt-Group-ID
D. Tunnel-Type, Tunnel-Password, Tunnel-Server-Auth-ID, and Tunnel-Pvt-Group-ID
Answer: C
Explanation:
VLAN attributes used in network policy
When you use network hardware, such as routers, switches, and access controllers that support virtual local area networks (VLANs), you can configure Network Policy Server (NPS) network policy to instruct the access servers to place members of Active Directory. groups on VLANs.
Before configuring network policy in NPS for VLANs, create groups of users in Active Directory Domain Services (AD DS) that you want to assign to specific VLANs. Then when you run the New Network Policy wizard, add the Active Directory group as a condition of the network policy.
You can create a separate network policy for each group that you want to assign to a VLAN. For more information, see Create a Group for a Network Policy. When you configure network policy for use with VLANs, you must configure the RADIUS standard attributes Tunnel-Medium-Type, Tunnel-Pvt-Group-ID, and Tunnel-Type. Some hardware vendors also require the use of the RADIUS standard attribute Tunnel-Tag.
To configure these attributes in a network policy, use the New Network Policy wizard to create a network policy. You can add the attributes to the network policy settings while running the wizard or after you have successfully created a policy with the wizard.
. Tunnel-Medium-Type. Select a value appropriate to the previous selections you made while running the New Network Policy wizard. For example, if the network policy you are configuring is a wireless policy, in Attribute Value, select 802 (Includes all 802 media plus Ethernet canonical format).
. Tunnel-Pvt-Group-ID. Enter the integer that represents the VLAN number to which group members will be assigned. For example, if you want to create a Sales VLAN for your sales team by assigning team members to VLAN 4, type the number 4.
. Tunnel-Type. Select the value Virtual LANs (VLAN).
. Tunnel-Tag. Some hardware devices do not require this attribute. If your hardware device requires this attribute, obtain this value from your hardware documentation.
Q12. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012.
You pre-create a read-only domain controller (P.QDC) account named RODC1.
You export the settings of RODC1 to a file named Filel.txt.
You need to promote RODC1 by using File1.txt.
Which tool should you use?
A. The Install-WindowsFeature cmdlet
B. The Add-WindowsFeature cmdlet
C. The Dism command
D. The Install-ADDSDomainController cmdlet
E. the Dcpromo command
Answer: E
Q13. Your network contains an Active Directory domain named contoso.com. The domain contains client computers that run either Windows XP or Windows 8.
Network Policy Server (NPS) is deployed to the domain.
You plan to create a system health validator (SHV).
You need to identify which policy settings can be applied to all of the computers.
Which three policy settings should you identify? (Each correct answer presents part of the solution. Choose three.)
A. Antispyware is up to date.
B. Automatic updating is enabled.
C. Antivirus is up to date.
D. A firewall is enabled for all network connections.
E. An antispyware application is on.
Answer: B,C,D
Explanation:
The WSHA on NAP client computers running Windows XP SP3 does not monitor the status of antispyware applications.
Q14. Your network contains an Active Directory domain named adatum.com. The domain contains 10 domain controllers that run Windows Server 2012 R2.
You plan to create a new Active Directory-integrated zone named contoso.com.
You need to ensure that the new zone will be replicated to only four of the domain controllers.
What should you do first?
A. Create an application directory partition.
B. Create an Active Directory connection object.
C. Create an Active Directory site link.
D. Change the zone replication scope.
Answer: A
Explanation:
Application directory partitions An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition.
Q15. Your network is configured as shown in the exhibit. (Click the Exhibit button.)
Server1 regularly accesses Server2.
You discover that all of the connections from Server1 to Server2 are routed through Routerl.
You need to optimize the connection path from Server1 to Server2.
Which route command should you run on Server1?
A. Route add -p 192.168.2.0 MASK 255.255.255.0 192.168.2.1 METRIC 50
B. Route add -p 192.168.2.12 MASK 255.255.255.0 192.168.2.1 METRIC 100
C. Route add -p 192.168.2.12 MASK 255.255.255.0 192.168.2.0 METRIC 50
D. Route add -p 192.168.2.0 MASK 255.255.255.0 192.168.1.2 METRIC 100
Answer: D
Q16. Your network contains an Active Directory forest named contoso.com. The functional level of the forest is Windows Server 2008 R2.
All of the user accounts in the marketing department are members of a group named Contoso\MarketingUsers. All of the computer accounts in the marketing department are members of a group named Contoso\MarketingComputers.
A domain user named User1 is a member of the Contoso\MarketingUsers group. A computer named Computer1 is a member of the Contoso\MarketingComputers group.
You have five Password Settings objects (PSOs). The PSOs are defined as shown in the following table.
When User1 logs on to Computer1 and attempts to change her password, she receives an error message indicating that her password is too short.
You need to tell User1 what her minimum password length is.
What should you tell User1?
A. 10
B. 11
C. 12
D. 14
Answer: A
Explanation:
One PSO has a precedence value of 2 and the other PSO has a precedence value of 4. In this case, the PSO that has the precedence value of 2 has a higher rank and, hence, is applied to the object.
Q17. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Windows Deployment Services server role installed.
Server1 contains two boot images and four install images.
You need to ensure that when a computer starts from PXE, the available operating system
images appear in a specific order.
What should you do?
A. Modify the properties of the boot images.
B. Create a new image group.
C. Modify the properties of the install images.
D. Modify the PXE Response Policy.
Answer: C
Q18. Your network contains an Active Directory domain named contoso.com. The domain contains a virtual machine named Server1 that runs Windows Server 2012 R2.
Server1 has a dynamically expanding virtual hard disk that is mounted to drive E.
You need to ensure that you can enable BitLocker Drive Encryption (BitLocker) on drive E.
Which command should you run?
A. manage-bde -protectors -add c: -startup e:
B. manage-bde -lock e:
C. manage-bde -protectors -add e: -startupkey c:
D. manage-bde -on e:
Answer: D
Explanation:
Manage-bde: on
Encrypts the drive and turns on BitLocker.
Example:
The following example illustrates using the -on command to turn on BitLocker for drive C and add a recovery password to the drive.
manage-bde –on C: -recoverypassword
Q19. You manage a server that runs Windows Server 2012 R2. The server has the Windows Deployment Services server role installed.
You start a virtual machine named VM1 as shown in the exhibit. (Click the Exhibit button.)
You need to configure a pre-staged device for VM1 in the Windows Deployment Services console.
Which two values should you assign to the device ID? (Each correct answer presents a complete solution. Choose two.)
A. 979708BFC04B45259FE0C4150BB6C618
B. 979708BF-C04B-4525-9FE0-C4150BB6C618
C. 00155D000F1300000000000000000000
D. 0000000000000000000000155D000F13
E. 00000000-0000-0000-0000-C4150BB6C618
Answer: B,D
Explanation:
Use client computer's media access control (MAC) address preceded with twenty zeros or the globally unique identifier (GUID) in the format: {XXXXXXXX-XXXX-XXXX-XXX-XXXXXXXXXXXX}.
Reference: http: //technet. microsoft. com/en-us/library/cc754469. aspx
Q20. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily.
The domain has the Active Directory Recycle Bin enabled.
During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups.
For documentation purposes, you must provide a list of the members of Group1 before the group was deleted.
You need to identify the names of the users who were members of Group1 prior to its deletion.
You want to achieve this goal by using the minimum amount of administrative effort.
What should you do first?
A. Mount the most recent Active Directory backup.
B. Reactivate the tombstone of Group1.
C. Perform an authoritative restore of Group1.
D. Use the Recycle Bin to restore Group1.
Answer: A
Explanation:
The Active Directory Recycle Bin does not have the ability to track simple changes to objects.
If the object itself is not deleted, no element is moved to the Recycle Bin for possible recovery in the future. In other words, there is no rollback capacity for changes to object properties, or, in other words, to the values of these properties.
- 10 Tips For Far out 70-410 exam dumps
- 100% Correct 70-741 Free Practice Questions 2021
- The Secret of Microsoft 70-413 practice test
- Up to the minute 70-494 Exam Study Guides With New Update Exam Questions
- Microsoft MB2-713 Dumps Questions 2021
- Best Quality 70-741 Free Practice Questions 2021
- The Leading Guide To MS-740 Test
- Microsoft AZ-100 Free Practice Questions 2021
- 10 Tips For Far out 70-464 pdf
- All About Actual 70-488 braindumps