Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(231-240)!

QUESTION 231
You have a server named Server1 that runs Windows Server 2012 R2. You download and install the Windows Azure Online Backup Service Agent on Server1. You need to ensure that you can configure an online backup from Windows Server Backup. What should you do first?

A.    From Windows Server Backup, run the Register Server Wizard.
B.    From Computer Management, add the Server1 computer account to the Backup Operators group.
C.    From a command prompt, run wbadmin.exe enable backup.
D.    From the Services console, modify the Log On settings of the Windows Azure Online Backup Service Agent.

Answer: A
Explanation:
A. Enables you to back up and restore your operating system, volumes, files, folders, and applications from a command prompt.
B. To register a server for use with Windows Azure Backup you must run the register server wizard
http://technet.microsoft.com/en-us/library/hh831677.aspx

QUESTION 232
Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001
You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in the child1.contoso.com domain. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Upgrade DC1 to Windows Server 2012 R2.
B.    Upgrade DC11 to Windows Server 2012 R2.
C.    Raise the domain functional level ofchildl.contoso.com.
D.    Raise the domain functional level of contoso.com.
E.    Raise the forest functional level of contoso.com.

Answer: BD
Explanation:
If you want to create access control based on claims and compound authentication, you need to deploy Dynamic Access Control. This requires that you upgrade to Kerberos clients and use the KDC, which support these new authorization types. With Windows Server 2012 R2, you do not have to wait until all the domain controllers and the domain functional level are upgraded to take advantage of new access control options
http://technet.microsoft.com/en-us/library/hh831747.aspx.

QUESTION 233
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[4]
DC1 hosts an Active Directory-integrated zone for contoso.com. You add the DNS Server server role to DC2. You discover that the contoso.com DNS zone fails to replicate to DC2. You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2. You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Active Directory Domains and Trusts
B.    Active Directory Users and Computers
C.    Repadmin
D.    Ntdsutil

Answer: C
Explanation:
Repadmin.exe is a command line tool that is designed to assist administrators in diagnosing, monitoring, and troubleshooting Active Directory replication problems.
Reference: Repadmin Introduction and Technology Overview
Note: If you see question about AD Replication, First preference is AD sites and services, then
Repadmin and then DNSLINT.

QUESTION 234
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[6]
DC1 hosts an Active Directory-integrated zone for contoso.com. You add the DNS Server server role to DC2. You discover that the contoso.com DNS zone fails to replicate to DC2. You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2. You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Active Directory Users and Computers
B.    Ntdsutil
C.    DNS Manager
D.    Active Directory Domains and Trusts

Answer: C
Explanation:
The primary tool that you use to manage DNS servers is DNS Manager, the DNS snap-in in Microsoft Management Console (MMC), which appears as DNS in Administrative Tools on the Start menu. You can use DNS Manager along with other snapins in MMC, further integrating DNS administration into your total network management. It is also available in Server Manager on computers with the DNS Server role installed. You can use DNS Manager to perform the following basic administrative server tasks:
* Performing initial configuration of a new DNS server.
* Connecting to and managing a local DNS server on the same computer or remote DNS servers on other computers.
* Adding and removing forward and reverse lookup zones, as necessary.
* Adding, removing, and updating resource records in zones.
* Modifying how zones are stored and replicated between servers.
* Modifying how servers process queries and handle dynamic updates.
Modifying security for specific zones or resource records.
In addition, you can also use DNS Manager to perform the following tasks:
* Perform maintenance on the server. You can start, stop, pause, or resume the server or manually update server data files.
* Monitor the contents of the server cache and, as necessary, clear it.
* Tune advanced server options.
Configure and perform aging and scavenging of stale resource records that are stored by the server.
Reference: DNS Tools

QUESTION 235
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[8]
The Branch site contains a perimeter network. For security reasons, client computers in the perimeter network can communicate with client computers in the Branch site only. You plan to deploy a new RODC to the perimeter network in the Branch site. You need to ensure that the new RODC will be able to replicate from DC10. What should you do first on DC10?

A.    Run dcpromo and specify the /createdcaccount parameter.
B.    Run the Active Directory Domain Services Configuration Wizard.
C.    Run the Add-ADDSReadOnlyDomainControllerAccount cmdlet.
D.    Enable the Bridge all site links setting.

Answer: C
Explanation:
Creates a read-only domain controller (RODC) account that can be used to install an RODC in Active Directory.
Note:
* Notes
Once you have added the RODC account, you can add an RODC to a server computer by using the Install-ADDSDomainController cmdlet with the -ReadOnlyReplica switch parameter.
* Example
Adds a new read-only domain controller (RODC) account to the corp.contoso.com domain using the North America site as the source site for the replication source domain controller.
C:\PS>Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName corp.contoso.com -SiteName NorthAmerica
Reference: Add-ADDSReadOnlyDomainControllerAccount

QUESTION 236
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domainjoined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

A.    The Security Configuration Wizard
B.    The Certification Authority console
C.    Active Directory Administrative Center
D.    Certificate Templates

Answer: B
Explanation:
You can use the Certification Authority console to configure CAs. This includes the following tasks:
(B) Scheduling certificate revocation list publication.
Installing the CA certificate when necessary.
Configuring exit module settings.
Configuring policy module settings.
Modifying security permissions and delegate control of CAs. Enabling optional Netscape-compatible Web-based revocation checking.
Reference: Configure Certification Authorities

QUESTION 237
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the DNS Server server role installed. You need to store the contents of all the DNS queries received by Server1. What should you configure?

A.    Logging from Windows Firewall with Advanced Security
B.    Debug logging from DNS Manager
C.    A Data Collector Set (DCS) from Performance Monitor
D.    Monitoring from DNS Manager

Answer: D
Explanation:
The following DNS debug logging options are available:
* Direction of packets
Send Packets sent by the DNS server are logged in the DNS server log file. Receive Packets received by the DNS server are logged in the log file.
* Content of packets
(D) Standard queries Specifies that packets containing standard queries (per RFC 1034) are logged in the DNS server log file.
Updates Specifies that packets containing dynamic updates (per RFC 2136) are logged in the DNS server log file.
Notifies Specifies that packets containing notifications (per RFC 1996) are logged in the DNS server log file.
Etc.
Reference: Using server debug logging options

QUESTION 238
You have a server named LON-DC1 that runs Windows Server 2012 R2. An iSCSI virtual disk named VirtuahSCSIl.vhd exists on LON-DC1 as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[10]
You create a new iSCSI virtual disk named VirtualiSCSI2.vhd by using the existing itgt iSCSI target. VirtuahSCSI1.vhd is removed from LON-DC1. You need to assign VirtualiSCSI2.vhd a logical unit value of 0. What should you do?

A.    Run the Set-IscsiVirtualDisk cmdlet and specify the -DevicePath parameter.
B.    Run the iscsicpl command and specify the virtualdisklun parameter.
C.    Modify the properties of the itgt ISCSI target.
D.    Run the Set-VirtualDisk cmdlet and specify the -Uniqueld parameter.

Answer: D
Explanation:
Set-VirtualDisk
Modifies the attributes of an existing virtual disk.
Applies To: Windows Server 2012 R2
-UniqueId<String>
Specifies an ID used to uniquely identify a Disk object in the system. The ID persists through restarts. Note: Logical unit numbers (LUNs) created on an iSCSI disk storage subsystem are not directly assigned to a server. For iSCSI, LUNs are assigned to logical entities called targets.
Incorrect:
Not A: Set-IscsiVirtualDisk
Modifies the settings for the specified iSCSI virtual disk.
-Path<String> (alias: DevicePath)
Specifies the path of the virtual hard disk (VHD) file that is associated with the iSCSI virtual disk. Filter the iSCSI Virtual Disk object using this parameter.
Not B: iscsicpl.exe could is the Microsoft iSCSI Initiator Configuration Tool.
Microsoft Internet iSCSI Initiator enables you to connect a host computer that is running Windows 7 or Windows Server 2008 R2 to an external iSCSI-based storage array through an Ethernet network adapter.

QUESTION 239
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 contains a virtual machine named VM1 that runs Windows Server 2012 R2. You fail to start VM1 and you suspect that the boot files on VM1 are corrupt. On Server1, you attach the virtual hard disk (VHD) of VM1 and you assign the VHD a drive letter of F. You need to repair the corrupt boot files on VM1. What should you run?

A.    bootrec.exe /rebuildbcd
B.    bootrec.exe /scanos
C.    bcdboot.exe f:\windows /s c:
D.    bcdboot.exe c:\windows /s f:

Answer: D

QUESTION 240
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed. Server1 has a zone named contoso.com. The zone is configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[12]
You need to assign a user named User1 permission to add and delete records from the contoso.com zone only. What should you do first?

A.    Enable the Advanced view from DNS Manager.
B.    Add User1 to the DnsUpdateProxy group.
C.    Run the New Delegation Wizard.
D.    Configure the zone to be Active Directory-integrated.

Answer: D

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(221-230)!

QUESTION 221
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a file server role named FS1 and a generic service role named SVC1. Server1 is the preferred node for FS1. Server2 is the preferred node for SVC1. You plan to run a disk maintenance tool on the physical disk used by FS1. You need to ensure that running the disk maintenance tool does not cause a failover to occur. What should you do before you run the tool?

A.    Run cluster.exe and specify the pause parameter.
B.    Run cluster.exe and specify the offline parameter.
C.    Run Suspend-ClusterResource
D.    Run Suspend-ClusterNode.

Answer: B

QUESTION 222
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a Clustered Shared Volume (CSV). A developer creates an Application named App1. App1 is NOT a cluster-aware Application. App1 stores data in the file system. You need to ensure that App1 runs in Cluster1. The solution must minimize development effort.
Which cmdlet should you run?

A.    Add-ClusterGenericApplicationRole
B.    Add-ClusterGenericServiceRole
C.    Add ClusterServerRole
D.    Add-ClusterScaleOutFileServerRole

Answer: A

QUESTION 223
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is an enterprise root certification authority (CA) for contoso.com. Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA. Your account is a member of the local Administrators group on Server1. You enable CA role separation on Server1.
You need to ensure that you can manage the certificates on the CA. What should you do?

A.    Remove your user account from the local Administrators group.
B.    Assign the CA administrator role to your user account.
C.    Assign your user account the Bypass traverse checking user right.
D.    Remove your user account from the Manage auditing and security log user right.

Answer: D

QUESTION 224
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. An administrator installs the IP Address Management (IPAM) Server feature on a server named Server2. The administrator configures IPAM by using Group Policy based provisioning and starts server discovery. You plan to create Group Policies for IPAM provisioning. You need to identify which Group Policy object (GPO) name prefix must be used for IPAM Group Policies.
What should you do on Server2?

A.    From Server Manager, review the IPAM overview.
B.    Run the ipamgc.exe tool.
C.    From Task Scheduler, review the IPAM tasks.
D.    Run the Get-IpamConfiguration cmdlet.

Answer: A

QUESTION 225
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. The system properties of Server1 are shown in the exhibit. (Click the Exhibit button.)
 clip_image002[12]
You need to configure Server1 as an enterprise subordinate certification authority (CA). What should you do first?

A.    Add RAM to the server.
B.    Set the Startup Type of the Certificate Propagation service to Automatic.
C.    Install the Certification Authority Web Enrollment role service.
D.    Join Server1 to the contoso.com domain.

Answer: D

QUESTION 226
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server1, Server2, Server3, and Server4. Server1 and 5erver2 run Windows Server 2008 R2. Server1 and Server2 have the Hyper-V server role and the Failover Clustering feature installed. Failover Clustering is configured to provide highly available virtual machines by using a cluster named Cluster1. Cluster1 hosts 10 virtual machines.
Server3 and Server4 run Windows Server 2012 R2.
You install the Hyper-V server role and the Failover Clustering feature on Server3 and Server4.
You create a cluster named Cluster2.
You need to migrate cluster resources from Cluster1 to Cluster2. The solution must minimize downtime on the virtual machines.
Which five actions should you perform?
To answer, move the appropriate five actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[14]
Answer:
 clip_image002[16]
Explanation:
Migrate a Cluster Wizard
Box 1: Shut down
all of the virtual machines in Cluster1.
Box 2: Unmask the shared storage to present the storage to Cluster2.
Box 3: Mask the shared storage to prevent the storage from being accessed by Cluster1.
Box 4: Start the virtual machines in Cluster2.
Box 5: From the Failover Cluster Manager in Cluster1, run the Migrate a Cluster Wizard.
Note:
* The new cluster roles are always created offline – when VMs and users are ready, the following steps should be used during a maintenance window:
i. The source VMs should be shut down and turned off.
ii. The source cluster CSV volumes that have been migrated should be off-lined. iii. The storage that is common to both clusters (LUNS) should be masked (hidden) from the source cluster, to prevent accidental usage by both clusters.
iv. The storage that is common to both clusters (LUNS) should be presented to the new cluster. v. The CSV volumes on the target cluster should be on-lined.
vi. The VMs on the target cluster should be on-lined.
vii. VMs are migrated and ready for use!
* Now that the target cluster has been pre-staged, use the following steps during a maintenance window to cut over to the new Windows Server 2012 R2 cluster:
1. Shutdown all VMs on the source Windows Server 2008 R2 cluster that have been migrated.
2. Configure the storage:
a. Unmask the common shared storage (LUNs) so that they are not presented to the Windows Server 2008 R2source cluster
Note: Data could become corrupt if they are presented to multiple clusters at the same time.
b. Mask the common shared storage (LUNs) to the Windows Server 2012 R2 target cluster.

QUESTION 227
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 has access to four physical disks. The disks are configured as shown in the following table.
 clip_image001[30]
You need to identify which disk can be added to a Clustered Storage Space in Cluster1. Which disk should you identify?

A.    Disk1
B.    Disk2
C.    Disk3
D.    Disk4

Answer: B

QUESTION 228
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. You attempt to delete a classification property and you receive the error message as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[32]
You need to delete the is Confidential classification property. What should you do?

A.    Delete the classification rule that is assigned the isConfidential classification property.
B.    Disable the classification rule that is assigned the isConfidential classification property.
C.    Set files that have an isConfidential classification property value of Yes to No.
D.    Clear the isConfidential classification property value of all files.

Answer: A

QUESTION 229
You have a server named Server1 that runs Windows Server 2012 R2. Windows Server 2012 R2 is installed on volume C. You need to ensure that Safe Mode with Command Prompt loads the next time Server1 restarts. Which tool should you use?

A.    The Restart-Server cmdlet
B.    The Bootcfg command
C.    The Restart-Computer cmdlet
D.    The Bcdedit command

Answer: D

QUESTION 230
You have a failover cluster named Cluster1 that contains four nodes. All of the nodes run Windows Server 2012 R2. You need to schedule the installation of Windows updates on the cluster nodes. Which tool should you use?

A.    The Wusa command
B.    The Invoke-CauScan cmdlet
C.    The Add-CauClusterRole cmdlet
D.    The Wuauclt command

Answer: C

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(211-220)!

QUESTION 211
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Node1 and Node2. Node1 and Node2 run Windows Server 2012 R2. Node1 and Node2 are configured as a two-node failover cluster named Cluster2. The computer accounts for all of the servers reside in an organizational unit (OU) named Servers. A user named User1 is a member of the local Administrators group on Node1 and Node2. User1 creates a new clustered File Server role named File1 by using the File Server for general use option. A report is generated during the creation of File1 as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[18]
File1 fails to start.
You need to ensure that you can start File1. What should you do?

A.    Log on to the domain by using the built-in Administrator for the domain, and then recreate the clustered
File Server role by using the File Server for general use option.
B.    Recreate the clustered File Server role by using the File Server for scale-out Application data option.
C.    Assign the computer account permissions of Cluster2 to the Servers OU.
D.    Assign the user account permissions of User1 to the Servers OU.
E.    Increase the value of the ms-DS-MachineAccountQuota attribute of the domain.

Answer: B

QUESTION 212
Your network contains two servers named Server1 and Server 2. Both servers run Windows Server 2012 R2 and have the Hyper-V server role installed. Server1 hosts a virtual machine named VM1. The virtual machine configuration files and the virtual hard disks for VM1 are stored in D: \VM1.
You shut down VM1 on Server1.
You copy D:\VM1 to D:\VM1 on Server2.
You need to start VM1 on Server2. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do?

A.    Run the Import-VMIntialReplication cmdlet.
B.    Create a new virtual machine on Server2 and attach the VHD from VM1 to the new virtual machine.
C.    From Hyper-V Manager, run the Import Virtual Machine wizard.
D.    Run the Import-IscsiVirtualDisk cmdlet.

Answer: C

QUESTION 213
Your network contains an Active Directory forest. The forest contains one domain named adatum.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[20]
DC2 has all of the domain-wide operations master roles. DC3 has all of the forest-wide operation master roles. You need to ensure that you can use Password Settings objects (PSOs) in the domain.
What should you do first?

A.    Uninstall Active Directory from DC1.
B.    Change the domain functional level.
C.    Transfer the domain-wide operations master roles.
D.    Transfer the forest-wide operations master roles.

Answer: A

QUESTION 214
Your network contains an Active Directory forest named contoso.com. The forest contains three domains. All domain controllers run Windows Server 2012 R2. The forest has a two-way realm trust to a Kerberos realm named adatum.com. You discover that users in adatum.com can only access resources in the root domain of contoso.com. You need to ensure that the adatum.com users can access the resources in all of the domains in the forest.
What should you do in the forest?

A.    Delete the realm trust and create a forest trust.
B.    Delete the realm trust and create three external trusts.
C.    Modify the incoming realm trust.
D.    Modify the outgoing realm trust.

Answer: D

QUESTION 215
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2. DC1 and DC2 fail to replicate Active Directory information. You confirm that DC1 and DC2 have network connectivity. The NTDS Settings of DC2 are configured as shown in the NTDS Settings exhibit. (Click tie Exhibit button.)

 clip_image001[22]
DNS is configured as shown in the DNS exhibit. (Click the Exhibit button.)
 clip_image002[6]
You need to ensure that DC1 and DC2 can replicate immediately. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    From DC1, restart the Netlogon service.
B.    From DC2, run nltest.exe /sync.
C.    From DC1, run ipconfig /flushdns.
D.    From DO, run repadmin /syncall.
E.    From DC2, run ipconfig /registerdns.
F.    From DC2, restart the Netlogon service.

Answer: DE
Explanation:
The DC2 name/alias is not available in DNS.
First we register the DC2 name from DC with the ipcpnfig /registerdns. (E) Then we synchronizes a specified domain controller DC1 (DC2 would also work) with all of its replication partners with repadmin /syncall. (D)

QUESTION 216
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a Clustered Shared Volume (CSV). A developer creates an Application named App1. App1 is NOT a cluster-aware Application. App1 stores data in the file system. You need to ensure that App1 runs in Cluster1. The solution must minimize development effort.
Which cmdlet should you run?

A.    Add-ClusterGenericServiceRole
B.    Add-ClusterServerRole
C.    Add-ClusterGenericApplicationRole
D.    Add-ClusterScaleOutFileServerRole

Answer: C
Explanation:
* Add-ClusterGenericApplicationRole
Configure high availability for an application that was not originally designed to run in a failover cluster.
* If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over.

QUESTION 217
You have a server named Server1 that runs Windows Server 2012 R2.
You start Server1 by using Windows PE.
You need to repair the Boot Configuration Data (BCD) store on Server1.
Which tool should you use?

A.    Bootim
B.    Bootsect
C.    Bootrec
D.    Bootcfg

Answer: C

QUESTION 218
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a Clustered Shared Volume (CSV). A developer creates an application named Appl. App1 is NOT a cluster-aware application. App1 stores data in the file system. You need to ensure that App1 runs in Cluster1. The solution must minimize development effort. Which cmdlet should you run?

A.    Add-ClusterServerRole
B.    Add-ClusterGenericServiceRole
C.    Add ClusterScaleOutFileServerRole
D.    Add ClusterGenericApplicationRole

Answer: D
Explanation:
* Add-ClusterGenericApplicationRole Configure high availability for an application that was not orig
inally designed to run in a failover cluster.
* If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over.

QUESTION 219
Hotspot Question
Your network contains three Application servers that run Windows Server 2012 R2. The Application servers have the Network Load Balancing (NLB) feature installed. You create an NLB cluster that contains the three servers. You plan to deploy an Application named App1 to the nodes in the cluster. App1 uses TCP port 8080 and TCP port 8081.
Clients will connect to App1 by using HTTP and HTTPS. When clients connect to App1 by using HTTPS, session state information will be retained locally by the cluster node that responds to the client request.
You need to configure a port rule for App1. Which port rule should you use? To answer, select the appropriate rule in the answer area.
 clip_image002[8]
Answer:
 clip_image002[10]

QUESTION 220
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. The servers have the Hyper- V server role installed.
A certification authority (CA) is available on the network. A virtual machine named vml.contoso.com is replicated from Server1 to Server2. A virtual machine named vm2.contoso.com is replicated from Server2 to Server1. You need to configure Hyper-V to encrypt the replication of the virtual machines. Which common name should you use for the certificates on each server? To answer, configure the appropriate common name for the certificate on each server in the answer area.
 clip_image001[24]

 clip_image001[26]
Answer:

clip_image001[28]
Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(201-210)!

QUESTION 201
You have a server named Server1 that runs Windows Server 2012 R2. When you install a custom Application on Server1 and restart the server, you receive the following error message: “The Boot Configuration Data file is missing some required information.

File: \Boot\BCD
Error code: 0x0000034.”
You start Server1 by using Windows PE. You need to ensure that you can start Windows Server 2012 R2 on Server1.
Which tool should you use?

A.    Bootsect
B.    Bootim
C.    Bootrec
D.    Bootcfg

Answer: C
Explanation:
http://answers.microsoft.com/en-us/windows/forum/windows_7-system/error-code-0x0000034-in-windows-7/4dcb8d38-a206-40ed-bced-55e4a4de9bf2

QUESTION 202
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights Management Services server role installed. Your company works with a partner organization that does not have its own Active Directory Rights Management Services (AD RMS) implementation. You need to create a trust policy for the partner organization. The solution must meet the following requirements:
Grant users in the partner organization access to protected content. Provide users in the partner organization with the ability to create protected content. Which type of trust policy should you create?

A.    a federated trust
B.    Windows Live ID
C.    a trusted publishing domain
D.    a trusted user domain

Answer: A

QUESTION 203
Hotspot Question
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001
On DC1, you create an Active Directory-integrated zone named Zone1. You verify that Zone1 replicates to DC2.
You use DNSSEC to sign Zone1.
You discover that the updates to Zone1 fail to replicate to DC2.
You need to ensure that Zone1 replicates to DC2.
What should you configure on DC1?
To answer, select the appropriate tab in the answer area.
 clip_image001[4]
Answer:

clip_image001[6]

QUESTION 204
Hotspot Question
Your network contains two Hyper-V hosts that are configured as shown in the following table.
 clip_image001[8]
You create a virtual machine on Server1 named VM1.
You plan to export VM1 from Server1 and import VM1 to Server2. You need to ensure that you can start the imported copy of VM1 from snapshots.
What should you configure on VM1?
To answer, select the appropriate node in the answer area.
 clip_image002
Answer:

 clip_image002[4]
Note:
* If the CPUs are from the same manufacturer but not from the same type, you may need to use Processor Compatibility.
*(incorrect) The network adapter is already disconnected.

QUESTION 205
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[10]
You configure a user named User1 as a delegated administrator of DC10. You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails.
What should you do?

A.    On DC10, run ntdsutil and configure the settings in the Roles context.
B.    On DC10, run ntdsutil and configure the settings in the Local Roles context.
C.    Modify the properties of the DCIO computer account.
D.    Run repadmin and specify /replsingleobject parameter.

Answer: B
Explanation:
Modify the following policy:
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights
Assignment\Allow log on locally
Note:
* User Rights Assignment policies determines which users or groups have logon rights or privileges on the computer.
* Delegated administrator accounts gain local administrative permissions to the RODC. These users can operate with privileges equivalent to the local computer’s Administrators group. They are not members of the Domain Admins or the domain built-in Administrators groups. This option is useful for delegating branch office administration without giving out domain administrative permissions. Configuring delegation of administration is not required.

QUESTION 206
You have a server named Server1 that runs Windows Server 2012 R2. You install the File and Storage Services server role on Server1.
From Windows Explorer, you view the properties of a folder named Folder1 and you discover that the Classification tab is missing. You need to ensure that you can assign classifications to Folder1 from Windows Explorer manually.
What should you do?

A.    From Folder Options, clear Hide protected operating system files (Recommended).
B.    Install the File Server Resource Manager role service.
C.    From Folder Options, select the Always show menus.
D.    Install the Share and Storage Management Tools.

Answer: B
Explanation:
B. Classification Management is a feature of FSRM
http://technet.microsoft.com/en-us/library/dd759252.aspx
http://technet.microsoft.com/en-us/library/dd758759(v=WS.10).aspx

QUESTION 207
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest contains three Active Directory sites named SiteA, SiteB, and SiteC. The sites contain four domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[12]
An IP site link exits between each site.
You discover that the users in SiteC are authenticated by the domain controllers in SiteA and SiteB. You need to ensure that the SiteC users are authenticated by the domain controllers in SiteB, unless all of the domain controllers in SiteB are unavailable.
What should you do?

A.    Create an SMTP site link between SiteB and SiteC.
B.    Create additional connection objects for DC3 and DC4.
C.    Decrease the cost of the site link between SiteB and SiteC.
D.    Create additional connection objects for DC1 and DC2.

Answer: C
Explanation:
By decreasing the site link cost between SiteB and SiteC the SiteC users would be authenticated by SiteB rather than by SiteA.

QUESTION 208
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other. Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1. You need to verify whether the replica of VM5 on Server1 is functional. The solution must ensure that VM5 remains accessible to clients.
What should you do from Hyper-V Manager?

A.    On a server in Cluster2, click Migrate Roles.
B.    On a server in Cluster2, configure Cluster-Aware Updating.
C.    On a server in Cluster1, click Move Core Cluster Resources, and then click Select Node.
D.    On a server in Cluster1, configure Cluster-Aware Updating.

Answer: B
Explanation:
Note:
* Cluster-Aware Updating (CAU) is an automated feature that allows you to update clustered servers with little or no loss in availability during the update process. During an Updating Run, CAU transparently performs the following tasks:
Puts each node of the cluster into node maintenance mode Moves the clustered roles off the node
Installs the updates and any dependent updates
Performs a restart if necessary
Brings the node out of maintenance mode
Restores the clustered roles on the node
Moves to update the next node
For many clustered roles (formerly called clustered applications and services) in the cluster, the automatic update process triggers a planned failover, and it can cause a transient service interruption for connected clients. However, in the case of continuously available workloads in Windows Server 2012 R2, such as Hyper-V with live migration or file server with SMB Transparent Failover, CAU can coordinate cluster updates with no impact to the service availability.

QUESTION 209
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a
failover cluster named Cluster1. Cluster1 has access to four physical disks. The disks are configured as shown in the following table.
 clip_image001[14]
You need to ensure that all of the disks can be added to a Cluster Shared Volume (CSV). Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Enable BitLocker on Disk4.
B.    Format Disk3 to use NTFS.
C.    Format Disk2 to use NTFS.
D.    Disable BitLocker on Disk1.

Answer: BC
Explanation:
You cannot use a disk for a CSV that is formatted with FAT, FAT32, or Resilient File System (ReFS).

QUESTION 210
Your network contains an Active Directory forest named contoso.com. The contoso.com domain only contains domain controllers that run Windows Server 2012 R2. The forest contains a child domain named child.contoso.com. The child.contoso.com domain only contains domain controllers that run Windows Server 2008 R2. The child.contoso.com domain contains a member server named Server1 that runs Windows Server 2012 R2. You have access to four administrative user accounts in the forest. The administrative user accounts are configured as shown in the following table.
 clip_image001[16]
You need to ensure that you can add a domain controller that runs Windows Server 2012 R2 to the child.contoso.com domain. Which account should you use to run adprep.exe?

A.    Admin1
B.    Admin2
C.    Admin3
D.    Admin4

Answer: C

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-413 Exam Dump Free Download(91-97)!

QUESTION 91
Your network contains an Active Directory forest named contoso.com. The forest is managed by using Microsoft System Center 2012. Web developers must be able to use a self-service portal to request the deployment of virtual machines based on predefined templates. The requests must be approved by an administrator before the virtual machines are deployed.
You need to recommend a solution to deploy the virtual machines.
What should you include in the recommendation?
More than one answer choice may achieve the goal. Select the BEST answer.

A.    A Virtual Machine Manager (VMM) service template, a Service Manager service offering, and an
Orchestrator runbook
B.    A Virtual Machine Manager (VMM) service template, an Operations Manager dashboard, and an
Orchestrator runbook
C.    A Service Manager service offering, an Orchestrator runbook, and Configuration Manager packages
D.    A Service Manager service offering, an Orchestrator runbook, and an Operations Manager dashboard

Answer: A

QUESTION 92
You have a server named Server1 that runs Windows Server 2012. Server1 has the DNS Server server role installed.
You need to recommend changes to the DNS infrastructure to protect the cache from cache poisoning attacks.
What should you configure on Server1?

A.    DNS devolution
B.    DNS Security Extensions (DNSSEC)
C.    DNS cache locking
D.    The global query block list

Answer: C

QUESTION 93
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy Server server rote installed.
You configure Server1 as part of a Network Access Protection (NAP) solution that uses the 802.lx enforcement method.
You add a new switch to the network and you configure the switch to use 802.lx authentication.
You need to ensure that only compliant client computers can access network resources through the new switch.
What should you do on Server1?

A.    Add the IP address of each new switch to the list of RADIUS clients.
B.    Add the IP address of each new switch to a connection request policy as an Access Client IPv4 Address.
C.    Add the IP address of each new switch to a remote RADIUS server group.
D.    Add the IP address of each new switch to a remediation server group.

Answer: A

QUESTION 94
Your network contains an Active Directory domain named contoso.com. All client computers run either Windows 7 or Windows 8. Some users work from customer locations, hotels, and remote sites. The remote sites often have firewalls that limit connectivity to the Internet.
You need to recommend a VPN solution for the users.
Which protocol should you include in the recommendation?

A.    L2TP/IPSec
B.    PPTP
C.    IKEV2
D.    SSTP

Answer: D

QUESTION 95
Your network contains an Active Directory domain named contoso.com. Your company has 100 users in the sales department. Each sales user has a domain-joined laptop computer that runs either Windows 7 or Windows 8. The sales users rarely travel to the company’s offices to connect directly to the corporate network.
You need to recommend a solution to ensure that you can manage the sales users’ laptop computers when the users are working remotely.
What solution should you include in the recommendation?

A.    Deploy a Microsoft System Center 2012 Service Manager infrastructure.
B.    Deploy the Remote Access server role on a server on the internal network.
C.    Deploy the Network Policy and Access Services server role on a server on the internal network.
D.    Deploy a Microsoft System Center 2012 Operations Manager infrastructure.

Answer: B

QUESTION 96
Your network contains an Active Directory forest named contoso.com. The forest contains five domains.
You need to ensure that the CountryCode attribute is replicated to the global catalog.
What should you do?

A.    Modify the configuration partition.
B.    Create and modify an application partition.
C.    Modify the schema partition.
D.    Modify the domain partitions.

Answer: C

QUESTION 97
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2008 R2. All domain controllers are installed on physical servers. The network contains several Hyper-V hosts.
The network contains a Microsoft System Center 2012 infrastructure.
You plan to use domain controller cloning to deploy several domain controllers that will run Windows Server 2012.
You need to recommend which changes must be made to the network infrastructure before you can use domain controller cloning.
What should you recommend?

A.    Upgrade the domain controller that has the infrastructure master operations master role to Windows
Server 2012. Install the Windows Deployment Services server role on a server that runs Windows Server 2012.
B.    Upgrade the domain controller that has the PDC emulator operations master role to Windows Server 2012.
Deploy a Hyper-V host that runs Windows Server 2012.
C.    Upgrade a global catalog server to Windows Server 2012. Install the Windows Deployment Services server
role on a server that runs Windows Server 2012.
D.    Upgrade a global catalog server to Windows Server 2012.
Deploy Virtual Machine Manager (VMM).

Answer: B
Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html

Official 2014 Latest Microsoft 70-413 Exam Dump Free Download(81-90)!

QUESTION 81
You have a server named Server1 that runs Windows Server 2012.
You have a 3-TB database that will be moved to Server1. Server1 has the following physical disks:
– Three 2-TB SATA disks that are attached to a single IDE controller
– One 1-TB SATA disk that is attached to a single IDE controller
You need to recommend a solution to ensure that the database can be moved to Server1. solution must ensure that the database is available if a single disk fails.
What should you include in the recommendation?

A.    Add each disk to a separate storage pool. Create a mirrored virtual disk.
B.    Add two disks to a storage pool. Add the other disk to another storage pool. Create a mirrored virtual disk.
C.    Add all of the disks to a single storage pool, and then create two simple virtual disks.
D.    Add all of the disks to a single storage pool, and then create a parity virtual disk.

Answer: D

QUESTION 82
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image002[22]
The domain contains two global groups. The groups are configured as shown in the following table.
 clip_image001[12]
You need to ensure that the RODC is configured to meet the following requirements:
– Cache passwords for all of the members of Branch1Users.
– Prevent the caching of passwords for the members of Helpdesk.
What should you do?

A.    Create a Password Settings object (PSO) for the Helpdesk group.
B.    Install the BranchCache feature on RODC1.
C.    Modify the password replication policy of RODC1.
D.    Modify the delegation settings of RODC1.

Answer: C

QUESTION 83
Your company has a main office, ten regional datacenters; and 100 branch offices.
You are designing the site topology for an Active Directory forest named contoso.com.
The forest will contain the following servers:
– In each regional datacenter and in the main office, a domain controller that runs Windows Server
– In each branch office, a file server that runs Windows Server 2012
You have a shared folder that is accessed by using the path \\contoso.com\shares\software.
The folder will be replicated to a local file server in each branch office by using Distributed File System (DFS) replication.
You need to recommend an Active Directory site design to meet the following requirements:
– Ensure that users in the branch offices will be authenticated by a domain controller in the closest regional datacenter.
– Ensure that users automatically connect to the closest file server when they access \\contoso.com\shares\software.
How many Active Directory sites should you recommend?

A.    1
B.    10
C.    11
D.    111 Answer: D

Answer:

QUESTION 84
Your network contains an Active Directory forest named contoso.com.
Your company merges with another company that has an Active Directory forest named litwareinc.com.
Each forest has one domain.
You establish a two-way forest trust between the forests.
The network contains three servers. The servers are configured as shown in the following table.
 clip_image001[14]
You confirm that the client computers in each forest can resolve the names of the client computers in both forests.
On dc1.litwareinc.com, you create a zone named GlobalNames.
You need to recommend changes in both forests to ensure that the users in both forests can resolve single-label names by using the GlobalNames zone in litwareinc.com.
Which changes should you recommend?
To answer, drag the appropriate configuration to the correct server in the answer area. Each configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
 clip_image002[24]
Answer:
 clip_image002[26]

QUESTION 85
Your network contains an Active Directory domain named contoso.com. The domain contains three Active Directory sites. The Active Directory sites are configured as shown in the following table:
 clip_image001[16]
The sites connect to each other by using the site links shown in the following table:
 clip_image001[18]
You need to design the Active Directory site topology to meet the following requirements:
– Ensure that all replication traffic between Site2 and Site3 replicates through Site1 if a domain controller in Site1 is available.
– Ensure that the domain controllers between Site2 and Site3 can replicate if all of the domain controllers in Site1 are unavailable.
What should you do?

A.    Delete Link3.
B.    Create one SMTP site link between Site1 and Site3. Create one SMTP site link between Site1 and Site2.
C.    Create one site link bridge.
D.    Modify the cost of Link2.

Answer: D

QUESTION 86
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image002[28]
The domain contains two global groups. The groups are configured as shown in the following table.
 clip_image001[20]
You need to ensure that the RODC is configured to meet the following requirements:
– Cache passwords for all of the members of Branch1Users.
– Prevent the caching of passwords for the members of Helpdesk.
What should you do?

A.    Create a Password Settings object (PSO) for the Helpdesk group.
B.    Install the BranchCache feature on RODC1.
C.    Modify the membership of the Allowed RODC Password Replication group of RODC1.
D.    Modify the membership of the Denied RODC Password Replication group of RODC1.

Answer: C

QUESTION 87
Your company has a main office and 20 branch offices. All of the offices connect to each other by using a WAN link.
The network contains an Active Directory forest named contoso.com. The forest contains a domain for each office. The forest root domain contains all of the server resources.
Each branch office contains two domain controllers for the branch office domain and one domain controller for the contoso.com domain.
Each branch office has a support technician who is responsible for managing the accounts of their respective office only.
You recently updated all of the WAN links to high-speed WAN links.
You need to recommend changes to the Active Directory infrastructure to meet the following requirements:
– Reduce the administrative overhead of moving user accounts between the offices.
– Ensure that the support technician in each office can manage the user accounts of their respective office.
What should you include in the recommendation?
More than one answer choice may achieve the goal.
Select the BEST answer.

A.    Create shortcut trusts between each child domain. In the main office, add a domain controller to each
branch office domain.
B.    Create a new child domain named corp.contoso.com. Create a shortcut trust between each child domain and corp.contoso.com.
C.    Move all of the user accounts of all the branch offices to the forest root domain.
Decommission all of the child domains.
D.    Create a new forest root domain named contoso.local. Move all of the user accounts of all the branch
offices to the new forest root domain. Decommission all of the child domains.

Answer: C

QUESTION 88
Your company, which is named Contoso, Ltd., has a main office and two branch offices. The main office is located in North America. The branch offices are located in Asia and Europe.
You plan to design an Active Directory forest and domain infrastructure.
You need to recommend an Active Directory design to meet the following requirements:
The contact information of all the users in the Europe office must not be visible to the users in the other offices.
The administrators in each office must be able to control the user settings and the computer settings of the users in their respective office.
The solution must use the least amount of administrative effort.
What should you include in the recommendation?

A.    One forest that contains three domains
B.    One forest that contains one domain
C.    Three forests that each contain one domain
D.    Two forests that each contain one domain

Answer: A

QUESTION 89
Your network contains an Active Directory forest named contoso.com.
You plan to deploy 200 Hyper-V hosts by using Microsoft System Center 2012 Virtual Machine Manager (VMM) Service Pack 1 (SP1).
You add a PXE server to the fabric.
You need to identify which objects must be added to the VMM library for the planned deployment. What should you identify? (Each correct answer presents part of the solution. Choose all that apply.)

A.    A host profile
B.    A capability profile
C.    A hardware profile
D.    A generalized image
E.    A service template

Answer: AD

QUESTION 90
You plan to deploy multiple servers in a test environment by using Windows Deployment Services (WDS).
You need to identify which network services must be available in the test environment to deploy the servers.
Which network services should you identify?
(Each correct answer presents part of the solution.Choose ail that apply.)

A.    DHCP
B.    Active Directory Domain Services (AD DS)
C.    DNS
D.    Active Directory Lightweight Directory Services (AD LDS)
E.    WINS
F.    Network Policy Server (NPS)

Answer: AC
Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html

Official 2014 Latest Microsoft 70-413 Exam Dump Free Download(71-80)!

QUESTION 71
Your company has a main office and four branch offices. The main office is located in London. The network contains an Active Directory domain named contoso.com. The network is configured as shown in the exhibit. (Click the Exhibit button.) Each office contains several servers that run Windows Server 2012.
In each branch office, you plan to deploy an additional 20 servers that will run Windows Server 2012. Some of the servers will have a Server Core Installation of Windows Server 2012.
You identify the following requirements for the deployment of the new servers:
– Operating system images must be administered centrally.
– The operating system images must be deployed by using PXE.
– The WAN traffic caused by the deployment of each operating system must be minimized.
You need to recommend a solution for the deployment of the new servers.
What should you recommend?
 clip_image001[4]

A.    Deploy Windows Deployment Services (WDS) in each office. Replicate the images by using Distributed
File System (DFS) Replication.
B.    Deploy Windows Deployment Services (WDS) in each office.
Copy the images by using BranchCache.
C.    Deploy Windows Deployment Services (WDS) in the main office only.
Copy the images by using BranchCache.
D.    Deploy Windows Deployment Services (WDS) in the main office only.
Replicate the images by using Distributed File System (DFS) Replication.

Answer: A

QUESTION 72
Your network contains an Active Directory domain named contoso.com.
The domain contains a Microsoft System Center 2012 infrastructure.
The domain contains two sites named Site1 and Site2.
The sites connect to each other by using a 1-Mbps WAN link.
The sites contain four servers. The servers are configured as shown in the following table.
 clip_image001[6]
In Site2, you plan to deploy 50 Hyper-V hosts.
You need to recommend a solution to deploy the Hyper-V hosts by using VMM.
The solution must minimize the amount of traffic between Site1 and Site2 during deployment.
What should you recommend?
 
A.    On Server4, install VMM. From the Virtual Machine Manager console, add Server1 as a PXE server
and add Server4 as a library server.
B.    On Server4/ install VMM. From the Virtual Machine Manager console, add Server1 as a PXE server
and a library server.
C.    On Server4, install WDS. From the Virtual Machine Manager console, add Server4 as a PXE server
and a library server.
D.    On Server4, install WDS. From the Virtual Machine Manager console, add Server4 as a PXE server
and add Server1 as a library server.

Answer: C

QUESTION 73
Your network contains an Active Directory forest named contoso.com.
You plan to add a new domain named child.contoso.com to the forest. On the DNS servers in child.contoso.com, you plan to create conditional forwarders that point to the DNS servers in contoso.com.
You need to ensure that the DNS servers in contoso.com can resolve names for the servers in child. contoso.com.
What should you create on the DNS servers in contoso.com?

A.    A root hint
B.    A zone delegation
C.    A conditional forwarder
D.    A trust point

Answer: B

QUESTION 74
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the DHCP Server server role installed. The network contains a Virtual Desktop Infrastructure (VDI). All virtual machines run Windows 8.
You identify the following requirements for allocating IPv4 addresses to client computers:
– All virtual desktops must have static IP addresses.
– All laptop computers must receive dynamic IP addresses.
– All virtual desktops must be prevented from obtaining dynamic address.
You need to recommend a DHCP solution that meets the requirements for allocating IPv4 addresses. The solution must use the least amount of administrative effort. What should you recommend? More than one answer choice may achieve the goal.
Select the BEST answer.

A.    Create two physical subnets. Configure 802.1x authentication for each subnet.
B.    Create two physical subnets. Connect the laptop computers to the subnet that contains Server1.
C.    Configure DHCP filtering.
D.    Configure DHCP policies.

Answer: C

QUESTION 75
Your network contains an Active Directory forest that has two domains named contoso.com and europe. contoso.com. The forest contains five servers. The servers are configured as shown in the following table.
 clip_image002
You plan to manage the DHCP settings and the DNS settings centrally by using IP Address Management (IPAM).
You need to ensure that you can use IPAM to manage the DHCP and DNS settings in both domains. The solution must use the minimum amount of administrative effort.
What should you do?

A.    Upgrade DCE1 and DCE2 to Windows Server 2012, and then install the IP Address Management
(IPAM) Server feature. Run the Invoke-IpamGpoProvisioning cmdlet for each domain.
B.    Upgrade DCE1 and DCE2 to Windows Server 2012, and then install the IP Address Management
(IPAM) Server feature. Run the Set-IpamConfiguration cmdlet for each domain.
C.    Upgrade DC1 and DC2 to Windows Server 2012, and then install the IP Address Management (IPAM)
Server feature. Run the Set-IpamConfiguration cmdlet for each domain.
D.    Upgrade DC1 and DC2 to Windows Server 2012, and then install the IP Address Management (IPAM)
Server feature. Run the Invoke-IpamGpoProvisioning cmdlet for each domain.

Answer: A

QUESTION 76
Your company is a hosting provider that provides cloud-based services to multiple customers.
Each customer has its own Active Directory forest located in your company’s datacenter.
You plan to provide VPN access to each customer. The VPN solution will use RADIUS for authentication services and accounting services.
You need to recommend a solution to forward authentication and accounting messages from the perimeter network to the Active Directory forest of each customer.
What should you recommend?
More than one answer choice may achieve the goal.
Select the BEST answer.

A.    A RADIUS server for each customer and one RADIUS proxy
B.    A RADIUS server for each customer and a RADIUS proxy for each customer
C.    One RADIUS proxy and one Active Directory Lightweight Directory Services (AD LDS) instance for
each customer
D.    One RADIUS proxy for each customer and Active Directory Federation Services (AD FS)

Answer: A

QUESTION 22
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2008 R2.
You plan to replace the domain controllers with new servers that run Windows Server 2012. The new servers will be named DC3 and DC4.
You need to recommend a strategy to replace DC1 and DC2 with DC3 and DC4. The solution must minimize the amount of disruption to the users.
Which three actions should you recommend?
To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[6]
Answer:
 clip_image002[8]

QUESTION 77
Your network contains an Active Directory forest.
The forest contains two domains named contoso.com and fabrikam.com.
You plan to decommission the fabrikam.com domain.
You need to perform the following migration tasks:
– Copy user accounts from the fabrikam.com domain to the contoso.com domain.
– Move the client computers from fabrikam.com to contoso.com.
The solution must ensure that all of the user profiles are associated to the migrated user accounts.
Which tool should you use to perform each task?
To answer, drag the appropriate tool to the correct migration task in the answer area.
Each tool may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
 clip_image002[10]
Answer:
 clip_image002[12]

QUESTION 78
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2008 R2. Server1 is a file server.
You deploy a new member server named Server2 that runs Windows Server 2012.
You plan to migrate file shares from Server1 to Server2. File share and NTFS permissions are assigned only to domain local groups.
You need to identify which actions are required to perform the migration.
Which five actions should you identify? To answer, move the five appropriate actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[14]
Answer:
 clip_image002[16]

QUESTION 79
Your company plans to deploy a remote access solution to meet the following requirements:
– Ensure that client computers that are connected to the Internet can be managed remotely without requiring that the user log on.
– Ensure that client computers that run Windows Vista or earlier can connect remotely.
– Ensure that non-domain-joined computers can connect remotely by using TCP port 443.
You need to identify which remote access solutions meet the requirements.
Which solutions should you identify?
To answer, drag the appropriate solution to the correct requirement in the answer area.
Each solution may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
 clip_image002[18]
Answer:
 clip_image002[20]

QUESTION 80
Your network contains an Active Directory domain named contoso.com. The domain contains three Active Directory sites. The Active Directory sites are configured as shown in the following table.
 clip_image001[8]
The sites connect to each other by using the site links shown in the following table.
 clip_image001[10]
You need to design the Active Directory site topology to meet the following requirements:
– Ensure that all replication traffic between Site2 and Site3 replicates through Site1 if a domain controller in Site1 is available.
– Ensure that the domain controllers between Site2 and Site3 can replicate if all of the domain controllers in Site1 are unavailable.
What should you do?

A.    Delete Link2.
B.    Create one SMTP site link between Site1 and Site3. Create one SMTP site link between Site1 and Site2.
C.    Create one site link bridge.
D.    Delete Link1.

Answer: A
Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html

Official 2014 Latest Microsoft 70-413 Exam Dump Free Download(61-70)!

QUESTION 61
You need to ensure that NAP meets the technical requirements.
Which role services should you install?

A.    Network Policy Server, Health Registration Authority and Host Credential Authorization Protocol
B.    Health Registration Authority, Host Credential Authorization Protocol and Online Responder
C.    Certification Authority, Network Policy Server and Health Registration Authority
D.    Online Responder, Certification Authority and Network Policy Server Answer:C

Answer: C

QUESTION 62
You need to recommend a change to the Active Directory environment to support the company’s planned changes.
What should you include in the recommendation?

A.    Upgrade the domain controllers that have the PDC emulator master role to Windows Server 2012.
B.    Raise the functional level of the domain and the forest.
C.    Implement Administrator Role Separation.
D.    Upgrade the domain controller that has the domain naming master role to Windows Server 2012.

Answer: B

QUESTION 63
You need to recommend changes to the Active Directory environment to support the visualization requirements.
What should you include in the recommendation?

A.    Raise the functional level of the domain and the forest.
B.    Implement Administrator Role Separation.
C.    Upgrade the domain controllers that have the PDC emulator master role to Windows Server 2012.
D.    Upgrade the domain controller that has the domain naming master role to Windows Server 2012.

Answer: C

QUESTION 64
Your network contains an Active Directory domain named contoso.com. The domain contains four computers that are configured as shown in the following table.
 clip_image001
You plan to use domain controller cloning. You need to identify on which computers you can clone domain controllers that run Windows Server 2012.
Which computers should you identify? (Each correct answer presents part of the solution. Choose all that apply.)

A.    Server1
B.    Server2
C.    Server3
D.    Client1

Answer: AD

QUESTION 65
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites. You plan to deploy DirectAccess. The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network. You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement.
What should you include in the recommendation?

A.    Set the ISATAP State to state enabled.
B.    Enable split tunneling.
C.    Set the ISATAP State to state disabled.
D.    Enable force tunneling.

Answer: D

QUESTION 66
Your company has two divisions named Division1 and Division2. The network contains an Active Directory domain named contoso.com. The domain contains two child domains named division1.contoso.com and division2.contoso.com. The company sells division1 to another company. You need to prevent administrators in contoso.com and division2.contoso.com from gaining administrative access to the resources in division1.contoso.com.
What should you recommend?

A.    Create a new tree in the forest named contoso.secure. Migrate the resources and the accounts in division1.contoso.com to contoso.secure.
B.    On the domain controller accounts in division1.contoso.com, deny the Enterprise Admins group the
Allowed to Authenticate permission.
C.    Create a new forest and migrate the resources and the accounts in division1.contoso.com to the new forest.
D.    In division1.contoso.com, remove the Enterprise Admins group from the Domain Admins group and remove
the Enterprise Admins group from the access control list (ACL) on the division1.contoso.com domain object.

Answer: C

QUESTION 67
Your network contains an Active Directory domain named contoso.com. On several organizational units (OUs), an administrator named Admin1 plans to delegate control of custom tasks. You need to ensure that Admin1 can delegate a custom task named Task1 by using the Delegation of Control Wizard.
What should you do?

A.    Add a new class to the Active Directory schema.
B.    Configure a custom MMC console.
C.    Modify the Delegwiz.inf file.
D.    Configure a new authorization store by using Authorization Manager.

Answer: C

QUESTION 68
Your network contains 50 servers that run Windows Server 2003 and 50 servers that run Windows Server 2008. You plan to implement Windows Server 2012. You need to create a report that includes the following information:
* The servers that run applications and services that can be moved to Windows Server 2012
* The servers that have hardware that can run Windows Server 2012
* The servers that are suitable to be converted to virtual machines hosted on Hyper-V hosts that run Windows Server 2012
What should you do?

A.    From an existing server, run the Microsoft Application Compatibility Toolkit (ACT).
B.    Install Windows Server 2012 on a new server, and then run the Windows Server Migration Tools.
C.    Install Windows Server 2012 on a new server, and then run Microsoft Deployment Toolkit (MDT) 2012.
D.    From an existing server, run the Microsoft Assessment and Planning (MAP) Toolkit.

Answer: D

QUESTION 69
Your network contains a server named Server1 that runs Windows Server 2012. Server1 has the DHCP Server server role installed. All of the client computers that are in a subnet named Subnet1 receive their IP address configurations from Server1. You plan to add another DHCP server named Server2 to Subnet1. You need to recommend changes to the DHCP infrastructure to ensure that the client computers continue to receive IP addressing information if a single DHCP server fails. What should you do? More than one answer choice may achieve the goal. Select the BEST answer.

A.    Create a Network Load Balancing (NLB) cluster.
B.    Configure Failover for the scope.
C.    Create a DHCP failover cluster.
D.    Create a split scope.

Answer: B

QUESTION 70
Your network contains an Active Directory forest named contoso.com. The forest contains one domain.
Your company plans to open a new division named Division1.
A group named Division1Admins will administer users and groups for Division1.
You identify the following requirements for Division1:
– All Division1 users must have a complex password that is 14 characters.
– Division1Admins must be able to manage the user accounts for Division1.
– Division1Admins must be able to create groups, and then delete the groups that they create.
– Division1Admins must be able to reset user passwords and force a password change at the next logon for all Division1 users.
You need to recommend changes to the forest to support the Division1 requirements.
What should you recommend?
More than one answer choice may achieve the goal. Select the BEST answer.

A.    Create a new child domain named divisionl.contoso.com. Move all of the Division1 user accounts to
the new domain. Add the Division1Admin members to the Domain Admins group. Configure the password
policy in a Group Policy object (GPO).
B.    In the forest, create a new organizational unit (OU) named Division1 and add Division1Admins to the
Managed By attribute of the new OU. Move the Division1 user objects to the new OU. Create a fine-grained
password policy for the Division1 users.
C.    Create a new forest. Migrate all of the Division1 user objects to the new forest and add the Division1Admins
members to the Enterprise Admins group. Configure the password policy in a Group Policy object (GPO).
D.    In the forest, create a new organizational unit (OU) named Division1 and delegate permissions for the OU
to the Division1Admins group. Move all of the Division1 user accounts to the new OU. Create a fine-grained
password policy for the Division1 users.

Answer: D

Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html

Official 2014 Latest Microsoft 70-413 Exam Dump Free Download(51-60)!

QUESTION 51
You are planning the decommissioning of research.contoso.com. You need to ensure that an administrator named Admin5 in the research department can manage the user accounts that are migrated to contoso. com. The solution must minimize the number of permissions assigned to Admin5. What should you do before you migrate the user accounts?

A.    Run the New-Object cmdlet, and then run the Add-ADCentralAccessPolicyMember cmdlet.
B.    Create a new organizational unit (OU), and then add Admin5 to the Account Operators group.
C.    Run the New-Object cmdlet, and then run the Add-ADPrincipalGroupMembership cmdlet.
D.    Create a new organizational unit (OU), and then run the Delegation of Control Wizard.

Answer: D

Fallstudientitel
Fallstudientitel (Case Study):
Overview
Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is migrating to Windows Server 2012.
The company has two main offices and two branch offices. The main offices are located in Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other branch office is a research office located in Brussels. The offices connect to each other by using a WAN link.
 
Current Environment
Active Directory
The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office.
The forest contains a child domain named research.contoso.com. The functional level of both the domains is Windows Server 2008. In each site, there are two domain controllers for the contoso.com domain and two domain controllers for the research.contoso.com domain. The domain controllers run Windows Server 2008 R2.
All of the domain controllers are global catalog servers. The FSMO roles were not moved since the domains were deployed.
Network Infrastructure
All servers run Windows Server 2008 R2.
Each user has a laptop computer that runs Windows 7. The company has 10 print servers. Each print server contains several shared printers. The company has 10 file servers that have the following disk configurations:
* A simple volume named C that is the System and Boot volume and is formatted NTFS
* A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
* A simple volume named D that is formatted FAT32
* A simple volume named E that is formatted NTFS
* A Clustered Shared Volume (CSV)
The Paris office contains a server named PA1. The Amsterdam office contains a server named AMI. Both servers have the following server roles installed:
* DNS Server
* DHCP Server
* Remote Access
The DNS servers are configured to use the DNS servers of the company’s Internet Service Provider (ISP) as forwarders.
Users often work remotely. The users access the internal network by using an SSTP-based VPN connection.
Requirements
Planned Changes
The company plans to implement the following changes:
* Create a child domain named sales.contoso.com. Only the domain controllers in  sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012. The client computers in sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
* Implement two servers in the Amsterdam office and two servers in the Paris office to replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have shared storage.
* Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
* Migrate the existing print queues to virtualized instances of Windows Server 2012.
* Migrate the file servers to new servers that run Windows Server 2012.
* Implement RADIUS authentication for VPN connections.
* Deploy Windows Server 2012 to all new servers.
Technical Requirements
The company identifies following technical requirements:
* All changes to Group Policies must be logged.
* Network Access Protection (NAP) policies must be managed centrally.
* Core networking services in each office must be redundant if a server fails.
* The possibility of IP address conflicts during the DHCP migration must be minimized.
* A central log of the IP address leases and the users associated to those leases must be created.
* All of the client computers must be able to resolve internal names and internet names.
* Administrators in the Paris office need to deploy a series of desktop restrictions to the entire company by using Group Policy.
* The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users’ credentials must be passed from the web applications to the SQL Server.
QUESTION 52
What method should you use to deploy servers?

A.    WDS
B.    AIK
C.    ADK
D.    EDT

Answer: A

Litware, Inc. (QUESTION 53 – QUESTION 63)
Case Study 2: Litware, Inc (Case Study):
Overview
Litware, Inc. is a manufacturing company. The company has a main office and two branch offices. The main office is located in Seattle. The branch offices are located in Los Angeles and Boston.
Existing Environment
Active Directory
The network contains an Active Directory forest named litwareinc.com. The forest contains a child domain for each office. The child domains are named boston.litwareinc.com and la.litwareinc.com. An Active Directory site exists for each office. In each domain, all of the client computer accounts reside in an organizational unit (OU) named AllComputers and all of the user accounts reside in an OU named AllUsers. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers. The functional level of the domain and the forest is Windows Server 2008.
Network Infrastructure
The main office has the following servers:
* Five physical Hyper-V hosts that run Windows Server 2012
* Three virtual file servers that run Windows Server 2008 R2
* One physical DHCP server that runs Windows Server 2008 R2
* Ten physical application servers that run Windows Server 2012
* One virtual IP Address Management (IPAM) server that runs Windows Server 2012
* One virtual Windows Server Update Services (WSUS) server that runs Windows Server 2008 R2
* One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
Each branch office has following servers:
* One virtual file server that runs Windows Server 2008 R2
* Two physical Hyper-V hosts that run Windows Server 2012
* One physical DHCP server that runs Windows Server 2008 R2
* One physical domain controller and two virtual domain controllers that run Windows Server 2008 R2
All of the offices have a high-speed connection to the Internet. The offices connect to each other by using T1 leased lines.
The IPAM server in the main office gathers data from the DNS servers and the DHCP servers in all of the offices.
Requirements
Planned Changes
The company plans to implement the following changes:
* Implement the Active Directory Recycle Bin.
* Implement Network Access Protection (NAP).
* Implement Folder Redirection in the Boston office only.
* Deploy an application named App1 to all of the users in the Boston office only.
* Migrate to IPv6 addressing on all of the servers in the Los Angeles office. Some application servers in the Los Angeles office will have only IPv6 addresses.
Technical Requirements
The company identifies the following technical requirements:
* Minimize the amount of administrative effort whenever possible.
* Ensure that NAP with IPSec enforcement can be configured.
* Rename boston.litwareinc.com domain to bos.htwareinc.com.
* Migrate the DHCP servers from the physical servers to a virtual server that runs Windows Server 2012.
* Ensure that the members of the Operators groups in all three domains can manage the IPAM server from their client computer.
VPN Requirements
You plan to implement a third-party VPN server in each office. The VPN servers will be configured as RADIUS clients. A server that runs Windows Server 2012 will perform RADIUS authentication for all of the VPN connections.
Visualization Requirements
The company identifies the following virtualization requirements:
* Virtualize the application servers.
* Ensure that the additional domain controllers for the branch offices can be deployed by using domain controller cloning.
* Automatically distribute the new virtual machines to Hyper-V hosts based on the current resource usage of the Hyper-V hosts.
Server Deployment Requirements
The company identifies the following requirements for the deployment of new servers on the network:
* Deploy the new servers over the network.
* Ensure that all of the server deployments are done by using multicast.
Security Requirements
A new branch office will open in Chicago. The new branch office will have a single read- only domain controller (RODC). Confidential attributes must not be replicated to the Chicago office.
QUESTION 53
You need to implement the technical requirements for the boston.litwareinc.com domain.
Which tools should you use?

A.    Gpfixup and Gpupdate
B.    Rendom and Gpfixup
C.    Gpupdate and Dcgpofix
D.    Adprep and Rendom

Answer: B

QUESTION 54
You need to recommend a server virtualization strategy that meets the technical requirements and the virtualization requirements.
What should you include in the recommendation?

A.    Windows Server Backup
B.    The Microsoft Virtual Machine Converter
C.    Microsoft System Center 2012 Virtual Machine Manager (VMM)
D.    Disk2vhd

Answer: C

QUESTION 55
You need to recommend a remote access solution that meets the VPN requirements. Which role service should you include in the recommendation?

A.    Routing
B.    Network Policy Server
C.    DirectAccess and VPN (RAS)
D.    Host Credential Authorization Protocol

Answer: B

QUESTION 56
You need to recommend changes to the Active Directory site topology to support on the company’s planned changes.
What should you include in the recommendation?

A.    A new site link bridge
B.    A new subnet
C.    A new site link
D.    A new site

Answer: B

QUESTION 57
You need to recommend an IPAM management solution for the Operators groups. The solution must meet the technical requirements.
What should you include in the recommendation?

A.    Run the Invoke IpamGpoProvisioning cmdlet in all three domains. Add the computers used by the
members of the Operators group to the IPAM server.
B.    Modify the membership of the IPAM Administrators group and the WinRMRemoteWMIUsers__group
on the IPAM server.
C.    Run the Set-IpamConfiguration cmdlet on the IPAM server. Run the Invoke-IpamGpoProvisioning
cmdlet in all three domains.
D.    Run the Set-IpamConfiguration cmdlet and modify the membership of the WinRMRemoteWMIUsers
____group on the IPAM server.

Answer: B

QUESTION 58
You need to recommend a migration strategy for the DHCP servers. The strategy must meet the technical requirements.
Which Windows PowerShell cmdlet should you recommend running on the physical DHCP servers?

A.    Receive-SmigServerData
B.    Import-SmigServerSetting
C.    Export-SmigServerSetting
D.    Send-SmigServerData

Answer: C

QUESTION 59
You need to recommend a solution that meets the security requirements. Which schema attribute properties should you recommend modifying?

A.    isCriticalSystemObject
B.    searchFlags
C.    schemaFlagsEx
D.    isIndexed

Answer: C

QUESTION 60
You need to recommend a Group Policy strategy to support the company’s planned changes.
What should you include in the recommendation?

A.    Link a Group Policy object (GPO) to the AllComputers OU in each domain.
B.    Link a Group Policy object (GPO) to litwareinc.com and configure filtering.
C.    Link a Group Policy object (GPO) to each domain.
D.    Link a Group Policy object (GPO) to the Boston site.

Answer: D

Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html

Official 2014 Latest Microsoft 70-413 Exam Dump Free Download(41-50)!

Contoso, Ltd. (QUESTION 41 – QUESTION 51)
Case Study 1: Contoso, Ltd (Case Study):
Overview
Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is migrating to Windows Server 2012.
The company has two main offices and two branch offices. The main offices are located in Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other branch office is a research office located in Brussels. The offices connect to each other by using a WAN link.
Current Environment
Active Directory
The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office.
The forest contains a child domain named research.contoso.com. The functional level of both the domains is Windows Server 2008. In each site, there are two domain controllers for the contoso.com domain and two domain controllers for the research.contoso.com domain. The domain controllers run Windows Server 2008 R2.
All of the domain controllers are global catalog servers. The FSMO roles were not moved since the domains were deployed.
Network Infrastructure
All servers run Windows Server 2008 R2.
Each user has a laptop computer that runs Windows 7. The company has 10 print servers. Each print server contains several shared printers. The company has 10 file servers that have the following disk configurations:
* A simple volume named C that is the System and Boot volume and is formatted NTFS
* A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
* A simple volume named D that is formatted FAT32
* A simple volume named E that is formatted NTFS
* A Clustered Shared Volume (CSV)
The Paris office contains a server named PA1. The Amsterdam office contains a server named AMI. Both servers have the following server roles installed:
* DNS Server
* DHCP Server
* Remote Access
The DNS servers are configured to use the DNS servers of the company’s Internet Service Provider (ISP) as forwarders.
Users often work remotely. The users access the internal network by using an SSTP-based VPN connection.
Requirements
Planned Changes
The company plans to implement the following changes:
* Create a child domain named sales.contoso.com. Only the domain controllers in sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers in sales.contoso.com will run Windows Server 2012. The client computers in sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
* Implement two servers in the Amsterdam office and two servers in the Paris office to replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have shared storage.
* Decommission the research.contoso.com domain. All of the users and the Group Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
* Migrate the existing print queues to virtualized instances of Windows Server 2012.
* Migrate the file servers to new servers that run Windows Server 2012.
* Implement RADIUS authentication for VPN connections.
* Deploy Windows Server 2012 to all new servers.
Technical Requirements
The company identifies following technical requirements:
* All changes to Group Policies must be logged.
* Network Access Protection (NAP) policies must be managed centrally.
* Core networking services in each office must be redundant if a server fails.
* The possibility of IP address conflicts during the DHCP migration must be minimized.
* A central log of the IP address leases and the users associated to those leases must be created.
* All of the client computers must be able to resolve internal names and internet names.
* Administrators in the Paris office need to deploy a series of desktop restrictions to the entire company by using Group Policy.
* The new sales.contoso.com domain will contain a web application that will access data from a Microsoft SQL Server located in the contoso.com domain. The web application must use integrated Windows authentication. Users’ credentials must be passed from the web applications to the SQL Server.
QUESTION 41
You are planning the migration of research.contoso.com. You need to identify which tools must be used to perform the migration. Which tools should you identify?

A.    Active Directory Migration Tool version 3.2 (ADMT v3.2) and Group Policy Management Console (GPMC)
B.    Active Directory Federation Services (AD FS) and Microsoft Federation Gateway
C.    Active Directory Migration Tool version 3.2 (ADMT v3.2) and Active Directory Federation Services (AD FS)
D.    Active Directory Lightweight Directory Services (AD LDS) and Group Policy Management Console (GPMC)

Answer: A

QUESTION 42
You need to recommend a management solution for the GPOs. The solution must meet the technical requirements.
What should you include in the recommendation?

A.    Microsoft Desktop Optimization Pack (MDOP)
B.    Microsoft System Center 2012 Operations Manager
C.    Microsoft System Center 2012 Data Protection Manager (DPM)
D.    Microsoft Baseline Security Analyzer (MBSA)

Answer: A

QUESTION 43
You need to recommend a solution for DHCP logging. The solution must meet the technical requirement.
What should you include in the recommendation?

A.    Event subscriptions
B.    IP Address Management (IPAM)
C.    DHCP audit logging
D.    DHCP filtering

Answer: B

QUESTION 44
You are evaluating the implementation of data deduplicatton on the planned Windows Server 2012 file servers. The planned servers will have the identical disk configurations as the current servers. You need to identify which volumes can be enabled for data deduplication. Which volumes should you identify? (Each correct answer presents part of the solution. Choose all that apply.)

A.    C
B.    D
C.    E
D.    The CSV
E.    DATA

Answer: CE

QUESTION 45
You need to recommend which changes must be implemented to the network before you can deploy the new web application.
What should you include in the recommendation?

A.    Upgrade the DNS servers to Windows Server 2012.
B.    Upgrade the domain controllers to Windows Server 2010.
C.    Change the forest functional level to Windows Server 2008 R2.
D.    Change the functional level of both the domains to Windows Server 2008 R2.

Answer: B

QUESTION 46
You need to recommend changes to the DNS environment that support the implementation of the sales. contoso.com domain. The solution must ensure that the users in all of the domains can resolve both Internet names and the names of the servers in all of the internal domains.
What should you recommend?

A.    On the DNS servers in contoso.com, create a zone delegation in the contoso.com zone.
On the DNS servers in sales.contoso.com, add a forwarder to the contoso.com DNS servers.
B.    On the DNS servers in contoso.com, configure a reverse lookup zone.
On the DNS servers in sales.contoso.com, configure a conditional forwarder to contoso.com.
C.    On the DNS servers in contoso.com, configure a conditional forwarder to sales.contoso.com.
On the DNS servers in sales.contoso.com, configure a reverse zone.
D.    On the DNS servers in contoso.com, add a conditional forwarder to the sales.contoso.com zone.
E.    On the DNS servers in sales.contoso.com, add a forwarder to the DNS servers of the company’s ISP.

Answer: A

QUESTION 47
You are planning the implementation of two new servers that will be configured as RADIUS servers. You need to recommend which configuration must be performed on the VPN servers. The solution must meet the technical requirements. What should you do on each VPN server?

A.    Install the Health Registration Authority role service.
B.    Add a RADIUS client.
C.    Enable DirectAccess.
D.    Modify the authentication provider.

Answer: D

QUESTION 48
After the planned upgrade to Windows Server 2012, you restore a user account from the Active Directory Recycle Bin. You need to replicate the restored user account as quickly as possible. Which cmdlets should you run?

A.    Get-ADReplicationSite and Set-ADReplicationConnection
B.    Get-ADReplicationAttributeMetadata and Compare-Object
C.    Get-ADReplicationUpToDatenessVectorTable and Set-ADReplicationSite
D.    Get ADDomainController and Sync-ADObject

Answer: D

QUESTION 49
You implement a new virtualized print server that runs Windows Server 2012. You need to migrate the print queues.
Which tool should you use?

A.    Windows Server Migration Tools
B.    Active Directory Migration Tool (ADMT)
C.    Print Management
D.    Computer Management

Answer: C

QUESTION 50
You need to recommend a fault-tolerant solution for the VPN. The solution must meet the technical requirements.
What should you include in the recommendation?

A.    DirectAccess
B.    Failover Clustering
C.    Network adapter teaming
D.    Network Load Balancing (NLB)

Answer: D

Passing Microsoft 70-413 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-413 Dump: http://www.braindump2go.com/70-413.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(191-200)!

QUESTION 191
Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers.
The domain controllers are configured as shown in the following table.
 clip_image001[52]
You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in the child1.contoso.com domain.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Upgrade DC1 to Windows Server 2012 R2.
B.    Upgrade DC11 to Windows Server 2012 R2.
C.    Raise the domain functional level ofchildl.contoso.com,
D.    Raise the domain functional level of contoso.com.
E.    Raise the forest functional level of contoso.com.

Answer: BD

QUESTION 192
You have a server named Server1 that runs Windows Server 2012 R2. The storage on Server1 is configured as shown in the following table.
 clip_image001[54]
You plan to implement Data Deduplication on Server1. You need to identify on which drives you can enable Data Deduplication. Which three drives should you identify? (Each correct answer presents part of the solution. Choose three.)

A.    C
B.    D
C.    E
D.    F
E.    G

Answer: BDE
Explanation:
Volumes that are candidates for deduplication must conform to the following requirements:
* (not A) Must not be a system or boot volume. Deduplication is not supported on operating system volumes.
* Can be partitioned as a master boot record (MBR) or a GUID Partition Table (GPT), and must be formatted using the NTFS file system.
* Can reside on shared storage, such as storage that uses a Fibre Channel or an SAS array, or when an iSCSI SAN and Windows Failover Clustering is fully supported.
* Do not rely on Cluster Shared Volumes (CSVs). You can access data if a deduplicationenabled volume is converted to a CSV, but you cannot continue to process files for deduplication.
* (not C) Do not rely on the Microsoft Resilient File System (ReFS).
* Must be exposed to the operating system as non-removable drives. Remotely-mapped drives are not supported.
http://technet.microsoft.com/en-us/library/hh831700.aspx

QUESTION 193
You have 20 servers that run Windows Server 2012 R2.
You need to create a Windows PowerShell script that registers each server in Windows Azure Online Backup and sets an encryption passphrase. Which two PowerShell cmdlets should you run in the script? (Each correct answer presents part of the solution. Choose two.)

A.    New-OBPolicy
B.    New-OBRetentionPolicy
C.    Add-OBFileSpec
D.    Start-OBRegistration
E.    Set OBMachineSetting

Answer: DE
Explanation:
D: Start-OBRegistration
Registers the current computer with Windows Azure Online Backup using the credentials (username and password) created during enrollment.
E: The Set-OBMachineSetting cmdlet sets a OBMachineSetting object for the server that includes proxy server settings for accessing the internet, network bandwidth throttling settings, and the encryption passphrase that is required to decrypt the files during recovery to another server.
Incorrect:
Not C: The Add-OBFileSpec cmdlet adds the OBFileSpec object, which specifies the items to include or exclude from a backup, to the backup policy (OBPolicy object). The OBFileSpec object can include or exclude multiple files, folders, or volumes. T http://technet.microsoft.com/en-us/library/hh770416(v=wps.620).aspx
http://technet.microsoft.com/en-us/library/hh770425(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh770424.aspx
http://technet.microsoft.com/en-us/library/hh770398.aspx
http://technet.microsoft.com/en-us/library/hh770409.aspx

QUESTION 194
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
You need to ensure that a WIM file that is located on a network share is used as the installation source when installing server roles and features on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Run the dism.exe command and specify the /remove-package parameter.
B.    Run the Remove-WindowsFeature cmdlet.
C.    Enable and configure the Specify settings for optional component installation and component repair
policy setting by using a Group Policy object (GPO).
D.    Enable the Enforce upgrade component rules policy setting by using a Group Policy object (GPO).
E.    Run the Remove-WindowsPackage cmdlet.

Answer: AC
Explanation:
A: To remove packages from an offline image by using DISM Example:
At a command prompt, specify the package identity to remove it from the image. You can remove multiple packages on one command line.
DISM /Image:C:\test\offline /Remove-Package
/PackageName:Microsoft.Windows.Calc.Demo~6595b6144ccf1df~x86~en~1.0.0.0 /PackageName:Microsoft-Windows-MediaPlayerPackage~31bf3856ad364e35~x86~~6.1.6801.0
C:
* You can use Group Policy to specify a Windows image repair source to use within your network. The repair source can be used to restore Windows features or to repair a corrupted Windows image.
* Set Group Policy
You can use Group Policy to specify when to use Windows Update, or a network location as a repair source for features on demand and automatic corruption repair. To configure Group Policy for Feature on Demand
Open the group policy editor. For example, on a computer that is running Windows?8, click Search, click Settings, type Edit Group Policy, and then select the Edit Group Policy setting.
Click Computer Configuration, click Administrative Templates, click System, and then double-click the Specify settings for optional component uninstallation and component repair setting. Select the settings that you want to use for Features on Demand.
Note:
* The Windows Imaging Format (WIM) is a file-based disk image format. It was developed by Microsoft to help deploy Windows Vista and subsequent versions of Windows operating system family, as well as Windows Fundamentals for Legacy PCs.

QUESTION 195
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. The functional level of the forest is Windows Server 2003. You have a domain outside the forest named litwareinc.com. You need to configure an access solution to meet the following requirements:
– Users in litwareinc.com must be able to access resources on a server named Server1 in contoso.com.
– Users in the contoso.com forest must be prevented from accessing any resources in litwareinc.com.
– Users in litwareinc.com must be prevented from accessing any other resources in the contoso.com forest.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A.    Configure SID filtering on the trust.
B.    Configure forest-wide authentication on the trust.
C.    Create a one-way forest trust.
D.    Create a one-way external trust
E.    Modify the permission on the Server1 object.
F.    Configure selective authentication on the trust.

Answer: DEF
Explanation:
D (not C): litwareinc.com is outside the forest so we need an external trust (not a forest trust).
E: Must grant the required permissions on Server1.
F(not B): For external trust we must either select Domain-Wide or Selective Authentication (forst- wide authentication is not an option)
BCE
Note:
* You can create an external trust to form a one-way or two-way, nontransitive trust with domains that are outside your forest. External trusts are sometimes necessary when users need access to resources in a Windows NT 4.0 domain or in a domain that is located in a separate forest that is not joined by a forest trust.
/ To select the scope of authentication for users that are authenticating through a forest trust, click the forest trust that you want to administer, and then click Properties . On the Authentication tab, click either Forest-wide authentication or Selective authentication .
/ To select the scope of authentication for users that are authenticating through an external trust, click the external trust that you want to administer, and then click Properties . On the Authentication tab, click either Domain-wide authentication or Selective authentication .
* The forest-wide authentication setting permits unrestricted access by any users in the trusted forest to all available shared resources in any of the domains in the trusting forest.
* Forest-wide authentication is generally recommended for users within the same organization. Reference: Select the Scope of Authentication for Users
http://technet.microsoft.com/en-us/library/cc776245(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc755844(v=ws.10).aspx

QUESTION 196
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. All client computers run Windows 8. You need to configure a custom Access Denied message that will be displayed to users when they are denied access to folders or files on Server1.
What should you configure?

A.    A classification property
B.    The File Server Resource Manager Options
C.    A file management task
D.    A file screen template

Answer: B

QUESTION 197
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest contains three Active Directory sites named SiteA, SiteB, and SiteC. The sites contain four domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[56]
You discover that the users in SiteC are authenticated by the domain controllers in SiteA and SiteB. You need to ensure that the SiteC users are authenticated by the domain controllers in SiteB, unless all of the domain controllers in SiteB are unavailable. What should you do?

A.    Create additional connection objects for DC3 and DC4.
B.    Decrease the cost of the site link between SiteB and SiteC.
C.    Create a site link bridge.
D.    Disable site link bridging.

Answer: B
Explanation:
By decreasing the cost between SiteB and SiteC, the SiteC users will be authenticated by SiteB domain controllers.
Note:
* A site link bridge connects two or more site links and enables transitivity between site links. Each site link in a bridge must have a site in common with another site link in the bridge.
* By default, all site links are transitive.

QUESTION 198
Your network contains an Active Directory domain named contoso.com. The domain contains a. DC2 has the DHCP Server server role installed. DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
 clip_image002[64]
You discover that client computers cannot obtain IPv4 addresses from DC2. You need to ensure that the client computers can obtain IPv4 addresses from DC2. What should you do?

A.    Disable the Deny filters.
B.    Enable the Allow filters.
C.    Authorize DC2.
D.    Restart the DHCP Server service

Answer: C

QUESTION 199
Your network contains an Active Directory forest named adatum.com. All servers run Windows Server 2012 R2. The domain contains four servers. The servers are configured as shown in the following table.
 clip_image001[58]
You need to deploy IP Address Management (IPAM) to manage DNS and DHCP. On which server should you install IPAM?

A.    Server1
B.    Server2
C.    Server3
D.    Server4

Answer: D
Explanation:
D. IPAM cannot be installed on Domain Controllers. All other servers have the DC role http://technet.microsoft.com/en-us/library/hh831353.aspx
 clip_image001[60]

QUESTION 200
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a domain controller named DC1 that is configured as an enterprise root certification authority (CA). All users in the domain are issued a smart card and are required to log on to their domain-joined client computer by using their smart card. A user named User1 resigned and started to work for a competing company. You need to prevent User1 immediately from logging on to any computer in the domain. The solution must not prevent other users from logging on to the domain. Which tool should you use?

A.    Active Directory Users and Computers
B.    Server Manager
C.    The Certificates snap-in
D.    The Certification Authority console

Answer: D
Explanation:
You can use the Certification Authority console to configure CAs. This includes the following tasks:
(D) Scheduling certificate revocation list publication. Installing the CA certificate when necessary. Configuring exit module settings.
Configuring policy module settings.
Modifying security permissions and delegate control of CAs. Enabling optional Netscape-compatible Web-based revocation checking.
Reference: Configure Certification Authorities

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-412 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(181-190)!

QUESTION 181
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and configured. For all users, you are deploying smart cards for logon. You are using an enrollment agent to enroll the smart card certificates for the users. You need to configure the Contoso Smartcard Logon certificate template to support the use of the enrollment agent. Which setting should you modify? To answer, select the appropriate setting in the answer area.
 clip_image002[44]
Answer:
 clip_image002[46]

QUESTION 182
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains the two servers.The servers are configured as shown in the following table.
 clip_image001[36]
You investigate a report about the potential compromise of a private key for a certificate issued to Server2.
You need to revoke the certificate issued to Server2. The solution must ensure that the revocation can be reverted. Which reason code should you select? To answer, select the appropriate reason code in the answer area.
 clip_image002[48]
Answer:
 clip_image002[50]

QUESTION 183
Drag and Drop Question
Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2. A federated trust exists between adatum.com and contoso.com. The trust provides adatum.com users with access to contoso.com resources.
You need to configure Active Directory Federation Services (AD FS) claim rules for the federated trust. The solution must meet the following requirements:
– In contoso.com, replace an incoming claim type named Group with an outgoing claim type named Role.
– In adatum.com, allow users to receive their tokens for the relying party by using their Active Directory group membership as the claim type.
The AD FS claim rules must use predefined templates.
Which rule types should you configure on each side of the federated trust?
To answer, drag the appropriate rule types to the correct location or locations. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image002[52]
Answer:
 clip_image002[54]

QUESTION 184
Drag and Drop QuestionYour network contains four servers that run Windows Server 2012 R2. Each server has the Failover Clustering feature installed. Each server has three network adapters installed. An iSCSI SAN is available on the network.
You create a failover cluster named Cluster1.
You add the servers to the cluster.
You plan to configure the network settings of each server node as shown in the following table.
 clip_image001[38]
You need to configure the network settings for Cluster1.
What should you do?
To answer, drag the appropriate network communication setting to the correct cluster network. Each network communication setting may be used once, more than once, or not at all.
You may need to drag the split bar between panes or scroll to view content.
Select and Place:
 clip_image001[40]
Answer:
 clip_image002[56]

QUESTION 185
Hotspot Question
You have a server named Server1 that runs Windows Server 2012 R2. The volumes on Server1 are configured as shown in the following table.
 clip_image001[42]
A new corporate policy states that backups must use Windows Azure Online Backup whenever possible.
You need to identify which backup methods you must use to back up Server1. The solution must use Windows Azure Online Backup whenever possible. Which backup type should you identify for each volume? To answer, select the appropriate backup type for each volume in the answer area.
 clip_image002[58]
Answer:
 clip_image001[44]

QUESTION 186
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server1, Server2, Servers, and Server4. All servers run Windows Server 2012 R2. Server1 and Server2 are located in a site named Site1. Server3 and Server4 are located in a site named Site2. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 is configured to use the Node Majority quorum configuration. You need to ensure that Server1 is the only server in Site1 that can vote to maintain quorum.
What should you run from Windows PowerShell? To answer, drag the appropriate commands to the correct location. Each command may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
 clip_image002[60]
Answer:
 clip_image002[62]

QUESTION 187
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[46]
You plan to test an application on a server named Server1. Server1 is currently located in Site1. After the test, Server1 will be moved to Site2. You need to ensure that Server1 attempts to authenticate to DC3 first, while you test the application. What should you do?

A.    Create a new site and associate the site to an existing site link object.
B.    Modify the priority of site-specific service location (SRV) DNS records for Site2.
C.    Create a new subnet object and associate the subnet object to an existing site.
D.    Modify the weight of site-specific service location (SRV) DNS records Site1.

Answer: B
Explanation:
Service Location (SRV) Resource Record
Priority A number between 0 and 65535 that indicates the priority or level of preference given for this record to the host that is specified in Host offering this service.
Priority indicates this host’s priority with respect to the other hosts in this domain that offer the same service and are specified by different service location (SRV) resource records.
Incorrect:
Not D:
Weight: A number between 1 and 65535 to be used as a load-balancing mechanism. When you select among more than one target SRV host for the type of service (specified in Service) that use the same Priority number, you can use this field to weight preference toward specific hosts. Where several hosts share equal priority, SRV-specified hosts with higher weight values that are entered here should be returned first to resolver clients in SRV query results. Reference: Service Location (SRV) Resource Record Dialog Box

QUESTION 188
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1.
 clip_image001[48]
The File Server Resource Manager role service is installed on Server1. All servers run Windows Server 2012 R2. A Group Policy object (GPO) named GPO1 is linked to the organizational unit (OU) that contains Server1. The following graphic shows the configured settings in GPO1. Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You attempt to configure access-denied assistance on Server1, but the Enable access-denied assistance option cannot be selected from File Server Resource Manager.
You need to ensure that you can configure access-denied assistance on Server1 manually by using File Server Resource Manager. Which two actions should you perform?

A.    Set the Enable access-denied assistance on client for all file types policy setting to Disabled for GPO1.
B.    Set the Customize message for Access Denied errors policy setting to Not Configured for GPO1.
C.    Set the Enable access-denied assistance on client for all file types policy setting to Enabled for GPO1.
D.    Set the Customize message for Access Denied errors policy setting to Enabled for GPO1.

Answer: D
Explanation:
D. ensure that you can configure access-denied assistance
http://technet.microsoft.com/en-us/library/hh831402.aspx#BKMK_1

QUESTION 189
Your company has a main office and a remote office. The remote office is used for disaster recovery.
The network contains an Active Directory domain named contoso.com. The domain contains member servers named Server1, Server2, Server3, and Server4. All servers run Windows Server 2012 R2. Server1 and Server2 are located in the main office. Server3 and Server4 are located in the remote office.
All servers have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Storage is replicated between the main office and the remote site. You need to ensure that Cluster1 is available if two nodes in the same office fail. What are two possible quorum configurations that achieve the goal? (Each correct answer presents a
complete solution. Choose two.)

A.    Node Majority
B.    No Majority: Disk Only
C.    Node and File Share Majority
D.    Node and Disk Majority

Answer: AB
Explanation:
Depending on the quorum configuration option that you choose and your specific settings, the cluster will be configured in one of the following quorum modes:
* (A) Node majority (no witness) Only nodes have votes. No quorum witness is configured. The cluster quorum is the majority of voting nodes in the active cluster membership.
* (B) No majority (disk witness only) No nodes have votes. Only a disk witness has a vote. The cluster quorum is determined by the state of the disk witness. The cluster has quorum if one node is available and communicating with a specific disk in the cluster storage. Generally, this mode is not recommended, and it should not be selected because it creates a single point of failure for the cluster.
* Node majority with witness (disk or file share)
Nodes have votes. In addition, a quorum witness has a vote. The cluster quorum is the majority of voting nodes in the active cluster membership plus a witness vote. A quorum witness can be a designated disk witness or a designated file share witness.
Note:
* Quorum in Windows 2008 R2 referred to a consensus , that is, a majority of votes is required in order to reach quorum and maintain stability of the cluster. A new option created in Windows Server 2012 R2 which was also back ported to Windows Server 2008 R2 SP1 was the ability to stop a node being able to participate in the voting process.
* Dynamic quorum is the ability of the cluster to recalculate quorum on the fly and still maintain a working cluster. This is a huge improvement as we are now able to continue to run a cluster even if the number of nodes remaining in the cluster is less than 50%. This was not possible before but the dynamic quorum concept now allows us to do this. In fact we can reduce the cluster down to the last node (known as last man standing) and still maintain quorum. Reference: Configure and Manage the Quorum in a Windows Server 2012 R2 Failover Cluster

QUESTION 190
Your network contains an Active Directory domain named contoso.com. The domain contains four servers named Server1, Server2, Server3, and Server4 that run Windows Server 2012 R2. All servers have the Hyper-V server role and the Failover Clustering feature installed.
The servers are configured as shown in the following table.
 clip_image001[50]
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A.    From Hyper-V Manager on a node in Cluster2, create three virtual machines.
B.    From Hyper-V Manager on a node in Cluster2, modify the Hyper-V settings.
C.    From Failover Cluster Manager on Cluster1, configure each virtual machine for replication.
D.    From Cluster1, add and configure the Hyper-V Replica Broker role.
E.    From Cluster2, add and configure the Hyper-V Replica Broker role.

Answer: ACE
Explanation:
A: Need to have same number of replicated VMs in the replicated site.
C: Once the hosting server is configured for Replica, you can enable replication for each virtual machine that you want to be replicated.
E: The Hyper-V Replica Broker is placed in the replicated cluster Note:
* Each node of the failover cluster that is involved in Replica must have the Hyper-V server role installed.
* Windows Server 2012 R2 Hyper-V Replica is a built-in mechanism for replicating Virtual Machines (VMs). It can replicate selected VMs in real-time or asynchronously from a primary site to a designated replica site across LAN/WAN. Here a replica site hosts a replicated VM while an associated primary site is where the source VM runs. And either a replica site or a primary site can be a Windows Server 2012 R2 Hyper-V host or a Windows Server 2012 R2 Failover Cluster.

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(171-180)!

QUESTION 171
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers are configured as nodes in an NLB cluster named Cluster1. Both servers connect to the same switch.
Cluster1 hosts a secure web application named WebApp1. WebApp1 saves user state information in a central database.
You need to ensure that the connections to WebApp1 are distributed evenly between the nodes.
The solution must minimize port flooding.
What should you configure?
To answer, configure the appropriate affinity and the appropriate mode for Cluster1 in the answer area.
 clip_image002
Answer:
 clip_image002[4]

QUESTION 172
Drag and Drop Question
You have 3 server named Server1 that runs Windows Server 2012 R2.
You are asked to test Windows Azure Online Backup to back up Server1.
You need to back up Server1 by using Windows Azure Online Backup. Which four actions should you perform in sequence? To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[8]
Answer:
 clip_image002[10]

QUESTION 173
Hotspot Question
Your company has a primary data center and a disaster recovery data center. The network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 runs Windows Server 2012 R2. Server1 is located in the primary data center. Server1 has an enterprise root certification authority (CA) for contoso.com.
You deploy another server named Server2 to the disaster recovery data center.
You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point.
You need to configure Server2 as a CRL distribution point (CDP).
Which tab should you use to configure the required CDP entry?
To answer, select the appropriate tab in the answer area.
 clip_image002[12]
Answer:
 clip_image002[14]

QUESTION 174
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed.
You need to make configuration changes to the Windows Token-based Agent role service.
Which tool should you use?
To answer, select the appropriate tool in the answer area.
Hot Area:
 clip_image002[16]
Answer:
 clip_image002[18]

QUESTION 175
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. The servers are configured as shown in the following table.
 clip_image001[34]
You add a third server named Server3 to the network. Server3 has Intel processors. You need to move VM3 and VM6 to Server3. The solution must minimize downtime on the virtual machines.
Which method should you use to move each virtual machine? To answer, select the appropriate method for each virtual machine in the answer area.
 clip_image002[20]
Answer:
 clip_image002[22]

QUESTION 176
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains two DHCP servers named DHCP1 and DHCP2 that run Windows Server 2012 R2.
You install the IP Address Management (IPAM) Server feature on a member server named Server1 and you run the Run Invoke-IpamGpoProvisioning cmdlet.
You need to manage the DHCP servers by using IPAM on Server1. Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
 clip_image002[24]
Answer:
 clip_image002[26]

QUESTION 177
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role and the Failover Clustering feature installed. Server1 and Server2 are members of a cluster named Cluster1. Cluster1 hosts 10 virtual machines.
When you try to migrate a running virtual machine from one server to another, you receive the following error message:
“There was an error checking for virtual machine compatibility on the target node.”
You need to ensure that the virtual machines can be migrated from one node to another.
From which node should you perform the configuration? To answer, select the appropriate node in the answer area.
 clip_image002[28]
Answer:
 clip_image002[30]

QUESTION 178
Hotspot Question
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 have different processor models from the same manufacturer. On Server1, you plan to create a virtual machine named VM1. Eventually, VM1 will be exported to Server2. You need to ensure that when you import VM1 to Server2, you can start VM1 from saved snapshots.
What should you configure on VM1? To answer, select the appropriate node in the answer area.
 clip_image002[32]
Answer:
 clip_image002[34]

QUESTION 179
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1. Server1 is a BranchCache hosted cache server that is located in a branch office.
The network contains client computers that run either Windows 7 or Windows 8.
For the branch office, all of the user accounts and the client computer accounts are located in an organizational unit (OU) named Branch1. A Group Policy object (GPO) named GPO1 is linked to Branch 1. GPO1 contains the BranchCache settings.
You discover that users in the branch office who have client computers that run Windows 7 do not access cached content from Server1. Users in the branch office who have Windows 8 computers access cached content from Server1.
You need to configure the Windows 7 computers to use BranchCache on Server1. Which setting should you configure in GPO1?
To answer, select the appropriate setting in the answer area.
 clip_image002[36]
Answer:
 clip_image002[38]

QUESTION 180
Hotspot Question
Your network contains two DHCP servers named Server1 and Server2. Server1 fails. You discover that DHCP clients can no longer receive IP address leases. You need to ensure that the DHCP clients receive IP addresses immediately. What should you configure from the View/Edit Failover Relationship settings? To answer, select the appropriate setting in the answer area.
 clip_image002[40]
Answer:

clip_image002[42]
Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(161-170)!

QUESTION 161
Your network contains an Active Directory forest.
The forest contains one domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[18]
DC1 has all of the operations master roles installed. You transfer all of the operations master roles to DC2, and then you uninstall Active Directory from DC1. You need to ensure that you can use Password Settings objects (PSOs) in the domain.
What should you do?

A.    Change the domain functional level.
B.    Upgrade DC2.
C.    Run the dcgpofix.exe command.
D.    Transfer the schema master role.

Answer: A
Explanation:
A. The domain functional level must be Windows Server 2008 to use PSO’s B. DC1 needs to be upgraded
C. Recreates the default Group Policy Objects (GPOs) for a domain D. Schema isn’t up to right level
http://technet.microsoft.com/en-us/library/cc770394(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh875588(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc753104.aspx

QUESTION 162
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server3 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. DHCP is configured as shown in the exhibit.
 clip_image001[20]
You need to ensure that only Scope1, Scope3, and Scope5 assign the same DNS servers to DHCP clients. The solution must minimize administrative effort.
What should you do?

A.    Create a superscope and scope-level policies.
B.    Configure the Scope Options.
C.    Create a superscope and a filter.
D.    Configure the Server Options.

Answer: B
Explanation:
B. Any DHCP scope options configured for assignment to DHCP clients
http://technet.microsoft.com/en-us/library/dd759218.aspx
http://technet.microsoft.com/en-us/library/cc757682(v=WS.10).aspx

QUESTION 163
You have a server named Server1 that runs Windows Server 2012 R2. Server1 fails. You identify that the master
boot record (MBR) is corrupt. You need to repair the MBR. Which tool should you use?

A.    Bcdedit
B.    Bcdboot
C.    Bootrec
D.    Fixmbr

Answer: C
Explanation:
A. BCDEdit is a command-line tool for managing BCD stores. It can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot menu options, and so on. BCDEdit serves essentially the same purpose as Bootcfg.exe on earlier versions of Windows B. The BCDboot tool is a command-line tool that enables you to manage system partition files.
C. Bootrec.exe tool to troubleshoot “Bootmgr Is Missing” issue. The /ScanOs option scans all disks for installations that are compatible with Windows Vista or Windows 7. Additionally, this option displays the entries that are currently not in the BCD store. Use this option when there are Windows Vista or Windows 7 installations that the Boot Manager menu does not list.
D. Repairs the master boot record of the boot disk. The fixmbr command is only available when you are using the Recovery Console. Fixmbr option in Server 2008 and 2012 is a bootrec option
http://technet.microsoft.com/en-us/library/cc709667(v=ws.10).aspx http://technet.microsoft.com/en-us/library/dd744347(v=ws.10).aspx http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/enus/bootcons_fix mbr.mspx?mfr=true
http://www.youtube.com/watch?v=kFU8kngy6O0
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/bbf4f440-50ce4ea2- a3eaa96dc2500352

QUESTION 164
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[22]
You configure a user named User1 as a delegated administrator of DC10.
You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails. What should you do?

A.    Add User1 to the Domain Admins group.
B.    On DC10, run ntdsutil and configure the settings in the Roles context.
C.    Run repadmin and specify the /prp parameter.
D.    On DC1, modify the User Rights Assignment in Default Domain Controllers Group Policy object (GPO).

Answer: D
Explanation:
Modify the following policy:
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights
Assignment\Allow log on locally
Note:
* User Rights Assignment policies determines which users or groups have logon rights or privileges on the computer.
* Delegated administrator accounts gain local administrative permissions to the RODC. These users can operate with privileges equivalent to the local computer’s Administrators group. They are not members of the Domain Admins or the domain built-in Administrators groups. This option is useful for delegating branch office administration without giving out domain administrative permissions. Configuring delegation of administration is not required.

QUESTION 165
You perform a full installation of Windows Server 2012 R2 on a virtual machine named Server1. You plan to use Server1 as a reference image. You need to minimize the amount of storage space used by the Windows Server 2012 R2 installation. Which cmdlet should you use?

A.    Remove-Module
B.    Optimize-VHD
C.    Optimize-Volume
D.    Uninstall-WindowsFeature

Answer: B
Explanation:
The Optimize-VHD cmdlet optimizes the allocation of space in or more virtual hard disk files, except for fixed virtual hard disks. The Compact operation is used to optimize the files. This operation reclaims unused blocks as well as rearranges the blocks to be more efficiently packed, which reduces the size of a virtual hard disk file.
Reference: Optimize-VHD
http://technet.microsoft.com/en-us/library/hh849732.aspx
http://technet.microsoft.com/en-us/library/hh848458.aspx
http://technet.microsoft.com/en-us/library/hh848675.aspx
http://technet.microsoft.com/en-us/library/jj205471.aspx

QUESTION 166
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
Server1 has a scope named Scope1. A policy named Policy1 is configured for Scope1. Policy1 is configured to provide Hyper-V virtual machines a one-day lease. All other computers receive an eight-day lease.
You implement an additional DHCP server named Server2 that runs Windows Server 2012 R2.
On Server1, you configure Scopel for DHCP failover.
You discover that virtual machines that receive IP addresses from Server2 have a lease duration of eight days.
You need to ensure that when Server2 assigns IP addresses to the Hyper-V virtual machines, the lease duration is one day. The solution must ensure that other computers that receive IP addresses from Server2 have a lease duration of eight days.
What should you do?

A.    On Server2, right-click Scope1, and then click Reconcile.
B.    On Server1, right-click Scope1, and then click Replicate Scope.
C.    On Server2, create a new DHCP policy.
D.    On Server1, delete Policy1, and then recreate the policy.

Answer: B
Explanation:
Scope 1 has been set up for DHCP failover. Now we need to replicate it from Server1 to Server2.
http://technet.microsoft.com/en-us/library/dd183579(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc772101.aspx

QUESTION 167
You deploy an Active Directory Federation Services (AD FS) 2.1 infrastructure. The infrastructure uses Active Directory as the attribute store. Some users report that they fail to authenticate to the AD FS infrastructure. You discover that only users who run third-party web browsers experience issues. You need to ensure that all of the users can authenticate to the AD FS infrastructure successfully. Which Windows PowerShell command should you run?

A.    Set-ADFSProperties -ProxyTrustTokenLifetime 1:00:00
B.    Set-ADFSProperties -AddProxyAuthenticationRules None
C.    Set-ADFSProperties -SSOLifetime 1:00:00
D.    Set-ADFSProperties -ExtendedProtectionTokenCheck None

Answer: A
Explanation:
A. Sets the valid token lifetime for proxy trust tokens (in minutes). This value is used by the federation server proxy to authenticate with its associated federation server. B. Specifies a policy rule set that can be used to establish authorization permissions for setting up trust proxies. The default value allows the AD FS 2.0 service user account or any member of BUILTIN\Administrators to register a federation server proxy with the Federation Service. C. Specifies the duration of the single sign-on (SSO) experience for Web browser clients (in minutes). D. pecifies the level of extended protection for authentication supported by the federation server. Extended Protection for Authentication helps protect against man-in-the-middle (MITM) attacks, in which an attacker intercepts a client’s credentials and forwards them to a server.
http://technet.microsoft.com/zh-cn/library/ee892317.aspx

QUESTION 168
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a file server named Server1. The domain contains a domain controller named DC1.
Server1 contains three shared folders. The folders are configured as shown in the following table.
 clip_image001[24]
Folder2 has a conditional expression of User.Department= = MMarketing”.
You discover that a user named User1 cannot access \\Server1\folder2. User1 can access \\Server1\folderl and \\Server1\folder3. You verify the group membership of User1 as shown in the Member Of exhibit. (Click the Exhibit button.)
 clip_image001[26]
You verify the organization information of User1 as shown in the Organization exhibit.
(Click the Exhibit button.)
 clip_image001[28]
You verify the general properties of User1 as shown in the General exhibit. (Click the Exhibit button.)
 clip_image001[30]
You need to ensure that User1 can access the contents of \\Server1\folder2. What should you do?

A.    From a Group Policy object (GPO), set the Support for Dynamic Access Control and Kerberos armoring
setting to Always provide claims.
B.    Change the department attribute of User1.
C.    Grant the Full Control NTFS permissions on Folder2 to User1.
D.    Remove Userl1from the Accounting global group.

Answer: B
Explanation:
B. Conditional Expression and users Department must match http://technet.microsoft.com/en-us/library/jj134043.aspx

QUESTION 169
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[32]
The Branch site contains a perimeter network.
For security reasons, client computers in the perimeter network can communicate with client computers in the Branch site only. You plan to deploy a new RODC to the perimeter network in the Branch site. You need to ensure that the new RODC will be able to replicate from DC10. What should you do first on DC10?

A.    Enable the Bridge all site links setting.
B.    Run the Active Directory Domain Services Configuration Wizard.
C.    Create an Active Directory site link bridge.
D.    Create an Active Directory site.

Answer: C
Explanation:
A. Site link transitivity is controlled by the Bridge all site links option on the properties pages of transport folders (such as IP or SMTP) in the Active Directory Sites and Services snapin. Site link transitivity is enabled by default.
B.
C.
If you cannot place a writable Windows Server 2008 domain controller in the nearest site to the RODC, RODC replication depends on a site link bridge between the site links that contain the site of the RODC and the site of the writable Windows Server 2008 domain controller.
D.
AD Site not readed for RODC
http://technet.microsoft.com/en-us/library/dd736189(v=WS.10).aspx http://technet.microsoft.com/en-us/library/cc738789(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc732632(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc778718(v=WS.10).aspx

QUESTION 170
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has Microsoft SQL Server 2012 installed.
You install the Active Directory Federation Services server role on Server2. You need to configure Server2 as the first Active Directory Federation Services (AD FS) server in the domain. The solution must ensure that the AD FS database is stored in a SQL Server database on Server1.
What should you do on Server2?

A.    From a command prompt, run fsutil.exe.
B.    From Windows PowerShell, run Install-ADFSFarm.
C.    From Server Manager, install the Federation Service Proxy.
D.    From Server Manager, install the AD FS Web Agents.

Answer: B
Explanation:
A. Performs tasks that are related to file allocation table (FAT) and NTFS file systems, such as managing reparse points, managing sparse files, or dismounting a volume.
B. Creates the first node of a new federation server farm
C. Not installing Proxy
D. Not Installing web agents
http://technet.microsoft.com/en-us/library/cc753059(v=ws.10).aspx http://technet.microsoft.com/en-us/library/jj553792.aspx Parameter: -SQLConnectionString<String>
Specifies the SQL Server database that will store the AD FS configuration settings. If not specified, the AD FS installer uses the Windows Internal Database to store configuration settings.

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-412.html

Official 2014 Latest Microsoft 70-412 Exam Dump Free Download(151-160)!

QUESTION 151
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001
The Branch site contains a member server named Server1 that runs Windows Server 2012 R2.
You need to identify which domain controller authenticated the computer account of Server1. What should you do?

A.    Verify the value of the %LOGONSERVER% environment variable.
B.    Run nltest /sc_query.
C.    Verify the value of the %SESSIONNAME% environment variable.
D.    Run nltest /dsgetsite.

Answer: A
Explanation:
A. %LOGONSERVER% is the domain controller that authenticated the current user.
B. Reports on the state of the secure channel the last time that you used it. (The secure channel is the one that the NetLogon service established.)
This parameter lists the name of the domain controller that you queried on the secure channel, also.
D. Returns the name of the site in which the domain controller resides.
http://technet.microsoft.com/en-us/library/cc753915(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc731935(v=ws.10).aspx
 clip_image001[4]

QUESTION 152
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 is a file server that has the Hyper-V server role installed. Server1 hosts several virtual machines. The virtual machine configuration files are stored on drive D and the VHD files are stored on drive E.
You plan to replace drive E with a larger volume. You need to ensure that the virtual machines on Server1 remain available while drive E is being replaced. What should you do?

A.    Perform a quick migration.
B.    Add Server1 and Server2 as nodes in a failover cluster.
C.    Perform a live migration.
D.    Perform a storage migration.

Answer: D
Explanation:
D. Hyper-V in Windows Server 2012 R2 introduces support for moving virtual machine storage without downtime by making it possible to move the storage while the virtual machine remains running. http://technet.microsoft.com/en-us/library/hh831656.aspx
 clip_image001[6]

QUESTION 153
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named File1 that runs a Server Core Installation of Windows Server 2012 R2. File1 has a volume named D that contains home folders. File1 creates a shadow copy of volume D twice a day.
You discover that volume D is almost full. You add a new volume named H to File1. You need to ensure that the shadow copies of volume D are stored on volume H. Which command should you run?

A.    The Set-Volume cmdlet with the -driveletter parameter
B.    The vssadmin.exe create shadow command
C.    The Set-Volume cmdlet with the -path parameter
D.    The vssadmin.exe add shadowstorage command

Answer: D
Explanation:
A. Sets or changes the file system label of an existing volume. -DriveLetter Specifies a letter used to identify a drive or volume in the system.
B. Displays current volume shadow copy backups and all installed shadow copy writers and providers. Shadow Creates a new shadow copy of a specified volume. C. Sets or changes the file system label of an existing volume -Path Contains valid path information.
D. Displays current volume shadow copy backups and all installed shadow copy writers and providers.
AddShadowStroage Adds a shadow copy storage association for a specified volume.
http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx

QUESTION 154
Your network contains a perimeter network and an internal network. The internal network contains an Active Directory Federation Services (AD FS) 2.1 infrastructure. The infrastructure uses Active Directory as the attribute store.
You plan to deploy a federation server proxy to a server named Server2 in the perimeter network. You need to identify which value must be included in the certificate that is deployed to Server2. What should you identify?

A.    The FQDN of the AD FS server
B.    The name of the Federation Service
C.    The name of the Active Directory domain
D.    The public IP address of Server2

Answer: A
Explanation:
A. It must contain the FQDN
http://technet.microsoft.com/en-us/library/cc776786(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc782620(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc759635(v=ws.10).aspx
 clip_image001[8]

QUESTION 155
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.
You are creating a file management task as shown in the exhibit. (Click the Exhibit button.)
 clip_image001[10]
You need to ensure that the Include all folders that store the following kinds of data list displays an entry named Corporate Data.
What should you do?

A.    Modify the properties of the System Files file group.
B.    Create a new classification property.
C.    Create a new file group.
D.    Modify the Folder Usage classification property.

Answer: B
Explanation:
B. Classification properties are used to assign values to files.
http://technet.microsoft.com/en-us/library/dd758765(v=WS.10).aspx

QUESTION 156
Your network contains an Active Directory forest named adatum.com. The forest contains an Active Directory Rights Management Services (AD RMS) cluster.
A partner company has an Active Directory forest named litwareinc.com. The partner company does not have AD RMS deployed.
You need to ensure that users in litwareinc.com can consume rights-protected content from adatum.com.
Which type of trust policy should you create?

A.    At federated trust
B.    A trusted user domain
C.    A trusted publishing domain
D.    Windows Live ID

Answer: A
Explanation:
A. In AD RMS rights can be assigned to users who have a federated trust with Active Directory Federation Services (AD FS). This enables an organization to share access to rights-protected content with another organization without having to establish a separate Active Directory trust or Active Directory Rights Management Services (AD RMS) infrastructure.
http://technet.microsoft.com/en-us/library/dd772651(v=WS.10).aspx http://technet.microsoft.com/en-us/library/cc738707(v=WS.10).aspx http://technet.microsoft.com/en-us/library/cc757344(v=ws.10).aspx
 clip_image001[12]

QUESTION 157
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[14]
The Branch site contains a perimeter network.
For security reasons, client computers in the perimeter network can communicate with client computers in the Branch site only. You plan to deploy a new RODC to the perimeter network in the Branch site. You need to ensure that the new RODC will be able to replicate from DC10. What should you do first on DC10?

A.    Run the Add-ADDSReadOnlyDomainControllerAccount cmdlet.
B.    Create an Active Directory site.
C.    Run the Active Directory Domain Services Configuration Wizard.
D.    Create an Active Directory subnet.

Answer: A
Explanation:
Add-ADDSReadOnlyDomainControllerAccount Creates a read-only domain controller (RODC) account that can be used to install an RODC in Active Directory.
Note:
* Notes
Once you have added the RODC account, you can add an RODC to a server computer by using the Install-ADDSDomainController cmdlet with the -ReadOnlyReplica switch parameter.
* Example
Adds a new read-only domain controller (RODC) account to the corp.contoso.com domain using the North America site as the source site for the replication source domain controller.
C:\PS>Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName corp.contoso.com -SiteName NorthAmerica Incorrect:
Not B: There already is a branch site.
Reference: Add-ADDSReadOnlyDomainControllerAccount

QUESTION 158
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
 clip_image001[16]
You configure a user named User1 as a delegated administrator of DC10.
You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails.
What should you do?

A.    Add User1 to the Domain Admins group.
B.    Modify the properties of the DC10 computer account.
C.    Run repadmin and specify /replsingleobject parameter.
D.    On DC10, modify the User Rights Assignment in Local Policies.

Answer: D
Explanation:
Modify the following policy:
Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Allow log on locally
Note:
* User Rights Assignment policies determines which users or groups have logon rights or privileges on the computer.
* Delegated administrator accounts gain local administrative permissions to the RODC. These users can operate with privileges equivalent to the local computer’s Administrators group. They are not members of the Domain Admins or the domain built-in Administrators groups. This option is useful for delegating branch office administration without giving out domain administrative permissions. Configuring delegation of administration is not required.

QUESTION 159
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest functional level is Windows Server 2012 R2.
You have a domain controller named DC1. On DC1, you create a new Group Policy object (GPO) named GPO1. You need to verify that GPO1 was replicated to all of the domain controllers.
Which tool should you use?

A.    Group Policy Management
B.    Active Directory Sites and Services
C.    DFS Management
D.    Active Directory Administrative Center

Answer: A
Explanation:
http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/3e580e00-d6194d25-b22d- 18f0170279c4
http://technet.microsoft.com/en-us/library/jj134176.aspx

QUESTION 160
Your network contains two DNS servers named DNS1 and DNS2 that run Windows Server 2012 R2. DNS1 has a primary zone named contoso.com. DNS2 has a secondary copy of the contoso.com zone. You need to log the zone transfer packets sent between DNS1 and DNS2. What should you configure?

A.    Monitoring from DNS Manager
B.    Logging from Windows Firewall with Advanced Security
C.    A Data Collector Set (DCS) from Performance Monitor
D.    Debug logging from DNS Manager

Answer: D
Explanation:
http://technet.microsoft.com/en-us/library/cc776361(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc749337.aspx

Passing Microsoft 70-412 Exam successfully in a short time! Just using Braindump2go’s Latest Microsoft 70-411 Dump: http://www.braindump2go.com/70-412.html

1 248 249 250 251 252 260