★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-410 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-410-dumps.html
Act now and download your Microsoft 70-410 test today! Do not waste time for the worthless Microsoft 70-410 tutorials. Download Improved Microsoft Installing and Configuring Windows Server 2012 exam with real questions and answers and begin to learn Microsoft 70-410 with a classic professional.
2021 Sep 410 70:
Q151. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2.
On Server1, you open Computer Management as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can create a 3-TB volume on Disk 1.
What should you do first?
A. Create a storage pool.
B. Convert the disk to a GPT disk.
C. Create a VHD, and then attach the VHD.
D. Convert the disk to a dynamic disk.
Answer: B
Q152. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1.Server1 runs Windows Server 2012 R2.
You create a group Managed Service Account named gservice1.
You need to configure a service named Service1 to run as the gservice1 account.
How should you configure Service1?
A. From the Services console, configure the General settings.
B. From Windows PowerShell, run Set-Service and specify the -StartupType parameter.
C. From a command prompt, run sc.exe and specify the config parameter.
D. From a command prompt, run sc.exe and specify the privs parameter.
Answer: C
Explanation:
Executing the ss.exe command with the config parameter will modify service configuration.
Topic 3, Volume C
Q153. HOTSPOT - (Topic 2)
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a folder named Folder1.
A user named User1 is a member of Group1 and Group2. A user named User2 is a
member of Group2 and Group3.
You need to identify which actions the users can perform when they access the files in
Share1.
What should you identify?
To answer, select the appropriate actions for each user in the answer area.
Answer:
Q154. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Web Server (US) server role installed.
Server1 has a web site named Web1. Web1 is configured to use digest authentication.
You need to ensure that a user named User1 can access Web1.
What should you do from Active Directory Users and Computers?
A. From the properties of User1, select Store password using reversible encryption.
B. From the properties of User1, select Use Kerberos DES encryption types for this account.
C. From the properties of Server1, select Trust this computer for delegation to any service (Kerberos only).
D. From the properties of Server1, assign the Allowed to Authenticate permission to User1.
Answer: A
Explanation:
Challenge Handshake Authentication Protocol (CHAP) is a basic level of iSCSI security that is used to authenticate the peer of a connection and is based upon the peers sharing a secret: that secret being a password. To make sure that User1 can connect to the server, you should use Active Directory Users and Computers to store that password.
Q155. - (Topic 2)
You have a new server named Server1 that runs Windows Server 2012 R2.
Server1 has two dual-core processors and 32 GB of RAM.
You install the Hyper-V server role on Server1.
You create two virtual machines on Server1 that each have 8 GB of memory.
You need to minimize the amount of time it takes for both virtual machines to access
memory.
What should you configure on each virtual machine?
A. Resource control
B. Memory weight
C. Dynamic Memory
D. NUMA topology
Answer: D
Explanation:
Windows Server 2012 introduced support for projecting a virtual NUMA topology into Hyper-V virtual machines. This capability can help improve the performance of workloads running on virtual machines that are configured with large amounts of memory.
Down to date exam ref 70-411 administering windows server 2012 ebook:
Q156. - (Topic 3)
You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing connection security rules.
Which of the following is TRUE with regards to connection security rules? (Choose all that apply.)
A. Connection security rules allows for traffic to be secured via IPsec.
B. Connection security rules do not allow the traffic through the firewall.
C. Connection security rules are applied to programs or services.
D. Connection security rules are applied between two computers.
Answer: A,B,D
Explanation:
Connection security involves the authentication of two computers before they begin communications and the securing of information sent between two computers. Windows Firewall with Advanced Security uses Internet Protocol security (IPsec) to achieve connection security by using key exchange, authentication, data integrity, and, optionally, data encryption. How firewall rules and connection security rules are related Firewall rules allow traffic through the firewall, but do not secure that traffic. To secure traffic with IPsec, you can create Computer Connection Security rules. However, the creation of a connection security rule does not allow the traffic through the firewall. You must create a firewall rule to do this, if the traffic is not allowed by the default behavior of the firewall. Connection security rules are not applied to programs or services; they are applied between the computers that make up the two endpoints.
Q157. - (Topic 3)
Your network contains an Active Directory forest that contains three domains. A group named Group1 is configured as a domain local distribution group in the forest root domain. You plan to grant Group1 read-only access to a shared folder named Share1. Share1 is located in a child domain.
You need to ensure that the members of Group1 can access Share1.
What should you do first?
A. Convert Group1 to a global distribution group.
B. Convert Group1 to a universal security group.
C. Convert Group1 to a universal distribution group.
D. Convert Group1 to a domain local security group
Answer: B
Q158. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2.Server1 has six network adapters. Two of the network adapters are connected to a network named LAN1, two of the network adapters are connected to a network named LAN2, and two of the network adapters are connected to a network named LAN3.
You create a network adapter team named Team1 from the two adapters connected to LAN1. You create a network adapter team named Team2 from the two adapters connected to LAN2.
A company policy states that all server IP addresses must be assigned by using a reserved address in DHCP.
You need to identify how many DHCP reservations you must create for Server1.
How many reservations should you identify?
A. 3
B. 4
C. 6
D. 8
Answer: B
Explanation:
1 for each NIC Team (2 total) and 1 for each non-teamed NIC (2 total) -> 4 total IP addresses are required.
Q159. - (Topic 3)
Your network contains an Active Directory domain named contoso.com.
You need to prevent users from installing a Windows Store app named App1.
What should you create?
A. An application control policy executable rule
B. An application control policy packaged app rule
C. A software restriction policy certificate rule
D. An application control policy Windows Installer rule
Answer: B
Explanation:
Windows 8 is coming REALLY SOON and of course one of the big new things to computer with that is the new Packaged Apps that run in the start screen. However these apps are very different and do not install like traditional apps to a path or have a true “executable” file to launch the program. Of course enterprises need a way to control these packaged apps and therefore Microsoft has added a new feature Packaged Apps option to the App1ocker feature.
A. For .exe or .com
B. A publisher rule for a Packaged app is based on publisher, name and version
C. You can create a certificate rule that identifies software and then allows or does not allow the software to run, depending on the security level.
D. For .msi or .msp Packaged apps (also known as Windows 8 apps) are new to Windows Server 2012 R2 and Windows 8. They are based on the new app model that ensures that all the files within an app package share the same identity. Therefore, it is possible to control the entire Application using a single App1ocker rule as opposed to the non-packaged apps where each file within the app could have a unique identity. Windows does not support unsigned packaged apps which implies all packaged apps must be signed. App1ocker supports only publisher rules for Packaged apps. A publisher rule for a packaged app is based on the following information: Publisher of the package Package name Package version Therefore, an App1ocker rule for a Packaged app controls both the installation as well as the running of the app. Otherwise, the publisher rules for Packaged apps are no different than the rest of the rule collections; they support exceptions, can be increased or decreased in scope, and can be assigned to users and groups.
Q160. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The DNS zone for contoso.com is Active-Directory integrated.
The domain contains 500 client computers. There are an additional 20 computers in a workgroup.
You discover that every client computer on the network can add its record to the contoso.com zone.
You need to ensure that only the client computers in the Active Directory domain can register records in the contoso.com zone.
What should you do?
A. Sign the contoso.com zone by using DNSSEC.
B. Configure the Dynamic updates settings of the contoso.com zone.
C. Configure the Security settings of the contoso.com zone.
D. Move the contoso.com zone to a domain controller that is configured as a DNS server.
Answer: B