★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-411 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-411-dumps.html
Testking provide the Microsoft Microsoft exam questions and answers which with highest standards regarding accuracy. Our certified subject matter authorities are focused to the development of the Microsoft 70-411 exam dumps. We make sure that you will succeed in the Microsoft 70-411 exam by simply using our Microsoft Microsoft practice questions and answers. In the event that our Microsoft certification exam demos do not prove just about any help to your Microsoft exam preparation, you can take advantage of your money-back policy.
2021 Sep administering windows server 2012 ebook pdf:
Q151. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 has the following role services installed:
. DirectAccess and VPN (RRAS)
. Network Policy Server
Remote users have client computers that run either Windows XP, Windows 7, or Windows 8.
You need to ensure that only the client computers that run Windows 7 or Windows 8 can establish VPN connections to Server1.
What should you configure on Server1?
A. A condition of a Network Policy Server (NPS) network policy
B. A constraint of a Network Policy Server (NPS) network policy
C. a condition of a Network Policy Server (NPS) connection request policy
D. A vendor-specific RADIUS attribute of a Network Policy Server (NPS) connection request policy
Answer: A
Explanation:
If you want to configure the Operating System condition, click Operating System, and then click Add. In Operating System Properties, click Add, and then specify the operating system settings that are required to match the policy.
The Operating System condition specifies the operating system (operating system version or service pack number), role (client or server), and architecture (x86, x64, or ia64) required for the computer configuration to match the policy.
Q152. HOTSPOT
Your company has two offices. The offices are located in Montreal and Seattle.
The network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2. Server1 is located in the Seattle office. Server2 is located in the Montreal office. Both servers run Windows Server 2012 R2 and have the Windows Server Update Services (WSUS) server role installed.
You need to configure Server2 to download updates that are approved on Server1 only.
What cmdlet should you run? To answer, select the appropriate options in the answer area.
Answer:
Q153. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
You have a Group Policy object (GPO) named GPO1 that contains hundreds of settings. GPO1 is linked to an organizational unit (OU) named OU1. OU1 contains 200 client computers.
You plan to unlink GPO1 from OU1.
You need to identify which GPO settings will be removed from the computers after GPO1 is unlinked from OU1.
Which two GPO settings should you identify? (Each correct answer presents part of the solution. Choose two.)
A. The managed Administrative Template settings
B. The unmanaged Administrative Template settings
C. The System Services security settings
D. The Event Log security settings
E. The Restricted Groups security settings
Answer: A,D
Explanation:
There are two kinds of Administrative Template policy settings: Managed and Unmanaged . The Group Policy service governs Managed policy settings and removes a policy setting when it is no longer within scope of the user or computer.
References: http: //technet. microsoft. com/en-us/library/cc778402(v=ws. 10). aspx http: //technet. microsoft. com/en-us/library/bb964258. aspx
Q154. You have a cluster named Cluster1 that contains two nodes. Both nodes run Windows Server 2012 R2. Cluster1 hosts a virtual machine named VM1 that runs Windows Server 2012 R2.
You configure a custom service on VM1 named Service1.
You need to ensure that VM1 will be moved to a different node if Service1 fails.
Which cmdlet should you run on Cluster1?
A. Add-ClusterVmMonitoredItem
B. Add-ClusterGenericServiceRole
C. Set-ClusterResourceDependency
D. Enable VmResourceMetering
Answer: A
Explanation:
The Add-ClusterVMMonitoredItem cmdlet configures monitoring for a service or an Event Tracing for Windows (ETW) event so that it is monitored on a virtual machine. If the service fails or the event occurs, then the system responds by taking an action based on the failover configuration for the virtual machine resource. For example, the configuration might specify that the virtual machine be restarted.
Q155. HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.
You need to configure Server1 to meet the following requirements:
. Ensure that old files in a folder named Folder1 are archived automatically to a folder named Archive1.
. Ensure that JPG files can always be saved to a local computer, even when a file screen exists.
Which two nodes should you configure? To answer, select the appropriate two nodes in the answer area.
Answer Area
Answer:
Replace administering windows server 2012 video training:
Q156. Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2 and have the DNS Server server role installed.
On Server1, you create a standard primary zone named contoso.com.
You need to ensure that Server2 can host a secondary zone for contoso.com.
What should you do from Server1?
A. Add Server2 as a name server.
B. Create a trust anchor named Server2.
C. Convert contoso.com to an Active Directory-integrated zone.
D. Create a zone delegation that points to Server2.
Answer: A
Explanation:
Typically, adding a secondary DNS server to a zone involves three steps:
1.
On the primary DNS server, add the prospective secondary DNS server to the list of name servers that are authoritative for the zone.
2. On the primary DNS server, verify that the transfer settings for the zone permit the zone to be transferred to the prospective secondary DNS server.
3. On the prospective secondary DNS server, add the zone as a secondary zone.
You must add a new Name Server. To add a name server to the list of authoritative servers for the zone, you must specify both the server's IP address and its DNS name. When entering names, click Resolve to resolve the name to its IP address prior to adding it to the list. Secondary zones cannot be AD-integrated under any circumstances.
You want to be sure Server2 can host, you do not want to delegate a zone.
Secondary Domain Name System (DNS) servers help provide load balancing and fault tolerance. Secondary DNS servers maintain a read-only copy of zone data that is transferred periodically from the primary DNS server for the zone. You can configure DNS clients to query secondary DNS servers instead of (or in addition to) the primary DNS server for a zone, reducing demand on the primary server and ensuring that DNS queries for the zone will be answered even if the primary server is not available.
How-To: Configure a secondary DNS Server in Windows Server 2012
We need to tell our primary DNS that it is ok for this secondary DNS to pull information from it. Otherwise replication will fail and you will get this big red X.
Head over to your primary DNS server, launch DNS manager, expand Forward Lookup Zones, navigate to your primary DNS zone, right-click on it and go to Properties.
Go to “Zone Transfers” tab, by default, for security reasons, the “Allow zone transfers: ” is un-checked to protect your DNS information. We need to allow zone transfers, if you value your DNS records, you do not want to select “To any server” but make sure you click on “Only to servers listed on the Name Servers tab”.
Head over to the “Name Servers” tab, click Add.
You will get “New Name Server Record” window, type in the name of your secondary DNS server. it is always better to validate by name not IP address to avoid future problems in case your IP addresses change. Once done, click OK.
You will see your secondary DNS server is now added to your name servers selection, click OK.
Now if you head back to your secondary DNS server and refresh, the big red X will go away and your primary zone data will populate.
Your secondary DNS is fully setup now. You cannot make any DNS changes from your secondary DNS. Secondary DNS is a read-only DNS, Any DNS changes have to be done from the primary DNS.
References:
http: //technet. microsoft. com/en-us/library/cc816885%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/cc816814%28v=ws. 10%29. aspx
http: //blog. hyperexpert. com/how-to-configure-a-secondary-dns-server-in-windows-server-2012/
http: //technet. microsoft. com/en-us/library/cc770984. aspx
http: //support. microsoft. com/kb/816101
http: //technet. microsoft. com/en-us/library/cc753500. aspx
http: //technet. microsoft. com/en-us/library/cc771640(v=ws. 10). aspx
http: //technet. microsoft. com/en-us/library/ee649280(v=ws. 10). aspx
Q157. Your network contains an Active Directory domain named contoso.com. The domain
contains a RADIUS server named Server1 that runs Windows Server 2012 R2.
You add a VPN server named Server2 to the network.
On Server1, you create several network policies.
You need to configure Server1 to accept authentication requests from Server2.
Which tool should you use on Server1?
A. Server Manager
B. Routing and Remote Access
C. New-NpsRadiusClient
D. Connection Manager Administration Kit (CMAK)
Answer: C
Explanation:
New-NpsRadiusClient -Name "NameOfMyClientGroup" -Address "10.1.0.0/16" -AuthAttributeRequired 0 -NapCompatible 0 -SharedSecret "SuperSharedSecretxyz" -VendorName "RADIUS Standard"
Reference:
http: //technet. microsoft. com/en-us/library/hh918425(v=wps. 620). aspx
http: //technet. microsoft. com/en-us/library/jj872740(v=wps. 620). aspx
http: //technet. microsoft. com/en-us/library/dd469790. aspx
Q158. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. DC1 is a DNS server for contoso.com. The properties of the contoso.com zone are configured as shown in the exhibit. (Click the Exhibit button.)
The domain contains a server named Server1 that is part of a workgroup named Workgroup. Server1 is configured to use DC1 as a DNS server.
You need to ensure that Server1 dynamically registers a host (A) record in the contoso.com zone.
What should you configure?
A. The workgroup name of Server1
B. The Security settings of the contoso.com zone
C. The Dynamic updates setting of the contoso.com zone
D. The primary DNS suffix of Server1
Answer: D
Explanation:
When any computer or a standalone server is added to a domain as a member, the network identifies that computer with its Fully Qualified Domain Name or FQDN. A Fully Qualified Domain Name consist of a hostname and the DNs suffix separated by a “. ” called period. An example for this can be server01. msftdomain.com where “server01 is the hostname of the computer and “msftdomain.com” is the DNS suffix which follows the hostname. A complete FQDN of a client computer or a member server uniquely identifies that computer in the entire domain.
Primary DNS suffix must manually be added in Windows 8 computer to change its hostname to Fully Qualified Domain Name so that it becomes eligible to send queries and receive responses from the DNS server. Following are the steps which can be implemented to add primary DNS suffix to a Windows 8 computer hostname:
Log on to Windows 8 computer with administrator account.
From the options available on the screen click Control Panel.
On the opened window click More Settings from the left pane.
On the next window click System and Security category and on the appeared window click System.
On View basic information about your computer window click Change settings under Computer name, domain, and workgroup settings section.
On System Properties box make sure that Computer Name tab is selected and click Change button.
On Computer Name/Domain Changes box click More button.
On DNS Suffix and NetBIOS Computer Name box type in the DNS domain name as the DNS suffix to the Windows 8 computer under Primary DNS suffix of this computer field.
Click Ok button on all the boxes and restart the computer to allow changes to take effect.
For years, Windows DNS has supported dynamic updates, whereas a DNS client host registers and dynamically updates the resource records with a DNS server. If a host’s IP address changes, the resource record (particularly the A record) for the host is automatically updated, while the host utilizes the DHCP server to dynamically update its Pointer (PTR) resource record. Therefore, when a user or service needs to contact a client PC, it can look up the IP address of the host. With larger organizations, this becomes an essential feature, especially for clients that frequently move or change locations and use DHCP to automatically obtain an IP address. For dynamic DNS updates to succeed, the zone must be configured to accept dynamic updates:
References:
http: //technet. microsoft. com/en-us/library/cc778792%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/cc778792%28v=ws. 10%29. aspx
http: //www. advicehow. com/adding-primary-dns-suffix-in-microsoft-windows-8/
http: //technet. microsoft. com/en-us/library/cc959611. aspx
Q159. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012.
You pre-create a read-only domain controller (P.QDC) account named RODC1.
You export the settings of RODC1 to a file named Filel.txt.
You need to promote RODC1 by using File1.txt.
Which tool should you use?
A. The Install-WindowsFeature cmdlet
B. The Add-WindowsFeature cmdlet
C. The Dism command
D. The Install-ADDSDomainController cmdlet
E. the Dcpromo command
Answer: E
Q160. Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2003, Windows Server 2008 R2, or Windows Server 2012 R2.
A support technician accidentally deletes a user account named User1.
You need to use tombstone reanimation to restore the User1 account.
Which tool should you use?
A. Active Directory Administrative Center
B. Ntdsutil
C. Ldp
D. Esentutl
Answer: C
Explanation:
Use Ldp.exe to restore a single, deleted Active Directory object This feature takes advantage of the fact that Active Directory keeps deleted objects in the database for a period of time before physically removing them. use Ldp.exe to restore a single, deleted Active Directory object
The LPD.exe tool, included with Windows Server 2012, allows users to perform operations against any LDAP-compatible directory, including Active Directory. LDP is used to view objects stored in Active Directory along with their metadata, such as security descriptors and replication metadata.
References:
http: //www. petri. co. il/manually-undeleting-objects-windows-active-directory-ad. htm
http: //www. petri. co. il/manually-undeleting-objects-windows-active-directory-ad. htm
http: //technet. microsoft. com/en-us/magazine/2007. 09. tombstones. aspx
http: //technet. microsoft. com/nl-nl/library/dd379509(v=ws. 10). aspx#BKMK_2
http: //technet. microsoft. com/en-us/library/hh875546. aspx
http: //technet. microsoft. com/en-us/library/dd560651(v=ws. 10). aspx