70 - 411 QUIZ 1 - VOLUME 2

Please wait - loading…

Question 1 of 50

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the
File Server Resource Manager role service installed.
Each time a user receives an access-denied message after attempting to access a folder
on Server1, an email notification is sent to a distribution list named DL1.

You create a folder named Folder1 on Server1, and then you configure custom NTFS
permissions for Folder 1.
You need to ensure that when a user receives an access-denied message while attempting
to access Folder1, an email notification is sent to a distribution list named DL2. The
solution must not prevent DL1 from receiving notifications about other access-denied
messages.
What should you do?

Select one of the following:

From File Explorer, modify the Classification tab of Folder1.
From the File Server Resource Manager console, modify the Email Notifications
settings.
From the File Server Resource Manager console, set a folder management property
From File Explorer, modify the Customize tab of Folder1.

Explanation

Question 2 of 50

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the
Windows Deployment Services server role installed.
Server1 contains two boot images and four install images.
You need to ensure that when a computer starts from PXE, the available operating system
images appear in a specific order.

What should you do?

Select one of the following:

Modify the properties of the boot images
Create a new image group.
Modify the properties of the install images
Modify the PXE Response Policy.

Explanation

Question 3 of 50

Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2.
The domain contains an Edge Server named Server1. Server1 is configured as a
DirectAccess server. Server1 has the following settings:

You run the Remote Access Setup wizard as shown in the following exhibit. (Click the
Exhibit button.)

You need to ensure that client computers on the Internet can establish DirectAccess
connections to Server1.
Which additional name suffix entry should you add from the Remote Access Setup wizard?

Select one of the following:

A Name Suffix value of dal.contoso.com and a blank DNS Server Address value
A Name Suffix value of Server1.contoso.com and a DNS Server Address value of
65.55.37.62
A Name Suffix value of dal.contoso.com and a DNS Server Address value of
65.55.37.62
A Name Suffix value of Server1.contoso.com and a blank DNS Server Address value

Explanation

Question 4 of 50

Your company has a main office and a branch office.
The main office contains a server that hosts a Distributed File System (DFS) replicated
folder.
You plan to implement a new DFS server in the branch office.
You need to recommend a solution that minimizes the amount of network bandwidth used
to perform the initial synchronization of the folder to the branch office.
You recommend using the Export-DfsrClone and Import-DfsrClonecmdlets.
Which additional command or cmdlet should you include in the recommendation?

Select one of the following:

Robocopy.exe
Synchost.exe
Export-BcCachePackage
Sync-DfsReplicationGroup

Explanation

Question 5 of 50

Your network contains two Active Directory forests named adatum.com and contoso.com.
The network contains three servers. The servers are configured as shown in the following
table.

You need to ensure that connection requests from adatum.com users are forwarded to
Server2 and connection requests from contoso.com users are forwarded to Server3.
Which two should you configure in the connection request policies on Server1? (Each
correct answer presents part of the solution. Choose two.)

Select one or more of the following:

The Authentication settings
The Standard RADIUS Attributes settings
The Location Groups condition
The Identity Type condition
The User Name condition

Explanation

Question 6 of 50

Your network contains a DNS server named Server1. Server1 hosts a DNS zone for
contoso.com.
You need to ensure that DNS clients cache records from contoso.com for a maximum of
one hour.
Which value should you modify in the Start of Authority (SOA) record? To answer, select
the appropriate setting in the answer area.

Select one of the following:

Refresh Interval
Retry Interval
Expiry lenght
Minimum TTL

Explanation

Question 7 of 50

Your network contains an Active Directory forest. The forest contains two domains named
contoso.com and fabrikam.com. All of the DNS servers in both of the domains run
Windows Server 2012 R2.
The network contains two servers named Server1 and Server2. Server1 hosts an Active
Directory-integrated zone for contoso.com. Server2 hosts an Active Directory-integrated
zone for fabrikam.com. Server1 and Server2 connect to each other by using a WAN link.

Client computers that connect to Server1 for name resolution cannot resolve names in
fabrikam.com.
You need to configure Server1 to resolve names in fabrikam.com. The solution must NOT
require that changes be made to the fabrikam.com zone on Server2.
What should you create?

Select one of the following:

A trust anchor
A stub zone
A zone delegation
A secondary zone

Explanation

Question 8 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the
Network Policy Server role service installed.
You plan to configure Server1 as a Network Access Protection (NAP) health policy server
for VPN enforcement by using the Configure NAP wizard.
You need to ensure that you can configure the VPN enforcement method on Server1
successfully.
What should you install on Server1 before you run the Configure NAP wizard?

Select one of the following:

A system health validator (SHV)
A computer certificate
The Remote Access server role
B. The Host Credential Authorization Protocol (HCAP)
image above for answer explanation

Explanation

Question 9 of 50

Your network contains one Active Directory domain named contoso.com. The domain
contains 10 file servers that run Windows Server 2012 R2.
You plan to enable BitLocker Drive Encryption (BitLocker) for the operating system drives
of the file servers.
You need to configure BitLocker policies for the file servers to meet the following
requirements:
Ensure that all of the servers use a startup PIN for operating system drives
encrypted with BitLocker.
Ensure that the BitLocker recovery key and recovery password are stored in Active
Directory.
Which two Group Policy settings should you configure? To answer, select the appropriate
settings in the answer area.

Select one of the following:

answer above
..

Explanation

Question 10 of 50

Your network contains an Active Directory domain named contoso.com. All servers run
Windows Server 2012 R2.
The network contains several group Managed Service Accounts that are used by four
member servers.

You need to ensure that if a group Managed Service Account resets a password of a
domain user account, an audit entry is created.
You create a Group Policy object (GPO) named GPO1.
What should you do next?

Select one of the following:

In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User
Account Management. Link GPO1 to the Domain Controllers organizational unit (OU).
In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User
Account Management. Move the member servers to a new organizational unit (OU). Link
GPO1 to the new OU
In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive
Privilege Use. Link GPO1 to the Domain Controllers organizational unit (OU).
In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive
Privilege Use. Move the member servers to a new organizational unit (OU). Link GPO1 to
the new OU.

Explanation

Question 11 of 50

Your network contains a RADIUS server named Admin1.
You install a new server named Server2 that runs Windows Server 2012 R2 and has
Network Policy Server (NPS) installed.
You need to ensure that all accounting requests for Server2 are forwarded to Admin1.
On Server2, you create a new remote RADIUS server group named Group1 that contains
Admin1.
What should you configure next on Server2?
To answer, select the appropriate node in the answer area.

Select one of the following:

Radius Client
Remote Radius server Groups
Connection Request Policies
Network Policies
Health Policies
System Health Validator
Remediation Server Group

Explanation

Question 12 of 50

You have a server named Server1 that has the Network Policy and Access Services server
role installed.
You plan to configure Network Policy Server (NPS) on Server1 to use certificate-based
authentication for VPN connections.
You obtain a certificate for NPS.
You need to ensure that NPS can perform certificate-based authentication.
To which store should you import the certificate?
To answer, select the appropriate store in the answer area.

Select one of the following:

Personal
Trusted Root certification Authorities
Enterprise Trut
Intermediate certification Authorities
Trusted Publishers
Untrusted certificates

Explanation

Question 13 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains six domain controllers. The domain controllers are configured as shown in the
following table

The network contains a server named Server1 that has the Hyper-V server role installed.
DC6 is a virtual machine that is hosted on Server1.
You need to ensure that you can clone DC6.
What should you do?

Select one of the following:

Transfer the schema master to DC6.
Transfer the PDC emulator to DC5.
Transfer the schema master to DC4.
Transfer the PDC emulator to DC2

Explanation

Question 14 of 50

Your network contains an Active Directory domain named adatum.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2. Server1 is
configured as a Network Policy Server (NPS) server and as a DHCP server.
The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP
scope for each subnet.
You need to ensure that noncompliant computers on Subnet1 receive different network
policies than noncompliant computers on Subnet2.
Which two settings should you configure? (Each correct answer presents part of the
solution. Choose two.)

Select one or more of the following:

The NAP-Capable Computers conditions
The NAS Port Type constraints
The Health Policies conditions
The MS-Service Class conditions
The Called Station ID constraints

Explanation

Question 15 of 50

You have two Windows Server Update Services (WSUS) servers named Server01 and
Server02. Server01 synchronizes from Microsoft Update. Server02 synchronizes updates
from Server01. Both servers are members of the same Active Directory domain.
You configure Server01 to require SSL for all WSUS metadata by using a certificate issued
by an enterprise root certification authority (CA).
You need to ensure that Server02 synchronizes updates from Server01.
What should you do on Server02?

Select one of the following:

From a command prompt, run wsusutil.exe configuresslproxy server02 443.
From a command prompt, run wsusutil.exe configuressl server01.
From a command prompt, run wsusutil.exe configuresslproxy server01 443.
From the Update Services console, modify the Update Source and Proxy Server
options

Explanation

Question 16 of 50

Your network contains an Active Directory domain named contoso.com. Domain controllers
run either Windows Server 2003, Windows Server 2008 R2, or Windows Server 2012 R2.
A support technician accidentally deletes a user account named User1.
You need to use tombstone reanimation to restore the User1 account.
Which tool should you use?

Select one of the following:

Active Directory Administrative Center
Ntdsutil
Ldp
Esentutl

Explanation

Question 17 of 50

You have a failover cluster that contains five nodes. All of the nodes run Windows Server
2012 R2. All of the nodes have BitLocker Drive Encryption (BitLocker) enabled.
You enable BitLocker on a Cluster Shared Volume (CSV).
You need to ensure that all of the cluster nodes can access the CSV.
Which cmdlet should you run next?

Select one of the following:

Unblock-Tpm
Add-BitLockerKeyProtector
Remove-BitLockerKeyProtector
Enable BitLockerAutoUnlock

Explanation

Question 18 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that has the Remote Access server role installed.
DirectAccess is implemented on Server1 by using the default configuration.
You discover that DirectAccess clients do not use DirectAccess when accessing websites
on the Internet.
You need to ensure that DirectAccess clients access all Internet websites by using their
DirectAccess connection.
What should you do?

Select one of the following:

Configure a DNS suffix search list on the DirectAccess clients.
Configure DirectAccess to enable force tunneling.
Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client
Settings Group Policy object (GPO).
Enable the Route all traffic through the internal network policy setting in the
DirectAccess Server Settings Group Policy object (GPO).

Explanation

Question 19 of 50

Your network contains an Active Directory domain named contoso.com. All servers run
Windows Server 2012 R2.
All sales users have laptop computers that run Windows 8. The sales computers are joined
to the domain. All user accounts for the sales department are in an organizational unit (OU)
named Sales_OU.
A Group Policy object (GPO) named GPO1 is linked to Sales_OU.
You need to configure a dial-up connection for all of the sales users.
What should you configure from User Configuration in GPO1?

Select one of the following:

Policies/Administrative Templates/Network/Windows Connect Now
Preferences/Control Panel Settings/Network Options
Policies/Administrative Templates/Windows Components/Windows Mobility Center
Policies/Administrative Templates/Network/Network Connections
explanation image above ....

Explanation

Question 20 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2.
You enable and configure Routing and Remote Access (RRAS) on Server1.
You create a user account named User1.
You need to ensure that User1 can establish VPN connections to Server1.
What should you do?

Select one of the following:

Create a network policy
Create a connection request policy.
Add a RADIUS client
Modify the members of the Remote Management Users group

Explanation

Question 21 of 50

You have a server named Server1 that runs Windows Server 2012 R2.
You configure Network Access Protection (NAP) on Server1.
Your company implements a new security policy stating that all client computers must have
the latest updates installed. The company informs all employees that they have two weeks
to update their computer accordingly.
You need to ensure that if the client computers have automatic updating disabled, they are
provided with full access to the network until a specific date and time.
Which two nodes should you configure?
To answer, select the appropriate two nodes in the answer area.

Select one or more of the following:

Connection Request Policies
Health Policies
Network Policies
System Health Validators
Remediation Server groups

Explanation

Question 22 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2 and has the Network
Policy Server role service installed.
An administrator creates a Network Policy Server (NPS) network policy named Policy1.
You need to ensure that Policy1 applies to L2TP connections only.
Which condition should you modify?
To answer, select the appropriate object in the answer area.

Select one of the following:

Authentication Type
Framed Protocol
Service Type
Tunnel Type
Client IPv4 Address
Client Vendor
MS-RAS Vendor ID

Explanation

Question 23 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2 and has the Network
Policy Server role service installed.
You need to enable trace logging for Network Policy Server (NPS) on Server1.
Which tool should you use?

Select one of the following:

The tracert.exe command
The Network Policy Server console
The Server Manager console
The netsh.exe command

Explanation

Question 24 of 50

Your network contains an Active Directory forest named contoso.com. The forest functional
level is Windows Server 2012 R2. The forest contains a single domain.
You create a Password Settings object (PSO) named PSO1.
You need to delegate the rights to apply PSO1 to the Active Directory objects in an
organizational unit named OU1.

What should you do?

Select one of the following:

From Active Directory Users and Computers, run the Delegation of Control Wizard
From Active Directory Administrative Center, modify the security settings of PSO1.
From Group Policy Management, create a Group Policy object (GPO) and link the GPO
to OU1.
From Active Directory Administrative Center, modify the security settings of OU1.

Explanation

Question 25 of 50

Your network contains two Active Directory forests named contoso.com and adatum.com.
All domain controllers run Windows Server 2012 R2.
The adatum.com domain contains a Group Policy object (GPO) named GPO1. An
administrator from adatum.com backs up GPO1 to a USB flash drive.

You have a domain controller named dc1.contoso.com. You insert the USB flash drive in
dc1.contoso.com.
You need to identify the domain-specific reference in GPO1.
What should you do?

Select one of the following:

From the Migration Table Editor, click Populate from Backup.
From Group Policy Management, run the Group Policy Modeling Wizard.
From Group Policy Management, run the Group Policy Results Wizard.
From the Migration Table Editor, click Populate from GPO.

Explanation

Question 26 of 50

Your network contains an Active Directory domain named contoso.com. The network
contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the
Network Policy and Access Services server role installed.
You plan to deploy additional servers that have the Network Policy and Access Services
server role installed. You must standardize as many settings on the new servers as
possible.
You need to identify which settings can be standardized by using Network Policy Server
(NPS) templates.
Which three settings should you identify? (Each correct answer presents part of the
solution. Choose three.)

Select one or more of the following:

IP filters
shared secrets
health policies
network policies
connection request policies

Explanation

Question 27 of 50

Your network contains an Active Directory domain named contoso.com.
A user named User1 creates a central store and opens the Group Policy Management
Editor as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that the default Administrative Templates appear in GPO1.
What should you do?

Select one of the following:

Link a WMI filter to GPO1.
Copy files from %Windir%\Policydefinitions to the central store.
Configure Security Filtering in GPO1
Add User1 to the Group Policy Creator Owners group.

Explanation

Question 28 of 50

Your network contains an Active Directory domain named adatum.com.
You need to audit changes to the files in the SYSVOL shares on all of the domain
controllers. The solution must minimize the amount of SYSVOL replication traffic caused by
the audit.
Which two settings should you configure? (Each correct answer presents part of the
solution. Choose two.)

Select one or more of the following:

Audit Policy\Audit system events
Advanced Audit Policy Configuration\DS Access
Advanced Audit Policy Configuration\Global Object Access Auditing
Audit Policy\Audit object access
Audit Policy\Audit directory service access
Advanced Audit Policy Configuration\Object Access

Explanation

Question 29 of 50

You have a file server named Server1 that runs Windows Server 2012 R2.
A user named User1 is assigned the modify NTFS permission to a folder named C:\shares
and all of the subfolders of C:\shares.
On Server1, you open File Server Resource Manager as shown in the exhibit. (Click the
Exhibit button.)

To answer, complete each statement according to the information presented in the exhibit.
Each correct selection is worth one point.

Select one or more of the following:

File 1.gif
File 2.bmp
File 3.jpg.zip
file 4.mp3

Explanation

Question 30 of 50

Your network is configured as shown in the exhibit. (Click the Exhibit button.)

Server1 regularly accesses Server2. You discover that all of the connections from Server1 to Server2 are routed through Router1.
You need to optimize the connection path from Server1 to Server2.
Which route command should you run on Server1?

Select one of the following:

Route add -p 10.10.10.0 MASK 255.255.255.0 172.23.16.2 METRIC 100
Route add -p 10.10.10.0 MASK 255.255.255.0 10.10.10.1 METRIC 50
Route add -p 10.10.10.12 MASK 255.255.255.0 10.10.10.1 METRIC 100
Route add -p 10.10.10.12 MASK 255.255.255.0 10.10.10.0 METRIC 50

Explanation

Question 31 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a file server named Server1 that runs Windows Server 2012 R2.
You view the effective policy settings of Server1 as shown in the exhibit. (Click the Exhibit
button.)

On Server1, you have a folder named C:\Share1 that is shared as Share1. Share1 contains
confidential data. A group named Group1 has full control of the content in Share1.
You need to ensure that an entry is added to the event log whenever a member of Group1
deletes a file in Share1.
What should you configure?

Select one of the following:

the Audit File Share setting of Servers GPO
the Sharing settings of C:\Share1
the Audit File System setting of Servers GPO
the Security settings of C:\Share1

Explanation

Question 32 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains two member servers named Server1 and Server2. All servers run Windows Server
2012 R2.
Server1 and Server2 are nodes in a Hyper-V cluster named Cluster1. Cluster1 hosts 10
virtual machines. All of the virtual machines run Windows Server 2012 R2 and are
members of the domain.
You need to ensure that the first time a service named Service1 fails on a virtual machine,
the virtual machine is moved to a different node.
You configure Service1 to be monitored from Failover Cluster Manager.
What should you configure on the virtual machine?

Select one of the following:

From the General settings, modify the Startup type.
From the General settings, modify the Service status.
From the Recovery settings of Service1, set the First failure recovery action to Take No
Action.
From the Recovery settings of Service1, set the First failure recovery action to Restart
the Service.

Explanation

Question 33 of 50

You have a DNS server named Server1 that runs Windows Server 2012 R2. On Server1,
you create a DNS zone named contoso.com.
You need to specify the email address of the person responsible for the zone.
Which type of DNS record should you configure?

Select one of the following:

Start of authority (SOA)
Host information (HINFO)
Mailbox (MB)
Mail exchanger (MX)

Explanation

Question 34 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012.
You have a Group Policy object (GPO) named GPO1 that contains several custom
Administrative templates.
You need to filter the GPO to display only settings that will be removed from the registry
when the GPO falls out of scope. The solution must only display settings that are either
enabled or disabled and that have a comment.
How should you configure the filter?
To answer, select the appropriate options below. Select three.

Select one or more of the following:

Set Managed to: Yes
Set Managed to: No
Set Managed to: Any
Set Configured to: Yes
Set Configured to: No
Set Configured to: Any
Set Commented to: Yes
Set Commented to: No
Set Commented to: Any

Explanation

Question 35 of 50

Your network contains an Active Directory domain named contoso.com.
You need to create a certificate template for the BitLocker Drive Encryption (BitLocker)
Network Unlock feature.
Which Cryptography setting of the certificate template should you modify?
To answer, select the appropriate setting in the answer area.

Select one of the following:

Answer above
...

Explanation

Question 36 of 50

Your network contains 25 Web servers that run Windows Server 2012 R2.
You need to configure auditing policies that meet the following requirements:
Generate an event each time a new process is created.
Generate an event each time a user attempts to access a file share.
Which two auditing policies should you configure? To answer, select the appropriate two
auditing policies in the answer area.

Select one or more of the following:

Account Logon
Account Management
Detailed Tracking
DS Access
Logon / Logoff
Object access
Policy Change

Explanation

Question 37 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains two member servers named Server1 and Server2. All servers run Windows Server
2012 R2.
You generalize Server2.
You install the Windows Deployment Services (WDS) server role on Server1.
You need to capture an image of Server2 on Server1.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area
and arrange them in the correct order.

Select one or more of the following:

Add an Install image to Server 1
Start server 2 by using PXE
Add a boot image to Server 1
Add a capture image to server 1
Add a prestaged device to server 1
Start server 2 by using a windows to go image

Explanation

Question 38 of 50

Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2. You plan to use fine-grained password policies to
customize the password policy settings ofcontoso.com.
You need to identify to which Active Directory object types you can directly apply the finegrained
password policies.
Which two object types should you identify? (Each correct answer presents part of the
solution. Choose two.)

Select one or more of the following:

Users
Global groups
computers
Universal groups
Domain local groups

Explanation

Question 39 of 50

Your network contains a domain controller named DC1 that runs Windows Server 2012 R2.
You create a custom Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to collect the following information:
The amount of Active Directory data replicated between DC1 and the other domain
controllers
The current values of several registry settings
Which two should you configure in DCS1? (Each correct answer presents part of the
solution. Choose two.)

Select one or more of the following:

Event trace data
A Performance Counter Alert
System configuration information
A performance counter

Explanation

Question 40 of 50

Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2.
DirectAccess is deployed to the network.
Remote users connect to the DirectAccess server by using a variety of network speeds.
The remote users report that sometimes their connection is very slow.
You need to minimize Group Policy processing across all wireless wide area network
(WWAN) connections.
Which Group Policy setting should you configure?

Select one of the following:

Configure Group Policy slow link detection.
Configure Direct Access connections as a fast network connection.
Configure wireless policy processing
Change Group Policy processing to run asynchronously when a slow network
connection is detected.

Explanation

Question 41 of 50

Your network contains three Network Policy Server (NPS) servers named NPS1, NPS2,
and NPS3.
NP51 is configured as a RADIUS proxy that forwards connection requests to a remote
RADIUS server group named Group1.
You need to ensure that NPS2 receives connection requests. NPS3 must only receive
connection requests if NPS2 is unavailable.

Select one of the following:

Change the Priority of NPS3 to 10.
Change the Weight of NPS2 to 10.
Change the Weight of NPS3 to 10.
Change the Priority of NPS2 to 10.

Explanation

Question 42 of 50

Your company deploys a new Active Directory forest named contoso.com. The first domain
controller in the forest runs Windows Server 2012 R2. The forest contains a domain
controller named DC10.
On DC10, the disk that contains the SYSVOL folder fails.
You replace the failed disk. You stop the Distributed File System (DFS) Replication service.
You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?

Select one of the following:

Dfsgui.msc
Dfsmgmt.msc
Adsiedit.msc
Ldp

Explanation

Question 43 of 50

You have a DNS server that runs Windows Server 2012 R2. The server hosts the zone for
contoso.com and is accessible from the Internet.
You need to create a DNS record for the Sender Policy Framework (SPF) to list the hosts
that are authorized to send email for contoso.com.
Which type of record should you create?

Select one of the following:

mail exchanger (MX)
resource record signature (RRSIG)
text (TXT)
name server (NS)

Explanation

Question 44 of 50

Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2. One of the domain controllers is named DC1.
The DNS zone for the contoso.com zone is Active Directory-integrated and has the default
settings.
A server named Server1 is a DNS server that runs a UNIX-based operating system.
You plan to use Server1 as a secondary DNS server for the contoso.com zone.
You need to ensure that Server1 can host a secondary copy of the contoso.com zone.
What should you do?

Select one of the following:

From DNS Manager, modify the Advanced settings of DC1.
From DNS Manager, modify the Zone Transfers settings of the contoso.com zone.
From Windows PowerShell, run the Set-DnsServerForwardercmdlet and specify the
contoso.com zone as a target.
From DNS Manager, modify the Security settings of DC1.

Explanation

Question 45 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2. Both servers run Windows Server 2012
R2. Both servers have the File and Storage Services server role, the DFS Namespace role
service, and the DFS Replication role service installed.
Server1 and Server2 are part of a Distributed File System (DFS) Replication group named
Group1. Server1 and Server2 are connected by using a high-speed LAN connection.
You need to minimize the amount of processor resources consumed by DFS Replication.
What should you do?

Select one of the following:

Modify the replication schedule.
Modify the staging quota.
Disable Remote Differential Compression (RDC).
Reduce the bandwidth usage.

Explanation

Question 46 of 50

Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2.
All client computers run Windows 8 Enterprise.
DC1 contains a Group Policy object (GPO) named GPO1.
You need to update the PATH variable on all of the client computers.
Which Group Policy preference should you configure?

Select one of the following:

Ini Files
Services
Data Sources
Environment

Explanation

Question 47 of 50

Your network is configured as shown in the exhibit. (Click the Exhibit button.)
Server1 regularly accesses Server2.
You discover that all of the connections from Server1 to Server2 are routed through
Routerl.
You need to optimize the connection path from Server1 to Server2.
Which route command should you run on Server1?

Select one of the following:

Route add -p 192.168.2.0 MASK 255.255.255.0 192.168.2.1 METRIC 50
Route add -p 192.168.2.12 MASK 255.255.255.0 192.168.2.1 METRIC 100
Route add -p 192.168.2.12 MASK 255.255.255.0 192.168.2.0 METRIC 50
Route add -p 192.168.2.0 MASK 255.255.255.0 192.168.1.2 METRIC 100

Explanation

Question 48 of 50

Your network contains an Active Directory domain named contoso.com. All client
computers are configured as DHCP clients.
You link a Group Policy object (GPO) named GPO1 to an organizational unit (OU) that
contains all of the client computer accounts.
You need to ensure that Network Access Protection (NAP) compliance is evaluated on all
of the client computers.
Which two settings should you configure in GPO1?
To answer, select the appropriate two settings in the answer area.

Select one or more of the following:

Account Policies
Event Log
Restricted Groups
System Services
Registry
Software Restriction policies
Network Access Protection

Explanation

Question 49 of 50

Your network contains an Active Directory domain named contoso.com.
Network Policy Server (NPS) is deployed to the domain.
You plan to deploy Network Access Protection (NAP).
You need to configure the requirements that are validated on the NPS client computers.
What should you do?

Select one of the following:

From the Network Policy Server console, configure a network policy.
From the Network Policy Server console, configure a health policy.
From the Network Policy Server console, configure a Windows Security Health Validator
(WSHV) policy.
From a Group Policy object (GPO), configure the NAP Client Configuration security
setting.
From a Group Policy object (GPO), configure the Network Access Protection
Administrative Templates setting.

Explanation

Question 50 of 50

Your network contains an Active Directory domain named contoso.com. All servers run
Windows Server 2012 R2. The domain contains two servers. The servers are configured as
shown in the following table.

All client computers run Windows 8 Enterprise.
You plan to deploy Network Access Protection (NAP) by using IPSec enforcement.
A Group Policy object (GPO) named GPO1 is configured to deploy a trusted server group
to all of the client computers.
You need to ensure that the client computers can discover HRA servers automatically.
Which three actions should you perform? (Each correct answer presents part of the
solution. Choose three.)

Select one or more of the following:

On all of the client computers, configure the EnableDiscovery registry key.
In a GPO, modify the Request Policy setting for the NAP Client Configuration.
On Server2, configure the EnableDiscovery registry key.
On DC1, create an alias (CNAME) record.
On DC1, create a service location (SRV) record.

Explanation

Check answer

["https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451427/desktop_2ba5eb47-4061-4fe9-aff1-379ba7e41190.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2451435/desktop_c3c5b7c9-11f8-4a34-b3be-63dd3d35e811.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451451/desktop_4a4350cf-6941-4d03-b7d9-43677680ceb8.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451458/desktop_b4c16cf9-e2fc-46fd-b62b-d14d5e3bc3a2.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451459/desktop_ea8407d5-1be2-40ad-a47f-1a374db49d40.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451462/desktop_31c29b01-c96c-4290-96a2-3c784181880f.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451466/desktop_51aef37f-8a80-4eeb-b720-d941754a4cce.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451469/desktop_d3448333-0d46-4d55-abdd-4f6e91da17e5.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451497/desktop_5c539ce2-cc55-4506-8d37-1d01a92bcdd9.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2451502/desktop_93b49676-45f8-4152-9a97-3256948da2ff.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451515/desktop_f492b824-3813-49ec-9d13-46414e0fc759.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451536/desktop_eef03df8-6949-428b-8a31-be4c3c249cd9.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2451546/desktop_fae1b4ac-5294-4492-be08-34f315d1986c.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451552/desktop_1611e8a4-680e-489e-8531-3410118f4483.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451557/desktop_2e37ebd9-b3e0-47f2-86c2-2fb6e0c22c95.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2451566/desktop_ed409409-c453-4a3f-82ac-dbb87931fd98.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2451579/desktop_02e90f0a-f126-4569-9696-3c1b33b4586b.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2451589/desktop_b6608666-a107-4bf0-a25f-b91da9bf6d52.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2451598/desktop_a0f5978c-2756-41c4-86bf-c6e379e63902.png","https://cdn.goconqr.com/uploads/multiple_choice_question/image/2454138/desktop_db587d89-b5ca-4d0e-9b73-20033fe1f1f2.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2454169/desktop_62e8e682-1e29-45bf-bcec-385829c6321a.png","https://cdn.goconqr.com/uploads/checkbox_question/image/2454246/desktop_63e8efda-3497-423f-a42d-70e0c2af797b.png"]

	Created by saheed Tijani almost 9 years ago

70-411 70-411 Quiz on 70 - 411 QUIZ 1 - VOLUME 2, created by saheed Tijani on 28/01/2016.

70 - 411 QUIZ 1 - VOLUME 2

Question 1 of 50

Select one of the following:

Explanation

Question 2 of 50

Select one of the following:

Explanation

Question 3 of 50

Select one of the following:

Explanation

Question 4 of 50

Select one of the following:

Explanation

Question 5 of 50

Select one or more of the following:

Explanation

Question 6 of 50

Select one of the following:

Explanation

Question 7 of 50

Select one of the following:

Explanation

Question 8 of 50

Select one of the following:

Explanation

Question 9 of 50

Select one of the following:

Explanation

Question 10 of 50

Select one of the following:

Explanation

Question 11 of 50

Select one of the following:

Explanation

Question 12 of 50

Select one of the following:

Explanation

Question 13 of 50

Select one of the following:

Explanation

Question 14 of 50

Select one or more of the following:

Explanation

Question 15 of 50

Select one of the following:

Explanation

Question 16 of 50

Select one of the following:

Explanation

Question 17 of 50

Select one of the following:

Explanation

Question 18 of 50

Select one of the following:

Explanation

Question 19 of 50

Select one of the following:

Explanation

Question 20 of 50

Select one of the following:

Explanation

Question 21 of 50

Select one or more of the following:

Explanation

Question 22 of 50

Select one of the following:

Explanation

Question 23 of 50

Select one of the following:

Explanation

Question 24 of 50

Select one of the following:

Explanation

Question 25 of 50

Select one of the following:

Explanation

Question 26 of 50

Select one or more of the following:

Explanation

You have a DNS server named Server1 that runs Windows Server 2012 R2. On Server1,
you create a DNS zone named contoso.com.
You need to specify the email address of the person responsible for the zone.
Which type of DNS record should you configure?