[Refined] 70-410 Microsoft braindumps 271-285 (Mar 2016)

70-410 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

https://www.exambible.com/70-410-exam/

Product Description:
Exam Number/Code: 70-410
Exam name: Installing and Configuring Windows Server 2012
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Free Certification Real IT 70-410 Exam pdf Collection

Question No. 271

- (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a shared folder named Share1. Share1 contains the home folder of each user. 

All users have the necessary permissions to access only their home folder. 

The users report that when they access Share1, they can see the home folders of all the users. 

You need to ensure that the users see only their home folder when they access Share1. 

What should you do from Server1? 

A. From Windows Explorer, modify the properties of the volume that contains Share1. 

B. From Server Manager, modify the properties of the volume that contains Share1. 

C. From Server Manager, modify the properties of Share1. 

D. From Windows Explorer, modify the properties of Share1. 

Answer:


Question No. 272

- (Topic 3) 

You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed. 

You are running a training exercise for junior administrators. You are currently discussing the Virtual Fibre Channel SAN feature. 

Which of the following is TRUE with regards to the Virtual Fibre Channel SAN feature? (Choose all that apply.) 

A. It prevents virtual machines from connecting directly to Fibre Channel storage. 

B. It allows for virtual machines to connect to Fibre Channel storage directly. 

C. It includes support for virtual SANs, live migration, and multipath I/O. 

D. It includes support for virtual SANs, and live migration, but not multipath I/O. 

Answer: B,C 

Explanation: 

To gain the full benefits of server virtualization and cloud architectures, virtualized workloads need to connect easily and reliably to existing SANs. For many enterprise organizations, Hyper-V deployments were limited in scale and scope because they lacked the ability to directly connect VMs to Fibre Channel SAN storage from inside a VM. Hyper-V in Windows Server 2012 R2 now provides virtual Fibre Channel Host Bus Adapter (HBA) ports within the guest operating system that runs the virtual machine, connecting virtual machines directly to FibreChannel SAN Logical Unit Numbers (LUNs). Virtual Fibre Channel for Hyper-V provides several important advantages for Hyper-V environments: Simplifies storage connectivity for virtualized workloads to ultra-reliable, high-performance Fibre Channel SAN storage. Enables new solutions that require shared storage, such as failover clustering, live migration, andmultipath I/O. Leverages and protects existing investments in Fibre Channel storage? Enables advanced FC SAN storage functionality for VMs. Facilitates migration of FC workloads into the cloud. Enables improved monitoring and troubleshooting, with visibility from the VM to the FC SAN storage. Enables centralized management of Ethernet and FC-based virtualized workloads. Combining Virtual Fibre Channel for Hyper-V and the Brocade Fibre Channel SAN infrastructure greatly simplifies connectivity between Fibre Channel SAN storage and virtualized applications, enabling enterprise IT and hosting providers to achieve new levels of availability, reliability, and scalability for cloud-based services. You need your virtualized workloads to connect easily and reliably to your existing storage arrays. Windows Server 2012 R2 provides Fibre Channel ports within the guest operating system, which allows you to connect to Fibre Channel directly from within virtual machines. This feature protects your investments in Fibre Channel, enables you to virtualize workloads that use direct access to Fibre Channel storage, allows you to cluster guest operating systems over Fibre Channel, and provides an important new storage option for servers hosted in your virtualization infrastructure. With this Hyper-V virtual Fibre Channel feature, you can connect to Fibre Channel storage from within a virtual machine. This allows you to use your existing Fibre Channel investments to support virtualized workloads. Support for Fibre Channel in Hyper-V guests also includes support for many related features, such as virtual SANs, live migration, and MPIO. 


Question No. 273

- (Topic 3) 

Your infrastructure divided in 2 sites. You have a forest root domain and child domain. There is only one DC on site 2 with no FSMO roles. The link goes down to site 2 and no users can log on. What FSMO roles you need on to restore the access? 

A. Infrastructure master 

B. RID master 

C. Domain Naming master 

D. PDC Emulator 

Answer:

Explanation: 

D. The PDC emulator is used as a reference DC to double-check incorrect passwords and it also receives new password changes. PDC Emulator is the most complicated and least understood role, for it runs a diverse range of critical tasks. It is a domain-specific role, so exists in the forest root domain and every child domain. Password changes and account lockouts are immediately processed at the PDC Emulator for a domain, to ensure such changes do not prevent a user logging on as a result of multi-master replication delays, such as across Active Directory sites. 


Question No. 274

- (Topic 3) 

Your network contains an active directory forest. The forest functional level is Windows server 2012. The forest contains a single domain. The domain contains a member server named Server1 that runs Windows server 2012. You purchase a network scanner named Scanner1 that supports Web Services on Devices (WDS). You need to share the network scanner on Server1. 

Which server role should you install on Server1? 

A. Web Server (IIS) 

B. Fax Server 

C. File and Storage Services 

D. Print and Document Services 

Answer:

Explanation: 

Print and Document Services enables you to centralize print server and network printer tasks. With this role, you can also receive scanned documents from network scanners and route the documents to a shared network resource, Windows SharePoint Services site, or email addresses. Windows Server 2012 uses Web Services on Devices (WSD) technologies to integrate scanning devices into the system. 


Question No. 275

- (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named HVServer1. HVServer1 runs Windows Server 2012 and has the Hyper-V server role installed. HVServer1 hosts 10 virtual machines. All of the virtual machines connect to a virtual switch named Switch1. Switch1 is configured as a private network. All of the virtual machines have the DHCP guard and the router guard settings enabled. 

You install the DHCP server role on a virtual machine named Server 1. You authorize Server1 as a DHCP server in contoso.com. You create an IP scope. 

You discover that the virtual machines connected to Switch1 do not receive IP settings from Server1. 

You need to ensure that the virtual machines can use Server1 as a DHCP server. 

What should you do? 

A. Enable MAC address spoofing on Server1. 

B. Disable the DHCP guard on all of the virtual machines that are DHCP clients. 

C. Disable the DHCP guard on Server1. 

D. Enable single-root I/O virtualization (SR-IOV) on Server1. 

Answer:

Explanation: 

Private virtual networks are used where you want to allow communications between virtual machine to virtual machine on the same physical server in a block diagram, a private network is an internal network without a virtual NIC in the parent partition. A private network would commonly be used where you need complete isolation of virtual machines from external and parent partition traffic. DMZ workloads running on a leg of a trihomed firewall, or an isolated test domain are examples where this type of network may be useful. 


Question No. 276

- (Topic 2) 

You have a server that runs Windows Server 2012 R2. 

You need to create a volume that will remain online if two disks in the volume fail. 

The solution must minimize the number of disks used to create the volume. 

Which three actions should you perform in sequence? 

A. Add five physical disks 

B. Create a storage space and set the disk allocation of one of the disks to "Hot Spare" 

C. Create a virtual disk 

D. Create a storage space by using the default disk allocation 

E. Add three physical disks 

Answer: A,C,D 

Explanation: 

A storage space with three-way mirroring can tolerate two disk failures but requires a minimum of five disks. 

References: 

http://technet.microsoft.com/en-us/library/hh831739.aspx http://technet.microsoft.com/en-us/library/jj822938.aspx http://technet.microsoft.com/en-us/library/jj899886.aspx http://technet.microsoft.com/en-us/library/5de72fb5-e1e3-43a7-a176-d17cdf4d312e 


Question No. 277

- (Topic 3) 

You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed. 

Contoso.com has a Hyper-V server, named ENSUREPASS-SR13, which hosts multiple virtual machines. 

You have enabled the use of Single-root I/O virtualization. 

Which of the following is TRUE with regards to using Single-root I/O virtualization? (Choose all that apply.) 

A. It maximizes network throughput, while minimizing network latency. 

B. It maximizes network throughput, as well as network latency. 

C. It avoids the virtual switch stack and allows the virtual machine direct access to the actual network switch. 

D. It prevents the virtual machine from accessing the network switch directly. 

Answer: A,C 

Explanation: 

SR-IOV enables network traffic to bypass the software switch layer of the Hyper-V virtualizationstack. Because the VF is assigned to a child partition, the network traffic flows directly between the VF and child partition. As a result, the I/O overhead in the software emulation layer is diminished and achieves network performance that is nearly the same performance as in nonvirtualized environments. 


Question No. 278

- (Topic 3) 

You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed. 

You have just executed the Uninstall-WindowsFeature Server-Gui-Shell Contoso.com server, named ENSUREPASS-SR13. 

Which of the following is the reason for doing this? 

A. To only remove Windows Explorer from ENSUREPASS-SR13. 

B. To only remove the Windows Internet Explorer from ENSUREPASS-SR13. 

C. To only remove the components and files related to Windows Explorer from ENSUREPASSSR13. 

D. To remove Windows Explorer, Windows Internet Explorer, and all associated components and files from ENSUREPASS-SR13. 

Answer:

Explanation: 

Minimal Server Interface If the server has a full installation of Windows Server, and I need to bring the server down to minimal server interface, I only need to remove the Server-GUI-Shell. The command is shown here. Get-WindowsFeature Server-Gui-Shell | Uninstall-WindowsFeature – restart Minimal Server Interface is situated between the Server Core and Server with a GUI modes, you can either install features on Server Core or remove features from Server with a GUI to reach the Minimal Server Interface installation state. 


Question No. 279

DRAG DROP - (Topic 3) 

You have a Hyper-V host named Server1. A technician creates a virtual machine named 

VM1 on Server1 by using the New Virtual Machine Wizard. 

You start VM1 and you discover that there is no option to start by using PXE. 

You need to ensure that you can start VM1 by using PXE. 

Which three actions should you perform in sequence? (To answer, move the appropriate 

three actions from the list of actions to the answer area and arrange them in the correct 

order.) 


Answer: 



Question No. 280

- (Topic 3) 

Your network contains an Active Directory domain named contoso.com. 

All servers run Windows Server 2012 R2. 

An application named Appl.exe is installed on all client computers. Multiple versions of Appl.exe are installed on different client computers. Appl.exe is digitally signed. 

You need to ensure that only the latest version of Appl.exe can run on the client computers. 

What should you create? 

A. An application control policy packaged app rule 

B. A software restriction policy certificate rule 

C. An application control policy Windows Installer rule 

D. An application control policy executable rule 

Answer:

Explanation: 

A. A publisher rule for a Packaged app is based on publisher, name and version B. You can create a certificate rule that identifies software and then allows or does not allow the software torun, depending on the security level. 

C. For .msi or .msp 

D. Executable Rules, for .exe and can be based on Publisher, Product name, filename and version. Use Certificate Rules on Windows Executables for Software Restriction Policies This security setting determines if digital certificates are processed when a user or process attempts to run software with an .exe file name extension. This security settings is used to enable or disable certificate rules, a type of software restriction policies rule. With software restriction policies, you can create a certificate rule that will allow or disallow software that is signed by Authenticode to run, based on the digital certificate that is associated with the software. In order for certificate rules to take effect, you must enable this security setting. When certificate rules are enabled, software restriction policies will check a certificate revocation list (CRL) to make sure the software’s certificate and signature are valid. This may decrease performance when start signed programs. You can disable this feature. On Trusted Publishers Properties, clear the Publisher and Timestampcheck boxes. 


Question No. 281

- (Topic 3) 

Your network contains an Active Directory domain named adatum.com. The computer accounts for all member servers are located in an organizational unit (OU) named Servers. You link a Group Policy object (GPO) to the Servers OU. 

You need to ensure that the domain’s Backup Operators group is a member of the local Backup Operators group on each member server. The solution must not remove any groups from the local Backup Operators groups. 

What should you do? 

A. Add a restricted group named adatum\Backup Operators. Add Backup Operators to the This group is a member of list. 

B. Add a restricted group named adatum\Backup Operators. Add Backup Operators to the Members of this group list. 

C. Add a restricted group named Backup Operators. Add adatum\Backup Operators to the This group is a member of list. 

D. Add a restricted group named Backup Operators. Add adatum\Backup Operators to the Members of this group list. 

Answer:


Question No. 282

- (Topic 1) 

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2. 

The domain contains a user named User1 and a global security group named Group1. 

User1 logs on to a client computer named Computer1. 

You need to disable the computer account of Computer1. 

Which cmdlet should you run? 

A. Add-AdPrincipalGroupMember.hip 

B. Install-AddsDomainController 

C. Install WindowsFeature 

D. Install AddsDomain 

E. Roname-AdObject 

F. Set-AdAccountControl 

G. Set-AdGroup 

H. Set-User 

Answer:

Explanation: 

Set-ADAccountControl Enabled Specifies if an account is enabled. An enabled account requires a password. This parameter sets the Enabled property for an account object. This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory User Account Control (UAC) attribute. Possible values for this parameter include: $false or 0 $true or 1 The following example shows how to set this parameter to enable the account. -Enabled $true 


Question No. 283

- (Topic 3) 

You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers in the ABC.com domain, including domain controllers, have Windows Server 2012 R2 installed. 

ABC.com has a domain controller, named ABC-DC01, which contains the ABC.com domain’s primary DNS zone. ABC.com’s workstations refer to ABC-DC01 as their primary DNS server. 

You have been instructed to make sure that any DNS requests that are not for the ABC.com domain, is resolved by ABC-DC01 querying the DNS server of ABC.com’s Internet Service Provider (ISP). 

Which of the following actions should you take? 

A. You should consider configuring a reverse lookup zone. 

B. You should consider configuring forward lookup zone. 

C. You should consider configuring Forwarders. 

D. You should consider configuring 019 IP Layer Forwarding. 

Answer:

Explanation: 

A forwarder is a Domain Name System (DNS) server on a network that forwards DNS queries for external DNS names to DNS servers outside that network. You can also forward queries according to specific domain names using conditional forwarders. You designate a DNS server on a network as a forwarder by configuring the other DNS servers in the network to forward the queries that they cannot resolve locally to that DNS server. By using a forwarder, you can manage name resolution for names outside your network, such as names on the Internet, and improve the efficiency of name resolution for the computers in your network. 


Question No. 284

- (Topic 3) 

Your network contains an Active Directory domain named contoso.com. 

You have a Group Policy object (GPO) named GPO1 that contains several user settings. 

GPO1 is linked to an organizational unit (OU) named OU1. 

The help desk reports that GPO1 applies to only some of the users in OU1. 

You open Group Policy Management as shown in the exhibit. (Click the Exhibit button.) 


You need to configure GPO1 to apply to all of the users in OU1. 

What should you do? 

A. Modify the Security settings of GPO1. 

B. Disable Block Inheritance on OU1. 

C. Modify the GPO status of GPO1. 

D. Enforce GPO1. 

Answer:

Explanation: 

Inheritance is blocked, but that would only affect policies applied ABOVE the given OU, not 

the one applied directly to it (as is the case with GPO1). Also Enforcing a policy is only going to cause it to be applied even when inheritance is blocked (which, as mentioned, does not make a difference on policies which are directly linked to the OU as a child). That means that there must be something in the security settings (such as a Security Group which does not have the “read” or “Apply group policy” permission) preventing ALL of the users in OU1 from having the policy applied. (GPO status is the status of its replication within the forest, so it is not relevant here.) 


Question No. 285

- (Topic 1) 

Your network contains an Active Directory domain named contoso.com. The domain contains an organizational unit (OU) named OU1. 

You need to ensure that when new client computers join the domain, their computer accounts are created in OU1 by default. 

What should you do? 

A. From Windows PowerShell, run the Move-ADObjectcmdlet. 

B. From a command prompt, run the redircmp.exe command. 

C. From ADSI Edit, configure the properties of the OU1 object. 

D. From Ldp, configure the properties of the Computers container. 

Answer:

Explanation: 

Redirects the default container for newly created computers to a specified, target organizational unit (OU) so that newly created computer objects are created in the specific target OU instead of in CN=Computers. The CN=Computers container is a computer-protected object. For backward compatibility reasons, you cannot (and must not) remove it. 

: http://technet.microsoft.com/en-us/library/cc770619.aspx