12 tips on How to 70-411 Test Like a Badass [121 to 132]

70-411 Royal Pack Testengine pdf

100% Actual & Verified — 100% PASS

Unlimited access to the world's largest Dumps library! Try it Free Today!

https://www.exambible.com/70-411-exam/

Product Description:
Exam Number/Code: 70-411
Exam name: Administering Windows Server 2012
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Free Certification Real IT 70-411 Exam pdf Collection

Pinpoint of 70-411 free download materials and testing software for Microsoft certification for consumer, Real Success Guaranteed with Updated 70-411 pdf dumps vce Materials. 100% PASS Administering Windows Server 2012 exam Today!

2016 May 70-411 Study Guide Questions:

Q121. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. 

You view the effective policy settings of Server1 as shown in the exhibit. (Click the Exhibit button.) 


On Server1, you have a folder named C:\Share1 that is shared as Share1. Share1 contains confidential data. A group named Group1 has full control of the content in Share1. 

You need to ensure that an entry is added to the event log whenever a member of Group1 deletes a file in Share1. 

What should you configure? 

A. the Audit File Share setting of Servers GPO 

B. the Sharing settings of C:\Share1 

C. the Audit File System setting of Servers GPO 

D. the Security settings of C:\Share1 

Answer: D 

Explanation: 

You can use Computer Management to track all connections to shared resources on a Windows Server 2008 R2 system. 

Whenever a user or computer connects to a shared resource, Windows Server 2008 R2 lists a connection in the Sessions node. 

File access, modification and deletion can only be tracked, if the object access auditing is enabled you can see the entries in the event log. 

To view connections to shared resources, type net session at a command prompt or follow these steps: 

In Computer Management, connect to the computer on which you created the shared resource. 

In the console tree, expand System Tools, expand Shared Folders, and then select Sessions. You can now view connections to shares for users and computers. 

To enable folder permission auditing, you can follow the below steps: 

Click start and run "secpol. msc" without quotes. 

Open the Local Policies\Audit Policy 

Enable the Audit object access for "Success" and "Failure". 

Go to target files and folders, right click the folder and select properties. 

Go to Security Page and click Advanced. 


Click Auditing and Edit. 

Click add, type everyone in the Select User, Computer, or Group. 

Choose Apply onto: This folder, subfolders and files. 

Tick on the box “Change permissions” 

Click OK. 


After you enable security auditing on the folders, you should be able to see the folder permission changes in the server's Security event log. Task Category is File System. 

References: 

http: //social. technet. microsoft. com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-8014-f2eb10f3f10f/ 

http: //technet. microsoft. com/en-us/library/cc753927(v=ws. 10). aspx 

http: //social. technet. microsoft. com/Forums/en-US/winservergen/thread/13779c78-0c73-4477-8014-f2eb10f3f10f/ 

http: //support. microsoft. com/kb/300549 

http: //www. windowsitpro. com/article/permissions/auditing-folder-permission-changes 

http: //www. windowsitpro. com/article/permissions/auditing-permission-changes-on-a-folder 


Q122. Your network contains an Active Directory domain named contoso.com. The domain 

contains a RADIUS server named Server1 that runs Windows Server 2012 R2. 

You add a VPN server named Server2 to the network. 

On Server1, you create several network policies. 

You need to configure Server1 to accept authentication requests from Server2. 

Which tool should you use on Server1? 

A. Server Manager 

B. Routing and Remote Access 

C. New-NpsRadiusClient 

D. Connection Manager Administration Kit (CMAK) 

Answer: C 

Explanation: 

New-NpsRadiusClient -Name "NameOfMyClientGroup" -Address "10.1.0.0/16" -AuthAttributeRequired 0 -NapCompatible 0 -SharedSecret "SuperSharedSecretxyz" -VendorName "RADIUS Standard" 



Reference: 

http: //technet. microsoft. com/en-us/library/hh918425(v=wps. 620). aspx 

http: //technet. microsoft. com/en-us/library/jj872740(v=wps. 620). aspx 

http: //technet. microsoft. com/en-us/library/dd469790. aspx 


Q123. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Network Policy Server role service installed. 

An administrator creates a Network Policy Server (NPS) network policy named Policy1. You need to ensure that Policy1 applies to L2TP connections only. 

Which condition should you modify? 

To answer, select the appropriate object in the answer area. 


Answer: 



Q124. You have a server named Server1 that runs Windows Server 2012 R2. 

You discover that the performance of Server1 is poor. 

The results of a performance report generated on Server1 are shown in the following table. 


You need to identify the cause of the performance issue. 

What should you identify? 

A. Driver malfunction 

B. Insufficient RAM 

C. Excessive paging 

D. NUMA fragmentation 

Answer: A 

Explanation: 

Processor: %DPC Time. Much like the other values, this counter shows the amount of time that the processor spends servicing DPC requests. DPC requests are more often than not associated with the network interface. 

Processor: % Interrupt Time. This is the percentage of time that the processor is spending on handling Interrupts. Generally, if this value exceeds 50% of the processor time you may have a hardware issue. Some components on the computer can force this issue and not really be a problem. For example a programmable I/O card like an old disk controller card, can take up to 40% of the CPU time. A NIC on a busy IIS server can likewise generate a large percentage of processor activity. 

Processor: % User Time. The value of this counter helps to determine the kind of processing that is affecting the system. Of course the resulting value is the total amount of non-idle time that was spent on User mode operations. This generally means application code. 

Processor: %Privilege Time. This is the amount of time the processor was busy with Kernel mode operations. If the processor is very busy and this mode is high, it is usually an indication of some type of NT service having difficulty, although user mode programs can make calls to the Kernel mode NT components to occasionally cause this type of performance issue. 

Memory: Pages/sec. This value is often confused with Page Faults/sec. The Pages/sec counter is a combination of Pages Input/sec and Pages Output/sec counters. Recall that 

Page Faults/sec is a combination of hard page faults and soft page faults. This counter, however, is a general indicator of how often the system is using the hard drive to store or retrieve memory associated data. 

References: 

http: //technet. microsoft. com/en-us/library/cc768048. aspx 


70-411

Rebirth 70-411 free practice questions:

Q125. Your network contains two Active Directory forests named contoso.com and adatum.com. 

All domain controllers run Windows Server 2012 R2. 

The adatum.com domain contains a Group Policy object (GPO) named GPO1. An administrator from adatum.com backs up GPO1 to a USB flash drive. You have a domain controller named dc1.contoso.com. You insert the USB flash drive in 

dc1.contoso.com. 

You need to identify the domain-specific reference in GPO1. 

What should you do? 

A. From the Migration Table Editor, click Populate from Backup. 

B. From Group Policy Management, run the Group Policy Modeling Wizard. 

C. From Group Policy Management, run the Group Policy Results Wizard. 

D. From the Migration Table Editor, click Populate from GPO. 

Answer: A 


Q126. Your network contains 25 Web servers that run Windows Server 2012 R2. 

You need to configure auditing policies that meet the following requirements: 

. Generate an event each time a new process is created. 

. Generate an event each time a user attempts to access a file share. 

Which two auditing policies should you configure? To answer, select the appropriate two auditing policies in the answer area. 

A. Audit access management (Not Defined) 

B. Audit directory service access (Not Defined) 

C. Audit logon events (Not Defined) 

D. Audit Object (Not Defined) 

E. Audit policy change(Not Defined) 

F. Audit privilege use (Not Defined) 

G. Audit process tracking (Not Defined) 

H. Audit system events(Not Defined) 

Answer: D,G 

Explanation: * Audit Object Access 

Determines whether to audit the event of a user accessing an object (for example, file, folder, registry key, printer, and so forth) which has its own system access control list (SACL) specified. 

* Audit Process Tracking 

Determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. 

Reference: Audit object access 

https://technet.microsoft.com/en-us/library/cc976403.aspx 

Reference: Audit Process Tracking 

https://technet.microsoft.com/en-us/library/cc976411.aspx 


Q127. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. 

A local account named Admin1 is a member of the Administrators group on Server1. 

You need to generate an audit event whenever Admin1 is denied access to a file or folder. 

What should you run? 

A. auditpol.exe /set /userradmin1 /failure: enable 

B. auditpol.exe /set /user: admin1 /category: "detailed tracking" /failure: enable 

C. auditpol.exe /resourcesacl /set /type: file /user: admin1 /failure 

D. auditpol.exe /resourcesacl /set /type: key /user: admin1 /failure /access: ga 

Answer: C 

Explanation: 

http: //technet. microsoft. com/en-us/library/ff625687. aspx 

To set a global resource SACL to audit successful and failed attempts by a user to perform 

generic read and write functions on files or folders: 

auditpol /resourceSACL /set /type: File /user: MYDOMAINmyuser /success /failure /access: 

FRFW 

http: //technet.microsoft.com/en-us/library/ff625687%28v=ws.10%29.aspx 

Syntax 

auditpol /resourceSACL 

[/set /type: <resource> [/success] [/failure] /user: <user> [/access: <access flags>]] 

[/remove /type: <resource> /user: <user> [/type: <resource>]] 

[/clear [/type: <resource>]] 

[/view [/user: <user>] [/type: <resource>]] 

References: 

http: //technet. microsoft. com/en-us/library/ff625687%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/ff625687%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/ff625687. aspx 

http: //technet. microsoft. com/en-us/library/ff625687%28v=ws. 10%29. aspx 


Q128. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. 

Each time a user receives an access-denied message after attempting to access a folder on Server1, an email notification is sent to a distribution list named DLL. 

You create a folder named Folder1 on Server1, and then you configure custom NTFS permissions for Folder1. 

You need to ensure that when a user receives an access-denied message while attempting to access Folder1, an email notification is sent to a distribution list named DL2. The solution must not prevent DL1 from receiving notifications about other access-denied messages. 

What should you do? 

A. From the File Server Resource Manager console, create a local classification property. 

B. From Server Manager, run the New Share Wizard to create a share for Folder1 by selecting the SMB Share - Applications option. 

C. From the File Server Resource Manager console, modify the Access-Denied Assistance settings. 

D. From the File Server Resource Manager console, set a folder management property. 

Answer: D 


70-411-exam

100% Guarantee 70-411 pdf:

Q129. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains 500 client computers that run Windows 8.1 Enterprise and Microsoft Office 2013. 

You implement a Group Policy central store. 

You need to modify the default Microsoft Office 2013 Save As location for all client computers. The solution must minimize administrative effort. 

What should you configure in a Group Policy object (GPO)? 

A. The Group Policy preferences 

B. An application control policy 

C. The Administrative Templates 

D. The Software Installation settings 

Answer: A 

Explanation: 

Group Policy preferences provide the means to simplify deployment and standardize configurations. They add to Group Policy a centralized system for deploying preferences (that is, settings that users can change later). You can also use Group Policy preferences to configure applications that are not Group Policy-aware. By using Group Policy preferences, you can change or delete almost any registry setting, file or folder, shortcut, and more. You are not limited by the contents of Administrative Template files. 

: http://technet.microsoft.com/en-us/library/dn581922.aspx 


Q130. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Windows Server Update Services server role installed. 

Server1 stores update files locally in C:\Updates. 

You need to change the location in which the update files are stored to D:\Updates. 

What should you do? 

A. From the Update Services console, run the Windows Server Update Services Configuration Wizard. 

B. From a command prompt, run wsusutil.exe and specify the movecontent parameter. 

C. From the Update Services console, configure the Update Files and Languages option. 

D. From a command prompt, run wsusutil.exe and specify the export parameter. 

Answer: B 

Explanation: 

You might need to change the location where WSUS stores updates locally. This might be required if the disk becomes full and there is no longer any room for new updates. You might also have to do this if the disk where updates are stored fails and the replacement disk uses a new drive letter. You accomplish this move with the movecontent command of WSUSutil.exe, a command-line tool that is copied to the file system of the WSUS server during WSUS Setup. By default, Setup copies WSUSutil.exe to the following location: WSUSInstallationDrive:\Program Files\Microsoft Windows Server Update Services\Tools\ 


Q131. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2. You enable the EventLog-Application event trace session. 

You need to set the maximum size of the log file used by the trace session to 10 MB. From which tab should you perform the configuration? To answer, select the appropriate tab in the answer area. 


Answer: 



Q132. Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The functional level of both the domain and the forest is Windows Server 2008 R2. 

The domain contains a domain-based Distributed File System (DFS) namespace that is configured as shown in the exhibit. (Click the Exhibit button.) 


You need to enable access-based enumeration on the DFS namespace. 

What should you do first? 

A. Raise the domain functional level. 

B. Raise the forest functional level. 

C. Install the File Server Resource Manager role service on Server3 and Server5. 

D. Delete and recreate the namespace. 

Answer: D 

Explanation: 

Access-based enumeration is only supported on a Domain-based Namespace in Windows Server 2008 Mode. This type of Namespace requires a minimum Windows Server 2003 forest functional level and a minimum Windows Server 2008 domain functional level. 

The exhibit indicates that the current namespace is a Domain-based Namespace in Windows Server 2000 Mode. To migrate a domain-based namespace from Windows 2000 Server mode to Windows Server 2008 mode, you must export the namespace to a file, delete the namespace, recreate it in Windows Server 2008 mode, and then import the namespace settings. 

http://msdn.microsoft.com/en-us/library/cc770287.aspx http://msdn.microsoft.com/en-us/library/cc753875.aspx 



see more http://www.pdfcollection.net/70-411-pdf.html
http://www.exambible.com/70-411-exam/