From the learning process standpoint, countless Microsoft Authentication conduct this ??two within one?¡¥ means of incorporating training corporation in addition to evaluating corporation along. The particular temptations associated with settlement attracts some peoples consideration many non-computer people force in buying it so that Microsoft qualification a little more and many more preferred. On the other hand, various Microsoft certificates start a ill effect. When a higher education scholar offers all types of Microsoft records towards employer, he could obtain the recognition, having a suspicious glance.

2021 Mar 70-410 test question

Q261. HOTSPOT - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. The domain contains 25 servers. All servers run Windows Server 2012 R2. 

You need to create a Windows Firewall rule to prevent administrators from using Internet Explorer to access the Internet while they are logged on interactively to the servers. The solution must not prevent administrators from accessing websites on the internal network. 

How should you configure the rule? 

To answer, select the appropriate options in the answer area. 

Answer: 


Q262. - (Topic 3) 

Your network contains one Active Directory domain named contoso.com. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01. 

You plan to deploy a child domain for contoso.com in Microsoft Azure. 

To the Azure subscription, you add several virtual machines that have a Server Core installation of Windows Server 2012 R2. 

You need to create the new domain on one of the virtual machines. 

Which tool should you use? 

A. the ntdsutil command 

B. the Set-ADDomain cmdlet 

C. the Install-ADDSDomain cmdlet 

D. the dsadd command 

E. the dsamain command 

F. the dsmgmt command 

G. the net user command 

H. the Set-ADForest cmdlet 

Answer:

Explanation: The Install-ADDSDomain cmdlet installs a new Active Directory domain configuration. 

https://technet.microsoft.com/en-us/library/hh974722(v=wps.630).aspx 


Q263. - (Topic 3) 

Your network contains one Active Directory domain named contoso.com. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01. 

You have a domain controller named DC5 that has the Server Graphical Shell disabled. 

You create an organizational unit (OU) named OU1. 

From DC5, you need to create 50 new user accounts in OU1. 

Which tool should you use? 

A. the ntdsutil command 

B. the Set-ADDomain cmdlet 

C. the Install-ADDSDomain cmdlet 

D. the dsadd command 

E. the dsamain command 

F. the dsmgmt command 

G. the net user command 

H. the Set-ADForest cmdlet 

Answer:

Explanation: Net user adds or modifies user accounts, or displays user account information. 

Reference: Net User Command for Windows Server 2012 (R2) 

http://www.isunshare.com/windows-2012/net-user-command-for-windows-server-2012-r2.html 


Q264. HOTSPOT - (Topic 3) 

You run a Windows 2012 and implementing 3 new printers in a warehouse. You need to makean exclusion forthese IP addresses within DHCP server. 

Select the location where would configure at the DHCP console? 

Answer: 


Q265. - (Topic 3) 

You run a Windows 2012 R2 Hyper-V Role Server, you need to shrink the size of files.vhd (200GB). 

Using the Edit Virtual Disk Wizard what option should you choose? 

A. Compact 

B. Shrink 

C. Resize 

D. Convert 

Answer:

Explanation: 

After converting a dynamically expanding VHD to the VHDX format, a new Shrink menu 

option becomes available in the Hyper-V UI as shown. 

VHDX format VHDs only expose the Shrink option when there is free space in the VHDX 

file to reclaim. 


Down to date 70-410 download:

Q266. - (Topic 2) 

Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains one domain. A two-way forest trust exists between the forests. 

The forests use the address spaces shown in the following table. 

From a computer in the contoso.com domain, you can perform reverse lookups for the servers in the contoso.com domain, but you cannot perform reverse lookups for the servers in the adatum.com domain. 

From a computer in the adatum.com domain, you can perform reverse lookups for the servers in both domains. 

You need to ensure that you can perform reverse lookups for the servers in the adatum.com domain from the computers in the contoso.com domain. 

What should you create? 

A. A trust point 

B. A GlobalNames zone 

C. A delegation 

D. A conditional forwarder 

Answer:

Explanation: 

Conditional forwarders are DNS servers that only forward queries for specific domain names. Instead of forwarding all queries it cannot resolve locally to a forwarder, a conditional forwarder is configured to forward a query to specific forwarders based on the domain name contained in the query. Forwarding according to domain names improves conventional forwarding by adding a name-based condition to the forwarding process. The conditional forwarder setting for a DNS server consists of the following: The domain names for which the DNS server will forward queries. One or more DNS server IP addresses for each domain name specified. When a DNS client or server performs a query operation against a DNS server, the DNS server looks to see if the query can be resolved using its own zone data or the data stored in its cache. If the DNS server is configured to forward for the domain name designated in the query, then the query is forwarded to the IP address of a forwarder associated with the domain name. For example, in the following figure, each of the queries for the domain names is forwarded to a DNS server associated with the domain name. 

: http://technet.microsoft.com/en-us/library/cc757172(v=ws.10).aspx 


Q267. - (Topic 3) 

You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed. 

You have been instructed to add a new domain controller to Contoso.com’s existing environment. 

Which of the following actions should you take? 

A. You should consider making use of Server Manager. 

B. You should consider making use of Authorization Manager. 

C. You should consider making use of Remote Desktop Gateway Manager. 

D. You should consider making use of Network Load Balancing Manager. 

Answer:


Q268. - (Topic 3) 

A company’s server security team needs a solution that will prevent users from installing and using unauthorized applications on their Windows 8 desktop computers. 

Which technology should the team choose? 

A. Starter GPOs 

B. Group Policy Objects 

C. Software Restriction Policies 

D. AppLocker 

Answer:

Explanation: 

AppLocker (Application Locker) can help prevent malicious (malware) and unsupported 

applications from affecting computers. These include executable files, scripts, Windows 

Installer files, DLLs, Packaged apps and Packaged app installers. 

Quick Tip: AppLocker is also supported by Windows Server 2008 R2 and Windows 7. 


Q269. - (Topic 3) 

You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed. 

You are running a training exercise for junior administrators. You are currently discussing Group Policy preference. 

Which of the following is TRUE with regards to Group Policy preference? 

A. It supports applications and operating system features that are not compatible with Group Policy 

B. It does not support item-level targeting. 

C. It is the same as Group Policy filtering. 

D. It does not cause the application or operating system feature to disable the user interface for the settings they configure. 

Answer: A,D 


Q270. - (Topic 3) 

You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed. 

You are running a training exercise for junior administrators. You are currently discussing connection security rules. 

Which of the following is TRUE with regards to connection security rules? (Choose all that apply.) 

A. Connection security rules allows for traffic to be secured via IPsec. 

B. Connection security rules do not allow the traffic through the firewall. 

C. Connection security rules are applied to programs or services. 

D. Connection security rules are applied between two computers. 

Answer: A,B,D 

Explanation: 

Connection security involves the authentication of two computers before they begin communications and the securing of information sent between two computers. Windows Firewall with Advanced Security uses Internet Protocol security (IPsec) to achieve connection security by using key exchange, authentication, data integrity, and, optionally, data encryption. How firewall rules and connection security rules are related Firewall rules allow traffic through the firewall, but do not secure that traffic. To secure traffic with IPsec, you can create Computer Connection Security rules. However, the creation of a connection security rule does not allow the traffic through the firewall. You must create a firewall rule to do this, if the traffic is not allowed by the default behavior of the firewall. Connection security rules are not applied to programs or services; they are applied between the computers that make up the two endpoints.