All of the Microsoft 70-410 exam questions and answers tend to be given a careful revision. Almost all of the test-takers that have got through the 70-410 exam speak extremely of the Microsoft training materials. So, it is possible to believe inside our Microsoft 70-410 products. Obviously, you can claim your full money back should you fail in the Microsoft Microsoft examination. If you come across any troubles through the studying, you can consult our on the internet help. Your own satisfaction and achievement is the main objective. Thanks to your attention.

2021 Mar 70-410 test questions

Q11. - (Topic 3) 

You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed. 

Contoso.com has a server, named ENSUREPASS-SR15, which is configured as a file server. 

You have received instructions to make sure that a user, named Mia Hamm, has the ability to generate a complete backup of ENSUREPASS-SR15 via Windows Server Backup. 

Which of the following actions should you take? 

A. You should consider making use of Computer Management to configure the local groups. 

B. You should consider making use of Computer Management to configure the domain local groups. 

C. You should consider making use of Computer Management to configure the global groups. 

D. You should consider making use of Computer Management to configure the administrator groups. 

Answer:

Explanation: 

To perform backups or recoveries by using Windows Server Backup, you must be a 

member of the Administrators or Backup Operators groups. 

You can only use Backup locally; you cannot backup a remote computer. 

You can only back up and restore System State data on a local computer. You cannot back 

up and restore System State data on a remote computer even if you are an administrator 

on the remote computer. 


Q12. - (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain 

contains a server named Server1. Server1 runs Windows Server 2012 R2. 

An administrator creates a security template named Template1. 

You need to apply Template1 to Server1. 

Which snap-in should you use? 

A. Resultant Set of Policy 

B. Security Configuration and Analysis 

C. Authorization Manager 

D. Security Templates 

Answer:

Explanation: 

The Security Configuration and Analysis tool contains the Local Security Policy snap-in that is used to apply templates. 

References: 

http://technet.microsoft.com/en-us/library/bb742512.aspx http://technet.microsoft.com/en-us/library/cc739442%28v=WS.10%29.aspx 


Q13. - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. 

An organizational unit (OU) named OU1 contains user accounts and computer accounts. 

A Group Policy object (GPO) named GP1 is linked to the domain.GP1 contains Computer Configuration settings and User Configuration settings. 

You need to prevent the User Configuration settings in GP1 from being applied to users. The solution must ensure that the Computer Configuration settings in GP1 are applied to all client computers. 

What should you configure? 

A. The GPO Status 

B. The Block Inheritance feature 

C. The Group Policy loopback processing mode 

D. The Enforced setting 

Answer:

Explanation: 

A loopback with merge option needs to be used. 


Q14. - (Topic 3) 

You have a print server named Server1. 

You install a printer on Server1. You share the printer as Printer1. 

You need to configure Printer1 to be available only from 19:00 to 05:00 every day. 

Which settings from the properties of Printer1 should you modify? 

A. Sharing 

B. Security 

C. Advanced 

D. Device Settings 

E. Ports 

Answer:

Explanation: 

When navigating to the printer properties, the Properties tab is divided into several different tabs of which the Advanced tab will give you access to the scheduling where you can configure the availability of the printer. 

: http://technet.microsoft.com/en-us/library/cc722526.aspx 


Q15. - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. 

You install Windows Server 2012 R2 on a new server named Server1 and you join Server1 to the domain. 

You need to ensure that you can view processor usage and memory usage information in Server Manager. 

What should you do? 

A. From Server Manager, click Configure Performance Alerts. 

B. From Performance Monitor, create a Data Collector Set (DCS). 

C. From Performance Monitor, start the System Performance Data Collector Set (DCS). 

D. From Server Manager, click Start Performance Counters. 

Answer:

Explanation: 

You should navigate to the Server Manager snap-in and there click on All Servers, and then Performance Counters. The Performance Counters, when started can be set to collect and display data regarding processor usage, memory usage, amongst many other resources like disk-related and security related data, that can be monitored. 

: http://technet.microsoft.com/en-us/library/bb734903.aspx 


Most up-to-date 70-410 practice test:

Q16. HOTSPOT - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. 

You create a windows PowerShell script named Scriptl.psl that contains the following configuration: 

You need to apply the configuration to Server1. The solution must ensure that the configuration on Server1 can be updated by modifying a MOF file on Server2. 

Which actions should you perform on each server? 

To answer, select the appropriate server on which to perform each action in the answer area. 

Answer: 


Q17. DRAG DROP - (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and is configured as the only domain controller. 

You need to retrieve a list of all the user accounts. The list must include the last time each user was authenticated successfully. 

Which Windows PowerShell command should you run? 

To answer, drag the appropriate cmdlet or property to the correct locations to complete the PowerShell command in the answer area. Each cmdlet or property may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 


Q18. - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

You create and enforce the default AppLocker executable rules. 

Users report that they can no longer execute a legacy application installed in the root of drive C. 

You need to ensure that the users can execute the legacy application. 

What should you do? 

A. Create a new rule. 

B. Delete an existing rule. 

C. Modify the action of the existing rules. 

D. Add an exception to the existing rules. 

Answer:

Explanation: 

AppLocker is a feature that advances the functionality of the Software Restriction Policies 

feature. AppLocker contains new capabilities and extensions that reduce administrative 

overhead and help administrators control how users can access and use files, such as 

executable files, scripts, Windows Installer files, and DLLs. By using AppLocker, you can: 

Define rules based on file attributes that persist across application updates, such as the 

publisher name (derived from the digital signature), product name, file name, and file 

version. You can also create rules based on the file path and hash. 

Assign a rule to a security group or an individual user. 

Create exceptions to rules. For example, you can create a rule that allows all users to run 

all Windows binaries except the Registry Editor (Regedit.exe). 

Use audit-only mode to deploy the policy and understand its impact before enforcing it. . 

Create rules on a staging server, test them, export them to your production environment, 

and then import them into a Group Policy Object. 

Simplify creating and managing AppLocker rules by using Windows PowerShell cmdlets for 

AppLocker. 

AppLocker default rules 

AppLocker allows you to generate default rules for each of the rule types. 

Executable default rule types: 

Allow members of the local Administrators group to run all applications. Allow members of the Everyone group to run applications that are located in the Windows folder. Allow members of the Everyone group to run applications that are located in the Program Filesfolder. Windows Installer default rule types: Allow members of the local Administrators group to run all Windows Installer files. Allow members of the Everyone group to run digitally signed Windows Installer files. Allow members of the Everyone group to run all Windows Installer files located in the Windows\Installer folder. Script default rule types: Allow members of the local Administrators group to run all scripts. Allow members of the Everyone group to run scripts located in the Program Files folder. Allow members of the Everyone group to run scripts located in the Windows folder. DLL default rule types: (this on can affect system performance ) Allow members of the local Administrators group to run all DLLs. Allow members of the Everyone group to run DLLs located in the Program Files folder. Allow members of the Everyone group to run DLLs located in the Windows folder. You can apply AppLocker rules to individual users or to a group of users. If you apply a rule to a group of users, all users in that group are affected by that rule. If you need to allow a subset of a user group to use an application, you can create a special rule for that subset. For example, the rule “Allow Everyone to run Windows except Registry Editor” allows everyone in the organization to run the Windows operating system, but it does not allow anyone to run Registry Editor. The effect of this rule would prevent users such as Help Desk personnel from running a program that is necessary for their support tasks. To resolve this problem, create a second rule that applies to the Help Desk user group: “Allow Help Desk to run Registry Editor.” If you create a deny rule that does not allow any users to run Registry Editor, the deny rule will override the second rule that allows the Help Desk user group to run Registry Editor. 


Q19. - (Topic 1) 

Your network contains an Active Directory domain named contoso.com. You have a DHCP server named Server1 that runs Windows Server 2008. 

You install Windows Server 2012 R2 on a server named Server2. You install the DHCP Server server role on Server2. 

You need to migrate the DHCP services from Server1 to Server2. The solution must meet the following requirements: 

. Ensure that existing leases are migrated. 

. Prevent lease conflicts. 

Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.) 

A. On Server1, run the Export-DhcpServer cmdlet. 

B. On Server1, run the Stop-Service cmdlet. 

C. On Server2, run the Receive-SmigServerData cmdlet. 

D. On Server2, run the Stop-Service cmdlet. 

E. On Server2, run the Import-DhcpServer cmdlet. 

F. On Server1, run the Send-SmigServerData cmdlet. 

Answer: A,B,E 


Q20. - (Topic 2) 

Your network contains a file server named Server1 that runs Windows Server 2012 R2.All client computers run Windows 8. 

You need to ensure that when users are connected to the network, they always use local offline files that are cached from Server1. 

Which Group Policy setting should you configure? 

A. Configure slow-link mode. 

B. Configure Slow link speed 

C. Enable file synchronization on costed networks 

D. Turn on economical application of Administratively assigned Offline Files. 

Answer:

Explanation: 

A. Offline Files to provide faster access to cached files and redirected folders. 

B. Defines a slow connection for purposes of Applying and updating Group Policy. 

C. automatically tracks roaming and bandwidth usage limits while on metered connections 

D. Lists network files and folders that are always available for offline use. This policy makes the specified files and folders available offline to users of the computer. When Offline Files is operating in the slow-link mode, all network file requests are satisfied from the OfflineFiles cache. This is similar to a user working offline. If you enable this policy setting, Offline Files uses the slow-link mode if the network throughput between the client and the server is below (slower than) the Throughput threshold parameter, or if the round-trip network latency is above (slower than) the Latency threshold parameter.