Cause all that matters here is passing the Microsoft exam ref 70 411 exam. Cause all that you need is a high score of exam 70 411 Administering Windows Server 2012 exam. The only one thing you need to do is downloading Actualtests 70 411 vce exam study guides now. We will not let you down with our money-back guarantee.
Q11. Your network contains two servers named Served and Server 2. Both servers run Windows Server 2012 R2 and have the DNS Server server role installed.
On Server1, you create a standard primary zone named contoso.com.
You plan to create a standard primary zone for ad.contoso.com on Server2.
You need to ensure that Server1 forwards all queries for ad.contoso.com to Server2.
What should you do from Server1?
A. Create a trust anchor named Server2.
B. Create a conditional forward that points to Server2.
C. Add Server2 as a name server.
D. Create a zone delegation that points to Server2.
Answer: D
Explanation:
You can divide your Domain Name System (DNS) namespace into one or more zones. You can delegate management of part of your namespace to another location or department in your organization by delegating the management of the corresponding zone. For more information, see Understanding Zone Delegation.
Q12. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. All servers run Windows Server 2012 R2.
You need to collect the error events from all of the servers on Server1. The solution must ensure that when new servers are added to the domain, their error events are collected automatically on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. On Server1, create a collector initiated subscription.
B. On Server1, create a source computer initiated subscription.
C. From a Group Policy object (GPO), configure the Configure target Subscription Manager setting.
D. From a Group Policy object (GPO), configure the Configure forwarder resource usage setting.
Answer: B,C
Explanation:
To set up a Source-Initiated Subscription with Windows Server 2003/2008 so that events of interest from the Security event log of several domain controllers can be forwarded to an administrative workstation.
* Group Policy The forwarding computer needs to be configured with the address of the server to which the events are forwarded. This can be done with the following group policy setting:
Computer configuration-Administrative templates-Windows components-Event forwarding-Configure the server address, refresh interval, and issue certificate authority of a target subscription manager.
* Edit the GPO and browse to Computer Configuration | Policies | Administrative Templates | Windows Components | Event Forwarding - Configure the server address, refresh interval, and issuer certificate authority of a target Subscription Manager.
Q13. DRAG DROP
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
The domain contains an organizational unit (OU) named OU1. OU1 contains an OU named OU2. OU2 contains a user named user1.
User1 is the member of a group named Group1. Group1 is in the Users container.
You create five Group Policy objects (GPO). The GPOs are configured as shown in the following table.
The Authenticated Users group is assigned the default permissions to all of the GPOs.
There are no site-level GPOs.
You need to identify which three GPOs will be applied to User1 and in which order the GPOs will be applied to User1.
Which three GPOs should you identify in sequence? To answer, move the appropriate three GPOs from the list of GPOs to the answer area and arrange them in the correct order.
Answer:
Q14. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the DHCP Server server role and the Network Policy Server role service installed.
Server1 contains three non-overlapping scopes named Scope1, Scope2, and Scope3. Server1 currently provides the same Network Access Protection (NAP) settings to the three scopes.
You modify the settings of Scope1 as shown in the exhibit. (Click the Exhibit button.)
You need to configure Server1 to provide unique NAP enforcement settings to the NAP non-compliant DHCP clients from Scope1.
What should you create?
A. A connection request policy that has the Service Type condition
B. A connection request policy that has the Identity Type condition
C. A network policy that has the Identity Type condition
D. A network policy that has the MS-Service Class condition
Answer: D
Explanation:
MS-Service Class
Restricts the policy to clients that have received an IP address from a DHCP scope that matches the specified DHCP profile name. This condition is used only when you are deploying NAP with the DHCP enforcement method. To use the MS-Service Class attribute, in Specify the profile name that identifies your DHCP scope, type the name of an existing DHCP profile.
Open the NPS console, double-click Policies, click Network Policies, and then double-click the policy you want to configure.
In policy Properties, click the Conditions tab, and then click Add. In Select condition, scroll to the Network Access Protection group of conditions.
If you want to configure the Identity Type condition, click Identity Type, and then click Add.
In Specify the method in which clients are identified in this policy, select the items appropriate for your deployment, and then click OK.
The Identity Type condition is used for the DHCP and Internet Protocol security (IPsec) enforcement methods to allow client health checks when NPS does not receive an Access-Request message that contains a value for the User-Name attribute; in this case, client health checks are performed, but authentication and authorization are not performed.
If you want to configure the MS-Service Class condition, click MS-Service Class, and then click Add. In Specify the profile name that identifies your DHCP scope, type the name of an existing DHCP profile, and then click Add.
The MS-Service Class condition restricts the policy to clients that have received an IP address from a DHCP scope that matches the specified DHCP profile name. This condition is used only when you are deploying NAP with the DHCP enforcement method.
References: http: //technet. microsoft. com/en-us/library/cc731560(v=ws. 10). aspx
http: //technet. microsoft. com/en-us/library/cc731220(v=ws. 10). aspx
Q15. Your company has a main office and two branch offices. The main office is located in New York. The branch offices are located in Seattle and Chicago.
The network contains an Active Directory domain named contoso.com. An Active Directory site exists for each office. Active Directory site links exist between the main office and the branch offices. All servers run Windows Server 2012 R2.
The domain contains three file servers. The file servers are configured as shown in the following table.
You implement a Distributed File System (DFS) replication group named ReplGroup.
ReplGroup is used to replicate a folder on each file server. ReplGroup uses a hub and spoke topology. NYC-SVR1 is configured as the hub server.
You need to ensure that replication can occur if NYC-SVR1 fails.
What should you do?
A. Create an Active Directory site link bridge.
B. Create an Active Directory site link.
C. Modify the properties of Rep1Group.
D. Create a connection in Rep1Group.
Answer: D
Explanation:
Unsure about this answer.
D:
A:
The Bridge all site links option in Active Directory must be enabled. (This option is available in the Active Directory Sites and Services snap-in.) Turning off Bridge all site links can affect the ability of DFS to refer client computers to target computers that have the least expensive connection cost. An Intersite Topology Generator that is running Windows Server 2003 relies on the Bridge all site links option being enabled to generate the intersite cost matrix that DFS requires for its site-costing functionality. If you turn off this option, you must create site links between the Active Directory sites for which you want DFS to calculate accurate site costs. Any sites that are not connected by site links will have the maximum possible cost. For more information about site link bridging, see “Active Directory Replication Topology Technical Reference.”
Reference:
http: //faultbucket. ca/2012/08/fixing-a-dfsr-connection-problem/
http: //faultbucket. ca/2012/08/fixing-a-dfsr-connection-problem/
http: //technet. microsoft. com/en-us/library/cc771941. aspx
Q16. Your network contains two Active Directory forests named contoso.com and adatum.com. The contoso.com forest contains a server named Server1.contoso.com. The adatum.com forest contains a server named server2. adatum.com. Both servers have the Network Policy Server role service installed.
The network contains a server named Server3. Server3 is located in the perimeter network and has the Network Policy Server role service installed.
You plan to configure Server3 as an authentication provider for several VPN servers.
You need to ensure that RADIUS requests received by Server3 for a specific VPN server are always forwarded to Server1.contoso.com.
Which two should you configure on Server3? (Each correct answer presents part of the solution. Choose two.)
A. Remediation server groups
B. Remote RADIUS server groups
C. Connection request policies
D. Network policies
E. Connection authorization policies
Answer: B,C
Explanation:
To configure NPS as a RADIUS proxy, you must create a connection request policy that contains all of the information required for NPS to evaluate which messages to forward and where to send the messages.
When you configure Network Policy Server (NPS) as a Remote Authentication Dial-In User Service (RADIUS) proxy, you use NPS to forward connection requests to RADIUS servers that are capable of processing the connection requests because they can perform authentication and authorization in the domain where the user or computer account is located. For example, if you want to forward connection requests to one or more RADIUS servers in untrusted domains, you can configure NPS as a RADIUS proxy to forward the requests to the remote RADIUS servers in the untrusted domain. To configure NPS as a RADIUS proxy, you must create a connection request policy that contains all of the information required for NPS to evaluate which messages to forward and where to send the messages.
When you configure a remote RADIUS server group in NPS and you configure a connection request policy with the group, you are designating the location where NPS is to forward connection requests.
References: http: //technet. microsoft. com/en-us/library/cc754518. aspx
http: //technet. microsoft. com/en-us/library/cc754518. aspx
http: //technet. microsoft. com/en-us/library/cc754518. aspx
Q17. HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a member server that runs Windows Server 2012 R2 and has the Windows Deployment Services (WDS) server role installed.
You create a new multicast session in WDS and connect 50 client computers to the session.
When you open the Windows Deployment Services console, you discover that all of the computers are listed as pending devices.
You need to ensure that any of the computers on the network can join a multicast transmission without requiring administrator approval.
What should you configure?
To answer, select the appropriate tab in the answer area.
Answer:
Q18. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains 500 client computers that run Windows 8.1 Enterprise and Microsoft Office 2013.
You implement a Group Policy central store.
You need to modify the default Microsoft Office 2013 Save As location for all client computers. The solution must minimize administrative effort.
What should you configure in a Group Policy object (GPO)?
A. The Group Policy preferences
B. An application control policy
C. The Administrative Templates
D. The Software Installation settings
Answer: A
Explanation:
Group Policy preferences provide the means to simplify deployment and standardize configurations. They add to Group Policy a centralized system for deploying preferences (that is, settings that users can change later). You can also use Group Policy preferences to configure applications that are not Group Policy-aware. By using Group Policy preferences, you can change or delete almost any registry setting, file or folder, shortcut, and more. You are not limited by the contents of Administrative Template files.
: http://technet.microsoft.com/en-us/library/dn581922.aspx
Q19. HOTSPOT
You have a server named Server5 that runs Windows Server 2012 R2. Servers has the Windows Deployment Services server role installed.
You need to ensure that when client computers connect to Server5 by using PXE, the computers use an unattended file.
What should you configure?
To answer, select the appropriate tab in the answer area.
Answer:
Q20. Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2008 R2.
You plan to test Windows Server 2012 R2 by using native-boot virtual hard disks (VHDs).
You attach a new VHD to Server1.
You need to install Windows Server 2012 R2 in the VHD.
What should you do?
A. Run imagex.exe and specify the /append parameter.
B. Run dism.exe and specify the /apply-image parameter.
C. Run imagex.exe and specify the /export parameter.
D. Run dism.exe and specify the /append-image parameter.
Answer: B
Explanation:
On the destination computer, you will create a structure for the partitions where you apply your images. The partition structure on the destination computer must match the partition structure of the reference computer. If you apply an image to a volume with an existing Windows installation, files from the previous installation may not be deleted. Format the volume by using a tool such as DiskPart before applying the new image.