Testking 70-412 mastering supplies re ready on your competencies plus expertise in The idea authorities a lengthy good reputation for individuals knowledgeable issues, some people asked for the particular Microsoft qualifications. Microsoft 70-412 shows you which will getting ones targets. Testking 70-412 also referred to as the particular Testking, not waste time and funds, as it can easily eliminate the many issues, you dont need to trap with various other software package of the identical characteristics.
2021 Mar 70-412 training
Q91. Your network contains an Active Directory forest named contoso.com. The forest contains three domains. All domain controllers run Windows Server 2012 R2.
The forest has a two-way realm trust to a Kerberos realm named adatum.com.
You discover that users in adatum.com can only access resources in the root domain of contoso.com.
You need to ensure that the adatum.com users can access the resources in all of the domains in the forest.
What should you do in the forest?
A. Delete the realm trust and create a forest trust.
B. Delete the realm trust and create three external trusts.
C. Modify the incoming realm trust.
D. Modify the outgoing realm trust.
Answer: D
Explanation:
* A one-way, outgoing realm trust allows resources in your Windows Server domain (the domain that you are logged on to at the time that you run the New Trust Wizard) to be accessed by users in the Kerberos realm.
* You can establish a realm trust between any non-Windows Kerberos version 5 (V5) realm and an Active Directory domain. This trust relationship allows cross-platform interoperability with security services that are based on other versions of the Kerberos V5 protocol, for example, UNIX and MIT implementations. Realm trusts can switch from nontransitive to transitive and back. Realm trusts can also be either one-way or two-way.
Reference: Create a One-Way, Outgoing, Realm Trust
Q92. Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company. The URL of the website is http://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to access the website. However, some users who work from home report that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately.
What should you do?
A. Run Set-DnsServerScavenging.
B. Run ipconfig and specify the FlushDns parameter.
C. RunSet-DnsServerResourceReeordAging.
D. Run dnscmd and specify the ClearCache parameter.
Answer: D
Explanation:
Clear the DNS cache on the DNS server with either Dnscmd /ClearCache (from command prompt) or Clear-DnsServerCache (from Windows PowerShell).
Reference: Technet, Dnscmd
Q93. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed.
You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL).
You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted.
Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.)
A. Client Authentication
B. Kernel Mode Code Signing
C. Server Authentication
D. IP Security end system
E. KDC Authentication
Answer: A,C
Explanation:
You need to use certificate-based authentication if you want transmitted data to be encrypted.
Replica Server Certificate Requirements
To enable a server to receive replication traffic, the certificate in the replica server must meet the following conditions
* Enhanced Key Usage must support both Client and Server authentication
Etc.
Reference: Hyper-V Replica - Prerequisites for certificate based deployments
http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificate-requirements.aspx
Q94. HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains the two servers.
The servers are configured as shown in the following table.
You investigate a report about the potential compromise of a private key for a certificate issued to Server2.
You need to revoke the certificate issued to Server2. The solution must ensure that the revocation can be reverted.
Which reason code should you select?
To answer, select the appropriate reason code in the answer area.
Answer:
Q95. Your network contains 20 iSCSI storage appliances that will provide storage for 50 Hyper-V hosts running Windows Server 2012 R2.
You need to configure the storage for the Hyper-V hosts. The solution must minimize administrative effort.
What should you do first?
A. Install the iSCSI Target Server role service and configure iSCSI targets.
B. Install the iSNS Server service feature and create a Discovery Domain.
C. Start the Microsoft iSCSI Initiator Service and configure the iSCSI Initiator Properties.
D. Install the Multipath I/O (MPIO) feature and configure the MPIO Properties.
Answer: A
Explanation:
Windows Server 2012 includes an iSCSI Target role that, along with Failover Clustering,
allows it to become a cost-effective and highly-available iSCSI Storage Array. We can connect from our Hyper-V host to the iSCSI target on the storage array with the following PowerShell command line:
New-IscsiTargetPortal –TargetPortalAddress <IP_Address or FQDN of storage array>
$target = Get-IscsiTarget
Connect-IscsiTarget –NodeAddress $target.NodeAddress
Incorrect:
Not B. Discovery Domains in an iSCSI fabric, like zones in a Fibre Channel fabric, enable you to partition the storage resources in your storage area network (SAN). By creating and managing Discovery Domains, you can control the iSCSI targets that each iSCSI initiator can see and log on to.
Reference: Configure iSCSI Target Server Role on Windows Server 2012
Latest 70-412 download:
Q96. Your network contains one Active Directory forest named contoso.com. The forest contains two child domains and six domain controllers. The domain controllers are configured as shown in the following table.
For the contoso.com domain, a company policy states that administrators must be able to retrieve a list of all the users who have not logged on to the network in the last seven days from any domain controller.
You need to ensure that the users’ last logon information from the last seven days is replicated to all of the domain controllers.
What should you use?
A. Set-ADSite
B. Set-ADReplicationSite
C. Set-ADDomain
D. Set-ADReplicationSiteLink
E. Set-ADGroup
F. Set-ADForest
G. Netdom
Answer: C
Reference: Technet, Set-ADDomain
https://technet.microsoft.com/en-us/library/ee617212.aspx
Q97. Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2 and two domain controllers named DC1 and DC2. Both domain controllers are located in Site1.
You install an additional domain controller named DC3 in Site1 and you ship DC3 to Site2.
A technician connects DC3 to Site2.
You discover that users in Site2 are authenticated by all three domain controllers.
You need to ensure that the users in Site2 are authenticated by DC1 or DC2 only if DC3 is unavailable.
What should you do?
A. From Network Connections, modify the IP address of DC3.
B. In Active Directory Sites and Services, modify the Query Policy of DC3.
C. From Active Directory Sites and Services, move DC3.
D. In Active Directory Users and Computers, configure the insDS-PrimaryComputer attribute for the users in Site2.
Answer: C
Explanation:
DC3 needs to be moved to Site2 in AD DS
Incorrect:
Not A. Modifying IP will not affect authentication
Not B. A query policy prevents specific Lightweight Directory Access Protocol (LDAP)
operations from adversely impacting the performance of the domain controller and also
makes the domain controller more resilient to denial-of-service attacks.
Reference: Move a domain controller between sites
http://technet.microsoft.com/en-us/library/cc759326(v=ws.10).aspx
Q98. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1.
You configure File Services and DHCP as clustered resources for Cluster1. Server1 is the active node for both clustered resources.
You need to ensure that if two consecutive heartbeat messages are missed between Server1 and Server2, Server2 will begin responding to DHCP requests. The solution must ensure that Server1 remains the active node for the File Services clustered resource for up to five missed heartbeat messages.
What should you configure?
A. Affinity-None
B. Affinity-Single
C. The cluster quorum settings
D. The failover settings
E. A file server for general use
F. The Handling priority
G. The host priority
H. Live migration
I. The possible owner
J. The preferred owner
K. Quick migration
L. the Scale-Out File Server
Answer: D
Explanation:
The number of heartbeats that can be missed before failover occurs is known as the heartbeat threshold. Heartbeat threshold is failover clustering setting.
Reference: Tuning Failover Cluster Network Thresholds
http://technet.microsoft.com/en-us/library/dn265972.aspx
http://technet.microsoft.com/en-us/library/dd197562(v=ws.10).aspx
http://blogs.msdn.com/b/clustering/archive/2012/11/21/10370765.aspx
Q99. You have a server named Server1 that runs Windows Server 2012 R2.
Server1 fails.
You identify that the master boot record (MBR) is corrupt.
You need to repair the MBR.
Which tool should you use?
A. Bcdedit
B. Bcdboot
C. Bootrec
D. Fixmbr
Answer: C
Explanation:
Repairing an unbootable Windows installation with bootrec.exe If the boot/recovery partition is corrupted or lost, you can modify your Windows OS partition to boot.
. Boot from your Windows Vista/7/Server2008/R2/2012 media and choose the
"Repair Windows" option. . Open the command prompt. . Using diskpart, mark your Windows partition as bootable. . If your windows partition does not have it, copy the "boot" folder from the
installation media.
. Run the following commands: >c: >cd boot >attrib bcd -s -h -r >ren c:\boot\bcd bcd.old >bootrec /RebuildBcd Reboot and Windows should boot normally. If not, return to the command prompt and run: >bootrec /FixMBR >bootrec /FixBoot
Incorrect: Not A. BCDEdit is a command-line tool for managing BCD stores. It can be used for a variety of purposes, including creating new stores, modifying existing stores, adding boot menu options, and so on. BCDEdit serves essentially the same purpose as Bootcfg.exe on earlier versions of Windows Not B. The BCDboot tool is a command-line tool that enables you to manage system partition files Not D. Fixmbr is not a tool. Fixmbr is an option when using the bootrec tool.
Reference: Windows BCD Store
http://www.itsgotme.com/wiki/Windows_BCD
Q100. You have a server named Server1 that runs Windows Server 2012 R2.
Windows Server 2012 R2 is installed on volume C.
You need to ensure that Safe Mode with Command Prompt loads the next time Server1
restarts.
Which tool should you use?
A. The Restart-Server cmdlet
B. The Bootcfg command
C. The Restart-Computer cmdlet
D. The Bcdedit command
Answer: D
Explanation:
How To Force Windows To Restart in Safe Mode
1. Open Advanced Startup Options in Windows 8
2. Open Command Prompt.
3. With Command Prompt open, execute the correct bcdedit command as shown below based on which Safe Mode option you'd like to start:
Safe Mode:
bcdedit /set {default} safeboot minimal
http://pcsupport.about.com/od/repair-recovery/a/force-or-stop-safe-mode-windows.htm