Want to know Pass4sure 70 412 exam dumps Exam practice test features? Want to lear more about Microsoft Configuring Advanced Windows Server 2012 Services certification experience? Study Highest Quality Microsoft 70 412 exam dumps answers to Far out 70 412 exam questions at Pass4sure. Gat a success with an absolute guarantee to pass Microsoft 70 412 exam (Configuring Advanced Windows Server 2012 Services) test on your first attempt.

Q9. Your network contains two DNS servers named DNS1 and DNS2 that run Windows Server 2012 R2. 

DNS1 has a primary zone named contoso.com. DNS2 has a secondary copy of the contoso.com zone. 

You need to log the zone transfer packets sent between DNS1 and DNS2. 

What should you configure? 

A. Monitoring from DNS Manager 

B. Logging from Windows Firewall with Advanced Security 

C. A Data Collector Set (DCS) from Performance Monitor 

D. Debug logging from DNS Manager 

Answer:

Explanation: 

Debug logging allows you to log the packets sent and received by a DNS server. Debug logging is disabled by default, and because it is resource intensive, you should only activate it temporarily when you need more specific detailed information about server performance. 

Reference: Active Directory 2008: DNS Debug Logging Facts. 


Q10. You have a file server named Server1 that runs a Server Core Installation of Windows Server 2012 R2. 

Server1 has a volume named D that contains user data. Server1 has a volume named E that is empty. 

Server1 is configured to create a shadow copy of volume D every hour. You need to configure the shadow copies of volume D to be stored on volume E. 

What should you run? 

A. The Set-Volume cmdlet with the -driveletter parameter 

B. The Set-Volume cmdlet with the -path parameter 

C. The vssadmin.exe add shadowstorage command 

D. The vssadmin.exe create shadow command 

Answer:

Explanation: 

Add ShadowStorage 

Adds a shadow copy storage association for a specified volume. 

Incorrect: 

Not A. Sets or changes the file system label of an existing volume. -DriveLetter Specifies a 

letter used to identify a drive or volume in the system. 

Not B. Create Shadow 

Creates a new shadow copy of a specified volume. 

Not C. Sets or changes the file system label of an existing volume -Path Contains valid 

path information. 

Reference: Vssadmin; Set-Volume 

http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx 

http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx 


Q11. Your network contains an Active Directory domain named contoso.com. The domain 

contains a certification authority (CA). 

You suspect that a certificate issued to a Web server is compromised. 

You need to minimize the likelihood that users will trust the compromised certificate. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Stop the Certificate Propagation service. 

B. Modify the validity period of the Web Server certificate template. 

C. Run certutil and specify the -revoke parameter. 

D. Run certutil and specify the -deny parameter. 

E. Publish the certificate revocation list (CRL). 

Answer: C,E 

Explanation: First revoke the certificate, then publish the CRL. 


Q12. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains two DHCP servers named Server1 and Server2. Both servers have multiple IPv4 scopes. 

Server1 and Server2 are used to assign IP addresses for the network IDs of 172.20.0.0/16 and 131.107.0.0/16. 

You install the IP Address Management (IPAM) Server feature on a server named IPAM1 and configure IPAM1 to manage Server1 and Server2. 

Some users from the 172.20.0.0 network report that they occasionally receive an IP address conflict error message. 

You need to identify whether any scopes in the 172.20.0.0 network ID conflict with one another. 

What Windows PowerShell cmdlet should you run? 

To answer, select the appropriate options in the answer area. 

Answer: 


Q13. HOTSPOT 

Your company has a primary data center and a disaster recovery data center. 

The network contains an Active Directory domain named contoso.com. The domain 

contains a server named that runs Windows Server 2012 R2. Server1 is located in the 

primary data center. 

Server1 has an enterprise root certification authority (CA) for contoso.com. 

You deploy another server named Server2 to the disaster recovery data center. 

You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point. 

You need to configure Server2 as a CRL distribution point (CDP). 

Which tab should you use to configure the required CDP entry? To answer, select the appropriate tab in the answer area. 

Answer: 


Q14. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. 

The domain controllers are configured as shown in the following table. 

You configure a user named User1 as a delegated administrator of DC10. 

You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails. 

What should you do? 

A. Add User1 to the Domain Admins group. 

B. On DC10, modify the User Rights Assignment in Local Policies. 

C. Run repadmin and specify the /prp parameter. 

D. On DC10, run ntdsutil and configure the settings in the Roles context. 

Answer:

Explanation: 

repadmin /prp will allow the password caching of the local administrator to the RODC. 

This command lists and modifies the Password Replication Policy (PRP) for read-only domain controllers (RODCs). Reference: RODC Administration https://technet.microsoft.com/en-us/library/cc755310%28v=ws.10%29.aspx 


Q15. Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com. Selective authentication is enabled on the forest trust. 

Contoso contains 10 servers that have the File Server role service installed. Users successfully access shared folders on the file servers by using permissions granted to the Authenticated Users group. 

You migrate the file servers to adatum.com. 

Contoso users report that after the migration, they are unable to access shared folders on the file servers. 

You need to ensure that the Contoso users can access the shared folders on the file servers. 

What should you do? 

A. Disable selective authentication on the existing forest trust. 

B. Disable SID filtering on the existing forest trust. 

C. Run netdom and specify the /quarantine attribute. 

D. Replace the existing forest trust with an external trust. 

Answer:

Explanation: 

Although it is not recommended, you can use this procedure to disable security identifier (SID) filter quarantining for an external trust with the Netdom.exe tool. You should consider disabling SID filter quarantining only in the following situations: 

* Users have been migrated to the trusted domain with their SID histories preserved, and you want to grant those users access to resources in the trusting domain (the former domain of the migrated users) based on the sIDHistory attribute. 

Etc. 

Reference: Disabling SID filter quarantining 

http://technet.microsoft.com/en-us/library/cc794713(v=ws.10).aspx 


Q16. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers are configured as nodes in an NLB cluster named Cluster1. 

Port rules are configured for all clustered Applications. 

You need to ensure that Server2 handles all client requests to the cluster that are NOT covered by a port rule. 

What should you configure? 

A. Affinity-None 

B. Affinity-Single 

C. The cluster quorum settings 

D. The failover settings 

E. A file server for general use 

F. The Handling priority 

G. The host priority 

H. Live migration 

I. The possible owner 

J. The preferred owner 

K. Quick migration 

L. The Scale-Out File Server 

Answer:

Explanation: 

Host Priorities Each cluster host is assigned a unique host priority in the range of 1 to 32, where lower numbers denote higher priorities. The host with the highest host priority (lowest numeric value) is called the default host. It handles all client traffic for the virtual IP addresses that is not specifically intended to be load-balanced. This ensures that server applications not configured for load balancing only receive client traffic on a single host. If the default host fails, the host with the next highest priority takes over as default host. 

Reference: Network Load Balancing Technical Overview 

http://technet.microsoft.com/en-us/library/bb742455.aspx