Act now and download your Microsoft 70 417 dumps test today! Do not waste time for the worthless Microsoft 70 417 vce tutorials. Download Leading Microsoft Upgrading Your Skills to MCSA Windows Server 2012 exam with real questions and answers and begin to learn Microsoft 70 417 vce with a classic professional.

Q1. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. 

The domain contains an Edge Server named Server1. Server1 is configured as a DirectAccess server. Server1 has the following settings: 

Internal DNS name: Server1.contoso.com External DNS name: dal.contoso.com Internal IPv6 address: 2002:cla8:6a:3333::l External IPv4 address: 65.55.37.62 

Your company uses split-brain DNS for the contoso.com zone. 

You run the Remote Access Setup wizard as shown in the following exhibit. (Click the Exhibit button.) 

... 

You need to ensure that client computers on the Internet can establish DirectAccess connections to Server1. 

Which additional name suffix entry should you add from the Remote Access Setup wizard? 

A. A Name Suffix value of Server1.contoso.com and a blank DNS Server Address value 

B. A Name Suffix value of dal.contoso.com and a blank DNS Server Address value 

C. A Name Suffix value of Server1.contoso.com and a DNS Server Address value of 

65.55.37.62 

D. A Name Suffix value of dal.contoso.com and a DNS Server Address value of 

65.55.37.62 

Answer:

Explanation: 

*

 In a non-split-brain DNS environment, the Internet namespace is different from the intranet namespace. For example, the Contoso Corporation uses contoso.com on the Internet and corp.contoso.com on the intranet. Because all intranet resources use the corp.contoso.com DNS suffix, the NRPT rule for corp.contoso.com routes all DNS name queries for intranet resources to intranet DNS servers. DNS name queries for names with the contoso.com suffix do not match the corp.contoso.com intranet namespace rule in the NRPT and are sent to Internet DNS servers. 

*

 Split-brain DNS is a configuration method that enables proper resolution of names (e.g., example.com) from both inside and outside of your local network. 

Note: For split-brain DNS deployments, you must list the FQDNs that are duplicated on the Internet and intranet and decide which resources the DirectAccess client should reach, the intranet version or the public (Internet) version. For each name that corresponds to a resource for which you want DirectAccess clients to reach the public version, you must add the corresponding FQDN as an exemption rule to the NRPT for your DirectAccess clients. Name suffixes that do not have corresponding DNS servers are treated as exemptions. 

Reference: Design Your DNS Infrastructure for DirectAccess 


Q2. Your network contains two Active Directory forests named contoso.com and adatum.com. 

Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com. 

Selective authentication is enabled on the forest trust. 

Contoso contains 10 servers that have the File Server role service installed. 

Users successfully access shared folders on the file servers by using permissions granted 

to the Authenticated Users group. 

You migrate the file servers to adatum.com. 

Contoso users report that after the migration, they are unable to access shared folders on 

the file servers. 

You need to ensure that the Contoso users can access the shared folders on the file 

servers. 

What should you do? 

A. Disable selective authentication on the existing forest trust 

B. Disable SID filtering on the existing forest trust 

C. Run netdom and specify the /quarantine attribute 

D. Replace the existing forest trust with an external trust. 

Answer:


Q3. Your network contains an Active Directory domain named adatum.com. The domain contains a member server named Server1 and a domain controller named DC2. All servers run Windows Server 2012 R2. 

On DC2, you open Server Manager and you add Server1 as another server to manage. 

From Server Manager on DC2, you right-click Server1 as shown in the exhibit. (Click the Exhibit button.) 

You need to ensure that when you right-click Server1, you see the option to run the DHCP console. 

What should you do? 

A. On Server1, install the Feature Administration Tools. 

B. On DC2 and Server1, run winrmquickconfig. 

C. On DC2, install the Role Administration Tools. 

D. In the domain, add DC1 to the DHCP Administrators group. 

Answer:

Explanation: 

http://technet.microsoft.com/en-us/library/hh921475.aspx "In Windows Server 2012 R2 Preview and Windows Server 2012 R2, remote management is enabled by default. Before administrators can connect to a computer that is running Windows Server 2012 R2 Preview or Windows Server 2012 R2 remotely by using Server Manager, Server Manager remote management must be enabled on the destination computer if it has been disabled." 


Q4. Your company's security policy states that all of the servers deployed to a branch office must not have the graphical user interface (GUI) installed. In a branch office, a support technician installs a server with a GUI installation of Windows Server 2012 R2 on a new server, and then configures the server as a DHCP server. 

You need to ensure that the new server meets the security policy. You want to achieve this goal by using the minimum amount of administrative effort. 

What should you do? 

A. From Server Manager, uninstall the User Interfaces and Infrastructure feature. 

B. Reinstall Windows Server 2012 R2on the server. 

C. From Windows PowerShell, run Uninstall-WindowsFeature Desktop-Experience. 

D. From Windows PowerShell, run Uninstall-WindowsFeature PowerShell-ISE. 

Answer:


Q5. Your network contains an Active Directory domain named contoso.com. The domain contains three servers named Server1, Server2, and Server3 that run Windows Server 2012 R2. All three servers have the Hyper-V server role installed and the Failover Clustering feature installed. 

Server1 and Server2 are nodes in a failover cluster named Cluster1. Several highly available virtual machines run on Cluster1. Cluster1 has that Hyper-V Replica Broker role installed. The Hyper-V Replica Broker currently runs on Server1. 

Server3 currently has no virtual machines. 

You need to configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster1. 

Which two tools should you use? {Each correct answer presents part of the solution. Choose two.) 

A. The Hyper-V Manager console connected to Server3 

B. The Failover Cluster Manager console connected to Server3 

C. The Hyper-V Manager console connected to Server1. 

D. The Failover Cluster Manager console connected to Cluster1 

E. The Hyper-V Manager console connected to Server2 

Answer: A,D 

Explanation: 

Steps: Install the Replica Broker Hyper-v "role" configure replication on Server 3 in Hyper-V manager and mention the cluster (that's why a replica broker is needed) configure replication on Cluster 1 using the failover cluster manager. Using Hyper-V Replica in a failover cluster The configuration steps previously described Apply to VMs that are not hosted in a failover cluster. However, you might want to provide an offsite replica VM for a clustered VM. In this scenario, you would provide two levels of fault tolerance. The failover cluster is used to provide local fault tolerance, for example, if a physical node fails within a functioning data center. The offsite replica VM, on the other hand, could be used to recover only from sitelevel failures, for example, in case of a power outage, weather emergency, or natural disaster. The steps to configure a replica VM for a clustered VM differ slightly from the normal configuration, but they aren't complicated. The first difference is that you begin by opening Failover Cluster Manager, not Hyper-V Manager. In Failover Cluster Manager, you then have to add a failover cluster role named Hyper-V Replica Broker to the cluster. (Remember, the word "role" is now used to describe a hosted service in a failover cluster.) To add the Hyper-V Replica Broker role, right-click the Roles node in Failover Cluster Manager and select Configure Role. This step opens the High Availability Wizard. In the High Availability Wizard, select Hyper-V Replica Broker 


Q6. OTSPOT 

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed. 

You need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1 by using TCP port 443. 

What should you modify? To answer, select the appropriate object in the answer area. 

Answer: 

418. You have a server named Server1 that runs Windows Server 2012 R2. You modify the 

properties of a system driver and you restart Server1. 

You discover that Server1 continuously restarts without starting Windows Server 2012 R2. 

You need to start Windows Server 2012 R2 on Server1 in the least amount of time. 

The solution must minimize the amount of data loss. 

Which Advanced Boot Option should you select? 

A. Repair Your Computer 

B. Disable Driver Signature Enforcement 

C. Last Know Good Configuration (advanced) 

D. Disable automatic restart on system failure 

Answer:

Explanation: 

Last known good configuration is used when a modification made to the registry base prevent the computer to restart normally (like after installing an Application for example, or a driver...). 


Q7. Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 

You are creating a central access rule named Test Finance that will be used to audit members of the Authenticated users group for access failure to shared folders in the finance department. 

You need to ensure that access requests are unaffected when the rule is published. 

What should you do? 

A. Set the Permissions to Use the following permissions as proposed permissions. 

B. Add a Resource condition to the current permissions entry for the Authenticated Users principal. 

C. Set the Permissions to Use following permissions as current permissions. 

D. Add a User condition to the current permissions entry for the Authenticated Users principal. 

Answer:

Explanation: 

http://technet.microsoft.com/en-us/library/jj134043.aspx 


Q8. Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. You need to create a custom Active Directory Application partition. 

Which tool should you use? 

A. Netdom 

B. Ntdsutil 

C. Dsmod 

D. Dsamain 

Answer:

Explanation: 

*

 To create or delete an application directory partition Open Command Prompt. Type:ntdsutil At the ntdsutil command prompt, type:domain management At the domain management command prompt, type:connection At the server connections command prompt, type:connect to server ServerName At the server connections command prompt, type:quit At the domain management command prompt, do one of the following: 

*

 partition management Manages directory partitions for Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS). This is a subcommand of Ntdsutil and Dsmgmt. Ntdsutil and Dsmgmt are command-line tools that are built into Windows Server 2008 and Windows Server 2008 R2. / partition management create nc %s1 %s2 Creates the application directory partition with distinguished name %s1, on the Active Directory domain controller or AD LDS instance with full DNS name %s2. If you specify "NULL" for %s2, this command uses the currently connected Active Directory domain controller. Use this command only with AD DS. For AD LDS, use create nc %s1 %s2 %s3. Note: 

*

 An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition.