Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 2)
Your network contains an Active Directory domain named contoso.com.
An administrator provides you with a file that contains the information to create user accounts for 200 temporary employees. The file is shown in the exhibit. (Click the Exhibit button.)
You need to automate the creation of the user accounts. You must achieve this goal by using the minimum amount of administrative effort.
Which tool should you use?
A. Ldifde
B. csvde
C. Dsadd
D. Net user
Answer: B
Explanation:
csvde – Imports and exports data from Active Directory Domain Services (AD DS) using files that store data in the comma-separated value (CSV) format. You can also support batch operations based on the CSV file format standard. Net user – Adds or modifies user accounts, or displays user account information. Ldifde – Creates, modifies, and deletes directory objects. You can also use ldifde to extend the schema, export Active Directory user and group information to other applications or services, and populate Active Directory Domain Services (AD DS) with data from other directory services. Dsadd – Adds specific types of objects to the directory.
csvde.exe is the best option to add multiple users. As you just need to export the excel
spreadsheet as a .csv file and make sure the parameters are correct.
You can use Csvde to import and export Active Directory data that uses the comma-
separated value format.
Use a spreadsheet program such as Microsoft Excel to open this .csv file and view the
header and value information.
References:
Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2: Chapter 5: Install
and administer Active Directory, Objective 5.2: Create and Manage Active Directory Users
and Computers, p. 269
Q2. - (Topic 1)
Your network contains a server named Server1 that runs Windows Server 2012
R2.Server1 has the Hyper-V server role installed.
Server1 hosts four virtual machines named VM1, VM2, VM3, and VM4.
Server1 is configured as shown in the following table.
VM2 sends and receives large amounts of data over the network.
You need to ensure that the network traffic of VM2 bypasses the virtual switches of the parent partition.
What should you configure?
A. NUMA topology
B. Resource control
C. resource metering
D. virtual Machine Chimney
E. The VLAN ID
F. Processor Compatibility
G. The startup order
H. Automatic Start Action
I. Integration Services
J. Port mirroring
K. Single-root I/O virtualization
Answer: K
Explanation:
Single-root I/O virtualization -capable network adapters can be assigned directly to a virtual machine to maximize network throughput while minimizing network latency and the CPU overhead required for processing network traffic.
References:
http://technet.microsoft.com/en-us/library/cc766320(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh831410.aspx
Exam Ref 70-410, Installing and Configuring Windows Server 2012 R2, Chapter 3: Configure Hyper-V, Objective 3.1: Create and Configure virtual machine settings, p.144 Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 7: Hyper-V Virtualization, Lesson 2: Deploying and configuring virtual machines, p.335
Q3. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. You have a Group Policy object (GPO) named GP1 that is linked to the domain. GP1 contains a software restriction policy that blocks an application named App1.
You have a workgroup computer named Computer1 that runs Windows 8. A local Group Policy on Computer1 contains an application control policy that allows App1.
You join Computer1 to the domain.
You need to prevent App1 from running on Computer1.
What should you do?
A. From Computer1, run gpupdate/force.
B. From Group Policy Management, add an application control policy to GP1.
C. From Group Policy Management, enable the Enforced option on GP1.
D. In the local Group Policy of Computer1, configure a software restriction policy.
Answer: B
Explanation:
AppLocker policies take precedence over policies generated by SRP on computers that are
running an operating system that supports AppLocker.
AppLocker policies in the GPO are applied, and they supersede the policies generated by
SRP in the GPO and local AppLocker policies or policies generated by SRP.
Q4. DRAG DROP - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs a Server Core installation of Windows Server 2012 R2.
You install the DNS Server server role on Server1.
You need to perform the following configurations on Server1:
. Create an Active Directory-integrated zone named adatum.com. . Send unresolved DNS client queries for other domain suffixes to the DNS server of your company's Internet Service Provider (ISP).
Which Windows PowerShell cmdlets should you use?
To answer, drag the appropriate cmdlet to the correct configuration in the answer area. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q5. - (Topic 1)
Your network contains an Active Directory forest. The forest functional level is Windows Server 2012 R2. The forest contains a single domain. The domain contains a member server named Server1. Server1 runs windows Server 2012 R2.
You purchase a network scanner named Scanner1 that supports Web Services on Devices (WSD).
You need to share the network scanner on Server1.
Which server role should you install on Server1?
A. Web Server (IIS)
B. Fax Server
C. Print and Document Services
D. File and Storage Services
Answer: C
Explanation:
The Print and Document Services role allows for the configuration to share printers,
scanners and fax devices.
References:
Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2, Chapter 1:
Installing and Configuring servers, Objective 1.2: Configure servers, p. 8
http://technet.microsoft.com/en-us/library/hh831468.aspx
Q6. - (Topic 3)
Your network contains one Active Directory domain named contoso.com. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01.
The domain contains an administrator account named Admin1.
You need to prevent Admin1 from creating more than 100 objects in the domain partition.
Which tool should you use?
A. the ntdsutil command
B. the Set-ADDomain cmdlet
C. the Install-ADDSDomain cmdlet
D. the dsadd command
E. the dsamain command
F. the dsmgmt command
G. the net user command
H. the Set-ADForest cmdlet
Answer: D
Explanation:
Active Directory quotas are limits on the number of objects that a security principal (that has been delegated the Create Child Objects or Delete Child Objects permission) can own and create. To assign a quota to a security principal, you must use the directory services tools. The command and required parameters for assigning a quota to a security principal are as follows:
dsadd quota –part <partition distinguished name> –qlimit <quotalimit> –acct <security prinicipal>
Reference: Active Directory Quotas
https://technet.microsoft.com/en-us/library/cc904295(v=ws.10).aspx
Q7. - (Topic 3)
You have a network printer connected to print server. You need to be able to print if print server goes down.
What should you configure?
A. branch office direct printing
B. printer pooling
C. spooling
D. Print forwarding
Answer: A
Explanation:
Branch Office Direct Printing can reduce Wide Area Network (WAN) usage by printing directly to a print device instead of a server print queue. This feature can be enabled or disabled on a per printer basis and is transparent to the user. It is enabled by an administrator using the Print Management Console or Windows PowerShell on the server.
The printer information is cached in the branch office, so that if the print server is unavailable for some reason (for example if the WAN link to the data center is down), then it is still possible for the user to print. Branch Office Direct Printing requires the following operating systems: Windows Server 2012 Windows 8
Q8. - (Topic 3)
Which of the following is not a correct reason for creating an OU?
A. To create a permanent container that cannot be moved or renamed
B. To duplicate the divisions in your organization
C. To delegate administration tasks
D. To assign different Group Policy settings to a specific group of users or computers
Answer: A
Explanation:
A. Correct: The reasons for creating an OU include duplicating organizational divisions, assigning Group Policy settings, and delegating administration. You can easily move or rename an OU at will.
B. Incorrect: Duplicating organizational divisions is a viable reason for creating an OU.
C. Incorrect: Delegating administration tasks is a viable reason for creating an OU.
D. Incorrect: Assigning Group Policy settings is a viable reason for creating an OU.
Q9. - (Topic 3)
You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 installed, and all workstations have Windows 8 installed.
You are running a training exercise for junior administrators. You are currently discussing the Always Offline Mode.
Which of the following is TRUE with regards to the Always Offline Mode? (Choose all that apply.)
A. It allows for swifter access to cached files and redirected folders.
B. To enable Always Offline Mode, you have to satisfy the forest and domain functional-level requirements, as well as schema requirements
C. It allows for lower bandwidth usage due to users are always working offline.
D. To enable Always Offline Mode, you must have workstations running Windows 7 or Windows Server 2008 R2.
Answer: A,C
Explanation:
There are no domain/forest/schema requirements, but clients must be running Windows
8/Windows Server 2012 or later.
Offline Files have four modes of operation:
Online Slow link Auto offline Manual offline Offline Files transition between the three modes online, slow link and auto offline depending on connection speed. The user can always override the automatic mode selection by manually switching to manual offline mode. To determine the connection speed two pings with default packet size are sent to the file server. If the average round-trip time is below 80 ms (Windows 7) or 35 ms (Windows 8), the connection is put into online mode, otherwise into slow link mode. The latency value of 35/80 ms is configurable through the Group Policy setting Configure slow-link mode. Reads, Writes and Synchronization In online mode, changes to files are made on the file server as well as in the local cache (this induces a performance hit – see this article for details). Reads are satisfied from the local cache (if in sync). In slow link mode, changes to files are made in the local cache. The local cache is background-synchronized with the file server every 6 hours (Windows 7) or 2 hours (Windows 8), by default. This can be changed through the Group Policy setting Configure Background Sync. . In auto offline mode, all reads and writes go to the local cache. No synchronization occurs. . In manual offline mode, all reads and writes go to the local cache. No synchronization occurs by default, but background synchronization can be enabled through the Group Policy setting Configure Background Sync.
Q10. - (Topic 1)
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2.Server1 has the virtual switches listed in the following table.
You create a virtual machine named VM1.VM1 has two network adapters. One network adapter connects to vSwitch1. The other network adapter connects to vSwitch2.You configure NIC teaming on VM1.
You need to ensure that if a physical NIC fails on Server1, VM1 remains connected to the network.
What should you do on Server1?
A. Run the Set-VmNetworkAdaptercmdlet.
B. Add a new network adapter to VM1.
C. Create a new virtual switch on Server 1.
D. Modify the properties of vSwitch1 and vSwitch2.
Answer: A
Q11. - (Topic 3)
Your company has an Active Directory domain. You log on to the domain controller. The Active Directory Schema snap-in is not available in the Microsoft Management Console (MMC).
You need to access the Active Directory Schema snap-in. What should you do?
A. Register Schmmgmt.dll.
B. Log off and log on again by using an account that is a member of the Schema Admins group.
C. Use the Ntdsutil.exe command to connect to the schema master operations master and open the schema for writing.
D. Add the Active Directory Lightweight Directory Services (AD/LDS) role to the domain controller by using Server Manager.
Answer: A
Explanation:
Install the Active Directory Schema Snap-In You can use this procedure to first register the dynamic-link library (DLL) that is required for the Active Directory Schema snap-in. You can then add the snap-in to Microsoft Management Console (MMC).
To install the Active Directory Schema snap-in:
1. To open an elevated command prompt, click Start, type command prompt and then right-click Command Prompt when it appears in the Start menu. Next, click Run as administrator
and then click OK.
To open an elevated command prompt in Windows Server 2012 R2, click Start, type cmd,
right-click cmd and then click Run as administrator.
2. Type the following command, and then press ENTER: regsvr32 schmmgmt.dll
3. Click Start, click Run, type mmc and then click OK.
4. On the File menu, click Add/Remove Snap-in.
5. Under Available snap-ins, click Active Directory Schema, click Add and then click OK.
6. To save this console, on the File menu, click Save.
7. In the Save As dialog box, do one of the following:
* To place the snap-in in the Administrative Tools folder, in File name, type a name for the snap-in, and then click Save.
* To save the snap-in to a location other than the Administrative Tools folder, in Save in , navigate to a location for the snap-in. In File name, type a name for the snap-in, and then click Save.
Q12. HOTSPOT - (Topic 3)
You have a server named Server1 that runs Windows Server 2012 R2.
Several users are members of the local Administrators group.
You need to ensure that all local administrators receive User Account Control (UAC)
prompts when they run a Microsoft Management Console (MMC).
Which settings should you modify from the Local Security Policy? To answer, select the
appropriate settings in the answer area.
Answer:
Q13. HOTSPOT - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed.
You need to implement NIC teaming on Server1.
Which two network connections should you include on the NIC team? (To answer, select the two appropriate network connections in the answer area.)
Answer:
Q14. - (Topic 3)
Your network contains an Active Directory domain named contoso.com.
You have a starter Group Policy object (GPO) named GPO1 that contains more than 100
settings.
You need to create a new starter GPO based on the settings in GPO1.
You must achieve this goal by using the minimum amount of administrative effort.
What should you do?
A. Run the New-GPStarterGPO cmdlet and the Copy-GPO cmdlet.
B. Create a new starter GPO and manually configure the policy settings of the starter GPO.
C. Right-click GPO1, and then click Back Up. Create a new starter GPO. Right-click the new GPO, and then click Restore from Backup.
D. Right-click GPO1, and then click Copy. Right-click Starter GPOs, and then click Paste.
Answer: B
Explanation:
Although GPOs and Starter GPOs can both be copied, and a Starter GPO can be used to create a new GPO (as that is their purpose), an existing GPO cannot be copied to a new Starter GPO (unfortunately).
Q15. - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2.
You need to enable access-based enumeration for a file share on Server1.
Which tool should you use?
A. File Server Resource Manager (FSRM)
B. Share and Storage Management
C. Server Manager
D. File Explorer
Answer: C
Explanation:
Access-based enumeration displays only the files and folders that a user has permissions to access. It is a feature that was previously available as a downloadable package for the Windows Server. 2003 operating system (it was also included in Windows Server 2003 Service Pack 1). Access-based enumeration is now included in the Windows Server 2008 operating system, and you can enable it by using Share and Storage Management.