Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 3)
You have a server that runs Windows Server 2012 R2. The server contains the disks configured as shown in the following table.
You need to create a volume that can store up to 3 TB of user files. The solution must ensure that the user files are available if one of the disks in the volume fails. What should you create?
A. A mirrored volume on Disk 1 and Disk 4
B. A storage pool on Disk 2 and Disk 3
C. A storage pool on Disk 1 and Disk 3
D. A mirrored volume on Disk 2 and Disk 3
Answer: D
Q2. - (Topic 2)
Your network contains an Active Directory domain named contoso.com.
You log on to a domain controller by using an account named Admin1. Admin1 is a member of the Domain Admins group.
You view the properties of a group named Group1 as shown in the exhibit. (Click the Exhibit button.)
Group1 is located in an organizational unit (OU) named OU1.
You need to ensure that you can modify the Security settings of Group1 by using Active Directory Users and Computers.
What should you do from Active Directory Users and Computers?
A. From the View menu, select Users, Contacts, Groups, and Computers as containers.
B. Right-click OU1 and select Delegate Control
C. From the View menu, select Advanced Features
D. Right-click contoso.com and select Delegate Control.
Answer: C
Explanation:
From ADUC select view toolbar then select advanced features. When you open up the ADUC in a default installation of Active Directory, you are only presented with the basic containers. These basic containers include the only organizational unit (OU), which is the Domain Controllers OU, as wellas the other containers such as Users and Computers. To see more in-depth containers, you need to configure the ADUC by going to the View option on the toolbar, then selecting Advanced Features. This will refresh the view within the ADUC and add some new containers. There are no hidden (or Advanced) OUs that will show up when you configure the ADUC in this way.
Q3. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a server named Server1.
You open Review Options in the Active Directory Domain Services Configuration Wizard, and then you click View script.
You need to ensure that you can use the script to promote Server1 to a domain controller.
Which file extension should you use to save the script?
A. .bat
B. .cmd
C. .ps1
D. .xml
Answer: C
Explanation:
PowerShell scripts are saved with the extension ".ps1".
From http://technet.microsoft.com/en-us/library/jj574105.aspx The Review Options page in Server Manager also offers an optional View Script button to create a Unicode text file that contains the current ADDS Deployment configuration as a single Windows PowerShell script. This enables you to use the Server Manager graphical interface as a Windows PowerShell deployment studio. Use the Active Directory Domain Services Configuration Wizard to configure options, export the configuration, and then cancel the wizard. This process creates a valid and syntactically correct sample for further modification or direct use.
Q4. - (Topic 3)
You have a server named Server1 that runs a full installation of Windows Server 2012 R2.
You need to uninstall the graphical user interface (GUI) on Server1. You must achieve this goal by using the minimum amount of Administrative effort. What should you do?
A. Reinstall Windows Server 2012 R2 on the server.
B. From Server Manager, uninstall the User Interfaces and Infrastructure feature.
C. From Windows PowerShell, run Uninstall-WindowsFeature PowerShell-ISE
D. From Windows PowerShell, run Uninstall-WindowsFeature Desktop-Experience.
Answer: B
Q5. - (Topic 3)
You install Windows Server 2012 R2 on a standalone server named Server1. You configure Server1 as a VPN server.
You need to ensure that client computers can establish PPTP connections to Server1.
Which two firewall rules should you create? (Each correct answer presents part of the solution. Choose two.)
A. An inbound rule for protocol 47
B. An outbound rule for protocol 47
C. An inbound rule for TCP port 1723
D. An inbound rule for TCP port 1701
E. An outbound rule for TCP port 1723
F. An outbound rule for TCP port 1701
Answer: A,C
Explanation:
The following is a list of firewall ports which need to be opened for the various VPN tunnel
protocols:
For PPTP:
IP Protocol=TCP, TCP Port number=1723 <- Used by PPTP control path
IP Protocol=GRE (value 47) <- Used by PPTP data path
For L2TP:
IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv1 (IPSec control path)
IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv1 (IPSec control path)
IP Protocol Type=ESP (value 50) <- Used by IPSec data path
For SSTP:
IP Protocol=TCP, TCP Port number=443 <- Used by SSTP control and data path
For IKEv2:
IP Protocol Type=UDP, UDP Port Number=500 <- Used by IKEv2 (IPSec control path)
IP Protocol Type=UDP, UDP Port Number=4500 <- Used by IKEv2 (IPSec control path)
IP Protocol Type=ESP (value 50) <- Used by IPSec data path
Q6. - (Topic 1)
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2.
The domain contains a user named User1 and a global security group named Group1.
You need to prevent User1 from changing his password. The solution must minimize administrative effort.
Which cmdlet should you run?
A. Add-AdPrincipalGroupMembership
B. Install-AddsDomainController
C. Install-WindowsFeature
D. Install-AddsDomain
E. Rename-AdObject
F. Set-AdAccountControl
G. Set-AdGroup
H. Set-User
Answer: F
Explanation:
The Set-ADAccountControlcmdlet modifies the user account control (UAC) values for an Active Directory user or computer account. UAC values are represented by cmdlet parameters. CannotChangePassword Modifies the ability of an account to change its password. To disallow password change by the account set this to $true. This parameter changes the Boolean value of the CannotChangePassword property of an account. The following example shows how to specify the PasswordCannotChange parameter. -CannotChangePassword $false
References:
http://technet.microsoft.com/en-us/library/ee617249.aspx http://technet.microsoft.com/en-us/library/hh974723.aspx http://technet.microsoft.com/en-us/library/hh974722.aspx
Q7. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2 and a client computer named Computer1 that runs Windows 8. DC1 is configured as a DHCP server as shown in the exhibit. Computer1 is configured to obtain an IP address automatically.
You need to ensure that Computer1 can receive an IP address from DC1.
What should you do?
A. Disable the Allow filters.
B. Disable the Deny filters
C. Activate Scope [10.1.1.0] Contoso.com.
D. Authorize dc1.contoso.com.
Answer: D
Explanation:
A red down arrow indicates an unauthorized DHCP server. A DHCP server that is a domain controller or a member of an Active Directory domain queries Active Directory for the list of authorized servers (identified by IP address). If its own IP address is not in the list of authorized DHCP servers, the DHCP Server service does not complete its startup sequence and automatically shuts down.
Q8. - (Topic 3)
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. You need to install the Remote Desktop Services server role on Server2 remotely from Server1. Which tool should you use?
A. The dsadd.exe command
B. The Server Manager console
C. The Remote Desktop Gateway Manager console
D. The Install-RemoteAccess cmdlet
Answer: B
Q9. - (Topic 3)
Your network contains an Active Directory forest named contoso.com. The forest contains a child domain named europe.contoso.com. The europe.contoso.com child domain
contains a server named Server1 that runs Windows Server 2012 R2. You install the DHCP Server server role on Server1. You have access to the administrative accounts shown in the following table.
A. Admin1
B. Admin2
C. Admin3
D. Admin4
Answer: D
Explanation:
A. Local account can’t be used
B. Authorization needs to happen in contoso.com and must be an Ent Admin
C. Authorization needs to happen in contoso.com and must be an Ent Admin
D. Correct domain and is a member of Ent Admin’s
Q10. HOTSPOT - (Topic 1)
Your network contains an Active Directory domain named contoso.com.
Computer accounts for the marketing department are in an organizational unit (OU) named
Departments\Marketing\Computers. User accounts for the marketing department are in an OU named Departments\Marketing\Users. Marketing users can only log on to the client computers in the
Departments\Marketing\Computers OU.
You need to apply an application control policy to all of the marketing users.
Which Group Policy Object (GPO) should you configure?
To answer, select the appropriate GPO in the answer area.
Answer:
Q11. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2 and a client computer named Computer1 that runs windows 8.
DC1 is configured as a DHCP server as shown in the exhibit. (Click the Exhibit button.)
Computer1 is configured to obtain an IP address automatically.
You notice that Computer1 is unable to obtain an IP address from DC1.
You need to ensure that Computer1 can receive an IP address from DC1.
What should you do?
A. Disable the Allow filters.
B. Disable the Deny filters.
C. Authorize DC1.contoso.com.
D. Activate Scope [10.1.1.0] Contoso.com.
Answer: A
Explanation:
A red down arrow indicates an unauthorized DHCP server. A DHCP server that is a domain controller or a member of an Active Directory domain queries Active Directory for the list of authorized servers (identified by IP address). If its own IP address is not in the list of authorized DHCP servers, the DHCP Server service does not complete its startup sequence and automatically shuts down.
Q12. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server 1. Server1 runs Windows Server 2012 R2 and has the DHCP Server server role installed.
You create two IPv4 scopes on Server1. The scopes are configured as shown in the following table.
The DHCP clients in Subnet1 can connect to the client computers in Subnet2 by using an IP address or a FQDN.
You discover that the DHCP clients in Subnet2 can connect to client computers in Subnet1 by using an IP address only.
You need to ensure that the DHCP clients in both subnets can connect to any other DHCP client by using a FQDN.
What should you add?
A. The 015 DNS Domain Name option to Subnet1
B. The 015 DNS Domain Name option to Subnet2
C. The 006 DNS Servers option to Subnet2
D. The 006 DNS Servers option to Subnet1
Answer: C
Explanation:
References: http://technet.microsoft.com/en-us/library/ee941136%28v=WS.10%29.aspx Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 6: Network Administration, p.253
Q13. - (Topic 3)
You have a server named Server1 that runs Windows Server 2012 R2.
You try to install the Microsoft .NET Framework 3.5 Features feature on Server1, but the
installation fails repeatedly.
You need to ensure that the feature can be installed on Server1.
What should you do?
A. Run the Add-AppxProvisionedPackage cmdlet.
B. Remove the .NET Framework 4.5 Features feature.
C. Connect Server1 to the Internet.
D. Install the Web Server (IIS) server role.
Answer: C
Explanation:
The files needed are no longer available on the local Hard drive. We need to connect the server to the Internet. Important to note that when starting with Windows Server 2012 R2 and Windows 8, the feature files for .NET Framework 3.5 (which includes .NET Framework 2.0 and .NET Framework 3.0) are not available on the local computer by default. The files have been removed. Files for features that have been removed in a Features on Demand configuration, along with feature files for .NET Framework 3.5, are available through Windows Update. By default, if feature files are not available on the destination server that is running Windows Server 2012 R2 R2 Preview or Windows Server 2012 R2, the installation process searches for the missing files by connecting to Windows Update. You can override the default behavior by configuring a Group Policy setting or specifying an alternate source path during installation, whether you are installing by using the Add Roles and Features Wizard GUI or a command line.
References: Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2, Chapter 2: Configure server roles and Features, p. 117 Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 2: Deploying servers, p. 80
Q14. HOTSPOT - (Topic 1)
You have a shared folder named Share1. The folder permissions of Share1 are configured as shown in the Folder Permissions exhibit. (Click the Exhibit button.)
The Share permissions of Share1 are configured as shown in the Share Permissions exhibit. (Click the Exhibit button.)
You have a group named Group1. The members of Group1 are shown in the Group1 exhibit. (Click the Exhibit button.)
Select Yes if the statement can be shown to be true based on the available information; otherwise select No. Each correct selection is worth one point.
Answer:
Q15. - (Topic 2)
You have a server named Server1 that runs a Server Core Installation of Windows Server 2012 R2 Datacenter.
You have a WIM file that contains the four images of Windows Server 2012 R2 as shown in the Images exhibit. (Click the Exhibit button.)
You review the installed features on Server1 as shown in the Features exhibit. (Click the Exhibit button.)
You need to install the Server Graphical Shell feature on Server1.
Which two possible sources can you use to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Index 1
B. Index 2
C. Index 3
D. Index 4
Answer: B,D
Explanation:
These images (since they are Full GUI, not CORE), contain the binaries necessary to install all GUI elements. When you install Windows Server 2012 R2, you can choose between Server Core Installation and Server with a GUI. The “Server with a GUI” option is the Windows Server 2012 R2 equivalent of the Full installation option available in Windows Server 2008 R2. The “Server Core Installation” option reduces the space required on disk, the potential attack surface, and especially the servicing requirements, so we recommend that you choose the Server Core installation unless you have a particular need for the additional user interface elements and graphical management tools that are included in the “Server with a GUI” option. For this reason, the Server Core installation is now the default. Because you can freely switch between these options at any time later, one approach might be to initially install the Server with a GUI option, use the graphical tools to configure the server, and then later switch to the Server Core Installation option.
Reference: Windows Server Installation Options