Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
You create a security template named Template1 by using the Security Templates snap-in.
You need to apply Template1 to Server2.
Which tool should you use?
A. Authorization Manager
B. Local Security Policy
C. Certificate Templates
D. System Configuration
Answer: B
Explanation:
A security policy is a combination of security settings that affect the security on a computer. You can use your local security policy to edit account policies and local policies on your local computer.
Q2. - (Topic 1)
Your network contains a server named Server1 that runs Windows Server 2012
R2.Server1 has the Hyper-V server role installed.
Server1 hosts four virtual machines named VM1, VM2, VM3, and VM4.
Server1 is configured as shown in the following table.
You install Windows Server 2012 R2 on VM2 by using Windows Deployment Services (WDS).
You need to ensure that the next time VM2 restarts, you can connect to the WDS server by using PXE.
Which virtual machine setting should you configure for VM2?
A. NUMA topology
B. Resource control
C. resource metering
D. virtual Machine Chimney
E. The VLAN ID
F. Processor Compatibility
G. The startup order
H. Automatic Start Action
I. Integration Services
J. Port mirroring
K. Single-root I/O virtualization
Answer: G
Explanation:
Configure the BIOS of the computer to enable PXE boot, and set the boot order so that it is booting from the network is first.
References: http://technet.microsoft.com/en-us/library/cc766320(v=ws.10).aspx Exam Ref 70-410, Installing and Configuring Windows Server 2012 R2, Chapter 3: Configure Hyper-V, Objective 3.1: Create and Configure virtual machine settings, p.144 Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 7: Hyper-V Virtualization, Lesson 2: Deploying and configuring virtual machines, p.335
Q3. HOTSPOT - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed.
You need to implement NIC teaming on Server1.
Which two network connections should you include on the NIC team? (To answer, select the two appropriate network connections in the answer area.)
Answer:
Q4. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed.Server2 is a file server.
Your company introduces a Bring Your Own Device (BYOD) policy.
You need to ensure that users can use a personal device to access domain resources by using Single Sign-On (SSO) while they are connected to the internal network.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Enable the Device Registration Service in Active Directory.
B. Publish the Device Registration Service by using a Web Application Proxy.
C. Configure Active Directory Federation Services (AD FS) for the Device Registration Service.
D. Install the Work Folders role service on Server2.
E. Create and configure a sync share on Server2.
Answer: A,C
Explanation:
*Prepare your Active Directory forest to support devices. This is a one-time operation that you must run to prepare your Active Directory forest to support devices. To prepare the Active Directory forest On your federation server, open a Windows PowerShell command window and type: Initialize-ADDeviceRegistration *Enable Device Registration Service on a federation server farm node. To enable Device Registration Service:
1. On your federation server, open a Windows PowerShell command window and type: Enable-AdfsDeviceRegistration.
2. Repeat this step on each federation farm node in your AD FS farm.
Q5. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. You log on to Server1. You need to retrieve the IP configurations of Server2. Which command should you run from Server1?
A. winrs -r:server2 ipconfig
B. winrm get server2
C. dsquery *-scope base-attr ip, server2
D. ipconfig > server2.ip
Answer: A
Q6. - (Topic 3)
You work as an administrator at ABC.com. The ABC.com network consists of a single domain named ABC.com. All servers in the ABC.com domain, including domain controllers, have Windows Server 2012 R2 installed.
ABC.com has a domain controller, named ABC-DC01, which contains the ABC.com domain’s primary DNS zone. ABC.com’s workstations refer to ABC-DC01 as their primary DNS server.
You have been instructed to make sure that any DNS requests that are not for the ABC.com domain, is resolved by ABC-DC01 querying the DNS server of ABC.com’s Internet Service Provider (ISP).
Which of the following actions should you take?
A. You should consider configuring a reverse lookup zone.
B. You should consider configuring forward lookup zone.
C. You should consider configuring Forwarders.
D. You should consider configuring 019 IP Layer Forwarding.
Answer: C
Explanation:
A forwarder is a Domain Name System (DNS) server on a network that forwards DNS queries for external DNS names to DNS servers outside that network. You can also forward queries according to specific domain names using conditional forwarders. You designate a DNS server on a network as a forwarder by configuring the other DNS servers in the network to forward the queries that they cannot resolve locally to that DNS server. By using a forwarder, you can manage name resolution for names outside your network, such as names on the Internet, and improve the efficiency of name resolution for the computers in your network.
Q7. - (Topic 2)
Your network contains an Active Directory domain named adatum.com. The domain contains a member server named L0N-DC1. L0N-DC1 runs Windows Server 2012 R2 and has the DHCP Server server role installed.
The network contains 100 client computers and 50 IP phones. The computers and the phones are from the same vendor.
You create an IPv4 scope that contains addresses from 172.16.0.1 to 172.16.1.254.
You need to ensure that the IP phones receive IP addresses in the range of 172.16.1.100 to 172.16.1.200. The solution must minimize administrative effort.
What should you create?
A. Server level policies
B. Reservations
C. Filters
D. Scope level policies
Answer: D
Explanation:
The scope is already in place.
Scope level policies are typically settings that only apply to that scope. They can also
overwrite a setting that was set at the server level.
When a client matches the conditions of a policy, the DHCP server responds to the clients
based on the settings of a policy.
Settings associated to a policy can be an IP address range and/or options.
An administrator could configure the policy to provide an IP address from a specified sub-range within the overall IP address range of the scope.
You can also provide different option values for clients satisfying this policy.
Policies can be defined server wide or for a specific scope.
A server wide policy – on the same lines as server wide option values – is applicable to all
scopes on the DHCP server.
A server wide policy however cannot have an IP address range associated with it.
There a couple of ways to segregate clients based on the type of device. One way to do
this is by using vendor class/identifier.
This string sent in option 60 by most DHCP clients identify the vendor and thereby the type
of the device.
Another way to segregate clients based on device type is by using the MAC address prefix.
The first three bytes of a MAC address is called OUI and identify the vendor or
manufacturer of the device.
By creating DHCP policies with conditions based on Vendor Class or MAC address prefix,
you can now segregate the clients in your subnet in such a way, that devices of a specific
type get an IP address only from a specified IP address range within the scope. You can
also give different set of options to these clients.
In conclusion, DHCP policies in Windows Server 2012 R2 enables grouping of
clients/devices using the different criteria and delivering targeted network configuration to
them.
Policy based assignment in Windows Server 2012 R2 DHCP allows you to create simple
yet powerful rules to administer DHCP on your network.
References: Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 6: Network Administration, p.253
Q8. - (Topic 1)
Your network contains multiple subnets.
On one of the subnets, you deploy a server named Server1 that runs Windows Server 2012 R2.
You install the DNS Server server role on Server1, and then you create a standard primary zone named contoso.com.
You need to ensure that client computers can resolve single-label names to IP addresses.
What should you do first?
A. Create a reverse lookup zone.
B. Convert the contoso.com zone to an Active Directory-integrated zone.
C. Configure dynamic updates for contoso.com.
D. Create a GlobalNames zone.
Answer: B
Explanation:
Although a GlobalNames zone is required in order to resolve single-label names, GNZs
must be AD-integrated.
Since this is a standard primary zone (as opposed to an ADDS primary zone), we must first
integrate the zone into Active Directory.
References:
Exam Ref: 70-410: Installing and Configuring Windows Server 2012 R2, Chapter4:
Deploying and configuring core network services, Objective 4.3: Deploy and Configure the
DNS service, p.233
http://technet.microsoft.com/en-us/library/cc731744.aspx
Q9. - (Topic 3)
You have a server named Server1. Server1 runs Windows Server 2012 R2 and is located in a perimeter network.
You need to configure a custom connection security rule on Server1. The rule must encrypt network communications across the Internet to a computer at another company.
Which authentication method should you configure in the connection security rule?
A. Advanced
B. User (Kerberos V5)
C. Default
D. Computer (Kerberos V5)
E. Computer and user (Kerberos V5)
Answer: A
Explanation:
You need to make use of Advanced authentication method to ensure that communication is
encrypted over the network to the other company from your custom connection security
rule on Server1.
References:
http://technet.microsoft.com/en-us/library/bb742516.aspx
Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 8: File
Services and Storage, p. 428
Q10. - (Topic 3)
You have a file server named File1 that runs Windows Server 2012 R2.
File1 contains a shared folder named Share1. Share1 contains an Application named
SalesAppl.exe.
The NTFS permissions for Share1 are shown in the following table.
The members of L_Sales discover that they cannot add files to Share1. Domain users can run SalesAppl.exe successfully.
You need to ensure that the members of L_Sales can add files to Share1.
What should you do?
A. Add the Domain Users group to L_Sales.
B. Add L_Sales to the Domain Users group.
C. Edit the Share permissions.
D. Edit the NTFS permissions.
Answer: C
Explanation:
Based on the NTFS permissions, these users should be able to add files (as they have the “write” permission), so they must have read-only share permissions preventing them from doing so.
Q11. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1. Server1 runs Windows Server 2012 R2.
You plan to create a shared folder. The shared folder will have a quota limit.
You discover that when you run the New Share Wizard, you cannot select the SMB Share
–
Advanced option.
You need to ensure that you can use SMB Share – Advanced to create the new share.
What should you do on Server1 before you run the New Share Wizard?
A. Run the Set-SmbShare cmdlet.
B. Install the File Server Resource Manager role service.
C. Configure Dynamic Access Control and Apply a central access policy.
D. Configure the Advanced system settings.
Answer: B
Q12. - (Topic 2)
Your network contains a file server named Server1 that runs Windows Server 2012 R2.All client computers run Windows 8.
You need to ensure that when users are connected to the network, they always use local offline files that are cached from Server1.
Which Group Policy setting should you configure?
A. Configure slow-link mode.
B. Configure Slow link speed
C. Enable file synchronization on costed networks
D. Turn on economical application of Administratively assigned Offline Files.
Answer: A
Explanation:
A. Offline Files to provide faster access to cached files and redirected folders.
B. Defines a slow connection for purposes of Applying and updating Group Policy.
C. automatically tracks roaming and bandwidth usage limits while on metered connections
D. Lists network files and folders that are always available for offline use. This policy makes the specified files and folders available offline to users of the computer. When Offline Files is operating in the slow-link mode, all network file requests are satisfied from the OfflineFiles cache. This is similar to a user working offline. If you enable this policy setting, Offline Files uses the slow-link mode if the network throughput between the client and the server is below (slower than) the Throughput threshold parameter, or if the round-trip network latency is above (slower than) the Latency threshold parameter.
Q13. DRAG DROP - (Topic 3)
You plan to deploy a DHCP server that will support four subnets. The subnets will be configured as shown in the following table:
You need to identify which network ID you should use for each subnet. What should you identify? To answer, drag the appropriate network ID to the each subnet in the answer area.
Answer:
Q14. - (Topic 3)
You run a Windows Server 2012 R2, what is the PowerShell command to set preferred dns server. Note: Other config such as ip address should not be changed.
A. Register-DnsClient
B. Set-DnsClient
C. Set-DnsPreferredClientServerAddress
D. Set-DnsClientServerAddress
Answer: D
Q15. - (Topic 3)
Your network contains an Active Directory domain named adatum.com. The domain contains a file server named Server2 that runs Windows Server 2012 R2. Server2 contains a shared folder named Home. Home contains the home folder of each user.
All users have the necessary permissions to access only their home folder.
A user named User1 opens the Home share as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that all users see only their own home folder when they access Home.
What should you do from Server2?
A. From Windows Explorer, modify the properties of Home.
B. From Server Manager, modify the properties of the volume that contains Home.
C. From Windows Explorer, modify the properties of the volume that contains Home.
D. From Server Manager, modify the properties of Home.
Answer: D
Explanation:
Access-based Enumeration is a new feature included with Windows Server 2003 Service Pack 1. This feature based file servers to list only the files and folders to which they have allows users of Windows Server 2003 access when browsing content on the file server. This eliminates user confusion that can be caused when users connect to a file server and encounter a large number of files and folders that they cannot access. Access-based Enumeration filters the list of available files and folders on a server to include only those that the requesting user has access to. This change is important because this allows users to see only those files and directories that they have access to and nothing else. This mitigates the scenario where unauthorized users might otherwise be able to see the contents of a directory even though they don’t have access to it.