Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 1)
Your network contains an Active Directory forest named contoso.com.
The forest contains two domains named contoso.com and child.contoso.com and two sites named Site1 and Site2. The domains and the sites are configured as shown in following table.
When the link between Site1 and Site2 fails, users fail to log on to Site2.
You need to identify what prevents the users in Site2 from logging on to the child.contoso.com domain.
What should you identify?
A. The placement of the global catalog server
B. The placement of the infrastructure master
C. The placement of the domain naming master
D. The placement of the PDC emulator
Answer: D
Explanation:
The exhibit shows that Site2 does not have a PDC emulator. This is important because of the close interaction between the RID operations master role and the PDC emulator role. The PDC emulator processes password changes from earlier-version clients and other domain controllers on a best-effort basis; handles password authentication requests involving passwords that have recently changed and not yet been replicated throughout the domain; and, by default, synchronizes time. If this domain controller cannot connect to the PDC emulator, this domain controller cannot process authentication requests, it may not be able to synchronize time, and password updates cannot be replicated to it. The PDC emulator master processes password changes from client computers and replicates these updates to all domain controllers throughout the domain. At any time, there can be only one domain controller acting as the PDC emulator master in each domain in the forest.
Q2. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain have Windows Server 2012 R2 installed, while domain controllers have Windows Server 2008 R2 installed.
You are then tasked with deploying a new Windows Server 2012 R2 domain controller. You are preparing to install the DNS Server role, and enable the global catalog server option.
Which of the following actions should you take?
A. You should consider making use of Server Manager.
B. You should consider making use of the Active Directory Installation Wizard.
C. You should consider making use of the DHCP Installation Wizard
D. You should consider making use of TS Manager
Answer: A
Q3. HOTSPOT - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Hyperv1 and a domain controller named DC1. Hyperv1 has the Hyper-V server role installed. DC1 is a virtual machine on Hyperv1.
Users report that the time on their client computer is incorrect.
You log on to DC1 and verify that the time services are configured correctly.
You need to prevent time conflicts between the time provided by DC1 and other potential
time sources.
What should you configure?
To answer, select the appropriate object in the answer area.
Answer:
Q4. HOTSPOT - (Topic 2)
Your network contains a subnet named Subnet1. Subnet1 contains a DHCP server named
Server1.
You deploy a new subnet named Subnet2. On Subnet2, you deploy a new server named
Server2 that runs Windows Server 2012 R2.
You need to configure Server2 to route DHCP broadcast from Subnet2 to Server1.
Which server role should you install on Server2?
To answer, select the appropriate role in the answer area.
Answer:
Q5. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2.
On Server1, you open Computer Management as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can create a 3-TB volume on Disk 1.
What should you do first?
A. Create a storage pool.
B. Convert the disk to a GPT disk.
C. Create a VHD, and then attach the VHD.
D. Convert the disk to a dynamic disk.
Answer: B
Q6. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed.
Contoso.com has a domain controller, named ENSUREPASS-DC01.
You have been instructed to make sure that the Group Policy Administrative Templates are available centrally.
Which of the following actions should you take?
A. You should consider copying the policies folder to the PolicyDefinitions folder in the Contoso.com domain’s SYSVOL folder.
B. You should consider copying the PolicyDefinitions folder to the policies folder in the Contoso.com domain’s SYSVOL folder.
C. You should consider copying the PolicyDefinitions folder to the policies folder in the Contoso.com domain’s systemroot folder.
D. You should consider copying the PolicyDefinitions folder to the policies folder in the Contoso.com domain’s logonserver folder.
Answer: B
Explanation:
PolicyDefinitions folder within the SYSVOL folder hierarchy. By placing the ADMX files in this directory, they are replicated to every DC in the domain; by extension, the ADMX-aware Group Policy Management Console in Windows Vista, Windows 7, Windows Server 2008 and R2 can check this folder as an additional source of ADMX files, and will report them accordingly when setting your policies. By default, the folder is not created. Whether you are a single DC or several thousand, I would strongly recommend you create a Central Store and start using it for all your ADMX file storage. It really does work well. The Central Store To take advantage of the benefits of .admx files, you must create a Central Store in the SYSVOL folder on a domain controller. The Central Store is a file location that is checked by the Group Policy tools. The Group Policy tools use any .admx files that are in the Central Store. The files that are in the Central Store are later replicated to all domain controllers in the domain. To create a Central Store for .admx and .adml files, create a folder that is named PolicyDefinitions in the following location: \\FQDN\SYSVOL\FQDN\policies. Note: FQDN is a fully qualified domain name.
Q7. HOTSPOT - (Topic 3)
You have a server named Server1 that runs Windows Server 2012 R2.
Several users are members of the local Administrators group.
You need to ensure that all local administrators receive User Account Control (UAC)
prompts when they run a Microsoft Management Console (MMC).
Which settings should you modify from the Local Security Policy? To answer, select the
appropriate settings in the answer area.
Answer:
Q8. DRAG DROP - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2 and has the File and Storage Services server role installed.
On Server1, you create a share named Documents. The Share permission for the Documents share is configured as shown in the following table.
The NTFS permission for the Documents share is configured as shown in the following table.
You need to configure the Share and NTFS permissions for the Documents share.
The permissions must meet the following requirements:
. Ensure that the members of a group named Group1 can read files and run programs in Documents. . Ensure that the members of Group1 can modify the permissions on only their own
files in Documents. . Ensure that the members of Group1 can create folders and files in Documents. . Minimize the number of permissions assigned to users and groups.
How should you configure the permissions?
To answer, drag the appropriate permission to the correct location. Each permission may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q9. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. The domain contains a standalone server named Server2 that is located in a perimeter network. Both servers run Windows Server 2012 R2.
You need to manage Server2 remotely from Server1.
What should you do?
A. From Server1, run the Enable-PsRemotingcmdlet.
B. From Server2, run the winrm command.
C. From Server2/ run the Enable-PsRemotingcmdlet.
D. From Server1, run the winrm command.
Answer: D
Q10. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2.
You promote Server1 to a domain controller.
You need to view the service location (SRV) records that Server1 registers in DNS.
What should you do on Server1?
A. Open the Srv.sys file.
B. Open the Netlogon.dns file.
C. Run ipconfig /displaydns.
D. Run Get-DnsServerDiagnostics.
Answer: B
Explanation:
A. Timestamp server driver
B. Netlogon service creates a log file that contains all the locator resource records stored in netlogon.
C. used to display current resolver cache content
D. Gets DNS event logging details
Q11. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains an application server named Server1. Server1 runs Windows Server 2012 R2.
You have a client application named App1 that communicates to Server1 by using dynamic TCP ports.
On Server1, a technician runs the following command:
New-NetFirewallRule -DisplayNameAllowDynamic -Direction Outbound -LocalPort 1024-65535 -Protocol TCP. Users report that they can no longer connect to Server1 by using Appl.
You need to ensure that App1 can connect to Server1.
What should you run on Server1?
A. Set-NetFirewallRule -DisplayNameAllowDynamic -Action Allow
B. netshadvfirewall firewall add rule name=allowdynamic action-allow
C. netshadvfirewall firewall set rule name-allowdynamic new action- allow
D. Set-NetFirewallRule -DisplayNameAllowDynamic -Direction Inbound
Answer: D
Explanation:
When using the using the Windows Firewall with Advanced Security console. You can select the Inbound Rules node and scroll down in the list, you can see nine different Network Discovery rules. The Direction Inbound rule is the rule that will allow App1 to connect to Server1.
Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2, Chapter 6: Create and manage Group Policy, Objective 6.4: Configure Windows Firewall, p. 348 Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 6: Network Administration, Lesson 4: Configuring IPv6/IPv4 Interoperability, p. 269
Q12. DRAG DROP - (Topic 1)
You are configuring a multi-subnet IPv6 network for a regional office.
The corporate network administrator allocates the 2001:0db8:1234:0800: :/54 address space for your use.
You need to identify network IDs of the first and last subnets that you will be able to create at the office.
Which network IDs should you identify?
To answer, drag the appropriate network IDs to the correct subnets. Each network ID may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q13. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1.Server1 runs Windows Server 2012 R2.
You create a group Managed Service Account named gservice1.
You need to configure a service named Service1 to run as the gservice1 account.
How should you configure Service1?
A. From Services Console configure the recovery settings
B. From a command prompt, run sc.exe and specify the config parameter
C. From Windows PowerShell, run Set-Service and specify the -PassThrough parameter
D. From a command prompt, run sc.exe and specify the sdset parameter
Answer: B
Explanation:
Sc config, Modifies the value of a service’s entries in the registry and in the Service Control
Manager database.
obj= {<AccountName> | <ObjectName>}
Specifies a name of an account in which a service will run, or specifies a name of the
Windows driver object in
which the driver will run. The default setting is LocalSystem.
password= <Password>
Specifies a password. This is required if an account other than the LocalSystem account is
used.
Q14. - (Topic 3)
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 hosts 50 virtual machines that run Windows Server 2012 R2.
Your company uses smart cards for authentication.
You need to ensure that you can use smart card authentication when you connect to the virtual machine by using Virtual Machine Connection.
What should you configure?
A. The RemoteFX settings
B. The Enhanced Session Mode Policy
C. The NUMA Spanning settings
D. The Integration Services settings
Answer: B
Q15. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. You need to configure a central store for the Group Policy Administrative Templates.
What should you do on DC1?
A. From Server Manager, create a storage pool.
B. From Windows Explorer, copy the PolicyDefinitions folder to the SYSVOL\contoso.com\policies folder.
C. From Server Manager, add the Group Policy Management feature
D. From Windows Explorer, copy the PolicyDefinitions folder to the NETLOGON share.
Answer: B
Explanation:
A. Create Disk Storage Pool
B. PolicyDefinitions folder in SYSVOL
C. Group Policy Management is a console for GPO Mgmt
D. Folder is for logon scripts Policy Definitions folder within the SYSVOL folder hierarchy. By placing the ADMX files in this directory, they are replicated to every DC in the domain; by extension, the ADMX-aware Group Policy Management Console in Windows Vista, Windows 7, Windows Server 2008 and R2 can check this folder as an additional source of ADMX files, and will report them accordingly when setting your policies. By default, the folder is not created. Whether you are a single DC or several thousand, I would Strongly recommend you create a Central Store and start using it for all your ADMX file storage. It really does work well. The Central Store To take advantage of the benefits of .admx files, you must create a Central Store in the SYSVOL folder on a domain controller. The Central Store is a file location that is checked by the Group Policy tools. The Group Policy tools use any .admx files that are in the Central Store. The files that are in the Central Store are later replicated to all domain controllers in the domain. To create a Central Store for .admx and .adml files, create a folder that is named Policy Definitions in the following location: \\FQDN\SYSVOL\FQDN\policies