Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. DRAG DROP - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and is configured as the only domain controller.
You need to retrieve a list of all the user accounts. The list must include the last time each user was authenticated successfully.
Which Windows PowerShell command should you run?
To answer, drag the appropriate cmdlet or property to the correct locations to complete the PowerShell command in the answer area. Each cmdlet or property may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q2. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
You need to ensure that the local administrator account on all computers is renamed to L.Admin.
Which Group Policy settings should you modify?
A. Restricted Groups
B. Security Options
C. User Rights Assignment
D. Preferences
Answer: B
Explanation:
In Group Policy Object Editor, click Computer Configuration, click Windows Settings, click Security Settings, click Local Policies, and then click Security Options. In the details pane, double-click Accounts: Rename administrator account. The Security Options node includes security settings regarding interactive logon, digital signing of data, restrictions of access to floppy and CD-ROM drives, unsigned driver installations as well as logon dialog box behavior. This category also includes options to configure authentication and communication security within Active Directory.
Q3. - (Topic 3)
You perform a Server Core Installation of Windows Server 2012 R2 on a server named Server1.
You need to add a graphical user interface (GUI) to Server1.
Which tool should you use?
A. The Install-WindowsFeature cmdlet
B. The Install-Module cmdlet
C. The Install-RoleService cmdlet
D. The setup.exe command
Answer: A
Explanation:
The DISM command is called by the Add-WindowsFeature commanD. Here is the syntax for DISM:
Dism /online /enable-feature /featurename:ServerCore-FullServer /featurename:Server-Gui-Shell /featurename:Server-Gui-Mgmt
Q4. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1. Server1 runs Windows Server 2012 R2.
You plan to create a shared folder. The shared folder will have a quota limit.
You discover that when you run the New Share Wizard, you cannot select the SMB Share
–
Advanced option.
You need to ensure that you can use SMB Share – Advanced to create the new share.
What should you do on Server1 before you run the New Share Wizard?
A. Run the Set-SmbShare cmdlet.
B. Install the File Server Resource Manager role service.
C. Configure Dynamic Access Control and Apply a central access policy.
D. Configure the Advanced system settings.
Answer: B
Q5. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2.Server1 has the Hyper-V server role installed. On Server1, you create a virtual machine named VM1.VM1 has a legacy network adapter.
You need to assign a specific amount of available network bandwidth to VM1.
What should you do first?
A. Remove the legacy network adapter, and then run the Set-VMNetworkAdapter cmdlet.
B. Add a second legacy network adapter, and then run the Set-VMNetworkAdopter cmdlet
C. Add a second legacy network adapter, and then configure network adapter teaming.
D. Remove the legacy network adapter, and then add a network adapter
Answer: D
Explanation:
A. Set-VMNetworkAdaptercmdlet configures features of the virtual network adapter in a virtual machine or the management operating system
B. The legacy network adapter doesn’t support bandwidth management
C. The legacy network adapter doesn’t support bandwidth management
D. Add a New network adapter The legacy network adapter doesn’t support bandwidth management
Q6. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains an application server named Server1. Server1 runs Windows Server 2012 R2. You have a client application named App1 that communicates to Server1 by using dynamic TCP ports.
On Server1, a technician runs the following command: New-NetFirewallRule -DisplayName AllowDynamic - Direction Outbound -LocalPort 1024- 65535 -Protocol TCP.
Users report that they can no longer connect to Server1 by using App1.
You need to ensure that App1 can connect to Server1.
What should you run on Server1?
A. Set-NetFirewallRule -DisplayName AllowDynamic -Action Allow
B. netsh advfirewall firewall set rule name=allowdynamic new action = allow
C. Set-NetFirewallRule -DisplayName AllowDynamic -Direction Inbound
D. netsh advfirewall firewall add rule name=allowdynamic action=allow
Answer: C
Q7. - (Topic 3)
You have a DNS server named DNS1 that runs windows server 2012 R2.
DNS1 is used to resolve the names of internet resources by using several DNS forwarders.
You need to prevent DNS1 from performing iterative queries if the DNS forwarders are unable to reslove the queries.
Which cmdlet should you use?
A. Remove-DNSServerRootHint
B. Set-DNSServerPrimaryZone
C. Ser-DNSServerGlobalNameZone
D. Unregister-DNSserverDrirectoryPartition
Answer: A
Q8. - (Topic 3)
Your network contains one Active Directory domain named contoso.com. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01.
You need to ensure that when administrators create users in contoso.com, the default user principal name (UPN) suffix is litwareinc.com.
Which cmdlet should you use?
A. the ntdsutil command
B. the Set-ADDomain cmdlet
C. the Install-ADDSDomain cmdlet
D. the dsadd command
E. the dsamain command
F. the dsmgmt command
G. the net user command
H. the Set-ADForest cmdlet
Answer: G
Explanation:
The following example demonstrates how to create a new UPN suffix for the
users in the Fabrikam.com forest:
Set-ADForest -UPNSuffixes @{Add="headquarters.fabrikam.com"}
Reference: Creating a UPN Suffix for a Forest
https://technet.microsoft.com/sv-se/library/Dd391925(v=WS.10).aspx
Q9. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed.
Contoso.com has a Hyper-V server, named ENSUREPASS-SR13, which hosts multiple virtual machines.
You have enabled the use of Single-root I/O virtualization.
Which of the following is TRUE with regards to using Single-root I/O virtualization? (Choose all that apply.)
A. It maximizes network throughput, while minimizing network latency.
B. It maximizes network throughput, as well as network latency.
C. It avoids the virtual switch stack and allows the virtual machine direct access to the actual network switch.
D. It prevents the virtual machine from accessing the network switch directly.
Answer: A,C
Explanation:
SR-IOV enables network traffic to bypass the software switch layer of the Hyper-V virtualizationstack. Because the VF is assigned to a child partition, the network traffic flows directly between the VF and child partition. As a result, the I/O overhead in the software emulation layer is diminished and achieves network performance that is nearly the same performance as in nonvirtualized environments.
Q10. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
You create a new inbound rule by using Windows Firewall with Advanced Security.
You need to configure the rule to allow Server1 to accept unsolicited inbound packets that are received through a network address translation (NAT) device on the network.
Which setting in the rule should you configure?
A. Interface types
B. Authorized computers
C. Remote IP address
D. Edge traversal
Answer: D
Explanation:
Edge traversal – This indicates whether edge traversal is enabled (Yes) or disabled (No). When edge traversal is enabled, the application, service, or port to which the rule applies is globally addressable and accessible from outside a network address translation (NAT) or edge device.
Select one of the following options from the list: Block edge traversal (default) – Prevent applications from receiving unsolicited traffic from the Internet through a NAT edge device. Allow edge traversal – Allow applications to receive unsolicited traffic directly from the Internet through a NAT edge device. Defer to user – Let the user decide whether to allow unsolicited traffic from the Internet through a NAT edge device when an application requests it. Defer to application – Let each application determine whether to allow unsolicited traffic from the Internet through a NAT edge device.
: http://technet.microsoft.com/en-us/library/cc731927.aspx
Q11. - (Topic 3)
A company’s server administration team would like to take advantage of the newest file systems available with Windows Server 2012 R2. The team needs a file system capable of managing extremely large data drives that can auto-detect data corruption and automatically perform needed repairs without taking a volume offline.
Which file system should the server administration team choose?
A. NFS
B. DFS
C. NTFS
D. ReFS
Answer: D
Explanation:
The ReFS (Resilient File System) is capable of managing extremely large data drives (1
YB Yottabyte), can auto-detect data corruption, and automatically perform needed repairs
without taking the volume offline.
Quick Tip: The command fsutil fsinfo volumeinfo x: will display the volume file system.
ReFS is only intended for data drives and not compatible with all Windows Server 2012 R2
file system technologies, however it is compatible with the new Storage Spaces.
Q12. - (Topic 1)
Your network contains an Active Directory domain named adatum.com. The domain contains several thousand member servers that run Windows Server 2012 R2.All of the computer accounts for the member servers are in an organizational unit (OU) named ServersAccounts.
Servers are restarted only occasionally.
You need to identify which servers were restarted during the last two days.
What should you do?
A. Run dsquery computer and specify the –staiepwd parameter.
B. Run Get-ADComputer and specify the SearchScope parameter.
C. Run Get-ADComputer and specify the IastLogon property.
D. Run dsquery server and specify the –o parameter
Answer: C
Q13. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. A server named Server1 is configured to encrypt all traffic by using IPSec.
You need to ensure that Server1 can respond to ping requests from computers that do not support IPSec.
What should you do?
A. From a command prompt, run netsh set global
autotuninglevel = highlyrestrictedcongestionprovider=none.
B. From a command prompt, run netsh set global autotuninglevel = restricted congestionprovider = ctcp.
C. From Windows Firewall with Advanced Security, allow unicast responses for the Domain Profile.
D. From Windows Firewall with Advanced Security, exempt ICMP from IPSec.
Answer: D
Q14. - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2.
You need to enable access-based enumeration for a file share on Server1.
Which tool should you use?
A. File Server Resource Manager (FSRM)
B. Share and Storage Management
C. Server Manager
D. File Explorer
Answer: C
Explanation:
Access-based enumeration displays only the files and folders that a user has permissions to access. It is a feature that was previously available as a downloadable package for the Windows Server. 2003 operating system (it was also included in Windows Server 2003 Service Pack 1). Access-based enumeration is now included in the Windows Server 2008 operating system, and you can enable it by using Share and Storage Management.
Q15. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 installed.
You have received instructions to install the Remote Desktop Services server role on a server, named ENSUREPASS-SR07. You want to achieve this remotely from a server, named ENSUREPASS-SR06.
Which of the following actions should you take?
A. You should consider accessing the Server Manager console on ENSUREPASS-SR07.
B. You should consider accessing the Server Manager console on ENSUREPASS-SR06.
C. You should consider accessing the TS Manager console on ENSUREPASS-SR07
D. You should consider accessing the TS Manager console on ENSUREPASS-SR06.
Answer: B