Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC5. DC5 has a Server Core Installation of Windows Server 2012 R2.
You need to uninstall Active Directory from DC5 manually.
Which tool should you use?
A. The dsamain.exe command
B. The ntdsutil.exe command
C. The Remove-ADComputercmdlet
D. The Remove-WindowsFeaturecmdlet
Answer: C
Explanation:
The Remove-ADComputercmdlet removes an Active Directory computer.
Example: Remove-ADComputer -Identity "FABRIKAM-SRV4"
Remove one particular computer.
References:
http://technet.microsoft.com/en-us/library/ee662310.aspx
http://support.microsoft.com/kb/216498
http://technet.microsoft.com/en-us/library/ee617250.aspx
Q2. - (Topic 3)
You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed, and all workstations have Windows 8 installed.
You are running a training exercise for junior administrators. You are currently discussing a Windows PowerShell cmdlet that activates previously de-activated firewall rules.
Which of the following is the cmdlet being discussed?
A. Set-NetFirewallRule
B. Enable-NetFirewallRule
C. Set-NetIPsecRule
D. Enable-NetIPsecRule
Answer: B
Explanation:
Enable-NetFirewallRule – Enables a previously disabled firewall rule.
Q3. - (Topic 3)
Your network contains an Active Directory domain named adatum.com. The domain contains a member server named Server1 and a domain controller named DC2. All servers run Windows Server 2012 R2. On DC2, you open Server Manager and you add Server1 as another server to manage. From Server Manager on DC2, you right-click Server1 as shown in the exhibit. You need to ensure that when you right-click Server1, you see the option to run the DHCP console.
What should you do?
A. On Server1, install the Feature Administration Tools.
B. In the domain, add DC1 to the DHCP Administrators group.
C. On DC2 and Server1, run winrm quickconfig.
D. On DC2, install the Role Administration Tools.
Answer: D
Q4. - (Topic 2)
You have two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 are part of a workgroup.
On Server1, you add Server2 to Server Manager.
When you attempt to connect to Server2 from Server Manager, you receive the following error message: "Credentials not valid."
You need to ensure that you can manage Server2 from Server1 by using Server Manager on Server1.
What should you do?
A. On Server 2, run the Configure-SmRemoting cmdlet.
B. On Server 1, run the Set-NetFirewallRule cmdlet.
C. On Server 1, run the Set-Item cmdlet.
D. On Server 2, install the Remote Server Administration Tools (RSAT).
Answer: C
Explanation:
Since they are both workgroup members, server 2 will have to be added to server 1 as a trusted host
Q5. - (Topic 1)
Your network contains an Active Directory forest. The forest contains a single domain named contoso.com. The domain contains four domain controllers. The domain controllers are configured as shown in the following table.
All domain controllers are DNS servers.
You plan to deploy a new domain controller named DC5 in the contoso.com domain.
You need to identify which domain controller must be online to ensure that DC5 can be promoted successfully to a domain controller.
Which domain controller should you identify?
A. DC1
B. DC2
C. DC3
D. DC4
Answer: D
Explanation:
Relative ID (RID) Master: Allocates active and standby RID pools to replica domain controllers in the same domain. (corp.contoso.com). Must be online for newly promoted domain controllers to obtain a local RID pool that is required to advertise or when existing domain controllers have to update their current or standby RID pool allocation. The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID (SID) to the object. This SID consists of a domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that is unique for each security principal SID created in a domain. Each DC in a domain is allocated a pool of RIDs that it is allowed to assign to the security principals it creates. When a DC’s allocated RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain’s RID master. The domain RID master responds to the request by retrieving RIDs from the domain’s unallocated RID pool and assigns them to the pool of the requesting DC At any one time, there can be only one domain controller acting as the RID master in the domain.
The Infrastructure Master – The purpose of this role is to ensure that cross-domain object references are correctly handled. For example, if you add a user from one domain to a security group from a different domain, the Infrastructure Master makes sure this is done properly. As you can guess however, if your Active Directory deployment has only a single domain, then the Infrastructure Master role does no work at all, and even in a multi-domain environment it is rarely used except when complex user administration tasks are performed, so the machine holding this role doesn’t need to have much horsepower at all.
Q6. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed.
You create an external virtual switch named Switch1. Switch1 has the following configurations:
Connection type: External network
Single-root I/O virtualization (SR-IOV): Enabled
Ten virtual machines connect to Switch1.
You need to ensure that all of the virtual machines that connect to Switch1 are isolated from the external network and can connect to each other only. The solution must minimize network downtime for the virtual machines.
What should you do?
A. Remove Switch1 and recreate Switch1 as an internal network.
B. Change the Connection type of Switch1 to Private network.
C. Change the Connection type of Switch1 to Internal network.
D. Remove Switch1 and recreate Switch1 as a private network.
Answer: D
Explanation:
You cannot change the type of vswitch from external to private when SR-IOV is enabled at vswitch creation ->you need to recreate the vswitch.
Q7. - (Topic 1)
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2.
The domain contains a user named User1 and a global security group named Group1.
You need to add a new domain controller to the domain.
You install Windows Server 2012 R2 on a new server named DC3.
Which cmdlet should you run next?
A. Add-AdPrincipalGroupMembership
B. Install-AddsDomainController
C. Install WindowsFeature
D. Install AddsDomain
E. Rename-AdObject
F. Set-AdAccountControl
G. Set-AdGroup
H. Set-User
Answer: C
Explanation:
It is the 2nd step when installing a DC by powershell on a fresh server.
Q8. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2.
You need to create a 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. Computer Management
B. Server Manager
C. Share and Storage Management
D. New-VirtualDisk
Answer: A
Explanation:
For other questions to create a VHD (file) you can use computer management.
-Share and storage management (2008 only)
-New-storagesubsystemVirtualDisk (this is a virtual disk, NOT a virtual hard disk)
-Server Manager (you would use this to create virtual disks, not virtual hard disks)
Q9. DRAG DROP - (Topic 1)
You plan to deploy a DHCP server that will support four subnets. The subnets will be configured as shown in the following table.
You need to identify which network ID you should use for each subnet.
What should you identify?
To answer, drag the appropriate network ID to the each subnet in the answer area.
Answer:
Q10. - (Topic 3)
Your network contains an Active Directory domain named contoso.com.
All user accounts in the marketing department reside in an organizational unit (OU) named OU1.
You have a Group Policy object (GPO) named GPO1. GPO1 contains Folder Redirection settings. GPO1 has default permissions.
You discover that the Folder Redirection settings are not applied to the users in the marketing department.
You open Group Policy Management as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that the Folder Redirection settings in GPO1 apply to the marketing users.
What should you do?
A. Modify the Delegation settings of GPO1.
B. Enable the link of GPO1.
C. Enforce GPO1.
D. Modify the link order of GPO1.
Answer: C
Q11. HOTSPOT - (Topic 3)
Your network contains an Active Directory domain named contoso.com.
Technicians use Windows Deployment Services (WDS) to deploy Windows Server 2012 R2.
The network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed.
You need to ensure that you can use WDS to deploy Windows Server 2012 R2 to a virtual machine named VM1.
Which settings should you configure?
To answer, select the appropriate settings in the answer area.
Answer:
Q12. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. You log on to Server1. You need to retrieve the IP configurations of Server2. Which command should you run from Server1?
A. winrs -r:server2 ipconfig
B. winrm get server2
C. dsquery *-scope base-attr ip, server2
D. ipconfig > server2.ip
Answer: A
Q13. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 installed.
You have been instructed to modify an Active Directory computer object.
Which of the following actions should you take?
A. You should consider making use of the Get-ADComputer Windows PowerShell cmdlet.
B. You should consider making use of the Set-ADComputer Windows PowerShell cmdlet
C. You should consider making use of the New-ADComputer Windows PowerShell cmdlet
D. You should consider making use of the Get-ADComputerServiceAccount Windows PowerShell cmdlet
Answer: B
Explanation:
Set-ADComputer – Modifies an Active Directory computer object.
Q14. HOTSPOT - (Topic 2)
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2.Server1 hosts 50 virtual machines.
You need to create a script to list all of the virtual machines that have checkpoints and support Secure Boot.
What should you do? To answer, select the appropriate options in the answer area.
Answer:
Q15. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain contains an organizational unit (OU) named OU1.
You need to ensure that when new client computers join the domain, their computer accounts are created in OU1 by default.
What should you do?
A. From Windows PowerShell, run the Move-ADObjectcmdlet.
B. From a command prompt, run the redircmp.exe command.
C. From ADSI Edit, configure the properties of the OU1 object.
D. From Ldp, configure the properties of the Computers container.
Answer: B
Explanation:
Redirects the default container for newly created computers to a specified, target organizational unit (OU) so that newly created computer objects are created in the specific target OU instead of in CN=Computers. The CN=Computers container is a computer-protected object. For backward compatibility reasons, you cannot (and must not) remove it.
: http://technet.microsoft.com/en-us/library/cc770619.aspx