Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. RAG DROP
Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server 1, Server2, Server3, and Server4. All servers run Windows Server 2012 R2.
Server1 and Server2 are located in a site named Site1. Server3 and Server4 are located in a site named Site2. The servers are configured as nodes in a failover cluster named Cluster1.
Cluster1 is configured to use the Node Majority quorum configuration.
You need to ensure that Server1 is the only server in Site1 that can vote to maintain quorum.
What should you run from Windows PowerShell?
To answer, drag the appropriate commands to the correct location. Each command may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q2. Your network contains two Active Directory forests named contoso.com and dev.contoso.com. The contoso.com forest contains a domain controller named DO. The dev.contoso.com forest contains a domain controller named DC2. Each domain contains an organizational unit (OU) named OU1.
Dev.contoso.com has a Group Policy object (GPO) named GP01. GP01 contains 200 settings, including several settings that have network paths. GP01 is linked to OU1.
You need to copy GP01 from dev.contoso.com to contoso.com.
What should you do first on DC2?
A. From the Group Policy Management console, right-click GPO1 and select Copy.
B. Run the mtedit.exe command and specify the /Domaintcontoso.com /DC: DC 1 parameter.
C. Run the Save-NetGpocmdlet.
D. Run the Backup-Gpocmdlet.
Answer: A
Explanation: To copy a Group Policy object:
In the GPMC console tree, right-click the GPO that you want to copy, and then click Copy.
To create a copy of the GPO in the same domain as the source GPO, right-click Group
Policy objects, click Paste, specify permissions for the new GPO in the Copy GPO box, and
then click OK .
For copy operations to another domain, you may need to specify a migration table.
The Migration Table Editor (MTE) is provided with Group Policy Management Console
(GPMC) to facilitate the editing of migration tables. Migration tables are used for copying or
importing Group Policy objects (GPOs) from one domain to another, in cases where the
GPOs include domain-specific information that must be updated during copy or import.
Source WS2008R2: Backup the existing GPOs from the GPMC, you need to ensure that
the “Group Policy Objects” container is selected for the “Backup Up All” option to be
available.
Copy a Group Policy Object with the Group Policy Management Console (GPMC)
You can copy a Group Policy object (GPO) either by using the drag-and-drop method or
right-click method.
Applies To: Windows 8, Windows Server 2008 R2, Windows Server 2012
Ref: http://technet.microsoft.com/en-us/library/cc785343(v=WS.10).aspx
http://technet.microsoft.com/en-us/library/cc733107.aspx
Q3. OTSPOT
Your network contains an Active Directory domain named contoso.com.
You need to identify whether the Company attribute replicates to the global catalog.
Which part of the Active Directory partition should you view?
To answer, select the appropriate Active Directory object in the answer area.
Answer:
Q4. OTSPOT
You have a Hyper-V host named HYPERV1. HYPERV1 hosts a virtual machine named
DC1.
You need to prevent the clock on DC1 from synchronizing from the clock on HYPERV1.
What should you configure? To answer, select the appropriate object in the answer area.
Answer:
81. Your network contains an Active Directory domain named adatum.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
DC3 loses network connectivity due to a hardware failure. You plan to remove DC3 from the domain.
You log on to DC3.
You need to identify which service location (SRV) records are registered by DC3.
What should you do?
A. Open the %windir%\system32\dns\backup\adatum.com.dns file.
B. Open the %windir%\system32\config\netlogon.dns file.
C. Run ipconfig /displaydns.
D. Run dcdiag /test:dns.
Q5. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed. Server1 is configured to delete automatically the DNS records of client computers that are no longer on the network. A technician confirms that the DNS records are deleted automatically from the contoso.com zone. You discover that the contoso.com zone has many DNS records for servers that were on the network in the past, but have not connected to the network for a long time.
You need to set the time stamp for all of the DNS records in the contoso.com zone.
What should you do?
A. From DNS Manager, modify the Advanced settings from the properties of Server1
B. From Windows PowerShell, run the Set-DnsServerResourceRecordAging cmdlet
C. From DNS Manager, modify the Zone Aging/Scavenging Properties
D. From Windows PowerShell, run the Set-DnsServerZoneAging cmdlet
Answer: D
Q6. You have a server named Server1 that runs Windows Server 2012 R2.
You need to configure Server1 to create an entry in an event log when the processor usage exceeds 60 percent.
Which type of data collector should you create?
A. A performance counter data collector
B. An event trace data collector
C. A performance counter alert
D. A configuration data collector
Answer: C
Q7. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed. Server1 has 8 GB of RAM.
Server1 hosts five virtual machines that run Windows Server 2012 R2.
The settings of a virtual machine named Server3 are configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that when Server1 restarts, Server3 automatically resumes without intervention. The solution must prevent data loss.
Which settings should you modify?
A. BIOS
B. Automatic Stop Action
C. Automatic Start Action
D. Integration Services
Answer: B
Explanation: The Automatic Stop Action setting should be modified because it will allow you to configure: “Save the virtual machine state” option instructs Hyper-V Virtual Machine Management Service to save the virtual machine state on the local disk when the Hyper-V Server shuts down. OR “Turn Off the virtual machine” is used by the Hyper-V Management Service (VMMS.exe) to gracefully turn off the virtual machine.
OR “Shut down the guest operating system” is successful only if the “Hyper-V Shutdown” guest service is running in the virtual machine. The guest service is required to be running in the virtual machine as the Hyper-V VMMS.EXE process will trigger Windows Exit message which is received by the service. Once the message is received by the guest service, it takes the necessary actions to shut down the virtual machine.
References: http://www.altaro.com/hyper-v/hyper-v-automatic-start-and-stop-action/
Q8. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the IP Address Management (IPAM) Server feature installed.
You have a support technician named Tech1. Tech1 is a member of the IPAM Administrators group on Server1 and Server2.
You need to ensure that Tech1 can use Server Manager on Server1 to manage IPAM on Server2.
To which group on Server2 should you add Tech1?
A. WinRMRemoteWMIUsers_
B. IPAM MSM Administrators
C. Remote Management Users
D. IPAM Administrators
Answer: A
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/13444.windows-server-2012servermanagertroubleshooting-guide-part-ii-troubleshoot- manageability-status-errors-inserver- manager.aspx Windows Server 2012 Server Manager Troubleshooting Guide, Part II: Troubleshoot Manageability Status Errors in Server Manager Error <computer name>: Configuration refresh failed with the following error: The metadata failed to be retrieved from the server, due to the following error: Access is denied. The user is attempting to manage the remote server with a credential that has only standard user (not a member of the Administrators group) access rights on the target server, and the user has not enabled standard user remote management of the target server. By default, an account with standard user access rights is not a part of the WinRM remote WMI user's group, and can perform limited management tasks on a remote server in Server Manager. To allow standard users more management access rights on a target server, run the Enable-ServerManagerStandardUserRemotingcmdlet on the target server, in a Windows PowerShell session that has been opened with elevated user rights (Run as Administrator). For more information about how to use this cmdlet (and disable standard user management access when it is no longer needed), see the cmdlet Help topic for nableServerManagerStandardUserRemoting [This link is external to TechNet Wiki. It will open in a new window.]
Q9. UESTION NO: 432 Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1.
Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed.
You have a virtual machine named VM1. VM1 has a checkpoint.You need to modify the Checkpoint File Location of VM1.
What should you do first?
A. Copy the checkpoint file
B. Delete the checkpoint
C. Shut down VM1
D. Pause VM1
Answer: B
Q10. OTSPOT
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2 and are configured as DNS servers. All DNS zones are Active Directory-integrated. Active Directory Recycle Bin is enabled.
You need to modify the amount of time deleted objects are retained in the Active Directory Recycle Bin.
Which naming context should you use?
To answer, select the appropriate naming context in the answer area.
Answer:
Q11. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has five
network adapters.
Three of the network adapters are connected to a network named LAN1.
The two other network adapters are connected to a network named LAN2.
You need to create a network adapter team from the three network adapters connected to
LAN1.
Which tool should you use?
A. Routing and Remote Access
B. Network Load Balancing Manager
C. Network and Sharing Center
D. Server Manager
Answer: D
Q12. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 and a domain controller named DC1. All servers run Windows Server 2012 R2.
A Group Policy object (GPO) named GPO1 is linked to the domain.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to ensure that authenticated users can request assistance when they are denied access to the resources on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Enable the Enable access-denied assistance on client for all file types policy setting for GPO1.
B. Configure the Customize message for Access Denied errors policy setting of GPO1.
C. Install the File Server Resource Manager role service on DC1.
D. Install the File Server Resource Manager role service on Server1.
E. Assign the Read Attributes NTFS permission on Folder1 to the Authenticated Users group.
Answer: A,D
Explanation: * To configure access-denied assistance by using Group Policy
Open Group Policy Management. In Server Manager, click Tools, and then click Group
Policy Management.
Right-click the appropriate Group Policy, and then click Edit.
Click Computer Configuration, click Policies, click Administrative Templates, click System,
and then click Access-Denied Assistance.
Right-click Customize message for Access Denied errors, and then click Edit.
Select the Enabled option.
Etc
*You can configure access-denied assistance within a domain by using Group Policy, or
you can configure the assistance individually on each file server by using the File Server
Resource Manager console.
Reference: Deploy Access-Denied Assistance
Q13. A global catalog server is available to directory clients when Domain Name System (DNS) servers can locate it as a global catalog server. In which order do the following events need to occur before the catalog server is ready?
A) The Net Logon service on the domain controller has updated DNS with global-catalogspecific service (SRV) resource records.
B) The isGlobalCatalogReadyrootDSE attribute is set to TRUE.
C) The global catalog receives replication of read-only replicas to the required occupancy level.
A. C then A, then B
B. B then C, then A
C. A then C, then B
D. C then B, then A
Answer: A
Explanation:
http://technet.microsoft.com/fr-fr/library/cc739901%28v=ws.10%29.aspx Verify global catalog readiness When a global catalog server has satisfied replication requirements, the isGlobalCatalogReady Root DSE attribute is set to TRUE and the global catalog is ready to serve clients.http://technet.microsoft.com/de-de/library/howglobal-catalog-serverswork%28v=ws.10%29.aspx How the Global Catalog Works Global Catalog Server Creation and Advertisement By default, before a domain controller advertises itself as a global catalog server in DNS, the global catalog contents must be replicated to the server. This process involves replication of a partial, read-only replica of every domain in the forest except for the domain for which the new global catalog server is authoritative. The duration of this process depends on how many domains the forest contains, the size of the domains, and the relative locations of source and destination domain controllers. If multiple domains are in the forest and if source domain controllers are located only in distant sites, the process takes longer than if all domains are in the same site or in only a few sites. When replication must occur between sites to create the global catalog, replication occurs according to the site link schedule. Requirements for Global Catalog Readiness By default, a global catalog server is not considered "ready" (the server advertises itself in DNS as a global catalog server) until all read-only directory partitions have been fully replicated to the new global catalog server. The Global Catalog Partition Occupancy registry entry under HKEY_Local_Machine\System \CurrentControlSet \Services \NTDS\Parameters determines the requirements for how many read- only directory partitions must be present on a domain controller for it to be considered a global catalog server, from no partitions (0) to all partitions (6). For domain controllers that run Windows Server 2003 or later, the default occupancy value requires that all read-only directory partitions be replicated to the global catalog server before the Net Logon service registers SRV resource records in DNS. For most conditions, this default provides the best option for ensuring that a global catalog server provides a consistent view of the directory. In less common circumstances, however, it might be useful to make the global catalog server available with an incomplete set of partial domain directory partitions for example, when delay of replication of a domain that is not required by users is jeopardizing their ability to log on.
Q14. Your network contains an Active Directory domain named contoso.com. Network Access Protection (NAP) is deployed to the domain.
You need to create NAP event trace log files on a client computer.
What should you run?
A. Register-EngineEvent
B. Tracert
C. Register-ObjectEvent
D. Logman
Answer: D
Explanation:
Register-ObjectEvent: Monitor events generated from .Net Framework Object. Register-EngineEvent: Subscribes to events that are generated by the Windows PowerShell engine and by the New-Event cmdlet.
http://technet.microsoft.com/en-us/library/hh849967.aspx
tracert: Trace IP route logman: Manages and schedules performance counter and event trace log collections on a local and remote systems. http://technet.microsoft.com/en-us/library/bb490956.aspx
Q15. Your network contains an Active Directory domain named adatum.com. The domain contains several thousand member servers that run Windows Server 2012 R2. All of the computer accounts for the member servers are in an organizational unit (OU) named ServersAccounts. Servers are restarted only occasionally.
You need to identify which servers were restarted during the last two days.
What should you do?
A. Run dsquery computer and specify the -sra /epwc parameter.
B. Run Get-ADComputer and specify the SearchScope parameter.
C. Run dsquery server and specify the -o parameter.
D. Run Get-ADComputer and specify the lastLogon property
Answer: D
Explanation:
http://technet.microsoft.com/en-us/library/ee617192.aspx
SearchScope Specifies the scope of an Active Directory search. Possible values for this
parameter are:
Base or 0
OneLevel or 1
Subtree or 2
A Base query searches only the current path or object.
A OneLevel query searches the immediate children of that path or object.
A Subtree query searches the current path or object and all children of that path or object.
http://technet.microsoft.com/en-us/library/cc732885%28v=ws.10%29.aspx
Dsquery server
-o {dn | rdn}
Specifies the format that dsquery uses to display the search results. A dn value displays
the distinguished name of each entry. An rdn value displays the relative distinguished
name of each entry. The default value is dn.
NB: epwc doesn't exist for Dsquery computer so even if i'm not sure it's the best way, the
only possible answer is using "Get-ADComputer and specify the lastLogon property"