Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
Active Directory Recycle Bin is enabled.
You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago.
You need to restore the membership of Group1.
What should you do?
A. Perform an authoritative restore.
B. Perform a non-authoritative restore.
C. Recover the items by using Active Directory Recycle Bin.
D. Apply a virtual machine snapshot to VM1.
Answer: A
Explanation:
Authoritative restore allows the administrator to recover a domain controller, restore it to a specific point in time, and mark objects in Active Directory as being authoritative with respect to their replication partners. For example, you might need to perform an authoritative restore if an administrator inadvertently deletes an organizational unit containing a large number of users. If you restore the server from tape, the normal replication process would not restore the inadvertently deleted organizational unit. Authoritative restore allows you to mark the organizational unit as authoritative and force the replication process to restore it to all of the other domain controllers in the domain. Incorrect: Not C: A nonauthoritative restore returns the domain controller to its state at the time of backup and then allows normal replication to overwrite that state with any changes that occurred after the backup was taken. After you restore the system state, the domain controller queries its replication partners. The replication partners replicate any changes to the restored domain controller, ensuring that the domain controller has an accurate and updated copy of the Active Directory database.
Reference: Performing an Authoritative Restore
What should you do?
A. Export and import data by using Dsamain.
B. Apply a virtual machine snapshot to VM1.
C. Recover the items by using Active Directory Recycle Bin.
D. Modify the isRecycled attribute of Group1. Answer: A
Q2. Your network contains an Active Directory domain named contoso.com.
All user accounts reside in an organizational unit (OU) named OU1.
All of the users in the marketing department are members of a group named Marketing.
All of the users in the human resources department are members of a group named HR.
You create a Group Policy object (GPO) named GPO1.
You link GPO1 to OU1.
You configure the Group Policy preferences of GPO1 to add two shortcuts named Link1
and Link2 to the desktop of each user.
You need to ensure that Link1 only appears on the desktop of the users in Marketing and
that Link2 only appears on the desktop of the users in HR.
What should you configure?
A. Security Filtering
B. WMI Filtering
C. Group Policy Inheritance
D. Item-level targeting
Answer: D
85. You have a laptop named Computer 1. Computer1 runs Windows 8 Enterprise.
Computer1 has a wired network adapter and a wireless network adapter. Computer1 connects to a wireless network named Network1.
For testing purposes, you install Windows Server 2012 R2 on Computer1 as a second operating system. You install the drivers for the wireless network adapter.
You need to ensure that you can connect to Network1 from Windows Server 2012 R2.
What should you do?
A. From a local Group Policy object (GPO), configure the Wireless Network (IEEE 802.11) Policies settings.
B. From Server Manager, install the Wireless LAN Service feature.
C. Restart the WLAN AutoConfig service.
D. From a local Group Policy object (GPO), configure the settings of Windows Connection Manager.
Q3. OTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a member server named Server1. All servers run Windows Server 2012 R2.
You install the IP Address Management (IPAM) Server feature on Server1.
From the Provision IPAM wizard, you select the Group Policy Based provisioning method and enter a GPO name prefix of IPAM1.
You need to provision IPAM by using Group Policy.
What command should you run on Server1 to complete the process? To answer, select the appropriate options in the answer area.
Answer:
Q4. OTSPOT
Your network contains two Hyper-V hosts that are configured as shown in the following table.
You create a virtual machine on Server1 named VM1.
You plan to export VM1 from Server1 and import VM1 to Server2.
You need to ensure that you can start the imported copy of VM1 from snapshots.
What should you configure on VM1?
To answer, select the appropriate node in the answer area.
Answer:
19. You have a virtual machine named VM1 that runs on a host named Host1.
You configure VM1 to replicate to another host named Host2. Host2 is located in the same physical location as Host1.
You need to add an additional replica of VM1. The replica will be located in a different physical site.
What should you do?
A. From VM1 on Host2, click Extend Replication.
B. On Host1, configure the Hyper-V settings.
C. From VM1 on Host1, click Extend Replication.
D. On Host2, configure the Hyper-V settings.
Q5. Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1. Server1 runs Windows Server 2012.
You create a group Managed Service Account named gservice1.
You need to configure a service named Service1 to run as the gservice1 account.
How should you configure Service1?
A. From a command prompt, run sc.exe and specify the config parameter.
B. From a command prompt, run sc.exe and specify the sdset parameter.
C. From the Services console, configure the General settings.
D. From Windows PowerShell, run Set-Service and specify the -PassThrough parameter.
Answer: A
Explanation: To specify a binary path for the NEWSERVICE service, type: sc config NewService binpath= "ntsd -d c:\windows\system32\NewServ.exe" Reference: Sc config https://technet.microsoft.com/en-us/library/cc990290.aspx
http://technet.microsoft.com/en-us/library/cc738230(v=ws.10).aspx
Q6. Which terminology is being described below?
These trusts are sometimes necessary when users need access to resources that are located in a Windows NT 4.0 domain or in a domain that is in a separate Active Directory Domain Services (AD DS) forest that is not joined by a forest trust.
A. Shortcut Trusts
B. Realm Trusts
C. Forest Trusts
D. External Trust
Answer: D
Explanation:
You can create an external trust to form a one-way or two-way, nontransitive trust with domains that are outside your forest http://technet.microsoft.com/enus/library/cc775736%28v=ws.10%29.aspx Trust types
http://technet.microsoft.com/en-us/library/cc731297.aspx Understanding When to Create a Realm Trust When to create a realm trust You can establish a realm trust between any non-Windows Kerberos version 5 (V5) realm and an Active Directory domain. This trust relationship allows cross-platform interoperability with security services that are based on other versions of the Kerberos V5 protocol, for example, UNIX and MIT implementations. Realm trusts can switch from non transitive to transitive and back. Realm trusts can also be either one-way or two way.
Q7. ...
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 has following hardware configurations:
16 GB of RAM
A single quad-core CPU
Three network teams that have two network adapters each
You add additional CPUs and RAM to Server1.
You repurpose Server1 as a visualization host.
You install the Hyper-V server role on Server1.
You need to create four external virtual switches in Hyper-V.
Which cmdlet should you run first?
A. Set-NetAdapter
B. Add-NetLbfoTeamNic
C. Add-VMNetworkAdapter
D. Remove-NetLbfoTeam
Answer: D
Explanation:
You need 4 virtual switches but currently only have 3 teams available. You would need to
break a team first.
The Remove-NetLbfoTeamcmdlet removes the specified NIC team from the host.
Q8. RAG DROP
You have a file server named Server1 that runs Windows Server 2012 R2. The folders on Server1 are configured as shown in the following table.
A new corporate policy states that backups must use Microsoft Online Backup whenever possible. You need to identify which technology you must use to back up Server1. The solution must use Microsoft Online Backup whenever possible. What should you identify? To answer, drag the appropriate backup type to the correct location or locations. Each backup type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q9. You have a file server named Server1 that runs Windows Server 2012 R2. Server1 has following hardware configurations: 16 GB of RAM A single quad-core CPU Three network teams that have two network adapters each
You add additional CPUs and RAM to Server1. You repurpose Server1 as a virtualization host. You install the Hyper-V server role on Server1. You need to create four external virtual switches in Hyper-V.
Which cmdlet should you run first?
A. Add-NetLbfoTeamNic
B. Set-NetAdapter
C. Remove- NetLbfoTeam
D. Add-VMNetworkAdapter
Answer: D
Explanation:
Here we're talking about hardware network adapters which belong to NIC teams Each external virtual switch must be connected to a NIC or a NIC team, so we need 4 NICs or NIC teams but currently only have 3 teams available. =>we need to break a team first and then connect the two last external virtual switches to each of the 2 "liberated" NIC (an other solution could be to add one physical NIC and connect the last external virtual switch to it or add several (two or more) NICs, create a NIC team containing them and connect the external virtual switch to the NIC team) http://technet.microsoft.com/en-us/library/jj130848.aspx NIC Teaming (NetLBFO) Cmdlets in Windows PowerShell Remove-NetLbfoTeam: Removes the specified NIC team from the host. http://technet.microsoft.com/en-us/library/hh831648.aspx NIC Teaming Overview NIC Teaming, also known as load balancing and failover (LBFO), allows multiple network adapters on a computer to be placed into a team for the following purposes: Bandwidth aggregation Traffic failover to prevent connectivity loss in the event of a network component failure This feature has been a requirement for independent hardware vendors (IHVs) to enter the server network adapter market, but until now NIC Teaming has not been included in Windows Server operating systems. Requirements NIC Teaming requires the presence of a single Ethernet network adapter, which can be used for separating traffic that is using VLANs. All modes that provide fault protection through failover require at least two Ethernet network adapters. Windows Server?2012 supports up to 32 network adapters in a team.
Q10. Your manager has asked you to create various user objects using Windows PowerShell. Which of the following must you do to accomplish this?
A. Use the Create-User createUsert
B. Use the objUser = new OUUser statement
C. Use the AddUser method of ADSL
D. Invoke the Create method of OU
Answer: D
Explanation:
http://www.mysmallcorneroftheweb.co.uk/programming-softwaredevelopement/powershellcreatingconfiguring-a-active-directory-user The user is created by first defining the OU and then invoking the ou Create method.
Q11. A server named Server01 is running Server Core at your companies IT house. It is already configured with the AD DS role but you also want to add AD CS to the server. What must you do to add Active Directory Certificate Services (AD CS) to this server?
A. Reinstall the server with the full version of Windows Server 2008
B. Install the AD CS role
C. Install the RODC role
D. Install the AD FS role
Answer: B Explanation:
Server 2012 allows AD CS in core mode. http://technet.microsoft.com/en-us/library/hh831373.aspx What's New in AD CS? New and changed functionality Several new capabilities are available in the Windows Server 2012 R2 version of AD CS. They include: Integration with Server Manager Deployment and management capabilities from Windows PowerShell?All AD CS role services run on any Windows Server 2012 R2 version All AD CS role services can be run on Server Core Support for automatic renewal of certificates for non-domain joined computers Enforcement of certificate renewal with same key Support for international domain names Increased security enabled by default on the CA role service AD DS Site Awareness for AD CS and PKI Clients
Q12. You can create a printing pool to automatically distribute print jobs to the next available
printer. A printing pool is one logical printer connected to multiple printers through multiple
ports of the print server.
The printer that is idle receives the next document sent to the logical printer.
All printers in a pool must use the same driver. Is the above statement true or false?
A. True
B. False
Answer: A
Explanation:
Printer Pool requires identical hardware and drivers.
Q13. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the DNS Server server role installed.
The network contains client computers that run either Linux, Windows 7, or Windows 8.
You have a zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)
You plan to configure Name Protection on all of the DHCP servers.
You need to configure the adatum.com zone to support Name Protection.
What should you do?
A. Change the zone type.
B. Sign the zone.
C. Add a DNSKEY record.
D. Configure Dynamic updates.
Answer: D
Q14. You have 20 servers that run Windows Server 2012 R2.
You need to create a Windows PowerShell script that registers each server in Microsoft Azure Backup and sets an encryption passphrase.
Which two PowerShell cmdlets should you run in the script? (Each correct answer presents part of the solution. Choose two.)
A. Set-OBMachineSetting
B. Add-OBFileSpec
C. Start-OBRegistration
D. New OBPolicy
E. New-OBRetentionPolicy
Answer: A,C
Explanation:
D: Start-OBRegistration Registers the current computer with Windows Azure Online Backup using the credentials (username and password) created during enrollment.
E: The Set-OBMachineSettingcmdlet sets aOBMachineSetting object for the server that includes proxy server settings for accessing the internet, network bandwidth throttling settings, and the encryption passphrase that is required to decrypt the files during recovery to another server. Incorrect: Not C: TheAdd-OBFileSpeccmdlet adds theOBFileSpecobject, which specifies the items to include or exclude from a backup, to the backup policy (OBPolicyobject). TheOBFileSpecobject can include or exclude multiple files, folders, or volumes. T http://technet.microsoft.com/en-us/library/hh770416(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh770425(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh770424.aspx http://technet.microsoft.com/en-us/library/hh770398.aspx http://technet.microsoft.com/en-us/library/hh770409.aspx
Q15. Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2003. Windows Server 2008 R2.or Windows Server 2012 R2.
A support technician accidentally deletes a user account named User1.
You need to use tombstone reanimation to restore the User1 account.
Which tool should you use?
A. Active Directory Administrative Center
B. Ntdsutil
C. Ldp
D. Esentutl
Answer: C
Explanation:
ADAC would be the perfect solution if this environment was in 2008 R2 functional level; however it is currently below that due to there being a Windows Server 2003 DC. This means you must use the LDP utility as previously. http://technet.microsoft.com/en-us/library/hh831702.aspx