Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has 2 dual-
core processors and 16 GB of RAM.
You install the Hyper-V server role in Server1.
You plan to create two virtual machines on Server1. You need to ensure that both virtual
machines can use up to 8 GB of memory. The solution must ensure that both virtual machines can be started simultaneously. What should you configure on each virtual machine?
A. Dynamic Memory
B. NUMA topology
C. Memory weight
D. Ressource Control
Answer: A
Q2. RAG DROP
Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2.
A federated trust exists between adatum.com and contoso.com. The trust provides adatum.com users with access to contoso.com resources.
You need to configure Active Directory Federation Services (AD FS) claim rules for the federated trust.
The solution must meet the following requirements:
. In contoso.com, replace an incoming claim type named Group with an outgoing claim type named Role. . In adatum.com, allow users to receive their tokens for the relying party by using their Active Directory group membership as the claim type.
The AD FS claim rules must use predefined templates.
Which rule types should you configure on each side of the federated trust?
To answer, drag the appropriate rule types to the correct location or locations. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q3. Your network contains a domain controller named DC1 that runs Windows Server 2012 R2. You create a custom Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to collect the following information:
. The amount of Active Directory data replicated between DC1 and the other domain controllers . The current values of several registry settings
Which two should you configure in DCS1? (Each correct answer presents part of the solution. Choose two.)
A. Event trace data
B. A Performance Counter Alert
C. System configuration information
D. A performance counter
Answer: C,D
Q4. Your network contains an Active Directory domain named contoso.com.
A previous administrator implemented a Proof of Concept installation of Active Directory
Rights Management Services (AD RMS).
After the proof of concept was complete, the Active Directory Rights Management Services
server role was removed.
You attempt to deploy AD RMS.
During the configuration of AD RMS, you receive an error message indicating that an
existing AD RMS Service
Connection Point (SCP) was found.
You need to remove the existing AD RMS SCP.
Which tool should you use?
A. Active Directory Users and Computers
B. Active Directory Sites and Services
C. Authorization Manager
D. Active Directory Domains and Trusts
Answer: B
Q5. Your company deploys a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012 R2. The forest contains a domain controller named DC10.
On DC10, the disk that contains the SYSVOL folder fails.
You replace the failed disk. You stop the Distributed File System (DFS) Replication service. You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A. Active Directory Sites and Services
B. Dfsmgmt.msc
C. Ldp
D. Frsutil
Answer: B
Explanation:
http://support.microsoft.com/kb/2218556
Q6. Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012 R2. All client computers run either Windows 7 or Windows 8. The domain contains a member server named Server1 that runs Windows Server 2012 R2. Server1 has the File and Storage Services server role installed. On Server1, you create a share named Share1. You need to ensure that users can use Previous Versions to restore the files in Share1. What should you configure on Server1?
A. A data recovery agent
B. The Shadow Copies settings
C. The Recycle Bin properties
D. A Windows Server Backup schedule
Answer: B
Q7. Your network contains an Active Directory forest named adatum.com. All servers run Windows Server 2012 R2. The domain contains four servers.
The servers are configured as shown in the following table.
You need to deploy IP Address Management (IPAM) to manage DNS and DHCP.
On which server should you install IPAM?
A. Server1
B. Server2
C. Server3
D. Server4
Answer: D
Q8. Your network contains an Active Directory domain named contoso.com. The domain contains six domain controllers. The domain controllers are configured as shown in the following table.
The network contains a server named Server1 that has the Hyper-V server role installed. DC6 is a virtual machine that is hosted on Server1.
You need to ensure that you can clone DC6.
Which FSMO role should you transfer to DC2?
A. Rid master
B. Domain naming master
C. PDC emulator
D. Infrastructure master
Answer: C
Explanation:
The clone domain controller uses the security context of the source domain controller (the domain controller whose copy it represents) to contact the Windows Server 2012 R2 Primary Domain Controller (PDC) emulator operations master role holder (also known as flexible single master operations, or FSMO). The PDC emulator must be running Windows Server 2012 R2, but it does not have to be running on a hypervisor. http: //technet. microsoft. com/en-us/library/hh831734. aspx
Q9. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
An administrator installs the IP Address Management (IPAM) Server feature on a server named Server2. The administrator configures IPAM by using Group Policy based provisioning and starts server discovery.
You plan to create Group Policies for IPAM provisioning.
You need to identify which Group Policy object (GPO) name prefix must be used for IPAM Group Policies.
What should you do on Server2?
A. From Server Manager, review the IPAM overview.
B. Run the Get-IpamConfigurationcmdlet.
C. From Task Scheduler, review the IPAM tasks.
D. Run the ipamgc.exe tool.
Answer: A
Q10. You have a server named Served that runs Windows Server 2012 R2. Server1 has five network adapters.
Three of the network adapters are connected to a network named LAN1. The two other network adapters are connected to a network named LAN2. You create a network adapter team named Team1 from two of the adapters connected to LAN1. You create a network adapter team named Team2 from the two adapters connected to LAN2. A company policy states that all server IP addresses must be assigned by using a reserved address in DHCP. You need to identify how many DHCP reservations you must create for Server1.
How many reservations should you identify?
A. 2
B. 3
C. 5
D. 7
Answer: B
Explanation: 1 reservation for the NIC team on LAN1 1 reservation for the stand-alone NIC on LAN1 1 reservation for the NIC team on LAN2 => 3 reservations.
Q11. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. You create a user account named User1 in the domain.
You need to ensure that User1 can use Windows Server Backup to back up Server1.
The solution must minimize the number of administrative rights assigned to User1.
What should you do?
A. Assign User1 the Back up files and directories user right.
B. Add User1 to the Backup Operators group.
C. Add User1 to the Power Users group.
D. Assign User1 the Back up files and directories user right and the Restore files and directories user right.
Answer: A
Explanation:
Backup Operators have these permissions by default:
However the question explicitly says we need to minimize administrative rights. Since the
requirement is for backing up the data onlyno requirement to restore or shutdownthen assigning the "Back up files and directories user right" would be the correct.
Q12. Your network contains an Active Directory domain named contoso.com. The domain contains four servers named Server1, Server2, Server3, and Server4 that run Windows Server 2012 R2.
All servers have the Hyper-V server role and the Failover Clustering feature installed.
The servers are configured as shown in the following table.
You need to replicate virtual machines from Cluster1 to Cluster2.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)
A. From Hyper-V Manager on a node in Cluster2, create three virtual machines.
B. From Cluster2, add and configure the Hyper-V Replica Broker role.
C. From Failover Cluster Manager on Cluster1, configure each virtual machine for replication.
D. From Cluster1, add and configure the Hyper-V Replica Broker role.
E. From Hyper-V Manager on a node in Cluster2/ modify the Hyper-V settings.
Answer: B,C,D
Explanation:
These are two clusters, to replicate any VM to a cluster you need to configure the Replica Broker role on each cluster the last step should be enabling replication on the VMs.
Q13. RAG DROP
Your network contains an Active Directory forest named contoso.com.
Recently, all of the domain controllers that ran Windows Server 2003 were replaced by domain controllers that run Windows Server 2012 R2.
From Event Viewer, you discover SYSVOL journal wrap errors on a domain controller named dc10.contoso.com.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which three actions should you perform on DC10?
To answer, move the three appropriate actions from the list of actions to the answer area
and arrange them in the correct order.
Answer:
Q14. Your network contains an Active Directory domain named adatum.com.
You have a standard primary zone named adatum.com.
You need to provide a user named User1 the ability to modify records in the zone.
Other users must be prevented from modifying records in the zone.
What should you do first?
A. Run the Zone Signing Wizard for the zone
B. From the properties of the zone, change the zone type
C. Run the new Delegation Wizard for the zone
D. From the properties of the zone, modify the Start Of Authority (SOA) record
Answer: C
Q15. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)
A. Run Enable AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Edit the primary authentication global authentication policy settings.
D. Run Set-AdfsProxyPropertiesHttpPort 80.
E. Run Enable-AdfsDeviceRegistration.
Answer: C,E
Explanation:
* To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Enable seamless second factor authentication Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a ‘known’ device and administrators can use this information to drive conditional access and gate access to resources. To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.