Tested of 70-412 sample question materials and secret for Microsoft certification for IT candidates, Real Success Guaranteed with Updated 70-412 pdf dumps vce Materials. 100% PASS Configuring Advanced Windows Server 2012 Services exam Today!
2016 Apr 70-412 Study Guide Questions:
Q106. Your network contains one Active Directory domain. The domain contains two Hyper-V
hosts named Host1 and Host2 that run Windows Server 2012 R2.
Host1 contains a virtual machine named VM1.
You plan to move VM1 to Host2.
You need to generate a report that lists any configuration issues on Host2 that will prevent
VM1 from being moved successfully.
Which cmdlet should you use?
Reference: Technet, Compare-VM https://technet.microsoft.com/en-us/library/hh848612(v=wps.630).aspx
Q107. Your network contains one Active Directory forest named contoso.com. The forest contains two child domains and six domain controllers. The domain controllers are configured as shown in the following table.
You need to enable universal group membership caching for the Europe office and Asia office sites.
What should you use?
Q108. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2.
You create a user account named User1 in the domain.
You need to ensure that User1 can use Windows Server Backup to back up Server1. The solution must minimize the number of administrative rights assigned to User1.
What should you do?
A. Add User1 to the Backup Operators group.
B. Add User1 to the Power Users group.
C. Assign User1 the Backup files and directories user right and the Restore files and directories user right.
D. Assign User1 the Backup files and directories user right.
Backup Operators have these permissions by default:
However the question explicitly says we need to minimize administrative rights. Since the requirement is for backing up the data only--no requirement to restore or shutdown--then assigning the "Back up files and directories user right" would be the correct answer.
Reference: Default local groups
http://technet.microsoft.com/en-us/library/cc787956(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc756898(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc771990.aspx
Your network contains an Active Directory domain named contoso.com. The relevant servers in the domain are configured as shown in the following table.
You plan to create a shared folder on Server1 named Share1. Share1 must only be accessed by users who are using computers that are joined to the domain.
You need to identify which servers must be upgraded to support the requirements of Share1.
In the table below, identify which computers require an upgrade and which computers do not require an upgrade. Make only one selection in each row. Each correct selection is worth one point.
Q110. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the
DHCP Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
You discover that client computers cannot obtain IPv4 addresses from DC1.
You need to ensure that the client computers can obtain IPv4 addresses from DC1.
What should you do?
A. Activate the scope.
B. Authorize DC1.
C. Disable the Allow filters.
D. Disable the Deny filters.
You have enabled the Allow list but haven't entered any MAC addresses, thus everyone is denied. Either Disable the Allow filters or start adding MAC addresses to the Allow filter.
Note: MAC address based filtering allows specific control over which clients have access to DHCP addresses. You can create a list of computers that are allowed to obtain DHCP addresses from the server by adding the client MAC address to the list of allowed client computers. By enabling the allow list, you automatically deny access to the DHCP server addresses to any client computer not on the list.
Reference: DHCP: If the allow list is enabled, MAC address filtering should be populated https://technet.microsoft.com/en-us/library/ee956897(v=ws.10)
Far out born to learn 70-412:
Q111. You have a server named LON-DC1 that runs Windows Server 2012 R2. An iSCSI virtual disk named VirtualiSCSI1.vhd exists on LON-DC1 as shown in the exhibit. (Click the Exhibit button.)
You create a new iSCSI virtual disk named VirtualiSCSI2.vhd by using the existing itgt
VirtualiSCSIl.vhd is removed from LON-DC1.
You need to assign VirtualiSCSI2.vhd a logical unit value of 0.
What should you do?
A. Run the Set-VirtualDisk cmdlet and specify the -Uniqueld parameter.
B. Run the Add-IscsiVirtualDiskTargetMapping cmdlet and specify the –Lun parameter.
C. Run the iscsicli command and specify the reportluns parameter.
D. Run the Set-IscsiVirtualDisk cmdlet and specify the –DevicePath parameter.
Explanation: The Add-IscsiVirtualDiskTargetMapping cmdlet assigns a virtual disk to an
iSCSI target. Once a virtual disk has been assigned to a target, and after the iSCSi initiator
connects to that target, the iSCSI initiator can access the virtual disk. All of the virtual disks
assigned to the same iSCSI target will be accessible by the connected iSCSI initiator.
Parameter include: -Lun<Int32>
Specifies the logical unit number (LUN) associated with the virtual disk. By default, the
lowest available LUN number will be assigned.
Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2.
Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the name appl.contoso.com.
The NLB cluster has the port rules configured as shown in the exhibit. (Click the Exhibit button.)
To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point.
Q113. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.
You are creating a file management task as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that the Include all folders that store the following kinds of data list displays an entry named Corporate Data.
What should you do?
A. Create a new file group.
B. Create a new classification property.
C. Modify the properties of the System Files file group.
D. Modify the Folder Usage classification property.
Classification properties are used to assign values to files. Reference: Working with File Classification
Q114. Your network contains an Active Directory domain named contoso.com. The domain
contains a certification authority (CA).
You suspect that a certificate issued to a Web server is compromised.
You need to minimize the likelihood that users will trust the compromised certificate.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Stop the Certificate Propagation service.
B. Modify the validity period of the Web Server certificate template.
C. Run certutil and specify the -revoke parameter.
D. Run certutil and specify the -deny parameter.
E. Publish the certificate revocation list (CRL).
Explanation: First revoke the certificate, then publish the CRL.
Q115. DRAG DROP
You have 3 server named Server1 that runs Windows Server 2012 R2. You are asked to test Windows Azure Online Backup to back up Server1. You need to back up Server1 by using Windows Azure Online Backup. Which four actions should you perform in sequence?
To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
Pinpoint exam ref 70-412 download:
Q116. Your network contains an Active Directory forest. The forest contains one domain named adatum.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
DC2 has all of the domain-wide operations master roles. DC3 has all of the forest-wide operation master roles.
You need to ensure that you can use Password Settings objects (PSOs) in the domain.
What should you do first?
A. Uninstall Active Directory from DC1.
B. Change the domain functional level.
C. Transfer the domain-wide operations master roles.
D. Transfer the forest-wide operations master roles.
In Windows Server 2008 and later, you can use fine-grained password policies to specify multiple password policies and apply different password restrictions and account lockout policies to different sets of users within a single domain.
Note: In Microsoft Windows 2000 and Windows Server 2003 Active Directory domains, you could apply only one password and account lockout policy, which is specified in the domain's Default Domain Policy, to all users in the domain. As a result, if you wanted different password and account lockout settings for different sets of users, you had to either create a password filter or deploy multiple domains. Both options were costly for different reasons.
Reference: AD DS Fine-Grained Password and Account Lockout Policy Step-by-Step Guide
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a server named Server1. Both servers run Windows Server 2012 R2.
You configure the classification of a share on Server1 as shown in the Share1 Properties exhibit. (Click the Exhibit button.)
You configure the resource properties in Active Directory as shown in the Resource Properties exhibit. (Click the Exhibit button.)
You need to ensure that the Impact classification can be assigned to Share1 immediately.
Which cmdlet should you run on each server?
To answer, select the appropriate cmdlet for each server in the answer area.
Q118. Your network contains an Active Directory forest named adatum.com. The forest contains an Active Directory Rights Management Services (AD RMS) cluster.
A partner company has an Active Directory forest named litwareinc.com. The partner company does not have AD RMS deployed.
You need to ensure that users in litwareinc.com can consume rights-protected content from adatum.com.
Which type of trust policy should you create?
A. At federated trust
B. A trusted user domain
C. A trusted publishing domain
D. Windows Live ID
In AD RMS rights can be assigned to users who have a federated trust with Active Directory Federation Services (AD FS). This enables an organization to share access to rights-protected content with another organization without having to establish a separate Active Directory trust or Active Directory Rights Management Services (AD RMS) infrastructure.
Reference: AD RMS and AD FS Considerations
Q119. Your network contains an Active Directory domain named corp.contoso.com.
You deploy Active Directory Rights Management Services (AD RMS).
You have a rights policy template named Template1. Revocation is disabled for the template.
A user named User1 can open content that is protected by Template1 while the user is connected to the corporate network.
When User1 is disconnected from the corporate network, the user cannot open the protected content even if the user previously opened the content.
You need to ensure that the content protected by Template1 can be opened by users who are disconnected from the corporate network.
What should you modify?
A. The User Rights settings of Template1
B. The templates file location of the AD RMS cluster
C. The Extended Policy settings of Template1
D. The exclusion policies of the AD RMS cluster
* The extended rights policy of a template controls how content licenses are to be implemented. The extended rights policy template settings are specified by using the Active Directory Rights Management Services (AD RMS) administration site. The available settings control persistence of author rights, whether trusted browsers are supported, license persistence within the content, and enforcement of any application-specific data.
* You can add trust policies so that AD RMS can process licensing requests for content that was rights protected.
Reference: Extended Policy Template Information; AD RMS and Server Design
Q120. Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other.
Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1.
You need to verify whether the replica of VM5 on Server1 is functional. The solution must ensure that VM5 remains accessible to clients.
What should you do from Hyper-V Manager?
A. On Server1, execute a Planned Failover.
B. On Server1, execute a Test Failover.
C. On Server2, execute a Planned Failover.
D. On Server2, execute a Test Failover.
Test Failover (TFO) is an operation initiated on your replica virtual machine (in this scenario on Server1) which allows you to test the sanity of the virtualized workload without interrupting your production workload or ongoing replication.
TFO is performed on the replica virtual machine by right-clicking on the VM and choosing the Test Failover operation (either from the Hyper-V Manager or from the Failover Clustering Manager).
Reference: Types of failover operations in Hyper-V Replica – Part I – Test Failover.
see more http://www.certshared.com/exam/70-412/
Microsoft 70-412 Certification Sample Questions and Answers: http://www.braindumpsall.net/70-412-dumps/
P.S. New 70-412 dumps PDF: http://www.4easydumps.com/70-412-dumps-download.html