Our pass rate is high to 98.9% and the similarity percentage between our 70 417 pdf study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70 417 vce exam in just one try? I am currently studying for the Microsoft 70 417 pdf exam. Latest Microsoft 70 417 vce Test exam practice questions and answers, Try Microsoft 70 417 pdf Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-417 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-417 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-417-exam-dumps.html
Q101. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort.
Which tool should you use?
A. The Set-AdComputercmdlet
B. Group Policy Object Editor
C. Active Directory Users and Computers
D. Group Policy Management Console (GPMC)
Answer: D
Explanation:
In the previous versions of Windows, this was accomplished by having the user run
GPUpdate.exe on their computer. Starting with Windows Server? 2012 and Windows?8,
you can now remotely refresh Group Policy settings for all computers in an OU from one
central location through the Group Policy Management Console (GPMC). Or you can use
the Invoke-GPUpdate cmdlet to refresh Group Policy for a set of computers, not limited to
the OU structure, for example, if the computers are located in the default computers
container. Note: Group Policy Management Console (GPMC) is a scriptable Microsoft
Management Console (MMC) snap-in, providing a single administrative tool for managing
Group Policy across the enterprise. GPMC is the standard tool for managing Group Policy.
Incorrect:
Not B: Secedit configures and analyzes system security by comparing your current
configuration to at least one template.
Reference: Force a Remote Group Policy Refresh (GPUpdate)
Q102. Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Print and Document Services server role installed. You connect a new print device to the network. The marketing department and the sales department will use the print device.
You need to provide users from both departments with the ability to print to the network print device.
The solution must ensure that if there are multiple documents queued to print, the documents from the sales users print before the documents from the marketing users.
What should you do on Server1?
A. Add one printer. Modify the printer priority and the security settings.
B. Add two printers. Modify the priorities of each printer and the security settings of each printer.
C. Add two printers and configure printer pooling.
D. Add one printer and configure printer pooling.
Answer: B
Explanation:
http://wiki.answers.com/Q/How_do_you_set_different_print_priority_for_different_users
How do you set different print priority for different users? To set different print priority to
different groups Open Printers and Faxes.
Right-click the printer you want to set, click Properties, and then click the Advanced tab. In
Priority, click the up or down arrows, and then click OK. Or, type a priority level, where 1 is
the lowest level and 99 is the highest, and then click OK. Click Add Printer to add a second
logical printer for the same physical printer. For instructions.
Click the Advanced tab.
In Priority, set a priority higher than that of the first logical printer. Instruct the regular group
of users to use the first logical printer name and the group with higher priority to use the
second logical printer name. Set the appropriate permissions for the different groups.
NB:
http://technet.microsoft.com/en-us/library/cc757086%28v=ws.10%29.aspx
Creating a printing pool
You can create a printing pool to automatically distribute print jobs to the next available
printer. A printing pool is one logical printer connected to multiple printers through multiple
ports of the print server. The printer that is idle receives the next document sent to the
logical printer. This is useful in a network with a high volume of printing because it
decreases the time users wait for their documents. A printing pool also simplifies
administration because multiple printers can be managed from the same logical printer on
a server. With a printing pool created, the user prints a document without having to find out
which printer is available. The logical printer checks for an available port and sends
documents to ports in the order that they are added.
Adding the port connected to the fastest printer first ensures that documents are sent to the
printer that can print the fastest before they are routed to slower printers in the printing
pool. Before setting a printing pool, consider the following:
All printers in a pool must use the same driver.
Because users will not know which printer in the pool prints a given document, make sure
all printers in the pool are located in the same place.
Q103. OTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. Server1 is configured to resolve single-label names for DNS clients.
You need to view the number of queries for single-label names that are resolved by Server1.
What command should you run?
To answer, select the appropriate options in the answer area.
Answer:
Q104. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)
A. Run Enable AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Edit the primary authentication global authentication policy settings.
D. Run Set-AdfsProxyPropertiesHttpPort 80.
E. Run Enable-AdfsDeviceRegistration.
Answer: C,E
Explanation:
* To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Enable seamless second factor authentication Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a ‘known’ device and administrators can use this information to drive conditional access and gate access to resources. To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.
Q105. Your company deploys a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012 R2. The forest contains a domain controller named DC10.
On DC10, the disk that contains the SYSVOL folder fails.
You replace the failed disk. You stop the Distributed File System (DFS) Replication service. You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A. Active Directory Sites and Services
B. Dfsmgmt.msc
C. Ldp
D. Frsutil
Answer: B
Explanation:
http://support.microsoft.com/kb/2218556
Q106. Your network contains an Active Directory domain named contoso.com. Network Access Protection (NAP) is deployed to the domain.
You need to create NAP event trace log files on a client computer.
What should you run?
A. Register-EngineEvent
B. Tracert
C. Register-ObjectEvent
D. Logman
Answer: D
Explanation:
Register-ObjectEvent: Monitor events generated from .Net Framework Object. Register-EngineEvent: Subscribes to events that are generated by the Windows PowerShell engine and by the New-Event cmdlet.
http://technet.microsoft.com/en-us/library/hh849967.aspx
tracert: Trace IP route logman: Manages and schedules performance counter and event trace log collections on a local and remote systems. http://technet.microsoft.com/en-us/library/bb490956.aspx
Q107. OTSPOT
You have a server named Server1 that runs Windows Server 2012 R2. Server1 does not have Internet connectivity.
All roles are removed completely from Server1.
You mount a Windows Server 2012 R2 installation image to the C:\Source folder.
You need to install the DNS Server server role on Server1.
Which folder should you use as the source?
To answer, select the appropriate folder in the answer area.
Answer:
211. Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2.
DirectAccess is deployed to the network.
Remote users connect to the DirectAccess server by using a variety of network speeds.
The remote users report that sometimes their connection is very slow.
You need to minimize Group Policy processing across all wireless wide area network
(WWAN) connections.
Which Group Policy setting should you configure?
A. Configure Direct Access connections as a fast network connection.
B. Change Group Policy processing to run asynchronously when a slow network connection is detected.
C. Configure Group Policy slow link detection.
D. Configure wireless policy processing.
Answer: C
Q108. Your manager has asked you to create various user objects using Windows PowerShell. Which of the following must you do to accomplish this?
A. Use the Create-User createUsert
B. Use the objUser = new OUUser statement
C. Use the AddUser method of ADSL
D. Invoke the Create method of OU
Answer: D
Explanation:
http://www.mysmallcorneroftheweb.co.uk/programming-softwaredevelopement/powershellcreatingconfiguring-a-active-directory-user The user is created by first defining the OU and then invoking the ou Create method.
Q109. RAG DROP
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1. All servers run Windows Server 2012 R2.
All domain user accounts have the Division attribute automatically populated as part of the user provisioning process. The Support for Dynamic Access Control and Kerberos armoring policy is enabled for the domain.
You need to control access to the file shares on Server1 based on the values in the Division attribute and the Division resource property.
Which three actions should you perform in sequence?
Answer:
Q110. A user from your organisation has reported to the IT helpdesk that they are receiving the following message:
"Your account is configured to prevent you from using the computer. Please try another computer."
What should you do to enable them to log on to their computer?
A. Use the Dsmove command
B. Click the Log On To button on the Account tab of her user account
C. None of these
D. Click the Allowed To Join Domain button in the New Computer dialog box
Answer: B
Explanation:
The error message is about the user account configuration. This can be set here:
