Highest Quality of 70-411 practice test materials and practice exam for Microsoft certification for IT learners, Real Success Guaranteed with Updated 70-411 pdf dumps vce Materials. 100% PASS Administering Windows Server 2012 exam Today!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-411 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-411 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-411-exam-dumps.html
2021 Apr 70-411 exam answers
Q111. Your network contains an Active Directory domain named adatum.com.
You need to audit changes to the files in the SYSVOL shares on all of the domain controllers. The solution must minimize the amount of SYSVOL replication traffic caused by the audit.
Which two settings should you configure? (Each correct answer presents part of the solution. Choose two.)
A. Audit PolicyAudit system events
B. Advanced Audit Policy ConfigurationDS Access
C. Advanced Audit Policy ConfigurationGlobal Object Access Auditing
D. Audit PolicyAudit object access
E. Audit PolicyAudit directory service access
F. Advanced Audit Policy ConfigurationObject Access
Answer: D,F
Q112. Your network contains two Active Directory forests named adatum.com and contoso.com. The network contains three servers. The servers are configured as shown in the following table.
You need to ensure that connection requests from adatum.com users are forwarded to Server2 and connection requests from contoso.com users are forwarded to Server3.
Which two should you configure in the connection request policies on Server1? (Each correct answer presents part of the solution. Choose two.)
A. The Authentication settings
B. The Standard RADIUS Attributes settings
C. The Location Groups condition
D. The Identity Type condition
E. The User Name condition
Answer: A,E
Explanation:
The User Name attribute group contains the User Name attribute. By using this attribute, you can designate the user name, or a portion of the user name, that must match the user name supplied by the access client in the RADIUS message. This attribute is a character string that typically contains a realm name and a user account name. You can use pattern-matching syntax to specify user names.
By using this setting, you can override the authentication settings that are configured in all network policies and you can designate the authentication methods and types that are required to connect to your network. Forward requests to the following remote RADIUS server group . By using this setting, NPS forwards connection requests to the remote RADIUS server group that you specify. If the NPS server receives a valid Access-Accept message that corresponds to the Access-Request message, the connection attempt is considered authenticated and authorized. In this case, the NPS server acts as a RADIUS proxy
Connection request policies are sets of conditions and profile settings that give network administrators flexibility in configuring how incoming authentication and accounting request messages are handled by the IAS server. With connection request policies, you can create a series of policies so that some RADIUS request messages sent from RADIUS clients are processed locally (IAS is being used as a RADIUS server) and other types of messages are forwarded to another RADIUS server (IAS is being used as a RADIUS proxy). This capability allows IAS to be deployed in many new RADIUS scenarios.
With connection request policies, you can use IAS as a RADIUS server or as a RADIUS proxy, based on the time of day and day of the week, by the realm name in the request, by the type of connection being requested, by the IP address of the RADIUS client, and so on.
References: http: //technet. microsoft. com/en-us/library/cc757328. aspx
http: //technet. microsoft. com/en-us/library/cc753603. aspx
Q113. HOTSPOT
Your network contains a RADIUS server named Server1.
You install a new server named Server2 that runs Windows Server 2012 R2 and has Network Policy Server (NPS) installed.
You need to ensure that all accounting requests for Server2 are forwarded to Server1.
On Server2, you configure a Connection Request Policy.
What else should you configure on Server2? To answer, select the appropriate node in the answer area.
Answer:
Q114. HOTSPOT
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has two network adapters and is located in a perimeter network.
You need to install the RIP version 2 routing protocol on Server1.
Which node should you use to add the RIP version 2 routing protocol?
To answer, select the appropriate node in the answer area.
Answer:
Q115. Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2.
All client computers run Windows 8 Enterprise.
DC1 contains a Group Policy object (GPO) named GPO1.
You need to update the PATH variable on all of the client computers.
Which Group Policy preference should you configure?
A. Ini Files
B. Services
C. Data Sources
D. Environment
Answer: D
Explanation:
Environment Variable preference items allow you to create, update, replace, and delete user and system environment variables or semicolon-delimited segments of the PATH variable. Before you create an Environment Variable preference item, you should review the behavior of each type of action possible with this extension.
Renovate 70-411 exam fees:
Q116. Your network contains an Active Directory domain named contoso.com. All client computers run Windows 8.1.
The network contains a shared folder named FinancialData that contains five files.
You need to ensure that the FinancialData folder and its contents are copied to all of the client computers.
Which two Group Policy preferences should you configure? (Each correct answer presents part of the solution. Choose two.)
A. Shortcuts
B. Network Shares
C. Environment
D. Folders
E. Files
Answer: D,E
Explanation:
Folder preference items allow you to create, update, replace, and delete folders and their contents. (To configure individual files rather than folders, see Files Extension.) Before you create a Folder preference item, you should review the behavior of each type of action possible with this extension. File preference items allow you to copy, modify the attributes of, replace, and delete files. (To configure folders rather than individual files, see Folders Extension.) Before you create a File preference item, you should review the behavior of each type of action possible with this extension.
Q117. Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 R2.
You have a Password Settings object (PSOs) named PSO1.
You need to view the settings of PSO1.
Which tool should you use?
A. Get-ADDefaultDomainPasswordPolicy
B. Active Directory Administrative Center
C. Local Security Policy
D. Get-ADAccountResultantPasswordReplicationPolicy
Answer: B
Explanation:
In Windows Server 2012, fine-grained password policy management is made much easier than Windows Server 2008/2008 R2. Windows Administrators not have to use ADSI Edit and configure complicated settings to create the Password Settings Object (PSO) in the Password Settings Container. Instead we can configure fine-grained password policy directly in Active Directory Administrative Center (ADAC).
Q118. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed.
You log on to Server1 by using a user account named User2.
From the Remote Access Management Console, you run the Getting Started Wizard and you receive a warning message as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can configure DirectAccess successfully. The solution must minimize the number of permissions assigned to User2.
To which group should you add User2?
A. Enterprise Admins
B. Administrators
C. Account Operators
D. Server Operators
Answer: B
Explanation:
You must have privileges to create WMI filters in the domain in which you want to create the filter. Permissions can be changed by adding a user to the Administrators group.
Administrators (A built-in group) After the initial installation of the operating system, the only member of the group is the Administrator account. When a computer joins a domain, the Domain Admins group is added to the Administrators group. When a server becomes a domain controller, the Enterprise Admins group also is added to the Administrators group. The Administrators group has built-in capabilities that give its members full control over the system. The group is the default owner of any object that is created by a member of the group. This example logs in as a test user who is not a domain user or an administrator on the server. This results in the error specifying that DA can only be configured by a user with local administrator permissions.
References: http://technet.microsoft.com/en-us/library/cc780416(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc775497(v=ws.10).aspx
Q119. HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 has the Network Policy Server server role installed. Server2 has the DHCP Server server role installed. Both servers run Windows Server 2012 R2.
You are configuring Network Access Protection (NAP) to use DHCP enforcement.
You configure a DHCP scope as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that non-compliant NAP clients receive different DHCP options than compliant NAP clients.
What should you configure on each server? To answer, select the appropriate options for each server in the answer area.
Answer:
Q120. HOTSPOT
Your company has four offices. The offices are located in Montreal, Seattle, Sydney, and New York.
The network contains an Active Directory domain named contoso.com. The domain contains a server named Server2 that runs Windows Server 2012 R2. Server2 has the DHCP Server server role installed.
All client computers obtain their IPv4 and IPv6 addresses from DHCP.
You need to ensure that Network Access Protection (NAP) enforcement for DHCP applies to all of the client computers except for the client computers in the New York office.
Which two nodes should you configure? To answer, select the appropriate two nodes in the answer area.
Answer:
