It is impossible to pass Microsoft 70-414 exam without any help in the short term. Come to Exambible soon and find the most advanced, correct and guaranteed Microsoft 70-414 practice questions. You will get a surprising result by our Renew Implementing an Advanced Server Infrastructure practice guides.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-414 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-414 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-414-exam-dumps.html
Q11. - (Topic 8)
You administer a group of servers that run Windows Server 2012 R2.
You must install all updates. You must report on compliance with the update policy on a monthly basis.
You need to configure updates and compliance reporting for new devices.
What should you do?
A. Deploy the Microsoft Baseline Security Analyzer. Scan the servers and specify the /apply switch.
B. In Configuration Manager, deploy a new Desired Configuration Management baseline that includes all required updates.
C. Configure a new group policy to install updates monthly. Deploy the group policy to all servers.
D. In Operations Manager, create an override that enables the software updates management pack. Apply the new override to the servers.
Answer: C
Q12. HOTSPOT - (Topic 8)
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. System Center 2012 R2 Virtual Machine Manager (VMM) is deployed to the domain.
In VMM, you create a host group named HostGroup1. You add a 16-node Hyper-V failover cluster to HostGroup1. From Windows PowerShell, you run the following commands:
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
Q13. - (Topic 7)
Your network contains an Active Directory domain named contoso.com.
Your company has an enterprise root certification authority (CA) named CA1.
You plan to deploy Active Directory Federation Services (AD FS) to a server named
Server1.
The company purchases a Microsoft Office 365 subscription.
You plan to register the company's SMTP domain for Office 365 and to configure single sign-on for all users.
You need to identify which certificate is required for the planned deployment.
Which certificate should you identify?
A. a server authentication certificate that is issued by a trusted third-party root CA and that contains the subject name serverl.contoso.com
B. a self-signed server authentication certificate for server1.contoso.com
C. a server authentication certificate that is issued by a trusted third-party root CA and that contains the subject name Server1
D. a server authentication certificate that is issued by CA1 and that contains the subject name Server1
Answer: A
Explanation: Prepare Your Server and Install ADFS You can install ADFS on a domain controller or another server. You’ll first need to configure a few prerequisites. The following steps assume you’re installing to Windows Server 2008 R2.
Using Server Manager, install the IIS role and the Microsoft .NET Framework. Then purchase and install a server-authentication certificate from a public certificate authority. Make sure you match the certificate’s subject name with the Fully Qualified Domain Name of the server. Launch IIS Manager and import that certificate to the default Web site.
Reference: Geek of All Trades: Office 365 SSO: A Simplified Installation Guide
https://technet.microsoft.com/en-us/magazine/jj631606.aspx
Q14. - (Topic 6)
You need to enable virtual machine network health detection on all supported clusters.
What should you do?
A. On the virtual machine settings page for Cluster4, select the Protect network checkbox for each virtual machine on the cluster.
B. On the virtual machine settings page for Cluster1, select the Protect network checkbox for each virtual machine on the cluster.
C. On each guest virtual machine in Cluster4, configure protected access for the network interface card.
D. On each guest virtual machine in Cluster3, configure protected access for the network interface card.
E. On the virtual machine settings page for Cluster3, select the Protect network checkbox for each virtual machine on the cluster.
F. On each guest virtual machine in Cluster1, configure protected access for the network interface card.
Answer: B
Q15. - (Topic 7)
Your network contains an Active Directory domain named contoso.com.
You currently have an intranet web site that is hosted by two Web servers named Web1 and Web2. Web1 and Web2 run Windows Server 2012.
Users use the name intranet.contoso.com to request the web site and use DNS round robin.
You plan to implement the Network Load Balancing (NLB) feature on Web1 and Web2.
You need to recommend changes to the DNS records for the planned implementation.
What should you recommend?
A. Delete one of the host (A) records named Intranet. Modify the remaining host (A) record named Intranet.
B. Delete both host (A) records named Intranet. Create a pointer (PTR) record for each Web server.
C. Create a new host (A) record named Intranet. Remove both host (A) records for Web1 and Web2.
D. Create a service locator (SRV) record. Map the SRV record to Intranet.
Answer: C
Explanation: You must manually register the NLB cluster name in DNS by using a host (A) or (AAAA) record because DNS does not automatically register static IP addresses.
Reference: How to Configure Network Load Balancing for Configuration Manager Site Systems
https://technet.microsoft.com/en-us/library/bb633031.aspx
Q16. - (Topic 8)
You have a System Center 2012 R2 Configuration Manager deployment.
All users have client computers that run Windows 8.1. The users log on to their client computer as standard users.
An application named App1 is deployed to the client computers by using System Center.
You need to recommend a solution to validate a registry key used by App1. If the registry key has an incorrect value, the value must be changed. The registry key must be validated every day. The solution must generate a report on non-compliant computers.
What is the best approach to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A. Group Policy preferences
B. A desired configuration baseline
C. The Windows PowerShell Desired State Configuration (DSC) feature
D. The Microsoft Baseline Security Analyzer (MBSA)
Answer: B
Q17. - (Topic 8)
Your network contains an Active Directory forest named contoso.com. The forest contains multiple servers that run Windows Server 2012. The network contains 1,000 client computers that run Windows 7. Two hundred remote users have laptop computers and only work from home.
The network does not provide remote access to users.
You need to recommend a monitoring solution to meet the following requirements:
...
Generate a list of updates that are applied successfully to all computers.
Minimize the amount of bandwidth used to download updates.
An administrator must approve the installation of an update on any client
computer.
What should you include in the recommendation? (Each correct answer presents part of the solution. Choose all that apply.)
A. Microsoft Asset Inventory Service (AIS)
B. Windows InTune
C. Windows Server Update Services (WSUS)
D. Active Directory Federation Services (AD FS)
E. Microsoft System Center 2012 Service Manager
Answer: A,B,C
Q18. DRAG DROP - (Topic 8)
Your network contains two servers named Server1 and Server2 that run Windows Server
2012.
Server1 has the iSCSI Target Server role service installed and is configured to have five
iSCSI virtual disks.
You install the Multipath I/O (MPIO) feature on Server2. From the MPIO snap-in, you add support for iSCSI devices.
You need to ensure that Server2 can connect to the five iSCSI disks. The solution must
ensure that Server2 uses MPIO to access the disks.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area
and arrange them in the correct order.
Answer:
Q19. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The network contains two servers named Server1 and Server2.
You deploy Active Directory Certificate Services (AD CS). The certification authority (CA) is configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can issue certificates based on certificate templates.
What should you do?
A. On Server1, install the Network Device Enrollment Service role service.
B. Configure Server2 as a standalone subordinate CA.
C. On Server1, uninstall, and then reinstall AD CS.
D. On Server1, run the Add-CertificateEnrollmentPolicyServer cmdlet.
Answer: C
Explanation: In a typical CA infrastructure the Stand-alone CAs are primarily intended to be used as Trusted Offline RootCAs in a CA hierarchy or when extranets and the Internet are involved. In a stand-alone CA Certificatetemplates are not used. An enterprise CA uses certificate types, which are based on a certificate template
Q20. DRAG DROP - (Topic 5)
You need to implement the network Unlock feature to meet the BitLocker requirements.
In which order should you perform the actions? To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
