It is more faster and easier to pass the Microsoft 70 417 vce exam by using Simulation Microsoft Upgrading Your Skills to MCSA Windows Server 2012 questuins and answers. Immediate access to the Renovate exam 70 417 Exam and find the same core area 70 417 pdf questions with professionally verified answers, then PASS your exam with a high score now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Microsoft 70-417 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-417 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/70-417-exam-dumps.html
Q51. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
On a server named Server2, you perform a Server Core Installation of Windows Server 2012 R2. You join Server2 to the contoso.com domain. You need to ensure that you can manage Server2 by using the Computer Management console on Server1.
What should you do on Server2?
A. Run the Disable-NetFirewallRulecmdlet.
B. Run the Enable-NetFirewallRulecmdlet.
C. Run sconfig.exe and configure the network settings.
D. Run sconfig.exe and configure remote management.
Answer: B
Explanation:
As we can see on the following screenshot, Remote Management is enabled by default on a new Server Core installation of 2012 (so we don't have to configure it on Server2) BUT that's not enough as it only enables WinRM-based remote management (and computer management is not WinRM- based of course). To enable the remote management from an MMC (such as server manager, or computer manager), we have to enable exception rules in the Firewall, which can be done, amongst other ways, using Powershell and the Enable-NetFirewallRulecmdlet.
http://technet.microsoft.com/en-us/library/jj554869.aspx Enable-NetFirewallRule Detailed Description The Enable-NetFirewallRulecmdlet enables a previously disabled firewall rule to be active within the computer or a group policy organizational unit. This cmdlet gets one or more firewall rules to be enabled with the Name parameter (default), the DisplayName parameter, rule properties, or by associated filters or objects. The Enabled parameter for the resulting queried rules is set to True.
Q52. Server manager is a great tool for managing most of your server settings and configuration all in one central place. Which one of the following Server manager Features is used for Storage management, replication and searching?
A. Dynamic Host Configuration Server
B. Terminal Services
C. Domain Name Service
D. File Services
Answer: D
Q53. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed.
Server1 has a zone named contoso.com. The zone is configured as shown in the exhibit. (Click the Exhibit button.)
You need to assign a user named User1 permission to add and delete records from the contoso.com zone only.
What should you do first?
A. Enable the Advanced view from DNS Manager.
B. Add User1 to the DnsUpdateProxy group.
C. Run the New Delegation Wizard.
D. Configure the zone to be Active Directory-integrated.
Answer: D
Q54. You have 30 servers that run Windows Server 2012 R2.
All of the servers are backed up daily by using Windows Azure Backup.
You need to perform an immediate backup of all the servers to Windows Azure Backup.
Which Windows PowerShell cmdlets should you run on each server?
A. Get-OBPolicy | Start-OBBackup
B. Get-WBPolicy | Start-WBBackup
C. Start-OBRegistration | Start-OBBackup
D. Get-WBBackupTarget | Start-WBBackup
Answer: A
Explanation: Explanation/Explanation:
A. starts a backup job using a policy
B. Registers the current computer to Windows Azure Backup.
C. Not using Azure
D. Not using Azure
http://technet.microsoft.com/en-us/library/hh770406(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh770426.aspx http://technet.microsoft.com/en-us/library/hh770398.aspx
Q55. Your network contains an Active Directory domain named contoso.com. The domain contains six domain controllers named DO, DC2, DC3, DC4, DC5 and DC6. Each domain controller has the DNS Server server role installed and hosts an Active Directory-integrated zone for contoso.com.
You plan to create a new Active Directory-integrated zone named litwareinc.com that will be used for testing.
You need to ensure that the new zone will be available only on DC5 and DC6.
What should you do first?
A. Create an Active Directory connection object.
B. Create an Active Directory site link.
C. Create an application directory partition
D. Change the zone replication scope.
Answer: C
Explanation: Zone replication scope: All domain controllers in a specified application directory partition Replicates zone data according to the replication scope of the specified application directory partition. For a zone to be stored in the specified application directory partition, the DNS server hosting the zone must be enlisted in the specified application directory partition. Use this scope when you want zone data to be replicated to domain controllers in multiple domains but you do not want the data to replicate to the entire forest.
Reference: Understanding DNS Zone Replication in Active Directory Domain Services
Q56. You have a server named Server1 that runs Windows Server 2012 R2. You create a custom Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to meet the following requirements:
. Automatically run a program when the amount of total free disk space on Server1 drops below 10 percent of capacity. . Log the current values of several registry settings.
Which two should you configure in DCS1? (Each correct answer presents part of the solution. Choose two.)
A. Event trace data
B. A Performance Counter Alert
C. System configuration information
D. A performance counter
Answer: B,C
Explanation:
Automatically run a program when the amount of total free disk space on Server1 drops
below 10 percent of capacity.
You can also configure alerts to start applications and performance logs
Log the current values of several registry settings.
System configuration information allows you to record the state of, and changes to, registry
keys.
Total free disk space
Registry settings
Run a program on alert http: //technet. microsoft. com/en-us/library/cc766404. aspx
Q57. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily.
The domain has the Active Directory Recycle Bin enabled.
During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups.
For documentation purposes, you must provide a list of the members of Group1 before the group was deleted.
You need to identify the names of the users who were members of Group1 prior to its deletion. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do first?
A. Reactivate the tombstone of Group1.
B. Use the Recycle Bin to restore Group1.
C. Perform an authoritative restore of Group1.
D. Mount the most recent Active Directory backup.
Answer: D
Explanation:
You can use the Active Directory database mounting tool (Dsamain.exe) and a Lightweight Directory Access Protocol (LDAP) tool, such as Ldp.exe or Active Directory Users and Computers, to identify which backup has the last safe state of the forest. The Active Directory database mounting tool, which is included in Windows Server 2008 and later Windows Server operating systems, exposes Active Directory data that is stored in backups or snapshots as an LDAP server. Then, you can use an LDAP tool to browse the data. This approach has the advantage of not requiring you to restart any DC in Directory Services Restore Mode (DSRM) to examine the contents of the backup of AD DS.
Q58. You create trusts in Windows Server 2008 with the New Trust Wizard. Which one of the following authentication types is being described below:
An authentication setting that permits unrestricted access by any users in the specified forest to all available shared resources that are located in any of the domains in the local forest.
A. Domain-wide authentication
B. None of these
C. Selective authentication
D. Forest-wide authentication
Answer: D
Q59. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 contains a virtual machine named VM1 that runs Windows Server 2012 R2.
You need to ensure that a user named User1 can install Windows features on VM1. The solution must minimize the number of permissions assigned to User1.
To which group should you add User1?
A. Server Operators on Server1
B. Power Users on VM1
C. Administrators on VM1
D. Hyper-V Administrators on Server1
Answer: D
Explanation: * The Hyper-V role enables you to create and manage a virtualized computing environment by using virtualization technology that is built in to Windows Server 2012. Hyper-V virtualizes hardware to provide an environment in which you can run multiple operating systems at the same time on one physical computer, by running each operating system in its own virtual machine.
* Simplified authorization
The Hyper-V Administrators group is introduced in Windows Server 2012 and is
implemented as a local security group.
What value does this change add?
This group can reduce the number of users that belong to the local Administrators group
while providing users with access to Hyper-V.
What works differently?
The Hyper-V Administrators group is a new local security group. Add users to this group
instead of the local Administrators group to provide them with access to Hyper-V. Members
of the Hyper-V Administrators have complete and unrestricted access to all features of
Hyper-V.
Reference: What's New in Hyper-V for Windows Server 2012
Q60. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed.
You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL).
You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted.
Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.)
A. Client Authentication
B. Kernel Mode Code Signing
C. Server Authentication
D. IP Security end system
E. KDC Authentication
Answer: A,C
Explanation:
http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificaterequirements.aspx
