2016/09 New Microsoft 70-411: Administering Windows Server 2012 R2 Exam Questions Released Today!
Free Instant Download 70-411 Exam Dumps (PDF & VCE) 445Q&As from Braindump2go.com Today!
100% Real Exam Questions! 100% Exam Pass Guaranteed!
1.|2016/09 Latest 70-411 Exam Dumps (PDF & VCE) 445Q&As Download:
http://www.braindump2go.com/70-411.html
2.|2016/09 Latest 70-411 Exam Questions & Answers:
https://drive.google.com/folderview?id=0B75b5xYLjSSNfnNyWDFTYllvTTkteG0waVJYSFdoaDVWZTBSamh6Q0xiaUJmNEk5cUJSbFU&usp=sharing
QUESTION 17
Hotspot Question
Your network contains an Active Director domain named contoso.com. The domain contains a file server named Server1. All servers run Windows Server 2012 R2.
You have two user accounts named User1 and User2.
User1 and User2 are the members of a group named Group1.
User1 has the Department value set to Accounting, user2 has the Department value set to Marketing.
Both users have the Employee Type value set to Contract Employee.
You create the auditing entry as shown in the exhibit. (Click the Exhibit button.)
To answer, complete each statement according to the information presented in the exhibit.
Each correct selection is worth one point.
Answer:
Explanation:
The Auditing Entry events for file access logs that match the misconfigured permissions and carried out by a principal that satisfies both conditions for Sarah is the attribute Department with the value marketing festgelgt.
The condition for the attribute department may have to be changed accordingly, so that their deletions are logged. In order to monitor the opening of files, read access must be involved in the monitoring.
QUESTION 18
Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2 and have the DNS Server server role installed. Server1 hosts a primary zone for contoso.com. Server2 hosts a secondary zone for contoso.com. The zone is not configure to notify secondary servers of changes automatically.
You update several records on Server1.
You need to force the replication of the contoso.com zone records from Server1 to Server2.
What should you do from Server2?
A. Right-click Server2 and click Update Server Data Files.
B. Right-click Server2 and click Refresh.
C. Right-click the contoso.com zone and click Reload.
D. Right-click the contoso.com zone and click Transfer from Master.
Answer: D
Explanation:
A. For standard primary zones, this procedure causes the DNS server to immediately write its in- memory changes out to disk for storage with the zone file.
D. Initiates zone transfer from secondary server
http://technet.microsoft.com/en-us/library/cc786985(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc779391(v=ws.10).aspx
QUESTION 19
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.
The network contains several group Managed Service Accounts that are used by four member servers.
You need to ensure that if a group Managed Service Account resets a password of a domain user account, an audit entry is created.
You create a Group Policy object (GPO) named GPO1.
What should you do next?
A. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User Account Management.
Link GPO1 to the Domain Controllers organizational unit (OU).
B. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User Account Management.
Move the member servers to a new organizational unit (OU).
Link GPO1 to the new OU.
C. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive Privilege Use.
Link GPO1 to the Domain Controllers organizational unit (OU).
D. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive Privilege Use.
Move the member servers to a new organizational unit (OU).
Link GPO1 to the new OU.
Answer: A
Explanation:
Audit User Account Management
This security policy setting determines whether the operating system generates audit events when the following user account management tasks are performed:
– A user account is created, changed, deleted, renamed, disabled, enabled, locked out, or unlocked.
– A user account password is set or changed.
– Security identifier (SID) history is added to a user account.
– The Directory Services Restore Mode password is set.
– Permissions on accounts that are members of administrators groups are changed.
– Credential Manager credentials are backed up or restored.
This policy setting is essential for tracking events that involve provisioning and managing
user accounts.
QUESTION 20
You have a DNS server named Server1 that has a Server Core Installation on Windows Server 2012 R2.
You need to view the time-to-live (TTL) value of a name server (NS) record that is cached by the DNS Server service on Server1.
What should you run?
A. Show-DNSServerCache
B. dnscacheugc.exe
C. ipconfig.exe /displaydns
D. nslookup.exe
Answer: A
Explanation:
Show-DnsServerCache – Shows the records in a DNS Server Cache.
The Show-DNSServerCache shows all cached Domain Name System (DNS) server resource records in the following format: Name, ResourceRecordData, Time-to-Live (TTL).
http://technet.microsoft.com/en-us/library/jj649915.aspx
http://www.windowsnetworking.com/articles_tutorials/Managing-DNS-servers-using-PowerShell.html
QUESTION 21
Your network contains a single Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 that hosts the primary DNS zone for contoso.com.
All servers dynamically register their host names.
You install the new Web servers that host identical copies of your company’s intranet website. The servers are configured as shown in the following table.
You need to use DNS records to load balance name resolution queries for intranet.contoso.com between the two Web servers.
What is the minimum number of DNS records that you should create manually?
A. 1
B. 3
C. 4
D. 6
Answer: B
Explanation:
To create DNS Host (A) Records for all internal pool servers
1. Click Stabrt, click All Programs, click Administrative Tools, and then click DNS.
2. In DNS Manager, click the DNS Server that manages your records to expand it.
3. Click Forward Lookup Zones to expand it.
4. Right-click the DNS domain that you need to add records to, and then click New Host (A or AAAA).
5. In the Name box, type the name of the host record (the domain name will be automatically appended).
6. In the IP Address box, type the IP address of the individual Front End Server and then select Create associated pointer (PTR) record or Allow any authenticated user to update.
DNS records with the same owner name, if applicable.
7. Continue creating records for all member Front End Servers that will participate in DNS Load Balancing.
For example, if you had a pool named pool1.contoso.com and three Front End Servers, you would create the following DNS entries:
http://technet.microsoft.com/en-us/library/cc772506.aspx
http://technet.microsoft.com/en-us/library/gg398251.aspx
QUESTION 22
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed.
You need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1. The solution must NOT require the use of certificates or pre-shared keys.
What should you modify?
To answer, select the appropriate object in the answer area.
Answer:
Explanation:
The four types of tunneling protocols used with a VPN/RAS server running on Windows Server 2012 include:
Point-to-Point Tunneling Protocol (PPTP):
A VPN protocol based on the legacy Point-to-Point protocol used with modems.
The PPTP specification does not describeencryption or authentication features and relies on the Point-to-Point Protocol being tunneled to implement security functionality.
Layer 2 Tunneling Protocol (L2TP): Used with IPsec to provide security.
L2TP supports either computer certificates or a preshared key as the authentication method for IPsec. IKEv2: IKE is short for Internet Key Exchange, which is a tunneling protocol that uses IPsec Tunnel Mode protocol. The message is encrypted with one of the following protocols by using encryption keys that are generated from the IKEv2 negotiation process.
Secure Socket Tunneling Protocol (SSTP): Introduced with Windows Server 2008, which uses the HTTPS protocol over TCP port 443 to pass traffic through firewalls
http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol
QUESTION 23
Hotspot Question
You have a server named Servers that runs Windows Server 2012 R2. Servers has the Windows Deployment Services server role installed.
Server5 contains several custom images of Windows 8.
You need to ensure that when 32-bit client computers start by using PXE, the computers automatically install an image named Image 1.
What should you configure?
To answer, select the appropriate tab in the answer area.
Answer:
Explanation:
On the Register Client separate answer files can be stored for unattended installation for different processor architectures
!!!RECOMMEND!!!
1.|2016/09 Latest 70-411 Exam Dumps (PDF & VCE) 445Q&As Download:
http://www.braindump2go.com/70-411.html
2.|2016/09 Latest 70-411 Exam Questions & Answers:
https://drive.google.com/folderview?id=0B75b5xYLjSSNfnNyWDFTYllvTTkteG0waVJYSFdoaDVWZTBSamh6Q0xiaUJmNEk5cUJSbFU&usp=sharing
