tag:blogger.com,1999:blog-23083406282505485892024-03-08T06:11:38.803-08:0070-410 -Installing and Configuring Windows Server 2012ITChanakyahttp://www.blogger.com/profile/06470455998708874347noreply@blogger.comBlogger1125tag:blogger.com,1999:blog-2308340628250548589.post-71607290664399298262013-09-20T22:18:00.003-07:002013-09-20T22:18:56.489-07:0070-410 -Updated Questions & AnswersExam 70-410 changed recently and key4pass have this updated with pass guarantee.So intead of trying outdated dump for 70-410 please use the below dumps and save your money by avoiding fail to exam.<br />
<br />
<h2>
<a href="http://www.key4pass.com/70-410.html" target="_blank">Installing and Configuring Windows Server 2012</a></h2>
<div class="description">
<span>Exam Code:</span> <a href="http://www.key4pass.com/70-410.html" target="_blank">70-410</a><br />
<span>Exam Name:</span> <a href="http://www.key4pass.com/70-410.html" target="_blank">Installing and Configuring Windows Server 2012</a><br />
<span>Questions and Answers:</span> 336<br />
<span>Update Time:</span> 20/09/2013</div>
<div class="description">
<br />
</div>
<div class="description">
<a href="http://www.key4pass.com/70-410.html" target="_blank">Demo :</a> </div>
<div class="description">
<br />
</div>
<div class="description">
Question No : 1 - (Topic 0) <br />The disks on Server1 are configured as shown in the exhibit. (Click the Exhibit button.) <br /><br /><br />You create a virtual machine on Server1. <br /><br />You need to ensure that you can configure a pass-through disk for the virtual machine. <br /><br />What should you do? <br /><br />A. Delete partition E. <br />B. Convert Disk 1 to a GPT disk. <br />C. Convert Disk 1 to a dynamic disk. <br />D. Take Disk 1 offline. <br />Answer: D <br /><br />Explanation: <br /><br />Pass-Through Disk must be offline <br />Pass-through Disk Configuration <br />Hyper-V allows virtual machines to access storage mapped directly to the Hyper-V server <br />without requiring thevolume be configured. The storage can either be a physical disk <br />internal to the Hyper-V server or it can be aStorage Area Network (SAN) Logical Unit (LUN) <br /><br /> <br />mapped to the Hyper-V server. To ensure the Guest hasexclusive access to the storage, it <br /><br />must be placed in an Offline state from the Hyper-V serverperspective <br /><br />http://blogs.technet.com/b/askcore/archive/2008/10/24/configuring-pass-through-disks-inhyper-<br />v.aspx <br />http://technet.microsoft.com/pt-pt/library/ff404147%28v=ws.10%29.aspx <br /><br />Question No : 2 - (Topic 0) <br />You have a server named Server1 that runs Windows Server 8. Server1 has the Hyper-V <br />server role installed. <br /><br />You have fixed-size VHD named Files.vhd. <br /><br />You need to make the contents in Files.vhd available to several virtual machines. <br /><br />The solution must meet the following requirements: <br /><br />. <br />Ensure that if the contents are changed on any virtual machine, the changes are <br />not reflected on the other virtual machines. <br />. <br />Minimize the amount of disk space used. <br /><br />What should you do? <br /><br />A. Create a dynamically expanding VHDX. Transfer the information from Files.vhd to the <br />new VHDX file. <br />B. Create a fixed-size VHDX. Transfer the information from Files.vhd to the new VHDX file. <br />C. Convert Files.vhd to a dynamically expanding VHD. <br />D. Create differencing VHDs that use Files.vhd as the parent disk. <br />Answer: D <br /><br />Explanation: <br /><br />A. A conversion would be needed from VHD to VHDX. Not available to multiple VM's <br />B. Single VHD not available to multiple VM's. Changes wouldn't be reflected <br />C. A conversion would be needed from VHD to VHDX. Not available to multiple VM's <br />D. Child disk for multiple VM's with Files.vhd as parent <br />A differencing disk is associated with another virtual hard disk that you select when you <br /><br /> <br />create the differencing disk. This means that the disk to which you want to associate the <br />differencing disk must exist first. This virtual hard disk is called the "parent" disk and the <br />differencing disk is the "child" disk. The parent disk can be any type of virtual hard disk. <br />The differencing disk stores all changes that would otherwise be made to the parent disk if <br />the differencing disk was not being used. The differencing disk provides an ongoing way to <br />save changes without altering the parent disk. You can use the differencing disk to store <br />changes indefinitely, as long as there is enough space on the physical disk where the <br />differencing disk is stored. The differencing disk expands dynamically as data is written to it <br />and can grow as large as the maximum size allocated for the parent disk when the parent <br />disk was created. <br />http://technet.microsoft.com/en-us/library/cc720381(v=ws.10).aspx <br /><br />Question No : 3 - (Topic 0) <br />You have a server named Server1 that runs Windows Server 2012. Server1 has the Hyper-<br />V server role installed. <br /><br />On Server1, you create a virtual machine named VM1. VM1 has a legacy network adapter. <br /><br />You need to assign a specific amount of available network bandwidth to VM1. <br /><br />What should you do first? <br /><br />A. Remove the legacy network adapter, and then run the Set-VMNetworkAdaptercmdlet. <br />B. Add a second legacy network adapter, and then run the Set-VMNetworkAdoptercmdlet. <br />C. Add a second legacy network adapter, and then configure network adapter teaming. <br />D. Remove the legacy network adapter, and then add a network adapter. <br />Answer: D <br /><br />Explanation: <br /><br />A. Set-VMNetworkAdaptercmdlet configures features of the virtual network adapter in a <br />virtual machine or the management operating system <br />B. The legacy network adapter doesn't support bandwidth management <br />C. The legacy network adapter doesn't support bandwidth management <br />D. Add a New network adapter The legacy network adapter doesn't support bandwidth <br />management <br /> <br />C:\Documents and Settings\usernwz1\Desktop\1.JPG <br /><br />http://technet.microsoft.com/en-us/library/hh848457(v=wps.620).aspx <br />http://www.techrepublic.com/blog/networking/set-bandwidth-limits-for-hyper-v-vms-withwindows-<br />server-2012/5924 <br /><br />Question No : 4 - (Topic 0) <br />Your network contains an Active Directory domain named adatum.com. The domain <br />contains a server named Server1 that runs Windows Server 2012. <br /><br />On a server named Core1, you perform a Server Core Installation of Windows Server <br />2012. You join Core1 to the adatum.com domain. <br /><br /> <br />You need to ensure that you can use Event Viewer on Server1 to view the event logs on <br />Core1. <br /><br />What should you do on Core1? <br /><br />A. Run the Enable-NetFirewallRulecmdlet. <br />B. Run sconfig.exeandconfigure remote management. <br />C. Run the Disable-NetFirewallRulecmdlet. <br />D. Run sconfiq.exeandconfigure the network settings. <br />Answer: A <br /><br />Explanation: <br /><br />http://technet.microsoft.com/en-us/library/jj574205.aspx <br /><br /><br />http://technet.microsoft.com/en-us/library/cc990290(v=ws.10).aspx <br /><br />Question No : 5 - (Topic 0) <br />Your network contains a file server named Server1 that runs Windows Server 2012. All <br />client computers run Windows 8. <br /><br />You need to ensure that when users are connected to the network, they always use local <br />offline files that are cached from Server1. <br /><br />Which Group Policy setting should you configure? <br /><br />A. Configure slow-link mode <br />B. Configure Slow link speed <br />C. Enable file synchronization on costed networks <br />D. Turn on economical Application of Administratively assigned Offline Files <br />Answer: A <br /><br /> <br />Explanation: <br /><br />A. Offline Files to provide faster access to cached files and redirected folders. <br />B. Defines a slow connection for purposes of App1ying and updating Group Policy. <br />C. automatically tracks roaming and bandwidth usage limits while on metered connections <br />D. Lists network files and folders that are always available for offline use. This policy makes <br />the specified filesand folders available offline to users of the computer. <br />When Offline Files is operating in the slow-link mode, all network file requests are satisfied <br />from the OfflineFiles cache. This is similar to a user working offline. <br /><br />If you enable this policy setting, Offline Files uses the slow-link mode if the network <br />throughput between theclient and the server is below (slower than) the Throughput <br />threshold parameter, or if the round-trip networklatency is above (slower than) the Latency <br />threshold parameter. <br /><br /><br />C:\Documents and Settings\usernwz1\Desktop\1.JPG <br /><br /> <br />http://technet.microsoft.com/en-us/library/hh968298.aspx <br />http://technet.microsoft.com/en-us/library/cc957631.aspx <br />http://technet.microsoft.com/en-us/library/jj127408.aspx <br />http://www.group-policy.com/ref/policy/2229/Configure_slow-link_mode <br /><br /><br />C:\Documents and Settings\usernwz1\Desktop\1.JPG <br /><br />Question No : 6 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. All servers run <br />either Windows Server 2008 R2 or Windows Serve 2012. All client computers run either <br />Windows 7 or Windows 8. <br /><br />The domain contains a member server named Server1 that runs Windows Server 2012.<br />Server1 has the File and Storage Services server role installed.<br />On Server1, you create a share named Share1.<br />You need to ensure that users can use Previous Versions to restore the files in Share1.<br />What should you configure on Server1?<br /><br /><br />A. The Shadow Copies settings <br />B. A Windows Server Backup schedule <br />C. A data recovery agent <br /> <br />D. The Recycle Bin properties <br />Answer: A <br /><br />Explanation: <br /><br />A. Enable and schedule shadow copies for Share1 <br />B. The backup doesn't give users access until files are restored <br />C. <br />D. No settings for file version <br />http://technet.microsoft.com/en-us/library/cc786104(v=ws.10).aspx <br />Question No : 7 - (Topic 0) <br /> <br />You have a server named Server1 that runs Windows Server 2012. Server1 has the Print <br />and Document Services server role installed. <br /><br />Server1 is connected to two identical print devices. <br /><br />You need to ensure that users can submit print jobs to the print devices. The solution must <br />ensure that if one print device fails, the print jobs will print automatically on the other print <br />device. <br /><br />What should you do on Server1? <br /><br />A. Add two printers and configure the priority of each printer. <br />B. Add one printer and configure printer pooling. <br />C. Install the Network Load Balancing (NLB) feature, and then add one printer. <br />D. Install the Failover Clustering feature, and then add one printer. <br />Answer: B <br /><br />Explanation: <br /><br />A. expedite documents that need to be printed immediately<br />B. A printing pool is one logical printer connected to multiple printers through multiple ports<br />of theprint server. The printer that is idle receives the next document sent to the logical<br />printer. Whenprinting to a printer pool, the spooler will send waiting jobs to alternate ports.<br />If the original or alternateports are not available<br />C. NLB for printing is not supported<br />D. Would need 2 nodes<br />A printing pool is one logical printer connected to multiple printers through multiple ports of<br />the print server.<br />The printer that is idle receives the next document sent to the logical printer.<br />This is useful in a network with a high volume of printing because it decreases the time<br />users wait for theirdocuments.<br />A printing pool also simplifies administration because multiple printers can be managed<br />from the same logicalprinter on a server.<br />If one device within a pool stops printing, the current document is held at that device. The<br />succeedingdocuments print to other devices in the pool, while the delayed document waits<br />until the nonfunctioningprinter is fixed.<br />Efficient printer pools have the following characteristics:<br />All printers in the pool are the same model.<br />Printer ports can be of the same type or mixed (parallel, serial, and network)<br />.<br />It is recommended that all printers be in one location. Because it is impossible to predict<br />which printer willreceive the document, keep all printers in a pool in a single location.<br />Otherwise, users might have a hard timefinding their printed document.<br /> <br />http://technet.microsoft.com/en-us/library/cc757086(v=ws.10).aspx <br />http://technet.microsoft.com/en-us/library/cc784619(v=ws.10).aspx <br />http://technet.microsoft.com/en-us/library/cc958172.aspx <br /><br />You can create a printing pool to automatically distribute print jobs to the next available <br />printer. A printing poolis one logical printer connected to multiple printers through multiple <br />ports of the print server. The printer that isidle receives the next document sent to the <br />logical printer. <br /><br />Question No : 8 - (Topic 0) <br />Your network contains a server named Server1 that runs Windows Server 2012. Server1 <br />has the Print and Document Services server role installed. <br /><br />You connect a new print device to the network. The marketing department and the sales <br />department will use the print device. <br /><br />You need to provide users from both departments with the ability to print to the network <br />print device. The solution must ensure that if there are multiple documents queued to print, <br />the documents from the sales users print before the documents from the marketing users. <br /><br />What should you do on Server1? <br /><br />A. Add two printers. Modify the priorities of each printer and the security settings of each <br />printer. <br />B. Add two printers and configure printer pooling. <br />C. Add one printer and configure printer pooling. <br />D. Add one printer. Modify the printer priority and the security settings. <br />Answer: A <br /><br />Explanation: http://technet.microsoft.com/en-us/library/cc738090(v=ws.10).aspx <br />To set different print priority to different groups <br />Open Printers and Faxes. <br /><br />Right-click the printer you want to set, click Properties, and then click the Advanced tab. <br />In Priority, click the up or down arrows, and then click OK. <br /><br /> <br />Or, type a priority level, where 1 is the lowest level and 99 is the highest, and then click OK.<br />Click Add Printer to add a second logical printer for the same physical printer. For<br />instructions, see Related Topics.<br /><br /><br />Click the Advanced tab.<br />In Priority, set a priority higher than that of the first logical printer.<br />Instruct the regular group of users to use the first logical printer name and the group with<br />higher priority to use the second logical printer name. Set the appropriate permissions for<br />the different groups.<br /><br /><br />Question No : 9 - (Topic 0) <br />You have a server named Server2 that runs Windows Server 2012.<br />You open Server Manager on Server2 as shown in the exhibit. (Click the Exhibit button.<br />) <br /><br /><br /><br />The Everyone group has read share permission and read NTFS permission to Sources. <br />You need to ensure that when users browse the network, the Sources share is not visible. <br /><br /> <br />What should you do? <br /><br />A. From the properties of the Sources folder, remove the Sources share, and then share <br />the Sources folder as Sources$. <br />B. From the properties of the Sources folder, deny the List Folder Contents permission for <br />the Everyone group. <br />C. From the properties of the Sources share, configure access-based enumeration. <br />D. From the properties of the Sources folder, configure the hidden attribute. <br />Answer: A <br /><br />Explanation: <br /><br />A. need to remove the old share, $ creates a hidden share <br />B. This would deny everyine <br />C. This feature allows users of Windows Server 2003–based file servers to list only the files <br />and folders towhich they have access when browsing content on the file server <br />D. This would hide the physical folder not the share <br />A hidden share is identified by a dollar sign ($) at the end of the share name <br />Hidden shares are not listed when you look through the shares on a computer or use the <br />"net view" command <br />Why Use Hidden Shares? <br />Using hidden shares on your network is useful if you do not want a shared folder or drive <br />on the network to beeasily accessible. Hidden shares can add another layer of protection <br />for shared files against unauthorizedpeople connecting to your network. Using hidden <br />shares helps eliminate the chance for people to guess yourpassword (or be logged into an <br />authorized Windows account) and then receive access to the shared resource. <br /> <br />C:\Documents and Settings\usernwz1\Desktop\1.JPG <br /><br />http://support.microsoft.com/kb/314984 <br />http://technet.microsoft.com/en-us/library/cc784710(v=ws.10).aspx <br /><br />Question No : 10 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. The network <br />contains a server named Server1 that runs Window Server 8 and a server named Server2 <br />that runs Windows Server 2008 R2 Service Pack 1 (SP1). Server1 and Server2 are <br />member server. <br /><br />You need to ensure that you can manage Server2 from Server1 by using Server Manager. <br /><br />Which two tasks should you perform? (Each correct answer presents part of the solution. <br />Choose two.) <br /><br /> <br />A. Install Remote Server Administration Tools on Server1. <br />B. Install Windows Management Framework 3.0 on Server2. <br />C. Install the Windows PowerShell 2.0 engine on Server1. <br />D. Install Microsoft .NET Framework 4 on Server2. <br />E. Install Remote Server Administration Tools on Server2. <br />Answer: B,D <br /><br />Explanation: http://technet.microsoft.com/en-us/library/hh831456.aspx <br /><br /><br />Question No : 11 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. The network <br />contains a member server named Server1 that runs Windows Server 2012. Server1 has <br />the DNS Server server role installed and has a primary zone for contoso.com. <br /><br />The Active Directory domain contains 500 client computers. There are an additional 20 <br />computers in a workgroup. <br /><br />You discover that every client computer on the network can add its record to the <br />contoso.com zone. <br /><br />You need to ensure that only the client computers in the Active Directory domain can <br />register records in the contoso.com zone. <br /><br />What should you do first? <br /><br />A. Move the contoso.com zone to a domain controller that is configured as a DNS server. <br />B. Configure the Dynamic updates settings of the contoso.com zone. <br />C. Sign the contoso.com zone by using DNSSEC. <br /> <br />D. Configure the Security settings of the contoso.com zone. <br />Answer: A <br /><br />Explanation: <br /><br />If you install DNS server on a non-DC, then you are not able to create AD-integrated<br />zones.<br />DNS update security is available only for zones that are integrated into AD DS.<br />When you directory-integrate a zone, access control list (ACL) editing features are<br />available in DNS Managerso that you can add or remove users or groups from the ACL for<br />a specified zone or resource record.<br /><br /><br />http://technet.microsoft.com/en-us/library/cc771255.aspx<br />http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/9b041bbc-0765-<br />4eed-bd1cd65027f05e9f/<br />http://blogs.msmvps.com/acefekay/2012/11/19/ad-dynamic-dns-updates-registration-rules-<br />of-engagement/<br /><br /><br />1. Active Directory's DNS Domain Name is NOT a single label name ("DOMAIN" vs the<br />minimal requirement of"domain.com." "domain.local," etc)<br />.<br />2. The Primary DNS Suffix MUST match the zone name that is allowing updates.<br />Otherwise the client doesn'tknow what zone name to register in. You can also have <br />a<br />different Conneciton Specific Suffix in addition to thePrimary DNS Suffix to register into that<br />zone as well.<br />3. AD/DNS zone MUST be configured to allow dynamic updates, whether Secure or<br />Secure and Non-Secure.<br />For client machines, if a client is not joined to the domain, and the zone is set to Secure, it<br />will not registereither.<br />4. You must ONLY use the DNS servers that host a copy of the AD zone name or have <br />a<br />reference to get tothem. Do not use your ISP's, an external DNS adddress, your router as <br />a<br />DNS address, or any other DNS thatdoes not have a copy of the AD zone. Internet<br />resolution for your machines will be accomplished by the Rootservers (Root Hints)<br />,<br />however it's recommended to configure a forwarder for efficient Internet resolution. <br />.<br />5. The domain controller is multihomed (which means it has more than one unteamed,<br />active NIC, more thanone IP address, and/or RRAS is installed on the DC)<br />.<br />6. The DNS addresses configured in the client's IP properties must ONLY reference the<br />DNS server(s) hostingthe AD zone you want to update in.<br />This means that you must NOT use an external DNS in any machine's IP property in an AD<br />environment.<br /> <br />You can't mix them either. That's because of the way the DNS Client side resolver service <br />works. Even if youmix up internal DNS and ISP's DNS addresses, the resolver algorithm <br />can still have trouble asking the correctDNS server. It will ask the first one first. If it doesn't <br />get a response, it removes the first one from the eligibleresolvers list and goes to the next <br />in the list. It will not go back to the first one unless you restart the machine,restart the DNS <br />Client service, or set a registry entry to cut the query TTL to 0. The rule is to ONLY use <br />yourinternal DNS server(s) and configure a forwarder to your ISP's DNS for efficient <br />Internet resolution. <br /><br />This is the reg entry to cut the query to 0 TTL: <br />The DNS Client service does not revert to using the first server ...The Windows 2000 <br />Domain Name System <br />(DNS) Client service (Dnscache) follows a certain algorithm when it decides the order in <br />which to use the DNSservers ... <br />http://support.microsoft.com/kb/286834 <br />For more info, please read the following on the client side resolver service: <br />DNS, WINS NetBIOS & the Client Side Resolver, Browser Service, Disabling NetBIOS, <br />Direct Hosted SMB(DirectSMB), If One DC is Down Does a Client logon to Another DC, <br />and DNS Forwarders Algorithm if youhave multiple forwarders. <br />http://msmvps.com/blogs/acefekay/archive/2009/11/29/dns-wins-netbios-amp-the-clientside-<br />resolver-browserservice-disabling-netbios-direct-hosted-smb-directsmb-if-one-dc-isdown-<br />does-a-client-logon-to-another-dcand-dns-forwarders-algorithm.aspx <br /><br />7. For DHCP clients, DHCP Option 006 for the clients are set to the same DNS server. <br />8. If using DHCP, DHCP server must only be referencing the same exact DNSserver(s) in <br />it's own IP properties in order for it to 'force' (if you setthat setting) registration into DNS. <br />Otherwise, how would it know which DNSto send the reg data to? <br />9. If the AD DNS Domain name is a single label name, such as "EXAMPLE", and not the <br />proper format of"example.com" and/or any child of that format, such as <br />"child1.example.com", then we have a real big problem. <br />DNS will not allow registration into a single label domain name. <br />This is for two reasons: <br /><br />1. It's not the proper hierachal format. DNS is hierarchal, but a single label name has no <br />hierarchy. It's just asingle name. <br />2. Registration attempts causes major Internet queriesto the Root servers. Why? Because <br />it thinks thesingle label name, such as "EXAMPLE", is a TLD(Top Level Domain), such as <br />"com", "net", etc. Itwill now try to find what Root name server out therehandles that TLD. In <br />the end it comes back to itselfand then attempts to register. Unfortunately it doe NOTask <br /> <br />itself first for the mere reason it thinks it's a TLD.<br /><br /><br />(Quoted from Alan Woods, Microsoft, 2004)<br />:<br />"Due to this excessive Root query traffic, which ISC found from a study that discovered<br />Microsoft DNS serversare causing excessive traffic because of single label names,<br />Microsoft, being an internet friendly neighbor andwanting to stop this problem for their<br />neighbors, stopped the ability to register into DNS with Windows 2000SP4, XP SP1,<br />(especially XP,which cause lookup problems too), and Windows 2003. After all, DNS<br />ishierarchal, so therefore why even allow single label DNS domain names?<br />"<br /><br /><br />The above also *especially* App1ies to Windows Vista, &, 2008, 2008 R2, and newer.<br /><br /><br />10. 'Register this connection's address" on the client is not enabled under the NIC's IP <br />properties, DNS tab. <br />11. Maybe there's a GPO set to force Secure updates and the machine isn't a joined <br />member of the domain. <br />12. ON 2000, 2003 and XP, the "DHCP client" Service not running. In 2008/Vista and <br />newer, it's the DNSClient Service. This is a requirement for DNS registration and DNS <br />resolution even if the client is not actuallyusing DHCP. <br />13. You can also configure DHCP to force register clients for you, as well as keep the DNS <br />zone clean of old orduplicate entries. See the link I posted in my previous post. <br />Question No : 12 - (Topic 0) <br />Your company has a remote office that contains 1,600 client computers on a single subnet. <br /><br />You need to select a subnet mask for the network that will support all of the client <br />computers. The solution must minimize the number of unused addresses. <br /><br />Which subnet mask should you select? <br /><br />A. 255.255.248.0 <br />B. 255.255.252.0 <br />C. 255.255.254.0 <br />D. 255.255.240.0 <br />Answer: A <br /><br /> <br />Explanation: <br /><br />255.255.252.0 = 11111111.11111111.11111100.00000000 =>( 22 bits 1 .. 10 bits <br />0 ) => 1111111111 = 1023 <br />255.255.254.0 = 11111111.11111111.11111110.00000000 =>( 23 bits 1 .. 9 bits <br />0 ) => 111111111 = 511 <br />255.255.255.0 = 11111111.11111111.11111111.00000000 =>( 24 bits 1 .. 8 bits <br />0 ) => 11111111 = 255 <br />255.255.255.128 = 11111111.11111111.11111111.10000000 =>( 25 bits 1 .. 7 bits <br />0 ) => 1111111 = 127 <br />http://zeus.fh-brandenburg.de/~ihno/doc/lehre/internet/ip_eng.html <br /><br /><br />Question No : 13 DRAG DROP - (Topic 0) <br />You plan to deploy a DHCP server that will support four subnets. The subnets will be <br />configured as shown in the following table. <br /><br /> <br />You need to identify which network ID you should use for each subnet.<br />What should you identify?<br />To answer, drag the appropriate network ID to the each subnet in the answer area.<br /><br /><br /><br />Answer: <br /><br /><br /> <br />Question No : 14 - (Topic 0) <br />Your network contains three servers that run Windows Server 2012. The servers are <br />configured as shown in the following table. <br /><br /><br />Server3 is configured to obtain an IP address automatically. <br /><br />You need to ensure that Server3 only receives an IP address from Server1. The IP address <br />must always be the same. <br /><br />Which two tasks should you perform? (Each correct answer presents part of the solution. <br />Choose two.) <br /><br />A. Create an exclusion on Server1. <br />B. Create a filter on Server1. <br />C. Create a reservation on Server2. <br />D. Create a reservation on Server1. <br />E. Create a filter on Server2. <br />Answer: D,E <br /><br />Explanation: <br /><br />A. Exclude range of IP's for lease <br />B. Wrong Server <br />C. Wrong Sever <br />D. For clients that require a constant IP address, you can either manually configure a static <br />IP address,or assign a reservation on the DHCP server <br />E. DHCP Deny Filter at Server2 to exclude MAC address of Server3 <br />MAC address filterEnable and define an explicit allow list. The DHCP server provides <br />DHCP services only to clients whose MACaddresses are in the allow list. <br /> <br />Any client that previously received IP addresses is denied address renewal if its MAC<br />address isn’t onthe allow list.<br /><br /><br />Enable and define an explicit deny list. The DHCP server denies DHCP services only to<br />clients whose MACaddresses are in the deny list.<br /><br /><br />Any client that previously received IP addresses is denied address renewal if its MAC<br />address is on thedeny list.<br /><br /><br />Enable and define an allow list and a block list.<br />The block list has precedence over the allow list. This means that the DHCP server<br />provides DHCPservices only to clients whose MAC addresses are in the allow list, provided<br />that no corresponding matchesare in the deny list.<br />If a MAC address has been denied, the address is always blocked even if the address is on<br />the allowlist.<br /><br /><br />http://technet.microsoft.com/en-us/library/cc754537(v=ws.10).aspx<br />http://technet.microsoft.com/en-us/magazine/ff521761.aspx<br />http://technet.microsoft.com/en-us/library/cc779507(v=ws.10).aspx<br /><br /><br />Question No : 15 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. The domain <br />contains a domain controller named DC1 that runs Windows Server 2012 and a client <br />computer named Computer1 that runs Windows 8. <br /><br />DC1 is configured as a DHCP server as shown in the exhibit. (Click the Exhibit button.) <br /><br /> <br />Computer1 is configured to obtain an IP address automatically. <br /><br />You need to ensure that Computer1 can receive an IP address from DC1. <br /><br />What should you do? <br /><br />A. Disable the Allow filters. <br />B. Disable the Deny filters. <br />C. Activate Scope [10.1.1.0] Contoso.com. <br />D. Authorize dc1.contoso.com. <br />Answer: D <br /><br />Explanation: <br /><br />Red down arrow indicates a unauthorized DHCP server <br />A DHCP server that is a domain controller or a member of an Active Directory domain <br />queries Active Directoryfor the list of authorized servers (identified by IP address). <br /><br />If its own IP address is not in the list of authorized DHCP servers, the DHCP Server service <br />does not completeits startup sequence and automatically shuts down. <br /><br />http://technet.microsoft.com/en-us/library/cc754792.aspx <br />http://technet.microsoft.com/en-us/library/ee941131(v=ws.10).aspx <br />http://technet.microsoft.com/en-us/library/gg722802(v=ws.10).aspx <br />http://pc-addicts.com/server-2012-dhcp-server-role/ <br /><br /> <br />Question No : 16 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. The domain <br />contains a domain controller named Server1 that ha the DNS Server server role installed. <br />Server1 hosts a primary zone for contoso.com. <br /><br />The domain contains a member server named Server2 that is configured to use Server1 as <br />its primary DNS server. <br /><br />From Server2, you run nslookup.exe as shown in the exhibit. (Click the Exhibit button.) <br /><br /><br />You need to ensure that when you run Nslookup, the correct name of the default server is <br />displayed. <br /><br />What should you do? <br /><br />A. From Advanced TCP/IP Settings on Server1, add contoso.com to the DNS suffix list. <br />B. On Server1, modify the Security settings of the contoso.com zone. <br />C. On Server1, create a reverse lookup zone. <br />D. From Advanced TCP/IP Settings on Server2, add contoso.com to the DNS suffix list. <br />Answer: C <br /><br /> <br />Explanation: <br /><br />C. Make sure that a reverse lookup zone that is authoritative for the PTR resource record <br />exists. For more information about adding a reverse lookup zone, see "Adding a Reverse <br />Lookup Zone" <br />http://technet.microsoft.com/en-us/library/cc961417.aspx <br />Question No : 17 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. The domain <br />contains a domain controller named DC1 that hosts the primary DNS zone for <br />contoso.com. <br /><br />All client computers are configured to use DC1 as the primary DNS server. <br /><br />You need to configure DC1 to resolve any DNS requests that are not for the contoso.com <br />zone by querying the DNS server of your Internet Service Provider (ISP). <br /><br />What should you configure? <br /><br />A. Name server (NS) records <br />B. Condition& forwarders <br />C. Forwarders <br />D. Naming Authority Pointer (NAPTR) DNS resource records (RR) <br />Answer: C <br /><br />Explanation: <br /><br />A. Specifies a name server for the domain, which allows DNS lookups within various<br />zones. Each primary andsecondary name server should be declared through this record.<br />B. http://windowsitpro.com/networking/q-whats-conditional-dns-forwarding<br />C. manage the Domain Name System (DNS) traffic between your network and the Internet<br />D.<br />Configure forwarders to send DNS queries directly to your ISP's DNS server or other DNS<br />servers.<br />Most of the time, when you configure forwarders, DNS performance and efficiency <br />increases, but thisconfiguration can also introduce a point of failure if the forwarding DNS <br />server is experiencing problems. <br /><br /> <br />A forwarder is a Domain Name System (DNS) server on a network used to forward DNS<br />queries for externalDNS names to DNS servers outside of that network.<br />A DNS server on a network is designated as a forwarder by having the other DNS servers<br />in the networkforward the queries they cannot resolve locally to that DNS server.<br /><br /><br />By using a forwarder, you can manage name resolution for names outside of your network,<br />such as names onthe Internet, and improve the efficiency of name resolution for the<br />computers in your network.<br /><br /><br />http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/2f35cae2-341c-<br />4bfe-9dac-724ddace6d51/<br />http://technet.microsoft.com/en-us/library/cc722542.aspx<br />http://technet.microsoft.com/en-us/library/cc754931.aspx<br /><br /><br />Question No : 18 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. All domain <br />controllers run Windows Server 2012. The domain contains a server named Server1 that <br />runs Windows Server 2012. <br /><br />You need to ensure that when users log on to Server1, their user account is added <br />automatically to a local group named Group1 during the log on process. <br /><br />Which Group Policy settings should you modify? <br /><br />A. Restricted Groups <br />B. Security Options <br />C. User Rights Assignment <br />D. Preferences <br />Answer: D <br /><br />Explanation: <br /><br />A. If a Restricted Groups policy is defined and Group Policy is refreshed, any current <br />member not on the Restricted Groups policy members list is removed <br />B. Security settings incorporated into policies are rules that administrators configure on a <br />computer or multiple computers for the purpose of protecting resources on a computer <br /> <br />C. User Rights Assignment policies determines which users or groups have logon rights or <br />privileges on the computer <br />D. With Preferences, local and domain accounts can be added to a local group without <br />affecting the existing members of the group <br />http://technet.microsoft.com/en-us/library/cc785631(v=ws.10).aspx <br />http://www.grouppolicy.biz/2010/01/how-to-use-group-policy-preferences-to-secure-localadministrator-<br />groups/ <br />http://technet.microsoft.com/en-us/library/cc780182(v=ws.10).aspx <br />http://technet.microsoft.com/en-us/library/hh831424.aspx <br /><br />Question No : 19 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. <br /><br />You need to prevent users from installing a Windows Store app named App1. <br /><br />What should you create? <br /><br />A. AnApplication control policy executable rule <br />B. AnApplication control policy packaged app rule <br />C. A software restriction policy certificate rule <br />D. AnApplication control policy Windows Installer rule <br />Answer: B <br /><br />Explanation: <br /><br />Windows 8 is coming REALLY SOON and of course one of the big new things to computer <br />with that is the newPackaged Apps that run in the start screen. However these apps are <br />very different and do not install liketraditional apps to a path or have a true “executable” file <br />to launch the program. Ofcourse enterprises need a way to control these packaged apps <br />and therefore Microsoft has added a newfeature Packaged Apps option to the App1ocker <br />feature. <br /><br />A. For .exe or .com <br />B. A publisher rule for a Packaged app is based on publisher, name and version <br />C. You can create a certificate rule that identifies software and then allows or does not <br />allow the software torun, depending on the security level. <br /> <br />D. For .msi or .msp <br />Packaged apps (also known as Windows 8 apps) are new to Windows Server 2012 and <br />Windows 8. <br />They are based on the new app model that ensures that all the files within an app package <br />share the sameidentity. <br />Therefore, it is possible to control the entire Application using a single App1ocker rule as <br />opposed to the nonpackagedapps where each file within the app could have a unique <br />identity. <br />Windows does not support unsigned packaged apps which implies all packaged apps must <br />be signed. <br />App1ocker supports only publisher rules for Packaged apps.<br />A publisher rule for a Packaged app is based on the following information:<br />Publisher of the package<br />Package name<br />Package version<br />Therefore, an App1ocker rule for a Packaged app controls both the installation as well as<br />the running of theapp. Otherwise, the publisher rules for Packaged apps are no different<br />than the rest of the rule collections; theysupport exceptions, can be increased or decreased<br />in scope, and can be assigned to users and groups.<br /><br /><br />http://technet.microsoft.com/en-us/library/dd759068.aspx<br />http://technet.microsoft.com/en-us/library/hh994588.aspx<br /><br /><br />http://www.grouppolicy.biz/2012/08/how-manage-published-a-k-a-metro-apps-in-windows-<br />8-using-grouppolicy/<br />http://technet.microsoft.com/en-us/library/hh994597.aspx#BKMK_Cert_Rules<br />Packaged Apps run in the start screen.<br /><br /><br />However these apps are very different and do not install like traditional apps to a path or<br />have a true“executable” file to launch the program.<br />Enterprises need a way to control these packaged apps and therefore Microsoft has added<br />a new featurePackaged Apps option to the App1ocker feature.<br /><br /><br />Question No : 20 - (Topic 0) <br />Your network contains an Active Directory domain named contoso.com. The domain <br /><br /> <br />.<br />.<br />. .<br /><br /><br />contains 500 servers that run Windows Server 2012. <br /><br />You have a written security policy that states the following: <br /><br />Only required ports must be open on the servers.<br />All of the servers must have Windows Firewall enabled.<br />Client computers used by Administrators must be allowed to access all of the ports<br />on all of the servers.<br />Client computers used by the Administrators must be authenticated before the<br />client computers can access the servers.<br /><br /><br />You have a client computer named Computer1 that runs Windows 8. <br /><br />You need to ensure that you can use Computer1 to access all of the ports on all of the <br />servers successfully. <br /><br />The solution must adhere to the security policy. <br /><br />Which three actions should you perform? (Each correct answer presents part of the <br />solution. Choose three.) <br /><br />A. On Computer1, create a connection security rule. <br />B. On all of the servers, create an outbound rule and select the Allow the connection if it is <br />secure option. <br />C. On all of the servers, create an inbound rule and select the Allow the connection if it is <br />secure option. <br />D. On Computer1, create an inbound rule and select the Allow the connection if it is secure <br />option. <br />E. On Computer1, create an outbound rule and select the Allow the connection if it is <br />secure option. <br />F. On all of the servers, create a connection security rule. <br />Answer: A,C,F <br /><br />Explanation: <br /><br />http://technet.microsoft.com/en-us/library/cc772017.aspx <br /><br />Unlike firewall rules, which operate unilaterally, connection security rules require that both <br />communicating computers have a policy with connection security rules or another <br />compatible IPsec policy. <br /><br />http://technet.microsoft.com/en-us/library/cc753463.aspx <br /><br />Traffic that matches a firewall rule that uses the Allow connection if it is secure setting <br /><br /> <br />bypasses Windows Firewall. The rule can filter the traffic by IP address, port, or protocol. <br /><br />This method is supported on Windows Vista® or Windows Server® 2008. <br /><br />
</div>
<div class="price">
<br /><span class="inprice"></span>
</div>
<div class="price">
<br /><span class="inprice"></span>
</div>
ITChanakyahttp://www.blogger.com/profile/06470455998708874347noreply@blogger.com1