Our Vision

We believe in ourselves, we are professional and do what we say we will do.

Our Mission

We strive to add value to our customers to our company and to our profession.

Our Values

We work as a team to provide Quick response with Friendly and supportive team and low cost service to make our customers happy.

Our Values

We respect our customers and each other and conduct with fairness and integrity.

Our Values

We honor what we do, value friendship and family, celebrate success and have fun

Friday, April 8, 2016

Google Apps for your small business

I've been using Google Apps for my company, and it's really helped my team work more quickly and efficiently. I think that you'd also benefit from trying it out for your business.

Google Apps is a cloud-based productivity suite that includes Gmail for professional email, Drive for online storage, Hangouts for video meetings, Calendar for scheduling and Docs for editing files. 

I especially like how easy it is to get things done and work with others from anywhere, using any device that I choose. I've also found Apps to be highly cost effective.

Google Apps helps teams communicate, collaborate and get things done from anywhere and on any device. It's simple to set up, use and manage, so your business can focus on what really matters.

Millions of organisations around the world count on Google Apps for professional email, file storage, video meetings, online calendars, document editing and more.

These are some highlights:
Business email for your domain:

Looking professional matters, and that means communicating as you@yourcompany.com. Gmail’s simple, powerful features help you build your brand while getting more done.

Access from any location or device:
Check emails, share files, edit documents, hold video meetings and more, whether you’re at work, at home or in transit. You can pick up where you left off from a computer, tablet or phone.

Enterprise-level management tools:
Robust admin settings give you total command over users, devices, security and more. Your data always belongs to you, and it goes with you, if you switch solutions.

Friday, April 1, 2016

Windows 10 Change your Default Browser

Change Your Default Browser
If you upgraded to Windows 10 from Windows 7 or 8, you'll notice that Microsoft Edge is now your default browser, even if Chrome or Firefox was your default before. Edge Browser is a bit faster than Chrome or Firefox, but doesn't provide the level of extensibility that its competitors offer. If you are a Chrome or Firefox user, you'll want to change your default right away.
1. Navigate to settings.

2. Click System.



  
3. Select Default apps from the left pane.
                    
4. Click the Microsoft Edge icon under the "Web browser" header.
 

5. Select the browser you want as your new default (ex: Chrome).

Windows 10 how to Disable User Account Control

Isn't it annoying every time you try to remove or install something windows ask for your account username and password or at least you have to press yes now you get say goodbye to User account control pop up. Here is how to Disable User Account Control










Windows wants to wag a finger at you every time you try to install a program or change a vital setting by popping up a dialog box and making you click Ok to continue. Why warn  you if you already know what you're doing? Good question. Disable User Account control to stop the needless, annoying dialog boxes.
1. Search for "user account control" in the search box.
2. Open "Change User Account Control settings."
3. Slide the slider down to "Never notify" and click Ok.
4. Click Yes when prompted.

Windows 10 how to Enable System Protection / Create a Restore Point

Enable System Protection / Create a Restore Point
What happens if you install a bad piece of software or a defective driver and your computer starts acting strangely or you can't even boot. You'll want to revert Windows 10 to the previous system restore point, which will turn back the clock on your drivers, programs and settings to a time when the system worked perfectly. However, Windows 10 comes with system protection disabled. If you want to protect yourself -- and you should -- set up restore points following the instructions below.
1. Search for "restore point" in the Windows search box.


2. Launch "Create a restore point" from the results. You should see a list of available drives.
3. Select the system drive and click Configure. The system drive is usually the C: drive and has the word "(System)" written after its volume name.
4. Toggle Restore Settings to "Turn on system protection," set the maximum disk space usage by moving the slider and click Ok. We recommend leaving 2 or 3 percent for restore pints but you may be able to get away with the lowest (1 percent).
5. Click Create so that you create an initial restore point right away.
6. Name the initial restore point when prompted.
 7. Click Close when it is done.
If you need to restore from one of these points, you can click the System Restore button on the System Protection tab. If you can't boot, you can hit F8 or Shift + F8 during boot to get to the emergency menu on some computers. On other PCs, if you can at least get to the log in screen, you can hold down Shift while you select Restart.


Tuesday, October 6, 2015

Flash card for MCSA windows server 2012 exam 70-417

Upgrading Your Skills to MCSA Windows Server 2012

*In what situation would you use AD LDS

A DMZ

*What is an authentication setting that permits unrestricted access by any users in the specific forest to all available shared resources that are located in any of the domains in the local forest


Forest-wide authentication

*To control access on file shares in Server1 based on the Division attribute and Division resource property, what actions in order should you perform?


From AD Admin Center, create a claim type
From Ad Admin Center, create a reference resource property
On the shared folders set a classification value

OCSetup (Vista and Server2008) can perform what operations?

MSI files that are passed to the Windows Installer Service (MSIExec.exe)
Component-Based Servicing (CBS) components that are passed to the Package Manager
CBS or MSI packages that have an associated custom installer .exe file

*To retrieve IP config on a different server can you are logged in to


winrs -r:server2 ipconfig

*After joining a new server to a domain, to ensure you can manage it from a different management console

run the enable-netfirewallrule cmdlet

*On Server2, install software to manage Server2 on Server1

Run the Configure-SMRemoting.ps1 script
Run the Set-ExecutionPolicy cmdlet

*Server 1 is Windows 2012, Server 2 is Windows 2008R2SP1, ensure you can manage Server 2 from Server 1

Install Windows Management Framework 3.0 on Server 2
Install .Net Framework 4 on Server 2

Ensure that Win7 and Win8 users can use Previous Versions to restore files in Share1 on Windows Server 2012 Server1

Use the Shadow Copies settings

*Server1 is connected to 2 Fibre Channel SANs with Host Bus Adapter 1, to connect VM1 to SAN1, what should you do first


Create a virtual Fibre Channel SAN

*To create four external virtual switches in Hyper V, what cmdlet should you run first

Add-VMNetworkAdapter

*To add GUI to a Windows Server 2012 Core Installation

Add-WindowsFeature cmdlet

*What disk solution provides fault tolerance and provides the maximum amount of usable storage space

A parity space

*Uninstall the GUI from a full installation of Windows Server 2012


From Server Manager, uninstall the User Interfaces and Infrastructure feature

Server 1 is in a workgroup, to add it to a domain

run the djoin.exe command

To promote a Windows Server 2008 to a domain controller using IFM (install from media), the first step is

Upgrade the existing domain controller to Windows Server 2012

What tool should you use to promote a windows server 2012 machine to domain controller

Server manager

*What cannot be performed by using the AD installation Wizard?

Install the AD CS role
Transfer the schema master

To identify which domain controller in a forest should be online to promote another domain controller, what role should you look for

Domain naming master

What is SR-IOV - Single Root I/O Virtualization?

A new feature that allows you to assign a network adapter directly to a virtual machine to maximize network throughput while minimizing network latency as well as CPU overhead

*To prevent a VM from synchronizing its clock to it's host server, what should you configure

Integration Services, Time Management

To ensure the state of VMs are saved before doing a host server backup, what should you configure?

Integration Services, Backup

To run IPAM from Server2 if it is installed on Server1?

On Server2, add Server1 to Server Manager

*IPAM is installed on Server1, DC1 has the firewall configured for inbound IPAM ports, to ensure you can use IPAM on Server1 to manage DNS on DC1

Add Server1 to the Event Log Readers Group

To change the provisioning type after installation

Reinstall the IPAM Server feature

What type of server must you use as a certificate revocation list distribution server?

Web Server

Where should you first enable replication for a Hyper V VM? On the server that will consume replication or the server that will send replication?

The consumer, modify Replication Configuration Settings under Hyper V settings, run Enable Replication wizard

*To use Microsoft Online Backup via Windows Server backup, what do you do first?

From Windows Server Backup, run Register Server Wizard

What tools do you use to configure Cluster1 to be a replica Server for Server3 and Server3 to be a replica server for Cluster1?

The HyperV manager console on Server3 and the Failover Cluster Manager on Cluster1

If a server continuously restarts after a driver installation, what do you need to start Windows 2012 in the least amount of time to minimize the amount of data loss?

Last Known Good Configuration (advanced)

*To ensure users can access previous version of files that are shared on Server1 by using the Previous Versions tab, what tool should you use?

VSSAdmin (Shadow Copy)

PWhen moving VMs to a server with a different processor manufacturer, how should you move them to minimize downtime?

Export the virtual machines from Server1 and Import them to Server2

What do you use to provide failover clustering for Application Data?

The Scale-Out File Server lets you store application data such as Hyper V VM files, on fileshares. Use the High Availability Wizard

Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 hosts an application named App1. You need to ensure that Server2 handles all of the client requests to the cluster for App1, and if Server2 fails, Server1 becomes the active node for App1

The preferred owner in a 2 server cluster will always be the active node unless it is down

Server1 and Server2 have NLB on Cluster1 which hosts WebApp1, to ensure session state is maintained during failover, what should be configured

Affinity - Single

Ensure performance log data older than 30 days is deleted automatically for a Data Collector Set

Use the Data Manager Settings of the Data Collector Set Properties, Folder Action, delete data files

*To ensure Server1 downloads express installation files from the MS Update Servers, what do you do from the Update Services console?

Update Files and Languages, Update Files Settings

To configure the amount of AD data replicated between DC1 and other domain controllers and the current values of several registry settings, configure what in the data set collector?

System configuration information and a performance counter

To move the AD database to a new volume, which NTDSUTIL.exe context do you use?

Files

*From NTDSUTIL, ensure you can access the contents of a mounted snapshot

from a command prompt run DSAMAIN.exe -dbpath c:\$snap_XXXX\ntds\ntds.dlt ldapport 33389

To promote a Read Only Domain Controler by using a text file with settings, what tool do you use?

DCPROMO command (this is deprecated but used for unattended installations using unattended files)

You have a password settings object named PSO1, to view the settings

Get-ADFineGrainedPasswordPolicy

*To clone a DC using a DCCloneConfig.xml file, where do you place the file?

%systemroot%\NTDS

*Recover Default Domain Policy and Default Domain Conteollers Policy GPOs

dcgpofix.exe /target:both

Configuring your server with as a NAP health policy server for VPN enforcement using the Configure NAP wizard, what should you install before running the wizard

Computer Certificate

To ensure noncompliant computers on subnets receive different network policies and DHCP scopes what 2 settings do you configure

NAP-Capable Computers conditions
MS-Service Class conditions in the Scope VDI properties

Ensure home users who have desktop computer can access the network by using DirectAccess

Use the WMI filter for Direct Access Client Settings GPO

*To ensure name resolution of 2 domains

Create a secondary zone

What settings in the GPO do you use to ensure users can user DirectAccess to access resources?

Name Resolution Policy

*Configure GPO1 to apply settings to Group 1 only

Set-GPPermission

*Prevent GPOs at the site level from being applied to users in one OU

Set-GPInheritance

*Change the Precedence Order of the GPOs

Set-GPLink

Use tombstone reanimation to restore a user account if there is a Windows 2003 DC

Use LDP

Ensure a 3rd party app is compatible with DC cloning

In Windows NTDS create an XML file CustomDCCloneAllowList.xml

deploy NAP by using IPsec, ensure client computer can discover HRA server automatically

On DC1, create a service location record(SRV)
In a GPO. modify the request policy setting for the NAP Client Config
On all client computers, configure the Enable Discovery registry key

Only computers that send a statement of health are checked for NAP health requirements, what do you configure

NAP-Capable computers conditions
Health Policies conditions
(in 123 Compliant Properties)

*On Server1 you create a standard primary zone, ensure Server2 can host a secondary zone

Add Server2 as a name server (Zone Transfers)

Configure DCS to automatically run a program when the amount of total free disk space drops below 10% and log the current values of several registry settings

Configure Event Trace Data and a Performance Counter in the Data Collector Properties

*Ensure updates to an image are installed that do not require restart

/PreventPending

*User is a member of IPAM Users group on Server1, ensure he can manage DHCP scopes on Server2, minimize permissions

DHCP Administrators on Server2

Failover DHCP

Hot standby mode failover partners

*Ensure users are issued a cert that can be used for email security, client authentication, and efs

Duplicate the User cert template, then publish
From a Group Policy, configure the Certificate Services Client - Auto-Enrollment settings

*To ensure admins can local iSCSI resources on the network by using a central repository

Use the iSNS Server service feature
iSNS Server is a repository of currently active iSCSI nodes, as well as their associated portals, entities, etc.

To ensure you can configure an online backup from Windows Server Backup

From Windows Server Backup, run Register Server Wizard

*Replicate VMs between Server1 and Server2 with SSL. You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted. What two intended purposes should the certificate for Server1 contain?

Server Authentication
Client Authentication

*Replicate VMs between Server1 and Server2 with SSL. All cervers are enrolled automatically for a certificate based on the Computer certificate template. You need to encrypt the replication of VM1. Which two actions should you perform?

On Server1, modify the settings of VM1, On Server2, modify the HyperV settings

*The domain contains a file server named Server1 that runs WS2012, you create a user account named User1 in the domain, to ensure User1 can use Windows Server backup to back up Server 1 and minimize the number ad administrative rights assigned to User1

Assign User1 the Back up files and directories user right

*You have a datacenter containing 6 HyperV servers running Windows Server 2012. VM1 is in Cluster1 on hosts 4&5 (Intel&CSV). Move, minimizing downtime

Host3 (Intel, iSCSI) using Storage Migration

*Server1 & Server2 have Failover Clustering and are configured as noted in a failover cluster named Cluster1, to add 2 additional nodes and ensure that Cluster1 stops running if 3 nodes fail

Configure the Cluster Quorum settings

*Server1 & Server2 have Failover Clustering and are configured as noted in a failover cluster named Cluster1. Folder1 on Server1 hosts application data and is a folder target in a DFS namespace. Provide Highly Available access to Folder1 and support DFS Replication to Folder 1. Configure?

A file server for general use

*Server1 & Server2 have Failover Clustering and are configured as noted in a failover cluster named Cluster1. You need to configure File Services and DHCP as clustered resources and ensure that if 2 consecutive heartbeat messages are missed for Server1 and Server2, Server2 will begin responding to DHCP requests. The solution must ensure that Server1 remains the active node for the File Services for up to 5 missed heartbeat messages.

Configure the failover settings

Connect a new print device to the network and provide users from 2 departments the ability to print, with documents from sales printing before documents from marketing

Add 2 printers, modify the priorities of each printer and the security setttings of each printer

The domain contains DC5 which has a Server Core Installation of Windows Server 2012, uninstall Active Directory from DC5 manually

Use the dcpromo cmdlet (phased out but can be used for forceremoval functions)

Determine which servers were rebooted during the last 2 days

Run-Get-ADComputer and specify the lastLogon property

*Move Intel Processor VM1 to another HyperV host, minimize downtime

Host3 (Intel) by using a storage migration

To identify which SRV (service location records) are registered by a Windows 2012 DC

Open the %windir%\system32\config\netlogon.dns file

VM1 has a legacy network adapter, assign a specific amount of available network bandwidth to VM1

Remove the legacy network adapter and add a network adapter.

You have 2 disks, Disk 0 with a boot volume, Disk 1 with a new volume. Ensure you can configure a pass-through disk for the virtual machine

Take Disk 1 offline

You have 5 disks and need to create a volume to store 3TB of data, ensure the data is availble if one of the disks in the volume fails

Create a Storage Pool (configured to mirror 2 disks)

Core 1 has two network adapters from different hardware vendors. To configure network traffic fail over to prevent connectivity loss if a network adapter fails

Use New-NetSwitchTeam

Server1 runs Windows Server 2012. It has 5 network adapters, three of which are connected to LAN1, two are connected to LAN2. What tool should you use to create a NETWORK ADAPTER TEAM from three network adapters connected to LAN1

Server Manager

*Server1 hosts 4 VMs (VM1,VM2,VM3,VM4) and it has 8 quad core CPUs with NUMA. You need to ensure that VM1 can use more CPU time than the other VMs when the other VMs are under a heavy load. What should you configure?

Resource Control (Settings, Processor)

Server1 hosts 4 VMs (VM1,VM2,VM3,VM4) and it has 8 quad core CPUs with NUMA. You install a network monitoring applicaiton on VM2. You need to ensure that all of the traffic sent to VM3 can be captured on VM2. What should you configure?

Port mirroring (Settings, Network Adapter, Advanced Features)

Server1 hosts 4 VMs (VM1,VM2,VM3,VM4) and it has 8 quad core CPUs with NUMA. You need to configure VM4 to track the CPU, memory, and network usage. What should you configure?

Resource metering

To allow the help desk to reset user passwords and unlock user accounts, which tool should you use?

The Delegation of Control Wizard

To create various user objects by using Windows PowerShell

Invoke the Create method of OU
$ou.Create("user", "CN=$lastName $firstName")

You discover the IT technician has miss spelled the Office property as Londn instead of London. Which tool should you use to correct the change to all of the OUs at once?

Use Dsquery and Dsmod

What command can be used to delete user accounts?

LDIFDE

What are 3 ways to unlock User Accounts?

Command Line, Windows PowerShell, VB Script

"Your account is configure to prevent you from using the computer. Please try another computer." What should do to enable the user to log on to this computer?

In the User's Account properties, click the Log On To button and choose All computers or The following computers

T/F - All printers in a pool must use the same driver

True - Printer Pool requires identical hardware and drivers

A global catalog server is available to directory clients when DNS servers can locate it as a global catalog server. In what order is this configured?

The global catalog receives replication of read only replicas to the required occupancy level.
The Net Logon Service on the DC has updated DNS with global-catalog-specific service (SRV) resource records.
The isGlobalCatalogReady rootDSE attribute is set to TRUE.

An authentication settings that permits unrestricted access by any users in the specified forest to all available shared resources that are located in any of the domains in the local forest.

Forest-wide authentication

What Service Manager feature is used for Storage Management, Replication, and Searching

File Services

How do you identify the memory a virtual machine consumes when Dynamic Memory is not enabled in Hyper V?

View the amount of RAM listed under Startup in the Memory page of the VM

what type of DNS record maps a domain name to an IP address?

An A record

When a printer is assigned to a network, what are the default printer permissions assigned?

Print, to Everyone

What tool do you use to create installation media for additional domain controllers?

NTDSUtil

What can you use at the command line to activate a Windows 2008 Server?

Cscript c:\windows\system32\slmgr.vbs ato

To move all computer accounts to be placed in an OU, what command do you use?

Redircmp

To install Windows Server 2012 choosing the Service Core Installation Option, remotely, what tool would you use?

Server Manager, Add Roles and Features Wizard

Server01 is running Server Core and the AD DS role. To add AD CS to the server what do you do?

Install the AD CS role (supported in the Core in 2012)

What groups have permission to shut down a domain controller?

Backup Operators
Print Operators
Server Operators
Administrators

What feature can augment an organization's security strategy by protecting information through persistent usage polices, which remain with the information?

AD RMS (Rights Management Services)

What features are missing when the Minimal Server Interface is installed?

IE 10, Windows Explorer, the Desktop, and Start Screen are not installed

What is a manually created trust that shortens the trust path to improve the speed at which authentications, which occur between domain trees, are processed.

Shortcut trust

What can you use to reduce the number of duplicate blocks of data in storage?

Data Deduplication role service

What Server Manager Feature is used for the management of Public Key Infrastructure?

Active Directory Certificate Services

What features are available in Windows Server 2012 when it is installed using the GUI option but without the desktop experience feature installed?

Metro Style Start Screen, Built in help system

What service uses the Network Time Protocol (NTP) to synchonize computer clocks on the network?

Windows Time service (W32time)

What type of trust allows resources in your domain to be accessed more quickly by users in another domain in your forest?

one-way, outgoing, shortcut

What Windows Server 2012 feature could you use to save time when creating GPOs with similar settings?

Starter GPO

What are features of RODC?

Filtered Attribute Sets
Unidirectional Replication
Read Only DNS

What type of virtual network is isolated from all external network traffic on the virtualization server, as well as any network traffic between the management operating system and external network?

Private virtual network

What type of trust is used when user need access to resource that are located in an NT 4.0 domain or in an AD DS forest that is not joined by a forest trust?

External trust

What is OCSetup used for?

MSI files that are passed to the Windows Installer Service
Component-Based Servicing (CBS) components that are passed the Package Manager
CBS or MSI packages that have an associated custom installer .exe file

You have DCs that run either Windows Server 2008, 2008 R2, or Windows Server 2012. You have a Password Settings Object named PSO1. What can you use to view the settings?

AD Administrator Center or Get-ADFineGrainedPasswordPolicy

*What upgrade path do you choose to minimize hardware purchases and upgrade the existing OS if possible for the following server?
Server1 - x86 - 32bit Windows Server 2008 SP2 - Full Installation

Clean installation on new hardware

*What upgrade path do you choose to minimize hardware purchases and upgrade the existing OS if possible for the following server?
Server2 - x86 - 32bit Windows Server 2008 SP2 - Server Cire

Clean installation on new hardware

*What upgrade path do you choose to minimize hardware purchases and upgrade the existing OS if possible for the following server?
Server3 - x64 - 64bit Windows Server 2008 R2 - Full Installation

Upgrade on existing hardware

What are the minimum hardware requirements for Windows Server 2012

1.4 GHz 64-bit processor
512 RAM
32GB Disk space

What groups must you be a member of to access the IPAM server remotely using Server Manager?

WinRMRemoteWMIUsers in addition to being a member of the appropriate IPAM security group or local Administrators group

*What node in the AD FS console should you select to identify the location of the federation metadata file?

AD FS>Service>Endpoints

To configure Server1 as an AD FS server, what type of certificate template should you identify to request a certificate?

Web Server

*To modify NTFS permissions for folder in file servers by using central access policies, and identify users who will be denied access when new permissions set, in what order should you perform the 5 actions?

1. Create a central access rule
2. Create a central access policy
3. Modify the Security settings of the shared folders
4. In GPO1, modify the Audit Central Access Policy Staging setting and configure the Central Access Policy Settings
5. Search for failure events in the security logs from the file servers

You have storage provisioned on Server2, to configure the storage so that it appears in Windows Explorer as a drive letter on Server1, what actions should you perform in sequence?

1. On Server2, add an iSCSI initiator id to target1.
2. On Server1, configure the iSCSI initiator to connect to target1.
3. On Server1, create a new volume from Server Manager.

You are implementing a central location where system events from all servers in the domain will be collected, but discover that no events are being collected and receive and error that the data area passed to a system call is too small. What do you change

Events to collect, click on Select Events

You plan to configure Network Policy Server (NPS) on Server1 to use certificate-based authentication for VPN connections, to ensure that NPS can performan certificate-based authentication, to which store should you import the certificate

Certificates(Local Computer)
Personal

You implement DirectAccess and an IKEv2 VPN. Where do you view it's connection properties

Workplace Connection _

You implement DirectAccess. Where do you view it's connection properties?

Workplace Connection []

*You have several PowerShell scripts that execute when computers start, but need to reduce the time they take without preventing that scripts complete. What setting should you configure?

Run startup scripts asynchronously

*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for Folder 1 with no encryption or compression

Microsoft Online Backup

*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for Folder 2 with encryption and no compression

Microsoft Online Backup

*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for Folder 3 with no encryption and using compression

Microsoft Online Backup

*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for System State

Windows Server Backup

You have a file server named Server1 that runs Windows Server 2012 and a folder named Folder1 shared as Share1. The everyone group has Full Control share permission to Folder1. You configure a central access policy. members of the IT group report they cannot modify the files in Folder1. To use central access policies to control the permissions what 2 actions should you perform?

On the Classification tab of Folder1, set classification to Information Technology
On the Security tab of Folder1, assign the Modify permission to the Authenticated Users group

Your network contains three AD forests. Each forest contains and AD Rights Management Services (ADRMS) root cluster. All of the users in all of the forest must be able to access protected content from any of the forest. What are the minimum number of ADRMS trusts required?

6

To move the AD Database to a new volume, what NTDSUtil context should you use?

Files

Your account is configured to prevent you from using the computer. Please try another computer.

Log On To on the Account tab of the user account

Locate iSCSI resource on the network by using a central repository

Deploy the iSNS Server Service feature

Connect 3 hard disks to Server 1, provide fault tolerance; maximize the amount of usable storage space

Create a parity space

Remove AD from a DC with a Server Core installation of Windows Server 2012

DCPromo.exe using the force removal function. If the Uninstall-ADDSDomainController option was available that would be the correct answer

IT group cannot modify files in Folder1

Classification Tab, set to Information Technology
Security Tab, assign the Modify permission to Authenticated Users

Configure DCS1, a custom data collector set to meet the following requirements:
Automatically run a program when the amount of total free disk space drops below 10%
Log the current values of several registry settings

System configuration information
A Performance Counter Alert

2 departments need the ability of print from a network print device. Documents from sales need to print before marketing

Add 2 printers, Modify the priorities of each printer and the security settings of each printer.

Ensure that User1 can user IPAM to modify the DHCP scopes on Server2, what group should be enabled for User1?

DHCP Administrators on Server 2

Give the help desk access to reset passwords and unlock accounts

User the Delegation Control Wizard

Install a DC with the following roles:
Schema master
Global catalog server
DNS Server role
Active Director Certificate Services server role
Which configurations cannot be completed by the AD Installation Wizard?

Install the AD Certificate Services role
Transfer the schema master

What connectiopn properties do you use to Implement DirectAccess

Workplace Connection (CPU graphic)

What Server manager feature is used for the management of Public Key Infrastructure

Active Directory Certificate Services

To deploy NAP by using IPSec, ensure client computers can discover HRA servers automatically

On DC1, create a service location (SRV) record
In a CPO, modifiy the Request Policy setinf for the NAP Client Configuration
On all of the client computers, configure the EnableDiscover registry key

VM1 is on Server1 and replicates to Server1. To encrypt the replication

On Server1, modify the settings of VM1
On Server2, modify the Hyper-V Settings

After setting up several AD users for different OU's, you discover that the IT Technician misspelled the Office property as Londn instead of London, what tool should you use to correct the changes to all OUs at once?

Dsquery and Dsmod

How do you configure two network adapters from different hardware vendors to failover if one adapter fails

New-NetSwitchTeam

In Hyper V, Server 1 has a legacy network adapter. You need to assign a specific amount of bandwidth to the adapter. What should you do first?

Remove the legacy network adapter, add a network adapter

On Server1, you configure a custom Data Collector Set named DCS1. DCS1 is configure to store performance log data in C:\Logs. To ensure the contents of C:\Logs are deleted automatically when the folder reaches 100MB, what should you configure?

The Data Manager settings of DCS1

Server1: Windows Server 2012, Server2: Windows Server 2008 R2 - to ensure you can manage Server2 from Server1 by using Server Manager

Install Windows Management Framework 3.0 on Server2
Install Microsoft .NET Framework 4 on Server2

Why you should you audit failed events?

To monitor for malicious attempts to access a resource which has been denied.

Server1 hosts 4 VMs, to configure VM4 to track CPU, memory, and network usage, what should you configure?

Resource metering

Promote Read Only Domain Controller RODC1 by using File1.txt

User dcpromo, which is deprecated, but used for unattended installations

Server 1 hosts 4 VMs. You need to ensure VM1 can use more CPU time than the other virutal machines when the CPUs on Server1 are under a heavy load

Use Resource control

Ensure that users can use Previous Version to restore files in Share1

Use Shadow Copies settings

To Ensure you use Windows Server Backup to back up data to Microsoft Online Backup

From Windows Server Backup, run the Register Server Wizard

What service do you use to reduce the number of duplicate blocks of data in storage

Data Deduplication Role Service

Configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster 1.

Hyper-V Manager console connected to Server3
Failover Cluster Manager console connected to Cluster1

Control access to the file shares on Server1 based on the values in the Division attribute automatically populated as part of the user provisioning process

from Active Directory Administrative Center, create a claim type
from Active Directory Administrative Center, create a reference resource property
On the shared folders, set the classification value

Server1 runs Windows Server 2012; Server 2 runs a Server core installation of Windows Server 2012. You joined Server 2 to the domain. Ensure you can manage Server2 by using the Computer Management console on Server1

Run the Enable-NetFirewallRule cmdlet

To active Windows Server on Windows Server 2008, what command line tools can be used?

cscript C:\windows\system32\slmgr.vbs ato

Server1 hosts an AD integrated zone for contoso.com; Server2 hosts an AD integrated zone for fabrikam. Both are in the same forest and are connect over a WAN link. Configure Server1 to support the resolution of names in fabrikam.com if the WAN link fails

Create a secondary zone

Change the precedence order of GPOs

Set-GPLink

recover Default Domain Policy and Default Domain Controllers Policy GPOs

dcgpofix.exe /target:both

Create various user objects using PowerShell

Invoke the Create method of OU

Ensure that NPS can perform certificate based authentication. What store should you import the certificate?

Certificates(Local Computer)
Personal

Move the Active Directory Logs, which NTDSutil context should you use?

Files

Ensure you can access the contents of the mounted snapshot

From a command prompt, run dsamain.exe -dbpath
c:\$snap_201204131056_volumeC$\windows\ntds\ntds.dit ldapport 33389

You configure a custom Data Collector Set (DCS) named DCS1, ensure the performance log data older than 30 days is deleted automatically

Configure the Data Manager settings of DCS1

To ensure high availability of DHCP what mode results in an Active-Passive configuration?

Hot Standby Mode failover partners

What type of DNS record maps a domain name to an IP address?

A

What Windows Server 2012 feature could you use to save time when creating GPO's with similar settings

Starter GPO

Reduce the amount of time it takes for client computers to start, but allow scripts to complete successfully, configure what Group Policy

Run startup scripts asynchronously

Prevent VM3 from synchronizing its clock to Server1

Configure Integration Services

Use tombbstone reanimation to restore an account, what tool should you use?

LDP

Identify which Service Location (SRV) records are registered by DC3

Open the %windir%\system32\config\netlogon.dns file

Authentication setting that permits unrestricted access by any users in the specified forest to all available shared resource that are located in any of the domains in the local forest

Forest-wide authentication

To configure Server1 as an ADFS server, what type of certificate template do you need to request?

Web Server

You have 3 forests and need all users in all forest to access all content. How many AD RMS trusts are required?

6

What too should you use to create a network adapter team?

Server Manager

Log onto Server1 and retrieve IP Configurations of Server2

winrs -r:server2 ipconfig

Manage Server2 from Server1 using Server Manager

Run the Configure-SMRemoting.ps1 script
Run the Set-ExecutionPolicy cmdlet

Group HBA ports together to configure a VM to connect to a SAN

Create a Virutal Fibre Channel SAN

Server1 is a virtualization host, after installing Hyper-V, create 4 external virtual switches

Add-VMNetworkAdapter

Add a GUI to a Server Core installation of Windows Server 2012

Add-WindowsFeature cmdlet

Uninstall the GUi from a full installation of Windows Server 2012, with minimum amount of administrative effort

From Server Manager, uninstall the User Interfaces and Infrastructure feature

Perform an offline domain join of Server1 to your domain

Run the djoin.exe command

You have 5 disks and need to create a volume to store up to 3TB of files, the solution must ensure that the user files are available if one of the disks in the volume fails

storage pool on disk 2 and disk 3

Ensure the network traffic of VM2 bypasses the virtual switches of the parent partition

Single-root I/O virtualization

Request a certificate on Server1 to ensure that the virtual machine replication is encrypted. What 2 purposes should the certificate for Server1 contain>

Server Authentication and Client Authentication

To place all new computer accounts in the General OU, what command do you use?

Redircmp

What feature is not installed in Minimal Server Interface?

Windows Explorer

In Hyper-V, where you would view the RAM when Dynamic Memory is not enabled?

Startup in the Memory page of the VM

Prevent user from connecting to the domain via Direct Access

Configure Name Resolution Policy in the GPO

Server2 hosts VM1, ensure that you can start VM1 on Server1 if Server2 fails

From HyperV in Server1, modify the Replication Configuration settings and enable replication for VM1

Ensure Server2 can host a secondary zone for contoso.com

Add Server2 as a name server - allow zone transfers

Ensure users in the domain are issued a certificate that can be used for Email Security, Client Authentication, and Encrypting File System

Duplicate the User certificate template and publish
From a group policy, configure the Certificate Services Client - Auto-Enrollment settings

What type of server must you use as the certificate revocation list distribution point

Web Server

Ensure that when users connect to WebApp1, their session state is maintained

Affinity-Single

Server1 hosts 4 VMs, ensure VM1 can user more CPU that other VMs when the CPUs on Server1 are under a heavy load

Resource Control

Server1 and Server2 have different processor manufacturers. Move VMs from Server1 to Server2

Export the VMs from Server1 and import to Server2

To manually configure a windows 2012 server as a domain controller what tool should you use?

Server Manager

Server1 and Server2 have Failover Clustering, if Server2 fails, Server 1 should be come the active node for App1. What should you configure?

The preferred owner - the preferred owner in a 2 server cluster will always be the active node unless it is down.

Server1 hosts 4 VMs. Configure CM4 to track the CPU, memory, and network usage

Resource metering

To modify the NTFS permissions for many folders on file servers using central access policies, in what order should you perform the 5 actions

Create a central access rule
Create a central access policy
Modify the Security settings of the shared folders on the file servers
In GPO1, modify the Audit Central Access Policy Staging setting and configure the Central Access Policy settings
Search for failure events in the security logs from the file servers

What type of virtual network is isolated from all external network traffic on the VM as well as any network traffic between the management operating system and external network

Private

What type of file server should you use for a DFS namespace

File server for general use

Perform an offline domain join of a Windows Server 2012 Server

djoin.exe

Configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster1

The Hyper-V Manager console connected to Server3
The failover cluster manager console connected to Cluster1

How can you unlock a user account?

Command Line, PowerShell, VBScript

You create a custom Data Collector Set named DCS1. Configure it to automatically run a program when the amount of total free disk space on Server1 drops below 10% and log the current values of several registry settings

System Configuration information
A performance counter alert

Remove SD from a Windows Server 2012 Server Core installation

dcpromo.exe - force removal

OCSetup can be used to...

add system components to an online Windows image - msi files, cbs components, or packages with an exe

Ensure you can configure a pass-through disk for a VM

Take the disk offline

To manage Server2 from Server1, what tasks should you perform on Server2?

Ryn the Configure-CMRemoting.ps1 script
Run the Set-ExecutionPolicy cmdlet

To install, configure, or uninstall server roles on a Service Core installation machine remotely, what do you use?

Server Manager

Server1 and Server2 have failover clustering installed and are configured as noted in s a failover cluster named Cluster1. You add additional modes to Cluster1. You need to ensure that Cluster1 stops running if three nodes fail. What should you configure?

The cluster quorum settings

You have a 4 VM server and need to ensure all traffic sent to VM3 can be captured on VM2

port mirroring

Your network contains two subnets. You need to ensure that noncompliant computers on Subnet1 receive different network policies than noncompliant computers on Subnet2

NAP-Capable Computers conditions
MS-Service Class conditions

What command can you run to determine which servers were restarted in the last 2 days

Get-ADComputer and specify the lastLogon property

You have a GPO named GPO1 that is linked to the domian, you need to configure GPO1 to apply settings to Group1 only

Set-GPPermission

Where do you place DCCloneConfig.xml?

%systemroot%\NTDS

What are features of RODC?

Filtered Attribute Sets
Unidirectional Replication
Read-only DNS

What is the prerequisite before running the configure NAP wizard?


a computer certificate

Configure storage so that it appears in Windows Explorer as a drive letter on Server1

On Server2, add an iSCSI initiator ID to target1
On Server1, configure the iSCSi initiator to connect to target1
On Server1, create a new volume from Server Manager


To view the settings of a password settings object

AD Administrator Center

Save the state of a VM before a backup starts

Integration Services

Users unable to use Director access from home

WMI filter for the Direct Access Client Settings GPO

Ensure client computers can discover HRA servers automatically

DC1, create SRV
GPO, modify the request policy setting for the NAP Client Config
All client computer, configure the Enable Discovery registry key

What command can be used to delete user accounts

LDIFDE

MCSA Certificate MCSA 2012 upgrade Exam 70-417 new questions

-----------------------------------ExamA: ------------------------------------------------
QUESTION 3
Your network contains an Active Directory forest.
The forest contains two domains named contoso.com and corp.contoso.com.
The forest contains four domain controllers.
The domain controllers are configured as shown in the following table.
wps738C.tmp_thumb
All domain controllers are DNS servers.
In the corp.contoso.com domain, you plan to deploy a new domain controller named DC5.
You need to identify which domain controller must be online to ensure that DC5 can be promoted successfully to a domain controller.
Which domain controller should you identify?
A.    DC1
B.    DC2
C.    DC3
D.    DC4
Answer: D
Explanation: Relative ID (RID) Master: Allocates active and standby RID pools to replica domain controllers in the same domain. (corp.contoso.com) Must be online for newly promoted domain controllers to obtain a local RID pool that is required to advertise or when existing domain controllers have to update their current or standby RID pool allocation.  The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID (SID) to the object.




Correct Answer D
QUESTION 48 (17 another file )
Drag and Drop Question
You have a server named Server2 that runs Windows Server 2012 R2.
You need to configure the storage so that it appears in Windows Explorer as a drive letter on Server1.
Which three actions should you perform in sequence? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
wps2CF5.tmp_thumb
Answer:
- On server02, add an iSCSI initiator ID to target1
- On server01, configure the iSCSI initiator to connect to target1
- On server01, create a new volume from Server Manager


------------------------------------------------------Exam B:-------------------------------------------------------
B42 : I don't find any right answer (Security filtering missing ?)

- Create a WSHV
          - Create a Health policy
          Create a network policy

-----------------------------------------Exam C: -------------------------------------------------------
QUESTION 6(106)
Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and chitd.contoso.com and two sites named Site1 and Site2.
The domains and the sites are configured as shown in following table.
wps5CCB.tmp_thumb
When the link between Site1 and Site2 fails, users fail to log on to Site2.
You need to identify what prevents the users in Site2 from logging on to the child.contoso.com domain.
What should you identify?
A.    The placement of the PDC emulator
B.    The placement of the domain naming master
C.    The placement of the global catalog server
D.    The placement of the infrastructure master
Answer C  06 CQ6 not PDC but GC is necessary,would by AD DS fault tolerant if PD were necessary to log on?
In a multidomain forest, when a user logs on to a domain, a global catalog server must be contacted to determine the universal group memberships of the user.
QUESTION C 22:
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. An administrator installs the IP Address Management (IPAM) Server feature on a server named Server2. The administrator configures IPAM by using Group Policy based provisioning and starts server discovery.
You plan to create Group Policies for IPAM provisioning.
You need to identify which Group Policy object (GPO) name prefix must be used for IPAM Group Policies.
What should you do on Server2?
A.    From Task Scheduler, review the IPAM tasks.
B.    From Server Manager, review the IPAM overview.
C.    Run the Get-IpamConfigurationcmdlet.
D.    Run the ipamgc.exe tool.
Answer: B (but "C" works too)
QUESTION 23 (129)
Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2.
The domain contains an Edge Server named Server 1.
Server1 is configured as a DirectAccess server.
Server1 has the followingsettings:
- Internal DNS name: Server1.contoso.com
- External DNS name: dal.contoso.com
- Internal IPv6 address: 2002:cla8:6a:3333::1
- External IPv4 address: 65.55.37.62
Your company uses split-brain DNS for the contoso.com zone.
You run the Remote Access Setup wizard as shown in the following exhibit. (Click the Exhibit button.)
wpsCE0A.tmp_thumb
You need to ensure that client computers on the Internet can establish DirectAccess connections to Server1.
Which additional name suffix entry should you add from the Remote Access Setup wizard?
A.    A Name Suffix value of server1.contoso.com and a blank DNS Server Address value
B.    A Name Suffix value of dal.contoso.com and a DNS Server Address value of 65.55.37.62
C.    A Name Suffix value of dal.contoso.com and a blank DNS Server Address value
D.    A Name Suffix value of server1.contoso.com and a DNS Server Address value of 65.55.37.62
Answer: C  Explanation: It says “on the internet” & the external DNS name is Dal.
QUESTION (24) 130
Your company deploys a new Active Directory forest named contoso.com.
The first domain controller in the forest runs Windows Server 2012 R2. The forest contains a domain controller named DC10. On DC10; the disk that contains the SYSVOL folder fails.
You replace the failed disk.
You stop the Distributed File System (DFS) Replication service.
You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A.    Ldp
B.    Active Directory Sites and Services
C.    Dfsmgmt.msc
D.    Frsutil
Answer:  C24 : A (Equivalent to ADSIEdit)
QUESTION 38 (148)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Node1 and Node2. Node1 and Node2 run Windows Server 2012 R2. Node1 and Node2 are configured as a two-node failover cluster named Cluster2. The computer accounts for all of the servers reside in an organizational unit (OU) named Servers. A user named User1 is a member of the local Administrators group on Node1 and Node2. User1 creates a new clustered File Server role named File1 by using the File Server for general use option.
A report is generated during the creation of File1 as shown in the exhibit. (Click the Exhibit button.)
wps41.tmp_thumb[2]
File1 fails to start.
You need to ensure that you can start File1.
What should you do?
A.    Recreate the clustered File Server role by using the File Server for scale-out Application data option.
B.    Assign the user account permissions of User1 to the Servers OU.
C.    Log on to the domain by using the built-in Administrator for the domain, and then recreate the clustered
File Server role by using the File Server for general use option.
D.    Increase the value of the ms-DS-MachineAccountQuota attribute of the domain.
E.    Assign the computer account permissions of Cluster2 to the Servers OU.
Answer: B.
-----------------------------------Exam D:  ----------------------------------------------
QUESTION 3 (154)
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1. Server1 runs Windows Server 2012 R2.
You create a group Managed Service Account named gService1.
You need to configure a service named Service1 to run as the gService1 account.
How should you configure Service1?
A.    From a command prompt, run sc.exe and specify the sdset parameter.
B.    From the Services console, configure the General settings.
C.    From Windows PowerShell, run Set-Service and specify the-StartupType parameter.
D.    From the Services console, configure the Log On settings.
Answer: D
QUESTION 23 (49)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 runs Windows Server 2012 R2. 5erver2 runs Windows Server 2008 R2 Service Pack 1 (SP1) and has the DHCP Server server role installed.
You need to manage DHCP on Server2 by using the DHCP console on Server1.
What should you do first?
A.    From the Microsoft Management Console on Server1, add a snap-in.
B.    From Server Manager on Server2, enable Windows Remote Management.
C.    From Windows PowerShell on Server2, run Enable-PSRemoting.
D.    From Server Manager on Server1, install a feature.
OR 
Answer: D not B  (when you install DHCP Server on 2008R2, ports are automaticaly opened : you just have to add role tools on the 2012 Server)

QUESTION 25 (182)
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1. Server1 runs Windows Server 2012 R2.
You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A.    Share and Storage Management
B.    Server Manager
C.    New-VirtualDisk
D.    Computer Management
Answer: D not C
QUESTION (36)195
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 has following hardware configurations:
- 16 GB of RAM
- A single quad-core CPU
- Three network teams that have two network adapters each
You add additional CPUs and RAM to Server1.
You repurpose Server1 as a visualization host.
You install the Hyper-V server role on Server1.
You need to create four external virtual switches in Hyper-V.
Which cmdlet should you run first?
A.    Add-NetLbfoTeamNic
B.    Set-NetAdapter
C.    Remove- NetLbfoTeam
D.    Add-VMNetworkAdapter
Answer: C not D

QUESTION 42 (151)
Drag and Drop Question
You have a server named Server1 that runs Windows Server 2012 R2.
You are asked to test Windows Azure Online Backup to back up Server1.
You need to back up Server1 by using Windows Azure Online Backup.
Which four actions should you perform in sequence? To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
wps946A.tmp_thumb
Answer:
- Signup
- Download Windows Azure
- Run setup Windows Azure wizard
- Run the register


QUESTION 50 (55)
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
You need to ensure that third-party devices can use Workplace Join to access domain resources on the Internet.
Which four actions should you perform in sequence? To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
wpsA68C.tmp_thumb
D50 :
- Install the certificate from trusted third party CA
- Install and configure ADFS role
- Enable Device Registration Service
- Install and configure Web Application Proxy

------------------- EXAM E:----------------------
QUESTION  10(211)
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.
You install the DHCP Server server role on Server1 and Server2.
You install the IP Address Management (IPAM) Server feature on Server1.
You notice that you cannot discover Server1 or Server2 in IPAM.
You need to ensure that you can use IPAM to discover the DHCP infrastructure.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.    On Server2, run the Add-DhcpServerInDc cmdlet
B.    On Server1, uninstall the DHCP Server server role.
C.    On Server1, run the Add-IpamServerInventory cmdlet.
D.    On both Server1 and Server2, run the Add-DhcpServerv4Policy cmdlet.
E.    On Server2, create an IPv4 scope.
Answer:  not AC E10 : A and B (And "E" if three answers was asked)
QUESTION E12 (214)
Your network contains an Active Directory domain named adatum.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server.
The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP scope for each subnet.
You need to ensure that noncompliant computers on Subnet1 receive different network policies than noncompliant computers on Subnet2.
Which two settings should you configure? (Each correct answer presents part of the solution.
Choose two.)
A.    The NAS Port Type constraints
B.    The Health Policies conditions
C.    The Called Station ID constraints
D.    The NAP-Capable Computers conditions
E.    The MS-Service Class conditions
Answer: DE E12 : B and E
Explanation:The MS-Service Class is how you can specify which subnet the computer must be coming from in order to Apply the policy.
E29 :  QUESTION 86
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the IP Address Management (IPAM) Server feature installed. Server2 has the DHCP Server server role installed. A user named User1 is a member of the IPAM Users group on Server1.
You need to ensure that User1 can use IPAM to modify the DHCP scopes on Server2.
The solution must minimize the number of permissions assigned to User1.
To which group should you add User1?
A.    IPAM ASM Administrators on Server1
B.    IPAMUG in Active Directory
C.    DHCP Administrators on Server2
D.    IPAM MSM Administrators on Server1
Answer: D not  C
QUESTION 41 (49)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 runs Windows Server 2012 R2. 5erver2 runs Windows Server 2008 R2 Service Pack 1 (SP1) and has the DHCP Server server role installed.
You need to manage DHCP on Server2 by using the DHCP console on Server1.
What should you do first?
A.    From the Microsoft Management Console on Server1, add a snap-in.
B.    From Server Manager on Server2, enable Windows Remote Management.
C.    From Windows PowerShell on Server2, run Enable-PSRemoting.
D.    From Server Manager on Server1, install a feature.
Answer: not B E41 : D (same that D23)
------------------------------------------Exam F: ------------------------------------
F48 : wpsABEA.tmp_thumb
- File Server Resource Manager (Local)
- Classification Properties

------------------------------ EXAM G   ---------------------------------------
Answer not C : I don't find any right answer (same that B42 : Security filtering missing ?)

QUESTION 11(65)
You have a server named Server1.
You install the IP Address Management (IPAM) Server feature on Server1.
You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege.
Which user role should you assign to User1?
A.    IP Address Record Administrator Role
B.    IPAM Administrator Role
C.    IPAM MSM Administrator Role
D.    IPAM DHCP Scope Administrator Role
Correct Answer B not A
D is right (Winrm ... TrustedHosts on the managing server)

G37 QUESTION (358)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server 1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed.
You create an external virtual switch named Switch1. Switch1 has the following configurations:
- Connection type: External network
- Single-root I/O virtualization (SR-IOV): Enabled
Ten virtual machines connect to Switch1.
You need to ensure that all of the virtual machines that connect to Switch1 are isolated from the external network and can connect to each other only. The solution must minimize network downtime for the virtual machines.
What should you do?
A.    Remove Switch1 and recreate Switch1 as an internal network.
B.    Change the Connection type of Switch1 to Private network.
C.    Change the Connection type of Switch1 to Internal network.
D.   
Remove Switch1 and recreate Switch1 as a private network.
Answer: D not B  G37 : D (cannot change connection type when SR-IOV is enabled on a virtual switch)
G43 : QUESTION 344
Drag and Drop Question
Your network contains an Active Directory domain named adatum.com. The domain contains three servers. The servers are configured as shown in the following table.
wpsA6A0.tmp_thumb
Server1 is configured as shown in the exhibit. (Click the Exhibit button.)
wpsC3E1.tmp_thumb
Template1 contains custom cryptography settings that are required by the corporate security team.
On Server2, an administrator successfully installs a certificate based on Template1.
The administrator reports that Template1 is not listed in the Certificate Enrollment wizard on Server3, even after selecting the Show all templates check box.
You need to ensure that you can install a server authentication certificate on Server3.
The certificate must comply with the cryptography requirements.
Which three actions should you perform in sequence? To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.
wpsE4EA.tmp_thumb
Answer: wpsFB67.tmp_thumb
1/G43 Answer
- Duplicate Template
- Modify Compatibility Settings
- (Optional) Modify Request Handling
- New certificate template to Issue

G47 : QUESTION 349
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 has access to four physical disks. T
he disks are configured as shown in the following table.
wps9BA1.tmp_thumb
You need to ensure that all of the disks can be added to a Cluster Shared Volume (CSV).
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.    Enable BitLocker on Disk4.
B.    Disable BitLocker on Disk1.
C.    Format Disk2 to use NTFS.
D.    Format Disk3 to use NTFS.
Answer: CD
Explanation: You cannot use a disk for a CSV that is formatted with FAT, FAT32, or Resilient File System (ReFS).
C and D if servers are windows 2012 (normally only "C" if Windows 2012R2 : CSV is supporting reFS with 2012R2 : https://technet.microsoft.com/en-us/library/jj612868.aspx )

G49 : QUESTION 333
You have a laptop named Computer 1. Computer1 runs Windows 8 Enterprise.
Computer1 has a wired network adapter and a wireless network adapter.
Computer1 connects to a wireless network named Network1.
For testing purposes, you install Windows Server 2012 R2 on Computer1 as a second operating system.
You install the drivers for the wireless network adapter.
You need to ensure that you can connect to Network1 from Windows Server 2012 R2.
What should you do?
A.    From a local Group Policy object (GPO), configure the Wireless Network (IEEE 802.11) Policies settings.
B.    From Server Manager, install the Wireless LAN Service feature.
C.    Restart the WLAN AutoConfig service.
D.    From a local Group Policy object (GPO), configure the settings of Windows Connection Manager.
Answer: B not D

------------------------------------------------- H ----------------------------------------------

H03 : QUESTION 337
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is an enterprise root certification authority (CA) for contoso.com.
Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA. Your account is a member of the local Administrators group on Server1.
You enable CA role separation on Server1.
You need to ensure that you can manage the certificates on the CA.
What should you do?
A.    Remove your user account from the local Administrators group.
B.    Assign the CA administrator role to your user account.
C.    Assign your user account the Bypass traverse checking user right.
D.    Remove your user account from the Manage auditing and security log user right.
Answer: A not D A (cause Local Administrators, Enterprise Admins, and Domain Admins are CA Administrators by default, that mean they have the CA manager Role : to manage certificates, it need to be removed from local Administrators group)
H06  QUESTION 281
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed.
Server1 is configured to delete automatically the DNS records of client computers that are no longer on the network. A technician confirms that the DNS records are deleted automatically from the contoso.com zone.
You discover that the contoso.com zone has many DNS records for servers that were on the network in the past, but have not connected to the network for a long time.
You need to set the time stamp for all of the DNS records in the contoso.com zone.
What should you do?
A.    From DNS Manager, modify the Advanced settings from the properties of Server1
B.    From Windows PowerShell, run the Set-DnsServerResourceRecordAging cmdlet
C.    From DNS Manager, modify the Zone Aging/Scavenging Properties
D.    From Windows PowerShell, run the Set-DnsServerZoneAging cmdlet.
Answer: B not D   B (cause zoneAging is already enabled and is working. Set-DnsServerResourceRecordAging will set a timestamp on old records (probably static ones))

H10 :QUESTION 285
Your network contains an Active Directory forest named contoso.com.
The forest contains two domains named contoso.com and childl.contoso.com.
The domains contain three domain controllers.
The domain controllers are configured as shown in the following table.
wps5A7.tmp_thumb
You need to ensure that the KDC support for claims, compound authentication, and kerberos
armoring setting is enforced in both domains.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.    Raise the domain functional level of contoso.com.
B.    Raise the domain functional level ofchildl.contoso.com.
C.    Raise the forest functional level of contoso.com.
D.    Upgrade DC11 to Windows Server 2012 R2.
E.   
Upgrade DC1 to Windows Server 2012 R2.
Answer: AE  (E and A) and (D and B) cause enforced in both domains (DAC enforced mean DC and domain level set to 2012R2)
Explanation: The root domain in the forest must be at Windows Server 2012 level. First upgrade DC1 to this level, then raise the contoso.com domain functional level to Windows Server 2012.
H11 : QUESTION 286
Your network contains an Active Directory forest named contoso.com.
The forest contains four domains. All servers run Windows Server 2012 R2.
Each domain has a user named User1.
You have a file server named Server1 that is used to synchronize user folders by using the
Work Folders role service.
Server1 has a work folder named Sync1.
You need to ensure that each user has a separate folder in Sync1.
What should you do?
A.    From Windows Explorer, modify the Sharing properties of Sync1.
B.    Run the Set-SyncServerSetting cmdlet.
C.    From File and Storage Services in Server Manager, modify the properties of Sync1.
D.    Run the Set-SyncShare cmdlet.
Answer: D  answer ("folder structure" of sync share cannot be modified once created)

H18 : QUESTION 278
Your network contains an Active Directory domain named adatum.com.
You have a standard primary zone named adatum.com.
You need to provide a user named User1 the ability to modify records in the zone.
Other users must be prevented from modifying records in the zone.
What should you do first?
A.    Run the Zone Signing Wizard for the zone.
B.    From the properties of the zone, change the zone type.
C.    Run the new Delegation Wizard for the zone.
D.    From the properties of the zone, modify the Start Of Authority (SOA) record.
Answer: B Not C  B (Convert the standard primary zone to AD integrated zone -> The security tab will appear)

H22 QUESTION 211
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.
You install the DHCP Server server role on Server1 and Server2.
You install the IP Address Management (IPAM) Server feature on Server1.
You notice that you cannot discover Server1 or Server2 in IPAM.
You need to ensure that you can use IPAM to discover the DHCP infrastructure.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.    On Server2, run the Add-DhcpServerInDc cmdlet
B.    On Server1, uninstall the DHCP Server server role.
C.    On Server1, run the Add-IpamServerInventory cmdlet.
D.    On both Server1 and Server2, run the Add-DhcpServerv4Policy cmdlet.
E.    On Server2, create an IPv4 scope.
Answer: AB not AC

: E and C (and "A" if three answers was asked)

H23 : QUESTION 265
Your network contains two Active Directory forests named contoso.com and corp.contoso.com.
wpsC378.tmp_thumb
User1 is a member of the DnsAdmins domain local group in contoso.com.
User1 attempts to create a conditional forwarder to corp.contoso.com but receive an error message shown in the exhibit. (Click the Exhibit button.)
wpsDFB0.tmp_thumb
You need to configure bi-directional name resolution between the two forests.
What should you do first?
A.    Add User1 to the DnsUpdateProxy group.
B.    Configure the zone to be Active Directory-integrated.
C.    Enable the Advanced view from DNS Manager.
D.    Run the New Delegation Wizard.
Answer: D not B
- DNS namespace Parent -> DNS namespace child : delegation
- DNS namespace child -> DNS namespace Parent : nothing to do with contiguous DNS namespace (or conditional forwarder for non-contiguous DNS namespace)

H24 : QUESTION 266
Your network contains two Active Directory forests named contoso.com and adatum.com.
Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com.
Selective authentication is enabled on the forest trust.
Contoso contains 10 servers that have the File Server role service installed.
Users successfully access shared folders on the file servers by using permissions granted to the Authenticated Users group.
You migrate the file servers to adatum.com.
Contoso users report that after the migration, they are unable to access shared folders on the file servers.
You need to ensure that the Contoso users can access the shared folders on the file servers.
What should you do?
A.    Disable selective authentication on the existing forest trust.
B.    Disable SID filtering on the existing forest trust.
C.    Run netdom and specify the /quarantine attribute.
D.    Replace the existing forest trust with an external trust.
Answer: A not B  A (the problem is the "Authenticated group" : with ForestWide Authentication, everything is ok. With Selective Authentication, users don't belong to the authenticated group in the other forest)

H27 : QUESTION 244
You have a print server named Print1 that runs Windows Server 2012 R2. 
Print1 has 10 shared printers.
You need to change the location of the spool folder.
What should you modify?
A.    The properties of the Print Spooler service
B.    The Print Server Properties
C.    The user environment variables
D.    The PrintQueue.inf file
Answer: B not A

H29 : QUESTION 242
Your network contains an Active Directory domain named contoso.com.
All user accounts in the marketing department reside in an organizational unit (OU) named OU1.
You have a Group Policy object (GPO) named GPO1. GPO1 contains Folder Redirection settings. GPO1 has default permissions.
You discover that the Folder Redirection settings are not applied to the users in the marketing department.
You open Group Policy Management as shown in the exhibit. (Click the Exhibit button.)
wpsC0D.tmp_thumb
You need to ensure that the Folder Redirection settings in GPO1 apply to the marketing users.
What should you do?
A.    Modify the Delegation settings of GPO1.
B.    Enable the link of GPO1.
C.    Enforce GPO1.
D.    Modify the link order of GPO1.
Answer: B not C B (in the exhibit we see that the link is disabled)

H30 : QUESTION 243
Your network contains multiple subnets.
On one of the subnets, you deploy a server named Server1 that runs Windows Server 2012 R2.
You install the DNS Server server role on Server1, and then you create a standard primary zone named contoso.com.
You need to ensure that client computers can resolve IP addresses to host names.
What should you do first?
A.    Create a GlobalNames zone.
B.    Convert the contoso.com zone to an Active Directory-integrated zone.
C.    Configure dynamic updates for contoso.com.
D.    Create a reverse lookup zone.
Answer: D not  A
 
H38 : QUESTION 237
Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company.
The URL of the website is http://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that they fail to access the website. However, some users who work from home report that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately.  What should you do?
A.    Run dnscmd and specify the CacheLockingPercent parameter.
B.    Run Set-DnsServerGlobalQueryBlockList.
C.    Run ipconfig and specify the Renew parameter.
D.    Run Set-DnsServerCache.
Answer: D D (but "A" can do the same thing) Explanation: http://technet.microsoft.com/en-us/library/jj649852.aspx Run Set-DnsServerCache with the -LockingPercent switch. dnscmd technically works also.
H44: QUESTION 190
Your network contains an Active Directory domain named contoso.com.
The domain contains a file server named Server1 and a domain controller named DC1. All servers run Windows Server 2012 R2.
A Group Policy object (GPO) named GPO1 is linked to the domain.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to ensure that authenticated users can request assistance when they are denied access to the resources on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A.    Enable the Enable access-denied assistance on client for all file types policy setting for GPO1.
B.    Configure the Customize message for Access Denied errors policy setting of GPO1.
C.    Install the File Server Resource Manager role service on DC1.
D.    Install the File Server Resource Manager role service on Server1.
E.    Assign the Read Attributes NTFS permission on Folder1 to the Authenticated Users group.
Answer: A and B (not need FSRM : just use GPO) Not  AD.

---------------- Confirm Questions-----------------------
QUESTION 121
You have 30 servers that run Windows Server 2012 R2.
All of the servers are backed up daily by using Windows Azure Online Backup.
You need to perform an immediate backup of all the servers to Windows Azure Online Backup. Which Windows PowerShell cmdlets should you run on each server?
A.    Start-OBRegistration | Start-OBBackup
B.    Get-OBPolicy | Start-OBBackup
C.    Get-WBBackupTarget | Start-WBBackup
D.    Get-WBPolicy | Start-WBBackup
Answer: B
Explanation:
A. starts a backup job using a policy
B. Registers the current computer to Windows Azure Backup.
C. Not using Azure
D. Not using Azure
http://technet.microsoft.com/en-us/library/hh770406(v=wps.620).aspx
http://technet.microsoft.com/en-us/library/hh770426.aspx
http://technet.microsoft.com/en-us/library/hh770398.aspx
QUESTION 122
You have 20 servers that run Windows Server 2012 R2.
You need to create a Windows PowerShell script that registers each server in Windows Azure Online Backup and sets an encryption passphrase.
Which two PowerShell cmdlets should you run in the script? (Each correct answer presents part of the solution. Choose two.)
A.    New-OBPolicy
B.    New-OBRetentionPolicy
C.    Add-OBFileSpec
D.    Start-OBRegistration
E.    Set-OBMachineSetting
Answer: DE

QUESTION 125
You have a server named FS1 that runs Windows Server 2012 R2.
You install the File and Storage Services server role on FS1.
From Windows Explorer, you view the properties of a shared folder named Share1 and you discover that the Classification tab is missing.
You need to ensure that you can assign classifications to Share1 from Windows Explorer manually.
What should you do?
A.    From Folder Options, clear Use Sharing Wizard (Recommend).
B.    Install the File Server Resource Manager role service.
C.    From Folder Options, select Show hidden files, folders, and drives.
D.    Install the Enhanced Storage feature.
Answer: B
QUESTION 127
Your network contains an Active Directory forest named adatum.com.
All servers run Windows Server 2012 R2.
The domain contains four servers. The servers are configured as shown in the following table.
wpsABAA.tmp_thumb
You need to deploy IP Address Management (IPAM) to manage DNS and DHCP.
On which server should you install IPAM?
A.    Server1
B.    Server2
C.    Server3
D.    Server4
Answer: D
Explanation:
IPAM can not be installed on a Domain Controller.
QUESTION 130
Your company deploys a new Active Directory forest named contoso.com.
The first domain controller in the forest runs Windows Server 2012 R2. The forest contains a domain controller named DC10. On DC10; the disk that contains the SYSVOL folder fails.
You replace the failed disk.
You stop the Distributed File System (DFS) Replication service.
You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A.    Ldp
B.    Active Directory Sites and Services
C.    Dfsmgmt.msc
D.    Frsutil
Answer: A QUESTION 136
Your network contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2, On Server1, you create a Data Collector Set (DCS) named Data1. You need to export Data1 to Server2. What should you do first?
A.    Right-click Data1 and click Data Manager…
B.    Right-click Data1 and click Save template…
C.    Right-click Data1 and click Properties.
D.    Right-click Data1 and click Export list…
Answer: B
Explanation:
To export a Data Collector Set you create as a template for use on other computers, open Windows Performance Monitor, expand Data Collector Sets, right-click the Data Collector Set you want to export, and click Save Template.
Select a directory in which to store the XML file and click Save .
http://technet.microsoft.com/en-us/library/cc766318.aspx
QUESTION 138
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
All client computers run Windows 8 Group Policy objects (GPOs) are linked to the domain as shown in the exhibit. (Click the Exhibit button.)
wpsCC67.tmp_thumb
GPO2 contains computer configurations only and GPO3 contains user configurations only.
You need to configure the GPOs to meet the following requirements:
- Ensure that GPO2 only Applies to the computer accounts in OU2 that have more than one processor.
- Ensure that GPO3 only Applies to the user accounts in OU3 that are members of a security group named SecureUsers.
Which setting should you configure in each GPO? To answer, drag the appropriate setting to the correct GPO. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
wpsEFA1.tmp_thumb
Answer:
wps68B.tmp_thumb
QUESTION 139
Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2. An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise.
A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort.
Which tool should you use?
A.    The Set-AdComputercmdlet
B.    Group Policy Object Editor
C.    Active Directory Users and Computers
D.    Group Policy Management Console (GPMC)
Answer: D)
QUESTION 146
Drag and Drop Question
Your network contains four servers that run Windows Server 2012 R2.
Each server has the Failover Clustering feature installed.
Each server has three network adapters installed. An iSCSI SAN is available on the network.
You create a failover cluster named Cluster1.
You add the servers to the cluster.
You plan to configure the network settings of each server node as shown in the following table.
wps2D34.tmp_thumb
You need to configure the network settings for Cluster1.
What should you do? To answer, drag the appropriate network communication setting to the correct cluster network. Each network communication setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
wps4096.tmp_thumb
Answer:
wps56B6.tmp_thumb
QUESTION 150
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. The servers have the Hyper-V server role installed. A certification authority (CA) is available on the network. A virtual machine named VM1.contoso.com is replicated from Server1 to Server2. A virtual machine named vm2.contoso.com is replicated from Server2 to Server1.
You need to configure Hyper-V to encrypt the replication of the virtual machines.
Which common name should you use for the certificates on each server? To answer, configure the appropriate common name for the certificate on each server in the answer area.
wps5D71.tmp_thumb[2]
Answer:
wps9276.tmp_thumb
QUESTION 153
You have a server named Server1 that runs Windows Server 2012 R2. Server1 is backed up by using Windows Server Backup.
The backup configuration is shown in the exhibit. (Click the Exhibit button.)
wpsD41A.tmp_thumb
You discover that only the last copy of the backup is maintained.
You need to ensure that multiple backup copies are maintained.
What should you do?
A.    Modify the backup destination.
B.    Configure the Optimize Backup Performance settings.
C.    Modify the Volume Shadow Copy Service (VSS) settings.
D.    Modify the backup times.
Answer: A
Explanation:
A, The destination in the exhibit shows a network share is useD.
If a network share is being used only the latest copy will be saved
http://windows.microsoft.com/en-us/windows7/where-should-i-save-my-backup
QUESTION 158
Drag and Drop Question
Your network contains a single Active Directory domain named contoso.com. The domain contains an Active Directory site named Site1 and an organizational unit (OU) named OU1.
The domain contains a client computer named Client1 that is located in OU1 and Site1.
You create five Group Policy objects (GPO).
The GPOs are configured as shown in the following table.
wps42D7.tmp_thumb
You need to identify in which order the GPOs will be Applied to Client1.
In which order should you arrange the listed GPOs? To answer, move all GPOs from the list of GPOs to the answer area and arrange them in the correct order.
wps5D5A.tmp_thumb2
Answer:
D43 : GPO3, GPO1, GPO4, GPO5, GPO2 (GPO3, GPO1, GPO4 with the site to OU order. GPO5, GPO2 in the reverse order because they are enforced)
QUESTION 160
Your network contains an Active Directory domain named contoso.com.
The domain contains client computers that run either Windows XP, Windows 7, or Windows 8.
Network Policy Server (NPS) is deployed to the domain.
You plan to create a system health validator (SHV).
You need to identify which policy settings can be Applied to all of the computers.
Which three policy settings should you identify? (Each correct answer presents part of the solution. Choose three.)
A.    A firewall is enabled for all network connections.
B.    An antispyware application is on.
C.    Automatic updating is enabled.
D.    Antivirus is up to date.

E.    Antispyware is up to date.
Answer: ACD
QUESTION 162
You have a server named Server1 that runs Windows Server 2012 R2.
You create a Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to log data to D:\logs.
What should you do?
A.    Right-click DCS1 and click Data Manager…
B.    Right-click DCS1 and click Save Template…
C.    Right-click DCS1 and click Properties.
D.    Right-click DCS1 and click Export list…
Answer: C
Explanation:
It is under the Directory tab from the DCS properties.
http://technet.microsoft.com/en-us/library/cc749267.aspx
QUESTION 165
Drag and Drop Question
You have a file server named Server1 that runs Windows Server 2012 R2.
The folders on Server1 are configured as shown in the following table.
wpsEE9.tmp_thumb
A new corporate policy states that backups must use Windows Azure Online Backup whenever possible.
You need to identify which technology you must use to back up Server1.
The solution must use Windows Azure Online Backup whenever possible.
What should you identify? To answer, drag the appropriate backup type to the correct location or locations. Each backup type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
wps27F6.tmp_thumb
Answer:
wps3C32.tmp_thumb
QUESTION 167
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
wps8D8F.tmp_thumb
Active Directory Recycle Bin is enabled.
You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago.
You need to restore the membership of Group1.
What should you do?
A.    Export and import data by using Dsamain.
B.    Apply a virtual machine snapshot to VM1.
C.    Recover the items by using Active Directory Recycle Bin.
D.    Modify the isRecycled attribute of Group1.
Answer: A

QUESTION 168
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily. The domain has the Active Directory Recycle Bin enabled. During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups.
For documentation purposes, you must provide a list of the members of Group1 before the group was deleted.
You need to identify the names of the users who were members of Group1 prior to its deletion. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do first?
A.    Mount the most recent Active Directory backup.
B.    Perform an authoritative restore of Group1.
C.    Use the Recycle Bin to restore Group1.
D.    Reactivate the tombstone of Group1.
Answer: A
QUESTION 170
In an isolated test environment, you deploy a server named Server1 that runs a Server Core Installation of Windows Server 2012 R2.
The test environment does not have Active Directory Domain Services (AD DS) installed.
You install the Active Directory Domain Services server role on Server1.
You need to configure Server1 as a domain controller.
Which cmdlet should you run?
A.    Install-ADDSForest
B.    Install-ADDSDomain
C.    Install-WindowsFeature
D.    Install-ADDSDomainController
Answer: A
QUESTION 177
Your network contains an Active Directory domain named adatum.com.
The domain contains the servers shown in the following table.
wpsBEF3.tmp_thumb
You need to ensure that you can use Server Manager on DC1 to manage DC2.
Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.)
A.    Install the Windows PowerShell 2.0 engine on DC1.
B.    Install Microsoft .NET Framework 4 on DC2.
C.    Install Remote Server Administration Tools on DC1.
D.    Install Remote Server Administration Tools on DC2.
E.    Install Windows Management Framework 3.0 on DC2.
Answer: BE
QUESTION 182
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1. Server1 runs Windows Server 2012 R2.
You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A.    Share and Storage Management
B.    Server Manager
C.    New-VirtualDisk
D.    Computer Management
Answer: D
QUESTION 186
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You need to identify whether the Company attribute replicates to the global catalog.
Which part of the Active Directory partition should you view? To answer, select the appropriate Active Directory object in the answer area.
wps656.tmp_thumb
Answer:
wps1A54.tmp_thumb
QUESTION 188
You have a server named Server1 that runs Windows Server 2012 R2.
You install the File and Storage Services server role on Server1. From Windows Explorer, you view the properties of a folder named Folder1 and you discover that the Classification tab is missing.
You need to ensure that you can assign classifications to Folder1 from Windows Explorer manually.
What should you do?
A.    Install the Share and Storage Management Tools.
B.    From Folder Options, clear Hide protected operating system files (Recommended).
C.    From Folder Options, select the Always show menus.
D.    Install the File Server Resource Manager role service.
QUESTION 191
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and a server named Server2 that runs Windows Server 2008 R2 Service Pack 1 (SP1). Both servers are member servers.
On Server2, you install all of the software required to ensure that Server2 can be managed remotely from Server Manager.
You need to ensure that you can manage Server2 from Server1 by using Server Manager.
Which two tasks should you perform on Server2? (Each correct answer presents part of the solution.
Choose two.)
A.    Run the Configure-SMRemoting.ps1 script.
B.    Run the Enable-PSSessionConfigurationcmdlet.
C.    Run the Set-ExecutionPolicycmdlet.
D.    Run the systempropertiesremote.exe command
E.    Run the Enable-PSRemotingcmdlet.
Answer: AC
QUESTION 192
Your network contains an Active Directory domain named contoso.com. The network contains a server named Server1 that runs Windows Server 2012 R2 and a server named Server2 that runs Windows Server 2008 R2 Service Pack 1 (SP1). Server1 and Server2 are member servers.
You need to ensure that you can manage Server2 from Server1 by using Server Manager.
Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.)
A.    Install Windows Management Framework 3.0 on Server2.
B.    Install Remote Server Administration Tools on Server1.
C.    Install the Windows PowerShell 2.0 engine on Server1.
D.    Install Microsoft .NET Framework 4 on Server2.
E.    Install Remote Server Administration Tools on Server2.
QUESTION 197
You perform a Server Core Installation of Windows Server 2012 R2 on a server named Server1. You need to add a graphical user interface (GUI) to Server1.
Which tool should you use?
A.    The setup.exe command
B.    The imagex.exe command
C.    The Install-RoleServicecmdlet
D.    The Add-WindowsFeaturecmdlet
Answer: D
QUESTION 205
Your network contains a domain controller named DC1 that runs Windows Server 2012 R2.
You create a custom Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to collect the following information:
- The amount of Active Directory data replicated between DC1 and the other domain controllers
- The current values of several registry settings.
Which two should you configure in DCS1? (Each correct answer presents part of the solution. Choose two.)
A.    System configuration information
B.    A Performance Counter Alert
C.    Event trace data
D.    A performance counter
Answer: AD
Explanation:
wps857F.tmp_thumb
wpsEBB1.tmp_thumb
QUESTION 214
Your network contains an Active Directory domain named adatum.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server.
The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP scope for each subnet.
You need to ensure that noncompliant computers on Subnet1 receive different network policies than noncompliant computers on Subnet2.
Which two settings should you configure? (Each correct answer presents part of the solution.
Choose two.)
A.    The NAS Port Type constraints
B.    The Health Policies conditions
C.    The Called Station ID constraints
D.    The NAP-Capable Computers conditions
E.    The MS-Service Class conditions
Answer:BE

QUESTION 245
You have a server named Server1 that runs Windows Server 2012 R2.
You try to install the Microsoft .NET Framework 3.5 Features feature on Server1, but the installation fails repeatedly.
You need to ensure that the feature can be installed on Server1.
What should you do?
A.    Run the Add-WindowsPackagecmdlet.
B.    Disable User Account Control (UAC).
C.    Specify an alternate source path.
D.    Install the Web Server (IIS) server role.
Answer: C
QUESTION 247
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2.
Server1 hosts a virtual machine named VM1 that runs Windows Server 2012 R2.
VM1 has several snapshots.
You need to modify the snapshot file location of VM1.
What should you do?
A.    Delete the existing snapshots, and then modify the settings of VM1.
B.    Right-click VM1, and then click Move. ..
C.    Right-click VM1, and then click Export…
D.    PauseVM1, and then modify the settings of VM1.
Answer: A

QUESTION 260
Drag and Drop Question
Your network contains two Active Directory forests named contoso.com and adatum.com.
Each forest contains an Active Directory Rights Management Services (AD RMS) root cluster.
All servers run Windows Server 2012 R2.
You need to ensure that the rights account certificates issued in adatum.com are accepted by the AD RMS root cluster in contoso.com.
What should you do in each forest? To answer, drag the appropriate actions to the correct forests. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
wpsD8C3.tmp_thumb
Answer:
wpsF7C9.tmp_thumb
QUESTION 280
Your network contains an Active Directory domain named contoso.com.
Network Policy Server (NPS) is deployed to the domain.
You plan to deploy Network Access Protection (NAP).
You need to configure the requirements that are validated on the NPS client computers.
What should you do?
A.    From the Network Policy Server console, configure a network policy.
B.    From the Network Policy Server console, configure a health policy.
C.   
From the Network Policy Server console, configure a Windows Security Health Validator
(WSHV) policy.

D.    From a Group Policy object (GPO), configure the NAP Client Configuration security setting.
E.    From a Group Policy object (GPO), configure the Network Access Protection Administrative
Templates setting.
Answer: C
QUESTION 288
Your network contains an Active Directory domain named adatum.com. The domain contains a member server named Host1. Host1 runs Windows Server 2012 R2 and has the Hyper-V server role installed.
Host1 hosts two virtual machines named VM5 and VM6. Both virtual machines connect to a virtual switch named Virtual1.
On VM5, you install a network monitoring application named Monitor1.
You need to capture all of the inbound and outbound traffic to VM6 by using Monitor1.
Which two commands should you run from Windows PowerShell? (Each correct answer presents part of the solution. Choose two.)
A.    Get-VM “VM6″ | Set-VMNetworkAdapter-IovWeight 1
B.    Get-VM “VM5″ | Set-VMNetworkAdapter -IovWeight 0
C
.    Get-VM “VM6″ | Set-VMNetworkAdapter -PortMirroring Source
D.    Get-VM “VM6″ | Set-VMNetworkAdapter -AllowTeaming On
E.    Get-VM “VM5″ | Set-VMNetworkAdapter -PortMirroring Destination
F.    Get-VM “VM5″ | Set-VMNetworkAdapter -AllowTeaming On
Answer: CE
QUESTION 293
Hotspot Question
You have a Hyper-V host named HYPERV1. HYPERV1 hosts a virtual machine named DC1.
You need to prevent the clock on DC1 from synchronizing from the clock on HYPERV1.
What should you configure? To answer, select the appropriate object in the answer area.
wps66A1.tmp_thumb
Answer:
wps8181.tmp_thumb
QUESTION 295
You have a server named Server1 that runs Windows Server 2012 R2.
You add a 4-TB disk named Disk 5 to Server1.
You need to ensure that you can create a 3-TB volume on Disk 5.
What should you do?
A.    Create a storage pool.
B.    Convert the disk to a GPT disk.
C.    Convert the disk to a dynamic disk.
D.    Create a VHD, and then attach the VHD.
Answer: B
Explanation:
The exhibit shows Disk1 to be a basic disk.
wpsA8FF.tmp_thumb
The disk must be GPT since GPT disks allows for partitioning.
http://msdn.microsoft.com/en-us/library/windows/hardware/gg463525.aspx
QUESTION 296
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named File1. All servers in the domain run Windows Server 2012 R2.
You need to create a new volume on File1.
The new volume must have the following configurations:
- Have the drive letter T
- Have the FAT32 file system
- Be stored on a new virtual hard disk
In which order should you run the Diskpart commands? To answer, move all the Diskpart commands from the list of commands to the answer area and arrange them in the correct order.
wpsC92D.tmp_thumb
Answer:
wpsDC12.tmp_thumb
QUESTION 297
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 and Server2 run a Server with a GUI installation of Windows Server 2012 R2.
You remove the Graphical Management Tools and Infrastructure feature on Server2.
You need to restart Server2.
What should you do? (To answer, drag the appropriate tools to the correct statements. Each tool may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
wpsF7BE.tmp_thumb
Answer:
wpsB5E.tmp_thumb
QUESTION 298
Your network contains three servers named HV1, HV2, and Server1 that run Windows Server 2012 R2. HV1 and HV2 have the Hyper-V server role installed. Server1 is a file server that contains 3 TB of free disk space.
HV1 hosts a virtual machine named VM1. The virtual machine configuration file for VM1 is stored in D:\VM and the virtual hard disk file is stored in E:\VHD.
You plan to replace drive E with a larger volume.
You need to ensure that VM1 remains available from HV1 while drive E is being replaced. You want to achieve this goal by using the minimum amount of administrative effort. What should you do?
A.    Perform a live migration to HV2.
B.    Add HV1 and HV2 as nodes in a failover cluster.
Perform a storage migration to HV2.
C.    Add HV1 and HV2 as nodes in a failover cluster.
Perform a live migration to HV2.
D.    Perform a storage migration to Server1.
Answer: D
QUESTION 299
Hotspot Question
You deploy a Server with a GUI installation of Windows Server 2012 R2 Datacenter.
From Windows PowerShell, you run the following command:
Remove-WindowsFeature Server-Gui-Shell.
In the table below, identify which tools are available on Server1 and which tools are unavailable on Server1. Make only one selection in each row. Each correct selection is worth one point.
wps2E78.tmp_thumb
Answer:
wps413E.tmp_thumb
QUESTION 300
You have a server named Server1 that runs a Server Core installation of Windows Server 2012 R2 Standard.
You establish a Remote Desktop session to Server1.
You need to identify which task can be performed on Server1 from within the Remote Desktop session.
What should you identify?
A.    Install a feature by using Server Manager.
B.    Modify the network settings by using Sconfig.
C.    Disable services by using Msconfig.
D.    Join a domain by using the System Properties.
Answer: B
Explanation:
In Windows Server 2012 R2, you can use the Server Configuration tool (Sconfig.cmd) to configure and manage several common aspects of Server Core installations.
You must be a member of the Administrators group to use the tool. Sconfig.cmd is available in the Minimal Server Interface and in Server with a GUI mode.
http://technet.microsoft.com/en-us/library/jj647766.aspx

QUESTION 301
Hotspot Question
You have two servers that run Windows Server 2012 R2.
The servers are configured as shown in the following table.
wps695E.tmp_thumb
You need to ensure that Server2 can be managed by using Server Manager from Server1.
In the table below, identify which actions must be performed on Server1 and Server2.Make only one selection in each row. Each correct selection is worth one point.
wps83B2.tmp_thumb
Answer:
wps98B9.tmp_thumb
QUESTION 302
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All servers runs Windows Server 2012 R2.The domain contains two domain controllers named DC1 and DC2.
Both domain controllers are virtual machines on a Hyper-V host.
You plan to create a cloned domain controller named DC3 from an image of DC1.
You need to ensure that you can clone DC1.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)
A.    Add the computer account of DC1 to the Cloneable Domain Controllers group.
B.    Create a DCCIoneConfig.xml file on DC1.

C.    Add the computer account of DC3 to the Cloneable Domain Controllers group.
D.    Run the Enable-AdOptionalFeaturecmdlet.
E.    Modify the contents of the DefaultDCCIoneAllowList.xml file on DC1.
Answer: AB

QUESTION 303
Your network contains an Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 that runs Windows Server 2012 R2.
DC1 has the DHCP Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
wpsBFCA.tmp_thumb
You discover that client computers cannot obtain IPv4 addresses from DC1.
You need to ensure that the client computers can obtain IPv4 addresses from DC1.
What should you do?
A.    Disable the Deny filters.
B.    Authorize DC1.
C.    Activate the scope.
D.    Disable the Allow filters.
Answer: D

wpsD925.tmp_thumb
QUESTION 304
You have a failover cluster named Cluster1 that contains four nodes.
All of the nodes run Windows Server 2012 R2.
You need to schedule the installation of Windows updates on the cluster nodes.
Which tool should you use?
A.    The Add-CauClusterRolecmdlet
B.    TheWuauclt command
C.    TheWusa command
D.    The Invoke-CauScancmdlet
Answer: D
Explanation:
The Invoke-CauScancmdlet performs a scan of cluster nodes for applicable updates and returns a list of the initial set of updates that would be applied to each node in a specified cluster.

QUESTION 306
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server2 that runs Windows Server 2012 R2.
You are a member of the local Administrators group on Server2.
You install an Active Directory Rights Management Services (AD RMS) root cluster on Server2.
You need to ensure that the AD RMS cluster is discoverable automatically by the AD RMS client computers and the users in contoso.com.
Which additional configuration settings should you configure? To answer, select the appropriate tab in the answer area.
wps480.tmp_thumb
Answer:
wps1ED5.tmp_thumb
QUESTION 318
Hotspot Question
Your company has a primary data center and a disaster recovery data center.
The network contains an Active Directory domain named contoso.com. The domain contains a server named that runs Windows Server 2012 R2. Server1 is located in the primary data center.
Server1 has an enterprise root certification authority (CA) for contoso.com.
You deploy another server named Server2 to the disaster recovery data center.
You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point.
You need to configure Server2 as a CRL distribution point (CDP).
Which tab should you use to configure the required CDP entry? To answer, select the appropriate tab in the answer area.
wpsD16F.tmp_thumb
Answer:
wpsF130.tmp_thumb
QUESTION 319
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The relevant servers in the domain are configured as shown in the following table.
wps144B.tmp_thumb
You plan to create a shared folder on Server1 named Share1. Share1 must only be accessed by users who are using computers that are joined to the domain.
You need to identify which servers must be upgraded to support the requirements of Share1.
In the table below, identify which computers require an upgrade and which computers do not require an upgrade. Make only one selection in each row. Each correct selection is worth one point.
wps3AFE.tmp_thumb
Answer:
wps5BE7.tmp_thumb
QUESTION 320
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You have several Windows PowerShell scripts that execute when users log on to their client computer.
You need to ensure that all of the scripts execute completely before the users can access their desktop.
Which setting should you configure? To answer, select the appropriate setting in the answer area.
wps784D.tmp_thumb
Answer:
wps9956.tmp_thumb
QUESTION 321
You have a file server named Server1 that runs a Server Core Installation of Windows Server 2012 R2.
Server1 has a volume named D that contains user data. Server1 has a volume named E that is empty.
Server1 is configured to create a shadow copy of volume D every hour.
You need to configure the shadow copies of volume D to be stored on volume E.
What should you run?
A.    The Set-Volume cmdlet with the -driveletter parameter
B.    The Set-Volume cmdlet with the -path parameter
C.    The vssadmin.exe add shadow storage command
D.    The vssadmin.exe create shadow command
Answer: C

QUESTION 350
Hotspot Question
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2 and are configured as DNS servers. All DNS zones are Active Directory-integrated. Active Directory Recycle Bin is enabled.
You need to modify the
amount of time deleted objects are retained in the Active Directory Recycle Bin.
Which naming context should you use? To answer, select the appropriate naming context in the answer area.
wpsBF19.tmp_thumb
Answer:
wpsD71C.tmp_thumb
----------------- External Questions----------------
QUESTION
Your network contains four Active Directory forests. Each forest contains an Active Directory Rights Management Services (AD RMS) root cluster. All of the users in all of the forests must be able to access protected content from any of the forests. You need to identify the minimum number of AD RMS trusts required. How many trusts should you identify?
A. 3
B. 6
C. 12
D. 16

Correct Answer: C

QUESTION
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC2 that runs Windows Server 2012. DC2 has the DHCP Server server role installed. DHCP is configured as shown in the exhibit.
You discover that client computers cannot obtain IPv4 addresses from DC2. You need to ensure that the client computers can obtain IPv4 addresses from DC2. What should you do?

A. Disable the Deny filters.
B. Enable the Allow filters.
C. Authorize DC2.
D. Restart the DHCP Server service

Correct Answer: C

Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 has the
DHCP Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
You discover that client computers cannot obtain IPv4 addresses from DC1.
You need to ensure that the client computers can obtain IPv4 addresses from DC1.
What should you do?

A. Activate the scope.

B. Authorize DC1.

C. Disable the Allow filters.

D. Disable the Deny filters.

Answer: I did choose C. In the Exhibit you could see that Deny Filters was empty, DC1 was authorized and the scope was activated.

`QUESTION
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a file server role named FS1 and a generic service role named SVC1. Server1 is the preferred node for FS1. Server2 is the preferred node for SVC1. You plan to run a disk maintenance tool on the physical disk used by FS1. You need to ensure that running the disk maintenance tool does not cause a failover to occur. What should you do before you run the tool?

A. Run cluster.exe and specify the pause parameter.
B. Run cluster.exe and specify the offline parameter.
C. Run Suspend-ClusterResource.
D. Run Suspend-ClusterNode.
Answer: C


QUESTION
Your network contains two DNS servers named DN51 and DNS2 that run Windows Server 2012. DNS1 has a primary zone named contoso.com. DNS2 has a secondary copy of the contoso.com zone. You need to log the zone transfer packets sent between DNS1 and DNS2. What should you configure?

A. Monitoring from DNS Manager
B. Logging from Windows Firewall with Advanced Security
C. A Data Collector Set (DCS) from Performance Monitor
D. Debug logging from DNS Manager

Correct Answer: D


QUESTION
Your network contains three servers named HV1, HV2, and Server1Your network contains three servers named HV1, HV2, and Server1 that run Windows Server 2012 R2. HV1 and HV2 have the Hyper-V server role installed. Server1 is a file server that contains 3 TB of free disk space.
HV1 hosts a virtual machine named VM1. The virtual machine configuration file for VM1 is stored in D:\VM and the virtual hard disk file is stored in E:\VHD.
You plan to replace drive E with a larger volume.
You need to ensure that VM1 remains available from HV1 while drive E is being replaced. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do?

A. Perform a live migration to HV2.
B. Add HV1 and HV2 as nodes in a failover cluster. Perform a storage migration to HV2.
C. Add HV1 and HV2 as nodes in a failover cluster. Perform a live migration to HV2.
D. Perform a storage migration to Server1.

Correct Answer: D
Your network contains a server named Server1 that has the Network Policy and Access Services server role installed.
All of the network access servers forward connection requests to Server1.
You create a new network policy on Server1.
You need to ensure that the new policy applies only to connection requests from the
192.168.0.0/24 subnet.
What should you do?

A. Set the Client IP4 Address condition to 192.168.0.0/24.

B. Set the Client IP4 Address condition to 192.168.0.

C. Set the Called Station ID constraint to 192.168.0.0/24.

D. Set the Called Station ID constraint to 192.168.0.

Answer: My choise here was B




 
Samuel questions in exam:
a-A2, a3, a8, a13, a26, a27, a46, a48, a49
b-b7,b17,b30,b31,b36,b37,b38,b39,b42,b45,b46,b47, b48,b49
C- 1,2,3,5,6,8,10,12,14,15,16,18,22,23,24,26,28,35,38,40,46, c48
D-d1d2,d4,d7,d8,d12,d14,d15, d16, d19, d20,  d21, d30, d32, d41,d43,d47, d48
e-e2,e5,e12, e15,e21,e22,e26,e36,e36,e38,
F:f10,f13,f16,f17,F22,f26,f30,f31,f33,f36,f37,f39 f40,f41,f47,f50
G:g4,g5,g7,g11,g12,g13, g18,g21,g22,g23,g24,g26,g41,g43, g45,g50
H-h1,h2,h3, h4,h5, h8,h17,h19,h24, h27, h28,h38, h41,h45,h46



Twitter Facebook Favorites More