Upgrading Your Skills to MCSA Windows Server 2012
*In what situation would you use AD LDS
A DMZ
*What is an authentication setting that permits unrestricted access by any users in the specific forest to all available shared resources that are located in any of the domains in the local forest
Forest-wide authentication
*To control access on file shares in Server1 based on the Division attribute and Division resource property, what actions in order should you perform?
From AD Admin Center, create a claim type
From Ad Admin Center, create a reference resource property
On the shared folders set a classification value
OCSetup (Vista and Server2008) can perform what operations?
MSI files that are passed to the Windows Installer Service (MSIExec.exe)
Component-Based Servicing (CBS) components that are passed to the Package Manager
CBS or MSI packages that have an associated custom installer .exe file
*To retrieve IP config on a different server can you are logged in to
winrs -r:server2 ipconfig
*After joining a new server to a domain, to ensure you can manage it from a different management console
run the enable-netfirewallrule cmdlet
*On Server2, install software to manage Server2 on Server1
Run the Configure-SMRemoting.ps1 script
Run the Set-ExecutionPolicy cmdlet
*Server 1 is Windows 2012, Server 2 is Windows 2008R2SP1, ensure you can manage Server 2 from Server 1
Install Windows Management Framework 3.0 on Server 2
Install .Net Framework 4 on Server 2
Ensure that Win7 and Win8 users can use Previous Versions to restore files in Share1 on Windows Server 2012 Server1
Use the Shadow Copies settings
*Server1 is connected to 2 Fibre Channel SANs with Host Bus Adapter 1, to connect VM1 to SAN1, what should you do first
Create a virtual Fibre Channel SAN
*To create four external virtual switches in Hyper V, what cmdlet should you run first
Add-VMNetworkAdapter
*To add GUI to a Windows Server 2012 Core Installation
Add-WindowsFeature cmdlet
*What disk solution provides fault tolerance and provides the maximum amount of usable storage space
A parity space
*Uninstall the GUI from a full installation of Windows Server 2012
From Server Manager, uninstall the User Interfaces and Infrastructure feature
Server 1 is in a workgroup, to add it to a domain
run the djoin.exe command
To promote a Windows Server 2008 to a domain controller using IFM (install from media), the first step is
Upgrade the existing domain controller to Windows Server 2012
What tool should you use to promote a windows server 2012 machine to domain controller
Server manager
*What cannot be performed by using the AD installation Wizard?
Install the AD CS role
Transfer the schema master
To identify which domain controller in a forest should be online to promote another domain controller, what role should you look for
Domain naming master
What is SR-IOV - Single Root I/O Virtualization?
A new feature that allows you to assign a network adapter directly to a virtual machine to maximize network throughput while minimizing network latency as well as CPU overhead
*To prevent a VM from synchronizing its clock to it's host server, what should you configure
Integration Services, Time Management
To ensure the state of VMs are saved before doing a host server backup, what should you configure?
Integration Services, Backup
To run IPAM from Server2 if it is installed on Server1?
On Server2, add Server1 to Server Manager
*IPAM is installed on Server1, DC1 has the firewall configured for inbound IPAM ports, to ensure you can use IPAM on Server1 to manage DNS on DC1
Add Server1 to the Event Log Readers Group
To change the provisioning type after installation
Reinstall the IPAM Server feature
What type of server must you use as a certificate revocation list distribution server?
Web Server
Where should you first enable replication for a Hyper V VM? On the server that will consume replication or the server that will send replication?
The consumer, modify Replication Configuration Settings under Hyper V settings, run Enable Replication wizard
*To use Microsoft Online Backup via Windows Server backup, what do you do first?
From Windows Server Backup, run Register Server Wizard
What tools do you use to configure Cluster1 to be a replica Server for Server3 and Server3 to be a replica server for Cluster1?
The HyperV manager console on Server3 and the Failover Cluster Manager on Cluster1
If a server continuously restarts after a driver installation, what do you need to start Windows 2012 in the least amount of time to minimize the amount of data loss?
Last Known Good Configuration (advanced)
*To ensure users can access previous version of files that are shared on Server1 by using the Previous Versions tab, what tool should you use?
VSSAdmin (Shadow Copy)
PWhen moving VMs to a server with a different processor manufacturer, how should you move them to minimize downtime?
Export the virtual machines from Server1 and Import them to Server2
What do you use to provide failover clustering for Application Data?
The Scale-Out File Server lets you store application data such as Hyper V VM files, on fileshares. Use the High Availability Wizard
Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 hosts an application named App1. You need to ensure that Server2 handles all of the client requests to the cluster for App1, and if Server2 fails, Server1 becomes the active node for App1
The preferred owner in a 2 server cluster will always be the active node unless it is down
Server1 and Server2 have NLB on Cluster1 which hosts WebApp1, to ensure session state is maintained during failover, what should be configured
Affinity - Single
Ensure performance log data older than 30 days is deleted automatically for a Data Collector Set
Use the Data Manager Settings of the Data Collector Set Properties, Folder Action, delete data files
*To ensure Server1 downloads express installation files from the MS Update Servers, what do you do from the Update Services console?
Update Files and Languages, Update Files Settings
To configure the amount of AD data replicated between DC1 and other domain controllers and the current values of several registry settings, configure what in the data set collector?
System configuration information and a performance counter
To move the AD database to a new volume, which NTDSUTIL.exe context do you use?
Files
*From NTDSUTIL, ensure you can access the contents of a mounted snapshot
from a command prompt run DSAMAIN.exe -dbpath c:\$snap_XXXX\ntds\ntds.dlt ldapport 33389
To promote a Read Only Domain Controler by using a text file with settings, what tool do you use?
DCPROMO command (this is deprecated but used for unattended installations using unattended files)
You have a password settings object named PSO1, to view the settings
Get-ADFineGrainedPasswordPolicy
*To clone a DC using a DCCloneConfig.xml file, where do you place the file?
%systemroot%\NTDS
*Recover Default Domain Policy and Default Domain Conteollers Policy GPOs
dcgpofix.exe /target:both
Configuring your server with as a NAP health policy server for VPN enforcement using the Configure NAP wizard, what should you install before running the wizard
Computer Certificate
To ensure noncompliant computers on subnets receive different network policies and DHCP scopes what 2 settings do you configure
NAP-Capable Computers conditions
MS-Service Class conditions in the Scope VDI properties
Ensure home users who have desktop computer can access the network by using DirectAccess
Use the WMI filter for Direct Access Client Settings GPO
*To ensure name resolution of 2 domains
Create a secondary zone
What settings in the GPO do you use to ensure users can user DirectAccess to access resources?
Name Resolution Policy
*Configure GPO1 to apply settings to Group 1 only
Set-GPPermission
*Prevent GPOs at the site level from being applied to users in one OU
Set-GPInheritance
*Change the Precedence Order of the GPOs
Set-GPLink
Use tombstone reanimation to restore a user account if there is a Windows 2003 DC
Use LDP
Ensure a 3rd party app is compatible with DC cloning
In Windows NTDS create an XML file CustomDCCloneAllowList.xml
deploy NAP by using IPsec, ensure client computer can discover HRA server automatically
On DC1, create a service location record(SRV)
In a GPO. modify the request policy setting for the NAP Client Config
On all client computers, configure the Enable Discovery registry key
Only computers that send a statement of health are checked for NAP health requirements, what do you configure
NAP-Capable computers conditions
Health Policies conditions
(in 123 Compliant Properties)
*On Server1 you create a standard primary zone, ensure Server2 can host a secondary zone
Add Server2 as a name server (Zone Transfers)
Configure DCS to automatically run a program when the amount of total free disk space drops below 10% and log the current values of several registry settings
Configure Event Trace Data and a Performance Counter in the Data Collector Properties
*Ensure updates to an image are installed that do not require restart
/PreventPending
*User is a member of IPAM Users group on Server1, ensure he can manage DHCP scopes on Server2, minimize permissions
DHCP Administrators on Server2
Failover DHCP
Hot standby mode failover partners
*Ensure users are issued a cert that can be used for email security, client authentication, and efs
Duplicate the User cert template, then publish
From a Group Policy, configure the Certificate Services Client - Auto-Enrollment settings
*To ensure admins can local iSCSI resources on the network by using a central repository
Use the iSNS Server service feature
iSNS Server is a repository of currently active iSCSI nodes, as well as their associated portals, entities, etc.
To ensure you can configure an online backup from Windows Server Backup
From Windows Server Backup, run Register Server Wizard
*Replicate VMs between Server1 and Server2 with SSL. You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted. What two intended purposes should the certificate for Server1 contain?
Server Authentication
Client Authentication
*Replicate VMs between Server1 and Server2 with SSL. All cervers are enrolled automatically for a certificate based on the Computer certificate template. You need to encrypt the replication of VM1. Which two actions should you perform?
On Server1, modify the settings of VM1, On Server2, modify the HyperV settings
*The domain contains a file server named Server1 that runs WS2012, you create a user account named User1 in the domain, to ensure User1 can use Windows Server backup to back up Server 1 and minimize the number ad administrative rights assigned to User1
Assign User1 the Back up files and directories user right
*You have a datacenter containing 6 HyperV servers running Windows Server 2012. VM1 is in Cluster1 on hosts 4&5 (Intel&CSV). Move, minimizing downtime
Host3 (Intel, iSCSI) using Storage Migration
*Server1 & Server2 have Failover Clustering and are configured as noted in a failover cluster named Cluster1, to add 2 additional nodes and ensure that Cluster1 stops running if 3 nodes fail
Configure the Cluster Quorum settings
*Server1 & Server2 have Failover Clustering and are configured as noted in a failover cluster named Cluster1. Folder1 on Server1 hosts application data and is a folder target in a DFS namespace. Provide Highly Available access to Folder1 and support DFS Replication to Folder 1. Configure?
A file server for general use
*Server1 & Server2 have Failover Clustering and are configured as noted in a failover cluster named Cluster1. You need to configure File Services and DHCP as clustered resources and ensure that if 2 consecutive heartbeat messages are missed for Server1 and Server2, Server2 will begin responding to DHCP requests. The solution must ensure that Server1 remains the active node for the File Services for up to 5 missed heartbeat messages.
Configure the failover settings
Connect a new print device to the network and provide users from 2 departments the ability to print, with documents from sales printing before documents from marketing
Add 2 printers, modify the priorities of each printer and the security setttings of each printer
The domain contains DC5 which has a Server Core Installation of Windows Server 2012, uninstall Active Directory from DC5 manually
Use the dcpromo cmdlet (phased out but can be used for forceremoval functions)
Determine which servers were rebooted during the last 2 days
Run-Get-ADComputer and specify the lastLogon property
*Move Intel Processor VM1 to another HyperV host, minimize downtime
Host3 (Intel) by using a storage migration
To identify which SRV (service location records) are registered by a Windows 2012 DC
Open the %windir%\system32\config\netlogon.dns file
VM1 has a legacy network adapter, assign a specific amount of available network bandwidth to VM1
Remove the legacy network adapter and add a network adapter.
You have 2 disks, Disk 0 with a boot volume, Disk 1 with a new volume. Ensure you can configure a pass-through disk for the virtual machine
Take Disk 1 offline
You have 5 disks and need to create a volume to store 3TB of data, ensure the data is availble if one of the disks in the volume fails
Create a Storage Pool (configured to mirror 2 disks)
Core 1 has two network adapters from different hardware vendors. To configure network traffic fail over to prevent connectivity loss if a network adapter fails
Use New-NetSwitchTeam
Server1 runs Windows Server 2012. It has 5 network adapters, three of which are connected to LAN1, two are connected to LAN2. What tool should you use to create a NETWORK ADAPTER TEAM from three network adapters connected to LAN1
Server Manager
*Server1 hosts 4 VMs (VM1,VM2,VM3,VM4) and it has 8 quad core CPUs with NUMA. You need to ensure that VM1 can use more CPU time than the other VMs when the other VMs are under a heavy load. What should you configure?
Resource Control (Settings, Processor)
Server1 hosts 4 VMs (VM1,VM2,VM3,VM4) and it has 8 quad core CPUs with NUMA. You install a network monitoring applicaiton on VM2. You need to ensure that all of the traffic sent to VM3 can be captured on VM2. What should you configure?
Port mirroring (Settings, Network Adapter, Advanced Features)
Server1 hosts 4 VMs (VM1,VM2,VM3,VM4) and it has 8 quad core CPUs with NUMA. You need to configure VM4 to track the CPU, memory, and network usage. What should you configure?
Resource metering
To allow the help desk to reset user passwords and unlock user accounts, which tool should you use?
The Delegation of Control Wizard
To create various user objects by using Windows PowerShell
Invoke the Create method of OU
$ou.Create("user", "CN=$lastName $firstName")
You discover the IT technician has miss spelled the Office property as Londn instead of London. Which tool should you use to correct the change to all of the OUs at once?
Use Dsquery and Dsmod
What command can be used to delete user accounts?
LDIFDE
What are 3 ways to unlock User Accounts?
Command Line, Windows PowerShell, VB Script
"Your account is configure to prevent you from using the computer. Please try another computer." What should do to enable the user to log on to this computer?
In the User's Account properties, click the Log On To button and choose All computers or The following computers
T/F - All printers in a pool must use the same driver
True - Printer Pool requires identical hardware and drivers
A global catalog server is available to directory clients when DNS servers can locate it as a global catalog server. In what order is this configured?
The global catalog receives replication of read only replicas to the required occupancy level.
The Net Logon Service on the DC has updated DNS with global-catalog-specific service (SRV) resource records.
The isGlobalCatalogReady rootDSE attribute is set to TRUE.
An authentication settings that permits unrestricted access by any users in the specified forest to all available shared resources that are located in any of the domains in the local forest.
Forest-wide authentication
What Service Manager feature is used for Storage Management, Replication, and Searching
File Services
How do you identify the memory a virtual machine consumes when Dynamic Memory is not enabled in Hyper V?
View the amount of RAM listed under Startup in the Memory page of the VM
what type of DNS record maps a domain name to an IP address?
An A record
When a printer is assigned to a network, what are the default printer permissions assigned?
Print, to Everyone
What tool do you use to create installation media for additional domain controllers?
NTDSUtil
What can you use at the command line to activate a Windows 2008 Server?
Cscript c:\windows\system32\slmgr.vbs ato
To move all computer accounts to be placed in an OU, what command do you use?
Redircmp
To install Windows Server 2012 choosing the Service Core Installation Option, remotely, what tool would you use?
Server Manager, Add Roles and Features Wizard
Server01 is running Server Core and the AD DS role. To add AD CS to the server what do you do?
Install the AD CS role (supported in the Core in 2012)
What groups have permission to shut down a domain controller?
Backup Operators
Print Operators
Server Operators
Administrators
What feature can augment an organization's security strategy by protecting information through persistent usage polices, which remain with the information?
AD RMS (Rights Management Services)
What features are missing when the Minimal Server Interface is installed?
IE 10, Windows Explorer, the Desktop, and Start Screen are not installed
What is a manually created trust that shortens the trust path to improve the speed at which authentications, which occur between domain trees, are processed.
Shortcut trust
What can you use to reduce the number of duplicate blocks of data in storage?
Data Deduplication role service
What Server Manager Feature is used for the management of Public Key Infrastructure?
Active Directory Certificate Services
What features are available in Windows Server 2012 when it is installed using the GUI option but without the desktop experience feature installed?
Metro Style Start Screen, Built in help system
What service uses the Network Time Protocol (NTP) to synchonize computer clocks on the network?
Windows Time service (W32time)
What type of trust allows resources in your domain to be accessed more quickly by users in another domain in your forest?
one-way, outgoing, shortcut
What Windows Server 2012 feature could you use to save time when creating GPOs with similar settings?
Starter GPO
What are features of RODC?
Filtered Attribute Sets
Unidirectional Replication
Read Only DNS
What type of virtual network is isolated from all external network traffic on the virtualization server, as well as any network traffic between the management operating system and external network?
Private virtual network
What type of trust is used when user need access to resource that are located in an NT 4.0 domain or in an AD DS forest that is not joined by a forest trust?
External trust
What is OCSetup used for?
MSI files that are passed to the Windows Installer Service
Component-Based Servicing (CBS) components that are passed the Package Manager
CBS or MSI packages that have an associated custom installer .exe file
You have DCs that run either Windows Server 2008, 2008 R2, or Windows Server 2012. You have a Password Settings Object named PSO1. What can you use to view the settings?
AD Administrator Center or Get-ADFineGrainedPasswordPolicy
*What upgrade path do you choose to minimize hardware purchases and upgrade the existing OS if possible for the following server?
Server1 - x86 - 32bit Windows Server 2008 SP2 - Full Installation
Clean installation on new hardware
*What upgrade path do you choose to minimize hardware purchases and upgrade the existing OS if possible for the following server?
Server2 - x86 - 32bit Windows Server 2008 SP2 - Server Cire
Clean installation on new hardware
*What upgrade path do you choose to minimize hardware purchases and upgrade the existing OS if possible for the following server?
Server3 - x64 - 64bit Windows Server 2008 R2 - Full Installation
Upgrade on existing hardware
What are the minimum hardware requirements for Windows Server 2012
1.4 GHz 64-bit processor
512 RAM
32GB Disk space
What groups must you be a member of to access the IPAM server remotely using Server Manager?
WinRMRemoteWMIUsers in addition to being a member of the appropriate IPAM security group or local Administrators group
*What node in the AD FS console should you select to identify the location of the federation metadata file?
AD FS>Service>Endpoints
To configure Server1 as an AD FS server, what type of certificate template should you identify to request a certificate?
Web Server
*To modify NTFS permissions for folder in file servers by using central access policies, and identify users who will be denied access when new permissions set, in what order should you perform the 5 actions?
1. Create a central access rule
2. Create a central access policy
3. Modify the Security settings of the shared folders
4. In GPO1, modify the Audit Central Access Policy Staging setting and configure the Central Access Policy Settings
5. Search for failure events in the security logs from the file servers
You have storage provisioned on Server2, to configure the storage so that it appears in Windows Explorer as a drive letter on Server1, what actions should you perform in sequence?
1. On Server2, add an iSCSI initiator id to target1.
2. On Server1, configure the iSCSI initiator to connect to target1.
3. On Server1, create a new volume from Server Manager.
You are implementing a central location where system events from all servers in the domain will be collected, but discover that no events are being collected and receive and error that the data area passed to a system call is too small. What do you change
Events to collect, click on Select Events
You plan to configure Network Policy Server (NPS) on Server1 to use certificate-based authentication for VPN connections, to ensure that NPS can performan certificate-based authentication, to which store should you import the certificate
Certificates(Local Computer)
Personal
You implement DirectAccess and an IKEv2 VPN. Where do you view it's connection properties
Workplace Connection _
You implement DirectAccess. Where do you view it's connection properties?
Workplace Connection []
*You have several PowerShell scripts that execute when computers start, but need to reduce the time they take without preventing that scripts complete. What setting should you configure?
Run startup scripts asynchronously
*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for Folder 1 with no encryption or compression
Microsoft Online Backup
*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for Folder 2 with encryption and no compression
Microsoft Online Backup
*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for Folder 3 with no encryption and using compression
Microsoft Online Backup
*You need to implement Microsoft Online Backup whenever possible. What type of backup can you use for System State
Windows Server Backup
You have a file server named Server1 that runs Windows Server 2012 and a folder named Folder1 shared as Share1. The everyone group has Full Control share permission to Folder1. You configure a central access policy. members of the IT group report they cannot modify the files in Folder1. To use central access policies to control the permissions what 2 actions should you perform?
On the Classification tab of Folder1, set classification to Information Technology
On the Security tab of Folder1, assign the Modify permission to the Authenticated Users group
Your network contains three AD forests. Each forest contains and AD Rights Management Services (ADRMS) root cluster. All of the users in all of the forest must be able to access protected content from any of the forest. What are the minimum number of ADRMS trusts required?
6
To move the AD Database to a new volume, what NTDSUtil context should you use?
Files
Your account is configured to prevent you from using the computer. Please try another computer.
Log On To on the Account tab of the user account
Locate iSCSI resource on the network by using a central repository
Deploy the iSNS Server Service feature
Connect 3 hard disks to Server 1, provide fault tolerance; maximize the amount of usable storage space
Create a parity space
Remove AD from a DC with a Server Core installation of Windows Server 2012
DCPromo.exe using the force removal function. If the Uninstall-ADDSDomainController option was available that would be the correct answer
IT group cannot modify files in Folder1
Classification Tab, set to Information Technology
Security Tab, assign the Modify permission to Authenticated Users
Configure DCS1, a custom data collector set to meet the following requirements:
Automatically run a program when the amount of total free disk space drops below 10%
Log the current values of several registry settings
System configuration information
A Performance Counter Alert
2 departments need the ability of print from a network print device. Documents from sales need to print before marketing
Add 2 printers, Modify the priorities of each printer and the security settings of each printer.
Ensure that User1 can user IPAM to modify the DHCP scopes on Server2, what group should be enabled for User1?
DHCP Administrators on Server 2
Give the help desk access to reset passwords and unlock accounts
User the Delegation Control Wizard
Install a DC with the following roles:
Schema master
Global catalog server
DNS Server role
Active Director Certificate Services server role
Which configurations cannot be completed by the AD Installation Wizard?
Install the AD Certificate Services role
Transfer the schema master
What connectiopn properties do you use to Implement DirectAccess
Workplace Connection (CPU graphic)
What Server manager feature is used for the management of Public Key Infrastructure
Active Directory Certificate Services
To deploy NAP by using IPSec, ensure client computers can discover HRA servers automatically
On DC1, create a service location (SRV) record
In a CPO, modifiy the Request Policy setinf for the NAP Client Configuration
On all of the client computers, configure the EnableDiscover registry key
VM1 is on Server1 and replicates to Server1. To encrypt the replication
On Server1, modify the settings of VM1
On Server2, modify the Hyper-V Settings
After setting up several AD users for different OU's, you discover that the IT Technician misspelled the Office property as Londn instead of London, what tool should you use to correct the changes to all OUs at once?
Dsquery and Dsmod
How do you configure two network adapters from different hardware vendors to failover if one adapter fails
New-NetSwitchTeam
In Hyper V, Server 1 has a legacy network adapter. You need to assign a specific amount of bandwidth to the adapter. What should you do first?
Remove the legacy network adapter, add a network adapter
On Server1, you configure a custom Data Collector Set named DCS1. DCS1 is configure to store performance log data in C:\Logs. To ensure the contents of C:\Logs are deleted automatically when the folder reaches 100MB, what should you configure?
The Data Manager settings of DCS1
Server1: Windows Server 2012, Server2: Windows Server 2008 R2 - to ensure you can manage Server2 from Server1 by using Server Manager
Install Windows Management Framework 3.0 on Server2
Install Microsoft .NET Framework 4 on Server2
Why you should you audit failed events?
To monitor for malicious attempts to access a resource which has been denied.
Server1 hosts 4 VMs, to configure VM4 to track CPU, memory, and network usage, what should you configure?
Resource metering
Promote Read Only Domain Controller RODC1 by using File1.txt
User dcpromo, which is deprecated, but used for unattended installations
Server 1 hosts 4 VMs. You need to ensure VM1 can use more CPU time than the other virutal machines when the CPUs on Server1 are under a heavy load
Use Resource control
Ensure that users can use Previous Version to restore files in Share1
Use Shadow Copies settings
To Ensure you use Windows Server Backup to back up data to Microsoft Online Backup
From Windows Server Backup, run the Register Server Wizard
What service do you use to reduce the number of duplicate blocks of data in storage
Data Deduplication Role Service
Configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster 1.
Hyper-V Manager console connected to Server3
Failover Cluster Manager console connected to Cluster1
Control access to the file shares on Server1 based on the values in the Division attribute automatically populated as part of the user provisioning process
from Active Directory Administrative Center, create a claim type
from Active Directory Administrative Center, create a reference resource property
On the shared folders, set the classification value
Server1 runs Windows Server 2012; Server 2 runs a Server core installation of Windows Server 2012. You joined Server 2 to the domain. Ensure you can manage Server2 by using the Computer Management console on Server1
Run the Enable-NetFirewallRule cmdlet
To active Windows Server on Windows Server 2008, what command line tools can be used?
cscript C:\windows\system32\slmgr.vbs ato
Server1 hosts an AD integrated zone for contoso.com; Server2 hosts an AD integrated zone for fabrikam. Both are in the same forest and are connect over a WAN link. Configure Server1 to support the resolution of names in fabrikam.com if the WAN link fails
Create a secondary zone
Change the precedence order of GPOs
Set-GPLink
recover Default Domain Policy and Default Domain Controllers Policy GPOs
dcgpofix.exe /target:both
Create various user objects using PowerShell
Invoke the Create method of OU
Ensure that NPS can perform certificate based authentication. What store should you import the certificate?
Certificates(Local Computer)
Personal
Move the Active Directory Logs, which NTDSutil context should you use?
Files
Ensure you can access the contents of the mounted snapshot
From a command prompt, run dsamain.exe -dbpath
c:\$snap_201204131056_volumeC$\windows\ntds\ntds.dit ldapport 33389
You configure a custom Data Collector Set (DCS) named DCS1, ensure the performance log data older than 30 days is deleted automatically
Configure the Data Manager settings of DCS1
To ensure high availability of DHCP what mode results in an Active-Passive configuration?
Hot Standby Mode failover partners
What type of DNS record maps a domain name to an IP address?
A
What Windows Server 2012 feature could you use to save time when creating GPO's with similar settings
Starter GPO
Reduce the amount of time it takes for client computers to start, but allow scripts to complete successfully, configure what Group Policy
Run startup scripts asynchronously
Prevent VM3 from synchronizing its clock to Server1
Configure Integration Services
Use tombbstone reanimation to restore an account, what tool should you use?
LDP
Identify which Service Location (SRV) records are registered by DC3
Open the %windir%\system32\config\netlogon.dns file
Authentication setting that permits unrestricted access by any users in the specified forest to all available shared resource that are located in any of the domains in the local forest
Forest-wide authentication
To configure Server1 as an ADFS server, what type of certificate template do you need to request?
Web Server
You have 3 forests and need all users in all forest to access all content. How many AD RMS trusts are required?
6
What too should you use to create a network adapter team?
Server Manager
Log onto Server1 and retrieve IP Configurations of Server2
winrs -r:server2 ipconfig
Manage Server2 from Server1 using Server Manager
Run the Configure-SMRemoting.ps1 script
Run the Set-ExecutionPolicy cmdlet
Group HBA ports together to configure a VM to connect to a SAN
Create a Virutal Fibre Channel SAN
Server1 is a virtualization host, after installing Hyper-V, create 4 external virtual switches
Add-VMNetworkAdapter
Add a GUI to a Server Core installation of Windows Server 2012
Add-WindowsFeature cmdlet
Uninstall the GUi from a full installation of Windows Server 2012, with minimum amount of administrative effort
From Server Manager, uninstall the User Interfaces and Infrastructure feature
Perform an offline domain join of Server1 to your domain
Run the djoin.exe command
You have 5 disks and need to create a volume to store up to 3TB of files, the solution must ensure that the user files are available if one of the disks in the volume fails
storage pool on disk 2 and disk 3
Ensure the network traffic of VM2 bypasses the virtual switches of the parent partition
Single-root I/O virtualization
Request a certificate on Server1 to ensure that the virtual machine replication is encrypted. What 2 purposes should the certificate for Server1 contain>
Server Authentication and Client Authentication
To place all new computer accounts in the General OU, what command do you use?
Redircmp
What feature is not installed in Minimal Server Interface?
Windows Explorer
In Hyper-V, where you would view the RAM when Dynamic Memory is not enabled?
Startup in the Memory page of the VM
Prevent user from connecting to the domain via Direct Access
Configure Name Resolution Policy in the GPO
Server2 hosts VM1, ensure that you can start VM1 on Server1 if Server2 fails
From HyperV in Server1, modify the Replication Configuration settings and enable replication for VM1
Ensure Server2 can host a secondary zone for contoso.com
Add Server2 as a name server - allow zone transfers
Ensure users in the domain are issued a certificate that can be used for Email Security, Client Authentication, and Encrypting File System
Duplicate the User certificate template and publish
From a group policy, configure the Certificate Services Client - Auto-Enrollment settings
What type of server must you use as the certificate revocation list distribution point
Web Server
Ensure that when users connect to WebApp1, their session state is maintained
Affinity-Single
Server1 hosts 4 VMs, ensure VM1 can user more CPU that other VMs when the CPUs on Server1 are under a heavy load
Resource Control
Server1 and Server2 have different processor manufacturers. Move VMs from Server1 to Server2
Export the VMs from Server1 and import to Server2
To manually configure a windows 2012 server as a domain controller what tool should you use?
Server Manager
Server1 and Server2 have Failover Clustering, if Server2 fails, Server 1 should be come the active node for App1. What should you configure?
The preferred owner - the preferred owner in a 2 server cluster will always be the active node unless it is down.
Server1 hosts 4 VMs. Configure CM4 to track the CPU, memory, and network usage
Resource metering
To modify the NTFS permissions for many folders on file servers using central access policies, in what order should you perform the 5 actions
Create a central access rule
Create a central access policy
Modify the Security settings of the shared folders on the file servers
In GPO1, modify the Audit Central Access Policy Staging setting and configure the Central Access Policy settings
Search for failure events in the security logs from the file servers
What type of virtual network is isolated from all external network traffic on the VM as well as any network traffic between the management operating system and external network
Private
What type of file server should you use for a DFS namespace
File server for general use
Perform an offline domain join of a Windows Server 2012 Server
djoin.exe
Configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster1
The Hyper-V Manager console connected to Server3
The failover cluster manager console connected to Cluster1
How can you unlock a user account?
Command Line, PowerShell, VBScript
You create a custom Data Collector Set named DCS1. Configure it to automatically run a program when the amount of total free disk space on Server1 drops below 10% and log the current values of several registry settings
System Configuration information
A performance counter alert
Remove SD from a Windows Server 2012 Server Core installation
dcpromo.exe - force removal
OCSetup can be used to...
add system components to an online Windows image - msi files, cbs components, or packages with an exe
Ensure you can configure a pass-through disk for a VM
Take the disk offline
To manage Server2 from Server1, what tasks should you perform on Server2?
Ryn the Configure-CMRemoting.ps1 script
Run the Set-ExecutionPolicy cmdlet
To install, configure, or uninstall server roles on a Service Core installation machine remotely, what do you use?
Server Manager
Server1 and Server2 have failover clustering installed and are configured as noted in s a failover cluster named Cluster1. You add additional modes to Cluster1. You need to ensure that Cluster1 stops running if three nodes fail. What should you configure?
The cluster quorum settings
You have a 4 VM server and need to ensure all traffic sent to VM3 can be captured on VM2
port mirroring
Your network contains two subnets. You need to ensure that noncompliant computers on Subnet1 receive different network policies than noncompliant computers on Subnet2
NAP-Capable Computers conditions
MS-Service Class conditions
What command can you run to determine which servers were restarted in the last 2 days
Get-ADComputer and specify the lastLogon property
You have a GPO named GPO1 that is linked to the domian, you need to configure GPO1 to apply settings to Group1 only
Set-GPPermission
Where do you place DCCloneConfig.xml?
%systemroot%\NTDS
What are features of RODC?
Filtered Attribute Sets
Unidirectional Replication
Read-only DNS
What is the prerequisite before running the configure NAP wizard?
a computer certificate
Configure storage so that it appears in Windows Explorer as a drive letter on Server1
On Server2, add an iSCSI initiator ID to target1
On Server1, configure the iSCSi initiator to connect to target1
On Server1, create a new volume from Server Manager
To view the settings of a password settings object
AD Administrator Center
Save the state of a VM before a backup starts
Integration Services
Users unable to use Director access from home
WMI filter for the Direct Access Client Settings GPO
Ensure client computers can discover HRA servers automatically
DC1, create SRV
GPO, modify the request policy setting for the NAP Client Config
All client computer, configure the Enable Discovery registry key
What command can be used to delete user accounts
LDIFDE
