-----------------------------------ExamA: ------------------------------------------------
QUESTION 3
Your network contains an Active Directory forest.
The forest contains two domains named contoso.com and corp.contoso.com.
The forest contains four domain controllers.
The domain controllers are configured as shown in the following table.
All domain controllers are DNS servers.
In the corp.contoso.com domain, you plan to deploy a new domain controller
named DC5.
You need to identify which domain controller must be online to ensure that DC5
can be promoted successfully to a domain controller.
Which domain controller should you identify?
A. DC1
B. DC2
C. DC3
D. DC4
Answer: D
Explanation: Relative ID (RID) Master: Allocates active and standby RID pools
to replica domain controllers in the same domain. (corp.contoso.com) Must be
online for newly promoted domain controllers to obtain a local RID pool that is
required to advertise or when existing domain controllers have to update their
current or standby RID pool allocation. The
RID master is responsible for processing RID pool requests from all domain
controllers in a particular domain. When a DC creates a security principal
object such as a user or group, it attaches a unique Security ID (SID) to the
object.
Correct Answer D
QUESTION 48 (17 another file )
Drag and Drop Question
You have a server named Server2 that runs Windows Server 2012 R2.
You need to configure the storage so that it appears in Windows Explorer as a
drive letter on Server1.
Which three actions should you perform in sequence? To answer, move the three
appropriate actions from the list of actions to the answer area and arrange
them in the correct order.
Answer:
- On server02, add an iSCSI initiator ID to target1
- On server01, configure the iSCSI initiator to connect to target1
- On server01, create a new volume from Server Manager
------------------------------------------------------Exam
B:-------------------------------------------------------
B42 : I don't find any right answer
(Security filtering missing ?)
- Create a WSHV
•
- Create a Health policy
•
Create a network policy
-----------------------------------------Exam
C: -------------------------------------------------------
QUESTION 6(106)
Your network contains an Active Directory forest named contoso.com. The forest
contains two domains named contoso.com and chitd.contoso.com and two sites
named Site1 and Site2.
The domains and the sites are configured as shown in following table.
When the link between Site1 and Site2 fails,
users fail to log on to Site2.
You need to identify what prevents the users in Site2 from logging on to the
child.contoso.com domain.
What should you identify?
A. The placement of the PDC
emulator
B. The placement of the domain naming master
C.
The placement of the global catalog server
D. The placement of the infrastructure master
Answer C
06 CQ6 not PDC but GC is necessary,would by AD DS fault tolerant if PD
were necessary to log on?
In a multidomain forest, when a user logs on to a domain, a global catalog
server must be contacted to determine the universal group memberships of the
user.
QUESTION
C 22:
Your
network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2 and has the
DHCP Server server role installed. An administrator installs the IP Address
Management (IPAM) Server feature on a server named Server2. The administrator
configures IPAM by using Group Policy based provisioning and starts server
discovery.
You plan to create Group Policies for IPAM provisioning.
You need to identify which Group Policy object (GPO) name prefix must be used
for IPAM Group Policies.
What should you do on Server2?
A. From Task Scheduler,
review the IPAM tasks.
B. From Server Manager, review the IPAM overview.
C. Run the Get-IpamConfigurationcmdlet.
D. Run the ipamgc.exe tool.
Answer: B (but "C" works too)
QUESTION 23 (129)
Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2.
The domain contains an Edge Server named Server 1.
Server1 is configured as a DirectAccess server.
Server1 has the followingsettings:
- Internal DNS name: Server1.contoso.com
- External DNS name: dal.contoso.com
- Internal IPv6 address: 2002:cla8:6a:3333::1
- External IPv4 address: 65.55.37.62
Your company uses split-brain DNS for the contoso.com zone.
You run the Remote Access Setup wizard as shown in the following exhibit.
(Click the Exhibit button.)
You need to ensure that client computers on
the Internet can establish DirectAccess connections to Server1.
Which additional name suffix entry should you add from the Remote Access Setup
wizard?
A. A Name Suffix value of
server1.contoso.com and a blank DNS Server Address value
B. A Name Suffix value of dal.contoso.com and a DNS Server
Address value of 65.55.37.62
C.
A Name Suffix value of dal.contoso.com and a blank DNS Server Address value
D. A Name Suffix value of server1.contoso.com and
a DNS Server Address value of 65.55.37.62
Answer: C Explanation: It
says “on the internet” & the external DNS name is Dal.
QUESTION (24) 130
Your company deploys a new Active Directory forest named contoso.com.
The first domain controller in the forest runs Windows Server 2012 R2. The
forest contains a domain controller named DC10. On DC10; the disk that contains
the SYSVOL folder fails.
You replace the failed disk.
You stop the Distributed File System (DFS) Replication service.
You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A. Ldp
B. Active Directory Sites and Services
C. Dfsmgmt.msc
D. Frsutil
Answer: C24 : A (Equivalent to
ADSIEdit)
QUESTION 38 (148)
Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Node1 and Node2. Node1 and Node2 run Windows Server
2012 R2. Node1 and Node2 are configured as a two-node failover cluster named
Cluster2. The computer accounts for all of the servers reside in an
organizational unit (OU) named Servers. A user named User1 is a member of the
local Administrators group on Node1 and Node2. User1 creates a new clustered
File Server role named File1 by using the File Server for general use option.
A report is generated during the creation of File1 as shown in the exhibit.
(Click the Exhibit button.)
File1 fails to start.
You need to ensure that you can start File1.
What should you do?
A. Recreate the clustered
File Server role by using the File Server for scale-out Application data
option.
B.
Assign the user account permissions of User1 to the Servers OU.
C. Log on to the domain by using the built-in
Administrator for the domain, and then recreate the clustered
File Server role by using the File Server for general use option.
D. Increase the value of the ms-DS-MachineAccountQuota
attribute of the domain.
E. Assign the computer account permissions of Cluster2 to the
Servers OU.
Answer: B.
-----------------------------------Exam
D: ----------------------------------------------
QUESTION 3 (154)
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1. Server1 runs Windows Server 2012
R2.
You create a group Managed Service Account named gService1.
You need to configure a service named Service1 to run as the gService1 account.
How should you configure Service1?
A. From a command prompt,
run sc.exe and specify the sdset parameter.
B. From the Services console, configure the General settings.
C. From Windows PowerShell, run Set-Service and specify
the-StartupType parameter.
D.
From the Services console, configure the Log On settings.
Answer: D
QUESTION 23 (49)
Your network contains an Active Directory
domain named contoso.com. The domain contains two servers named Server1 and
Server2. Server1 runs Windows Server 2012 R2. 5erver2 runs Windows Server 2008
R2 Service Pack 1 (SP1) and has the DHCP Server server role installed.
You need to manage DHCP on Server2 by using the DHCP console on Server1.
What should you do first?
A. From the Microsoft
Management Console on Server1, add a snap-in.
B. From Server Manager on Server2, enable Windows Remote
Management.
C. From Windows PowerShell on Server2, run Enable-PSRemoting.
D. From Server Manager on Server1,
install a feature.
OR
Answer: D not B (when you install DHCP Server on 2008R2, ports
are automaticaly opened : you just have to add role tools on the 2012 Server)
QUESTION 25 (182)
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1. Server1 runs Windows Server 2012
R2.
You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. Share and Storage
Management
B. Server Manager
C. New-VirtualDisk
D. Computer Management
Answer: D not C
QUESTION (36)195
You have a file server named Server1 that runs Windows Server 2012 R2. Server1
has following hardware configurations:
- 16 GB of RAM
- A single quad-core CPU
- Three network teams that have two network adapters each
You add additional CPUs and RAM to Server1.
You repurpose Server1 as a visualization host.
You install the Hyper-V server role on Server1.
You need to create four external virtual switches in Hyper-V.
Which cmdlet should you run first?
A. Add-NetLbfoTeamNic
B. Set-NetAdapter
C. Remove- NetLbfoTeam
D. Add-VMNetworkAdapter
Answer: C not D
QUESTION 42 (151)
Drag and Drop Question
You have a server named Server1 that runs Windows Server 2012 R2.
You are asked to test Windows Azure Online Backup to back up Server1.
You need to back up Server1 by using Windows Azure Online Backup.
Which four actions should you perform in sequence? To answer, move the
appropriate four actions from the list of actions to the answer area and
arrange them in the correct order.
Answer:
-
Signup
- Download Windows Azure
- Run setup Windows Azure wizard
- Run the register
QUESTION 50 (55)
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
You need to ensure that third-party devices can use Workplace Join to access
domain resources on the Internet.
Which four actions should you perform in sequence? To answer, move the
appropriate four actions from the list of actions to the answer area and
arrange them in the correct order.
D50 :
- Install the certificate from trusted third party CA
- Install and configure ADFS role
- Enable Device Registration Service
- Install and configure Web Application Proxy
-------------------
EXAM E:----------------------
QUESTION 10(211)
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.
You install the DHCP Server server role on Server1 and Server2.
You install the IP Address Management (IPAM) Server feature on Server1.
You notice that you cannot discover Server1 or Server2 in IPAM.
You need to ensure that you can use IPAM to discover the DHCP infrastructure.
Which two actions should you perform? (Each correct answer presents part of the
solution.
Choose two.)
A. On Server2,
run the Add-DhcpServerInDc cmdlet
B. On Server1, uninstall the DHCP
Server server role.
C. On Server1, run the Add-IpamServerInventory cmdlet.
D. On both Server1 and Server2, run the
Add-DhcpServerv4Policy cmdlet.
E. On Server2, create an IPv4 scope.
Answer: not AC E10 : A and B
(And "E" if three answers was asked)
QUESTION E12 (214)
Your network contains an Active Directory domain named adatum.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 is configured as a Network Policy Server (NPS) server and as a DHCP
server.
The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP
scope for each subnet.
You need to ensure that noncompliant computers on Subnet1 receive different
network policies than noncompliant computers on Subnet2.
Which two settings should you configure? (Each correct answer presents part of
the solution.
Choose two.)
A. The NAS Port Type
constraints
B. The Health Policies conditions
C. The Called Station ID constraints
D. The NAP-Capable Computers conditions
E. The MS-Service Class conditions
Answer:
DE E12 : B and E
Explanation:The MS-Service Class is how you
can specify which subnet the computer must be coming from in order to Apply the
policy.
E29 : QUESTION
86
Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
Server1 has the IP Address Management (IPAM) Server feature installed. Server2
has the DHCP Server server role installed. A user named User1 is a member of
the IPAM Users group on Server1.
You need to ensure that User1 can use IPAM to modify the DHCP scopes on
Server2.
The solution must minimize the number of permissions assigned to User1.
To which group should you add User1?
A. IPAM ASM Administrators
on Server1
B. IPAMUG in Active Directory
C. DHCP Administrators on Server2
D. IPAM MSM Administrators on Server1
Answer: D not C
QUESTION 41 (49)
Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2. Server1 runs Windows Server
2012 R2. 5erver2 runs Windows Server 2008 R2 Service Pack 1 (SP1) and has the
DHCP Server server role installed.
You need to manage DHCP on Server2 by using the DHCP console on Server1.
What should you do first?
A. From the Microsoft
Management Console on Server1, add a snap-in.
B. From Server Manager on Server2, enable Windows Remote
Management.
C. From Windows PowerShell on Server2, run Enable-PSRemoting.
D. From Server Manager on Server1,
install a feature.
Answer: not B E41 : D (same that D23)
------------------------------------------Exam F:
------------------------------------
F48
: 
- File Server Resource Manager (Local)
- Classification Properties
------------------------------
EXAM G
---------------------------------------
Answer not C : I don't find any
right answer (same that B42 : Security filtering missing ?)
QUESTION 11(65)
You have a server named Server1.
You install the IP Address Management (IPAM) Server feature on Server1.
You need to provide a user named User1 with the ability to set the access scope
of all the DHCP servers that are managed by IPAM. The solution must use the
principle of least privilege.
Which user role should you assign to User1?
A. IP Address Record
Administrator Role
B. IPAM Administrator Role
C. IPAM MSM Administrator Role
D. IPAM DHCP Scope Administrator Role
Correct Answer B not A
D is
right (Winrm ... TrustedHosts on the managing server)
G37 QUESTION (358)
Your network contains an Active Directory domain named contoso.com. The domain
contains a member server named Server 1. Server1 runs Windows Server 2012 R2
and has the Hyper-V server role installed.
You create an external virtual switch named Switch1. Switch1 has the following
configurations:
- Connection type: External network
- Single-root I/O virtualization (SR-IOV): Enabled
Ten virtual machines connect to Switch1.
You need to ensure that all of the virtual machines that connect to Switch1 are
isolated from the external network and can connect to each other only. The
solution must minimize network downtime for the virtual machines.
What should you do?
A. Remove
Switch1 and recreate Switch1 as an internal network.
B. Change the Connection type of Switch1 to Private network.
C. Change the Connection type of Switch1 to Internal network.
D. Remove Switch1 and recreate Switch1
as a private network.
Answer: D not B G37 : D (cannot change
connection type when SR-IOV is enabled on a virtual switch)
G43 : QUESTION 344
Drag and Drop Question
Your network contains an Active Directory domain named adatum.com. The domain
contains three servers. The servers are configured as shown in the following
table.
Server1 is configured as shown in
the exhibit. (Click the Exhibit button.)
Template1 contains custom
cryptography settings that are required by the corporate security team.
On Server2, an administrator successfully installs a certificate based on
Template1.
The administrator reports that Template1 is not listed in the Certificate
Enrollment wizard on Server3, even after selecting the Show all templates check
box.
You need to ensure that you can install a server authentication certificate on
Server3.
The certificate must comply with the cryptography requirements.
Which three actions should you perform in sequence? To answer, move the
appropriate three actions from the list of actions to the answer area and
arrange them in the correct order.
Answer: 
1/G43 Answer
- Duplicate Template
- Modify Compatibility Settings
- (Optional) Modify Request Handling
- New certificate template to Issue
G47 : QUESTION 349
Your network contains an Active Directory domain named contoso.com. The domain
contains two member servers named Server1 and Server2. All servers run Windows
Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed. The servers
are configured as nodes in a failover cluster named Cluster1. Cluster1 has
access to four physical disks. T
he disks are configured as shown in the following table.
You need to ensure that all of
the disks can be added to a Cluster Shared Volume (CSV).
Which two actions should you perform? (Each correct answer presents part of the
solution.
Choose two.)
A. Enable
BitLocker on Disk4.
B. Disable BitLocker on Disk1.
C. Format Disk2 to use NTFS.
D. Format Disk3 to use NTFS.
Answer: CD
Explanation: You cannot use a disk for a CSV that is formatted with FAT, FAT32,
or Resilient File System (ReFS). C and D if servers are
windows 2012 (normally only "C" if Windows 2012R2 : CSV is supporting
reFS with 2012R2 : https://technet.microsoft.com/en-us/library/jj612868.aspx )
G49 : QUESTION 333
You have a laptop named Computer 1. Computer1 runs Windows 8 Enterprise.
Computer1 has a wired network adapter and a wireless network adapter.
Computer1 connects to a wireless network named Network1.
For testing purposes, you install Windows Server 2012 R2 on Computer1 as a
second operating system.
You install the drivers for the wireless network adapter.
You need to ensure that you can connect to Network1 from Windows Server 2012
R2.
What should you do?
A. From a local
Group Policy object (GPO), configure the Wireless Network (IEEE 802.11)
Policies settings.
B. From Server Manager, install the Wireless LAN
Service feature.
C. Restart the WLAN AutoConfig service.
D. From a local Group Policy object (GPO), configure the
settings of Windows Connection Manager.
Answer: B not D
------------------------------------------------- H
----------------------------------------------
H03 : QUESTION 337
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2. Server1 is an
enterprise root certification authority (CA) for contoso.com.
Your user account is assigned the certificate manager role and the auditor role
on the contoso.com CA. Your account is a member of the local Administrators
group on Server1.
You enable CA role separation on Server1.
You need to ensure that you can manage the certificates on the CA.
What should you do?
A. Remove your user account from the local
Administrators group.
B. Assign the CA administrator role to your user account.
C. Assign your user account the Bypass traverse checking user
right.
D. Remove your user account from the Manage auditing and
security log user right.
Answer: A not D A
(cause Local Administrators, Enterprise Admins, and Domain Admins are CA Administrators
by default, that mean they have the CA manager Role : to manage certificates,
it need to be removed from local Administrators group)
H06 QUESTION 281
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2 and has the
DNS Server server role installed.
Server1 is configured to delete automatically the DNS records of client
computers that are no longer on the network. A technician confirms that the DNS
records are deleted automatically from the contoso.com zone.
You discover that the contoso.com zone has many DNS records for servers that
were on the network in the past, but have not connected to the network for a
long time.
You need to set the time stamp for all of the DNS records in the contoso.com
zone.
What should you do?
A. From DNS
Manager, modify the Advanced settings from the properties of Server1
B.
From Windows PowerShell, run the Set-DnsServerResourceRecordAging cmdlet
C. From DNS Manager, modify the Zone Aging/Scavenging
Properties
D. From Windows PowerShell, run the Set-DnsServerZoneAging
cmdlet.
Answer: B not D B (cause zoneAging is already enabled and is
working. Set-DnsServerResourceRecordAging will set a timestamp on old records
(probably static ones))
H10 :QUESTION 285
Your network contains an Active Directory forest named contoso.com.
The forest contains two domains named contoso.com and childl.contoso.com.
The domains contain three domain controllers.
The domain controllers are configured as shown in the following table.
You need to ensure that the KDC
support for claims, compound authentication, and kerberos
armoring setting is enforced in both domains.
Which two actions should you perform? (Each correct answer presents part of the
solution.
Choose two.)
A. Raise the domain functional level of
contoso.com.
B. Raise the domain functional level ofchildl.contoso.com.
C. Raise the forest functional level of contoso.com.
D. Upgrade DC11 to Windows Server 2012 R2.
E. Upgrade DC1 to Windows Server 2012 R2.
Answer: AE (E and A) and (D and B) cause enforced in both
domains (DAC enforced mean DC and domain level set to 2012R2)
Explanation: The root domain in the forest must be at Windows Server 2012
level. First upgrade DC1 to this level, then raise the contoso.com domain
functional level to Windows Server 2012.
H11 : QUESTION 286
Your network contains an Active Directory forest named contoso.com.
The forest contains four domains. All servers run Windows Server 2012 R2.
Each domain has a user named User1.
You have a file server named Server1 that is used to synchronize user folders
by using the
Work Folders role service.
Server1 has a work folder named Sync1.
You need to ensure that each user has a separate folder in Sync1.
What should you do?
A. From Windows
Explorer, modify the Sharing properties of Sync1.
B. Run the Set-SyncServerSetting cmdlet.
C. From File and Storage Services in Server Manager, modify
the properties of Sync1.
D.
Run the Set-SyncShare cmdlet.
Answer: D answer ("folder
structure" of sync share cannot be modified once created)
H18 : QUESTION 278
Your network contains an Active Directory domain named adatum.com.
You have a standard primary zone named adatum.com.
You need to provide a user named User1 the ability to modify records in the
zone.
Other users must be prevented from modifying records in the zone.
What should you do first?
A. Run the Zone
Signing Wizard for the zone.
B.
From the properties of the zone, change the zone type.
C. Run the new Delegation Wizard for the zone.
D. From the properties of the zone, modify the Start Of
Authority (SOA) record.
Answer: B Not C B (Convert the standard
primary zone to AD integrated zone -> The security tab will appear)
H22 QUESTION 211
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.
You install the DHCP Server server role on Server1 and Server2.
You install the IP Address Management (IPAM) Server feature on Server1.
You notice that you cannot discover Server1 or Server2 in IPAM.
You need to ensure that you can use IPAM to discover the DHCP infrastructure.
Which two actions should you perform? (Each correct answer presents part of the
solution.
Choose two.)
A. On Server2,
run the Add-DhcpServerInDc cmdlet
B. On Server1, uninstall the DHCP
Server server role.
C. On Server1, run the Add-IpamServerInventory cmdlet.
D. On both Server1 and Server2, run the
Add-DhcpServerv4Policy cmdlet.
E. On Server2, create an IPv4 scope.
Answer: AB not AC
: E and C (and "A" if three answers
was asked)
H23 : QUESTION 265
Your network contains two Active Directory forests named contoso.com and
corp.contoso.com.
User1 is a member of the DnsAdmins domain
local group in contoso.com.
User1 attempts to create a conditional forwarder to corp.contoso.com but
receive an error message shown in the exhibit. (Click the Exhibit button.)
You need to configure bi-directional name
resolution between the two forests.
What should you do first?
A. Add User1 to the
DnsUpdateProxy group.
B. Configure the zone to be Active Directory-integrated.
C. Enable the Advanced view from DNS Manager.
D.
Run the New Delegation Wizard.
Answer: D not B
- DNS namespace Parent -> DNS namespace child : delegation
- DNS namespace child -> DNS namespace Parent : nothing to do with
contiguous DNS namespace (or conditional forwarder for non-contiguous DNS
namespace)
H24 : QUESTION 266
Your network contains two Active Directory forests named contoso.com and
adatum.com.
Each forest contains one domain. Contoso.com has a two-way forest trust to
adatum.com.
Selective authentication is enabled on the forest trust.
Contoso contains 10 servers that have the File Server role service installed.
Users successfully access shared folders on the file servers by using
permissions granted to the Authenticated Users group.
You migrate the file servers to adatum.com.
Contoso users report that after the migration, they are unable to access shared
folders on the file servers.
You need to ensure that the Contoso users can access the shared folders on the
file servers.
What should you do?
A. Disable selective authentication on the
existing forest trust.
B. Disable SID filtering on the existing forest trust.
C. Run netdom and specify the /quarantine attribute.
D. Replace the existing forest trust with an external trust.
Answer: A not B A (the problem is the "Authenticated
group" : with ForestWide Authentication, everything is ok. With Selective
Authentication, users don't belong to the authenticated group in the other
forest)
H27 : QUESTION 244
You have a print server named Print1 that runs Windows Server 2012 R2.
Print1 has 10 shared printers.
You need to change the location of the spool folder.
What should you modify?
A. The properties of the
Print Spooler service
B.
The Print Server Properties
C. The user environment variables
D. The PrintQueue.inf file
Answer: B not A
H29 : QUESTION 242
Your network contains an Active Directory domain named contoso.com.
All user accounts in the marketing department reside in an organizational unit
(OU) named OU1.
You have a Group Policy object (GPO) named GPO1. GPO1 contains Folder
Redirection settings. GPO1 has default permissions.
You discover that the Folder Redirection settings are not applied to the users
in the marketing department.
You open Group Policy Management as shown in the exhibit. (Click the Exhibit
button.)
You need to ensure that the Folder
Redirection settings in GPO1 apply to the marketing users.
What should you do?
A. Modify the Delegation
settings of GPO1.
B.
Enable the link of GPO1.
C. Enforce GPO1.
D. Modify the link order of GPO1.
Answer: B not C B (in the exhibit we see that
the link is disabled)
H30 : QUESTION 243
Your network contains multiple subnets.
On one of the subnets, you deploy a server named Server1 that runs Windows
Server 2012 R2.
You install the DNS Server server role on Server1, and then you create a
standard primary zone named contoso.com.
You need to ensure that client computers can resolve IP addresses to host
names.
What should you do first?
A. Create a GlobalNames
zone.
B. Convert the contoso.com zone to an Active
Directory-integrated zone.
C. Configure dynamic updates for contoso.com.
D.
Create a reverse lookup zone.
Answer: D not A
H38 : QUESTION 237
Your network contains an Active Directory forest named contoso.com.
Users frequently access the website of an external partner company.
The URL of the website is http://partners.adatum.com.
The partner company informs you that it will perform maintenance on its Web
server and that the IP addresses of the Web server will change.
After the change is complete, the users on your internal network report that
they fail to access the website. However, some users who work from home report
that they can access the website.
You need to ensure that your DNS servers can resolve partners.adatum.com to the
correct IP address immediately. What
should you do?
A. Run dnscmd and specify
the CacheLockingPercent parameter.
B. Run Set-DnsServerGlobalQueryBlockList.
C. Run ipconfig and specify the Renew parameter.
D.
Run Set-DnsServerCache.
Answer: D D (but "A" can do the same
thing) Explanation: http://technet.microsoft.com/en-us/library/jj649852.aspx Run Set-DnsServerCache with the -LockingPercent
switch. dnscmd technically works also.
H44: QUESTION 190
Your network contains an Active Directory domain named contoso.com.
The domain contains a file server named Server1 and a domain controller named
DC1. All servers run Windows Server 2012 R2.
A Group Policy object (GPO) named GPO1 is linked to the domain.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to ensure that authenticated users can request assistance when they
are denied access to the resources on Server1.
Which two actions should you perform? (Each correct answer presents part of the
solution. Choose two.)
A. Enable the Enable access-denied assistance
on client for all file types policy setting for GPO1.
B.
Configure the Customize message for Access Denied errors policy setting of
GPO1.
C. Install the File Server Resource Manager role service on
DC1.
D. Install the File Server Resource Manager role service on
Server1.
E. Assign the Read Attributes NTFS permission on Folder1 to
the Authenticated Users group.
Answer: A and B (not need FSRM : just use
GPO) Not AD.
----------------
Confirm Questions-----------------------
QUESTION 121
You have 30 servers that run Windows Server 2012 R2.
All of the servers are backed up daily by using Windows Azure Online Backup.
You need to perform an immediate backup of all the servers to Windows Azure
Online Backup. Which Windows PowerShell cmdlets should you run on each server?
A. Start-OBRegistration |
Start-OBBackup
B. Get-OBPolicy | Start-OBBackup
C. Get-WBBackupTarget | Start-WBBackup
D. Get-WBPolicy | Start-WBBackup
QUESTION 122
You have 20 servers that run Windows Server 2012 R2.
You need to create a Windows PowerShell script that registers each server in
Windows Azure Online Backup and sets an encryption passphrase.
Which two PowerShell cmdlets should you run in the script? (Each correct answer
presents part of the solution. Choose two.)
A. New-OBPolicy
B. New-OBRetentionPolicy
C. Add-OBFileSpec
D. Start-OBRegistration
E. Set-OBMachineSetting
Answer:
DE
QUESTION 125
You have a server named FS1 that runs Windows Server 2012 R2.
You install the File and Storage Services server role on FS1.
From Windows Explorer, you view the properties of a shared folder named Share1
and you discover that the Classification tab is missing.
You need to ensure that you can assign classifications to Share1 from Windows
Explorer manually.
What should you do?
A. From Folder Options,
clear Use Sharing Wizard (Recommend).
B. Install the File Server Resource
Manager role service.
C. From Folder Options, select Show hidden files, folders,
and drives.
D. Install the Enhanced Storage feature.
Answer: B
QUESTION 127
Your network contains an Active Directory forest named adatum.com.
All servers run Windows Server 2012 R2.
The domain contains four servers. The servers are configured as shown in the
following table.
You need to deploy IP Address Management
(IPAM) to manage DNS and DHCP.
On which server should you install IPAM?
A. Server1
B. Server2
C. Server3
D. Server4
Answer: D
Explanation:
IPAM can not be installed on a Domain Controller.
QUESTION 130
Your company deploys a new Active Directory
forest named contoso.com.
The first domain controller in the forest runs Windows Server 2012 R2. The
forest contains a domain controller named DC10. On DC10; the disk that contains
the SYSVOL folder fails.
You replace the failed disk.
You stop the Distributed File System (DFS) Replication service.
You restore the SYSVOL folder.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which tool should you use before you start the DFS Replication service on DC10?
A. Ldp
B. Active Directory Sites and Services
C. Dfsmgmt.msc
D. Frsutil
Answer: A QUESTION 136
Your network contains two servers named Server1 and Server2. Both servers run
Windows Server 2012 R2, On Server1, you create a Data Collector Set (DCS) named
Data1. You need to export Data1 to Server2. What should you do first?
A. Right-click Data1 and
click Data Manager…
B.
Right-click Data1 and click Save template…
C. Right-click Data1 and click Properties.
D. Right-click Data1 and click Export list…
Answer: B
Explanation:
To export a Data Collector Set you create as a template for use on other
computers, open Windows Performance Monitor, expand Data Collector Sets,
right-click the Data Collector Set you want to export, and click Save Template.
Select a directory in which to store the XML file and click Save .
http://technet.microsoft.com/en-us/library/cc766318.aspx
QUESTION 138
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
All client computers run Windows 8 Group Policy objects (GPOs) are linked to
the domain as shown in the exhibit. (Click the Exhibit button.)
GPO2 contains computer configurations only
and GPO3 contains user configurations only.
You need to configure the GPOs to meet the following requirements:
- Ensure that GPO2 only Applies to the computer accounts in OU2 that have more
than one processor.
- Ensure that GPO3 only Applies to the user accounts in OU3 that are members of
a security group named SecureUsers.
Which setting should you configure in each GPO? To answer, drag the appropriate
setting to the correct GPO. Each setting may be used once, more than once, or
not at all. You may need to drag the split bar between panes or scroll to view
content.
Answer:
QUESTION 139
Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2. An organizational unit (OU)
named OU1 contains 200 client computers that run Windows 8 Enterprise.
A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy
settings immediately. The solution must minimize administrative effort.
Which tool should you use?
A. The Set-AdComputercmdlet
B. Group Policy Object Editor
C. Active Directory Users and Computers
D. Group Policy Management Console (GPMC)
Answer: D)
QUESTION 146
Drag and Drop Question
Your network contains four servers that run Windows Server 2012 R2.
Each server has the Failover Clustering feature installed.
Each server has three network adapters installed. An iSCSI SAN is available on
the network.
You create a failover cluster named Cluster1.
You add the servers to the cluster.
You plan to configure the network settings of each server node as shown in the
following table.
You need to configure the network settings
for Cluster1.
What should you do? To answer, drag the appropriate network communication
setting to the correct cluster network. Each network communication setting may
be used once, more than once, or not at all. You may need to drag the split bar
between panes or scroll to view content.
Answer:
QUESTION 150
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
The servers have the Hyper-V server role installed. A certification authority
(CA) is available on the network. A virtual machine named VM1.contoso.com is
replicated from Server1 to Server2. A virtual machine named vm2.contoso.com is
replicated from Server2 to Server1.
You need to configure Hyper-V to encrypt the replication of the virtual
machines.
Which common name should you use for the certificates on each server? To
answer, configure the appropriate common name for the certificate on each
server in the answer area.
Answer:
QUESTION 153
You have a server named Server1 that runs Windows Server 2012 R2. Server1 is
backed up by using Windows Server Backup.
The backup configuration is shown in the exhibit. (Click the Exhibit button.)
You discover that only the last copy of the
backup is maintained.
You need to ensure that multiple backup copies are maintained.
What should you do?
A. Modify the backup destination.
B. Configure the Optimize Backup Performance settings.
C. Modify the Volume Shadow Copy Service (VSS) settings.
D. Modify the backup times.
QUESTION 158
Drag and Drop Question
Your network contains a single Active Directory domain named contoso.com. The
domain contains an Active Directory site named Site1 and an organizational unit
(OU) named OU1.
The domain contains a client computer named Client1 that is located in OU1 and
Site1.
You create five Group Policy objects (GPO).
The GPOs are configured as shown in the following table.
You need to identify in which order the GPOs
will be Applied to Client1.
In which order should you arrange the listed GPOs? To answer, move all GPOs
from the list of GPOs to the answer area and arrange them in the correct order.
Answer:
D43 : GPO3, GPO1, GPO4, GPO5, GPO2 (GPO3,
GPO1, GPO4 with the site to OU order. GPO5, GPO2 in the
reverse order because they are enforced)
QUESTION 160
Your network contains an Active Directory domain named contoso.com.
The domain contains client computers that run either Windows XP, Windows 7, or
Windows 8.
Network Policy Server (NPS) is deployed to the domain.
You plan to create a system health validator (SHV).
You need to identify which policy settings can be Applied to all of the
computers.
Which three policy settings should you identify? (Each correct answer presents
part of the solution. Choose three.)
A. A firewall is enabled for all network
connections.
B. An antispyware application is on.
C.
Automatic updating is enabled.
D. Antivirus is up to date.
E. Antispyware is up to date.
Answer: ACD
QUESTION 162
You have a server named Server1 that runs Windows Server 2012 R2.
You create a Data Collector Set (DCS) named DCS1.
You need to configure
DCS1 to log data to D:\logs.
What should you do?
A. Right-click DCS1 and
click Data Manager…
B. Right-click DCS1 and click Save Template…
C.
Right-click DCS1 and click Properties.
D. Right-click DCS1 and click Export list…
QUESTION 165
Drag and Drop Question
You have a file server named Server1 that runs Windows Server 2012 R2.
The folders on Server1 are configured as shown in the following table.
A new corporate policy states that backups
must use Windows Azure Online Backup whenever possible.
You need to identify which technology you must use to back up Server1.
The solution must use Windows Azure Online Backup whenever possible.
What should you identify? To answer, drag the appropriate backup type to the
correct location or locations. Each backup type may be used once, more than
once, or not at all. You may need to drag the split bar between panes or scroll
to view content.
Answer:
QUESTION 167
Your network contains an Active Directory forest named contoso.com. The forest
contains a single domain. All domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers. The domain controllers are
configured as shown in the following table.
Active Directory Recycle Bin is enabled.
You discover that a support technician accidentally removed 100 users from an
Active Directory group named Group1 an hour ago.
You need to restore the membership of Group1.
What should you do?
A. Export and import data by using Dsamain.
B. Apply a virtual machine snapshot to VM1.
C. Recover the items by using Active Directory Recycle Bin.
D. Modify the isRecycled attribute of Group1.
Answer:
A
QUESTION 168
Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is
backed up daily. The domain has the Active Directory Recycle Bin enabled.
During routine maintenance, you delete 500 inactive user accounts and 100
inactive groups. One of the deleted groups is named Group1. Some of the deleted
user accounts are members of some of the deleted groups.
For documentation purposes, you must provide a list of the members of Group1
before the group was deleted.
You need to identify the names of the users who were members of Group1 prior to
its deletion. You want to achieve this goal by using the minimum amount of
administrative effort.
What should you do first?
A. Mount the most recent Active Directory backup.
B. Perform an authoritative restore of Group1.
C. Use the Recycle Bin to restore Group1.
D. Reactivate the tombstone of Group1.
Answer:
A
QUESTION 170
In an isolated test environment, you deploy a server named Server1 that runs a
Server Core Installation of Windows Server 2012 R2.
The test environment does not have Active Directory Domain Services (AD DS)
installed.
You install the Active Directory Domain Services server role on Server1.
You need to configure Server1 as a domain controller.
Which cmdlet should you run?
A. Install-ADDSForest
B. Install-ADDSDomain
C. Install-WindowsFeature
D. Install-ADDSDomainController
Answer:
A
QUESTION 177
Your network contains an Active Directory domain named adatum.com.
The domain contains the servers shown in the following table.
You need to ensure that you can use Server
Manager on DC1 to manage DC2.
Which two tasks should you perform? (Each correct answer presents part of the
solution. Choose two.)
A. Install the Windows
PowerShell 2.0 engine on DC1.
B.
Install Microsoft .NET Framework 4 on DC2.
C. Install Remote Server Administration Tools on
DC1.
D. Install Remote Server Administration Tools on DC2.
E. Install Windows Management Framework 3.0 on DC2.
Answer:
BE
QUESTION 182
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1. Server1 runs Windows Server 2012
R2.
You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. Share and Storage
Management
B. Server Manager
C. New-VirtualDisk
D. Computer Management
Answer: D
QUESTION 186
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You need to identify whether the Company attribute replicates to the global
catalog.
Which part of the Active Directory partition should you view? To answer, select
the appropriate Active Directory object in the answer area.
Answer:
QUESTION 188
You have a server named Server1 that runs Windows Server 2012 R2.
You install the File and Storage Services server role on Server1. From Windows
Explorer, you view the properties of a folder named Folder1 and you discover
that the Classification tab is missing.
You need to ensure that you can assign classifications to Folder1 from Windows
Explorer manually.
What should you do?
A. Install the Share and
Storage Management Tools.
B. From Folder Options, clear Hide protected operating system
files (Recommended).
C. From Folder Options, select the Always show menus.
D. Install the File Server Resource Manager role service.
QUESTION 191
Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2 and a server
named Server2 that runs Windows Server 2008 R2 Service Pack 1 (SP1). Both
servers are member servers.
On Server2, you install all of the software required to ensure that Server2 can
be managed remotely from Server Manager.
You need to ensure that you can manage Server2 from Server1 by using Server
Manager.
Which two tasks should you perform on Server2? (Each correct answer presents
part of the solution.
Choose two.)
A. Run the Configure-SMRemoting.ps1 script.
B. Run the Enable-PSSessionConfigurationcmdlet.
C. Run the Set-ExecutionPolicycmdlet.
D. Run the systempropertiesremote.exe command
E. Run the Enable-PSRemotingcmdlet.
Answer:
AC
QUESTION 192
Your network contains an Active Directory domain named contoso.com. The network
contains a server named Server1 that runs Windows Server 2012 R2 and a server
named Server2 that runs Windows Server 2008 R2 Service Pack 1 (SP1). Server1
and Server2 are member servers.
You need to ensure that you can manage Server2 from Server1 by using Server
Manager.
Which two tasks should you perform? (Each correct answer presents part of the
solution. Choose two.)
A. Install Windows Management Framework 3.0
on Server2.
B. Install Remote Server Administration Tools on Server1.
C. Install the Windows PowerShell 2.0 engine on Server1.
D. Install Microsoft .NET Framework 4 on Server2.
E.
Install Remote Server Administration Tools on Server2.
QUESTION 197
You perform a Server Core Installation of Windows Server 2012 R2 on a server
named Server1. You need to add a graphical user interface (GUI) to Server1.
Which tool should you use?
A. The setup.exe command
B. The imagex.exe command
C. The Install-RoleServicecmdlet
D.
The Add-WindowsFeaturecmdlet
Answer: D
QUESTION 205
Your network contains a domain controller named DC1 that runs Windows Server
2012 R2.
You create a custom Data Collector Set (DCS) named DCS1.
You need to configure DCS1 to collect the following information:
- The amount of Active Directory data replicated between DC1 and the other
domain controllers
- The current values of several registry settings.
Which two should you configure in DCS1? (Each correct answer presents part of
the solution. Choose two.)
A. System configuration information
B. A Performance Counter Alert
C. Event trace data
D. A performance counter
Answer: AD
Explanation:
QUESTION 214
Your network contains an Active Directory domain named adatum.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 is configured as a Network Policy Server (NPS) server and as a DHCP
server.
The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP
scope for each subnet.
You need to ensure that noncompliant computers on Subnet1 receive different
network policies than noncompliant computers on Subnet2.
Which two settings should you configure? (Each correct answer presents part of
the solution.
Choose two.)
A. The NAS Port Type
constraints
B. The Health Policies conditions
C. The Called Station ID constraints
D. The NAP-Capable Computers conditions
E. The MS-Service Class conditions
Answer:BE
QUESTION 245
You have a server named Server1 that runs Windows Server 2012 R2.
You try to install the Microsoft .NET Framework 3.5 Features feature on
Server1, but the installation fails repeatedly.
You need to ensure that the feature can be installed on Server1.
What should you do?
A. Run the
Add-WindowsPackagecmdlet.
B. Disable User Account Control (UAC).
C.
Specify an alternate source path.
D. Install the Web Server (IIS) server role.
Answer: C
QUESTION 247
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2.
Server1 hosts a virtual machine named VM1 that runs Windows Server 2012 R2.
VM1 has several snapshots.
You need to modify the snapshot file location of VM1.
What should you do?
A. Delete the existing snapshots, and then
modify the settings of VM1.
B. Right-click VM1, and then click Move. ..
C. Right-click VM1, and then click Export…
D. PauseVM1, and then modify the settings of VM1.
Answer:
A
QUESTION 260
Drag and Drop Question
Your network contains two Active Directory forests named contoso.com and
adatum.com.
Each forest contains an Active Directory Rights Management Services (AD RMS)
root cluster.
All servers run Windows Server 2012 R2.
You need to ensure that the rights account certificates issued in adatum.com
are accepted by the AD RMS root cluster in contoso.com.
What should you do in each forest? To answer, drag the appropriate actions to
the correct forests. Each action may be used once, more than once, or not at
all. You may need to drag the split bar between panes or scroll to view
content.
Answer:
QUESTION 280
Your network contains an Active Directory domain named contoso.com.
Network Policy Server (NPS) is deployed to the domain.
You plan to deploy Network Access Protection (NAP).
You need to configure the requirements that are validated on the NPS client
computers.
What should you do?
A. From the
Network Policy Server console, configure a network policy.
B. From the Network Policy Server console, configure a health
policy.
C. From the Network Policy Server console, configure a Windows Security
Health Validator
(WSHV) policy.
D. From a Group Policy object (GPO), configure the NAP Client
Configuration security setting.
E. From a Group Policy object (GPO), configure the Network
Access Protection Administrative
Templates setting.
Answer: C
QUESTION 288
Your network contains an Active Directory domain named adatum.com. The domain
contains a member server named Host1. Host1 runs Windows Server 2012 R2 and has
the Hyper-V server role installed.
Host1 hosts two virtual machines named VM5 and VM6. Both virtual machines
connect to a virtual switch named Virtual1.
On VM5, you install a network monitoring application named Monitor1.
You need to capture all of the inbound and outbound traffic to VM6 by using
Monitor1.
Which two commands should you run from Windows PowerShell? (Each correct answer
presents part of the solution. Choose two.)
A. Get-VM “VM6″
| Set-VMNetworkAdapter-IovWeight 1
B. Get-VM “VM5″ | Set-VMNetworkAdapter -IovWeight 0
C.
Get-VM “VM6″ | Set-VMNetworkAdapter -PortMirroring Source
D. Get-VM “VM6″ | Set-VMNetworkAdapter -AllowTeaming On
E.
Get-VM “VM5″ | Set-VMNetworkAdapter -PortMirroring Destination
F. Get-VM “VM5″ | Set-VMNetworkAdapter
-AllowTeaming On
Answer: CE
QUESTION 293
Hotspot Question
You have a Hyper-V host named HYPERV1. HYPERV1 hosts a virtual machine named
DC1.
You need to prevent the clock on DC1 from synchronizing from the clock on
HYPERV1.
What should you configure? To answer, select the appropriate object in the
answer area.
Answer:
QUESTION 295
You have a server named Server1 that runs Windows Server 2012 R2.
You add a 4-TB disk named Disk 5 to Server1.
You need to ensure that you can create a 3-TB volume on Disk 5.
What should you do?
A. Create a
storage pool.
B.
Convert the disk to a GPT disk.
C. Convert the disk to a dynamic disk.
D. Create a VHD, and then attach the VHD.
Answer: B
Explanation:
The exhibit shows Disk1 to be a basic disk.
QUESTION 296
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain
contains a file server named File1. All servers in the domain run Windows
Server 2012 R2.
You need to create a new volume on File1.
The new volume must have the following configurations:
- Have the drive letter T
- Have the FAT32 file system
- Be stored on a new virtual hard disk
In which order should you run the Diskpart commands? To answer, move all the
Diskpart commands from the list of commands to the answer area and arrange them
in the correct order.
Answer:
QUESTION 297
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2. Server1 and Server2 run a
Server with a GUI installation of Windows Server 2012 R2.
You remove the Graphical Management Tools and Infrastructure feature on
Server2.
You need to restart Server2.
What should you do? (To answer, drag the appropriate tools to the correct
statements. Each tool may be used once, more than once, or not at all. You may
need to drag the split bar between panes or scroll to view content.)
Answer:
QUESTION 298
Your network contains three servers named HV1, HV2, and Server1 that run
Windows Server 2012 R2. HV1 and HV2 have the Hyper-V server role installed.
Server1 is a file server that contains 3 TB of free disk space.
HV1 hosts a virtual machine named VM1. The virtual machine configuration file
for VM1 is stored in D:\VM and the virtual hard disk file is stored in E:\VHD.
You plan to replace drive E with a larger volume.
You need to ensure that VM1 remains available from HV1 while drive E is being
replaced. You want to achieve this goal by using the minimum amount of
administrative effort. What should you do?
A. Perform a
live migration to HV2.
B. Add HV1 and HV2 as nodes in a failover cluster.
Perform a storage migration to HV2.
C. Add HV1 and HV2 as nodes in a failover cluster.
Perform a live migration to HV2.
D. Perform a storage migration to Server1.
Answer: D
QUESTION 299
Hotspot Question
You deploy a Server with a GUI installation of Windows Server 2012 R2 Datacenter.
From Windows PowerShell, you run the following command:
Remove-WindowsFeature Server-Gui-Shell.
In the table below, identify which tools are available on Server1 and which
tools are unavailable on Server1. Make only one selection in each row. Each correct
selection is worth one point.
Answer:
QUESTION 300
You have a server named Server1 that runs a Server Core installation of Windows
Server 2012 R2 Standard.
You establish a Remote Desktop session to Server1.
You need to identify which task can be performed on Server1 from within the
Remote Desktop session.
What should you identify?
A. Install a
feature by using Server Manager.
B.
Modify the network settings by using Sconfig.
C. Disable services by using Msconfig.
D. Join a domain by using the System Properties.
Answer: B
Explanation:
In Windows Server 2012 R2, you can use the Server Configuration tool
(Sconfig.cmd) to configure and manage several common aspects of Server Core
installations.
You must be a member of the Administrators group to use the tool. Sconfig.cmd
is available in the Minimal Server Interface and in Server with a GUI mode.
http://technet.microsoft.com/en-us/library/jj647766.aspx
QUESTION 301
Hotspot Question
You have two servers that run Windows Server 2012 R2.
The servers are configured as shown in the following table.
You need to ensure that Server2
can be managed by using Server Manager from Server1.
In the table below, identify which actions must be performed on Server1 and
Server2.Make only one selection in each row. Each correct selection is worth
one point.
Answer:
QUESTION 302
Your network contains an Active Directory forest named contoso.com. The forest
contains a single domain. All servers runs Windows Server 2012 R2.The domain
contains two domain controllers named DC1 and DC2.
Both domain controllers are virtual machines on a Hyper-V host.
You plan to create a cloned domain controller named DC3 from an image of DC1.
You need to ensure that you can clone DC1.
Which two actions should you perform? (Each correct answer presents part of the
solution.
Choose two.)
A. Add the computer account of DC1 to the
Cloneable Domain Controllers group.
B. Create a DCCIoneConfig.xml file on DC1.
C. Add the computer account of DC3 to the Cloneable Domain
Controllers group.
D. Run the Enable-AdOptionalFeaturecmdlet.
E. Modify the contents of the DefaultDCCIoneAllowList.xml
file on DC1.
Answer: AB
QUESTION 303
Your network contains an Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 that runs Windows Server 2012
R2.
DC1 has the DHCP Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
You discover that client
computers cannot obtain IPv4 addresses from DC1.
You need to ensure that the client computers can obtain IPv4 addresses from
DC1.
What should you do?
A. Disable the
Deny filters.
B. Authorize DC1.
C. Activate the scope.
D.
Disable the Allow filters.
Answer: D
QUESTION 304
You have a failover cluster named Cluster1 that contains four nodes.
All of the nodes run Windows Server 2012 R2.
You need to schedule the installation of Windows updates on the cluster nodes.
Which tool should you use?
A. The
Add-CauClusterRolecmdlet
B. TheWuauclt command
C. TheWusa command
D.
The Invoke-CauScancmdlet
Answer: D
Explanation:
The Invoke-CauScancmdlet performs a scan of cluster nodes for applicable
updates and returns a list of the initial set of updates that would be applied
to each node in a specified cluster.
QUESTION 306
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server2 that runs Windows Server 2012 R2.
You are a member of the local Administrators group on Server2.
You install an Active Directory Rights Management Services (AD RMS) root
cluster on Server2.
You need to ensure that the AD RMS cluster is discoverable automatically by the
AD RMS client computers and the users in contoso.com.
Which additional configuration settings should you configure? To answer, select
the appropriate tab in the answer area.
Answer:
QUESTION 318
Hotspot Question
Your company has a primary data center and a disaster recovery data center.
The network contains an Active Directory domain named contoso.com. The domain
contains a server named that runs Windows Server 2012 R2. Server1 is located in
the primary data center.
Server1 has an enterprise root certification authority (CA) for contoso.com.
You deploy another server named Server2 to the disaster recovery data center.
You plan to configure Server2 as a secondary certificate revocation list (CRL)
distribution point.
You need to configure Server2 as a CRL distribution point (CDP).
Which tab should you use to configure the required CDP entry? To answer, select
the appropriate tab in the answer area.
Answer:
QUESTION 319
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The relevant servers in the domain are configured as shown in the following
table.
You plan to create a shared folder
on Server1 named Share1. Share1 must only be accessed by users who are using
computers that are joined to the domain.
You need to identify which servers must be upgraded to support the requirements
of Share1.
In the table below, identify which computers require an upgrade and which
computers do not require an upgrade. Make only one selection in each row. Each
correct selection is worth one point.
Answer:
QUESTION 320
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
You have several Windows PowerShell scripts that execute when users log on to
their client computer.
You need to ensure that all of the scripts execute completely before the users
can access their desktop.
Which setting should you configure? To answer, select the appropriate setting
in the answer area.
Answer:
QUESTION 321
You have a file server named Server1 that runs a Server Core
Installation of Windows Server 2012 R2.
Server1 has a volume named D that contains user data. Server1 has a volume
named E that is empty.
Server1 is configured to create a shadow copy of volume D every hour.
You need to configure the shadow copies of volume D to be stored on volume E.
What should you run?
A. The
Set-Volume cmdlet with the -driveletter parameter
B. The Set-Volume cmdlet with the -path parameter
C.
The vssadmin.exe add shadow storage command
D. The vssadmin.exe create shadow command
Answer: C
QUESTION 350
Hotspot Question
Your network contains an Active Directory forest named contoso.com. The forest
contains a single domain. All domain controllers run Windows Server 2012 R2 and
are configured as DNS servers. All DNS zones are Active Directory-integrated.
Active Directory Recycle Bin is enabled.
You need to modify the amount of time deleted objects are
retained in the Active Directory Recycle Bin.
Which naming context should you use? To answer, select the appropriate naming
context in the answer area.
Answer:
----------------- External Questions----------------
QUESTION
Your network contains four Active Directory forests. Each forest
contains an Active Directory Rights Management Services (AD RMS) root cluster.
All of the users in all of the forests must be able to access protected content
from any of the forests. You need to identify the minimum number of AD RMS
trusts required. How many trusts should you identify?
A. 3
B. 6
C. 12
D. 16
Correct Answer: C
QUESTION
Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC2 that runs Windows Server 2012. DC2 has
the DHCP Server server role installed. DHCP is configured as shown in the
exhibit.
You discover that client computers cannot obtain IPv4 addresses from DC2. You
need to ensure that the client computers can obtain IPv4 addresses from DC2.
What should you do?
A. Disable the Deny filters.
B. Enable the Allow filters.
C. Authorize
DC2.
D. Restart the DHCP Server service
Correct Answer: C
Your
network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1
has the
DHCP Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
You discover that client computers cannot obtain IPv4 addresses from DC1.
You need to ensure that the client computers can obtain IPv4 addresses from
DC1.
What should you do?
A. Activate the scope.
B. Authorize DC1.
C. Disable the
Allow filters.
D. Disable the Deny filters.
Answer: I did choose C. In the Exhibit you could see that Deny Filters was
empty, DC1 was authorized and the scope was activated.
`QUESTION
Your network contains an Active Directory domain named contoso.com. The domain
contains two member servers named Server1 and Server2. All servers run Windows
Server 2012 R2. Server1 and Server2 have the Failover Clustering feature
installed. The servers are configured as nodes in a failover cluster named
Cluster1. Cluster1 contains a file server role named FS1 and a generic service
role named SVC1. Server1 is the preferred node for FS1. Server2 is the
preferred node for SVC1. You plan to run a disk maintenance tool on the
physical disk used by FS1. You need to ensure that running the disk maintenance
tool does not cause a failover to occur. What should you do before you run the
tool?
A. Run cluster.exe and specify the pause parameter.
B. Run cluster.exe and specify the offline parameter.
C. Run
Suspend-ClusterResource.
D. Run Suspend-ClusterNode.
Answer: C
QUESTION
Your network contains two DNS servers named DN51 and DNS2 that run Windows
Server 2012. DNS1 has a primary zone named contoso.com. DNS2 has a secondary
copy of the contoso.com zone. You need to log the zone transfer packets sent
between DNS1 and DNS2. What should you configure?
A. Monitoring from DNS Manager
B. Logging from Windows Firewall with Advanced Security
C. A Data Collector Set (DCS) from Performance Monitor
D. Debug logging
from DNS Manager
Correct Answer: D
QUESTION
Your network contains three servers named HV1, HV2, and Server1Your network
contains three servers named HV1, HV2, and Server1 that run Windows Server 2012
R2. HV1 and HV2 have the Hyper-V server role installed. Server1 is a file
server that contains 3 TB of free disk space.
HV1 hosts a virtual machine named VM1. The virtual machine configuration file
for VM1 is stored in D:\VM and the virtual hard disk file is stored in E:\VHD.
You plan to replace drive E with a larger volume.
You need to ensure that VM1 remains available from HV1 while drive E is being
replaced. You want to achieve this goal by using the minimum amount of
administrative effort.
What should you do?
A. Perform a live migration to HV2.
B. Add HV1 and HV2 as nodes in a failover cluster. Perform a storage migration
to HV2.
C. Add HV1 and HV2 as nodes in a failover cluster. Perform a live migration to
HV2.
D. Perform a
storage migration to Server1.
Correct Answer: D
Your
network contains a server named Server1 that has the Network Policy and Access
Services server role installed.
All of the network access servers forward connection requests to Server1.
You create a new network policy on Server1.
You need to ensure that the new policy applies only to connection requests from
the
192.168.0.0/24 subnet.
What should you do?
A. Set the Client IP4 Address condition to 192.168.0.0/24.
B. Set the Client IP4 Address condition to 192.168.0.
C. Set the Called Station ID constraint to 192.168.0.0/24.
D. Set the Called Station ID constraint to 192.168.0.
Answer: My choise here was B
Samuel questions in exam:
a-A2, a3, a8, a13, a26, a27, a46, a48, a49
b-b7,b17,b30,b31,b36,b37,b38,b39,b42,b45,b46,b47, b48,b49
C- 1,2,3,5,6,8,10,12,14,15,16,18,22,23,24,26,28,35,38,40,46, c48
D-d1d2,d4,d7,d8,d12,d14,d15, d16, d19, d20, d21, d30, d32, d41,d43,d47, d48
e-e2,e5,e12, e15,e21,e22,e26,e36,e36,e38,
F:f10,f13,f16,f17,F22,f26,f30,f31,f33,f36,f37,f39 f40,f41,f47,f50
G:g4,g5,g7,g11,g12,g13, g18,g21,g22,g23,g24,g26,g41,g43, g45,g50
H-h1,h2,h3, h4,h5, h8,h17,h19,h24, h27, h28,h38, h41,h45,h46
![wps41.tmp_thumb[2]](file:///C:\Users\Fhasan\AppData\Local\Temp\msohtmlclip1\01\clip_image017.png)
![wps5D71.tmp_thumb[2]](file:///C:\Users\Fhasan\AppData\Local\Temp\msohtmlclip1\01\clip_image054.png)
