Proper study guides for Abreast of the times Microsoft Installing and Configuring Windows Server 2012 certified begins with Microsoft 70 410 exam questions and answers pdf preparation products which designed to deliver the Tested 70 410 study guide pdf questions by making you pass the 70 410 exam dumps test at your first time. Try the free braindumps 70 410 demo right now.
Q1. HOTSPOT - (Topic 3)
Your network contains an Active Directory domain named contoso.com. All client
computers run Windows 8.
An administrator creates an application control policy and links the policy to an
organizational unit (OU) named OU1. The application control policy contains several deny
rules. The deny rules apply to the Everyone group.
You need to prevent users from running the denied application.
What should you configure?
To answer, select the appropriate object in the answer area.
Answer:
Q2. - (Topic 3)
You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 installed, and all workstations have Windows 8 installed.
You are running a training exercise for junior administrators. You are currently discussing the Always Offline Mode.
Which of the following is TRUE with regards to the Always Offline Mode? (Choose all that apply.)
A. It allows for swifter access to cached files and redirected folders.
B. To enable Always Offline Mode, you have to satisfy the forest and domain functional-level requirements, as well as schema requirements
C. It allows for lower bandwidth usage due to users are always working offline.
D. To enable Always Offline Mode, you must have workstations running Windows 7 or Windows Server 2008 R2.
Answer: A,C
Explanation:
There are no domain/forest/schema requirements, but clients must be running Windows
8/Windows Server 2012 or later.
Offline Files have four modes of operation:
Online Slow link Auto offline Manual offline Offline Files transition between the three modes online, slow link and auto offline depending on connection speed. The user can always override the automatic mode selection by manually switching to manual offline mode. To determine the connection speed two pings with default packet size are sent to the file server. If the average round-trip time is below 80 ms (Windows 7) or 35 ms (Windows 8), the connection is put into online mode, otherwise into slow link mode. The latency value of 35/80 ms is configurable through the Group Policy setting Configure slow-link mode. Reads, Writes and Synchronization In online mode, changes to files are made on the file server as well as in the local cache (this induces a performance hit – see this article for details). Reads are satisfied from the local cache (if in sync). In slow link mode, changes to files are made in the local cache. The local cache is background-synchronized with the file server every 6 hours (Windows 7) or 2 hours (Windows 8), by default. This can be changed through the Group Policy setting Configure Background Sync. . In auto offline mode, all reads and writes go to the local cache. No synchronization occurs. . In manual offline mode, all reads and writes go to the local cache. No synchronization occurs by default, but background synchronization can be enabled through the Group Policy setting Configure Background Sync.
Q3. HOTSPOT - (Topic 2)
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a folder named Folder1.
A user named User1 is a member of Group1 and Group2. A user named User2 is a
member of Group2 and Group3.
You need to identify which actions the users can perform when they access the files in
Share1.
What should you identify?
To answer, select the appropriate actions for each user in the answer area.
Answer:
Q4. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named CONT1 and CONT2. Both servers run Windows Server 2012 R2.
CONT1 has a shared printer named Printer1. CONT2 connects to Printer1 on CONT1.
When you attempt to remove Printer1 from CONT2, you receive the error message shown in the exhibit. (Click the Exhibit button.)
You successfully delete the other printers installed on CONT2.
You need to identify what prevents you from deleting Printer1 on CONT2.
What should you identify?
A. Printer1 is deployed as part of a mandatory profile.
B. Printer1 is deployed by using a Group Policy object (GPO).
C. Your user account is not a member of the Print Operators group on CONT2.
D. Your user account is not a member of the Print Operators group on CONT1.
Answer: B
Q5. DRAG DROP - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and is configured as the only domain controller.
You need to retrieve a list of all the user accounts. The list must include the last time each user was authenticated successfully.
Which Windows PowerShell command should you run?
To answer, drag the appropriate cmdlet or property to the correct locations to complete the PowerShell command in the answer area. Each cmdlet or property may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q6. - (Topic 3)
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 has following hardware configurations:
-16GB of RAM
-A single quad-core CPU
-Three network teams that have two network adapters each
You add additional CPUs and RAM to Server 1.
You repurpose Server1 as a virtualization host. You install the Hyper-V server role on Server1. You need to create four external virtual switches in Hyper-V. Which cmdlet should you run first?
A. Set-NetAdapter.
B. Add-Net1.bfoTeamNic
C. Add-VMNetworkAdapter
D. Remove-NetLbfoTeam
Answer: D
Q7. HOTSPOT - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain contains a print server named Server1 that runs Windows Server 2012 R2.
You share several printers on Server1.
You need to ensure that you can view the printer objects associated to Server1 in Active
Directory Users and Computers.
Which option should you select?
To answer, select the appropriate option in the answer area.
Answer:
Q8. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
You create and enforce the default AppLocker executable rules.
Users report that they can no longer execute a legacy application installed in the root of drive C.
You need to ensure that the users can execute the legacy application.
What should you do?
A. Create a new rule.
B. Delete an existing rule.
C. Modify the action of the existing rules.
D. Add an exception to the existing rules.
Answer: A
Explanation:
AppLocker is a feature that advances the functionality of the Software Restriction Policies
feature. AppLocker contains new capabilities and extensions that reduce administrative
overhead and help administrators control how users can access and use files, such as
executable files, scripts, Windows Installer files, and DLLs. By using AppLocker, you can:
Define rules based on file attributes that persist across application updates, such as the
publisher name (derived from the digital signature), product name, file name, and file
version. You can also create rules based on the file path and hash.
Assign a rule to a security group or an individual user.
Create exceptions to rules. For example, you can create a rule that allows all users to run
all Windows binaries except the Registry Editor (Regedit.exe).
Use audit-only mode to deploy the policy and understand its impact before enforcing it. .
Create rules on a staging server, test them, export them to your production environment,
and then import them into a Group Policy Object.
Simplify creating and managing AppLocker rules by using Windows PowerShell cmdlets for
AppLocker.
AppLocker default rules
AppLocker allows you to generate default rules for each of the rule types.
Executable default rule types:
Allow members of the local Administrators group to run all applications. Allow members of the Everyone group to run applications that are located in the Windows folder. Allow members of the Everyone group to run applications that are located in the Program Filesfolder. Windows Installer default rule types: Allow members of the local Administrators group to run all Windows Installer files. Allow members of the Everyone group to run digitally signed Windows Installer files. Allow members of the Everyone group to run all Windows Installer files located in the Windows\Installer folder. Script default rule types: Allow members of the local Administrators group to run all scripts. Allow members of the Everyone group to run scripts located in the Program Files folder. Allow members of the Everyone group to run scripts located in the Windows folder. DLL default rule types: (this on can affect system performance ) Allow members of the local Administrators group to run all DLLs. Allow members of the Everyone group to run DLLs located in the Program Files folder. Allow members of the Everyone group to run DLLs located in the Windows folder. You can apply AppLocker rules to individual users or to a group of users. If you apply a rule to a group of users, all users in that group are affected by that rule. If you need to allow a subset of a user group to use an application, you can create a special rule for that subset. For example, the rule “Allow Everyone to run Windows except Registry Editor” allows everyone in the organization to run the Windows operating system, but it does not allow anyone to run Registry Editor. The effect of this rule would prevent users such as Help Desk personnel from running a program that is necessary for their support tasks. To resolve this problem, create a second rule that applies to the Help Desk user group: “Allow Help Desk to run Registry Editor.” If you create a deny rule that does not allow any users to run Registry Editor, the deny rule will override the second rule that allows the Help Desk user group to run Registry Editor.
Q9. - (Topic 2)
Your network contains an Active Directory domain named contoso.com.
You install Windows Server 2012 R2 on a new server named Server1 and you join Server1 to the domain.
You need to ensure that you can view processor usage and memory usage information in Server Manager.
What should you do?
A. From Server Manager, click Configure Performance Alerts.
B. From Performance Monitor, create a Data Collector Set (DCS).
C. From Performance Monitor, start the System Performance Data Collector Set (DCS).
D. From Server Manager, click Start Performance Counters.
Answer: D
Explanation:
You should navigate to the Server Manager snap-in and there click on All Servers, and then Performance Counters. The Performance Counters, when started can be set to collect and display data regarding processor usage, memory usage, amongst many other resources like disk-related and security related data, that can be monitored.
: http://technet.microsoft.com/en-us/library/bb734903.aspx
Q10. - (Topic 1)
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 are part of a workgroup.
On Server1 and Server2, you create a local user account named Admin1.You add the account to the local Administrators group. On both servers, Admin1 has the same password.
You log on to Server1 as Admin1. You open Computer Management and you.connect to Server2.
When you attempt to create a scheduled task, view the event logs, and manage the shared folders, you receive Access Denied messages.
You need to ensure that you can administer Server2 remotely from Server1 by using Computer Management.
What should you configure on Server2?
A. From Server Manager, modify the Remote Management setting.
B. From Local Users and Groups, modify the membership of the Remote Management Users group.
C. From Windows Firewall, modify the Windows Management Instrumentation (WMI) firewall rule.
D. From Registry Editor, configure the LocalAccountTokenFilterPolicy registry value.
Answer: D
Explanation:
The LocalAccountTokenFilterPolicy setting affects how administrator credentials are applied to remotely administer the computer. : http://support.microsoft.com/kb/942817