getcertified4sure.com

70-411 Exam

The Abreast of the times Guide To 70-411 questions Mar 2021



Act now and download your Microsoft 70-411 test today! Do not waste time for the worthless Microsoft 70-411 tutorials. Download Renovate Microsoft Administering Windows Server 2012 exam with real questions and answers and begin to learn Microsoft 70-411 with a classic professional.

2021 Mar 70-411 exam engine

Q51. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 are nodes in a Hyper-V cluster named Cluster1. Cluster1 hosts 10 virtual machines. All of the virtual machines run Windows Server 2012 R2 and are members of the domain. 

You need to ensure that the first time a service named Service1 fails on a virtual machine, the virtual machine is moved to a different node. 

You configure Service1 to be monitored from Failover Cluster Manager. 

What should you configure on the virtual machine? 

A. From the General settings, modify the Startup type. 

B. From the General settings, modify the Service status. 

C. From the Recovery settings of Service1, set the First failure recovery action to Take No Action. 

D. From the Recovery settings of Service1, set the First failure recovery action to Restart the Service. 

Answer:

Explanation: 

Configure the virtual machine to take no action through Hyper-V if the physical computer shuts down by modifying the Automatic Stop Action setting to None. Virtual machine state must be managed through the Failover Clustering feature. 

Virtual machine application monitoring and management 

In clusters running Windows Server 2012, administrators can monitor services on clustered virtual machines that are also running Windows Server 2012. This functionality extends the high-level monitoring of virtual machines that is implemented in Windows Server 2008 R2 failover clusters. If a monitored service in a virtual machine fails, the service can be restarted, or the clustered virtual machine can be restarted or moved to another node (depending on service restart settings and cluster failover settings). This feature increases the uptime of high availability services that are running on virtual machines within a failover cluster. 

Windows Server 2012 Failover Cluster introduces a new capability for Hyper-V virtual machines (VMs), which is a basic monitoring of a service within the VM which causes the VM to be rebooted should the monitored service fail three times. For this feature to work the following must be configured: 

. Both the Hyper-V servers must be Windows Server 2012 and the guest OS 

running in the VM must be Windows Server 2012. 

. The host and guest OSs are in the same or at least trusting domains. 

. The Failover Cluster administrator must be a member of the local administrator's group inside the VM. Ensure the service being monitored is set to Take No Action (see screen shot below) within the guest VM for Subsequent failures (which is used after the first and second failures) and is set via the Recovery tab of the service properties within the Services application (services. msc). 

Within the guest VM, ensure the Virtual Machine Monitoring firewall exception is enabled for the Domain network by using the Windows Firewall with Advanced Security application or by using the Windows PowerShell command below: Set-NetFirewallRule -DisplayGroup "Virtual Machine Monitoring" -Enabled True. 

After the above is true, enabling the monitoring is a simple process: Launch the Failover Cluster Manager tool. Navigate to the cluster - Roles. Right click on the virtual machine role you wish to enable monitoring for and under More Actions select Configure Monitoring. 

. The services running inside the VM will be gathered and check the box for the services that should be monitored and click OK. 

You are done! 

Monitoring can also be enabled using the Add-ClusterVMMonitoredItemcmdlet and -VirtualMachine, with the -Service parameters, as the example below shows: PS C:\Windows\system32> Add-ClusterVMMonitoredItem -VirtualMachine savdaltst01 -Service spooler 

References: 

http: //sportstoday. us/technology/windows-server-2012---continuous-availability-%28part-4%29---failover-clustering-enhancements---virtual-machine-monitoring-. aspx 

http: //windowsitpro. com/windows-server-2012/enable-windows-server-2012-failover-cluster-hyper-v-vm-monitoring 

http: //technet. microsoft. com/en-us/library/cc742396. aspx 


Q52. HOTSPOT 

Your network contains an Active Directory named contoso.com. 

You have users named User1 and user2. 

The Network Access Permission for User1 is set to Control access through NPS Network Policy. The Network Access Permission for User2 is set to Allow access. 

A policy named Policy1 is shown in the Policy1 exhibit. (Click the Exhibit button.) 

A policy named Policy2 is shown in the Policy2 exhibit. (Click the Exhibit button.) 

A policy named Policy3 is shown in the Policy3 exhibit. (Click the Exhibit button.) 

For each of the following statements, select Yes if the statement is true. Otherwise, select No. Each correct selection is worth one point. 

Answer: 


Q53. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. 

You have several Windows PowerShell scripts that execute when client computers start. 

When a client computer starts, you discover that it takes a long time before users are prompted to log on. 

You need to reduce the amount of time it takes for the client computers to start. The solution must not prevent scripts from completing successfully. 

Which setting should you configure? To answer, select the appropriate setting in the answer area. 

Answer: 


Q54. Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 

The network contains several group Managed Service Accounts that are used by four member servers. 

You need to ensure that if a group Managed Service Account resets a password of a domain user account, an audit entry is created. 

You create a Group Policy object (GPO) named GPO1. 

What should you do next? 

A. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User Account Management. Link GPO1 to the Domain Controllers organizational unit (OU). 

B. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User Account Management. Move the member servers to a new organizational unit (OU). Link GPO1 to the new OU. 

C. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive Privilege Use. Link GPO1 to the Domain Controllers organizational unit (OU). 

D. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive Privilege Use. Move the member servers to a new organizational unit (OU). Link GPO1 to the new OU. 

Answer:

Explanation: 

Audit User Account Management This security policy setting determines whether the operating system generates audit events when the following user account management tasks are performed: 

. A user account is created, changed, deleted, renamed, disabled, enabled, locked out, or unlocked. 

A user account password is set or changed. 

Security identifier (SID) history is added to a user account. 

The Directory Services Restore Mode password is set. 

Permissions on accounts that are members of administrators groups are changed. 

Credential Manager credentials are backed up or restored. 

This policy setting is essential for tracking events that involve provisioning and managing user accounts. 


Q55. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains three member servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2 and have the Windows Server Update Services (WSUS) server role installed. 

Server1 and Server2 are configured as replica servers that use Server3 as an upstream server. 

You remove Servers from the network. 

You need to ensure that WSUS on Server2 retrieves updates from Server1. The solution must ensure that Server1 and Server2 have the latest updates from Microsoft. 

Which command should you run on each server? To answer, select the appropriate command to run on each server in the answer area. 

Answer: 


Update 70-411 download:

Q56. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012. 

You have a Group Policy object (GPO) named GPO1 that contains several custom Administrative templates. 

You need to filter the GPO to display only settings that will be removed from the registry when the GPO falls out of scope. The solution must only display settings that are either enabled or disabled and that have a comment. 

How should you configure the filter? 

To answer, select the appropriate options below. Select three. 

A. Set Managed to: Yes 

B. Set Managed to: No 

C. Set Managed to: Any 

D. Set Configured to: Yes 

E. Set Configured to: No 

F. Set Configured to: Any 

G. Set Commented to: Yes 

H. Set Commented to: No 

I. Set Commented to: Any 

Answer: A,F,G 


Q57. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 

You need to audit successful and failed attempts to read data from USB drives on the servers. 

Which two objects should you configure? To answer, select the appropriate two objects in the answer area. 

Answer: 


Q58. Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 R2. 

You have a Password Settings object (PSOs) named PSO1. 

You need to view the settings of PSO1. 

Which tool should you use? 

A. Get-ADDefaultDomainPasswordPolicy 

B. Active Directory Administrative Center 

C. Local Security Policy 

D. Get-ADAccountResultantPasswordReplicationPolicy 

Answer:

Explanation: 

In Windows Server 2012, fine-grained password policy management is made much easier than Windows Server 2008/2008 R2. Windows Administrators not have to use ADSI Edit and configure complicated settings to create the Password Settings Object (PSO) in the Password Settings Container. Instead we can configure fine-grained password policy directly in Active Directory Administrative Center (ADAC). 


Q59. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2. You enable the EventLog-Application event trace session. 

You need to set the maximum size of the log file used by the trace session to 10 MB. From which tab should you perform the configuration? To answer, select the appropriate tab in the answer area. 

Answer: 


Q60. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has the Network Policy Server server role installed. The domain contains a server named Server2 that is configured for RADIUS accounting. 

Server1 is configured as a VPN server and is configured to forward authentication requests to Server2. 

You need to ensure that only Server2 contains event information about authentication requests from connections to Server1. 

Which two nodes should you configure from the Network Policy Server console? 

To answer, select the appropriate two nodes in the answer area. 

Answer: 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.