getcertified4sure.com

Quick Guide: 70 412 vce




Master the 70 412 dumps Configuring Advanced Windows Server 2012 Services content and be ready for exam day success quickly with this Testking 70 412 vce exam cost. We guarantee it!We make it a reality and give you real exam 70 412 questions in our Microsoft mcsa 70 412 braindumps.Latest 100% VALID Microsoft exam 70 412 Exam Questions Dumps at below page. You can use our Microsoft examcollection 70 412 braindumps and pass your exam.

Q41. Your network contains an Active Directory domain named contoso.com. 

A previous administrator implemented a Proof of Concept installation of Active Directory 

Rights Management Services (AD RMS). 

After the proof of concept was complete, the Active Directory Rights Management Services 

server role was removed. 

You attempt to deploy AD RMS. 

During the configuration of AD RMS, you receive an error message indicating that an 

existing AD RMS Service Connection Point (SCP) was found. 

You need to remove the existing AD RMS SCP. 

Which tool should you use? 

A. Active Directory Users and Computers 

B. Authorization Manager 

C. Active Directory Domains and Trusts 

D. Active Directory Sites and Services 

E. Active Directory Rights Management Services 

Answer:

Explanation: 

ADRMS will registered the Service Connection Point (SCP) in Active Directory and you will need to unregister first before you remove the ADRMS server role. 

If your ADRMS server is still alive, you can easily manually remove the SCP by below: 

http://www.rickygao.com/wp-content/uploads/2013/08/080513_1308_Howtomanual1.png 

http://www.rickygao.com/wp-content/uploads/2013/08/080513_1308_Howtomanual2.png Reference: How to manually remove or reinstall ADRMS 


Q42. Your network contains one Active Directory forest named contoso.com. The forest contains two child domains and six domain controllers. The domain controllers are configured as shown in the following table. 

You need to ensure that all Active Directory changes are replicated to all of the domain controllers in the forest within 30 minutes. 

What should you use? 

A. Set-ADSite 

B. Set-ADReplicationSite 

C. Set-ADDomain 

D. Set-ADReplicationSiteLink 

E. Set-ADGroup 

F. Set-ADForest 

G. Netdom 

Answer:

Reference: Technet, Set-ADReplicationSite 

https://technet.microsoft.com/en-us/library/hh852305(v=wps.630).aspx 


Q43. DRAG DROP 

You have a server that runs Windows Server 2012 R2. 

You create a new work folder named Share1. 

You need to configure Share1 to meet the following requirements: 

Ensure that all synchronized copies of Share1 are encrypted. 

Ensure that clients synchronize to Share1 every 30 minutes. 

Ensure that Share1 inherits the NTFS permissions of the parent folder. 

Which cmdlet should you use to achieve each requirement? 

To answer, drag the appropriate cmdlets to the correct requirements. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 


Q44. Your network contains an Active Directory forest named contoso.com. 

Users frequently access the website of an external partner company. The URL of the website is http://partners.adatum.com. 

The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change. 

After the change is complete, the users on your internal network report that they fail to access the website. However, some users who work from home report that they can access the website. 

You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately. 

What should you do? 

A. Run ipconfig and specify the FlushDns parameter. 

B. Run ipconfig and specify the Renew parameter. 

C. Run dnscmd and specify the ClearCache parameter. 

D. Run Set-DnsServerResourceRecordAging. 

Answer:

Explanation: We cane clear the DNS cache on the DNS server with either Dnscmd /ClearCache (from command prompt) or Clear-DnsServerCache (from Windows PowerShell). 

Reference: Technet, Dnscmd 

https://technet.microsoft.com/en-us/library/cc772069.aspx 


Q45. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the DNS Server server role installed. 

You need to store the contents of all the DNS queries received by Server1. 

What should you configure? 

A. Logging from Windows Firewall with Advanced Security 

B. Debug logging from DNS Manager 

C. A Data Collector Set (DCS) from Performance Monitor 

D. Monitoring from DNS Manager 

Answer:

Explanation: 

Debug logging allows you to log the packets sent and received by a DNS server. Debug logging is disabled by default, and because it is resource intensive, you should only activate it temporarily when you need more specific detailed information about server performance. 

Reference: Active Directory 2008: DNS Debug Logging Facts… 


Q46. Your network contains an Active Directory domain named corp.contoso.com. 

You deploy Active Directory Rights Management Services (AD RMS). 

You have a rights policy template named Template1. Revocation is disabled for the template. 

A user named User1 can open content that is protected by Template1 while the user is connected to the corporate network. 

When User1 is disconnected from the corporate network, the user cannot open the protected content even if the user previously opened the content. 

You need to ensure that the content protected by Template1 can be opened by users who are disconnected from the corporate network. 

What should you modify? 

A. The User Rights settings of Template1 

B. The templates file location of the AD RMS cluster 

C. The Extended Policy settings of Template1 

D. The exclusion policies of the AD RMS cluster 

Answer:

Explanation: 

* The extended rights policy of a template controls how content licenses are to be implemented. The extended rights policy template settings are specified by using the Active Directory Rights Management Services (AD RMS) administration site. The available settings control persistence of author rights, whether trusted browsers are supported, license persistence within the content, and enforcement of any application-specific data. 

* You can add trust policies so that AD RMS can process licensing requests for content that was rights protected. 

Reference: Extended Policy Template Information; AD RMS and Server Design 

http://technet.microsoft.com/en-us/library/ee221071(v=ws.10).aspx 


Q47. You have a server named FS1 that runs Windows Server 2012 R2. 

You install the File and Storage Services server role on FS1. 

From Windows Explorer, you view the properties of a shared folder named Share1 and you 

discover that the Classification tab is missing. 

You need to ensure that you can assign classifications to Share1 from Windows Explorer 

manually. 

What should you do? 

A. From Folder Options, select Show hidden files, folders, and drives. 

B. From Folder Options, clear Use Sharing Wizard (Recommend). 

C. Install the File Server Resource Manager role service. 

D. Install the Enhanced Storage feature. 

Answer:

Explanation: 

On the Classification tab of the file properties in Windows Server 2012, File Classification Infrastructure adds the ability to manually classify files. You can also classify folders so that any file added to the classified folder will inherit the classifications of the parent folder. 

Reference: What's New in File Server Resource Manager in Windows Server 


Q48. Your network contains an Active Directory domain named adatum.com. The domain contains a file server named FS1 that runs Windows Server 2012 R2 and has the File Server Resource Manager role service installed. All client computers run Windows 8. 

File classification and Access-Denied Assistance are enabled on FS1. 

You need to ensure that if users receive an Access Denied message, they can request assistance by email from the Access Denied dialog box. 

What should you configure? 

A. A file management task 

B. A classification property 

C. The File Server Resource Manager Options 

D. A report task 

Answer:

Explanation: 

You can configure access-denied assistance individually on each file server by using the File Server Resource Manager console. 

Note: 

To configure access-denied assistance by using File Server Resource Manager 

Open File Server Resource Manager. In Server Manager, click Tools, and then 

click File Server Resource Manager. 

Right-click File Server Resource Manager (Local), and then click Configure 

Options. 

Click the Access-Denied Assistance tab. 

Select the Enable access-denied assistance check box. 

In the Display the following message to users who are denied access to a folder or 

file box, type a message that users will see when they are denied access to a file 

or folder. 

You can add macros to the message that will insert customized text. 

Click Configure email requests, select the Enable users to request assistance 

check box, and then click OK. 

Click Preview if you want to see how the error message will look to the user. 

Click OK. 

Reference: Deploy Access-Denied Assistance (Demonstration Steps) 


Q49. Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers. The domain controllers are configured as shown in the following table. 

You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in both domains. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Raise the domain functional level of contoso.com. 

B. Raise the domain functional level ofchildl.contoso.com. 

C. Raise the forest functional level of contoso.com. 

D. Upgrade DC11 to Windows Server 2012 R2. 

E. Upgrade DC1 to Windows Server 2012 R2. 

Answer: A,E 

Explanation: 

The root domain in the forest must be at Windows Server 2012 level. First upgrade DC1 to this level (E), then raise the contoso.com domain functional level to Windows Server 2012 (A). 

* (E) To support resources that use claims-based access control, the principal’s domains 

will need to be running one of the following: 

/ All Windows Server 2012 domain controllers. 

/ Sufficient Windows Server 2012 domain controllers to handle all the Windows 8 device 

authentication requests. 

/ Sufficient Windows Server 2012 domain controllers to handle all the Windows Server 

2012 resource protocol transition requests to support non-Windows 8 devices. 

Reference: What's New in Kerberos Authentication 

http://technet.microsoft.com/en-us/library/hh831747.aspx. 


Q50. HOTSPOT 

Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2. 

Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the name appl.contoso.com. 

The NLB cluster has the port rules configured as shown in the exhibit. (Click the Exhibit button.) 

To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point. 

Answer: