70-414 Exam
Surprising exam ref 70-414 pdf download
High high quality and wonderful value of our Microsoft 70-414: 100% passing guarantee and cash back. In the event you use Actualtestss Microsoft Microsoft exam practice components, we offer you wonderful success on your first try. Normally, you will obtain the full refund of your respective purchasing service fees. And you will appreciate free updated Microsoft 70-414 exam questions along with answers within 120 days right after buying.
2021 Aug exam ref 70-414 pdf:
Q11. - (Topic 8)
Your network contains five servers that run Windows Server 2012 R2.
You install the Hyper-V server role on the servers. You create an external virtual network switch on each server.
You plan to deploy five virtual machines to each Hyper-V server. Each virtual machine will have a virtual network adapter that is connected to the external virtual network switch and that has a VLAN identifier of 1.
Each virtual machine will run Windows Server 2012 R2. All of the virtual machines will run the identical web application.
You plan to install the Network Load Balancing (NLB) feature on each virtual machine and join each virtual machine to an NLB cluster. The cluster will be configured to use unicast only.
You need to ensure that the NLB feature can distribute connections across all of the virtual machines.
Solution: On each Hyper-V server, you create a new private virtual network switch. From the properties of each virtual machine, you add a second virtual network adapter and connect the new virtual network adapters to the new private virtual network switches.
Does this meet the goal?
A. Yes
B. No
Answer: B
Q12. - (Topic 7)
You administer an Active Directory Domain Services environment. There are no certification authorities (CAs) in the environment.
You plan to implement a two-tier CA hierarchy with an offline root CA.
You need to ensure that the issuing CA is not used to create additional subordinate CAs.
What should you do?
A. In the CAPolicy.inf file for the issuing CA, enter the following constraint: PathLength=1
B. In the CAPolicy.inf file for the root CA, enter the following constraint: PathLength=1
C. In the CAPolicy.inf file for the root CA, enter the following constraint: PathLength=2
D. In the CAPolicy.inf file for the issuing CA, enter the following constraint: PathLength=2
Answer: B
Explanation: You can use the CAPolicy.inf file to define the PathLength constraint in the Basic Constraints extension of the root CA certificate. Setting the PathLength basic constraint allows you to limit the path length of the CA hierarchy by specifying how many tiers of subordinate CAs can exist beneath the root. A PathLength of 1 means there can be at most one tier of CAs beneath the root. These subordinate CAs will have a PathLength basic constraint of 0, which means that they cannot issue any subordinate CA certificates.
Reference: Windows Server 2008 R2 CAPolicy.inf Syntax
http://blogs.technet.com/b/askds/archive/2009/10/15/windows-server-2008-r2-capolicy-inf-syntax.aspx
Q13. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
All client computers have a custom application named App1 installed. App1 generates an Event ID 42 every time the application runs out of memory.
Users report that when App1 runs out of memory, their client computer runs slowly until they manually restart App1.
You need to recommend a solution that automatically restarts App1 when the application runs out of memory. The solution must use the least amount of administrative effort.
What should you include in the recommendation?
A. From Configurations Manager, create a desired configuration management baseline.
B. From Windows System Resource Manager, create a resource allocation policy.
C. From Event Viewer, attach a task to the event.
D. From Operations Manager, create an alert.
Answer: D
Q14. - (Topic 8)
Your network contains an Active Directory domain named contoso.com.
You deploy Active Directory Certificate Services (AD CS).
Your company, which is named Contoso, Ltd., has a partner company named Fabrikam, Inc. Fabrikam also deploys AD CS.
Contoso and Fabrikam plan to exchange signed and encrypted email messages.
You need to ensure that the client computers in both Contoso and Fabrikam trust each other's email certificates. The solution must prevent other certificates from being trusted and minimize administrative effort.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A. Implement an online responder in each company.
B. Exchange the root certification authority (CA) certificates of both companies, and then deploy the certificates to the Enterprise Trust store by using Group Policy objects (GPOs).
C. Implement cross-certification in each company.
D. Exchange the root certification authority (CA) certificates of both companies, and then deploy the certificates to the Trusted Root Certification Authorities store by using Group Policy objects (GPOs).
Answer: C
Q15. - (Topic 8)
Your network contains an Active Directory domain named contoso.com. The domain contains a Microsoft System Center 2012 infrastructure.
You deploy a service named Service1 by using a service template. Service1 contains two virtual machines. The virtual machines are configured as shown in the following table.
You need to recommend a monitoring solution to ensure that an administrator can review the availability information of Service1.
Solution: From Operations Manager, you create a Distributed Application and a Monitor Override.
Does this meet the goal?
A. Yes
B. No
Answer: B
Refresh exam ref 70-414 pdf:
Q16. - (Topic 8)
Your network contains a data center named DataCenter1 that contains multiple servers.
The servers are configured as Hyper-V hosts.
Your company deploys a disaster recovery site. The disaster recovery site has a dedicated connection to DataCenter1.
The network is connected to the disaster recovery site by using a dedicated link.
DataCenter1 contains 10 business critical virtual machines that run a line-of-business application named App1.
You need to recommend a business continuity solution to ensure that users can connect to App1 within two hours if DataCenter1 fails.
What should you include in the recommendation?
More than one answer choice may achieve the goal. Select the BEST answer.
A. From Microsoft System Center 2012 Virtual Machine Manager (VMM), implement live migration on the virtual machines.
B. From Hyper-V Manager, implement Hyper-V replicas.
C. From Microsoft System Center 2012 Data Protection Manager, implement a protection group.
D. From Hyper-V Manager, create snapshots of the virtual machines.
Answer: B
Q17. - (Topic 7)
You plan to allow users to run internal applications from outside the company’s network. You have a Windows Server 2012 R2 that has the Active Directory Federation Services (AD FS) role installed. You must secure on-premises resources by using multi-factor authentication (MFA). You need to design a solution to enforce different access levels for users with personal Windows 8.1 or iOS 8 devices.
Solution: You install a local instance of MFA Server. You connect the instance to the Microsoft Azure MFA provider, and then run the following Windows PowerShell cmdlet.
Enable-AdfsDeviceRegistration
Does this meet the goal?
A. Yes
B. No
Answer: B
Explanation: We must install AD FS Adapter, not register a host for the Device
Registration Service.
Note: The Enable-AdfsDeviceRegistration cmdlet configures a server in an Active Directory
Federation Services (AD FS) farm to host the Device Registration Service.
Reference: Using Multi-Factor Authentication with Windows Server 2012 R2 AD FS
https://msdn.microsoft.com/en-us/library/azure/dn807157.aspx
Q18. - (Topic 8)
You administer an Active Directory Domain Services forest that includes an Active Directory Federation Services (AD FS) server and Azure Active Directory. The fully qualified domain name of the AD FS server is adfs.contoso.com.
You must implement single sign-on (SSO) for a cloud application that is hosted in Azure. All domain users must be able to use SSO to access the application.
You need to configure SSO for the application.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Use the Azure Active Directory Synchronization tool to configure user synchronization.
B. Use the AD FS Configuration wizard to specify the domain and administrator for the Azure Active Directory service.
C. Create a trust between AD FS and Azure Active Directory.
D. In the Azure management portal, activate directory synchronization.
Answer: A,B
Q19. DRAG DROP - (Topic 6)
You need to configure access to the Certificate Revocation Lists (CRLs).
How should you configure the access? To answer, drag the appropriate protocol or servers to the correct network type. Each protocol or server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q20. - (Topic 8)
Your network contains five servers that run Windows Server 2012 R2.
You install the Hyper-V server role on the servers. You create an external virtual network switch on each server.
You plan to deploy five virtual machines to each Hyper-V server. Each virtual machine will have a virtual network adapter that is connected to the external virtual network switch and that has a VLAN identifier of 1.
Each virtual machine will run Windows Server 2012 R2. All of the virtual machines will run the identical web application.
You plan to install the Network Load Balancing (NLB) feature on each virtual machine and join each virtual machine to an NLB cluster. The cluster will be configured to use unicast only.
You need to ensure that the NLB feature can distribute connections across all of the virtual machines.
Solution: From the properties of each virtual machine, you enable MAC address spoofing for the existing virtual network adapter.
Does this meet the goal?
A. Yes
B. No
Answer: A