70-417 Exam
Tactics to 70 417 vce
Exam Code: 70 417 vce (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Upgrading Your Skills to MCSA Windows Server 2012
Certification Provider: Microsoft
Free Today! Guaranteed Training- Pass exam 70 417 Exam.
Q11. Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Print and Document Services server role installed. You connect a new print device to the network. The marketing department and the sales department will use the print device.
You need to provide users from both departments with the ability to print to the network print device.
The solution must ensure that if there are multiple documents queued to print, the documents from the sales users print before the documents from the marketing users.
What should you do on Server1?
A. Add one printer. Modify the printer priority and the security settings.
B. Add two printers. Modify the priorities of each printer and the security settings of each printer.
C. Add two printers and configure printer pooling.
D. Add one printer and configure printer pooling.
Answer: B
Explanation:
http://wiki.answers.com/Q/How_do_you_set_different_print_priority_for_different_users
How do you set different print priority for different users? To set different print priority to
different groups Open Printers and Faxes.
Right-click the printer you want to set, click Properties, and then click the Advanced tab. In
Priority, click the up or down arrows, and then click OK. Or, type a priority level, where 1 is
the lowest level and 99 is the highest, and then click OK. Click Add Printer to add a second
logical printer for the same physical printer. For instructions.
Click the Advanced tab.
In Priority, set a priority higher than that of the first logical printer. Instruct the regular group
of users to use the first logical printer name and the group with higher priority to use the
second logical printer name. Set the appropriate permissions for the different groups.
NB:
http://technet.microsoft.com/en-us/library/cc757086%28v=ws.10%29.aspx
Creating a printing pool
You can create a printing pool to automatically distribute print jobs to the next available
printer. A printing pool is one logical printer connected to multiple printers through multiple
ports of the print server. The printer that is idle receives the next document sent to the
logical printer. This is useful in a network with a high volume of printing because it
decreases the time users wait for their documents. A printing pool also simplifies
administration because multiple printers can be managed from the same logical printer on
a server. With a printing pool created, the user prints a document without having to find out
which printer is available. The logical printer checks for an available port and sends
documents to ports in the order that they are added.
Adding the port connected to the fastest printer first ensures that documents are sent to the
printer that can print the fastest before they are routed to slower printers in the printing
pool. Before setting a printing pool, consider the following:
All printers in a pool must use the same driver.
Because users will not know which printer in the pool prints a given document, make sure
all printers in the pool are located in the same place.
Q12. OTSPOT
Your network contains an Active Directory domain named fabrikam.com. You implement DirectAccess.
You need to view the properties of the DirectAccess connection.
Which connection properties should you view?
To answer, select the appropriate connection properties in the answer area.
Answer:
Q13. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC5. DC5 has a Server Core Installation of Windows Server 2012 R2.
You need to uninstall Active Directory from DCS manually.
Which tool should you use?
A. The Remove-ADComputercmdlet
B. The ntdsutil.exe command
C. The dsamain.exe command
D. The Remove-WindowsFeaturecmdlet
Answer: B
Explanation:
Explanation
*
Ntdsutil.exe is a command-line tool that provides management facilities for Active
Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services
(AD LDS).
You can use the ntdsutil commands to perform database maintenance of AD DS, manage
and control single master operations, and remove metadata left behind by domain
controllers that were removed from the network without being properly uninstalled.
*
NTdsutil commands include:
/ local roles
Manages local administrative roles on an RODC.
/ metadata cleanup
Cleans up objects of decommissioned servers.
Q14. OTSPOT
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest contains two Active Directory sites named Site1 and Site2.
You plan to deploy a read-only domain controller (RODC) named DC10 to Site2. You pre-create the DC10 domain controller account by using Active Directory Users and Computers.
You need to identify which domain controller will be used for initial replication during the promotion of the RODC.
Which tab should you use to identify the domain controller?
To answer, select the appropriate tab in the answer area.
Answer:
Q15. Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office.
The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
Both servers have the DHCP Server server role installed. Server1 is located in the main office site.
Server2 is located in the branch office site. Server1 provides IPv4 addresses to the client computers in the main office site. Server2 provides IPv4 addresses to the client computers in the branch office site.
You need to ensure that if either Server1 or Server2 are offline, the client computers can still obtain IPv4 addresses. The solution must meet the following requirements:
The storage location of the DHCP databases must not be a single point of failure. Server1 must provide IPv4 addresses to the client computers in the branch office site only if Server2 is offline.
Server2 must provide IPv4 addresses to the client computers in the main office site only if Server1 is offline.
Which configuration should you use?
A. Load sharing mode failover partners
B. Hot standby mode failover partners
C. A Network Load Balancing (NLB) cluster
D. A failover cluster
Answer: B
Explanation:
http://blogs.technet.com/b/teamdhcp/archive/2012/06/28/ensuring-high-availability-of-dhcpusingwindowsserver-2012-dhcp-failover.aspx Ensuring High Availability of DHCP using Windows Server 2012 R2 DHCP Failover The Hot Standby mode results in an Active-Passive configuration. You will be required to designate one of the two DHCP servers as the active server and the other as standby. The standby server is dormant with regard to serving client requests as long as the active server is up.
However, the standby server receives all the inbound lease updates from the active DHCP server and keeps its database up to date. http://blogs.technet.com/b/teamdhcp/archive/2012/09/03/dhcp-failover-hot-standbymode.aspx DHCP Failover Hot-Standby Mode In the previous blog on DHCP Failover, we discussed the DHCP failover load balance mode where both DHCP servers respond to client requests and load balance the requests between them based on an admin specified load distribution ratio. In the other mode of a failover relationship, known as the Hot-Standby mode (ActivePassive), only one of the servers actively leases IP addresses and option configuration to clients in given subnet(s)/scope(s) while the other server (standby) is passive.
The standby server services the clients, only in event of active server being down. The clients fallback to the active server once the active server becomes available again post the outage. The Load balance mode is more suited for single site deployment where the 2 DHCP servers in a failover relationship are co-located with the subnets/scopes being served by them. As the servers are in network proximity with the clients, the clients do not experience any latency while acquiring or renewing an IP address. Hot-Standby mode is more suited for multisite deployment topologies. Each site would have a local DHCP server which is configured to provide the DHCP service to the clients on the local network and DHCP server at a remote site would be standby server. In a normal state of operation, computers and devices on a given site receive IP addresses and other network configuration from the DHCP server located at the same site as the clients. However, in the event of the local DHCP server being down, the DHCP server from the remote site would provide the service to the clients. You could choose to deploy hot standby mode in a single-site deployment also if you need to.
Q16. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)
A. Run Enable AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Edit the primary authentication global authentication policy settings.
D. Run Set-AdfsProxyPropertiesHttpPort 80.
E. Run Enable-AdfsDeviceRegistration.
Answer: C,E
Explanation:
* To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Enable seamless second factor authentication Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a ‘known’ device and administrators can use this information to drive conditional access and gate access to resources. To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.
Q17. OTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a member server named Server1. All servers run Windows Server 2012 R2.
You install the IP Address Management (IPAM) Server feature on Server1.
From the Provision IPAM wizard, you select the Group Policy Based provisioning method and enter a GPO name prefix of IPAM1.
You need to provision IPAM by using Group Policy.
What command should you run on Server1 to complete the process? To answer, select the appropriate options in the answer area.
Answer:
Q18. Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2.
You create an Active Directory snapshot of DC1 each day.
You need to view the contents of an Active Directory snapshot from two days ago.
What should you do first?
A. Start the Volume Shadow Copy Service (VSS).
B. Run the dsamain.exe command.
C. Run the ntdsutil.exe command.
D. Stop the Active Directory Domain Services (AD DS) service.
Answer: C
Explanation:
Mounting an Active Directory snapshot
Before connecting to the snapshot we need to mount it. By looking at the results of the List
All command in step #8 above, identify the snapshot that you wish to mount, and note the
number next to it.
In order to mount an Active Directory snapshot follow these steps:
Log on as a member of the Domain Admins group to one of your Windows Server 2008
Domain Controllers.
Open a Command Prompt window by clicking on the CMD shortcut in the Start menu, or by
typing CMD and pressing Enter in the Run or Quick Search parts of the Start menu.
Note: You must run NTDSUTIL from an elevated command prompt. To open an elevated
command prompt, click Start, right-click Command Prompt, and then click Run as
administrator.
In the CMD window, type the following command:
ntdsutil
In the CMD window, type the following command:
snapshot
To view all available snapshots, in the CMD window, type the following command:
list all The result should look like this:
snapshot: List All
1: 2008/10/25:03:14 {ec53ad62-8312-426f-8ad4-d47768351c9a}
2: C: {15c6f880-cc5c-483b-86cf-8dc2d3449348}
In this example we only have one snapshot available, one from 2008/10/25 at 03:14AM
(yes, I write articles at this time…). We'll mount this one.
In the CMD window, type the following command:
mount 2
The result should look like this:
snapshot: mount 2
Snapshot {15c6f880-cc5c-483b-86cf-8dc2d3449348} mounted as
C:'$SNAP_200810250314_VOLUMEC$'
Next, you can leave the NTDSUTIL running, or you can quit by typing quit 2 times.
Note: Like the above command, the mounting process can also be run in one line.
However, note that
NTDSUTIL requires that the "list all" command be run in the same session that you mount
the snapshot. So in order to mount the snapshot with a one-liner, you will need to run "list
all" first.
ntdsutil snapshot "list all" "mount 2" quit quit
Note: You do not need to quit from the NTDSUTIL command, you can keep it open
assuming that you'll probably want to unmount the snapshot right after working with it.
Q19. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
An administrator installs the IP Address Management (IPAM) Server feature on a server named Server2. The administrator configures IPAM by using Group Policy based provisioning and starts server discovery.
You plan to create Group Policies for IPAM provisioning.
You need to identify which Group Policy object (GPO) name prefix must be used for IPAM Group Policies.
What should you do on Server2?
A. From Server Manager, review the IPAM overview.
B. Run the Get-IpamConfigurationcmdlet.
C. From Task Scheduler, review the IPAM tasks.
D. Run the ipamgc.exe tool.
Answer: A
Q20. Your network contains an Active Directory domain named contoso.com. The domain contains an organizational unit (OU) named AHServers.OU.
You create and link a Group Policy object (GPO) named GP01 to AllServer.OU. GPO1 is configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that GPO1 only applies to servers that have Remote Desktop Services (RDS) installed.
What should you configure?
A. Item-level targeting
B. WMI Filtering
C. Security Filtering
D. Block Inheritance
Answer: B
Explanation:
Windows Management Instrumentation (WMI) filters allow you to dynamically determine the scope of Group Policy objects (GPOs) based on attributes of the target computer. When a GPO that is linked to a WMI filter is applied on the target computer, the filter is evaluated on the target computer. If the WMI filter evaluates to false, the GPO is not applied. If the WMI filter evaluates to true, the GPO is applied.