70-417 Exam
The only 70 417 vce resources for you
We provide real exam 70 417 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Microsoft microsoft 70 417 Exam quickly & easily. The exam 70 417 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Microsoft 70 417 dumps dumps pdf and vce product and material, you can easily pass the exam 70 417 exam.
Q231. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2.
You log on to Server1.
You need to retrieve a list of the active TCP connections on Server2.
Which command should you run from Server1?
A. netstat> server2
B. winrm get server2
C. winrs -r:server2netstat
D. dsquery * -scope base -attrip,server2
Answer: C
Explanation:
This command line tool enables administrators to remotely execute most Cmd.exe commands using the WSManagement protocol.
References: http://msdn.microsoft.com/en-us/library/aa384291(v=vs.85).aspx
Q232. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has the Remote Access server role installed.
DirectAccess is implemented on Server1 by using the default configuration.
You discover that DirectAccess clients do not use DirectAccess when accessing websites on the Internet.
You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess connection.
What should you do?
A. Configure a DNS suffix search list on the DirectAccess clients.
B. Enable the Route all traffic through the internal network policy setting in the DirectAccess Server Settings Group Policy object (GPO).
C. Configure DirectAccess to enable force tunneling.
D. Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client Settings Group Policy object (GPO).
Answer: C
Q233. Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. The domain contains four servers. The servers are configured as shown in the following table.
You need to deploy IP Address Management (IPAM) to manage DNS and DHCP.
On which server should you install IPAM?
A. DC1
B. DC2
C. DC3
D. Server1
Answer: D
Explanation: D. IPAM cannot be installed on Domain Controllers. All other servers have the DC role http://technet.microsoft.com/en-us/library/hh831353.aspx
Q234. A server named Server01 is running Server Core at your companies IT house. It is already configured with the AD DS role but you also want to add AD CS to the server. What must you do to add Active Directory Certificate Services (AD CS) to this server?
A. Reinstall the server with the full version of Windows Server 2008
B. Install the AD CS role
C. Install the RODC role
D. Install the AD FS role
Answer: B Explanation:
Server 2012 allows AD CS in core mode. http://technet.microsoft.com/en-us/library/hh831373.aspx What's New in AD CS? New and changed functionality Several new capabilities are available in the Windows Server 2012 R2 version of AD CS. They include: Integration with Server Manager Deployment and management capabilities from Windows PowerShell?All AD CS role services run on any Windows Server 2012 R2 version All AD CS role services can be run on Server Core Support for automatic renewal of certificates for non-domain joined computers Enforcement of certificate renewal with same key Support for international domain names Increased security enabled by default on the CA role service AD DS Site Awareness for AD CS and PKI Clients
Q235. Your network contains two Active Directory forests named contoso.com and dev.contoso.com. The contoso.com forest contains a domain controller named DO. The dev.contoso.com forest contains a domain controller named DC2. Each domain contains an organizational unit (OU) named OU1.
Dev.contoso.com has a Group Policy object (GPO) named GP01. GP01 contains 200 settings, including several settings that have network paths. GP01 is linked to OU1.
You need to copy GP01 from dev.contoso.com to contoso.com.
What should you do first on DC2?
A. From the Group Policy Management console, right-click GPO1 and select Copy.
B. Run the mtedit.exe command and specify the /Domaintcontoso.com /DC: DC 1 parameter.
C. Run the Save-NetGpocmdlet.
D. Run the Backup-Gpocmdlet.
Answer: A
Explanation: To copy a Group Policy object:
In the GPMC console tree, right-click the GPO that you want to copy, and then click Copy.
To create a copy of the GPO in the same domain as the source GPO, right-click Group
Policy objects, click Paste, specify permissions for the new GPO in the Copy GPO box, and
then click OK .
For copy operations to another domain, you may need to specify a migration table.
The Migration Table Editor (MTE) is provided with Group Policy Management Console
(GPMC) to facilitate the editing of migration tables. Migration tables are used for copying or
importing Group Policy objects (GPOs) from one domain to another, in cases where the
GPOs include domain-specific information that must be updated during copy or import.
Source WS2008R2: Backup the existing GPOs from the GPMC, you need to ensure that
the “Group Policy Objects” container is selected for the “Backup Up All” option to be
available.
Copy a Group Policy Object with the Group Policy Management Console (GPMC)
You can copy a Group Policy object (GPO) either by using the drag-and-drop method or
right-click method.
Applies To: Windows 8, Windows Server 2008 R2, Windows Server 2012
Ref: http://technet.microsoft.com/en-us/library/cc785343(v=WS.10).aspx
http://technet.microsoft.com/en-us/library/cc733107.aspx
Q236. OTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Federation Services (AD FS) server role installed.
Adatum.com is a partner organization.
You are helping the administrator of adatum.com set up a federated trust between adatum.com and contoso.com. The administrator of adatum.com asks you to provide a file containing the federation metadata of contoso.com.
You need to identify the location of the federation metadata file. Which node in the AD FS console should you select?
To answer, select the appropriate node in the answer area.
Answer:
Q237. Managing Group Policy objects is a tiresome task. Which of the following Windows Server 2012 R2 features could you use to save time when creating GPO's with similar settings?
A. UAC
B. PXE boot
C. IFM
D. Starter GPO
Answer: D
Explanation:
Starter Group Policy objects derive from a Group Policy object (GPO), and provide the ability to store a collection of Administrative Template policy settings in a single object. You can import and export Starter GPOs, which makes them easy to distribute to other environments. When you create a new GPO from a Starter GPO, the new GPO has all of the Administrative Template policy settings and their values that were defined in the Starter GPO.
Q238. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort.
Which tool should you use?
A. The Set-AdComputercmdlet
B. Group Policy Object Editor
C. Active Directory Users and Computers
D. Group Policy Management Console (GPMC)
Answer: D
Explanation:
In the previous versions of Windows, this was accomplished by having the user run
GPUpdate.exe on their computer. Starting with Windows Server? 2012 and Windows?8,
you can now remotely refresh Group Policy settings for all computers in an OU from one
central location through the Group Policy Management Console (GPMC). Or you can use
the Invoke-GPUpdate cmdlet to refresh Group Policy for a set of computers, not limited to
the OU structure, for example, if the computers are located in the default computers
container. Note: Group Policy Management Console (GPMC) is a scriptable Microsoft
Management Console (MMC) snap-in, providing a single administrative tool for managing
Group Policy across the enterprise. GPMC is the standard tool for managing Group Policy.
Incorrect:
Not B: Secedit configures and analyzes system security by comparing your current
configuration to at least one template.
Reference: Force a Remote Group Policy Refresh (GPUpdate)
Q239. OTSPOT
You have two servers that run Windows Server 2012 R2. The servers are configured as shown in the following table.
You need to ensure that Server2 can be managed by using Server Manager from Server1.
In the table below, identify which actions must be performed on Server1 and Server2.Make only one selection in each row. Each correct selection is worth one point.
Answer:
Q240. You have a server named Server1 that runs Windows Server 2012 R2.
Server1 is backed up by using Windows Server Backup. The backup configuration is shown in the exhibit. (Click the Exhibit button.)
You discover that only the last copy of the backup is maintained.
You need to ensure that multiple backup copies are maintained.
What should you do?
A. Configure the Optimize Backup Performance settings.
B. Modify the Volume Shadow Copy Service (VSS) settings.
C. Modify the backup times.
D. Modify the backup destination.
Answer: D
Explanation:
A, The destination in the exhibit shows a network share is useD. If a network share is being used only the latest copy will be saved http://windows.microsoft.com/en-us/windows7/where-should-i-save-my-backup