70-417 Exam
Quick Guide: 70 417 pdf
Cause all that matters here is passing the Microsoft 70 417 vce exam. Cause all that you need is a high score of 70 417 exam Upgrading Your Skills to MCSA Windows Server 2012 exam. The only one thing you need to do is downloading Testking 70 417 vce exam study guides now. We will not let you down with our money-back guarantee.
Q131. Your network contains an Active Directory domain named contoso.com. The network contains a file server named Server1 that runs Windows Server 2012 R2.
You are configuring a central access policy for temporary employees.
You enable the Department resource property and assign the property a suggested value of Temp.
You need to configure a target resource condition for the central access rule that is scoped to resources assigned to Temp only.
Which condition should you use?
A. (Department.Value Equals "Temp")
B. (Resource.Department Equals "Temp")
C. (Temp.Resource Equals "Department")
D. (Resource.Temp Equals "Department")
Answer: B
Explanation:
Explanation http://technet.microsoft.com/fr-fr/library/hh846167.aspx
Q132. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed.
An administrator installs the IP Address Management (IPAM) Server feature on a server named Server2. The administrator configures IPAM by using Group Policy based provisioning and starts server discovery.
You plan to create Group Policies for IPAM provisioning.
You need to identify which Group Policy object (GPO) name prefix must be used for IPAM Group Policies.
What should you do on Server2?
A. From Server Manager, review the IPAM overview.
B. Run the Get-IpamConfigurationcmdlet.
C. From Task Scheduler, review the IPAM tasks.
D. Run the ipamgc.exe tool.
Answer: A
Q133. After setting up several Active Directory users for different OU's, you discover that the IT technician has miss spelt the Office property as Londn instead of London.
Which tool should you use to correct the changes to all of the OU's at once?
A. Use Dsget and Dsmod
B. Use Dsquery and Dsmod
C. Use MoveTo or MoveHere
D. Multi select the users using the Ctrl key and opening Properties
Answer: B
Explanation:
You can use Dsquery to query AD users by property values. So in this case we could query on the miss spelt word London.
Q134. OTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and configured.
For all users, you are deploying smart cards for logon. You are using an enrollment agent to enroll the smart card certificates for the users.
You need to configure the Contoso Smartcard Logon certificate template to support the use of the enrollment agent.
Which setting should you modify? To answer, select the appropriate setting in the answer area.
Answer:
172. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
An organizational unit (OU) named OU1 contains 200 client computers that run Windows 8 Enterprise. A Group Policy object (GPO) named GPO1 is linked to OU1.
You make a change to GPO1.
You need to force all of the computers in OU1 to refresh their Group Policy settings immediately. The solution must minimize administrative effort.
Which tool should you use?
A. The Set-AdComputercmdlet
B. Group Policy Management Console (GPMC)
C. Server Manager
D. TheGpupdate command
Answer: B
Explanation:
In the previous versions of Windows, this was accomplished by having the user run
GPUpdate.exe on their computer. Starting with Windows Server? 2012 and Windows?8,
you can now remotely refresh Group Policy settings for all computers in an OU from one
central location through the Group Policy Management Console (GPMC). Or you can use
the Invoke-GPUpdate cmdlet to refresh Group Policy for a set of computers, not limited to
the OU structure, for example, if the computers are located in the default computers
container. Note: Group Policy Management Console (GPMC) is a scriptable Microsoft
Management Console (MMC) snap-in, providing a single administrative tool for managing
Group Policy across the enterprise. GPMC is the standard tool for managing Group Policy.
Incorrect:
Not B: Secedit configures and analyzes system security by comparing your current
configuration to at least one template.
Reference: Force a Remote Group Policy Refresh (GPUpdate)
Q135. OTSPOT
Your network contains an Active Directory domain named contoso.com.
All DNS servers host a DNS zone named adatum.com. The adatum.com zone is not Active
Directory-integrated.
An administrator modifies the start of authority (SOA) record for the adatum.com zone.
After the modification, you discover that when you add or modify DNS records in the
adatum.com zone, the changes are not transferred to the DNS servers that host secondary
copies of the adatum.com zone.
You need to ensure that the records are transferred to all the copies of the adatum.com
zone.
What should you modify in the SOA record for the adatum.com zone? To answer, select the appropriate setting in the answer area.
Answer:
252. Your manager has asked you to configure the company Windows Server 2008 domain controller. He wants all new computer accounts to be placed in the General OU, when computers join the domain.
Which command should you use to accomplish this?
A. Netdom
B. Dsmove
C. None of these
D. Redircmp
Answer: D
Explanation:
http://technet.microsoft.com/en-us/library/cc770619(v=ws.10).aspx
Q136. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the IP Address Management (IPAM) Server feature installed. Server2 has the DHCP Server server role installed. A user named User1 is a member of the IPAM Users group on Server1. You need to ensure that User1 can use IPAM to modify the DHCP scopes on Server2. The solution must minimize the number of permissions assigned to User1.
To which group should you add User1?
A. IPAM ASM Administrators on Server1
B. IPAMUG in Active Directory
C. DHCP Administrators on Server2
D. IPAM MSM Administrators on Server1
Answer: C
Explanation:
Sever2 "DHCP Users" group membership is required to modify scopes on Server2 of course DHCP Administrators can proceed these tasks too. From the MSPress book "Upgrading your skills to MCSA Windows Server 2012 R2" IPAM Provisioning IPAM installation sets up various periodic data collection tasks to collect relevant data from managed DNS, DHCP, DC and NPS servers to enable address space management, multiserver management and monitoring and event catalog scenarios. All IPAM tasks launch under the Network Service account, which presents the local computer's credentials to remote servers. To accomplish this, administrators must enable read access and security permissions for the required resources over managed servers for the IPAM server's computer account. Further the relevant firewall ports need to be configured on these managed servers. IPAM Access Settings The following table provides a mapping of the IPAM functionality and managed server role type to access setting and FW rule required by IPAM periodic tasks
IPAM Access Monitoring IPAM access monitoring tracks the provisioning state of the following statuses on the server roles, which are displayed in the details pane of the IPAM server inventory view
Q137. Your network contains an Active Directory domain named adatum.com. The domain contains a server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate Services server role installed and is configured to support key archival and recovery.
You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the private keys from the AD CS database.
What should you do?
A. Assign User1 the Issue and Manage Certificates permission to CA1.
B. Assign User1 the Read permission and the Write permission to all certificate templates.
C. Provide User1 with access to a Key Recovery Agent certificate and a private key.
D. Assign User1 the Manage CA permission to CA1.
Answer: C
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/7573.active-directory-certificate-services-pki-keyarchival-and-management.aspx#Protecting_Key_Recovery_Agent_Keys
Q138. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named Server1 that runs Windows Server 2012 R2.
On Server1, you create a work folder named Work1. A user named User1 connects to Work1 from a computer named Computer1.
You need to identify the last time the documents in Work1 were synchronized successfully from Computer1. What should you do?
A. From Windows PowerShell, run the Get-SyncShare cmdlet
B. From Windows PowerShell, run the Get-SyncUserSettings cmdlet
C. From Server Manager, review the properties of Computer1
D. From Server Manager, review the properties of User1
Answer: D
Q139. Is the following statement about Hyper-V true or false? Hyper-V does not support wireless networks.
A. True
B. False
Answer: B
Explanation:
Hyper-V 2012 supports wireless (one of my VM is currently connected to internet using the wifi card of my laptop...) True that in 2008R2 it was not supported (unless many customizations, i know it as i did it)
Q140. Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed.Server1 and Server2 are located in different offices. The offices connect to each other by using a high-latency WAN link.
Server2 hosts a virtual machine named VM1.
You need to ensure that you can start VM1 on Server1 if Server2 fails. The solution must minimize hardware costs.
What should you do?
A. From the Hyper-V Settings of Server2, modify the Replication Configuration settings. Enable replication for VM1.
B. On Server1, install the Multipath I/O (MPIO) feature. Modify the storage location of the VHDs for VM1.
C. On Server2, install the Multipath I/O (MPIO) feature. Modify the storage location of the VHDs for VM1.
D. From the Hyper-V Settings of Server1, modify the Replication Configuration settings. Enable replication for VM1.
Answer: D
Explanation:
You first have to enable replication on the Replica server--Server1--by going to the server and modifying the "Replication Configuration" settings under Hyper-V settings. You then go to VM1--which presides on Server2-- and run the "Enable Replication" wizard on VM1.