getcertified4sure.com

70-417 Exam

What to do with exam 70 417



Our pass rate is high to 98.9% and the similarity percentage between our 70 417 vce study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70 417 dumps exam in just one try? I am currently studying for the Microsoft 70 417 dumps exam. Latest Microsoft exam 70 417 Test exam practice questions and answers, Try Microsoft exam 70 417 Brain Dumps First.

Q21. Your network contains a single Active Directory domain named contoso.com. All domain 

controllers run Windows Server 2012 R2. 

The domain contains 400 desktop computers that run Windows 8 and 200 desktop 

computers that run Windows Vista Service Pack 2(SP2). 

All of the desktop computers are located in an organizational unit (OU) named OU1. 

You create a Group Policy object (GPO) named GPO1. GPO1 contains startup script 

settings. 

You link GPO1 to OU1. 

You need to ensure that GPO1 is applied only to computers that run Windows 8. 

What should you do? 

A. Modify the Security settings of OU1. 

B. Create and link a WMI filter to GPO1. 

C. Run the Set-GPInheritancecmdlet and specify the -target parameter. 

D. Run the Set-GPLinkcmdlet and specify the -target parameter. 

Answer:

Explanation: 

WMI Filtering is used to get information of the system and apply the GPO on it with the condition is met.Security filtering: apply a GPO to a specific group (members of the group) 


Q22. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed. 

You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL). 

You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted. 

Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.) 

A. Client Authentication 

B. Kernel Mode Code Signing 

C. Server Authentication 

D. IP Security end system 

E. KDC Authentication 

Answer: A,C 

Explanation: 

http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificaterequirements.aspx 


Q23. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. 

Server1 has the IP Address Management (IPAM) Server feature installed. IPAM is configured currently for Group Policy-based provisioning. 

You need to change the IPAM provisioning method on Server1. 

What should you do? 

A. Run the ipamgc.exe command. 

B. Run the ipamgc.exe command. 

C. Run the Set-IPAMConfigurationcmdlet. 

D. Reinstall the IP Address Management (IPAM) Server feature. 

E. Delete IPAM Group Policy objects (GPOs) from the domain. 

Answer:

Explanation: 

You cannot change the provisioning method after completing the initial setup. When you install IPAM and configure either manual OR GPO, you receive the same message about not being able to change the provisioning method. As a matter of fact, I set it up in my lab and configured it as GPO. Here is a copy/paste of the message that is presently on the IPAM home page in server manager: 

"The access configuration mode cannot be modified after completing the IPAM provisioning wizard" Also, the help console in IPAM displays this when searching about provisioning methods: "The managed server provisioning method cannot be changed after you complete the IPAM provisioning wizard." 


Q24. You have a server named Server1. 

You install the IP Address Management (IPAM) Server feature on Server1. 

You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege. 

Which user role should you assign to User1? 

A. IP Address Record Administrator Role 

B. IPAM Administrator Role 

C. IPAM MSM Administrator Role 

D. IPAM DHCP Scope Administrator Role 

Answer:

Explanation: 

Explanation IPAM ASM Administrators IPAM ASM Administrators is a local security group on an IPAM server that is created when you install the IPAM feature. Members of this group have all the privileges of the IPAM Users security group, and can perform IP address space tasks in addition to IPAM common management tasks. Note: When you install IPAM Server, the following local role-based IPAM security groups are created: IPAM Users IPAM MSM Administrators IPAM ASM Administrators IPAM IP Audit Administrators IPAM Administrators Incorrect: not B: Too much privileges. IPAM Administrators IPAM Administrators is a local security group on an IPAM server that is created when you install the IPAM feature. Members of this group have privileges to view all IPAM data and perform all IPAM tasks. 


Q25. Complete the missing word from the sentence below that is describing one of the new roles in Server 2008: 

By using__________ , you can augment an organization's security strategy by protecting information through persistent usage policies, which remain with the information, no matter where it is moved. 

A. AD FS 

B. AD RMS 

C. RODC 

D. AD LDS 

Answer:

Explanation: 

Active Directory Rights Management Services (AD RMS) 


Q26. Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012 R2. 

You need to create a custom Active Directory application partition. 

Which tool should you use? 

A. Eseutil 

B. Dsadd 

C. Dsmod 

D. Ntdsutil 

Answer:

Explanation: 

*

 To create or delete an application directory partition Open Command Prompt. Type:ntdsutil At the ntdsutil command prompt, type:domain management At the domain management command prompt, type:connection At the server connections command prompt, type:connect to server ServerName At the server connections command prompt, type:quit At the domain management command prompt, do one of the following: 

*

 partition management Manages directory partitions for Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS). This is a subcommand of Ntdsutil and Dsmgmt. Ntdsutil and Dsmgmt are command-line tools that are built into Windows Server 2008 and Windows Server 2008 R2. / partition management create nc %s1 %s2 Creates the application directory partition with distinguished name %s1, on the Active Directory domain controller or AD LDS instance with full DNS name %s2. If you specify "NULL" for %s2, this command uses the currently connected Active Directory domain controller. Use this command only with AD DS. For AD LDS, use createnc %s1 %s2 %s3. 

Note: 

*

 An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular 

....... 

application directory partition hosts a replica of that partition. 


Q27. Your network contains a Hyper-V host named Server1 that runs Windows Server 2012 R2. 

Server1 hosts a virtual machine named VM1 that runs Windows Server 2012 R2. 

You create a checkpoint of VM1, and then you install an application on VM1. You verify 

that the application runs properly. 

You need to ensure that the current state of VM1 is contained in a single virtual hard disk 

file. 

The solution must minimize the amount of downtime on VM1. 

What should you do? 

A. From a command prompt run dism.exe and specify the /commit-image parameter. 

B. From a command prompt, run dism.exe and specify the /delete-image parameter. 

C. From Hyper-V Manager, delete the checkpoint. 

D. From Hyper-V Manager, inspect the virtual hard disk. 

Answer:


Q28. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily. 

The domain has the Active Directory Recycle Bin enabled. 

During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups. 

For documentation purposes, you must provide a list of the members of Group1 before the group was deleted. 

You need to identify the names of the users who were members of Group1 prior to its deletion. You want to achieve this goal by using the minimum amount of administrative effort. 

What should you do first? 

A. Reactivate the tombstone of Group1. 

B. Use the Recycle Bin to restore Group1. 

C. Perform an authoritative restore of Group1. 

D. Mount the most recent Active Directory backup. 

Answer:

Explanation: 

You can use the Active Directory database mounting tool (Dsamain.exe) and a Lightweight Directory Access Protocol (LDAP) tool, such as Ldp.exe or Active Directory Users and Computers, to identify which backup has the last safe state of the forest. The Active Directory database mounting tool, which is included in Windows Server 2008 and later Windows Server operating systems, exposes Active Directory data that is stored in backups or snapshots as an LDAP server. Then, you can use an LDAP tool to browse the data. This approach has the advantage of not requiring you to restart any DC in Directory Services Restore Mode (DSRM) to examine the contents of the backup of AD DS. 


Q29. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC4 that runs Windows Server 2012 R2. 

You create a DCCIoneConfig.xml file. You need to clone DC4. 

Where should you place DCCIoneConfig.xml on DC4? 

A. %Systemroot%\SYSVOL 

B. %Systemdrive% 

C. %Systemroot%\NTDS 

D. %Programdata%\Microsoft 

Answer:

Explanation: 

http://technet.microsoft.com/de-de/library/hh831734.aspx 


Q30. Your network contains an Active Directory domain named adatum.com. The domain contains the servers shown in the following table. 

You need to ensure that you can use Server Manager on DC1 to manage DC2. 

Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Install the Windows PowerShell 2.0 engine on DC1. 

B. Install Microsoft .NET Framework 4 on DC2. 

C. Install Windows Management Framework 3.0 on DC2. 

D. Install Remote Server Administration Tools on DC1. 

E. Install Remote Server Administration Tools on DC2. 

Answer: B,C 

Explanation: 

Explanation Windows Management Framework 3.0 To use this release of Server Manager to access and manage remote servers that are running Windows Server 2008 or Windows Server 2008 R2, you must first install .NET Framework 4.0, and then install Windows Management Framework 3.0 on those servers. Note: In Windows Server 2012 R2, you can use Server Manager to perform management tasks on remote servers. Remote management is enabled by default on servers that are running Windows Server 2012 R2. To manage a server remotely by using Server Manager, you add the server to the Server Manager server pool. You can use Server Manager to manage remote servers that are running Windows Server 2008 and Windows Server 2008 R2, but the following updates are required to fully manage these older operating systems (see above). 

Reference: Configure Remote Management in Server Manager 


© Copyright Getcertified4sure.com. examcollectionuk.com
All other trademarks and copyrights are the property of their respective owners.
All rights reserved.