70-410 Exam
Get Smart with exam collections 70 410
Act now and download your Microsoft mcsa 70 410 pdf test today! Do not waste time for the worthless Microsoft 70 410 dumps tutorials. Download Leading Microsoft Installing and Configuring Windows Server 2012 exam with real questions and answers and begin to learn Microsoft 70 410 questions with a classic professional.
Q151. - (Topic 2)
Your network contains an Active Directory domain named contoso.com.
An organizational unit (OU) named OU1 contains the computer accounts for laptops and
desktop computers.
A Group Policy object (GPO) named GP1 is linked to OU1.
You need to ensure that the configuration settings in GP1 are applied only to a user named
User1.
What should you do?
A. Modify the security settings of OU1.
B. Modify the GPO Status of GP1.
C. Modify the security settings of GP1.
D. Configure the WMI Filter of GP1.
Answer: C
Explanation:
References: Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 10: Implementing Group Policy, p. 470, 482 http://technet.microsoft.com/en-us/library/jj134176 WMI filtering using GPMC
Q152. - (Topic 2)
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2.
The domain contains a user named User1 and a global security group named Group1.
You need to ensure that User1 can manage the group membership of Group1. The solution must minimize the number of permissions assigned to User1.
Which cmdlet should you run?
A. Add-AdPrincipalGroupMembership
B. Install-AddsDomainController
C. Install-WindowsFeature
D. Install-AddsDomain
E. Rename-AdObject
F. Set-AdAccountControl
G. Set-AdGroup
H. Set-User
Answer: G
Explanation:
The Set-ADGroup cmdlet modifies the properties of an Active Directory group. You can modify commonly used property values by using the cmdlet parameters. For example, the –ManagedBy parameter allows you to specify a user or group of users who can manage the specified AD group.
Q153. Your network contains an Active Directory forest. The forest contains two domains named contoso.com and corp.contoso.com. The forest contains four domain controllers. The domain controllers are configured as shown in the following table.
All domain controllers are DNS servers. In the corp.contoso.com domain, you plan to deploy a new domain controller named DC5.
You need to identify which domain controller must be online to ensure that DC5 can be promoted successfully to a domain controller.
Which domain controller should you identify?
A. DC1
B. DC2
C. DC3
D. DC4
Answer: C
Q154. HOTSPOT - (Topic 1)
Your network contains an Active Directory domain named adatum.com.
You create an account for a temporary employee named User1.
You need to ensure that User1 can log on to the domain only between 08:00 and 18:00
from a client computer named Computer1.
From which tab should you perform the configuration?
To answer, select the appropriate tab in the answer area.
Answer:
Q155. HOTSPOT - (Topic 2)
Your network contains an Active Directory forest. The forest contains two domains named Domain1 and Domain2.
Domain1 contains a file server named Server1. Server1 has a shared folder named Share1.
Domain2 contains 50 users who require access to Share1.
You need to create groups in each domain to meet the following requirements:
. In Domain1, create a group named Group1. Group1 must be granted access to Share1. . In Domain2, create a group named Group2. Group2 must contain the user accounts of the 50 users. . Permission to Share1 must only be assigned directly to Group1.
Which type of groups should you create and which group nesting strategy should you use?
To answer, select the appropriate configuration in the answer area.
Answer:
Q156. - (Topic 2)
Your network contains several servers that run Windows Server 2012 R2 and client computers that run Windows 8.1.
You download several signed Windows PowerShell scripts from the Internet.
You need to run the PowerShell scripts on all of the servers and all of the client computers.
What should you modify first?
A. The environment variables on all of the servers
B. The execution policy on all of the servers
C. The execution policy on all of the client computers
D. The environment variables on all client computers
Answer: C
Explanation:
The default execution policy of Windows Server 2012 is RemoteSigned meaning that as long as a valid signature is used on the scripts, they will run. However, the client computers have a default execution policy of restricted meaning that no scripts will run in PowerShell whatsoever, so this would have to be changed before the scripts could be executed on the client computers.
Q157. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains 500 servers that run Windows Server 2012 R2.
You have a written security policy that states the following:
Only required ports must be open on the servers.
All of the servers must have Windows Firewall enabled.
Client computers used by administrators must be allowed to access all of the ports
on all of the servers.
Client computers used by the administrators must be authenticated before the
client computers can access the servers.
You have a client computer named Computer1 that runs Windows 8.
... .
You need to ensure that you can use Computer1 to access all of the ports on all of the servers successfully. The solution must adhere to the security policy.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)
A. On Computer1, create a connection security rule.
B. On all of the servers, create an outbound rule and select the Allow the connection if it is secure option.
C. On all of the servers, create an inbound rule and select the Allow the connection if it is secure option.
D. On Computer1, create an inbound rule and select the Allow the connection if it is secure option.
E. On Computer1, create an outbound rule and select the Allow the connection if it is secure option.
F. On all of the servers, create a connection security rule.
Answer: A,C,F
Explanation:
Unlike firewall rules, which operate unilaterally, connection security rules require that both
communicating computers have a policy with connection security rules or another
compatible IPsec policy.
Traffic that matches a firewall rule that uses the Allow connection if it is secure setting
bypasses Windows Firewall. The rule can filter the traffic by IP address, port, or protocol.
This method is supported on Windows Vista or Windows Server 2008.
References:
http://technet.microsoft.com/en-us/library/cc772021.aspx
http://technet.microsoft.com/en-us/library/cc753463.aspx
Q158. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2008 R2 installed.
Most of the Contoso.com servers have 64 – bit CPU’s installed, while the rest have 32 – bit CPU’s installed. You are informed that Contoso.com wants to deploy Windows Server 2012 R2 on all their servers.
You need to make recommendations to ensure that this is possible.
Which of the following would you recommend?
A. You should inform Contoso.com that the deployment can proceed without any changes.
B. You should inform Contoso.com that the servers with 32 bit CPU’s must be upgraded to include 64 bit CPU’s for the deployment to proceed.
C. You should inform Contoso.com that the servers with 64 bit CPU’s must be upgraded to include 32 bit CPU’s for the deployment to proceed.
D. You should inform Contoso.com that the deployment is not in any way possible.
Answer: B
Explanation:
Windows Server 2012 is a 64-bit only operating system. Minimum: 1.4 GHz 64-bit processor
Q159. - (Topic 3)
Your network contains one Active Directory domain named contoso.com. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01.
The domain contains an administrator account named Admin1.
You need to prevent Admin1 from creating more than 100 objects in the domain partition.
Which tool should you use?
A. the ntdsutil command
B. the Set-ADDomain cmdlet
C. the Install-ADDSDomain cmdlet
D. the dsadd command
E. the dsamain command
F. the dsmgmt command
G. the net user command
H. the Set-ADForest cmdlet
Answer: D
Explanation:
Active Directory quotas are limits on the number of objects that a security principal (that has been delegated the Create Child Objects or Delete Child Objects permission) can own and create. To assign a quota to a security principal, you must use the directory services tools. The command and required parameters for assigning a quota to a security principal are as follows:
dsadd quota –part <partition distinguished name> –qlimit <quotalimit> –acct <security prinicipal>
Reference: Active Directory Quotas
https://technet.microsoft.com/en-us/library/cc904295(v=ws.10).aspx
Q160. - (Topic 3)
You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing the use of Non-Uniform Memory Architecture (NUMA).
Which of the following is TRUE with regards to Non-Uniform Memory Architecture (NUMA)? (Choose two.)
A. It is a computer architecture used in multiprocessor systems.
B. It is a computer architecture used in single processor systems.
C. It allows a processor to access local memory faster than it can access remote memory.
D. It allows a processor to access remote memory faster than it can access local memory.
Answer: A,C
Explanation:
NUMA is a hardware design feature that divides CPUs and memory in a physical server into NUMA nodes. You get the best performance when a process uses memory and CPU from within the same NUMA node. de is full, then it’ll get memory from When a process requires more memory, but the current NUMA no another NUMA node and that comes at a performance cost to that process, and possibly all other processes on that physical server. And that’s why virtualization engineers need to be aware of this. In Hyper-V we have Dynamic Memory. Non-Uniform Memory Access or Non-Uniform Memory Architecture (NUMA) is a computer memory design used in multiprocessors, where the memory access time depends on the memory location relative to a processor. Under ccNUMA, a processor can access its own local memory faster than non-local memory, that is, memory local to another processor or memory shared between processors. NUMA architectures logically follow in scaling from symmetric multiprocessing (SMP) architectures.