70-410 Exam
Ideas to 70 410 questions
Our pass rate is high to 98.9% and the similarity percentage between our microsoft 70 410 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Microsoft 70 410 exam questions and answers pdf exam in just one try? I am currently studying for the Microsoft mcsa 70 410 pdf exam. Latest Microsoft 70 410 exam Test exam practice questions and answers, Try Microsoft exam collections 70 410 Brain Dumps First.
Q121. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that hosts the primary DNS zone for contoso.com.
All client computers are configured to use DC1 as the primary DNS server.
You need to configure DC1 to resolve any DNS requests that are not for the contoso.com zone by querying the DNS server of your Internet Service Provider (ISP).
What should you configure?
A. Naming Authority Pointer (NAPTR) DNS resource records (RR)
B. Name server (NS) records
C. A Forwarders
D. Conditional forwarders
Answer: C
Explanation:
On a network with several servers and/or client computers a server that is configured as a forwarder will manage the Domain Name System (DNS) traffic between your network and the Internet.
Q122. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You have been instructed to make sure that Contoso.com users are not able to install a Windows Store application. You then create a rule for packaged apps.
Which of the following is the rule based on? (Choose all that apply.)
A. The publisher of the package.
B. The publisher of the application.
C. The name of the package
D. The name of the application
E. The package version.
F. The application version.
Answer: A,C,E
Explanation:
Packaged apps (also known as Windows 8 apps) are new to Windows Server 2012 R2 and Windows 8. They are based on the new app model that ensures that all the files within an app package share the same identity. Therefore, it is possible to control the entire application using a single AppLocker rule as opposed to the non-packaged apps where each file within the app could have a unique identity. Windows does not support unsigned packaged apps which implies all packaged apps must be signed. AppLocker supports only publisher rules for Packaged apps. A publisher rule for a Packaged app is based on the following information: Publisher of the package Package name Package version All the files within a package as well as the package installer share these attributes. Therefore, an AppLocker rule for a Packaged app controls both the installation as well as the running of the app. Otherwise, the publisher rules for Packaged apps are no different than the rest of the rule collections; they support exceptions, can be increased or decreased in scope, and can be assigned to users and groups.
Q123. - (Topic 3)
Your network contains an Active Directory domain named contoso.com.
All servers run Windows Server 2012 R2.
An application named Appl.exe is installed on all client computers. Multiple versions of Appl.exe are installed on different client computers. Appl.exe is digitally signed.
You need to ensure that only the latest version of Appl.exe can run on the client computers.
What should you create?
A. An application control policy packaged app rule
B. A software restriction policy certificate rule
C. An application control policy Windows Installer rule
D. An application control policy executable rule
Answer: D
Explanation:
A. A publisher rule for a Packaged app is based on publisher, name and version B. You can create a certificate rule that identifies software and then allows or does not allow the software torun, depending on the security level.
C. For .msi or .msp
D. Executable Rules, for .exe and can be based on Publisher, Product name, filename and version. Use Certificate Rules on Windows Executables for Software Restriction Policies This security setting determines if digital certificates are processed when a user or process attempts to run software with an .exe file name extension. This security settings is used to enable or disable certificate rules, a type of software restriction policies rule. With software restriction policies, you can create a certificate rule that will allow or disallow software that is signed by Authenticode to run, based on the digital certificate that is associated with the software. In order for certificate rules to take effect, you must enable this security setting. When certificate rules are enabled, software restriction policies will check a certificate revocation list (CRL) to make sure the software’s certificate and signature are valid. This may decrease performance when start signed programs. You can disable this feature. On Trusted Publishers Properties, clear the Publisher and Timestampcheck boxes.
Q124. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. The domain contains a standalone server named Server2 that is located in a perimeter network. Both servers run Windows Server 2012 R2.
You need to manage Server2 remotely from Server1.
What should you do?
A. From Server1, run the Enable-PsRemotingcmdlet.
B. From Server2, run the winrm command.
C. From Server2/ run the Enable-PsRemotingcmdlet.
D. From Server1, run the winrm command.
Answer: D
Q125. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed.
Contoso.com has a server, named ENSUREPASS-SR13. ENSUREPASS-SR13 hosts a shared folder, named ENSUREPASSShare, which has been shared as ENSUREPASSShare$.
Which of the following is TRUE with regards to sharing the folder in this manner?
A. It allows all users to view ENSUREPASSShare when browsing the network.
B. It prevents users from viewing ENSUREPASSShare when browsing the network.
C. It only allows ENSUREPASS-SR13’s users to view ENSUREPASSShare.
D. It removes the permissions configured for ENSUREPASSShare.
Answer: B
Q126. HOTSPOT - (Topic 1)
You have a DHCP server named Server1 that runs Windows Server 2012 R2. On Server1, you run the commands as shown in the exhibit. (Click the Exhibit button.)
To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point.
Answer:
Q127. - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2.Server1 has the Print and Document Services server role installed.
Server1 is connected to two identical print devices.
The solution must ensure that if one print device fails, the print jobs will print automatically on the other print device.
What should you do on Server1?
A. Add two printers and configure the priority of each printer.
B. Add one printer and configure printer pooling.
C. Install the Network Load Balancing (NLB) feature, and then add one printer.
D. Install the Failover Clustering feature, and then add one printer
Answer: B
Explanation:
A. expedite documents that need to be printed immediately
B. A printing pool is one logical printer connected to multiple printers through multiple ports of the print server. The printer that is idle receives the next document sent to the logical printer. When printing to a printer pool, the spooler will send waiting jobs to alternate ports. If the original or alternate ports are not available
C. NLB for printing is not supported D. Would need 2 nodes A printing pool is one logical printer connected to multiple printers through multiple ports of the print server. The printer that is idle receives the next document sent to the logical printer. This is useful in a network with a high volume of printing because it decreases the time users wait for their documents. A printing pool also simplifies administration because multiple printers can be managed from the same logical printer on a server. If one device within a pool stops printing, the current document is held at that device. The succeeding documents print to other devices in the pool, while the delayed document waits until the nonfunctioning printer is fixed. Efficient printer pools have the following characteristics: All printers in the pool are the same model. Printer ports can be of the same type or mixed (parallel, serial, and network). It is recommended that all printers be in one location. Because it is impossible to predict which printer will receive the document, keep all printers in a pool in a single location. Otherwise, users might have a hard time finding their printed document. http://technet.microsoft.com/en-us/library/cc757086(v=ws.10).aspx http://technet.microsoft.com/en-us/library/ cc784619(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc958172.aspx You can create a printing pool to automatically distribute print jobs to the next available printer. A printing pool is one logical printer connected to multiple printers through multiple ports of the print server. The printer that isidle receives the next document sent to the logical printer.
Q128. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2. You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. File Server Resource Manager (FSRM)
B. New-StoragePool
C. Diskpart
D. Share and Storage Management
Answer: C
Explanation:
You can create a VHD from either the Disk Management snap-in or the command line (diskpart). From the DiskPart command-line tool at an elevated command prompt, run the create vdisk command and specify the file (to name the file) and maximum (to set the maximum size in megabytes) parameters. The following code demonstrates how to create a VHD file at C:\vdisks\disk1.vdh with a maximum file size of 16 GB (or 16,000 MB). DiskPart Microsoft DiskPart version 6.1.7100 Copyright (C) 1999-2008 Microsoft Corporation. On computer: WIN7 DISKPART> create vdisk file="C:\vdisks\disk1.vhd" maximum=16000
Q129. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2 and has the File and Storage Services server role installed.
On Server1, you create a share named Documents.
You need to ensure that users can recover files that they accidently delete from Documents.
What should you do?
A. Enable shadow copies by using Computer Management.
B. Create a storage pool that contains a two-way mirrored volume by using Server Manager.
C. Modify the Startup type of the Volume Shadow Copy Service (VSS) by using the Services console.
D. Create a recovery partition by using Windows Assessment and Deployment Kit (Windows ADK).
Answer: A
Explanation:
If you enable Shadow Copies of Shared Folders on a volume using the default values, a task will be scheduled to create shadow copies at 7:00 A.M of next business day. The default storage area will be on the same volume, and its size will be 10 percent of the available space. You can only enable Shadow Copies of Shared Folders on a per-volume basis–that is, you cannot select specific shared folders and files on a volume to be copied or not copied.
To enable and configure Shadow Copies of Shared Folders:
1. Click Start, point to Administrative Tools, and then click Computer Management.
2. In the console tree, right-click Shared Folders, click All Tasks, and then click Configure Shadow Copies.
3. In Select a volume, click the volume that you want to enable Shadow Copies of Shared Folders for, and then click Enable.
4. You will see an alert that Windows will create a shadow copy now with the current settings and that the settings might not be appropriate for servers with high I/O loads. Click Yes if you want to continue or No if you want to select a different volume or settings.
5. To make changes to the default schedule and storage area, click Settings.
Shadow copies - a feature that provides point-in-time copies of files stored on file shares on file servers. Shadow Copies of Shared Folders allows users to view and access shadow copies, which are shared files and folders as they existed at different points of time in the past. By accessing previous versions of files and folders, users can compare versions of a file while working and recover files that were accidentally deleted or overwritten.
References: Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter
7: Hyper-V virtualization, Lesson 1: Deploying and configuring Hyper-V- hosts, p. 302
Q130. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains 20 computer accounts that reside in an organizational unit (OU) named OU1.
A Group Policy object (GPO) named GPO1 is linked to OU1. GPO1 is used to assign several user rights to a user named User1.
In the Users container, you create a new user named User2.
You need to ensure that User2 is assigned the same user rights as User1 on all of the client computers in OU1.
What should you do?
A. Modify the settings in GPO1.
B. Modify the link of GPO1.
C. Link a WMI filter to GPO1.
D. Move User2 to OU1.
Answer: D
Explanation:
The GPO is linked to OU1. By moving User2 to OU1 the GPO will be applied to this user.