[Free] 2017(Nov) Latesttests Pass4sure Microsoft 70-411 Dumps with VCE and PDF Download 121-130

Latesttests 2017 Nov Microsoft Official New Released 70-411
100% Free Download! 100% Pass Guaranteed!
http://www.Latesttests.com/70-411.html

Administering Windows Server 2012

Question No: 121 – (Topic 2)

Your network is configured as shown in the exhibit. (Click the Exhibit button.)

Latesttests 2017 PDF and VCE

Server1 regularly accesses Server2.

You discover that all of the connections from Server1 to Server2 are routed through Router1.

You need to optimize the connection path from Server1 to Server2. Which route command should you run on Server1?

A. Route add -p 10.10.10.0 MASK 255.255.255.0 172.23.16.2 METRIC 100

B. Route add -p 10.10.10.0 MASK 255.255.255.0 10.10.10.1 METRIC 50

C. Route add -p 10.10.10.12 MASK 255.255.255.0 10.10.10.1 METRIC 100

D. Route add -p 10.10.10.12 MASK 255.255.255.0 10.10.10.0 METRIC 50

Answer: A Explanation:

Destination – specifies either an IP address or host name for the network or host.

subnetmask – specifies a subnet mask to be associated with this route entry. If subnetmask is not specified, 255.255.255.255 is used.

gateway – specifies either an IP address or host name for the gateway or router to use when forwarding.

costmetric – assigns an integer cost metric (ranging from 1 through 9,999) to be used in calculating the fastest, most reliable, and/or least expensive routes. If costmetric is not specified, 1 is used.

interface – specifies the interface to be used for the route that uses the interface number. If an interface is not specified, the interface to be used for the route is determined from the gateway IP address.

References:

http: //support. microsoft. com/kb/299540/en-us

http: //technet. microsoft. com/en-us/library/cc757323(v=ws. 10). aspx

Question No: 122 HOTSPOT – (Topic 2)

Your network contains one Active Directory forest named contoso.com.

All client computers for the sales department are in an organizational unit (OU) named Sales. All of the sales department computers run Windows 8.1.

You plan to use Group Policy preferences to map several drives on the sales department computers.

You need to perform the following actions:

  • Create a drive mapping on all of the sales department computers for drive X. If drive X already exists, the current drive mapping should NOT be modified.

  • Create a drive mapping on all of the sales department computers for drive Y. If drive Y already exists, the UNC path must be modified, but all other settings must be maintained.

Which action should you use for each drive mapping? To answer, select the appropriate options in the answer area.

Latesttests 2017 PDF and VCE

Answer:

Latesttests 2017 PDF and VCE

Explanation:

Latesttests 2017 PDF and VCE

C:\Users\Kamran\Desktop\sample.jpg

Create – If a drive mapping doesn’t exist for this user for the share “\shareuserDocuments”, then create one. If there already is one, don’t do anything! It’s a kind, gentle sort of policy, it won’t overwrite anything you already have, so it has a Green icon associated in the UI. Update – If that drive mapping exists, it will be updated with the settings specified here. If there are other settings associated with the drive mapping that aren’t specified here, they will be maintained. If no drive mapping exists for this share, create it. https://blogs.technet.microsoft.com/grouppolicy/2009/10/26/group-policy-preferences- colorful-and-mysteriously-powerful-just-like-windows-7/

Question No: 123 – (Topic 2)

Your network contains one Active Directory domain named contoso.com.

From the Group Policy Management console, you view the details of a Group Policy object (GPO) named GPO1.

You need to ensure that the comments field of GPO1 contains a detailed description of GPO1.

What should you do?

  1. From Active Directory Users and Computers, edit the properties of contoso.com/System/Policies/{229DCD27-9D98-ACC2-A6AE-ED765F065FF5}.

  2. Open GPO1 in the Group Policy Management Editor, and then modify the properties of GPO1.

  3. From Notepad, edit \\contoso.com\SYSVOL\ contoso.com\Policies\{229DCD27-9D98- ACC2-A6AE-ED765F065FF5}\gpt.ini.

  4. From Group Policy Management, click View, and then click Customize.

Answer: B

Explanation: Adding a comment to a Group Policy object

->Open the Group Policy Management Console. Expand the Group Policy Objects node.

->Right-click the Group Policy object you want to comment and then click Edit .

->In the console tree, right-click the name of the Group Policy object and then click Properties .

->Click the Comment tab.

->Type your comments in the Comment box.

->Click OK

Reference: Comment a Group Policy Object https://technet.microsoft.com/en-us/library/cc770974.aspx

Question No: 124 – (Topic 2)

Your company has a main office and a branch office.

The main office contains a server that hosts a Distributed File System (DFS) replicated folder.

You plan to implement a new DFS server in the branch office.

You need to recommend a solution that minimizes the amount of network bandwidth used to perform the initial synchronization of the folder to the branch office.

You recommend using the Export-DfsrClone and Import-DfsrClonecmdlets. Which additional command or cmdlet should you include in the recommendation?

  1. Robocopy.exe

  2. Synchost.exe

  3. Export-BcCachePackage

  4. Sync-DfsReplicationGroup

Answer: A Explanation:

By preseeding files before you set up DFS Replication, add a new replication partner, or replace a server, you can speed up initial synchronization and enable cloning of the DFS Replication database in Windows Server 2012 R2. The Robocopy method is one of several preceding methods

Question No: 125 – (Topic 2)

Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2.

You view the effective policy settings of Server1 as shown in the exhibit. (Click the Exhibit button.)

Latesttests 2017 PDF and VCE

On Server1, you have a folder named C:\Share1 that is shared as Share1. Share1 contains confidential data. A group named Group1 has full control of the content in Share1.

You need to ensure that an entry is added to the event log whenever a member of Group1 deletes a file in Share1.

What should you configure?

  1. the Audit File Share setting of Servers GPO

  2. the Sharing settings of C:\Share1

  3. the Audit File System setting of Servers GPO

  4. the Security settings of C:\Share1

Answer: D Explanation:

You can use Computer Management to track all connections to shared resources on a Windows Server 2008 R2 system.

Whenever a user or computer connects to a shared resource, Windows Server 2008 R2 lists a connection in the Sessions node.

File access, modification and deletion can only be tracked, if the object access auditing is enabled you can see the entries in the event log.

To view connections to shared resources, type net session at a command prompt or follow these steps:

->In Computer Management, connect to the computer on which you created the

shared resource.

->In the console tree, expand System Tools, expand Shared Folders, and then select Sessions. You can now view connections to shares for users and computers.

To enable folder permission auditing, you can follow the below steps:

->Click start and run quot;secpol. mscquot; without quotes.

->Open the Local Policies\Audit Policy

->Enable the Audit object access for quot;Successquot; and quot;Failurequot;.

->Go to target files and folders, right click the folder and select properties.

->Go to Security Page and click Advanced.

Latesttests 2017 PDF and VCE

->Click Auditing and Edit.

->Click add, type everyone in the Select User, Computer, or Group.

->Choose Apply onto: This folder, subfolders and files.

->Tick on the box “Change permissions”

->Click OK.

Latesttests 2017 PDF and VCE

After you enable security auditing on the folders, you should be able to see the folder permission changes in the server#39;s Security event log. Task Category is File System.

References:

http: //social. technet. microsoft. com/Forums/en-US/winservergen/thread/13779c78-0c73- 4477-8014-f2eb10f3f10f/

http: //technet. microsoft. com/en-us/library/cc753927(v=ws. 10). aspx

http: //social. technet. microsoft. com/Forums/en-US/winservergen/thread/13779c78-0c73- 4477-8014-f2eb10f3f10f/

http: //support. microsoft. com/kb/300549

http: //www. windowsitpro. com/article/permissions/auditing-folder-permission-changes http: //www. windowsitpro. com/article/permissions/auditing-permission-changes-on-a- folder

Question No: 126 – (Topic 2)

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.

The network contains several group Managed Service Accounts that are used by four member servers.

You need to ensure that if a group Managed Service Account resets a password of a domain user account, an audit entry is created.

You create a Group Policy object (GPO) named GPO1. What should you do next?

  1. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User Account Management. Link GPO1 to the Domain Controllers organizational unit (OU).

  2. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit User Account Management. Move the member servers to a new organizational unit (OU). Link GPO1 to the new OU.

  3. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive Privilege Use. Link GPO1 to the Domain Controllers organizational unit (OU).

  4. In GPO1, configure the Advanced Audit Policy Configuration settings for Audit Sensitive Privilege Use. Move the member servers to a new organizational unit (OU). Link GPO1 to the new OU.

Answer: A Explanation:

Audit User Account Management

This security policy setting determines whether the operating system generates audit events when the following user account management tasks are performed:

->A user account is created, changed, deleted, renamed, disabled, enabled, locked

out, or unlocked.

->A user account password is set or changed.

->Security identifier (SID) history is added to a user account.

->The Directory Services Restore Mode password is set.

->Permissions on accounts that are members of administrators groups are changed.

->Credential Manager credentials are backed up or restored.

This policy setting is essential for tracking events that involve provisioning and managing user accounts.

Question No: 127 – (Topic 2)

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.

Server1 has a folder named Folder1 that is used by the sales department.

You need to ensure that an email notification is sent to the sales manager when a File Screening Audit report is generated.

What should you configure on Server1?

  1. a file group

  2. a file screen

  3. a file screen exception

  4. a storage report task

Answer: D Explanation:

From the Storage Reports Management node, you can generate reports that will help you understand file use on the storage server. You can use the storage reports to monitor disk usage patterns (by file type or user), identify duplicate files and dormant files, track quota usage, and audit file screening.

Latesttests 2017 PDF and VCE

Before you run a File Screen Audit report, in the File Server Resource Manager Options dialog box, on the File Screen Audit tab, verify that the Record file screening activity in the auditing database check box is selected.

Reference:

http: //technet. microsoft. com/en-us/library/cc755988. aspx http: //technet. microsoft. com/en-us/library/cc730822. aspx

http: //technet. microsoft. com/en-us/library/cc770594. aspx http: //technet. microsoft. com/en-us/library/cc771212. aspx http: //technet. microsoft. com/en-us/library/cc732074. aspx

Question No: 128 – (Topic 2)

Your network contains one Active Directory forest named contoso.com. You create a starter Group Policy object (GPO) named Starter_GPO1.

From the Delegation tab Of Starter_GPO1, you add a group named GPO_Admins and you assign the Edit settings permissions to the group.

You create a new GPO named GPO1 from Starter_GPO1.

You need to identity which action can he performed by the members of the GPO Admins group.

What should you identify?

  1. Modify the Delegation settings of Starter_GPO1.

  2. Modify the Group Policy Preferences in Starter_GPO1.

  3. Link a WMI filter to GPO1.

  4. Modify the Administrative Templates in GPO1.

Answer: A Explanation:

Permission rights applied to starter GPO objects are relative to the starter GPO objects only; they are not inherited from actual GPOs created from starter GPOs. B is wrong because Starter GPOs do not have preferences, only Administrative Template policy settings.

https://technet.microsoft.com/en-us/library/cc753200.aspx

Question No: 129 – (Topic 2)

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.

Each time a user receives an access-denied message after attempting to access a folder on Server1, an email notification is sent to a distribution list named DLL.

You create a folder named Folder1 on Server1, and then you configure custom NTFS permissions for Folder1.

You need to ensure that when a user receives an access-denied message while attempting to access Folder1, an email notification is sent to a distribution list named DL2. The solution must not prevent DL1 from receiving notifications about other access-denied messages.

What should you do?

  1. From the File Server Resource Manager console, create a local classification property.

  2. From Server Manager, run the New Share Wizard to create a share for Folder1 by selecting the SMB Share – Applications option.

  3. From the File Server Resource Manager console, modify the Access-Denied Assistance settings.

  4. From the File Server Resource Manager console, set a folder management property.

Answer: D

Question No: 130 – (Topic 2)

Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 R2.

You have a Password Settings object (PSOs) named PSO1. You need to view the settings of PSO1.

Which tool should you use?

  1. Get-ADDefaultDomainPasswordPolicy

  2. Active Directory Administrative Center

  3. Local Security Policy

  4. Get-ADAccountResultantPasswordReplicationPolicy

Answer: B Explanation:

In Windows Server 2012, fine-grained password policy management is made much easier than Windows Server 2008/2008 R2. Windows Administrators not have to use ADSI Edit and configure complicated settings to create the Password Settings Object (PSO) in the Password Settings Container. Instead we can configure fine-grained password policy directly in Active Directory Administrative Center (ADAC).

100% Free Download!
Download Free Demo:70-411 Demo PDF
100% Pass Guaranteed!
Download 2017 Latesttests 70-411 Full Exam PDF and VCE

Latesttests ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Latesttests IT Certification PDF and VCE

Leave a Reply

Your email address will not be published. Required fields are marked *