aiotestking uk

70-412 Exam Questions - Online Test


70-412 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. DRAG DROP 

Your network contains an Active Directory domain named contoso.com. The domain contains two DHCP servers named DHCP1 and DHCP2 that run Windows Server 2012 R2. 

You install the IP Address Management (IPAM) Server feature on a member server named Server1 and you run the Run Invoke-IpamGpoProvisioning cmdlet. 

You need to manage the DHCP servers by using IPAM on Server1. 

Which three actions should you perform? 

To answer, move the three appropriate actions from the list of actions to the answer area 

and arrange them in the correct order. 

Answer:  

Q2. Information and details provided in a question App1y only to that question. 

Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 have the Network Load Balancing (NLB) feature installed. The servers are configured as nodes in an NLB cluster named Cluster1. 

Cluster1 hosts a secure web Application named WebApp1. WebApp1 saves user state information locally on each node. 

You need to ensure that when users connect to WebApp1, their session state is maintained. 

What should you configure? 

A. Affinity-None 

B. Affinity-Single 

C. The cluster quorum settings 

D. The failover settings 

E. A file server for general use 

F. The Handling priority 

G. The host priority 

H. Live migration 

I. The possible owner 

J. The preferred owner 

K. Quick migration 

L. the Scale-Out File Server 

Answer:

Explanation: 

Client Affinity NLB offers three types of client affinity to minimize response time to clients and provide generic support for preserving session state. Each affinity specifies a different method for distributing client requests. 

Affinity Single: Single Multiple requests from the same client must access the same member; useful for clusters 

within an intranet. 

This affinity provides the best support for clients that use sessions on an intranet. These 

clients cannot use No affinity because their sessions could be disrupted. 

Incorrect: 

Not A. Affinity none: Multiple requests from the same client can access any member; useful 

for clusters that do not store session state information on individual members. 

Reference: Using NLB 

http://technet.microsoft.com/en-us/library/bb687542.aspx 

Q3. Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other. 

Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1. 

You need to verify whether the replica of VM5 on Server1 is functional. The solution must ensure that VM5 remains accessible to clients. 

What should you do from Hyper-V Manager? 

A. On Server1, execute a Planned Failover. 

B. On Server1, execute a Test Failover. 

C. On Server2, execute a Planned Failover. 

D. On Server2, execute a Test Failover. 

Answer:

Explanation: 

Test Failover (TFO) is an operation initiated on your replica virtual machine (in this scenario on Server1) which allows you to test the sanity of the virtualized workload without interrupting your production workload or ongoing replication. 

TFO is performed on the replica virtual machine by right-clicking on the VM and choosing the Test Failover operation (either from the Hyper-V Manager or from the Failover Clustering Manager). 

Reference: Types of failover operations in Hyper-V Replica – Part I – Test Failover. 

Q4. You have a server named DNS1 that runs Windows Server 2012 R2. 

You discover that the DNS resolution is slow when users try to access the company intranet home page by using the URL http://companyhome. 

You need to provide single-label name resolution for CompanyHome that is not dependent on the suffix search order. 

Which three cmdlets should you run? (Each correct answer presents part of the solution. Choose three.) 

A. Add-DnsServerPrimaryZone 

B. Add-DnsServerResourceRecordCName 

C. Set-DnsServerDsSetting 

D. Set-DnsServerGlobalNameZone 

E. Set-DnsServerEDns 

F. Add-DnsServerDirectory Partition 

Answer: A,B,D 

Explanation: 

You can use this task to create a GlobalNames zone to maintain a set of single-label, Domain Name System (DNS) names that Windows Server 2008 DNS servers can resolve on behalf of DNS clients throughout a single forest in Active Directory Domain Services 

(AD DS). 

Deploying a GlobalNames zone in a single forest requires that you perform the following 

steps: 

. (A) Create a zone named GlobalNames that replicates to all domain controllers in the forest. 

. (B) Add an alias (CNAME) record to the zone for each host for which you want to provide single-label name resolution. For example, if you want DNS clients to be able to access a server whose fully qualified domain name (FQDN) is cweb.itgroup.contoso.com, add an alias (CNAME) resource record that maps the name cweb to cweb.igroup.contoso.com. 

Note: 

A. The Add-DnsServerPrimaryZone cmdlet adds a specified primary zone on a Domain Name System (DNS) server. 

B. The Add-DnsServerResourceRecordCName cmdlet adds a canonical name (CNAME) resource record to a specified Domain Name System (DNS) zone. A CNAME record allows you to use more than one resource record to refer to a single host 

D. The Set-DnsServerGlobalNameZone cmdlet enables or disables single-label Domain Name System (DNS) queries. It also changes configuration settings for a GlobalNames zone. The GlobalNames zone supports short, easy-to-use names instead of fully qualified domain names (FQDNs) without using Windows Internet Name Service (WINS) technology. For instance, DNS can query SarahJonesDesktop instead of SarahJonesDesktop.contoso.com. 

Reference: Adding a GlobalNames zone to a forest 

https://technet.microsoft.com/en-us/library/cc816717(v=ws.10).aspx 

Q5. You have a server named Server1 that runs Windows Server 2012 R2. 

You install the File and Storage Services server role on Server1. 

From Windows Explorer, you view the properties of a folder named Folder1 and you discover that the Classification tab is missing. 

You need to ensure that you can assign classifications to Folder1 from Windows Explorer manually. 

What should you do? 

A. From Folder Options, clear Hide protected operating system files (Recommended). 

B. Install the File Server Resource Manager role service. 

C. From Folder Options, select the Always show menus. 

D. Install the Share and Storage Management Tools. 

Answer:

Explanation: 

On the Classification tab of the file properties in Windows Server 2012, File Classification Infra-structure adds the ability to manually classify files. You can also classify folders so that any file added to the classified folder will inherit the classifications of the parent folder. 

Reference: What's New in File Server Resource Manager in Windows Server. 

Q6. Your network contains an Active Directory domain named adatum.com. The domain contains a server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate Services server role installed and is configured to support key archival and recovery. 

You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the private keys from the AD CS database. 

What should you do? 

A. Assign User1 the Issue and Manage Certificates permission to CA1. 

B. Assign User1 the Read permission and the Write permission to all certificate templates. 

C. Provide User1 with access to a Key Recovery Agent certificate and a private key. 

D. Assign User1 the Manage CA permission to CA1. 

Answer:

Explanation: 

Understanding the Key Recovery Agent Role KRAs are Information Technology (IT) administrators who can decrypt users’ archived private keys. An organization can assign KRAs by issuing KRA certificates to designated administrators and configure them on the CA. The KRA role is not one of the default roles defined by the Common Criteria specifications but a virtual role that can provide separation between Certificate Managers and the KRAs. This allows the separation between the Certificate Manager, who can retrieve the encrypted key from the CA database but not decrypt it, and the KRA, who can decrypt private keys but not retrieve them from the CA database. 

Reference: Understanding User Key Recovery 

Q7. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named File1 that runs a Server Core Installation of Windows Server 2012 R2. 

File1 has a volume named D that contains home folders. File1 creates a shadow copy of volume D twice a day. 

You discover that volume D is almost full. 

You add a new volume named H to File1. 

You need to ensure that the shadow copies of volume D are stored on volume H. 

Which command should you run? 

A. The Set-Volume cmdlet with the -driveletter parameter 

B. The vssadmin.exe create shadow command 

C. The Set-Volume cmdlet with the -path parameter 

D. The vssadmin.exe add shadowstorage command 

Answer:

Explanation: 

Add ShadowStorage 

Adds a shadow copy storage association for a specified volume. 

Incorrect: 

Not A. Sets or changes the file system label of an existing volume. -DriveLetter Specifies a 

letter used to identify a drive or volume in the system. 

Not B. Create Shadow 

Creates a new shadow copy of a specified volume. 

Not C. Sets or changes the file system label of an existing volume -Path Contains valid 

path information. 

Reference: Vssadmin; Set-Volume 

http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx 

http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx 

Q8. Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2. 

Server1 and Seiver2 are nodes in a Network Load Balancing (NLB) cluster. The NIB cluster contains an application named App1 that is accessed by using the URL http://app1.contoso.com. 

You plan to perform maintenance on Server1. 

You need to ensure that all new connections to App1 are directed to Server2. The solution must not disconnect the existing connections to Server1. 

What should you run? 

A. The Stop-NlbCluster cmdlet 

B. The nlb.exe stop command 

C. The Suspend-NlbCluster cmdlet 

D. The nlb.exe suspend command 

Answer:

Explanation: 

The Stop-NlbClusterNode cmdlet stops a node in an NLB cluster. When you use the stop the nodes in the cluster, client connections that are already in progress are interrupted. To avoid interrupting active connections, consider using the -drain parameter, which allows the node to continue servicing active connections but disables all new traffic to that node. 

Q9. Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2 and two domain controllers named DC1 and DC2. Both domain controllers are located in Site1. 

You install an additional domain controller named DC3 in Site1 and you ship DC3 to Site2. 

A technician connects DC3 to Site2. 

You discover that users in Site2 are authenticated by all three domain controllers. 

You need to ensure that the users in Site2 are authenticated by DC1 or DC2 only if DC3 is unavailable. 

What should you do? 

A. From Network Connections, modify the IP address of DC3. 

B. In Active Directory Sites and Services, modify the Query Policy of DC3. 

C. From Active Directory Sites and Services, move DC3. 

D. In Active Directory Users and Computers, configure the insDS-PrimaryComputer attribute for the users in Site2. 

Answer:

Explanation: 

DC3 needs to be moved to Site2 in AD DS 

Incorrect: 

Not A. Modifying IP will not affect authentication 

Not B. A query policy prevents specific Lightweight Directory Access Protocol (LDAP) 

operations from adversely impacting the performance of the domain controller and also 

makes the domain controller more resilient to denial-of-service attacks. 

Reference: Move a domain controller between sites 

http://technet.microsoft.com/en-us/library/cc759326(v=ws.10).aspx 

Q10. Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2. 

Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the URL http://app1.contoso.com. 

You plan to perform maintenance on Server1. 

You need to ensure that all new connections to App1 are directed to Server2. The solution must not disconnect the existing connections to Server1. 

What should you run? 

A. The Set-NlbCluster cmdlet 

B. The Set-NlbClusterNode cmdlet 

C. The Stop-NlbCluster cmdlet 

D. The Stop-NlbClusterNode cmdlet 

Answer:

Explanation: 

The Stop-NlbClusterNode cmdlet stops a node in an NLB cluster. When you use the stop 

the nodes in the cluster, client connections that are already in progress are interrupted. To 

avoid interrupting active connections, consider using the -drain parameter, which allows the 

node to continue servicing active connections but disables all new traffic to that node. 

-Drain <SwitchParameter> 

Drains existing traffic before stopping the cluster node. If this parameter is omitted, existing 

traffic will be dropped. 

Reference: Stop-NlbClusterNode