Q1. Your network contains an Active Directory domain named contoso.com. All servers run either Windows Server 2008 R2 or Windows Server 2012 R2. All client computers run either Windows 7 or Windows 8. The domain contains a member server named Server1 that runs Windows Server 2012 R2. Server1 has the File and Storage Services server role installed. On Server1, you create a share named Share1. You need to ensure that users can use Previous Versions to restore the files in Share1. What should you configure on Server1?
A. A data recovery agent
B. The Shadow Copies settings
C. The Recycle Bin properties
D. A Windows Server Backup schedule
Answer: B
Q2. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC4 that runs Windows Server 2012 R2.
You create a DCCIoneConfig.xml file. You need to clone DC4.
Where should you place DCCIoneConfig.xml on DC4?
A. %Systemroot%\SYSVOL
B. %Systemdrive%
C. %Systemroot%\NTDS
D. %Programdata%\Microsoft
Answer: C
Explanation:
http://technet.microsoft.com/de-de/library/hh831734.aspx
Q3. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. You create a user account named User1 in the domain.
You need to ensure that User1 can use Windows Server Backup to back up Server1.
The solution must minimize the number of administrative rights assigned to User1.
What should you do?
A. Assign User1 the Back up files and directories user right.
B. Add User1 to the Backup Operators group.
C. Add User1 to the Power Users group.
D. Assign User1 the Back up files and directories user right and the Restore files and directories user right.
Answer: A
Explanation:
Backup Operators have these permissions by default:
However the question explicitly says we need to minimize administrative rights. Since the
requirement is for backing up the data onlyno requirement to restore or shutdownthen assigning the "Back up files and directories user right" would be the correct.
Q4. OTSPOT
Your network contains a RADIUS server named Admin1.
You install a new server named Server2 that runs Windows Server 2012 R2 and has
Network Policy Server (NPS) installed.
You need to ensure that all accounting requests for Server2 are forwarded to Admin1.
On Server2, you create a new remote RADIUS server group named Group1 that contains
Admin1.
What should you configure next on Server2?
To answer, select the appropriate node in the answer area.
Answer:
352. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed. The domain contains a virtual machine named VM1.
A developer wants to attach a debugger to VM1.
You need to ensure that the developer can connect to VM1 by using a named pipe.
Which virtual machine setting should you configure?
A. BIOS
B. Network Adapter
C. COM 1
D. Processor
Q5. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012.
The domain contains an Edge Server named Server1. Server1 is configured as a DirectAccess server. Server1 has the following settings:
Internal DNS name: Server1.contoso.com External DNS name: dal.contoso.com Internal IPv6 address: 2002:cla8:6a:3333::l External IPv4 address: 65.55.37.62
Your company uses split-brain DNS for the contoso.com zone.
You run the Remote Access Setup wizard as shown in the following exhibit. (Click the Exhibit button.)
...
You need to ensure that client computers on the Internet can establish DirectAccess connections to Server1.
Which additional name suffix entry should you add from the Remote Access Setup wizard?
A. A Name Suffix value of Server1.contoso.com and a blank DNS Server Address value
B. A Name Suffix value of dal.contoso.com and a blank DNS Server Address value
C. A Name Suffix value of Server1.contoso.com and a DNS Server Address value of
65.55.37.62
D. A Name Suffix value of dal.contoso.com and a DNS Server Address value of
65.55.37.62
Answer: A
Explanation:
*
In a non-split-brain DNS environment, the Internet namespace is different from the intranet namespace. For example, the Contoso Corporation uses contoso.com on the Internet and corp.contoso.com on the intranet. Because all intranet resources use the corp.contoso.com DNS suffix, the NRPT rule for corp.contoso.com routes all DNS name queries for intranet resources to intranet DNS servers. DNS name queries for names with the contoso.com suffix do not match the corp.contoso.com intranet namespace rule in the NRPT and are sent to Internet DNS servers.
*
Split-brain DNS is a configuration method that enables proper resolution of names (e.g., example.com) from both inside and outside of your local network.
Note: For split-brain DNS deployments, you must list the FQDNs that are duplicated on the Internet and intranet and decide which resources the DirectAccess client should reach, the intranet version or the public (Internet) version. For each name that corresponds to a resource for which you want DirectAccess clients to reach the public version, you must add the corresponding FQDN as an exemption rule to the NRPT for your DirectAccess clients. Name suffixes that do not have corresponding DNS servers are treated as exemptions.
Reference: Design Your DNS Infrastructure for DirectAccess
Q6. Your network contains an Active Directory domain named contoso.com.
You install Windows Server 2012 R2 on a new server named Server1 and you join Server1 to the domain. You need to ensure that you can view processor usage and memory usage information in
Server Manager. What should you do?
A. From Server Manager, click Configure Performance Alerts.
B. From Performance Monitor, create a Data Collector Set (DCS).
C. From Performance Monitor, start the System Performance Data Collector Set (DCS).
D. From Server Manager, click Start Performance Counters.
Answer: D
Explanation: You should navigate to the Server Manager snap-in and there click on All Servers, and then Performance Counters. The Performance Counters, when started can be set to collect and display data regarding processor usage, memory usage, amongst many other resources like disk-related and security related data, that can be monitored. References: http://technet.microsoft.com/en-us/library/bb734903.aspx
Q7. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has five
network adapters.
Three of the network adapters are connected to a network named LAN1.
The two other network adapters are connected to a network named LAN2.
You need to create a network adapter team from the three network adapters connected to
LAN1.
Which tool should you use?
A. Routing and Remote Access
B. Network Load Balancing Manager
C. Network and Sharing Center
D. Server Manager
Answer: D
Q8. RAG DROP
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2.
You configure a new failover cluster named Cluster1. Server1 and Server2 are nodes in Cluster1. You need to configure the disk that will be used as a witness disk for Cluster1.
How should you configure the witness disk?
To answer, drag the appropriate configurations to the correct location or locations. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q9. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)
A. Run Enable AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Edit the primary authentication global authentication policy settings.
D. Run Set-AdfsProxyPropertiesHttpPort 80.
E. Run Enable-AdfsDeviceRegistration.
Answer: C,E
Explanation:
* To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Enable seamless second factor authentication Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it becomes a ‘known’ device and administrators can use this information to drive conditional access and gate access to resources. To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.
Q10. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. On DC1, you add a new volume and you stop the Active Directory Domain Services (AD DS) service.
You run ntdsutil.exe and you set NTDS as the active instance.
You need to move the Active Directory database to the new volume.
Which Ntdsutil context should you use?
A. Files
B. IFM
C. Configurable Settings
D. Partition management
Answer: A
Explanation:
http://support.microsoft.com/kb/816120