aiotestking uk

70-417 Exam Questions - Online Test


70-417 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. A server named Server01 is running Server Core at your companies IT house. It is already configured with the AD DS role but you also want to add AD CS to the server. What must you do to add Active Directory Certificate Services (AD CS) to this server? 

A. Reinstall the server with the full version of Windows Server 2008 

B. Install the AD CS role 

C. Install the RODC role 

D. Install the AD FS role 

Answer: B Explanation: 

Server 2012 allows AD CS in core mode. http://technet.microsoft.com/en-us/library/hh831373.aspx What's New in AD CS? New and changed functionality Several new capabilities are available in the Windows Server 2012 R2 version of AD CS. They include: Integration with Server Manager Deployment and management capabilities from Windows PowerShell?All AD CS role services run on any Windows Server 2012 R2 version All AD CS role services can be run on Server Core Support for automatic renewal of certificates for non-domain joined computers Enforcement of certificate renewal with same key Support for international domain names Increased security enabled by default on the CA role service AD DS Site Awareness for AD CS and PKI Clients 

Q2. Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table. 

Active Directory Recycle Bin is enabled. You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago. You need to restore the membership of Group1. 

What should you do? 

A. Export and import data by using Dsamain. 

B. Apply a virtual machine snapshot to VM1. 

C. Recover the items by using Active Directory Recycle Bin. 

D. Modify the isRecycled attribute of Group1. 

Answer:

Explanation: 

As far as the benefits of the Windows 2012 Recycle Bin, they are the same as the Windows 2008 R2 recycle bin with the exception of the new user interface which makes it more user-friendly. These additional benefits include: All deleted AD object information including attributes, passwords and group membership can be selected in mass then undeleted from the user interface instantly or via Powershell User-friendly and intuitive interface to filter on AD objects and a time period • Can undelete containers with all child objects https://www.simple-talk.com/sysadmin/exchange/the-active-directory-recycle-bin-in-windows-server-2008-r2/ http://communities.quest.com/community/quest-itexpert/blog/2012/09/24/the-windows-server-2012-recycle-bin-and-recovery-manager-for-active- directory 

Q3. OTSPOT 

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed. 

You need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1 by using TCP port 443. 

What should you modify? To answer, select the appropriate object in the answer area. 

Answer:  

418. You have a server named Server1 that runs Windows Server 2012 R2. You modify the 

properties of a system driver and you restart Server1. 

You discover that Server1 continuously restarts without starting Windows Server 2012 R2. 

You need to start Windows Server 2012 R2 on Server1 in the least amount of time. 

The solution must minimize the amount of data loss. 

Which Advanced Boot Option should you select? 

A. Repair Your Computer 

B. Disable Driver Signature Enforcement 

C. Last Know Good Configuration (advanced) 

D. Disable automatic restart on system failure 

Q4. You have a server named Server1 that runs Windows Server 2012 R2. You download and install the Microsoft Online Backup Service Agent on Server1. 

You need to ensure that you can configure an online backup from Windows Server Backup. 

What should you do first? 

A. From a command prompt, run wbadmin.exe enable backup. 

B. From Windows Server Backup, run the Register Server Wizard. 

C. From the Services console, modify the Log On settings of the Microsoft Online Backup Service Agent. 

D. From Computer Management, add the Server1 computer account to the Backup Operators group. 

Answer:

Explanation: 

Download and install the Windows Azure Online Backup Agent After you create an account on the Windows Azure Online Backup website, you can download the Windows Azure Online Backup Agent and install it locally. 

An Online Backup node then appears in the navigation pane of the Windows Server Backup console, as shown in Figure 12-If you prefer, you can also configure online backups from the Windows Azure Online Backup console, which becomes available after you install the agent. The Windows Azure Online Backup console provides exactly the same set of options as the Online Backup node in the Windows Server Backup console. 

Register server The next step is to register your server. Registering a server enables you to perform backups from that same server only. (Remember this point for the exam.) To register the server, from the Actions menu, select Register Server. The Register Server Wizard includes two configuration steps. First, you are given an opportunity to specify a proxy server if desired. Second, you are asked to provide a passphrase that will be used to encrypt your backup data and a location to save this passphrase in a file. You need to provide this passphrase when you perform a restore operation, so it's essential that you don't lose it. (Microsoft doesn't maintain a copy of your passphrase.) A Generate Passphrase option creates the passphrase for you automatically. After you register a server, new options for Online Backup appear in the Actions pane, including Schedule Backup, Recover Data, Change Properties, and Unregister Server. 

Q5. Your network contains an Active Directory domain named contoso.com. 

All user accounts reside in an organizational unit (OU) named OU1. 

All of the users in the marketing department are members of a group named Marketing. 

All of the users in the human resources department are members of a group named HR. 

You create a Group Policy object (GPO) named GPO1. 

You link GPO1 to OU1. 

You configure the Group Policy preferences of GPO1 to add two shortcuts named Link1 

and Link2 to the desktop of each user. 

You need to ensure that Link1 only appears on the desktop of the users in Marketing and 

that Link2 only appears on the desktop of the users in HR. 

What should you configure? 

A. Security Filtering 

B. WMI Filtering 

C. Group Policy Inheritance 

D. Item-level targeting 

Answer:

85. You have a laptop named Computer 1. Computer1 runs Windows 8 Enterprise. 

Computer1 has a wired network adapter and a wireless network adapter. Computer1 connects to a wireless network named Network1. 

For testing purposes, you install Windows Server 2012 R2 on Computer1 as a second operating system. You install the drivers for the wireless network adapter. 

You need to ensure that you can connect to Network1 from Windows Server 2012 R2. 

What should you do? 

A. From a local Group Policy object (GPO), configure the Wireless Network (IEEE 802.11) Policies settings. 

B. From Server Manager, install the Wireless LAN Service feature. 

C. Restart the WLAN AutoConfig service. 

D. From a local Group Policy object (GPO), configure the settings of Windows Connection Manager. 

Q6. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC5. DC5 has a Server Core Installation of Windows Server 2012 R2. 

You need to uninstall Active Directory from DCS manually. 

Which tool should you use? 

A. The Remove-ADComputercmdlet 

B. The ntdsutil.exe command 

C. The dsamain.exe command 

D. The Remove-WindowsFeaturecmdlet 

Answer:

Explanation: 

Explanation 

*

 Ntdsutil.exe is a command-line tool that provides management facilities for Active 

Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services 

(AD LDS). 

You can use the ntdsutil commands to perform database maintenance of AD DS, manage 

and control single master operations, and remove metadata left behind by domain 

controllers that were removed from the network without being properly uninstalled. 

*

 NTdsutil commands include: 

/ local roles 

Manages local administrative roles on an RODC. 

/ metadata cleanup 

Cleans up objects of decommissioned servers. 

Q7. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server 1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed. 

You create an external virtual switch named Switch1. Switch1 has the following configurations: 

. Connection type: External network 

. Single-root I/O virtualization (SR-IOV): Enabled 

Ten virtual machines connect to Switch1. 

You need to ensure that all of the virtual machines that connect to Switch1 are isolated from the external network and can connect to each other only. The solution must minimize network downtime for the virtual machines. 

What should you do? 

A. Remove Switch1 and recreate Switch1 as an internal network. 

B. Change the Connection type of Switch1 to Private network. 

C. Change the Connection type of Switch1 to Internal network. 

D. Remove Switch1 and recreate Switch1 as a private network. 

Answer:

Explanation: You can change the connection type of a virtual switch from the virtual switch manager without having to remove it. A private virtual network is isolated from all external network traffic on the virtualization server, as well any network traffic between the management operating system and the external network. This type of network is useful when you need to create an isolated networking environment, such as an isolated test domain. 

References: http://technet.microsoft.com/en-us/library/cc816585%28v=WS.10%29.aspx http://blogs.technet.com/b/jhoward/archive/2008/06/17/hyper-v-what-are-the-uses-for-different-types-of-virtual-networks.aspx 

Q8. You have a server named Server1 that runs a Server Core Installation of Windows Server 2012 R2 Datacenter. 

You have a WIM file that contains the four images of Windows Server 2012 R2 as shown in the Images exhibit. (Click the Exhibit button.) 

You review the installed features on Server1 as shown in the Features exhibit. (Click the Exhibit button.) 

You need to install the Server Graphical Shell feature on Server1. 

Which two possible sources can you use to achieve this goal? (Each correct answer presents a complete solution. Choose two.) 

A. Index 1 

B. Index 2 

C. Index 3 

D. Index 4 

Answer: B,D 

Q9. RAG DROP 

Your network contains an Active Directory domain named contoso.com. All client computers run Windows 8. 

Group Policy objects (GPOs) are linked to the domain as shown in the exhibit. (Click the Exhibit button.) 

GPO2 contains computer configurations only and GPO3 contains user configurations only. 

You need to configure the GPOs to meet the following requirements: 

. Ensure that GPO2 only applies to the computer accounts in OU2 that have more than one processor. . Ensure that GPO3 only applies to the user accounts in OU3 that are members of a security group named SecureUsers. 

Which setting should you configure in each GPO? 

To answer, drag the appropriate setting to the correct GPO. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer:  

Q10. Your network contains an Active Directory domain named contoso.com. All domain 

controllers run Windows Server 2012 R2. 

Administrators use client computers that run Windows 8 to perform all management tasks. 

A central store is configured on a domain controller named DC1. 

You have a custom administrative template file named AppLadmx. App1.admx contains 

application settings for an application named App1. 

From a client computer named Computer1, you create a new Group Policy object (GPO) 

named GPO1. 

You discover that the application settings for App1 fail to appear in GPO1. 

You need to ensure that the App1 settings appear in all of the new GPOs that you create. 

What should you do? 

A. From the Default Domain Controllers Policy, add App1.admx to the Administrative Templates. 

B. Copy App1.admx to \\Contoso.com\SYSVOL\Contoso.com\Policies\PolicyDefinitions\. 

C. From the Default Domain Policy, add App1.admx to the Administrative Templates. 

D. Copy App1.admx to \\Contoso.com\SYSVOL\Contoso.com\StarterGPOs. 

Answer:

Explanation: 

To take advantage of the benefits of .admx files, you must create a Central Store in the SYSVOL folder on a domain controller. The Central Store is a file location that is checked by the Group Policy tools. The Group Policy tools use any .admx files that are in the Central Store. The files that are in the Central Store are later replicated to all domain controllers in the domain.