web analytics

[2016-New] GreatExam Offer Free 70-412 Dumps Files for Free Downloading By 70-412 Exam Expert (221-240)

Since I recently passed the the Microsoft 70-412 exam, it’s time for me to share the GreatExam exam dumps I used when preparing for this exam.

QUESTION 221
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.
All servers run Windows Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed.
The servers are configured as nodes in a failover cluster named Cluster1.
Cluster1 contains a file server role named FS1 and a generic service role named SVC1.
Server1 is the preferred node for FS1.
Server2 is the preferred node for SVC1.
You plan to run a disk maintenance tool on the physical disk used by FS1.
You need to ensure that running the disk maintenance tool does not cause a failover to occur.
What should you do before you run the tool?

A.    Run cluster.exe and specify the pause parameter.
B.    Run cluster.exe and specify the offline parameter.
C.    Run Suspend-ClusterResource
D.    Run Suspend-ClusterNode.

 

Answer: C
Explanation:
http://windowsitpro.com/powershell/windows-powershell-failover-clustering
The Suspend-ClusterResource cmdlet turns on the maintenance mode for a disk resource or Cluster Shared Volume so that you can run a disk maintenance tool without triggering a failover.

QUESTION 222
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 is an enterprise root certification authority (CA) for contoso.com.
You need to ensure that the members of a group named Group1 can request code signing
certificates. The certificates must be issued automatically to the members.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    From Certificate Templates, modify the certificate template.
B.    From Certification Authority, add a certificate template to be issued.
C.    From Certificate Authority, modify the CA properties.
D.    From Certificate Templates, duplicate a certificate template.
E.    From Certificate Authority, stop and start the Active Directory Certificate Services (AD CS) service.

Answer: AD
Explanation:
The correct answers should be A and D: First duplicate it, then modify it
http://blogs.technet.com/b/deploymentguys/archive/2013/06/14/signing-windows-8-applications-using-an-internal-pki.aspx
The section on “Creating a Custom Certificate Template” shows steps to create and states…
…”New certificate templates are created by copying an existing template and using the existing template’s properties as the default for the new template. Copy the existing certificate template closest to the configuration of the intended new template to minimize the work necessary.”
This is step 2 in the creation process. Step 4 is to make desired changes.
Building an Enterprise Root Certification Authority in Small and Medium Businesses
http://technet.microsoft.com/en-us/library/cc700804.aspx

QUESTION 223
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 is an enterprise root certification authority (CA) for contoso.com.
Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA.
Your account is a member of the local Administrators group on Server1.
You enable CA role separation on Server1.
You need to ensure that you can manage the certificates on the CA.
What should you do?

A.    Remove your user account from the local Administrators group.
B.    Assign the CA administrator role to your user account.
C.    Assign your user account the Bypass traverse checking user right.
D.    Remove your user account from the Manage auditing and security log user right.

Answer: A
Explanation:
To correct this configuration, the local Administrator of the server must disable role separation, remove the CA Administrator from the second role, and then restart the Certificate Services service. Following these steps, role separation can be enabled again.
https://technet.microsoft.com/en-us/library/cc773161(v=ws.10)

QUESTION 224
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. An administrator installs the IP Address Management (IPAM) Server feature on a server named Server2. The administrator configures IPAM by using Group Policy based provisioning and starts server discovery.
You plan to create Group Policies for IPAM provisioning.
You need to identify which Group Policy object (GPO) name prefix must be used for IPAM Group Policies.
What should you do on Server2?

A.    From Server Manager, review the IPAM overview.
B.    Run the ipamgc.exe tool.
C.    From Task Scheduler, review the IPAM tasks.
D.    Run the Get-IpamConfiguration cmdlet.

Answer: D
Explanation:
Tricky question. If you review the IPAM Overview, there is nothing that points to that info. But, if you go to the Config. Summary/Access Provisioning Method, you will see the prefix.
Better Get-IpamConfiguration cmdlet which shows it on the third column.
The answer is D.

QUESTION 225
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
The system properties of Server1 are shown in the exhibit. (Click the Exhibit button.)
2251
You need to configure Server1 as an enterprise subordinate certification authority (CA).
What should you do first?

A.    Add RAM to the server.
B.    Set the Startup Type of the Certificate Propagation service to Automatic.
C.    Install the Certification Authority Web Enrollment role service.
D.    Join Server1 to the contoso.com domain.

Answer: D
Explanation:
Enterprise CAs must be domain members. From the exhibit we see that it is only a Workgroup member.
Note:
A new CA can be the root CA of a new PKI or subordinate to another in an existing PKI.
Enterprise subordinate certification authority.
An enterprise subordinate CA must get a CA certificate from an enterprise root CA but can then issue certificates to all users and computers in the enterprise. These types of CAs are often used for load balancing of an enterprise root CA.

QUESTION 226
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
The domain contains four member servers named Server1, Server2, Server3, and Server4.
Server1 and 5erver2 run Windows Server 2008 R2. Server1 and Server2 have the Hyper-V server role and the Failover Clustering feature installed.
Failover Clustering is configured to provide highly available virtual machines by using a cluster named Cluster1. Cluster1 hosts 10 virtual machines.
Server3 and Server4 run Windows Server 2012 R2.
You install the Hyper-V server role and the Failover Clustering feature on Server3 and Server4.
You create a cluster named Cluster2.
You need to migrate cluster resources from Cluster1 to Cluster2.
The solution must minimize downtime on the virtual machines.
Which five actions should you perform? To answer, move the appropriate five actions from the list of actions to the answer area and arrange them in the correct order.
2261
Answer:
2262
Explanation:
http://blogs.technet.com/b/hugofe/archive/2012/12/06/best-practices-for-migration-of-cluster-windows-2008-r2-2012-as-melhores-praticas-para-migrar-um-cluster-de-windows-2008-para-windows-2012.aspx

QUESTION 227
Your network contains an Active Directory domain named contoso.com.
The domain contains two member servers named Server1 and Server2.
All servers run Windows Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed.
The servers are configured as nodes in a failover cluster named Cluster1.
Cluster1 has access to four physical disks.
The disks are configured as shown in the following table.
2271
You need to identify which disk can be added to a Clustered Storage Space in Cluster1.
Which disk should you identify?

A.    Disk1
B.    Disk2
C.    Disk3
D.    Disk4

Answer: B

QUESTION 228
You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has the File Server Resource Manager role service installed.
You attempt to delete a classification property and you receive the error message as shown in the exhibit. (Click the Exhibit button.)
2281
You need to delete the is Confidential classification property.
What should you do?

A.    Delete the classification rule that is assigned the is Confidential classification property.
B.    Disable the classification rule that is assigned the is Confidential classification property.
C.    Set files that have an is Confidential classification property value of Yes to No.
D.    Clear the is Confidential classification property value of all files.

Answer: A
Explanation:
What is the File Classification Infrastructure?
The Windows Server 2008 R2 File Classification Infrastructure (FCI) automates classification processes so that you can manage your data more effectively.
You can save money and reduce risk by storing and retaining files based on their business value or impact. The built-in solution for file classification provides expiration, custom tasks, and reporting. The extensible infrastructure enables you to meet additional customer classification needs by building rich end-to-end classification solutions that are built on the classification foundation of Windows Server in a consistent and supported way and within the existing Windows file serving platforms.

QUESTION 229
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The domain contains a DNS server named Server1.
Server1 is configured to resolve single-label names for DNS clients.
You need to view the number of queries for single-label names that are resolved by Server1.
What command should you run? To answer, select the appropriate options in the answer area.
2291
Answer:
2292

QUESTION 230
You have five servers that run Windows Server 2012 R2.
The servers have the Failover Clustering feature installed.
You deploy a new cluster named Cluster1.
Cluster1 is configured as shown in the following table.
2301
Server1, Server2, and Server3 are configured as the preferred owners of the cluster roles.
Dynamic quorum management is disabled.
You plan to perform hardware maintenance on Server3.
You need to ensure that if the WAN link between Site1 and Site2 fails while you are performing maintenance on Servers, the cluster resource will remain available in Site1.
What should you do?

A.    Add a file share witness in Site1.
B.    Enable DrainOnShutdown on Cluster1.
C.    Remove the node vote for Server4 and Server5.
D.    Remove the node vote for Server3.

Answer: C
Explanation:
C is the answer.
Though “A” would seem to work, it does not provide with a reasonable solution to this question.
In this case, it is outside the scope of the problem.
To minimize administrative effort, “C” is the best answer to this question.

QUESTION 231
You have a server named Server1 that runs Windows Server 2012 R2.
You download and install the Windows Azure Online Backup Service Agent on Server1.
You need to ensure that you can configure an online backup from Windows Server Backup.
What should you do first?

A.    From Windows Server Backup, run the Register Server Wizard.
B.    From Computer Management, add the Server1 computer account to the Backup Operators group.
C.    From a command prompt, run wbadmin.exe enable backup.
D.    From the Services console, modify the Log On settings of the Windows Azure Online Backup Service Agent.

Answer: A
Explanation:
A. Enables you to back up and restore your operating system, volumes, files, folders, and
applications from a command prompt.
B. To register a server for use with Windows Azure Backup you must run the register server wizard
http://technet.microsoft.com/en-us/library/hh831677.aspx

QUESTION 232
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. Server1 has an IPv6 scope named Scope1.
You implement an additional DHCP server named Server2 that runs Windows Server 2012 R2.
You need to provide high availability for Scope1.
The solution must minimize administrative effort.
What should you do?

A.    Install and configure Network Load Balancing (NLB) on Server1 and Server2.
B.    Create a scope on Server2.
C.    Configure DHCP failover on Server1.
D.    Install and configure Failover Clustering on Server1 and Server2.

Answer: C
Explanation:
http://blogs.technet.com/b/canitpro/archive/2013/07/10/step-by-step-dhcp-high-availability-with-windowsserver-2012-r2.aspx
http://technet.microsoft.com/en-us/library/hh831385.aspx
Configure DHCP failover on the server that created the scope.
In this case Server1 created Scope1 therefore DHCP Failover should be configured on Server1

QUESTION 233
Your network contains an Active Directory domain named contoso.com.
The domain contains a main office and a branch office.
An Active Directory site exists for each office.
All domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
2331
DC1 hosts an Active Directory-integrated zone for contoso.com.
You add the DNS Server server role to DC2.
You discover that the contoso.com DNS zone fails to replicate to DC2.
You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2.
You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Active Directory Domains and Trusts
B.    Active Directory Users and Computers
C.    Repadmin
D.    Ntdsutil

Answer: C
Explanation:
Repadmin.exe is a command line tool that is designed to assist administrators in diagnosing, monitoring, and troubleshooting Active Directory replication problems.
Reference: Repadmin Introduction and Technology Overview
Note: If you see question about AD Replication, First preference is AD sites and services, then
Repadmin and then DNSLINT.

QUESTION 234
Your network contains an Active Directory domain named contoso.com.
The domain contains a main office and a branch office.
An Active Directory site exists for each office.
All domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
2341
DC1 hosts an Active Directory-integrated zone for contoso.com.
You add the DNS Server server role to DC2.
You discover that the contoso.com DNS zone fails to replicate to DC2.
You verify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2. You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication. Which tool should you use?

A.    Active Directory Users and Computers
B.    Ntdsutil
C.    DNS Manager
D.    Active Directory Domains and Trusts

Answer: C
Explanation:
The primary tool that you use to manage DNS servers is DNS Manager, the DNS snap-in in Microsoft Management Console (MMC), which appears as DNS in Administrative Tools on the Start menu.
You can use DNS Manager along with other snapins in MMC, further integrating DNS administration into your total network management. It is also available in Server Manager on computers with the DNS Server role installed.
You can use DNS Manager to perform the following basic administrative server tasks:
* Performing initial configuration of a new DNS server.
* Connecting to and managing a local DNS server on the same computer or remote DNS servers on other computers.
* Adding and removing forward and reverse lookup zones, as necessary.
* Adding, removing, and updating resource records in zones.
* Modifying how zones are stored and replicated between servers.
* Modifying how servers process queries and handle dynamic updates.
Modifying security for specific zones or resource records.
In addition, you can also use DNS Manager to perform the following tasks:
* Perform maintenance on the server.
You can start, stop, pause, or resume the server or manually update server data files.
* Monitor the contents of the server cache and, as necessary, clear it.
* Tune advanced server options.
Configure and perform aging and scavenging of stale resource records that are stored by the server.
Reference: DNS Tools

QUESTION 235
Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
2351
The Branch site contains a perimeter network.
For security reasons, client computers in the perimeter network can communicate with client computers in the Branch site only.
You plan to deploy a new RODC to the perimeter network in the Branch site.
You need to ensure that the new RODC will be able to replicate from DC10.
What should you do first on DC10?

A.    Run dcpromo and specify the /createdcaccount parameter.
B.    Run the Active Directory Domain Services Configuration Wizard.
C.    Run the Add-ADDSReadOnlyDomainControllerAccount cmdlet.
D.    Enable the Bridge all site links setting.

Answer: C
Explanation:
Creates a read-only domain controller (RODC) account that can be used to install an RODC in Active Directory.
Note:
* Notes
Once you have added the RODC account, you can add an RODC to a server computer by using the Install-ADDSDomainController cmdlet with the -ReadOnlyReplica switch parameter.
* Example
Adds a new read-only domain controller (RODC) account to the corp.contoso.com domain using the North America site as the source site for the replication source domain controller.
C:\PS>Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 -DomainName corp.contoso.com -SiteName NorthAmerica
Reference: Add-ADDSReadOnlyDomainControllerAccount

QUESTION 236
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs a Server Core installation of Windows Server 2012 R2.
You need to deploy a certification authority (CA) to Server1.
The CA must support the auto-enrollment of certificates.
Which two cmdlets should you run? (Each correct answer presents part of the solution.
Choose two.)

A.    Add-CAAuthoritylnformationAccess
B.    Install-AdcsCertificationAuthority
C.    Add-WindowsFeature
D.    Install-AdcsOnlineResponder
E.    Install-AdcsWebEnrollment

Answer: BC
Explanation:
It seems B and C.
You must install the CA role before you run Install-AdcsCertificationAuthority.
http://technet.microsoft.com/en-us/library/hh848389.aspx
“Detailed Description
The Install-AdcsCertificationAuthority cmdlet performs installation and configuration of the AD CS CA role service.
To remove the certification authority role service use the Uninstall-AdcsCertificationAuthority cmdlet.
You can import the cmdlet by running the following commands from Windows PowerShell:
Import-Module ServerManager
Add-WindowsFeature Adcs-Cert-Authority”

QUESTION 237
You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has the DNS Server server role installed.
You need to store the contents of all the DNS queries received by Server1.
What should you configure?

A.    Logging from Windows Firewall with Advanced Security
B.    Debug logging from DNS Manager
C.    A Data Collector Set (DCS) from Performance Monitor
D.    Monitoring from DNS Manager

Answer: B
Explanation:
Debug logging allows you to log the packets sent and received by a DNS server. Debug logging is disabled by default, and because it is resource intensive, you should only activate it temporarily when you need more specific detailed information about server performance.

QUESTION 238
You have a server named LON-DC1 that runs Windows Server 2012 R2. An iSCSI virtual disk named VirtuahSCSIl.vhd exists on LON-DC1 as shown in the exhibit. (Click the Exhibit button.)
2381
You create a new iSCSI virtual disk named VirtualiSCSI2.vhd by using the existing itgt iSCSI target. VirtuahSCSI1.vhd is removed from LON-DC1.
You need to assign VirtualiSCSI2.vhd a logical unit value of 0.
What should you do?

A.    Run the Set-IscsiVirtualDisk cmdlet and specify the -DevicePath parameter.
B.    Run the iscsicli command and specify the reportluns parameter.
C.    Modify the properties of the itgt ISCSI target.
D.    Run the Add-IscsiVirtualDiskTargetMapping cmdlet and specify the ¬-Lun parameter.

Answer: D
Explanation:
The Add-IscsiVirtualDiskTargetMapping cmdlet assigns a virtual disk to an iSCSI target. Once a virtual disk has been assigned to a target, and after the iSCSi initiator connects to that target, the iSCSI initiator can access the virtual disk. All of the virtual disks assigned to the same iSCSI target will be accessible by the connected iSCSI initiator.
Parameter include: -Lun<Int32>
Specifies the logical unit number (LUN) associated with the virtual disk.
By default, the lowest available LUN number will be assigned.
Reference: Add-IscsiVirtualDiskTargetMapping
https://technet.microsoft.com/en-us/library/jj612800(v=wps.630).aspx

QUESTION 239
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2.
Server1 contains a virtual machine named VM1 that runs Windows Server 2012 R2.
You fail to start VM1 and you suspect that the boot files on VM1 are corrupt.
On Server1, you attach the virtual hard disk (VHD) of VM1 and you assign the VHD a drive letter of F.
You need to repair the corrupt boot files on VM1. What should you run?

A.    bootrec.exe /rebuildbcd
B.    bootrec.exe /scanos
C.    bcdboot.exe f:\windows /s c:
D.    bcdboot.exe c:\windows /s f:

Answer: D
Explanation:
Bcdboot
Enables you to quickly set up a system partition, or to repair the boot environment located on the system partition. The system partition is set up by copying a simple set of Boot Configuration Data (BCD) files to an existing empty partition.

QUESTION 240
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed. Server1 has a zone named contoso.com.
The zone is configured as shown in the exhibit. (Click the Exhibit button.)
2401
You need to assign a user named User1 permission to add and delete records from the
contoso.com zone only.
What should you do first?

A.    Enable the Advanced view from DNS Manager.
B.    Add User1 to the DnsUpdateProxy group.
C.    Run the New Delegation Wizard.
D.    Configure the zone to be Active Directory-integrated.

Answer: C
Explanation:
Security tab is missing, once integrated with AD the security tab will appear.

I hope GreatExam exam questions from the Microsoft 70-412 exam helps you pass the exam and earn your Microsoft certification! Happy Studying!

http://www.greatexam.com/70-412-exam-questions.html