Download Configuring Advanced Windows Server 2012 Services.70-412.BrainDumps.2018-06-26.270q.vcex

Vendor: Microsoft
Exam Code: 70-412
Exam Name: Configuring Advanced Windows Server 2012 Services
Date: Jun 26, 2018
File Size: 17 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

ProfExam Discount

Demo Questions

Question 1
Your network contains an Active Directory forest named contoso.com. The forest contains two domains named contoso.com and childl.contoso.com. The domains contain three domain controllers. The domain controllers are configured as shown in the following table. 
  
You need to ensure that the KDC support for claims, compound authentication, and kerberos armoring setting is enforced in the child1.contoso.com domain. 
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 
  1. Upgrade DC1 to Windows Server 2012 R2.
  2. Upgrade DC11 to Windows Server 2012 R2.
  3. Raise the domain functional level of childl.contoso.com.
  4. Raise the domain functional level of contoso.com.
  5. Raise the forest functional level of contoso.com.
Correct answer: AD
Explanation:
The root domain in the forest must be at Windows Server 2012level. First upgrade DC1 to this level (A), then raise the contoso.com domain functional level to Windows Server 2012 (D). (A) To support resources that use claims-based access control, the principal’s domains will need to be running one of the following:All Windows Server 2012 domain controllers Sufficient Windows Server 2012domain controllers to handle all the Windows 8 device authentication requests Sufficient Windows Server 2012 domain controllers to handle all the Windows Server 2012 resource protocol transition requests to support non-Windows 8 devices. References: What's New in Kerberos Authenticationhttps://technet.microsoft.com/en-us/library/hh831747.aspx.
The root domain in the forest must be at Windows Server 2012level. First upgrade DC1 to this level (A), then raise the contoso.com domain functional level to 
Windows Server 2012 (D). 
(A) To support resources that use claims-based access control, the principal’s domains will need to be running one of the following:
  • All Windows Server 2012 domain controllers 
  • Sufficient Windows Server 2012domain controllers to handle all the Windows 8 device authentication requests 
  • Sufficient Windows Server 2012 domain controllers to handle all the Windows Server 2012 resource protocol transition requests to support non-Windows 8 
devices. 
References: What's New in Kerberos Authentication
https://technet.microsoft.com/en-us/library/hh831747.aspx.
Question 2
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two domain 
controllers. The domain controllers are configured as shown in the following table. 
  
You configure a user named User1 as a delegated administrator of DC10. 
You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails. 
What should you do?
  1. Add User1 to the Domain Admins group.
  2. On DC10, modify the User Rights Assignment in Local Policies.
  3. Run repadmin and specify the /prp parameter.
  4. On DC10, run ntdsutil and configure the settings in the Roles context.
Correct answer: C
Explanation:
repadmin /prp will allow the password caching of the local administrator to the RODC. This command lists and modifies the Password Replication Policy (PRP) for read-only domain controllers (RODCs). Reference: RODC Administrationhttps://technet.microsoft.com/en-us/library/cc755310%28v=ws.10%29.aspx
repadmin /prp will allow the password caching of the local administrator to the RODC. This command lists and modifies the Password Replication Policy (PRP) for read-only domain controllers (RODCs). 
Reference: RODC Administration
https://technet.microsoft.com/en-us/library/cc755310%28v=ws.10%29.aspx
Question 3
Your company has offices in Montreal, New York, and Amsterdam. 
The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITELINK site link. 
You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office. 
The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day. 
What should you do?
  1. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITE1INK. Modify the schedule of DEFAULTIPSITELINK.
  2. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of DEFAULTIPSITELINK.
  3. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITELINK. Modify the schedule of the new site link.
  4. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of the new site link.
Correct answer: C
Explanation:
We create a new site link between Montreal and Amsterdam and schedule it only between 20:00 and08:00. To ensure that traffic between Montreal and Amsterdam only occurs at this time we also remove Amsterdam from the DEFAULTIPSITELINK.Reference: How Active Directory Replication Topology Works http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx
We create a new site link between Montreal and Amsterdam and schedule it only between 20:00 and
08:00. To ensure that traffic between Montreal and Amsterdam only occurs at this time we also remove Amsterdam from the DEFAULTIPSITELINK.
Reference: How Active Directory Replication Topology Works http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx
Question 4
Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2. 
Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the 
URL http://app1.contoso.com.
You plan to perform maintenance on Server1. 
You need to ensure that all new connections to App1 are directed to Server2. The solution must not disconnect the existing connections to Server1. 
What should you run?
  1. The Set-NlbCluster cmdlet
  2. The Set-NlbClusterNode cmdlet
  3. The Stop-NlbCluster cmdlet
  4. The Stop-NlbClusterNode cmdlet
  5. The Suspend-NlbClusterNode cmdlet
  6. The nlb.exe suspend command
Correct answer: D
Explanation:
The Stop-NlbClusterNode cmdlet stops a node in an NLB cluster. When you use the stop the nodes in the cluster, client connections that are already in progress are interrupted. To avoid interrupting active connections, consider using the -drain parameter, which allows the node to continue servicing active connections but disables all new traffic to that node. -Drain <SwitchParameter> Drains existing traffic before stopping the cluster node. If this parameter is omitted, existing traffic will be dropped. References: Stop-NlbClusterNode
The Stop-NlbClusterNode cmdlet stops a node in an NLB cluster. When you use the stop the nodes in the cluster, client connections that are already in progress are interrupted. To avoid interrupting active connections, consider using the -drain parameter, which allows the node to continue servicing active connections but disables all new traffic to that node. 
-Drain <SwitchParameter> 
Drains existing traffic before stopping the cluster node. If this parameter is omitted, existing traffic will be dropped. 
References: Stop-NlbClusterNode
Question 5
Your network contains two servers named HV1 and HV2. Both servers run Windows Server 2012 R2 and have the Hyper-V server role installed. 
HV1 hosts 25 virtual machines. The virtual machine configuration files and the virtual hard disks are stored in D:\VM.
You shut down all of the virtual machines on HV1. 
You copy D:\VM to D:\VM on HV2.
You need to start all of the virtual machines on HV2. You want to achieve this goal by using the minimum amount of administrative effort. 
What should you do? 
  1. Run the Import-VMInitialReplication cmdlet.
  2. From HV1, export all virtual machines to D:\VM. Copy D:\VM to D:\VM on HV2 and overwrite the existing files. On HV2, run the Import Virtual Machine wizard.
  3. From HV1, export all virtual machines to D:\VM. Copy D:\VM to D:\VM on HV2 and overwrite the existing files. On HV2, run the New Virtual Machine wizard.
  4. Run the Import-VM cmdlet.
Correct answer: D
Explanation:
Import-VM Imports a virtual machine from a file. Example Imports the virtual machine from its configuration file. The virtual machine is registered in-place, so its files are not copied. Windows PowerShell PS C:\> Import-VM Path 'D:\Test\VirtualMachines\5AE40946-3A98-428E-8C83- 081A3C6BD18C.XML'Reference: Import-VM
Import-VM 
Imports a virtual machine from a file. 
Example 
Imports the virtual machine from its configuration file. The virtual machine is registered in-place, so its files are not copied. 
Windows PowerShell 
PS C:\> Import-VM Path 'D:\Test\VirtualMachines\5AE40946-3A98-428E-8C83- 081A3C6BD18C.XML'
Reference: Import-VM
Question 6
Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server1, Server2, Servers, and Server4. 
All servers run Windows Server 2012 R2. 
Server1 and Server2 are located in a site named Site1. Server3 and Server4 are located in a site named Site2. The servers are configured as nodes in a failover 
cluster named Cluster1. 
Cluster1 is configured to use the Node Majority quorum configuration. 
You need to ensure that Server1 is the only server in Site1 that can vote to maintain quorum. 
What should you run from Windows PowerShell? 
To answer, drag the appropriate commands to the correct location. Each command may be used once, more than once, or not at all. You may need to drag the split 
bar between panes or scroll to view content.  
Correct answer: To work with this question, an Exam Simulator is required.
Explanation:
We remove Server2 from quorum vote by setting it's NodeWeight to 0. NodeWeight settings are used during quorum voting to support disaster recovery and multi-subnet scenarios for AlwaysOn Availability Groups and SQL Server Failover Cluster Instances. Example (Powershell) The following example changes the NodeWeight setting to remove the quorum vote for the “AlwaysOnSrv1” node. Import-Module FailoverClusters $node = “AlwaysOnSrv1” (Get-ClusterNode $node).NodeWeight = 0 Reference: Configure Cluster Quorum NodeWeight Settings
We remove Server2 from quorum vote by setting it's NodeWeight to 0. 
NodeWeight settings are used during quorum voting to support disaster recovery and multi-subnet scenarios for AlwaysOn Availability Groups and SQL Server Failover Cluster Instances. 
Example (Powershell) 
The following example changes the NodeWeight setting to remove the quorum vote for the “AlwaysOnSrv1” node. 
Import-Module FailoverClusters 
$node = “AlwaysOnSrv1” 
(Get-ClusterNode $node).NodeWeight = 0 
Reference: Configure Cluster Quorum NodeWeight Settings
Question 7
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a cluster disk resource. A developer creates an application named App1. App1 is NOT a cluster-aware application. App1 runs as a service. App1 stores date on the cluster disk resource. 
You need to ensure that App1 runs in Cluster1. The solution must minimize development effort. 
Which cmdlet should you run?
  1. Add-ClusterGenericServiceRole
  2. Add-ClusterGenericApplicationRole
  3. Add-ClusterScaleOutFileServerRole
  4. Add-ClusterServerRole
Correct answer: B
Explanation:
Add-ClusterGenericApplicationRole Configure high availability for an application that was not originally designed to run in a failover cluster. If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over. EXAMPLE 1. Command Prompt: C:\PS>Add-ClusterGenericApplicationRole -CommandLine NewApplication.exe  Name                       OwnerNode                           State  ----                             ---------                                -----  cluster1GenApp         node2                                  Online Description ----------- This command configures NewApplication.exe as a generic clustered application. A default name will be used for client access and this application requires no storage. Reference: Add-ClusterGenericApplicationRolehttp://technet.microsoft.com/en-us/library/ee460976.aspx
Add-ClusterGenericApplicationRole 
Configure high availability for an application that was not originally designed to run in a failover cluster. 
If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over. 
EXAMPLE 1. 
Command Prompt: C:\PS>
Add-ClusterGenericApplicationRole -CommandLine NewApplication.exe  
Name                       OwnerNode                           State  
----                             ---------                                -----  
cluster1GenApp         node2                                  Online 
Description 
----------- 
This command configures NewApplication.exe as a generic clustered application. A default name will be used for client access and this application requires no storage. 
Reference: Add-ClusterGenericApplicationRole
http://technet.microsoft.com/en-us/library/ee460976.aspx
Question 8
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. The 
system properties of Server1 are shown in the exhibit. (Click the Exhibit button.) 
  
 
You need to configure Server1 as an enterprise subordinate certification authority (CA). 
What should you do first?
  1. Add RAM to the server. 
  2. Set the Startup Type of the Certificate Propagation service to Automatic.
  3. Install the Certification Authority Web Enrollment role service.
  4. Join Server1 to the contoso.com domain.
Correct answer: D
Explanation:
Enterprise CAs must be domain members. From the exhibit we see that it is only a Workgroup member. Note:A new CA can be the root CA of a new PKI or subordinate to another in an existing PKI. Enterprise subordinate certification authority. An enterprise subordinate CA must get a CA certificate from an enterprise root CA but can then issue certificates to all users and computers in the enterprise. These types of CAs are often used for load balancing of an enterprise root CA.   Reference: Install a Subordinate Certification Authority
Enterprise CAs must be domain members. From the exhibit we see that it is only a Workgroup member. 
Note:
A new CA can be the root CA of a new PKI or subordinate to another in an existing PKI. 
Enterprise subordinate certification authority. 
An enterprise subordinate CA must get a CA certificate from an enterprise root CA but can then issue certificates to all users and computers in the enterprise. 
These types of CAs are often used for load balancing of an enterprise root CA. 
  
Reference: Install a Subordinate Certification Authority
Question 9
Your network contains a perimeter network and an internal network. The internal network contains an Active Directory Federation Services (AD FS) 2.1 
infrastructure. The infrastructure uses Active Directory as the attribute store. 
You plan to deploy a federation server proxy to a server named Server2 in the perimeter network. 
You need to identify which value must be included in the certificate that is deployed to Server2. 
What should you identify?
  1. The FQDN of the AD FS server
  2. The name of the Federation Service
  3. The name of the Active Directory domain
  4. The public IP address of Server2
Correct answer: A
Explanation:
To add a host (A) record to corporate DNS for a federation server On a DNS server for the corporate network, open the DNS snap-in. In the console tree, right-click the applicable forward lookup zone, and then click New Host (A). In Name, type only the computer name of the federation server or federation server cluster (for example, type fs for the fully qualified domain name (FQDN) fs.adatum.com). In IP address, type the IP address for the federation server or federation server cluster (for example, 192.168.1.4). Click Add Host. Reference: Add a host (A) record to corporate DNS for a federation server http://technet.microsoft.com/en-us/library/cc776786(v=ws.10).aspx
To add a host (A) record to corporate DNS for a federation server On a DNS server for the corporate network, open the DNS snap-in. 
  1. In the console tree, right-click the applicable forward lookup zone, and then click New Host (A). 
  2. In Name, type only the computer name of the federation server or federation server cluster (for example, type fs for the fully qualified domain name (FQDN) fs.adatum.com). 
  3. In IP address, type the IP address for the federation server or federation server cluster (for example, 192.168.1.4). 
  4. Click Add Host. 
Reference: Add a host (A) record to corporate DNS for a federation server 
http://technet.microsoft.com/en-us/library/cc776786(v=ws.10).aspx
Question 10
Your network contains an Active directory forest named contoso.com. The forest contains two child domains named east.contoso.com and west.contoso.com. 
You install an Active Directory Rights Management Services (AD RMS) cluster in each child domain. 
You discover that all of the users in the contoso.com forest are directed to the AD RMS cluster in east.contoso.com. 
You need to ensure that the users in west.contoso.com are directed to the AD RMS cluster in west.contoso.com and that the users in east.contoso.com are directed to the AD RMS cluster in east.contoso.com. What should you do? 
  1. Modify the Service Connection Point (SCP).
  2. Configure the Group Policy object (GPO) settings of the users in the west.contoso.com domain.
  3. Configure the Group Policy object (GPO) settings of the users in the east.contoso.com domain.
  4. Modify the properties of the AD RMS cluster in west.contoso.com.
Correct answer: B
Explanation:
The west.contoso.com are the ones in trouble that need to be redirected to the west.contoso.com not the east.contoso.com. Note: It is recommended that you use GPO to deploy AD RMS client settings and that you only deploy settings as needed.Reference: AD RMS Best Practices Guide
The west.contoso.com are the ones in trouble that need to be redirected to the west.contoso.com not the east.contoso.com. 
Note: It is recommended that you use GPO to deploy AD RMS client settings and that you only deploy settings as needed.
Reference: AD RMS Best Practices Guide
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!