2016 April Microsoft 70-411 Exam Questions and Answers Updated Today in Braindump2go.com!
Your network contains an Active Directory domain called contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2.
You enable the EventLog-Application event trace session.
You need to set the maximum size of the log file used by the trace session to 10 MB.
From which tab should you perform the configuration?
To answer, select the appropriate tab in the answer area.
Note: By default, logging stops only if you set an expiration date as part of the logging schedule. Using the options on the Stop Condition tab, you can configure the log file to stop automatically after a specified period of time, such as seven days, or when the log file is full (if you’ve set a maximum size limit).
Your network contains a RADIUS server named Server1.
You install a new server named Server2 that runs Windows Server 2012 R2 and has Network Policy Server (NPS) installed.
You need to ensure that all accounting requests for Server2 are forwarded to Server1. On Server2, you create a new remote RADIUS server group named Group1 that contains Server1.
What should you configure next on Server2?
To answer, select the appropriate node in the answer area.
Connection request policies are sets of conditions and settings that allow network administrators to designate which Remote Authentication Dial-In User Service (RADIUS) servers perform the authentication and authorization of connection requests that the server running Network Policy Server (NPS) receives from RADIUS clients. Connection request policies can be configured to designate which RADIUS servers are used for RADIUS accounting. http://technet.microsoft.com/en-us/library/cc753603.aspx
Your network is configured as shown in the exhibit. (Click the Exhibit button.)
Server1 regularly accesses Server2.
You discover that all of the connections from Server1 to Server2 are routed through Router1.
You need to optimize the connection path from Server1 to Server2.
Which route command should you run on Server1?
A. Route add -p 10.10.10.0 MASK 255.255.255.0 10.10.10.1 METRIC 50
B. Route add -p 10.10.10.0 MASK 255.255.255.0 172.23.16.2 METRIC 100
C. Route add -p 10.10.10.12 MASK 255.255.255.0 10.10.10.1 METRIC 100
D. Route add -p 10.10.10.12 MASK 255.255.255.0 10.10.10.0 METRIC 50
destination – specifies either an IP address or host name for the network or host.
subnetmask – specifies a subnet mask to be associated with this route entry. If subnetmask is not specified, 255.255.255.255 is used.
gateway – specifies either an IP address or host name for the gateway or router to use when forwarding.
costmetric – assigns an integer cost metric (ranging from 1 through 9,999) to be used in calculating the fastest, most reliable, and/or least expensive routes. If costmetric is not specified, 1 is used.
interface – specifies the interface to be used for the route that uses the interface number. If an interface is not specified, the interface to be used for the route is determined from the gateway IP address.
Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2 and are configured as DNS servers. All DNS zones are Active Directory-integrated. Active Directory Recycle Bin is enabled.
You need to modify the amount of time deleted objects are retained in the Active Directory Recycle Bin.
Which naming context should you use?
To answer, select the appropriate naming context in the answer area.
Your network contains an Active Directory domain named adatum.com. The domain contains a domain controller named DC1. On DC1, you create a new volume named E.
You restart DC1 in Directory Service Restore Mode.
You open ntdsutil.exe and you set NTDS as the active instance.
You need to move the Active Directory logs to E:\NTDS\.
Which Ntdsutil context should you use?
B. Configurable Settings
C. Partition management
How to Move Log Files
Use the move logs to command to move the directory service log files to another folder. For the new settings to take effect, restart the computer after you move the log files.
To move the log files, follow these steps:
Click Start, click Run, type ntdsutil in the Open box, and then press ENTER. At the Ntdsutil command prompt, type files, and then press ENTER. At the file maintenance command prompt, type move logs to new location (where new location is an existing folder that you have created for this purpose), and then press ENTER.
Type quit, and then press ENTER.
Restart the computer.
http://technet.microsoft.com/en-us/library/cc753343(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc755229(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc730970(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc732530(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc753900(v=ws.10).aspx
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. You pre-create a read-only domain controller (P.QDC) account named RODC1. You export the settings of RODC1 to a file named File1.txt. You need to promote RODC1 by using File1.txt.
Which tool should you use?
A. The Dcpromo command
B. The Install-WindowsFeature cmdlet
C. The Install-ADDSDomainController cmdlet
D. The Add-WindowsFeature cmdlet
E. The Dism command
If you have experience creating read-only domain controllers, you will discover that the installation wizard has the same graphical interface as seen when using the older Active Directory Users and Computers snap-in from Windows Server 2008 and uses the same code, which includes exporting the configuration in the unattend file format used by the obsolete dcpromo.”
“The Summary dialog enables you to confirm your settings. This is the last opportunity to stop the installation before the wizard creates the staged account. Click Next when you are ready to create the staged RODC computer account. Click Export Settings to save an answer file in the obsolete dcpromo unattend file format.”
Your network contains an Active Directory domain named contoso.com.
You need to audit access to removable storage devices.
Which audit category should you configure?
To answer, select the appropriate category in the answer area.
Advanced Security Auditing Options – Configure Object Access > Audit Removable storage http://technet.microsoft.com/en-us/library/jj574128.aspx
Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2.
The adatum.com domain contains a Group Policy object (GPO) named GPO1. An administrator from adatum.com backs up GPO1 to a USB flash drive.
You have a domain controller named dcl.contoso.com.
You insert the USB flash drive in dcl.contoso.com.
You need to identify the domain-specific reference in GPO1.
What should you do?
A. From Group Policy Management, run the Group Policy Results Wizard.
B. From the Migration Table Editor, click Populate from GPO.
C. From Group Policy Management, run the Group Policy Modeling Wizard.
D. From the Migration Table Editor, click Populate from Backup.
Your network contains a single Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
The domain contains 400 desktop computers that run Windows 8 and 10 desktop computers that run Windows XP Service Pack 3 (SP3). All new desktop computers that are added to the domain run Windows 8. All of the desktop computers are located in an organizational unit (OU) named OU1.
You create a Group Policy object (GPO) named GPO1. GPO1 contains startup script settings. You link GPO1 to OU1.
You need to ensure that GPO1 is applied only to computers that run Windows XP SP3.
What should you do?
A. Modify the Security settings of OU1.
B. Run the Set-GPLink cmdlet and specify the -target parameter.
C. Create and link a WMI filter to GPO1.
D. Run the Set-GPInheritance cmdlet and specify the -target parameter.
WMI Filtering is used to get information of the system and apply the GPO on it with the condition is met.
Security filtering: apply a GPO to a specific group (members of the group)
Your network contains an Active Directory domain named contoso.com. The domain contains more than 100 Group Policy objects (GPOs). Currently, there are no enforced GPOs.
You need to provide an Administrator named Admin1 with the ability to create GPOs in the domain. The solution must not provide Admin1 with the ability to link GPOs.
What should you use?
Your network contains a single Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that hosts the primary DNS zone for contoso.com All servers dynamically register their host names.
You install the new Web servers that host identical copies of your company’s intranet website. The servers are configured as shown in the following table.
You need to use DNS records to load balance name resolution queries for intranet.contoso.com between the two Web servers.
What is the minimum number of DNS records that you should create manually?
An A records for each IP is needed
intranet.contoso.com > 10.0.0.20
intranet.contoso.com > 10.0.0.21
intranet.contoso.com > 10.0.0.22
Your network contains an Active Directory domain named fabrikam.com.
You implement DirectAccess and an IKEv2 VPN.
You need to view the properties of the VPN connection.
Which connection properties should you view?
To answer, select the appropriate connection properties in the answer area.
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. All client computers run Windows 8 Enterprise. DC1 contains a Group Policy object (GPO) named GPO1.
You need to deploy a VPN connection to all users.
What should you configure from Users Configuration in GPO1?
A. Policies/Administrative Templates/Network/Network Connections
B. Policies/Administrative Templates/Network/Windows Connect Now
C. Preferences/Control Panel Settings/Network Options
D. Policies/Administrative Templates/Windows Components/Windows Mobility Centre
To create a new Dial-Up Connection preference item
Open the Group Policy Management Console. Right-click the Group Policy object (GPO) that should contain the new preference item, and then click Edit.
In the console tree under Computer Configuration or User Configuration, expand the Preferences folder, and then expand the Control Panel Settings folder. Right-click the Network Options node, point to New, and select Dial-Up Connection.