Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home Microsoft 70-417

Microsoft 70-417 Exam Practice Questions (P. 2)

  • Full Access (691 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
Your network contains an Active Directory forest named contoso.com.
The forest contains two domains named contoso.com and child.contoso.com and two sites named Site1 and Site2. The domains and the sites are configured as shown in following table.


When the link between Site1 and Site2 fails, users fail to log on to Site2.
You need to identify what prevents the users in Site2 from logging on to the child.contoso.com domain.
What should you identify?
  1. A
    The placement of the infrastructure master
  2. B
    The placement of the global catalog server
  3. C
    The placement of the domain naming master
  4. D
    The placement of the PDC emulator

Correct Answer:
B
User logon. In a forest that has more than one domain, two conditions require the global catalog during user authentication:
In a domain that operates at the Windows 2000 native domain functional level or higher, domain controllers must request universal group membership enumeration from a global catalog server. When a user principal name (UPN) is used at logon and the forest has more than one domain, a global catalog server is required to resolve the name.
References:
http://technet.microsoft.com/en-us/library/cc728188(v=ws.10).aspx

Question #12
Your network contains an Active Directory forest that contains two domains. The forest contains five domain controllers.
The domain controllers are configured as shown in the following table.


You need to configure DC5 as a global catalog server.
Which tool should you use?
  1. A
    Active Directory Administrative Center
  2. B
    Active Directory Users and Computers
  3. C
    Active Directory Sites and Services
  4. D
    Active Directory Domains and Trusts

Correct Answer:
C
Active Directory Sites and Services can be used to Add or remove the global catalog read-only directory partitions from a domain controller in the site. Confirm that all read-only directory partitions have been replicated to the new global catalog server. As well as verify that the global catalog server is being advertised in
Domain Name System (DNS).
References:
http://technet.microsoft.com/en-us/library/cc730868.aspx
http://technet.microsoft.com/en-us/library/cc770674.aspx

Question #13
Your network contains an Active Directory forest. The forest contains a single domain named contoso.com. The domain contains four domain controllers.
The domain controllers are configured as shown in the following table.

All domain controllers are DNS servers.
You plan to deploy a new domain controller named DC5 in the contoso.com domain.
You need to identify which domain controller must be online to ensure that DC5 can be promoted successfully to a domain controller.
Which domain controller should you identify?
  1. A
    DC1
  2. B
    DC2
  3. C
    DC3
  4. D
    DC4

Correct Answer:
D
Relative ID (RID) Master:
Allocates active and standby RID pools to replica domain controllers in the same domain (corp.contoso.com) Must be online for newly promoted domain controllers to obtain a local RID pool that is required to advertise or when existing domain controllers have to update their current or standby RID pool allocation.
The RID master is responsible for processing RID pool requests from all domain controllers in a particular domain. When a DC creates a security principal object such as a user or group, it attaches a unique Security ID (SID) to the object.
This SID consists of a domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that is unique for each security principal SID created in a domain. Each DC in a domain is allocated a pool of RIDs that it is allowed to assign to the security principals it creates. When a DC's allocated RID pool falls below a threshold, that DC issues a request for additional RIDs to the domain's RID master. The domain RID master responds to the request by retrieving RIDs from the domain's unallocated RID pool and assigns them to the pool of the requesting DC.
At any one time, there can be only one domain controller acting as the RID master in the domain.


The Infrastructure Master -
-The purpose of this role is to ensure that cross-domain object references are correctly handled. For example, if you add a user from one domain to a security group from a different domain, the Infrastructure Master makes sure this is done properly.
As you can guess however, if your Active Directory deployment has only a single domain, then the Infrastructure Master role does no work at all, and even in a multi-domain environment it is rarely used except when complex user administration tasks are performed, so the machine holding this role doesn't need to have much horsepower at all.
References:
http://support.microsoft.com/kb/223346
http://en.wikipedia.org/wiki/Flexible_single_master_operation

Question #14
Your network contains an Active Directory forest named contoso.com. All domain controllers currently run Windows Server 2008 R2.
You plan to install a new domain controller named DC4 that runs Windows Server 2012 R2.
The new domain controller will have the following configurations:
✑ Schema master
✑ Global catalog server
✑ DNS Server role
✑ Active Directory Certificate Services server role
You need to identify which configurations cannot be fulfilled by using the Active Directory Domain Services Configuration Wizard.
Which two configurations should you identify? (Each correct answer presents part of the solution. Choose two.)
  1. A
    Enable the global catalog server.
  2. B
    Transfer the schema master.
  3. C
    Install the Active Directory Certificate Services role.
  4. D
    Install the DNS Server role.

Correct Answer:
BC
AD Installation Wizard will automatically install DNS and allows for the option to set it as a global catalog server. ADCS and schema must be done separately.

Question #15
You have a server named Server1 that runs Windows Server 2012.
You promote Server1 to a domain controller.
You need to view the service location (SRV) records that Server1 registers in DNS.
What should you do on Server1?
  1. A
    Open the Netlogon.dns file.
  2. B
    Run ipconfig /displaydns.
  3. C
    Run Get-DnsServerDiagnostics.
  4. D
    Open the SrC. sys file.

Correct Answer:
A
Netlogon.dns - If you are using non-Microsoft DNS servers to support Active Directory, you can verify SRV locator resource records by viewing Netlogon.dns.
Netlogon.dns is located in the %systemroot%\System32\Config folder. You can use a text editor, such as Microsoft Notepad, to view this file.
The first record in the file is the domain controller's Lightweight Directory Access Protocol (LDAP) SRV record.
References:
http://support.microsoft.com/kb/816587/en-us

Question #16
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run
Windows Server 2012 R2.
Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1. Cluster1 contains a cluster disk resource.
A developer creates an application named App1. App1 is NOT a cluster-aware application. App1 runs as a service. App1 stores date on the cluster disk resource.
You need to ensure that App1 runs in Cluster1. The solution must minimize development effort.
Which cmdlet should you run?
  1. A
    Add-ClusterGenericServiceRole
  2. B
    Add ClusterGenericApplicationRole
  3. C
    Add ClusterScaleOutFileServerRole
  4. D
    Add-ClusterServerRole

Correct Answer:
A
The questions says "...App1 runs as a service"
"Configure high availability for a service that was not originally designed to run in a failover cluster."
If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over
References: http://technet.microsoft.com/en-us/library/ee460966.aspx

Question #17
Your network contains an Active Directory domain named contoso.com. The domain contains three servers named Server1, Server2, and Server3.
You create a server group named ServerGroup1.
You discover the error message shown in the following exhibit. (Click the Exhibit button.)


You need to ensure that Server2 can be managed remotely by using Server Manager.
What should you do?
  1. A
    On Server2, run the netdom.exe command.
  2. B
    On Server2, run the net stop netlogon command, and then run the net start netlogon command.
  3. C
    On DC1, run the Enable-PSSessionConfigurationcmdlet.
  4. D
    On Server2, modify the membership of the Remote Management Users group.
  5. E
    On DC1, run the New-ADComputercmdlet.
  6. F
    On Server2, run the Add-Computer cmdlet.
  7. G
    From Active Directory Users and Computers, add a computer account named Server2, and then restart Server2.

Correct Answer:
D
This is a security issue. To be able to access Server2 remotely through Server Manager the user need to be a member of the Remote Management Users group.
References:
Training Guide: Installing and Configuring Windows Server 2012, Chapter 3 Server Remote Management, Lesson 1: Server Manager, p. 90-92

Question #18
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a server named Server1.
You install the Windows PowerShell Web Access gateway on Server1.
You need to provide administrators with the ability to manage the servers in the domain by using the Windows PowerShell Web Access gateway.
Which two cmdlets should you run on Server1? (Each correct answer presents part of the solution. Choose two.)
  1. A
    Install PswaWebApplication
  2. B
    Add PswaAuthorizationRule
  3. C
    Set-WSManlnstance
  4. D
    Set-WSManQuickConfig
  5. E
    Set-BCAuthentication

Correct Answer:
AB
Configure PowerShell Web Access Gateway using the following PowerShell Cmdlet.
Install-PswaWebApplication UseTestCertificate
Running the cmdlet installs the Windows PowerShell Web Access web application within the IIS Default Web Site container. The cmdlet creates the infrastructure required to run Windows PowerShell Web Access on the default website, https://<server_name>/pswa.

Add-PswaAuthorizationRule -
Adds a new authorization rule to the Windows PowerShell Web Access authorization rule set.
Parameters:
✑ ComputerGroupName
✑ ComputerName
✑ ConfigurationName
✑ RuleName
✑ UserGroupName
✑ UserName
✑ Credential (Windows Server 2012 R2 and later)
References:
http://technet.microsoft.com/en-us/library/hh849867.aspx
http://technet.microsoft.com/en-us/library/hh849875.aspx
http://technet.microsoft.com/en-us/library/jj592890(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh848404(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj592894(v=wps.620).aspx

Question #19
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 and a server named Server2 that runs Windows Server 2008 R2 Service Pack 1 (SP1). Both servers are member servers.
On Server2, you install all of the software required to ensure that Server2 can be managed remotely from Server Manager.
You need to ensure that you can manage Server2 from Server1 by using Server Manager.
Which two tasks should you perform on Server2? (Each correct answer presents part of the solution. (Choose two.)
  1. A
    Run the Enable-PSRemoting cmdlet.
  2. B
    Run the Configure-SMRemoting.psl script.
  3. C
    Run the Enable-PSSessionConfiguration cmdlet.
  4. D
    Run the Set-ExecutionPolicycmdlet.
  5. E
    Run the systempropertiesremote.exe command.

Correct Answer:
BD
To configure Server Manager remote management by using Windows PowerShell
On the computer that you want to manage remotely, open a Windows PowerShell session with elevated user rights.
In the Windows PowerShell session, type the following, and then press Enter.
Set-ExecutionPolicy ExecutionPolicyRemoteSigned (D)
Type the following, and then press Enter to enable all required firewall rule exceptions.
Configure-SMRemoting.ps1 -force enable (B)
References:
https://msandbu.wordpress.com/2012/08/26/administer-other-windows-server-from-server-manager-2012/

Question #20
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows
Server 2012 R2.
You log on to Server1.
You need to retrieve the IP configurations of Server2.
Which command should you run from Server1?
  1. A
    winrm get server2
  2. B
    dsquery * -scope base -attrip/server2
  3. C
    winrs -r:server2ipconfig
  4. D
    ipconfig> server2.ip

Correct Answer:
C
Using WinRS -
You can use WinRS to administer a Server Core installation remotely from the command line. WinRS is a command-line tool included in both Windows Vista and the Full installation of Windows Server 2008, which relies on Windows Remote Management (WinRM) to execute remote commands, especially for headless servers. WinRM is Microsoft's implementation of the WS-Management protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that enables hardware and operating systems from different vendors to interoperate. You can think of WinRM as the server side and WinRS the client side of WSManagement.[...]
Using WinRS to Administer Server Core in a Domain
The basic syntax for WinRS commands is as follows:
winrs -r:target command where target is the name (NetBIOS or FQDN) of the Server Core installation that has had WinRM enabled on it, and command is any command string that you want to execute on the Server Core installation. For example, to use WinRS to enable Remote Desktop remotely on a Server Core installation named SEA-SC2, type the following command on any computer running Windows Vista or on a Full installation of Windows Server 2008:winrs -r:SEA-
SC2 cscript %WINDIR%\system32\scregedit.wsf /ar 0
References:
http://technet.microsoft.com/en-us/library/dd163506.aspx
Exam Ref 70-410: Installing and Configuring Windows Server 2012: Objective 4.3: Deploy and Configure the DNS service, Chapter 4 Deploying and Configuring core network services, p. 246 http://technet.microsoft.com/en-us/library/dd349801(v=ws.10).aspx

Previous Questions Next Questions

All Pages