|Exam Name||:||Upgrading Your Skills to MCSA Windows Server 2012|
|Questions and Answers||:||331 Q & A|
|Updated On||:||June 26, 2017|
|PDF Download Mirror||:||70-417 Brain Dump|
|Get Full Version||:||Pass4sure 70-417 Full Version|
You have five servers that run Windows Server 2012 R2. The servers have the Failover Clustering feature installed. You deploy a new cluster named Cluster1. Cluster1 is configured as shown in the following table.
Server1, Server2/ and Server3 are configured as the preferred owners of the cluster roles. Dynamic quorum management is disabled. You plan to perform hardware maintenance on Server3. You need to ensure that if the WAN link between Site1 and Site2 fails while you are performing maintenance on Server3, the cluster resource will remain available in Site1. What should you do?
Remove the node vote for Server3.
Enable DrainOnShutdown on Cluster1.
Add a file share witness in Site1.
Remove the node vote for Server4 and Server5.
Exclude secondary site nodes.
In general, do not give votes to WSFC (Windows Server Failover Clustering) nodes that reside at a secondary disaster recovery site. You do not want nodes in the secondary site to contribute to a decision to take the cluster offline when there is nothing wrong with the primary site.
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a server named Server1. You install the Windows PowerShell Web Access gateway on Server1. You need to provide administrators with the ability to manage the servers in the domain by using the Windows PowerShell Web Access gateway. Which two cmdlets should you run on Server1? (Each correct answer presents part of the solution. Choose two.)
Configure PowerShell Web Access Gateway using the following PowerShell Cmdlet. Install-PswaWebApplication –UseTestCertificate
Running the cmdlet installs the Windows PowerShell Web Access web application within the IIS Default Web Site container. The cmdlet creates the infrastructure required to run Windows PowerShell Web Access on the default website, <server_name>/pswa.
Adds a new authorization rule to the Windows PowerShell Web Access authorization rule set.
Parameters: ComputerGroupName ComputerName ConfigurationName RuleName UserGroupName UserName
Credential (Windows Server 2012 R2 and later) References:
technet.microsoft.com/en-us/library/hh849867.aspx technet.microsoft.com/en-us/library/hh849875.aspx technet.microsoft.com/en-us/library/jj592890(v=wps.620).aspx technet.microsoft.com/en-us/library/hh848404(v=wps.620).aspx technet.microsoft.com/en-us/library/jj592894(v=wps.620).aspx
A user from your organisation has reported to the IT helpdesk that they are receiving the following message: "Your account is configured to prevent you from using the computer. Please try another computer." What should you do to enable them to log on to their computer?
Use the Dsmove command
Click the Log On To button on the Account tab of her user account
None of these
Click the Allowed To Join Domain button in the New Computer dialog box
The error message is about the user account configuration. This can be set here:
You have a server named Served that runs Windows Server 2012 R2. Server1 has five network adapters. Three of the network adapters are connected to a network named LAN1. The two other network adapters are connected to a network named LAN2. You create a network adapter team named Team1 from two of the adapters connected to LAN1. You create a network adapter team named Team2 from the two adapters connected to LAN2. A company policy states that all server IP addresses must be assigned by using a reserved address in DHCP. You need to identify how many DHCP reservations you must create for Server1. How many reservations should you identify?
1 reservation for the NIC team on LAN1 1 reservation for the stand-alone NIC on LAN1 1 reservation for the NIC team on LAN2
=> 3 reservations.
Your network contains an Active Directory domain named contoso.com. All domain
controllers run Windows Server 2012 R2. In a remote site, a support technician installs a server named DC10 that runs Windows Server 2012 R2. DC10 is currently a member of a workgroup. You plan to promote DC10 to a read-only domain controller (RODC). You need to ensure that a user named Contoso\User1 can promote DC10 to a RODC in the contoso.com domain. The solution must minimize the number of permissions assigned to User1. What should you do?
From Active Directory Administrative Center, pre-create an RODC computer account.
FromDsmgmt, run the local roles command.
Join DC10 to the domain. Modify the properties of the DC10 computer account.
Join DC10 to the domain. Run dsmod and specify the /server switch.
A staged read only domain controller (RODC) installation works in two discrete phases:
Staging an unoccupied computer account
Attaching an RODC to that account during promotion
Reference: Install a Windows Server 2012 R2 Active Directory Read-Only Domain Controller (RODC)
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Hyper-V server role installed. On Server1, you create a virtual machine named VM1. VM1 has a legacy network adapter. You need to assign a specific amount of available network bandwidth to VM1. What should you do first?
Add a second legacy network adapter, and then run the Set-VMNetworkAdaptercmdlet.
Add a second legacy network adapter, and then configure network adapter teaming.
Remove the legacy network adapter, and then run the Set-VMNetworkAdaptercmdlet.
Remove the legacy network adapter, and then add a network adapter.
Server manager is a great tool for managing most of your server settings and configuration all in one central place. Which one of the following Server manager Features is used for Storage management, replication and searching?
Dynamic Host Configuration Server
Domain Name Service
Your network contains an Active Directory domain named contoso.com. The domain contains a read-only domain controller (RODC) named RODC1. You create a global group named RODC_Admins. You need to provide the members of RODC_Admins with the ability to manage the hardware and the software on RODC1. The solution must not provide RODC_Admins with the ability to manage Active Directory objects. What should you do?
From a command prompt, run the dsadd computer command.
From Active Directory Users and Computers, run the Delegation of Control Wizard.
From Active Directory Users and Computers, configure the Member Of settings of the RODC1 account.
From a command prompt, run the dsmgmt local roles command.
Manages Administrator Role Separation for a read-only domain controller (RODC). Administrator role separation provides a nonadministrative user with the permissions to
install and administer an RODC, without granting that user permissions to do any other type of domain administration.
Your network contains an Active Directory domain named adatum.com. You have a standard primary zone named adatum.com. You need to provide a user named User1 the ability to modify records in the zone. Other users must be prevented from modifying records in the zone. What should you do first?
Run the Zone Signing Wizard for the zone
From the properties of the zone, change the zone type
Run the new Delegation Wizard for the zone
From the properties of the zone, modify the Start Of Authority (SOA) record
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. Server1 is configured to resolve single-label names for DNS clients. You need to view the number of queries for single-label names that are resolved by Server1. What command should you run? To answer, select the appropriate options in the answer area.
Your network contains an Active Directory domain named contoso.com. The domain contains client computers that run Either Windows XP, Windows 7, or Windows 8. Network Policy Server (NPS) is deployed to the domain. You plan to create a system health validator (SHV). You need to identify which policy settings can be applied to all of the computers. Which three policy settings should you identi1f0y7? (Each correct answer presents part of the
solution. Choose three.)
Automatic updating is enabled.
A firewall is enabled for all network connections.
An antispyware application is on.
Antispyware is up to date.
Antivirus is up to date.
System health agent (SHA) is a NAP component.
System health agent (SHA)
A component that checks the state of the client computer to determine whether the settings monitored by the SHA are up-to-date and configured correctly. For example, the Windows Security Health Agent (WSHA) can monitor Windows Firewall, whether antivirus software is installed, enabled, and updated, whether antispyware software is installed, enabled, and updated, and whether Microsoft Update Services is enabled and the computer has the most recent security updates from Microsoft Update Services. There might also be SHAs (and corresponding system health validators) available from other companies that provide different functionality.
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains two organizational units (OUs) named OU1 and OU2 in the root of the domain. Two Group Policy objects (GPOs) named GPO1 and GP02 are created. GPO1 is linked to OU1. GPO2 is linked to OU2. OU1 contains a client computer named Computer1. OU2 contains a user named User1. You need to ensure that the GPOs Applied to Computer1areApplied to User1 when User1 logs on. What should you configure?
The GPO Status
Your network contains an Active Directory domain named contoso.com. Network Policy Server (NPS) is deployed to the domain. You plan to deploy Network Access Protection (NAP). You need to configure the requirements that are validated on the NPS client
computers. What should you do?
From the Network Policy Server console, configure a health policy.
From the Network Policy Server console, configure a network policy.
From a Group Policy object (GPO), configure the NAP Client Configuration security setting.
From a Group Policy object (GPO), configure the Network Access Protection Administrative Templates setting.
From the Network Policy Server console, configure a Windows Security Health Validator (WSHV) policy.
I feel the question is a bit unclear still. technet.microsoft.com/en-us/library/cc731260.aspx WSHV settings
If a client computer is noncompliant with one of the requirements of the WSHV, it is considered noncompliant with the WSHV as a whole. If a computer is determined to be noncompliant with the WSHV, the following actions might be taken:
I believe that the validation will take into account Health and Network, so it has to be both of them.
I don't see A or D being a valid choice.
Leaving us with E. And, the site kinda confirm this.
What should you do?
Export and import data by using Dsamain.
Apply a virtual machine snapshot to VM1.
Recover the items by using Active Directory Recycle Bin.
Modify the isRecycled attribute of Group1.