Ideas to exam ref 70 411

Proper study guides for Avant-garde Microsoft Administering Windows Server 2012 certified begins with Microsoft 70 411 dumps preparation products which designed to deliver the Certified exam 70 411 questions by making you pass the 70 411 exam questions test at your first time. Try the free mcsa 70 411 demo right now.

2017 NEW RECOMMEND

Free VCE & PDF File for Microsoft 70-411 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 70-411 Exam Dumps (PDF & VCE):
Available on:
http://www.certleader.com/70-411-dumps.html

Q41. Your network contains an Active Directory domain named contoso.com. The domain contains five servers. The servers are configured as shown in the following table. 

All desktop computers in contoso.com run Windows 8 and are configured to use BitLocker Drive Encryption (BitLocker) on all local disk drives. 

You need to deploy the Network Unlock feature. The solution must minimize the number of features and server roles installed on the network. 

To which server should you deploy the feature? 

A. Server1 

B. Server2 

C. Server3 

D. Server4 

E. Server5 

Answer:

Explanation: 

The BitLocker Network Unlock feature will install the WDS role if it is not already installed. If you want to install it separately before you install BitLocker Network Unlock you can use Server Manager or Windows PowerShell. To install the role using Server Manager, select the Windows Deployment Services role in Server Manager. 

Q42. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain 

contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. 

You need to configure Server1 to meet the following requirements: 

. Ensure that old files in a folder named Folder1 are archived automatically to a folder named Archive1. 

. Ensure that all storage reports are saved to a network share. 

Which two nodes should you configure? To answer, select the appropriate two nodes in the answer area. 

Answer: 

Q43. You have a cluster named Cluster1 that contains two nodes. Both nodes run Windows Server 2012 R2. Cluster1 hosts a virtual machine named VM1 that runs Windows Server 2012 R2. 

You configure a custom service on VM1 named Service1. 

You need to ensure that VM1 will be moved to a different node if Service1 fails. 

Which cmdlet should you run on Cluster1? 

A. Add-ClusterVmMonitoredItem 

B. Add-ClusterGenericServiceRole 

C. Set-ClusterResourceDependency 

D. Enable VmResourceMetering 

Answer:

Explanation: 

The Add-ClusterVMMonitoredItem cmdlet configures monitoring for a service or an Event Tracing for Windows (ETW) event so that it is monitored on a virtual machine. If the service fails or the event occurs, then the system responds by taking an action based on the failover configuration for the virtual machine resource. For example, the configuration might specify that the virtual machine be restarted. 

Q44. You have a DNS server named DN51 that runs Windows Server 2012 R2. 

On DNS1, you create a standard primary DNS zone named adatum.com. 

You need to change the frequency that secondary name servers will replicate the zone from DNS1. 

Which type of DNS record should you modify? 

A. Name server (NS) 

B. Start of authority (SOA) 

C. Host information (HINFO) 

D. Service location (SRV) 

Answer:

Explanation: 

The time to live is specified in the Start of Authority (SOA) record Note: TTL (time to live) – The number of seconds a domain name is cached locally before expiration and return to authoritative nameservers for updated information. 

Q45. Your company has a main office and two branch offices. The main office is located in Seattle. The two branch offices are located in Montreal and Miami. Each office is configured as an Active Directory site. 

The network contains an Active Directory domain named contoso.com. Network traffic is not routed between the Montreal office and the Miami office. 

You implement a Distributed File System (DFS) namespace named \\\\contoso.com\\public. The namespace contains a folder named Folder1. Folder1 has a folder target in each office. 

You need to configure DFS to ensure that users in the branch offices only receive referrals to the target in their respective office or to the target in the main office. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Set the Ordering method of \\\\contoso.com\\public to Random order. 

B. Set the Advanced properties of the folder target in the Seattle office to Last among all targets. 

C. Set the Advanced properties of the folder target in the Seattle office to First among targets of equal cost. 

D. Set the Ordering method of \\\\contoso.com\\public to Exclude targets outside of the client's site. 

E. Set the Advanced properties of the folder target in the Seattle office to Last among targets of equal cost. 

F. Set the Ordering method of \\\\contoso.com\\public to Lowest cost. 

Answer: C,D 

Explanation: 

Exclude targets outside of the client's site In this method, the referral contains only the targets that are in the same site as the client. These same-site targets are listed in random order. If no same-site targets exist, the client does not receive a referral and cannot access that portion of the namespace. Note: Targets that have target priority set to "First among all targets" or "Last among all targets" are still listed in the referral, even if the ordering method is set to Exclude targets outside of the client's site. Note 2: Set the Ordering Method for Targets in Referrals A referral is an ordered list of targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or folder with targets. After the client receives the referral, the client attempts to access the first target in the list. If the target is not available, the client attempts to access the next target. 

Q46. Your network contains an Active Directory domain named contoso.com. 

All user accounts reside in an organizational unit (OU) named OU1. All of the users in the marketing department are members of a group named Marketing. All of the users in the human resources department are members of a group named HR. 

You create a Group Policy object (GPO) named GPO1. You link GPO1 to OU1. You configure the Group Policy preferences of GPO1 to add two shortcuts named Link1 and Link2 to the desktop of each user. 

You need to ensure that Link1 only appears on the desktop of the users in Marketing and that Link2 only appears on the desktop of the users in HR. 

What should you configure? 

A. Security Filtering 

B. WMI Filtering 

C. Group Policy Inheritance 

D. Item-level targeting 

Answer:

Explanation: 

You can use item-level targeting to change the scope of individual preference items, so they apply only to selected users or computers. Within a single Group Policy object (GPO), you can include multiple preference items, each customized for selected users or computers and each targeted to apply settings only to the relevant users or computers. 

Reference: http://technet.microsoft.com/en-us/library/cc733022.aspx 

Q47. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. 

You need to configure Server1 to meet the following requirements: 

. Ensure that old files in a folder named Folder1 are archived automatically to a folder named Archive1. 

. Ensure that JPG files can always be saved to a local computer, even when a file screen exists. 

Which two nodes should you configure? To answer, select the appropriate two nodes in the answer area. 

Answer Area 

Answer: 

Q48. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. Server1 has a share named Share1. 

When users without permission to Share1 attempt to access the share, they receive the Access Denied message as shown in the exhibit. (Click the Exhibit button.) 

You deploy a new file server named Server2 that runs Windows Server 2012 R2. 

You need to configure Server2 to display the same custom Access Denied message as Server1. 

What should you install on Server2? 

A. The Remote Assistance feature 

B. The Storage Services server role 

C. The File Server Resource Manager role service 

D. The Enhanced Storage feature 

Answer:

Explanation: 

Access-Denied Assistance is a new role service of the File Server role in Windows Server 2012. 

We need to install the prerequisites for Access-Denied Assistance. 

Because Access-Denied Assistance relies up on e-mail notifications, we also need to configure each relevant file server with a Simple Mail Transfer Protocol (SMTP) server address. Let’s do that quickly with Windows PowerShell: 

Set-FSRMSetting -SMTPServer mailserver. nuggetlab.com -AdminEmailAddress admingroup@nuggetlab.com -FromEmailAddress admingroup@nuggetlab.com 

You can enable Access-Denied Assistance either on a per-server basis or centrally via Group Policy. To my mind, the latter approach is infinitely preferable from an administration standpoint. 

Create a new GPO and make sure to target the GPO at your file servers’ Active Directory computer accounts as well as those of your AD client computers. In the Group Policy Object Editor, we are looking for the following path to configure Access-Denied Assistance: \\Computer Configuration\\Policies\\Administrative Templates\\System\\Access-Denied Assistance 

The Customize message for Access Denied errors policy, shown in the screenshot below, enables us to create the actual message box shown to users when they access a shared file to which their user account has no access. 

What’s cool about this policy is that we can “personalize” the e-mail notifications to give us administrators (and, optionally, file owners) the details they need to resolve the permissions issue quickly and easily. 

For instance, we can insert pre-defined macros to swap in the full path to the target file, the administrator e-mail address, and so forth. See this example: 

Whoops! It looks like you’re having trouble accessing [Original File Path]. Please click Request Assistance to send [Admin Email] a help request e-mail message. Thanks! 

You should find that your users prefer these human-readable, informative error messages to the cryptic, non-descript error dialogs they are accustomed to dealing with. 

The Enable access-denied assistance on client for all file types policy should be enabled to force client computers to participate in Access-Denied Assistance. Again, you must make sure to target your GPO scope accordingly to “hit” your domain workstations as well as your Windows Server 2012 file servers. 

Testing the configuration 

This should come as no surprise to you, but Access-Denied Assistance works only with Windows Server 2012 and Windows 8 computers. More specifically, you must enable the Desktop Experience feature on your servers to see Access-Denied Assistance messages on server computers. 

When a Windows 8 client computer attempts to open a file to which the user has no access, the custom Access-Denied Assistance message should appear: 

If the user clicks Request Assistance in the Network Access dialog box, they see a secondary message: 

At the end of this process, the administrator(s) will receive an e-mail message that contains the key information they need in order to resolve the access problem: 

The user’s Active Directory identity 

The full path to the problematic file 

A user-generated explanation of the problem 

So that’s it, friends! Access-Denied Assistance presents Windows systems administrators with an easy-to-manage method for more efficiently resolving user access problems on shared file system resources. Of course, the key caveat is that your file servers must run Windows Server 2012 and your client devices must run Windows 8, but other than that, this is a great technology that should save admins extra work and end-users extra headaches. 

Reference: http: //4sysops. com/archives/access-denied-assistance-in-windows-server-2012/ 

Q49. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. 

You have several Windows PowerShell scripts that execute when client computers start. 

When a client computer starts, you discover that it takes a long time before users are prompted to log on. 

You need to reduce the amount of time it takes for the client computers to start. The solution must not prevent scripts from completing successfully. 

Which setting should you configure? To answer, select the appropriate setting in the answer area. 

Answer: 

Q50. Your network contains 25 Web servers that run Windows Server 2012 R2. 

You need to configure auditing policies that meet the following requirements: 

. Generate an event each time a new process is created. 

. Generate an event each time a user attempts to access a file share. 

Which two auditing policies should you configure? To answer, select the appropriate two auditing policies in the answer area. 

A. Audit access management (Not Defined) 

B. Audit directory service access (Not Defined) 

C. Audit logon events (Not Defined) 

D. Audit Object (Not Defined) 

E. Audit policy change(Not Defined) 

F. Audit privilege use (Not Defined) 

G. Audit process tracking (Not Defined) 

H. Audit system events(Not Defined) 

Answer: D,G 

Explanation: * Audit Object Access 

Determines whether to audit the event of a user accessing an object (for example, file, folder, registry key, printer, and so forth) which has its own system access control list (SACL) specified. 

* Audit Process Tracking 

Determines whether to audit detailed tracking information for events such as program activation, process exit, handle duplication, and indirect object access. 

Reference: Audit object access 

https://technet.microsoft.com/en-us/library/cc976403.aspx 

Reference: Audit Process Tracking 

https://technet.microsoft.com/en-us/library/cc976411.aspx 

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.