Secrets to microsoft 70 412

We provide real 70 412 exam exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Microsoft 70 412 pdf Exam quickly & easily. The 70 412 pdf PDF type is available for reading and printing. You can print more and practice many times. With the help of our Microsoft exam 70 412 dumps pdf and vce product and material, you can easily pass the 70 412 dumps exam.

2017 NEW RECOMMEND

Free VCE & PDF File for Microsoft 70-412 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 70-412 Exam Dumps (PDF & VCE):
Available on:
http://www.certleader.com/70-412-dumps.html

Q81. DRAG DROP 

Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2. 

A federated trust exists between adatum.com and contoso.com. The trust provides adatum.com users with access to contoso.com resources. 

You need to configure Active Directory Federation Services (AD FS) claim rules for the federated trust. 

The solution must meet the following requirements: 

. In contoso.com, replace an incoming claim type named Group with an outgoing claim type named Role. . In adatum.com, allow users to receive their tokens for the relying party by using their Active Directory group membership as the claim type. 

The AD FS claim rules must use predefined templates. 

Which rule types should you configure on each side of the federated trust? 

To answer, drag the appropriate rule types to the correct location or locations. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 

Q82. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 have the Hyper-V server role installed. The servers are configured as shown in the following table. 

You add a third server named Server3 to the network. Server3 has Intel processors. 

You need to move VM3 and VM6 to Server3. The solution must minimize downtime on the 

virtual machines. 

Which method should you use to move each virtual machine? 

To answer, select the appropriate method for each virtual machine in the answer area. 

Answer: 

Q83. You have a server named Server1 that runs Windows Server 2012 R2. 

You install the File and Storage Services server role on Server1. 

From Windows Explorer, you view the properties of a folder named Folder1 and you discover that the Classification tab is missing. 

You need to ensure that you can assign classifications to Folder1 from Windows Explorer manually. 

What should you do? 

A. From Folder Options, clear Hide protected operating system files (Recommended). 

B. Install the File Server Resource Manager role service. 

C. From Folder Options, select the Always show menus. 

D. Install the Share and Storage Management Tools. 

Answer:

Explanation: 

On the Classification tab of the file properties in Windows Server 2012, File Classification Infra-structure adds the ability to manually classify files. You can also classify folders so that any file added to the classified folder will inherit the classifications of the parent folder. 

Reference: What's New in File Server Resource Manager in Windows Server. 

Q84. You have an Active Directory Rights Management Services (AD RMS) cluster. 

You need to prevent users from encrypting new content. The solution must ensure that the users can continue to decrypt content that was encrypted already. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. From the Active Directory Rights Management Services console, enable decommissioning. 

B. From the Active Directory Rights Management Services console, create a user exclusion policy. 

C. Modify the NTFS permissions of %systemdrive%\\inetpub\\wwwroot\\_wmcs\\licensing. 

D. Modify the NTFS permissions of %systemdrive%\\inetpub\\wwwroot\\_wmcs\\decommission. 

E. From the Active Directory Rights Management Services console, modify the rights policy templates. 

Answer: A,D 

Explanation: 

* Decommissioning refers to the entire process of removing the AD RMS cluster and its 

associated databases from an organization. This process allows you to save rights-

protected files as ordinary files before you remove AD RMS from your infrastructure so that 

you do not lose access to these files. 

Decommissioning an AD RMS cluster is achieved by doing the following: 

/ Enable the decommissioning service. (A) 

/ Modify permissions on the decommissioning pipeline. 

/ Configure the AD RMS-enabled application to use the decommissioning pipeline. 

* To modify the permissions on the decommissioning pipeline 

1. Log on to ADRMS-SRV as cpandl\\administrator. 

2. Click Start, type %systemdrive%\\inetpub\\wwwroot\\_wmcs in the Start Search box, and 

then press ENTER. 

3. Right-click the decommission folder, and then click Properties. 

4. Click the Security tab, click Edit, and then click Add. (D) 

Etc. 

Reference: Step 1: Decommission AD RMS Root Cluster 

Q85. You have a failover cluster named Cluster1 that contains four nodes. All of the nodes run Windows Server 2012 R2. 

You need to schedule the installation of Windows updates on the cluster nodes. 

Which tool should you use? 

A. the Add-CauClusterRole cmdlet 

B. the Wusa command 

C. the Wuauclt command 

D. the Invoke-CauScan cmdlet 

Answer:

Explanation: 

To enable self-updating mode, the CAU clustered role must also be added to the failover cluster. To do this by using the CAU UI, under Cluster Actions, use the Configure Self-Updating Options action. Alternatively, run the Add-CauClusterRole Windows PowerShell cmdlet. 

Note: The process for installing service packs and hotfixes on Windows Server 2012 differs from the process in earlier versions. In Windows Server 2012, you can use the Cluster-Aware Updating (CAU) feature. CAU automates the software-updating process on clustered servers while maintaining availability. 

Reference: Cluster-Aware Updating Overview 

Q86. DRAG DROP 

Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server3. The network contains a standalone server named Server2. 

All servers run Windows Server 2012 R2. The servers are configured as shown in the following table. 

Server3 hosts an application named App1. App1 is accessible internally by using the URL https://app1.contoso.com. App1 only supports Integrated Windows authentication. 

You need to ensure that all users from the Internet are pre-authenticated before they can access App1. 

What should you do? 

To answer, drag the appropriate servers to the correct actions. Each server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 

Q87. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a server named Server1. Both servers run Windows Server 2012 R2. 

You configure the classification of a share on Server1 as shown in the Share1 Properties exhibit. (Click the Exhibit button.) 

You configure the resource properties in Active Directory as shown in the Resource Properties exhibit. (Click the Exhibit button.) 

You need to ensure that the Impact classification can be assigned to Share1 immediately. 

Which cmdlet should you run on each server? 

To answer, select the appropriate cmdlet for each server in the answer area. 

Answer: 

Q88. Your network contains a perimeter network and an internal network. The internal network contains an Active Directory Federation Services (AD FS) 2.1 infrastructure. The infrastructure uses Active Directory as the attribute store. 

You plan to deploy a federation server proxy to a server named Server2 in the perimeter network. 

You need to identify which value must be included in the certificate that is deployed to Server2. 

What should you identify? 

A. The FQDN of the AD FS server 

B. The name of the Federation Service 

C. The name of the Active Directory domain 

D. The public IP address of Server2 

Answer:

Explanation: 

To add a host (A) record to corporate DNS for a federation server On a DNS server for the corporate network, open the DNS snap-in. 

1. In the console tree, right-click the applicable forward lookup zone, and then click New Host (A). 

2. In Name, type only the computer name of the federation server or federation server cluster (for example, type fs for the fully qualified domain name (FQDN) fs.adatum.com). 

3. In IP address, type the IP address for the federation server or federation server cluster (for example, 192.168.1.4). 

4. Click Add Host. 

Reference: Add a host (A) record to corporate DNS for a federation server 

http://technet.microsoft.com/en-us/library/cc776786(v=ws.10).aspx 

Q89. Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services server role installed. Server2 is a file server. 

Your company introduces a Bring Your Own Device (BYOD) policy. 

You need to ensure that users can use a personal device to access domain resources by using Single Sign-On (SSO) while they are connected to the internal network. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Enable the Device Registration Service in Active Directory. 

B. Publish the Device Registration Service by using a Web Application Proxy. 

C. Configure Active Directory Federation Services (AD FS) for the Device Registration Service. 

D. Create and configure a sync share on Server2. 

E. Install the Work Folders role service on Server2. 

Answer: A,C 

Explanation: 

* Workplace Join leverages a feature included in the Active Directory Federation Services (AD FS) Role in Windows Server 2012 R2, called Device Registration Service (DRS). DRS provisions a device object in Active Directory when a device is Workplace Joined. Once the device object is in Active Directory, attributes of that object can be retrieved and used to provide conditional access to resources and applications. The device identity is represented by a certificate which is set on the personal device by DRS when the device is Workplace Joined. 

* In Windows Server 2012 R2, AD FS and Active Directory Domain Services have been extended to comprehend the most popular mobile devices and provide conditional access to enterprise resources based on user+device combinations and access policies. With these policies in place, you can control access based on users, devices, locations, and access times. 

Reference: BYOD Basics: Enabling the use of Consumer Devices using Active Directory in Windows Server 2012 R2 

Q90. Your network contains one Active Directory forest named contoso.com. The forest contains two child domains and six domain controllers. The domain controllers are configured as shown in the following table. 

For the contoso.com domain, a company policy states that administrators must be able to retrieve a list of all the users who have not logged on to the network in the last seven days from any domain controller. 

You need to ensure that the users’ last logon information from the last seven days is replicated to all of the domain controllers. 

What should you use? 

A. Set-ADSite 

B. Set-ADReplicationSite 

C. Set-ADDomain 

D. Set-ADReplicationSiteLink 

E. Set-ADGroup 

F. Set-ADForest 

G. Netdom 

Answer:

Reference: Technet, Set-ADDomain 

https://technet.microsoft.com/en-us/library/ee617212.aspx 

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.