[Up to the minute] 70 411 exam dumps

Your success in Microsoft microsoft 70 411 is our sole target and we develop all our 70 411 study guide braindumps in a way that facilitates the attainment of this target. Not only is our 70 411 administering windows server 2012 r2 pdf study material the best you can find, it is also the most detailed and the most updated. 70 411 pdf Practice Exams for Microsoft Windows Server 70 411 administering windows server 2012 r2 pdf are written to the highest standards of technical accuracy.

2017 NEW RECOMMEND

Free VCE & PDF File for Microsoft 70-411 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 70-411 Exam Dumps (PDF & VCE):
Available on:
http://www.certleader.com/70-411-dumps.html

Q51. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. 

You have several Windows PowerShell scripts that execute when users log on to their client computer. 

You need to ensure that all of the scripts execute completely before the users can access their desktop. 

Which setting should you configure? To answer, select the appropriate setting in the answer area. 

Answer: 

Q52. Your network contains an Active Directory domain named contoso.com. The domain contains a read-only domain controller (RODC) named R0DC1. 

You create a global group named RODC_Admins. 

You need to provide the members of RODC_Admins with the ability to manage the hardware and the software on R0DC1. The solution must not provide RODC_Admins with the ability to manage Active Directory objects. 

What should you do? 

A. From Active Directory Sites and Services, run the Delegation of Control Wizard. 

B. From a command prompt, run the dsadd computer command. 

C. From Active Directory Site and Services, configure the Security settings of the R0DC1 server object. 

D. From a command prompt, run the dsmgmt local roles command. 

Answer:

Explanation: 

RODC: using the dsmgmt.exe utility to manage local administrators One of the benefits of RODC is that you can add local administrators who do not have full access to the domain administration. This gives them the ability to manage the server but not add or change active directory objects unless those roles are delegated. Adding this type of user is done using the dsmdmt.exe utility at the command prompt. 

Q53. Your network contains an Active Directory domain named contoso.com. The domain contains an organizational unit (OU) named IT and an OU named Sales. 

All of the help desk user accounts are located in the IT OU. All of the sales user accounts are located in the Sales OU. The Sales OU contains a global security group named G_Sales. The IT OU contains a global security group named G_HelpDesk. 

You need to ensure that members of G_HelpDesk can perform the following tasks: 

. Reset the passwords of the sales users. 

. Force the sales users to change their password at their next logon. 

What should you do? 

A. Run the Set-ADAccountPasswordcmdlet and specify the -identity parameter. 

B. Right-click the Sales OU and select Delegate Control. 

C. Right-click the IT OU and select Delegate Control. 

D. Run the Set-ADFineGrainedPasswordPolicycmdlet and specify the -identity parameter. 

Answer:

Explanation: 

G_HelpDesk members need to be allowed to delegate control on the Sales OU as it contains the sales users (G_Sales) 

You can use the Delegation of Control Wizard to delegate the Reset Password permission to the delegated user. 

References: http: //support. microsoft. com/kb/296999/en-us 

http: //support. microsoft. com/kb/296999/en-us 

http: //technet. microsoft. com/en-us/library/cc732524. aspx 

Q54. You have a server named Server 1. 

You enable BitLocker Drive Encryption (BitLocker) on Server 1. 

You need to change the password for the Trusted Platform Module (TPM) chip. 

What should you run on Server1? 

A. Manage-bde.exe 

B. Set-TpmOwnerAuth 

C. bdehdcfg.exe 

D. tpmvscmgr.exe 

Answer:

Explanation: 

The Set-TpmOwnerAuthcmdlet changes the current owner authorization value of the Trusted Platform Module (TPM) to a new value. You can specify the current owner authorization value or specify a file that contains the current owner authorization value. If you do not specify an owner authorization value, the cmdlet attempts to read the value from the registry. 

Use the ConvertTo-TpmOwnerAuthcmdlet to create an owner authorization value. You can specify a new owner authorization value or specify a file that contains the new value. 

Q55. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. 

Server1 has the following BitLocker Drive Encryption (BitLocker) settings: 

You need to ensure that drive D will unlock automatically when Server1 restarts. What command should you run? To answer, select the appropriate options in the answer area. 

Answer: 

Q56. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2. Both servers have the File and Storage Services server role, the DFS Namespace role service, and the DFS Replication role service installed. 

Server1 and Server2 are part of a Distributed File System (DFS) Replication group named Group1. Server1 and Server2 are connected by using a high-speed LAN connection. 

You need to minimize the amount of processor resources consumed by DFS Replication. 

What should you do? 

A. Modify the replication schedule. 

B. Modify the staging quota. 

C. Disable Remote Differential Compression (RDC). 

D. Reduce the bandwidth usage. 

Answer:

Explanation: 

Because disabling RDC can help conserve disk input/output (I/O) and CPU resources, you might want to disable RDC on a connection if the sending and receiving members are in a local area network (LAN), and bandwidth use is not a concern. However, in a LAN environment where bandwidth is contended, RDC can be beneficial when transferring large files. 

Question tells it uses a high-speed LAN connection. 

References: http: //technet. microsoft. com/en-us/library/cc758825%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/cc754229. aspx 

Q57. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has the Network Policy Server server role installed. The domain contains a server named Server2 that is configured for RADIUS accounting. 

Server1 is configured as a VPN server and is configured to forward authentication requests to Server2. 

You need to ensure that only Server2 contains event information about authentication requests from connections to Server1. 

Which two nodes should you configure from the Network Policy Server console? 

To answer, select the appropriate two nodes in the answer area. 

Answer: 

Q58. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. 

You create an organizational unit (OU) named OU1 and a Group Policy object (GPO) named GPO1. You link GPO1 to OU1. 

You move several file servers that store sensitive company documents to OU1. Each file server contains more than 40 shared folders. 

You need to audit all of the failed attempts to access the files on the file servers in OU1. The solution must minimize administrative effort. 

Which two audit policies should you configure in GPO1? To answer, select the appropriate two objects in the answer area. 

Answer: 

Q59. You have a group Managed Service Account named Service01. Three servers named Server01, Server02, and Server03 currently use the Service01 service account. 

You plan to decommission Server01. 

You need to remove the cached password of the Service01 service account from Server01. The solution must ensure that Server02 and Server 03 continue to use Service01. 

Which cmdlet should you run? 

A. Set-ADServiceAccount 

B. Remove-ADServiceAccount 

C. Uninstall-ADServiceAccount 

D. Reset-ADServiceAccountPassword 

Answer:

Explanation: The Remove-ADServiceAccount cmdlet removes an Active Directory service account. This cmdlet does not make changes to any computers that use the service account. After this operation, the service account is no longer hosted on the target computer but still exists in the directory. 

Incorrect: 

Not C: The Uninstall-ADServiceAccount cmdlet removes an Active Directory service 

account on the computer on which the cmdlet is run. The specified service account must be installed on the computer. 

Reference: Remove-ADServiceAccount 

https://technet.microsoft.com/en-us/library/ee617190.aspx 

Q60. Your network contains a server named Server1 that has the Network Policy and Access Services server role installed. 

All of the network access servers forward connection requests to Server1. 

You create a new network policy on Server1. 

You need to ensure that the new policy applies only to connection requests from the 192.168.0.0/24 subnet. 

What should you do? 

A. Set the Client IP4 Address condition to 192.168.0.0/24. 

B. Set the Client IP4 Address condition to 192.168.0. 

C. Set the Called Station ID constraint to 192.168.0.0/24. 

D. Set the Called Station ID constraint to 192.168.0. 

Answer:

Explanation: 

RADIUS client properties 

Following are the RADIUS client conditions that you can configure in network policy. 

. Calling Station ID: Specifies the network access server telephone number that was dialed by the dial-up access client. 

. Client Friendly Name: Specifies the name of the RADIUS client that forwarded the connection request to the NPS server. 

. Client IPv4 Address: Specifies the Internet Protocol (IP) version 4 address of the RADIUS client that forwarded the connection request to the NPS server. 

. Client IPv6 Address: Specifies the Internet Protocol (IP) version 6 address of the RADIUS client that forwarded the connection request to the NPS server. 

. Client Vendor: Specifies the name of the vendor or manufacturer of the RADIUS client that sends connection requests to the NPS server. 

. MS RAS Vendor: Specifies the vendor identification number of the network access server that is requesting authentication. 

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.