Microsoft Administering Windows Server 2012 - 70-411 Exam Practice Test

HOTSPOT
Your network contains a RADIUS server named Server1.
You install a new server named Server2 that runs Windows Server 2012 R2 and has Network Policy Server (NPS) installed.
You need to ensure that all accounting requests for Server2 are forwarded to Server1.
On Server2, you configure a Connection Request Policy.
What else should you configure on Server2? To answer, select the appropriate node in the answer area.
Correct Answer:

Your network contains one Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.
A central store is configured on a domain controller named DC1.
You have a custom administrative template file named App1.admx. App1.admx contains application settings for an application named App1.
You copy App1.admx to the central store. You create a new Group Policy object (GPO) named App1.Settings.
When you edit App1.Settings, you receive the warning message shown in the following exhibit.

You need to ensure that you can edit the settings for App1 from the app1_settings GPO.

Correct Answer: D Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. All of the DNS servers in both of the domains run Windows Server 2012 R2.
The network contains two servers named Server1 and Server2. Server1 hosts an Active Directory- integrated zone for contoso.com. Server2 hosts an Active Directory-integrated zone for fabrikam.com. Server1 and Server2 connect to each other by using a WAN link.
Client computers that connect to Server1 for name resolution cannot resolve names in fabnkam.com.
You need to configure Server1 to support the resolution of names in fabnkam.com. The solution must ensure that users in contoso.com can resolve names in fabrikam.com if the WAN link fails.
What should you do on Server1?

Correct Answer: B Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
HOTSPOT
Your network contains an Active Directory domain named contoso.com. All client computers are configured as DHCP clients.
You link a Group Policy object (GPO) named GPO1 to an organizational unit (OU) that contains all of the client computer accounts.
You need to ensure that Network Access Protection (NAP) compliance is evaluated on all of the client computers.
Which two settings should you configure in GPO1?
To answer, select the appropriate two settings in the answer area.
Correct Answer:
HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 has the Network Policy Server server role installed.
Server2 has the DHCP Server server role installed. Both servers run Windows Server 2012 R2.
You are configuring Network Access Protection (NAP) to use DHCP enforcement.
You configure a DHCP scope as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that non-compliant NAP clients receive different DHCP options than compliant NAP clients.
What should you configure on each server? To answer, select the appropriate options for each server in the answer area.

Correct Answer:
Health Policies
Server Options
* Health policy on the NAP server.
* The DHCP server must be NAP enabled.
Note: With DHCP enforcement, a computer must be compliant to obtain an unlimited access IP address configuration from a DHCP server. For noncompliant computers, network access is limited by an IP address configuration that allows access only to the restricted network. DHCP enforcement enforces health policy requirements every time a DHCP client attempts to lease or renew an IP address configuration. DHCP enforcement also actively monitors the health status of the NAP client and renews the IPv4 address configuration for access only to the restricted network if the client becomes noncompliant.
Your network contains an Active Directory domain named adatum.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2.
All client computers run Windows 7.
You need to ensure that user settings are saved to \\Server1\Users\.
What should you do?

Correct Answer: D Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com.
All user accounts reside in an organizational unit (OU) named OU1. All of the users in the marketing department are members of a group named Marketing. All of the users in the human resources department are members of a group named HR.
You create a Group Policy object (GPO) named GPO1. You link GPO1 to OU1. You configure the Group Policy preferences of GPO1 to add two shortcuts named Link1 and Link2 to the desktop of each user.
You need to ensure that Link1 only appears on the desktop of the users in Marketing and that Link2 only appears on the desktop of the users in HR.
What should you configure?

Correct Answer: C Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Your network contains one Active- Directory domain named contoso.com. The domain contains a file server named Server0l that runs Windows Server 2012 R2. Server0l has an operating system drive and a data drive. Server0l has a Trusted Platform Module (7PM).
You need to enable Bit Locker Drive Encryption (BitLocker) for the data drive on Server0l.
Which cmdlet should you run first?

Correct Answer: C Vote an answer
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2008 R2.
You plan to test Windows Server 2012 R2 by using native-boot virtual hard disks (VHDs).
You attach a new VHD to Server1.
You need to install Windows Server 2012 R2 in the VHD.
What should you do?

Correct Answer: A Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains 500 client computers that run Windows 8.1 Enterprise and Microsoft Office 2013.
You implement a Group Policy central store.
You need to modify the default Microsoft Office 2013 Save As location for all client computers. The solution must minimize administrative effort.
What should you configure in a Group Policy object (GPO)?

Correct Answer: D Vote an answer
Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).
HOTSPOT
Your network contains an Active Directory named contoso.com.
You have users named User1 and user2.
The Network Access Permission for User1 is set to Control access through NPS Network Policy. The Network Access Permission for User2 is set to Deny access.
A policy named Policy1 is shown in the Policy1 exhibit.

A policy named Policy2 is shown in the Policy2 exhibit.

A policy named Policy3 is shown in the Policy3 exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE:
Each correct selection is worth one point.
Correct Answer:
DRAG DROP
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2.
You generalize Server2.
You install the Windows Deployment Services (WDS) server role on Server1.
You need to capture an image of Server2 on Server1.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Correct Answer:

Explanation:
Explanation: Box 1: Start Server2 by using PXE.
Box 2: Add a capture image to Server1.
Box 3: Add an install image to Server1.
Note:
* Capture images are Windows Preinstallation Environment (Windows PE) images that allow you to easily capture the install images that you prepare using Sysprep.exe. Instead of using complex command-line tools, once you have run Sysprep.exe on your reference computer, you can boot to the Windows Deployment Services client computer using PXE and select the capture image. When the capture image boots, it starts the Capture Image Wizard, which will guide you through the capture process and optionally upload the new install image to a Windows Deployment Services server.
Steps
/ create a capture image.
/ Create an install image.
/ Add the install image to the Windows Deployment Services server.
DRAG DROP
Your network contains an Active Directory forest named contoso.com. The forest contains a Network Policy Server (NPS) server named NPS1 and a VPN server named VPN1. VPN1 forwards all authentication requests to NPS1.
A partner company has an Active Directory forest named adatum.com. The adatum.com forest contains an NPS server named NPS2.
You plan to grant users from adatum.com VPN access to your network.
You need to authenticate the users from adatum.com on VPN1.
What should you create on each NPS server?
To answer, drag the appropriate objects to the correct NPS servers. Each object may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Correct Answer:
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012.
You have a Group Policy object (GPO) named GPO1 that contains several custom Administrative templates.
You need to filter the GPO to display only settings that will be removed from the registry when the GPO falls out of scope. The solution must only display settings that are either enabled or disabled and that have a comment.
How should you configure the filter?
To answer, select the appropriate options below. Select three.

Correct Answer: C,E,H Vote an answer
HOTSPOT
You have a server named Server1 that has the Network Policy and Access Services server role installed.
You plan to configure Network Policy Server (NPS) on Server1 to use certificate-based authentication for VPN connections.
You obtain a certificate for NPS.
You need to ensure that NPS can perform certificate-based authentication.
To which store should you import the certificate?
To answer, select the appropriate store in the answer area.
Correct Answer:

When organizations deploy their own public key infrastructure (PKI) and install a private trusted root CA, their CA automatically sends its certificate to all domain member computers in the organization.
The domain member client and server computers store the CA certificate in the Trusted Root Certification Authorities certificate store. After this occurs, the domain member computers trust certificates that are issued by the organization trusted root CA.
For example, if you install AD CS, the CA sends its certificate to the domain member computers in your organization and they store the CA certificate in the Trusted Root Certification Authorities certificate store on the local computer. If you also configure and autoenroll a server certificate for your NPS servers and then deploy PEAP-MS-CHAP v2 for wireless connections, all domain member wireless client computers can successfully authenticate your NPS servers using the NPS server certificate because they trust the CA that issued the NPS server certificate.
On computers that are running the Windows operating system, certificates that are installed on the computer are kept in a storage area called the certificate store. The certificate store is accessible using the Certificates Microsoft Management Console (MMC) snap-in.
This store contains multiple folders, where certificates of different types are stored. For example, the certificate store contains a Trusted Root Certification Authorities folder where the certificates from all trusted root CAs are kept.
When your organization deploys a PKI and installs a private trusted root CA using AD CS, the CA automatically sends its certificate to all domain member computers in the organization. The domain member client and server computers store the CA certificate in the Trusted Root Certification Authorities folder in the Current User and the Local Computer certificate stores. After this occurs, the domain member computers trust certificates that are issued by the trusted root CA.
Similarly, when you autoenroll computer certificates to domain member client computers, the certificate is kept in the Personal certificate store for the Local Computer. When you autoenroll certificates to users, the user certificate is kept in the Personal certificate store for the Current User.
References:
http: //technet. microsoft. com/en-us/library/cc730811. aspx
http: //technet. microsoft. com/en-us/library/cc730811. aspx
http: //technet. microsoft. com/en-us/library/cc772401%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/ee407543%28v=ws. 10%29. aspx

Contact Us

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday

Support: Contact now 

日本語 Deutsch 繁体中文 한국어