[Free] 2018(Aug) Ensurepass Microsoft 70-412 Dumps with VCE and PDF 21-30

Ensurepass.com : Ensure you pass the IT Exams
2018 Aug Microsoft Official New Released 70-412
100% Free Download! 100% Pass Guaranteed!

Configuring Advanced Windows Server 2012 R2 Services

Question No: 21 – (Topic 1)

Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2.

Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the URLhttp://app1.contoso.com.

You plan to perform maintenance on Server1.

You need to ensure that all new connections to App1 are directed to Server2. The solution must not disconnect the existing connections to Server1.

What should you run?

  1. The Set-NlbCluster cmdlet

  2. The Set-NlbClusterNode cmdlet

  3. The Stop-NlbCluster cmdlet

  4. The Stop-NlbClusterNode cmdlet

Answer: D Explanation:

The Stop-NlbClusterNode cmdlet stops a node in an NLB cluster. When you use the stop the nodes in the cluster, client connections that are already in progress are interrupted. To avoid interrupting active connections, consider using the -drain parameter, which allows the node to continue servicing active connections but disables all new traffic to that node.

-Drain lt;SwitchParametergt;

Drains existing traffic before stopping the cluster node. If this parameter is omitted, existing traffic will be dropped.

Reference: Stop-NlbClusterNode

Question No: 22 – (Topic 1)

Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2.

Server1 and Server2 have the Failover Clustering feature installed. The servers are

configured as nodes in a failover cluster named Cluster1. Cluster1 contains a cluster disk resource.

A developer creates an application named App1. App1 is NOT a cluster-aware application. App1 runs as a service. App1 stores date on the cluster disk resource.

You need to ensure that App1 runs in Cluster1. The solution must minimize development effort.

Which cmdlet should you run?

  1. Add-ClusterGenericServiceRole

  2. Add-ClusterGenericApplicationRole

  3. Add-ClusterScaleOutFileServerRole

  4. Add-ClusterServerRole

Answer: B Explanation:

Add-ClusterGenericApplicationRole

Configure high availability for an application that was not originally designed to run in a failover cluster.

If you run an application as a Generic Application, the cluster software will start the application, then periodically query the operating system to see whether the application appears to be running. If so, it is presumed to be online, and will not be restarted or failed over.

EXAMPLE 1.

Command Prompt: C:\PSgt;

Add-ClusterGenericApplicationRole -CommandLine NewApplication.exe Name OwnerNode State

— —– —

cluster1GenApp node2 Online Description

——

This command configures NewApplication.exe as a generic clustered application. A default name will be used for client access and this application requires no storage.

Reference: Add-ClusterGenericApplicationRole

http://technet.microsoft.com/en-us/library/ee460976.aspx

Question No: 23 HOTSPOT – (Topic 1)

Your network contains three Active Directory forests. The forests are configured as shown in the following table.

Ensurepass 2018 PDF and VCE

A two-way forest trust exists between contoso.com and divisionl.contoso.com. A two-way forest trust also exists between contoso.com and division2.contoso.com.

You plan to create a one-way forest trust from divisionl.contoso.com to division2.contoso.com.

You need to ensure that any cross-forest authentication requests are sent to the domain controllers in the appropriate forest after the trust is created.

How should you configure the existing forest trust settings?

In the table below, identify which configuration must be performed in each forest. Make only one selection in each column. Each correct selection is worth one point.

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

Explanation/Reference:

There will be a one-way forest trust from division1.contoso.com to division2.contoso.com Division1 trusts Division2. Division2 must be able to access resources in Division1.

Division1 should not be able to access resources in Division2.

Question No: 24 – (Topic 1)

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role installed. All servers run Windows Server 2012.

You complete the Active Directory Federation Services Configuration Wizard on Server1. You need to ensure that client devices on the internal network can use Workplace Join.

Which two actions should you perform on Server1? (Each correct answer presents part of the solution. Choose two.)

  1. Run Enable-AdfsDeviceRegistration -PrepareActiveDirectory.

  2. Edit the multi-factor authentication global authentication policy settings.

  3. Run Enable-AdfsDeviceRegistration.

  4. Run Set-AdfsProxyProperties HttpPort 80.

  5. Edit the primary authentication global authentication policy settings.

Answer: C,E Explanation:

C. To enable Device Registration Service

On your federation server, open a Windows PowerShell command window and type: Enable-AdfsDeviceRegistration

Repeat this step on each federation farm node in your AD FS farm.

E. Enable seamless second factor authentication

Seamless second factor authentication is an enhancement in AD FS that provides an added level of access protection to corporate resources and applications from external devices that are trying to access them. When a personal device is Workplace Joined, it

becomes a ‘known’ device and administrators can use this information to drive conditional access and gate access to resources.

To enable seamless second factor authentication, persistent single sign-on (SSO) and conditional access for Workplace Joined devices.

In the AD FS Management console, navigate to Authentication Policies. Select Edit Global Primary Authentication. Select the check box next to Enable Device Authentication, and then click OK.

Reference: Configure a federation server with Device Registration Service.

Question No: 25 HOTSPOT – (Topic 1)

Your network contains an Active Directory domain named contoso.com. The domain contains domain controllers that run either Windows Server 2003, Windows Server 2008 R2, or Windows Server 2012 R2.

You plan to implement a new Active Directory forest. The new forest will be used for testing and will be isolated from the production network.

In the test network, you deploy a server named Server1 that runs Windows Server 2012 R2.

You need to configure Server1 as a new domain controller in a new forest named contoso.test.

The solution must meet the following requirements:

->The functional level of the forest and of the domain must be the same as that of contoso.com.

->Server1 must provide name resolution services for contoso.test.

What should you do?

To answer, configure the appropriate options in the answer area.

Ensurepass 2018 PDF and VCE

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

Set the forest function level and the Domain functional level both to Windows Server 2003. Also check Domain Name (DNS) server.

Note:

  • When you deploy AD DS, set the domain and forest functional levels to the highest value that your environment can support. This way, you can use as many AD DS features as possible. For example, if you are sure that you will never add domain controllers that run Windows Server 2003 to the domain or forest, select the Windows Server 2008 functional level during the deployment process. However, if you might retain or add domain controllers that run Windows Server 2003, select the Windows Server 2003 functional level.

  • You can set the domain functional level to a value that is higher than the forest functional level. For example, if the forest functional level is Windows Server 2003, you can set the domain functional level to Windows Server 2003or higher.

Question No: 26 – (Topic 1)

Your company has offices in Montreal, New York, and Amsterdam.

The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITELINK site link.

You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office.

The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day.

What should you do?

  1. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITE1INK. Modify the schedule of DEFAULTIPSITELINK.

  2. Create a new site link that contains Montreal and Amsterdam. Create a new site link

    bridge. Modify the schedule of DEFAULTIPSITELINK.

  3. Create a new site link that contains Montreal and Amsterdam. Remove Amsterdam from DEFAULTIPSITELINK. Modify the schedule of the new site link.

  4. Create a new site link that contains Montreal and Amsterdam. Create a new site link bridge. Modify the schedule of the new site link.

Answer: C Explanation:

We create a new site link between Montreal and Amsterdam and schedule it only between 20:00 and 08:00. To ensure that traffic between Montreal and Amsterdam only occurs at this time we also remove Amsterdam from the DEFAULTIPSITELINK.

Reference: How Active Directory Replication Topology Works http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

Question No: 27 – (Topic 1)

Your company recently deployed a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012 R2.

You need to identify the time-to-live (TTL) value for domain referrals to the NETLOGON and SYSVOL shared folders.

Which tool should you use?

  1. Ultrasound

  2. Replmon

  3. Dfsdiag

  4. Frsutil

Answer: C Explanation: Explanation/Reference:

DFSDIAG can check your configuration in five different ways: Checking referral responses (DFSDIAG /TestReferral)

Checking domain controller configuration Checking site associations

Checking namespace server configuration

Checking individual namespace configuration and integrity

Reference: Five ways to check your DFS-Namespaces (DFS-N) configuration with the DFSDIAG.EXE tool

Question No: 28 – (Topic 1)

You have a server named Server1.

You install the IP Address Management (IPAM) Server feature on Server1.

You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege.

Which user role should you assign to User1?

  1. DNS Record Administrator Role

  2. IPAM DHCP Reservations Administrator Role

  3. IPAM Administrator Role

  4. IPAM DHCP Administrator Role

Answer: D Explanation:

The IPAM DHCP administrator role completely manages DHCP servers.

Ensurepass 2018 PDF and VCE

C:\Users\Chaudhry\Desktop\1.jpg Reference: What#39;s New in IPAM

Question No: 29 HOTSPOT – (Topic 1)

Your company has a primary data center and a disaster recovery data center.

The network contains an Active Directory domain named contoso.com. The domain contains a server named that runs Windows Server 2012 R2. Server1 is located in the primary data center.

Server1 has an enterprise root certification authority (CA) for contoso.com.

You deploy another server named Server2 to the disaster recovery data center.

You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point.

You need to configure Server2 as a CRL distribution point (CDP).

Which tab should you use to configure the required CDP entry? To answer, select the

appropriate tab in the answer area.

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

To configure the CDP and AIA extensions on CA1

Etc.

->uk.co.certification.simulator.questionpool.PList@ceef820

Question No: 30 DRAG DROP – (Topic 1)

Your network contains an Active Directory domain named contoso.com. All file servers in the domain run Windows Server 2012 R2.

The computer accounts of the file servers are in an organizational unit (OU) named OU1. A Group Policy object (GPO) named GPO1 is linked to OU1.

You plan to modify the NTFS permissions for many folders on the file servers by using central access policies.

You need to identify any users who will be denied access to resources that they can currently access once the new permissions are implemented.

In which order should you Perform the five actions?

Ensurepass 2018 PDF and VCE

Answer:

Ensurepass 2018 PDF and VCE

Explanation:

Ensurepass 2018 PDF and VCE

  • Configure a central access rule

    *Configure a central access policy (CAP) (with help of central access rules)

  • Deploy the central access policy (through GPO)

  • Modify security settings

  • Check the result

100% Ensurepass Free Download!
Download Free Demo:70-412 Demo PDF
100% Ensurepass Free Guaranteed!
70-412 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com