70-411 - MCSA: Administering Windows Server 2012 - Exam 6

Your company has a main office and a branch office. The network contains an Active Directory domain named contoso.com. The main office contains a domain controller named DC1 that runs Windows Server 2012. DC1 is a DNS server and hosts a primary zone for contoso.com. The branch office contains a member server named Server1 that runs Windows Server 2012. Server1 is a DNS server and hosts a secondary zone for contoso.com. The main office connects to the branch office by using an unreliable WAN link. You need to ensure that Server1 can resolve names in contoso.com if the WAN link is unavailable for three days. Which setting should you modify in the start of authority (SOA) record?

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 and has the Windows Deployment Services (WDS) server role installed. You need to use WDS to deploy an image to a client computer that does not support PXE. Which type of image should you use to start the computer?

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012. The functional level of both the domain and the forest is Windows Server 2008 R2. The domain contains a domain-based Distributed File System (DFS) namespace that is configured as shown in the exhibit. (Click the Exhibit button.) You need to enable access-based enumeration on the DFS namespace. What should you do first?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. The domain contains two organizational units (OUs) named OU1 and OU2 in the root of the domain. Two Group Policy objects (GPOs) named GPO1 and GPO2 are created. GPO1 is linked to OU1. GPO2 is linked to OU2. OU1 contains a client computer named Computer1. OU2 contains a user named User1. You need to ensure that the GPOs applied to Computer1 are applied to User1 when User1 logs on. What should you configure?

Your company deploys a new Active Directory forest named contoso.com. The first domain controller in the forest runs Windows Server 2012. The forest contains a domain controller named DC10. On DC10, the disk that contains the SYSVOL folder fails. You replace the failed disk. You stop the Distributed File System (DFS) Replication service. You restore the SYSVOL folder. You need to perform a non-authoritative synchronization of SYSVOL on DC10. Which tool should you use before you start the DFS Replication service on DC10?

Your network contains a Hyper-V host named Server1 that hosts 20 virtual machines. You need to view the amount of memory resources and processor resources each virtual machine uses currently. Which tool should you use on Server1?

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The contoso.com zone is Active Directory-integrated and configured to replicate to all of the domain controllers in the contoso.com domain. Server1 has a DNS record in the contoso.com zone. You need to verify when the DNS record for Server1 was last updated. In which Active Directory partition should you view the DNS record of Server1?

Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012. Server1 has the Windows Server Update Services (WSUS) server role installed. WSUS is configured to use a Windows Internal Database. Server2 has Microsoft SQL Server 2008 R2 Standard deployed. You detach the SUSDB database from Server1 and attach the database to Server2. You need to ensure that Windows Deployment Services (WDS) on Server1 uses the database hosted on Server2. What should you do on Server1?

Your network contains an Active Directory forest named contoso.com. The functional level of the forest is Windows Server 2008 R2. All of the user accounts in the marketing department are members of a group named Contoso\MarketingUsers. All of the computer accounts in the marketing department are members of a group named Contoso\MarketingComputers. A domain user named User1 is a member of the Contoso\MarketingUsers group. A computer named Computer1 is a member of the Contoso\MarketingComputers group. You have five Password Settings objects (PSOs). The PSOs are defined as shown in the following table. When User1 logs on to Computer1 and attempts to change her password, she receives an error message indicating that her password is too short. You need to tell User1 what her minimum password length is. What should you tell User1?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 has the Remote Access server role installed. You log on to Server1 by using a user account named User2. From the Remote Access Management Console, you run the Getting Started Wizard and you receive a warning message as shown in the exhibit. (Click the Exhibit button.) You need to ensure that you can configure DirectAccess successfully. The solution must minimize the number of permissions assigned to User2. To which group should you add User2?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012. Server1 has the Network Policy and Access Services server role installed. You plan to deploy 802.1x authentication to secure the wireless network. You need to identify which Network Policy Server (NPS) authentication method supports certificate-based mutual authentication for the 802.lx deployment. Which authentication method should you identify?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. The domain contains an organizational unit (OU) named OU1. OU1 contains an OU named OU2. OU2 contains a user named User1. User1 is the member of a group named Group1. Group1 is in the Users container. You create five Group Policy objects (GPO). The GPOs are configured as shown in the following table. You need to identify which three GPOs will be applied to User1. Which three GPOs should you identify?

You have a server named Server1 that runs Windows Server 2012. Server1 has two network adapters and is located in a perimeter network. You need to install the RIP version 2 routing protocol on Server1. Which node should you use to add the RIP version 2 routing protocol?

Your network contains an Active Directory domain named contoso.com. All DNS servers host a DNS zone named adatum.com. The adatum.com zone is not Active Directory-integrated. An administrator modifies the start of authority (SOA) record for the adatum.com zone. After the modification, you discover that when you add or modify DNS records in the adatum.com zone, the changes are not transferred to the DNS servers that host secondary copies of the adatum.com zone. You need to ensure that the records are transferred to all the copies of the adatum.com zone. What should you modify in the SOA record for the adatum.com zone?

Your network contains an Active Directory domain named contoso.com. DC1 runs Windows Server 2008 and is the PDC Emulator, RID Master and Infrastructure Master. DC2 is running Windows Server 2008 R2 and is the Schema master and the Domain Naming Master. You deploy a new domain controller named DC3 that runs Windows Server 2012. You discover that you cannot create Password Settings objects (PSOs) by using Active Directory Administrative Center. You need to ensure that you can create PSOs from Active Directory Administrative Center. What should you do?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. The domain contains 200 Group Policy objects (GPOs) and 100 WMI filters. An administrator named Admin1 must be able to create new WMI filters and edit all of the existing WMI filters from the Group Policy Management Console (GPMC). You need to delegate the required permissions to Admin1. The solution must minimize the number of permissions assigned to Admin1. What should you do?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. You plan to use fine-grained password policies to customize the password policy settings of contoso.com. You need to identify to which Active Directory object types you can directly apply the fine- grained password policies. Which two object types should you identify? (Each correct answer presents part of the solution. Choose two.)

Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012. All client computers run Windows 8 Enterprise. DC1 contains a Group Policy object (GPO) named GPO1. You need to update the PATH variable on all of the client computers. Which Group Policy preference should you configure?

Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012. Server1 has a share named Share1. When users without permission to Share1 attempt to access the share, they receive the Access Denied message as shown. You deploy a new file server named Server2 that runs Windows Server 2012. You need to configure Server2 to display the same custom Access Denied message as Server1. What should you install on Server2?

You have a server named Server5 that runs Windows Server 2012. Servers has the Windows Deployment Services server role installed. Server5 contains several custom images of Windows 8. You need to ensure that when 32-bit client computers start by using PXE, the computers automatically install an image named Image1. What should you configure?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. The domain contains two organizational units (OUs) named OU1 and OU2 in the root of the domain. Two Group Policy objects (GPOs) named GPO1 and GPO2 are created. GPO1 is linked to OU1. GPO2 is linked to OU2. OU1 contains a client computer named Computer1. OU2 contains a user named User1. You need to ensure that the GPOs applied to Computer1 are applied to User1 when User1 logs on. What should you configure?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. The domain contains two organizational units (OUs) named OU1 and OU2 in the root of the domain. Two Group Policy objects (GPOs) named GPO1 and GPO2 are created. GPO1 is linked to OU1. GPO2 is linked to OU2. OU1 contains a client computer named Computer1. OU2 contains a user named User1. You need to ensure that the GPOs applied to Computer1 are applied to User1 when User1 logs on. What should you configure?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012. Administrators use client computers that run Windows 8 to perform all management tasks. A central store is configured on a domain controller named DC1. You have a custom administrative template file named App1.admx. App1.admx contains application settings for an application named Appl. From a client computer named Computer1, you create a new Group Policy object (GPO) named GPO1. You discover that the application settings for App1 fail to appear in GPO1. You need to ensure that the App1 settings appear in all of the new GPOs that you create. What should you do?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 and has the Network Policy Server role service installed. You need to enable trace logging for Network Policy Server (NPS) on Server1. Which tool should you use?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 and has the DNS Server server role installed. Server1 is configured to delete automatically the DNS records of client computers that are no longer on the network. A technician confirms that the DNS records are deleted automatically from the contoso.com zone. You discover that the contoso.com zone has many DNS records for servers that were on the network in the past, but have not connected to the network for a long time. You need to set the time stamp for all of the DNS records in the contoso.com zone. What should you do?

You have a server named Server1 that runs Windows Server 2012. You create a custom Data Collector Set (DCS) named DCS1. You need to configure Server1 to start DCS1 automatically when the network usage exceeds 70 percent. Which type of data collector should you create?

Your network contains an Active Directory domain named contoso.com. The domain contains three member servers named Server1, Server2, and Server3. All servers run Windows Server 2012 and have the Windows Server Update Services (WSUS) server role installed. Server1 and Server2 are configured as replica servers that use Server3 as an upstream server. You remove Server3 from the network. You need to ensure that WSUS on Server2 retrieves updates from Server1. The solution must ensure that Server1 and Server2 have the latest updates from Microsoft. Which command should you run on each server?

Your network contains an Active Directory domain named contoso.com. Network Access Protection (NAP) is deployed to the domain. You need to create NAP event trace log files on a client computer. What should you run?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 and has the Network Policy Server role service installed. An administrator creates a RADIUS client template named Template1. You create a RADIUS client named Client1 by using Template1. You need to modify the shared secret for Client1. What should you do first?

Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers run Windows Server 2012. For Server2, you are configuring constrained delegation to a third-party service named Service1 on Server1. When you attempt to add Service1 from Server1 to the delegation setting of Server2, you discover that Service1 is not listed in the Available services list. You need to ensure that you can add Service1 for constrained delegation. What should you do first?

You have a file server named Server1 that runs Windows Server 2012. Server1 has the File Server Resource Manager role service installed. Files created by users in the human resources department are assigned the Department classification property automatically. You are configuring a file management task named Task1 to remove user files that have not been accessed for 60 days or more. You need to ensure that Task1 only removes files that have a Department classification property of human resources. The solution must minimize administrative effort. What should you configure on Task1?

Your network contains two DNS servers named Server1 and Server2 that run Windows Server 2012. Server1 hosts a primary zone for contoso.com. Server2 hosts a secondary zone forcontoso.com. You need to ensure that Server2 replicates changes to the contoso.com zone every five minutes. Which setting should you modify in the start of authority (SOA) record?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 and has the Network Policy Server role service installed. An administrator creates a Network Policy Server (NPS) network policy named Policy1. You need to ensure that Policy1 applies to L2TP connections only. Which condition should you modify? To answer, select the appropriate object in the answer area.

Your network contains two servers named Server1 and Server 2. Both servers run Windows Server 2012 and have the DNS Server server role installed. On Server1, you create a standard primary zone named contoso.com. You plan to create a standard primary zone for ad.contoso.com on Server2. You need to ensure that Server1 forwards all queries for ad.contoso.com to Server2. What should you do from Server1?

You have a DNS server named DN51 that runs Windows Server 2012. On DNS1, you create a standard primary DNS zone named adatum.com. You need to change the frequency that secondary name servers will replicate the zone from DNS1. Which type of DNS record should you modify?

Which utility can you use to manage your Virtual Machines installed on a Hyper-V host?

Your network contains an Active Directory domain named contoso.com. You need to create a certificate template for the BitLocker Drive Encryption (BitLocker) Network Unlock feature. Which Cryptography setting of the certificate template should you modify?

Your network contains an Active Directory forest named contoso.com. All servers run Windows Server 2012. You need to create a custom Active Directory application partition. Which tool should you use?