Today Big Q: exam ref 70 411 administering windows server 2012 r2 pdf?

♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for Microsoft 70-411 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 70-411 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/70-411-exam-dumps.html

Q21. DRAG DROP 

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the 

Network Policy and Access Services server role installed. 

All of the VPN servers on your network use Server1 for RADIUS authentication. 

You create a security group named Group1. 

You need to configure Network Policy and Access Services (NPAS) to meet the following 

requirements: 

. Ensure that only the members of Group1 can establish a VPN connection to the VPN servers. 

. Allow only the members of Group1 to establish a VPN connection to the VPN servers if the members are using client computers that run Windows 8 or later. 

Which type of policy should you create for each requirement? 

To answer, drag the appropriate policy types to the correct requirements. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 

Q22. HOTSPOT 

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Remote Access server role installed. 

You need to configure the ports on Server1 to ensure that client computers can establish VPN connections to Server1. The solution must NOT require the use of certificates or pre-shared keys. 

What should you modify? 

To answer, select the appropriate object in the answer area. 

Answer: 

Q23. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 

You need to audit successful and failed attempts to read data from USB drives on the servers. 

Which two objects should you configure? To answer, select the appropriate two objects in the answer area. 

Answer: 

Q24. HOTSPOT 

You have a server named Server4 that runs Windows Server 2012 R2. Server4 has the Windows Deployment Services server role installed. 

Server4 is configured as shown in the exhibit. (Click the Exhibit button.) 

To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point. 

Answer: 

Q25. Your network contains an Active Directory domain named adatum.com. 

You need to audit changes to the files in the SYSVOL shares on all of the domain controllers. The solution must minimize the amount of SYSVOL replication traffic caused by the audit. 

Which two settings should you configure? (Each correct answer presents part of the solution. Choose two.) 

A. Audit PolicyAudit system events 

B. Advanced Audit Policy ConfigurationDS Access 

C. Advanced Audit Policy ConfigurationGlobal Object Access Auditing 

D. Audit PolicyAudit object access 

E. Audit PolicyAudit directory service access 

F. Advanced Audit Policy ConfigurationObject Access 

Answer: D,F 

Q26. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. 

Server1 has a folder named Folder1 that is used by the sales department. 

You need to ensure that an email notification is sent to the sales manager when a File Screening Audit report is generated. 

What should you configure on Server1? 

A. a file group 

B. a file screen 

C. a file screen exception 

D. a storage report task 

Answer: D 

Explanation: 

From the Storage Reports Management node, you can generate reports that will help you understand file use on the storage server. You can use the storage reports to monitor disk usage patterns (by file type or user), identify duplicate files and dormant files, track quota usage, and audit file screening. 

Before you run a File Screen Audit report, in the File Server Resource Manager Options dialog box, on the File Screen Audit tab, verify that the Record file screening activity in the auditing database check box is selected. 

Reference: http: //technet. microsoft. com/en-us/library/cc755988. aspx 

http: //technet. microsoft. com/en-us/library/cc730822. aspx 

http: //technet. microsoft. com/en-us/library/cc770594. aspx 

http: //technet. microsoft. com/en-us/library/cc771212. aspx 

http: //technet. microsoft. com/en-us/library/cc732074. aspx 

Q27. Your network contains an Active Directory domain named contoso.com. The domain contains a read-only domain controller (RODC) named RODC1. 

You create a global group named RODC_Admins. 

You need to provide the members of RODC_Admins with the ability to manage the hardware and the software on R0DC1. The solution must not provide RODC_Admins with the ability to manage Active Directory objects. 

What should you do? 

A. From Active Directory Site and Services, configure the Security settings of the RODC1 server object. 

B. From Windows PowerShell, run the Set-ADAccountControlcmdlet. 

C. From a command prompt, run the dsmgmt local roles command. 

D. From Active Directory Users and Computers, configure the Member Of settings of the RODC1 account. 

Answer: C 

Explanation: 

RODC: using the dsmgmt.exe utility to manage local administrators One of the benefits of RODC is that you can add local administrators who do not have full access to the domain administration. This gives them the ability to manage the server but not add or change active directory objects unless those roles are delegated. Adding this type of user is done using the dsmdmt.exe utility at the command prompt. 

Q28. Your network contains an Active Directory domain named contoso.com. The functional level of the forest is Windows Server 2008 R2. 

Computer accounts for the marketing department are in an organizational unit (OU) named DepartmentsMarketingComputers. User accounts for the marketing department are in an OU named DepartmentsMarketingUsers. 

All of the marketing user accounts are members of a global security group named MarketingUsers. All of the marketing computer accounts are members of a global security group named MarketingComputers. 

In the domain, you have Group Policy objects (GPOs) as shown in the exhibit. (Click the Exhibit button.) 

You create two Password Settings objects named PSO1 and PSO2. PSO1 is applied to MarketingUsers. PSO2 is applied to MarketingComputers. 

The minimum password length is defined for each policy as shown in the following table. 

You need to identify the minimum password length required for each marketing user. 

What should you identify? 

A. 5 

B. 6 

C. 7 

D. 10 

E. 12 

Answer: D 

Q29. Your network contains a Hyper-V host named Server1 that hosts 20 virtual machines. 

You need to view the amount of memory resources and processor resources each virtual machine uses currently. 

Which tool should you use on Server1? 

A. Hyper-V Manager 

B. Task Manager 

C. Windows System Resource Manager (WSRM) 

D. Resource Monitor 

Answer: A 

Q30. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. You implement DirectAccess. 

You need to view the properties of the DirectAccess connection. 

Which connection properties should you view? To answer, select the appropriate connection properties in the answer area. 

Answer: