Want to know Exambible 70 411 pdf Exam practice test features? Want to lear more about Microsoft Administering Windows Server 2012 certification experience? Study Download Microsoft 70 411 dumps answers to Renovate examcollection 70 411 questions at Exambible. Gat a success with an absolute guarantee to pass Microsoft exam ref 70 411 administering windows server 2012 r2 pdf (Administering Windows Server 2012) test on your first attempt.

Q1. You have a DNS server named Server1. 

Server1 has a primary zone named contoso.com. 

Zone Aging/Scavenging is configured for the contoso.com zone. 

One month ago, an administrator removed a server named Server2 from the network. 

You discover that a static resource record for Server2 is present in contoso.com. Resource records for decommissioned client computers are removed automatically from contoso.com. 

You need to ensure that the static resource records for all of the servers are removed automatically from contoso.com. 

What should you modify? 

A. The Expires after value of contoso.com 

B. The Record time stamp value of the static resource records 

C. The time-to-live (TTL) value of the static resource records 

D. The Security settings of the static resource records 

Answer:

Explanation: 

Reset and permit them to use a current (non-zero) time stamp value. This enables these records to become aged and scavenged. 

You can use this procedure to change how a specific resource record is scavenged. 

A stale record is a record where both the No-Refresh Interval and Refresh Interval have passed without the time stamp updating. 

DNS->View->Advanced 

Depending on the how the resource record was originally added to the zone, do one of the following: If the record was added dynamically using dynamic update, clear the Delete this record when it becomes stale check box to prevent its aging or potential removal during the scavenging process. If dynamic updates to this record continue to occur, the Domain Name System (DNS) server will always reset this check box so that the dynamically updated record can be deleted. 

If you added the record statically, select the Delete this record when it becomes stale check box to permit its aging or potential removal during the scavenging process. 

References: http: //technet. microsoft. com/en-us/library/cc759204%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/cc759204%28v=ws. 10%29. aspx 

Typically, stale DNS records occur when a computer is permanently removed from the network. Mobile users who abnormally disconnect from the network can also cause stale DNS records. To help manage stale records, Windows adds a time stamp to dynamically added resource records in primary zones where aging and scavenging are enabled. Manually added records are time stamped with a value of 0, and they are automatically excluded from the aging and scavenging process. 

To enable aging and scavenging, you must do the following: 

Resource records must be either dynamically added to zones or manually modified to be used in aging and scavenging operations. 

Scavenging and aging must be enabled both at the DNS server and on the zone. 

Scavenging is disabled by default. 

DNS scavenging depends on the following two settings: 

No-refresh interval: The time between the most recent refresh of a record time stamp and the moment when the time stamp can be refreshed again. When scavenging is enabled, this is set to 7 days by default. 

Refresh interval: The time between the earliest moment when a record time stamp can be refreshed and the earliest moment when the record can be scavenged. The refresh interval must be longer than the maximum record refresh period. When scavenging is enabled, this is set to 7 days by default. 

A DNS record becomes eligible for scavenging after both the no-refresh and refresh intervals have elapsed. If the default values are used, this is a total of 14 days. 

References: http: //technet. microsoft. com/en-us/library/cc759204%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/cc759204%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/cc771570. aspx 

http: //technet. microsoft. com/en-us/library/cc771677. aspx 

http: //technet. microsoft. com/en-us/library/cc758321(v=ws. 10). aspx 


Q2. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. All client computers are configured as DHCP clients. 

You link a Group Policy object (GPO) named GPO1 to an organizational unit (OU) that contains all of the client computer accounts. 

You need to ensure that Network Access Protection (NAP) compliance is evaluated on all of the client computers. 

Which two settings should you configure in GPO1? 

To answer, select the appropriate two settings in the answer area. 

Answer: 


Q3. Your network contains an Active Directory domain named contoso.com. The network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Network Policy and Access Services server role installed. 

You plan to deploy additional servers that have the Network Policy and Access Services server role installed. You must standardize as many settings on the new servers as possible. 

You need to identify which settings can be standardized by using Network Policy Server (NPS) templates. 

Which three settings should you identify? (Each correct answer presents part of the solution. Choose three.) 

A. IP filters 

B. shared secrets 

C. health policies 

D. network policies 

E. connection request policies 

Answer: A,B,C 


Q4. Your network contains an Active Directory domain named contoso.com. The domain 

contains a domain controller named DC1 that runs Windows Server 2012 R2. 

You create an Active Directory snapshot of DC1 each day. 

You need to view the contents of an Active Directory snapshot from two days ago. 

What should you do first? 

A. Run the dsamain.exe command. 

B. Stop the Active Directory Domain Services (AD DS) service. 

C. Start the Volume Shadow Copy Service (VSS). 

D. Run the ntdsutil.exe command. 

Answer:

Explanation: 

Dsamain.exe exposes Active Directory data that is stored in a snapshot or backup as a Lightweight Directory Access Protocol (LDAP) server. 

: http://technet.microsoft.com/en-us/library/cc772168.aspx 


Q5. HOTSPOT 

Your network contains an Active Directory domain named adatum.com. The domain contains a server named Server1. 

Your company implements DirectAccess. 

A user named User1 works at a customer's office. The customer's office contains a server named Server1. 

When User1 attempts to connect to Server1, User1 connects to Server1 in adatum.com. You need to provide User1 with the ability to connect to Server1 in the customer's office. Which Group Policy option should you configure? To answer, select the appropriate option in the answer area. 

Answer: 


Q6. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 are nodes in a Hyper-V cluster named Cluster1. Cluster1 hosts 10 virtual machines. All of the virtual machines run Windows Server 2012 R2 and are members of the domain. 

You need to ensure that the first time a service named Service1 fails on a virtual machine, the virtual machine is moved to a different node. 

You configure Service1 to be monitored from Failover Cluster Manager. 

What should you configure on the virtual machine? 

A. From the General settings, modify the Startup type. 

B. From the General settings, modify the Service status. 

C. From the Recovery settings of Service1, set the First failure recovery action to Take No Action. 

D. From the Recovery settings of Service1, set the First failure recovery action to Restart the Service. 

Answer:

Explanation: 

Configure the virtual machine to take no action through Hyper-V if the physical computer shuts down by modifying the Automatic Stop Action setting to None. Virtual machine state must be managed through the Failover Clustering feature. 

Virtual machine application monitoring and management 

In clusters running Windows Server 2012, administrators can monitor services on clustered virtual machines that are also running Windows Server 2012. This functionality extends the high-level monitoring of virtual machines that is implemented in Windows Server 2008 R2 failover clusters. If a monitored service in a virtual machine fails, the service can be restarted, or the clustered virtual machine can be restarted or moved to another node (depending on service restart settings and cluster failover settings). This feature increases the uptime of high availability services that are running on virtual machines within a failover cluster. 

Windows Server 2012 Failover Cluster introduces a new capability for Hyper-V virtual machines (VMs), which is a basic monitoring of a service within the VM which causes the VM to be rebooted should the monitored service fail three times. For this feature to work the following must be configured: 

. Both the Hyper-V servers must be Windows Server 2012 and the guest OS 

running in the VM must be Windows Server 2012. 

. The host and guest OSs are in the same or at least trusting domains. 

. The Failover Cluster administrator must be a member of the local administrator's group inside the VM. Ensure the service being monitored is set to Take No Action (see screen shot below) within the guest VM for Subsequent failures (which is used after the first and second failures) and is set via the Recovery tab of the service properties within the Services application (services. msc). 

Within the guest VM, ensure the Virtual Machine Monitoring firewall exception is enabled for the Domain network by using the Windows Firewall with Advanced Security application or by using the Windows PowerShell command below: Set-NetFirewallRule -DisplayGroup "Virtual Machine Monitoring" -Enabled True. 

After the above is true, enabling the monitoring is a simple process: Launch the Failover Cluster Manager tool. Navigate to the cluster - Roles. Right click on the virtual machine role you wish to enable monitoring for and under More Actions select Configure Monitoring. 

. The services running inside the VM will be gathered and check the box for the services that should be monitored and click OK. 

You are done! 

Monitoring can also be enabled using the Add-ClusterVMMonitoredItemcmdlet and -VirtualMachine, with the -Service parameters, as the example below shows: PS C:\\Windows\\system32> Add-ClusterVMMonitoredItem -VirtualMachine savdaltst01 -Service spooler 

References: 

http: //sportstoday. us/technology/windows-server-2012---continuous-availability-%28part-4%29---failover-clustering-enhancements---virtual-machine-monitoring-. aspx 

http: //windowsitpro. com/windows-server-2012/enable-windows-server-2012-failover-cluster-hyper-v-vm-monitoring 

http: //technet. microsoft. com/en-us/library/cc742396. aspx 


Q7. DRAG DROP 

You have a WIM file that contains an image of Windows Server 2012 R2. 

Recently, a technician applied a Microsoft Standalone Update Package (MSU) to the image. 

You need to remove the MSU package from the image. 

Which three actions should you perform in sequence? To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order. 

Answer: 


Q8. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 P.2. Server1 has the Network Policy and Access Services server role installed. 

Your company's security policy requires that certificate-based authentication must be used by some network services. 

You need to identify which Network Policy Server (NPS) authentication methods comply with the security policy. 

Which two authentication methods should you identify? (Each correct answer presents part of the solution. Choose two.) 

A. MS-CHAP 

B. PEAP-MS-CHAP v2 

C. Chap 

D. EAP-TLS 

E. MS-CHAP v2 

Answer: B,D 

Explanation: 

PEAP is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication, and uses server-side public key certificates to authenticate the server. When you use EAP with a strong EAP type, such as TLS with smart cards or TLS with certificates, both the client and the server use certificates to verify their identities to each other. 


Q9. Your company has a main office and two branch offices. The main office is located in Seattle. The two branch offices are located in Montreal and Miami. Each office is configured as an Active Directory site. 

The network contains an Active Directory domain named contoso.com. Network traffic is not routed between the Montreal office and the Miami office. 

You implement a Distributed File System (DFS) namespace named \\\\contoso.com\\public. The namespace contains a folder named Folder1. Folder1 has a folder target in each office. 

You need to configure DFS to ensure that users in the branch offices only receive referrals to the target in their respective office or to the target in the main office. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. Set the Ordering method of \\\\contoso.com\\public to Random order. 

B. Set the Advanced properties of the folder target in the Seattle office to Last among all targets. 

C. Set the Advanced properties of the folder target in the Seattle office to First among targets of equal cost. 

D. Set the Ordering method of \\\\contoso.com\\public to Exclude targets outside of the client's site. 

E. Set the Advanced properties of the folder target in the Seattle office to Last among targets of equal cost. 

F. Set the Ordering method of \\\\contoso.com\\public to Lowest cost. 

Answer: C,D 

Explanation: 

Exclude targets outside of the client's site In this method, the referral contains only the targets that are in the same site as the client. These same-site targets are listed in random order. If no same-site targets exist, the client does not receive a referral and cannot access that portion of the namespace. Note: Targets that have target priority set to "First among all targets" or "Last among all targets" are still listed in the referral, even if the ordering method is set to Exclude targets outside of the client's site. Note 2: Set the Ordering Method for Targets in Referrals A referral is an ordered list of targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or folder with targets. After the client receives the referral, the client attempts to access the first target in the list. If the target is not available, the client attempts to access the next target. 


Q10. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. 

You enable and configure Routing and Remote Access (RRAS) on Server1. 

You create a user account named User1. 

You need to ensure that User1 can establish VPN connections to Server1. 

What should you do? 

A. Create a network policy. 

B. Create a connection request policy. 

C. Add a RADIUS client. 

D. Modify the members of the Remote Management Users group. 

Answer:

Explanation: 

Network policies are sets of conditions, constraints, and settings that allow you to designate who is authorized to connect to the network and the circumstances under which they can or cannot connect. 

Network policies can be viewed as rules. Each rule has a set of conditions and settings. 

Configure your VPN server to use Network Access Protection (NAP) to enforce health requirement policies. 

References: http: //technet. microsoft. com/en-us/library/hh831683. aspx 

http: //technet. microsoft. com/en-us/library/cc754107. aspx 

http: //technet. microsoft. com/en-us/library/dd314165%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/windowsserver/dd448603. aspx 

http: //technet. microsoft. com/en-us/library/dd314165(v=ws. 10). aspx 

http: //technet. microsoft. com/en-us/library/dd469733. aspx 

http: //technet. microsoft. com/en-us/library/dd469660. aspx 

http: //technet. microsoft. com/en-us/library/cc753603. aspx 

http: //technet. microsoft. com/en-us/library/cc754033. aspx 

http: //technet. microsoft. com/en-us/windowsserver/dd448603. aspx