Our Microsoft 70-410 exam merchandise contain study information, Pdf files and test engine. The study information are introduced chapter by chapter. If you have simply no idea to be able to prepare for the Microsoft 70-410 exam, you can learn all the required information in the 70-410 study information. Both the particular Pdf files and test engine software are free downloadable after purchasing. Along with the Pdf files are also printable and also essential for the particular Microsoft Microsoft exam preparation. The test engine can easily create a genuine Microsoft 70-410 environment.
2021 Apr 70-410 book
Q81. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2.
You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. New-StorageSubsytemVirtualDisk
B. File Server Resource Manager (FSRM)
C. Server Manager
D. Computer Management
Answer: A
Explanation:
For other questions to create a VHD (file) you can use computer management.
-Share and storage management (2008 only)
-New-storagesubsystemVirtualDisk (this is a virtual disk, NOT a virtual hard disk)
-Server Manager (you would use this to create virtual disks, not virtual hard disks)
Q82. - (Topic 3)
Your infrastructure divided in 2 sites. You have a forest root domain and child domain. There is only one DC on site 2 with no FSMO roles. The link goes down to site 2 and no users can log on. What FSMO roles you need on to restore the access?
A. Infrastructure master
B. RID master
C. Domain Naming master
D. PDC Emulator
Answer: D
Explanation:
D. The PDC emulator is used as a reference DC to double-check incorrect passwords and it also receives new password changes. PDC Emulator is the most complicated and least understood role, for it runs a diverse range of critical tasks. It is a domain-specific role, so exists in the forest root domain and every child domain. Password changes and account lockouts are immediately processed at the PDC Emulator for a domain, to ensure such changes do not prevent a user logging on as a result of multi-master replication delays, such as across Active Directory sites.
Q83. - (Topic 1)
Your network contains an Active Directory domain named contoso.com.
All client computers run Windows 8.
You deploy a server named Server1 that runs Windows Server 2012 R2.
You install a new client-server application named App1 on Server1 and on the client
computers. The client computers must use TCP port 6444 to connect to App1 on Server1.Server1 publishes the information of App1 to an intranet server named Server2 by using TCP port 3080.
You need to ensure that all of the client computers can connect to App1. The solution must
ensure that the application can connect to Server2.
Which Windows Firewall rule should you create on Server1?
A. an inbound rule to allow a connection to TCP port 3080
B. an outbound rule to allow a connection to TCP port 3080
C. an outbound rule to allow a connection to TCP port 6444
D. an inbound rule to allow a connection to TCP port 6444
Answer: D
Explanation:
A. Server2 needs inbound on 3080.
B. All ports outbound allowed by default.
D. Server1 gets request from Client PC’s it needs an inbound rule for 6444. By default, Windows Firewall with Advanced Security blocks all unsolicited inbound network traffic, and allows all outbound network traffic. For unsolicited inbound network traffic to reach your computer, you must create an allow rule to permit that type of network traffic. If a network program cannot get access, verify that in the Windows Firewall with Advanced Security snap-in there is an active allow rule for the current profile. To verify that there is an active allow rule, double-click Monitoring and then click Firewall. If there is no active allow rule for the program, go to the Inbound Rules node and create a new rule for that program. Create either a program rule, or a service rule, or search for a group that applies to the feature and make sure all the rules in the group are enabled. To permit the traffic, you must create a rule for the program that needs to listen for that traffic. If you know the TCP or UDP port numbers required by the program, you can additionally restrict the rule to only those ports, reducing the vulnerability of opening up all ports for the program.
Q84. DRAG DROP - (Topic 3)
You have two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Hyper-V server role installed. Server1 hosts a virtual machine named VM1. VM1 is currently running. VM1 has a snapshot that was created two weeks ago.
You plan to use Server2 to perform a forensic analysis of the contents of the disk of VM1 from two weeks ago.
You need to ensure that you can view the contents of the disk of VM1 from two weeks ago from Server2.
Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)
Answer:
Q85. - (Topic 1)
You have a server named Server1 that runs Windows Server 2012 R2.
You promote Server1 to a domain controller.
You need to view the service location (SRV) records that Server1 registers in DNS.
What should you do on Server1?
A. Open the Srv.sys file.
B. Open the Netlogon.dns file.
C. Run ipconfig /displaydns.
D. Run Get-DnsServerDiagnostics.
Answer: B
Explanation:
A. Timestamp server driver
B. Netlogon service creates a log file that contains all the locator resource records stored in netlogon.
C. used to display current resolver cache content
D. Gets DNS event logging details
Updated 70-410 free exam questions:
Q86. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains an application server named Server1. Server1 runs Windows Server 2012 R2. You have a client application named App1 that communicates to Server1 by using dynamic TCP ports.
On Server1, a technician runs the following command: New-NetFirewallRule -DisplayName AllowDynamic - Direction Outbound -LocalPort 1024- 65535 -Protocol TCP.
Users report that they can no longer connect to Server1 by using App1.
You need to ensure that App1 can connect to Server1.
What should you run on Server1?
A. Set-NetFirewallRule -DisplayName AllowDynamic -Action Allow
B. netsh advfirewall firewall set rule name=allowdynamic new action = allow
C. Set-NetFirewallRule -DisplayName AllowDynamic -Direction Inbound
D. netsh advfirewall firewall add rule name=allowdynamic action=allow
Answer: C
Q87. - (Topic 3)
You have a server named Server1 that has the Print and Document Services server role installed.
You need to provide users with the ability to manage print jobs on Server1 by using a web browser.
What should you do?
A. Start the Printer Extensions and Notifications service and set the service to start automatically.
B. Install the LPD Service role service.
C. Start the Computer Browser service and set the service to start automatically.
D. Install the Internet Printing role service.
Answer: D
Explanation:
References: Internet printing makes it possible for computers running Windows Server 2008 to use printers located anywhere in the world by sending print jobs using Hypertext Transfer Protocol (HTTP). http://technet.microsoft.com/en-us/library/cc731368(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc731857.aspx
Q88. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2.
A user named User1 attempts to log on to DC1, but receives the error message shown in the exhibit. (Click the Exhibit button.)
You need to ensure that User1 can log on to DC1. What should you do?
A. Add User1 to the Remote Management Users group.
B. Grant User1 the Allow log on locally user right.
C. Modify the Logon Workstations setting of the User1 account.
D. Modify the Account is sensitive and cannot be delegated setting of the User1 account.
Answer: B
Explanation:
Domain controllers, by default, restrict the types of user accounts that have the ability to log on locally.
References: Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2, Chapter 6: Create and Manage Group Policy, Objective 6.2: Configure Security Policies, p. 321 Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2, Chapter 2: Configure server roles and features, Objective 2.3: Configure servers for remote management, p. 114
http://technet.microsoft.com/en-us/library/ee957044(v=ws.10).aspx
Q89. - (Topic 2)
Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 is a member of a workgroup.
You need to configure a local Group Policy on Server1 that will apply only to non-administrators.
Which tool should you use?
A. Group Policy Object Editor
B. Group Policy Management
C. Group Policy Management Editor
D. Server Manager
Answer: A
Explanation:
Once you create a GPO, you can open it in the Group Policy Management Editor and
configure the GPO’s policies, specifically those settings that target the non-administrators.
In this scenario however, you still need to configure the Group Policy thus you would need
the GPO Editor.
References:
Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 10:
Implementing Group Policy, Lesson 1: Planning, implementing and managing group policy,
p. 475
Q90. - (Topic 3)
Your company has an Active Directory domain. You log on to the domain controller. The Active Directory Schema snap-in is not available in the Microsoft Management Console (MMC).
You need to access the Active Directory Schema snap-in. What should you do?
A. Register Schmmgmt.dll.
B. Log off and log on again by using an account that is a member of the Schema Admins group.
C. Use the Ntdsutil.exe command to connect to the schema master operations master and open the schema for writing.
D. Add the Active Directory Lightweight Directory Services (AD/LDS) role to the domain controller by using Server Manager.
Answer: A
Explanation:
Install the Active Directory Schema Snap-In You can use this procedure to first register the dynamic-link library (DLL) that is required for the Active Directory Schema snap-in. You can then add the snap-in to Microsoft Management Console (MMC).
To install the Active Directory Schema snap-in:
1. To open an elevated command prompt, click Start, type command prompt and then right-click Command Prompt when it appears in the Start menu. Next, click Run as administrator
and then click OK.
To open an elevated command prompt in Windows Server 2012 R2, click Start, type cmd,
right-click cmd and then click Run as administrator.
2. Type the following command, and then press ENTER: regsvr32 schmmgmt.dll
3. Click Start, click Run, type mmc and then click OK.
4. On the File menu, click Add/Remove Snap-in.
5. Under Available snap-ins, click Active Directory Schema, click Add and then click OK.
6. To save this console, on the File menu, click Save.
7. In the Save As dialog box, do one of the following:
* To place the snap-in in the Administrative Tools folder, in File name, type a name for the snap-in, and then click Save.
* To save the snap-in to a location other than the Administrative Tools folder, in Save in , navigate to a location for the snap-in. In File name, type a name for the snap-in, and then click Save.