Q171. - (Topic 3)
You work as an administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 installed.
Contoso.com has a server, named ENSUREPASS-SR07, which has the AD DS, DHCP, and DNS server roles installed. Contoso.com also has a server, named ENSUREPASS-SR08, which has the DHCP, and Remote Access server roles installed. You have configured a server, which has the File and Storage Services server role installed, to automatically acquire an IP address.
The server is named ENSUREPASS-SR09. You then create a filter on ENSUREPASS-SR07.
Which of the following is a reason for this configuration?
A. To make sure that ENSUREPASS-SR07 issues ENSUREPASS-SR09 an IP address.
B. To make sure that ENSUREPASS-SR07 does not issue ENSUREPASS-SR09 an IP address.
C. To make sure that ENSUREPASS-SR09 acquires a constant IP address from ENSUREPASS-SR08 only.
D. To make sure that ENSUREPASS-SR09 is configured with a static IP address.
Answer: B
Q172. - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2.
You need to enable access-based enumeration for a file share on Server1.
Which tool should you use?
A. File Server Resource Manager (FSRM)
B. Share and Storage Management
C. Server Manager
D. File Explorer
Answer: C
Explanation:
Access-based enumeration displays only the files and folders that a user has permissions to access. It is a feature that was previously available as a downloadable package for the Windows Server. 2003 operating system (it was also included in Windows Server 2003 Service Pack 1). Access-based enumeration is now included in the Windows Server 2008 operating system, and you can enable it by using Share and Storage Management.
Q173. - (Topic 2)
Your network contains an Active Directory domain named contoso.com. The domain contains 20 computer accounts that reside in an organizational unit (OU) named OU1.
A Group Policy object (GPO) named GPO1 is linked to OU1. GPO1 is used to assign several user rights to a user named User1.
In the Users container, you create a new user named User2.
You need to ensure that User2 is assigned the same user rights as User1 on all of the client computers in OU1.
What should you do?
A. Modify the settings in GPO1.
B. Modify the link of GPO1.
C. Link a WMI filter to GPO1.
D. Move User2 to OU1.
Answer: D
Explanation:
The GPO is linked to OU1. By moving User2 to OU1 the GPO will be applied to this user.
Q174. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named HVServer1. HVServer1 runs Windows Server 2012 and has the Hyper-V server role installed. HVServer1 hosts 10 virtual machines. All of the virtual machines connect to a virtual switch named Switch1. Switch1 is configured as a private network. All of the virtual machines have the DHCP guard and the router guard settings enabled.
You install the DHCP server role on a virtual machine named Server 1. You authorize Server1 as a DHCP server in contoso.com. You create an IP scope.
You discover that the virtual machines connected to Switch1 do not receive IP settings from Server1.
You need to ensure that the virtual machines can use Server1 as a DHCP server.
What should you do?
A. Enable MAC address spoofing on Server1.
B. Disable the DHCP guard on all of the virtual machines that are DHCP clients.
C. Disable the DHCP guard on Server1.
D. Enable single-root I/O virtualization (SR-IOV) on Server1.
Answer: C
Explanation:
Private virtual networks are used where you want to allow communications between virtual machine to virtual machine on the same physical server in a block diagram, a private network is an internal network without a virtual NIC in the parent partition. A private network would commonly be used where you need complete isolation of virtual machines from external and parent partition traffic. DMZ workloads running on a leg of a trihomed firewall, or an isolated test domain are examples where this type of network may be useful.
Q175. - (Topic 3)
Your network contains one Active Directory domain named contoso.com. The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01.
The domain contains an administrator account named Admin1.
You need to prevent Admin1 from creating more than 100 objects in the domain partition.
Which tool should you use?
A. the ntdsutil command
B. the Set-ADDomain cmdlet
C. the Install-ADDSDomain cmdlet
D. the dsadd command
E. the dsamain command
F. the dsmgmt command
G. the net user command
H. the Set-ADForest cmdlet
Answer: D
Explanation:
Active Directory quotas are limits on the number of objects that a security principal (that has been delegated the Create Child Objects or Delete Child Objects permission) can own and create. To assign a quota to a security principal, you must use the directory services tools. The command and required parameters for assigning a quota to a security principal are as follows:
dsadd quota –part <partition distinguished name> –qlimit <quotalimit> –acct <security prinicipal>
Reference: Active Directory Quotas
https://technet.microsoft.com/en-us/library/cc904295(v=ws.10).aspx
Q176. DRAG DROP - (Topic 3)
You have a print server named Server1Server1 runs Windows Server 2008 R2. You have a file server named Server2. Server2 runs Windows Server 2012 R2.
You need to migrate all of the printers on Server1 to Server2.
Which actions should you perform on the servers?
To answer, drag the appropriate action to the correct servers in the answer area. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q177. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
In the perimeter network, you install a new server named Server1 that runs Windows Server 2012 R2. Server1 is in a workgroup.
You need to perform an offline domain join of Server1 to the contoso.com domain.
What should you do first?
A. Transfer the PDC emulator role to Dc1.
B. Run the djoin.exe command.
C. Run the dsadd.exe command.
D. Transfer the infrastructure master role to DC1.
Answer: B
Explanation:
A. Creates a new Active Directory computer.
B. Use djoin for offline join in the perimeter network
C. Adds specific types of objects to the directory.
D. Add the local computer to a domain or workgroup.
Q178. - (Topic 3)
Your network contains an Active Directory domain named adatum.com. The domain contains several thousand member servers that run Windows Server 2012 R2. All of the computer accounts for the member servers are in an organizational unit (OU) named ServersAccounts. Servers are restarted only occasionally.
You need to identify which servers were restarted during the last two days.
What should you do?
A. Run dsquery computer and specify the -stalepwd parameter
B. Run dsquery server and specify the -o parameter.
C. Run Get-ADComputer and specify the lastlogon property.
D. Run Get-ADComputer and specify the SearchScope parameter
Answer: C
Q179. HOTSPOT - (Topic 2)
You have a server named Server1. Server1 runs Windows Server 2012 R2 and has the
Windows Deployment Services (WDS) server role installed.
You install the DHCP Server server role on Server1.
You need to ensure that Server1 can respond to DHCP clients and WDS clients.
What should you configure for the DHCP service and the WDS service?
To answer, configure the appropriate options in the answer area.
Answer:
Q180. - (Topic 3)
You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers in the Contoso.com domain, including domain controllers, have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing the Virtual Fibre Channel SAN feature.
Which of the following is TRUE with regards to the Virtual Fibre Channel SAN feature? (Choose all that apply.)
A. It prevents virtual machines from connecting directly to Fibre Channel storage.
B. It allows for virtual machines to connect to Fibre Channel storage directly.
C. It includes support for virtual SANs, live migration, and multipath I/O.
D. It includes support for virtual SANs, and live migration, but not multipath I/O.
Answer: B,C
Explanation:
To gain the full benefits of server virtualization and cloud architectures, virtualized workloads need to connect easily and reliably to existing SANs. For many enterprise organizations, Hyper-V deployments were limited in scale and scope because they lacked the ability to directly connect VMs to Fibre Channel SAN storage from inside a VM. Hyper-V in Windows Server 2012 R2 now provides virtual Fibre Channel Host Bus Adapter (HBA) ports within the guest operating system that runs the virtual machine, connecting virtual machines directly to FibreChannel SAN Logical Unit Numbers (LUNs). Virtual Fibre Channel for Hyper-V provides several important advantages for Hyper-V environments: Simplifies storage connectivity for virtualized workloads to ultra-reliable, high-performance Fibre Channel SAN storage. Enables new solutions that require shared storage, such as failover clustering, live migration, andmultipath I/O. Leverages and protects existing investments in Fibre Channel storage? Enables advanced FC SAN storage functionality for VMs. Facilitates migration of FC workloads into the cloud. Enables improved monitoring and troubleshooting, with visibility from the VM to the FC SAN storage. Enables centralized management of Ethernet and FC-based virtualized workloads. Combining Virtual Fibre Channel for Hyper-V and the Brocade Fibre Channel SAN infrastructure greatly simplifies connectivity between Fibre Channel SAN storage and virtualized applications, enabling enterprise IT and hosting providers to achieve new levels of availability, reliability, and scalability for cloud-based services. You need your virtualized workloads to connect easily and reliably to your existing storage arrays. Windows Server 2012 R2 provides Fibre Channel ports within the guest operating system, which allows you to connect to Fibre Channel directly from within virtual machines. This feature protects your investments in Fibre Channel, enables you to virtualize workloads that use direct access to Fibre Channel storage, allows you to cluster guest operating systems over Fibre Channel, and provides an important new storage option for servers hosted in your virtualization infrastructure. With this Hyper-V virtual Fibre Channel feature, you can connect to Fibre Channel storage from within a virtual machine. This allows you to use your existing Fibre Channel investments to support virtualized workloads. Support for Fibre Channel in Hyper-V guests also includes support for many related features, such as virtual SANs, live migration, and MPIO.