Testking offers free demo for 70 411 vce exam. "Administering Windows Server 2012", also known as 70 411 exam exam, is a Microsoft Certification. This set of posts, Passing the Microsoft 70 411 exam questions exam, will help you answer those questions. The mcp 70 411 Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft 70 411 exam exams and revised by experts!

Q9. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers run Windows Server 2012 R2. Both servers have the File and Storage Services server role, the DFS Namespace role service, and the DFS Replication role service installed. 

Server1 and Server2 are part of a Distributed File System (DFS) Replication group named Group1. Server1 and Server2 are connected by using a high-speed LAN connection. 

You need to minimize the amount of processor resources consumed by DFS Replication. 

What should you do? 

A. Modify the replication schedule. 

B. Modify the staging quota. 

C. Disable Remote Differential Compression (RDC). 

D. Reduce the bandwidth usage. 

Answer:

Explanation: 

Because disabling RDC can help conserve disk input/output (I/O) and CPU resources, you might want to disable RDC on a connection if the sending and receiving members are in a local area network (LAN), and bandwidth use is not a concern. However, in a LAN environment where bandwidth is contended, RDC can be beneficial when transferring large files. 

Question tells it uses a high-speed LAN connection. 

References: http: //technet. microsoft. com/en-us/library/cc758825%28v=ws. 10%29. aspx 

http: //technet. microsoft. com/en-us/library/cc754229. aspx 


Q10. HOTSPOT 

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest contains two Active Directory sites named Site1 and Site2. 

You plan to deploy a read-only domain controller (RODC) named DC10 to Site2. You pre-create the DC10 domain controller account by using Active Directory Users and Computers. 

You need to identify which domain controller will be used for initial replication during the promotion of the RODC. 

Which tab should you use to identify the domain controller? 

To answer, select the appropriate tab in the answer area. 

Answer: 


Q11. Your network contains an Active Directory domain named adatum.com. The domain contains a member server named Server1 and 10 web servers. All of the web servers are in an organizational unit (OU) named WebServers_OU. All of the servers run Windows Server 2012 R2. 

On Server1, you need to collect the error events from all of the web servers. The solution must ensure that when new web servers are added to WebServers_OU, their error events are collected automatically on Server1. 

What should you do? 

A. On Server1, create a source computer initiated subscription. From a Group Policy object (GPO), configure the Configure target Subscription Manager setting. 

B. On Server1, create a source computer initiated subscription. From a Group Policy object (GPO), configure the Configure forwarder resource usage setting. 

C. On Server1, create a collector initiated subscription. From a Group Policy object (GPO), configure the Configure forwarder resource usage setting. 

D. On Server1, create a collector initiated subscription. From a Group Policy object (GPO), configure the Configure target Subscription Manager setting. 

Answer:

Explanation: 

Source-initiated subscriptions allow you to define a subscription on an event collector computer without defining the event source computers, and then multiple remote event source computers can be set up (using a group policy setting) to forward events to the event collector computer. This differs from a collector initiated subscription because in the collector initiated subscription model, the event collector must define all the event sources in the event subscription. 

1. Run the following command from an elevated privilege command prompt on the 

Windows Server domain controller to configure Windows Remote Management: winrm qc –q. 

2. Start group policy by running the following command: %SYSTEMROOT%\System32\gpedit. msc. 

3. Under the Computer Configuration node, expand the Administrative Templates node, then expand the Windows Components node, then select the Event Forwarding node. 

4. Right-click the SubscriptionManager setting, and select Properties. Enable the SubscriptionManager setting, and click the Show button to add a server address to the setting. Add at least one setting that specifies the event collector computer. The SubscriptionManager Properties window contains an Explain tab that describes the syntax for the setting. 

5. After the SubscriptionManager setting has been added, run the following command to ensure the policy is applied: gpupdate /force. 

If you want to configure a source computer-initiated subscription, you need to configure the following group policies on the computers that will act as the event forwarders: 

* (A) Configure Target Subscription Manager This policy enables you to set the location of the collector computer. 


Q12. Your network contains a single Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

The domain contains 400 desktop computers that run Windows 8 and 10 desktop computers that run Windows XP Service Pack 3 (SP3). All new desktop computers that are added to the domain run Windows 8. 

All of the desktop computers are located in an organizational unit (OU) named OU1. 

You create a Group Policy object (GPO) named GPO1. GPO1 contains startup script settings. You link GPO1 to OU1. 

You need to ensure that GPO1 is applied only to computers that run Windows XP SP3. 

What should you do? 

A. Create and link a WML filter to GPO1 

B. Run the Set-GPInheritance cmdlet and specify the -target parameter. 

C. Run the Set-GPLink cmdlet and specify the -target parameter. 

D. Modify the Security settings of OU1. 

Answer:

Explanation: 

WMI Filtering is used to get information of the system and apply the GPO on it with the condition is met. 

Security filtering: apply a GPO to a specific group (members of the group) 


Q13. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the Network Policy Server role service installed. 

An administrator creates a Network Policy Server (NPS) network policy named Policy1. You need to ensure that Policy1 applies to L2TP connections only. 

Which condition should you modify? 

To answer, select the appropriate object in the answer area. 

Answer: 


Q14. Your network contains an Active Directory domain named contoso.com. The domain 

contains a server named Server1 that runs Windows Server 2012 R2. 

You enable and configure Routing and Remote Access (RRAS) on Server1. 

You create a user account named User1. 

You need to ensure that User1 can establish VPN connections to Server1. 

What should you do? 

A. Modify the members of the Remote Management Users group. 

B. Add a RADIUS client. 

C. Modify the Dial-in setting of User1. 

D. Create a connection request policy. 

Answer:

Explanation: 

Access permission is also granted or denied based on the dial-in properties of each user account. 

http://technet.microsoft.com/en-us/library/cc772123.aspx 


Q15. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

You have a Group Policy object (GPO) named GPO1 that contains hundreds of settings. GPO1 is linked to an organizational unit (OU) named OU1. OU1 contains 200 client computers. 

You plan to unlink GPO1 from OU1. 

You need to identify which GPO settings will be removed from the computers after GPO1 is unlinked from OU1. 

Which two GPO settings should you identify? (Each correct answer presents part of the solution. Choose two.) 

A. The managed Administrative Template settings 

B. The unmanaged Administrative Template settings 

C. The System Services security settings 

D. The Event Log security settings 

E. The Restricted Groups security settings 

Answer: A,D 

Explanation: 

There are two kinds of Administrative Template policy settings: Managed and Unmanaged . The Group Policy service governs Managed policy settings and removes a policy setting when it is no longer within scope of the user or computer. 

References: http: //technet. microsoft. com/en-us/library/cc778402(v=ws. 10). aspx http: //technet. microsoft. com/en-us/library/bb964258. aspx 


Q16. Your network contains two Active Directory forests named contoso.com and adatum.com. The contoso.com forest contains a server named Server1.contoso.com. The adatum.com forest contains a server named server2. adatum.com. Both servers have the Network Policy Server role service installed. 

The network contains a server named Server3. Server3 is located in the perimeter network and has the Network Policy Server role service installed. 

You plan to configure Server3 as an authentication provider for several VPN servers. 

You need to ensure that RADIUS requests received by Server3 for a specific VPN server are always forwarded to Server1.contoso.com. 

Which two should you configure on Server3? (Each correct answer presents part of the solution. Choose two.) 

A. Remediation server groups 

B. Remote RADIUS server groups 

C. Connection request policies 

D. Network policies 

E. Connection authorization policies 

Answer: B,C 

Explanation: 

To configure NPS as a RADIUS proxy, you must create a connection request policy that contains all of the information required for NPS to evaluate which messages to forward and where to send the messages. 

When you configure Network Policy Server (NPS) as a Remote Authentication Dial-In User Service (RADIUS) proxy, you use NPS to forward connection requests to RADIUS servers that are capable of processing the connection requests because they can perform authentication and authorization in the domain where the user or computer account is located. For example, if you want to forward connection requests to one or more RADIUS servers in untrusted domains, you can configure NPS as a RADIUS proxy to forward the requests to the remote RADIUS servers in the untrusted domain. To configure NPS as a RADIUS proxy, you must create a connection request policy that contains all of the information required for NPS to evaluate which messages to forward and where to send the messages. 

When you configure a remote RADIUS server group in NPS and you configure a connection request policy with the group, you are designating the location where NPS is to forward connection requests. 

References: http: //technet. microsoft. com/en-us/library/cc754518. aspx 

http: //technet. microsoft. com/en-us/library/cc754518. aspx 

http: //technet. microsoft. com/en-us/library/cc754518. aspx