70-412 | You have a server named File1 that runs Windows Server 2012…

Question: 27

You have a server named File1 that runs Windows Server 2012 R2.
File1 has the File Server role service installed.
You plan to back up all shared folders by using Windows Azure Online Backup.
You download and install the Windows Azure Online Backup Service Agent on File1.
You need to ensure that you use Windows Server Backup to back up data to Windows Azure Online Backup.
What should you do?

A. From Computer Management, add the File1 computer account to the Backup Operators group.
B. From the Services console, modify the Log On settings of the Windows Azure Online Backup Service Agent.
C. From Windows Server Backup, run the Register Server Wizard.
D. From a command prompt, run wbadmin.exe enable backup.

Answer: C

70-412 | You have a server named Server…

Question: 26

You have a server named Server1 that has the Active Directory Certificate Services server role installed.
Server1 uses a hardware security module (HSM) to protect the private key of Server1.
You need to ensure that the Active Directory Certificate Services (AD CS) database, log files, and private key are backed up.
You perform regular backups of the HSM module by using a backup utility provided by the HSM manufacturer.
What else should you do?

A. Run the certutil.exe command and specify the -backupkey parameter.
B. Run the certutil.exe command and specify the -backupdb parameter.
C. Run the certutil.exe command and specify the -backup parameter.
D. Run the certutil.exe command and specify the -dump parameter.

Answer: B

Explanation:

A. Backup the Active Directory Certificate Services certificate and private key
B. Backup the Active Directory Certificate Services database
C. Backup Active Directory Certificate Services
D. Dump configuration information or files

70-412 | Your network contains an Active Directory…

Question: 25

Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1 that has the Active Directory Federation Services server role in- stalled. All servers run Windows Server 2012.
You complete the Active Directory Federation Services Configuration Wizard on Server1.
You need to ensure that client devices on the internal network can use Workplace Join.
Which two actions should you perform on Server1? (Each correct answer presents part of the so- lution. Choose two.)

A. Run Enable-AdfsDeviceRegistration -PrepareActiveDirectory.
B. Edit the multi-factor authentication global authentication policy settings.
C. Run Enable-AdfsDeviceRegistration.
D. Run Set-AdfsProxyProperties HttpPort 80.
E. Edit the primary authentication global authentication policy settings.

Answer: C,E

70-412 | Your network contains two Active….

Question: 24

Your network contains two Active Directory forests named contoso.com and adatum.com. A two- way forest trust exists between the forests. The contoso.com forest contains an enterprise certification authority (CA) named Server1. You implement cross-forest certificate enrollment between the contoso.com forest and the adatum.com forest. On Server1, you create a new certificate template named Template1. You need to ensure that users in the adatum.com forest can request certificates that are based on Template1. Which tool should you use?

A. DumpADO.ps1
B. Repadmin
C. Add-CATemplate
D. Certutil
E. PKISync.ps1

Answer: E

The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day. What should you do?

Question: 32

Your company has offices in Montreal, New York, and Amsterdam.
The network contains an Active Directory forest named contoso.com.
An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITELINK site link.
You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office.
The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day.
What should you do?

A. Create a new site link that contains Montreal and Amsterdam.
Remove Amsterdam from DEFAULTIPSITELINK.
Modify the schedule of DEFAULTIPSITELINK.
B. Create a new site link that contains Montreal and Amsterdam.
Create a new site link bridge.
Modify the schedule of DEFAU LTIPSITELINK.
C. Create a new site link that contains Montreal and Amsterdam.
Remove Amsterdam from DEFAULTIPSITELINK.
Modify the schedule of the new site link.
D. Create a new site link that contains Montreal and Amsterdam.
Create a new site link bridge.
Modify the schedule of the new site link.

Answer: C

Section: Configure the Active Directory infrastructure (15-20%)
Explanation
Explanation/Reference:
Explanation:
Very Smartly reworded with same 3 offices. In the exam correct answer is “Create a new site link that contains Newyork to Montreal.
Remove Montreal from DEFAULTIPSITELINK.Modify the schedule of the new site link”.
http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

70-412 | Your network contains an Active Directory forest named contoso.com.Users frequently access the website of an external partner company.

Question : 31

Your network contains an Active Directory forest named contoso.com.Users frequently access the website of an external partner company. The URL of the website is http://partners.adatum.com.The partner company informs you that it will perform maintenance on its Web server and that the IP addresses of the Web server will change.After the change is complete, the users on your internal network report that they fail to access the website.However, some users who work from home report that they can access the website.You need to ensure that your DNS servers can resolve partners.adatum.com to the correct IP address immediately.What should you do?

A. Run dnscmd and specify the CacheLockingPercent parameter.
B. Run Set-DnsServerGlobalQueryBlockList.
C. Run ipconfig and specify the Renew parameter.
D. Run Set-DnsServerCache.

Answer : D

70-412 | Your network contains two DNS servers named DN51 and DNS2 that run Windows Server 2012 R2.DNS1 has a primary zone named contoso.com.

Question : 30

Your network contains two DNS servers named DN51 and DNS2 that run Windows Server 2012 R2.DNS1 has a primary zone named contoso.com. DNS2 has a secondary copy of the contoso.com zone.You need to log the zone transfer packets sent between DNS1 and DNS2.What should you configure?

A. Monitoring from DNS Manager
B. Logging from Windows Firewall with Advanced Security
C. A Data Collector Set (DCS) from Performance Monitor
D. Debug logging from DNS Manager

Answer : D

70-412 Sample Question : 14

Question : 14

Your network contains two Active Directory forests named contoso.com and adatum.com. Contoso.com contains one domain. Adatum.com contains a child domain named child.adatum.com. Contoso.com has a one-way forest trust to adatum.com. Selective authentication is enabled on the forest trust. Several user accounts are migrated from child.adatum.com to adatum.com. Users report that after the migration, they fail to access resources in contoso.com. The users successfully accessed the resources in contoso.com before the accounts were migrated. You need to ensure that the migrated users can access the resources in contoso.com. What should you do?

A. Replace the existing forest trust with an external trust.
B. Run netdom and specify the /quarantine attribute.
C. Disable SID filtering on the existing forest trust.
D. Disable selective authentication on the existing forest trust.

Answer: C

70-412 Sample Question : 13

Question : 13

Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2 and two domain controllers named DC1 and DC2. Both domain controllers are located in Site1. You install an additional domain controller named DC3 in Site1 and you ship DC3 to Site2. A technician connects DC3 to Site2. You discover that users in Site2 are authenticated by all three domain controllers. You need to ensure that the users in Site2 are authenticated by DC1 or DC2 only if DC3 is unavailable. What should you do?

A. From Network Connections, modify the IP address of DC3.
B. In Active Directory Sites and Services, modify the Query Policy of DC3.
C. From Active Directory Sites and Services, move DC3.
D. In Active Directory Users and Computers, configure the insDS-PrimaryComputer attribute for the users in Site2.

Answer: C

70-412 Sample Question : 12

Question : 12

Your network contains an Active Directory domain named adatum.com. The domain contains a server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate Services server role installed and is configured to support key archival and recovery. You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the private keys from the AD CS database. What should you do?

A. Assign User1 the Issue and Manage Certificates permission to Server1.
B. Assign User1 the Read permission and the Write permission to all certificate templates.
C. Provide User1 with access to a Key Recovery Agent certificate and a private key.
D. Assign User1 the Manage CA permission to Server1.

Answer: C

70-412 Sample Question : 11

Question : 11

Your network contains a server named Server1 that runs Windows Server 2012 R2.Server1 has the Active Directory Certificate Services server role installed and is configured as a standalone certification authority (CA).You install a second server named Server2.You install the Online Responder role service on Server2.You need to ensure that Server1 can issue an Online Certificate Status Protocol (OCSP) Response Signing certificate to Server2.What should you do?

A. On Server1,run the certutil.exe command and specify the-setreg parameter.
B. On Server2,run the certutil.exe command and specify the-policy parameter.
C. On Server1,configure Security for the OCSP Response Signing certificate template.
D. On Server2,configure Issuance Requirements for the OCSP Response Signing certificate template.

Answer: C

70-412 Sample Question : 10

Question : 10

You are employed as a senior network administrator at ABC.com. ABC.com has an Active Directory domain named ABC.com. All servers on the ABC.com network have Windows Server 2012 installed.You are running a training exercise for junior network administrators. You are currently discussing the use of a Scale-Out File Server in cluster environment.Which of the following should be installed prior to configuring a Scale-Out File Server? (Choose two.)

A. You should consider installing the File Server role service.

B. You should consider configuring the Quorum settings.

C. You should consider installing the Failover Clustering.

D. You should consider installing the Active Directory Certificate Services server role.

Answer: A,C

70-412 Sample Question : 9

Question : 9

You are employed as a network administrator at ABC.com. ABC.com has an Active Directory domain named ABC.com. All servers on the ABC.com network have Windows Server 2012 installed.ABC.com has a server, named ABC-SR07, which is configured as a DHCP server. You have created a superscope on ABC-SR07.Which of the following describes a reason for creating a superscope? (Choose all that apply.)

A. To support DHCP clients on a single physical network segment where multiple logical IP networks are used.

B. To allow for the sending of network traffic to a group of endpointsdestination hosts.

C. To support remote DHCP clients located on the far side of DHCP and BOOTP relay agents.

D. To provide fault tolerance.

Answer: A,C

70-412 Sample Question : 8

Question : 8

You are employed as a network administrator at ABC.com. ABC.com has an Active Directory domain named ABC.com. All servers on the ABC.com network have Windows Server 2012 installed.A ABC.com server, named ABC-SR13, which has a Server Core Installation of Windows Server 2012 installed and is configured as a file server. ABC-SR13 hosts shared folders that are configured to store previous versions.You have been instructed to make sure that the Previous Versions tab can be used by ABC.com’s users to open previous versions of the shared folders.Which of the following actions should you take?

A. You should consider making use of Diskcopy.

B. You should consider making use of Fsutil.

C. You should consider making use of Vssadmin.

D. You should consider making use of Filescrn.

E. You should consider making use of Wevtutil.

Answer: C

70-412 Sample Question : 7

Question : 7

You are employed as a network administrator at ABC.com. ABC.com has two Active Directory forests, named uk.ABC.com and us.ABC.com. All servers on the ABC.com network have Windows Server 2012 installed.A one-way forest trust has been configured from the us.ABC.com and the uk.ABC.com forests. A server, named ABC-SR13, in the us.ABC.com forest hosts a shared folder. This shared folder needs to be accessed by a user, named Mia Hamm.You have confirmed that the Read permission has been granted to the Authenticated Users group.You now need to make sure that Mia Hamm has access to the shared folder.Which of the following actions should you take?

A. You should consider altering the permissions for ABC-SR’s computer object in Active Directory.

B. You should consider granting Mia Hamm’s user account the necessary permissions.

C. You should consider altering the permissions for ABC-SR’s user object in Active Directory.

D. You should consider adding Mia Hamm’s user account to the Globl Administrators group.

Answer: A

Search Words: 70-412 Dumps real exam questions answers practice test braindumps, free Q&A online dumps download and free 70-412 Dumps discount coupon code available.

Leave a Comment.

8 + 17 =