Ensurepass

QUESTION 101

HOTSPOT

You have a file server named Server1 that runs Windows Server 2012 R2.

 

Server1 contains a file share that must be accessed by only a limited number of users.

 

You need to ensure that if an unauthorized user attempts to access the file share, a custom access-denied message appears, which contains a link to request access to the share. The message must not appear when the unauthorized user attempts to access other shares.

 

Which two nodes should you configure in File Server Resource Manager?

 

To answer, select the appropriate two nodes in the answer area.

 

clip_image002

 

Correct Answer:

clip_image004

 

 

 

 

 

 

 

 

 

QUESTION 102

Your network contains three servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2. You need to ensure that Server1 can provide iSCSI storage for Server2 and Server3. What should you do on Server1?

 

A.

Start the Microsoft iSCSI Initiator Service and configure the iSCSI Initiator Properties.

B.

Install the iSNS Server service feature and create a Discovery Domain.

C.

Install the Multipath I/O (MPIO) feature and configure the MPIO Properties.

D.

Install the iSCSI Target Server role service and configure iSCSI targets.

 

Correct Answer: D

Explanation:

iSCSI: it is an industry standard protocol allow sharing block storage over the Ethernet. The server shares the storage is called iSCSI Target. The server (machine) consumes the storage is called iSCSI initiator. Typically, the iSCSI initiator is an application server. For example, iSCSI Target provides storage to a SQL server, the SQL server will be the iSCSI initiator in this deployment.

 

Target: It is an object which allows the iSCSI initiator to make a connection. The Target keeps track of the initiators which are allowed to be connected to it. The Target also keeps track of the iSCSI virtual disks which are associated with it. Once the initiator establishes the connection to the Target, all the iSCSI virtual disks associated with the Target will be accessible by the initiator.

iSCSI Target Server: The server runs the iSCSI Target. It is also the iSCSI Target role name in Windows Server 2012.

 

clip_image006

 

 

QUESTION 103

HOTSPOT

You have a server named Server1 that runs Windows Server 2012 R2.

 

You are configuring a storage space on Server1.

 

You need to ensure that the storage space supports tiered storage.

 

Which settings should you configure?

 


To answer, select the appropriate options in the answer area.

 

clip_image008

 

Correct Answer:

clip_image010

 

 

QUESTION 104

HOTSPOT

Your company has a main office and a branch office. An Active Directory site exists for each office.

 

The network contains an Active Directory forest named contoso.com. The contoso.com domain contains three member servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2.

 

In the main office, you configure Server1 as a file server that uses BranchCache.

 

In the branch office, you configure Server2 and Server3 as BranchCache hosted cache servers.

 

You are creating a Group Policy for the branch office site.

 

Which two Group Policy settings should you configure?

 

To answer, select the appropriate two settings in the answer area.

 

clip_image012

 

Correct Answer:

clip_image014

 

 

 

 

 

 

QUESTION 105

HOTSPOT

Your company has a main office and a branch office. The main office is located in Detroit. The branch office is located in Seattle.

 

The network contains an Active Directory domain named adatum.com. Client computers run either Windows 7 Enterprise or Windows 8 Enterprise.

 

The main office contains 1,000 client computers and 50 servers. The branch office contains 20 client computers.

 

All computer accounts for the branch office are located in an organizational unit (OU) named SeattleComputers. A Group Policy object (GPO) named GPO1 is linked to the SeattleComputers OU.

 

You need to configure BranchCache for the branch office.

 

clip_image015

 

Correct Answer:

clip_image016

 

 

 

 

 

 

 

 

QUESTION 106

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. You are creating a central access rule named TestFinance that will be used to grant members of the Authenticated users group access to a folder stored on a Microsoft SharePoint Server 2013 server. You need to ensure that the permissions are granted when the rule is published. What should you do?

 

A.

Set the Permissions to Use the following permissions as proposed permissions.

B.

Set the Permissions to Use following permissions as current permissions.

C.

Add a Resource condition to the current permissions entry for the Authenticated Users principal.

D.

Add a User condition to the current permissions entry for the Authenticated Users principal.

 

Correct Answer: B

 

 

QUESTION 107

HOTSPOT

You have a server that runs Windows Server 2012 R2 and has the iSCSI Target Server role service installed.

 

You run the New-IscsiVirtualDisk cmdlet as shown in the New-IscsiVirtualDisk exhibit. (Click the Exhibit button.)

 

clip_image018

 

To answer, complete each statement according to the information presented in the exhibits. Each correct selection is worth one point.

 

clip_image020

 

Correct Answer:

clip_image022

 

 

QUESTION 108

Your network contains an Active Directory domain named contoso.com. The network contains a file server named Server1 that runs Windows Server 2012 R2. You are configuring a central access policy for temporary employees. You enable the Department resource property and assign the property a suggested value of Temp. You need to configure a target resource condition for the central access rule that is scoped to resources assigned to Temp only. Which condition should you use?

 

A.

(Temp.Resource Equals “Department”)

B.

(Resource.Temp Equals “Department”)

C.

(Resource.Department Equals “Temp”)

D.

(Department.Value Equals “Temp”)

 

Correct Answer: C

Explanation:

http://technet.microsoft.com/fr-fr/library/hh846167.aspx

clip_image024

 

 

QUESTION 109

Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2 and two domain controllers named DC1 and DC2. Both domain controllers are located in Site1. You install an additional domain controller named DC3 in Site1 and you ship DC3 to Site2. A technician connects DC3 to Site2. You discover that users in Site2 are authenticated by all three domain controllers. You need to ensure that the users in Site2 are authenticated by DC1 or DC2 only if DC3 is unavailable. What should you do?

 

A.

From Network Connections, modify the IP address of DC3.

B.

In Active Directory Sites and Services, modify the Query Policy of DC3.

C.

From Active Directory Sites and Services, move DC3.

D.

In Active Directory Users and Computers, configure the insDS-PrimaryComputer attribute for the users in Site2.

 

Correct Answer: C

Explanation:

A. Modifying IP will not effect authentication

B. A query policy prevents specific Lightweight Directory Access Protocol (LDAP) operations from adversely impacting the performance of the domain controller and also makes the domain controller more resilient to denial-of-service attacks.

C. DC3 needs to be moved to Site2 in AD DS

http://technet.microsoft.com/en-us/library/cc778098(v=ws.10).aspx

http://technet.microsoft.com/en-us/library/cc759326(v=ws.10).aspx

 

 

 

QUESTION 110

Your network contains two Active Directory forests named contoso.com and litwareinc.com. A two-way forest trusts exists between the forest. Selective authentication is enabled on the trust. The contoso.com forest contains a server named Server1. You need to ensure that users in litwareinc.com can access resources on Server1. What should you do?

 

A.

Install Active Directory Rights Management Services on a domain controller in contoso.com.

B.

Modify the permission on the Server1 computer account.

C.

Install Active Directory Rights Management Services on a domain controller in litwareinc.com.

D.

Configure SID filtering on the trust.

 

Correct Answer: B

Explanation:

Selective authentication between forests

If you decide to set selective authentication on an incoming forest trust, you need to manually assign permissions on each computer in the domain as well as the resources to which you want users in the second forest to have access. To do this, set a control access right Allowed to authenticate on the computer object that hosts the resource in Active Directory Users and Computers in the second forest. Then, allow user or group access to the particular resources you want to share.

Reference: Accessing resources across forests

 

Free VCE & PDF File for Microsoft 70-412 Real Exam

Instant Access to Free VCE Files: MCSE|MCSA|MCITP…
Instant Access to Free PDF Files: MCSE|MCSA|MCITP…