QUESTION 161

Your company has a main office and a branch office. The main office is located in Seattle. The branch office is located in Montreal. Each office is configured as an Active Directory site.

 

The network contains an Active Directory domain named adatum.com. The Seattle office contains a file server named Server1. The Montreal office contains a file server named Server2.

 

The servers run Windows Server 2012 R2 and have the File and Storage Services server role, the DFS Namespaces role service, and the DFS Replication role service installed.

 

Server1 and Server2 each have a share named Share1 that is replicated by using DFS Replication.

 

You need to ensure that users connect to the replicated folder in their respective office when they connect to \\contoso.com\Share1.

 

Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

 

A.

Create a replication connection.

B.

Create a namespace.

C.

Share and publish the replicated folder.

D.

Create a new topology.

E.

Modify the Referrals settings.

 

Correct Answer: BCE

Explanation:

To share a replicated folder and publish it to a DFS namespace Click Start, point to Administrative Tools, and then click DFS Management. In the console tree, under the Replication node, click the replication group that contains the replicated folder you want to share. In the details pane, on the Replicated Folders tab, right-click the replicated folder that you want to share, and then click Share and Publish in Namespace. In the Share and Publish Replicated Folder Wizard, click Share and publish the replicated folder in a namespace, and then follow the steps in the wizard.

 

Note that: If you do not have an existing namespace, you can create one in the Namespace Path page in the Share and Publish Replicated Folder Wizard. To create the namespace, in the Namespace Path page, click Browse, and then click New Namespace.

 

To create a namespace

Click Start, point to Administrative Tools, and then click DFS Management. In the console tree, right-click the Namespaces node, and then click New Namespace. Follow the instructions in the New Namespace Wizard.

 

To create a stand-alone namespace on a failover cluster, specify the name of a clustered file server instance on the Namespace Server page of the New Namespace Wizard.

 

Important

Do not attempt to create a domain-based namespace using the Windows Server 2008 mode unless the forest functional level is Windows Server 2003 or higher. Doing so can result in a namespace for which you cannot delete DFS folders, yielding the following error message: “The folder cannot be deleted. Cannot complete this function. “

 

To share a replicated folder and publish it to a DFS namespace

1. Click Start, point to Administrative Tools, and then click DFS Management.

2. In the console tree, under the Replication node, click the replication group that contains the replicated folder you want to share.

3. In the details pane, on the Replicated Folders tab, right-click the replicated folder that you want to share, and then click Share and Publish in Namespace.

4. In the Share and Publish Replicated Folder Wizard, click Share and publish the replicated folder in a namespace, and then follow the steps in the wizard.

 

clip_image002

 

“You need to ensure that users connect to the replicated folder in their respective office when they connect to \\contoso.com\Share1”

 

clip_image003

clip_image005

 

http://technet.microsoft.com/en-us/library/cc731531.aspx

http://technet.microsoft.com/en-us/library/cc772778%28v=ws.10%29.aspx

http://technet.microsoft.com/en-us/library/cc732414.aspx

http://technet.microsoft.com/en-us/library/cc772379.aspx

http://technet.microsoft.com/en-us/library/cc732863%28v=ws.10%29.aspx

http://technet.microsoft.com/en-us/library/cc725830.aspx

http://technet.microsoft.com/en-us/library/cc771978.aspx

 

 

QUESTION 162

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed.

 

Server1 has a folder named Folder1 that is used by the sales department.

 

You need to ensure that an email notification is sent to the sales manager when a File Screening Audit report is generated.

 

What should you configure on Server1?

 

A.

a file group

B.

a file screen

C.

a file screen exception

D.

a storage report task

Correct Answer: D

Explanation:

From the Storage Reports Management node, you can generate reports that will help you understand file use on the storage server. You can use the storage reports to monitor disk usage patterns (by file type or user), identify duplicate files and dormant files, track quota usage, and audit file screening.

 

clip_image007

 

Before you run a File Screen Audit report, in the File Server Resource Manager Options dialog box, on the File Screen Audit tab, verify that the Record file screening activity in the auditing database check box is selected.

 

http://technet.microsoft.com/en-us/library/cc755988.aspx

http://technet.microsoft.com/en-us/library/cc730822.aspx

http://technet.microsoft.com/en-us/library/cc770594.aspx

http://technet.microsoft.com/en-us/library/cc771212.aspx

http://technet.microsoft.com/en-us/library/cc732074.aspx

 

 

QUESTION 163

Your network contains an Active Directory domain named adatum.com. The domain contains 10 domain controllers that run Windows Server 2012 R2.

 

You plan to create a new Active Directory-integrated zone named contoso.com.

 

You need to ensure that the new zone will be replicated to only four of the domain controllers.

 

What should you do first?

 

A.

Create an application directory partition.

B.

Create an Active Directory connection object.

C.

Create an Active Directory site link.

D.

Change the zone replication scope.

 

Correct Answer: A

Explanation:

Application directory partitions

An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only domain controllers running Windows Server 2003 can host a replica of an application directory partition.

 

 

QUESTION 164

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has the Remote Access server role installed.

 

DirectAccess is implemented on Server1 by using the default configuration.

 

You discover that DirectAccess clients do not use DirectAccess when accessing websites on the Internet.

 

You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess connection.

 

What should you do?

 

A.

Configure a DNS suffix search list on the DirectAccess clients.

B.

Configure DirectAccess to enable force tunneling.

C.

Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client Settings Group Policy object (GPO).

D.

Enable the Route all traffic through the internal network policy setting in the DirectAccess Server Settings Group Policy object (GPO).

 

Correct Answer: B

Explanation:

With IPv6 and the Name Resolution Policy Table (NRPT), by default, DirectAccess clients separate their intranet and Internet traffic as follows:

DNS name queries for intranet fully qualified domain names (FQDNs) and all intranet traffic is exchanged over the tunnels that are created with the DirectAccess server or directly with intranet servers. Intranet traffic from DirectAccess clients is IPv6 traffic.

DNS name queries for FQDNs that correspond to exemption rules or do not match the intranet namespace, and all traffic to Internet servers, is exchanged over the physical interface that is connected to the Internet. Internet traffic from DirectAccess clients is typically IPv4 traffic.

In contrast, by default, some remote access virtual private network (VPN) implementations, including the VPN client, send all intranet and Internet traffic over the remote access VPN connection. Internet-bound traffic is routed by the VPN server to intranet IPv4 web proxy servers for access to IPv4 Internet resources. It is possible to separate the intranet and Internet traffic for remote access VPN clients by using split tunneling. This involves configuring the Internet Protocol (IP) routing table on VPN clients so that traffic to intranet locations is sent over the VPN connection, and traffic to all other locations is sent by using the physical interface that is connected to the Internet. You can configure DirectAccess clients to send all of their traffic through the tunnels to the DirectAccess server with force tunneling. When force tunnel
ing is configured, DirectAccess clients detect that they are on the Internet, and they remove their IPv4 default route. With the exception of local subnet traffic, all traffic sent by the DirectAccess client is IPv6 traffic that goes through tunnels to the DirectAccess server.

 

 

 

 

 

 

 

QUESTION 165

HOTSPOT

You have a server named LON-SVR1 that runs Windows Server 2012 R2. LON-SVR1 has the Remote Access server role installed. LON-SVRl is located in the perimeter network.

 

The IPv4 routing table on LON-SVR1 is configured as shown in the following exhibit. (Click the Exhibit button.)

 

clip_image009

 

Your company purchases an additional router named Router1. Router1 has an interface that connects to the perimeter network and an interface that connects to the Internet. The IP address of the interface that connects to the perimeter network is 172.16.0.2.

 

You need to ensure that LON-SVR1 will route traffic to the Internet by using Router1 if the current default gateway is unavailable.

 

How should you configure the static route on LON-SVR1?

 

To answer, select the appropriate static route in the answer area.

 

clip_image011

 

Correct Answer:

clip_image013

 

 

QUESTION 166

HOTSPOT

Your network contains a DNS server named Server1 that runs Windows Server 2012 R2. Server1 has a zone namedcontoso.com. The network contains a server named Server2 that runs Windows Server 2008 R2. Server1 and Server2 are members ofan Active Directory domain named contoso.com.

 

You change the IP address of Server2.

 

Several hours later, some users report that they cannot connect to Server2.

 

On the affected users’ client computers, you flush the DNS client resolver cache, and the users successfully connect to Server2.

 

You need to reduce the amount of time that the client computers cache DNS records from contoso.com.

 

Which value should you modify in the Start of Authority (SOA) record?

 

To answer, select the appropriate setting in the answer area.

 

clip_image015

 

Correct Answer:

clip_image017

 

 

QUESTION 167

Your network contains a single Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that hosts the primary DNS zone for contoso.com.

 

All servers dynamically register their host names.

 

You install three new Web servers that host identical copies of your company’s intranet website. The servers are configured as shown in the following table.

 

clip_image019

 

You need to use DNS records to load balance name resolution queries for intranet.contoso.com between the three Web servers.

 

What is the minimum number of DNS records that you should create manually?

 

A.

1

B.

3

C.

4

D.

6

 

Correct Answer: B

Explanation:

To create DNS Host (A) Records for all internal pool servers

1. Click Stabrt, click All Programs, click Administrative Tools, and then click DNS.

2. In DNS Manager, click the DNS Server that manages your records to expand it.

3. Click Forward Lookup Zones to expand it.

4. Right-click the DNS domain that you need to add records to, and then click New Host (A or AAAA).

5. In the Name box, type the name of the host record (the domain name will be automatically appended).

6. In the IP Address box, type the IP address of the individual Front End Server and then select Create associated pointer (PTR) record or Allow any authenticated user to update.

DNS records with the same owner name, if applicable.

7. Continue creating records for all member Front End Servers that will participate in DNS Load Balancing.

For example, if you had a pool named pool1.contoso.com and three Front End Servers, you would create the following DNS entries:

 

clip_image021

 

http://technet.microsoft.com/en-us/library/cc772506.aspx

http://technet.microsoft.com/en-us/library/gg398251.aspx

 

 

QUESTION 168

Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2.

 

You mount an Active Directory snapshot on DC1.

 

You need to expose the snapshot as an LDAP server.

 

Which tool should you use?

 

A.

Ldp

B.

ADSI Edit

C.

Dsamain

D.

Ntdsutil

 

Correct Answer: C

Explanation:

dsamain /dbpath E:\$SNAP_200704181137_VOLUMED$\WINDOWS\NTDS\ntds. dit /ldapport51389

 

clip_image023

 

http://technet.microsoft.com/en-us/library/cc753609(v=ws.10).aspx

 

 

QUESTION 169

Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 R2.

 

You have a Password Settings object (PSOs) named PSO1.

 

You need to view the settings of PSO1.

 

Which tool should you use?

 

A.

Get-ADDefaultDomainPasswordPolicy

B.

Active Directory Administrative Center

C.

Local Security Policy

D.

Get-ADAccountResultantPasswordReplicationPolicy

 

Correct Answer: B

Explanation:

In Windows Server 2012, fine-grained password policy management is made much easier than Windows Server 2008/2008 R2. Windows Administrators not have to use ADSI Edit and configure complicated settings to create the Password Settings Object (PSO) in the Password Settings Container. Instead we can configure fine-grained password policy directly in Active Directory Administrative Center (ADAC).

 

 

QUESTION 170

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2.

 

Administrators use client computers that run Windows 8 to perform all management tasks.

 

A central store is configured on a domain controller named DC1.

 

You have a custom administrative template file named App1.admx. App1.admx contains application settings for an application named Appl.

 

From a client computer named Computer1, you create a new Group Policy object (GPO) named GPO1.

 

You discover that the application settings for App1 fail to appear in GPO1.

 

You need to ensure that the App1 settings appear in all of the new GPOs that you create.

 

What should you do?

 

A.

From the Default Domain Controllers Policy, add App1.admx to the Administrative Templates.

B.

Copy App1.admx to \\Contoso.com\SYSVOL\Contoso.com\Policies\PolicyDefinitions\.

C.

From the Default Domain Policy, add App1.admx to the Administrative Templates.

D.

Copy App1.admx to \\Contoso.com\SYSVOL\Contoso.com\StarterGPOs.

 

Correct Answer: B

Explanation:

To take advantage of the benefits of .admx f
iles, you must create a Central Store in the SYSVOL folder on a domain controller. The Central Store is a file location that is checked by the Group Policy tools. The Group Policy tools use any .admx files that are in the Central Store. The files that are in the Central Store are later replicated to all domain controllers in the domain.

 

Free VCE & PDF File for Microsoft 70-411 Real Exam

Instant Access to Free VCE Files: MCSE|MCSA|MCITP…
Instant Access to Free PDF Files: MCSE|MCSA|MCITP…