QUESTION 241
You have a Direct Access Server named Server1 running Server 2012. You need to add prevent users from accessing websites from an Internet connection. What should you configure?
|
A. |
Split Tunneling |
|
B. |
Security Groups |
|
C. |
Force Tunneling |
|
D. |
Network Settings |
Correct Answer: C
QUESTION 242
Your network contains an Active Direct
ory domain named contoso.com. The domain does not contain a certification authority (CA). All servers run Windows Server 2012. All client computers run Windows 8. You need to add a data recovery agent for the Encrypting File System (EFS) to the domain. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two).
|
A. |
From the Default Domain Controllers policy, select Create Data Recovery Agent. |
|
B. |
From the Default Domain Controllers policy, select Add Data Recovery Agent. |
|
C. |
From Windows PowerShell, run Get-Certificate. |
|
D. |
From the Default Domain Policy, select Add Data Recovery Agent. |
|
E. |
From a command prompt, run cipher.exe. |
|
F. |
From the Default Domain Policy, select Create Data Recovery Agent. |
Correct Answer: DE
QUESTION 243
DRAG DROP
Your network contains an Active Directory domain named contoso.com. You have a failover cluster named Cluster1. All of the nodes in Cluster1 have BitLocker Drive Encryption (BitLocker) installed. You plan to add a new volume to the shared storage of Cluster1. You need to add the new volume to the shared storage. The solution must meet the following requirements:
Encrypt the volume.
![clip_image002[1]](http://www.pass-exams.com/wp-content/uploads/2016/10/clip_image0021-3.gif "clip_image002[1]"){kind=small}
Avoid using maintenance mode on the cluster.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Correct Answer:
QUESTION 244
Your network contains an Active Directory domain named contoso.com. The domain functional level in Windows Server 2008. All domain controllers run Windows Server 2008 R2. The domain contains a file server named Server1 that runs Windows Server 2012. Server1 has a BitLocker Drive Encryption (BitLocker)-encrypted drive. Server1 uses a trusted Platform Module (TPM) chip. You enable the Turn on TPM backup to Active Directory Domain Services policy setting by using a Group Policy object (GPO). You need to ensure that you can back up the BitLocker recovery information to Active Directory. What should you do?
|
A. |
Upgrade a domain controller to Windows 2012. |
|
B. |
Enable the Store BitLocker recovery information in the Active Directory Services (Windows Server2008 and Windows Vista) policy settings. |
|
C. |
Raise the forest functional level to Windows 2008 R2. |
|
D. |
Add a BitLocker data recovery agent |
Correct Answer: B
QUESTION 245
HOTSPOT
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012. The domain contains an organizational unit (OU) named FileServers_OU. FileServers_OU contains the computer accounts for all of the file servers in the domain. You need to audit the users who successfully access shares on the file servers. Which audit category should you configure?
To answer, select the appropriate category in the answer area.
Correct Answer:
QUESTION 246
Your network contains an Active Directory domain named contoso.com. The domain does not contain a certification authority (CA). All servers run Windows Server 2012. All client computers run Windows 8. You need to add a data recovery agent for the Encrypting File System (EFS) to the domain. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
|
A. |
From Windows PowerShell, run Get-Certificate. |
|
B. |
From the Default Domain Controllers Policy, select Create Data Recovery Agent. |
|
C. |
From the Default Domain Policy, select Add Data Recovery Agent. |
|
D. |
From a command prompt, run cipher.exe. |
|
E. |
From the Default Domain Policy, select Create Data Recovery Agent. |
|
F. |
From the Default Domain Controllers Policy, select Add Data Recovery Agent. |
Correct Answer: CD
QUESTION 247
Your network contains an Active Directory domain named contoso.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table.
You are creating a Distributed File System (DFS) namespace as shown in the exhibit.
You need to identify which configuration prevents you from creating a DFS namespace in Windows Server 2008 mode. Which configuration should you identify?
|
A. |
The location of the PDC emulator role |
|
B. |
The functional level of the domain |
|
C. |
The operating system on Server1 and Server3 |
|
D. |
The location of the RID master role |
Correct Answer: B
QUESTION 248
Your domain has contains a Windows 8 computer name Computer1 using BitLocker. The E:\ drive is encrypted and currently locked. You need to unlock the E:\ drive with the recovery key stored on C:\. What should you run?
|
A. |
Unlock-BitLocker |
|
B. |
Suspend-BitLocker |
|
C. |
Enable-BitLockerAutoUnloc |
|
D. |
Disable-BitLocker |
Correct Answer: A
QUESTION 249
On the DFS replication your receive a wrap error on the sysvol on domain controller 4. Which 3 steps should you do to recover this error in the correct order?
|
A. |
Stop FSR |
|
B. |
Start FSR |
|
C. |
Edit the computer object in AD |
|
D. |
Edit the registry |
|
E. |
Stop DFSR |
|
F. |
Start DFRS |
Correct Answer: ABD
QUESTION 250
Your network contains an Active Directory domain named contoso.com. The domain functional level is Windows Server 2008. All domain controllers run Windows Server 2008 R2. The domain contains a file server named Server1 that runs Windows Server 2012. Server1 has a BitLocker Drive Encryption (BitLocker)-encrypted drive. Server1 uses a Trusted Platform Module (TPM) chip. You enable the Turn on TPM backup to Active Directory Domain Services policy setting by using a Group Policy object (GPO). You need to ensure that you can back up the BitLocker recovery information to Active Directory. What should you do?
|
A. |
Raise the forest functional level to Windows Server 2008 R2. |
|
B. |
Enable the Configure the level of TPM owner authorization information available to the operating system policy setting and set the Operating system managed TPM authentication level to None. |
|
C. |
Add a BitLocker data recovery agent. |
|
D. |
Import the TpmSchemaExtension.ldf and TpmSchemaExtensionACLChanges.ldf schema extensions to the Active Directory schema. |
Correct Answer: D
Free VCE & PDF File for Microsoft 70-411 Real Exam
Instant Access to Free VCE Files: MCSE|MCSA|MCITP…
Instant Access to Free PDF Files: MCSE|MCSA|MCITP…
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF
