GreatExam 70-417 braindumps including the exam questions and the answer, completed by our senior IT lecturers and the Microsoft product experts, include the current newest 70-417 exam questions.
QUESTION 561
The Domain Name System (DNS) supports numerous types of entries.
Which listing type associates a domain name, such as www.google.com, with an IP address?
A. A
B. CNAME
C. MX
D. PTR
Answer: A
Explanation:
domains are managed through a worldwide system of domain registrars and databases. The DNS (Domain Name System) provides mappings between human-readable computer hostnames and the IP addresses used by the network devices. Basic knowledge of DNS and domain registrars help administrators manage domains. Domain names are used in URLs and e-mail addresses that are associated with one or more IP addresses. Domain names consist of several levels. For example, the domain name “mail.contoso.com” for the following three levels:
.com is the top-level domain.
contoso is the second-level domain.
mail is the third level domain.
Understanding DNS record types and functions
DNS records are used to route traffic from one and a domain. These entries a domain name of a specific IP address is assigned. The following commonly used DNS records and their functions are listed:
Name Server Entry
Specifies which name servers are used as the authoritative name server for a given domain. DNS information can be temporarily stored on multiple name servers, after the non-authoritative name server caches contact but the authoritative name server to obtain updated information about a domain.
A record (address entry) assigns a domain name to an IP address.
CNAME
record (Alias or canonical name) Specifies that it is the domain name is an alias of another canonical domain name. When hit by a name server for a domain and a CNAME record is found, the first domain name is replaced with the CNAME and then looks for the new name.
MX record
(mail exchanger) Specifies the server are routed to the e-mails. The entry also contains a priority field so that e-mail messages can be sent in the prescribed sequence to multiple servers.
SPF
(Sender Policy Framework) A verification system for e-mail, which was developed to prevent e-mail spoofing and phishing-.
SRV
record (service record) Specifies information about available services. SRV records are used by some Microsoft cloud services such as Lync Online and Exchange Online, for coordinating the flow of information between different services.
QUESTION 562
Your company network includes a router with the name Router1. Router1 provides access to the Internet. You use a Windows Server 2012 R2 computer that is named Server1.
Server1 used Router1 as the default gateway.
One of your colleagues take a new router with the name Router2 in operation.
Router2 also provides access to the Internet.
The internal interface of Router2 is configured with the IP address 10.1.14.254.
You need to configure Server1 so that Router2 is used for connections to Internet resources when Router1 fails.
What step to run on Server1?
A. Create a route to network 10.1.14.0/24. Enter the IP address 10.1.14.254 as a gateway for the route and set the metric of the route with 500 fixed.
B. Add the IP address 10.1.14.254 as the default gateway added and set the metric of the route with 500 fixed.
C. Create a route to network 10.1.14.0/24. Enter the IP address 10.1.14.254 as a gateway for the route and set the metric of the route with 1 fixed.
D. Add the IP address 10.1.14.254 as the default gateway added and set the metric of the route with 1 fixed.
Answer: B
Explanation:
The metric indicates the cost of a route. Existence to a destination several routes at different speeds, availability or connection costs, as can be done with the metric to prioritize the route using. The higher the value of the metric of a route, the higher the costs and correspondingly lower the route is prioritized. Since Windows XP Professional defaults automatically assigned to the metric based on the transmission rate. The interface metric is added to the metric of a default gateway. The sum results in the effective metric of the resulting default route.
QUESTION 563
Your corporate network includes an Active Directory Domain Services (AD DS) domain certbase.de named.
You have a new Group Policy object (GPO) created to configure the Windows Update settings. Currently the client computers are configured so that updates can be downloaded from the Microsoft Update servers gladen.
The users determine when the updates are installed.
To configure the client computer so that Windows updates are installed automatically.
Which policy will configure?
A. Enable Windows Update Power Management to reactivate the system to install scheduled updates automatically.
B. Configure Automatic Updates
C. Specify intranet Microsoft update service
D. Search frequency for automatic updates
E. Install Automatic Updates Immediately
F. Enable Client-side target allocation
Answer: B
Explanation:
Notes:
The policy Configure Automatic Updates. Specifies whether the computer receives security updates and other important downloads through the Windows Automatic Updates service and when they are installed If the service is enabled, you must select in the Group Policy setting one of the following four options :
2 = notify before downloading any updates and notify again before installation. If Windows detects updates that can be applied to the computer, an icon in the status area with a message that informs you that updates are available for download. Clicking the icon or message, you can select to download updates. The selected updates are then downloaded from Windows in the background. After downloading is complete, an icon in the status area again displayed that informs you that the updates can be installed. When you click the icon or message, you can select the updates that you want to install.
Automatically download 3 = (default) updates and notify you of updates installable Windows checks for updates that can be applied to the computer, and loads these automatically in the background without (the user is not notified during the process or disturbed). After downloading has been completed, the status area, the icon is displayed, informing you that the updates can be installed. When you click the icon or message, you can select the updates that you want to install.
Automatically download 4 = Updates and schedule that I specify install Specify the schedule using the options in the Group Policy setting. By default installations are planned daily for 3 clock in the morning, if no timetable is given. The completion of the update installation, if a restart is required, Windows will automatically restart the computer. (If a user is logged on to the computer when Windows is restarted, the user is notified and can delay the restart.) Windows 8 and Windows RT: The option to specify the schedule in the Group Policy setting has no effect.
The planning option under “Computer Configuration” -> “Administrative Templates” -> “Windows Components” – specify> “Activation limit for maintenance” -> “Maintenance Schedule”.
By default installations are planned during the standard maintenance window at 3 clock in the morning, if no timetable is given. To complete the installation of security updates, if a restart is required, Windows automatically restarts the computer after the user has been notified of an impending automatic restart in a given period. If a user is logged on to the computer and a potential state or data loss is present when Windows is restarted, the restart is delayed until next unlock the computer by the user.
5 = places allow administrators to select the configuration mode for the update installation through Automatic Updates This option can be enabled with local administrators, on the Control Panel icon “Automatic Updates” option to select a configuration. You can select a date for a planned installation example itself. Local administrators will not be allowed to disable the configuration for “Automatic Updates”. If you want to use this setting, click “Enable”, and then select one of the options (2, 3, 4 or 5). If you choose option 4, you can set a regular schedule (no schedule specifying all installations are carried out by 3 clock in the morning every day). In Windows 8 and Windows RT, you can define “Activation limit for maintenance Computer Configuration \ Administrative Templates \ Windows Components \ Maintenance Schedule \” the schedule below. If no schedule is specified, all installations are carried out during the standard maintenance window at 3 clock in the morning.
QUESTION 564
Your corporate network includes an Active Directory Domain Services (AD DS) domain cblabs.de named. The domain contains two Windows Server 2012 R2 member server with the name Server3 and Server4. Your manager wants to implement a centralized location where the system events of all servers in the domain can be collected.
One of your colleagues created on Server3 a collection initiated event subscription for Server4. To determine that Server3 has received no events of Server4 and check the runtime status of the subscription.
The runtime status shows the following error: The value passed to a system call data area is too small. You must ensure that the system events can be collected from Server4 on Server3. What settings you will configure? (To be configured dialog box is shown in the picture. Click the Drawing button.)
A. Target Protocol
B. Select Computer
C. Select events
D. Advanced
Answer: C
Explanation:
The error message described above can occur if selected during Initials transfer too many events. To avoid the problem, the number of events for the first transmission should be reduced by limiting the event categories. Once the initial merge is successfully completed, the selection of events can be expanded again. There is a post in the Windows support forums, describing the error and correct it.
QUESTION 565
Your corporate network includes an Active Directory Domain Services (AD DS) domain contoso.com . On all domain controllers running Windows Server 2012 R2 is installed.
A support technician installed at an outdoor location Windows Server 2012 R2 on a server named DC10.
DC10 is currently a member of a workgroup.
You plan DC10 to a read-only domain controller (RODC) heraufzustufen.
You must ensure that a user can promoted to a read-only domain controller with the username certbase \ Tom DC10.
Your solution must the permissions that are granted to Tom, minimize.
How do you proceed?
A. Take DC10 to the domain. Run Dsmod.exe and enter the parameter / server to.
B. Use the console Active Directory Users and Computers, and then run the wizard for assigning object management for the domain object from contoso.com.
C. Use the Active Directory Administrative Center and create an account for a read-only domain controller.
D. Use the command-line utility Dsmgmt.exe and run the command Local Roles from.
Answer: C
Explanation:
Use the context menu of the container domain controller you can access an assistant for a preliminary deployment of an account for a read-only domain controller. The wizard asks the name of the RODC, the destination site and the user account of a person from whom the permissions are delegated to install the read-only domain controller. The figure shows the relevant page of the wizard:
QUESTION 566
Your corporate network includes an Active Directory Domain Services (AD DS) domain contoso.local. The domain contains two Active Directory sites with the names Site1 and Site2. You are planning to provide a read-only domain controller (RODC) named RODC 1 in Site2.
You use the console Active Directory Users and Computers and prepare an account for a read-only domain controller.
You must determine which domain controller is used during the promotion process of RODC 1 for the initial replication.
Which tab in the properties of the prepared computer account you are using ? (to be configured dialog box shown in the picture. Click the Drawing button.)
A. General
B. Password Replication Policy
C. Attribute Editor
D. Location
E. Dialup
F. Delegation
Answer: A
Explanation:
About the Register General can be accessed on the NTDS settings RODC-1. In the properties of the NTDS Settings of the source DC for replication is listed:
QUESTION 567
Your corporate network includes an Active Directory Domain Services (AD DS) domain contoso.local.
All servers running Windows Server 2012 R2 is installed.
To configure three domain controller server as a global catalog.
The domain controller associated with a site called SiteA.
You open the snap-in Active Directory Sites and Services.
Which settings should you edit?
A. The settings of the subnet that is associated with SiteA.
B. The settings of the Location object of SiteA.
C. The NTDS Site Settings from SiteA.
D. The NTDS Settings of the three domain controllers.
Answer: D
Explanation:
Enabling the Global Catalog is done at the level of the domain controller in the NTDS Settings for the domain controller.
QUESTION 568
Your network includes an Active Directory Domain Services (AD DS) domain contoso.loca.
The domain contains a Windows Server 2012 R2 member server named Server1.
To create a group managed service account named gService1.
You must configure a service named service1 so that it is executed in the security context of gService1 account.
How do you proceed?
A. Run the PowerShell cmdlet Set-Service in conjunction with the parameter -PassThrough.
B. At a command prompt with elevated privileges, the command-line utility SC.exe in conjunction with the parameter config.
C. Perform at the PowerShell cmdlet set service in conjunction with the parameter -StartupType.
D. At a command prompt with elevated privileges, the command-line utility SC.exe in connection with the parameter control of.
Answer: B
Explanation:
This command-line utility Sc.exe beietet extensive options for configuring and controlling services. The identity of a service can be set, for example with the following call:
Sc config Dienst1 obj=CertBase\gService1 password=myPassword
QUESTION 569
Your network contains an Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 that runs Windows Server 2012.
You have a Group Policy object (GPO) named GPO1 that contains several custom Administrative templates.
You have the display for the settings of the GPO filter so that only settings are shown that are removed from the registry when the GPO is no longer in range of the computer or the user.
Your solution must ensure that only settings are displayed that are either enabled or disabled and do not contain a comment.
How should you configure the filter?
To answer, select the appropriate options below. Select three.
A. Set Managed to: Yes
B. Set Managed to: No
C. Set Managed to: Any
D. Set Configured to: Yes
E. Set Configured to: No
F. Set Configured to: Any
G. Set Commented to: Yes
H. Set Commented to: No
I. Set Commented to: Any
Answer: ADH
QUESTION 570
Your network contains an Active Directory domain named contoso.com.
All client computers run Windows 8 Pro.
You have a Group Policy object (GPO) named GP1. GP1 is linked to the domain. GP1 contains the Windows Internet Explorer 10 and 11 Internet Settings.
The settings are shown in the exhibit.
Users report that when they open Windows Internet Explorer, the home page is NOT set to http:// www.contoso.com.
You need to ensure that the home page is set to http://www.contoso.com the next time users log on to the domain.
What should you do?
A. On each client computer, run gpupdate.exe.
B. Open the Internet Explorer 10 and 11 Internet Settings, and then press F5.
C. Open the Internet Explorer 10 and 11 Internet Settings, and then modify the Tabs settings.
D. On each client computer, run Invoke-GPupdate.
Answer: B
Explanation:
Since the introduction of Windows Server 2012 and Windows 8, you can group policy settings for all computers in an organizational unit remotely from a central location using the Group Policy Management Console (Group Policy Management Console GPMC) update. Alternatively you can use the Invoke-GPUpdate cmdlet to update the Group Policy of a sentence using computer, which is not limited to the organizational unit, for example, if the computers are located in the default Computers container. When Remote Update Group Policy all Group Policy settings to be updated, including for group of remote computers specified security settings. For this functionality is used, which was added to the context menu of an organizational unit in the Group Policy Management Console (GPMC). If you select an organizational unit for the remote update of the Group Policy settings on all computers that OU, the following actions occur:
An Active Directory query returns a list of all computers in the organizational unit back.
For each computer the selected organizational unit WMI call retrieves the list of registered users.
A remote scheduled task is created to Gpupdate.exe / force run for each logged-in user and once to update the Group Policy of the computer. The scheduled task is scheduled to run with a random delay of up to 10 minutes to reduce the burden of network traffic. This random delay can not be configured when using the GPMC. By contrast, you can configure or specify that the scheduled task when using the random delay for the scheduled task Invoke-GPUpdate cmdlets is executed immediately.
QUESTION 571
Your corporate network includes an Active Directory Domain Services (AD DS) domain contoso. On all domain controllers running Windows Server 2012 R2 is installed.
The domain contains a Group Policy object (GPO) named GPO1.
One of your colleagues makes a backup of GPO1 and stores them on a USB flash drive.
You connect the USB flash drive with a domain controller named dc1.contoso.
You must identify the domain-specific references in GPO1.
How do you proceed?
A. from migrator table editor, click populate from gpo
B. from migrator table editor, click populate from backup
C. from gpm, run Group Policy Management modelling wizard
D. from Group Policy Management, run gp results wizard
Answer: B
Explanation:
A migration table is when you copy or import a GPO (Group Policy Object, GPO) from one domain or forest used in another. The biggest challenge when migrating GPOs from one domain or forest to another is that some information in the GPO specifically relate to the domain or forest where the GPO is defined.
When transferring the GPO to a new domain or forest, it is not always desirable or possible to use exactly the same settings.
You can use a migration table to refer to users, groups, computers, and UNC paths in the source GPO and then new values in the destination GPO to assign.
QUESTION 572
Your corporate network includes an Active Directory Domain Services (AD DS) domain contoso. On all domain controllers Windows Server 2012 R2 is installed. The domain contains two organizational units (OUs) containing the names OU1 and OU2. Both organizational units are located in the root directory of the domain. They create two GPOs (GPOs) containing the names and GPO1 GPO2.
To associate with GPO1 OU1 and OU2 GPO2 with. OU1 contains a computer account named Desktop1.
OU2 includes a user account that is named User1.
You must make sure that is GPO1 applied to user1 when user1 logs in.
What do you configure?
A. The Group Policy Object Status.
B. The Group Policy Object Links.
C. The option Enforced.
D. The security filtering
Answer: B
Explanation:
To ensure that the settings are applied from GPO1 on User1, we can either move the account of user1 in the organizational unit OU1 or link the GPO GPO1 in addition to the existing link with OU1 with OU2. Alternatively, it would also be possible to activate the loopback processing for the user settings.
QUESTION 573
They are active as an IT consultant for a fashion company.
The company uses an Active Directory forest with a single domain.
The manager of the company reports that it gets displayed a desktop background, whom he has not chosen himself.
In an interview with the IT department, you will learn that a former colleague more than 20 Group Policy objects (GPOs) created and it has not yet succeeded, determine which GPO configures the desktop background of the manager.
How do you support the IT department in solving the problem?
A. From Group Policy Management, run the Group Policy Results Wizard.
B. Run the Group Policy Results Wizard for the computer account of the manager.
C. Run the Group Policy Results Wizard for the user account of the manager.
D. Run the Group Policy Results Wizard for all computer accounts to the domain.
Answer: C
Explanation:
The configuration of the desktop background is part of the user configuration. By carrying out the Group Policy Results Wizard for the user account of the manager can be found, which GPOs (GPOs) are applied to the order in which the user account of the manager. In addition, the report of the Group Policy Results Wizard can be seen that each GPO is crucial for the effective configuration of the individual directives.
QUESTION 574
Drag and Drop Question
Your network contains a single Active Directory domain named contoso.com.
The domain contains an Active Directory site named Site1 and an organizational unit (OU) named OU1. The domain contains a client computer named Client1 that is located in OU1 and Site1.
You create five Group Policy objects (GPO).
The GPOs are configured as shown in the following table.
You need to identify in which order the GPOs will be applied to Client1.
In which order should you arrange the listed GPOs? To answer, move all GPOs from the list of GPOs to the answer area and arrange them in the correct order.
Select and Place:
Answer:
Explanation:
Basically determines the order in which the GPOs are applied by Group Policy, the ranking.
The default order is local, site, domain, organizational unit and subordinate organizational units (OU LSD). Therefore GPOs have in child OUs overrides associated with parent OUs GPOs. This in turn take precedence over the domain linked GPOs, which take precedence over the site linked GPOs. Direction for use, or LSD-OU (LSDOU)
Local Policy
GPOs that are linked to the site
GPOs that are linked to the domain
GPOs that are linked to organizational units (from the parent OU to subordinate)
The Standardreiehnfolge processing can be set by forcing a Group Policy object or by disabling the inheritance of a GPO repealed. Enforced When a GPO enforced it will put at the end of the processing sequence. If more than one GPO to “forced” option is enabled, the GPOs are applied in reverse default order (L-OU-DS). In this way ensures that the settings of Domain Admins will not be overwritten by forcing the settings of a Delegated Administrator at a subordinate level. If several enforced GPO objects linked on the same level as, shall be the highest priority by (the sorted upwards). Inheritance disable The above the OU linked GPOs are not inherited or blocked. Is activated by a higher-level object “forced”, so the inheritance can not be prevented. Thus, the Domain Administrator can always prevail with its settings.
QUESTION 575
Drag and Drop Question
Your network contains a production Active Directory forest named contoso.com and a test Active Directory forest named test.contoso.com.
There is no network connectivity between contoso.com and test.contoso.com.
The test.contoso.com domain contains a Group Policy object (GPO) named GPO1.
You need to apply the settings in GPO1 to the contoso.com domain.
Which four actions should you perform? To answer, move the four appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
1. Run the Backup-gpo cmdlet
2. User removable media to transfer the contects of test.contoso.com to contoso.com
3. Create a gpo in contoso.com
4. Run the import-gpo cmdlet
http://technet.microsoft.com/en-us/library/ee461050.aspx
http://technet.microsoft.com/en-us/library/ee461044.aspx
QUESTION 576
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
All client computers run Windows 7. Group Policy objects (GPOs) are linked to the domain as shown in the exhibit. (Click the Exhibit button.)
GP02 contains user configurations only and GP03 contains computer configurations only.
You need to configure the GPOs to meet the following requirements:
– Ensure that GP02 only applies to the user accounts in OU2 that are members of a global group named Group2.
– Ensure that GP03 only applies to the computer accounts in OU3 that have more than 100 GB of free disk space.
What should you do?
To answer, drag the appropriate setting to the correct GPO. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 577
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com.
You deploy a web-based application named App1 to a server named Server1.
App1 uses an application pool named AppPool1.
AppPool1 uses a domain user account named User1 as its identity.
You need to configure Kerberos constrained delegation for User1.
Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order
Answer:
QUESTION 578
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. All client computers run Windows 8. Group Policy objects (GPOs) are linked to the domain as shown in the exhibit. (Click the Exhibit button.)
GPO2 contains computer configurations only and GP03 contains user configurations only.
You need to configure the GPOs to meet the following requirements:
– Ensure that GPO2 only applies to the computer accounts in OU2 that have more than one processor.
– Ensure that GP03 only applies to the user accounts in OU3 that are members of a security group named SecureUsers.
Which setting should you configure in each GPO? To answer, drag the appropriate setting to the correct GPO. Each setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 579
Drag and Drop Question
Your network contains an Active Directory forest named contoso.com. Recently, all of the domain controllers that ran Windows Server 2003 were replaced by domain controllers that run Windows Server 2012 R2.
From Event Viewer, you discover SYSVOL journal wrap errors on a domain controller named dclO.contoso.com.
You need to perform a non-authoritative synchronization of SYSVOL on DC10.
Which three actions should you perform on DC10?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
QUESTION 580
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 that runs Windows Server 2012.
The domain contains some test client computers that run either Windows XP, Windows Vista, Windows 7, or Windows 8.
The computer accounts for the test computers are located in an organizational unit (OU) named OU1.
You have a Group Policy object (GPO) named GP01 linked to OU1.
GPO1 is used to assign several applications to the test computers.
You need to ensure that when the test computers in OU1 restart, you can see which application installation is running currently.
Which setting should you modify in GPO1? To answer, select the appropriate setting in the answer area.
Answer:
Explanation:
The guidelines shown are located in the section Computer Configuration\Administrative Templates\System.
Directive: Show Extremely detailed status messages
This policy setting directs the system to display highly detailed status messages.
This policy setting is intended for advanced users who need this information.
If this . enable policy setting, status messages are displayed for each individual step in the startup, shutdown, logon or logoff
If you disable this policy setting or do not configure, only the standard system messages are displayed during these operations.
Note: This policy setting is ignored if the setting “” Status messages to reboot, shutdown, login and logout remove “” is enabled.
If you use GreatExam braindump as your 70-417 exam prepare material, we guarantee your success in the first attempt. GreatExam 70-417 practice test provides you everything you will need to take your 70-417 Exam.