We are all well aware that a major problem in the IT industry is that there is a lack of quality study materials. Our exam preparation material provides you everything you will need to take a certification examination. Our Microsoft 70-417 Exam will provide you with exam questions with verified answers that reflect the actual exam. These questions and answers provide you with the experience of taking the actual test. High quality and value for the 70-417 Exam. 100% guarantee to pass your Microsoft 70-417 exam and get your Microsoft certification.
QUESTION 581
Hotspot Question
Your network contains an Active Directory domain named fabrikam.com.
You implement DirectAccess and an IKEv2 VPN.
You need to view the properties of the VPN connection.
Which connection properties should you view? To answer, select the appropriate connection properties in the answer area.
Answer:
Explanation:
Position 1 symbolizes a wired network connection. Position 2 indicates the DirectAccess connection. Is located at position 3 the known symbol of wireless (WIFI) connection and the symbol in position 4 identifies a VPN connection.
QUESTION 582
Hotspot Question
Your network contains an Active Directory domain named corp.contoso.com.
The domain contains two member servers named Server1 and Edge1.
Both servers run Windows Server 2012. Your company wants to implement a central location where the system events from all of the servers in the domain will be collected.
From Server1, a network technician creates a collector-initiated subscription for Edge1.
You discover that Server1 does not contain any events from Edge1.
You view the runtime status of the subscription as shown in the exhibit.
You need to ensure that the system events from Edge1 are collected on Server1.
What should you modify? To answer, select the appropriate object in the answer area.
Answer:
Explanation:
If you intend to specify a user account by using the Specific User option in Advanced Subscription Settings when creating the subscription, you must ensure that account is a member of the local Administrators group on each of the source computers
http://technet.microsoft.com/en-us/library/cc748890.aspx
QUESTION 583
Hotspot Question
Your network contains an Active Directory domain called contoso.com.
The domain contains a domain controller named DC1 that runs Windows server 2012.
The domain contains some test client computers that run either Windows XP, Windows Vista, Windows 7, or Windows 8.
The computer accounts for the test computers are located in an organizational unit (OU) named OU1.
You have a Group Policy object (GPO) named GPO1 linked to OU1.
GPO1 is used to assign several applications to the test computers.
You need to ensure that when the test computers in OU1 restart, you can see which application installation is running currently.
Which setting should you modify in GPO1? To answer, select the appropriate setting in the answer area.
Answer:
Explanation:
Allows you to receive verbose startup, shutdown, logon, and logoff status messages.
Verbose status messages may be helpful when you are troubleshooting slow startup, shutdown, logon, or logoff behavior.
http://support.microsoft.com/kb/325376
QUESTION 584
Hotspot Question
Your network contains an Active Directory forest named contoso.com.
The forest contains a single domain. The DNS zone is Active Directory-integrated contoso.local and configured so that the zone data to all DNS servers running on domain controllers in the domain certbase.de replicated. Server1 is a member server of the domain.
The IP address of Server1 is in the zone contoso.local registered.
You must determine when the DNS record of Server1 was last updated.
In which Active Directory partition to see the DNS record of a Server1? (To be configured dialog box shown in the picture. Click the Drawing button.)
Answer:
Explanation:
In the task is mentioned that the zone data to all DNS servers running on domain controllers in the domain certbase.de replicated.
The zone data is consequently in the Active Directory partition DomainDnsZones saved.
QUESTION 585
File1 has been encrypted by Contoso\admin1
File2 has been encrypted by Server1\admin1
File3 has been encrypted by Server1\administrator
You need to back up the DRA agents.
Who is the owner of each of the agents.
There is a selection of drop down boxes.
You should to select one in every file.
File1: Contoso\admin
Contoso\administrator
Server1\admin1
Server1\administrator
File2: Contoso\admin
Contoso\administrator
Server1\admin1
Server1\administrator
File3: Contoso\admin
Contoso\administrator
Server1\admin1
Server1\administrator
Answer: Contoso\administrator;Server1\administrator;Server1\administrator;
Explanation:
https://technet.microsoft.com/en-us/library/cc512680.aspx
By default, the data recovery agent is defined to be the administrator account. On stand-alone workstations and workgroup machines, the administrator account is the local administrator; on domain-joined machines, the administrator account is the first domain controller’s administrator account.
I think the first one is in the Contoso Domain, so the Agent should be Contoso/Administrator.
The other ones seem to be a local machine. It depends how the question introduced the machines. But I would say these are local ones. So the agent should be Server1/Administrator in both cases.
File1 has been encrypted by Contoso\admin1
File2 has been encrypted by Server1\admin1
File3 has been encrypted by Server1\administrator
QUESTION 586
Transferring FSMO Roles with MMC Tool
You plan to transferring DC that holding FSMO roles.
You need to select which tools can use to transfer domain naming master role and Operations master roles.
Answer:
I ALSO HAD THIS ONE ON THE EXAM, BUT I’M MIGHT BEING MISSING A LITTLE DETAIL, BUT I SURE IS 90% COMPLETE.
This are extra information, just in case they change de question!
SUMMARY
There are five Flexible Single Master Operations (FSMO) roles in a Windows 2000 forest.
There are two ways to transfer a FSMO role in Windows 2000. This article describes how to transfer all five FSMO roles by using Microsoft Management Console (MMC) snap-ins. The five FSMO roles are:
Schema Master – One master role holder per forest. The schema master FSMO role holder is the domain controller responsible for performing updates to the directory schema.
Domain Naming Master – One master role holder per forest. The domain naming master FSMO role holder is the DC responsible for making changes to the forest-wide domain name space of the directory.
Infrastructure Master – One master role holder per domain. The infrastructure FSMO role holder is the DC responsible for updating an object’s SID and distinguished name in a cross-domain object reference.
RID Master – One master role holder per domain. The RID master FSMO role holder is the single DC responsible for processing RID Pool requests from all DCs within a given domain.
PDC Emulator – One master role holder per domain. The PDC emulator FSMO role holder is a Windows 2000 DC that advertises itself as the primary domain controller (PDC) to earlier version workstations, member servers, and domain controllers. It is also the Domain Master Browser and handles password discrepancies.
For additional information about FSMO roles in Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:
197132 Windows 2000 Active Directory FSMO Roles
Note To successfully perform the steps in this article, you must be a member of the Enterprise Administrators group.
You plan to transferring DC that holding FSMO roles.
You need to select which tools can use to transfer domain naming master role and Operations master roles.
QUESTION 587
What roles do you use to move and domain naming server and infrastructure master.
Answer: Pending
QUESTION 588
Which 2 tools to use for the Export of the DFS Files and Database to a new replica DFS
Choose from 4 options amongst which are:
Answer:
Explanation:
I ALSO HAD THIS ONE ON THE EXAM, BUT I’M MIGHT BEING MISSING A LITTLE DETAIL, BUT I SURE IS 90% COMPLETE.
Robocopy
The Robocopy (Robust File Copy) command-line utility is included with Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows Server 2008. The utility provides extensive options that include copying security, backup API support, retry capabilities, and logging. Later versions include multi-threading and un-buffered I/O support.
https://technet.microsoft.com/en-us/library/dn495044.aspx
https://technet.microsoft.com/en-us/library/dn495052.aspx
QUESTION 589
You have a WSUS server and you have a user that needs french windows updates.
You check the server and you only have english.
What should you do?
Answer: “You must configure the Upstream WSUS server (root WSUS server) to download updates in all languages that are used throughout the entire organization.”
Explanation:
https://technet.microsoft.com/en-us/library/hh328568(v=ws.10).aspx
QUESTION 590
You have a group managed Service Account name Account01.
Only three servers named Server01, Server02 and Server03 are allowed to use Account01 service account.
You plan to decommission Server01.
You need to prevent Server01 from using the Account01 service account.
The solution must ensure that Server02 and Server03 continue to use the Account01 service account What command should you run? To answer, select the appropriate options in the answer area.
A. Set-ADServiceAccount
B. Uninstall-ADServiceAccount
C. remove-ADServiceAccount
D. Reset-ADServiceAccountPassword
Answer: D
Explanation:
https://technet.microsoft.com/en-us/library/ee617190.aspx
https://www.petri.com/restrict-privileged-accounts-with-authentication-silos-in-windows-server-2012-r2
QUESTION 591
Create a starter gpo call Starter_GPO, and assign edit permission to a group Group1 Create a new gpo called GPO1
A. *** in GPO1
B. change Administrative Template in GPO1
C. change the Group policy preference of Starter_GPO
D. change the permission of Starter_GPO
Answer: C
QUESTION 592
One user needed a mapped drive but if they had it already you weren’t to replace it.
another user had a mapped drive.
You need to update the UNC but not any other settings.
Answer:
QUESTION 593
Direct access that slow inernet and intranet for users in office.
Without Direct Access users have no issue.
What cause the problem?
Answer: “enforce tunneling”
QUESTION 594
How to add the company name with the direct-access connection; the name has to appeared when user click on network icon.
A. add a friendly name
Answer: A
Explanation:
On network connectivity assistant page, “add a friendly name”
Provide a friendly name for the DirectAccess connection.
This name appears in the network list when users click the network icon in the notification area.
Select the Allow DirectAccess clients to use local name resolution check box, if required.
http://technet.microsoft.com/en-ca/library/jj134239.aspx
QUESTION 595
You Create Service Account: Service NT\Service1.
You see the Service1 Properties Popup.
The question is: What kind of Account is the service Account used on the computer?
“virtual Account” ,
Which account is used when this Serviceaccount gets into Network? – If a service accesses the network while running as a virtual account, it accesses resources as the
Answer: “computer account” (DOMAIN\Computername$)
The Microsoft 70-417 questions and answers in PDF on GreatExam are the most reliable study guide for 70-417 exam. Comparing with others’, our 70-417 practice test is more authoritative and complete. We provide the latest full version of 70-417 PDF and VCE dumps with new real questions and answers to ensure your 70-417 exam 100% pass.