In recent years, many people choose to take Microsoft 70-417 certification exam which can make you get the Microsoft certificate and that is the passport to get a better job and get promotions. How to prepare for Microsoft 70-417 exam and get the certificate? Please refer to Microsoft 70-417 exam questions and answers on GreatExam.
QUESTION 141
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the DHCP Server server role and the Network Policy Server role service installed. Server1 contains three non-overlapping scopes named Scope1, Scope2, and Scope3. Server1 currently provides the same Network Access Protection (NAP) settings to the three scopes.
You modify the settings of Scope1 as shown in the exhibit. (Click the Exhibit button.)
You need to configure Server1 to provide unique NAP enforcement settings to the NAP non- compliant DHCP clients from Scope1.
What should you create?
A. A connection request policy that has the Service Type condition
B. A connection request policy that has the Identity Type condition
C. A network policy that has the MS-Service Class condition
D. A network policy that has the Identity Type condition
Answer: C
Explanation:
Restricts the policy to clients that have received an IP address from a DHCP scope that matches the specified DHCP profile name. This condition is used only when you are deploying NAP with the DHCP enforcement method. To use the MS-Service Class attribute, in Specify the profile name that identifies your DHCP scope, type the name of an existing DHCP profile.
http://technet.microsoft.com/en-us/library/cc731220(v=ws.10).aspx
QUESTION 142
Your network contains an Active Directory forest named contoso.com.
All servers run Windows Server 2012 R2. The domain contains four servers.
The servers are configured as shown in the following table.
You need to deploy IP Address Management (IPAM) to manage DNS and DHCP.
On which server should you install IPAM?
A. DC1
B. DC2
C. DC3
D. Server1
Answer: D
Explanation:
IPAM cannot be installed on Domain Controllers. All other servers have the DC role
http://technet.microsoft.com/en-us/library/hh831353.aspx
QUESTION 143
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has Microsoft SQL Server 2012 installed.
You install the Active Directory Federation Services server role on Server2.
You need to configure Server2 as the first Active Directory Federation Services (AD FS) server in the domain. The solution must ensure that the AD FS database is stored in a SQL Server database on Server1.
What should you do on Server2?
A. From Windows PowerShell, run Install-ADFSFarm.
B. From Windows PowerShell, run Install-ADFSStandAlone.
C. From the AD FS console, run the AD FS Federation Server Configuration Wizard and select the Stand-alone federation server option.
D. From Server Manager, install the AD FS Web Agents.
Answer: A
Explanation:
Install-ADFSFarm with the parameter -SQLConnectionString
This is the only valid option.
http://technet.microsoft.com/en-us/library/ee913579.aspx
Not: Powershell Install-ADFSStandAlone
We’re not going for StandAlone which is no more for 2012 R2 btw.
Not: Stand Alone federation.
Not: ADFS Web Agents
The Active Directory Federation Services (ADFS) Web Agent is a component of ADFS. It is used to consume security tokens and either allow or deny a user access to a Web application. To accomplish this, the Web server requires a relationship with a resource Federation Service so that it can direct the user to the Federation Service as needed.
QUESTION 144
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.
You are creating a central access rule named TestFinance that will be used to audit members of the Authenticated Users group for access failure to shared folders in the finance department.
You need to ensure that access requests are unaffected when the rule is published.
What should you do?
A. Set the Permissions to Use the following permissions as proposed permissions.
B. Set the Permissions to Use following permissions as current permissions.
C. Add a User condition to the current permissions entry for the Authenticated Users principal.
D. Add a Resource condition to the current permissions entry for the Authenticated Users principal.
Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/jj134043.aspx
QUESTION 145
Your network contains an Active Directory domain named contoso.com.
The network contains a file server named Server1 that runs Windows Server 2012 R2.
You are configuring a central access policy for temporary employees.
You enable the Department resource property and assign the property a suggested value of Temp.
You need to configure a target resource condition for the central access rule that is scoped to resources assigned to Temp only.
Which condition should you use?
A. (Department.Value Equals “Temp”)
B. (Resource.Temp Equals “Department”)
C. (Temp.Resource Equals “Department”)
D. (Resource.Department Equals “Temp”)
Answer: D
Explanation:
http://technet.microsoft.com/fr-fr/library/hh846167.aspx
QUESTION 146
Drag and Drop Question
Your network contains four servers that run Windows Server 2012 R2.
Each server has the Failover Clustering feature installed.
Each server has three network adapters installed. An iSCSI SAN is available on the network.
You create a failover cluster named Cluster1.
You add the servers to the cluster.
You plan to configure the network settings of each server node as shown in the following table.
You need to configure the network settings for Cluster1.
What should you do? To answer, drag the appropriate network communication setting to the correct cluster network. Each network communication setting may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
QUESTION 147
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. AN servers run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed.
The servers are configured as shown in the following table.
You add a third server named Server3 to the network. Server3 has Intel processors.
You need to move VM3 and VM6 to Server3. The solution must minimize downtime on the virtual machines.
Which method should you use to move each virtual machine? To answer, select the appropriate method for each virtual machine in the answer area.
Answer:
QUESTION 148
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Node1 and Node2. Node1 and Node2 run Windows Server 2012 R2. Node1 and Node2 are configured as a two-node failover cluster named Cluster2. The computer accounts for all of the servers reside in an organizational unit (OU) named Servers. A user named User1 is a member of the local Administrators group on Node1 and Node2. User1 creates a new clustered File Server role named File1 by using the File Server for general use option.
A report is generated during the creation of File1 as shown in the exhibit. (Click the Exhibit button.)
File1 fails to start.
You need to ensure that you can start File1.
What should you do?
A. Recreate the clustered File Server role by using the File Server for scale-out Application data option.
B. Assign the user account permissions of User1 to the Servers OU.
C. Log on to the domain by using the built-in Administrator for the domain, and then recreate the clustered File Server role by using the File Server for general use option.
D. Increase the value of the ms-DS-MachineAccountQuota attribute of the domain.
E. Assign the computer account permissions of Cluster2 to the Servers OU.
Answer: B
Explanation:
When creating a role, an AD object is created in the server OU.
QUESTION 149
Drag and Drop Question
You plan to deploy a failover cluster that will contain two nodes that run Windows Server 2012 R2.
You need to configure a witness disk for the failover cluster.
How should you configure the witness disk? To answer, drag the appropriate configurations to the correct location or locations. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 150
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. The servers have the Hyper-V server role installed. A certification authority (CA) is available on the network. A virtual machine named VM1.contoso.com is replicated from Server1 to Server2. A virtual machine named vm2.contoso.com is replicated from Server2 to Server1.
You need to configure Hyper-V to encrypt the replication of the virtual machines.
Which common name should you use for the certificates on each server? To answer, configure the appropriate common name for the certificate on each server in the answer area.
Answer:
QUESTION 151
Drag and Drop Question
You have a server named Server1 that runs Windows Server 2012 R2.
You are asked to test Windows Azure Online Backup to back up Server1.
You need to back up Server1 by using Windows Azure Online Backup.
Which four actions should you perform in sequence? To answer, move the appropriate four actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Explanation:
http://technet.microsoft.com/en-us/library/jj884318.aspx
http://technet.microsoft.com/en-us/library/hh831761.aspx#BKMK_installagent
Note:
* Getting started with Windows Azure Online Backup is a simple two-step process:
1. Get a free preview Windows Azure Online Backup account (with 300 GB of cloud storage).
2. Login to the Windows Azure Online Backup portal and download and install the Windows Azure Online Backup agent for Windows Server 2012 R2 or System Center 2012 SP1 Data Protection Manager. For Windows Server 2012 R2 Essentials, download and install the Windows Azure Online Backup integration module.
Once you have installed the agent or integration module you can use the existing user interfaces for registering the server to the service and setting up online backup.
* Install the Windows Azure Online Backup agent
Before you can begin to use the online protection service, you must download and install the Windows Azure Online Backup agent on the Data Protection Manager (DPM) server. You can download the Windows Azure Online Backup agent from the Windows Azure Online Backup portal.
To registering for online protection (box 4)
After you install the agent on the DPM server, you must register the DPM server for online protection. Click Register Online Protection on the tool ribbon to start the Windows Azure Backup Registration wizard.
Etc. (finish the steps in the wizard).
QUESTION 152
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other. Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1.
You need to verify whether the replica of VM5 on Server1 is functional. The solution must ensure that VM5 remains accessible to clients.
What should you do from Hyper-V Manager?
A. On Server1, execute a Planned Failover.
B. On Server1, execute a Test Failover.
C. On Server2, execute a Planned Failover.
D. On Server2, execute a Test Failover.
Answer: B
Explanation:
Test Failover is an operation initiated on your replica virtual machine (here VM5 on Server1) which allows you to test the sanity of the virtualized workload without interrupting your production workload or ongoing replication.
Note: At a high level, Hyper-V Replica supports three types of Failover:
Test Failover
Planned Failover
Unplanned Failover
QUESTION 153
You have a server named Server1 that runs Windows Server 2012 R2. Server1 is backed up by using Windows Server Backup.
The backup configuration is shown in the exhibit. (Click the Exhibit button.)
You discover that only the last copy of the backup is maintained.
You need to ensure that multiple backup copies are maintained.
What should you do?
A. Modify the backup destination.
B. Configure the Optimize Backup Performance settings.
C. Modify the Volume Shadow Copy Service (VSS) settings.
D. Modify the backup times.
Answer: A
Explanation:
A, The destination in the exhibit shows a network share is useD.
If a network share is being used only the latest copy will be saved
http://windows.microsoft.com/en-us/windows7/where-should-i-save-my-backup
QUESTION 154
Your network contains two Web servers named Server1 and Server2.
Both servers run Windows Server 2012 R2.
Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster.
The NLB cluster contains an application named App1 that is accessed by using the URL
http://app1.contoso.com.
You plan to perform maintenance on Server1.
You need to ensure that all new connections to App1 are directed to Server2.
The solution must not disconnect the existing connections to Server1.
What should you run?
A. The Set-NlbCluster cmdlet
B. The nlb.exe suspend command
C. The nlb.exe stop command
D. The Suspend-NlbClusterNode cmdlet
Answer: D
Explanation:
http://blogs.msdn.com/b/clustering/archive/2012/04/03/10290554.aspx
QUESTION 155
Your network contains an Active Directory domain named contoso.com.
The domain contains a server named Server1 that runs Windows Server 2012 R2.
On a server named Server2, you perform a Server Core Installation of Windows Server 2012 R2. You join Server2 to the contoso.com domain.
You need to ensure that you can manage Server2 by using the Computer Management console on Server1.
What should you do on Server2?
A. Run sconfig.exe and configure remote management. (Run the Enable-NetFirewallRulecmdlet.)
B. Run sconfig.exe and configure Remote Server Administration Tools (RSAT).
C. Install Windows Management Framework.
D. Install Remote Server Administration Tools (RSAT).
Answer: A
Explanation:
In Windows Server 2012, you can use the Server Configuration tool (Sconfig.cmd) to configure and manage several common aspects of Server Core installations.
You must be a member of the Administrators group to use the tool. Sconfig.cmd is available in the Minimal Server Interface and in Server with a GUI mode.
QUESTION 156
You have a server named Server1 that runs Windows Server 2012 R2.
Server1 has 2 dual-core processors and 16 GB of RAM.
You install the Hyper-V server role in Server1.
You plan to create two virtual machines on Server1.
You need to ensure that both virtual machines can use up to 8 GB of memory.
The solution must ensure that both virtual machines can be started simultaneously.
What should you configure on each virtual machine?
A. Dynamic Memory
B. NUMA topology
C. Memory weight
D. Ressource Control
Answer: A
QUESTION 157
You perform a Server Core Installation of Windows Server 2012 R2 on a server named Server1. You need to add a graphical user interface (GUI) to Server1.
Which tool should you use?
A. the dism.exe command
B. the ocsetup.exe command
C. the setup.exe command
D. the Install-Module cmdlet
Answer: A
Explanation:
The DISM command is called by the Add-WindowsFeature command.
Here is the systax for DISM:
Dism /online /enable-feature /featurename:ServerCore-FullServer /featurename:ServerGui-Shell /featurename:Server-Gui-Mgmt
QUESTION 158
Drag and Drop Question
Your network contains a single Active Directory domain named contoso.com. The domain contains an Active Directory site named Site1 and an organizational unit (OU) named OU1.
The domain contains a client computer named Client1 that is located in OU1 and Site1.
You create five Group Policy objects (GPO).
The GPOs are configured as shown in the following table.
You need to identify in which order the GPOs will be Applied to Client1.
In which order should you arrange the listed GPOs? To answer, move all GPOs from the list of GPOs to the answer area and arrange them in the correct order.
QUESTION 159
Hotspot Question
You have a server named DHCP1 that runs Windows Server 2012 R2.
DHCP1 does not have access to the Internet.
All roles are removed completely from DHCP
You mount a Windows Server 2012 R2 installation image to the C:\Mount folder.
You need to install the DHCP Server server role on DHCP1 by using Server Manager.
Which folder should you specify as the alternate path for the source files? To answer, select the appropriate folder in the answer area.
Answer:
QUESTION 160
Your network contains an Active Directory domain named contoso.com.
The domain contains client computers that run either Windows XP, Windows 7, or Windows 8.
Network Policy Server (NPS) is deployed to the domain.
You plan to create a system health validator (SHV).
You need to identify which policy settings can be Applied to all of the computers.
Which three policy settings should you identify? (Each correct answer presents part of the solution. Choose three.)
A. A firewall is enabled for all network connections.
B. An antispyware application is on.
C. Automatic updating is enabled.
D. Antivirus is up to date.
E. Antispyware is up to date.
Answer: ACD
Explanation:
* System health agent (SHA) is a NAP component.
* System health agent (SHA)
A component that checks the state of the client computer to determine whether the settings monitored by the SHA are up-to-date and configured correctly. For example, the Windows Security Health Agent (WSHA) can monitor Windows Firewall, whether antivirus software is installed, enabled, and updated, whether antispyware software is installed, enabled, and updated, and whether Microsoft Update Services is enabled and the computer has the most recent security updates from Microsoft Update Services. There might also be SHAs (and corresponding system health validators) available from other companies that provide different functionality.
GreatExam is a good website that provides all candidates with the latest IT certification exam materials. GreatExam will provide you with the exam questions and verified answers that reflect the actual exam. The Microsoft 70-417 exam dumps are developed by experienced IT professionals. 99.9% of hit rate. Guarantee you success in your 70-417 exam with our exam materials.