Test your preparation for Microsoft 70-417 with these actual 70-417 questions below. Exam questions are a sure method to validate one’s preparation for actual certification exam.
QUESTION 321
You have a file server named Server1 that runs a Server Core Installation of Windows Server 2012 R2.
Server1 has a volume named D that contains user data. Server1 has a volume named E that is empty.
Server1 is configured to create a shadow copy of volume D every hour.
You need to configure the shadow copies of volume D to be stored on volume E.
What should you run?
A. The Set-Volume cmdlet with the -driveletter parameter
B. The Set-Volume cmdlet with the -path parameter
C. The vssadmin.exe add shadowstorage command
D. The vssadmin.exe create shadow command
Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx
QUESTION 322
Your network contains two Active Directory forests named contoso.com and dev.contoso.com. The contoso.com forest contains a domain controller named DO. The dev.contoso.com forest contains a domain controller named DC2. Each domain contains an organizational unit (OU) named OU1.
Dev.contoso.com has a Group Policy object (GPO) named GP01. GP01 contains 200 settings, including several settings that have network paths. GP01 is linked to OU1.
You need to copy GP01 from dev.contoso.com to contoso.com.
What should you do first on DC2?
A. From the Group Policy Management console, right-click GPO1 and select Copy.
B. Run the mtedit.exe command and specify the /Domaintcontoso.com /DC: DC 1 parameter.
C. Run the Save-NetGpocmdlet.
D. Run the Backup-Gpocmdlet.
Answer: A
Explanation:
To copy a Group Policy object:
In the GPMC console tree, right-click the GPO that you want to copy, and then click Copy.
To create a copy of the GPO in the same domain as the source GPO, right-click Group Policy objects, click Paste, specify permissions for the new GPO in the Copy GPO box, and then click OK .
For copy operations to another domain, you may need to specify a migration table.
The Migration Table Editor (MTE) is provided with Group Policy Management Console (GPMC) to facilitate the editing of migration tables. Migration tables are used for copying or importing Group Policy objects (GPOs) from one domain to another, in cases where the GPOs include domain-specific information that must be updated during copy or import. Source WS2008R2: Backup the existing GPOs from the GPMC, you need to ensure that the “Group Policy Objects” container is selected for the “Backup Up All” option to be available.
Copy a Group Policy Object with the Group Policy Management Console (GPMC)
You can copy a Group Policy object (GPO) either by using the drag-and-drop method or right-click method.
Applies To: Windows 8, Windows Server 2008 R2, Windows Server 2012
http://technet.microsoft.com/en-us/library/cc785343(v=WS.10).aspx
http://technet.microsoft.com/en-us/library/cc733107.aspx
QUESTION 323
You have a server named SCI that runs a Server Core Installation of Windows Server 2012 R2.
Shadow copies are enabled on all volumes.
You need to delete a specific shadow copy. The solution must minimize server downtime.
Which tool should you use?
A. Shadow
B. Diskshadow
C. Wbadmin
D. Diskpart
Answer: B
Explanation:
DiskShadow.exe is a tool that exposes the functionality offered by the Volume Shadow Copy Service (VSS).
The diskshadow command delete shadows deletes shadow copies.
QUESTION 324
Hotspot Question
Your network contains two Hyper-V hosts that are configured as shown in the following table.
You create a virtual machine on Server1 named VM1.
You plan to export VM1 from Server1 and import VM1 to Server2.
You need to ensure that you can start the imported copy of VM1 from snapshots.
What should you configure on VM1? To answer, select the appropriate node in the answer area.
Answer:
QUESTION 325
Drag and Drop Question
Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2 that run Windows Server 2012 R2.
You configure a new failover cluster named Cluster1. Server1 and Server2 are nodes in Cluster1. You need to configure the disk that will be used as a witness disk for Cluster1.
How should you configure the witness disk? To answer, drag the appropriate configurations to the correct location or locations. Each configuration may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
QUESTION 326
You have a failover cluster named Cluster1 that contains four nodes. All of the nodes run Windows Server 2012 R2.
You need to force every node in Cluster1 to contact immediately the Windows Server Update Services (WSUS) server on your network for updates.
Which tool should you use?
A. The Add-CauClusterRolecmdlet
B. TheWuauclt command
C. TheWusa command
D. The Invoke-CauScancmdlet
Answer: D
Explanation:
The Invoke-CauScancmdlet performs a scan of cluster nodes for applicable updates and returns a list of the initial set of updates that would be applied to each node in a specified cluster.
QUESTION 327
Hotspot Question
Your network contains an Active Directory domain named contoso.com.
All DNS servers host a DNS zone named adatum.com.
The adatum.com zone is not Active Directory-integrated.
An administrator modifies the start of authority (SOA) record for the adatum.com zone.
After the modification, you discover that when you add or modify DNS records in the adatum.com zone, the changes are not transferred to the DNS servers that host secondary copies of the adatum.com zone.
You need to ensure that the records are transferred to all the copies of the adatum.com zone.
What should you modify in the SOA record for the adatum.com zone? To answer, select the appropriate setting in the answer area.
Answer:
QUESTION 328
Drag and Drop Question
You have a Hyper-V host named Server1.
Server1 hosts a virtual machine named VM1.
You view the properties of VM1 as shown in the following exhibit. (Click the Exhibit button.)
You need to configure bandwidth management for VM1.
Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)
Answer:
QUESTION 329
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 has the virtual switches listed in the following table.
You create a virtual machine named VM1. VM1 has two network adapters. One network adapter connects to vSwitch1. The other network adapter connects to vSwitch2.
You configure NIC teaming on VM1.
You need to ensure that if a physical NIC fails on Server1, VM1 remains connected to the network.
What should you do on Server1?
A. Run the Set-VmNetworkAdaptercmdlet.
B. Add a new network adapter to VM1.
C. Create a new virtual switch on Server 1.
D. Modify the properties of vSwitch1 and vSwitch2.
Answer: A
QUESTION 330
Your network contains two Hyper-V hosts that run Windows Server 2012 R2. The Hyper-V hosts contains several virtual machines that run Windows Server 2012 R2.
You install the Network Load Balancing feature on the virtual machines.
You need to configure the virtual machines to support Network Load Balancing (NLB).
Which virtual machine settings should you configure?
A. DHCP guard
B. Port mirroring
C. Router guard
D. MAC address
Answer: D
Explanation:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/5b3a0a9d-26a2-49ba-bbbe-29d11fcbb7ce/nlb-on-hyperv?forum=winserverhyperv
For NLB to be configured you need to enable MAC address spoofing.
QUESTION 331
Hotspot Question
The settings for a virtual machine named VM2 are configured as shown in the VM2 exhibit.(Click the Exhibit button.)
The settings for Disk1.vhdx are configured as shown in the Disk1.vhdx exhibit. (Click the Exhibit button.)
The settings for Disk2.vhdx are configured as shown in the Disk2.vhdx exhibit. (Click the Exhibit button.)
Select Yes if the statement can be shown to be true based on the available information; otherwise select No. Each correct selection is worth one point.
Answer:
QUESTION 332
You plan to deploy a file server to a temporary location.
The temporary location experiences intermittent power failures.
The file server will contain a dedicated volume for shared folders.
You need to create a volume for the shared folders.
The solution must minimize the likelihood of file corruption if a power failure occurs.
Which file system should you use?
A. NFS
B. FAT32
C. ReFS
D. NTFS
Answer: C
Explanation:
The ReFS file system allows for resiliency against corruptions with the option to salvage amongst many other key features like Metadata integrity with checksums, Integrity streams with optional user data integrity, and shared storage pools across machines for additional failure tolerance and load balancing, etc.
QUESTION 333
You have a laptop named Computer 1. Computer1 runs Windows 8 Enterprise.
Computer1 has a wired network adapter and a wireless network adapter.
Computer1 connects to a wireless network named Network1.
For testing purposes, you install Windows Server 2012 R2 on Computer1 as a second operating system.
You install the drivers for the wireless network adapter.
You need to ensure that you can connect to Network1 from Windows Server 2012 R2.
What should you do?
A. From a local Group Policy object (GPO), configure the Wireless Network (IEEE 802.11) Policies settings.
B. From Server Manager, install the Wireless LAN Service feature.
C. Restart the WLAN AutoConfig service.
D. From a local Group Policy object (GPO), configure the settings of Windows Connection Manager.
Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/hh994698.aspx
The Wireless LAN service is a feature in Windows Server® 2012 R2 that you can use to enable the wireless WLAN AutoConfig service, and to configure the WLAN AutoConfig service for automatic startup. Once enabled, the WLAN AutoConfig service dynamically selects which wireless network the computer automatically connects to, and configures the necessary settings on the wireless network adapter. This includes automatically selecting and connecting to a more preferred wireless network when one becomes available.
To enable the Wireless LAN Service
In Server Manager Dashboard, click Manage, and then click Add Roles and Features. The Add Roles and Features Wizard opens.
Click Next. In Select installation type, select Role-based or feature-based installation, and then click Next.
In Select destination server, enable Select a server from the server pool, and in Server Pool, select the server for which you want to enable the Wireless LAN Service, and then click Next.
In Select server roles, click Next.
In Select Server features, in Features, select Wireless LAN Service, and then click Next.
QUESTION 334
Hotspot Question
You have a Hyper-V host named Server1 that runs Windows Server 2008 R2.
All of the virtual machines on Server1 use VHDs.
You install the Hyper-V server role on a server named Server2 that runs Windows Server 2012 R2. Server2 has the same hardware configurations as Server1.
You plan to migrate the Hyper-V host from Server1 to Server2 by using the Windows Server Migration Tools.
In the table below, identify what can be migrated by using the Windows Server Migration Tools. Make only one selection in each row. Each correct selection is worth one point.
Answer:
QUESTION 335
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. Server1 is configured to resolve single-label names for DNS clients.
You need to view the number of queries for single-label names that are resolved by Server1.
What command should you run? To answer, select the appropriate options in the answer area.
Answer:
QUESTION 336
Hotspot Question
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a server named Server1. Both servers run Windows Server 2012 R2.
You configure the classification of a share on Server1 as shown in the Share1 Properties exhibit. (Click the Exhibit button.)
You configure the resource properties in Active Directory as shown in the Resource Properties exhibit. (Click the Exhibit button.)
You need to ensure that the Impact classification can be assigned to Share1 immediately.
Which cmdlet should you run on each server? To answer, select the appropriate cmdlet for each server in the answer area.
Answer:
QUESTION 337
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is an enterprise root certification authority (CA) for contoso.com.
Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA. Your account is a member of the local Administrators group on Server1.
You enable CA role separation on Server1.
You need to ensure that you can manage the certificates on the CA.
What should you do?
A. Remove your user account from the local Administrators group.
B. Assign the CA administrator role to your user account.
C. Assign your user account the Bypass traverse checking user right.
D. Remove your user account from the Manage auditing and security log user right.
Answer: A
Explanation:
To correct this configuration, the local Administrator of the server must disable role separation, remove the CA Administrator from the second role, and then restart the Certificate Services service. Following these steps, role separation can be enabled again.
https://technet.microsoft.com/en-us/library/cc773161(v=ws.10)
QUESTION 338
Your network contains an Active Directory domain named adatum.com. The domain contains a server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate Services server role installed and is configured to support key archival and recovery.
You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the private keys from the AD CS database.
What should you do?
A. Assign User1 the Issue and Manage Certificates permission to CA1.
B. Assign User1 the Read permission and the Write permission to all certificate templates.
C. Provide User1 with access to a Key Recovery Agent certificate and a private key.
D. Assign User1 the Manage CA permission to CA1.
Answer: C
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/7573.active-directory-certificate-services-pki-keyarchival-and-management.aspx#Protecting_Key_Recovery_Agent_Keys
QUESTION 339
Your network contains an Active Directory forest named adatum.com.
The forest contains an Active Directory Rights Management Services (AD RMS) cluster.
A partner company has an Active Directory forest named litwareinc.com.
The partner company does not have AD RMS deployed.
You need to ensure that users in litwareinc.com can consume rights-protected content from adatum.com.
Which type of trust policy should you create?
A. At federated trust
B. A trusted user domain
C. A trusted publishing domain
D. Windows Live ID
Answer: A
Explanation:
A. In AD RMS rights can be assigned to users who have a federated trust with Active Directory Federation Services (AD FS). This enables an organization to share access to rights-protected content with another organization without having to establish a separate Active Directory trust or Active Directory Rights Management Services (AD RMS) infrastructure.
http://technet.microsoft.com/en-us/library/dd772651(v=WS.10).aspx
http://technet.microsoft.com/en-us/library/cc738707(v=WS.10).aspx
http://technet.microsoft.com/en-us/library/cc757344(v=ws.10).aspx
QUESTION 340
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other.
Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1.
You need to verily whether the replica of VMS on Server1 is functional.
The solution must ensure that VMS remains accessible to clients.
What should you do from Hyper-V Manager?
A. On Server1, execute a Planned Failover.
B. On Server1, execute a Test Failover.
C. On Server2, execute a Planned Failover.
D. On Server2, execute a Test Failover.
Answer: B
These Microsoft 70-417 exam questions are all a small selection of questions. If you want to practice more questions for actual 70-417 exam, use the links at the end of this document. Also you can find links for 70-417 exam practice test software that is great for preparation and self-assessment for Microsoft 70-417 exam.