100% Correct of 70 411 exam questions vce materials and braindump for Microsoft certification for IT specialist, Real Success Guaranteed with Updated 70 411 exam pdf dumps vce Materials. 100% PASS Administering Windows Server 2012 exam Today!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for Microsoft 70-411 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 70-411 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/70-411-exam-dumps.html

Q51. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. 

Each time a user receives an access-denied message after attempting to access a folder on Server1, an email notification is sent to a distribution list named DL1. 

You create a folder named Folder1 on Server1, and then you configure custom NTFS permissions for Folder 1. 

You need to ensure that when a user receives an access-denied message while attempting to access Folder1, an email notification is sent to a distribution list named DL2. The solution must not prevent DL1 from receiving notifications about other access-denied messages. 

What should you do? 

A. From File Explorer, modify the Classification tab of Folder1. 

B. From the File Server Resource Manager console, modify the Email Notifications settings. 

C. From the File Server Resource Manager console, set a folder management property. 

D. From File Explorer, modify the Customize tab of Folder1. 

Answer:

Explanation: 

When using the email model each of the file shares, you can determine whether access requests to each file share will be received by the administrator, a distribution list that represents the file share owners, or both. 

You can use the File Server Resource Manager console to configure the owner distribution list by editing the management properties of the classification properties. 

Reference: http://technet.microsoft.com/en-us/library/jj574182.aspx#BKMK_12 


Q52. Your network contains four Network Policy Server (NPS) servers named Server1, Server2, Servers, and Server4. 

Server1 is configured as a RADIUS proxy that forwards connection requests to a remote RADIUS server group named Group1. 

You need to ensure that Server2 and Server3 receive connection requests. Server4 must only receive connection requests if both Server2 and Server3 are unavailable. 

How should you configure Group1? 

A. Change the Weight of Server4 to 10. 

B. Change the Weight of Server2 and Server3 to 10. 

C. Change the Priority of Server2 and Server3 to 10. 

D. Change the Priority of Server4 to 10. 

Answer:

Explanation: 

During the NPS proxy configuration process, you can create remote RADIUS server groups and then add RADIUS servers to each group. To configure load balancing, you must have more than one RADIUS server per remote RADIUS server group. While adding group members, or after creating a RADIUS server as a group member, you can access the Add RADIUS server dialog box to configure the following items on the Load Balancing tab: 

Priority. Priority specifies the order of importance of the RADIUS server to the NPS proxy server. Priority level must be assigned a value that is an integer, such as 1, 2, or 3. The lower the number, the higher priority the NPS proxy gives to the RADIUS server. For example, if the RADIUS server is assigned the highest priority of 1, the NPS proxy sends connection requests to the RADIUS server first; if servers with priority 1 are not available, NPS then sends connection requests to RADIUS servers with priority 2, and so on. You can assign the same priority to multiple RADIUS servers, and then use the Weight setting to load balance between them. 

Weight. NPS uses this Weight setting to determine how many connection requests to send to each group member when the group members have the same priority level. Weight setting must be assigned a value between 1 and 100, and the value represents a percentage of 100 percent. For example, if the remote RADIUS server group contains two members that both have a priority level of 1 and a weight rating of 50, the NPS proxy forwards 50 percent of the connection requests to each RADIUS server. 

Advanced settings. These failover settingsprovide a way for NPS to determine whether the remote RADIUS server is unavailable. If NPS determines that a RADIUS server is unavailable, it can start sending connection requests to other group members. With these settings you can configure the number of seconds that the NPS proxy waits for a response from the RADIUS server before it considers the request dropped; the maximum number of dropped requests before the NPS proxy identifies the RADIUS server as unavailable; and the number of seconds that can elapse between requests before the NPS proxy identifies the RADIUS server as unavailable. 

The default priority is 1 and can be changed from 1 to 65535. So changing server 2 and 3 to priority 10 is not the way to go. 

Reference: http: //technet. microsoft. com/en-us/library/dd197433(WS. 10). aspx 


Q53. Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 

Client computers run either Windows 7 or Windows 8. All of the client computers have an application named App1 installed. 

The domain contains a Group Policy object (GPO) named GPO1 that is applied to all of the client computers. 

You need to add a system variable named App1Data to all of the client computers. 

Which Group Policy preference should you configure? 

A. Environment 

B. Ini Files 

C. Data Sources 

D. Services 

Answer:

Explanation: 

Environment Variable preference items allow you to create, update, replace, and delete user and system environment variables or semicolon-delimited segments of the PATH variable. Before you create an Environment Variable preference item, you should review the behavior of each type of action possible with this extension. 


Q54. Your network contains an Active Directory domain named adatum.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server. 

The network contains two subnets named Subnet1 and Subnet2. Server1 has a DHCP scope for each subnet. 

You need to ensure that noncompliant computers on Subnet1 receive different network policies than noncompliant computers on Subnet2. 

Which two settings should you configure? (Each correct answer presents part of the solution. Choose two.) 

A. The NAP-Capable Computers conditions 

B. The NAS Port Type constraints 

C. The Health Policies conditions 

D. The MS-Service Class conditions 

E. The Called Station ID constraints 

Answer: C,D 

Explanation: 

The NAP health policy server uses the NPS role service with configured health policies and system health validators (SHVs) to evaluate client health based on administrator-defined requirements. Based on results of this evaluation, NPS instructs the DHCP server to provide full access to compliant NAP client computers and to restrict access to client computers that are noncompliant with health requirements. 

If policies are filtered by DHCP scope, then MS-Service Class is configured in policy conditions. 


Q55. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily. 

The domain has the Active Directory Recycle Bin enabled. 

During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups. 

For documentation purposes, you must provide a list of the members of Group1 before the group was deleted. 

You need to identify the names of the users who were members of Group1 prior to its deletion. 

You want to achieve this goal by using the minimum amount of administrative effort. 

What should you do first? 

A. Mount the most recent Active Directory backup. 

B. Reactivate the tombstone of Group1. 

C. Perform an authoritative restore of Group1. 

D. Use the Recycle Bin to restore Group1. 

Answer:

Explanation: 

The Active Directory Recycle Bin does not have the ability to track simple changes to objects. 

If the object itself is not deleted, no element is moved to the Recycle Bin for possible recovery in the future. In other words, there is no rollback capacity for changes to object properties, or, in other words, to the values of these properties. 


Q56. Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2. 

The domain contains two domain controllers. The domain controllers are configured as shown in the following table. 

Active Directory Recycle Bin is enabled. 

You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago. 

You need to restore the membership of Group1. 

What should you do? 

A. Recover the items by using Active Directory Recycle Bin. 

B. Modify the Recycled attribute of Group1. 

C. Perform tombstone reanimation. 

D. Perform an authoritative restore. 

Answer:

Explanation: 

Active Directory Recycle Bin helps minimize directory service downtime by enhancing your ability to preserve and restore accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting Active Directory Domain Services (AD DS), or rebooting domain controllers. 

When you enable Active Directory Recycle Bin, all link-valued and non-link-valued attributes of the deleted Active Directory objects are preserved and the objects are restored in their entirety to the same consistent logical state that they were in immediately before deletion. For example, restored user accounts automatically regain all group memberships and corresponding access rights that they had immediately before deletion, within and across domains. 


Q57. Your network contains an Active Directory domain named contoso.com. The domain contains a read-only domain controller (RODC) named RODC1. 

You create a global group named RODC_Admins. 

You need to provide the members of RODC_Admins with the ability to manage the hardware and the software on R0DC1. The solution must not provide RODC_Admins with the ability to manage Active Directory objects. 

What should you do? 

A. From Active Directory Site and Services, configure the Security settings of the RODC1 server object. 

B. From Windows PowerShell, run the Set-ADAccountControlcmdlet. 

C. From a command prompt, run the dsmgmt local roles command. 

D. From Active Directory Users and Computers, configure the Member Of settings of the RODC1 account. 

Answer:

Explanation: 

RODC: using the dsmgmt.exe utility to manage local administrators One of the benefits of RODC is that you can add local administrators who do not have full access to the domain administration. This gives them the ability to manage the server but not add or change active directory objects unless those roles are delegated. Adding this type of user is done using the dsmdmt.exe utility at the command prompt. 


Q58. You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the File Server Resource Manager role service installed. 

Each time a user receives an access-denied message after attempting to access a folder on Server1, an email notification is sent to a distribution list named DLL. 

You create a folder named Folder1 on Server1, and then you configure custom NTFS permissions for Folder1. 

You need to ensure that when a user receives an access-denied message while attempting to access Folder1, an email notification is sent to a distribution list named DL2. The solution must not prevent DL1 from receiving notifications about other access-denied messages. 

What should you do? 

A. From the File Server Resource Manager console, create a local classification property. 

B. From Server Manager, run the New Share Wizard to create a share for Folder1 by selecting the SMB Share - Applications option. 

C. From the File Server Resource Manager console, modify the Access-Denied Assistance settings. 

D. From the File Server Resource Manager console, set a folder management property. 

Answer:


Q59. HOTSPOT 

You have a server named Servers that runs Windows Server 2012 R2. Servers has the Windows Deployment Services server role installed. 

Server5 contains several custom images of Windows 8. 

You need to ensure that when 32-bit client computers start by using PXE, the computers automatically install an image named Image 1. 

What should you configure? 

To answer, select the appropriate tab in the answer area. 

Answer: 


Q60. You have a file server that has the File Server Resource Manager role service installed. 

You open the File Server Resource Manager console as shown in the exhibit. (Click the Exhibit button.) 

You need to ensure that all of the folders in Folder1 have a 100-MB quota limit. 

What should you do? 

A. Run the Update FsrmQuotacmdlet. 

B. Run the Update-FsrmAutoQuotacmdlet. 

C. Create a new quota for Folder1. 

D. Modify the quota properties of Folder1. 

Answer:

Explanation: 

By using auto apply quotas, you can assign a quota template to a parent volume or folder. Then File Server Resource Manager automatically generates quotas that are based on that template. Quotas are generated for each of the existing subfolders and for subfolders that you create in the future. 

Ref: http://technet.microsoft.com/en-us/library/cc731577.aspx