Ucertify offers free demo for 70 412 exam dumps exam. "Configuring Advanced Windows Server 2012 Services", also known as 70 412 pdf exam, is a Microsoft Certification. This set of posts, Passing the Microsoft examcollection 70 412 exam, will help you answer those questions. The exam 70 412 Questions & Answers covers all the knowledge points of the real exam. 100% real Microsoft mcsa 70 412 exams and revised by experts!


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for Microsoft 70-412 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 70-412 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/70-412-exam-dumps.html

Q11. Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 has the IP Address Management (IPAM) Server feature installed. 

A technician performs maintenance on Server1. 

After the maintenance is complete, you discover that you cannot connect to the IPAM server on Server1. 

You open the Services console as shown in the exhibit. (Click the Exhibit button.) 

You need to ensure that you can connect to the IPAM server. 

Which service should you start? 

A. Windows Process Activation Service 

B. Windows Event Collector 

C. Windows Internal Database 

D. Windows Store Service (WSService) 

Answer:

Explanation: 

Explanation Windows Internal Database 

Windows Internal Database is a relational data store that can be used only by Windows 

roles and features. 

IPAM does not support external databases. Only a Windows Internal Database is 

supported. 

IPAM stores 3 years of forensics data (IP address leases, host MAC addresses, user 

login/logoff information) for 100,000 users in a Windows Internal Database. There is no 

database purge policy provided, and the administrator must purge data manually as 

needed. 

Incorrect: 

Not A. IPAM works even if the Windows Process Activation Service is not running. 

Not B. IPAM does not require the Windows Event Collector Service. It need to be running 

on the managed DC/DNS/DHCP computers. 

Not D. IPAM does not require the Windows Store Service. It provides infrastructure support 

for Windows Store.This service is started on demand and if disabled applications bought 

using Windows Store will not behave correctly. 

Reference: IPAM Deployment Planning 


Q12. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. Server1 has an IPv6 scope named Scope1. 

You implement an additional DHCP server named Server2 that runs Windows Server 2012 R2. 

You need to provide high availability for Scope1. The solution must minimize administrative effort. 

What should you do? 

A. Install and configure Network Load Balancing (NLB) on Server1 and Server2. 

B. Create a scope on Server2. 

C. Configure DHCP failover on Server1. 

D. Install and configure Failover Clustering on Server1 and Server2. 

Answer:

Explanation: 

Overview: Configure DHCP failover using the DHCP console To configure DHCP failover using the DHCP console, right-click a DHCP scope or right-click IPv4 and then click Configure Failover. 

Configure Failover 

The Configure Failover wizard guides you through configuring DHCP failover on the 

selected scope. 

Note: The DHCP server failover feature, available in Windows Server 2012 and later, 

provides the ability to have two DHCP servers provide IP addresses and option 

configuration to the same subnet or scope, providing for continuous availability of DHCP 

service to clients. 

Incorrect: 

Not A. NLB is not related to DHCP scope availability. 

Not B. DHCP failover requirements include: 

DHCP Scopes requirement: 

At least one IPv4 DHCP scope must be configured on the primary DHCP server. 

The same DHCP scope ID, or an overlapping scope, must not be configured on the failover 

partner. 

Not D. Failover clustering is possibly, but would not minimize administration. 

Reference: Deploy DHCP Failover 


Q13. Your network contains an Active Directory forest named contoso.com. The contoso.com domain only contains domain controllers that run Windows Server 2012 R2. 

The forest contains a child domain named child.contoso.com. The child.contoso.com domain only contains domain controllers that run Windows Server 2008 R2. The child.contoso.com domain contains a member server named Server1 that runs Windows Server 2012 R2. 

You have access to four administrative user accounts in the forest. The administrative user accounts are configured as shown in the following table. 

You need to ensure that you can add a domain controller that runs Windows Server 2012 R2 to the child.contoso.com domain. 

Which account should you use to run adprep.exe? 

A. Admin1 

B. Admin2 

C. Admin3 

D. Admin4 

Answer:

Explanation: 

Adprep.exe performs operations that must be completed on the domain controllers that run 

in an existing Active Directory environment before you can add a domain controller that 

runs that version of Windows Server. 

Preparing to run adprep /domainprep (see step 2 below). 

To help ensure that the adprep /domainprep command runs successfully, complete these 

steps before you run the command on the infrastructure operations master role holder in 

each domain: 

. Make sure that the schema updates that adprep /forestprep performs replicated throughout the forest or that they at least replicated to the infrastructure master for the domain where you plan to run adprep /domainprep. 

. Make sure that you can log on to the infrastructure master with an account that is a member of the Domain Admins group. . Verify that the domain functional level is appropriate. 

Reference: Running Adprep.exe 

http://technet.microsoft.com/en-us/library/dd464018(v=ws.10).aspx 


Q14. You create a new virtual disk in a storage pool by using the New Virtual Disk Wizard. You discover that the new virtual disk has a write-back cache of 1 GB. 

You need to ensure that the virtual disk has a write-back cache of 5 GB. 

What should you do? 

A. Detach the virtual disk, and then run the Resize-VirtualDisk cmdlet. 

B. Detach the virtual disk, and then run the Set-VirtualDisk cmdlet. 

C. Delete the virtual disk, and then run the New-StorageSubSystemVirtualDisk cmdlet. 

D. Delete the virtual disk, and then run the New-VirtualDisk cmdlet. 

Answer:

Explanation: 

So what about changing the cache size? Well, you can't modify the cache size, but you can specify it at the time that you create a new virtual hard disk. In order to do so, you have to use Windows PowerShell. 

New-VirtualDisk –StoragePoolFriendlyName "<storage pool name>" –FriendlyName "<v 

Reference: Using Windows Server 2012's SSD Write-Back Cache 


Q15. Your network contains one Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. All domain computers have certificates that are issued by a certification authority (CA) named Contoso CA. 

A user named User1 performs daily backups of the data on Server1 to a backup vault named Vault1. A user named User2 performs daily backups of the data on Server2 to a vault named Vault2. 

You have the administrative credentials for Server2. 

You need to restore the data from that last backup of Server1 to Server2. 

Which two pieces of information do you require to complete the task? Each correct answer presents part of the solution. 

A. the Microsoft Azure subscription credentials 

B. the Vault2 credentials 

C. the User1 credentials 

D. the Vault1 credentials 

E. the Server1 certificate 

F. the Server2 certificate 

G. the Server1 passphrase 

H. the Server2 passphrase 

Answer: D,G 

Explanation: We need the Vault1 credentials to be able to access the data in Vault1. We need the passphrase of Server1 to access the backup that was made on Server1. 

Reference: Microsoft Azure - Cloud Backup and Recovery 

http://blogs.technet.com/b/rmurphy/archive/2014/12/02/microsoft-azure-backup.aspx 


Q16. You have a DNS server named Server1 that runs Windows Server 2012 R2. Server1 has the zones shown in the following output. 

You need to delegate permissions to modify the records in the adatum.com zone to a group named Group1. 

What should you do first? 

A. Enable the distribution of the trust anchors for adatum.com. 

B. Unsign adatum.com. 

C. Store adatum.com in Active Directory. 

D. Update the server data file for adatum.com. 

Answer:

Explanation: From the exhibit we see that the adatum.com zone is signed. 

A trust anchor (or trust “point”) is a public cryptographic key for a signed zone. Trust 

anchors must be configured on every non-authoritative DNS server that will attempt to 

validate DNS data. You cannot distribute trust anchors until after a zone is signed. 

Reference: Trust Anchors 

https://technet.microsoft.com/en-us/library/dn593672.aspx 


Q17. DRAG DROP 

Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2. 

A federated trust exists between adatum.com and contoso.com. The trust provides adatum.com users with access to contoso.com resources. 

You need to configure Active Directory Federation Services (AD FS) claim rules for the federated trust. 

The solution must meet the following requirements: 

. In contoso.com, replace an incoming claim type named Group with an outgoing claim type named Role. . In adatum.com, allow users to receive their tokens for the relying party by using their Active Directory group membership as the claim type. 

The AD FS claim rules must use predefined templates. 

Which rule types should you configure on each side of the federated trust? 

To answer, drag the appropriate rule types to the correct location or locations. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. 

Answer: 


Q18. Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. 

You are creating a central access rule named TestFinance that will be used to grant members of the Authenticated users group access to a folder stored on a Microsoft SharePoint Server 2013 server. 

You need to ensure that the permissions are granted when the rule is published. 

What should you do? 

A. Set the Permissions to Use the following permissions as proposed permissions. 

B. Set the Permissions to Use following permissions as current permissions. 

C. Add a Resource condition to the current permissions entry for the Authenticated Users principal. 

D. Add a User condition to the current permissions entry for the Authenticated Users principal. 

Answer:

Explanation: 

To create a central access rule (see step 5 below): In the left pane of the Active Directory Administrative Center, click Tree View, select Dynamic Access Control, and then click Central Access Rules. Right-click Central Access Rules, click New, and then click Central Access Rule. In the Name field, type Finance Documents Rule. In the Target Resources section, click Edit, and in the Central Access Rule dialog box, click Add a condition. Add the following condition: [Resource] [Department] [Equals] [Value] [Finance], and then click OK. In the Permissions section, select Use following permissions as current permissions, click Edit, and in the Advanced Security Settings for Permissions dialog box click Add. 

Note (not A): Use the following permissions as proposed permissions option lets you create the policy in staging. 

6. In the Permission entry for Permissions dialog box, click Select a principal, type Authenticated Users, and then click OK. 

Etc. 

Incorrect: 

Not A. Proposed permissions enable an administrator to more accurately model the impact 

of potential changes to access control settings without actually changing them. 

Reference: Deploy a Central Access Policy (Demonstration Steps) 

https://technet.microsoft.com/en-us/library/hh846167.aspx 


Q19. Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 are configured as shown in the following table. 

You need to ensure that when new targets are added to Server1, the targets are registered on Server2 automatically. 

What should you do on Server1? 

A. Configure the Discovery settings of the iSCSI initiator. 

B. Configure the security settings of the iSCSI target. 

C. Run the Set-WmiInstance cmdlet. 

D. Run the Set-IscsiServerTarget cmdlet. 

Answer:

Explanation: 

Explanation/Reference: 

Manage iSNS server registration 

The iSNS server registration can be done using the following cmdlets, which manages the 

WMI objects. 

To add an iSNS server: 

Set-WmiInstance -Namespace rootwmi -Class WT_iSNSServer –Arguments 

@{ServerName="ISNSservername"} 

Note: The Set-WmiInstance cmdlet creates or updates an instance of an existing WMI 

class. The created or updated instance is written to the WMI repository. 

Reference: iSCSI Target cmdlet reference 

http://blogs.technet.com/b/filecab/archive/2012/06/08/iscsi-target-cmdlet-reference.aspx 


Q20. HOTSPOT 

Your company has a main office and a branch office. An Active Directory site exists for each office. 

The network contains an Active Directory forest named contoso.com. The contoso.com domain contains three member servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2. 

In the main office, you configure Server1 as a file server that uses BranchCache. 

In the branch office, you configure Server2 and Server3 as BranchCache hosted cache servers. 

You are creating a Group Policy for the branch office site. 

Which two Group Policy settings should you configure? 

To answer, select the appropriate two settings in the answer area. 

Answer: