★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 70-417 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/70-417-dumps.html
Refined of 70-417 exam prep materials and vce for Microsoft certification for IT specialist, Real Success Guaranteed with Updated 70-417 pdf dumps vce Materials. 100% PASS Upgrading Your Skills to MCSA Windows Server 2012 exam Today!
2021 Dec cbt nuggets 70-417:
Q1. You have a server named Server1 that runs Windows Server 2012 R2. You download and install the Microsoft Online Backup Service Agent on Server1.
You need to ensure that you can configure an online backup from Windows Server Backup.
What should you do first?
A. From a command prompt, run wbadmin.exe enable backup.
B. From Windows Server Backup, run the Register Server Wizard.
C. From the Services console, modify the Log On settings of the Microsoft Online Backup Service Agent.
D. From Computer Management, add the Server1 computer account to the Backup Operators group.
Answer: B
Explanation:
Download and install the Windows Azure Online Backup Agent After you create an account on the Windows Azure Online Backup website, you can download the Windows Azure Online Backup Agent and install it locally.
An Online Backup node then appears in the navigation pane of the Windows Server Backup console, as shown in Figure 12-If you prefer, you can also configure online backups from the Windows Azure Online Backup console, which becomes available after you install the agent. The Windows Azure Online Backup console provides exactly the same set of options as the Online Backup node in the Windows Server Backup console.
Register server The next step is to register your server. Registering a server enables you to perform backups from that same server only. (Remember this point for the exam.) To register the server, from the Actions menu, select Register Server. The Register Server Wizard includes two configuration steps. First, you are given an opportunity to specify a proxy server if desired. Second, you are asked to provide a passphrase that will be used to encrypt your backup data and a location to save this passphrase in a file. You need to provide this passphrase when you perform a restore operation, so it's essential that you don't lose it. (Microsoft doesn't maintain a copy of your passphrase.) A Generate Passphrase option creates the passphrase for you automatically. After you register a server, new options for Online Backup appear in the Actions pane, including Schedule Backup, Recover Data, Change Properties, and Unregister Server.
Q2. Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed up daily.
The domain has the Active Directory Recycle Bin enabled.
During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups. One of the deleted groups is named Group1. Some of the deleted user accounts are members of some of the deleted groups.
For documentation purposes, you must provide a list of the members of Group1 before the group was deleted.
You need to identify the names of the users who were members of Group1 prior to its deletion. You want to achieve this goal by using the minimum amount of administrative effort.
What should you do first?
A. Reactivate the tombstone of Group1.
B. Use the Recycle Bin to restore Group1.
C. Perform an authoritative restore of Group1.
D. Mount the most recent Active Directory backup.
Answer: D
Explanation:
You can use the Active Directory database mounting tool (Dsamain.exe) and a Lightweight Directory Access Protocol (LDAP) tool, such as Ldp.exe or Active Directory Users and Computers, to identify which backup has the last safe state of the forest. The Active Directory database mounting tool, which is included in Windows Server 2008 and later Windows Server operating systems, exposes Active Directory data that is stored in backups or snapshots as an LDAP server. Then, you can use an LDAP tool to browse the data. This approach has the advantage of not requiring you to restart any DC in Directory Services Restore Mode (DSRM) to examine the contents of the backup of AD DS.
Q3. RAG DROP
You have a server that runs Windows Server 2012 R2.
You need to create a volume that will remain online if two disks in the volume fail. The solution must minimize the number of disks used to create the volume.
Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)
Answer:
78. Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. Server1 and Server2 have the Failover Clustering feature installed. The servers are configured as nodes in a failover cluster named Cluster1.
You add two additional nodes to Cluster1. You need to ensure that Cluster1 stops running if three nodes fail.
What should you configure?
A. Affinity None
B. Affinity Single
C. The cluster quorum settings
D. The failover settings
E. A file server for general use
F. The Handling priority
G. The host priority
H. Live migration
I. The possible owner
J. The preferred owner
K. Quick migration
L. The Scale-Out File Server
Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc731739.aspx
Q4. Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All servers runs Windows Server 2012 R2.The domain contains two
domain controllers named DC1 and DC2. Both domain controllers are virtual machines on a Hyper-V host.
You plan to create a cloned domain controller named DC3 from an image of DC1.
You need to ensure that you can clone DC1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Add the computer account of DC1 to the Cloneable Domain Controllers group.
B. Create a DCCIoneConfig.xml file on DC1.
C. Add the computer account of DC3 to the Cloneable Domain Controllers group.
D. Run the Enable-AdOptionalFeaturecmdlet.
E. Modify the contents of the DefaultDCCIoneAllowList.xml file on DC1.
Answer: A,B
Explanation: * Cloneable Domain Controllers Group (located in the Users container). Membership in this group dictates whether a DC can or cannot be cloned. This group has some permissions set on the domain head that should not be removed. Removing these permissions will cause cloning to fail. Also, as a best practice, DCs shouldn't be added to the group until you plan to clone and DCs should be removed from the group once cloning is complete. Cloned DCs will also end up in the Cloneable Domain Controllers group.
* DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it boots. This includes network settings, DNS, WINS, AD site name, new DC name and more.
Q5. Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2008, Windows Server 2008 R2, or Windows Server 2012 R2. You have a Password Settings object (PSOs) named PSO1. You need to view the settings of PSO1. Which tool should you use?
A. Get-ADDomainControllerPasswordReplicationPolicy
B. Get-ADDefaultDomainPasswordPolicy
C. Active Directory Administrator Centre
D. Local Security Policies
Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/ee617231.aspx To get a list of all the properties of an ADFineGrainedPasswordPolicy object, use the following command: Get-ADFineGrainedPasswordPolicy<fine grained password policy> -Properties * | Get-Member [...] EXAMPLE 2 Command Prompt: C:\PS> Get-ADFineGrainedPasswordPolicyAdminsPSO Name: AdminsPSO ComplexityEnabled: True LockoutThreshold: 0 ReversibleEncryptionEnabled : True LockoutDuration: 00:30:00 LockoutObservationWindow: 00:30:00 MinPasswordLength: 10 Precedence: 200 ObjectGUID: ba1061f0-c947-4018-a399-6ad8897d26e3 ObjectClass: msDS-PasswordSettings PasswordHistoryCount: 24 MinPasswordAge: 1.00:00:00 MaxPasswordAge: 15.00:00:00 AppliesTo: {} DistinguishedName: CN=AdminsPSO,CN=Password Settings Container,CN=System,DC=FABRIKAM, DC=COM Description: Get the Fine Grained Password Policy named `AdminsPSO'.
Down to date exam cram 70-417:
Q6. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
On a server named Server2, you perform a Server Core Installation of Windows Server 2012 R2. You join Server2 to the contoso.com domain. You need to ensure that you can manage Server2 by using the Computer Management console on Server1.
What should you do on Server2?
A. Run the Disable-NetFirewallRulecmdlet.
B. Run the Enable-NetFirewallRulecmdlet.
C. Run sconfig.exe and configure the network settings.
D. Run sconfig.exe and configure remote management.
Answer: B
Explanation:
As we can see on the following screenshot, Remote Management is enabled by default on a new Server Core installation of 2012 (so we don't have to configure it on Server2) BUT that's not enough as it only enables WinRM-based remote management (and computer management is not WinRM- based of course). To enable the remote management from an MMC (such as server manager, or computer manager), we have to enable exception rules in the Firewall, which can be done, amongst other ways, using Powershell and the Enable-NetFirewallRulecmdlet.
http://technet.microsoft.com/en-us/library/jj554869.aspx Enable-NetFirewallRule Detailed Description The Enable-NetFirewallRulecmdlet enables a previously disabled firewall rule to be active within the computer or a group policy organizational unit. This cmdlet gets one or more firewall rules to be enabled with the Name parameter (default), the DisplayName parameter, rule properties, or by associated filters or objects. The Enabled parameter for the resulting queried rules is set to True.
Q7. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2008 R2. One of the domain controllers is named DC1.
The network contains a member server named Server1 that runs Windows Server 8.
You need to promote Server1 to a domain controller by using install from media (IFM).
What should you do first?
A. Run the Active Directory Domain Services Installation Wizard on DC1.
B. Upgrade DC1 to Windows Server 2012 R2.
C. Run the Active Directory Domain Services Configuration Wizard on Server1.
D. Create a system state backup of DC1.
E. Create IFM media on DC1.
Answer: B
Explanation: This is the only valid option. You could install ADDS role on Server 1 and run ADDS configuration wizard and add DC to existing domain.
Explanation http://technet.microsoft.com/en-us/library/cc770654(v=ws.10).aspx
Q8. You have a server named Server1 that runs Windows Server 2012 R2. You add a 4-TB disk named Disk 5 to Server1.
You need to ensure that you can create a 3-TB volume on Disk 5.
What should you do?
A. Create a storage pool.
B. Convert the disk to a GPT disk.
C. Convert the disk to a dynamic disk.
D. Create a VHD, and then attach the VHD.
Answer: B
Explanation: The exhibit shows Disk1 to be a basic disk. The disk must be GPT since GPT disks allows for partitioning.
References: Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 8: File Services and Storage, Lesson 2: Provisioning and managing shared storage, p. 379-384 http://msdn.microsoft.com/en-us/library/windows/hardware/gg463525.aspx
Q9. Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers. The domain controllers are configured as shown in the following table.
Active Directory Recycle Bin is enabled. You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago. You need to restore the membership of Group1.
What should you do?
A. Export and import data by using Dsamain.
B. Apply a virtual machine snapshot to VM1.
C. Recover the items by using Active Directory Recycle Bin.
D. Modify the isRecycled attribute of Group1.
Answer: A
Explanation:
As far as the benefits of the Windows 2012 Recycle Bin, they are the same as the Windows 2008 R2 recycle bin with the exception of the new user interface which makes it more user-friendly. These additional benefits include: All deleted AD object information including attributes, passwords and group membership can be selected in mass then undeleted from the user interface instantly or via Powershell User-friendly and intuitive interface to filter on AD objects and a time period • Can undelete containers with all child objects https://www.simple-talk.com/sysadmin/exchange/the-active-directory-recycle-bin-in-windows-server-2008-r2/ http://communities.quest.com/community/quest-itexpert/blog/2012/09/24/the-windows-server-2012-recycle-bin-and-recovery-manager-for-active- directory
Q10. OTSPOT
Your company has a primary data center and a disaster recovery data center.
The network contains an Active Directory domain named contoso.com. The domain contains a server named that runs Windows Server 2012 R2. Server1 is located in the primary data center.
Server1 has an enterprise root certification authority (CA) for contoso.com.
You deploy another server named Server2 to the disaster recovery data center.
You plan to configure Server2 as a secondary certificate revocation list (CRL) distribution point.
You need to configure Server2 as a CRL distribution point (CDP).
Which tab should you use to configure the required CDP entry? To answer, select the appropriate tab in the answer area.
Answer:
197. OTSPOT
You have a server named Server1 that runs Windows Server 2012 R2.
You are configuring a storage space on Server1.
You need to ensure that the storage space supports tiered storage.
Which settings should you configure?
To answer, select the appropriate options in the answer area.
Answer: