Microsoft 70-410 Exam Practice Test Instant Access

Question 1

Your network contains an Active Directory domain named contoso.com. The domain contains hundreds of groups, many of which are nested in other groups.

The domain contains a user account named user1.User1 is a direct member of 15 groups.

You need to identify of which Active Directory groups User1 is a member, including the nested groups. The solution must minimize administrative effort.

Which tool should you use?

AActive Directory Users and Computers

BADSI Edit

CGet-ADUser

DDsget

Answer : D

Question 2

You have a domain controller named Server1 that runs Windows Server 2012 R2 and has the DNS Server server role installed. Server1 hosts a DNS zone named contoso.com and a GlobalNames zone.

You discover that the root hints were removed from Server1.

You need to view the default root hints of Server1.

What should you do?

AFrom Event Viewer, open the DNS Manager log.

BFrom Notepad, open the Cache.dns file.

CFrom Windows Powershell, run Get-DNSServerDiagnostics.

DFrom nslookup, run root server1.contoso.com

Answer : B

A . Allows you to troubleshoot DNS issues

B . DNS Server service implements root hints using a file, Cache.dns, stored in the

systemroot\System32\Dnsfolder on the server

C . Gets DNS event logging details

D . nslookup is used to query the DNS server

Question 3

Your network contains an Active Directory domain named contoso.com. The domain contains two servers named CONT1 and CONT2. Both servers run Windows Server 2012 R2.

CONT1 has a shared printer named Printer1. CONT2 connects to Printer1 on CONT1.

When you attempt to remove Printer1 from CONT2, you receive the error message shown in the exhibit. (Click the Exhibit button.)

You successfully delete the other printers installed on CONT2.

You need to identify what prevents you from deleting Printer1 on CONT2.

What should you identify?

APrinter1 is deployed as part of a mandatory profile.

BPrinter1 is deployed by using a Group Policy object (GPO).

CYour user account is not a member of the Print Operators group on CONT2.

DYour user account is not a member of the Print Operators group on CONT1.

Answer : B

Question 4

You have a server named Server1 that runs a Server Core installation of Windows Server 2012 R2 Standard. You establish a remote management session to Server1.

You need to identify which task can be performed on Server1 from within the Remote management session.

Which tasks can you perform?

AInstall a feature by using Server Manager.

BModify the network settings by using Sconfig.

CDisable services by using Msconfig.

DJoin a domain by using the System Properties.

Answer : C

In Windows Server 2012 R2, you can use the Server Configuration tool (Sconfig.cmd) to configure and manage several common aspects of Server Core installations. You must be a member of the Administrators group to use the tool. Sconfig.cmd is available in the Minimal Server Interface and in Server with a GUI mode.

Question 5

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The domain contains two domain controllers named DC1 and DC2 that run Windows Server 2012 R2.

The domain contains a user named User1 and a global security group named Group1.

You reconfigure DC2 as a member server in the domain.

You need to add DC2 as the first domain controller in a new domain in the forest.

Which cmdlet should you run?

AAdd-AdPrincipalGroupMembership

BInstall-AddsDomainController

CInstall WindowsFeature

DInstall AddsDomain

ERename-AdObject

FSet AdAccountControl

GSet-AdGroup

HSet-User

Answer : C

Since a member server does not have Active Directory Domain Services installed, you must install this role before you can configure the new Domain Controller (which would require you to run Install-ADDSForest).

Question 6

A company has a forest with 4 sites. Subnets are as follows:

MainOffice 172.16.1.0 Subnet: 255.255.255.0 Gateway 172.16.1.254

Site1 192.168.12.0 Subnet: 255.255.255.0

Site 2 192.168.13.0 Subnet: 255.255.255.0

Site 3 192.168.14.0 Subnet: 255.255.255.0

Site 4 192.168.15.0 Subnet: 255.255.255.0

You add a new server to the MainOffice and it needs to be able to communicate to all sites.

Which route command would you run?

Aroute add -p 192.168.8.0 netmask 255.255.252.0 172.16.1.254

Broute add -p 192.168.0.0 netmask 255.255.248.0 172.16.1.254

Croute add -p 192.168.12.0 netmask 255.255.252.0 172.16.1.254

Droute add -p 192.168.12.0 netmask 255.255.240.0 172.16.1.254

Answer : C

Question 7

Your network contains two Active Directory forests named contoso.com and adatum.com. All servers run Windows Server 2012 R2.

A one-way external trust exists between contoso.com and adatum.com.

Adatum.com contains a universal group named Group1. You need to prevent Group1 from being used to provide access to the resources in contoso.com.

What should you do?

AModify the Managed By settings of Group1.

BModify the Allowed to Authenticate permissions in adatum.com.

CChange the type of Group1 to distribution.

DModify the name of Group1.

Answer : B

* Accounts that require access to the customer Active Directory will be granted a special right called Allowed to Authenticate. This right is then applied to computer objects (Active Directory domain controllers and AD RMS servers) within the customer Active Directory to which the account needs access.

* For users in a trusted Windows Server 2008 or Windows Server 2003 domain or forest to be able to access resources in a trusting Windows Server 2008 or Windows Server 2003 domain or forest where the trust authentication setting has been set to selective authentication, each user must be explicitly granted the Allowed to Authenticate permission on the security descriptor of the computer objects (resource computers) that reside in the trusting domain or forest.

Microsoft 70-410 Installing and Configuring Windows Server Exam Practice Test