Microsoft 70-411 Exam Questions Instant Access

Question 1

Your network contains an Active Directory domain named contoso.com.

All user accounts reside in an organizational unit (OU) named OU1.

You create a Group Policy object (GPO) named GPO1. You link GPO1 to OU1. You configure the Group Policy preference of GPO1 to add a shortcut named Link1 to the desktop of each user.

You discover that when a user deletes Link1, the shortcut is removed permanently from the desktop.

You need to ensure that if a user deletes Link1, the shortcut is added to the desktop again.

What should you do?

AEnforce GPO1.

BModify the Link1 shortcut preference of GPO1.

CEnable loopback processing in GPO1.

DModify the Security Filtering settings of GPO1.

Answer : B

Replace Delete and recreate a shortcut for computers or users. The net result of the Replace action is to overwrite the existing shortcut. If the shortcut does not exist, then the Replace action creates a new shortcut.

This type of preference item provides a choice of four actions: Create, Replace, Update, and Delete. The behavior of the preference item varies with the action selected and whether the shortcut already exists.

Refernces:

http: //technet.microsoft.com/en-us/library/cc753580.aspx

Question 2

Your network contains an Active Directory domain named adatum.com. The domain has a certification authority (CA) named CA1.

All servers run Windows Server 2012 R2 .All client computers run Windows 10.

You need to add a data recovery agent for the encrypting File System (EFS) to the domain.

What should you do?

AFrom the Default Domain policy, select Create Data Recovery Agent.

BFrom the Default Domain controller policy, select Add Data Recovery Agent.

CFrom the default Domain controller policy, select Add Data recovery Agent.

DFrom the Default Domain policy, select Add Data Recovery Agent.

Answer : D

Question 3

Your network contains one Active Directory domain named contoso.com. The forest functional level is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows 8.1.

The domain contains 10 domain controllers and a read-only domain controller (RODC) named RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs Windows Server 2012 R2.

You need to identify which domain controller must be online when cloning a domain controller.

Which cmdlet should you use?

AGet-ADGroupMember

BGet-ADDomainControllerPasswordReplicationPolicy

CGet-ADDomainControllerPasswordReplicationPolicyUsage

DGet-ADDomain

EGet-ADOptionalFeature

FGet-ADAccountAuthorizationGroup

Answer : D

One requirement for cloning a domain controller is an existing Windows Server 2012 DC that hosts the PDC emulator role. You can run the Get-ADDomain and retrieve which server has the PDC emulator role.

Example: Command Prompt: C:\PS>

Get-ADDomain

Output wouldinclude a line such as: PDCEmulator : Fabrikam-DC1.Fabrikam.com

Incorrect:

Not A: The Get-ADGroupMember cmdlet gets the members of an Active Directory group. Members can be users, groups, and computers.

Not E: The Get-ADOptionalFeature cmdlet gets an optional feature or performs a search to retrieve multiple optional features from an Active Directory.

Not F: The Get-ADAuthorizationGroup cmdlet gets the security groups from the specified user, computer or service accounts token.

http://blogs.technet.com/b/canitpro/archive/2013/06/12/step-by-step-domain-controller-cloning.aspx

https://technet.microsoft.com/en-us/library/ee617224.aspx

Question 4

Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2.

All client computers run Windows 8 Enterprise.

DC1 contains a Group Policy object (GPO) named GPO1.

You need to update the PATH variable on all of the client computers.

Which Group Policy preference should you configure?

AIni Files

BServices

CData Sources

DEnvironment

Answer : D

Environment Variable preference items allow you to create, update, replace, and delete user and system environment variables or semicolon-delimited segments of the PATH variable. Before you create an Environment Variable preference item, you should review the behavior of each type of action possible with this extension.

Question 5

Your network contains two services named Server1 and Server2. Both servers run Windows Server 2012 R2. Server1 is a VPN server and Server2 is a Network Policy Server (NPS) server.

Server1 is configured to assign IP address to VPN clients by using a static IP address pool of 192.168.10.220.

On Server1, you configure Server2 as an authentication provider.

You need to ensure that users can establish VPN connections to Server1.

Which two should you configure on Server2? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Aa connection request policy

Ba RADIUS client for Server1

Ca RADIUS client for each VPN client

Da network policy

Ea remote RADIUS server group that contains Server1

Answer : A, B

References:

https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-crp-configure

https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-radius-clients-configure

Question 6

Your company has a main office and two branch offices. The main office is located in Seattle. The two branch offices are located in Montreal and Miami. Each office is configured as an Active Directory site.

The network contains an Active Directory domain named contoso.com. Network traffic is not routed between the Montreal office and the Miami office.

You implement a Distributed File System (DFS) namespace named \\contoso.com\public. The namespace contains a folder named Folder1. Folder1 has a folder target in each office.

You need to configure DFS to ensure that users in the branch offices only receive referrals to the target in their respective office or to the target in the main office.

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

ASet the Ordering method of \\contoso.com\public to Random order.

BSet the Advanced properties of the folder target in the Seattle office to Last among all targets.

CSet the Advanced properties of the folder target in the Seattle office to First among targets of equal cost.

DSet the Ordering method of \\contoso.com\public to Exclude targets outside of the client's site.

ESet the Advanced properties of the folder target in the Seattle office to Last among targets of equal cost.

FSet the Ordering method of \\contoso.com\public to Lowest cost.

Answer : C, D

Exclude targets outside of the client's site

In this method, the referral contains only the targets that are in the same site as the client. These same-site targets are listed in random order. If no same-site targets exist, the client does not receive a referral and cannot access that portion of the namespace.

Note: Targets that have target priority set to 'First among all targets' or 'Last among all targets' are still listed in the referral, even if the ordering method is set to Exclude targets outside of the client's site.

Note 2: Set the Ordering Method for Targets in Referrals

A referral is an ordered list of targets that a client computer receives from a domain controller or namespace server when the user accesses a namespace root or folder with targets. After the client receives the referral, the client attempts to access the first target in the list. If the target is not available, the client attempts to access the next target.

Question 7

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.

All sales users have laptop computers that run Windows 8. The sales computers are joined to the domain. All user accounts for the sales department are in an organizational unit (OU) named Sales_OU.

A Group Policy object (GPO) named GPO1 is linked to Sales_OU.

You need to configure a dial-up connection for all of the sales users.

What should you configure from User Configuration in GPO1?

APolicies/Administrative Templates/Network/Windows Connect Now

BPreferences/Control Panel Settings/Network Options

CPolicies/Administrative Templates/Windows Components/Windows Mobility Center

DPolicies/Administrative Templates/Network/Network Connections

Answer : B

The Network Options extension allows you to centrally create, modify, and delete dial-up networking and virtual private network (VPN) connections. Before you create a network option preference item, you should review the behavior of each type of action possible with the extension.

To create a new Dial-Up Connection preference item

Open the Group Policy Management Console. Right-click the Group Policy object (GPO) that should contain the new preference item, and then click Edit.

In the console tree under Computer Configuration or User Configuration, expand the Preferences folder, and then expand the Control Panel Settings folder.

Right-click the Network Options node, point to New, and select Dial-Up Connection.

References:

http: //technet. microsoft. com/en-us/library/cc772107. aspx

http: //technet. microsoft. com/en-us/library/cc772449. aspx

Microsoft Administering Windows Server 70-411 Exam Questions