Microsoft 70-411 Exam Practice Test Instant Access

Question 1

Your network contains an Active Directory domain.

A Group Policy object (GRO) named GPO1 is linked to the domain. GPO1 has the settings shown in the following table.

Policy

Policy setting

Enforce password history

5 passwords remembered

Minimum password length

10 characters

You import the backup of a GPO named GPO named GPO2. GPO2 has the settings shown in the following table.

Policy

Policy setting

Minimum password length

5 characters

Store passwords using reversible encryption

Enabled

You import the backup of GPO2 into GPO1.

You need to identify the configurations in GPO1.

What should you identify?

AOption A

BOption B

COption C

DOption D

Answer : C

References:

http://www.dell.com/support/article/za/en/zabsdt1/sln283515/windows-server-how-to-import-a-group-policy-objects-settings-into-another-group-policy-object?lang=en

Question 2

Your network contains an Active Directory domain named adatum.com. The domain has a certification authority (CA) named CA1.

All servers run Windows Server 2012 R2. All client computers run Windows 10.

You need to add a data recovery agent for the Encryption File System (EFS) to the domain.

What should you do?

AFrom the Default Domain Controllers Policy, select Add Data Recovery Agent.

BFrom the Default Domain Controllers Policy, select Create Data Recovery Agent.

CFrom the Default Domain Policy, select Add Data Recovery Agent.

DFrom the Default Domain Policy, select Create Data Recovery Agent.

Answer : C

References:

https://msdn.microsoft.com/library/cc875821.aspx#EJAA

Question 3

Your network contains two services named Server1 and Server2. Both servers run Windows Server 2012 R2. Server1 is a VPN server and Server2 is a Network Policy Server (NPS) server.

Server1 is configured to assign IP address to VPN clients by using a static IP address pool of 192.168.10.220.

On Server1, you configure Server2 as an authentication provider.

You need to ensure that users can establish VPN connections to Server1.

Which two should you configure on Server2? Each correct answer presents part of the solution.

NOTE: Each correct selection is worth one point.

Aa connection request policy

Ba RADIUS client for Server1

Ca RADIUS client for each VPN client

Da network policy

Ea remote RADIUS server group that contains Server1

Answer : A, B

References:

https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-crp-configure

https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-radius-clients-configure

Question 4

Your network contains an Active Directory domain named contoso.com. The domain contains two domain controllers named DC1 and DC2.

You discover that client computers authenticate to both domain controllers.

You need to ensure that client computers only authenticate to DC2 if DC1 fails. The solution must be persistent.

What should you do?

AFrom Registry Editor, create the LdapSrvPriority value.

BFrom Registry Editor, create the LdapSrvWeight value.

CFrom DNS Manager, modify the priority value of the service location (SRV) records.

DFrom DNS Manager, modify the weight value of the service location (SRV) records.

Answer : C

Question 5

Your network contains an Active Directory domain.

A Group policy object (GPO) named GPO1 is linked to the domain. GPO1 has the setting shown in the following table.

You have backup of a GPO named GPO2. GPO2 has the settings shown In the following table.

You import backup into GPO1.

You need to identify the configuration in GPO1.

What should you identify?

A* Enforce password of history ids not set to Not Defined.
* Minimium password length is set to 5 characters.
* Store passwords using reversible encryption is set to Enabled.

B* Enforce password history is set Not Defined.
* Minimum Password length is set to 10 characters.
* Store passwords using reversible encryption is set to Enabled.

C* Minimum password length is set to 10 characters.
* Enforce password history is set to 5 password remembered.
* Store password using reversible encryption is set to Enabled.

D* Minimum password length is set to 5 characters.
* Enforce password history is set to 5 password remembered.
* Stop passwords using reversible encryption is set to Enabled.

Answer : A

Question 6

Your network contains an Active Directory domain named adatum.com. The domain has a certification authority (CA) named CA1.

All servers run Windows Server 2012 R2 .All client computers run Windows 10.

You need to add a data recovery agent for the encrypting File System (EFS) to the domain.

What should you do?

AFrom the Default Domain policy, select Create Data Recovery Agent.

BFrom the Default Domain controller policy, select Add Data Recovery Agent.

CFrom the default Domain controller policy, select Add Data recovery Agent.

DFrom the Default Domain policy, select Add Data Recovery Agent.

Answer : D

Question 7

Your network contains an Active Directory domain named contoso.com. All users have client computers that run Windows 8.1.

All computer accounts reside in an organizational unit (OU) named OU1. All of the computer accounts for the marketing department are members of a group named Marketing. All of the computer accounts for the human resources department are members of a group named HR Computers.

You create a Group Policy object (GPO) named GPO1. You link GPO1 to OU1. You configure the Group Policy preferences of GPO1 to add two shortcuts named Link1 and Link2 to the desktop.

You need to ensure that Link1 only appears on the desktop of client computers that have more than 80 GB of free disk space and that Link2 only appears on the desktop of client computers that have less than 80 GB of free disk space.

What should you configure?

AWMI Filtering

BGroup Policy Inheritance

CItem-level targeting

DSecurity Filtering

Answer : C

References: https://technet.microsoft.com/en-us/library/dn789189(v=ws.11).aspx

Microsoft 70-411 Administering Windows Server Exam Practice Test