Certification Provider: Microsoft
Exam Name: Administering Windows Server 2012
Exam Code: 70-411
Official Exam Time: 120 mins
Number of questions in the Official Exam: 40-60 Q&As
Latest update time in our database: September 27,2023
70-411 Official Exam Topics:
  • Topic1 : Deploy, Manage, and Maintain Servers
  • Topic2 : Deploy and manage server images / Configure Distributed File System (DFS)
  • Topic3 :  Install and configure DFS namespaces; configure DFS Replication Targets; configure Replication Scheduling; configure Remote Differential Compression settings; configure staging; configure fault tolerance; clone a DFS database; recover DFS databases; optimize DFS replication / Configure File Server Resource Manager (FSRM)
  • Topic4 : Configure advanced audit policies / Configure Network Services and Access
  • Topic5 : Configure DNS zones / Configure DNS records
  • Topic6 :  Install and configure the Remote Access role; implement Network Address Translation (NAT); configure VPN settings; configure remote dial-in settings for users; configure routing; configure Web Application proxy in passthrough mode / Configure DirectAccess
  • Topic7 :  Implement server requirements; implement client configuration; configure DNS for Direct Access; configure certificates for Direct Access /  Configure connection request policies; configure network policies for VPN clients (multilink and bandwidth allocation, IP filters, encryption, IP addressing); import and export NPS policies
  • Topic8 : Configure and Manage Active Directory / Configure service authentication
  • Topic9 :  Create and configure Service Accounts; create and configure Group Managed Service Accounts; configure Kerberos delegation; manage Service Principal Names (SPNs); configure virtual accounts / Configure Domain Controllers
  • Topic10 :  Transfer and seize operations master roles; install and configure a read-only domain controller (RODC); configure Domain Controller cloning / Configure account policies
  • Topic11 :  Configure processing order and precedence; configure blocking of inheritance; configure enforced policies; configure security filtering and WMI filtering; configure loopback processing; configure and manage slow-link processing and Group Policy caching; configure client-side extension (CSE) behavior; force Group Policy Update /  Configure settings including software installation, folder redirection, scripts, and administrative template settings; import security templates; import custom administrative template file; configure property filters for administrative templates
  • Topic12 : Manage Group Policy objects (GPOs) / Configure Group Policy Preferences (GPP)
  • Topic13 :  Configure GPP settings including printers, network drive mappings, power options, custom registry settings, Control Panel settings, Internet Explorer settings, file and folder deployment, and shortcut deployment; configure item-level targeting /

What should you do?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 is configured as a VPN server. You need to configure Server1 to perform network address translation (NAT).

What should you do?
A . From Network Connections, modify the Internet Protocol Version 4 (TCP/IPv4) setting of each network adapter.
B . From Network Connections, modify the Internet Protocol Version 6 (TCP/IPv6) setting of each network adapter.
C . From Routing and Remote Access, add an IPv6 routing protocol.
D . From Routing and Remote Access, add an IPv4 routing protocol.

Answer: D

Explanation:

To configure an existing RRAS server to support both VPN remote access and NAT routing:

What should you configure?

You have a server named Server1 that runs Windows Server 2012 R2. On Server1, you configure a custom Data Collector Set (DCS) named DCS1. DCS1 is configured to store performance log data in C:Logs.

You need to ensure that the contents of C:Logs are deleted automatically when the folder reaches 100 MB in size.

What should you configure?
A . A File Server Resource Manager (FSRM) file screen on the C:Logs folder
B . The Data Manager settings of DCS1
C . A schedule for DCS1
D . A File Server Resource Manager (FSRM) quota on the C:Logs folder

Answer: B

Explanation:

To configure data management for a Data Collector Set

What should you do on Server1?

Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. All of the DNS servers in both of the domains run Windows Server 2012 R2. The network contains two servers named Server1 and Server2. Server1 hosts an Active Directory-integrated zone for contoso.com. Server2 hosts an Active Directory-integrated zone for fabrikam.com. Server1 and Server2 connect to each other by using a WAN link.

Client computers that connect to Server1 for name resolution cannot resolve names in fabnkam.com.

You need to configure Server1 to support the resolution of names in fabnkam.com. The solution must ensure that users in contoso.com can resolve names in fabrikam.com if the WAN link fails.

What should you do on Server1?
A . Create a stub zone.
B . Add a forwarder.
C . Create a secondary zone.
D . Create a conditional forwarder.

Answer: C

Explanation:

http://technet.microsoft.com/en-us/library/cc771898.aspx

When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone.

With secondary, you have ability to resolve records from the other domain even if its DNS servers are temporarily unavailable.

While secondary zones contain copies of all the resource records in the corresponding zone on the master name server, stub zones contain only three kinds of resource records:

• A copy of the SOA record for the zone.

• Copies of NS records for all name servers authoritative for the zone.

• Copies of A records for all name servers authoritative for the zone.

References:

http://www.windowsnetworking.com/articles-tutorials/windows-2003/DNS_Stub_Zones.html

http://technet.microsoft.com/en-us/library/cc771898.aspx

http://redmondmag.com/Articles/2004/01/01/The-Long-and-Short-of-Stub-Zones.aspx?Page=2

You have a server named Server4 that runs Windows Server 2012 R2. Server4 has the Windows Deployment Services server role installed

HOTSPOT

You have a server named Server4 that runs Windows Server 2012 R2. Server4 has the Windows Deployment Services server role installed.

Server4 is configured as shown in the exhibit. (Click the Exhibit button.)

To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point.

Answer:

What should you do?

You have a server named Server1 that runs Windows Server 2012 R2.

An administrator creates a quota as shown in the Quota exhibit. (Click the Exhibit button.)

You run the dir command as shown in the Dir exhibit. (Click the Exhibit button.)

You need to ensure that D:Folder1 can only consume 100 MB of disk space.

What should you do?
A . From File Server Resource Manager, create a new quota.
B . From File Server Resource Manager, edit the existing quota.
C . From the Services console, set the Startup Type of the Optimize drives service to Automatic.
D . From the properties of drive D, enable quota management.

Answer: A

Explanation:

Which tool should you use?

Your network contains an Active Directory domain named contoso.com. The Active Directory Recycle bin is enabled for contoso.com. A support technician accidentally deletes a user account named User1. You need to restore the User1 account.

Which tool should you use?
A . Ldp
B . Esentutl
C . Active Directory Administrative Center
D . Ntdsutil

Answer: C

Which two values should you assign to the device ID?

You manage a server that runs Windows Server 2012 R2. The server has the Windows Deployment Services server role installed.

You start a virtual machine named VM1 as shown in the exhibit. (Click the Exhibit button.)

You need to configure a pre-staged device for VM1 in the Windows Deployment Services console.

Which two values should you assign to the device ID? (Each correct answer presents a complete solution. Choose two.)
A . 979708BFC04B45259FE0C4150BB6C618
B . 979708BF-C04B-4525-9FE0-C4150BB6C618
C . 00155D000F1300000000000000000000
D . 0000000000000000000000155D000F13
E . 00000000-0000-0000-0000-C4150BB6C618

Answer: B, D

Explanation:

Use client computer’s media access control (MAC) address preceded with twenty zeros or the globally unique identifier (GUID) in the format: {XXXXXXXX-XXXX-XXXX-XXX-XXXXXXXXXXXX}.

Reference: http://technet.microsoft.com/en-us/library/cc754469.aspx

Which setting should you modify in the start of authority (SOA) record?

Your network contains two DNS servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 hosts a primary zone for contoso.com. Server2 hosts a secondary zone for contoso.com. You need to ensure that Server2 replicates changes to the contoso.com zone every five minutes.

Which setting should you modify in the start of authority (SOA) record?
A . Retry interval
B . Expires after
C . Minimum (default) TTL
D . Refresh interval

Answer: D

Explanation:

By default, the refresh interval for each zone is set to 15 minutes. The refresh interval is used to determine how often other DNS servers that load and host the zone must attempt to renew the zone.

What should you do first?

Your network contains an Active Directory domain named contoso.com. The domain contains six domain controllers named DC1, DC2, DC3, DC4, DC5, and DC6. Each domain controller has the DNS Server role installed and hosts an Active Directory-integrated zone for contoso.com. You plan to create a new Active Directory-integrated zone named litwareinc.com that will be used for testing. You need to ensure that the new zone will be available only on DC5 and DCG.

What should you do first?
A . Change the zone replication scope.
B . Create an Active Directory connection object.
C . Create an Active Directory site link.
D . Create an application directory partition.

Answer: D

Explanation:

You can store Domain Name System (DNS) zones in the domain or application directory partitions of Active Directory Domain Services (AD DS). A partition is a data structure in AD DS that distinguishes data for different replication purposes. When you create an application directory partition for DNS, you can control the scope of replication for the zone that is stored in that partition.

What should you configure?

You have a server named Server1 that runs Windows Server 2012 R2. On Server1, you configure a custom Data Collector Set (DCS) named DCS1. DCS1 is configured to store performance log data in C:Logs.

You need to ensure that the contents of C:Logs are deleted automatically when the folder reaches 100 MB in size.

What should you configure?
A . A File Server Resource Manager (FSRM) file screen on the C:Logs folder
B . The Data Manager settings of DCS1
C . A schedule for DCS1
D . A File Server Resource Manager (FSRM) quota on the C:Logs folder

Answer: B

Explanation:

To configure data management for a Data Collector Set