Q1. HOTSPOT - (Topic 3)
You have a server named Server1 that runs Windows Server 2012 R2. Server1 is a member of a workgroup.
You need to ensure that only members of the Administrators group and members of a group named Group1 can log on locally to Server1.
Which settings should you modify from the Local Security Policy? To answer, select the appropriate settings in the answer area.
Answer:
Q2. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains a member server named Server1. Server1 runs Windows Server 2012 R2 and has the File and Storage Services server role installed.
On Server1, you create a share named Documents.
You need to ensure that users can recover files that they accidently delete from Documents.
What should you do?
A. Enable shadow copies by using Computer Management.
B. Create a storage pool that contains a two-way mirrored volume by using Server Manager.
C. Modify the Startup type of the Volume Shadow Copy Service (VSS) by using the Services console.
D. Create a recovery partition by using Windows Assessment and Deployment Kit (Windows ADK).
Answer: A
Explanation:
If you enable Shadow Copies of Shared Folders on a volume using the default values, a task will be scheduled to create shadow copies at 7:00 A.M of next business day. The default storage area will be on the same volume, and its size will be 10 percent of the available space. You can only enable Shadow Copies of Shared Folders on a per-volume basis–that is, you cannot select specific shared folders and files on a volume to be copied or not copied.
To enable and configure Shadow Copies of Shared Folders:
1. Click Start, point to Administrative Tools, and then click Computer Management.
2. In the console tree, right-click Shared Folders, click All Tasks, and then click Configure Shadow Copies.
3. In Select a volume, click the volume that you want to enable Shadow Copies of Shared Folders for, and then click Enable.
4. You will see an alert that Windows will create a shadow copy now with the current settings and that the settings might not be appropriate for servers with high I/O loads. Click Yes if you want to continue or No if you want to select a different volume or settings.
5. To make changes to the default schedule and storage area, click Settings.
Shadow copies - a feature that provides point-in-time copies of files stored on file shares on file servers. Shadow Copies of Shared Folders allows users to view and access shadow copies, which are shared files and folders as they existed at different points of time in the past. By accessing previous versions of files and folders, users can compare versions of a file while working and recover files that were accidentally deleted or overwritten.
References: Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter
7: Hyper-V virtualization, Lesson 1: Deploying and configuring Hyper-V- hosts, p. 302
Q3. - (Topic 3)
You have a server named Server2 that runs Windows Server 2012 R2. Server2 has the Hyper-V server role installed.
The disks on Server2 are configured as shown in the exhibit. (Click the Exhibit button.)
You create a virtual machine on Server2 named VM1.
You need to ensure that you can configure a pass-through disk for VM1.
What should you do?
A. Convert Disk 1 to a basic disk.
B. Take Disk 1 offline.
C. Create a partition on Disk 1.
D. Convert Disk 1 to a MBR disk.
Answer: B
Explanation:
Pass-through Disk Configuration Hyper-V allows virtual machines to access storage mapped directly to the Hyper-V server without requiring the volume be configured. The storage can either be a physical disk internal to the Hyper-V server or it can be a Storage Area Network (SAN) Logical Unit (LUN) mapped to the Hyper-V server. To ensure the Guest has exclusive access to the storage, it must be placed in an Offline state from the Hyper-V server perspective
Q4. - (Topic 1)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
You create a security template named Template1 by using the security template snap-in.
You need to apply Template1 to Server2.
Which tool should you use?
A. Security Templates
B. Computer Management
C. Security Configuration and Analysis
D. System Configuration
Answer: C
Explanation:
A security policy is a combination of security settings that affect the security on a computer. You can use your local security policy to edit account policies and local policies on your local computer.
A. Template was already created – Provide standard security option to use in security policies
B. Needs to be applied at the GP level
C. Security templates are inactive until imported into a Group Policy object or the SecurityConfiguration and Analysis
D. Tool to ID windows problems
Q5. DRAG DROP - (Topic 2)
You have a Hyper-V host named Host1.Host1 contains two virtual machines named VM1 and VM2.VM1 is configured as a print server.VM1 runs Windows Server 2008 R2.VM2 is configured as a file server.VM2 runs Windows Server 2012 R2.
You need to migrate all of the printers on VM1 to VM2.
Which actions should you perform on the virtual machines?
To answer, drag the appropriate action to the correct servers in the answer area. Each action may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q6. - (Topic 2)
You have a server named Server1 that runs Windows Server 2012 R2. You add a 4-TB disk named Disk 5 to Server1.
You need to ensure that you can create a 3-TB volume on Disk 5.
What should you do?
A. Create a storage pool.
B. Convert the disk to a dynamic disk
C. Create a VHD, and then attach the VHD.
D. Convert the disk to a GPT disk.
Answer: D
Explanation:
MBR max is 2TB, the disk must be GPT For any hard drive over 2TB, we need to use GPT partition. If you have a disk larger than 2TB size, the rest of the disk space will not be used unless you convert it to GPT. An existing MBR partition can’t be converted to GPT unless it is completely empty; you must either delete everything and convert or create the partition as GPT. It is not possible to boot to a GPT partition, impossible to convert MBR to GPT without data loss.
Q7. - (Topic 3)
You have a server named Server1. Server1 runs a Server Core installation of Windows
Server 2012 R2. The local area connection on Server1 has the following configuration:
IP address: 10.1.1.1
Subnet mask: 255.255.240.0
Default gateway: 10.1.1.254
Preferred DNS server: <none>
The network contains a DNS server that has an IPv4 address of 10.1.1.200. You need to configure Server1 to use 10.1.1.200 as the preferred DNS server. The solution must not change any other settings on Server1.
Which command should you run?
A. sconfig.cmd
B. net.exe
C. Set-NetIPInterface
D. netsh.exe
Answer: A
Explanation:
In Windows Server 2012 R2, you can use the Server Configuration tool (Sconfig.cmd) to configure and manage several common aspects of Server Core installations. Network settings You can configure the IP address to be assigned automatically by a DHCP Server or you can assign a static IP address manually. This option allows you to configure DNS Server settings for the server as well.
Q8. - (Topic 2)
Your network contains an Active Directory domain named contoso.com.
Your company hires 500 temporary employees for the summer.
The human resources department gives you a Microsoft Excel document that contains a list of the temporary employees.
You need to automate the creation of user accounts for the 500 temporary employees.
Which tool should you use?
A. ADSI Edit
B. The csvde.exe command
C. Active Directory Users and Computers
D. The Add-Member cmdlet
Answer: B
Explanation:
Csvde.exe is the best option to add multiple users. As you just need to export the excel
spreadsheet as a csv file and make sure the parameters are correct.
You can use Csvde to import and export Active Directory data that uses the comma-
separated value format.
Use a spreadsheet program such as Microsoft Excel to open this .csv file and view the
header and value information.
The CSVDE is a command-line utility that can create new AD DS objects by importing
information from a comma-separated value (.csv) file. This would be the least amount of
administrative effort in this case especially considering that these would be temporary
employees.
Q9. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2. The domain contains a member server named Server1. Server1 has the File Server server role installed.
On Server1, you create a share named Documents. The Documents share will contain the files and folders of all users.
You need to ensure that when the users connect to Documents, they only see the files to which they have access.
What should you do?
A. Enable access-based enumeration.
B. Configure Dynamic Access Control.
C. Modify the Share permissions.
D. Modify the NTFS permissions.
Answer: A
Explanation:
Access-based Enumeration is a new feature included with Windows Server 2003 Service
Pack 1. This feature allows users of Windows Server 2003-Based file servers to list only
the files and folders to which they have access when browsing content on the file server.
This eliminates user confusion that can be caused when users connect to a file server and
encounter a large number of files and folders that they cannot access. Access-based
Enumeration filters the list of available files and folders on a server to include only those
that the requesting user has access to. This change is important because this allows users
to see only those files and directories that they have access to and nothing else. This
mitigates the scenario where unauthorized users might otherwise be able to see the
contents of a directory even though they don’t have access to it.
Access-Based Enumeration (ABE) can be enabled at the Share properties through Server
Manager
References:
Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 2:
Configure server roles and features, Objective 2.1: Configure file and share access, p. 75-
Q10. - (Topic 3)
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named CONT1 and CONT2. Both servers run Windows Server 2012 R2.
CONT1 has a shared printer named Printer1. CONT2 connects to Printer1 on CONT1.
When you attempt to remove Printer1 from CONT2, you receive the error message shown in the exhibit. (Click the Exhibit button.)
You successfully delete the other printers installed on CONT2.
You need to identify what prevents you from deleting Printer1 on CONT2.
What should you identify?
A. Printer1 is deployed as part of a mandatory profile.
B. Printer1 is deployed by using a Group Policy object (GPO).
C. Your user account is not a member of the Print Operators group on CONT2.
D. Your user account is not a member of the Print Operators group on CONT1.
Answer: B