P.S. High value 70-410 pdf are available on Google Drive, GET MORE: https://drive.google.com/open?id=1mVqUlTKr4Zx1buWZOoc2gsS2cxrB6UuY
New Microsoft 70-410 Exam Dumps Collection (Question 8 - Question 17)
Q8. Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. You need to ensure that the local Administrator account on all computers is renamed to L_Admin. Which Group Policy settings should you
modify?
A. Security Options
B. User Rights Assignment
C. Restricted Groups
D. Preferences
Answer: A
Q9. Your network contains an Active Directory domain named contoso.com. The domain contains 100 user accounts that reside in an organizational unit (OU) named OU1.
You need to ensure that a user named User1 can link and unlink Group Policy objects (GPOs) to OU1. The solution must minimize the number of permissions assigned to User1.
What should you do?
A. Run the Delegation of Control Wizard on the Policies containers
B. Run the Set-GPPermission cmdlet
C. Run the Delegation of Control Wizard on OU1
D. Modify the permission on the user1 account
Answer: C
Explanation:
:A. Not minimum permissions
:B. Grants a level of permissions to a security principal for one GPO or all the GPOs in a domain
:C. Minimizes delegated permission to a single OU
:D. Will not allow GPO changes to the OU Delegation of Control Wizard
The following are common tasks that you can select to delegate control of them: Create, delete, and manage user accounts
Reset user passwords and force password change at next logon Read all user information Modify the membership of a group
Join a computer to a domain Manage Group Policy links
Generate Resultant Set of Policy (Planning) Generate Resultant Set of Policy (Logging)
Create, delete, and manage inetOrgPerson accounts
Reset inetOrgPerson passwords and force password change at next logon Read all inetOrgPerson information
Q10. Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a shared folder named Share1. Share1 contains the home folder of each user.
All users have the necessary permissions to access only their home folder.
The users report that when they access Share1, they can see the home folders of all the users.
You need to ensure that the users see only their home folder when they access Share1. What should you do from Server1?
A. From Windows Explorer, modify the properties of the volume that contains Share1.
B. From Server Manager, modify the properties of the volume that contains Share1.
C. From Server Manager, modify the properties of Share1.
D. From Windows Explorer, modify the properties of Share1.
Answer: C
Q11. Your network contains an Active Directory domain named contoso.com. All user accounts
are in an organizational unit (OU) named Employees.
You create a Group Policy object (GPO) named GP1. You link GP1 to the Employees OU. You need to ensure that GP1 does not apply to the members of a group named Managers. What should you configure?
A. The Security settings of Employees
B. The WMI filter for GP1
C. The Block Inheritance option for Employees
D. The Security settings of GP1
Answer: D
Explanation:
:A. Wrong Group
:B. Windows Management Instrumentation (WMI) filters allow you to dynamically determine the scope of Group Policy objects (GPOs) based on attributes of the target computer.
:C. Blocking inheritance prevents Group Policy objects (GPOs) that are linked to higher sites, domains, or organizational units from being automatically inherited by the child-level.
:D. Set Managers to u2013 Members of this security group are exempt from this Group Policy object.
Security settings.
You use the Security Settings extension to set security options for computers and users within the scope of a Group Policy object. You can define local computer, domain, and network security settings.
Figure below shows an example of the security settings that allow everyone to be affected by this GPO except the members of the Management group, who were explicitly denied permission to the GPO by setting the Apply Group Policy ACE to Deny. Note that if a member of the Management group were also a member of a group that had an explicit Allow setting for the Apply Group Policy ACE, the Deny would take precedence and the GPO would not affect the user.
Q12. You have a server named Server1. Server1 runs Windows Server 2012 R2 and is located in a perimeter network.
You need to configure a custom connection security rule on Server1. The rule must encrypt network communications across the Internet to a computer at another company.
Which authentication method should you configure in the connection security rule?
A. Advanced
B. User (Kerberos V5)
C. Default
D. Computer (Kerberos V5)
E. Computer and user (Kerberos V5)
Answer: : A
Explanation: Explanation:
You need to make use of Advanced authentication method to ensure that communication is encrypted over the network to the other company from your custom connection security rule on Server1.
References:
http://technet.microsoft.com/en-us/library/bb742516.aspx
Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 8: File Services and Storage, p. 428.
Q13. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2.
You need to create 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. New-StorageSubsytemVirtualDisk
B. File Server Resource Manager (FSRM)
C. Server Manager
D. Computer Management
Answer: A
Explanation:
For other questions to create a VHD (file) you can use computer management.
- Share and storage management (2008 only)
- New-storagesubsystemVirtualDisk (this is a virtual disk, NOT a virtual hard disk)
- Server Manager (you would use this to create virtual disks, not virtual hard disks)
Q14. Your company has a main office and four branch offices. The main office contains a server named Server1 that runs Windows Server 2012 R2. The IP configuration of each office is configured as shown in the following table.
You need to add a single static route on Server1 to ensure that Server1 can communicate with the hosts on all of the subnets.
Which command should you run?
A. route.exe add -p 192.168.0.0 mask 255.255.248.0 172.31.255.254
B. route.exe add -p 192.168.12.0 mask 255.255.252.0 172.31.255.254
C. route.exe add -p 192.168.8.0 mask 255.255.252.0 172.31.255.254
D. route.exe add -p 192.168.12.0 mask 255.255.255.0 172.31.255.254
Answer: B
Q15. You work as a senior administrator at Contoso.com. The Contoso.com network consists of a single domain named Contoso.com. All servers on the Contoso.com network have Windows Server 2012 R2 installed.
You are running a training exercise for junior administrators. You are currently discussing the new VHD format called VHDX.
Which of the following is TRUE with regards to VHDX? (Choose all that apply.)
A. It supports virtual hard disk storage capacity of up to 64 GB.
B. It supports virtual hard disk storage capacity of up to 64 TB.
C. It does not provide protection against data corruption during power failures.
D. It has the ability to store custom metadata about the file that the user might want to record.
Answer: B,D
Explanation:
The main new features of the VHDX format are:
Support for virtual hard disk storage capacity of up to 64 TB.
Protection against data corruption during power failures by logging updates to the VHDX metadata structures.
Improved alignment of the virtual hard disk format to work well on large sector disks. The VHDX format also provides the following features:
Larger block sizes for dynamic and differencing disks, which allows these disks to attune to the needs of the workload.
A 4-KB logical sector virtual disk that allows for increased performance when used by applications and workloads that are designed for 4-KB sectors.
The ability to store custom metadata about the file that the user might want to record, such as operating system version or patches applied.
Efficiency in representing data (also known as u201ctrimu201d), which results in smaller file size and allows the underlying physical storage device to reclaim unused space. (Trim requires physical disks directly attached to a virtual machine or SCSI disks, and trim-compatible
hardware).
VHDX Format u2013 Features and Benefits VHDX format features provide features at the virtual hard disk as well as virtual hard disk file layers and is optimized to work well with modern storage hardware configurations and capabilities. At the virtual hard disk layer, benefits include the ability to represent a large virtual disk size up to 64 TB, support larger logical sector sizes for a virtual disk up to 4 KB that facilitates the conversion of 4 KB sector physical disks to virtual disks, and support large block sizes for a virtual disk up to 256 MB that enables tuning block size to match the IO patterns of the application or system for optimal performance. At the virtual hard disk file layer, the benefits include the use of a log to ensure resiliency of the VHDX file to corruptions from system power failure events and a mechanism that allows for small pieces of user generated data to be transported along with the VHDX file. On modern storage platforms, the benefits include optimal performance on host disks that have physical sector sizes larger than 512 bytes through improved data alignment and capability to use the information from the UNMAP command, sent by the application or system using the virtual hard disk, to optimize the size of the VHDX file. The format is designed so that additional features could be introduced in the future by Microsoft or extended by other parser implementations. The format provides parsers the ability to detect features in a VHDX file that a parser does not understand.
Q16. Your network contains an Active Directory domain named contoso.com.
You have a starter Group Policy object (GPO) named GPO1 that contains more than 100 settings.
You need to create a new starter GPO based on the settings in GPO1.
You must achieve this goal by using the minimum amount of administrative effort. What should you do?
A. Run the New-GPStarterGPO cmdlet and the Copy-GPO cmdlet.
B. Create a new starter GPO and manually configure the policy settings of the starter GPO.
C. Right-click GPO1, and then click Back Up. Create a new starter GPO. Right-click the new GPO, and then click Restore from Backup.
D. Right-click GPO1, and then click Copy. Right-click Starter GPOs, and then click Paste.
Answer: B
Explanation:
Although GPOs and Starter GPOs can both be copied, and a Starter GPO can be used to create a new GPO (as that is their purpose), an existing GPO cannot be copied to a new Starter GPO (unfortunately).
Q17. Your network contains two subnets. The subnets are configured as shown in the following table.
You have a server named Server1 that runs Windows Server 2012 R2. Server1 is connected to LAN1.
You run the route print command as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that Server1 can communicate with the client computers on LAN2. What should you do?
A. Change the default gateway address.
B. Set the state of the Microsoft ISATAP Adapter #2 interface to disable.
C. Change the metric of the 10.10.1.0 route.
D. Set the state of the Teredo interface to disable.
Answer: A
Explanation:
The exhibit shows the default gateway address to be that of LAN1. This should be changed to the LAN2 gateway address to allow client computers access on LAN2.
In general, the first and last addresses in a subnet are used as the network identifier and broadcast address, respectively. All other addresses in the subnet can be assigned to hosts on that subnet. For example, IP addresses of networks with subnet masks of at least 24 bits ending in .0 or .255 can never be assigned to hosts. Such u201clastu201d addresses of a subnet are considered u201cbroadcastu201d addresses and all hosts on the corresponding subnet will respond to it. Theoretically, there could be situations where you can assign an address ending in .0: for example, if you have a subnet like 192.168.0.0/255.255.0.0, you are allowed to assign a host the address 192.168.1.0. It could create confusion though, so itu2021s not a very common practice.
Example10.6.43.0 with subnet 255.255.252.0 (22 bit subnet mask) means subnet ID 10.6.40.0, a host address range from 10.6.40.1 to 10.6.43.254 and a broadcast address10.6.43.255. So in theory, your example 10.6.43.0 would be allowed as a valid host address. The default gateway address should not end in .0 with the /24 address.
References:
Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 4: Deploying domain controllers, Lesson 4: Configuring IPv6/IPv4 Interoperability, p. 254-256
P.S. Easily pass 70-410 Exam with Examcollection High value Dumps & pdf vce, Try Free: http://www.examcollectionuk.com/70-410-vce-download.html (496 New Questions)