Q1. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 is a file server that has the Hyper-V server role installed.
Server1 hosts several virtual machines. The virtual machine configuration files are stored on drive D and the VHD files are stored on drive E.
You plan to replace drive E with a larger volume.
You need to ensure that the virtual machines on Server1 remain available while drive E is being replaced.
What should you do?
A. Perform a quick migration.
B. Add Server1 and Server2 as nodes in a failover cluster.
C. Perform a live migration.
D. Perform a storage migration.
Answer: D
Explanation:
Hyper-V in Windows Server 2012 R2 introduces support for moving virtual machine storage without downtime by making it possible to move the storage while the virtual machine remains running.
Reference: Virtual Machine Storage Migration Overview
http://technet.microsoft.com/en-us/library/hh831656.aspx
Q2. Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed.
You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL).
You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted.
Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.)
A. Client Authentication
B. Kernel Mode Code Signing
C. Server Authentication
D. IP Security end system
E. KDC Authentication
Answer: A,C
Explanation:
You need to use certificate-based authentication if you want transmitted data to be encrypted.
Replica Server Certificate Requirements
To enable a server to receive replication traffic, the certificate in the replica server must meet the following conditions
* Enhanced Key Usage must support both Client and Server authentication
Etc.
Reference: Hyper-V Replica - Prerequisites for certificate based deployments
http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificate-requirements.aspx
Q3. DRAG DROP
Your network contains two Active Directory forests named contoso.com and adatum.com. All domain controllers run Windows Server 2012 R2.
A federated trust exists between adatum.com and contoso.com. The trust provides adatum.com users with access to contoso.com resources.
You need to configure Active Directory Federation Services (AD FS) claim rules for the federated trust.
The solution must meet the following requirements:
. In contoso.com, replace an incoming claim type named Group with an outgoing claim type named Role. . In adatum.com, allow users to receive their tokens for the relying party by using their Active Directory group membership as the claim type.
The AD FS claim rules must use predefined templates.
Which rule types should you configure on each side of the federated trust?
To answer, drag the appropriate rule types to the correct location or locations. Each rule type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
Answer:
Q4. You have a file server named Server1 that runs a Server Core Installation of Windows Server 2012 R2.
Server1 has a volume named D that contains user data. Server1 has a volume named E that is empty.
Server1 is configured to create a shadow copy of volume D every hour. You need to configure the shadow copies of volume D to be stored on volume E.
What should you run?
A. The Set-Volume cmdlet with the -driveletter parameter
B. The Set-Volume cmdlet with the -path parameter
C. The vssadmin.exe add shadowstorage command
D. The vssadmin.exe create shadow command
Answer: C
Explanation:
Add ShadowStorage
Adds a shadow copy storage association for a specified volume.
Incorrect:
Not A. Sets or changes the file system label of an existing volume. -DriveLetter Specifies a
letter used to identify a drive or volume in the system.
Not B. Create Shadow
Creates a new shadow copy of a specified volume.
Not C. Sets or changes the file system label of an existing volume -Path Contains valid
path information.
Reference: Vssadmin; Set-Volume
http://technet.microsoft.com/en-us/library/cc754968(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/hh848673(v=wps.620).aspx
Q5. Your network contains an Active Directory domain named adatum.com. The domain contains a file server named FS1 that runs Windows Server 2012 R2 and has the File Server Resource Manager role service installed. All client computers run Windows 8.
File classification and Access-Denied Assistance are enabled on FS1.
You need to ensure that if users receive an Access Denied message, they can request assistance by email from the Access Denied dialog box.
What should you configure?
A. A file management task
B. A classification property
C. The File Server Resource Manager Options
D. A report task
Answer: C
Explanation:
You can configure access-denied assistance individually on each file server by using the File Server Resource Manager console.
Note:
To configure access-denied assistance by using File Server Resource Manager
Open File Server Resource Manager. In Server Manager, click Tools, and then
click File Server Resource Manager.
Right-click File Server Resource Manager (Local), and then click Configure
Options.
Click the Access-Denied Assistance tab.
Select the Enable access-denied assistance check box.
In the Display the following message to users who are denied access to a folder or
file box, type a message that users will see when they are denied access to a file
or folder.
You can add macros to the message that will insert customized text.
Click Configure email requests, select the Enable users to request assistance
check box, and then click OK.
Click Preview if you want to see how the error message will look to the user.
Click OK.
Reference: Deploy Access-Denied Assistance (Demonstration Steps)
Q6. HOTSPOT
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a server named Server1. Both servers run Windows Server 2012 R2.
You configure the classification of a share on Server1 as shown in the Share1 Properties exhibit. (Click the Exhibit button.)
You configure the resource properties in Active Directory as shown in the Resource Properties exhibit. (Click the Exhibit button.)
You need to ensure that the Impact classification can be assigned to Share1 immediately.
Which cmdlet should you run on each server?
To answer, select the appropriate cmdlet for each server in the answer area.
Answer:
Q7. HOTSPOT
Your network contains one Active Directory forest named contoso.com. The forest contains the domain controllers configured as shown in the following table.
You perform the following actions:
. Create a file named File1.txt in the SYSVOL folder on DC1.
. Create a user named User1 on DC4. You need to identify on which domain controller or controllers a copy of each object is stored.
What should you identify? To answer, select the appropriate options in the answer area.
Answer:
Q8. Your network contains an Active Directory domain named contoso.com. All servers run
Windows Server 2012 R2. The domain contains a domain controller named DC1 that is
configured as an enterprise root certification authority (CA).
All users in the domain are issued a smart card and are required to log on to their domain-
joined client computer by using their smart card.
A user named User1 resigned and started to work for a competing company.
You need to prevent User1 immediately from logging on to any computer in the domain.
The solution must not prevent other users from logging on to the domain.
Which tool should you use?
A. Server Manager
B. The Certification Authority console
C. Active Directory Administrative Center
D. Active Directory Sites and Services
Answer: C
Q9. HOTSPOT
You run Get-ISCSIServerTarget and you receive the following output.
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
Q10. You have a server named Server1 that runs Windows Server 2012 R2.
You install the File and Storage Services server role on Server1.
From Windows Explorer, you view the properties of a folder named Folder1 and you discover that the Classification tab is missing.
You need to ensure that you can assign classifications to Folder1 from Windows Explorer manually.
What should you do?
A. From Folder Options, clear Hide protected operating system files (Recommended).
B. Install the File Server Resource Manager role service.
C. From Folder Options, select the Always show menus.
D. Install the Share and Storage Management Tools.
Answer: B
Explanation:
On the Classification tab of the file properties in Windows Server 2012, File Classification Infra-structure adds the ability to manually classify files. You can also classify folders so that any file added to the classified folder will inherit the classifications of the parent folder.
Reference: What's New in File Server Resource Manager in Windows Server.