Q1. Your network contains an active directory domain named Contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
You create a group Managed Service Account named gservice1.
You need to configure a service named service1 to run as the gservice1 account.
How should you configure service1?
A. From Services Console configure the recovery settings
B. From a command prompt ,run sc.exe and specify the config parameter
C. From Windows PowerShell,run Set-Service and specify the -PassThrough parameter
D. From a command prompt ,run sc.exe and specify the sdset parameter
Answer: B
Explanation:
Executing the sc.exe command with the config parameter will modify service configuration.
Q2. Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 and Server2 have the Hyper-V server role installed. Server1 and Server2 are configured as Hyper-V replicas of each other.
Server2 hosts a virtual machine named VM5. VM5 is replicated to Server1.
You need to verily whether the replica of VMS on Server1 is functional. The solution must ensure that VMS remains accessible to clients.
What should you do from Hyper-V Manager?
A. On Server1, execute a Planned Failover.
B. On Server1, execute a Test Failover.
C. On Server2, execute a Planned Failover.
D. On Server2, execute a Test Failover.
Answer: B
Q3. Your network contains an Active Directory domain named contoso.com. All client computers run Windows 8.
Your company has users who work from home. Some of the home users have desktop computers. Other home users have laptop computers. All of the computers are joined to the domain.
All of the computer accounts are members of a group named Group1. Currently, the home users access the corporate network by using a PPTP VPN. You implement DirectAccess by using the default configuration and you specify Group1 as the DirectAccess client group.
The home users who have desktop computers report that they cannot use DirectAccess to access the corporate network.
The home users who have laptop computers report that they can use DirectAccess to access the corporate network.
You need to ensure that the home users who have desktop computers can access the network by using DirectAccess.
What should you modify?
A. The WMI filter for Direct Access Client Settings GPO
B. The conditions of the Connections to Microsoft Routing and Remote Access server policy
C. The membership of the RAS and IAS Servers group
D. The security settings of the computer accounts for the desktop computers
Answer: A
Explanation:
The default settings includes creating a GPO that has a WMI filter for laptops only.
Q4. A global catalog server is available to directory clients when Domain Name System (DNS) servers can locate it as a global catalog server. In which order do the following events need to occur before the catalog server is ready?
A) The Net Logon service on the domain controller has updated DNS with global-catalogspecific service (SRV) resource records.
B) The isGlobalCatalogReadyrootDSE attribute is set to TRUE.
C) The global catalog receives replication of read-only replicas to the required occupancy level.
A. C then A, then B
B. B then C, then A
C. A then C, then B
D. C then B, then A
Answer: A
Explanation:
http://technet.microsoft.com/fr-fr/library/cc739901%28v=ws.10%29.aspx Verify global catalog readiness When a global catalog server has satisfied replication requirements, the isGlobalCatalogReady Root DSE attribute is set to TRUE and the global catalog is ready to serve clients.http://technet.microsoft.com/de-de/library/howglobal-catalog-serverswork%28v=ws.10%29.aspx How the Global Catalog Works Global Catalog Server Creation and Advertisement By default, before a domain controller advertises itself as a global catalog server in DNS, the global catalog contents must be replicated to the server. This process involves replication of a partial, read-only replica of every domain in the forest except for the domain for which the new global catalog server is authoritative. The duration of this process depends on how many domains the forest contains, the size of the domains, and the relative locations of source and destination domain controllers. If multiple domains are in the forest and if source domain controllers are located only in distant sites, the process takes longer than if all domains are in the same site or in only a few sites. When replication must occur between sites to create the global catalog, replication occurs according to the site link schedule. Requirements for Global Catalog Readiness By default, a global catalog server is not considered "ready" (the server advertises itself in DNS as a global catalog server) until all read-only directory partitions have been fully replicated to the new global catalog server. The Global Catalog Partition Occupancy registry entry under HKEY_Local_Machine\System \CurrentControlSet \Services \NTDS\Parameters determines the requirements for how many read- only directory partitions must be present on a domain controller for it to be considered a global catalog server, from no partitions (0) to all partitions (6). For domain controllers that run Windows Server 2003 or later, the default occupancy value requires that all read-only directory partitions be replicated to the global catalog server before the Net Logon service registers SRV resource records in DNS. For most conditions, this default provides the best option for ensuring that a global catalog server provides a consistent view of the directory. In less common circumstances, however, it might be useful to make the global catalog server available with an incomplete set of partial domain directory partitions for example, when delay of replication of a domain that is not required by users is jeopardizing their ability to log on.
Q5. Your network contains multiple subnets. On one of the subnets, you deploy a server named Server1 that runs Windows Server 2012 R2.
You install the DNS Server server role on Server1, and then you create a standard primary zone named contoso.com. You need to ensure that client computers can resolve IP addresses to host names.
What should you do first?
A. Create a GlobalNames zone
B. Convert the contoso.com zone to an Active Directory-integrated zone
C. Configure dynamic updates for contoso.com
D. Create a reverse lookup zone
Answer: A
Q6. You have a server named Server1 that runs Windows Server 2012.
You promote Server1 to a domain controller.
You need to view the service location (SRV) records that Server1 registers in DNS.
What should you do on Server1?
A. Open the Netlogon.dns file.
B. Run ipconfig /displaydns.
C. Run Get-DnsServerDiagnostics.
D. Open the SrC. sys file.
Answer: A
Explanation:
Netlogon.dns - If you are using non-Microsoft DNS servers to support Active Directory, you can verify SRV locator resource records by viewing Netlogon.dns. Netlogon.dns is located in the %systemroot%\System32\Config folder. You can use a text editor, such as Microsoft Notepad, to view this file. The first record in the file is the domain controller's Lightweight Directory Access Protocol (LDAP) SRV record. References:
http://support.microsoft.com/kb/816587/en-us
Q7. Your network contains an Active Directory forest named contoso.com.
The forest contains two domains named contoso.com and child.contoso.com and two sites named Site1 and Site2. The domains and the sites are configured as shown in following table.
When the link between Site1 and Site2 fails, users fail to log on to Site2.
You need to identify what prevents the users in Site2 from logging on to the child.contoso.com domain.
What should you identify?
A. The placement of the infrastructure master
B. The placement of the global catalog server
C. The placement of the domain naming master
D. The placement of the PDC emulator
Answer: D
Explanation: The exhibit shows that Site2 does not have a PDC emulator. This is important because of the close interaction between the RID operations master role and the PDC emulator role The PDC emulator processes password changes from earlier-version clients and other domain controllers on a best-effort basis; handles password authentication requests involving passwords that have recently changed and not yet been replicated throughout the domain; and, by default, synchronizes time. If this domain controller cannot connect to the PDC emulator, this domain controller cannot process authentication requests, it may not be able to synchronize time, and password updates cannot be replicated to it.
Q8. Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed.Server1 and Server2 are located in different offices. The offices connect to each other by using a high-latency WAN link.
Server2 hosts a virtual machine named VM1.
You need to ensure that you can start VM1 on Server1 if Server2 fails. The solution must minimize hardware costs.
What should you do?
A. From the Hyper-V Settings of Server2, modify the Replication Configuration settings. Enable replication for VM1.
B. On Server1, install the Multipath I/O (MPIO) feature. Modify the storage location of the VHDs for VM1.
C. On Server2, install the Multipath I/O (MPIO) feature. Modify the storage location of the VHDs for VM1.
D. From the Hyper-V Settings of Server1, modify the Replication Configuration settings. Enable replication for VM1.
Answer: D
Explanation:
You first have to enable replication on the Replica server--Server1--by going to the server and modifying the "Replication Configuration" settings under Hyper-V settings. You then go to VM1--which presides on Server2-- and run the "Enable Replication" wizard on VM1.
Q9. A user has locked his account (again!) and you need to unlock it so they can continue working normally.
Which of the following is a possible way to unlock a User Account? (Choose three)
A. Command Line
B. None of these
C. Windows PowerShell
D. VBScript
Answer: A,C,D
Explanation:
All 3 of these can be used to unlock accounts.
Q10. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server3 that runs Windows Server 2012 R2 and has the DHCP
Server server role installed.
DHCP is configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that only Scope1, Scope3, and Scope5 assign the same DNS servers to DHCP clients. The solution must minimize administrative effort.
What should you do?
A. Create a superscope and a filter.
B. Create a superscope and scope-level policies.
C. Configure the Server Options.
D. Configure the Scope Options.
Answer: D