Instant Download 70-417 PDF Files! New Updated 371 Exam Questions and Answers help 100% Exam Pass! 70-417 Certification Get Quickly!
Exam Code: 70-417
Exam Name: Upgrading Your Skills to MCSA Windows Server 2012 R2 Exam
You have a file server named Server1 that runs Windows Server 2012 R2.
Server1 contains a file share that must be accessed by only a limited number of users.
You need to ensure that if an unauthorized user attempts to access the file share, a custom access-denied message appears, which contains a link to request access to the share. The message must not appear when the unauthorized user attempts to access other shares.
Which two nodes should you configure in File Server Resource Manager? To answer, select the appropriate two nodes in the answer area.
Your network contains an Active Directory domain named contoso.com.
The domain contains three servers named Server1, Server2, and Server3.
You create a server group named ServerGroup1.
You discover the error message shown in the following exhibit. (Click the Exhibit button.)
You need to ensure that Server2 can be managed remotely by using Server Manager.
What should you do?
A. On Server2, run the netdom.exe command.
B. On Server2, run the net stop netlogon command, and then run the net start netlogon command.
C. On DC1, run the Enable-PSSessionConfigurationcmdlet.
D. On Server2, modify the membership of the Remote Management Users group.
This is a security issue. To be able to access Server2 remotely through Server Manager the user need to be a member of the Remote Management Users group.
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has six network adapters. Two of the network adapters are connected to a network named LAN1, two of the network adapters are connected to a network named LAN2, and two of the network adapters are connected to a network named LAN3.
You create a network adapter team named Team1 from the two adapters connected to LAN1.
You create a network adapter team named Team2 from the two adapters connected to LAN2.
A company policy states that all server IP addresses must be assigned by using a reserved address in DHCP.
You need to identify how many DHCP reservations you must create for Server1.
How many reservations should you identify?
2 Adapters = LAN1 = Team1 = 1 IP
2 Adapters = LAN2 = Team2 = 1 IP
2 Adapters = LAN3 = No Team = 2 IP
1 + 1 + 2 = 4
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC5. DC5 has a Server Core Installation of Windows Server 2012 R2.
You need to uninstall Active Directory from DC5 manually.
Which tool should you use?
A. The Remove-ADComputercmdlet
B. The ntdsutil.exe command
C. The dsamain.exe command
D. The Remove-WindowsFeaturecmdlet
You have a server named Server1.
You install the IP Address Management (IPAM) Server feature on Server1.
You need to provide a user named User1 with the ability to set the access scope of all the DHCP servers that are managed by IPAM. The solution must use the principle of least privilege.
Which user role should you assign to User1?
A. IP Address Record Administrator Role
B. IPAM Administrator Role
C. IPAM MSM Administrator Role
D. IPAM DHCP Scope Administrator Role
IPAM ASM Administrators
IPAM ASM Administrators is a local security group on an IPAM server that is created when you install the IPAM feature. Members of this group have all the privileges of the IPAM Users security group, and can perform IP address space tasks in addition to IPAM common management tasks.
Note: When you install IPAM Server, the following local role-based IPAM security groups are created:
IPAM MSM Administrators
IPAM ASM Administrators
IPAM IP Audit Administrators
not B: Too much privileges.
IPAM Administrators is a local security group on an IPAM server that is created when you install the IPAM feature. Members of this group have privileges to view all IPAM data and perform all IPAM tasks.
Your network contains two servers that run Windows Server 2012 R2 named Server1 and Server2. Both servers have the File Server role service installed.
On Server2, you create a share named Backups.
From Windows Server Backup on Server1, you schedule a full backup to run every night.
You set the backup destination to \\Server2 \Backups.
After several weeks, you discover that \\Server2\Backups only contains the last backup that completed on Server1.
You need to ensure that multiple backups of Server1 are maintained.
What should you do?
A. Modify the properties of the Windows Store Service (WSService) service.
B. Change the backup destination.
C. Modify the Volume Shadow Copy Service (VSS) settings.
D. Configure the permission of the Backups share.
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the DHCP Server server role installed. Server1 is located in the main office site. Server2 is located in the branch office site. Server1 provides IPv4 addresses to the client computers in the main office site. Server2 provides IPv4 addresses to the client computers in the branch office site.
You need to ensure that if either Server1 or Server2 are offline, the client computers can still obtain IPv4 addresses. The solution must meet the following requirements:
The storage location of the DHCP databases must not be a single point of failure. Server1 must provide IPv4 addresses to the client computers in the branch office site only if Server2 is offline.
Server2 must provide IPv4 addresses to the client computers in the main office site only if Server1 is offline.
Which configuration should you use?
A. Load sharing mode failover partners
B. Hot standby mode failover partners
C. A Network Load Balancing (NLB) cluster
D. A failover cluster
High Availability of DHCP using Windows Server 2012 R2 DHCP Failover The Hot Standby mode results in an Active-Passive configuration. You will be required to designate one of the two DHCP servers as the active server and the other as standby. The standby server is dormant with regard to serving client requests as long as the active server is up.
the standby server receives all the inbound lease updates from the active DHCP server and keeps its database up to date.
http://blogs.technet.com/b/teamdhcp/archive/2012/09/03/dhcp-failover-hot-standbymode.aspx DHCP Failover Hot-Standby Mode In the previous blog on DHCP Failover, we discussed the DHCP failover load balance mode where both DHCP servers respond to client requests and load balance the requests between them based on an admin specified load distribution ratio. In the other mode of a failover relationship, known as the Hot-Standby mode (ActivePassive), only one of the servers actively leases IP addresses and option configuration to clients in given subnet(s)/scope(s) while the other server (standby) is passive. The standby server services the clients, only in event of active server being down. The clients fallback to the active server once the active server becomes available again post the outage. The Load balance mode is more suited for single site deployment where the 2 DHCP servers in a failover relationship are co-located with the subnets/scopes being served by them. As the servers are in network proximity with the clients, the clients do not experience any latency while acquiring or renewing an IP address. Hot-Standby mode is more suited for multi-site deployment topologies. Each site would have a local DHCP server which is configured to provide the DHCP service to the clients on the local network and DHCP server at a remote site would be standby server. In a normal state of operation, computers and devices on a given site receive IP addresses and other network configuration from the DHCP server located at the same site as the clients. However, in the event of the local DHCP server being down, the DHCP server from the remote site would provide the service to the clients.
You could choose to deploy hot standby mode in a single-site deployment also if you need to.
Your network contains an Active Directory domain named contoso.com.
The domain contains two servers named Server1 and Server2 Both servers have the IP Address Management (IPAM) Server feature installed.
You have a support technician named Tech1.
Tech1 is a member of the IPAM Administrators group on Server1 and Server2.
You need to ensure that Tech1 can use Server Manager on Server1 to manage IPAM on Server2.
To which group on Server2 should you add Tech1.
A. IPAM MSM Administrators
B. IPAM Administrators
D. Remote Management Users
Since the user is already a member of IPAM adinistrators group (and the IPAM MSM Administrators Administrators group provides access that is already available to the IPAM Administrators group), Then, about the debate on winRMRemoteWMIUsers VS Remote Management Users, i know they’re told to have exactly the same permissions, but in the IPAM Microsoft documentation, they don’t talk about Remote Management Users, not even once on 97 pages, whereas this is said about winRMRemoteWMIUsers_:
Understand and Troubleshoot IP Address Management (IPAM) in Windows Server 8 Beta If you are accessing the IPAM server remotely using ServerManager IPAM client RSAT, then you must be a member of the WinRMRemoteWMIUsers group on the IPAM server, in addition to being a member of the appropriate IPAM security group (or local Administrators group).
Server 2012 – Server Manager Troubleshooting Guide, Part II: Troubleshoot Manageability Status Errors in Server Manager Error
<computer name>: Configuration refresh failed with the following error: The metadata failed
to be retrieved from the server, due to the following error: Access is denied. The user is attempting to manage the remote server with a credential that has only standard user (not a member of the Administrators group) access rights on the target server, and the user has not enabled standard user remote management of the target server. By default, an account with standard user access rights is not a part of the WinRM remote WMI user’s group, and can perform limited management tasks on a remote server in Server Manager. To allow standard users more management access rights on a target server, run the Enable-ServerManagerStandardUserRemotingcmdlet on the target server, in a Windows PowerShell session that has been opened with elevated user rights (Run as Administrator).
For more information about how to use this cmdlet (and disable standard user management access when it is no longer needed), see the cmdlet Help topic for nableServerManagerStandardUserRemoting
[This link is external to TechNet Wiki. It will open in a new window.]
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role installed and is configured as an enterprise certification authority (CA).
You need to ensure that all of the users in the domain are issued a certificate that can be used for the following purposes:
– Email security
– Client authentication
– Encrypting File System (EFS)
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Modify the properties of the User certificate template, and then publish the template.
B. From a Group Policy, configure the Certificate Services Client – Certificate Enrollment Policy settings.
C. From a Group Policy, configure the Automatic Certificate Request Settings settings.
D. Duplicate the User certificate template, and then publish the template.
E. From a Group Policy, configure the Certificate Services Client – Auto-Enrollment settings.
The default user template supports all of the requirements EXCEPT autoenroll as shown below:
However a duplicated template from users has the ability to autoenroll:
The Automatic Certificate Request Settings GPO setting is only available to Computer, not user.
You manage an environment that has many servers. The servers run Windows Server 2012 R2 and use iSCSI storage. Administrators report that it is difficult to locate available iSCSI resources on the network.
You need to ensure that the administrators can locate iSCSI resources on the network by using a central repository.
Which feature should you deploy?
A. The iSNS Server service feature
B. The iSCSI Target Storage Provider feature
C. The Windows Standards-Based Storage Management feature
D. The iSCSI Target Server role service
iSNS Server Overview
Internet iStorage Name Service Server
The Internet Storage Name Service (iSNS) protocol is used for interaction between iSNS servers and iSNS clients. iSNS clients are computers, also known as initiators, that are attempting to discover storage devices, also known as targets, on an Ethernet network. iSNS facilitates automated discovery, management, and configuration of iSCSI and Fibre Channel devices (using iFCP gateways) on a TCP/IP network. Note The Microsoft iSNS Server only supports the discovery of iSCSI devices, and not Fibre Channel devices. iSNS Server provides intelligent storage discovery and management services comparable to those found in Fibre Channel networks, allowing a commodity IP network to function in a similar capacity as a storage area network. iSNS facilitates a seamless integration of IP networks and manages iSCSI devices. iSNS thereby provides value in any storage network comprised of iSCSI devices.
Features of iSNS Server iSNS Server is a repository of currently active iSCSI nodes, as well as their associated portals, entities, etc.
Nodes can be initiators, targets, or management nodes. Typically, initiators and targets register with the iSNS server, and the initiators query the iSNS server for the list of available targets.
A dynamic database of the iSCSI devices and related information that are currently available on the network:
The database helps provide iSCSI target discovery functionality for the iSCSI initiators on the network. The database is kept dynamic by using the Registration Period and Entity Status Inquiry features of iSNS.
Registration Period allows the server to automatically deregister stale entries. Entity Status Inquiry provides the server a functionality similar to ping to determine whether registered clients are still present on the network, and allows the server to automatically deregister those clients which are no longer present. State Change Notification Service: This allows registered clients to be made aware of changes to the database in the iSNS server. It allows the clients to maintain a dynamic picture of the iSCSI devices available on the network.
Discovery Domain Service: This allows an administrator to assign iSCSI nodes and portals into one or more groups called discovery domains. Discovery domains provide a zoning functionality by which an iSCSI initiator can only discover those iSCSI targets who have at least one discovery domain in common with it.
Benefits of iSNS Server in iSCSI Storage Area Networks Centralized management
Easily scalable to large IP storage networks
Asynchronous notification of changes in the iSCSI storage network Ability to monitor the status and availability of clients Microsoft-preferred discovery method for iSCSI
Designed for Windows Logo Program requirement for iSCSI HBAs
100% Full Money Back Guarantee Promised By Braindump2go to All 70-417 Exam Candiates: Braindump2go is confident that our NEW UPDATED 70-417 Exam Questions and Answers are changed with Microsoft Official Exam Center, If you cannot PASS 70-417 Exam, nevermind, we will return your full money back! Visit Braindump2go exam dumps collection website now and download 70-417 Exam Dumps Instantly Today!