Exam Code: microsoft 70 412 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Configuring Advanced Windows Server 2012 Services
Certification Provider: Microsoft
Free Today! Guaranteed Training- Pass microsoft 70 412 Exam.

Q51. HOTSPOT 

Your network contains two Web servers named Server1 and Server2. Both servers run Windows Server 2012 R2. 

Server1 and Server2 are nodes in a Network Load Balancing (NLB) cluster. The NLB cluster contains an application named App1 that is accessed by using the name appl.contoso.com. 

The NLB cluster has the port rules configured as shown in the exhibit. (Click the Exhibit button.) 

To answer, complete each statement according to the information presented in the exhibit. Each correct selection is worth one point. 

Answer: 


Q52. Your network contains three servers named Server1, Server2, and Server3. All servers run Windows Server 2012 R2. 

You need to ensure that Server1 can provide iSCSI storage for Server2 and Server3. 

What should you do on Server1? 

A. Start the Microsoft iSCSI Initiator Service and configure the iSCSI Initiator Properties. 

B. Install the iSNS Server service feature and create a Discovery Domain. 

C. Install the Multipath I/O (MPIO) feature and configure the MPIO Properties. 

D. Install the iSCSI Target Server role service and configure iSCSI targets. 

Answer:

Explanation: 

iSCSI Target Server: The server runs the iSCSI Target. It is also the iSCSI Target role name in Windows Server 2012. 

Note: iSCSI: it is an industry standard protocol allow sharing block storage over the Ethernet. The server shares the storage is called iSCSI Target. The server (machine) consumes the storage is called iSCSI initiator. Typically, the iSCSI initiator is an application server. For example, iSCSI Target provides storage to a SQL server, the SQL server will be the iSCSI initiator in this deployment. 

Target: It is an object which allows the iSCSI initiator to make a connection. The Target keeps track of the initiators which are allowed to be connected to it. The Target also keeps track of the iSCSI virtual disks which are associated with it. Once the initiator establishes the connection to the Target, all the iSCSI virtual disks associated with the Target will be accessible by the initiator. 


Q53. DRAG DROP 

Your network contains an Active Directory domain named adatum.com. The domain contains three servers. The servers are configured as shown in the following table. 

Server1 is configured as shown in the exhibit. (Click the Exhibit button.) 

Template1 contains custom cryptography settings that are required by the corporate security team. 

On Server2, an administrator successfully installs a certificate based on Template1. 

The administrator reports that Template1 is not listed in the Certificate Enrollment wizard on Server3, even after selecting the Show all templates check box. 

You need to ensure that you can install a server authentication certificate on Server3. The certificate must comply with the cryptography requirements. 

Which three actions should you perform in sequence? 

To answer, move the appropriate three actions from the list of actions to the answer area 

and arrange them in the correct order. 

Answer: 


Q54. Your network contains an Active Directory domain named contoso.com. The domain 

contains two member servers named Server1 and Server2. 

You install the DHCP Server server role on Server1 and Server2. You install the IP 

Address Management (IPAM) Server feature on Server1. 

You notice that you cannot discover Server1 or Server2 in IPAM. 

You need to ensure that you can use IPAM to discover the DHCP infrastructure. 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) 

A. On Server2, create an IPv4 scope. 

B. On Server1, run the Add-IpamServerInventory cmdlet. 

C. On Server2, run the Add-DhcpServerInDc cmdlet 

D. On both Server1 and Server2, run the Add-DhcpServerv4Policy cmdlet. 

E. On Server1, uninstall the DHCP Server server role. 

Answer: B,C 

Explanation: 

B. The Add-IpamServerInventory cmdlet adds a new infrastructure server to the IP Address Management (IPAM) server inventory. Use the fully qualified domain name (FQDN) of the server to add to the server inventory. 

C. The Add-DhcpServerInDC cmdlet adds the computer running the DHCP server service to the list of authorized Dynamic Host Configuration Protocol (DHCP) server services in the Active Directory (AD). A DHCP server service running on a domain joined computer needs to be authorized in AD so that it can start leasing IP addresses on the network. 

Reference: Add-IpamServerInventory; Add-DhcpServerInDC 


Q55. Your network contains two DNS servers named DNS1 and DNS2 that run Windows Server 2012 R2. 

DNS1 has a primary zone named contoso.com. DNS2 has a secondary copy of the contoso.com zone. 

You need to log the zone transfer packets sent between DNS1 and DNS2. 

What should you configure? 

A. Monitoring from DNS Manager 

B. Logging from Windows Firewall with Advanced Security 

C. A Data Collector Set (DCS) from Performance Monitor 

D. Debug logging from DNS Manager 

Answer:

Explanation: 

Debug logging allows you to log the packets sent and received by a DNS server. Debug logging is disabled by default, and because it is resource intensive, you should only activate it temporarily when you need more specific detailed information about server performance. 

Reference: Active Directory 2008: DNS Debug Logging Facts. 


Q56. Your network contains an Active Directory forest. The forest contains one domain named adatum.com. The domain contains three domain controllers. The domain controllers are configured as shown in the following table. 

DC2 has all of the domain-wide operations master roles. DC3 has all of the forest-wide operation master roles. 

You need to ensure that you can use Password Settings objects (PSOs) in the domain. 

What should you do first? 

A. Uninstall Active Directory from DC1. 

B. Change the domain functional level. 

C. Transfer the domain-wide operations master roles. 

D. Transfer the forest-wide operations master roles. 

Answer:

Explanation: 

In Windows Server 2008 and later, you can use fine-grained password policies to specify multiple password policies and apply different password restrictions and account lockout policies to different sets of users within a single domain. 

Note: In Microsoft Windows 2000 and Windows Server 2003 Active Directory domains, you could apply only one password and account lockout policy, which is specified in the domain's Default Domain Policy, to all users in the domain. As a result, if you wanted different password and account lockout settings for different sets of users, you had to either create a password filter or deploy multiple domains. Both options were costly for different reasons. 

Reference: AD DS Fine-Grained Password and Account Lockout Policy Step-by-Step Guide 


Q57. Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2 and has the DHCP Server server role installed. 

You need to create an IPv6 scope on Server1. The scope must use an address space that is reserved for private networks. The addresses must be routable. 

Which IPV6 scope prefix should you use? 

A. 2001:123:4567:890A:: 

B. FE80:123:4567:: 

C. FF00:123:4567:890A:: 

D. FD00:123:4567:: 

Answer: D Explanation: 

Explanation/Reference: 

* A unique local address (ULA) is an IPv6 address in the block fc00::/7, defined in RFC 

4193. It is the approximate IPv6 counterpart of the IPv4 private address. 

The address block fc00::/7 is divided into two /8 groups: 

/ The block fc00::/8 has not been defined yet. 

/ The block fd00::/8 is defined for /48 prefixes, formed by setting the 40 least-significant bits 

of the prefix to a randomly generated bit string. 

* Prefixes in the fd00::/8 range have similar properties as those of the IPv4 private address 

ranges: 

/ They are not allocated by an address registry and may be used in networks by anyone 

without outside involvement. 

/ They are not guaranteed to be globally unique. 

/ Reverse Domain Name System (DNS) entries (under ip6.arpa) for fd00::/8 ULAs cannot 

be delegated in the global DNS. 

Reference: RFC 4193 


Q58. HOTSPOT 

Your network contains an Active Directory domain named contoso.com. The domain contains two member servers named Server1 and Server2. All servers run Windows Server 2012 R2. 

Server1 and Server2 have the Hyper-V server role installed. The servers are configured as shown in the following table. 

You add a third server named Server3 to the network. Server3 has Intel processors. 

You need to move VM3 and VM6 to Server3. The solution must minimize downtime on the 

virtual machines. 

Which method should you use to move each virtual machine? 

To answer, select the appropriate method for each virtual machine in the answer area. 

Answer: 


Q59. DRAG DROP 

Your network contains an Active Directory domain named contoso.com. The domain contains four member servers named Server1, Server2, Server3, and Server4. Server1 and Server2 run Windows Server 2008 R2. 

Server1 and Server2 have the Hyper-V server role and the Failover Clustering feature installed. Failover 

Clustering is configured to provide highly available virtual machines by using a cluster 

named Cluster1. 

Cluster1 hosts 10 virtual machines. 

Server3 and Server4 run Windows Server 2012 R2. 

You install the Hyper-V server role and the Failover Clustering feature on Server3 and Server4. You create a cluster named Cluster2. 

You need to migrate cluster resources from Cluster1 to Cluster2. The solution must minimize downtime on the virtual machines. 

Which five actions should you perform? 

To answer, move the appropriate five actions from the list of actions to the answer area 

and arrange them in the correct order. 

Answer: 


Q60. Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest contains three Active Directory sites named SiteA, SiteB, and SiteC. The sites contain four domain controllers. The domain controllers are configured as shown in the following table. 

An IP site link exits between each site. 

You discover that the users in SiteC are authenticated by the domain controllers in SiteA and SiteB. You need to ensure that the SiteC users are authenticated by the domain controllers in 

SiteB, unless all of the domain controllers in SiteB are unavailable. What should you do? 

A. Create an SMTP site link between SiteB and SiteC. 

B. Decrease the cost of the site link between SiteB and SiteC. 

C. Disable site link bridging. 

D. Create additional connection objects for DC1 and DC2. 

Answer:

Explanation: 

By decreasing the site link cost between SiteB and SiteC the SiteC users would be authenticated by SiteB rather than by SiteA.