2016 April New — Microsoft 70-410 Exam Questions and Answers 481q Updated Today in Braindump2go.com
QUESTION
Your network contains an Active Directory domain named contoso.com.
The domain contains a se rver named Server1. Server1 runs Windows Server 2012 R2.
You need to create a 3-TB virtual hard disk (VHD) on Server1.
Which tool should you use?
A. Server Manager
B. Share and Storage Management
C. Computer Management
D. File Server Resource Manager (FSRM)
Answer: C
Explanation:
From Computer Management, click on Disk Management on left pane and wait for the list of drives to refresh. Once the list of drives appear in the middle pane, right click Disk Management and select Create VHD.
QUESTION
Your network contains one Active Directory domain named contoso.com.
The domain contains 2,000 client computers used by students.
You recently discover an increase in calls to the helpdesk that relate to security policy to meet the following requirement:
– Modify the UserName of the built-in account named Administrator
– Support a time mismatch between client computers and domain controllers of up to three minutes.
Which Two security settings should you modify?
A. Account Policies
B. Password Policy
C. Account Lockout Policy
D. Kerberos Policy
E. Local Policies
F. Audit Policy
G. User Rights Assignment
H. Security Options
Answer: DH
Explanation:
In Group Policy Object Editor, click Computer Configuration, click Windows Settings, click Security Settings, click Local Policies, and then click Security Options.
In the details pane, double-click Accounts: Rename administrator account.
QUESTION
Your network contains an Active Directory domain named contoso.com.
You create a software restriction policy to allow an application named App1 by using a certificate rule.
You need to prevent the software restriction policy from applying to users that are members of the local Administrators group.
What should you do?
A. Modify the rule for App1
B. Modify the Enforcement Properties
C. Modify the Security Levels.
D. Modify the Trusted Publishers Properties
Answer: B
Explanation:
https://technet.microsoft.com/en-us/library/cc776536(v=ws.10).aspx
QUESTION
Your network contains one Active Directory domain named contoso.com.
The domain contains 20 member server and five domain controllers. All domain controllers run Windows Server 2012 R2. The domain contains 500 client computers.
You plan to deploy a domain controller for contoso.com in Microsoft Azure.
You need to prepare the enviroment for the planned deployment. The solution must ensure that the domain controller hosted in Azure always has the same IP address.
Which two actions should you perfomr? Each correct answer presents part of solution.
A. Deploy a site-to-site virtual private network (VPN).
B. From an Azure virtual machine, run the Set-NetIPAddress cmdlet.
C. From an Azure virtual machine, run the Set-AzureStaticVNetIP cmdlet.
D. From a domain controller, run the Set-NetIPAddress cmdlet.
E. From a domain controller, run adprep.exe.
Answer: AC
QUESTION
You have a server named Server1 that runs Windows Server 2012 R2.
You apply a secerity policy to Server1 by using the Security Configuration Wizard (SCW).
You plan to roll back the security policy.
You need to indentify the setting that are prevented from rolling back using the SCW.
Which setting shoulld you identify?
A. the outbound authentication methods
B. the system access control lists (SACLs)
C. the service startup mode
D. the network security rules
Answer: D
QUESTION 456
Hotspot Question
The domain contains an organizational unit (OU) named Groups that contains a universal security named Group1.
You run the following command from Windows PowerShell.
Get-ADGroup Group1 -properties managedby | New-ADGroup -name “Group2” -SamAccountName group2 -groupcategory distribution -groupscope global
You need to identify which properties of group1 will be copied to Group2.
What should you identify? To answer, select the appropriate options in the answer area.
The group type
Will be different from Group1
Will be the same as Group1
The group scope
Will be different from Group1
Will be the same as Group1
The managed by attribute
Will be different from Group1
Will be the same as Group1
The permission assigned to group1
Will be different from Group1
Will be the same as Group1
Answer:
The group type Will be different from Group1
The group scope Will be different from Group1
The managed by attribute Will be the same as Group1
The permission assigned to group1 — this is either a typo or a trick question the command would not change permissions on group 1 nor would it copy the permissions from group1 to group2.
QUESTION
You have a server named Server1 that Runs Windows Server 2012 R2.
You configure IPSec rules for connections to Server1.
On Server1, you plan to create an inbound firewall rule that contains the following settings:
– Allows inbound connections to an application named App1.exe
– Applies to the domain profile
– Overrides any block rules
You need to identify the minimum information required to create the rule.
Which two pieces of information should you identify? Each correct answer presents part of the solution.
A. the list of Active Directory users who are authorized to use the application.
B. the list of computers that are authorized to use the application.
C. the hash of the application.
D. the local path of the application.
E. the name at the IPSec policies that apply to Server1
Answer: BD
Explanation:
B: To overwritte deny rule, you need to specify the list of computers.
D: For NAMED application you need local path to the app, in other case you will specify all programs, in answer must be a match.
QUESTION
You have a server named Server1 that runs Windows Server 2012 R2.
You apply a security policy to server1 by using the Security Configuration Wizard (CWM).
You plan to roll back the security policy.
You need to identify the settings that are prevented from rolling back running the CWM
Witch settings should you identify.
A. The secure startup order
B. The outbound authentication methods
C. The network security rules
D. The system access control list (SAClist)
Answer: D
Explanation:
System Keeps Auditing After Rollback
In the auditing section of SCW there is an option to include the SCWAudit.inf template. If you do so, SCW configures System Access Control Lists (SACL) on a number of files. Without this template SCW will configure the system to perform object access auditing but since no files have SACLs on them by default, no file access will actually be audited.
If you apply a policy with this option turned on and you subsequently roll back the policy the SACLs will remain on the system. Consequently, if the system is configured to perform Object Access Auditing you will find auditing events in the Security Event Log. This is by design. SCW is not designed to roll back ACLs. To clear these SACLs you would need to manually restore any pre- existing SACLs. As long as these were defined in a security template doing so is a simple matter of re-applying that security template.
http://blog.netwrix.com/2015/06/19/configure-audit-policy-and-security-using-security-configuration-wizard/
QUESTION
Your network contains an active directory domain named contoso.com. The domain consists 20 member Servers and 5 domain controllers. All servers run Windows Server 2012 R2.
The domain contains 500 client computers.
You plan to deploy a domain controller for contoso.com in Microsoft Azure.
You need to prepare the conversation for planned deployment. The solution should ensure that the domain controller hosted in Azure always have the same IP address.
Which two actions should you perform? Each correct answer is a part of the solution.
A. From an Azure virtual machine run the Set-AzureStaticVNetIP cmdlet
B. Deploy a Side by side virtual private network (VPN)
C. From Azure virtual machine run the Set 璑etIPAuthentication cmdlet
D. From an domain controller run the Set-NetIPAdresses cmdlet
E. From an domain controller run adprep.exe
Answer: AB
QUESTION
You have a Hyper-V host named Server1 that runs Windows Server 2012 R2. Server1 host 50 virtual machines that run Windows Server 2012 R2.
You enable and configure enhanced session mode on Server1.
you need to identify a new functionality available for the virtual machines hosted on Server1.
What should you identify?
A. Smart card authentication using virtual machine connections
B. Redirection of RemoteFX USB drivers by using reomte desktop connections
C. Redirection of RemoteFX USB drivers using virtual machine connections
D. Smar card authentication using the remote desktop client.
Answer: B
Explanation:
In order to implement USB device redirection through Virtual Machine Connection, you need to perform an additional configuration step. Using the Group Policy management tool on the client computer, enable the Allow RDP redirection of other supported RemoteFX USB devices from computer group policy. You can find this policy under Administrative Templates->Windows Components->Remote Desktop Services->RemoteFX USB Device Redirection. After enabling the policy, use the GPUPDATE /FORCE command to apply this change on the client, and then reboot it. Figure 10 shows the Local Resources dialog for a virtual machine for which USB device redirection has been enabled.
http://www.virtualizationadmin.com/articles-tutorials/microsoft-hyper-v-articles/management/using-virtual-machine-connection-and-enhanced-session-mode-windows-server-2012-r2.html
2016 New 70-410 Study Materials Recommendation:
1.2016 New 70-410 Dumps PDF and 70-410 VCE Files 481q: http://www.braindump2go.com/70-410.html
2.Microsoft 70-410 Exam Questions and Answers PDF Files from–Google.com