Microsoft 70-411 Exam Questions & Practice Test – Free Download (61-70)

Microsoft 70-411 Exam Questions & Practice Test – Free Download (61-70)

QUESTION 61
Your network contains an Active Directory domain named adatum.com. You need to audit changes to the files in the SYSVOL shares on all of the domain controllers. The solution must minimize the amount of SYSVOL replication traffic caused by the audit.
Which two settings should you configure? (Each correct answer presents part of the solution. Choose two.)

A.    Audit Policy\Audit system events
B.    Advanced Audit Policy Configuration\DS Access
C.    Advanced Audit Policy Configuration\Global Object Access Auditing
D.    Audit Policy\Audit object access
E.    Audit Policy\Audit directory service access
F.    Advanced Audit Policy Configuration\Object Access

Answer: DF
Explanation:
http://technet.microsoft.com/en-us/library/dd772690(v=ws.10).aspx

QUESTION 62
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. The domain contains 500 client computers that run Windows 8 Enterprise.
You implement a Group Policy central store.
You have an application named Appl. Appl requires that a custom registry setting be deployed to all of the computers.
You need to deploy the custom registry setting. The solution must minimize administrator effort.
What should you configure in a Group Policy object (GPO)?

A.    The Administrative Templates
B.    An application control policy
C.    The Group Policy preferences
D.    Software installation setting

Answer: C
Explanation:
http://technet.microsoft.com/es-es/library/hh125923%28v=WS.10%29.aspx
http://technet.microsoft.com/en-us/library/gg699429.aspx
http://www.unidesk.com/blog/gpos-set-custom-registry-entries-virtual-desktops-disabling-machine- password
http://technet.microsoft.com/en-us/library/cc784044%28v=ws.10%29.aspx

QUESTION 63
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2.
You create an Active Directory snapshot of DC1 each day.
You need to view the contents of an Active Directory snapshot from two days ago.
What should you do first?

A.    Run the dsamain.exe command.
B.    Stop the Active Directory Domain Services (AD DS) service.
C.    Run the ntdsutil.exe command.
D.    Start the Volume Shadow Copy Service (VSS).

Answer: C

QUESTION 64
Your network contains an Active Directory domain named adatum.com. All domain controllers run Windows Server 2012 R2. The domain contains a virtual machine named DC2.
On DC2, you run Get-ADDCCloningExcludedApplicationList and receive the output shown in the following table.
You need to ensure that you can clone DC2.
Which two actions should you perform?
(Each correct answer presents part of the solution.
Choose two.)

A.    Create an empty file named CustomDCClonesAllowList.xml
B.    Add the following information to the DCCloneConfigSchema.xsd <AllowList>
<Allow>
<Name>App1</Name>
<Type>Service</Type>
</Allow>
</AllowList>
C.    Create a filename DCCloneConfig.xml that contains the following information
<AllowList>
<Allow>
<Name>App1</Name>
<Type>Service</Type>
</Allow>
</AllowList>
D.    Create a filename CustomDCCloneAllowList.xml that contains the following
information <AllowList>
<Allow>
<Name>App1</Name>
<Type>Service</Type>
</Allow>
</AllowList>
E.    Create an empty file named DCCloneConfig.xml

Answer: DE
Explanation:
D: Run Get-ADDCCloningExcludedApplicationList cmdlet
In this procedure, run the Get-ADDCCloningExcludedApplicationList cmdlet on the source virtualized domain controller to identify any programs or services that are not evaluated for cloning. You need to run the Get-ADDCCloningExcludedApplicationList cmdlet before the New-ADDCCloneConfigFile cmdlet because if the New-ADDCCloneConfigFile cmdlet detects an excluded application, it will not create a DCCloneConfig.xml file.
To identify applications or services that run on a source domain controller which have not been evaluated for cloning
1. On the source domain controller (VirtualDC1), click Server Manager, click Tools, click Active Directory Module for Windows PowerShell and then type the following command:
Get-ADDCCloningExcludedApplicationList
2. Vet the list of the returned services and installed programs with the software vendor to determine whether they can be safely cloned. If applications or services in the list cannot be safely cloned, you must remove them from the source domain controller or cloning will fail.
3. For the set of services and installed programs that were determined to be safely cloned, run the command again with the 璆enerateXML switch to provision these services and programs in the CustomDCCloneAllowList.xml file.
Get-ADDCCloningExcludedApplicationList -GenerateXml
E: The clone domain controller will be located in the same site as the source domain controller unless a different site is specified in the DCCloneConfig.xml file.
Note:
* The Get-ADDCCloningExcludedApplicationList cmdlet searches the local domain controller for programs and services in the installed programs database, the services control manager that are not specified in the default and user defined inclusion list. The applications in the resulting list can be added to the user defined exclusion list if they are determined to support cloning. If the applications are not cloneable, they should be removed from the source domain controller before the clone media is created. Any application that appears in cmdlet output and is not included in the user defined inclusion list will force cloning to fail.
* The Get-ADDCCloningExcludedApplicationList cmdlet needs to be run before the New- ADDCCloneConfigFile cmdlet is used because if the New-ADDCCloneConfigFile cmdlet detects an excluded application, it will not create a DCCloneConfig.xml file.
* DCCloneConfig.xml is an XML configuration file that contains all of the settings the cloned DC will take when it boots. This includes network settings, DNS, WINS, AD site name, new DC name and more. This file can be generated in a few different ways.
The New-ADDCCloneConfig cmdlet in PowerShell
By hand with an XML editor
By editing an existing config file, again with an XML editor (Notepad is not an XML editor.) Reference: Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)

QUESTION 65
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. You pre-create a read-only domain controller (P.QDC) account named RODC1. You export the settings of RODC1 to a file named File1.txt. You need to promote RODC1 by using File1.txt.
Which tool should you use?

A.    The Dcpromo command
B.    The Install-WindowsFeature cmdlet
C.    The Install-ADDSDomainController cmdlet
D.    The Add-WindowsFeature cmdlet
E.    The Dism command

Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/jj574152.aspx
If you have experience creating read-only domain controllers, you will discover that the installation wizard has the same graphical interface as seen when using the older Active Directory Users and Computers snap-in from Windows Server 2008 and uses the same code, which includes exporting the configuration in the unattend file format used by the obsolete dcpromo.”
“The Summary dialog enables you to confirm your settings. This is the last opportunity to stop the installation before the wizard creates the staged account. Click Next when you are ready to create the staged RODC computer account. Click Export Settings to save an answer file in the obsolete dcpromo unattend file format.”

QUESTION 66
Your network contains an Active Directory domain named contoso.com. Domain controllers run either Windows Server 2003, Windows Server 2008 R2, or Windows Server 2012 R2. A support technician accidentally deletes a user account named User1.
You need to use tombstone reanimation to restore the User1 account.
Which tool should you use?

A.    Ntdsutil
B.    Ldp
C.    Esentutl
D.    Active Directory Administrative Center

Answer: B
Explanation:
A. You can use the ntdsutil commands to perform database maintenance of AD DS, manage and control single master operations, and remove metadata
B. use Ldp.exe to restore a single, deleted Active Directory object
C. Provides database utilities for the Extensible Storage Engine (ESE) for Windows Vista.
D. ADAC offers no options to restore deleted objects
http://technet.microsoft.com/nl-nl/library/dd379509(v=ws.10).aspx#BKMK_2 http://technet.microsoft.com/en-us/magazine/2007.09.tombstones.aspx http://technet.microsoft.com/en-us/library/hh875546.aspx
http://technet.microsoft.com/en-us/library/dd560651(v=ws.10).aspx

QUESTION 67
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC4 that runs Windows Server 2012 R2. You create a DCCloneConfig.xml file. You need to clone DC4.
Where should you place DCCloneConfig.xml on DC4?

A.    %Systemroot%\SYSVOL
B.    %Programdata%\Microsoft
C.    %Systemroot%\NTDS
D.    %Systemdrive%

Answer: C
Explanation:
As the output shows, the XML file is written to c:\windows\ntds. That’s one of three valid locations where the file can be placed for cloning. All three locations are:
%windir%\NTDS
Wherever the DIT lives (if you’ve changed the path to D:\NTDS, for example) the root of any removable media

QUESTION 68
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. On DC1, you add a new volume and you stop the Active Directory Domain Services (AD DS) service.
You run ntdsutil.exe and you set NTDS as the active instance. You need to move the Active Directory database to the new volume.
Which Ntdsutil context should you use?

A.    Configurable Settings
B.    Partition management
C.    IFM
D.    Files

Answer: D
Explanation:
A. Aids in modifying the time to live (TTL) of dynamic data that is stored in Active Directory Domain Services (AD DS). At the configurable setting: prompt, type any of the parameters listed under Syntax.
B. Manages directory partitions for Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS).
C. Creates installation media for writable (full) domain controllers, read-only domain controllers (RODCs), and instances of Active Directory Lightweight Directory Services (AD LDS).
D. ntdsutil move db to %s Moves the directory service log files to the new directory specified by %s, and updates the registry so that, upon service restart, the directory service uses the new location. http://technet.microsoft.com/en-us/library/cc753343(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc755229(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc730970(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc732530(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc753900(v=ws.10).aspx

QUESTION 69
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. On all of the domain controllers, Windows is installed in C:\Windows and the Active Directory database is located in D:\Windows\NTDS\. All of the domain controllers have a third-party application installed. The operating system fails to recognize that the application is compatible with domain controller cloning. You verify with the application vendor that the application supports domain controller cloning. You need to prepare a domain controller for cloning.
What should you do?

A.    In D:\Windows\NTDS\, create an XML file named DCCloneConfig.xml and add the application
information to the file.
B.    In D:\Windows\NTDS\, create an XML file named CustomDCCloneAllowList.xml and add the application
information to the file.
C.    In the root of a USB flash drive, add the application information to an XML file named DefaultDCClone
AllowList.xml.
D.    In D:\Windows\NTDS, create an XML file named DefaultDCCloneAllowList.xml and add the application
information to the file.

Answer: B
Explanation:
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2012/09/10/new-features-in-active- directory-domainservices-in-windows-server-2012-part-13-domain-controller-cloning.aspx
Place the CustomDCCloneAllowList.xml file in the same folder as the Active Directory database (ntds.dit) on the source Domain Controller.

QUESTION 70
Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. On all of the domain controllers, Windows is installed in C:\Windows and the Active Directory database is located in D:\Windows\NTDS\. All of the domain controllers have a third-party application installed. The operating system fails to recognize that the application is compatible with domain controller cloning.
You verify with the application vendor that the application supports domain controller cloning.
You need to prepare a domain controller for cloning.
What should you do?

A.    In the root of a USB flash drive, add the application information to an XML file named DefaultDCClone
AllowList.xml.
B.    In C:\Windows\system32\sysprep\actionfiles\, add the application information to an XML file named
Specialize .xml.
C.    In D:\Windows\NTDS\, create an XML file named CustomDCCloneAllowList.xml and add the application
information to the file.
D.    In C:\Windows\system32\sysprep\actionfiles\add the application information to an XML file named
Respecialize .xml.

Answer: C

If you want to pass Microsoft 70-411 successfully, donot missing to read latest lead2pass Microsoft 70-411 practice exams.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/70-411.html

         

Author: admin