Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server2 runs Windows Server 2012 R2. You create a security template named Template 1 by using the Security Templates snap-in. You need to apply template 1 to Server 2. Which tool should you use?
A. Security Templates.
B. Computer Management.
C. Security Configuration and Analysis.
D. System Configuration.
Security templates are inactive until imported into a Group Policy object or the Security Configurationand Analysis.
Your network contains an active directory domain named contoso.com. The domain contains a domain controller named DCS. DCS has a server core installation of windows server 2012. You need to uninstall Active Directory from DCS manually. Which tool should you use?
A. The Remove-WindowsFeature cmdlet
B. the dsamain.exe command
C. the ntdsutil.exe command
D. the Remove-ADComputer cmdlet
A. Removes Roles and Features to remove DC use Uninstall-addsdomaincontroller
B.Exposes Active Directory data that is stored in a snapshot or backup as a Lightweight Directory Access
Protocol (LDAP) server
C. Manually removes a domain controller
D. Removes AD computer object
You have a server named Server 2 that runs Windows Server 2012 R2. Server 2 has the Hyper-V server role installed.
The disks on Server2 are configured as shown in the exhibit. (Click the Exhibit button).
You create a virtual machine on Server2 named VM1. You need to ensure that you can configure a pass-through disk for VM1. What should you do?
A. Convert Disk 1 to a MBR disk.
Pass-through Disk Configuration
Hyper-V allows virtual machines to access storage mapped directly to the Hyper-V server without requiring the volume be configured. The storage can either be a physical disk internal to the Hyper-V server or it can be a Storage Area Network (SAN) Logical Unit (LUN) mapped to the Hyper-V server. To ensure the Guest has exclusive access to the storage, it must be placed in an Offline state from the Hyper-V server perspective
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 has following hardware configurations:
– 16GB of RAM
– A single quad-core CPU
– Three network teams that have two network adapters each
You add additional CPUs and RAM to Server 1.
You repurpose Server1 as a virtualization host. You install the Hyper-V server role on Server1. You need to create four external virtual switches in Hyper-V. Which cmdlet should you run first?
A. Sets adapter properties
B. Add new interface to NIC Team
C. Adds vadapter to vm
D. Removed NIC from host
You need 4 virtual switches but currently only have 3 teams available. You would need to break a team first.
http://technet.microsoft.com/en-us/library/jj130875(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj130850(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh848564(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj130848(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj130848.aspx
Your network contains an Active Directory domain named contoso.com. The domain contains two servers that run Windows Server 2012 R2. You create a security template named template 1 by using the Security Templates snap-in. You need to apply Template 1 to Server2. Which tool should you use?
A. System Configuration
B. Local Security Policy
C. Server Manager
D. Certificate Templates
The Security Configuration Wizard (SCW) guides you through the process of creating, editing,
applying, or rolling back a security policy.
You can run SCW from Administrative Tools or ServerManager.
* Security templates provide standard security settings to use as a model for your security policies. They help
you troubleshoot problems with computers whose security settings are not in compliance with policy or are
unknown. Security templates are inactive until imported into a Group Policy object or the Security Configuration
and Analysis snap-in to MMC.
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server 2012. You create a group Manged Service Account named gservice1. You need to configure a service named Service1 to run as the gservice1 account. How should you configure Service1?
A. From a command prompt, run sc.exe and specify the config parameter.
B. From Windows PowerShell,run Set-Service and specify the -PassThrough parameter
C. From Windows PowerShell,run Set-Service and specify the -StartupType parameter
D. From Services Console configure the General settings
Your network contains an Active Directory domain named adatum.com. The domain contains a member server named Server1 and a domain controller named DC2. All servers run Windows Server 2012 R2. On DC2, you open Server Manager and you add Server1 as another server to manage. From Server Manager on DC2, you right-click Server1 as shown in the exhibit. You need to ensure that when you right-click Server1, you see the option to run the DHCP console. What should you do?
A. On Server1, install the Feature Administration Tools.
B. In the domain, add DC1 to the DHCP Administrators group.
C. On DC2 and Server1, run winrm quickconfig.
D. On DC2, install the Role Administration Tools.
Your network contains an Active Directory domain named contoso.com. An organizational unit (OU) named OU1 contains user accounts and computer accounts. A Group Policy object (GPO) named GP1 is linked to the domain. GP1 contains Computer Configuration settings and User Configuration settings.
You need to prevent the User Configuration settings in GP1 from being applied to users. The solution must ensure that the Computer Configuration settings in GP1 are applied to all client computers. What should you configure?
A. the Group Policy loopback processing mode
B. the Block Inheritance feature
C. the Enforced setting
D. the GPO Status
A. Group Policy loopback with replace option needs to be used B. Blocking inheritance prevents Group Policy objects (GPOs) that are linked to higher sites, domains, ororganizational units from being automatically inherited by the child-level C. Enforced prevent blocking at lower level
D. The GPO Status. This indicates whether either the user configuration or computer configuration of the GPOis enabled or disabled.
You can use the Group Policy loopback feature to App1y Group Policy Objects (GPOs) that depend only onwhich computer the user logs on to.
User Group Policy loopback processing can be enabled in one of two modes: merge or replace. In mergemode, both GPOs App1ying to the user account and GPOs App1ying to the computer account are processedwhen a user logs in. GPOs that App1y to the computer account are processed second and therefore takeprecedence ?if a setting is defined in both the GPO(s) App1ying to the user account, and the GPO(s) App1yingto the computer account, the setting in the GPO(s) App1ying to the computer account will be enforced. With thereplace mode, GPOs App1ying to the user account are not processed ?only the GPOs App1ying to thecomputer account are App1ied. Loopback can be set to Not Configured, Enabled, or Disabled. In the Enabled state, loopback can be set toMerge or Replace. In either case the user only receives user-related policy settings. Loopback with Replace–In the case of Loopback with Replace, the GPO list for the user is replaced in itsentirety by the GPO list that is already obtained for the computer at computer startup (during step 2 in GroupPolicy processing and precedence). The User Configuration settings from this list are App1ied to the user.
Loopback with Merge–In the case of Loopback with Merge, the Group Policy object list is a concatenation.
The default list of GPOs for the user object is obtained, as normal, but then the list of GPOs for the computer(obtained during computer startup) is appended to this list. Because the computer’s GPOs are processed afterthe user’s GPOs, they have precedence if any of the settings conflict. This is a COMPUTER setting, which is found under Computer Configuration | Administrative Templates |
System | Group Policy | User Group Policy Loopback Processing Mode You want to create a new OU in AD that is dedicated to computer accounts that will have loopbackprocessing enabled. Create a new GPO in your new OU to enable User Group Policy Loopback Processing and set theappropriate mode (merge / replace).
You will define the user settings you want to App1y to the loopback-enabled PCs via GPOs in this same newOU. You can define these settings either in the same GPO where you enabled the User Group PolicyLoopback Processing setting, or you create another new GPO in the same OU for your user settings.
Remember that when using the REPLACE mode, none of your other user GPOs will be App1ied whena user logs in to a machine that has loopback processing enabled. ONLY the user settings that aredefined in the GPOs that App1y to that machine will be App1ied.
http://msmvps.com/blogs/cgross/archive/2009/10/12/group-policy-loopbackprocessing.aspx http://technet.microsoft.com/en-us/library/cc782810(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc731076.aspx
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed.
On Server1, you create a virtual machine named VM1. When you try to add a RemoteFX 3D Video Adapter to VM1, you discover that the option is unavailable as shown in the following exhibit.
A. On Server1, run the Enable-VMRemoteFxPhysicalVideoAdapter cmdlet.
B. On Server1, install the Media Foundation feature.
C. On Server1, run the Add-VMRemoteFx3dVideoAdapter cmdlet.
D. On Server1, install the Remote Desktop Virtualization Host (RD Virtualization Host) role service.
A. Enables one or more RemoteFX physical video adapters for use with RemoteFX-enabled virtual machines.
C. Adds a RemoteFX video adapter in a virtual machine.
D. Role must be added for host first
TM is included as part of the Remote Desktop Virtualization Host role service, and it Microsoft?RemoteFX
enables the delivery of a full Windows user experience to a range of client devices including rich clients, thin clients, and ultrathin clients. RemoteFX renders content by using graphics processing units (GPUs) that are present on the server and then shared across multiple virtual desktops. RemoteFX renders a range of content including DirectX and all types of multimedia, and it is optimized for LAN-based networks. The number of monitors and their maximum resolution determines the amount of GPU memory on the server required by RemoteFX. This consideration is important in determining the scale for how many virtual machines a Remote Desktop Virtualization Host server can support.
http://technet.microsoft.com/en-us/library/hh848506(v=wps.620).aspx http://technet.microsoft.com/en-us/library/hh848520(v=wps.620).aspx http://technet.microsoft.com/en-us/library/ff817586(v=ws.10).aspx
Your network contains two Hyper-V hosts named Host1 and Host2. Host1 contains a virtual machine named VM1. Host2 contains a virtual machine named VM2. VM1 and VM2 run Windows Server 2012 R2. You install the Network Load Balancing feature on VM1 and VM2. You need to ensure that the virtual machines are configured to support Network Load Balancing (NLB). Which virtual machine settings should you configure on VM1 and VM2?
A. Router guard
B. DHCP guard
C. Port mirroring
D. MAC address
In Hyper-V, the VM host prevents dynamic MAC address updates as an extra layer of security in thedatacenter. This is because the VM may have full administrator rights, yet it may be untrusted in thedatacenter, for example when the VM hosting is provided by an independent hosting company. In this scenario,we need to make sure that one VM cannot cause a DOS or information disclosure attack against another VM. If a VM is able to spoof its MAC address, then it can spoof the MAC addresses of other VMs and impactother VMs on that host. The physical switches have similar protections and it is up to the admin to enable thatprotection or not. If you do not enable spoofing of MAC address prior to configuring NLB on the VM you could potentially haveproblems with the NLB cluster.
When configuring NLB in unicast mode on Hyper-V with enable spoofing of MAC Address disabled you maysee some of the following symptoms:
When initially configuring NLB you will lose network connectivity on the network adaptor NLB was configuredon.
?There will be an NLB error event in the Windows Event Log stating that the network adaptor does not supportdynamic MAC address updates.
After rebooting the server, NLB will appear to be bound to the network adapter, but the cluster VIP will nothave been added to the network adaptor.
?The cluster MAC address will still be the original MAC address associated with the network adaptor prior toconfiguring NLB. Use CMD>ipconfig /all to view the MAC address.
It should start with “02-BF-***”
If you ignore all previous symptoms and manually add the VIP you could get an IP conflict if there are othernodes in the cluster that have the same VIP.
With that said, to allow VM guests to run NLB you need to set the VM property for “Enable spoofing of MACAddress”.
To enable spoofing of MAC Addresses open the Hyper-V management console. Make sure the VM is stoppedopen the properties of the VM. Select the Network Adaptor for the NLB VM and check the “Enable spoofing ofMAC Address” and click OK. Then start the VM.
If you want to pass the Microsoft 70-410 Exam sucessfully, recommend to read latest Microsoft 70-410 Dump full version.