15 tips on How to 70-410 Test Like a Badass [316 to 330]

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 70-410 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/70-410-dumps.html


70-410 Product Description:
Exam Number/Code: 70-410 vce
Exam name: Installing and Configuring Windows Server 2012
n questions with full explanations
Certification: Microsoft Certification
Last updated on Global synchronizing

Instant Access to Free VCE Files: Microsoft 70-410 Installing and Configuring Windows Server 2012

70-410 examcollection

Best Quality of 70-410 exam cost materials and lab for Microsoft certification for IT examinee, Real Success Guaranteed with Updated 70-410 pdf dumps vce Materials. 100% PASS Today!

2016 Mar 70-410 Study Guide Questions:

Q316. DRAG DROP - (Topic 3) 

You have two servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Hyper-V server role installed. Server1 hosts a virtual machine named VM1. VM1 is currently running. VM1 has a snapshot that was created two weeks ago. 

You plan to use Server2 to perform a forensic analysis of the contents of the disk of VM1 from two weeks ago. 

You need to ensure that you can view the contents of the disk of VM1 from two weeks ago from Server2. 

Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.) 


Answer: 



Q317. - (Topic 2) 

You have a server named Server2 that runs Windows Server 2012 R2. 

A network technician installs a new disk on Server2 and creates a new volume. 

The properties of the new volume are shown in the exhibit. (Click the Exhibit button.) 


You need to ensure that you can enable NTFS disk quotas for volume D. 

What should you do first? 

A. Format volume D 

B. Install the File Server Resource Manager role service 

C. Run the convert.exe command 

D. Convert the disk to a dynamic disk 

Answer: A 

Explanation: 

To be able to use a NEW disk so that you can enable NTFS disk quotas, in other word REFS to NTFS, it requires formatting first. 


Q318. - (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 runs Windows Server 2012 R2 and has the Hyper-V server role installed. 

On Server1, an administrator creates a virtual machine named VM1. 

A user named User1 is the member of the local Administrators group on Server1. 

User1 attempts to modify the settings of VM1 as shown in the following exhibit. (Click the 

Exhibit button.) 


You need to ensure that User1 can modify the settings of VM1 by running the Set-Vm cmdlet. 

What should you instruct User1 to do? 

A. Import the Hyper-V module. 

B. Install the Integration Services on VM1. 

C. Run Windows PowerShell with elevated privileges. 

D. Modify the membership of the local Hyper-V Administrators group. 

Answer: C 

Explanation: 

You can only use the PowerShell snap-in to modify the VM settings with the vm cmdlets 

when you are an Administrator. 

Thus best practices dictate that User1 run the PowerShell with elevated privileges. 

Reference: http://technet.microsoft.com/en-us/library/jj713439.aspx 


Q319. - (Topic 1) 

Your network contains an Active Directory domain named contoso.com. All client computer accounts are in an organizational unit (OU) named AllComputers. Client computers run either Windows 7 or Windows 8. 

You create a Group Policy object (GPO) named GP1. 

You link GP1 to the AllComputers OU. 

You need to ensure that GP1 applies only to computers that have more than 8 GB of 

memory. 

What should you configure? 

A. The Security settings of GP1 

B. The Block Inheritance option for AllComputers 

C. The Security settings of AllComputers 

D. The WMI filter for GP1 

Answer: D 

Explanation: 

Windows Management Instrumentation (WMI) filters allow you to dynamically determine the scope of Group Policy objects (GPOs) based on attributes of the target computer. When a GPO that is linked to a WMI filter is applied on the target computer, the filter is evaluated on the target computer. If the WMI filter evaluates to false, the GPO is not applied (except if the client computer is running Windows Server, in which case the filter is ignored and the GPO is always applied). If the WMI filter evaluates to true, the GPO is applied. WMI filters, like GPOs, are stored on a per-domain basis. A WMI filter and the GPO it is linked to must be in the same domain. 

References: Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 10: Implementing Group Policy, p.470, 482 http://technet.microsoft.com/en-us/library/jj134176 WMI filtering using GPMC 


Q320. - (Topic 2) 

You have a server named Data1 that runs a Server Core Installation of Windows Server 2012 R2 Standard. 

You need to configure Data1 to run a Server Core Installation of Windows Server 2012 R2 Enterprise. You want to achieve this goal by using the minimum amount of administrative effort. 

What should you perform? 

A. a clean installation of Windows Server 2012 

B. an offline servicing by using Dism 

C. an online servicing by using Dism 

D. an upgrade installation of Windows Server 2012 

Answer: C 

Explanation: 

References: Training Guide: Installing and Configuring Windows Server 2012 R2: Chapter 2: Deploying Servers, p. 44 Exam Ref 70-410: Installing and Configuring Windows Server 2012 R2: Chapter 1: Installing and Configuring Servers, p. 19-22 


70-410 free exam

Improved 70-410 torrent:

Q321. - (Topic 3) 

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has 2 dual-

core processors and 16 GB of RAM. 

You install the Hyper-V server role in Server1. 

You plan to create two virtual machines on Server1. 

You need to ensure that both virtual machines can use up to 8 GB of memory. The solution 

must ensure that both virtual machines can be started simultaneously. 

What should you configure on each virtual machine? 

A. Dynamic Memory 

B. NUMA topology 

C. Memory weight 

D. Resource Control 

Answer: A 


Q322. DRAG DROP - (Topic 3) 

You plan to deploy a DHCP server that will support four subnets. The subnets will be configured as shown in the following table: 


You need to identify which network ID you should use for each subnet. What should you identify? To answer, drag the appropriate network ID to the each subnet in the answer area. 


Answer: 



Q323. - (Topic 2) 

Your network contains a production Active Directory forest named contoso.com and a test Active Directory forest named contoso.test. A trust relationship does not exist between the forests. 

In the contoso.test domain, you create a backup of a Group Policy object (GPO) named GPO1. 

You transfer the backup of GPO1 to a domain controller in the contoso.com domain. 

You need to create a GPO in contoso.com based on the settings of GPO1.You must achieve this goal by using the minimum amount of Administrative effort. 

What should you do? 

A. From Windows PowerShell, run the Get- GPO cmdlet and the Copy- GPO cmdlet. 

B. From Windows PowerShell, run the New- GPO cmdlet and the Import- GPO cmdlet. 

C. From Group Policy Management, create a new starter GPO. Right-click the new starter GPO, and then click Restore from Backup. 

D. From Group Policy Management, right-click the Croup Policy Objects container, and then click Manage Backups. 

Answer: B 

Explanation: 

A. Copy-GPO requires domain trust / copy from one domain to another domain within the same forest. 

B. The Import-GPO cmdlet imports the settings from a GPO backup into a specified target GPO. The target GPO can be in a different domain or forest than that from which the backup was made and it does not have to exist prior to the operation. 

C. This would create a starter GPO, not a GPO. 

D: You can also restore GPOs. This operation takes a backed-up GPO and restores it to the same domain from rom the GPO’s original which it was backed up. You cannot restore a GPO from backup into a domain different f domain. The New-GPO cmdlet creates a new GPO with a specified name. By default, the newly created GPO is not linked to a site, domain, or organizational unit (OU). The Import-GPO cmdlet imports the settings from a GPO backup into a specified target GPO. The target GPO can be in a different domain or forest than that from which the backup was made and it does not have to exist prior to the operation. The Restore-GPO cmdlet restores a GPO backup to the original domain from which it was saved. If the original domain is not available, or if the GPO no longer exists in the domain, the cmdlet fails. 

Since the GPO’s original domain is different and there is no trust relationship between forests, you should execute the New-GPO command and import the already existing command into the ‘new’ domain. 


Q324. - (Topic 3) 

Your network contains an Active Directory domain named contoso.com. The domain contains a DHCP server named Server1that runs Windows Server 2012 R2. 

You create a DHCP scope named Scope1. The scope has a start address of 192168.1.10, an end address of 192.168.1.50, and a subnet mask of 255.255.255.192. 

You need to ensure that Scope1 has a subnet mask of 255.255.255.0. What should you do first? 

A. From Windows PowerShell, run the Remove-DhcpServerv4PolicyIPRange cmdlet. 

B. From the DHCP console, modify the Scope Options of Scope1. 

C. From Windows PowerShell, run the Remove-DhcpServerv4Scope cmdlet. 

D. From Windows PowerShell, run the Set-DhcpServerv4Scope cmdlet. 

Answer: C 

Explanation: 

. Set-DhcpServerv4Scope Sets the properties of an existing IPv4 scope on the Dynamic Host Configuration Protocol (DHCP) server service. 

. Syntax: Parameter Set: WithoutRange Set-DhcpServerv4Scope [-ScopeId] <IPAddress> [-ActivatePolicies <Boolean> ] [-AsJob] [-CimSession <CimSession[]> ] [-ComputerName <String> ] [-Delay <UInt16> ] [-Description <String> ] [-LeaseDuration <TimeSpan> ] [-MaxBootpClients <UInt32> ] [-Name <String> ] [-NapEnable <Boolean> ] [-NapProfile <String> ] [-PassThru] [-State <String> ] [-SuperscopeName <String> ] [-ThrottleLimit <Int32> ] [-Type <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>] Parameter Set: WithRange Set-DhcpServerv4Scope [-ScopeId] <IPAddress> -EndRange <IPAddress> -StartRange <IPAddress> [-ActivatePolicies <Boolean> ] [-AsJob] [-CimSession <CimSession[]> ] [-ComputerName <String> ] [-Delay <UInt16> ] [-Description <String> ] [-LeaseDuration <TimeSpan> ] [-MaxBootpClients <UInt32> ] [-Name <String> ] [-NapEnable <Boolean> ] [-NapProfile <String> ] [-PassThru] [-State <String> ] [-SuperscopeName <String> ] [-ThrottleLimit <Int32> ] [-Type <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>] 


Q325. - (Topic 3) 

You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the 

Hyper-V server role installed. On Server1, you create a virtual machine named VM1. 

You need to ensure that VM1 can start by using PXE. 

What should you do? 

A. Add a second network adapter, and then run the Set-VMNetworkAdaptercmdlet. 

B. Add a second network adapter, and then configure network adapter teaming. 

C. Remove the network adapter, and then run the Set-VMNetworkAdaptercmdlet. 

D. Remove the network adapter, and then add a legacy network adapter. 

Answer: D 


70-410 practice exam

Real 70-410 torrent:

Q326. - (Topic 1) 

Your network contains an Active Directory domain named adatum.com. 

You discover that when users join computers to the domain, the computer accounts are created in the Computers container. 

You need to ensure that when users join computers to the domain, the computer accounts are automatically created in an organizational unit (OU) named All_Computers. 

What should you do? 

A. From a command prompt, run the redircmp.exe command. 

B. From ADSI Edit, configure the properties of the OU1 object. 

C. From Ldp, configure the properties of the Computers container. 

D. From Windows PowerShell, run the Move-ADObject cmdlet. 

Answer: A 

Explanation: 

This command redirects the default container for newly created computers to a specified, target organizational unit (OU) so that newly created computer objects are created in the specific target OU instead of in All_Computers. 

: http://technet.microsoft.com/en-us/library/cc770619.aspx 


Q327. - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.Client computers run either Windows 7 or Windows 8. 

All of the computer accounts of the client computers reside in an organizational unit (OU) named Clients. A Group Policy object (GPO) named GPO1 is linked to the Clients OU. All of the client computers use a DNS server named Server1. 

You configure a server named Server2 as an ISATAP router. You add a host (A) record for ISATAP to the contoso.com DNS zone. 

You need to ensure that the client computers locate the ISATAP router. 

What should you do? 

A. Run the Set-DnsServerGlobalQueryBlockList cmdlet on Server1. 

B. Configure the Network Options Group Policy preference of GPO1. 

C. Run the Add-DnsServerResourceRecord cmdlet on Server1. 

D. Configure the DNS Client Group Policy setting of GPO1. 

Answer: A 

Explanation: 

The Set-DnsServerGlobalQueryBlockList command will change the settings of a global query block list which you can use to ensure that client computers locate the ISATAP router. 

Windows Server 2008 introduced a new feature, called “Global Query Block list”, which prevents some arbitrary machine from registering the DNS name of WPAD. This is a good security feature, as it prevents someone from just joining your network, and setting himself up as a proxy. The dynamic update feature of Domain Name System (DNS) makes it possible for DNS client computers to register and dynamically update their resource records with a DNS server whenever a client changes its network address or host name. This reduces the need for manual administration of zone records. This convenience comes at a cost, however, because any authorized client can register any unused host name, even a host name that might have special significance for certain Applications. This can allow a malicious user to take over a special name and divert certain types of network traffic to that user’s computer. Two commonly deployed protocols are particularly vulnerable to this type of takeover: the Web Proxy Automatic Discovery Protocol (WPAD) and the Intra-site Automatic Tunnel Addressing Protocol (ISATAP). Even if a network does not deploy these protocols, clients that are configured to use them are vulnerable to the takeover that DNS dynamic update enables. Most commonly, ISATAP hosts construct their PRLs by using DNS to locate a host named isatap on the local domain. For example, if the local domain is corp.contoso.com, an ISATAP-enabled host queries DNS to obtain the IPv4 address of a host named isatap.corp.contoso.com. In its default configuration, the Windows Server 2008 DNS Server service maintains a list of names that, in effect, it ignores when it receives a query to resolve the name in any zone for which the server is authoritative. Consequently, a malicious user can spoof an ISATAP router in much the same way as a malicious user can spoof a WPAD server: A malicious user can use dynamic update to register the user’s own computer as a counterfeit ISATAP router and then divert traffic between ISATAP-enabled computers on the network. The initial contents of the block list depend on whether WPAD or ISATAP is already deployed when you add the DNS server role to an existing Windows Server 2008 deployment or when you upgrade an earlier version of Windows Server running the DNS Server service. Add-DnsServerResourceRecord – The Add-DnsServerResourceRecordcmdlet adds a resource record for a Domain Name System (DNS) zone on a DNS server. You can add different types of resource records. Use different switches for different record types. By using this cmdlet, you can change a value for a record, configure whether a record has a time stamp, whether any authenticated user can update a record with the same owner name, and change lookup timeout values, Windows Internet Name Service (WINS) cache settings, and replication settings. Set-DnsServerGlobalQueryBlockList – The Set-DnsServerGlobalQueryBlockListcmdlet changes settings of a global query block list on a Domain Name System (DNS) server. This cmdlet replaces all names in the list of names that the DNS server does not resolve with the names that you specify. If you need the DNS server to resolve names such as ISATAP and WPAD, remove these names from the list. Web Proxy Automatic Discovery Protocol (WPAD) and Intra-site Automatic Tunnel Addressing Protocol (ISATAP) are two commonly deployed protocols that are particularly vulnerable to hijacking. 

References: Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 4: Deploying domain controllers, Lesson 4: Configuring IPv6/IPv4 Interoperability, p. 254-256 http://technet.microsoft.com/en-us/library/jj649942(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj649876(v=wps.620).aspx http://technet.microsoft.com/en-us/library/jj649874.aspx http://technet.microsoft.com/en-us/library/jj649909.aspx 


Q328. - (Topic 2) 

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows Server 2012 R2. 

You create and enforce the default AppLocker executable rules. 

Users report that they can no longer execute a legacy application installed in the root of drive C. 

You need to ensure that the users can execute the legacy application. 

What should you do? 

A. Create a new rule. 

B. Delete an existing rule. 

C. Modify the action of the existing rules. 

D. Add an exception to the existing rules. 

Answer: A 

Explanation: 

AppLocker is a feature that advances the functionality of the Software Restriction Policies 

feature. AppLocker contains new capabilities and extensions that reduce administrative 

overhead and help administrators control how users can access and use files, such as 

executable files, scripts, Windows Installer files, and DLLs. By using AppLocker, you can: 

Define rules based on file attributes that persist across application updates, such as the 

publisher name (derived from the digital signature), product name, file name, and file 

version. You can also create rules based on the file path and hash. 

Assign a rule to a security group or an individual user. 

Create exceptions to rules. For example, you can create a rule that allows all users to run 

all Windows binaries except the Registry Editor (Regedit.exe). 

Use audit-only mode to deploy the policy and understand its impact before enforcing it. . 

Create rules on a staging server, test them, export them to your production environment, 

and then import them into a Group Policy Object. 

Simplify creating and managing AppLocker rules by using Windows PowerShell cmdlets for 

AppLocker. 

AppLocker default rules 

AppLocker allows you to generate default rules for each of the rule types. 

Executable default rule types: 

Allow members of the local Administrators group to run all applications. Allow members of the Everyone group to run applications that are located in the Windows folder. Allow members of the Everyone group to run applications that are located in the Program Filesfolder. Windows Installer default rule types: Allow members of the local Administrators group to run all Windows Installer files. Allow members of the Everyone group to run digitally signed Windows Installer files. Allow members of the Everyone group to run all Windows Installer files located in the Windows\Installer folder. Script default rule types: Allow members of the local Administrators group to run all scripts. Allow members of the Everyone group to run scripts located in the Program Files folder. Allow members of the Everyone group to run scripts located in the Windows folder. DLL default rule types: (this on can affect system performance ) Allow members of the local Administrators group to run all DLLs. Allow members of the Everyone group to run DLLs located in the Program Files folder. Allow members of the Everyone group to run DLLs located in the Windows folder. You can apply AppLocker rules to individual users or to a group of users. If you apply a rule to a group of users, all users in that group are affected by that rule. If you need to allow a subset of a user group to use an application, you can create a special rule for that subset. For example, the rule “Allow Everyone to run Windows except Registry Editor” allows everyone in the organization to run the Windows operating system, but it does not allow anyone to run Registry Editor. The effect of this rule would prevent users such as Help Desk personnel from running a program that is necessary for their support tasks. To resolve this problem, create a second rule that applies to the Help Desk user group: “Allow Help Desk to run Registry Editor.” If you create a deny rule that does not allow any users to run Registry Editor, the deny rule will override the second rule that allows the Help Desk user group to run Registry Editor. 


Q329. - (Topic 2) 

Your network contains a server named Server1 that runs Windows Server 2012 R2.Server1 has the Hyper-V server role installed. Server1 hosts four virtual machines named VM1, VM2, VM3, and VM4.Server1 is configured as shown in the following table. 


VM3 is used to test applications. 

You need to prevent VM3 from synchronizing its clock to Server1. 

What should you configure? 

A. NUMA topology 

B. Resource control 

C. Resource metering 

D. Virtual Machine Chimney 

E. The VLAN ID 

F. Processor Compatibility 

G. The startup order 

H. Automatic Start Action 

I. Integration Services 

J. Port mirroring 

K. Single-root I/O visualization 

Answer: I 

Explanation: 

Integration Services settings on virtual machines includes services such as operating system shutdown, time synchronization, data exchange, Heart beat, and Backup (volume snapshot services. Thus you should disable the time synchronization using Integration Services. 

References: http://blogs.technet.com/b/virtualization/archive/2008/08/29/backing-up-hyper-v-virtual-machines.aspx Exam Ref 70-410, Installing and Configuring Windows Server 2012 R2, Chapter 3: Configure Hyper-V, Objective 3.1: Create and Configure virtual machine settings, p. 144 


Q330. - (Topic 1) 

Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Server1 runs Windows Server 2012 R2. Server2 runs Windows Server 2008 R2 Service Pack 1 (SP1) and has the DHCP Server server role installed. 

You need to manage DHCP on Server2 by using the DHCP console on Server1. 

What should you do first? 

A. From Windows PowerShell on Server1, run Install-Windows Feature. 

B. From Windows Firewall with Advanced Security on Server2, create an inbound rule. 

C. From Internet Explorer on Server2, download and install Windows Management Framework 3.0. 

Answer: B 

Explanation: 

When the DHCP role is installed, it appears that the firewall rules are automatically added, 

so C is not valid (not only that, but either way it is an existing rule that one would need only 

enable nonetheless, not create a new rule). This means you only need to add the DHCP 

Manager MMC snap-in which is a Role Administration Tool feature. 

So the correct answer must be B. 

References: 

Training Guide: Installing and Configuring Windows Server 2012 R2, Chapter 6 Network 

Administration, p.228