Download Microsoft.70-412.ExamsKey.2019-02-05.272q.tqb

Download Exam

File Info

Exam Configuring Advanced Windows Server 2012 Services
Number 70-412
File Name Microsoft.70-412.ExamsKey.2019-02-05.272q.tqb
Size 21 MB
Posted Feb 05, 2019
Download Microsoft.70-412.ExamsKey.2019-02-05.272q.tqb

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com. Selective authentication is enabled on the forest trust. 
Contoso contains 10 servers that have the File Server role service installed. Users successfully access shared folders on the file servers by using permissions granted to the Authenticated Users group. 
You migrate the file servers to adatum.com. 
Contoso users report that after the migration, they are unable to access shared folders on the file servers. 
You need to implement a temporary fix to ensure that the Contoso users can access the shared folders on the file servers. 
What should you do?


  1. Disable selective authentication on the existing forest trust.
  2. Disable SID filtering on the existing forest trust.
  3. Run netdom and specify the /quarantine attribute.
  4. Replace the existing forest trust with an external trust.
Correct answer: B
Explanation:
Although it is not recommended, you can use this procedure to disable security identifier (SID) filter quarantining for an external trust with the Netdom.exe tool. You should consider disabling SID filter quarantining only in the following situations:Users have been migrated to the trusted domain with their SID histories preserved, and you want to grant those users access to resources in the trusting domain (the former domain of the migrated users) based on the sIDHistory attribute. Etc. References: Disabling SID filter quarantininghttps://technet.microsoft.com/en-us/library/cc794713(v=ws.10).aspx
Although it is not recommended, you can use this procedure to disable security identifier (SID) filter quarantining for an external trust with the Netdom.exe tool. You should consider disabling SID filter quarantining only in the following situations:
  • Users have been migrated to the trusted domain with their SID histories preserved, and you want to grant those users access to resources in the trusting domain (the former domain of the migrated users) based on the sIDHistory attribute. 
Etc. 
References: Disabling SID filter quarantining
https://technet.microsoft.com/en-us/library/cc794713(v=ws.10).aspx



Question 2

Your network contains an Active Directory forest. The forest contains two domains named contoso.com and fabrikam.com. The functional level of the forest is Windows Server 2003. 
You have a domain outside the forest named adatum.com. 
You need to configure an access solution to meet the following requirements:
  • Users in adatum.com must be able to access resources in contoso.com. 
  • Users in adatum.com must be prevented from accessing resources in fabrikam.com. 
  • Users in both contoso.com and fabrikam.com must be prevented from accessing resources in adatum.com. 
What should you create?


  1. a one-way realm trust from contoso.com to adatum.com
  2. a one-way realm trust from adatum.com to contoso.com
  3. a one-way external trust from contoso.com to adatum.com
  4. a one-way external trust from adatum.com to contoso.com
Correct answer: C
Explanation:
The contoso domain must trust the adatum domain. Note: In a One-way: incoming trust, users in your (trusted) domain can be authenticated in the other (trusting) domain. Users in the other domain cannot be authenticated in your domain.Incorrect Answers:A, B: Use realm trusts to form a trust relationship between a non-Windows Kerberos realm and a Windows Server domain.D: The resources that are to be shared are in the contoso domain.References: Trust types
The contoso domain must trust the adatum domain. 
Note: In a One-way: incoming trust, users in your (trusted) domain can be authenticated in the other (trusting) domain. Users in the other domain cannot be authenticated in your domain.
Incorrect Answers:
A, B: Use realm trusts to form a trust relationship between a non-Windows Kerberos realm and a Windows Server domain.
D: The resources that are to be shared are in the contoso domain.
References: Trust types



Question 3

Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. The forest functional level is Windows Server 2012 R2. 
You have a domain controller named DC1. 
On DC1, you create a new Group Policy object (GPO) named GPO1. You need to verify that GPO1 was replicated to all of the domain controllers. 
Which tool should you use?


  1. Group Policy Management
  2. Active Directory Sites and Services
  3. DFS Management
  4. Active Directory Administrative Center
Correct answer: A
Explanation:
In Windows Server 2012, the Group Policy Management Console (GPMC) was enhanced to provide a report for the overall health state of the Group Policy infrastructure for a domain, or to scope the health view to a single GPO. Reference: Check Group Policy Infrastructure Statushttp://technet.microsoft.com/en-us/library/jj134176.aspx
In Windows Server 2012, the Group Policy Management Console (GPMC) was enhanced to provide a report for the overall health state of the Group Policy infrastructure for a domain, or to scope the health view to a single GPO. 
Reference: Check Group Policy Infrastructure Status
http://technet.microsoft.com/en-us/library/jj134176.aspx









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files